Friday, June 15, 2007

Secure from Stealing Information

(For full text with comments please click on the title)

Information theft is a type of computer security risk and it’s defined as stealing an individual’s personal or confidential information. Business or home users are both at risk of information theft. If information is transmitted over a network then it has a very high chance for malicious users to intercept the information. A lot of companies try to stop information from being stolen by applying some user identification and authentication controls. These constraints are best for protecting computers along a company’s premise. Encryption refers to the process of converting data into an unreadable form. One type of encryption software is Obfuscated code which is a programming language that is extremely hard to read. Throughout the encryption process, the unencrypted data or input is known as plaintext and the encrypted data, or output is known as ciphertext.

To encrypt information, the programmer converts the plaintext into
ciphertext using some type of encryption key. An encryption key is the programmed formula that the person who receives the data uses to decrypt the ciphertext. There are a variety of encryption or algorithm methods. Some very popular email encryption software is known as Pretty Good Piracy (PGP) and Centurion Soft Secure Protection.

A digital signature is a type of encrypted code that a individual, website, or company pastes to an electronic document to make sure that the individual is who they claim to be. A digital signature can also make sure that contents of a message have not been changed. A variety of browsers also offer 128 bit encryption which has a higher level of protection because the encryption key is longer. Some important places that require extremely hire security like banks, and online retailers needs at least 128-bit encryption.

A website that successfully uses encryption methods to secure information is known as a secure site. A secure site uses digital certificate with security protocol. The two most popular security protocols are secure sockets layer, and secure HTTP. A lot of ecommerce websites will usually have digital certificates. A certificate authority (CA) is an authorized company or individual for that matter that has the ability to issue and verify digital certificates. There are several of websites that offer a digital certificate. Some popular ones are Verisign http://www.verisign.com/, Godaddy www.godaddy.com, Digicert http://www.digicert.com/, and Thawte http://www.thawte.com/.

The digital certificate will usually contain information such as the username and the serial number of the certificate. By the way, the information in the digital certificate is also encrypted. SSL also requires the client to have a digital certificate, so the web browser can communicate securely with the client. SSL is available in 40 and 128-bit encryption.

Secured HTTP (S-HTTP) allows individuals to choose encryption for data that pass through a client and a server. When using S-HTTP, the client and the server must have a digital certificate. Companies that have to use verify a client such as online banking companies use S-HTTP. Also, mobile users can also access computer networks through a virtual private network. When mobile users successfully logon to a main office using some type of standard Internet connection, a virtual private network (VPN) allows the mobile user to secure the connection.

0 comments:

 
Blogging Secret