- Email: [email protected]
IBM unveils web servers, internet firewall
Abstracts
of Recent Articles and Literature
looking for ways to boost the validity of their products. Northern Telecom Inc. recently had its authentication and digital-signature security software, Entrust, validated by the National Institute of Standards and Technology (NIST) and Canada’s Communications Security Establishment. Products validated by NIST undergo a set oftests to determine whether they comply with the security requirements of Federal Information Processing Standards and Publication (FIPS PUB) 1401. The government requires that all security software it purchases undergo 140-l testing. Network managers and vendors agreed that a third-party evaluation process would provide greater assurance that products work. Communications Week, October 30, 1995, p. 3 1.
confidentiality of information stored and processed by these systems. As the trend shifts from ‘fortress’ style central computer facilities to distributed systems located in generally less secure office environments, the risk of disruption increases, owing to lack of physical security, support services limitations and absence of site monitoring. The net result is higher business impact coupled with greater exposure. This paper identifies the elements that are at risk, discusses the issues businesses face when seeking to minimize exposures, suggests some practical solutions and describes some selected events that illustrate the hazards associated with having inadequate protection. Information Management &?Computer Security, Vol. 3, No. 4, 1995,~~. 3-14.
IBM unveils web servers, Internet firewall, Karen Rodriguez. IBM has announced World Wide Web browsers and servers and an Internet firewall running on native IBM platforms. The company will ship secure Web servers for its OS/2 Warp and AIX Unix operating systems and a secure version of Web Explorer, its OS/2based Internet browser. IBM has also announced plans to provide a Web server for MVS mainframes and OS/400, as well as Web server gateways for CICS and DB2. The Web servers support Secure-HyperText Transfer Protocol and Secure Sockets Layer protocols, which let users conduct safe electronic transactions over the Internet.
Security and data integrity for LANS and WANs, Kevin Fitzgerald. In a distributed computing environment, ownership of the security problem is avoided by management and users alike. Not only integrity and confidentiality, but also network (i.e. information, availability must be considered). Management has begun to realize that the security provided in the mainframe era has not been provided in the distributed environment. What must be considered now are the following issues: logical access controls access all platforms; improved network and platform reliability, and the ability to recover readily from disruption and disasters. The article concludes that information security is absolutely vital to the survival of today’s enterprises and therefore should be given the emphasis it deserves at all enterprise levels. Information Management G Computer Security, Vol. 3, No. 4, 1995, pp. 27-33.
IBM’s Web Explorer browser also supports S-HTTP and SSL. The firewall, formerly known as NetSP renamed Internet Connection Secured Network Gateway, offers an application gateway proxy. It also offers packet filtering, Socks server and domain-name service for branded identity on the Net. It also includes data encryption to support secure data communications between two firewalls using the Internet. Network managers can use the feature to securely administer a firewall remotely. Communications Weekly, October 2, 1995, p. 8. Security environment reviews, Gregory DoddrelLToday, information technology is fundamental to the operation of most businesses, whether they are small companies or multinational corporations. In recent times, the implementation of local and wide area networks and the installation of computing equipment in office areas has brought information technology to nearly every working environment. The result is an increasing dependence on the availability, integrity and
616
Invasions of privacy, Jefiey Rothfeder. As more and more confidential records are posted on far-flung computer networks no data is safe from prying eyes. Medical tiles, financial and personnel records, Social Security numbers and telephone call histories as well as information about our lifestyle preferences, where we shop, and even what car we drive - are available quickly and cheaply. PC World, November 1995, pp. 153- 166.
of Recent Articles and Literature
looking for ways to boost the validity of their products. Northern Telecom Inc. recently had its authentication and digital-signature security software, Entrust, validated by the National Institute of Standards and Technology (NIST) and Canada’s Communications Security Establishment. Products validated by NIST undergo a set oftests to determine whether they comply with the security requirements of Federal Information Processing Standards and Publication (FIPS PUB) 1401. The government requires that all security software it purchases undergo 140-l testing. Network managers and vendors agreed that a third-party evaluation process would provide greater assurance that products work. Communications Week, October 30, 1995, p. 3 1.
confidentiality of information stored and processed by these systems. As the trend shifts from ‘fortress’ style central computer facilities to distributed systems located in generally less secure office environments, the risk of disruption increases, owing to lack of physical security, support services limitations and absence of site monitoring. The net result is higher business impact coupled with greater exposure. This paper identifies the elements that are at risk, discusses the issues businesses face when seeking to minimize exposures, suggests some practical solutions and describes some selected events that illustrate the hazards associated with having inadequate protection. Information Management &?Computer Security, Vol. 3, No. 4, 1995,~~. 3-14.
IBM unveils web servers, Internet firewall, Karen Rodriguez. IBM has announced World Wide Web browsers and servers and an Internet firewall running on native IBM platforms. The company will ship secure Web servers for its OS/2 Warp and AIX Unix operating systems and a secure version of Web Explorer, its OS/2based Internet browser. IBM has also announced plans to provide a Web server for MVS mainframes and OS/400, as well as Web server gateways for CICS and DB2. The Web servers support Secure-HyperText Transfer Protocol and Secure Sockets Layer protocols, which let users conduct safe electronic transactions over the Internet.
Security and data integrity for LANS and WANs, Kevin Fitzgerald. In a distributed computing environment, ownership of the security problem is avoided by management and users alike. Not only integrity and confidentiality, but also network (i.e. information, availability must be considered). Management has begun to realize that the security provided in the mainframe era has not been provided in the distributed environment. What must be considered now are the following issues: logical access controls access all platforms; improved network and platform reliability, and the ability to recover readily from disruption and disasters. The article concludes that information security is absolutely vital to the survival of today’s enterprises and therefore should be given the emphasis it deserves at all enterprise levels. Information Management G Computer Security, Vol. 3, No. 4, 1995, pp. 27-33.
IBM’s Web Explorer browser also supports S-HTTP and SSL. The firewall, formerly known as NetSP renamed Internet Connection Secured Network Gateway, offers an application gateway proxy. It also offers packet filtering, Socks server and domain-name service for branded identity on the Net. It also includes data encryption to support secure data communications between two firewalls using the Internet. Network managers can use the feature to securely administer a firewall remotely. Communications Weekly, October 2, 1995, p. 8. Security environment reviews, Gregory DoddrelLToday, information technology is fundamental to the operation of most businesses, whether they are small companies or multinational corporations. In recent times, the implementation of local and wide area networks and the installation of computing equipment in office areas has brought information technology to nearly every working environment. The result is an increasing dependence on the availability, integrity and
616
Invasions of privacy, Jefiey Rothfeder. As more and more confidential records are posted on far-flung computer networks no data is safe from prying eyes. Medical tiles, financial and personnel records, Social Security numbers and telephone call histories as well as information about our lifestyle preferences, where we shop, and even what car we drive - are available quickly and cheaply. PC World, November 1995, pp. 153- 166.