Protection of Data
Biometrics
- The use of unique physical or behavioural characteristics of individuals, such as fingerprints, facial recognition, or iris scans, for authentication and access control
- Biometric data provides a more secure method of identification as it is difficult to forge or replicate
Advantages and disadvantages of Biometrics
|
|
|
|
Digital certificate
- An electronic document that verifies the authenticity and integrity of a website
- The purpose of a digital certificate is to establish trust between parties and ensure secure communication
- Contents of a digital certificate typically include the entity's public key, identification information, and the digital signature of a trusted third party
Secure Socket Layer (SSL)
- A protocol that establishes an encrypted link between a server and a client computer
- SSL ensures that data transmitted between the server and client remain confidential and cannot be intercepted or adjusted by unauthorised individuals
- Identified on a website by the S at the end of HTTP
Encryption
- The process of converting data into a form that is unreadable without a decryption key
- Encryption is used to protect data on hard disks, email communications, cloud storage, and secure websites (HTTPS)
- It ensures that even if data is accessed by unauthorised individuals, it cannot be understood without a decryption key
Firewall
- A network security device that monitors and controls incoming and outgoing network traffic
- The purpose of a firewall is to create a barrier between an internal network and external networks, filtering traffic based on predefined rules
- It helps prevent unauthorised access, malware, and other network threats
Advantages and disadvantages of Firewalls
|
|
|
|
Two-factor authentication (2FA)
- A security measure that requires users to provide two separate forms of identification to verify their identity
- The purpose of 2FA is to add an extra layer of security beyond just a username and password
- It usually involves a combination of something the user knows (password), something the user has (smartphone or token), or something the user is (biometric data)
User ID and password
- A common method of authentication that involves a unique identifier (user ID) and a secret code (password)
- User ID and password are used to increase the security of data by allowing access only to authorised individuals
- Strong passwords and regular password changes are important to maintain security
- It is recommended to use a combination of uppercase and lowercase letters, numbers, and special characters in passwords
Advantages and disadvantages of Passwords
|
|
|
|
Worked example
The data stored on the computer system needs to be protected from unauthorised access.
Discuss the effectiveness of different methods of increasing the security of this data.
[8]
8 of:
Factors increasing effectiveness
Strong passwords are difficult to crack [1]
Biometric passwords are harder to crack [1]
Regularly changing passwords increases security [1]
Use of two-factor authentication [1]
Using different passwords for parts of the computer system makes it more difficult to gain access to the full system [1]
A firewall required to stop attacks from computers [1]
A firewall stops fraudulent sites from attacking the computer [1]
Anti-spyware stops passwords from being seen when typed in [1]
Factors reducing effectiveness
Too complex a password can be easily forgotten [1]
Passworded files may not be backed up [1]
Using several different passwords can become cumbersome [1]
Regularly changing passwords means that passwords may be forgotten [1]
May be difficult to choose a unique password if it is changed every few weeks [1]
Passwords may become easier to guess if regularly changed [1]
Hackers can breach most passwords [1]
The firewall can affect the operation of the computer and stop some uploads [1]
The firewall may need to be shut down at times to upload files therefore making the computer unsafe [1]
Some legitimate software can be blocked by the firewall [1]
To gain full marks both sides of the discussion are needed