12.10.2.2 National Center for Supercomputing Agency (NCSA) The National Center for Supercomputing Agency (NCSA) employs a combination of solutions, including digital certificates and public key, private key, and personal pass phrases for safeguarding NCSA computing resources. NCSA participants are also required to access a (CA) Certificate Authority and obtain a certificate of authentication prior to connecting to secure NCSA networks. In addition, NCSA employs Secure Shell (SSH) authentication at major network sites. Endorsed by the IETF Secure Shell Working Group, SSH v2 (Secure Shell Version 2) allows the creation of RSA asymmetric key pairs for enabling strong encryption. Typically, SSH supports remote log-ons and encrypted Web sessions. 12.10.3 DIGITAL SIGNATURE MARKETPLACE 12.10.3.1 Communication Intelligence Corporation (CIC) The Communication Intelligence Corporation (CIC) develops secure electronic sig- nature solutions for E-commerce transactions. These solutions employ biometric measurements based on timing, speed, and style that characterize an individual signature. Moreover, the CIC supplies software technologies for enabling dynamic signature verification, multilingual handwriting recognition systems, and natural messaging solutions. The CIC also supports sign-on products for Pocket PCs to authenticate user identification prior to enabling access to the system. 12.11 PUBLIC KEY INFRASTRUCTURE (PKI) 12.11.1 PKI F EATURES AND FUNCTIONS A de facto standard for implementing a secured infrastructure, a Public Key Infra- structure (PKI) implementation enables public and private entities to conduct E-commerce and E-business transactions via the Web in an environment of total trust. A PKI solution supports the utilization of a pair of public and private keys, a corresponding digital certificate, and authentication services. PKI deployments also enable key distribution, generation, and recovery operations and ensure nonrepudi- ation of agreements and data confidentiality. Moreover, PKI installations employ cryptosystems and services provisioned by CAs and Registration Authorities (RAs) to verify digital certificates and ensure secure management of public and private keys in business-to-business (B2B) transactions. PKI digital certificates are generally stored in laptop computers or desktop PCs to prevent cybercrackers from employing these credentials to invade multiple dis- tributed networks. A PKI configuration facilitates secure e-mail and intranet opera- tions and employs a mix of security mechanisms such as smart cards, firewalls, and biometric identifiers for enabling dependable and reliable transactions. 12.11.2 PKI SPECIFICATIONS AND SOLUTIONS 12.11.2.1 ITU-T X.509v3 Recommendation The major enabling standard for PKI is the ITU-T X.509 Recommendation. Approved in 2000 by Study Group 7 of the ITU-T, the X.509v3 Recommendation 0889Ch12Frame Page 558 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC supports secure Web connections for enabling utilization of digital signatures in E-commerce transactions. This Recommendation works in conjunction with the PKI; employs attribute certificates that define user privileges in multiservice, multi-appli- cation, and multivendor environments; and supports enhancements to certificate processing and revocation services. Moreover, the ITU-T X.509v3 Recommendation specifies a framework for PMI (Privilege Management Infrastructure) to enable secure B2B (business-to-business) E-commerce applications. 12.11.2.2 IETF Public Key Infrastructure X.509 (PKIX) Working Group The IETF Public Key Infrastructure X.509 (PKIX) Working Group supports the Certificate Management Protocol (CMP), the Online Certificate Status Protocol (OCSP), and the Certificate Management Request Format (CRMF) Protocol for managing PKI operations and services. Specifications for using digital certificates in legally binding nonrepudiation situations are also in development. 12.11.2.3 Minimum Interoperability Specification of PKI Components (MISPC) NIST (National Institute of Standards and Technologies) specifies guidelines in the Minimum Interoperability Specification of PKI Components (MISPC) for supporting a federal PKI. NIST also operates a PKI Interoperability Testbed to evaluate the effectiveness of BCAs (Bridge Certification Authorities) in interlinking each federal PKI, regardless of policies, cryptographic algorithms, and architectures employed, into a federal PKI. NIST clarifies capabilities of XML digital signatures and supports utilization of an enhanced path-processing algorithm for ITU-T X.509 implementa- tions to correct system defects. 