Enhancing Existing Application with Stronger Security Measures

The SAKEM implied security model makes it easy to enhance existing application with stronger security measures.

Return->

It is common for the existing computer systems and applications to cause headaches to a designer who attempts to improve the security aspect of a computerized business function. The option to convert at once the many pieces of application software, hardware systems, and network interconnections is seldom feasible. Then, the challenge becomes to make marginal enhancements (upgrades) to selected portions of the architecture.

When looking at the security tools as a set of resources to chose from, the designer would draw from either secret key cryptography (SKC) mechanisms or public key cryptography (PKC) mechanisms. Generally, retrofitting SKC mechanisms into existing systems is likely to to be easier than in the case of PKC mechanisms. Practical advantages for SKC mechanisms include:

• the SKC mechanisms carry lower processing requirements,
• the SKC technology has been around in commercial applications for a longer period,
• the SKC technology is generally more "public domain" (less patent encumbered),
• the software programming oddities of SKC techniques (mainly bit manipulations) are trivial in comparison with those of PKC techniques (notably big number arithmetic),
• the typical field sizes (cryptographic keys, authentication codes or digital signatures) are smaller in the case of SKC cryptography.

Because the SAKEM implied security model suggests the use of SKC algorithms for routine operations and yet provides many of the benefits expected from PKC security models, it should be considered seriously when attempting to enhance the security aspect of existing application environment.

Return->