Premium Essay

Crypography

In: Computers and Technology

Submitted By katekate0113
Words 589
Pages 3
Cryptography

Cryptography is an algorithm used for secure communication in the presence of third parties through encryption and decryption. It is a common method which enables users to store private or sensitive information transmits across an insecure network, like internet. In this case, it is suggested to use for protecting and guarding the UPS official website information transaction of the between UPS and its customers.

In encryption process, the original or ordinary information (Plaintext) is converted into an unintelligible text (Ciphertext) that only the authorized parties with the key are able to read. The authorized parties perform decryption by reversing the process of encryption which converts the Ciphertext back into Plaintext with the key that given by the originator.

As both UPS and its customers can take part in being information sender or receiver, the public key and private key holder can be interchanged. Symmetric Cryptography is suggested for the ease of implementation as symmetric-key cryptography makes encryption which both the sender and receiver share the same key.

Besides, a message authentication code (MAC) can be implied to provide integrity and authenticity assurances on the message. Integrity assurances detect accidental and intentional message changes, while authenticity assurances affirm the message's origin. Integrity assurances detect accidental and intentional message changes, while authenticity assurances affirm the message's origin. UPS and customers can only receive and read the accurate and valid information without any deliberate changes by allowing verifiers (who also possess the secret key) to detect any changes to the message content.

The above cryptography techniques can be used at the point where UPS sends out the invoice note or updates order details and customers modify or track the order reference.

Similar Documents

Premium Essay

Cyber Law

...Unit-4 (ICS -305) Information security Information security (ISec) describes activities that relate to the protection of information and information infrastructure assets against the risks of loss, misuse, disclosure or damage. Standards that are available to assist organizations implement the appropriate programs and controls to mitigate these risks are for example BS7799/ISO 17799, Information Technology Infrastructure Library and COBIT.  Information security management (ISM) describes controls that an organization needs to implement to ensure that it is sensibly managing these risks. Security Challenges  The risks to these assets can be calculated by analysis of the following issues:  Threats to your assets. These are unwanted events that could cause the intentional or accidental loss, damage or misuse of the assets  Vulnerabilities. How vulnerable (prone or weak) your assets are to attack  Impact. The magnitude of the potential loss or the seriousness of the event. Security services Information Security Governance, Information Security Governance or ISG, is a subset discipline of Corporate Governance focused on information Security systems and their performance and risk management.  Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations  Develop the information security strategy in support of business strategy and...

Words: 1808 - Pages: 8