CyberTrust

Last updated

CyberTrust was a security services company formed in Virginia in November 2004 from the merger of TruSecure and Betrusted. Betrusted previously acquired GTE Cybertrust. [1] [ citation needed ] Cybertrust acquired a large stake in Ubizen, a European security services firm based in Belgium, to become one of the largest information security firms in the world. It was acquired by Verizon Business in 2007. [2] In 2015, the CyberTrust root certificates were acquired by DigiCert, Inc., a leading global Certificate Authority (CA) and provider of trusted identity and authentication services.[ citation needed ]

Contents

History

CyberTrust was founded as a subsidiary of GTE Corporation's Government Systems Information Security Directorate. It focused on security services for electronic commerce. These included authentication, privacy, integrity and non-repudiation using Public Key Encryption technology. In 2000, GTE sold CyberTrust to Ireland-based security company Baltimore Technologies for $150 million. [3] In 2003, Baltimore Technologies divested its operating companies, including all digital certificate operations to BeTrusted Holdings, Inc. [4] A year later in September 2004, BeTrusted announced its intention to merge with former competitor TruSecure Corporation and in November the resulting company was incorporated in Virginia as CyberTrust. [5] Verizon Business then acquired Cybertrust in 2007, [6] reuniting it with its former parent (Verizon was created by the merger of GTE and Bell Atlantic). Financial terms were not disclosed.[ citation needed ] In 2015, the CyberTrust root certificates were acquired by DigiCert, Inc., a leading global Certificate Authority (CA) and provider of trusted identity and authentication services. The financial terms were not disclosed. [7]

Cybertrust used its majority shareholding to dilute the remaining Ubizen shares, forcing it to acquire the remaining shares and delist Ubizen in 2005. [8]

Betrusted was originally created by PWC and sold to One Equity Partners, a division of Bank 1. One Equity Partners also purchased 90 East and SecureNet (who bought the PKI component of Baltimore and the gateway operations of iSecure). [9]

Present

The acquisition of the CyberTrust root certificates makes DigiCert the second-largest Certificate Authority (CA) for high-assurance SSL Certificates. As part of the deal, DigiCert will assume management of the CyberTrust/Verizon trusted roots and intermediate certificates. Verizon will continue to offer SSL Certificates as a reseller of DigiCert. [10]

Pursuant to DigiCert's acquiring Verizon Enterprise SSL business, DigiCert announces its partnership with Cybertrust Japan to expand its market presence in Asia. [11] Under this new partnership, DigiCert and Cybertrust Japan also announce Cyber Secure Asia, a wholly owned subsidiary of Cybertrust Japan, which will market DigiCert's certificate technology to Southeast Asia from a regional headquarters in Singapore.[ citation needed ]

Related Research Articles

X.500 is a series of computer networking standards covering electronic directory services. The X.500 series was developed by the Telecommunication Standardization Sector of the International Telecommunication Union (ITU-T). ITU-T was formerly known as the Consultative Committee for International Telephony and Telegraphy (CCITT). X.500 was first approved in 1988. The directory services were developed to support requirements of X.400 electronic mail exchange and name lookup. The International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) were partners in developing the standards, incorporating them into the Open Systems Interconnection suite of protocols. ISO/IEC 9594 is the corresponding ISO/IEC identification.

<span class="mw-page-title-main">Public key infrastructure</span> System that can issue, distribute and verify digital certificates

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.

In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes the public key and information about it, information about the identity of its owner, and the digital signature of an entity that has verified the certificate's contents. If the device examining the certificate trusts the issuer and finds the signature to be a valid signature of that issuer, then it can use the included public key to communicate securely with the certificate's subject. In email encryption, code signing, and e-signature systems, a certificate's subject is typically a person or organization. However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations or individuals in addition to their core role in identifying devices. TLS, sometimes called by its older name Secure Sockets Layer (SSL), is notable for being a part of HTTPS, a protocol for securely browsing the web.

<span class="mw-page-title-main">Root certificate</span> Certificate identifying a root authority

In cryptography and computer security, a root certificate is a public key certificate that identifies a root certificate authority (CA). Root certificates are self-signed and form the basis of an X.509-based public key infrastructure (PKI). Either it has matched Authority Key Identifier with Subject Key Identifier, in some cases there is no Authority Key identifier, then Issuer string should match with Subject string. For instance, the PKIs supporting HTTPS for secure web browsing and electronic signature schemes depend on a set of root certificates.

In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.

<span class="mw-page-title-main">Verisign</span> American Internet company

Verisign Inc. is an American company based in Reston, Virginia, United States, that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the .com, .net, and .name generic top-level domains and the .cc country-code top-level domains, and the back-end systems for the .jobs and .edu sponsored top-level domains.

<span class="mw-page-title-main">Gen Digital</span> Multinational software company

Gen Digital Inc. is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.

Thawte Consulting is a certificate authority (CA) for X.509 certificates. Thawte was founded in 1995 by Mark Shuttleworth in South Africa. As of December 30, 2016, its then-parent company, Symantec Group, was collectively the third largest public CA on the Internet with 17.2% market share.

