A small group of Internet security specialists gathered in Singapore to start up a global system to make e-mail and e-commerce more secure, end the rapid growth of passwords and raise the bar significantly for Internet fraud, spies and troublemakers.
The Singapore event included an elaborate technical ceremony to create and then securely store numerical keys that will be kept in three hardened data centers there, in Zurich and in San Jose, Calif. The keys and data centers are working parts of a technology known as Secure DNS, or DNSSEC. DNS refers to the Domain Name System, which is a directory that connects names to numerical Internet addresses. Preliminary work on the security system had been going on for more than a year, but this was the first time the system went into operation, even though it is not quite complete.
The three centers are fortresses made up of five layers of physical, electronic and cryptographic security, making it virtually impossible to damage the system. Four layers are active now. The fifth, a physical barrier, is being built inside the data center.
The technology is viewed by many computer security specialists as a ray of hope amid the recent cascade of data thefts, attacks, disruptions and scandals, including break-ins at Citibank, Sony, Lockheed Martin, RSA Security and elsewhere. It allows users to communicate via the Internet with high confidence that the identity of the person or organization they are communicating with is not being tricked or forged.
Internet engineers like Dan Kaminsky, an independent network security researcher who is one of the engineers involved in the project, want to counteract three major deficiencies in today’s Internet. There is no mechanism for ensuring trust, the quality of software is uneven, and it is difficult to track down bad actors.
One reason for these flaws is that from the 1960s through the 1980s the engineers who designed the network’s underlying technology were concerned about reliable, rather than secure, communications. That is starting to change with the introduction of Secure DNS by governments and other organizations.
The event in Singapore capped a process that began more than a year ago and is expected to be complete after 300 so-called top-level domains have been digitally signed. Before the Singapore event, 70 countries had adopted the technology, and 14 more were added as part of the event. While large countries are generally doing the technical work to include their own domains in the system, the association of Internet security specialists is helping smaller countries and organizations with the process.
We can infer from the last paragraph that()
A. the Net security system will catch on soon
B. engineers prefer to wait and see how things go
C. actions are taken to utilize the security system
D. more countries are supposed to invest in the system
