On this page you will find a growing range of
white papers produced or sponsored by VeriSign.
Please feel free to download these as often as you wish.
New white papers are added on a regular basis.
VeriSign® Intelligent Infrastructure for the 21st Century
Throughout history, infrastructures for the transport of goods, services, and information
(such as the rail system, electric utilities, air travel, and telephony) have had an enormous
impact on society and the global economy. These infrastructures have helped to drive
profound growth in productivity, incomes, and standards of living by reducing the barriers
of time and distance and enabling people to interact, communicate, and conduct
commerce in ways that were previously impossible.
This paper traces the development of such transport infrastructures, as well as the overlai
intelligent infrastructures (such as the telegraph, Supervisory Control and Data Acquisition
systems, air traffic control, and telecom signaling systems) that have proven necessary for
the transport infrastructures to reach their full potential. The authors use these historical
examples to draw insights into the future development of the Internet and emerging digital
infrastructures.
The authors observe that most transport infrastructures exhibit several common
development trends. First, such infrastructures have traditionally taken about thirty years to
build out. Second, at some point, generally ten years into deployment and broad-scale
adoption, transport infrastructures reach a critical level of usage and complexity, requiring
an overlay of intelligence for significantly improved communication, coordination, and
fulfillment. The authors define the systems that provide this intelligence layer as “intelligent
infrastructures.” Third, once the intelligent infrastructure is deployed, growth in the
underlying transport infrastructure generally accelerates through an inflection point, laying
the foundation for several additional decades of growth in both the transport infrastructure
and the overall economy. These gains almost always dwarf the gains made prior to the
introduction of the intelligence layer.
The authors then argue that we are about to reach a similar inflection point in the
deployment of the emerging digital infrastructure. This is being driven both by the
burgeoning usage of the infrastructure, and the corresponding issues of complexity
associated with its broad adoption, including: a) the proliferation of applications,
devices, and protocols; b) the use of the infrastructure for increasingly critical economic
applications; c) the convergence of predecessor infrastructures; and d) a host of new
security and regulatory concerns.
The authors then posit that as a result there is
a need for significantly enhanced intelligent infrastructure and introduce six critical
characteristics that the new intelligent infrastructure must exhibit: scalability,
interoperability, adaptability, reliability, security, and visibility. The paper concludes
with illustrations of the role that Intelligent Infrastructure Services are playing -
and will continue to play - in enabling such new applications as Voice-over-IP (VoIP),
Radio Frequency Identification (RFID)-enabled supply chains, and digital content
delivery systems.
In the 21st century, online activity has increased exponentially, as organizations have
grown increasingly reliant on the Internet for collaboration and commerce, and as
people all over the world are accessing online services using a growing number of
devices including PDAs and cell phones. However, this increased usage has been
accompanied by a significant growth in the scope and complexity of network threats.
To remain protected against these emerging, multifaceted threats, organizations cannot
solely rely on individual point solutions, as ensuring their intercompatibility can be both
costly and inefficient. In addition, organizations need extensive visibility into emerging
threats, in order to prioritize remediation efforts, and they need to be able to use a wide
variety of security credentials, such as tokens, smartcards, and certificates. This paper
discusses the importance of leveraging intelligent infrastructure to provide security
services that offer vigilant intelligence monitoring, robust threat prioritization, seamless
interoperability, and the ability to immediately respond to crises 24/7.
We are living in an era defined by unprecedented access to information. People all
over the world are accessing the Internet and corporate intranets via multiple desktop
PCs, laptops, handheld computers, and cell phones. Organizations are exchanging
critical information via increasingly sophisticated collaborative systems, and consumers
are demanding immediate access to richer and richer content, including applications,
games, music, videos, and images.
To serve this growing demand, enterprises, operators, publishing companies, and other
organizations are relying on intelligent infrastructure services such as cross-platform
mobile-content delivery platforms, multiple-credential authentication solutions, and realtime
publishing tools, to mitigate the complexities of delivering digital services while
garnering the greatest possible returns. Intelligent infrastructure services can enable
important transactions, establish connections, protect data, and safely distribute critical
information across myriad protocols and devices. In large part, the world’s most critical
digital interactions rely on intelligent infrastructure services provided by VeriSign.
VeriSign operates intelligent infrastructure services that enable and protect billions of
interactions every day across the world’s voice and data networks. With a strong heritage
in operating Internet infrastructure, providing industry-proven security services, and
delivering a full spectrum of communications solutions, VeriSign operates intelligent
infrastructure services that can provide the necessary interoperability, scalability, and
security to meet today’s unprecedented demand for information. In addition, VeriSign
services are delivered by specialized teams of experts. VeriSign intelligent infrastructure
services are supported by the following core components:
Global Registries
Extensive, Reliable Networks
Continuously Operated Data Centers
In this paper, we provide an overview of our intelligent infrastructure capabilities,
describing how these components operate in tandem to support individual VeriSign
intelligent infrastructure services. Because VeriSign is a rapidly growing company
that is continuously expanding its services and infrastructure, what follows is not
a comprehensive list; for the latest information, please visit www.verisign.com or
consult a VeriSign representative directly.
