ecurity Concepts Two types of security measures in one estimate provide protection against 80% of all attacks on business computer systems (DEBORAN and G.T. 5). A firewall is a perimeter of security between a company’s Internet server and the company’s main computer network system (DEBORAH and G.T. 258). The firewall intercepts messages across the perimeter and determines whether the message should pass through. The firewall is designed to isolate a company network as much as possible from promiscuous access via the Internet. Encryption is a method of translating a message into a code using mathematical algorithm (DEBORAH and G.T. 147). In order to read the message the code must be “unlocked” using an encryption key. The effectiveness of encryption depends to some extent on the complexity of the algorithm used to encrypt the message, and different technologies provide different levels of protection (DEBORAH and G.T. 148). One of the original encryption strategies involved distributing private keys to each individual involved in a communication network. This method, symmetric key cryptography, had the crucial disadvantage that it was logistically impossible to insure that each and every and only each and every bona fide member of the network possessed a key at all times (DEBORAH and G.T. 146). A more useful encryption strategy is asymmetric cryptography, which uses both a private and a public key. A public key is an encryption key that is generally published among network users for each user. By combining use of a public and private key, levels of security can be controlled and other security features, such as authentication and integrity may be introduced (FRATO 13). Although public/private key encryption may provide a solution to virtually any security problem, in the practice the use of encryption is limited by the fact that the computational demands of complex schemes overburden available resourc...
