The Internet’s Not Finished Yet# Security - 系统安全
j*j
1 楼
http://sites.ieee.org/spotlight/internets-finished-yet/
Last year’s revelations about the US government’s surveillance of online
traffic were a wake-up call to provide better protection of user privacy and
confidentiality — including the regular use of end-to-end cryptography at
multiple levels in the protocol architecture. Vint Cerf, IEEE Fellow and
vice president and chief Internet evangelist for Google, says that’s only
the first step — an important caution from someone whose word is considered
guru wisdom. Widely known as one of the “Fathers of the Internet,” Cerf
is co-designer of the TCP/IP protocols and the Internet architecture. In his
role at Google, he is responsible for identifying new enabling technologies
to support the development of advanced Internet-based products and services
. In a recent article for IEEE Internet Computing, entitled “Unfinished
Business,” Cerf writes that the use of all layers of security, including
Transport Layer Security at the TCP and UDP layers or the Hypertext
Transport Layer (HTTPS), should be re-evaluated to provide stronger
protection. Furthermore, he writes, using public-key methods and
cryptographic certificates doesn’t guarantee safe transmission of data
because man in the middle (MitM) attacks have intercepted both the sending
and receiving protocols, and certificate authorities have been compromised.
For details on these and other important exposures and potential remedies he
discusses, read the full article on the IEEE Computer Society’s website.
Resource Links:
Last year’s revelations about the US government’s surveillance of online
traffic were a wake-up call to provide better protection of user privacy and
confidentiality — including the regular use of end-to-end cryptography at
multiple levels in the protocol architecture. Vint Cerf, IEEE Fellow and
vice president and chief Internet evangelist for Google, says that’s only
the first step — an important caution from someone whose word is considered
guru wisdom. Widely known as one of the “Fathers of the Internet,” Cerf
is co-designer of the TCP/IP protocols and the Internet architecture. In his
role at Google, he is responsible for identifying new enabling technologies
to support the development of advanced Internet-based products and services
. In a recent article for IEEE Internet Computing, entitled “Unfinished
Business,” Cerf writes that the use of all layers of security, including
Transport Layer Security at the TCP and UDP layers or the Hypertext
Transport Layer (HTTPS), should be re-evaluated to provide stronger
protection. Furthermore, he writes, using public-key methods and
cryptographic certificates doesn’t guarantee safe transmission of data
because man in the middle (MitM) attacks have intercepted both the sending
and receiving protocols, and certificate authorities have been compromised.
For details on these and other important exposures and potential remedies he
discusses, read the full article on the IEEE Computer Society’s website.
Resource Links: