SBIR-STTR Award

The effort proposed here by the DAT team will investigate and quantify the use of DAT’s strong authentication system for the control of access to wireless networks. The DAT system fuses 7 different credentials into an incalculable and continually dynamic authentication system. Although the specific operation of the system in the wireless environment will developed in the course of the proposed SBIR Phase I task, a preview of the specific credentials that must all be co-resident before access is authenticated can be prepared from the working DISA system. These credentials and their use (described below in further detail) include: 1. User specific information, such as biometrics. 2. The processor ID number on the user’s authorized computer. 3. The volume ID number on the user’s authorized ID number. 4. The DAT electronics ID number. 5. The LSDFTM historical table of physics based secrets (captured in the past by the user each time he logged in.) 6. The user’s location, based on the use of the location awareness component of the DAT system to determine whether or not the user resides at a pre-approved location. 7. The correct sliding port target for access. DAT believes that a physics based authentication system is ideally suited to an immediate, revolutionary and significant strengthening of wireless network systems with minimal impact on costs and current method of operation. Benefit If successful, the effort will present an architecture for securing wireless networks. The anticipated integrated solution proposed by DAT team will evaluate the use of physics based authentication and access control in a wireless environment. The non-algorithmic nature of the DAT system will bring not only security and dynamic authentication whose secrets are incalculable, but, if desired, will also enable owners of the DAT protected wireless LANs systems to control access based on location of authorized users and time of access as well. The commercialization strategy is to be built around four guiding principles: 1. Facilitate the addition of physics based authentication into wireless LAN systems with minimal impact on existing architecture and legacy systems. 2. Restrict access to sensitive areas (data, physical locations, etc.) 3. Raise the level of security in US wireless LAN systems to the forefront worldwide. There is ample evidence to support the contention that DAT has a large and ready market for its strong authentication and location awareness products (according to Merrill Lynch, approximately $15 billion in 2006). Conservative estimates (1% penetration in 4 years) yield revenue projections of shipped product in excess of $150M. Moreover, the DAT business plan includes a recurring revenue component due to the need for annual software updates by each user and related hosts. These recurring revenue features will more than double the revenue projections. Of course, DAT will also work with strategic partners to push its products into the markets that offer the greatest potential for revenue growth. Potential strategic partners for DAT include manufacturers of disk drives, encryption and compression chips, mobile code software, intelligent alert systems, ground radar systems, digital content providers (digital cinema), servers, routers, LAN cards, NICs, PDAs, cell phones, PCs, laptops, MP3 players, power generation equipment, aviation control systems, telecommunications equipment, web cams, video recorders and cameras, pagers and various types of sophisticated military and homeland security hardware that employ remote operation and/or monitoring (e.g., containers, wireless network sensors and robotic drones). The price of DAT’s products will enable the company to earn an enviable share of the market for cyber security products as well as healthy profit margins. DAT will initially use off the shelf components that reduce the cost of producing its hardware products. In a symmetrical DAT ("SDAT") system (i.e., both the clients and the server have geo-location hardware), the retail price of DAT’s hardware products will be competitive with the initial set up fees charged by remote certifying authority enterprises. In an asymmetrical DAT ("ADAT") system (i.e., the server has geo-location hardware that captures, digitizes and shares the LSDFTM s from its location with the clients), the price of DAT hardware becomes immaterial since the lion’s share of the system’s sale price is tied to the cost of installing software on client machines. For customers who do not require geo-location capabilities for audits or as criteria for access control, the cost of ownership of an ADAT system will be similar to other software products on the market. SDAT and ADAT products will also enable DAT to generate significant recurring service fee income from software upgrades and related annual or monthly fees. This business model is already in use by other software security companies (e.g., anti virus systems and PKI systems) and DAT plans on adopting it as well as it is required by providers of venture capital financing. There are compelling reasons why government and commercial customers need DAT’s products. Thus, even in a weak capital market, DAT can reasonably expect to acquire a strong valuation pre and post IPO. Keywords Physics based, authentication, strong, location specific, Wireless