Xcitium, formerly known as Comodo Security Solutions, Inc., is a cybersecurity company headquartered in Bloomfield, New Jersey.

CertCo, Inc., was a financial cryptography startup spun out of Bankers Trust in the 1990s. The company pioneered a risk management approach to cryptographic services. It had offices in New York City and Cambridge, Massachusetts. It offered three main public key infrastructure (PKI) based products: an Identity Warranty system ; an electronic payment system ; and an Online Certificate Status Protocol (OCSP) responder for validating X.509 public key certificates. It went out of business in Spring 2002 never having found a wide market for its products despite filing a number of patents and developing new technology.

GeoTrust is a digital certificate provider. The GeoTrust brand was bought by Symantec from Verisign in 2010, but agreed to sell the certificate business in August 2017 to private equity and growth capital firm Thoma Bravo LLC. GeoTrust was the first certificate authority to use the domain-validated certificate method which accounts for 70 percent of all SSL certificates on the Internet. By 2006, GeoTrust was the 2nd largest certificate authority in the world with 26.7 percent market share according to independent survey company Netcraft.

GlobalSign is a certificate authority and a provider of internet identity and security products. As of January 2015, Globalsign was the 4th largest certificate authority in the world, according to Netcraft.

<span class="mw-page-title-main">Entrust</span>

Entrust Corp., formerly Entrust Datacard, provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The privately-held company is based in Shakopee, Minnesota and employs more than 2,500 people globally.

<span class="mw-page-title-main">DigiCert</span> Internet security company

DigiCert, Inc. is a digital security company headquartered in Lehi, Utah. As a certificate authority (CA) and trusted third party, DigiCert provides public key infrastructure (PKI) and validation required for issuing digital certificates or TLS/SSL certificates.

The Certification Authority Browser Forum, also known as the CA/Browser Forum, is a voluntary consortium of certification authorities, vendors of Internet browser and secure email software, operating systems, and other PKI-enabled applications that promulgates industry guidelines governing the issuance and management of X.509 v.3 digital certificates that chain to a trust anchor embedded in such applications. Its guidelines cover certificates used for the SSL/TLS protocol and code signing, as well as system and network security of certificate authorities.

StartCom was a certificate authority founded in Eilat, Israel, and later based in Beijing, China, that had three main activities: StartCom Enterprise Linux, StartSSL and MediaHost. StartCom set up branch offices in China, Hong Kong, the United Kingdom and Spain. Due to multiple faults on the company's end, all StartCom certificates were removed from Mozilla Firefox in October 2016 and Google Chrome in March 2017, including certificates previously issued, with similar removals from other browsers expected to follow.

DigiNotar was a Dutch certificate authority owned by VASCO Data Security International, Inc.

Neal Creighton is an American entrepreneur based in Boston, Massachusetts, United States. He was one of the co-founders and CEO of certificate authority GeoTrust in 2001, and is co-inventor of the domain-validated certificate patent issued in 2006 which method accounts for 70 percent of all SSL certificates on the Internet. In 2006, GeoTrust was the 2nd largest certificate authority in the world with 26.7 percent market share according to independent survey company Netcraft. He was also cofounder of RatePoint, Inc., which was named the MITX 2010 Social Media Company of the Year for New England.

<span class="mw-page-title-main">Certificate Authority Security Council</span>

The Certificate Authority Security Council (CASC) is a multi-vendor industry advocacy group created to conduct research, promote Internet security standards and educate the public on Internet security issues.

Trustico is a dedicated SSL certificate provider, They are headquartered in the United Kingdom.

References

  1. "Agreement between the Company and beTRUSTed (Omniroot)". www.sec.gov. Retrieved 2023-01-11.
  2. Duffy, Jim (2007-05-14). "Verizon Business acquires Cybertrust". Network World. Retrieved 2023-01-11.
  3. "Baltimore Technologies Buys CyberTrust for $150 Million - InternetNews". www.internetnews.com. Retrieved 2015-12-07.
  4. "Agreement between the Company and beTRUSTed (Omniroot)". www.sec.gov. Retrieved 2022-05-13.
  5. Kawamoto, Dawn. "TruSecure, Betrusted to merge and rename". CNET. Retrieved 2022-05-13.
  6. "Verizon Business to Acquire Information Security Services Leader Cybertrust: Combination Creates Global Security Powerhouse". Verizon Business (press release). 2007-05-14.
  7. "DigiCert Grows SSL/TLS Business Via Verizon Enterprise SSL Deal". www.eweek.com. Retrieved 2015-10-12.[ permanent dead link ]
  8. "Back to the roots. Kernel leaves the Warsaw Stock Exchange. How should shareholders respond?". Mind.ua. Retrieved 2023-12-28.
  9. Roberts, Paul F. (2004-09-20). "TruSecure merges with Betrusted". Network World. Retrieved 2020-06-02.
  10. "DigiCert Acquires Verizon Enterprise SSL Business". www.digicert.com. Retrieved 2015-12-07.
  11. "DigiCert Partners with Cybertrust Japan". www.digicert.com. Retrieved 2015-12-07.