Flexibility a must for NASA's PKI

NASA's public-key infrastructure will operate using Entrust Technologies' certification authority infrastructure, which can provide a user two digital signature "identities," one a personal identity and one based on the person's role within an organization, said Gary Moore, a federal technical advisor with Entrust.

The product also supports the ability to archive a user that may not need to be active for a time period. On the desktop, the Entrust software sits above the browser. That means users can run any browser they choose. Also, the encryption mechanism automatically encrypts any information on the desktop that is saved to a folder.

Entrust officials said NASA chose their solution because it gave the agency the ability to manage and control their own environment, said Gary Moore, Entrust's federal technical advisor.

"NASA saw that there's enough of what they're doing that's sensitive enough that they wanted to keep it in-house," said he said. "You want to make sure that you're not following someone else's policies and trying to fit your practices in their policies.

In addition, Entrust's solution is designed to provide NASA with a common infrastructure to support various applications and platforms, Moore said.

"They looked at their applications and their systems and realized...you could be dealing with one CIO that has a Mac on his desk...another who has a PC," he said. "They could either piece together lot of solutions...or build a common infrastructure."