ISSC680 discussion and discussion responses.
I’m trying to study for my Computer Science course and I need some help to understand this question.
This is a two part questions. First I will need the discussion question answer which will be below in bold, 250 words APA format. After that is completed I will extend the time and will need the discussion responses answered. For those response I will need two responses of at least 175 words each.
Based on the readings for this week, discuss some of the cryptology methods used in your organizations and include what you find to be an advantage and disadvantage (if any). In your answer include something you think that may be lacking and or should be improved in the future.
Before I start my day at work, I use cryptology to access my daily tasks. For example, I have to enter my CAC card to login to my PC. If I try to read my E-mails or send an E-mail, I must have the proper digital signature. In addition, I have to confirm that my e-mails have the correct encryption, and select whether my message includes PII or FOUO.
Cryptology makes secure web sites and electronic safe transmissions possible. For a web site to be secure all of the data transmitted between the computers where the data is kept and where it is received must be encrypted. Due to the large number of commercial transactions on the internet, cryptology is key in ensuring the security of the transactions. Cryptology allows you to have confidence in your electronic transactions. Encryption is used in electronic transactions to protect data such as account numbers and transaction amounts, digital signatures replace handwritten signatures or credit card authorizations, and public-key encryption provides confidentiality. Key management is an important aspect in encryption that allows you to apply common encryption policies across all data on all managed devices.
Cryptology is also used in access control to regulate access such as in satellite and cable TV. Without cryptology, hackers could get into our e-mail, listen in on our phone conversations, tap into cable companies, acquire free cable service, or break into our bank/brokerage accounts. Time stamping is a cryptographic technique that can certify that a certain electronic document, communication existed or was delivered at a particular time.
In addition, one must remember that any coding can be placed in the same bracket at encryption. The purpose may be to make things more readable rather than less, but that is not a fundamental difference, merely a number sign. That means that even without calling it encryption, every time you compress a file or transmit it with error correction codes, you are using cryptographic techniques. Also, those are all important to security as well. In general, cryptology is an important way of achieving data confidentiality, data integrity, user authentication and non-repudiation.
One cryptology method that is used in my organization is Public Key Encryption. If anyone has ever logged into a government computer and tried to access email or log into a government site, then they have probably seen some reference to DoD PKI (Public Key Infrastructure). Some advantages that I have seen from using this type of encryption is being able to recover old keys. Anyone that has ever had to have their Common Access Card (CAC) replaced, knows what I am talking about. Sometimes it is a pain, but once you have done it a couple of times it becomes normal. Being able to recover old keys, allows to access emails that were encrypted with previous keys. One disadvantage that I have ran into with PKI is with email. If a user gets new credentials and has not uploaded their new ones to the server, then sometimes it can be hard to send them emails as the keys do not match up. This can get annoying at times, but most of the time it is resolved with a simple phone call. According to Peltier (2014), Public Key Encryption supports confidentiality, access control, integrity, authentication, and nonrepudiation services. They also state that the Public Key Encryption provides a solution to the Private Key Encryption weakness. Those are two more advantages that our book mentions that helps the case for Public Key Encryption. With my organization, I know that there are other cryptology methods being used, but this is a basic one that I deal with during my daily routine.
Peltier, T. R. (2014). Information Security Fundamentals. Retrieved from https://ebookcentral.proquest.com/lib/apus/reader.action?docID=1375200