Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Security

00:00 AM
Ivy Schmerken
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

Start-Up Authorizes Users with Central Biz Rules

John Field saw a gap between the technical problem of authentication and higher-level authorization rules.

When John Field worked at Bankers Trust Information Services (BTIS) in the 1990s, applications developers were reinventing the wheel because there were no consistent entitlement rules for using business applications.

"Authentication is establishing the user's identity," explains Field, but "authorization answers the question--'Now that I know who you are, what are you allowed to do?'"

Field, who was in charge of BTIS's network authentication and external access controls--and wanted to branch off into Web authentication--saw a gap between the technical problem of authentication and the higher level authorization rules which control the risk to the business.

"We wanted to pursue the idea but we didn't have the budget within the infrastructure group to grow the whole effort," he says.

In June of 1999, Field and co-founders spun off the company (he was allowed to handpick a dozen people) called Indigo Security Technologies Inc. with the product Indigo Elara Entitlement Management, initially focusing on the New York vertical-financial market.

With the $3.5 million in venture capital they raised from BT Pyramid Ventures--which is now part of the portfolio of DB Ventures due to the merger of Bankers Trust and Deutsche Bank--they licensed the software. They spent the next six months rearchitecting the technology and rewriting the code in Java and Enterprise Java Beans (EJB), so that it worked with industry standards such as Kerberos and Public Key Infrastructure (PKI).

Currently, three financial institutions are beta testing the product--including a traditional investment bank, a money transfer operation and a dot-com for high-net-worth investment management clients.

Indigo allows firms to develop a central policy of entitlement that can be reused by the business applications. "Our technology bridges the gap from traditional security problems, i.e., firewalls, and the risk to the business application," says Field who is Indigo's chief technology officer.

"It can start off authorizing 1,000 transactions per second, or you can set it up into a farm of network servers and have millions of people up to 100 million authorized to use it," says John Weinschenk, CEO. For e-commerce strategies, Elara authorize users on the front- and back-end systems by tying into existing client/server and legacy applications. In addition to speeding up Web deployment, Field estimates there'd be a 20-30% cost savings. If a firm allocated $1 million to build an application, and $300,000 is devoted to the entitlement rule, it can save 80% or $240,000 with Elara. Ivy is Editor-at-Large for Advanced Trading and Wall Street & Technology. Ivy is responsible for writing in-depth feature articles, daily blogs and news articles with a focus on automated trading in the capital markets. As an industry expert, Ivy has reported on a myriad ... View Full Bio

Register for Wall Street & Technology Newsletters
Video
All Videos
Slideshows
The 10 Hottest Cloud Apps on Wall Street
The 10 Hottest Cloud Apps on Wall Street
Your IT team may not have heard of them.
More Slideshows