Application-Layer Security Protocols for Networks

WE ARE NOT IN KANSAS ANYMORE The incredible growth of Internet usage has shifted routine business transactions from fax machine and telephones to e-mail and E-commerce. This shift can be attributed in part to the economical worldwide connectivity of the Internet, but also to the Internet capacity for more sophisticated types of transactions. Security professionals must understand the issues and risks associated with these transactions if they want to provide viable and scalable security solutions for Internet commerce. Presence on the Internet makes it possible to conduct international, multiple-party, and multiple-site transactions, regardless of time or language differences. This level of connectivity has, however, created a serious security dilemma for commercial enterprises. How can a company maintain transactional compatibility with thousands of different systems and still ensure the confidentiality of those transactions? Security measures once deemed suitable for text-based messaging and file transfers seem wholly inadequate for sophisticated multimedia and E-commerce transfers. Given the complexity of these transactions, even standardized security protocols like IPsec are proving inadequate. This article covers three areas that are of particular concern: electronic messag ing , Wor ld Wide Web (WWW) transactions, and monetary exchanges. All are subject to potential risk of significant financial losses P A Y O F F I D E A