Security risks and precautionsSecurity precautions

While browsing the internet users can unwittingly download spyware, or become victims of phishing and keylogging software. Fraud, identity theft and server attacks are also becoming more commonplace. To safeguard against this, a server-side validation of online form data and encryption of network traffic is normally used.

Part ofComputing ScienceComputer systems

Security precautions

Use of Public and Private Keys

Data transmitted over the Internet is very easy to intercept and most of it is text based.

In order to keep data secure in transit it is . A process, called a , is used to scramble the data so that it doesn’t make sense. The cypher is reversible so the original message can be restored if you know the cypher.

An encryption key specifies how the cypher scrambles data and how to turn this back to the original data.

To be secure, the system sending data and the system receiving it must agree on a key that no one else knows. Both systems need to know what the key is without transmitting the key itself. Otherwise anyone intercepting the encrypted message also knows the key.

Public-key encryption (PKE) solves this problem by using two keys.

The two keys are mathematically linked, normally generated from a large, random number.

  • Public key - known by everyone and is used to encrypt the message.
  • Private key - known only by the recipient and is used to decrypt the message.
  • Cyphers are very complex - only the private key can decrypt the message.
  • The public key cannot be used to work out the private key.
Next page
Digital Certificates
Previous page
Denial of Service (DoS) attacks

More guides on this topic

Related links