In addition, VeriSign is continuously developing its services to enable new forms
of digital transactions and address a rapidly changing technological landscape.
We invite the reader to imagine new ways in which the components of our intelligent
infrastructure can be integrated, and new uses for our intelligent infrastructure services.
VeriSign® Identity Protection
Fraud Detection Service
Identity theft and fraud are growing problems for Internet businesses, affecting the cost
of doing business, heightening consumer concern, and inviting government regulation.
In a 2003 survey, the Federal Trade Commission (FTC) estimated that identity theft
and account fraud cost businesses an average of $10,200 per incident.
In 2005, the
FTC found that 55% of all fraud originated from web sites or email. A recent survey
of US households by Forrester Research showed that 36% of consumers have scaled
back their purchase of goods and services online because of security concerns.
Government regulations, such as the recent FFIEC guidance on Authentication in an
Internet Banking Environment, which is aimed at US financial services ompanies, have
put even more urgency around evaluating and adopting stronger authentication.
The best way to prevent identity theft and fraud is through a layered approach. A critical
layer in this type of approach includes fraud detection – risk-based authentication.
The Life of a Threat - Video on Cyberthreat Management
Watch the Life of a Threat Video and learn how VeriSign® Managed Security Services (MSS) brings together the people, processes, technology, and intelligence to:
Proactively manage risk
Monitor compliance
Identify and mitigate security threats - in real time
By identifying and understanding security threats, VeriSign MSS is uniquely qualified to help you protect your business.
Optimizing Enterprise Information
Security Compliance
Businesses are required to perform a number of annual audits and assessments, a number
that is increasing at a dramatic rate. The information security requirements of these
multiple audits are increasing as well, both in number and complexity. Such pressures
incur costs as well, in terms of investments in the necessary technology, processes, and
resources needed to comply with and support multiple audits. VeriSign®Global Security
Consulting helps companies streamline their compliance and auditing efforts by reducing
duplication of effort across multiple audits and by ensuring that companies properly
prepare and organize documentation for quick and efficient compliance auditing. The
consulting team leverages industry-leading experience and expertise and acts as a trusted
advisor to build programs and processes specifically geared toward facilitating compliance
with regulatory and partner requirements and to provide objective advice on security
processes and technology. Using VeriSign Global Security Consulting services to optimize
information security compliance and auditing, clients can minimize risk, focus on core
business goals, and confidently pursue new business opportunities.
In today's businesses, electronic communication is a central
part of the everyday flow of information, and privacy is a
top priority. Whether your company conducts sales over
the Internet or hosts a company-specific network, you want
to know that your communications are safe from
unauthorised interference.
For information exchange between servers and client
browsers and server-to-server, load balancing devices and
SSL accelerators, SSL Certificates from VeriSign, Inc. have
become recognised as the bottom line in security. Working
with the Secure Sockets Layer (SSL) protocol for
encryption, SSL Certificates protect businesses against site
spoofing, data corruption and repudiation of agreements.
They assure customers that it is safe to submit personal
information and provide colleagues with the trust they
need to share sensitive business information.
Open Authentication:
A Vision for Strongly Authenticating All Users, All Devices, and All Applications
Across All Networks
Although strong identity credentials are crucial to the continued growth and vitality of online business, the expense and complexity of strong authentication solutions frequently impede their adoption. To address this issue, a new vision for strong authentication has emerged. Based on the open authentication roadmap espoused by the Open Authentication (OATH) industry partnership, this vision calls for the creation of a common, open- standards-based authentication platform, where enterprises can authenticate all users, all devices and all networks, all the time. VeriSign has embraced this vision to help enterprises more freely cultivate new business opportunities, embrace advanced technologies, and move strategic processes online. Leveraging the dynamic strength of its infrastructure, technology, data and intelligence resources, VeriSign's coming generation of strong authentication services moves authentication to a “network services” architecture that promotes ubiquitous adoption of strong authentication by reducing complexity and lowering total cost of ownership.
The book is not yet published, but we've been given permission by our sponsors to make a preview available of one of the chapters. Still even unedited, we have Suheil Shahryar's chapter here for you as a special preview.
2005 saw the most computer security breaches ever, subjecting millions of online users to potential identity fraud. According to a report published by USA Today on 29 December 2005, over 130 major intrusions exposed more than 55 million Americans to the growing variety of fraud as personal data like Social Security and credit card numbers were left unprotected. The US Treasury Department said that cyber crime has now outgrown illegal drug sales in annual proceeds, netting an estimated $105 billion in 2004.
