Safety and Security Chapter 8

Way of protecting individuals' well-being of health is classified as safety

Information and Communication Technology (ICT) 1|Page

 Safety and Security Chapter 8

Information and Communication Technology (ICT) 2|Page

 Safety and Security Chapter 8

Information and Communication Technology (ICT) 3|Page

 Safety and Security Chapter 8

Adware is a type of malware that

displays ads on your computer

spyware is a software that spies on

you, tracking your internet activities in
order to send advertising back to your
system

Information and Communication Technology (ICT) 4|Page

 Safety and Security Chapter 8

Unsolicited bulk emails

Moderated and Unmoderated forums:

A moderated forum refers to an online discussion forum in which all the posts are checked by an
administrator before they are allowed to be posted.

In case of unmoderated forums, the posts are not checked.

Cookies:
Cookies are small files or code that are stored on a user’s computer. They are sent by a
web server to a user’s computer.

Information and Communication Technology (ICT) 5|Page

 Safety and Security Chapter 8

Additional security of data online

1. Firewalls
2. Security protocols
3. Encryption
4. Authentication

1. A firewall can be either software or hardware. It sits between the user's computer and an external
network (for example, the internet) and filters information coming in and out of the user's computer.

The following list shows a number of the tasks carried out by a firewall:
• To examine the 'traffic' between a user's computer (or internal network) and a public
network (for example, the internet )
• Checks whether incoming or outgoing data meets a given set of criteria
• If the data fails the criteria, the firewall will block the traffic and give the user (or network
manager) a warning that there may be a security issue
• The firewall can be used to log all incoming and outgoing traffic to allow later
interrogation by the user (or network manager)
• Criteria can be set so that the firewall prevents access to certain undesirable sites; the
firewall can keep a list of all undesirable IP addresses
• It is possible for firewalls to help prevent viruses or hackers entering the user's computer
network
• It is also possible for firewalls to help prevent hackers gaining access to the user's
computer or network. This can be done by blocking IP addresses, but it should be
pointed out that hackers can still have access to a computer or network if they are using
an allowed computer
• The user is warned if some software on their system is trying to access an external data
source (for example, an automatic software upgrade); the user is given the option of
allowing it to go ahead or request that such access is denied.

2. Security protocols
Security protocols - sets of rules used by computers to communicate with each other
across a network - when using the internet:
• Secure Sockets Layer (SSL)
• Transport Layer Security (TLS)

• Secure Sockets Layer (SSL) is a type of protocol that allows data to be sent and
received securely over the internet.
When a user logs on to a website, SSL encrypts the data - only the user's computer and
the web server are able to make sense of what is being transmitted. A user will know
if SSL is being applied when they see https (as part of the website address) or the
small padlock in the status bar at the top of the screen.

Information and Communication Technology (ICT) 6|Page

 Safety and Security Chapter 8

• Transport Layer Security (TLS) is a form of protocol that ensures the security and
privacy of data between devices and users when communicating over the internet. It
is essentially designed to provide encryption, authentication and data integrity
(data integrity is maintaining the accuracy and the consistency of data) in a more
effective way than its predecessor, SSL.

TLS is formed of two layers:

• Record Protocol: this part of the communication
can be used with or without encryption (it contains
the data being transferred over the internet).
• Handshake Protocol: this permits the website and the user to authenticate each
other and to make use of encryption algorithms (a secure session between user
and website is established).

Session caching
When opening a TLS session, it requires a lot of computer time (due mainly to the complex
encryption keys being used). The use of session caching can avoid tl1e need to utilize so
much computer time for each connection. TLS can either establish a new session or attempt
to resume an existing session; using tl1e latter can boost system performance considerably.

3. Encryption
Encryption is used primarily to protect data in case it has been hacked or accessed
illegally. Encryption uses a secret key that has the capability of altering the characters
in a message. If this key is applied to a message, its content is changed, which then
makes it unreadable unless the recipient also has the same secret key. When this
secret key is applied to the encrypted message, it can be read. The key used to
encrypt (or encode) the message is known as the encryption key; the key used to
decrypt (or decipher) the message is known as the decryption key. When a
message undergoes encryption it becomes cypher script; the original message is
known as plain text.

4. Authentication
Authentication is used to verify that data comes from a secure and trusted source. It works
with encryption to strengthen internet security.

i. Digital Certificates
A digital certificate is a pair of files stored on a user's computer - these are used in
the security of data sent over the internet. Each pair of files is divided into:
• A public key (which is known by anyone)
• A private key (known to the computer user only).

ii. Password
Strong passwords should contain upper case and lower case characters, as well as
numbers and other keyboard symbols, for example: Rn5K;2mL/8.

Information and Communication Technology (ICT) 7|Page