Enhancing Computer Security Precautions

This content covers essential security precautions for computing systems, including methods of protection, anti-virus software, firewalls, encryption, and digital certificates. Learn about virus detection, database management, checksum calculations, firewall functionality, and data encryption to safeguard your computer systems effectively.

• Computer Security
• Anti-virus Software
• Firewalls
• Encryption
• Digital Certificates

rarn417 Follow

Uploaded on Feb 19, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Computing Science Information Systems Design and Development Security Precautions

2. Learning Outcomes By the end of this topic you will be able to: Describe methods of security protection Describe anti-virus software Describe firewalls describe encryption describe a digital certificate; describe validation; explain what is meant by biometrics;

3. Security Precautions Two standard methods of protecting your computer system Anti-virus software Firewalls

4. Anti-virus software Virus protection software, known as anti-virus software, is software designed specifically to detect, disable, and remove viruses, worms, and Trojans before they infect a computer. Anti-virus software becomes outdated quickly, and users must apply the most recent updates, patches, and virus definitions as part of a regular maintenance schedule.

5. Anti-virus software Some methods used Keeping a database of 'Virus Signatures code snippets that can be used for comparison Using 'heuristics' or pattern-matching looking out for suspicious behaviour Calculating 'checksums': When the anti-virus software is first installed it will calculate a unique value based on the code in each executable file.When scanning, it will re- calculate these values and compare them to the original, helping to spot if a file has been modified.

6. Firewalls Firewalls allow or deny traffic between the computer and the network to which it is connected Firewalls can block incoming and outgoing network connections unless exceptions are defined to open and close the ports required by a program. Firewalls can either be implemented in hardware or software

7. Encryption Encrypting data uses codes and ciphers to scramble data so it appears to be meaningless. Traffic between resources and computers on the network can be protected from attackers monitoring or recording transactions by implementing encryption. When the information needs to be accessed it needs to be decrypted so it can be read

8. Encryption Encryption can also be used on files that are being stored as a data protection technique If a computer or a backing storage device is stolen or lost, the data cannot be accessed if it is encrypted Encryption does not prevent hacking but makes the data useless to hackers

9. Types of encryption Two types of encryption Symmetric key Public key

10. Symmetric key encryption In symmetric key encryption the key for encryption and decryption are the same Key agreed before data tranfer Key has to be transmitted which is a security weakness

11. Public key encryption Public key or asymmetric encryption uses two keys a public key and a private key Both keys work as a pair Two types of use Public key encrypts and private key decrypts Private key encrypts and public key decrypts

12. Public key encryption Public key encrypts and private key decrypts example Your browser will be sent the website's public key Your browser uses the public key to encrypt the data you are sending The data is sent back to the server - even if someone has intercepted the public key and your message they are still no further forward. Once back at the server, the private key is used to decrypt the message.

13. Public key encryption

14. Digital signatures and certificates Private key encrypts and public key decrypts are used to implement digital signatures and certificates A digital certificate is an electronic document that contains a digital signature, which confirms the name and identity of a person or organisation. The digital certificate uses a public key to bind the digital signature and identity together.

15. Digital signatures and certificates

16. Digital signatures and certificates In the case of digital signatures, a private key is required for encrypting a message, and a public key is needed to decode the message. This approach allows the receiver to be confident about the source of the message because only a message encrypted using the originator's private key could be decrypted by the public key. RSA is the most popular example of asymmetric encryption.

17. Digital signatures and certificates

18. Validation Validation on websites is the process of checking that data is entered in the correct way For example, if a password of a particular length or type is required then it should be validated Validation can be done either client side or server side

19. Client side validation In client side validation the validation is carried out on the user s device Validation is often done using a scripting language like Javascript Client side validation is faster than server side validation as it does not need to be transmitted to be validated

20. Server side validation In server side validation the checks are done on the server Server side validation is more secure than client side as the data cannot be tampered with after validation Server sided validation is slower as the data has to be transmitted first Data held centrally can be updated in server side validation

21. Biometrics Biometric security compares physical characteristics against stored profiles to authenticate people. A profile is a data file containing known characteristics of an individual such as a fingerprint or a handprint. Biometric security is more secure than security measures such as passwords or smart cards, because passwords can be discovered and smart cards can be stolen. Common biometric devices available include fingerprint readers, handprint readers, iris scanners, and face recognition devices.