Alexander Wolfe

Network Computing Blogger


Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Crypto Key Management Is Next Wave In Net Security

Posted by Alexander Wolfe on September 9, 2009

Against the backdrop of rising malware threats and organized cybercriminal rings, a national cybersecurity initiative is taking shape which will bring a "locked down" mentality to the way we authenticate users, apps, and anyone or anything that touches a network. I'm talking about the Cryptographic Key Management (CKM) project that is being run out of the National Institute of Standards and Technology's Computer Security Division.

Of course, keys are not a new thing, they've long been used in what amounts to a sophisticated security handshake so that there's some assurance there's no bad guy on the other end before you grant network access or hand over information. It's also true, as a CKM report noted, that "nearly all Internet security protocols use cryptography for authentication, integrity and/or confidentiality."

What's different this time is that there's an overarching effort to figure out how to extend and implement keys so that they're universally applied on the Internet -- and thus by extension, on all networks everywhere -- not only for legacy stuff, but also in emerging areas of concern including cloud security, as well as the plugging of holes that routinely exist for wireless authentication.

This is no small thing because you're talking millions (multi-millions, actually) of users. You've also got the little problem that authentication breeds user difficulties, which in turn breeds avoidance of use of said security. (That's a long-winded way of saying that usability issues are going to play a big part in whether this all flies.)

To give you an idea of just how broad the CKM effort is -- and to hammer home the point that this isn't some ivory tower government initiative -- here's a partial list of the companies represented at a recent big CKM gathering, which was held in the Washington, D.C. area in June: Cisco, Citigroup, EMC, Google, EMC, HP, Microsoft and Sun. That's in addition to Presidential cybersecurity advisor types.

Page:   1   2   3  Next  »

Add Your Comment:

  Sponsored Links

Premium Content

Next Generation Data Center, Delivered, November 17th
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll