http://www.internetwk.com/news0399/news031199-2.htm Thursday, March 11, 1999, 10:15 a.m. ET. IBM Exec Describes Privacy, PKI Initiatives By AMY ROGERS, Computer Reseller News Washington, D.C. -- An IBM network security executive said yesterday that the company plans to add online privacy protection mechanisms to its operating systems. At an event here sponsored by the Banking Industry Technology Secretariat [BITS], Mark Greene, vice president for security in IBM's network computing software division, said that the company has begun development to support the Platform for Personal Privacy Preferences [P3P] in its platforms. "Eventually, it will be in all of them," Greene said Wednesday morning, though he would not say which IBM operating system will be the first to support the technology. "The R&D is underway." P3P is a proposed standard that will let online users choose what personal information will be accessible during online transactions, and also let Web sites set forth their data collection policies. P3P was incubated within the World Wide Web Consortium (W3C); the first working draft of the specification was released nearly a year ago. Greene said that Microsoft and Netscape Communications were building support for P3P into their respective browsers. Commercial support for P3P is expected to be available in the second half of 1999. The executive also commended the efforts of bodies such as Better Business Bureau Online and the Online Privacy Alliance to protect individuals' online information disclosure rights. "If there isn't a place for consumers to go" with complaints about misuse of their personal information, "then we invite government legislation," Greene said. Greene also spoke to BITS members about a plethora of security issues with which banks are grappling. They range from how to let customers use cellular phones and Personal Digital Assistants to link to their accounts, to how to escape the threat response mode many banks and companies in other industries are stuck in as they face ongoing network security threats. The Net changes the paradigm by which banks have always operated, Greene said. "The banker's rule number one is 'know your customer,'" he said. "The Internet's rule number one is, 'you can't." Greene went on to describe IBM's commitment to Public Key Infrastructure technology, which in part includes efforts to build digital certificate technology into IBM operating systems in the next 12 months, and to work closely with ISVs to develop PKI offerings. "PKI is the basis of all of IBM's security work these days," Greene said. IBM is rallying behind the IETF's Public Key Infrastructure Exchange [PKIX] standard, which would ensure interoperability among digital certificates from different vendors. BITS was founded two years ago to foster the growth of online banking by developing standardized payment systems, enhancing security and increasing consumer confidence in using the Net for banking transactions, said BITS CEO' Catherine Allen. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:51 PDT