Web Page Encryption
What is web page encryption?
Web page encryption is a technique for encrypting (making secret) information carried on a web page.
Of course, web page encryption, on its own, is not very interesting. That is because encryption, on its own, does not provide all the answers. You can encrypt a web page so that only the person or people you have determined
can have access to it, but that does not allow the sender to impose any controls on the use of the content after it has been decrypted.
That is the interesting aspect of web page encryption that differentiates it from rights management. Classical cryptography is utterly brilliant at creating secrets. It is used by government and the banks to ensure that information remains secret from those who are not entitled to see it. The thing is that encryption does
not control how information is used after it is decrypted. What it does do is protect it from being used at all by anyone who is not authorized.
So web page encryption may suit some purposes, but may not be suitable in all instances. Whilst banks may have staff who can be trusted (although if we read the security reviews the major threat is the people inside rather than the people outside) it is not always clear that all the recipients of web page encryption can be 'trusted' to obey the rules
that the web page provider wishes to have followed.
Web page encryption allows a publisher to ensure that only the people who have been authorized are able to make use of the information that is protected. And that can be extremely important. Web page encryption is one of the most important security techniques available and least used today for the protection of information. Although it has the potential to be able to allow companies to make 'publicly' available information that only the approved
people can see nobody actually uses that kind of service.
Web page encryption allows absolute control over who is able to receive and use information on a web page. It must NOT be confused with SSL, which does not control anything at all, except the transfer of information. It does not prove where information came from, or who it is for. It is no real security at all compared to real web page encryption, and is a most unfortunate service because it has been misrepresented by some sections of the
IT security industry as providing security when it is delivering a mere illusion to both the sender and the recipient.
There are plenty of warnings delivered by security experts about 'security by obscurity'. Well, SSL is the ultimate in delivering a con. You should not blame the people who developed the standard. They made it utterly clear what their standard did and did not do. But do feel free to blame industry PR hype that has claimed that SSL provides a security that it does
not, and has glossed over what it does not do. If it was real security we would not have identity theft of credit card transactions. But the fact of the matter is that as soon as SSL protected information arrives at a web site it is available for anyone to see (especially the hacker) and is stored on the web server in the unprotected form in which it arrives. In fact, it is actually impossible for the web site owner to use the SSL protection to continue to protect the content they receive.
So web page encryption requires significantly more than SSL.
And even if you are using web page encryption, you can be absolutely certain that your information is not being protected at all if you are not using digital rights management controls in addition to web page encryption because you have no way of ensuring, even if you are using web page encryption, that your rules for the use of the information you are protecting must actually be followed.
Download web page encryption software
Download web page encryption software to encrypt web pages and control who can view your web content. Stop copying, prevent or control printing, and expire content when it should no longer be viewed.
Protector Web Content Security encrypts web pages using US Government approved AES 256 bit encryption and digital rights management (DRM) controls to prevent unauthorized
use and misuse of your web page content.
Further reading on encryption
To learn more about encryption and digital rights management (DRM), please take a look at the following white papers.
Introduction to Digital Rights Management - DRM
is not enough for DRM
Protecting your Intellectual Property with DRM
Note: We have given permission for Damian Erjavec to host a Slovenian translation of this page and a Ukrainian translation is provided by Viktor Kosenko.
| || |