Sun to unveil security offerings

Sun Microsystems is expected to announce two security initiatives Monday, one introducing a form of encryption for its next-generation Sun Java System Web Server and another that reslices the way it delivers security features for Solaris.

As part of its initiatives, Sun plans to introduce Sun Java System Web Server 7.0 with support for Elliptic Curve Cryptography, or ECC.

The company also plans to nix its tradition of offering Solaris in two forms--one for the masses and another version with extensive security enhancements that are targeted to government agencies, financial institutions and health organizations. These efforts come as corporate customers are increasingly wanting security features in their networking gear to applications.

"With this announcement, we'll have more security features in our Sun Java Web Server," said Brian Leonard, Sun's marketing director of Web tier products. "This is not meant to replace current RSA encryption technology with ECC, but rather allows the processing of both."

ECC, which uses smaller public keys to unlock encrypted content, is designed to require less processing power while conducting faster computations for secure online transactions. Encryption giant RSA Security uses a different form of algorithms for its encryption technology.

Sun Java System Web Server 7.0, with its support for ECC, is expected to be released in July, Leonard said.

The company is also expected to announce plans next week to change the way it delivers security to organizations and agencies that deal with highly sensitive information, said Chris Ratcliffe, director of Sun's Solaris marketing.

Sun introduced the Solaris 10 operating system last year as an open-source offering. But it also included 85 percent of the security features that previously would have been offered in a Trusted Solaris version.

"Over the past 10 or 20 years, we would offer two versions of Solaris. We would create a second version of the release that would be a higher-security version called our Trusted Solaris," Ratcliffe said.

Sun plans to introduce its Solaris Trusted Extensions next week, which encompasses the remaining 15 percent of the security features left out in Solaris 10. The Trusted Extensions will be marketed to government agencies, financial institutions and health care organizations, Ratcliffe noted.

Trusted Extensions, for example, is designed to have the ability to separate access to data based on the profile of the user trying to access the content. Organizations that are mandated to use higher levels of security, he noted, will likely be the ones to subscribe to the Trusted Extensions support service.