RSA Data Security Inc. introduced Monday an upgraded version of its data encryption tool kit for software written in the Java language.
The release, JSAFE 1.1, is significantly enhanced from the 1.0 version of last August, said Tim Matthews, product manager at RSA in Redwood City, Calif.
The technology from RSA, the leader in cryptography systems that protect sensitive and private messages and data bases, has been seen as crucial for the development of secure Java-based programs, particularly in electronic commerce.
Mr. Matthews said the reaction to JSAFE 1.0 and the demands for improvements were indicative of the momentum still building behind Java, the Sun Microsystems Inc. software innovation that is particularly well suited to the Internet.
Besides the cryptographic speed and performance improvements incorporated in JSAFE 1.1, said RSA vice president Scott Schnell, "it was designed to be compatible with BSAFE 3.0 (RSA's basic development package) for developers that want to use both Java and C" languages.
Mr. Matthews said, "We have been selling mostly to large software companies that are moving to Java, like IBM, or to the new crop of Java companies" such as WebLogic, a San Francisco software development firm, or Marimba Inc., a Silicon Valley company noted for "push" technology.
"We hope this year to move more into the enterprise space," said Mr. Matthews, referring to banks and other major companies that are embracing Java faster than many industry observers had anticipated for what are known as "mission-critical" functions.
"Banks and broker-dealers are a big prospective market for Java, not just for home banking but for a whole range of server applications," Mr. Matthews added. "We didn't know at the 1.0 stage how much people would be using Java for serious development work on their servers. This isn't just for 'applets' any more."
Applets are the small programs that exemplified how Java could promote network computing and devices from mainframe size down to smart cards. Visa International, for example, seized on Java as the basis for its smart card operating system. Programs and applications could be written centrally and distributed over networks to cards and terminal devices.
As is common with high-technology innovations, it took time for the security needs and vulnerabilities of Java to become apparent. Finjan Inc., Santa Clara, Calif., an RSA licensee, was one of several software companies that raised alarms about Java and its Microsoft-supported analog, Active-X. Finjan has come out with systems designed to ensure "mobile code security."
It cited a 1997 survey by Zona Research illustrating how critical Java security has become: 52% of corporations were using Java, and 99% expected to be using it by 1999.
"The focus on security continues to expand as enterprises deploy more for the business applications with Java," said Kathy Kincaid, IBM's director of information technology security programs. The JSAFE kit "lets developers enjoy the full benefits of the Java environment with a greater assurance of security."
