Login:  
User Name  

  Password  
   
 

Learn More...how to use Zendit's Web-Entry and  digital signatures!


PRODUCTS

 

>

Enterprise

 

 

>

Small Business

 
  > Personal Use  
  > Open PGP Command Line the EDGe  

SOLUTIONS

 

>

Service Providers

 

 

>

Financial Services

 

 

>

Healthcare

 

 

>

Corporate Solutions

 
  > Small Business  

 

 

 

    

 
       

 

    

 

 

    

 
       
     
     
     

 

 

 

 

 

 

Authora's Sovereign Server is the foundation of the platform and consists of a flexible & automated Enrollment Process, Public Key Directory, a Policy Driven Key Management system, Risk manageable public key framework, and Administrative and Reporting tools. The Sovereign architecture anticipates enterprises creating unique ”Trust Zones” which basically consist of sovereign clusters of encryption-enabled, authenticated users (employees, vendors, customers). Sovereign Server, a central provisioning and managing server, controls each Trust Zone. This empowers the enterprise to authenticate and transact securely with partners, remote employees, vendors, and customers (and vice versa).

Enrollment

Users must enroll and authenticate with the Sovereign Trust Zones in which they wish to communicate (Sovereign Trust Agents for end users allows users to register and communicate with multiple trust zones). Enrollment into the Sovereign Server is flexible to your corporate polices.  There are several out of the box enrollment schemes we include with the Sovereign Server— Regular enrollment (verifying the user owns the email address), Vaccine enrollment (encryption enables a user), and voice authentication. You can also import users from existing data sources. 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Fig. 1 Quick enrollment process

 

Flexible enrollment

Sovereign has a built in registration process to activate users, provide users with client software, and establish their public locks.  Registration is very flexible.  By default, it verifies the user by requiring the user to respond to messages sent to the user’s email.  However, the flexibility allows the identification of users with other means including the use of existing back end system.  The registration process, for instance, can request the user to enter information stored on a back end system.

This approach makes user registration and administration more manageable than early PKI models

Are they authorized to perform the transaction (authority)?

Have they agreed to perform the transaction (authorization)?

Can we show what they previously agreed to do (accountability)?

When users go through an identification and registration process they are brought into the business risk management framework with authorization directly related to the business model and bilateral arrangements.

Sovereign supports the most common arrangements for performing and verifying authorization as part of transaction approvals and can flexibly support others with negligible effort as part of either people or system driven processes.

Sovereign can flexibly facilitate later verification of the transactions as required.

o       

Administrative and Reporting Tools

The administrative and reporting tools are available only to authenticated administrative users and provide comprehensive policy, administrative and reporting functions. The administrative and reporting tools are intuitive web-based policy driven management tools.  A few of the functions are listed below:

 

·         Global user settings

·         Access Policy Management

·         User Management

·         Key Management

·         An array of advanced settings

 

Key Management

A deployed Sovereign Trust Zone contains a Public Lock Directory.  This directory contains the public locks of all enrolled users, along with any associated information required by policies.  When a public lock is required for a cryptographic operation the Public Lock Directory is queried and returns the appropriate locks.  If a lock is not available it returns a list of unavailable locks and depending on the polices set,  the business process user or policy manager associates Interim Locks and Keys and "Vaccine" Registers the recipients.  Besides the administrative interface, the Policy Manger and Public Lock Directory have a web based user interface tool known as the Web Vault, discussed in details in the client documentation.

Sovereign Server also includes Trust Points and the Encrypted Data Gateway Engine, which trust-enable and are security upgrades for existing application servers such as Mail and Web Servers.   Trust points encrypt, decrypt, digitally sign and/or verify  electronic data flowing through them and work in conjunction with Zendit’ Trust Zone Server and Clients.  The growing suite of Zendit clients includes Browser, Web page, Outlook, Desktop, and in the near future Macintosh, Java, Windows CE and Palm. These clients are designed with the idea of ease of use.

The Sovereign Server, Trust Points and Trust Clients work in conjunction with existing network security and authentication systems, not only protecting the data on the network but also to extend internal security policies and  protect data outside of the network, wherever the data may travel.

 

Sovereign trust points

Sovereign Trust Points work in conjunction with and extend the life of existing applications and infrastructure.  A Trust Point can be installed on an existing application server or on an independent server.

 

Encrypted Data Gateway Engine - EDGE

The EDGE is a Network Cryptographic Device governed by the policies set by the Sovereign Trust Zone.  The EDGE receives cryptographic requests from Trust Points and returns the completed task.

 

 

Fig. 2 The EDGE installs behind Enterprise Firewalls and performs cryptographic functions for the Trust Points.  It is governed by the policies set by the Trust Zone Server.

 

Trust Points

The following is a short list and description of a few Sovereign Trust Points:

·         SMTP—Seamlessly encrypts and/or digitally signs outbound SMTP email.  No client is installed in the user’s email programs.  All selected email, including batch email notifications, can be automatically encrypted so only the recipient can read it.  Uses single corporate lock and key.

·         POP3—Seamlessly decrypts and/or verifies digitally signed incoming email.  No client is installed in the user’s email programs.  Uses single corporate lock and key.

·         Exchange—A Microsoft Exchange 2000 server security enhancement.  Seamlessly encrypts and/or digitally signs outbound email and decrypts and/or verifies digitally signed incoming email.  Can use either a single corporate lock and key or individual locks and keys.

·         File—Files on local server shares or FTP directories are automatically encrypted for safekeeping.  Users can decrypt the files with the proper authority set by the policies in the Trust Zone.

 

Fig.3 Trust Points can be installed on application servers or on stand-alone serves.

 

·         HTML—Works with a web server and encrypts and/or digitally signs sensitive web page content for decryption by the client.  Example: a user logs into a bank account summary page, an encrypted block is displayed on the page, the DZend button is selected and the page is decrypted verified and displayed.

·         XML—XML data is seamlessly encrypted and/or digitally signed for secure delivery and decryption on the client.

 

 

Movaris
 

 

 

 

 

 

Home

 |

Purchase

  |     Terms of use    |    Site Index        Contact  |    Site Feedback    |    Privacy Policy  

© 2003 Authora. All rights reserved   

   Encryption technology for Healthcare, HIPAA compliance software from Authora Zendit security software.
HIPAA ENCRYPTION for email and security compliance for Healthcare Professionals Digital Identity Management from Authora
Authora encryption technology for email security
OpenPGP command line Authora's EDGE Encrypted Data Gateway Engine