Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Security Services

There are three core security services that are essential requirements for a secure remote access technology.

  • Confidentiality: The transmitted data must not be readable by unauthorized parties on the network. Confidentiality is achieved through encryption.

  • Integrity: Unauthorized parties must not be able to modify the data without detection. Integrity is achieved by using checksum values, which reveal tampering attempts at the receiving end.

  • Authentication: Both communicating parties must be able to identify each other reliably, so that no one else can pretend to be the other party. Authentication can be implemented by using challenge passwords, for instance. However, the strongest authentication is achieved through public-key cryptography and digital signatures.

Non-repudiation is also usually mentioned along with these three services. Non-repudiation is a security service that prevents an entity from denying previous commitments or actions. However, in the context of communications security, non-repudiation is difficult to apply.

Note that the terms authentication and authorization refer to different actions. Authentication is the act of verifying the identity of an entity whereas authorization is the act of verifying whether the identified entity is allowed to perform a task such as reading a file. Authentication usually precedes authorization. Authorization is determined by an access control system.

The Secure Shell protocol provides the confidentiality, integrity, and authentication services.


 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now