ComSoc Industry NewsCache (INC) |
|||||
|
HEADLINES AT A GLANCE"Computer Security,
Biometrics Dominate NIST Agenda" "Computer Security, Biometrics
Dominate NIST Agenda" Recently appointed director of the National Institute of Standards & Technology (NIST) Arden Bement says Sept. 11 and the anthrax scare that followed have prompted the agency to give top priority to security efforts, including those involving computer security and biometrics. "Our primary goal now is to take whatever technologies are available for application and to develop standards and test methods [that will] make them available to the public as quickly as possible," he explains. Bement says he expects NIST to take an even greater role in the development of federal computer security standards. NIST is also working on beefing up security for wireless communication networks and recently launched an standard upgrade for electronic transaction security. On the biometric front, Bement claims his agency will announce a new standard for verifying the identity of people entering the United States by visa or those who wish to secure visas. Furthermore, NIST is collaborating with the Biometric Consortium on new standards. Other initiatives NIST is following include new standards to secure critical infrastructures such as the national power grid, which still requires software integration. Meanwhile, Rep. Tom Davis (R-Va.) plans to introduce legislation that would require all agencies to follow minimum technology and security standards set up by NIST. (Enterprise Networking) "China Must Foster Broadband Usage
- Minister" China needs to improve its telecoms networks and encourage the use of broadband services, said China's minister of information industry. Speaking at the annual Pacific Telecommunications Council meeting in Hawaii, Wu Jichuan said that upgrading China's networks to broadband is crucial in order to deliver voice, data, and video services. The country must also become more competitive. New services need to be reasonably priced so that the mass market can afford them, Wu said. Consumption needs to be high; however, the government will continue with regulation, he said, since competition needs to be "conducted in an orderly way." Wu urged other developing countries to create indigenous Internet content and reduce the digital divide. The Internet challenges cultural traditions, moral standards, and values in developing countries, he said. (Network Operations, Management and Control) "Deutsche Telekom to Raise
Broadband Internet Charges" Deutsche Telekom said it would raise broadband Internet connection rates by approximately 30 percent in response to inquiries by RegTP, the German telecoms regulator. RegTP has been investigating whether Deutsche Telekom has been offering high-speed Internet access at prices below cost. Starting Feb. 25, the German telco said it would raise DSL and ISDN connection charges by 27 and 31 percent respectively. Other European telcos are also hoping to boost sales of broadband Internet connections, which provide superior online audio and video services. (Product Sales and Marketing) "Does Fast Internet Need a
Push?" High-speed Internet access is currently being publicized as a driver of economic recovery in the United States. For the last few years, the benefits of broadband have been touted to consumers--such as the fact that it is always connected to the Internet, eliminating the trouble associated with dial-up modems, and that it will eventually enable users to download such things as movies. However, consumers have been unwilling to pay the $40 of $50 a month it would cost to have high-speed Internet access, while another major problem is the fact that broadband technology is not fast enough yet to provide the video-heavy applications consumers want. Nevertheless, assistant secretary of commerce for technology policy Bruce Mehlman says the Bush administration regards the provision of more broadband as an economic priority. A couple of months ago, FCC Chairman Michael K. Powell launched an assessment of all regulations that have an impact on broadband implementation. Moreover, Senate Majority Leader Thomas A. Daschle (D-S.D.) recently stated that universal broadband access should be one of the planks in the Democratic Party's recommendations for economic revival. The technology industry is now planning to lobby the federal government to establish national goals for broadband adoption and deployment. These companies are united in the view that the provision of universal broadband could lead directly to the next economic expansion. (Internet Architecture, Technology and Applications) "Europe Takes a Front Seat in Net
Rulemaking" The European Union (EU) does not allow the sale of customer information to marketers unless the company qualifies for a "safe harbor" exception, and this discrepancy between U.S. and European privacy laws could cause trouble. The Internet has expanded the potential market for U.S. goods and services, but European regulations can hinder business, and U.S. businesses have to take that into account. The World Trade Organization has ruled that certain large tax incentives for businesses are illegal export subsidies, and the EU may soon require non-EU companies to collect taxes on goods and services digitally delivered to European customers. (Product Sales and Marketing) "Europe--the Watchdog of the
