Saturday, June 25, 2011

A new Stronger Internet Security is Deployed |secure DNS or DNSSEC


A small group of Internet security specialists gathered in Singapore this week to start up a global system to make e-mail and e-commerce more secure, end the proliferation of passwords and raise the bar significantly for Internet scam artists, spies and troublemakers.


The Singapore event included an elaborate technical ceremony to create and then securely store numerical keys that will be kept in three hardened data centers there, in Zurich and in San Jose, Calif. The keys and data centers are working parts of a technology known as Secure DNS, or DNSSEC. DNS refers to the Domain Name System, which is a directory that connects names to numerical Internet addresses.
The event in Singapore capped a process that began more than a year ago and is expected to be complete after 300 so-called top-level domains have been digitally signed, around the end of the year. Before the Singapore event, 70 countries had adopted the technology, and 14 more were added as part of the event. While large countries are generally doing the technical work to include their own domains in the system, the consortium of Internet security specialists is helping smaller countries and organizations with the process.
“In the very long term it will be voice-over-I.P. that will benefit the most,” said Bill Woodcock, research director at the Packet Clearing House, a group based in Berkeley, Calif., that is assisting Icann, the Internet governance organization, in deploying Secure DNS.
the authors of the Stuxnet computer worm that was used to attack the Iranian uranium processing facility at Natanz were able to steal authentic digital certificates from Taiwanese technology companies. The certificates were used to help the worm evade digital defenses intended to block malware.
In March, Comodo, a firm that markets digital certificates, said it had been attacked by a hacker based in Iran who was trying to use the stolen documents to masquerade as companies like Google, Microsoft, Skype and Yahoo.
“At some point the trust gets diluted, and it’s just not as good as it used to be,” said Rick Lamb, the manager of Icann’s Secure DNS program.