Network security is more than encryption
Your information can be designed and handled to ensure an appropriate level of security for your application. Review these encryption types. Using authentication in conjunction with encryption can provide a high level of security against attacks. Stay one or two steps ahead of the attackers!
Daryl Miller -- Control Engineering, 8/1/2007
Much data transmitted over networks is sent in clear text, making it easy for unwanted persons to capture and read sensitive information. Encryption plays a vital role in securing these data by translating them into a secret code. It protects data from intruders and ensures that only the intended recipient can decode and read the information by accessing a secret key or password that enables decryption. Larger keys (more bits) create more potential combinations, making it harder to break the code and unscramble the contents in the file.
Even so, networks are no longer isolated from outside intrusion and threats. Encryption protects data in storage and in transit, but it cannot validate and separate authorized users from potentially malicious ones. Authentication verifies a user’s identity and is often the first line of defense against an attack.
SSL (Secure Socket Layer) and SSH (Secure Shell) are two protocols for secure Internet communications and authentication. They have become highly important to overall network security by maintaining strict authentication for protection against intruders, as well as symmetric encryption to protect the transmission of data. SSL provides encryption services between a web server and a browser using public-key cryptography. SSL’s ease of use and implementation make it popular among designers.
In contrast, SSH is a program that provides strong authentication and secure communications over unsecured channels. SSH can accomplish much more than SSL, essentially providing a secure tunnel between users. It is a replacement for Telnet, rlogin, rsh and rcp (all tools used to log into another computer over a network) to execute commands in a remote machine and to move files from one machine to another. SSH also supports the Advanced Encryption Standard (AES). Once a session key is established, SSH uses AES to protect data in transit.
Using authentication with encryption can provide a high level of security against low-level attacks. As networking technologies advance, so do the attacks. Encryption algorithms, authentication, SSL and SSH can protect data and bolster security. Most importantly, a design philosophy with security as a primary element will enable systems to be more robust, ensure greater reliability and provide new design opportunities.
| Author Information |
| Daryl Miller is Lantronix senior director of engineering, www.lantronix.com. |
|
View All Blogs
Now Playing:
