The translation of data into a secret code. Encryption is the most effective way to achieve data security.
To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.
Unencrypted data is called plain text; encrypted data is referred to as cipher text.
There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.
A combination of hardware and software that secures access to and from the LAN.
A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall.
An organization will typically install a firewall to give users access to the internet while protecting their internal information.
Sample usage of Firewall Public/External Internet Users Intranet Clients Servers ERP Legacy systems E-mail servers Web servers Databases Firewalls
Virtually Private Network (VPN)
VPN is a secure network on the Internet using
the tunneling schemes
“ tunnels ” are secure data flows w/ cryptography and authorization algorithms
The major objective of a VPN is to use the Internet as an inexpensive WAN backbone
When two sites are connected across a VPN, each must have a VPN-capable router, firewall, or VPN access device installed
When VPN is used to link mobile clients with Internet dial-up connections, the laptops must be equipped with VPN client software equipped with the addresses and associated encryption keys for corporate host sites
Usage of the VPNs Tunneling Internet Extranet Intranet Firewall Intranet Firewall Suppliers VPN Distributors VPN Customers VPN
Determines a user's identity, as well as determining what a user is authorized to access.
The most common form of authentication is user name and password, although this also provides the lowest level of security.
VPNs use digital certificates and digital signatures to more accurately identify the user.
Electronic counterparts to driver licenses, passports.
Certificates are the framework for identification information, and bind identities with public keys.
They provide a foundation for
Enable individuals and organizations to secure business and personal transactions across communication networks .
Trusted organization that issues certificates and maintains status information about certificates.
Certification Practice Statement
How Digital Certificates work?
Generate Public and Private Keys.
Get Certificate from the CA
Sign the document/page using the private key.
Send signed document over open networks along with the CA’s certificate.
Recipient verifies using the signing CA’s public key
Trust Chain and Fingerprints
Types of Certificates
Root or Authority certificates
These are self signed by the CA that created them
Institutional authority certificates
Also called as “campus certificates”
These are also known as end-entity
certificates, identity certificates,or personal
Web server certificates
used for secure communications to and from
An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document.
It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged.
Internet Virus Issue
A virus is a type of program that can replicate itself by making (possibly modified) copies of itself.
A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable disk
Internet Virus Issue (cont)
Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates.
computer worms are malicious programs that copy themselves from system to system, rather than sensitive legal files.
Trojans, another form of malware, are generally agreed upon as doing something other than the user expected, with that “something” defined as malicious.
Internet Virus Issue (cont)
In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus , wasn't merely a virus.
Taken as a group, these many types of software are called "malicious software", because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity.
"Spamming [the sending of unsolicited email] is the scourge of electronic-mail and newsgroups on the Internet.