Netscape, @Home offer hosted e-commerce servicesPlus the latest data-safety news from the RSA Data Security ConferenceEdited by Jim Carr
|
 January 1998    |
Product News Index
Applications
Application-development tools/environments Electronic Commerce
Catalogs and shopping carts Security
Firewalls/IS
ApplicationsApplication-development tools/environments
Sun unveils early version of Java cryptographic toolAt the RSA Data Security Conference, Sun Microsystems Inc. announced that the early-access release of the latest Java Cryptography Extension software package (JCE 1.2) is available for free public download. JCE, a standard extension to the Java Development Kit (JDK), is a cryptography toolkit that creates a standard set of application programming interfaces (APIs) for advanced Java software-based encryption technologies. The security model core in the next release of the JDK provides permission-based access control of Java applets and applications. It lets you assign different users differing levels of access to system resources. JCE 1.2 complements this technology in that it lets you secure data transmitted outside of an enterprise's network. The JCE 1.2 includes cryptography technology standard to all encryption tools, such as symmetric cipher technology (utilizing DES and triple-DES) and key agreement technology (via Diffie-Hellman). In addition, the JCE software package provides secure Java streaming, which allows for the transfer of data across different platforms as well as across protocols like HTTP and other network and file I/O protocols. For now, the JCE software package is not freely exportable outside of the United States and Canada, although companies and institutions that work within the restraints of federal law (by obtaining export licenses) can export JCE-based applications and products. JCE 1.2 can be downloaded in the United States and Canada through the Java Developer Connection Web site.
O'Reilly upgrades WebSite Pro suiteO'Reilly & Associates Inc. has announced that its WebSite Professional 2.1 server package is now shipping. The new version includes expanded Java support and encryption, along with other enhancements and "hot fixes" made to the product since version 2.0's release in September. Included in this release is Live Software's JRun technology, which allows developers to use both WebSite servlets and JavaSoft's servlets simultaneously on the same server, in the same Java virtual machine. JRun software combines a class library and specialized bridge-code that lets applications run JavaSoft Java servlets on a server. The servlets can be used as building blocks for database retrieval, document formatting or creating other servlets. WebSite Professional 2.1 also now supports the Secure Sockets Layer (SSL) 3.0 encryption protocol. O'Reilly's version of this encryption standard, also known as 128-bit encryption, can provide up to 164-bit encryption when the browser supports it. In other news, O'Reilly says it plans to bundle WebMaster Inc.'s ConferenceRoom Professional 1.5 with its WebBoard 3.0, which offers live chat and multi-threaded conferencing capabilities. When combined, the products will allow up to one thousand simultaneous users to join IRC-based chats and conferences. WebSite Professional 2.0 carries a suggested list price of $799; the upgrade to version 2.1 is free to registered version 2.0 customers. O'Reilly has yet to set the price for the chat bundle.
BSDI Internet Server 3.1 is shippingBerkeley Software Design Inc. (BSDI) is now shipping its BSDI Internet Server 3.1 product suite. The latest release provides updated services, improved Internet security and several new hardware drivers. In addition to including the Apache Web server, BSDI's Internet Server 3.1 ships with Web server software from Netscape Communications, including the FastTrack and SuiteSpot servers with SSL extensions and NSAPI support, as well as Netscape's Navigator Gold browser, an e-mail server, a Domain Name Server (DNS), an HTTP-caching proxy server, an NNTP news server and FTP capabilities. Internet Server 3.1 also supports SLIP and PPP remote access, RADIUS and Kerberos authentication services, a full set of TCP/IP protocols, NFS, and drivers for a wide range of PC systems and peripherals. Other available applications include VPE's WebBUILDER, a rapid application development product; Expressions Server by eShare Technologies (for chat hosting); HTMLScript Corp.'s MIVA CGI-bin preprocessor with a FoxPro-compatible database; Software.com's Post.Office mail server; and Mail List Manager with anti-spam capabilities. Product pricing starts at $995.
HP releases free OpenPix image softwareHewlett-Packard Co. has released a free version of its OpenPix 2.1 software suite, which gives Web designers and developers tools for enhancing images on the Internet. OpenPix, based on HP's Imaging for Internet architecture, provides a wide range of services for managing and distributing photo-quality images over the Web, the company says. According to HP, its new product provides fast previewing of images, simplified image retrieval capabilities, new image-management functions and photographic-quality Web-based printing. OpenPix 2.1 also includes a set of software-development tools, including the newly developed HP OpenPix quick-start publisher. According to HP, its new authoring utility improves the ease and speed with which users can publish image-based content and provides functions such as image zooming and panning. It also lets you create OpenPix-enabled Web pages with a variety of templates. OpenPix 2.1, which runs on Windows NT/95 and HP-UX and includes documentation and sample images, can be downloaded free of charge at HP's Web site. You need a customer licensing agreement for redistribution, however.
