Saturday, January 16, 2010

DATA ENCRYPTION

Data Encryption is a process in which plaintext data is converted into ciphertext so that it cannot be read. More generally known as “encryption,” this process can be accomplished in a wide variety of ways, and with varying degrees of success. Some of the best data encryption can last for centuries, while other types of decryption can be broken in minutes or even seconds by people who are skilled at such tasks. In the digital age, people rely heavily on data encryption on a daily basis. Chances are high that you have received or sent encrypted data at some point today, even if you did not directly perform the encryption or decryption of the data.

n this process, a perfectly ordinary piece of plaintext which can be read by anyone is converted so that it can only be read by someone with a key. One of the simplest forms of data encryption is a simple alphabetic substitution, in which the letters of the alphabet are scrambled to create a key. One could decide, for example, to shift the letters of the alphabet by five places so that “E” stands for “A,” “F” for “B” and so forth for a simple key, or the letters could be assigned at random to make a piece of text more difficult to decipher without the key.

An alphabetic substitution is usually fairly easy to break; in fact, many major newspapers have a simple substitution on their puzzles page for people to solve. More complex methods of data encryption can be used to make a code more challenging to break. With complex codes, people can try to use brute force to crack the encryption, and they may eventually succeed, but it will take a long time. Many methods of encryption focus on keeping the key secure, and allowing the encrypted data to be freely seen, under the argument that once encrypted, the data is harmless, as long as people cannot obtain the key.

There are a number of reasons to need to encrypt data, most of which rely on shielding data from the eyes of other people. Banks, for example, send encrypted data about their clients back and forth, while governments rely on encryption to get secure messages to overseas embassies. Most email programs offer data encryption while sending and receiving so that emails cannot be read by third parties, as do sites which handle personal information like addresses and credit card numbers.

Some encryption protocols are standardized so that people can easily communicate with each other, while in other cases, a key may be developed specifically for use by particular people, and the key is not standardized to make it harder to crack. Personalized keys were once the only way to encrypt data, until shared key encryption allowed people to exchange information about a key across an open network without disclosing the contents of the key itself.


http://www.filibeto.org/sun/lib/nonsun/oracle/10.2.0.1.0/B19306_01/network.102/b14268/images/transdata.gif

Benefits of Data Encryption

For large commercial organizations, data security is not only a corporation option, it's the law. Losing sensitive data by way of natural disasters or physical theft can have severe consequences on a company, possibly crippling the entire organization. While there are many different security mechanisms, data encryption is perhaps the most effective in regard to protecting confidential information.

Virtual attack - This could be an industry rival that learns to bypass security and gains access to competitive data. It could also be a malicious attack that purposely corrupts data.

Physical attack - Perhaps a disgruntled employee is seeking ways to damage the company by stealing files or purposely destroying data.

Most corporations implement multiple forms of security by using hardware solutions such as routers and firewalls. These devices protect essential data by keeping external threats out of the network. Unfortunately, intruders will employ numerous attacks, specifically targeted at your information. When attackers find a way to penetrate your first line of defense, data encryption steps up and helps to ensure that your secrets can't be viewed.

Encryption has changed drastically over the years, going from a military solution to widespread public use. Whether it's hardware or software-based, this method is fast, easy to use and most important, secure. Here some of the key benefits this solution offers:

Power: The best in data encryption is based on global standards, able to mitigate potential corruption without flaw. Many solutions are large enough to ensure that an entire organization is in full compliance with security policies. Data encryption allows a corporation to achieve military-level security with easy and affordable solutions.

Flexibility: Data encryption can protect your sensitive information whether it's stored on a desktop or laptop computer, a PDA, removable storage media, an email server or even the corporate network. This allows you to securely access important data from the office, on the road or at home. If the device is lost or stolen, the information will be protected by the data encryption mechanism.

Transparency: It wouldn't be a good idea to employ any security measure that negatively impacts your business. An efficient data encryption solution enables your business to flow at a normal pace, silently securing crucial data in the background. Some of the best options are those running effectively without the user even being aware.

There are many benefits of data encryption as this solution provides solid protection in the event of a security breach. Not only does it offer peace of mind, it also frees up resources normally used by your perimeter defenses. Every security measure you set in place is important yet inefficient if confidential data itself is not protected.

Data Security:An Overview

What is Data Security?

In simple terms, data security is the practice of keeping data protected from corruption and unauthorized access. The focus behind data security is to ensure privacy while protecting personal or corporate data.

Hardware based Mechanisms for Protecting Data

Software based security solutions encrypt the data to prevent data from being stolen. However, a malicious program or a hacker may corrupt the data in order to make it unrecoverable or unusable. Similarly, encrypted operating systems can be corrupted by a malicious program or a hacker, making the system unusable. Hardware-based security solutions can prevent read and write access to data and hence offers very strong protection against tampering and unauthorized access.

Hardware based or assisted computer security offers an alternative to software-only computer security. Security tokens such as those using PKCS#11 may be more secure due to the physical access required in order to be compromised. Access is enabled only when the token is connected and correct PIN is entered. However, dongles can be used by anyone who can gain physical access to it. Newer technologies in hardware based security solves this problem offering fool proof security for data.

Working of Hardware based security: A hardware device allows a user to login, logout and to set different privilege levels by doing manual actions. The device uses biometric technology to prevent malicious users from logging in, logging out, and changing privilege levels. The current state of a user of the device is read by controllers in peripheral devices such as harddisks. Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by harddisk and DVD controllers making illegal access to data impossible. Hardware based access control is more secure than protection provided by the operating systems as operating systems are vulnerable to malicious attacks by viruses and hackers. The data on harddisks can be corrupted after a malicious access is obtained. With hardware based protection, software cannot manipulate the user privilege levels, it is impossible for a hacker or a malicious program to gain access to secure data protected by hardware or perform unauthorized privileged operations. The hardware protects the operating system image and file system privileges from being tampered. Therefore, a completely secure system can be created using a combination of hardware based security and secure system administration policies

http://bbcomputersinc.com/Lan_diagramta.jpg

Encryption

Encryption has become a critical security feature for thriving networks and active home users alike. This security mechanism uses mathematical schemes and algorithms to scramble data into unreadable text. It can only by decoded or decrypted by the party that possesses the associated key.

(FDE) Full-disk encryption offers some of the best protection available. This technology enables you to encrypt every piece of data on a disk or hard disk drive. Full disk encryption is even more powerful when hardware solutions are used in conjunction with software components. This combination is often referred to as end-based or end-point full disk encryption.

Strong User Authentication

Authentication is another part of data security that we encounter with everyday computer usage. Just think about when you log into your email or blog account. That single sign-on process is a form authentication that allows you to log into applications, files, folders and even an entire computer system. Once logged in, you have various given privileges until logging out. Some systems will cancel a session if your machine has been idle for a certain amount of time, requiring that you prove authentication once again to re-enter.

The single sign-on scheme is also implemented into strong user authentication systems. However, it requires individuals to login using multiple factors of authentication. This may include a password, a one-time password, a smart card or even a fingerprint.

Backup Solutions

Data security wouldn't be complete without a solution to backup your critical information. Though it may appear secure while confined away in a machine, there is always a chance that your data can be compromised. You could suddenly be hit with a malware infection where a virus destroys all of your files. Someone could enter your computer and thieve data by sliding through a security hole in the operating system. Perhaps it was an inside job that caused your business to lose those sensitive reports. If all else fails, a reliable backup solution will allow you to restore your data instead of starting completely from scratch.