Six Technologies To Make A Bulletproof Web
September 6, 1999 9:24 AM ET
zdnet.com
The Internet didn't just magically appear, and it won't just magically get better. Whether it's creating a simple appliance to dial into the Net, or distributing memory in unseen places to speed up content delivery, a network of networks is a living, breathing thing. And it is given life by living, breathing beings - human engineers, programmers and technologists. Here are six technologies that will transform the Net in the next four years - and the people who are helping speed their arrival.
Are you who you say you are?
When Victor Chang was working on Apple Computer's Open Collaboration Environment in 1991 and 1992, one of the things he needed was a way to enable participants to identify themselves in an online session without affording anyone the opportunity to posture as somebody else.
In solving that problem, he adopted RSA Data Security's approach to establishing digital identities as a way to authenticate collaborators. The basic method was laid down by Whitfield Diffie and Martin Hellman at Stanford University in 1975-78 when they proposed matching a public key, assigned to an individual, with a private key held in strict confidence. With a private key and public key encryption, a message could be unlocked only at its intended destination.
RSA was an early implementer of such key encryption - relying on a method known as a certificate server, used to verify the identity of a message recipient. Chang became conversant in its uses as he worked on the Apple project. Two years later, RSA President Jim Bidzos hired him to supervise RSA's staff of six engineers.
Chang and his team undertook the work that would give the Internet several of the tools needed to implement credit-card orders and financial transactions, and to secure exchanges of information. The RSA tool kit, Bsafe, gave application developers a means of implementing RSA public key encryption in their systems. Among the users of the tool kit were Microsoft and Netscape Communications, which built a certificate recognition capability into their respective Internet Explorer and Navigator browsers.
Among other things, the tool kit implemented RC4, an encryption algorithm running across Secure Sockets Layer, developed by Netscape. SSL used the RSA-based authentication method of recognizing a party's digital identity, and RC4 to encrypt and decrypt the accompanying transaction or communication. SSL has grown to become the leading security protocol of the Net. Adopted by the Internet Engineering Task Force as a core technology, it has been merged with other protocols and authentication methods into Transport Layer Security.
Chang and his development team, which now numbers 60 engineers, "indirectly created the framework for people to conduct e-commerce over the Internet," he says.
- Charles Babcock
|
