- CISSP in 21 Days(Second Edition)
- M. L. Srinivasan
- 314字
- 2021-07-14 11:04:32
Cryptographic methods to secure data
Data in native formats, such as texts, documents, or spreadsheets, may be easier to read using a suitable application software. For sensitive data, additional controls may be required to prevent unauthorized access or disclosure of such information. Cryptographic methods offer the best solutions for such requirements. By using cryptographic methods, confidentiality and integrity requirements can be addressed more effectively.
The following are some of the common cryptographic methods used in data security controls.
Encryption
When data is encrypted, it means that the data is scrambled or transformed into an unintelligible form with an appropriate key to unscramble it or, in other words, return it to its original form. Without the key, data cannot be read either by humans or other applications. The key is called the crypto variable. This method of data protection will ensure confidentiality.
Hashing
Data may be altered or modified by an unauthorized entity to commit fraud. In order to detect and prevent such unauthorized modifications, hashing or message digest methods are used.
In hashing, based on the contents of the document, a cryptographic value is computed. The computed value is called a checksum. By periodically recomputing the checksum and validating it with the original computed value, it is possible to detect whether the document is altered. This process helps ensure integrity.
Digital signatures
In digital communications, establishing the authenticity of the sender of the message is essential and is very important for integrity assurance requirements.
Establishing the identity of the receiver or sender can be accomplished through digital signatures. In other words, the authenticity of the data originating from the authorized sender and access only by the intended receiver can be achieved through digital signatures and encryption.
Note
Note that cryptography and its concepts and methods are covered in detail in Chapter 7, Day 7 —€ Security Engineering - Cryptography and Physical Security.
- Learning Java Functional Programming
- 零基礎學Visual C++第3版
- 華為HMS生態與應用開發實戰
- 深入理解Java7:核心技術與最佳實踐
- Mastering Apache Spark 2.x(Second Edition)
- Test-Driven JavaScript Development
- Visual Studio Code 權威指南
- Image Processing with ImageJ
- Unity Character Animation with Mecanim
- 人人都能開發RPA機器人:UiPath從入門到實戰
- Python機器學習開發實戰
- 體驗之道:從需求到實踐的用戶體驗實戰
- Enterprise Application Architecture with .NET Core
- Python Natural Language Processing
- MATLAB/Simulink與過程控制系統仿真