SBC launches R and D test bed to develop Internet security

|tab|

SBC Communications Inc. announced earlier this month the formation of an Internet security test bed designed to uncover new ways to expand the scope and effectiveness of cyber-security technology.|ret||ret||tab|

The project, known as the Internet Assurance and Security Center, will be designed and managed by SBC Technology Resources Inc., SBC's research and development center based in Austin, Texas. |ret||ret||tab|

According to a company announcement, SBC is launching the IASC in response to the rising tide of Internet security violations, such as viruses, worms and denial-of-service attacks. |ret||ret||tab|

According to cyber-security experts, the recent Bugbear virus is the most severe widespread attack to occur in 2002. Less than one week after it first appeared, the virus had affected millions of users. |ret||ret||tab|

Howard Schmidt, vice chairman of President Bush's Critical Infrastructure Protection Board, met with SBC officials last month to review plans for the IASC and other security efforts.|ret||ret||tab|

"SBC is showing just the sort of initiative that is needed in the private sector to help advance cyberspace security," Schmidt said.|ret||ret||tab|

The IASC's will develop security technologies and standards that can be applied throughout large telecommunications networks, such as SBC's, that handle Internet, voice and data traffic for millions of individual users and businesses. |ret||ret||tab|

While most existing security efforts, such as firewalls, place the primary burden of security on end users, IASC research will support an approach that encompasses all elements of the network: telecommunications providers, enterprise networks, customer networks, and hardware and software vendors.|ret||ret||tab|

"Internet and network security violations are at an all-time high, and the problem demands our immediate attention," said Fred Chang, president and CEO, SBC Technology Resources. "SBC recognizes this threat, and we also understand that addressing it will take a cooperative, collaborative effort among the public and private sectors, including network providers and equipment vendors. We have chartered the IASC to help facilitate this effort and begin the process of enhancing overall security for the Internet, carrier and corporate networks."|ret||ret||tab|

In addition to the original research to be conducted by TRI, the IASC also will act as a point of collaboration with existing security research efforts in government, academia and industry. |ret||ret||tab|

Telcordia Technologies is the first company to partner with SBC on the IASC project. TRI also has a research alliance with the Center for Infrastructure Assurance and Security at the University of Texas-San Antonio. |ret||ret||tab|

The IASC will evaluate several methods to detect and neutralize attacks and unwanted content from carrier networks. In addition to investigation of security technologies and systems in general, the IASC will focus on approaches for embedding security components in the network.|ret||ret||tab|

Network-based security brings the potential for significant advances:|ret||ret||tab|

Security functions could be shared among multiple subscribers on a network, relieving some of the burdens placed on individual users to take security precautions.|ret||ret||tab|

Attacks and unwanted content could be stopped in the carrier network, preventing congestion of subscriber links.|ret||ret||tab|

Security technology componentsin different parts of the network could correlate information and collaborate to thwart attacks.|ret||ret||tab|

As an example, security components in several parts of SBC's network could be designed to detect unusual flows of traffic converging ona particular customer. Once it is determined that this behavior is a distributed denial-of-service attack, the network could automatically filter the offending traffic from multiple locations.|ret||ret||tab|

Another area of focus for the IASC will be the development of new security specifications for telecommunications equipment providers. Large telecommunications networks are built using products from several different vendors. The IASC will work with these vendors to encourage widespread adoption of security standards for their components.|ret||ret||tab|

The Internet and data networks in general have become critical infrastructure for business, communications and entertainment.|ret||ret||tab|

As the number of Internet users continues to grow each year, many new consumers do not understand the need, or know how, to install and maintain security devices such as firewalls or anti-virus software. This creates a greater number of targets for hackers, and helps to explain why security violations are rising at the same rate as Internet adoption. |ret||ret||tab|

In many cases, businesses need even stronger security protection, since they are often the targets of extremely sophisticated intrusions. In 2001, cyber attacks resulting from malicious code cost as much as $13 billion, according to industry sources quoted in the recently released National Strategy to Secure Cyberspace. The costs of security violations go beyond dollars; privacy, reputation, and public safety are other concerns that companies must consider when assessing network security.|ret||ret||tab|

Additional information about the IASC can be accessed at www.iascenter.org.|ret||ret||tab|

[[In-content Ad]]