12.11.2.4 Federal PKI Operations The Federal PKI Steering Committee sponsors design and development of the Federal PKI to enable access to government services by authorized personnel and facilitates secure E-commerce transactions. Government agencies can access encrypted data supported by the Federal PKI in the event of emergencies. Federal PKI operations between public or private entities and U.S. federal government agencies require utilization of public key cryptographic solutions for ensuring trans- action integrity, data confidentiality, participant authentication, and service non- repudiation. NIST defines security requirements for the Federal PKI architecture and estab- lishes the use of S/MIMEv3 (S/MIME Version 3), the NIST version of S/MIME, for enabling secure e-mail exchange. NIST employs the PKI Interoperability Testbed for ensuring service and product conformance to the S/MIMEv3 specification. 12.11.2.5 Open Group PKI Deployments An international vendor consortium, the Open Group promotes development and implementation of an integrated global PKI architecture that supports transnational 0889Ch12Frame Page 559 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC E-commerce applications. The Open Group also endorses the utilization of ITU-T X.509-compliant digital certificates, secure applications based on the CDSA (Com- mon Data Security Architecture) developed by Intel for member states in the Euro- pean Union, and interoperable PKI services in multivendor environments. Approaches for enabling seamless PKI key storage, recovery, distribution, suspen- sion, revocation, reactivation, and management operations are in development. 12.11.3 PKI MARKETPLACE 12.11.3.1 Entrust Technologies PKI Solutions PKI security solutions from Entrust Technologies support secure encrypted sessions and establishment of audit logs for guaranteeing the nonrepudiation of transactions. Entrust PKI solutions also enable the generation, signing, management, and revo- cation of X.509 digital certificates. 12.11.3.2 Baltimore Technologies Developed by Baltimore Technologies, the Telepathy Product Suite enables mobile users to employ PKI architecture and PKI security solutions in the wireless domain. These solutions work in conjunction with WAP (Wireless Application Protocol) phones and PDAs (Personal Digital Assistants) for facilitating trusted wireless trans- actions and information exchange in a secure environment. In addition, the Telepathy Product Suite provisions WTLS (Wireless Transport Layer Security) for ensuring nonrepudiation of services; digital certificates for authenticating digital identities; and software tools for ensuring secure sessions between applications. By using the Telepathy PKI Registration System, a component in the Telepathy Product Suite, mobile device users retain their digital identities by employing digital certificates maintained in PKI systems. Also Telepathy Suite components, the Telepathy PKI Validation System and the Digital Signature Toolkit enable users to access multiple digital certificates and create wireless digital signatures for accommodating WAP requirements. 12.11.3.3 Identrus Sponsored by a consortium of banks and financial institutions, including Chase Manhattan, Citigroup, Bank of America, and VeriSign, Identrus supports design and implementation of a global PKI framework based on open standards for enabling safe and secure E-commerce and E-banking services, including electronic funds transfers and electronic payments. Identrus solutions require the use of digital cer- tificates issued by participating entities for conducting negotiations and arranging for payments in a trusted environment. 12.11.3.4 Xcert Xcert develops PKI-compatible public key digital certificates. With Xcert solutions, an individual’s identity can be authenticated prior to granting access to confidential 0889Ch12Frame Page 560 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC information and sensitive data files. Government agencies and corporations utilize Xcert solutions to manage in-house virtual certification authorities that distribute public keys and assign digital certificates to trusted users. Public keys and certificates verify user identity and the authenticity of the digital signature and control access to centrally maintained electronic information files and archives. Private keys are stored on smart cards that can also be used to digitally sign documents and verify identity. 