Protection of Data

Biometrics

 The use of unique physical or behavioural characteristics of individuals, such

as fingerprints, facial recognition, or iris scans, for authentication and access control
 Biometric data provides a more secure method of identification as it is difficult to forge
or replicate

ADVANTAGES DISADVANTAGES

Skin damage can stop identification

 Harder to crack
 Facial features can change over time
 Easier to use for
 Some biometrics are more expensive to set up than
individual
others
 High accuracy
 Voice recognition can be affected by illness

Digital certificate

 An electronic document that verifies the authenticity and integrity of a website

 The purpose of a digital certificate is to establish trust between parties and ensure secure
communication
 Contents of a digital certificate typically include the entity's public key, identification
information, and the digital signature of a trusted third party

Secure Socket Layer (SSL)

 A protocol that establishes an encrypted link between a server and a client computer
 SSL ensures that data transmitted between the server and client remain
confidential and cannot be intercepted or adjusted by unauthorised individuals
 Identified on a website by the S at the end of HTTP

Encryption

 The process of converting data into a form that is unreadable without a decryption key
 Encryption is used to protect data on hard disks, email communications, cloud storage,
and secure websites (HTTPS)
 It ensures that even if data is accessed by unauthorised individuals, it cannot be
understood without a decryption key

Firewall

 A network security device that monitors and controls incoming and outgoing network
traffic
 The purpose of a firewall is to create a barrier between an internal network and external
networks, filtering traffic based on predefined rules
 It helps prevent unauthorised access, malware, and other network threats
 ADVANTAGES DISADVANTAGES

 Can affect the operation of the computer and some

 Stops attacks from device uploads
 Stops fraudulent sites  To upload some files, the firewall may need to be
attacking the device switched off, leaving the computer open to attacks
 Can stop legitimate software from running

Two-factor authentication (2FA)

 A security measure that requires users to provide two separate

forms of identification to verify their identity
 The purpose of 2FA is to add an extra layer of security beyond just a username and
password
 It usually involves a combination of something the user knows (password), something
the user has (smartphone or token), or something the user is (biometric data)

User ID and password

 A common method of authentication that involves a unique identifier (user ID) and a secret
code (password)
 User ID and password are used to increase the security of data by allowing access only
to authorised individuals
 Strong passwords and regular password changes are important to maintain security
 It is recommended to use a combination of uppercase and lowercase letters, numbers,
and special characters in passwords

ADVANTAGES DISADVANTAGES

 Passwords too complex can be harder to

 Strong passwords are difficult to crack
remember
 Regularly changing passwords increases
 Too many passwords are hard to remember
the security
 Harder to choose unique passwords if
 Using a range of passwords over the
regularly updating
system will stop or slow access to the full
 Harder to remember if regularly updating
system
 Hackers can break most passwords
Worked example

The data stored on the computer system needs to be protected from unauthorised access.

Discuss the effectiveness of different methods of increasing the security of this data.

[8]

8 of:

Factors increasing effectiveness

Strong passwords are difficult to crack [1]

Biometric passwords are harder to crack [1]

Regularly changing passwords increases security [1]

Use of two-factor authentication [1]

Using different passwords for parts of the computer system makes it more difficult to gain access to
the full system [1]

A firewall required to stop attacks from computers [1]

A firewall stops fraudulent sites from attacking the computer [1]

Anti-spyware stops passwords from being seen when typed in [1]

Factors reducing effectiveness

Too complex a password can be easily forgotten [1]

Passworded files may not be backed up [1]

Using several different passwords can become cumbersome [1]

Regularly changing passwords means that passwords may be forgotten [1]

May be difficult to choose a unique password if it is changed every few weeks [1]

Passwords may become easier to guess if regularly changed [1]

Hackers can breach most passwords [1]

The firewall can affect the operation of the computer and stop some uploads [1]

The firewall may need to be shut down at times to upload files therefore making the computer
unsafe [1]

Some legitimate software can be blocked by the firewall [1]

Protection of Data (Revision)
Multiple techniques are implied for the protection of data, inclusive:
1. Biometrics:
 Individuals' distinctive physical or behavioural traits, such as fingerprints, faces, or
irises, can be used for access control and verification. Since biometric data is hard to
fake or duplicate, it offers a more secure form of identification.
2. Digital certificate:
 A digital record that attests to a website's reliability and integrity. A digital certificate
is used to provide safe communication and to build confidence between parties.
Identifier data, the entity's public key, and a third party's digital signature are
frequently found in digital certificates.
3. Secure Socket Layer (SSL):
 a protocol that creates a secure connection between a client computer and a server.
SSL ensures that information communicated between a server and client stays
private and cannot be intercepted or changed by unauthorized parties. A website's
identification for it is the S at the end of HTTP.
4. Encryption:
 Creating data in a format that cannot be read without a decryption key Data on hard
drives, emails, cloud storage, and secure websites (HTTPS) are all protected by
encryption. Without a decryption key, it assures that even if unauthorized people
obtain data, it cannot be decoded.
5. Firewall:
 A firewall is a network security device that monitors and manages incoming and
outgoing network traffic. Its goal is to separate an internal network from other
networks by filtering data according to established criteria. It assists in preventing
malware, unauthorized access, and other network risks.
6. Two-factor authentication:
 A security mechanism that requests two different kinds of identification from users to
confirm their identity. To provide additional protection outside of just a username and
password, 2FA was created. Typically, it combines something that uniquely identifies
a user, like biometric data, with something the user has, like a smartphone and a
token or something they know, like a password.
7. User ID and password:
 A typical authentication technique uses a password plus a secret code (user ID) to
identify. To strengthen data security, user IDs and passwords restrict access to only
authorized users. Using secure passwords and changing them frequently is critical to
ensure security. When creating passwords, it is advised to utilize a mix of uppercase,
lowercase, digits, and special characters.