In this lab session, we were being explained about what is meant by authentication and cryptography. We are required to implement Data Encryption and Local Password Policy on Windows 2003 Server Edition. Aside from the operating system, we are required to implement asymmetric cryptography by using an encryption software called Pretty Good Privacy (PGP).
The basic idea of authentication is that when a subject claims that something or an identity is true, verification is necessary. So, authentication enables verifiers to gain confidence that claims are legitimate.
Cryptography is the science of hiding information in such a way that its meaning is not unintelliglble to an unauthorized person. Encryption is the process of encoding a message so that its meaning is not obvious while decryption is the reverse process. The common terms for encrypting and decrypting are encoding and decoding.
Cryptosystems use cryptography algorithms, which can be classififed into two categories being the symmetric and asymmetric encipherment. The sole difference that can distinguish symmetric and asymmetric algorithms is the number of keys used in the encryption and decryption process.
Data encryption can also be done using the NTFS. This encryption method is convenient for laptop users because their data stored in the hard drive is encrypted and secure, which makes their data secure and unreadble just in case their laptops are stolen and hacked.
Windows 2003 has a utility which makes it easy to encrypt files to an NTFS partition.
For information on how to encrypt files to an NTFS partition, please visit:
http://technet.microsoft.com
Windows 2003 also has the local password policy setup for the password length. For suthentication in work environments, usernames and passwords are required. What is to be focused here is the password length because short passwords are easy to crack and guessable. With Windows 2000/2003, the local password policy allows you to specify the minimum length for passwords.
For more information on how to setup local password policy for password length, please visit:
http://technet.microsoft.com/en-us/library/cc781633(WS.10).aspx
The local password policy can also be set for complexity. The main focus here is the usage of various password characters such as letters, numbers and symbols. So, the local password policy can also specify password characters to be used.
For more information on how to set the local password policy for password complexity, please visit:
http://technet.microsoft.com/en-us/library/cc781633(WS.10).aspx
Windows 2003 has the utility of setting the account lockout polisy where this policy disables an account for a specific amount of time after a certain amount of failed login attempts.
For more information on how to set an account lockup policy, please visit:
http://technet.microsoft.com/en-us/library/cc781491(WS.10).aspx
For encryption and decryption of plaintext, we use the third party software called Pretty Good Privacy. PGP is referred to as a hybrid cryptosystem because it has the best features of both conventional and public key cryptography. With PGP,
For more information on how PGP works, please visit:
http://www.pgpi.org/doc/pgpintro/
0 comments:
Post a Comment