ABSTRACT
Now that public key encryption and its associated infrastructure (PKI) have become an accepted
foundation for securing the electronic world, a wealth of new security products has come on the scene.
However, it appears that many of these products are solving security problems related to the
infrastructure upon which business applications run rather than the applications themselves. For
example, virtual private network (VPN) products are beginning to support certificate-based authentica-
tion and public key-based key exchange. SSL is the standard for privacy and authentication on the Web.
Although these types of technologies are completely necessary, they are all highly specialized and are
invisible to the applications they are securing.
