StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Uses of Basic Cryptography in My Organization - Essay Example

Cite this document
Summary
The author of "The Uses of Basic Cryptography in My Organization" paper tries to find out such things as whether he/she uses checksums, disk encryption, VPNs (virtual private networks), link encryption, and SSL for your Web site. The author also finds out who’s responsible for these tools. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97.8% of users find it useful
The Uses of Basic Cryptography in My Organization
Read Text Preview

Extract of sample "The Uses of Basic Cryptography in My Organization"

summarize the uses of basic cryptography in your organization. You will want to find out such things as whether you use checksums, disk encryption, VPNs (virtual private networks), link encryption and SSL for your Web site. Find out who's responsible for these tools Information and Computer Technology has facilitated countless aspects of the business process and has automated numerous work tasks. Its adoption by organisations and its subsequent integration into the business process have proven invaluable. At the same time, however, it has led to countless security issues and, as a rule of thumb, has imposed the imperatives of adopting cryptographic techniques and technologies by organisations who engage in any form of online commerce or which have an online presence. My organisation is not an exception to this rule and conversations with the IT department head affirmed the use of cryptographic technologies, even as it established that they were hardly a foolproof defence against unauthorised access. Cryptography is used for the protection of all data stored on the organisation's networks and servers. As explained by Juels (2003) cryptography involves the encryption of data or their rendition into secret, indecipherable code, for the explicit prevention of their interpretation and use if they are accessed without the proper authorization. Not only is it integral for the protection of company-related data but, within the context of e-business and e-commerce, imperative for the concealment of information relating to customer payment transactions and credit card details. The purpose of encryption, as defined in the preceding paragraph, is the protection of data as it is transmitted across networks. As Oliva et al. (2004) explain, when data is being transmitted across networks, it runs the risk of being intercepted or captured by a third party. If it is encrypted, however, not only is the risk of interception substantially reduced but, more importantly, if intercepted, the deciphering of the data in question is extremely difficult. In other words, if data transmitted over networks is intercepted, the fact that it is encrypted protects it both against tampering and modification, and its subsequent exploitation by the interceptor. Accordingly, and as Matsuura (2006) confirms, the imperatives of exploiting data encryption techniques are inarguable and that any organisation which fails to do so is, to all intents and purposes, acting both irresponsibly and carelessly. The IT department director confirmed the use of data encryption technologies. As he noted, whether as regards data stored on the organisation's networks or those transmitted across networks, all are encrypted. The decryption of data was initially enabled through passwords but, a number of incidents proved this an unreliable decryption method. As the IT director noted, while many security systems are designed in such a way that the entire security of the website depends upon secret passwords, the fact is that the password system is riddled with shortcomings. The first deficiency the password system has is that it requires precise recollection of secret information. If the user makes the smallest of errors when entering that secret information, authentication fails. Unfortunately, however, precise recall is not a strong human characteristic and this fact immediately conflicts with the requirements of password-secured systems. As a means of bypassing this limitation, people tend to pick and use very simple passwords which can easily be broken by password cracker programmes. Even when people bear in mind the dangers that such programs pose to the security of their passwords, they make the popular mistake of writing their passwords down and hiding them in an easily locatable place by their computer. Those sites which force users to periodically change their passwords for added security have not succeeded in resolving these problems but, rather, increased the need of people to write down their passwords. Additionally, as the number of password protected sites expands, a single user may be a member of several sites that require username and password authentication. As a means of coping with the requirement to memorize even more passwords and usernames, a user may devise similar, or identical usernames and passwords for all those sites, comprising the security of several at the same time. Yet another shortcoming of passwords is that users do sometimes voluntarily share their passwords with others, or innocently give them out to an unauthorized person, thus compromising the security upon which the system depends. Passwords may also be compromised by the fact that some companies can be derelict in cancelling those assigned to former employees. Upon its confrontation with precisely such an incident, the IT director informed me that the company cancelled the password system and installed thumbprint systems instead. This was facilitated by the fact that only four top-level company executives had access to the password/system in question. In direct relation to the encryption systems used for online payments via the company's e-business website, the IT director informed me that the company had earlier used the SET method but had now abandoned it entirely in favour of the SSL system. As Keenan (2000) explains, Secure Socket Layer (SSL) is a protocol that Netscape created. In brief, it enables the establishment of a secure connection between web servers and web clients. Generally speaking, SSL employs the public key cryptology system as a means of ensuring data security during a transmission process. In addition, within the context of the SSL session, both client and server create a unique session key which will be used for the encryption of sensitive data during SSL data exchange process. In comparison, Secure Electronic Transaction (SET) refers to a credit card payment system developed by Visa and MasterCard as a means of ensuring security of data during online payment/financial transactions. Similar to SSL, it is primarily dependant on cryptology technique with the primary difference here being the use of the e-wallet in which are stored credit card numbers and digital certificate. Considering Keenan's (2000) defence of both as secure systems, I did not understand why the company abandoned the one in favour of the other and, indeed, the IT director did not seem to have an answer. According to the IT director, apart from standard message origin authentication systems, provided by the company's email system manager and provider, this was the extent of the encryption techniques employed by the company. When asked if he believed them sufficient, the IT director said that they were not but that more advanced and thorough encryption methods were currently being reviewed for possible implementation. References Kienan, B. (2000) Small Business Solutions for E-Commerce. Nevada: Microsoft Publishing. Matsuura, J.H. (2006) Security, Rights and Liabilities in E-Commerce. New York: Artech House. Olvia, L. (2004) E-Commerce Solutions: Advice from the Experts. New York: Cybertech Publishing. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Cryptography Essay Example | Topics and Well Written Essays - 1000 words”, n.d.)
Cryptography Essay Example | Topics and Well Written Essays - 1000 words. Retrieved from https://studentshare.org/miscellaneous/1528548-cryptography
(Cryptography Essay Example | Topics and Well Written Essays - 1000 Words)
Cryptography Essay Example | Topics and Well Written Essays - 1000 Words. https://studentshare.org/miscellaneous/1528548-cryptography.
“Cryptography Essay Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/miscellaneous/1528548-cryptography.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Uses of Basic Cryptography in My Organization

