Skip to main content

NEWS RELEASE

February 7, 2001

Contact: David Hart, SDSC, dhart@sdsc.edu, 858-534-8314

UCSD ENGINEERING STUDENTS' SECURE FTP PROJECT PROVES SECURE, PORTABLE, AND EASY-TO-USE

Secure FTP, created by two UCSD Jacobs School of Engineering Students as part of a class project at the San Diego Supercomputer Center (SDSC), is a frequently downloaded new file transfer client that provides users a simple way to have a secure connection while transferring files via FTP (file transfer protocol), the most widely used method of transferring large files over the Internet. Distributed as a free download, Secure FTP uniquely combines good security through strong encryption, ease-of-use, and portability to run on almost any platform supporting Java.

"We noticed there was a lack of security in basic FTP, so we decided that a more secure solution was needed," said Gary Cohen, now of computer security firm Glub Tech, who began development of Secure FTP along with Brian Knight as a UCSD computer science class project supervised by Sid Karin, director of SDSC and UCSD professor of Computer Science and Engineering, and Tom Perrine, SDSC manager of  security technologies.

Although often associated with supercomputing hardware, SDSC also plays an important role in fostering useful software as a core part of building tomorrow's computational infrastructure. "As high-performance academic computing becomes more integrated in grid computing, the role of software infrastructure is vital, and that includes security software such as Secure FTP," Karin said. "The development of Secure FTP is a nice example of how innovative software can be nurtured in SDSC's educational environment, and then mature into commercially supported software."

Perrine added that "we'll be recommending Secure FTP as a new service to all our researchers and partners. We've been trying for years to eliminate plain text passwords from our networks, and an especially useful feature of Secure FTP is that it doesn't force bulk data encryption, which can greatly slow things down and isn't important to most of our scientific users. Secure FTP gives you the option to encrypt just the username and password." The current version of Secure FTP encrypts the command channel, which contains the username and password, and version 2 will add an option to allow the data channel to be encrypted as well.

"In just a few months this software has become very popular, and has been rated in the Top 5% [of submissions] by Java review service JARS.com," said. Version 1.0 was released in September 2000, and there have already been more than 8,500 downloads. In addition to offering security, users comment that the professional and customizable interface makes this program stand out. The Options menu lets users select among different themes, with five fruity themes like Blueberry, or create their own.

The current version of Secure FTP is supported on Windows and any UNIX platform where a Java 2 (or Swing) runtime environment is present. Secure FTP is available in English, Japanese, and Italian, with French and German translations planned in the near future. Since this software includes encryption technology, U.S. export restrictions apply.

The security mechanism used in Secure FTP is SSL (Secure Sockets Layer), now known as TLS (Transport Layer Security). This is the same mechanism used on secure web servers. Future releases may support other authentication mechanisms such as Kerberos or one-time-passwords.

Print News Release  Email News Release

Search News

 


Subscribe to our Newsletter

RSS Feeds