Premium Essay

A Hybrid Approach of System Security for Small Ans Medium Enterprises: Combining Different Cryptographic Techniques

In:

Submitted By jashu
Words 2835
Pages 12
Proceedings of the 2013 Federated Conference on Computer Science and Information Systems pp. 659–662

A Hybrid Approach of System Security for Small and Medium Enterprises: combining different Cryptography techniques
Georgiana Mateescu
Polytechnic University of Bucharest, Splaiul Independenței 313, Bucharest, Romania, Email: georgiana.mateescu@gmail.com

Marius Vladescu
Polytechnic University of Bucharest, Splaiul Independenței 313, Bucharest, Romania, Email: vladescumariusnicolae@yahoo.com

Abstract—Information protection is one of the most important issues in every domain, especially when we are talking about enterprises. Information safety can be translated into three key terms: integrity, availability and data protection. There is a great number of means used in order to achieve the three objectives simultaneously. The most popular is cryptography because it offers a lot of techniques which nowadays are impossible to fail. In this paper we want to prove their efficiency by comparing the different types of crypto algorithms and by presenting their weaknesses and strengths. In order to maximize the benefits of the crypto techniques, we propose a hybrid approach that combines three crypto algorithms.

I. INTRODUCTION

W

HEN we are talking about information security we refer to it as the mean we use to protect our information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. The main concepts that a security system has to respect are: confidentiality, integrity, availability and authentication. These concepts represent the information security goals and must be achieved by every security system that aims to be functional. Most security systems use cryptography because it offers various algorithms and techniques practically impossible to break because of their complexity. Cryptography,

Similar Documents

Free Essay

Rert

...COMMUNICATION FOR SMALL AND MEDIUM ENTERPRISE USING CRYPTOGRAPHY ABSTRACT Information protection is one of the most important issues in every domain, especially when we are talking about enterprises. Information safety can be translated into three key terms: integrity, availability and data protection. There is a great number of means used in order to achieve the three objectives simultaneously. The most popular is cryptography because it offers a lot of techniques which nowadays are impossible to fail. In this paper we want to prove their efficiency by comparing the different types of crypto algorithms and by presenting their weaknesses and strengths. In order to maximize the benefits of the crypto techniques, we propose a hybrid approach that combines three crypto algorithms. INTRODUCTION Cryptography is a technique to scramble confidential information to make it "unreadable." It is commonly used in Internet communications to transmit data in secure way. Some potential problems during data communication on networking like unauthorized access, disclosure, interruption, use, modification, inspection, recording or destruction. The main ideas that security system has to respect are: confidentiality, data integrity, availability and authentication. These concepts characterize the data security achievement and must be accomplished by every secure communication that aims to be functional. Most security systems use cryptography because it offers various algorithms and techniques practically...

Words: 2730 - Pages: 11

Free Essay

Food Feed

...COMMUNICATION FOR SMALL AND MEDIUM ENTERPRISE USING CRYPTOGRAPHY ABSTRACT Information protection is one of the most important issues in every domain, especially when we are talking about enterprises. Information safety can be translated into three key terms: integrity, availability and data protection. There is a great number of means used in order to achieve the three objectives simultaneously. The most popular is cryptography because it offers a lot of techniques which nowadays are impossible to fail. In this paper we want to prove their efficiency by comparing the different types of crypto algorithms and by presenting their weaknesses and strengths. In order to maximize the benefits of the crypto techniques, we propose a hybrid approach that combines three crypto algorithms. INTRODUCTION Cryptography is a technique to scramble confidential information to make it "unreadable." It is commonly used in Internet communications to transmit data in secure way. Some potential problems during data communication on networking like unauthorized access, disclosure, interruption, use, modification, inspection, recording or destruction. The main ideas that security system has to respect are: confidentiality, data integrity, availability and authentication. These concepts characterize the data security achievement and must be accomplished by every secure communication that aims to be functional. Most security systems use cryptography because it offers various algorithms and techniques practically...

Words: 2730 - Pages: 11

Premium Essay

Pretty Good Privacy

...transit between client and server and altering information on a web site. In all distributed environment electronic mail is the most heavily used network based application. It is the only application that is widely used across all architecture and vendor platforms. Users expect to be able to and do, send mail to others who are connected directly or indirectly to the internet. PGP(Pretty Good Privacy) is an open-source freely available software for E-Mail security. It provides authentication through the use of digital signature, confidentiality through the use of symmetric block encryption, compression using the ZIP algorithm, E-Mail compatibility using the radix-64 encoding scheme and segmentation and reassembly to accommodate long e-mails. Chapter 2 Review of literature tells the need and appraisal of e-mail security Software. E-mail is well established as a prime means of communication for business purposes that is quicker and cheaper than more traditional methods. Thus is necessary to make one’s corporate messaging system as secure as...