In this chapter, we take a close look at the top threats and trends of 2005 and establish a forward look at 2006, including:
How to Set Up a Secure eCommerce Site the Right Way
E-commerce has become an increasingly important and effective means to sell products
and services. While there are many resources available that discuss the customer facing
aspects of e-commerce (e.g.,Web site design, use of graphics, page layout, product
presentation, promotion, etc.), this paper focuses on the back-end, behind the scenes,
technology infrastructure-related requirements, necessary for online merchants to:
allow customers to safely and securely place orders online
ensure that merchants reliably process orders and receive payment
communicate to customers that the entire process is safe and secure
In addition, this paper will describe the services that VeriSign offers to satisfy these
requirements:
VeriSign® SSL Certificates
VeriSign® Payment Service
VeriSign® Commerce Site Services
VeriSign Secured™ Seal
To maintain topical continuity, the paper is organized to discuss a specific requirement, followed
directly by a description of VeriSign’s products and services that address that requirement.
As electronic commerce, online business-to-business operations and global
connectivity have become vital components of a successful business strategy,
enterprises have adopted security processes and practices to protect information
assets. Most companies work diligently to maintain an efficient, effective security
policy, implementing the latest products and services to prevent fraud, vandalism,
sabotage and denial-of-service (DoS) attacks. However, many enterprises overlook a
key ingredient of a successful security policy: they do not test the network and
security systems to ensure that they are working as expected.
Network-penetration testing - using tools and processes to scan the network
environment for vulnerabilities - helps refine an enterprise’s security policy, identify
vulnerabilities and ensure that the security implementation actually provides the
protection that the enterprise requires and expects. Regularly performing penetration
tests helps enterprises uncover network-security weaknesses that can lead to data or
equipment being compromised or destroyed by exploits, Trojan horses, DoS attacks
and other intrusions. (Definitions for many industry-related terms are provided in
the glossary that follows.) Testing also exposes vulnerabilities that may be introduced
by patches and updates or by misconfigurations on servers, routers and firewalls.
Businesses that can manage and process e-commerce
transactions can gain a competitive edge by reaching a
worldwide audience at very low cost. But the Web poses a
unique set of trust issues, which businesses must address at
the outset to minimise risk. Customers submit information
and purchase goods or services via the Web only when they
are confident that their personal information, such as credit
card numbers and financial data, is secure.
The solution for businesses that are serious about ecommerce
is to implement a complete e-commerce trust
infrastructure. PKI cryptography and digital signature
technology, applied via Secure Sockets Layer (SSL) digital
certificates, provide the authentication, data integrity and
privacy necessary for e-commerce. Internet payment gateway
systems provide online merchants with the ability to
efficiently and securely accept and process a variety of
online payments from customers.
Most Web and network security professionals are aware of Secured Sockets Layer (SSL)
Certificates and the critical part they play in comprehensive Web security platform. Yet, many
of these same professionals have little or incorrect understanding of an extremely important
protocol within SSL, one with the potential to radically alter the level of protection offered to
any given Web site’s visitors. That protocol is Server Gated Cryptography, or SGC. Using an
SGC-enabled SSL Certificate increases the encryption level available to many site visitors and
in fact ensures that Web site visitors will connect at 128-bit encryption, the strongest SSL
encryption you can buy.
This technical paper details the effect that SGC has on the encryption levels your site can
offer to visitors. You will learn which client systems connect at which encryption levels and
how you can offer the strongest available encryption to all the site visitors. Also, you will
learn where to obtain SGC-enabled SSL Certificates for your Web site.
Did you know that 83% of online shoppers are familiar with the VeriSign Secured™ Seal. And, among these shoppers more than 4 out of 5 says it's their preferred seal. Read what consumers have to say about the VeriSign Secured™ Seal.
" What Every E-Business Should Know about SSL Security and Consumer Trust"
VeriSign SSL Certificates protect e-commerce and other private information with 128-bit encryption, the strongest SSL protection available anywhere. Obtain your FREE guide, "What Every E-Business Should Know about SSL Security and Consumer Trust.
This comprehensive white paper provides readers with information to help guide them through the due-diligence process of evaluating in-house versus outsourcing options and how to choose the right MSSP partner.
The paper is sponsored by VeriSign and written by Michael Suby of Stratecast Partners (a division of Frost & Sullivan.)
The rise of the Internet has brought with it both
unprecedented promise and unprecedented peril. Despite substantial
investment in security products, loss from security threats and
vulnerabilities continues to climb. To fully benefit from the
promise of the Internet and other technology advancements, Enterprises
are facing a strategic dilemma in a business environment that
requires being both more open and more secure, while dealing with
increasing cost, compliance, and complexity issues. This
White Paper, from VeriSign, explains these complex issues and
what they mean for your organisation.
