Sign In

Communications of the ACM

ACM TechNews

4 Big Plans to Fix Internet Security

View as: Print Mobile App Share:
Internet security needs to be rethought.

Sseveral promising could make a difference in Internet security.

Credit: InfoWorld

Inadequate security is endemic to the Internet, and solving this problem will require effective trust and security mechanisms.

One proposed solution is the Internet Society-led Mutually Agreed Norms for Routing Security, a framework of recommendations based on industry best practices in which member network operators commit to deploying security controls to guarantee incorrect router information does not propagate through their networks.

A second approach is to fortify digital certificate auditing and monitoring via initiatives such as Google's Certificate Transparency project for publicly monitoring and auditing SSL certificates for legitimacy, and the Domain Name System (DNS)-based Authentication of Named Entities protocol.

A third proposal seeks effective malware countermeasures, and one project at the University of Tulsa offers independent testing and review of malware-infected websites and operates a Data Sharing Program in which companies contribute and receive real-time data on Web-based malware.

A fourth security strategy proposed by PayPal's Doug Crockford is to completely reinvent the Internet via an open source initiative called Seif, which would redo transport protocols, redesign the user interface, and eliminate passwords. One element of Seif involves replacing DNS addressing with a cryptographic key and an Internet Protocol address, HTTP with secure JSON over TCP, and HTML with a JavaScript-based application delivery system based on Node.js and Qt. Seif also features a mutual authentication scheme based on a public-key cryptographic framework.

From InfoWorld
View Full Article


Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA


No entries found