The second layer of security is data security, which involves a variety of complex mechanisms. This area consists of components to guard against unauthorized access to data in storage as well as data that is transmitted over communications networks, both private and public. This layer involves components such as integrity controls, and authentication, plus additional access controls and/or encryption mechanisms.
Integrity controls are mechanisms that ensure that the data being electronically stored or transmitted is valid. One of the best open standards for implementing data security is IPSec (Internet Protocol Security). This can include additional support for message and user authentication. Message authentication is the process of ensuring that the sent message exactly matches the received message. User authentication makes sure that the sender of the message is genuinely who they are supposed to be. Businesses can also use these technologies to guarantee accountability and reliability when exchanging electronic documents, such as contracts and agreements.
System access controls involve controlling access to corporate information, system and documentation files, electronic records and assets, and even data about customers or clients. User access management prevents unauthorized access to business information systems and computers as well. These access controls can also involve monitoring and auditing. Network operating systems from a number of vendors provide secure directories and file systems with access security measures and hardening techniques -- Microsoft Windows 2003 with Active Directory is a prominent example.
Encryption is any process or technology that uses cryptography to translate plaintext into cipher text. This is used to keep someone other than the intended recipient from reading the data. Encryption is often provided by third-party components or integrated code on the actual system boards. Digital signatures, certificates, and PKI (Public Key Infrastructure) tools can be used to provide this service.
Integrity controls are mechanisms that ensure that the data being electronically stored or transmitted is valid. One of the best open standards for implementing data security is IPSec (Internet Protocol Security). This can include additional support for message and user authentication. Message authentication is the process of ensuring that the sent message exactly matches the received message. User authentication makes sure that the sender of the message is genuinely who they are supposed to be. Businesses can also use these technologies to guarantee accountability and reliability when exchanging electronic documents, such as contracts and agreements.
System access controls involve controlling access to corporate information, system and documentation files, electronic records and assets, and even data about customers or clients. User access management prevents unauthorized access to business information systems and computers as well. These access controls can also involve monitoring and auditing. Network operating systems from a number of vendors provide secure directories and file systems with access security measures and hardening techniques -- Microsoft Windows 2003 with Active Directory is a prominent example.
Encryption is any process or technology that uses cryptography to translate plaintext into cipher text. This is used to keep someone other than the intended recipient from reading the data. Encryption is often provided by third-party components or integrated code on the actual system boards. Digital signatures, certificates, and PKI (Public Key Infrastructure) tools can be used to provide this service.
No comments:
Post a Comment