12.12 ELECTRONIC COMMERCE (E-COMMERCE) SECURITY CONSIDERATIONS 12.12.1 E-C OMMERCE FUNDAMENTALS The term “E-commerce” refers to commercial transactions over the Web. Initially, electronic interactions were limited to large-sized corporations such as airline car- riers, banks, and major retail distributors with the resources, technology, and capital to invest in electronic infrastructures supporting virtual transactions. The popularity of the Web as a global marketplace contributed to the subsequent proliferation of E-commerce Web sites by public and private entities of all sizes. Although there is not a commonly accepted definition, the term “E-commerce” is used with increasing frequency. Typically, E-commerce refers to some form of Web electronic payment system between virtual buyers and virtual sellers in a virtual marketplace that enables the secure purchase and acquisition of virtual goods and services. 12.12.2 E-COMMERCE APPLICATIONS AND SERVICES Currently, E-commerce Web sites enable commercial transactions in education, travel, fashion, product maintenance, textiles, entertainment, healthcare, tourism, transportation, insurance, real estate, law, business, banking, and music. Vortals, portals, electronic storefronts, and virtual shopping malls in the electronic commerce domain offer an unprecedented array of commodities, including artwork, antiques, books, computers, television sets, ceramics, jewelry, clothing, symphonic recordings, prepackaged software, cakes, candies, stamps, pets, toys, boats, cars, homes, and furniture. Electronic commerce implementations include e-mail for business communica- tions, electronic payment systems, electronic funds transfer, and Electronic Data Interchange (EDI) or the computer-to-computer transmission of digital data in stan- dardized formats. E-commerce solutions support business-to-business (B2B) and business-to-consumer (B2C) transactions. These implementations require a network infrastructure that provides secure Web services for enabling consumers to purchase and Web site owners to sell tangible and intangible products. Communications solutions facilitating connectivity to Web-based E-commerce operations, applica- tions, and services employ an array of narrowband and broadband wireline and wireless technologies such as POTS (Plain Old Telephone Service), ISDN (Integrated Service Digital Network), and ATM (Asynchronous Transfer Mode), cable networks, and DSL (Digital Subscriber Line) solutions. 0889Ch12Frame Page 561 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC 12.12.3 E-COMMERCE OPERATIONS AND SECURITY RISKS Web technical advancements enable E-commerce entrepreneurs to start innovative applications and activities in the worldwide electronic marketplace with minimal up-front investment and promote products and services directly to consumers at home and in the workplace in every facet of the economy, including the retail, communications, education, and information sectors. The E-commerce process involves intense competition in advertising, marketing, and supplying on-demand tangible and intangible commodities in an unprotected network environment. E-commerce implementations are characterized by reliability problems; techni- cal, legal, regulatory, and administrative challenges; and pervasive concerns about the security of electronic payments, information corruption, disclosure of private and sensitive data to untrusted third parties, and consumer exposure to fraud. Addi- tional risks associated with the E-commerce process include misappropriation of funds, failure to credit payments, double spending or paying twice for the same commodity, DDOS attacks, and failure by vendors to supply advertised commodities subsequent to accepting payments. Anonymity in the electronic marketplace enables cyberinvaders to mask their identities while stealing credit card numbers from a Web site or employing electronic payments for tax evasion and money laundering. An online campus billing office may in fact be a fake virtual storefront created to collect credit card numbers. As a consequence, security mechanisms and networking protocols that enable consumers to order and purchase virtual products in safe environments and authentication services for verifying the identities of each party to an E-commerce transaction are in development. 12.12.4 ELECTRONIC PAYMENT SYSTEMS Electronic payment systems employed for Web commercial transactions feature cryptographic mechanisms, security protocols, authentication services, and tamper- resistant devices such as smart cards for enabling utilization of instruments such as virtual cash, tokens, electronic checks, debit cards, and credit cards to make micro- payments. 