File photo

Securing digital communications

Kwami Ahiabenu Features Apr - 16 - 2020 , 12:24

Digital communications are now indispensable. For a lot of organisations, the use of digital communication is key to achieving work effectiveness and efficiency.

Every day, millions of digital communications get transmitted per second through online, social media and messaging platforms globally.

These communications come in the form of E-mails, text messages, video calls, file transmissions and online storage.

Some of these messages are rudimentary day-to-day ones which do not need to be transmitted securely; however, some digital communications by government end-users, corporate bodies, non-profits and security agencies, need to be transmitted using an appropriate secured option.

For instance, transactions by credit cards to make purchases online, necessitates the transmission of sensitive information, therefore, information on transactions must be transmitted securely. Similarly, online banking, filling out online applications such as passport applications or visas, all require secured transmissions in order to protect the data or information transmitted.

Protection market

Each of these digitally transmitted messages is faced with a thousand and one threats and vulnerabilities. There is, therefore, the increased need for protection against digital communication threats, thus the global marketplace for securing digital communications is a growing.

There are now a number of options opened for a user who requires transmission of secured communications such as Proxy Websites or VPN, E-mail encryption, two-Factor Authentication, passwords, encrypt communication using TOR (The Onion Router) and Public Key Infrastructure (PKI), among other options.

Public Key Infrastructure

One of the most critical tools for securing digital communication is the use of PKI, which enables data or messages to be transferred securely.

A PKI is a cryptographic mechanism which is premised on asymmetric encryption. It is asymmetric because the two halves used in this encryption are not equal.

Other Trending Stories

COP Maame Yaa Tiwaa Addo-Danquah (left), Executive Director of the Economic and Organised Crime Office, and Dr John Halm, the Member of Parliament for the Trobu Constituency, holding the citations presented to them at the function

May 06, 2024

Empowerment of women necessary for accelerated devt — COP Addo-Danquah

May 06, 2024

Once a upon a time Lydia Forson was a musician

May 05, 2024

Here are the top gold producers of 2023 (LIST)

May 06, 2024

GES grants SHS students break for voter registration

May 04, 2024

Transformative journey to financial success

One can think of PKI in terms of a simple lock and key. The two ‘keys’, one public and the other private, are given to two separate entities to enable the creation and viewing of the message. In this direction, a ‘public key’ is used by anyone sending the message (data or information) to ‘lock up’ (encrypt) the message.

The ‘private key’ is only available to a person or persons that are the recipients, who can then make use of this key to ‘unlock’ (decrypt) the message. It means when someone is able to intercept the message, they cannot read the content, since it is gibberish, it can only be meaningful if they have access to the private key.

In the absence of this, the message is unreadable and thus secured. The protection of the private key becomes paramount since the integrity of the message depends on it, if it falls in the wrong hands the security of the message will be compromised.

Centre

PKI is at the centre of secure digital communications and it is characterised by confidentiality, integrity, authentication and non-repudiation. That is to say that only one of the parties in the lock and unlock equation described above, can provide the contents of the message to a third party if required.

There are different types of PKIs; internal and external. The external ones are provided by third party companies, including leading names such as Thawte, Entrust, Verisign and RSA Security, who provide PKI services at a fee to users.

Alternatively, users can create their own internal PKI to secure communication on their networks. In establishing a PKI infrastructure, one needs a Certification of Authority, which serves as a ‘root of trust’ by the provision of validation of the identity of a person. Also, Certification Authority provides a Certification Practice Statement (CPS), which articulates procedures and policies needed for the validation process.

Secure communication is vital in today’s digital age. Without security, effective secured dialogue cannot take place, as well as commercial and financial transactions.

It is also imperative that all users both at organisational and individual levels are aware of, and more importantly, are able to transmit digital communication securely if they need to, as this could be otherwise very costly.

The writer is a Technology
Innovations Consultant,
E-mail: [email protected]