Security Web Digest: Quantum Crypto Products ... and More

Sony to release proprietary copy-protected CDs in Germany Trend Micro and Netscreen to release security appliances Gartner advocated proprietary web services security solutions


A quantum-key distribution and encryption system developed by Magiq Technologies Inc. promises unbreakable encryption over existing fiber-optic lines. The Navajo Security Gateway system will initially be available only to U.S. companies and agencies, the company said. In quantum-key distribution, an "uncrackably" secure key is transmitted, after which a normal encryption/decryption technique is used over standard fiber-optic lines. The key is chosen by a random quantum process rather than picked by a random number generator, thus avoiding the usual computational difficulty of cracking a typical encryption algorithm.

Intellectual Property

Sony Music on Monday said it plans to introduce new CD technology in Germany that prevents users from copying songs to file-sharing sites, but allows them to make copies for their personal use. The new CDs contain a compressed digital copy of the music that can be quickly copied onto any computer. There are several limitations on portable listening. The digital files will only play on Sony-licensed digital music players.


Trend Micro Inc. and Netscreen Technologies will produce two remote security appliances. The GateLock 3000 and GateLock 5000 remote appliances will combine Trend Micros antivirus and spam-filtering technology with NetScreens hardware appliance and firewall and VPN technologies. The products will be available first through Trend Micros Premium channel partners, but Trend Micro expects to sign on with a major distributor.

Companies should take the proprietary route to provide security for web services-based transactions over the next three years, according to analyst firm Gartner Inc. In a research paper "Security Pattern Standards Face a Long Road to Maturity," Gartner advises firms to rely on vendor-provided technology to provide security for web services-based transactions until 2006, even though it may not comply with standards. The report argues that web services security is immature and that complex, multi-party web services will require newer, more versatile security patterns for electronic transactions.