Featured Research

from universities, journals, and other organizations

Researchers Help Set Security Standards For The Internet

Date:
July 17, 2009
Source:
Dartmouth College
Summary:
Secure Internet activity requires being able to prove who you are, and experts agree that the traditional approach of passwords is not always effective. PKI and public key cryptography solve these problems, and a new system is now in the pipeline with the Internet Engineering Task Force to become the universal way to easily implement PKI-enhanced computing security.

Dartmouth researchers who were pioneers in Public Key Infrastructure (PKI) – a system that secures and authenticates computer communications – are now playing leading roles establishing Internet standards and guidelines for security.

Secure Internet activity requires being able to prove who you are. Security experts agree that the traditional approach of passwords is not always effective. PKI and public key cryptography solve these problems, and Dartmouth researchers are leading the way in helping organizations deploy PKI. A new system developed at Dartmouth called PRQP, which stands for PKI Resource Query Protocol, is now in the pipeline with the Internet Engineering Task Force (IETF) to become the universal way to easily implement PKI-enhanced computing security.

“PKI labors under the misconception that it’s difficult,” says Scott Rea, senior PKI architect at Dartmouth. “PKI is most successful when it runs under the covers or in the background.” And that’s what it does on a lot of commercial websites that accept credit card numbers, ensuring security behind-the-scenes using PKI or “certificate authority” technology.

Dartmouth’s Institute for Security, Technology, and Society (ISTS) has received funding from the Department of Homeland Security to explore ways to make PKI more user-friendly, for individuals and for businesses of all sizes. That’s how PRQP was born.

“PRQP, very simply, provides a more distributed system for PKI; it works in a way to get trustworthy references in order to verify the PKI certificates of individuals or servers,” says Massimiliano “Max” Pala, research fellow with ISTS and the Open Certificate Authority Lab director.

In other words, as PKI becomes ubiquitous, IT professionals need PQRP, which provides a standard way to operate PKI efficiently, and therefore ensures a consistent and robust measure of security.

And, according to Pala and Rea, adoption of PKI is growing, and there is a deliberate program to bring more and more organizations into the PKI fold. Consortiums have been established, grouped around common themes, so that all members within each group can trust each other’s PKI certificates. For example, there are eight organizations now in the Higher Education group, or “bridge,” which includes colleges and universities. It’s called HEBCA, which stands for Higher Education Bridge Certificate Authority, and Rea serves as director of the HEBCA Operating Authority and secretary of the HEBCA Policy Management Authority.

There are also bridges for federal employees and contractors, pharmaceutical companies and researchers, and one for defense and aerospace companies and contractors. All four existing bridge organizations have formed a “federation” to trust everyone within these networks, and there are varying levels of security, because PKI is customizable. Among all four bridges, approximately 15 million certificates have been issued (mainly to individuals, but servers and other network devices can also carry certificates). That figure is expected to double in the next 12-18 months. At Dartmouth alone there are 34,000 active certificates and about 1,500 server certificates issued from the Dartmouth PKI.


Story Source:

The above story is based on materials provided by Dartmouth College. Note: Materials may be edited for content and length.


Cite This Page:

Dartmouth College. "Researchers Help Set Security Standards For The Internet." ScienceDaily. ScienceDaily, 17 July 2009. <www.sciencedaily.com/releases/2009/07/090708110426.htm>.
Dartmouth College. (2009, July 17). Researchers Help Set Security Standards For The Internet. ScienceDaily. Retrieved September 21, 2014 from www.sciencedaily.com/releases/2009/07/090708110426.htm
Dartmouth College. "Researchers Help Set Security Standards For The Internet." ScienceDaily. www.sciencedaily.com/releases/2009/07/090708110426.htm (accessed September 21, 2014).

Share This



More Computers & Math News

Sunday, September 21, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

What This MIT Sensor Could Mean For The Future Of Robotics

What This MIT Sensor Could Mean For The Future Of Robotics

Newsy (Sep. 20, 2014) — MIT researchers developed a light-based sensor that gives robots 100 times the sensitivity of a human finger, allowing for "unprecedented dexterity." Video provided by Newsy
Powered by NewsLook.com
Oculus Reveals New Virtual Reality Headset Prototype

Oculus Reveals New Virtual Reality Headset Prototype

Newsy (Sep. 20, 2014) — Oculus announced a new virtual reality headset prototype Saturday, saying the product is close to being ready for consumers. Video provided by Newsy
Powered by NewsLook.com
How To Protect Your Data In The Still-Vulnerable iOS 8

How To Protect Your Data In The Still-Vulnerable iOS 8

Newsy (Sep. 20, 2014) — One security researcher says despite Apple's efforts to increase security in iOS 8, it's still vulnerable to law enforcement data-transfer techniques. Video provided by Newsy
Powered by NewsLook.com
How Much Privacy Protection Will Google's Android L Provide?

How Much Privacy Protection Will Google's Android L Provide?

Newsy (Sep. 19, 2014) — Google's local encryption will make it harder for law enforcement or malicious actors to access the contents of devices running Android L. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins