topic 8 section 3

• encryption
• authentication
• firewalls
• seals of assurance

transforms messages into an unreadable format until themessage is decoded.

single key (known to both the sender and the receiver of the message) ora dual key method

involves a password. sender encrypts the message using a password and then sends the message to the receiver (who needs to know password in order to get software to decode message)

doesn't require a password to be sent to the receiver of the message. instead uses two keys: public key used by the send to encrypt message and a private key used by receiver to decode the message. Public key is available for everyone to use but private kept secret

used to authenticate messages. Sender uses private key to create the digital signature, which includes an encrypted unique number called a "digest" based on the contents of the original message . Use public key to make sure it came from the send and hasn't been tampered with

• -system used to insulate an organization's intranet from the internet. used to authenticate an outside user of the network, verify his or her level of access authority and then direct the user to the program.
• -Also protect LANS from unauthorized internal acess

network file wall

application-level firewall:

provides basic screening of low security messages (email) and routes them to their destinations based on the source/destination addresses attached

provides high quality level network security. Configure to run security applications called proxies

proxies: perform sophisticated functions (i.e. authentication)

evidences that web-based business is trustworthy

• Better Business Beureau (nonprofit)
• TRUSTe
• VERI-sign INC.
• International Computer association
• WebTrust
• sysTRUST