Words: 27771 - Pages: 112

Premium Essay

Main Paper

...Special Publication 800-48 Wireless Network Security Tom Karygiannis Les Owens 802.11, Bluetooth and Handheld Devices NIST Special Publication 800-48 Wireless Network Security 802.11, Bluetooth and Handheld Devices Recommendations of the National Institute of Standards and Technology Tom Karygiannis and Les Owens C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 November 2002 U.S. Department of Commerce Donald L. Evans, Secretary Technology Administration Phillip J. Bond, Under Secretary for Technology National Institute of Standards and Technology Arden L. Bement, Jr., Director W IRELESS NETWORK SECURITY Note to Readers This document is a publication of the National Institute of Standards and Technology (NIST) and is not subject to U.S. copyright. Certain commercial products are described in this document as examples only. Inclusion or exclusion of any product does not imply endorsement or non-endorsement by NIST or any agency of the U.S. Government. Inclusion of a product name does not imply that the product is the best or only product suitable for the specified purpose. Acknowledgments The authors wish to express their sincere thanks to numerous members of government, industry, and academia who have commented on this document. First, the authors wish to express their thanks to the staff at Booz Allen Hamilton...

Words: 52755 - Pages: 212

Premium Essay

Docs

...solution through a software prototype. Moreover, we propose an original cost model that is oriented to the evaluation of cloud database services in plain and encrypted instances and that takes into account the variability of cloud prices and tenant workloads during a medium-term period. KEYWORDS: Cloud database, confidentiality, encryption, adaptivity, cost model. LIST OF CONTENTS Page No List of Figures viii List of Tables ix 1. Introduction 1.1 Purpose 1.2 Scope 1.3 Motivation 1.3.1 Definitions 1.3.2 Abbreviations 1.3.3 Model Diagrams 1.4 Overview 2. Literature Survey 2.1 Introduction 2.2 History 2.3 Purpose 2.4 Requirements 2.5 Technology Used 2.6 Research Methodologies 3. Fundamental Concepts on (Domain) 3.1 Domain Fundamentals & Description 3.1 Existing concepts of fundamentals 3.2 Existing System Algorithms 3.3 Proposed System Fundamentals concepts 3.4 Proposed Algorithms 3.5 Performance analysis in between of existing system...

Words: 17343 - Pages: 70

Premium Essay

The Internet of Things

...See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/263893131 TruSMS: A trustworthy SMS spam control system based on trust management Article in Future Generation Computer Systems · July 2014 Impact Factor: 2.79 · DOI: 10.1016/j.future.2014.06.010 CITATIONS READS 4 2,022 4 authors, including: Zheng Yan Raimo Kantola Xidian University Aalto University 88 PUBLICATIONS 588 CITATIONS 91 PUBLICATIONS 298 CITATIONS SEE PROFILE All in-text references underlined in blue are linked to publications on ResearchGate, letting you access and read them immediately. SEE PROFILE Available from: Zheng Yan Retrieved on: 12 April 2016 This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and education use, including for instruction at the authors institution and sharing with colleagues. Other uses, including reproduction and distribution, or selling or licensing copies, or posting to personal, institutional or third party websites are prohibited. In most cases authors are permitted to post their version of the article (e.g. in Word or Tex form) to their personal website or institutional repository. Authors requiring further information regarding Elsevier’s archiving and manuscript policies are encouraged to visit: http://www.elsevier.com/authorsrights Author's personal copy ...

Words: 18072 - Pages: 73

Premium Essay

Hello

...A AAA ABEND Access Access attacks Authentication, Authorization, Accounting. Allows all facets of user security to be defined on a central server. Abnormal END. Abnormal termination of software. 1.) In dealing with network security it is an all-encompassing term that refers to unauthorized data manipulation, system access, or privileged escalation. An all-encompassing term that refers to unauthorized data manipulation, system access, or privileged escalation. Unauthorized data retrieval is simply reading, writing, copying, or moving files that are not intended to be accessible to the intruder. Limiting the flow of information from the resources of a system to only the authorized persons or systems in the network. See ACE. access control Access Control Entry access control list See ACL. access device access layer Access Method Hardware component used in your signaling controller system: access server or mux. The point at which local end users are allowed into the network. 1.) Generally, the way in which network devices access the network medium. 2.) Software within an SNA processor that controls the flow of information through a network. Defines access rights and privileges for the network users. The access policy should provide guidelines for connecting external networks, connecting devices to a network, and adding new software to systems. The remote computer system which connects a personal computer to the Internet. Access Virtual Private Network. A Virtual Private Network...

