I am a contractor currently working for Tandem Computers, and I found this press release interesting. Thought this group might need a target of a different flavor to kick around: SUBJECT: PRESS RELEASE: ATALLA WEBSAFE ATALLA BEGINS SHIPPING HARDWARE-BASED SECURITY FOR THE INTERNET SAN JOSE, CALIFORNIA - October 2, 1995 - Atalla, a Tandem Company, announces that the WebSafe Internet Security Processor is ready for shipment. Now you can use the same technology that made the "bank ATM" network safe enough for bank transactions to secure the Internet for commerce. "The Internet is a 'party-line' where everyone can jump in. Our vision is to make it a 'private-line' for those situations where privacy is essential for doing business on the Net," says Bob Gargus, President of Atalla. "When we set out to build WebSafe, we wanted a system safe enough to do bank transactions on the Internet. We're taking our 23 years of experience in financial network security systems and applying it to the Internet. WebSafe is the first Internet processor that gives banks and our other customers the security that they have come to trust Atalla to deliver," Mr. Gargus also noted. WebSafe is a hardware-based security processor specifically designed to help transform today's emerging point-to-point Internet security into a full end-to-end security system. Typical WebSafe applications include payments (such as credit cards), web commerce, certification authorities (electronic notarization), PEM (Privacy Enhanced Mail) and EDI. WebSafe's security architecture is the perfect solution for banks, brokerage houses, telecommunications companies, legal and medical institutions or anyone who needs to send sensitive data across the Internet. This revolutionary product protects transaction data against unauthorized access, disclosure, alteration, duplications and substitution. WebSafe supports both public (e.g. RSA) and secret key (e.g. DES) technology and employs sophisticated key management similar to global EFT/POS payment networks. HOW THE WEBSAFE WORKS Attached as a peripheral device to your Web servers, the WebSafe processes your secret information in a "hardware-secured envelope." But unlike software security solutions which are vulnerable to attack from cyber-pirates, the WebSafe is both physically and logically secure. Physically secure means that if anyone tries to penetrate the WebSafe, it will "zeroize," erasing the secret data so it's impossible to retrieve. Logically secure means that, because all of the security processing is done within the WebSafe security processor, it's impossible for anyone to ever see your cryptographic material. WEBSAFE IS THE BRIDGE FROM THE INTERNET TO THE PAYMENT NETWORK The best example of a major deployment of an end-to-end security network is the bank ATM system. Today, 100% of all bank ATM transactions in North America have hardware-based security, 70% of which is provided by Atalla. The Internet is currently going through the same evolution that the bank ATM network went through 20-plus years ago. What's holding back electronic commerce on the Internet today is payments. The truth is, banks are the payment network. You simply can't have payments without them. However, the bank payment network and the Internet operate very differently. For example, the bank payment network primarily relies on secret keys (like DES) for security, while the Internet typically relies on both secret and public keys (like RSA). But because the two networks operate differently, a bridge needs to be built between them. "WebSafe is the bridge from the bank payment network to the Internet. It combines the best of both worlds (DES and RSA) into a single unit. And, it's the only secure DES to RSA translation device available today... The point is, we're not reinventing here. We're taking proven technology that has been time tested, under the most demanding conditions, and applying it to the Internet," states Gary Sabo, Vice President of Product Management and Marketing for Atalla. WEBSAFE'S CERTIFICATION AUTHORITY SUPPORT: HOW TO VOUCH FOR SOMEONE ON THE INTERNET. One new service that is arising is the need for electronic notarization by Certification Authorities. They'll provide proof that you are who you say you are. Major credit card companies, banks, telecommunications companies and post offices are the most likely institutions to pick up this role. The WebSafe is designed to be the cornerstone for supplying cryptographic services for Certification Authorities. WEBSAFE'S SECURE KEY MANAGEMENT. When most people talk about cryptographic security, they're talking about a single key type. It's impossible to have security with this method. There must be different keys for different functions. Atalla employs a key architecture that includes hierarchal support for a wide variety of key types, such as: Key exchange key, data encryption (DES and RSA), PIN data, Message Authentication Code (MAC), digital signatures, and certificates. Applying different key types for different functions restricts how a key is used and can prevent a security system from being spoofed into giving up secret data. This way, even through the most complicated series of transactions, your data is kept secure. Founded in 1972 and acquired in 1987 by Tandem Computers Corporation, Atalla designs, manufacturers and supports secure on-line transaction automation systems for financial, retail and business applications. Atalla's products include POS/POE credit/debit payment terminals, check readers, security processors for the Internet and other networks, customer authorization and PIN selection terminals and secure enrollment products for banks, retailers and state EBTs. The company is headquartered at 2304 Zanker Road, San Jose, CA 95131. Phone: (408) 435-8850, (800) 523-9981. Fax: (408) 435-1116.