Security is perhaps one of the greatest concerns of the millions of users that routinely exchange data over the Web or store information in computers which may be accessed by unauthorized parties. To protect the confidentiality and integrity of data being transferred or stored, ISO and the International Electrotechnical Commission (IEC) have jointly developed a new standard which defines authenticated encryption mechanisms that provide an optimum level of security.

“With the rise of electronic transactions involving sensitive information, such as the transfer of bank data or personal identity information, this standard responds to a growing need for increasingly demanding security requirements.” says Prof. Chris Mitchell, project editor of the new ISO/IEC standard.

The standard, ISO/IEC 19772, Information technology – Security techniques – Authenticated encryption, specifies six encryption methods (based on a block cipher algorithm) that can be used to ensure:
* Data confidentiality (protecting against unauthorized disclosure of data)
* Data integrity (enabling recipients to verify that the data has not been modified)
* Data origin authentication (helping recipients to verify the identity of the data).

The standard takes the specific security needs of different operations into account.

The mechanisms specified in the standard have been designed to maximize the level of security and provide efficient processing of data for optimum results.

ISO/IEC 19772 was prepared by the Joint Technical Committee ISO/IEC JTC 1, Information Technology, subcommittee SC 27, IT Security techniques and is available from ISO national member institutes.

•Date:1st May 2009• Region: World •Type: Article •Topic: ISM news
Rate this article or make a comment - click here