Saturday, November 1, 2008

Network and Internet Security

Firewall, Digital Signatures, passwords, antivirus software and digital certificates are some of the network and internet security measures that we use to keep our network and computers safe from different types of viruses, Trojan horse, hackers, password thefts and similar type of security threats.

All such measures can be broadly grouped into following types:
  1. Authentication
  2. Authorization
  3. Confidentiality
Authentication is the method of confirming that the name and the password or the identity of the person trying to access the information is valid. By authorization the computer determines whether the person seeking information should be given privilege to access it. Digital signatures and biometric devices are the authentication forms used by the computer network.

Digital signatures are the signatures that ensure the identity of the sender and also that the original content of the data received is unchanged. These signatures cannot be copied by other person and ensures that the data sent is unaltered. Thus the signature besides being transportable is ensures the validity of the information and thus forms an authentication method. Digital certificates on the other hand are e-credit cards issued by the certification authority. These are used when performing the business transactions online. The digital certificate contains digital signature, name of the sender, a serial number assigned to the sender, the expiry date and the copy of the public key of the sender.

The digital signature and the certificate work on the concept of encryption and decryption and the use of public and private keys. In this the text is converted into the ciphertext, which can only be decoded by the use of the key. The public key is known to all the individuals while the private key is known to the sender of the message.

Other type of security measure most commonly used is firewall. A firewall acts like a wall and prevents the malicious information from entering the network. It is software or a hardware which thus acts as a filter preventing the network from virus threats. It works by either packet filtering or proxy service or by inspection. By proxy service the firewall first retrieves the information send by the system and then passes it to the network or internet. By inspection it identifies certain parts of the packet called as the key parts and compares these key parts with the authentic information or data. By packet filtering it examines each packet of information against set filters thus providing only authentic data to be exchanged between the system and the network.

Thus where firewall and password provide access control, the digital signatures provide for authentication and encryption for the confidentiality and make the network more secure to work on.

No comments: