Group telemetry analysis using the World Wide Web Page: 5 of 9
This article is part of the collection entitled: Office of Scientific & Technical Information Technical Reports and was provided to Digital Library by the UNT Libraries Government Documents Department.
The following text was automatically extracted from the image on this page using optical character recognition software:
When transporting sensitive information over public networks, one must generally
have three capabilities present to insure the information will not being comprised. First,
there must be assurance that the information being transported can only be read by the
intended recipient (privacy). The second notion is that of authentication. The recipient
must be able to guarantee that the person he receives data from is truly, "that person."
Finally, there must be a guarantee that the contents of the message have not been
altered in the message's travel from sender to recipient-----that is, one must have
confidence in the message integrity.
Dual asymmetric key cryptography  can facilitate these security capabilities. Two
keys are generated which have the unique feature that information encrypted with one
key, can only be decrypted using the other. Encryption is the process of "disguising"
clear text so it cannot be understood. One key is kept private, the other public. If
Person A wishes to send a private message to Person B, he may encrypt the message
using Person B's public key. Person A is assured that only Person B's private key can
decrypt the message. In order for Person B to be assured that the message he is
receiving is from Person A, Person A may sign the encrypted message by using his
private key. Person B can be assured that only Person A's public key could decrypt the
signature. Person B may be assured the message he received was not tampered with, if
Person A calculates a checksum of the message he wishes to send before encrypting the
message. If the checksum is passed along in the encrypted (and possibly signed)
message, Person B can calculate a checksum on the decrypted (and possibly
authenticated) file by calculating his own checksum and comparing it with the
checksum sent in the message.
At this point is should become clear that both private and public keys need to be
protected. The security for the private key is obvious, one desires that only they alone
may read their own private messages. This is usually implemented by password
protecting utilization of the private key on the host system it resides on. Security is
needed for the public key so one can guarantee that no other key may be substituted for
their own. This is provided by having a certifying authority sign the public key
(forming what is known as an X.509  certificate). The signature indicates that the
name associated with the public key (in the certificate) is indeed the "that person." The
certifying authority may require many forms of identification before signing the
certificate (e.g. birth certificate, social security number, etc).
These cryptographic principles are utilized in two specifications which have given the
World Wide Web security; namely, Secure Sockets Layer (SSL)  and the Secure Hyper
Text Transfer Protocol (S-HTTP) . SSL is designed to run under the protocol being
used for application communication. Thus, while SSL is most commonly used to
support secure communication under HTTP, it can also be used to effect secure
communication making use of other Internet protocols like FTP. In the SSL
Here’s what’s next.
This article can be searched. Note: Results may vary based on the legibility of text within the document.
Tools / Downloads
Get a copy of this page or view the extracted text.
Citing and Sharing
Basic information for referencing this web page. We also provide extended guidance on usage rights, references, copying or embedding.
Reference the current page of this Article.
Kalibjian, J. Group telemetry analysis using the World Wide Web, article, December 31, 1996; California. (digital.library.unt.edu/ark:/67531/metadc689039/m1/5/: accessed December 12, 2018), University of North Texas Libraries, Digital Library, digital.library.unt.edu; crediting UNT Libraries Government Documents Department.