|
When "home banking" first emerged as an interactive service a couple of decades ago, bankers--as conservative a breed as you'll ever find--blanched at the concept. Many expected their customers to reject a service that allowed personal accounts to be electronically pilfered. Telebanking technology promoters refuted by claiming that their security systems were so good that if an account were invaded, the worst that could happen is that the intruder could pay the customer's bills for him.
The security breaches of the past month--plus a wholesale confrontation with network security and intrusion defenses--brought that pioneering scenario to mind. Bankers have remained cautious, and their online customers have embraced only the most fundamental of funds-transfer/payments features.
Those attitudes offer a road map into the world of broadband security, where the challenges are even more formidable.
At one end, video piracy--i.e. lack of sufficient security restraints--has become the number one barrier as Hollywood defines its position on streaming video. On the other side, customers and companies are building resentment and fear based on the continuing Denial-of-Service (DoS) and other hacking attacks, which reduce their willingness to rely on such technology.
As the Internet and broadband services become more integral to enterprise and entertainment activities, there's a rightful fear about counting on suppliers who can succumb to security lapses.
Against that background, the avalanche of "security solutions" at last month's ComNet (Communications Networks) trade show hit home. Nearly 25 percent of the exhibitors were peddling a security tool of some sort--from auditing, authentication and encryption software to firewalls, intrusion detection and virus protection ammunition. The sheer abundance of security forces dwarfed the bodyguards you'd expect when Britney Spears performs at a fraternity row party.
Protecting "the network" and the applications it delivers has become the next big thing. The success of these defenders may govern the rollout of broadband services in both home and business environments.
The confluence of the ComNet exhibits with the latest slew of reports about Internet breaches and new defense tools punches home the power that security wields in broadband service rollouts. Microsoft admitted that the DoS attacks that crippled its Expedia, Carpoint, Hotmail and MSN.com were due to routers being swamped by hacked connection requests. The problem prompted Microsoft to retain Akamai Technologies to run a back-up directory to protect its servers from further hacking. Akamai, better known for its streaming media management and Internet data delivery functionality, will operate four back-up servers to direct public Internet data to Microsoft's servers.
Meanwhile the security race escalates on other fronts, with hackers and defenders leapfrogging each other toward ever-higher levels. Early last month, no less than the National Security Agency weighed in with a process to create a "truly secure" Linux operating system. It's too early to predict whether that process breaks out of the spook bureaucracy and into commercial use, but the capability could--repeat, "could"--be significant as Linux-based communications services proliferate.
Security solutions are popping up all over the place. The National Institute of Standards and Technology (NIST) recently unveiled its Advanced Encryption Standard (AES), a cryptographic algorithm that defines a mechanism for establishing cross-vendor interoperability in applications requiring highly secure encryption of data. In a convergence arena, where countless program suppliers and distributors want to run through the same platform, this kind of approach is essential.
By all recent measures--and not just scare stories, fanned by media attention--network security problems are getting worse. Carnegie-Mellon University's Computer Emergency Response Team (CERT) last month identified huge vulnerability in software used by most Domain Names Servers (DNS), raising the prospect that hackers could shut down Internet service providers and corporate servers and steal confidential data. One study indicated that nearly 40 percent of popular Web sites have some kind of DNS problem.
Separately, University of California-Berkeley researchers found that wireless services may be the most susceptible to attack, as many users had feared. The UC investigation concluded that hackers can get access to wireless networks, eavesdrop and manipulate data at levels previously believed to be sacred. Although these studies primarily focus on existing narrowband services, the problems will only become more complicated as wireless broadband expands its reach--if customers are willing to ride along with systems perceived as "unsafe" at any speed.
Recognizing their vulnerability, companies such as Microsoft, America Online, Excite@Home, RealNetworks and other infrastructure companies are racing to incorporate ever-greater security protection into their systems. Start-ups are staking out various segments of this market. For example, Vidius Inc. is creating digital rights management software provider, while NetScreen Technologies Inc. is integrating firewalls, virtual private networks and traffic-shaping functions though its hardware. The arcane "intrusion detection" providers who showed their wares and ComNet typified the new breed of specialists looking for alliances with network operators who need dynamic security monitoring systems.
Of course, with such a wide array of security options, network operators face complex decisions on what to adopt and where to put these defenses. They're concerned--or should be--about inserting barriers that make it hard for legitimate users to access the services they've paid for. Moreover, price matters. In some cases, the cost of the security features may outweigh the material that it is supposed to be protecting.
The growing arsenal of security features bolster hopes that broadband's manifest destiny won't be sidetracked by hackers. But like the telebanking naysaying of the '80s envisioned, this is a business that could be delayed indefinitely if customers, including enterprise users, fear that their money (or data, which is the coin of the digital realm) can be compromised.
|
