| A company must secure their sensitive information | | | | generated. This will provide much faster processing at |
| and transactions to protect them from hackers. There | | | | both the client and the server. After the session is |
| are many ways a company can secure its data | | | | terminated, the session key is discarded. |
| transfers. Few of the data encryption mechanisms are | | | | Secure HTTP (S-HTTP) |
| listed below. | | | | S-HTTP uses a different technology than SSL. After |
| 1. Hash coding | | | | establishing the connection, the messages between |
| 2. Public Key Encryption (Asymmetrical Encryption) | | | | the client and the server are wrapped in a secure |
| 3. Private Key Encryption (Symmetrical Encryption) | | | | envelope. This provides the secrecy, integrity and |
| Using one or more of the above encryption | | | | authentication. However, this technology is more |
| mechanisms, the following technologies are developed. | | | | predominately used between web clients and web |
| 1. Secure Sockets Layer (SSL) | | | | servers. |
| 2. Secure HTTP (S-HTTP) | | | | Virtual Private Network (VPN) |
| 3. Virtual Private Networks (VPN) | | | | VPNs are widely used in organizations for secure data |
| Secure Sockets Layer (SSL) | | | | transfers. They create secure data transfers by |
| SSL is one of the most popular secure data transfer | | | | establishing secure tunnels through a public network (i.e. |
| mechanisms. First the client establishes a connection | | | | Internet). Organizations choose VPN, essentially |
| with the server by communicating basic information | | | | because of its relatively low cost. ACME Widgets can |
| about the level of security, digital certificate, public | | | | build a VPN between their headquarters and field sales |
| encryption key etc. Then the client will contact the | | | | offices. A carefully configured VPN can provide a |
| corresponding Certificate Authority (CA) to check the | | | | very high level of confidentiality, sender authentication |
| authenticity of the digital certificate and the server. | | | | and message integrity. VPNs commonly use Layer-2 |
| After authenticating, a private session key is | | | | Tunneling Protocol (L2TP) for packet encapsulation. |