The Internet is a global network of computers that uses a common communication protocol, the Transfer Control Protocol/Internet Protocol (TCP/IP), to transmit data from one location to another. Many application specific tasks, such as E-mail transmission and file transfer, are not directly supported by TCP/IP. Instead, support for these services is implemented by application specific protocols that in turn rely on TCP/IP for basic data transport services. One problem that is relatively unknown to individuals that make use of the Internet is the ease by which information can be obtained during transmission by unauthorized eavesdroppers. For example, most E-mail transmissions over the Internet are sent in cleartext. Cleartext is unencrypted data that can be intercepted anywhere along the path between a sender and the recipient.
Accordingly, sensitive business or personal information should not be transmitted in cleartext over the Internet. To do so is to risk its publication. To avoid this risk, sensitive data is often sent by courier services at great cost.
Encryption mechanisms can be used to ensure the integrity of information sent over the Internet. Two common encryption techniques, symmetric key encryption and public key encryption, are described below. In a symmetric key encryption, a unique key is identified and used by the sender to encrypt and by the receiver to decrypt a message. In public key encryption, separate keys are used to encrypt and to decrypt a message.
While secure communications are desirable, the mechanisms required to ensure security can be difficult to implement in a network environment. Private networks that include connections to public networks are often shielded using a firewall. A firewall provides a gateway between a public and a private network, or between public and private portions of a single network. A firewall can screen incoming and outgoing traffic to ensure integrity of the traffic between the two distinct domains. While the screening is desirable to avoid unauthorized access to or transfers of data, the additional security measures can have undesirable effects in limiting the kind or form of traffic that is able easily to be transmitted through the gateway.