Fusion to include LivePicture capabilitiesNetObjects Inc. and Live Picture Corp. have signed a licensing and distribution agreement that calls for NetObjects' Fusion Web development tool to support Live Picture's client/server imaging solutions. Initially, NetObjects will provide direct support for LivePicture's FlashPix image format and Internet Imaging Protocol (IIP) in the next release of Fusion. FlashPix support within Fusion will let Web builders incorporate multiple-resolution images into their sites. With FlashPix and IIP, Internet users can click on photos to view progressively detailed images of products. NetObjects did not say when it would release the updated version of Fusion.
Redesigned Cosmo 2.0 VRML client for Windows is readyCosmo Software has announced that Cosmo Player 2.0 for Windows 95/NT, its redesigned VRML 2.0 client, is now available for download from its Web site. Cosmo Player 2.0 lets users play Virtual Reality Modeling Language-based content on desktop PCs. Improvements in Cosmo Player 2.0 include an updated user interface and improved rendering performance through support for OpenGL, the industry-standard graphics application programming interface. According to Cosmo, a unit of Silicon Graphics, the redesigned user interface, which resembles the controls found in consumer electronics devices, allows users to navigate and manipulate VRML content more easily than in the past. Cosmo Software also says that a short 3D game called CHOMP is available for download at no charge from its Web site. CHOMP, created in partnership with San Francisco-based Mondo Media, was developed to help novice 3D users learn to master the new Cosmo Player 2.0 interface controls.
CA, Superscape integrate Jasmine, VRTComputer Associates International Inc. (CA) has announced an agreement with Superscape Inc. that allows Web developers to store and integrate virtual reality and interactive 3D components created in Superscape's VRT as objects in CA's Jasmine database. Jasmine is CA's object-oriented product for creating Internet and client/server computing business applications. It offers developers object-oriented tools for creating dynamic multimedia applications. Superscape VRT is a set of visual editing tools for constructing and exploring 3D interactive Web pages and virtual reality worlds. 3D elements created with VRT elements can be combined with Jasmine objects such as voice, video and animation to create multimedia applications.
Electronic CommerceCatalogs and shopping carts
Netscape, @Home set to host e-commerce sitesNetscape Communications Corp. and @Home Network, through its @Work Division, have announced that the companies plan to provide hosted electronic commerce services together. As part of the agreement, @Work says it has selected Netscape's CommerceXpert Internet commerce application to provide business-to-business commerce services on the site. @Work plans to build a transaction-based applications network on top of its existing broadband network infrastructure. This will permit it to offer hosted services for virtual private networks (VPNs), encrypted Internet-based networks. CommerceXpert is Netscape's line of Internet-based business-to-business commerce applications built on Netscape's SuiteSpot servers. It consists of five products: ECXpert, SellerXpert, BuyerXpert, MerchantXpert and PublishingXpert. The companies did not release availability or pricing details. In another related announcement, Netscape said that it has closed its acquisition of Actra, founded in 1996 as a joint venture between Netscape and GE Information Systems. Actra developed Netscape's CommerceXpert line of products prior to the take-over.
InterWorld debuts Commerce Exchange 2.0InterWorld Corp. has announced that it is now shipping Commerce Exchange 2.0, an Internet commerce software product aimed at enterprise-level environments. According to InterWorld, Commerce Exchange 2.0 includes several stand-alone applications, including Catalog and Auction modules. Commerce Exchange allows organizations to incorporate their existing shipping and receiving, MRP, ERP, EDI and inventory-management systems into a single company-wide e-commerce environment, according to InterWorld. InterWorld says Commerce Exchange 2.0 is built on a secure "n-tier" architecture that adapts to new and existing business processes, links to multiple data sources and integrates new applications. The company says its new package supports the major Internet security standards, including Secure Sockets Layer (SSL), RSA encryption technology (RC4 and MD5) and x.509 digital certificates. It also supports third-party commerce applications such as Taxware for sales tax calculation; TanData for shipping and logistics calculation; CyberCash for payment processing; CyberSource for building a digital product clearinghouse, containers, distribution, fraud protection, and payment processing; and Vantive for customer asset management. Commerce Exchange 2.0 and Catalog application pricing start at $75,000; a typical configuration averages $195,000, the company says. It runs on Windows NT and Solaris and supports Oracle, Sybase, SQL Server, and Informix databases.
