News



		

					Safelayer: Ongoing Innovation and Technological Excellence				

			
		 














Published at SIC- November 2008

              PHD Francisco Jordán, CTO at Safelayer Secure   Communications

                
Ongoing RDI, an exclusive adoption of standards, a high level   of demand for interoperability, the utmost commitment to quality and the highest   level of security certification evaluations have turned Safelayer’s technology and products into the mainstays of the   company’s technology and business strategy. The company has made a name for   itself that is synonymous with innovative products and solutions, a highly   qualified and professional team, a business model based on a specialised   channel, and ultimately, success in all projects and deployments undertaken both   nationally and internationally. These credentials have enabled the technology   company to compete in a global market alongside major multinationals, while   putting Spain in a position of global technology leadership.



A dynamic technology vision

              
Since Safelayer was created back in 1999,   several technology visions have been devised in tune with the trends of the time   that have led to the creation of new products. The development of the company’s   technology vision is proof of its entrepreneurial and innovative spirit. In   technology, we believe that a vision is essential for setting the stage to   create new products that genuinely add differential value and, above all,   products that achieve a remarkable degree of maturity once the technology wave   is in full swing.

                
Moreover, the technology vision in a product company like ours   must endure because it marks our strategy and objectives. Thus, albeit dynamic,   a technology vision rests on a much more static and unchanging foundation that   keeps it from dispersion and protects against technology trends. Safelayer believes the basic foundations rely on Security and   Trust technologies based on PKI (Public Key Infrastructure), convinced there can   be no future virtual or information society that resembles the current   well-established paper society without strong authentication and electronic   signatures. Today, PKI proves to be the best technology to accomplish this   mission.

                
The company’s first vision was worded as follows: “The purpose of Safelayer solutions is to provide a complete, highly   secure system of advanced electronic signature, non-repudiation and encryption   based on electronic identifiers (eIDs)”. This vision led to the   creation of the KeyOne product family, a Common Criteria EAL4+   certified technology that is currently the cornerstone on which the largest and   most significant deployments of digital identifiers in Spain, and possibly in   Europe and worldwide, are based, its standard-bearers being electronic IDs,   ePassorts and the NATO messaging system (NMS).

                
The company’s second vision was worded as follows: “Once the infrastructure has been ensured by deploying Electronic   Identifiers (eIDs), we must be prepared to provide solutions to support XML   applications and non-PC systems and devices”. This vision led to   the creation of the TrustedX product family, a technology that implements the   SOA (Service Oriented Architecture) vision and uses XML and Web Services to   enable the optimum integration of PKI elements in corporate applications under   any type of device.

                
Lastly, we have been working over the past few years on new   technologies that will allow us to implement the following vision: “Security is structure and syntax but, ultimately, Trust is semantics”. It is a short vision statement that is easy to understand and,   although the vision has not yet been developed into a product family, there   exists a reasonable belief that the problems regarding security and trust in the   complex future information society may only be resolved by means of semantic   technologies and intelligent systems.

                
However, the technology strategy does not only rely on its   vision. As in haute cuisine, creativity and innovation are not enough;   exceptional raw materials and ingredients are also required.

                
Technology strategy and the importance of   innovation

                
Our technology is based on a strategy that in turn rests on   invariable foundations that are ever-present during our product generation   process, namely: i) Strong RDI, ii) Standards,   iii) Interoperability, iv) Security   Certifications and v) Quality.

                
Safelayer’s RDI component is   very high, due not only to the resources devoted to it but also to the nature   and history of the technical team that represents it. Originating from and still   active in university academic and research settings, we believe that Safelayer has found the right formula to combine the creative   and innovative spirit of the university campus with the professionalism and   client vision required by the highly competitive technology business. Moreover,   this strong vocation for research, development and innovation has meant that our   technology projects have always been endorsed and supported by national and   international programs and organisations created for that purpose (including the   PROFIT, AVANZA I+D, CENIT, R+D+i/CIDEM and European R&D Framework   programmes), whose ongoing support, along with that of the company’s   shareholders, has been critical in our career. Although significant, third   parties have not only supported our work financially. Professional recognition   from the industry itself provides considerable backing. Of note are the two   latest international awards given to our TrustedX product: 1) the 2007 European   Teletrust Award for the most innovative technology product, and 2) the   nomination for the ICT-Prize 2007 of the European Commission for the most   innovative products in Europe.

                
Given its focus on technology, research and innovation, there   are very few dogmas at Safelayer. However, there are two main principles   regarding the implementation of the technology vision: Standards and Interoperability. The vision should only be   realised using standards and making sure our products are 100% interoperable   with others. Only these two principles can guarantee genuinely open systems, and   thus the protection of our customers’ investments.

                
Given the technological activities that are focused on the   generation of security and trust products, it seems an inescapable commitment to   submit these products to the highest safety certifications. To   do so, there are globally recognised metrics known as Common Criteria (CC) and   Spain belongs to a select group (Common Criteria Recognition Arrangement - CCRA)   through CNI/CCN, which can issue digital certificates that are automatically accepted by   other countries. It is only fair to mention that the CC EAL4+   certification—currently regarded the highest level of security certification for   a software product—of our KeyOne product was part of the Spanish accreditation   at international level. As occurred with KeyOne, work is   currently underway to obtain certification level CC EAL4 for our TrustedX product (minimum level required by the European   electronic signatures directive to be considered a secure signature-creation   device).

