VPN+-+Encryption+&+Authentication


 * Encryption**

Encryption technology is essentially used to encode data at or prior to transmission so it cannot be read as clear text by unauthorized entities. The receiver typically decodes the data using a program and a decryption key upon receipt. Encryption can be applied at a file level for secure data files using programs such as Pretty Good Privacy (PGP) and 56-bit Data Encryption Standard (DES). It can also be applied at the network level to secure the transmission link (IPSec, PPTP, L2F or L2TP), the session level using Secure Sockets Layer (SSL) or at an application level to secure specific applications like Email (S/MIME) and Web applications (S/HTTP).


 * Authentication**

Authentication can be achieved using a variety of technologies and techniques including X.509 certificates, UNIX login and password, and token-based one-time pass codes. This is essentially a method for identifying users and authorizing their access to the network and specific applications on the network.

Using VPN technology as a method for securing data transmissions at the network level provides a distinct advantage over other methods. For example, application-level encryption techniques such as Secure Multipurpose Internet Mail Extension (S/MIME), used to encrypt Simple Mail Transfer Protocol (SMTP) Email attachments, or Secure Hyper Text Transfer Protocol (S/HTTP), used to secure Web traffic, are very specific point solutions. Network level services associated with VPN technology can support multiple applications using the same security method. VPN authentication and encryption services remove the requirement for application specific security. Therefore communications are trusted between a secure client and the VPN server for all applications.

In some cases this has the added advantage of relieving the user from having to perform file level encryption using tools like Pretty Good Privacy (PGP). This reduction in user intervention is usually desirable. It can be an advantage when security could be compromised by an incorrect encryption step executed by a novice user. To summarize, VPN technologies provide a secure transport for multiple applications and limit the end user intervention in the security process.

Back