ISDD Security Precautions
-
Upload
forrester-high-school -
Category
Education
-
view
454 -
download
0
Transcript of ISDD Security Precautions
![Page 1: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/1.jpg)
![Page 2: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/2.jpg)
Anti Virus SoftwareA program that can be used to scan files to identify and eliminate computer viruses and other malicious software
Scans files looking for matches with previoulsy discovered virus signatures
Anti virus software generally offers 2 modes: real-time protection, and scheduled scans
![Page 3: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/3.jpg)
Anti Virus SoftwareInfected files can be deleted or placed in quarantine
Heuristic anti virus software monitors suspicious behaviour of programs
AV software has to be regularly updated as new viruses are discovered
![Page 4: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/4.jpg)
PasswordsMost commonly used along with username although not always e.g. password protected file.
![Page 5: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/5.jpg)
PasswordsWeak PasswordsYour nameYour child’s nameA petAn easy word123456qwertyadminpassword
![Page 6: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/6.jpg)
PasswordsGood practiceAt least 8 charsDoes not contain username, real name, company nameDoes not contain complete wordDifferent from other passwordsMix of uppercase, lowercase, numbers & symbols
![Page 7: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/7.jpg)
BiometricsBiometrics is a way of proving identity using a unique biological trait e.g.Fingerprint (or palm)Retina / iris patternVoice recognitionFace recognitionDNA
![Page 8: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/8.jpg)
BiometricsAdvantages:Don’t need to remember passwordsVirtually impossible to forge
Current UsesAirport security - used to identify passengersMobile devices - use fingerprint scan to access paymentBuilding access – used to identify authorised personnelSchools – access, payment, registration, library booksCars – access via fingerprint or facial recognitionBanks – ATM cash withdrawals
![Page 9: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/9.jpg)
EncryptionEncryption is the conversion of data into a form that cannot be easily understood by unauthorised people
Decryption is the inverse of encryption - reversing the steps of encryption in order to get the original message
![Page 10: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/10.jpg)
EncryptionEncryption allows us to protect data an message from anyone we do not want to see it.
The encrypted data is known as cyphertext
![Page 11: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/11.jpg)
Symmetric Encryption Same key is used to encrypt and decrypt Sender and receiver both know the key
![Page 12: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/12.jpg)
Symmetric EncryptionAdvantagesFaster and easier to implement that asymmetric encryption
DisadvantagesSender and receiver need to know the key, but how do they share that securely?
If they have a secure way of sending the key, why would they need to use encryption…?
![Page 13: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/13.jpg)
Asymmetric Encryption A pair of keys is used to encrypt the data Private key and public key Anyone can encrypt a message using a public key Only the holder of the private key can decrypt the message Asymmetric encryption is also known as public-key encryption
![Page 14: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/14.jpg)
Asymmetric EncryptionExample1.Aaron(the recipient) generates a pair of keys, one public and one private2.He sends the public key to Alison (the sender)3.Alison encrypts the message using the public key and sends it to Aaron4.Aaron decrypts the message using the private key
![Page 15: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/15.jpg)
Asymmetric EncryptionAdvantagesNo need for private key exchangeIncreased security – only person with private key can decryptCan be used for Digital Signatures
DisadvantagesSlow – takes time to encrypt and decryptCould be cracked using brute force – try all possible keys(although RSA Security claim that using a 2048 bit key would not be crackable until around 2030).
![Page 16: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/16.jpg)
Digital Signatures Used to validate the authenticity and integrity of a message or
document
Can validate the origin, identity and status of a document
Uses asymmetric encryption, with public and private keys
![Page 17: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/17.jpg)
Digital Signatures1. Private key used to create a hash (a number generated from
string of text)2. Hash is sent along with document3. Hash is decrypted with the public key – verifies the document4. Any change/tampering of the document will mean the hash will
not match
(Note that the message itself does not have to be encrypted)
![Page 18: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/18.jpg)
Digital Certificates Provides identifying information to enhance user trust Used to encrypt communication between browser and website Issued by an official, trusted agency Digitally signed by a root certificate belonging to a trusted
Certificate Authority (CA) Includes information about the owner's identity e.g. name, email,
address, domain authority, certificate issue date and CA authority name.
![Page 19: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/19.jpg)
Digital Certificates
![Page 20: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/20.jpg)
Security ProtocolsSecurity protocols ensure data is protected when sent across a network
Hyper Text Transfer Protocol SecureThe secure version of HTTPData sent between browser and the website is encryptedUsed with banks, shops, webmail etc. to encrypt credit card and other transaction and personal details
![Page 21: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/21.jpg)
Firewall Prevents unauthorised access to a private network Can be hardware and/or software All messages entering or leaving network pass through firewall
which checks to see if the meet allowed criteria
![Page 22: ISDD Security Precautions](https://reader035.fdocuments.us/reader035/viewer/2022062522/58745d0f1a28abd53e8ba525/html5/thumbnails/22.jpg)
Firewall