Generally speaking, Security can be divided into two broad categories:
System security and network security. System security means to protect the data residing on your computers from any external threats such as viruses, worms, and any hackers. This protection can be done by any anti-virus software or firewalls. This will be of course very important to enterprise servers which store important data for the company.
On the other hand, network security refers to protecting the data while it is traveling across the line from one computer to another. In this case hackers can easily intercept this data and read it which may contain sensitive information. Hackers can also modify this data before reached to the destination. Of course, many possibilities can occur by the hackers while the data is traveling.
There are three important terms must be known for a good understanding of network security:
1. Confidentiality: This term refers to the privacy of the data being sent. Thus some means must be applied when sending this data. The most common approach is encryption. By this approach, the data is encrypted first before it is sent. Thus, if a hacker intercepts this data he cannot read it.
Encryption is one part of network security and it refers to hiding the sensitive data while traveling on the network. this is done because there are some programs allowed to read this data which may be sensitive to disclose as with credit card numbers and passwords.
There are two major types of algorithms for implementing encryption: symmetric encryption and asymmetric encryption. in symmetric encryption, the data are scrambled using one key on the transmitter and then is processed at the receiver using the same key. thus the two keys are the same for the data to be readable.
on the other hand, asymmetric encryption, the another type, uses two different keys at the transmitter and the receiver to encrypt the data, one is called public key and the other is called private key. the public key must be known to everyone who wants to communicate with the person owning that key but the private key must not be known for the encryption to be successful.
2. Authentication: Consider some one attempt to access restricted resources such as email account. Not anyone can access your account of course. Only the person having that account can access it. When someone accesses such a resource, he must provide his credentials (username and password) to the server before getting the resource on his computer. This procedure is called authentication. Thus the server must first identify the person before getting him what he need.
3. Integrity: this term refers to sending the data without any modification. Consider while you are sending your data and someone takes this data before arriving and modify it and then resend it. The solution to attempts this attack is to append some bits along with data which is function of the actual data being sent and may be encrypted also. The receiver then must verify these bits before considering it correct.