The final chapter in the text for our class deals with Internet security from the standpoint of the home user. It discusses ways to remain secure while exchanging information with others on the web. This includes doing things like banking data, sending or receiving files via an instant messaging or file sharing application.
The main idea is to make sure that you are using a secure site with which it is possible to exchange encrypted information. Unencrypted data is easily gleaned from others on the same network, so it's vital to make sure that the site you are accessing has a digital certificate signed by a trusted authority. This makes sure that you are dealing with the intended site and not an imposter. Data encryption is accomplished by using a personal or "private" key, which allows the sender to encrypt information to be sent across the net. Decryption is accomplised by use of a shared, or "public" key that could be widely known. The public key is normally certified by the trusted agency issuing the site's security certificate.
There are several applications that can assist in encrypting and decrypting data using public and private key pairs, the example cited in the text is PGP, or Pretty Good Privacy.
The text goes on to discuss ways to use secure connections when using email clients such as Microsoft Outlook as well as webmail and instant messaging applications. File transfers can be sent securely of the Internet using a Secure FTP (SFTP) client such as WinSCP, or by using Microsoft's Web Distributed Authoring and Versioning, or (WebDAV). Although the text uses the obsolete Windows XP as an example, WebDAV can still be used with Windows 7 and Windows 8.
This has been an interesting class that was hampered by using examples from an obsolete operating system. As the text was published in 2010, I would hope that it is soon revised to use examples from the more modern Windows 7 or Windows 8, which most students will encounter in their professional careers.
No comments:
Post a Comment