Security via Technology, Public-Key Cryptography - Research Paper Example

Topic: Security via technology Public-key cryptography Cryptographic systems, which utilize two keys; a private keys that are known by receiving entity alone and public keys, which are known by all the entities (Lehtinen & Sr, 2011). For instance, when user A wishes to send a private message to user B, user A will use the User B’s public key when encrypting the message and user B will use his private key when decrypting the message. Therefore, public key cryptography as well as associated standards and procedures are basics of the security features of numerous products including encrypted and signed emails, SSL communications as well as single sign-on among others. Public key cryptography is a combination of elaborately created procedures and standards that are meant to protect communications from being listened to or tampered with or being affected by impersonation attacks. Public key encryption enables the free distribution of public keys and only the people who have been permitted are allowed to read the data that has been subjected to encryption through this key (Oppliger, 2011). Generally sending encrypted data entails encrypting the data to be sent with the encryption key that belongs to the receiver, and upon receiving the message, the receiver will decrypt the message using his or her own private key. In comparison to the symmetric-key encryption, the public –key encryption needs a lot more processing and may not be a practical option for the encryption and decryption of large amounts of information. Nonetheless, a public key can be used to send a symmetric key that can ultimately be used in the decryption of more data, which is the method that is employed by SSL/TLS protocol. Additionally, the decryption of data that has been encrypted using a private key can be decrypted using a public key that corresponds to it although this approach is not recommended when that data to be encrypted is sensitive (Vaudenay, 2005). Nevertheless, since it implies that any person who holds the public key, which is usually made available to everyone, has the capacity to decrypt the data. However, private key encryption is still useful as it means that the private key can be employed in signing data with digital signatures, which are critical requirements in electronic commerce as well as other cryptographic applications of a commercial nature. Mozilla Firefox, as well as other client software, can employ public keys wen confirming that a message has been signed with the proper private key and that it has not be interfered with after being signed. Pros and cons of solving security issues via technology Even though the worldwide community has achieved numerous benefits from utilization of computing technologies, the same technologies have also resulted in the wired community becoming more susceptible to breaches as far as the transfer of electronic information is concerned. Biometrics have been adopted for a long time in military installations as well as secure government areas, and the technology is becoming more affordable to be used as a network authentication approach as well as a general feature for security. Biometrics has been thought of as sci-fi futuristic technology that can be used in the near future along with other emerging technologies such as food pills and solar powered cars among others. However, they have been cases where the biometrics have not been able to provide enough security as people have come up with ways of breaching them including cutting fingers off to access finger prints (Kanade, Petrovska-Delacrétaz & Dorizzi, 2012). Automated biometrics have existed for more than three decades so far, and comparing fingerprints to the existing criminal records is critical for law enforcement agencies to identify and arrest criminals since matching records manually is a tiresome and long process. Some of these finger print systems work through measuring the shapes of the hand and consider specifically the lengths of the fingers, and the use of these systems have led to the application of hand geometry while at the same time setting a path for biometric systems in general. The encryption of data can be used between corporate servers and vendors or suppliers through extranets, and if the security of data is authoritative on an extranet, then both parties are able to use encryption to make sure that the data remains private and protected. Through the incorporation of virtual private networks on extranets, companies and their suppliers can make sure that their absolute data protection as far as the internet is concerned. Undeniably, the traditional security measures like identification cards and passwords are not able to satisfy all the requirements of security, and several physiological and behavioral biometrics that are used to authenticate people have wider applications like controlling access to personal computers, information repositories, private files and numerous others. even though the use of biometrics is still expensive and developing, the integration of multiple biometric features like palm prints, finger prints and facial recognition in the authentication of identities and verification for access are still under development. These biometric devices are continually being enhanced to become more accurate and dependable as the internet progressively evolves (Joshi, 2008). Trends in information security technology and the impact they may have on the society The internet is a progressively attractive hunting areas for terrorists, activists as well as criminals who seek to get the attention of people, steal money or cause disruption of various degrees including bringing down companies and government administrations through attacking them online. The cybercriminals of the present time mainly operate from the states that formed the former USSR, have high levels of skill, and have access to modern and innovative instruments that they use to attack vulnerable systems that are yet to have strong security. In the days to come, companies must be ready for any unplanned events and occurrences so that they can be able to survive any unforeseen events that may affect their operations. Cybercrime and a rise in online causes, escalation in the cost associated with complying to address uptick in governing requirements and persistent advancements in technology while security departments remain under invested can all blend to create threats for the information security of a company. Majority of the governments have already established or are in the process of establishing regulations, which will enforce conditions on the protection and utilization of Personally Identifiable Information, with implications for the organizations that will not be able to properly safeguard it. Therefore, organizations should consider privacy as a business risks as well as compliance, reduce sanctions from these regulations as well as the costs to the business such as loss of customers, and damage to reputation. Supply chains are important aspects of all the global operations of organizations and are integral to the current economy. Nonetheless, security chiefs all over the world are increasingly getting more concerned about their vulnerability to many risk factors. A variety of valued and sensitive data is in most cases shared with the suppliers and during the sharing of this data, the company is no longer able to directly control the information. This has resulted to an escalated risks in confidentially in the current business environment which compromises integrity and access. References Joshi, J. (2008). Network security. Amsterdam: Morgan Kaufmann/Elsevier. Kanade, S., Petrovska-Delacrétaz, D., & Dorizzi, B. (2012). Enhancing information security and privacy by combining biometrics with cryptography. San Rafael, Calif. (1537 Fourth Street, San Rafael, CA 94901 USA): Morgan & Claypool. Lehtinen, R., & Sr, G. (2011). Computer Security Basics. Sebastopol: OReilly Media. Oppliger, R. (2011). Contemporary cryptography. Boston: Artech House. Vaudenay, S. (2005). Public key cryptography. Berlin: Springer. Read More