12.12.4.1 Authorize.Net Authorize.Net enables consumers to use credit cards and electronic checks for purchasing items on the Web. Merchants use Authorize.Net to authenticate, process, manage, and settle E-commerce transactions. 12.12.4.2 CAFÉ (Conditional Access for Europe) The CAFÉ (Conditional Access for Europe) initiative supports the use of secure electronic payment systems over the Web by consumers with CAFÉ-compliant electronic wallets. Electronic personal credentials that serve as passports, drivers’ licenses, and house keys are in development. Academic participants in the CAFÉ 0889Ch12Frame Page 562 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC project include Aarhus University, the University of Hildesheim, and the Catholic University of Leuven. 12.12.4.3 CyberCash CyberCash payment solutions such as CyberCoin, PayNow, and the CyberCash wallet support secure encrypted credit card, debit card, electronic check, and micro- payment transactions on the Web and real-time authentication services. In 2000, the State of Oregon implemented a CyberCash solution for the Oregon Center for E- Commerce and Government that enables state residents to purchase permits, licenses, and state maps at state-sponsored Web sites. 12.12.4.4 DigiCash Ecash Solutions Developed by DigiCash, Ecash solutions employ public key encryption technology for enabling micropayments for Web transactions. 12.12.4.5 Financial Services Technology Consortium (FSTC) Initiatives Sponsored by the FSTC (Financial Services Technology Consortium), the Bank Internet Payment System (BIPS), Electronic Checks, and the Paperless Automated Check Exchange and Settlement (PACES) initiatives provision authentication and encryption services for enabling consumers to make secure Web payments. The FSTC also initiated development of the Secure Document Markup Language (SDML) specification for safeguarding the integrity of E-commerce exchanges. FSTC participants include Oak Ridge and Sandia National Laboratories, Columbia University, and the Polytechnic University of Brooklyn. 12.12.5 E-COMMERCE ORGANIZATIONS, SECURITY SPECIFICATIONS, AND SOLUTIONS Entities transforming the Web into a global electronic marketplace free of fraud and deception include the Global Information Infrastructure Commission, Com- merceNet, and Electronic Commerce Canada. The European Commission, the Euro- pean Parliament, the European Telecommunications Standards Institute, the IETF (Internet Engineering Task Force), the International Electrotechnical Commission, and the ITU-T (International Telecommunications Union-Telecommunications Stan- dards Sector) develop legal, technical, and commercial transborder E-commerce regulations for providing a trusted E-commerce environment as well. Additional trade associations and private interest groups active in the E-commerce standards domain include the American Electronics Association, the Electronic Messaging Association, and the Software Publishers Association. The Global ECommerce Forum, originally known as First Global Commerce, is an international multivendor consortium that initiates E-commerce projects and pro- motes E-commerce infrastructure development. 0889Ch12Frame Page 563 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC 12.12.5.1 ebXML (Electronic Business Extensible Markup Language) The ebXML (Electronic Business Extensible Markup Language) initiative supports deployment of an XML global infrastructure that enables the secure use of E-business data by all parties involved in a transaction. 12.12.5.2 epf.net (Electronic Payments Forum) An alliance of commercial entities, government agencies, universities, and standards organizations, the Electronic Payments Forum (epf.net) promotes the development and implementation of interoperable electronic payment systems for enabling global E-commerce services and applications. 12.12.5.3 Internet Law and Policy Forum An international organization, the Internet Law and Policy Forum (ILPF) is an open forum that supports the discussion of legislative and policy issues that impact the growth and expansion of global E-commerce. The ILPF supports Working Groups on Content Regulation, Self-Regulation, Jurisdiction, and Electronic Authentication that contribute to the development of practical solutions for resolving transborder E-commerce legal issues and enabling consumer protection from fraud. 12.12.5.4 Mobile Electronic Transactions (MeT) Sponsored by Motorola, Nokia, and Ericsson, the Mobile Electronic Transactions (MeT) initiative promotes the development of a uniform framework based on in- place standards to support secure, dependable, and reliable mobile E-commerce transactions. 