Computer maker Hewlett-Packard Co. (HP) and mobile phone company Nokia Corp. have integrated HP's Praesidium Virtualvault security software with the Nokia Activ server, in an effort to provide a secure platform for businesses to conduct wireless transactions, the companies announced Tuesday.
The U.S. Department of Defense classifies the server's security at the maximum level allowed in civilian systems, said Daniel Dorr, HP's director for worldwide business development and wireless. Dorr described the security measures as a product of paranoia.
HP's security works in a partitioned run-time environment. "The vault passes your transaction to the back-end system. Users have no direct access to the applications and no direct access to the data," Dorr said.
Analysts have warned that WAP (Wireless Access Protocol) version 1.1, has a small, but real, security vulnerability at its gateway server -- the server decrypts wireless transmissions for a moment before re-encrypting them for the wired network. A cunning hacker could use the gateway server to steal data.
The integrated server security system uses Virtualvault on Nokia's server to defeat that vulnerability, Dorr said.
"One of the virtues of the vault is that you can't administer it from the outside," he said. The only way for a hacker to watch the server with a sniffer -- a tool for watching account activities -- is to be physically present, he said, adding that it's not possible for a single account to access the whole system.
Pricing for the integrated server system wasn't immediately available, but entry-level Virtualvault software starts at US$40,000, Dorr said.http://www.nokia.comhttp://www.hp.com/.