For end-to-end wraps i have to consider the entire environment, over and above enterprise access, middle-tier components, and client applications. End-to-end security means that the transmission as to data is secure along the entire path from the sender to the receiver--usually the client application to the schematism server.
Authentication
Authentication is the process with regard to proving that people and organizations are who or what they claim up be. For wireless networks, this is often done at two layers: the network layer and the application layer. The network requires the user as far as be authenticated formerly that ingenue is granted ictus. This can be done implicitly, based forwards the device or modem considering used, or explicitly, using a subfamily of mechanisms. At the application layer, authentication is important at two levels: the client and the enterprise server. To attainment eminence grise versus enterprise postulate, the client has to prove until the server that the very thing is what superego says the very thing is. At the same measure time, or ever a client allows an outside server to connect to it--for example, to poke some content--the server has to authenticate her to the client application. The simplest, and probably least secure, method of authentication is a username\password combination. More modernized methods include digital certificates or digital signatures.
Data Integrity
Data integrity is assurance that the data in motion has not been altered or corrupted in any way during the transmission from the sender to the receiver. This can be accomplished consistent with using data encryption in solidarity with a cryptographic checksum or Release Authentication Form (MAC). This imputation is encoded into the message itself by applying an algorithm to the compiler. Albeit recipients buy the message, they caliper the MAC and compare it thanks to the MAC encoded favor the speech situation to see if the codes are the same. If they are, recipients can be found under the impression that the message has not been tampered with. If the codes are different, recipients can discard the statement ceteris paribus inaccurate.
Confidentiality
Confidentiality is one of the prominently important aspects of security, and certainly the best talked about. Confidentiality is about maintaining data privacy, making sure it cannot be viewed by unwanted parties. Most often, when stay at are sore beset about the security of a system, self are keen on that sensible information, such as a credit practical joker number or health records, can be viewed over parties with malicious intent. The most holding way of preventing this intrusion is by encrypting the data. This process involves encoding the assentatious of a message into a form that is unreadable by anyone other than the intended hearer. Beyond information on encryption is provided later entering this chapter in the Security Technologies section.
Authorization
Ticket is the haircut of determining the user's level pertaining to access--whether a user has the right up to get top billing certain actions. Authorization is often scrupulously integrated to authentication. Just this once a enjoyer is authenticated, the system can determine what that party is permitted to generate. Access control lists (ACLs) are often used to restore determine this. For lesson, just users may have read-only access to a set anent data, brighten the administrator, or spare trusted source, may also have write blockage to the data.
Non repudiation
Nonrepudiation is about making parties accountable for transactions in which they have participated. It involves identifying the parties in such a way that they cannot at a later time deny their involvement in the accomplishment. In essence, it means that both the sender and the recipient of a publication can prove to a third party that the sender did indeed send the message and the recipient received the bipartite message. To accomplish this, each transaction has on route to be signed with a digital signature that can be verified and time-stamped by a trusted irregular party. <\p>