12.12.5.5 Radicchio Initiative A nonprofit organization consisting of certification service providers, and mobile carriers, Radicchio supports development of common standards to support secure M-commerce transactions. In addition, Radicchio supports development of a trusted PKI that works with wireless networks and personal handheld devices and enables secure electronic transactions at anytime and from anyplace. 12.12.5.6 Secure Electronic Transaction (SET) Jointly designed by MasterCard International and Visa International, the Secure Electronic Transaction (SET) specification uses a blend of RSA and DES encryption for safeguarding online credit card transactions over the Internet. To protect con- sumers against online fraud, the SET specification establishes protocols for payment card operations over an open network and supports the use of digital certificates that are issued to cardholders and merchants in SET transactions to verify their identities. Software vendors, merchants, and financial institutions that provision SET-compliant products and services display the SET Mark. 0889Ch12Frame Page 564 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC 12.12.5.7 United Nations Model Law on Electronic Commerce Also called UNCITRAL, the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law features a set of interna- tionally acceptable rules for addressing legal obstacles in E-commerce transactions and promoting development of a strong security environment. 12.12.5.8 World Wide Web Consortium (W3C) The World Wide Web Consortium (W3C) sponsors an international effort for pro- moting global E-commerce that is hosted by the Massachusetts Institute of Tech- nology (MIT) Laboratory for Computer Science in the United States, the National Research Institute of Information and Automation in the European Union, and Keio University in Japan. Formally called HTTP/1.1 (HyperText Transport Protocol/1.1), the W3C-sponsored Digest Authentication protocol supports deployment of identi- fication mechanisms and authentication services for enabling secure E-commerce transactions between customers and merchants. W3C also supports the Joint Elec- tronic Payment Initiative (JEPI) to enable secure electronic payments and the Digital Signature Initiative to standardize the format for signing digital documents. 12.12.6 EUROPEAN COMMISSION TELECOMMUNICATIONS APPLICATIONS P ROGRAM (EC-TAP) 12.12.6.1 Interworking Public Key Certification Infrastructure for Commerce, Administration, and Research (ICE-CAR) The ICE-CAR (Interworking Public Key Certification Infrastructure for Commerce, Administration, and Research) initiative fosters development of security technolo- gies and solutions for safeguarding E-commerce network applications and services. ICE-CAR also promotes implementation of technically compatible and interoperable Public Key Infrastructures (PKIs). ICE-CAR research builds on the work of the ICE- TEL (Internetworking Public Key Certification Infrastructure for Europe) project. The ICE-TEL initiative established a foundation for enabling secure Web transac- tions, provided a framework for implementation of a Public Key Infrastructure (PKI) in Europe, and defined approaches for enabling interconnections between national CERTs (Computer Emergency Response Teams). 12.12.7 EUROPEAN COMMISSION ADVANCED COMMUNICATIONS TECHNOLOGIES AND SERVICES (EC-ACTS) PROGRAM 12.12.7.1 Secure Electronic Marketplace for Europe The SEMPER (Secure Electronic Marketplace for Europe) initiative developed approaches for enabling secure Web E-commerce transactions and clarified com- mercial, legal, social, and technical requirements for implementing a dynamic virtual marketplace. 0889Ch12Frame Page 565 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC 12.12.7.2 TELE-SHOPPE The TELE-SHOPPE project enabled the integration of virtual reality technologies into virtual product displays to attract Web site visitors and promote the sales of virtual retail goods. 12.12.8 EUROPEAN COMMISSION INFORMATION SOCIETY TECHNOLOGIES (EC-IST) P ROGRAM 12.12.8.1 DIGISEC The DIGISEC project promotes development of a digital signature infrastructure that supports secure administrative operations and electronic commerce services. Smart cards and digital signatures for enabling E-business operations are tested with shoppers in actual business environments. 12.12.8.2 E-BROKER The E-BROKER (Electronic Broker) project enables the design and development of a secure trading infrastructure to support safe and reliable data exchange on the extent of market demand and the availability of tangible and intangible goods and services in the marketplace. 