NEWS


Computing Now Exclusive Content — July 2010

News Archive

July 2012

Gig.U Project Aims for an Ultrafast US Internet

June 2012

Bringing Location and Navigation Technology Indoors

May 2012

Plans Under Way for Roaming between Cellular and Wi-Fi Networks

Encryption System Flaw Threatens Internet Security

April 2012

For Business Intelligence, the Trend Is Location, Location, Location

Corpus Linguistics Keep Up-to-Date with Language

March 2012

Are Tomorrow's Firewalls Finally Here Today?

February 2012

Spatial Humanities Brings History to Life

December 2011

Could Hackers Take Your Car for a Ride?

November 2011

What to Do about Supercookies?

October 2011

Lights, Camera, Virtual Moviemaking

September 2011

Revolutionizing Wall Street with News Analytics

August 2011

Growing Network-Encryption Use Puts Systems at Risk

New Project Could Promote Semantic Web

July 2011

FBI Employs New Botnet Eradication Tactics

Google and Twitter "Like" Social Indexing

June 2011

Computing Commodities Market in the Cloud

May 2011

Intel Chips Step up to 3D

Apple Programming Error Raises Privacy Concerns

Thunderbolt Promises Lightning Speed

April 2011

Industrial Control Systems Face More Security Challenges

Microsoft Effort Takes Down Massive Botnet

March 2011

IP Addresses Getting Security Upgrade

February 2011

Studios Agree on DRM Infrastructure

January 2011

New Web Protocol Promises to Reduce Browser Latency

To Be or NAT to Be?

December 2010

Intel Gets inside the Helmet

Tuning Body-to-Body Networks with RF Modeling

November 2010

New Wi-Fi Spec Simplifies Connectivity

Expanded Top-Level Domains Could Spur Internet Real Estate Boom

October 2010

New Weapon in War on Botnets

September 2010

Content-Centered Internet Architecture Gets a Boost

Gesturing Going Mainstream

August 2010

Is Context-Aware Computing Ready for the Limelight?

Flexible Routing in the Cloud

Signal Congestion Rejuvenates Interest in Cell Paging-Channel Protocol

July 2010

New Protocol Improves Interaction among Networked Devices and Applications

Security for Domain Name System Takes a Big Step Forward

The ROADM to Smarter Optical Networking

Distributed Cache Goes Mainstream

June 2010

New Application Protects Mobile-Phone Passwords

WiGig Alliance Reveals Ultrafast Wireless Specification

Cognitive Radio Adds Intelligence to Wireless Technology

May 2010

New Product Uses Light Connections in Blade Server

April 2010

Browser Fingerprints Threaten Privacy

New Animation Technique Uses Motion Frequencies to Shake Trees

March 2010

Researchers Take Promising Approach to Chemical Computing

Screen-Capture Programming: What You See is What You Script

Research Project Sends Data Wirelessly at High Speeds via Light

February 2010

Faster Testing for Complex Software Systems

IEEE 802.1Qbg/h to Simplify Data Center Virtual LAN Management

Distributed Data-Analysis Approach Gains Popularity

Twitter Tweak Helps Haiti Relief Effort

January 2010

2010 Rings in Some Y2K-like Problems

Infrastructure Sensors Improve Home Monitoring

Internet Search Takes a Semantic Turn

December 2009

Phase-Change Memory Technology Moves toward Mass Production

IBM Crowdsources Translation Software

Digital Ants Promise New Security Paradigm

November 2009

Program Uses Mobile Technology to Help with Crises

More Cores Keep Power Down

White-Space Networking Goes Live

Mobile Web 2.0 Experiences Growing Pains

October 2009

More Spectrum Sought for Body Sensor Networks

Optics for Universal I/O and Speed

High-Performance Computing Adds Virtualization to the Mix

ICANN Accountability Goes Multinational

RFID Tags Chat Their Way to Energy Efficiency

September 2009

Delay-Tolerant Networks in Your Pocket

Flash Cookies Stir Privacy Concerns

Addressing the Challenge of Cloud-Computing Interoperability

Ephemeralizing the Web

August 2009

Bluetooth Speeds Up

Grids Get Closer

DCN Gets Ready for Production

The Sims Meet Science

Sexy Space Threat Comes to Mobile Phones

July 2009

WiGig Alliance Makes Push for HD Specification

New Dilemnas, Same Principles:
Changing Landscape Requires IT Ethics to Go Mainstream