Net?" The European Union is becoming more of a factor when it comes to Internet use and e-commerce initiatives. While the research firm IDC says $52 billion in Western European software sales last year represented more than 28 percent of the world market, Forrester Research says online sales in the market is on pace to reach $2.5 trillion by 2006. What is more, the adoption of the euro as a unified currency will give Europe more might to yield over the New Economy. The latest victory for European officials has been the World Trade Organization ruling that multibillion-dollar tax breaks for businesses are illegal tax breaks, which means the EU can impose $4 billion in punitive tariffs each year on imports from business such as General Electric, Boeing, and Microsoft. However, the rejection of several huge mergers, including WorldCom and Sprint, General Electric and Honeywell, and Time Warner and EMI, has more U.S. executives paying attention to European rules. While American companies are still struggling to comply with the European Data Privacy Directive, they will have to start collecting taxes on goods sold online to European consumers starting next year. Meanwhile, European officials are moving to shape global e-commerce law even further through the Hague Convention on Jurisdiction and Enforcement of Judgments, which allows consumers to sue companies in their home country. "We're talking about a multidimensional chess board that businesses now confront when they participate in the global market," says Mark Bohannon, general counsel of the Software and Information Industry Association. (Product Sales and Marketing) "Fixed Wireless Popularity
Rising" The fixed wireless coverage area doubled in 2001, according to a survey conducted by the Broadbank Wireless Exchange (BWE). The broadband wireless census report found that 1,966 markets have some form of fixed wireless Internet available, more than twice the 723 markets reported the year before. BWE's Robert Hoskins attributed the results to the growing appeal of the broadband medium due to cheap rollout costs. He says that contracts with incumbent and independent local exchange carriers are far more expensive, while DSL and cable service are plagued with problems. Of the top 10 fixed wireless markets, only one, Florida, is outside the domain of Qwest Communications or SBC Communications, which have both abandoned DSL development plans. The BWE survey found that fixed wireless services are making gains primarily in rural and underserved regions. (Wireless Communications) "Net's Servers Under Scrutiny" The security of root servers that run the Internet is becoming a serious concern, and most recently the European Union and a number of European governments have expressed concern about the lack of any formal agreement that covers the management of these servers. Some domain administrators are demanding that the safety of these servers be guaranteed, and are threatening to withhold ICANN fees if nothing happens. Root servers contain the list of databases for every domain from .com to .uk, and all URL queries first go to root servers, which then send, for instance, a .uk query to Nominet for Nominet to find the specific .uk address. The "F" root server in Redwood City, Calif., handles 272 million domain queries daily and contains 8 GB of Ram. While ICANN is charged with overseeing the root server system, ICANN neither employees root server operators nor has contracts with the companies and individuals who operate the world's 13 root servers. With e-commerce in the billions of dollars, many are calling for guarantees. To date, ICANN refuses to do this. Nominet managing director Willie Black believes that ICANN is afraid of liability lawsuits and that ICANN's reluctance to move forward is hurting root server innovation and improvement. Nigel Roberts, head of the Channel Island domain registry, believes the issue is as much about clarifying ICANN's role as about root servers. (Internet Architecture, Technology and Applications) "Threat to 'Net" Multimedia instant messaging threatens to collapse Internet communications due to technological problems detailed by the Internet Engineering Task Force (IETF). Multimedia instant messages can only be supported by an entirely new communications protocol, one that IETF leaders say must prevent traffic congestion on the Internet backbone. IETF is close to finalizing SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE), a protocol that will enable text messages to cross different instant messaging platforms. Unfortunately, SIMPLE cannot support multimedia attachments because Session Initiation Protocol (SIP) runs on two protocols, TCP and UDP (User Datagram Protocol), the latter of which lacks congestion controls. The IETF is courting its members for possible solutions, which will be a topic of discussion at its March conference. The agency has also identified several possibilities for the alternative protocol, which would run on a session mode rather than a paging mode. AOL and Microsoft are reportedly planning to support SIMPLE, but AOL, at least, may not roll out multimedia instant messaging services until it complies with a government regulation to fix the protocol glitch. Johns Hopkins University IS director Ross McKenzie expects multimedia instant messaging to be very popular, especially for those who wish to eliminate long-distance calls by integrating voice chat. (Internet Architecture, Technology and Applications) "Vodafone Trials Mobile Payment
