Following are the primary security features that any security system must offer. The intensity of each feature can be varied based on the application. The first four features are explained based on a situation where you want to send a confidential message to your friend. A digital signature ensures all of the following (first four) services. Here the message along with its hash is encrypted with the public key of the receiver as well as the private key of the sender. The receiver can decrypt it with the public key of the sender as well as his own private key and check the hash.
1. Confidentiality : Maintaining secrecy. The message must not be seen by anyone else other than your friend. Encrypting the message is one way to ensure confidentiality.
2. Integrity: No tampering. The message send must not be changed by an intruder in between. To detect this, the hash of the original message is sent along with the message. Once the receiver receives the message, he can take the hash of the received message and check it with the hash received. If it doesn’t match, it shows that the message is tampered.
3. Authentication: The sender as well as the receiver is identified with credentials like username and passwords and can’t impersonate someone else.
4. Non-repudiation: Once the message is sent, the sender can’t deny that he the message is sent my him. This can be ensured by encrypting the message with the private key of the sender so that the receiver can check that by decrypting it with the public key of the sender.
5. Authorization: This is to ensure that a particular user is granted the privilege that he is intending to use. For example, a member in a google group can post comments, and send mails. But he is not authorized to add or remove other members. Only a manger can do that.
6. Availability: The system must be usable for everyone. Security by obscurity is not the right practice. It can go obsolete very fast. A security system must not stay out of reach of users to keep it secured. It must not be closed. It has to be made available to users to use without any difficulties.