Synthetic DNS Stirs Controversy:
Why Breaking Is a Good Thing

New Approach Fights Microchip Piracy

Technique Makes Strong Encryption Easier to Use

New Adobe Flash Streams Internet Directly to TVs

June 2009

Aging Satellites Spark GPS Concerns

The Changing World of Outsourcing

North American CS Enrollment Rises for First Time in Seven Years

Materials Breakthrough Could Eliminate Bootups

April 2009

Trusted Computing Shapes Self-Encrypting Drives

March 2009

Google, Publishers to Try New Advertising Methods

Siftables Offer New Interaction Model for Serious Games

Hulu Boxed In by Media Conglomerates

February 2009

Chips on Verge of Reaching 32 nm Nodes

Hathaway to Lead Cybersecurity Review

A Match Made in Heaven: Gaming Enters the Cloud

January 2009

Government Support Could Spell Big Year for Open Source

25 Reasons For Better Programming

Web Guide Turns Playstation 3 Consoles into Supercomputing Cluster

Flagbearers for Technology: Contemporary Techniques Showcase US Artifact and European Treasures

December 2008

.Tel TLD Debuts As New Way to Network

Science Exchange

November 2008

The Future is Reconfigurable

New Protocol Improves Interaction among Networked Devices and Applications

by George Lawton

An emerging specification promises to make it easier for devices and applications to share metadata. The Trusted Computing Group’s (TCG) Infrastructure-Metadata Access Point (IF-MAP) specification simplifies security-device integration. TCG recently demonstrated IF-MAP interoperability among seven devices, and the specification is expected to pick up steam with another update scheduled for later this year.

"IF-Map is Facebook for endpoint devices," said Matt Webster, product management director at Lumeta and cochair of TCG's Trusted Network Connect (TNC) workgroup, which developed the IF-MAP specification. "As attacks become more complex, you need multiple systems within your security architecture for protection. IF-MAP allows these security products to pool that information together, which can be addressed by specialized devices."

This helps deal with new types of attack. For example, an endpoint profiling device might note that a device listed as a printer was behaving like a PC. It could share this information with a network access control (NAC) appliance to block access to the device until the discrepancy is resolved.

Although this kind of integration between multiple security products is possible today, it must be done for each pairing. With IF-MAP, developers will have to write an IF-MAP interface only once to support integration with any other IF-MAP–enabled application or device.

Proponents believe that IF-MAP will eventually become as commonplace as other networking protocols. Many vendors have already adopted it, including Arcsight, Aruba, Infoblox, Juniper Networks, Lumeta, and nSolutions. That said, Cisco hasn't yet accepted it, which could hinder its widespread deployment.

An Old Idea

The idea of sharing security information among multiple networking devices has been around for some time, said Lawrence Orans, research director at the Gartner market research group. In the mid 1990s, vendors including Microsoft and Cisco created the Directory-Enabled Networking (DEN) specification. However, the DEN specification was never widely adopted.

The TNC workgroup was launched to focus on improving NAC security. It has developed several specifications and released IF-MAP protocol version 1.0 as part of this effort in 2008.

Although no international standards body has sanctioned IF-MAP as a standard, the TCG is hoping to build on its success with the Trusted Platform Module, which has been installed on between 350 and 400 million laptops, said Webster. These modules let applications perform integrity checks that detect malicious software on the laptop.

How IF-MAP Works

The IF-MAP protocol lets any kind of networking device share information that can be used for managing security policy. An IF-MAP server aggregates its MAC address, IP address, and other device information. When a device first connects to a network, the IF-MAP server publishes the information to other security devices on the network. Any network appliance — for example, a firewall, leak detector, or spam filter — can record and append new information about a device’s behavior to its record. The IF-MAP server can pass this information on to other security devices.

Different network monitoring devices can gather or create a variety of information about individual endpoints. For example, Lumeta's IPsonar security product can detect whether a device can leak data from a secured network via an unsecured connection. If a laptop connected to a cellular data network exposes secure data, the IPsonar server can share this information with a NAC server using IF-MAP, which can enforce a policy, such as locking out the leaking laptop.

Cloudy Future

IF-MAP could play a valuable role in networking security, but Gartner's Orans said its success isn't guaranteed. Some of the same concepts were present in DEN, he noted, but it never took off.

Cisco's nonparticipation is one of the biggest obstacles to its widespread adoption. "Without Cisco's support IF-MAP will struggle because Cisco dominated the enterprise network provider market," Orans said.

This could change if the IF-MAP specification gets rolled into an Internet Engineering Task Force RFC, said Webster. He noted that Cisco has adopted other TCG specifications after they became RFCs. In the long run, Webster expects IF-MAP to become as common as networking standards like HTTP and SNMP.

IF-MAP could open the door for a variety of new network management tools. For example, the Infoblox OS1 Orchestration Server uses IF-MAP to gather and publish information about cloud services’ pricing and availability. An applications server could use this information to locate and provision the most cost-effective cloud-based services.

George Lawton is a freelance journalist based in Guerneville, CA. He can be reached via his website at http://glawton.com.