What is the purpose of Cryptography in Information Security?

Information SecuritySafe & SecurityData Structure

Cryptography supports a number of security aims to provide the privacy of information, non-alteration of information and so on. Because of the high security benefit of cryptography it is broadly used today. There are the various goals of cryptography which are as follows −

Confidentiality − Information in computer is sent and has to be approached only by the authorized party and not by anyone else. The principle of confidentiality represent that only the sender and the intended recipient(s) should be able to make the content of a message. Confidentiality have negotiated if an unauthorized person is able to make a message.

Confidentiality represent that sensitive data should be restricted from being disclosed to unauthorized parties. There are generally two approaches, or an amalgamation of these during confidentiality can be supported. One approach is to limit access to the data that must be kept undisclosed. The other approach is to encrypt the secret information.

Authentication − Authentication is any process by which it can test that someone is who they claim they are. This generally includes a username and a password, but can contain some other approach of demonstrating identity, such as smart card, retina scan, voice identification, or fingerprints. Authentication is same as showing the drivers license at the ticket counter at the airport.

Integrity − It can only the authorized party is enables to change the transmitted information. No one in between the sender and receiver are enabled to modify the given message.

One approach of providing integrity is to connect a definite indicator or message digest at the end of the message that is active to be sent. If this digest remains undamaged during transit then the principle has been canned.

Integrity represent that an asset or data can only be tailored by authorized parties or only in authorized aspect.

Non-Repudiation − It provides that neither the sender, nor the receiver of message should be capable to decline the transmission. Non-repudiation defines that a person who sends a message cannot decline that sent it and, conversely, that a person who has received a message cannot decline that received it. Furthermore these technical components, the conceptual reach of information security is broad and multifaceted.

Access Control − The principle of access control determines who should be capable to access what. For instance, it should be able to represent that user A can view the information in a database, but cannot update them. User A can be enables to create updates as well. An access-control structure can be install to support this.

Access control is associated to two areas such as role management and rule management. Role management use on the user side, whereas rule management focuses on the resources side.

Updated on 15-Mar-2022 09:53:13