SWIM MAP Secure your Corporate Data….

The protection of information flowing across networks, public or private, is fundamental to all corporations, large or small. This requirement is often either ignored and data is sent insecurely, or a proprietary solution is implemented to meet the internal requirements of the organisation. This subsequently makes it difficult to extend the security to protect communications with external organisations.

HCEservice.com’s corporate Public Key Infrastructure security solution is based on established industry standards. It provides an integrated end-to-end security infrastructure designed to deliver end-to-end protection for high-value or sensitive information during transmission across an Intranet, an Extranet or across the Internet.

The SWIM MAP (Software Wireless Identity Module – Mobile Application Platform) is a comprehensive set of distributed mobile and fixed client-server security systems. These combine to form a Public Key Infrastructure (PKI) to meet the business and technical objectives described above, protecting communication between distributed mobile devices, workstations and host systems within the context of a PKI.

Internet Technologies

The worldwide explosion in the use of the Internet has provided new models not only for the sharing and the exchange of data but also for conducting business. It has been widely recognised that Internet technology currently does not provide adequate protection for sensitive data or a sufficiently robust environment for electronic commerce. The introduction of Public Key cryptography, in addition to existing Internet security mechanisms, has been critical.

The integration of SWIM MAP within the Web server/browser environments is targeted at the following applications:

  • Secure Socket Layer (SSL)

    Which provides privacy by encrypting data transferred between a browser and a web site.  Optionally SSL can provide authentication.

  • Secure Multipurpose Internet Mail Extensions (S/MIME)

    Which adds privacy by encrypting the data being sent and authentication by adding an electronic signature to the message.

  • Digital signature

    of Web pages (secure Internet web forms).

The Secure Sockets Layer (SSL3) protocol

SSL3 supports data encryption, server authentication, message integrity, and optional client authentication between applications such as Web servers/browsers and e-mail communicating via the Internet using a TCP/IP connection.

Like SWIM MAP, the SSL3 protocol includes RSA public key cryptography to provide the security services mentioned above.  This means that before any application such as a web server and web browser can participate in a secured communication session using SSL, it must have access to an RSA key pair.  Usually, a SWIM application would obtain an RSA key pair by performing the following:

  • Generate an RSA key pair

  • Request for the public key certificate from a trusted Certification Authority

  • install the certificate into the application

Web-Server Based Secure Forms

This component of the SWIM MAP solution resides on the central Web-Server host.  It comprises a number of down-loadable, HTML-based user-interface forms and at least one Java applet.  These are downloaded to the PC from the Microsoft Internet Information Server(IIS), which resides on a central Windows Server.  These forms are the basis of a standard Web-Browser Interface to the Internet user.

PC HTML forms can include the necessary triggers, which will invoke the “SWIM_ACX” ActiveX module.  This, in turn, invokes a downloaded Java applet.  When invoked, this parses the filled-in content of the form and generates a digital signature based on the data it finds, which is then appended to the form’s contents.  The complete data set (including the signature) is then returned to the central server either via an HTTP or, alternatively, an SSL session.