[ISN] IBM Exec Describes Privacy, PKI Initiatives

From: mea culpa (jerichoat_private)
Date: Sat Mar 13 1999 - 01:22:42 PST

  • Next message: mea culpa: "Re: [ISN] Pentagon and hackers in 'cyberwar'"

    Thursday, March 11, 1999, 10:15 a.m. ET. 
    IBM Exec Describes Privacy, PKI Initiatives
    By AMY ROGERS, Computer Reseller News 
    Washington, D.C. -- An IBM network security executive said yesterday that
    the company plans to add online privacy protection mechanisms to its
    operating systems. 
    At an event here sponsored by the Banking Industry Technology Secretariat
    [BITS], Mark Greene, vice president for security in IBM's network
    computing software division, said that the company has begun development
    to support the Platform for Personal Privacy Preferences [P3P] in its
    "Eventually, it will be in all of them," Greene said Wednesday morning,
    though he would not say which IBM operating system will be the first to
    support the technology. "The R&D is underway." 
    P3P is a proposed standard that will let online users choose what personal
    information will be accessible during online transactions, and also let
    Web sites set forth their data collection policies. P3P was incubated
    within the World Wide Web Consortium (W3C); the first working draft of the
    specification was released nearly a year ago. 
    Greene said that Microsoft and Netscape Communications were building
    support for P3P into their respective browsers. Commercial support for P3P
    is expected to be available in the second half of 1999. 
    The executive also commended the efforts of bodies such as Better Business
    Bureau Online and the Online Privacy Alliance to protect individuals'
    online information disclosure rights. 
    "If there isn't a place for consumers to go" with complaints about misuse
    of their personal information, "then we invite government legislation,"
    Greene said. 
    Greene also spoke to BITS members about a plethora of security issues with
    which banks are grappling.  They range from how to let customers use
    cellular phones and Personal Digital Assistants to link to their accounts,
    to how to escape the threat response mode many banks and companies in
    other industries are stuck in as they face ongoing network security
    The Net changes the paradigm by which banks have always operated, Greene
    said. "The banker's rule number one is 'know your customer,'" he said.
    "The Internet's rule number one is, 'you can't." 
    Greene went on to describe IBM's commitment to Public Key Infrastructure
    technology, which in part includes efforts to build digital certificate
    technology into IBM operating systems in the next 12 months, and to work
    closely with ISVs to develop PKI offerings. 
    "PKI is the basis of all of IBM's security work these days," Greene said. 
    IBM is rallying behind the IETF's Public Key Infrastructure Exchange
    [PKIX] standard, which would ensure interoperability among digital
    certificates from different vendors. 
    BITS was founded two years ago to foster the growth of online banking by
    developing standardized payment systems, enhancing security and increasing
    consumer confidence in using the Net for banking transactions, said BITS
    CEO' Catherine Allen. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:51 PDT