- Email: [email protected]
New electronic verification standard
Network Security
July 1995
Security worries with Registration Wizard
verify information that will be needed to prevent counterfeiting and consumer use of so-called ‘digital cash’. It is also calls for all federal agencies to extend their oversight of outside systems and set up the security of their own systems so they can serve as a ‘model user’ for industry. Using teams of its security experts to ‘hack’ into 12 000 Defence Department computer systems connected to the Internet, the Defense Information Systems Agency succeeded in penetrating 88% of the time. Of those penetrations, 96% went undetected.
. before it is installed,”
1LEGISLATIVE/FEWS Federal agency to secure infohighway The United States Federal Government is proposing to create a new federal agency as part of a set of proposals to help secure and police the ‘infohighway’, reports the Wall Street Journal. The initiative is part of a growing government concern that escalating attacks by hackers and disgruntled insiders could undermine the nation’s faith in electronic information systems, including telecommunications networks, databases and advanced computer systems, The effort is part of the government’s National Information Infrastructure Forum that is proposing the rules to strengthen the security and reliability of networks. The task force calls for the Securities and Exchange Commission, Treasury Department and the Federal Reserve to examine banking regulations and procedures to
Criminal and civil laws covering use of information systems should also be overhauled. The task force calls for federal intelligence agencies, such as the NSA, to consider sharing some of its secret measures with industry. It would be advisable to get around the industry-government deadlock regarding the use of government encryption, Clipper. Perhaps the government should work with industry to develop alternative ways to get a reliable encoding system and adequate law enforcement.
MARKET NEWS 1 New electronic verification standard A diverse group of companies in the USA, reports the New York Times, has rallied around a common system for verifying the trustworthiness of electronic messages and documents in cyberspace. The proposed standard, Digital ID, is being promoted by Verisign Inc., a spin-off from RSA Data Security Inc. The proposal would create a private-sector alternative to the
Government’s own electronic verification effort, the Digital Signature Standard (DSS). The Clinton Administration requires Government agencies to use DSS for secure electronic transactions, and has been exploring the possibility of establishing the Postal Service as a central clearing house for digital signatures, The Verisign Digital ID technology will be embedded in a variety of software products, including, the company claims, all of the major operating systems for personal computers and popular Internet server computers. Using the system, electronic documents, financial transactions and electronic mail transmitted over computer networks can be placed in the equivalent of tamper-proof envelopes sealed with a digital fingerprint. The message would be made private by public-private key encryption. Verisign would act as the independent clearing house for digital ‘certificates’ of identity, vouching that the public key actually belongs to the person or company whose name appears on it, and that the contents of the message have not been tampered with.
The worries of online purchasers A survey of Internet shopping habits carried out by Rochester Institute of Technology has found a considerable amount of wariness, reports the Democrat & Chronicle. The survey, based on responses from 378 users of the Internet that buy retail goods, found that the people who buy items are usually young, well-educated males. The survey also found that two-thirds of the purchases fell into a handful of categories
01995 Elsevier Science Ltd
July 1995
Security worries with Registration Wizard
verify information that will be needed to prevent counterfeiting and consumer use of so-called ‘digital cash’. It is also calls for all federal agencies to extend their oversight of outside systems and set up the security of their own systems so they can serve as a ‘model user’ for industry. Using teams of its security experts to ‘hack’ into 12 000 Defence Department computer systems connected to the Internet, the Defense Information Systems Agency succeeded in penetrating 88% of the time. Of those penetrations, 96% went undetected.
. before it is installed,”
1LEGISLATIVE/FEWS Federal agency to secure infohighway The United States Federal Government is proposing to create a new federal agency as part of a set of proposals to help secure and police the ‘infohighway’, reports the Wall Street Journal. The initiative is part of a growing government concern that escalating attacks by hackers and disgruntled insiders could undermine the nation’s faith in electronic information systems, including telecommunications networks, databases and advanced computer systems, The effort is part of the government’s National Information Infrastructure Forum that is proposing the rules to strengthen the security and reliability of networks. The task force calls for the Securities and Exchange Commission, Treasury Department and the Federal Reserve to examine banking regulations and procedures to
Criminal and civil laws covering use of information systems should also be overhauled. The task force calls for federal intelligence agencies, such as the NSA, to consider sharing some of its secret measures with industry. It would be advisable to get around the industry-government deadlock regarding the use of government encryption, Clipper. Perhaps the government should work with industry to develop alternative ways to get a reliable encoding system and adequate law enforcement.
MARKET NEWS 1 New electronic verification standard A diverse group of companies in the USA, reports the New York Times, has rallied around a common system for verifying the trustworthiness of electronic messages and documents in cyberspace. The proposed standard, Digital ID, is being promoted by Verisign Inc., a spin-off from RSA Data Security Inc. The proposal would create a private-sector alternative to the
Government’s own electronic verification effort, the Digital Signature Standard (DSS). The Clinton Administration requires Government agencies to use DSS for secure electronic transactions, and has been exploring the possibility of establishing the Postal Service as a central clearing house for digital signatures, The Verisign Digital ID technology will be embedded in a variety of software products, including, the company claims, all of the major operating systems for personal computers and popular Internet server computers. Using the system, electronic documents, financial transactions and electronic mail transmitted over computer networks can be placed in the equivalent of tamper-proof envelopes sealed with a digital fingerprint. The message would be made private by public-private key encryption. Verisign would act as the independent clearing house for digital ‘certificates’ of identity, vouching that the public key actually belongs to the person or company whose name appears on it, and that the contents of the message have not been tampered with.
The worries of online purchasers A survey of Internet shopping habits carried out by Rochester Institute of Technology has found a considerable amount of wariness, reports the Democrat & Chronicle. The survey, based on responses from 378 users of the Internet that buy retail goods, found that the people who buy items are usually young, well-educated males. The survey also found that two-thirds of the purchases fell into a handful of categories
01995 Elsevier Science Ltd