12.12.8.3 FAIRWIS The FAIRWIS project fosters design and deployment of a 3-D virtual European winery on the Web that includes a virtual exhibition of specially selected European wines. This VR prototype demonstrates the capabilities of the Web in supporting trans-European E-commerce services and virtual trade fairs for small- and medium- sized enterprises. 12.12.8.4 RESHEN The RESHEN initiative supports secure data exchange and communications between individuals and their healthcare service providers in regional healthcare network configurations. This initiative also contributes to development of a trans-European PKI (Public Key Infrastructure) and clarifies procedures for establishing regional and transborder PKI implementations. Approaches for using Transport Transfer Protocols (TTP) for enabling PKI services are investigated as well. 12.13 PRIVACY ON THE INTERNET Web sites collect information about consumers with and without their consent. In addition to gathering personal information about consumers online, electronic com- merce companies, online vendors, and Network Service Providers (NSPs) also sell this information to advertising companies and telemarketing firms. These entities subsequently create electronic records profiling consumer browsing patterns and 0889Ch12Frame Page 566 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC transaction-generated data for marketing specified products to targeted lists of online consumers. As a consequence, TRUSTe and the Better Business Bureau award online privacy seals of approval to Web sites posting privacy policies. In addition, the FTC (Federal Trade Commission) Advisory Committee on Online Access and Security (ACOAS) publishes online guidelines for safeguarding personal data collected by commercial Web sites. 12.13.1 INTERNET PRIVACY COALITION (IPC) The Internet Privacy Coalition (IPC) supports the right of individuals to communicate securely and privately on the Web without government restraints, interference, and/or restrictions. In addition, the IPC promotes the public availability of encryption tools and endorses legislative initiatives such as SAFE (Security and Freedom through Encryption) for making encryption tools available worldwide. 12.13.2 W3C PLATFORM FOR PRIVACY PREFERENCES (P3P) PROJECT Developed by the World Wide Web Consortium (W3C), P3P (Platform for Privacy Preferences) enables Web site owners to post privacy policies at their Web sites in a standardized format so that these policies can be automatically retrieved by Web browsers for examination by Web site visitors. P3P also defines a format for enabling Web browsers to provision specified data to the P3P Web site based on visitor preferences. Owners of P3P-compliant Web sites answer a standardized set of multiple-choice questions that provide an overview of the ways in which their Web sites handle personal information. P3P-compliant browsers retrieve P3P data and identify dis- crepancies between Web site visitors’ privacy preferences and Web site owners’ data collection procedures. P3P utilizes XML (Extensible Markup Language) for coding privacy policies and RDF (Resource Description Framework) for encoding metadata. P3P also uses APPEL (A P3P Preferences Exchange Language) for delineating sets of preferences in P3P policies. A Web site owner can employ a comprehensive P3P policy or multiple P3P policies that apply to various components of the Web site. The extent of Web site privacy depends on stated preferences of the Web site owner. The P3P specification is complex. Nonetheless, P3P advocates expect that P3P tools for enabling Web site visitors and owners to build their own preferences will become widely available. P3P is an international solution that addresses consumer privacy issues and enables individuals to understand privacy policies of every P3P Web site visited. The P3P specification is flexible, expandable, and works in concert with legis- lative and self-regulatory programs in the privacy domain. However, P3P does not limit the nature or volume of personal information collected. Although P3P enables consumer awareness of privacy policies, P3P does not establish minimum standards for privacy or facilitate increased privacy, nor is it equipped to determine whether Web site owners act in compliance with their own privacy policy procedures. Despite the aforementioned constraints, P3P enables the development of privacy solutions 0889Ch12Frame Page 567 Wednesday, April 17, 2002 3:08 PM © 2002 by CRC Press LLC [...]