- Email: [email protected]
In the 'net shall we trust
Abstracts of Recent Articles and Literature
the secret key, the product first encrypts the data with a unique and random secret key, the length of which depends on the selected encryption algorithm. The secret key is then encrypted with the receiver’s public key. When the data reaches the receiver, the secret key is decrypted using the receiver’s private key, and then the data is decrypted using the secret key With the Administrator version you can designate any folder on the hard drive as a SmartLock folder. Files already existing in this folder, and any new files to this directory are automatically encrypted. If you try to access one of these files, it is automatically decrypted and presented to you. If another user tries to access this file and has not logged into the product at boot up, then the file appears as garbage data and the application trying to access the file will report an error. Network Computing, July 15, 1996, pp. 54, 56. Net server to secure smaller offices, Brian Riggr. PC-based access hardware typically lacks security, and the robust firewall software in high-end servers tends to be too costly for small businesses and branch offices. AbhiWeb’s AbhiWeb Firewall Server (AFS) 2000 is targeted at small to mid-sized companies and branch offices of large corporations that are looking for inexpensive yet secure Internet access. The unit’s application-level tirewall proxy supports the wwW,ftp, telnet, newsgroups and gopher database searches. A telecommuter module lets remote users dial in via analogue or ISDN connections and supports Password Authentication Protocol/Challenge Handshake Authentication Protocol and password authentication. LAN TimesJuly 22, 1996,~~. 7, 10. Servers get single sign-on, Claudia Graziano.To help simplify the task of tracking and securing users’ access rights across heterogeneous LANs, several makers of server administration utilities are shipping new or updated products that aim to provide single sign-on to server resources. ICL began shipping AccessManager for Windows 95 and NT This product is designed to automate logon to distributed applications in a multiserver environment. It uses role-based access control to enhance security and reduce administration costs.Axent Technologies and CKS North America are both releasing single sign-on tools later this year that provide user identification and authentication across a range of platforms. Both Axent’s OmniGuard/Enterprise SignOn and CKS’ MyNet work by establishing a distributed
318
security directory for mapping users’ passwords and identification information. Instead of logging in to multiple servers to gain access to applications and resources, users login to a central security server and are authenticated once. LAN Times&y 22,1996,pp. 25,28. In the ‘net shall we trust, Gary Anthes.Electronic commerce won’t take off without a security infrastructure to protect users, but vendors have been slow to invest in a security foundation because there is so little commercial activity to support it. NIST has announced a research and development partnership with 10 companies involved in communications, electronic commerce and information security. The partners will develop interoperability standards for public-key infrastructures (PKI) that will let users who may not have met confidently exchange digitally signed documents. PKIs are built on trusted ‘certification authorities’ that digitally sign public keys to attest to their authenticity. The NIST partners will develop a minimum interoperability specification for PKIs, which will be given to anyone building a PKI component. NIST will develop the interoperability specification and will build a prototype and a reference test suite based on it. The national PKI will allow government agencies to share information securely and enable the public to securely access government services. Computerworld, July 29, 2996, pp. 59-61.
White House launches cybershield, Gary Anthes. President Clinton has launched an effort to defend the nation’s vital information systems from attack. The newly created President’s Commission on Critical Infrastructure Protection will be chaired by a person outside the Government and consist of industry and government officials. The commission’s charter is to assess the threats and come back within a year with recommendations for policies to protect the nation’s computers and networks. In the meantime, the US Department ofJustice is forming an interim task force, led by the FBI to respond to attacks, help restore service, issue threat warnings and assist in criminal investigations. The commission will seek ways to protect eight critical areas: telecommunications, electric power, oil and gas, banking and finance, transportation, water supply, emergency services and government operations. Computeworld, July 22, 1996, p. 29.
Puffer 2.0 buys you some E-mail security via easy encryption,]. W Olsen.If you exchange sensitive
the secret key, the product first encrypts the data with a unique and random secret key, the length of which depends on the selected encryption algorithm. The secret key is then encrypted with the receiver’s public key. When the data reaches the receiver, the secret key is decrypted using the receiver’s private key, and then the data is decrypted using the secret key With the Administrator version you can designate any folder on the hard drive as a SmartLock folder. Files already existing in this folder, and any new files to this directory are automatically encrypted. If you try to access one of these files, it is automatically decrypted and presented to you. If another user tries to access this file and has not logged into the product at boot up, then the file appears as garbage data and the application trying to access the file will report an error. Network Computing, July 15, 1996, pp. 54, 56. Net server to secure smaller offices, Brian Riggr. PC-based access hardware typically lacks security, and the robust firewall software in high-end servers tends to be too costly for small businesses and branch offices. AbhiWeb’s AbhiWeb Firewall Server (AFS) 2000 is targeted at small to mid-sized companies and branch offices of large corporations that are looking for inexpensive yet secure Internet access. The unit’s application-level tirewall proxy supports the wwW,ftp, telnet, newsgroups and gopher database searches. A telecommuter module lets remote users dial in via analogue or ISDN connections and supports Password Authentication Protocol/Challenge Handshake Authentication Protocol and password authentication. LAN TimesJuly 22, 1996,~~. 7, 10. Servers get single sign-on, Claudia Graziano.To help simplify the task of tracking and securing users’ access rights across heterogeneous LANs, several makers of server administration utilities are shipping new or updated products that aim to provide single sign-on to server resources. ICL began shipping AccessManager for Windows 95 and NT This product is designed to automate logon to distributed applications in a multiserver environment. It uses role-based access control to enhance security and reduce administration costs.Axent Technologies and CKS North America are both releasing single sign-on tools later this year that provide user identification and authentication across a range of platforms. Both Axent’s OmniGuard/Enterprise SignOn and CKS’ MyNet work by establishing a distributed
318
security directory for mapping users’ passwords and identification information. Instead of logging in to multiple servers to gain access to applications and resources, users login to a central security server and are authenticated once. LAN Times&y 22,1996,pp. 25,28. In the ‘net shall we trust, Gary Anthes.Electronic commerce won’t take off without a security infrastructure to protect users, but vendors have been slow to invest in a security foundation because there is so little commercial activity to support it. NIST has announced a research and development partnership with 10 companies involved in communications, electronic commerce and information security. The partners will develop interoperability standards for public-key infrastructures (PKI) that will let users who may not have met confidently exchange digitally signed documents. PKIs are built on trusted ‘certification authorities’ that digitally sign public keys to attest to their authenticity. The NIST partners will develop a minimum interoperability specification for PKIs, which will be given to anyone building a PKI component. NIST will develop the interoperability specification and will build a prototype and a reference test suite based on it. The national PKI will allow government agencies to share information securely and enable the public to securely access government services. Computerworld, July 29, 2996, pp. 59-61.
White House launches cybershield, Gary Anthes. President Clinton has launched an effort to defend the nation’s vital information systems from attack. The newly created President’s Commission on Critical Infrastructure Protection will be chaired by a person outside the Government and consist of industry and government officials. The commission’s charter is to assess the threats and come back within a year with recommendations for policies to protect the nation’s computers and networks. In the meantime, the US Department ofJustice is forming an interim task force, led by the FBI to respond to attacks, help restore service, issue threat warnings and assist in criminal investigations. The commission will seek ways to protect eight critical areas: telecommunications, electric power, oil and gas, banking and finance, transportation, water supply, emergency services and government operations. Computeworld, July 22, 1996, p. 29.
Puffer 2.0 buys you some E-mail security via easy encryption,]. W Olsen.If you exchange sensitive