                
Quality is intimately linked to the security   certification. The CC EAL4+ security certification requires the implementation   of the highest level of management, control, safety and quality processes in the   product development and distribution life cycle. At Safelayer,   this requirement is endorsed by the CC certifications, but also by quality   certifications such as ISO9001: 2000 for all processes of Design, Security   Software Development and Consulting Services and Training in Public Key   Infrastructures, and the Level 3 Quality Certification ISO/IEC 15504 SPICE   (Software Process Improvement and Capability Determination) with regard to   relevant processes in software product development. These digital certificates guarantee   to our customers that when they buy Safelayer products they are   buying not only cutting-edge technology, but also that of the highest quality   and guarantee.

                
Technology, products

                
The KeyOne product family is our most   consolidated technology range. KeyOne comprises a complete   collection of Public Key Infrastructure components, from those for issuing and   managing digital certificates (Certification Authority and various types of   Registration Authorities) to trusted third party services (OCSP Validation   Authority and Time-Stamping Authority), including electronic signature   integration applications and tools (Desktop and toolkits).

                
An organisation or corporation can use the KeyOne product range to deploy a complete digital certification   infrastructure. It is currently being used in the three most important   certification and digital identification projects in our country in terms of   volume: the Spanish Royal Mint or FNMT, DNI-e (e-ID) and Digital Passport.   Similarly, international projects worth noting include the PKI for the NATO   secure messaging system (NMS) and others for institutions in France, Germany,   Portugal, Andorra, Morocco, Uruguay, Colombia and Panama.

                
We believe that KeyOne is technologically the   most modern, flexible and comprehensive proposal of the few that exist   worldwide. Moreover, because PKI is a technology that is highly sensitive to the   security of critical infrastructures at the national level, KeyOne represents an endorsement for Spain to belong to the   select group that has a national commercial (out-of-box) solution.

                
The TrustedX product family was created   because of the need to adapt/simplify the integration and applications range   initiated with KeyOne. This need was detected at a time when   web service technologies were just beginning to emerge in the industry (the term   SOA did not even exist) but there was already a tendency towards a fully   interconnected world dominated by two basic technologies: i) IP and ii) XML. TrustedX was conceived to offer “security and trust   functionality as a service” in line with the latest concept of SaaS (Software as   a Service). The functionality offered by TrustedX as a service   concentrates most requirements related to authentication, access control and   authorisation, digital key and digital certificate management, basic, advanced and   long-term electronic signature, data encipherment, document custody and advanced   integration functions that greatly simplify the introduction of services in the   core corporate application of companies and organisations. Another advantage   offered by TrustedX as a provider of security and trust   services is that it masks and hides from applications the complexity of many   formats and protocols related to this technology (ASN.1, X.509, PKCS#, CMS,   S/MIME, CAdES, XML, XML-DSig, XAdES, PDF-Signature, etc.), offering a unique and   uniform XML interface. This gives TrustedX “semantic”   properties as it standardises the concepts behind the different formats and   protocols, thus simplifying their understanding and use.

                
The KeyOne and TrustedX product families complement each other perfectly, the latter being the   extension of the former in applications that use public key infrastructures   (PKI). This has clearly been understood by the market, in which TrustedX and solutions that are similar (but not the same) are   rapidly being adopted as elements that integrate PKI technology in the business   logic of organisations.

                
It is strategically important to note how technologies   influence one another and evolve. In the case of KeyOne, the TrustedX vision has provided a significant improvement in terms   of the infrastructure’s integration in the corporate application logic. KeyOne has also introduced a SOA integration strategy based on   web services, so that managing the lifecycle of keys, digital certificates and   electronic identifiers (e.g. smart cards) can be automated using web interfaces   that can be invoked and choreographed from the service bus (Enterprise Service   Bus or ESB) and/or integration of the corporation.

                
The technological vision is very important when it comes to   developing products. Safelayer is currently working on semantic   technologies in general, and on Semantic Web technologies and their application in the management, development and   interoperability of security and trust in particular. For example, there is much   discussion in Europe about the interoperability between national e-IDs (eDNI in   Spain, the Belgian eID, Estonian eID, the ECC-European Citizen Card, etc.) and   that of electronic signatures generated in the different Member States.   Technically, there are formats, protocols and standards that implement the   various solutions, and the discussion appears to be focusing on the same   technical level using gateways and/or bridges as elements of interoperability.   At Safelayer we believe that the most important interoperability problems are   more conceptually focused on trust and that the complexity involved in managing   approximately one hundred European providers of Qualified Certificates (there   are even more unqualified ones) in terms of matching names, quality comparison,   security, action policies, service level, etc. between them, can only be solved   with a more advanced technological vision, that is, with semantic technologies   and intelligent systems.

                
Technologically and at product level, Safelayer is proving to be more consistent than its competitors   both nationally and internationally. KeyOne’s competitors are   international and have gone for diversification strategies, losing the focus on   its PKI products, which, unlike KeyOne which has continued to evolve, has led to   a halt in their technological progress. Regarding TrustedX, we   have not identified a product that can clearly compete at the same level,   although there are partial service solutions focusing on outsourcing; partial   in-house solutions by some integrators, or certain products that solve specific   parts of the problem. Thus, Safelayer stands out for its   innovation and ability to articulate market needs, offering a product committed   to its customers and future business needs.

                
Conclusion

                
In the new systems that society demands, virtual electronic   interactions are becoming increasingly important in all circumstances, whether   personal, professional or governmental. Trust is the basis of any relationship,   so electronic identification systems are evolving towards increasingly reliable   mechanisms based on PKI technology. This is where Safelayer positions itself, providing innovative, global and efficient technology, meeting   the demand for reliable mechanisms for virtual processes of authentication and   identification, electronic signature and data protection, and therefore for   tools that improve competitiveness.










 
			
				
		Print		
		
				
		E-mail		
						
		Twit		
		 




 

			  
            		
                      

        

    

      

    

  





  

    

      
      
      

          

             
 
            

	

			

	
	
	


            
            
            Follow us on twitter
			
			
Contact