Words: 23221 - Pages: 93

Free Essay

Applied Soa

...Applied SOA Service-Oriented Architecture and Design Strategies Mike Rosen Boris Lublinsky Kevin T. Smith Marc J. Balcer Wiley Publishing, Inc. Applied SOA Applied SOA Service-Oriented Architecture and Design Strategies Mike Rosen Boris Lublinsky Kevin T. Smith Marc J. Balcer Wiley Publishing, Inc. Applied SOA: Service-Oriented Architecture and Design Strategies Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright  2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-22365-9 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the...

Words: 218699 - Pages: 875

Premium Essay

Paper

...Management of Information Security Third Edition This page intentionally left blank Management of Information Security Third Edition Michael Whitman, Ph.D., CISM, CISSP Herbert Mattord, M.B.A., CISM, CISSP Kennesaw State University ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Management of Information Security, Third Edition Michael E. Whitman and Herbert J. Mattord Vice President, Career and Professional Editorial: Dave Garza Executive Editor: Stephen Helba Managing Editor: Marah Bellegarde Product Manager: Natalie Pashoukos Developmental Editor: Lynne Raughley Editorial Assistant: Meghan Orvis Vice President, Career and Professional Marketing: Jennifer McAvey Marketing Director: Deborah S. Yarnell Senior Marketing Manager: Erin Coffin Marketing Coordinator: Shanna Gibbs Production Director: Carolyn Miller Production Manager: Andrew Crouth Senior Content Project Manager: Andrea Majot Senior Art Director: Jack Pendleton Cover illustration: Image copyright 2009. Used under license from Shutterstock.com Production Technology Analyst: Tom Stover © 2010 Course Technology, Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored, or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information...

Words: 229697 - Pages: 919

Premium Essay

Security Analyst

...Contents 1. Introduction 2. Assessment Test 3. Chapter 1: Getting Started with Ethical Hacking 1. Hacking: A Short History 2. What Is an Ethical Hacker? 3. Summary 4. Exam Essentials 5. Review Questions 4. Chapter 2: System Fundamentals 1. Exploring Network Topologies 2. Working with the Open Systems Interconnection Model 3. Dissecting the TCP/IP Suite 4. IP Subnetting 5. Hexadecimal vs. Binary 6. Exploring TCP/IP Ports 7. Understanding Network Devices 8. Working with MAC Addresses 9. Intrusion Prevention and Intrusion Detection Systems 10. Network Security 11. Knowing Operating Systems 12. Backups and Archiving 13. Summary 14. Exam Essentials 15. Review Questions 5. Chapter 3: Cryptography 2 1. Cryptography: Early Applications and Examples 2. Cryptography in Action 3. Understanding Hashing 4. Issues with Cryptography 5. Applications of Cryptography 6. Summary 7. Exam Essentials 8. Review Questions 6. Chapter 4: Footprinting and Reconnaissance 1. Understanding the Steps of Ethical Hacking 2. What Is Footprinting? 3. Terminology in Footprinting 4. Threats Introduced by Footprinting 5. The Footprinting Process 6. Summary 7. Exam Essentials 8. Review Questions 7. Chapter 5: Scanning Networks 1. What Is Network Scanning? 2. Checking for Live Systems 3. Checking for Open Ports 4. Types of Scans 5. OS Fingerprinting 6. Banner Grabbing 7. Countermeasures 8. Vulnerability Scanning 9. Drawing Network Diagrams 10. Using Proxies 11. Summary 12. Exam Essentials 13. Review Questions...

Words: 71242 - Pages: 285

Premium Essay

Internet

...not necessarily those of the European Commission or any of its officials» A great deal of additional information on the European Union is available on the Internet. It can be accessed through the Europa server (http://www.europa.eu). Cataloguing data can be found at the end of this publication. ISBN 978-92-79-08008-1 © European Communities, 2008 Reproduction is authorised provided the source is acknowledged. Printed in Belgium PRINTED ON CHLORE FREE PAPER The Future of the Internet A Compendium of European Projects on ICT Research Supported by the EU 7th Framework Programme for RTD European Commission I nform ati on S oc i et y and M ed ia ••• 2 Preface 5 priorities identified by the Internet Governance Forum: openness, security, access, diversity and critical Internet resources. The use of the Internet in public policies will considerably grow in areas such as education, culture, health and e-government. These topics will be at the core of our contribution to the OECD Seoul Summit in June. In the longer term, we have to prepare the future Internet, including for example, a 3D-Internet. This has already been pioneered through virtual environments such as “Second Life”. Turnover in online gaming has grown threefold over the past 5 years, and virtual worlds are estimated to attract more...

