TERENA |
GUIDE TO NETWORK RESOURCE TOOLS |
|||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||
| SECURITY AND ENCRYPTION |
| Encryption |
| Web |
|
PGP Ssh |
Reliable security is essential for the transmission of sensitive and commercial data on the Internet, whether it is between individuals, companies, employers and employees, vendors or purchasers. The use of the Internet for ele ctronic commerce, electronic publishing, distributed private databases, teleworking, collaborative working, online education, virtual meetings, and so on holds exciting promise. But most of these uses rely on the security of electronic transactions for th eir widespread viability. Security on the Internet is now a big issue and much effort is being invested in developing a security infrastructure which addresses current needs and concerns.
In exchanges of data, there are a number of basic security requirements. Special measures designed to meet these requirements need to ensure the following:
- that we can be certain of where the data originates (authentication);
- that the data has not been tampered with in transmission (data integrity);
- that the data cannot be read by any unauthorized person (privacy).
Encryption is integral to meeting these needs and forms the basis of many of the tools for security and privacy, such as PGP and Ssh. This chapter looks at some of these tools, in particular ones that relate to user requirement s, rather than those specific to the security concerns of Web site administrators or system managers. Two obvious areas of interest are ensuring the privacy of email, and maintaining the security of transactions via the WWW.
For an extensive list of security software, see
- National Institutes of Health Web site at http://www.alw.nih.gov/Security/security-prog.html.
- Federal Computer Incident Response Capability http://www.fedcirc.gov/tools.html
- CERT List of Security Tools ftp://ftp.cert.org/pub/tech_tips/security_tools
- DOE Information Security Custom Tools http://doe-is.llnl.gov/SecRes/DOECustomTools.html
- SANS Institute's "The Network Security Roadmap" http://www.sans.org/roadmap.htm
Encryption and authentication
Secure email
Security on the Web
PGP
SSH
© TERENA, Singel 466-468, NL-1017 AW Amsterdam Last modified: Monday, 24-May-1999 18:51:01 MET DST