Return-Path: <sentto-279987-3839-1005443113-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sat, 10 Nov 2001 17:47:08 -0800 (PST) Received: (qmail 4571 invoked by uid 510); 11 Nov 2001 01:44:09 -0000 Received: from n9.groups.yahoo.com (216.115.96.59) by all.net with SMTP; 11 Nov 2001 01:44:09 -0000 X-eGroups-Return: sentto-279987-3839-1005443113-fc=all.net@returns.groups.yahoo.com Received: from [10.1.1.220] by n9.groups.yahoo.com with NNFMP; 11 Nov 2001 01:45:13 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 11 Nov 2001 01:45:13 -0000 Received: (qmail 21115 invoked from network); 11 Nov 2001 01:45:13 -0000 Received: from unknown (216.115.97.171) by m2.grp.snv.yahoo.com with QMQP; 11 Nov 2001 01:45:13 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta3.grp.snv.yahoo.com with SMTP; 11 Nov 2001 01:45:13 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fAB1jbO03139 for iwar@onelist.com; Sat, 10 Nov 2001 17:45:37 -0800 Message-Id: <200111110145.fAB1jbO03139@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sat, 10 Nov 2001 17:45:37 -0800 (PST) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Security.issue.will.be.fixed.-.experts.[not.me...]] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Security issue will be fixed - experts Nicole Bellamy, ZDNet Australia, 11/9/2001 <a href="http://news.zdnet.co.uk/story/0,,t269-s2098848,00.html">http://news.zdnet.co.uk/story/0,,t269-s2098848,00.html> Consumers' lack of faith in the safety of e-business may be misplaced, but businesses need to work harder towards strengthening their systems Throughout the dot-com boom to bust, security and privacy issues have continued to be underestimated in terms of importance to e-business. Australian experts warn this may cause more failures, while simultaneously claiming these issues "will be fixed". The dot-com boom saw a plethora of new companies, often steered by young and untested entrepreneurs, embracing the hype about the Internet's business capabilities and jumping in headfirst. The subsequent bust proved that to be a success, companies needed more than a great idea and a Web site. With the benefit of hindsight, and a multitude of 'expert' opinions, surveys, and results, organisations are now beginning to realise there is more to e-business than establishing a Web site and selling a product -- and that many of the challenges arise from consumers themselves. A panel of Australian IT professionals gathered at the e-Business Expo and Commonwealth Bank Business World Expo 2001 event last week to discuss particular challenges inhibiting the growth of e-business in Australia -- that of the security and privacy issues. "People just don't trust the (e-business) system," said professional facilitator, Peter Couchman. The panel elaborated, pointing to the fact that end-users are highly sceptical about the security of the Internet as a medium for transacting and revealing personal details. According to Couchman, much of this can be attributed to the fact that "businesses have continued to seriously underestimate security and privacy as issues for business on the Internet." National Office for the Information Economy (NOIE)'s chief executive, John Rimmer, stated that now is the time for companies to be developing solid business plans, part of which must include security plans. He added that e-business as a whole "needs new technology...regulated environment, plus education of people (as to the fact) that there are different levels of security required for different tasks." Steve Benfield, chief technology officer for SilverStream Software agreed that education -- or the lack thereof -- is a major inhibitor to the take up of transacting, or revealing private data, online. According to Benfield, it is often a misperception on part of the end user about the relative security the Internet can provide. "End users fail to understand that there is more chance of someone going through your garbage, getting a credit card receipt, using the number and ripping you off, rather than grabbing your details online," Benfield said. The recent increase in the development of both new technolgies and legislation, is attempting to take this education in hand, as well as to provide a solid security structure to ease the minds of end-users, be they consumers or businesses. One such development has been the reworking of the Privacy Act and the upcoming Amendment. "Changes to the Privacy act means that corporates are more accountable and more responsible," said Sladjan Jovic, managing director for Biodata Technology Australia. Jovic added that much of the responsibility belongs to the end user, and more focus should be placed on authentication. He claimed that while many organisations are turning to new technologies and systems to improve the authentication process, many of these are lacking a technological means of adding 'user presence'. This user presence is important in that it ensures the user is physically present at the time of authentication, and reduces the possibility of identity theft and criminal access to the authentication process. Jovic stated that the lack of user presence is being addressed by many companies involved with biometric research. He claimed that biometrics, especially in the form of smart cards -- memory-based cards that record the user's biometric traits -- do add user presence to the authentication process. Paul Houghton, managing director of Microsoft Australia, implied that the security and privacy issues will only be resolved with a concerted effort by industry groups, rather than the development of a particular product. This effort is already underway, according to Houghton. "Industry, retailers, government are all playing a very important roles in developing technologies and standards that ensure security," said Houghton. According to Houghton, resolution will occur, and in the not-so distant future, which will lower this particular barrier to e-business success. "Soon, there will be some type of authentication system or systems in place as a standard for all transactions," said Houghton. "And the security issue will be fixed." ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST