Information on the encrypted channel
Any breach of security of the information of any company can lead to huge losses or loss of crucial data that the company has invested in. That is why the security of the data should be tight and uncompromised at all times. Employees have been at times involved in stealing data either for malicious use or being agents of competitors of the firm. This calls for right means to protect data in ways that will seal all loopholes to any leak of information. Companies have invested in hard disk encryption, file encryption, software control, USB drive encryption, and periodic reports and audits (Bauer, 2002).
Data in the company may also be compromised by employees and hence the need to protect sensitive information in the cycle of the information through data encryption. This means that even if the data is to be sent in an email, stored in the database, being processed by the PC, or being accessed by employees away from the company through mobile then it is always safe.
Encrypted data need to be data secure by encrypting the hardware, this will involve centralizing management of keys, essential functions, and policies. This will ensure administration is simplified complied to and most of all secure (Bauer, 2002). Placing the encryption keys at the centralized hardened appliances simplifies the administration process on who accesses the data available. This method can be applied to gather information about the encrypted channel and recover the plaintext.
Policies will ensure that the administration sets authentication procedures to ensure logging, and access of material is easy to report and audit. Regulations and a strict code of ethics should be stressed to all employees and strict measures are implemented on them if one is caught using data in unauthorized ways. This will reduce data malpractices at the workplace.
In the military breach of protocol is a grave offence for the employees, but the terrorist work tirelessly to ensure the get the data in the military program. The Military Critical Technology List (MCTL) gives the protocol that officers follow in accessing the data. The use of electromagnetic shielding is common in the military data which protects its data from electromagnetic interference and radio frequency interference (Bamford, 1983). Data in this field is very delicate and through proper encryption and frequent audits and reports then security is assured. Frequent changes of encryption codes which will require authentication should be administered.
Data should also be graded and stored in different systems that will require the different degree of security access in that for anyone to access data that completely makes sense then access to all systems must be done. Frequent change of authentication secret codes and full disk encryption is necessary to ensure anyone who accesses the system is identified and the time of access. Algorithm coding is recommended in such institutions (Bauer, 2002).
Ciphers that the government cannot crypt analyze should be outlawed
Whenever plaintext is encrypted then most people will not understand it unless they have the ability to decrypt it. The ciphers that government cannot analyze need be taken with a lot of suspicion. Such data should be outlawed in view of the fact that the owner of the data wants to use it for illegal personal or malicious purposes. In the event of such data an audit should be established to find out the actual source and intended use since terrorists or other malicious people could use it to cause harm to citizens, or it could be virus definitions that are meant to infect the systems (Young, & Yung, 2004).
If the owners of the encrypted data are already registered with the government then there is no cause for alarm, rather there will be the need for an audit of the ciphers to establish the contents and their purposes. The history of the registered persons will be necessary to give a verdict whether the ciphers should be outlawed or not (Young, & Yung, 2004). Ciphers of individual or organizations with backgrounds related to crime or terrorism then they should be outlawed.
Reasons for the government not to be able to analyze should be given which should prove beyond reasonable doubt that there is no illegal gains or rather no malicious secrets that could make them an enemy of the state. The government should also guard against such data since it may be used to evade tax payments and since the government may not be able to audit such occurrences occasionally ciphers that it cannot analyze though they are already registered they should be outlawed, unless they belong to state secret agencies, military, and federal investigation bureaus.
Examples in Confidentiality, Integrity, and Availability
Data, where confidentiality is more important than integrity, include bank details of an individual which can only be changed by the bank. Whenever such information is got it can be used to defraud the account holder thus confidentiality is more important than integrity.
Data where integrity is more important than confidentiality include reports that describe certain evils in society. The change of such reports could mean that the truth has been compromised and so is the integrity. Knowing the content may be a breach of confidentiality but its integrity is more important than confidentiality.
Data where availability is more important than confidentiality includes business deals where the need for knowledge of the business dealings may be kept the secret to the owner but suppliers may want to know why the business chooses other suppliers. This can help them in establishing competitive terms in business once the information is more available than confidential.
The email process
Mostly the email process today has been marred by incidences where people have hacked into the emails and accessed the data sent. Spam mails have also been a bother and an irritation to those using email technologies today. Such incidences have found the process wanting in terms of confidentiality, integrity, authentication, and non-repudiation (Bauer, 2002). Individuals have been involved in transmitting, accessing, or downloading materials that are fraudulent, defamatory, and offensive, transmitting the information without authority and checking other people emails when they are logged in.
Hackers have gone ahead and developed means to acquire personal information from unsuspecting clients where they end up loosing or being conned. Problems such as marketing, email threats, dangerous attachments, impersonations, eavesdropping, mail-bombing, and junk mails all threaten the good principles of confidentiality, integrity, and authentication, and non-repudiation.
The public key encryption process will restore the confidence in that use of the keys will prevent many problems. The presence of keys will ensure limited access of the email address to others, thus preventing problems such as dangerous attachments, impersonations, eavesdropping, mail-bombing, and junk mails (Bauer, 2002). The public key cryptography is useful since the users will be able to have a secure communication process in an unsecure channel while they are not using their secret key.
It minimizes the presence of ambiguous answers since the correct marks are made by the individuals. The computer also does the tallying which means accuracy is ensured this minimizes recounts and disputes since the computer tabulates correctly (Justin, 2003). This process saves time where people spend time not queuing to vote physically but they sit in front of the computer and makes their choice within no time. There is an advance voting chance that means one can have enough time for other things,
The process is expensive to set up and requires a huge investment. This process is not secure and secretive as compared to the ballot paper process. At times the systems of elections may jam due to heavy traffic causing people not participate in the process. Older generations who are not used to computers or people who are illiterate will not be able to use the process since they cannot use the computers.
There is no means to observe the process, there may be untrustworthy voters, and the process may not be free and secretive. The worst part is where some systems may allow double voting that erodes the democracy of a free and fair election (Schneier, 2000).
Checks for double voting
The system needs to be very effective to ensure one man one vote. The system should be able to allow access only to voters but each at a time. This can be done by establishing a clean and un-manipulated register that will ensure it checks the right to vote at the first instance, through bio-physical means such as scan of the thumb, and also at each time a voter wants to vote.
The system should have an efficient timestamp that will identify the time of voter casting ballots. The voting system should also be able to sort out cases where the voter uses the paper vote and re-vote in the same election. A register canceling mode will be effective since everyone who votes is temporarily canceled in the register to avoid double voting.