Breakthrough ships turnkey e-commerce productBreakthrough Software Inc. has announced that it shipping Internet Business Breakthrough, software the company calls "a turnkey electronic commerce product." Internet Business Breakthrough is aimed at delivering e-commerce capabilities for small- and medium-sized businesses, according to the company. Internet Business Breakthrough provides 50 pre-designed templates that allow business owners or Web developers to create, organize and publish their sites to the Internet. The company says it provides software wizards that automate the process of designing an online store, discussion groups and survey forms. Internet Business Breakthrough's WYSIWYG HTML editor allows users to customize their pages, preview the site and test the online store before publishing to the Web, according to Breakthrough. It also includes a built-in relational database that provides order processing, searching, and dynamic page updates and lets you import ODBC-compliant databases. Breakthrough Software plans to sell Internet Business Breakthrough direct from its Web site and through certified Internet Service Providers (ISPs); it's priced at $249.
Merchant Builder now supports ICVERIFY processingThe Internet Factory Inc. says that its Merchant Builder electronic commerce software package now supports ICVERIFY Inc.'s electronic-transaction processing software. The two companies say that Merchant Builder 2.2 and ICVERIFY in tandem allow merchants to build online stores that process credit card transactions and deposit funds to merchant accounts at over 99 percent of all U.S. banks, according to The Internet Factory. Using ICVERIFY, merchants can process Visa, MasterCard, American Express, Discover Card, Diners Club, Carte Blanche, JCB and private-label credit cards. With appropriate licensing, multiple merchants can process transactions with a single copy of ICVERIFY, and each merchant can have drafts sent to its own bank account. Merchant Builder 2.2, now shipping, carries a $1,495 single-store price.
SecurityFirewalls/IS
Cisco, HP unveil security suiteCisco Systems Inc. and Hewlett-Packard Co. have introduced Secure Web Transaction Solution (SWTS), a package that combines a variety of Internet applications with a firewall and network infrastructure based on Cisco software services. The product suite is designed to provide a high level of security for organizations conducting electronic commerce, financial services and supply-chain management activities over the Internet, according to Cisco and HP. SWTS is composed of HP's VirtualVault, Cisco's PIX Firewall and LocalDirector. VirtualVault provides a secure run-time environment for Web-enabled applications and databases. The PIX Firewall protects internal network components, such as Web servers, from the unauthorized access from the outside world while also restricting traffic to authorized protocols and services. Cisco's LocalDirector load-balances traffic between multiple servers. The companies say SWTS can be managed from an HP OpenView console, which monitors the status of each network component and alerts administrators of important events, providing distinctions between normal, error and critical events. SWTS is available immediately in six configurations. Pricing starts at $164,646. In another security-related announcement, HP and GTE CyberTrust Solutions Inc. said they are collaborating to offer a variety of products and services based on public key infrastructure (PKI)-enabled server solutions. The combined offering, called CyberTrust CMS, will include the GTE CyberTrust Certificate Management System (CMS) running on HP-UX, HP's version of Unix, and HP 9000 Enterprise Servers. The GTE CyberTrust CMS is a certification-authority system that generates digital certificates that ensure the privacy, user authentication and data integrity of electronic transactions. CyberTrust CMS is expected to be available on HP-UX in the second quarter of 1998. The companies did not release pricing details.
Three vendors to offer joint security productsIBM, Security Dynamics Technologies Inc. and RSA Data Security Inc. used the RSA Data Security Conference to unveil a set of agreements designed to help corporate users integrate security products that provide single sign-on, cryptography, authentication services and encryption for their networks. Security Dynamics and RSA are joining IBM in adopting the Common Data Security Architecture (CDSA), which has been approved as a specification by The Open Group, as part of this integration. The companies also agreed that KeyWorks, IBM's key-recovery extensions to CDSA, will become their common vehicle for backing up and recovering PKI encryption keys. In addition, IBM, Security Dynamics and RSA intend to build CDSA support into their products as well as develop and deliver toolkits that include support for CDSA. The companies also will work to ensure that their respective security services integrate with each other. The companies also made a number of additional agreements. RSA, for instance, will join IBM and Intel Corp. in developing future enhancements to the CDSA technology by providing expanded platform support and integrating RSA's BSAFE cryptography product in the framework. In addition, RSA expects to add higher-level protocol support and toolkits -- such as S/MAIL, RSA's S/Mime application toolkit for building secure applications -- on top of CDSA. RSA will be a distributor to third-party application developers working on tools that incorporate KeyWorks. RSA's new Certificate Security Suite components and tools for developers of certificate-based applications will include the KeyWorks key-recovery extensions and will provide support for IBM's Key Recovery Service Provider technology. RSA's new security components will also incorporate support for industry-standard LDAP directory services, such as those in IBM's eNetwork products. Security Dynamics will make CDSA and LDAP support core features of its SecurSight security product line, also announced at the RSA conference. It also will work with IBM to ensure interoperability between the companies' respective products. Moreover, IBM plans to ensure that a wide range of IBM's SecureWay products, such as IBM Global Sign-On, will interoperate with Security Dynamics' ACE/Server user-authentication products. Global Sign-On provides a single user log-on process for multiple back-end systems IBM will re-market those Security Dynamics' user-authentication products, including SecurID tokens, SecurID smart cards and SoftID authentication software. IBM will also include a two-user version of the ACE/Server software with two tokens in the IBM Firewall for AIX and the IBM Firewall for NT, now available for beta testing at IBM's Web suite. IBM will support RSA's BSAFE 4.0 security product in a forthcoming version of IBM DCE for AIX, expected to be available later this quarter.
