Data Security and Encryption
NORDUnet does not encode or encrypt any data transferred, other than what is needed for the transmission of the data.
It is however recognised, that within a research environment, it can be necessary to secure the privacy of information and datasets.
NORDUnet recommends that information requiring privacy be protected using end- to-end encryption (E2EE) techniques, when transferred over any network, that being public or private.
E2EE is generically defined as encryption of a message at its point of origination so that it travels in encrypted form all the way to its destination.
“End-to-end encryption (E2EE) encrypts clear data at source with knowledge of the intended recipient, allowing the encrypted data to travel safely through vulnerable channels (eg. public networks) to its recipient where it can be decrypted (assuming the destination shares the necessary key-variables and algorithms)”
There are numerous ways to obtain E2EE of your data, both commercially and open source. If you have a requirement to transfer data requiring privacy, please contact you local institution or organisation IT support for guidance.
More information about a number of the most popular commercial and open source solution can be found following below links.
- PGP: Commercial solution for communications and hard disc encryption - http://www.pgp.com
- GnuPG: Open source multiplatform solution – http://www.gnupg.org
- IPsec: Generic protocol stack for securing IP communications - http://unixwiz.net/techtips/iguide-ipsec.html
For reference further Information regarding data security can be found following below links.