Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course(Cryptography) have been applied, or could be applied, in a practical manner to the current work environment.
If you are not currently working, share times when you have or could observe these theories and knowledge could be applied to an employment opportunity in your field of study.
Requirements:
- Provide a 500 word (or 2 pages double spaced) minimum reflection.
- Use of proper APA formatting and citations. If supporting evidence from outside resources is used those must be properly cited.
- Share a personal connection that identifies specific knowledge and theories from this course(Cryptography).
- Demonstrate a connection to your current work environment. If you are not employed, demonstrate a connection to your desired work environment.
- You should not provide an overview of the assignments assigned in the course(Cryptography). The assignment asks that you reflect how the knowledge and skills obtained through meeting course objectives were applied or could be applied in the workplace.
Cryptography Practical Connection
In today’s age of technological innovation, the job market is flooded with more and more positions demanding employees’ high-level skillsets. Unfortunately, many companies are unable to find qualified applicants to fill these vacancies.
As a result of this high demand for specialized skills and low availability in qualified applicants, there is a growing number of jobs that require an employee to have knowledge and understanding in the field of cryptography.
Cryptography is a subset of information and computer security that focuses on how to keep information secret.
The field has evolved into two main areas: the study of how to keep information secret, and the study of how to break others’ secrecy.
I will focus on the study of keeping things secret; my knowledge, skills, and theories of cryptography have been applied in many ways through my current work environment.
Cryptography is used extensively today in virtually all aspects of our lives, as well as in business and government.
We can trust over 96% of the information we receive is unencrypted because it is encrypted by default.
However, as cryptography becomes more widely adopted and continues to advance, so do the methods according to which someone can break the security of this information.
In my current position as a compliance officer at one of
central California’s largest healthcare systems, I am responsible for managing risk and security in various technologies that are vital to a hospital’s ability to provide care.
Due to the sensitive nature of the information that is shared across these networks, the security of this data must be assured.
This can only be accomplished through strong encryption methods.
Most often, encryption is used in a very straightforward way.
For example, an application will request a digital certificate from a root authority and then use that certificate to encrypt its data.
The underlying infrastructure may also encrypt its data at rest using a complex key management system, so gaining access to the encrypted data is more difficult than just encrypting with some simple scheme.
However, with the industry’s increasing reliance on encryption, there is a growing need to have more complex and regular processes for managing encryption.
This pressure has caused development of strong encryption schemes to come at the cost of usability.
This problem is being addressed by researchers and companies whose mission is to improve the usability of these complex encryption schemes without compromising their strength.
These companies, such as PGP Corporation, are working to make encryption usable by ordinary people.
They have developed software that can allow users to generate and use the digital encryption keys necessary for secure communication.
However, there are some drawbacks to this type of encryption.
There is a trade-off between privacy and usability.
Privacy is obtained at the expense of usability because complex encryption schemes can become very difficult for users to setup and use effectively, especially in light of today’s rapidly changing online environment.
There are also some drawbacks to mixing cryptography and electronic health records (EHR), which are the digital records of a patient’s health and clinical history created by a health provider.
A paper from the University of Chicago, called “A Feasibility Study of EHR Encryption,” aimed to improve on these drawbacks by implementing encryption/decryption schemes in an EHR system.
The study examined how this could be achieved in practice through implementation and use of several electronic health record systems.
The researchers concluded that cryptography could be used to improve the privacy and security of EHRs.
The study found that encryption still has room for improvement and there is much room for future growth.
References
Barenghi, A., Breveglieri, L., Koren, I., & Naccache, D. (2012). Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proceedings of the IEEE, 100(11), 3056-3076.
Diffie, W., & Hellman, M. E. (2022). New directions in cryptography. In Democratizing Cryptography: The Work of Whitfield Diffie and Martin Hellman (pp. 365-390).