NIST readies security, workflow pilot

[InfoSec News <isn () C4I ORG>]

http://www.fcw.com/fcw/articles/2000/0807/web-nist-08-09-00.asp

BY Colleen OHara
08/09/2000 RELATED STORIES

The Commerce Departments National Institute of Standards and
Technology is getting ready to kick off a 100-seat pilot to test
security and electronic workflow applications.

The E-Approval pilot participants, who are scattered throughout NIST,
will begin using public-key infrastructure and digital signatures,
electronic forms and workflow applications for "real work" within the
next few weeks, said Bruce Rosen, associate director for CIO projects
in NISTs Information Technology Lab. A final training class was held
last week.

Using technology from Entrust Technologies Inc., NIST employees will
be able to digitally sign and encrypt e-mail and electronic forms. But
the pilot is more than just PKI, Rosen said. "It is actually part of a
larger effort to do electronic workflow and include the ability to
sign things within workflow using PKI," he said.

NIST plans to start out slowly, Rosen said, and test only a few forms
and their associated workflow processes. Some forms, such as an
internal work order to get a new key made, require few signatures. But
other forms, such as a form used to initiate a procurement, must go
through a more complex approval process that involves more people.

In some cases, the business process will change. "Using these
electronic workflows can emulate the current method of processing
paper or can change it," Rosen said.

NIST contracted with integrator Matcon to put the pilot in place. It
is using products from HandySoft Corp. called BizFlow and BizForms to
enable the electronic workflow and electronic forms applications.

If the pilot proves successful, it will be rolled out to the rest of
NIST, Rosen said.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".