Security breakthrough on the internet

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

IT IS not just private individuals who temper their excitement at being able to shop over the internet with trepidation about the security aspects. Companies, too, are deeply concerned about the leakage of information while conducting business over the web.

Indeed, research by the Gartner Group indicates that security will be the number one information technology issue once the Year 2000 problem is dealt with, while other studies suggest that spending on it will rise from the current 1.5 per cent of IT budgets to as much as 6 per cent.

All this convinces the people behind the IT start-up company TriStrata Security, based in California, that they have a following wind. Pointing out that most efforts to deal with the security aspects of electronic commerce are piecemeal and cumbersome, they claim they are "not aware that anybody else is close to us in terms of a total solution and speed".

Paul Wahl, the former chief of the US operation of the powerful German software company SAP, has joined the new company as chief executive, convinced that there are great possibilities. In particular, he feels that by dealing with the security issue in such a comprehensive way, TriStrata can play a pivotal role in the expansion of electronic commerce.

Though not due to start shipping systems until next month, TriStrata has a good pedigree. At the heart of the technology is the Vernam cipher, which cryptographers apparently consider the world's only theoretically unbreakable encryption system. Moreover, the company was founded by John Atalla, the man behind the PIN number, whose Atalla Box technology secures 80 per cent of all automatic teller machine transactions.

The board includes John Young, retired chief executive of Hewlett-Packard, one of the world's most innovative groups, and 20 companies have been persuaded to take part in initial trials. PricewaterhouseCoopers, the world's largest professional services firm, is to take a lead in distributing the system.

Five years in development, the TriStrata solution is based on three key elements: all information must be secured, whether it is in storage or being sent; access to information must be based on a set of adjustable rules; and all security operations must be controlled by a management system that enables an instant audit to be carried out of not just who has done what, but who has tried to do what.

To create the system, Dr Atalla had to be lured out of retirement at the request of finance executives concerned about securing communications and transactions over the web. Having set the ground rules, TriStrata has come up with an information management system that incorporates three software products. The first is the TriStrata Extended Enterprise Security Server, which controls all security operations at a distance from workstations to avoid creating bottlenecks in transactions. Then there are a "client module" and "entity module" used to control encryption and decryption.

Put simply, this combination gives organisations a lot of freedom in deciding how to use the internet as a conduit of information to employees, customers and suppliers as well as a method of conducting transactions. It is so sophisticated that information can be made available to different categories of people at different times.

Mr Wahl sets great store by this adaptability. Not only will the system help organisations to conduct existing business on the internet with greater confidence, he says, but it will also lead them into new areas of activity. For example, Mr Wahl can see the system playing an important role in the development of video-on-demand. The encryption technology would enable members of a club to have a code they could use to download the material they wanted. Similarly, business information groups could post all their statistics on the internet and control access to them via the TriStrata software.

Mr Wahl is adamant that he will be running a "virtual business" in this way. Employees in the field will receive information about the products they are seeking to sell via the internet, but in a form that only they and others with access to the same codes can read.