[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SEC_ure



 11-04-96.

 "Web security threat grows"

 With a variety of new technologies like stronger encryption,
 smart cards and digital signatures and envelopes emerging to
 tighten Web security, experts working on various aspects of the
 problem agree the goal of end-to-end security on the Web will
 remain elusive as long as insecure operating systems dominate
 the commercial market. "You can't build security on top of
 insecurity," said Netscape's Jim Roskind, who spent much of a
 session on Webware fending off criticism of Java security flaws.
 "We have to assume that the [security] problems will be 
 pervasive forever," warned Peter Neumann. "This is a holistic 
 problem, and we have to deal with it in a global way."


 "Protection sought for U.S. systems"

 The initiative will be led by the Pentagon's Computer Emergency
 Response Team at Carnegie Mellon University and the Energy
 Department's Computer Incident Advisory Capability.


 "Motorola unveils chip for contactless smart card"

 One chip designing a contactless card that meets all
 frequencies of a proposed standard while the other adds
 cryptography to a single-chip solution.
 The other card incorporates a 1,024-bit modular encryption
 processor that is reportedly one of the fastest in the industry.


 "U.S.Joint Venture to Market Acoustic Smart Card Technology"

 NeTegrity also announced it has invested $1 million in Encotone,
 Ltd., for a 10% equity interest in the Israeli company. Other
 Encotone, Ltd. investors include ECI Telecom, a $500 million
 Israeli telecommunications firm, and Professor Michal Ben Or,
 Head of the Department of Computer Science at Hebrew
 University of Jerusalem and a worldwide authority on cryptology.


 "Microchip Technology launches highly secure smart card family 
 with KEELOQ code hopping technology"

 The SCS152 provides a programmable 64-bit cryptographic key
 used to create a digital signature unique to each card, which
 reduces the possibility of unwanted access to card information
 and the "cloning" of these cards for unauthorized payments.
 Other features include programmable user memory and
 "anti-tearing," which prevents the information in the card from
 being corrupted if the supply voltage is interrupted.


 "EEMA Lobbies Over Limiting US Encryption Controls"

 EEMA recognizes that the principal reasons for this is the
 disparate European legislation that surrounds the use of
 encryption, and the fact that inter-working with dominant
 US-based computer software -- operating system and application
 software -- is subject to US legislation and restrictions.


 "Putting EDI to the test"

 Security continues to be the main sticking point for using the Net
 as a vehicle for EDI. Vendors that will demonstrate secure 
 E-mail messages transporting EDI documents over the Web.
 The technology used is S/MIME, an encrypted version of the
 popular MIME protocol.


 "V-One Secures New Clients"

 NSA runs the nation's code-breaking operations, and DISA is
 supposed to keep the nation's networks secure, so there is not
 much chance of finding out what they do with the software they
 have bought from V-One.

 -----

 http://jya.com/secure.txt  (28 kb)

 SEC_ure