RSA launches trial of elliptic curve encryption toolRSA Data Security Inc. has launched a field trial of the latest version of its BSAFE toolkit and encryption software. BSAFE 4.0 marks the introduction of elliptic curve cryptography (ECC) technology to RSA's product line and allows developers to use the BSAFE API to begin researching and prototyping products based on this technology. Elliptic curve cryptographic systems offer a number of properties that make them attractive security tools, according to RSA Data Security. The technology has yet to be subjected to broad-based scrutiny from developers, however, and RSA believes the field trial will help show the effectiveness of ECC technology. RSA hopes to ship ECC-enabled trial BSAFE toolkits to least 50 selected developers by the second quarter of 1998. Participation in the field trial is free. According to RSA, ECC systems are especially useful in applications such as embedded systems, where memory size and processing power are limited. The elliptic curve functions in the BSAFE 4.0 product include the generation of ECC parameters, computation and verification of ECC DSA signatures, and ECC Diffie-Hellman key agreement following IEEE P1363, as well as an ECC encryption scheme. The BSAFE 4.0 product is designed to provide support for all three types of elliptic curve cryptography, including so-called "odd," "even-normal" and "even-polynomial" variants. Developers wishing to participate in the field trial of the BSAFE 4.0 encryption product should visit the RSA Developers' Corner section on the company's Web site.
Security Dynamics intros SecurSight suiteAt the RSA Data Security Conference, Security Dynamics Technologies Inc. introduced SecurSight, a suite of plug-in security products. The new products integrate Security Dynamics' ACE/Server security software with public key cryptography and digital certificate security technology from RSA Data Security. According to Security Dynamics, SecurSight will also incorporate standard APIs from RSA's new Certificate Security Suite. The suite includes SecurID authentication and the SecurSight Desktop, Manager, Agents and Agent Toolkit. Other elements of the product include SecurSight Authentication and RSA's Certificate Security Suite. SecurSight, which is based on Security Dynamics' Enterprise Security Services (ESS) product introduced in 1997, is intended to provide security in a variety of environments, the company says. These include remote access via dial-up lines or virtual private networks, local-area network access and secure application access for single sign-on capabilities. Security Dynamics plans to roll out the SecurSight product family through 1998 in two major releases. Version 1.0 of the SecurSight Desktop, Manager, Agents and Agent Toolkit, with preliminary integration of the ACE and BoKS families, should be available in the second quarter of 1998. Version 2.0 of the integrated SecurSight product family, including the SecurSight Desktop, Manager and Agents, should be available in the fourth quarter. Pricing details will be available at the time of product release.
Netect to integrate PGP into database updatesNetwork Associates Inc., formerly McAfee Associates, and Netect Inc. announced at the 1998 RSA Data Security Conference that they plan to incorporate Network Associates' Pretty Good Privacy (PGP) encryption software into Netect's Netective network attack simulation and response software product. Netect will use PGP encryption technology to digitally sign and verify Netective's database updates, which are pushed to users via e-mail. Netective, by checking networks against Netect's database of security vulnerabilities, allows networked organizations to secure their data from ongoing threats of intrusion, tampering, theft and hacking. Because a network is only secure if it has been checked against the latest security vulnerabilities, Netect updates its database frequently with the latest OS and network vulnerability checks, detailed corrective solutions and security recommendations, as well as required OS patches. This allows technical audiences and security experts to remain current on the latest cyber threats, the companies say.
|
![[(c) Copyright 1998 ITworld.com Inc., an IDG Communications company]](/ned-icons/b-copyright98.gif){kind=icon}
If you have problems with this magazine, contact
webmaster@ne-dev.com
URL: http://www.ne-dev.com/ned-01-1998/ned-01-newproducts2.html
Last modified: Saturday, November 20, 1999
HYIP Monitor
