Difference between revisions of "Encryption"
Kbjarkefur (talk | contribs) (Created page with "{{subst:dime_wiki}}") |
Kbjarkefur (talk | contribs) |
||
Line 1: | Line 1: | ||
In today's world of research we are sending data regularly over the internet, and we are storing the data in the cloud. At any point when the internet is involved we expose our data to some risk. There are tools that keeps our data safe, and most of those tools is in one way or another related to encryption. This page is discussing the the concept of encryption, if you are looking for instruction on how to encrypt something at a specific stage of a project, then go to the specific page for that topic. For example, [[Questionnaire Programming]], | |||
== Read First == | |||
* Almost all encryption depends on a private/public key pair. | |||
* Encryption in transit, i.e. encryption while data is sent over the internet is extremely important, but it is easy to implement so most services do this without you even noticing. There is '''never''' a case when ''not'' using encryption in transit is at all ok. | |||
* Encryption at rest, i.e. encryption when data is stored on a server or computer, is also important but not as extremely important as encryption at rest. There is no as seamless implementation of encryption at rest as the files are encrypted over a longer period of time, compared to the second or so the file has to be encrypted when it is sent over the internet. | |||
== Encryption in transit == | |||
This is by far the most important type of encryption, but luckily it is almost always taken care of by the service provider of the service we are using. Survey Solutions, [[SurveyCTO_Coding_Practices|SurveyCTO]], OneDrive etc. all take care of this. But if you are using a less well-establish service you should make sure that they use encryption in transit. | |||
If your service provider is using ''secure'' transfer methods, you will see <code>https://</code> in the internet address instead of simply <code>http://</code>. In reality it is more complicated than that, as page you see in the browser use <code>https://</code> but the data is sent back and from an API that is using <code>http://</code>, that can easily be spied on. | |||
You should never send anything of importance over the internet unless the URL starts with ''HTTPS''. Data transferred over an ''HTTP'' connection can often be openly read by every server that data passes through. Those servers are controlled by governments and private companies, and hackers can easily tap in to ''HTTP'' traffic and read data, copy files, read passwords etc. ''HTTPS'' is not the only secure way to transfer data over the internet, but it is the one researchers should know of as we use it frequently. If you set up advanced protocols to send files, you should make sure that they are set up to be secure. For example, if you are using ''FTP'' you should be using ''FTPS''. | |||
Encryption in transit has nothing to do with a service requiring a username or password. A password-protected resource can only be requested by someone with the correct password, but that does not protect the resource from being seen by the servers handling it while it being transferred to the authorized user, once they have entered the correct password. What you need to know is ''HTTP'' is never secure enough to send data, and that if a data collection service does not encrypt your data in transit, then it should absolutely never be used to send sensitive data. | |||
== | == Encryption at rest == | ||
== Public/Private Key Pair == | |||
* organize information on the topic into subsections. for each subsection, include a brief description / overview, with links to articles that provide details | * organize information on the topic into subsections. for each subsection, include a brief description / overview, with links to articles that provide details | ||
===Subsection 1=== | ===Subsection 1=== |
Revision as of 18:40, 5 March 2019
In today's world of research we are sending data regularly over the internet, and we are storing the data in the cloud. At any point when the internet is involved we expose our data to some risk. There are tools that keeps our data safe, and most of those tools is in one way or another related to encryption. This page is discussing the the concept of encryption, if you are looking for instruction on how to encrypt something at a specific stage of a project, then go to the specific page for that topic. For example, Questionnaire Programming,
Read First
- Almost all encryption depends on a private/public key pair.
- Encryption in transit, i.e. encryption while data is sent over the internet is extremely important, but it is easy to implement so most services do this without you even noticing. There is never a case when not using encryption in transit is at all ok.
- Encryption at rest, i.e. encryption when data is stored on a server or computer, is also important but not as extremely important as encryption at rest. There is no as seamless implementation of encryption at rest as the files are encrypted over a longer period of time, compared to the second or so the file has to be encrypted when it is sent over the internet.
Encryption in transit
This is by far the most important type of encryption, but luckily it is almost always taken care of by the service provider of the service we are using. Survey Solutions, SurveyCTO, OneDrive etc. all take care of this. But if you are using a less well-establish service you should make sure that they use encryption in transit.
If your service provider is using secure transfer methods, you will see https://
in the internet address instead of simply http://
. In reality it is more complicated than that, as page you see in the browser use https://
but the data is sent back and from an API that is using http://
, that can easily be spied on.
You should never send anything of importance over the internet unless the URL starts with HTTPS. Data transferred over an HTTP connection can often be openly read by every server that data passes through. Those servers are controlled by governments and private companies, and hackers can easily tap in to HTTP traffic and read data, copy files, read passwords etc. HTTPS is not the only secure way to transfer data over the internet, but it is the one researchers should know of as we use it frequently. If you set up advanced protocols to send files, you should make sure that they are set up to be secure. For example, if you are using FTP you should be using FTPS.
Encryption in transit has nothing to do with a service requiring a username or password. A password-protected resource can only be requested by someone with the correct password, but that does not protect the resource from being seen by the servers handling it while it being transferred to the authorized user, once they have entered the correct password. What you need to know is HTTP is never secure enough to send data, and that if a data collection service does not encrypt your data in transit, then it should absolutely never be used to send sensitive data.
Encryption at rest
Public/Private Key Pair
- organize information on the topic into subsections. for each subsection, include a brief description / overview, with links to articles that provide details
Subsection 1
Subsection 2
Subsection 3
Back to Parent
This article is part of the topic *topic name, as listed on main page*
Additional Resources
- list here other articles related to this topic, with a brief description and link