About jbarrett

This author has not yet filled in any details.
So far jbarrett has created 2 entries.

PKI Security Made Simple

What’s better:  having a lock on your door, or having a lock on your door AND a guy standing there making sure it’s you unlocking the door?

Obviously, the more security you have the better, which is why more Government eCommerce systems are moving towards PKI.   So, what does PKI mean? The acronym stands for Public Key Infrastructure and it refers to the use of hardware and software-based “keys”, or certificates, to verify a user’s identity and credentials online.

In order to get a key/certificate, you need to contact a Certificate Authority (CA). There are several CAs available, but the Defense Logistics Agency only recognizes Verisign, Identrust, and ORC as approved CAs on DOD EMALL.  And when it comes to establishing user identity, CAs don’t take the process lightly.  Getting a certificate issued generally requires paperwork, several forms of identification, a notary signature, and on occasion, an in-person visit.

After your identify is verified, the certificate is issued in one of two ways:

1) A software-based certificate installed directly to the user’s computer.

2) A portable, hardware-based certificate that the user physically carries with them (often in the form of a smart card or USB stick).

These certificates also include a user-associated PIN.  This is called two-factor authentication, and is why PKI is significantly more secure than the traditional username/password model. It’s more than just what you know (i.e., a password); it’s what you have and what you know.

So, now that you have a certificate, what can you do?

Some sites, such as the DOD EMALL, require users to present a certificate for accessing and using the site. Additionally, certificates enable users to send digitally-signed emails that provide proof of data integrity and origin, while also enabling receipt of encrypted email.

Users […]

By |September 2nd, 2010|DOD EMALL, Government eCommerce|Comments Off on PKI Security Made Simple|

Around And Around With Rounding We Go . . .

No, it’s not the latest Dr. Seuss book.  It’s dealing with rounding of numbers, and in this case currency within  eCommerce websites.

Rounding has been part of computer languages as early as FORTRAN and C, which started back in the 1950s.  Unfortunately for developers during those times, various forms of rounding had to be coded specifically for each instance.  Since then, however, more modern programming languages allow for various rounding options in much easier fashions.

eCommerce sites often integrate with multiple downstream systems.  The DOD EMALL — the largest Government eCommerce site for federal buyers — is no different.  Recent efforts within DOD EMALL have been to compare all uses of currency within the application, as well as to review their uses in downstream systems.

How many versions of rounding can there be?  Well, there are numerous forms of rounding, including round-up, round-down, round-ceiling, round-floor, round-half-even, round-half-up, and round-half-down.  It really depends on how complex you want (or need) things to be.  Software developers may be wondering why their code isn’t acting as expected, and will be seeking answers. As a DOD-contracted IT-provider for the DOD EMALL, Partnet has used several rounding functions, but here are a couple of examples:

The first example is the one you probably learned when you were a child. Round-Half-Up goes to the nearest neighbor —  less than 5 rounds down, equal to or greater than 5 rounds up.

Round-Half-Up Examples

Initial Value
2 Digits of Precision





Round-Half-Even is different, as it rounds to the nearest neighbor value (less than 5 rounds down, greater than 5 rounds up), but if it is 5, then it rounds to the nearest even number (either by staying or going up).

Round-Half-Even Examples

Initial Value
4 Digits of Precision




So why is rounding a big deal?  If you […]