System" Mobile operator Vodafone is testing a wireless payment system for customers in the United Kingdom, Germany, and Italy. Users will be allowed to pay for goods using their cell phones. Transactions are authenticated over the user's phone. If the trials go well, the firm plans to deploy a larger test later in 2002. Vodafone intends to eventually offer the service to its 50 million customers across the United Kingdom and Europe. When making an m-commerce payment, users will use a PIN for each transaction and will be identified by their wireless handset. Personal data such as credit card numbers and addresses are stored in an e-wallet, eliminating the need to punch in the data each time. Vodafone is currently in talks with banks and payment service providers about developing open m-commerce interfaces. (Wireless Communications) "3G by Any Other Name" Cell phone users in South Korea can log on to the Internet, send photos, access movie reviews, and buy tickets using their handsets. Such phones use the 1xRTT system, which downloads data at speeds on par with 3G industry standards. With 1.2 million 1xRTT users, South Korea could claim it leads the world in 3G technology. However, Japan's NTT DoCoMo says its FOMA system is the world's first authentic 3G network. FOMA phones, which currently number in the few thousand, run at higher speeds than 1xRTT and some can support video calling. Morgan Stanley analyst Mark Shuper says Korea's system should be judged by what it can do, not by obscure technical definitions. The rivalry between the two systems is mainly between the older, cheaper CDMA2000 technology (used in South Korea) and newer, more expensive W-CDMA (used in Japan). Backed by supporters in Japan and Europe, W-CDMA has experienced technical glitches; CDMA2000 is much cheaper to upgrade to where 2G CDMA networks already exist. (Wireless Communications) "Report: Agencies Need to Focus on
Cybersecurity Now-- or Else" America's reliance on technology makes it necessary that businesses and government agencies become aware of the "sorry state of information security," warns a National Research Council report titled "Cybersecurity Today and Tomorrow: Pay Now or Pay Later." The report says that a well-aimed cyberattack could knock out communications, transportation, and electric-power systems, as well as disable financial systems, thus making it easy for a hacker to steal large amounts of money. To improve network protection, the council suggests that: agencies appoint a security coordinator and give that person the power to force administrators to focus on preventing breaches; adequate tools be made available, and that staff be trained in their proper use; random penetration tests be performed to uncover vulnerabilities; and networks be designed with the knowledge that any system they are connected with could compromise them. (Network Reliabilty, Security and Quality Assurance) "Security Takes a Pragmatic
Turn" Government heads are considering IT-related security with great seriousness after the Sept. 11 attacks, with many proposals yet to be sorted out, and the appropriate ones given funding. One interesting phenomena immediately after the attacks was the deluge of Web traffic directed at previously obscure government sites, such as the FBI's financial crime tip site, which was made the ad hoc terrorist tip site by Attorney General John Ashcroft on the night of Sept. 11. "Some agency sites saw traffic increases of 2,000 percent," says Akamai's Christopher S. Carlston. Government agencies revived and strengthened their contingency plans crafted for the Y2K transition and also saw the need to share information, most likely through a centralized database. Making use of that information in ways that will really be useful to agencies requires data-mining technologies that are currently not available, says Lawrence E. Brandt of the National Science Foundation. Other popular ideas have included using biometric data to screen public places for criminals and for use in national ID cards. President Bush's cybersecurity advisor, Richard Clarke, has also proposed building a standalone GovNet federal intranet because of fears over a concentrated network attack on U.S. systems. (Network Reliability, Security and Quality Assurance) "Your Secret's Safe" There are various ways to keep encrypted messages private, such as public key cryptography, frequently disposed keys, and one-time pad systems; but these techniques can be complicated, impractical, or overridden by hackers or governmental authority. Harvard computer science professor Michael Rabin is working on a method that ensures absolute secrecy that anyone can use. By tapping into the deluge of data that fills the airwaves, whether delivered by satellite, mobile phone mast, Internet, or other source, users can build a key to an impenetrable code. The program would assemble the encryption key out of random bits of data. Furthermore, the transient nature of the data stream makes decoding futile, even if someone gets ahold of the key. Rabin envisions satellites that can transmit streams of random bits, and is collaborating with electrical engineer Woody Yang to design a broadcast beacon. The professor says the satellite network's enormous setup costs would be fronted by corporations that wish to use the system to hold secure business meetings. The National Security Agency is sure to be unhappy if Rabin's vision comes to pass, notes Brad Templeton of the Electronic Frontier Foundation. (Enterprise Networking) "Identity Crisis" Identity theft is a major concern in today's Internet-oriented world, and although many Web sites boast high security measures, they are unable to guarantee protection of user information. Hackers who simply steal identities "for fun" cost insurers and victims millions of dollars, aggravation and loss of time, not to mention the major thieves who establish elaborate rings