Cyber Security and Cryptography

From Computing Concepts
Jump to: navigation, search

Cyber security is protecting devices from unauthorized access. It is an important concern for the Internet and the systems built on it. Cyber warfare and cyber crime have widespread and potentially devastating effects. The trust model of the Internet involves trade-offs. The benefits of collaboration and services can come at the risk of lost of privacy, wealth, and personal security.

One example of a cyber attack is hacks where an intruder steals valuable data such as credit card information, or intellectual property such as the design of a company's next product. Another example is a distributed denial-of-service attack (DDoS) where the attacker compromises a target by flooding it with requests from multiple systems.

A major contributor to cyber vulnerabilities is that many computer systems and software applications were not designed with enough attention to security. For instance, the Domain Name System (DNS) was not designed to be completely secure.

Implementing cyber security has software, hardware, and human components. Humans must implement policies such as using strong passwords and not divulging them, software must be kept up to date with patches that fix its vulnerabilities. Antivirus software and firewalls can help prevent unauthorized access to private data.

Cryptography is essential to many models of cyber security. Cryptography applies algorithms to shuffle the bits that represent data in such a way that only authorized users can unshuffle them to obtain the original data. Cryptographic algorithms use mathematics to achieve effective shuffling. Most common cryptographic standards are open where the algorithms are known and published, but the clever mathematics make it impractical to decode the shuffled bits. Open standards help ensure cryptography is secure. Symmetric encryption is a method of encryption involving the same key for both encryption and decryption. Public key encryption, which is not symmetric, is an encryption method that is widely used because of the enhanced security associated with its use. Certificate authorities (CAs) issue digital certificates that validate the ownership of encrypted keys used in secured communication and are based on a trust model.

References

Parts of this page are based on information from: Wikipedia: The Free Encyclopedia