This issue of IEEE Internet Computing presents three articles exploring the theme of "Widely Deployed Internet Security Solutions." This topic highlights the three characteristics that we think define relevant security innovations today: deployability, orientation toward solving a problem, and suitability to the Internet environment.
Deployment Versus Research
The focus on deployment reflects the frustration, shared by the majority of the computer security research community, over the glaring gap between state-of-the-art security research and state-of-the-art security practice. As a technology, computer security emerged with the development of time-sharing and multi-user systems. Security technology research remains an active academic field, attracting much interest from government, military, and commercial sectors. Despite this interest, the distance is huge between what is possible as demonstrated in research and what is practiced in the real world.
Although a tremendous amount of new research is published each year (see the sidebar " Security Research Resources
" for a list of relevant conferences, journals, and Web sites), the commercial adoption rate of this research is miserably low compared with adoption rates for other technologies, such as high-speed networking. In fact, you can count on one hand the number of innovative and effective security technologies that have been widely deployed in the past three decades:
• anti-virus software;
• onetime passwords, especially when used with a token card;
• secure socket layer (SSL), which uses encryption and public-key systems; and
• Java security mechanisms (although they may be too new to be on this list).
Why such a gap exists is a mystery, and to attempt an analysis is beyond the scope of this article. Our emphasis on deployment for this special issue is a small effort toward narrowing this gap. In the end, we failed to attract articles that explain why certain security technologies are adopted while others are not—Any historians out there reading this?—but succeeded in getting articles that dissect and discover problems with a few emerging security standards.
Solutions Versus Technology
Our second focus, on solutions rather than merely technology, derives from our observation that the five technologies listed above solve some pressing problems:
• Viral attacks on DOS and Windows machines can cause serious damage, thus the need for anti-virus software.
• Passwords sent over the network have proven to be such easy targets of attack that many institutions have adopted onetime password systems.
• As more nodes were connected via the Internet, attacks on network protocols and host machine vulnerabilities also increased, and firewalls emerged as an effective countermeasure.
• In the early 1990s, when the lack of transaction security was deterring the commercial Internet's growth, Netscape introduced SSL to provide a reasonable level of security for online shopping. SSL's debut as an integral part of Netscape's browser, requiring no user administration, also drove its widespread adoption.
• Java is now used in devices ranging from cell phones, pagers, PDAs, and TVs, to desktop systems, servers, and mainframes. Enterprise applications, financial systems, and many other critical computing environments depend on Java not only for mobility and platform neutrality but also for strong security.
It is worth noting, however, that these five technologies—although they came out of commercial settings—benefited a great deal from prior research. Pattern matching, reverse engineering, fast indexing, and searching are key to anti-virus software. Cryptography in general, and one-way functions in particular, provide the foundation for onetime passwords. TCP/IP, pattern recognition, application-specific integrated circuit (ASIC) design, and virtual private networks (VPNs) underpin some modern firewalls. SSL is a fairly straightforward application of public-key systems, secure handshake protocols, and encryption. Java security traces its roots to operating system security, access-control algorithms, and object-oriented system design.
Nevertheless, inventing a security technology and turning that technology into a solution are two different things. For example, even though public-key systems existed at least as early as 1976, it was not until the early 1990s that the technology found its biggest application in SSL. Therefore, pushing for solutions instead of technologies is our way of nudging researchers to pay attention to the "last mile problem": How do we turn a great invention into an effective solution?
Internet Versus Splendid Isolation
Third, our theme focuses on the Internet—not only because the world is becoming more connected each day, but also because security issues manifest themselves more urgently in a networked environment. For example,
• Viruses, which used to travel on floppy disks (the pre-Internet with human routers), now reach us through e-mail.
• Onetime passwords eliminate the need to transport user passwords in clear text on an open network.
• Firewalls detect and prevent network-based attacks.
• SSL secures transaction information over the Internet.
• The Java security architecture provides a solid platform for Internet-based programming, including mobile code, applets, and agents.
Our concern here with today's networked environment does not imply that there are no longer security problems inside individual network nodes. In fact, in many aspects, security issues for a single node (for example, OS security, Java VM security) are technically more challenging than network security issues. However, it is more convenient—and convenience is what commercial systems look for—to assume that network nodes are controlled and trusted by their owners (which is not an unreasonable assumption in the case of cell phones and pagers) and to worry only about network-level security.
All of the articles in this issue have the characteristics we were looking for: they focus on standards for wide deployment of security technologies. They describe practical solutions. The technologies they discuss fall within the Internet context.
The article "Network Address Translators: Effects on Security Protocols and Applications in the TCP/IP Stack," by Shiuh-Pyng Shieh et al. (pp. 42-49), studies the intrinsic conflict between the use of NATs to translate and hide network addresses and the essential requirement in some security protocols to carry and identify users' actual network addresses. The authors' conclusion that many protocols would not function properly in a NAT environment is significant, given NATs' widespread use.
The article, "Key Exchange in IPSec: Analysis of IKE," by Radia Perlman and Charlie Kaufman (pp. 50-56), identifies several problems with the IKE mechanism in IPSec, an Internet Engineering Task Force-proposed standard also included in IPv6, and suggests several improvements.
The article, "A Transport-Level Proxy for Secure Multimedia Streams," by King P. Fung and Rocky K.C. Chang (pp. 57-67), examines the inadequacies of SOCKS, the IETF's firewall traversal standard, and proposes an extension for better multimedia streaming support.
We look forward to continued work in this area and to the day when computer security practice catches up with computer security research.
We would like to thank all those who submitted their work, as well as the hard-working reviewers who made available their precious time to ensure the high quality of IEEE Internet Computing articles. We would also like to express our appreciation to Internet Computing's editorial board for making this issue possible, and to the staff for ensuring smooth production.
is a Distinguished Engineer at Sun Microsystems, and currently the Director of Engineering for peer-to-peer networking. He was Director of server products in Sun's consumer and embedded systems division, and prior to that, Chief Java Security Architect and head of JavaSoft's security and networking group. He is the founding chair of the Open Services Gateway Initiative (OSGi, http://www.osgi.org/) Java Expert Group. Gong received a BS and an MS from Tsinghua University, Beijing, China, and a PhD from the University of Cambridge, England. He is a member of IEEE Internet Computing
's editorial board and an associate editor of ACM Transactions on Information and System Security
is professor of information and software engineering and Director of the Laboratory for Information Security Technology ( http://www.list.gmu.edu) at George Mason University. He is currently chair of ACM's Special Interest Group on Security Audit and Control (SIGSAC). Sandhu is the founding editor-in-chief of the ACM Transactions on Information and Systems Security
(TISSEC), and a member of IEEE Internet Computing
's editorial board. He founded the ACM Conference on Computer and Communications Security and the ACM Symposium on Access Control Models and Technologies. Sandhu has authored more than 130 papers in research journals and conference proceedings.