Cryptography & Coding

cryptography Author Author Affiliation Date Table of Contents Abstract As the technology advances the need for effective tools and applications also grows.... One fundamental way for safe communications is cryptography.... cryptography is presently the main information and data security technology.... However it is significant to note that as cryptography is essential for safe communications, it is not by itself sufficient.... This research presents a detailed analysis of the cryptography technology in terms of information and data safety....
14 Pages (3500 words) Essay

Cryptography Secure Socket Layer

From the paper "cryptography Secure Socket Layer " it is clear that for attacking a secure system or workstation that is maintaining encrypted passwords via an open-source tool, hackers can deploy and execute various attack methods as discussed in the body of the paper.... Similarly, cryptography also goes with the same approach of upgrading the new state-of-the-art encryption algorithms one after another and from safe to the safest, so that it cannot be cracked....
4 Pages (1000 words) Research Paper

What Is Electronic Authentication

The author of the paper "What Is Electronic Authentication?... will begin with the statement that authentication has become an integral part of our lives.... Our existence in society has become dependent on proving our credentials, our identity, and our right to access a certain set of resources....
12 Pages (3000 words) Essay

Encryption of Data at Rest and in Transit - OpenSSL and Disk Utility

Private keys are usually made use of to encrypt the main data that is important to a particular organization or to a particular user.... Encryption is usually made use of for two basic data types, data in transit and data at rest.... hen it comes to securing data at rest, there are two basic processes that can be used, encryption and authentication....
9 Pages (2250 words) Essay

Understanding Cryptography

From the paper "Understanding cryptography" it is clear that the code provides a cryptographic checksum that is computed by the sender and appended to the message to be sent.... cryptography is now used in web browsers, cell phones, e-mail programs, embedded software, manufacturing systems, cars, medical plants, and smart buildings among others (Christoff, 2009).... Therefore, designers and system users need to understand comprehensively the concept of cryptography and how it is applied to appreciate its effectiveness in securing wireless networks and communication....
8 Pages (2000 words) Essay

Security via Technology, Public-Key Cryptography

The paper "Security via Technology, Public-Key cryptography" highlights that organizations should consider privacy as a business risk as well as compliance, reduce sanctions from these regulations as well as the costs to the business such as loss of customers, and damage to reputation.... Public key cryptography as well as associated standards and procedures are basics of the security features of numerous products including encrypted and signed emails, SSL communications as well as single sign-on among others....
4 Pages (1000 words) Research Paper

Cryptography as One Fundamental Way of Saving Communications: Information and Data Security Technology

The paper describes the detailed analysis of the cryptography technology regarding information and data safety.... The technology of cryptography is very old but its utilization in the information technology sector was stated after the emergence of web-based crimes.... The research will spotlight on the main cryptography technology, types, algorithms, application areas, main advantages, and some of the main technological scenarios.... cryptography comprises two major methods or structures of decoding or encrypting data; asymmetrical and symmetrical....
18 Pages (4500 words) Research Paper

Security Foundation

This paper ''Security Foundation '' tells that Information is important in every organization.... If the information in an organization has been compromised, there can be a wide range of consequences that range from damage to an organization's reputation through financial penalties such as regulatory costs and fines of remediation.... This report will conduct a critical analysis of cryptography and Application and Systems Development Security to conduct related job titles (Edward, 2005)....
8 Pages (2000 words) Report
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us