Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Institute of Research: Different Types of Encryption
Keeping data secure is of particular concern for healthcare organizations committed to patient research. Patients are often concerned about being forthcoming about their information because they fear it may be used against them when making occupationally-related decisions or setting health insurance premiums. Organizations must not simply be vigilant in ensuring that such information is protected; they must avoid the appearance of being careless. The creators of the ABC security system must be diligent in ensuring that there are a series of impenetrable controls to ensure that only authorized personnel have access to sensitive information. The most commonly-used method to protect electronic data is that of encryption. "Encryption uses mathematical formulas to scramble data, converting sensitive details coveted by intruders into gibberish" (Behrens 2015). Two techniques are available to protect data for the ABC Institute and its collaborator XYZ, that of "symmetric encryption (also called secret key encryption) and asymmetric encryption (also called public key encryption)" (Czagan 2013). This paper will provide a review of the strengths and weaknesses of both methods and suggest that while both have their issues, using a two-step process of symmetric and asymmetric encryption is likely to be preferable in this particular situation.
Symmetric encryption uses a "secret key, which can be a number, a word, or just a string...
This might be as simple as shifting each letter by a number of places in the alphabet. As long as both sender and recipient know the secret key, they can encrypt and decrypt all messages that use this key" ("Description," 2015). Symmetric encryption is the oldest form of the technique and has the advantage of being relatively fast and simple. The obvious advantage for ABC is that when dealing with large amounts of information, this method would be preferred in the interest of expediency. Changing the key is often used on a session-by-session basis to ensure that a hacker cannot figure out the code (Czagan 2013).
However, the disadvantage of symmetric encryption is that it is not always secure. "Anyone who knows the secret key can decrypt the message" ("Description," 2015). Storage is critical: those that need the information must have access to the key but the key must be protected from those that do not require it. "If you have to store the key on a disk or a device (e.g. In an app), or if you transmit it unprotected over a network, then once an attacker gains access to that key, your encryption is useless" (Behrens 2015). Since symmetric encryption is a one-step process, if the first and only layer of security is penetrated, information can be easily accessible to a hacker. Symmetric encryption is only really safe if there is a foolproof method to exchange…
References
Alonso-Zaldivar, R. (2015). Lack of encryption standards raises health data privacy questions.
PBS. Retrieved from: http://www.pbs.org/newshour/rundown/lack-health-care-cyber-security-standards-raises-questions/
Behrens, M. (2014). Understanding the 3 main types of encryption. Atomic Object.
Retrieved from:
http://spin.atomicobject.com/2014/11/20/encryption-symmetric-asymmetric-hashing/
http://resources.infosecinstitute.com/symmetric-asymmetric-encryption/
https://support.microsoft.com/en-us/kb/246071
Why isn't everyone using encryption in healthcare? (2015). Virtu. Retrieved from https://www.virtru.com/blog/why-isnt-everyone-using-encryption-in-health-care/
Symmetric Encryption and Asymmetric Encryption Technology On the VM (virtual machine) in the university virtual lab, there consists a folder named "c:encrypt." The folder consists of two files: img.jpg, and "encrypt.exe -- encrypt and decrypt key." This paper decrypts the picture to view the text hidden in the picture. Objective of this project is to discuss the encryption technology strategy used for the software application. Encryption Technology Strategy used for the Software Application In the
The other is a private key that you use to decrypt messages that you receive" (Pretty pp). PGP is such an effective encryption tool that the United States Government actually brought a lawsuit against Zimmerman for putting it in the public domain and therefore making it available to enemies of the United States, however, after a public outcry, the government's lawsuit was dropped, yet it is still illegal to use PGP
Encryption With the ever-increasing amount of information traffic on the net (LAN, WAN, etc.) there is a corresponding increase in the risk of vital data falling into the wrong hands. Data encryption is a technology that provides for a safe, secure and private information exchange. The advancement of computer technology has bought a paradigm shift to our mode of communication. The Internet has managed to overcome all the geographical limitations and
This is however, not considered foolproof. It is possible to break the security by a person having adequate technical expertise and access to the network at hardware level. In view of this the SSL method with right configuration is considered perfectly sufficient for all commercial purposes.5In order to safeguard the data while in transit it is customary to adopt a practical SSL protocol covering all network services that use
Computer Security: Corporate Security Documentation Suitable for a Large Corporation Item (I) in-Depth Defense Measures (II) Firewall Design (III) Intrusion Detection System (IV) Operating System Security (V) Database Security (VI) Corporate Contingency of Operation (VII) Corporate Disaster Recovery Plan (VIII) Team Members and Roles of Each (IX) Timeline with Goal Description (X) Data Schema (XI) Graphical Interface Design (XII) Testing Plan (XIII) Support Plan (XIV) Schematics Computer Security: Corporate Security Documentation Suitable for a Large Corporation (I) In-Depth Defense Measures Information Technology (IT) Acceptable Use Policy The intentions of
This occurs when a server happens to receive more connection requests that are incomplete and that it cannot possibly handle. This kind of attack's source code were released in 2006 by 2600 and Phracks two well-known underground hacker magazines. The second threat is IP Spoofing which is an attack which involves the impersonation of a legitimate host user at the IP layer. The third one is sequence number attack.