Sun, VeriSign promoting new PKI products

Sensing a growing market in the government for online identity management, Sun Microsystems Inc., Santa Clara, Calif., and VeriSign Inc., Mountain View, Calif., are both offering new identity-management tools to government.

VeriSign signed a partnership with Microsoft Corp., Redmond, Wash., last month. Starting this fall, VeriSign's public key infrastructure software will come pre-installed on Windows Server 2003 and XP operating systems.

For VeriSign's public-sector unit, the partnership will open more doors to agencies that are interested in public key infrastructure services, which allow two parties to securely exchange encrypted messages and other documents.

"We think the partnership increases the value proposition of the VeriSign managed services model," said Barry Leffew, VeriSign's vice president of its public-sector group.

VeriSign's software will offer the ability to issue and renew digital certificates, which can be used to verify the identity of people who send e-mail, produce a document or conduct a financial transaction by computer.

People also could use digital certificates to securely sign on to virtual private networks, wireless networks and other organizational networks.

By having VeriSign's basic software bundled within Microsoft's operating systems, agency systems administrators should be able to cut dramatically the time needed for implementing PKI services on a computer, according to Leffew.

Leffew said the Interior Department is an early adopter. The agency will use a combination of VeriSign digital certificates and Microsoft's Windows XP operating system to certify employees.

With VeriSign's managed services model, the validation of the user's digital certificate is not done a by an in-house database, but rather by VeriSign's own registry.

Sun's public-sector group is also pitching recent company offerings in identity management, which it sees as a way for government agencies to cut costs.

"With the exception of the Defense Department and the [intelligence agencies], agencies don't have a whole of money, and are trying to do more with less," said Murtz Kizilbash, national state and local government strategist for Sun.

In April, Sun introduced its Sun Infrastructure Solution for Network Identity solution. It is based on the company's directory identity server, which keeps employee credentials that various applications can check. The public-sector unit is promoting the identity management as a way for agencies to save money in network administration costs.

"An individual may have 15 or 20 identities in an organization. It is an administrative nightmare to manage multiple identities," said Manish Punjabi, a Sun manager who works in the company's network identity marketing group.

By using PKI, Sun's solution offers single sign-on capability.

"When you log in once, you automatically log all the applications you are authorized to access," Punjabi said. "When you provision a user, you only do so once, not five times in five different applications."

Sun has been focused more heavily on pitching network identity solutions the government market within the last six to 12 months, Kizilbash said. Thus far, the company has implemented approximately 12 public-sector solutions, he said.