Cable Industry, RSA Reach Security Deal

Publish date:
Updated on

The cable industry is expected to announce a licensing deal
with RSA Data Security Inc. in two weeks that will give cable operators access to critical
data-security algorithms at a reduced price.

The deal -- originally pursued by the MCNS (Multimedia
Cable Network System) cable operator partners: Tele-Communications Inc., Time Warner
Cable, Comcast Corp. and Cox Communications Inc. -- was handed off to Cable Television
Laboratories Inc. for completion in late December.

The deal is an important resolution to operators that are
aggressively deploying high-speed-data services and that have needed a way to ensure that
data traveling over their networks remain secure and private. Privacy and security issues
will only escalate as data modems are built into digital set-tops, as the OpenCable
digital project specifies.

CableLabs executives declined to comment on the agreement,
saying that official news will come from RSA. RSA executives did not return repeated phone
calls last week.

But MSO sources close to the deal said the CableLabs
'master license' will include source-code sublicenses for manufacturers that
make security modules, as well as object-code sublicenses for vendors of security modules
and end-user products, like cable modems.

The security modules can be used for encryption of data
over DOCSIS (Data Over Cable System/Interoperability Specification) modems, OpenCable
set-tops or packet cable devices, as yet undefined.

In the arrangement, RSA will license the algorithms to
CableLabs, which, in turn, will distribute the source code to makers of security
manufacturers, sources said. Vendors that participate are required to report the number of
products distributed with the security code to CableLabs, for tracking purposes.

Manufacturers that license the security code will likely
pay about 25 cents per modem shipped and per-headend fees ranging from $50 to $500, as
well as an as-yet-undetermined administrative fee.

As part of the agreement, the modules can only be licensed
to U.S.-based companies, in order to comply with export-control rules.

In early January, vendors received a
source-code-sublicensing agreement from RSA, as well as terms for the licenses and a form
to handle maintenance and support, according to one engineer familiar with the process.

RSA is a wholly owned subsidiary of Security Dynamics
Technologies Inc. and a leading supplier of software that secures electronic data.
According to company reports, RSA has installed more than 300 million copies of encryption
and authentication technologies throughout the world.

At RSA's annual Security Conference in San Francisco
two weeks ago, president James Bidzos said encryption revenues in 1987 totaled $10
million, but by 1997, the top five encryption firms generated about $1.5 billion.

That's because security technology is critical to
Internet commerce and privacy, he said.