http://www.internetwk.com/news0399/news031199-2.htm
Thursday, March 11, 1999, 10:15 a.m. ET.
IBM Exec Describes Privacy, PKI Initiatives
By AMY ROGERS, Computer Reseller News
Washington, D.C. -- An IBM network security executive said yesterday that
the company plans to add online privacy protection mechanisms to its
operating systems.
At an event here sponsored by the Banking Industry Technology Secretariat
[BITS], Mark Greene, vice president for security in IBM's network
computing software division, said that the company has begun development
to support the Platform for Personal Privacy Preferences [P3P] in its
platforms.
"Eventually, it will be in all of them," Greene said Wednesday morning,
though he would not say which IBM operating system will be the first to
support the technology. "The R&D is underway."
P3P is a proposed standard that will let online users choose what personal
information will be accessible during online transactions, and also let
Web sites set forth their data collection policies. P3P was incubated
within the World Wide Web Consortium (W3C); the first working draft of the
specification was released nearly a year ago.
Greene said that Microsoft and Netscape Communications were building
support for P3P into their respective browsers. Commercial support for P3P
is expected to be available in the second half of 1999.
The executive also commended the efforts of bodies such as Better Business
Bureau Online and the Online Privacy Alliance to protect individuals'
online information disclosure rights.
"If there isn't a place for consumers to go" with complaints about misuse
of their personal information, "then we invite government legislation,"
Greene said.
Greene also spoke to BITS members about a plethora of security issues with
which banks are grappling. They range from how to let customers use
cellular phones and Personal Digital Assistants to link to their accounts,
to how to escape the threat response mode many banks and companies in
other industries are stuck in as they face ongoing network security
threats.
The Net changes the paradigm by which banks have always operated, Greene
said. "The banker's rule number one is 'know your customer,'" he said.
"The Internet's rule number one is, 'you can't."
Greene went on to describe IBM's commitment to Public Key Infrastructure
technology, which in part includes efforts to build digital certificate
technology into IBM operating systems in the next 12 months, and to work
closely with ISVs to develop PKI offerings.
"PKI is the basis of all of IBM's security work these days," Greene said.
IBM is rallying behind the IETF's Public Key Infrastructure Exchange
[PKIX] standard, which would ensure interoperability among digital
certificates from different vendors.
BITS was founded two years ago to foster the growth of online banking by
developing standardized payment systems, enhancing security and increasing
consumer confidence in using the Net for banking transactions, said BITS
CEO' Catherine Allen.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Sat Mar 13 10:23:36 1999