Digital Authentication Technologies, Inc. ('DAT') proposes to begin design, build, debug and testing of its innovative physics-based system that has been developed in its NAVAIR Phase I contract. As the Phase I work describes, the DAT system introduces physics-based strong authentication and location awareness to defeat hacker tools and add additional layers of protection to currently exposed wireless networks and programmable radios. This Phase II effort will extend the DAT system into a working programmable radio implementation that will be installed and tested at a to-be-determined field test location. There we will mount a series of studies to breach the security and launch a replay or other attack on the programmable radio system. The result of this Phase II effort will be the availability of a commercial product consisting of software and associated hardware modules that provide physics-based authentication and protection of programmable radios systems. These will be test-worthy units that provide physics-based authentication and protection of wireless systems.

Benefit:
Benefits and Commercialization Strategy The Phase II effort will lead to a test system based on software defined radios ('SDRs'), and will develop a strategy for migrating the DAT system onto JTRS radios. This test system will use physics based authentication and access control in a radio environment. The non-algorithmic nature of the DAT system will bring not only security and dynamic authentication whose secrets are incalculable, but, if desired, will also enable owners of the DAT protected SDRs to strongly authenticate parties at the other end of a communication and control access based on location of authorized users and time of access as well. The commercialization strategy is to be built around four guiding principles: 1. Facilitate the addition of physics based authentication into SDRs with minimal impact on existing architecture and legacy systems. 2. Restrict access to sensitive areas (data, physical locations, etc.) 3. Raise the level of security in SDR communications to the forefront worldwide. There is ample evidence to support the contention that DAT has a large and ready market for its strong authentication and location awareness products (according to Merrill Lynch, approximately $15 billion in 2006). Conservative estimates (1% penetration in 4 years) yield revenue projections of shipped product in excess of $150M. Moreover, the DAT business plan includes a recurring revenue component due to the need for annual software updates by each user and related hosts. These recurring revenue features will more than double the revenue projections. Of course, DAT will also work with strategic partners to push its products into the markets that offer the greatest potential for revenue growth. Potential strategic partners for DAT include manufacturers of disk drives, encryption and compression chips, mobile code software, intelligent alert systems, ground radar systems, digital content providers (digital cinema), servers, routers, LAN cards, NICs, PDAs, cell phones, PCs, laptops, MP3 players, power generation equipment, aviation control systems, telecommunications equipment, web cams, video recorders and cameras, pagers and various types of sophisticated military and homeland security hardware that employ remote operation and/or monitoring (e.g., containers, wireless network sensors and robotic drones). The price of DAT’s products will enable the company to earn an enviable share of the market for cyber security products as well as healthy profit margins. DAT will initially use off the shelf components that reduce the cost of producing its hardware products. In a symmetrical DAT ('SDAT') system (i.e., both the clients and the server have geo-location hardware), the retail price of DAT’s hardware products will be competitive with the initial set up fees charged by remote certifying authority enterprises. In an asymmetrical DAT ('ADAT') system (i.e., the server has geo-location hardware that captures, digitizes and shares the LSDFTM s from its location with the clients), the price of DAT hardware becomes immaterial since the lion’s share of the system’s sale price is tied to the cost of installing software on client machines. For customers who do not require geo-location capabilities for audits or as criteria for access control, the cost of ownership of an ADAT system will be similar to other software products on the market. SDAT and ADAT products will also enable DAT to generate significant recurring service fee income from software upgrades and related annual or monthly fees. This business model is already in use by other software security companies (e.g., anti virus systems and PKI systems) and DAT plans on adopting it as well as it is required by providers of venture capital financing. There are compelling reasons why government and commercial customers need DAT’s products. Thus, even in a weak capital market, DAT can reasonably expect to acquire a strong valuation pre and post IPO