that embezzle multiple identities. In one case, a New York state employee, a former state worker with the State Insurance Fund, stole personal information on hundreds of New York residents, fed the information to a New York City ring of identity thieves, who used it to buy $100,000 worth of goods, including $70,000 worth of mail-order computers from Gateway. Such vulnerabilities have given rise to a new type of insurance product that offers consumers reimbursement for the costs associated with unraveling the identity theft, as well as compensation for the time spent in the process. American International Group (AIG) now offers AIG Personal Internet Identity Coverage (PIIC), designed to help businesses and other private organizations by reimbursing them for financial losses and legal aid in the event of an identity theft. Meanwhile, Chubb provides identity theft insurance to private institutions, and is including identity theft coverage in its homeowners policies, thus far, in about 46 states. (Network Reliability, Security and Quality Assurance) "Seton Hall Network Grows Without
Wires" A wireless LAN encompasses approximately 80 percent of Seton Hall University's Campus, according to senior network engineer Joseph DiVito. The network is designed to supplement the college's portable computing initiative, says executive director of IT services Bernd Walter. New students and freshman receive laptops with an embedded LAN card and an Ethernet NIC, which are supported by Ethernet jacks and power plugs in classrooms. The glue holding the LAN together is access point bridges from Symbol Technologies that run on the 802.11 standard. Dorm lounges feature wireless access points, while dorm rooms use a wired connection. The college must provide network access to faculty as well as students while simultaneously keeping it secure. "Our security is working, but it's not the kind of security you see at a corporate or government level," Bernd explains. Seton Hall recently finished replacing its ATM backbone with Gigabit Ethernet and has started to roll out voice over IP. Video on demand may be incorporated into the network this summer. (Network Operations, Management and Control) "The World in a Box" The first products of artificial-intelligence researcher Doug Lenat's Cyc project are being rolled out. The goal of Cyc is to create software that can comprehend language by using common sense. When he started his project 18 years ago, Lenat predicted that Cyc technology would by now have the ability to learn new concepts through open conversation, but he has postponed that forecast by another five years. Learning through raw text scanning, an ability Lenat originally expected to appear in the mid 1990s, could take two more decades before it is ready. Lenat says the infusion of context into the facts database expanded it tenfold, while the initiative took on custom database projects to stay financially solvent. Cyc's most significant application so far has been an enhancement to the Lycos Web search engine. Cycorp, the company spun off from MCC, Cyc's original parent, is planning to launch CycSecure, a network security tool bolstered with data about software and network configuration weaknesses. Another announced product is OpenCyc, a free version of the Cyc database designed to interest others in compiling facts for the project. (Communications) "Taming the Wild West" Although largely decentralized administration and operation, and open, non-proprietary standards are the kinds of technical features that enable the Internet's widescale use, such a design prevents the technology from gaining the security that is needed today, writes security consultant Dean Wallraff. In order to make the network more secure, new standard applications are needed, based on input from public debate and consensus. Mandatory authentication, where participants are required to have Net accounts, is a model for a more secure Internet that could work by dividing the Internet into three zones: The government/industrial zone, the commerce zone, and the public zone. The government/industrial zone, heavily authenticated and controlled, would be accessible to governments and large corporations; only countries that have tough cybercrime laws would have access to it. The commerce zone, using similar technology, would be open to businesses and individuals willing to sign usage agreements and verify their identities; this would make the Internet safer for e-commerce. The public zone would be nothing more than today's Internet, with a few technical and regulatory changes to give users the privacy and anonymity they need to feel comfortable using the network. Dividing the Internet into three zones would require a government/industrial ISP for government/industrial accounts, a commercial ISP for commercial accounts, and a public ISP for public accounts. As for GOVNET, such a government-only TCP/IP network is unlikely to work because it would not offer enough security. (Communications Standards)
HOW TO SUBSCRIBE/UNSUBSCRIBE You can receive notification of the ComSoc INC as a free service provided by the IEEE Communications Society. The following are the instructions to subscribe/unsubscribe via email 1. Send an email message to INC-request@comsoc.org subscribe The archived back issues can be found on the ComSoc INC site DISCLAIMER: These news write-ups are written by Information Inc. from worldwide sources. For details about disclaimers and limitation of liability please go to http://www.ieee.org/about/documentation/copyright/legal.htm#liability © copyright 1999 INFORMATION, INC. |
|
|||
