Entrust Technologies, Inc.
Entrust's objective is to maintain and enhance its position as the leading
provider of comprehensive PKI solutions. The strategy to achieve this objective
include the following:
MAINTAIN PRODUCT LEADERSHIP. The Company's technological leadership
is attributable in large part to its research and development team, which
includes researchers with international reputations in their fields. The
Company intends to maintain and enhance its technological leadership in
the PKI solutions market by continuing to invest in product research and
development, to extend the functionality and interoperability of its products,
and to participate actively in industry standards-setting organizations.
TARGET LARGE CUSTOMERS
TARGET VERTICAL MARKETS OFFERING BROAD DEPLOYMENT OPPORTUNITIES.
The Company targets organizations in the government, finance, health care,
telecommunications and large manufacturing sectors, which have thousands
of customers, subscribers and service recipients who will, directly or
indirectly, benefit from the secure communications and transactions enabled
by the Company's PKI solution.
PROMOTE BRAND AWARENESS
EXPAND GLOBAL PRESENCE
Proposal: XML Access Control
As more and more information is made available in eXtensible Markup Language
(XML) format, both on corporate Intranets and on the global Internet, concerns
are being raised by developers and end-users about XML security problems.
Early research work about XML was not directly related to access control
and security, because XML was initially introduced as a data format for
documents; therefore, many researchers assumed well-known techniques for
securing documents to be straightforwardly applicable to XML data. But
the way XML is being positioned has caused some to question if additional
measures will be necessary.
For example, applications may want to control the distribution of documents
from Web sites by only providing the information users are allowed to see,
out of dynamically generated XML documents. However, different users may
well have different interests or access authorizations, and XML enabled
servers will need to know which data each user should get, at a finer level
of granularity than whole documents. In other words, some applications
will need to block or allow access to entire XML instances, while others
will control access at the tag level. The control residing at the tag level
is particularly important in the view of wider use of the XLink and XPointer
standards, which enable applications to retrieve portions of documents.
Indeed, a clean model for dynamic access control with granularity control
is needed to allow XML documents to link against arbitrary XML chunks.
It is interesting to remark that the same observation applies to authentication
and encryption-based techniques, that naturally complement access control.
With authentication, the server will know what information can be sent
to the user based on that user's identity or certified property (e.g.,
group membership), whereas encryption will only let users with adequate
decryption keys see the message. Therefore, XML security should support
the entire range of coarse to fine grain granularity.
Resources for Students
Most of this project will be conducted at Entrust's offices in Manhattan;
we may also use some resources belonging to students and at the Projects
course lab in NYU's CAT center, 715 Broadway, 12th floor.
TBD - XML references
Entrust's office near 34th street and 6th Ave. Some in projects course
lab in NYU's CAT center.
VP / CTO Portal Technologies & Applications
Office: 408-222-7800 ext 7725
Marco Fanti, Marco.Fanti@entrust.com
W: 973-537-9539; Cell: 973-713-5657
TBD - OTHER MANAGER