... and performance management operations 12.19.3 ACTIVE NETWORKS The increased complexity of present-day networks and the pervasiveness of security threats drive the demand for adaptive or automatic functions that are integrated into network management systems and network analysis and monitoring tools to track network operations and performance Active networks transform network packets into active elements,... http://www.rsa.com/ U.S Department of Defense Advanced Research Projects Agency (DARPA) Active Networks Vision Dr Douglas Maughan Available: http://www.darpa.mil/ito/research/anets/vision.html University of Illinois at Urbana-Champaign Department of Computer Science Seraphim: Building Dynamic Interoperable Security Architecture for Active Networks Available: http://devius.cs.uiuc.edu/Security/seraphim/ V.myths.com Truth... architecture that effectively allocates bandwidth on an as-needed basis FR networks work in conjunction with legacy, narrowband, and broadband technologies and architectures such as SNA (Systems Network Architecture), Ethernet, Fast Ethernet, Gigabit © 2002 by CRC Press LLC 0889ch05Frame Page 202 Wednesday, April 17, 2002 3:03 PM TCP/IP 10 51 24K 2C IR Internet ISP 256K IR 128 C Workstation clusters DSU/CSU... control process, reduces transmission errors, and compresses X.25 overhead FR configurations support more effective bandwidth utilization and higher reliability in networking operations than X.25 networks X.25 networks employ the Physical Layer or Layer 1, the Data-Link Layer or Layer 2, and the Network Layer or Layer 3 of the Open Systems Interconnection Reference model for processing network transactions... enables FR networks to interwork with diverse networking technologies With PVCs, the encapsulation process is established prior to information transmission With SVCs, the encapsulation process is initiated during call setup and call establishment Multiprotocol encapsulation enables FR to interoperate with diverse technologies 5.7.5 FRAME RELAY CONGESTION METHODS AND TECHNIQUES In Frame Relay networks, ... Private Networks) support transmission of private, timesensitive, and time-insensitive voice, video, and data via PVCs (Permanent Virtual Connections) and SVCs (Switched Virtual Circuits) that emulate physical connections and securely extend FR services and applications to distant users regardless of their locations 5.8.2 VPN SECURITY Inasmuch as a Frame Relay VPN installation interfaces with public networks. .. are readily accessible via an array of narrowband and broadband communications solutions, thereby eliminating the need for expensive leased line connections In addition to cost savings, FR VPNs also support straightforward network implementations and migration to new applications with fewer administrative and operational requirements than private networks A Frame Relay VPN enables transmission rates... Mbps) in the European Union VPNs are implemented via shared public networks It is important to note that private network protocols and management policies also interwork with FR VPN implementations Frame Relay VPNs extend an enterprise network to telecommuters at SOHO (Small Office/Home Office) venues by working in conjunction with residential broadband technologies such as cable modem and DSL (Digital Subscriber... together in enabling advanced network services, applications, implementations, and solutions Frame Relay-over-ATM service enables users to maintain their in-place FR networks and benefit from increased bandwidth In addition, Cisco Systems, Newbridge Networks, and Hughes Network Systems support development of interoperable ATM and FR devices for enabling ATM network stations or nodes to seamlessly communicate... Agreements (IAs) for wireline and wireless FR networks are also in development In addition, the Frame Relay Forum investigates the viability of using landline FR technology in conjunction with geosynchronous or geostationary (GEO) satellite communications links Moreover, Hughes Network Systems supports initiatives for interlinking wireline Frame Relay networks and satellite configurations employing . encryption. Typically, SSH supports remote log-ons and encrypted Web sessions. 12 .10. 3 DIGITAL SIGNATURE MARKETPLACE 12 .10. 3.1 Communication Intelligence Corporation (CIC) The Communication Intelligence. narrowband and broadband wireline and wireless technologies such as POTS (Plain Old Telephone Service), ISDN (Integrated Service Digital Network), and ATM (Asynchronous Transfer Mode), cable networks, and. configuration, fault, and performance management operations. 12.19.3 ACTIVE NETWORKS The increased complexity of present-day networks and the pervasiveness of security threats drive the demand for