Sun Microsystems Reveals Infinite Access Security Model

2/27/2004 - Sun Microsystems, Inc. (Nasdaq: SUNW - News), the creator and leading advocate of Java technology, defined its new infinite access security model, helping businesses securely open up their enterprise to the network and extract more value from the Internet. Sun plans to invisibly integrate multi-factor authentication, identity management and containment support into all of its software products and platforms. Sun's Java Desktop System, an affordable, secure and open standards-based alternative to Microsoft Windows, will be Sun's first product to integrate complete out-of-the-box support for Java Card multi-factor authentication technology.

"Network security is not the oxymoron our competitor would like you to believe. But it's time the industry admitted that the defensive approach to PC security with bigger moats, taller walls and memos from the CEO have clearly failed," said Jonathan Schwartz, executive vice president of software, Sun Microsystems. "It's time we went on the offensive by proactively authenticating and differentiating service to the good guys, instead of always hunting the bad. This approach is more befitting a limitless internet -- spanning all network devices and services, not just PCs -- and the products and technologies already in deployment by some of the highest security yet most open and interoperable network operators in existence. Infinite possibility requires infinite access based on simplicity, integration and automation."

Sun's new infinite access security model is designed to make security integrated, invisible and infinite for customers. It helps create a managed risk environment that allows access to be appropriate and acceptable to the service providers in enterprises, consumer and governmental organizations.

  • Integrated: Systems integration across physical and virtual access, infrastructure integration between enterprise and consumer services (employee lifecycle management, single-sign-on), and business integration between partners, and suppliers make the experience as seamless as possible for users, and as cost-effective and scalable as possible for providers.
  • Invisible: Security should deliver convenience with confidence. An infinite access system lets users get what they want, when they want it. It is visible enough to be comforting and allow individuals confidence in privacy, regulatory confidence in compliance, and business confidence in risk mitigation. It is invisible as much as possible so that user experience does not disrupt security policy.
  • Infinite: Everything of value is connecting to the network. And as more and more objects connect to the network, the world is accessing more resources. Sun, along with the Java community and its open standards and open source partners, is working to reveal the potential of the infinite network while enabling the up-time and social mores that protect business values. Collectively the doors to opportunity can be opened, and the windows that create risk and fear can be closed.

Three architectural pillars underscore Sun's infinite access security model: strong authentication, identity management, and risk management through containment.

  • Strong Authentication: multi-factor authentication assigns a verifiable identity to a user, data, application or service. Once authentication occurs, the identity management infrastructure can authorize or refuse entry to or communication with the next tier of access. Authentication opens the doors to services across many different devices and ends the need for multiple passwords and token cards.
  • Identity Management: the management of authenticated identities delivers authorization control over role-based access to data, and centralized provisioning and de-provisioning capabilities over user access to data or applications. It also enables authorization escalation, allowing the enterprise to set and enforce policy authorizing what levels of access are allowed under pre-defined levels of authentication, including federation. Federation of authentication allows single-sign-on across services and allows seamless access to multiple capabilities.
  • Containment: Strong containment and partitioning capabilities manage the risk of infinite access, allowing authenticated and centrally managed users or data to only interact with the data or application contained within a specific partition. Even if unauthorized access is achieved, the violation is restricted to a limited area of the network. Sun's N1(tm) Grid Containers will deliver this functionality to the next version of the Solaris Operating System.

Sun's expertise in the three core principles of infinite access security – authentication, identity management and containment – is unparalleled. The world's leading government agencies, such as the U.S. Department of Defense, depend on Java Card(tm) technology for secure network identification cards; Sun's Java System Identity Server is the industry's leading identity management platform and Sun is a founding member of the Liberty Alliance, the inter-industry group dedicated to establishing open standards for federated network identity; and the next generation of Sun's Solaris(tm) operating system will include N1 Grid Containers, one of the industry's most advanced containment and partitioning technologies.

Secure Authentication Across Every Area of the Network
Java Card technology is one of the best secure authentication technologies for trust, privacy and verification of identity on the network, deployed in over 500 million smart card and mobile phone environments around the world. Sun is building on this success and applying its expertise to the Windows environment though inclusion of Java Card technology support in its Java Desktop System and Java software systems. This model will not only secure access to the device (mobile handset, desktop or infrastructure), but access to network services, and ultimately access to and distribution of content. This guarantees authentication of the device, of the sender, and of content represented, helping reduce victimization through fraudulent Web sites, and e-mail spam and viruses.

In addition to Java Card multi-factor authentication support, the next version of Java Desktop System will include the Java Desktop System Configuration Manager, a tool for central management of user settings. This enables systems administrators to set security preferences and easily and effectively manage them across the entire enterprise.

Security Innovation Through Open Standards
Sun believes in security through openness. Security standards should be open to being created, tested, analyzed and challenged by a huge community of intelligent programmers, developers and security experts.

Sun also announced support for leading security and identity open standards efforts, demonstrating its continued commitment to building security into the underlying standards defining the Network.

  • OASIS PKI Action Plan: Today, with Sun's strong participation and endorsement, the OASIS Public Key Infrastructure (PKI) Technical Committee released its PKI Action Plan. The OASIS PKI Action Plan calls for clear and specific guidelines for using PKI in the most relevant application types (document signing, secure email, and electronic commerce); interoperability testing; improved educational materials; best practices and other measures to reduce cost; and outreach to software application vendors to increase PKI implementation. Sun is proud to support expansion of PKI, an important security technology used in many widely deployed standards (such as SSL and IPSEC) to secure network connections.
  • Liberty Alliance: Sun strongly endorses the Liberty Alliance announcement of its mobile business guidelines, the first set of vertically oriented business guidelines, outlining near-term market opportunities and business requirements for federated identity deployments in the mobile space. Federated identity, which securely links and manages identity information among different systems, has particular application to the mobile industry.

About Sun Microsystems, Inc.
Since its inception in 1982, a singular vision -- "The Network Is The Computer" -- has propelled Sun Microsystems, Inc. (Nasdaq: SUNW) to its position as a leading provider of industrial-strength hardware, software and services that make the Net work. Sun can be found in more than 100 countries and on the World Wide Web at http://sun.com

Sun, Sun Microsystems, the Sun logo, Java, Java Card, N1, Solaris, and "The Network Is The Computer" are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.

Previous Page | News by Category | News Search

If you found this page useful, bookmark and share it on:

 
Embedded Star Newsletter
Don't have time to visit Embedded Star everyday? Then sign up for our free newsletter. We'll send you an email when we have something to share with you. Your email address will be kept confidential and we will not share, sell, or rent it to anyone. You can unsubscribe at any time by clicking a link in the email.

Enter your email address to sign up for our free newsletter:   

If you are familiar with RSS feeds, you can also sign up for our free blog feed. Our RSS feed is updated in real-time while our newsletter is updated daily.