Authentication Verifying the identity of a user logging onto a computer system or verifying the integrity of a transmitted message.
Biometrics A security technique for checking and verifying identities that employs digitally created 'maps' of an individual's physical characteristics (eg. Thumb prints, voice recordings or iris scans). These are stored by a security system and are later compared when accessed by the individual.
CA (Certification Authority) An organisation that is responsible for the distribution of Public Key Certificates and associated private keys.
Cookies A packet of data stored on a computer hard disk by a website, used to track visitor behaviour.
Cryptography The mathematical process of converting information into a secret code so that it can be safely transmitted over a public network such as the Internet.
Digital certificate A data file that is issued by a Certification Authority to an individual or organization to identify them to online services.
Digital signature Data included within a digital document that identifies who produced it. It can also be used to detect and track any changes that have been made to the document.
Dumping The process of installing a phone dialler on a PC which diverts ISP connections to a high-charge number, without asking the users' permission.
Encryption Encryption is the conversion of data into a secret code for transmission over a public network. The original (plain) text is converted into a coded equivalent called 'cipher text' via an encryption algorithm. The cipher text is decoded (decrypted) at the receiving end and turned back into plain text. The encryption algorithm uses a key, a binary number that is typically from 40 to 128 bits in length. The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it would take to break the code. The data is encrypted, or 'locked', by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to 'unlock' the code and restore the original data.
Firewall Firewalls are used to keep a network secure from intruders. Simple firewalls can be implemented as software only. For larger businesses, firewalls may also include dedicated hardware for faster processing. Firewalls are widely used to give users secure access to the Internet as well as to separate a company's public Web server from its internal network.
Gatekeeper The Federal Government initiative to make all services available online in a secure fashion.
Hacker Someone who attempts to gain unauthorized access to a computer system, often for fraudulent purposes.
IP addresses The unique numerical addresses assigned to every computer connected to the Internet.
Log file A file used by websites to record the date, time and IP address of each user that visits it. Log files can be analysed through software that provides the website owner with an intelligence report of the traffic, usage and areas visited within the website.
Passwords A word or code that protects against unauthorised access to data. The word or code is entered in order to access the data.
Plug-in An auxiliary program that works with a major software package to enhance its capability. For instance, PGP security systems can be added to email programs.
PGP (Pretty Good Privacy) A popular form of cryptography often used to encrypt email.
Public key cryptography A system of securing data that uses two keys to scramble and decipher messages. One key is known as a 'public key' and is widely distributed. The other is called a 'private key' and is held secretly by an individual. Messages are protected by scrambling them with the public key of the person you are sending a message to. Computer algorithms ensure that only the private key held by the person you are emailing can decrypt or unscramble the message.
Public Key Certificates The key in public key cryptography that is kept private by an individual or organisation.
PKI (Public Key Infrastructure) The policies and procedures that exist for establishing a secure method for exchanging information within an organisation, an industry, a nation or worldwide. It makes use of Certification Authorities (CAs), Registration Authorities (RAs) and digital signatures, as well as all of the hardware and software used to manage the process. This infrastructure, consisting of policies, legislation and facilities, creates a system of trustworthy CAs and RAs that enables e-commerce to occur with an extremely high level of confidence.
Private key The key in public key cryptography that is kept private by an individual or organisation.
Public key The key in public key cryptography that is openly available and is not kept private.
RA (Registration Authority) An organisation that confirms the claimed identity of those who are applying for a digital signature.
Spoofing The process of sending an email from a faked address.
SSL (Secure Socket Layer) The most widely used security protocol on the Internet, often used for online shopping sites. SSL creates a secure channel over which data can be exchanged.
S/MIME A standard for allowing emails and attachments to be sent securely.
TLS (Transport Layer Security) An alternative name for SSL.
Viruses Viruses are malicious pieces of computer code which make unauthorised changes to your PCs. They often distribute themselves via the Internet or email.
VPN (Virtual Private Network) A system to allow businesses to access their internal networks and computers over the Internet or other public network, using encrypted tunnels to ensure that data cannot be accessed without authorisation.
Print this page