UN working group seeks common ground on security

[InfoSec News <isn () C4I ORG>]

http://www.computerworld.com/cwi/story/0,1199,NAV47_STO58908,00.html

By DAN VERTON
March 23, 2001

Delegates from the 189 member countries of the United Nations will
meet next week with representatives from the U.S. technology industry
to devise new strategies for dealing with

Internet crime and global e-commerce security requirements.  However,
to ensure a coherent global strategy, world leaders must be better
educated about the need for global security standards and the threat
that cybercrime poses to the worldwide economy, said Percy Mangoaela,
the UN ambassador from Lesotho.

"We want to sensitize diplomats to the importance of the implications
of IT so that they are equipped to deal with the issues," said
Mangoaela, who is chairman of the UN Working Group on Informatics and
one of hundreds of officials scheduled to attend next Thursday's
Global InfoSec 2001 conference at UN headquarters in New York.

The one-day conference is being cosponsored by Mangoaela's working
group and AIT Global Inc., a Kings Park, N.Y.-based worldwide
association of IT professionals. However, the working group is an
advisory body and can only make recommendations to other UN
organizations on what steps to take on security matters.

One of the most pressing global issues is finding common ground on an
international legal framework for dealing with cybercrime, according
to Mangoaela. That would give authorities a common way to deal with
Internet crimes perpetrated in one country against systems in another.
"It is something that has not yet been attempted, so many people don't
feel confident in their expertise," he said. "Sooner or later, it will
have to be dealt with."

Even with enhanced cooperation, though, practical answers to
international cyberlaw enforcement may be hard to come by, said Bill
Crowell, CEO of Santa Clara, Calif.-based Cylink Corp. "This is a
'damned if you do and damned if you don't' area, since [the U.S.] will
not want to give up any sovereignty and neither will anyone else,"
said Crowell, who is also a former head of the National Security
Agency.

Delegates attending the conference also plan to discuss personal
security and privacy on the Internet. "This is an issue that is of
great concern to the human rights side of the UN," Mangoaela said.
"The developed countries are much more advanced in this area, but the
developing countries need to also recognize that this can be a problem
for the rest of the world."

Data privacy matters continue to spark heated debates in the U.S. (see
story). However, the European Union has clearly spelled out what the
challenges are when it comes to privacy, said David Lowe, head of the
secretariat for a European Parliament committee looking into the
alleged U.S.-backed global surveillance network known as Echelon.

"It seems to me to be imperative to boost the power and authority of
parliamentary oversight committees to at least the level prevailing in
the U.S. Congress," Lowe said. "In many European countries, such
things are often inadequate or nonexistent."

> From a technological standpoint, investments in public-key
infrastructures should be encouraged, said Vinton Cerf, senior vice
president for Internet architecture and technology at WorldCom Inc.
"We don't have a place where citizens can obtain . . . public-key
certificates that can be used for digital signatures and for
confidential communication," he said. "Until we have such an
infrastructure, I am doubtful that we will see widespread public use
of this technology."

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".