Words: 66329 - Pages: 266

Premium Essay

Pc Security

...Improving Web Application Security Threats and Countermeasures Forewords by Mark Curphey, Joel Scambray, and Erik Olson Improving Web Application Security Threats and Countermeasures patterns & practices J.D. Meier, Microsoft Corporation Alex Mackman, Content Master Srinath Vasireddy, Microsoft Corporation Michael Dunner, Microsoft Corporation Ray Escamilla, Microsoft Corporation Anandha Murukan, Satyam Computer Services Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft, MS-DOS, Windows, Windows NT, Active Directory, BizTalk, IntelliSense, MSDN, Visual Basic, Visual C#, Visual C++, and Visual Studio are either registered trademarks or trademarks of Microsoft...

Words: 83465 - Pages: 334

Premium Essay

Information and Survey Analysis

...substantiates the integrity of actual processing, such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed. 2. The decisions and actions of an IS auditor are MOST likely to affect which of the following risks? A. Inherent B. Detection C. Control D. Business The correct answer is: B. Detection Explanation: Detection risks are directly affected by the auditor's selection of audit procedures and techniques. Inherent risks usually are not affected by the IS auditor. Control risks are controlled by the actions of the company's management. Business risks are not affected by the IS auditor. 3. Senior management has requested that an IS auditor assist the departmental management in the implementation of necessary controls. The IS auditor should: A. refuse the assignment since it is not the role of the IS auditor. B. inform management of his/her inability to conduct future audits. C. perform the assignment and future audits...

Words: 97238 - Pages: 389

Free Essay

Tourism Industry: Ict Adoption and E-Business Activity

...Sector Report No. 8 / 2006 ICT and e-Business in the Tourism Industry ICT adoption and e-business activity in 2006 European Commission Tourism About e-Business W@tch and this report The European Commission, Enterprise & Industry Directorate General, launched the e-Business W@tch to monitor the growing maturity of electronic business across different sectors of the economy in the enlarged European Union, EEA and Accession countries. Since January 2002, the e-Business W@tch has analysed e-business developments and impacts in manufacturing, construction, financial and service sectors. All results are available on the internet and can be accessed or ordered via the Europa server or directly at the e-Business W@tch website (http://ec.europa.eu/comm/enterprise/ict/policy/watch/index.htm, www.ebusiness-watch.org). This document is a sector study by e-Business W@tch, focusing on the tourism industry. Its objective is to describe how companies in this industry use ICT for conducting business, to assess the impact of this development for firms and for the industry as a whole, and to indicate possible implications for policy. Analysis is based on literature, interviews, case studies and a survey among decision-makers in European enterprises from the tourism industry about the ICT use of their company. Disclaimer Neither the European Commission nor any person acting on behalf of the Commission is responsible for the use which might be made of the following information...

Words: 80447 - Pages: 322

Premium Essay

Future of Technology

...Dictionary of Economics International Dictionary of Finance Brands and Branding Business Consulting Business Ethics Business Strategy China’s Stockmarket Globalisation Headhunters and How to Use Them Successful Mergers Wall Street Essential Director Essential Economics Essential Finance Essential Internet Essential Investment Essential Negotiation Pocket World in Figures THE FUTURE OF TECHNOLOGY THE ECONOMIST IN ASSOCIATION WITH PROFILE BOOKS LTD Published by Profile Books Ltd 3a Exmouth House, Pine Street, London ec1r 0jh Copyright © The Economist Newspaper Ltd 2005 All rights reserved. Without limiting the rights under copyright reserved above, no part of this publication may be reproduced, stored in or introduced into a retrieval system, or transmitted, in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), without the prior written permission of both the copyright owner and the publisher of this book. The greatest care has been taken in compiling this book. However, no responsibility can be accepted by the publishers or compilers for the accuracy of the information presented. Where opinion is expressed it is that of the author and does not necessarily coincide with the editorial views of The Economist Newspaper. Typeset in EcoType by MacGuru info@macguru.org.uk Printed and bound in Great Britain by Creative Print and Design (Wales), Ebbw Vale A CIP catalogue record for this book is available from the British Library ISBN 1 86197 971...

Words: 128899 - Pages: 516