Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 1 Fundamentals of IT

Published byRachele Forti Modified over 5 years ago

Similar presentations

Presentation on theme: "Unit 1 Fundamentals of IT"— Presentation transcript:

1 Unit 1 Fundamentals of IT
LO5 – Understand ethical and operational issues and threats to computer systems 5.4 – Physical Security 5.5 – Digital Security

2 Learning Objectives Know about physical and digital security methods and their characteristics. Including: Physical Security Locks, biometrics, RFID, tokens, privacy screens, shredding Digital Security Anti-virus, firewalls, anti-spyware, usernames/passwords, permissions, encryption This will lead to an understanding of why different security methods are needed in different contexts.

3 Physical Security

4 Locks Locks or keypads are useful on the physical protection of computer systems. By having locks or keypads on rooms or storage facilities can prevent access. This can prevent physical damage to computer system and equipment

5 Biometrics These are devices that help determine people’s identify using specific readers. These can be fingerprints, eyes or facial recognition and voice. The reader will be able to match the person’s features to a database Matching the person to the records will then allow access. Biometrics is used in a number of applications as a security device, i.e. some of the latest mobile phones use fingerprint matching before they can be operated; some pharmaceutical companies use face recognition or retina scans to allow entry to secure areas. Fingerprint scans compare images of fingerprints against recorded fingerprints in a database. The system compares ridges and valleys that are fairly unique. Retina scans (eyes) use infrared light to scan the unique pattern of blood vessels in the retina. It means people have to be still for seconds while scans take place but is very secure as it is difficult to duplicate blood vessel patterns

6 Biometric Technique Comparisons
Comparative accuracy Comparative cost Devices needed Social Acceptability What can interfere with the process Fingerprint scans High accuracy Medium Scanner Damaged fingers (e.g. cuts) Signature recognition An optical pen High Signatures can change with time Retina Scans high accuracy Digital Camera Low Irritation of the eye Iris Recognition Wearing of glasses Face Recognition Medium-Low accuracy Facial hair or glasses Voice Recognition Medium accuracy Microphone Background noise or having a cold

7 Biometric Advantages/Disadvantages
Biometric Technique Advantages Disadvantages Fingerprint scans One of the most developed biometric techniques Very high accuracy Very easy to use Relatively small storage requirements for the biometric data created For some people it is very intrusive since it is still related to criminal activity It can make mistakes if the skin is damaged (cuts) Signature recognition Non-intrusive Requires very little time to verify (about 5 secs) Relatively low cost technology If individuals do not sign their names in a consistent manner there may be signature recognition problems High error rate (1 in 50) Retina Scans No known way to replicate a person’s retina It is very intrusive It can be relatively slow to verify retina scans with stored scans Very expensive to install and set up Iris Recognition Verification time is generally less than 5 secs Very intrusive Uses a lot of memory for the data to be stored Face Recognition Non-intrusive method Relatively inexpensive technology It is affected by changes in lighting, hair, age and use of glasses Voice Recognition Verification takes less than 5 secs A person’s voice can be recorded easily and used for unauthorized access Low Accuracy An illness, e.g. a cold, can change the pitch of a voice, making absolute voice identification problematic.

8 RFID RFID stands for Radio Frequency Identification.
It uses radio wave or electromagnetic waves to identify and track individuals, animals and items of importance Read more on RFID here: identification

9 Tokens These a small hardware devices that allow people access
Could be a key fob or smart card In the IT setting they can be used to allow people access to a network. Another example is customers in bank being sent tokens to access online banking services. More information here:

10 Privacy Screens These can be used to prevent content being seen or read by anyone not sitting in front of the screen This is useful to stop others glancing across from different angles to see the content.

11 Shredding This is the process of cutting up documents, cards or optical discs into sufficiently small pieces so that it is impossible to reconstruct them. This is the most effect methods of protecting physical data no longer required from falling into the wrong hands.

12 Digital Security

13 Anti-Virus / Anti-Spyware
These are programs that protect the computer system form other maliciously downloaded programs. It means that they identifies the software that is harmful and quarantines or destroys the virus or spyware. works/

14 Firewalls This is either software or hardware and sits between the user’s computer and an external network (i.e. the internet) and filters information coming in and out of the user’s computer. The following list are tasks carried out by the firewall: To examine the ‘traffic’ between a user’s computer (or internal network) and a public network (i.e. the Internet) Checks whether incoming or outgoing data meets a given criteria. If the data fails the criteria, the firewall will block the traffic and give the user (or network manager) a warning that there may be a security issue. The firewall can be used to log all incoming and outgoing traffic to allow later interrogation by the user Criteria can be set up so that the firewall prevents access to certain undesirable IP addresses. Firewalls can help prevent hackers or viruses from entering or gaining access to the users network. This can be done by blocking IP addresses but hackers can still access the network if they use allowed computers. If the user is warned if some software on their system is trying to access an external data source (i.e. an automated software upgrade); the user is given the option of allowing or denying the request.

15 Firewalls When filtering traffic through a network, there are 3 filtering mechanisms used: Packet Filtering – Firewall analyses the “packets of information” (i.e data) and blocks any unwanted or offensive packets. Proxy – Firewall takes on the role of a recipient and sends the data received to the node that had requested the information Inspection – Firewall marks key features of any outgoing requests for information and checks for the same key features of the data coming into the computer system/network. It decides whether it is relevant

16 Firewalls

17 Username/Passwords Provides protection on 2 levels
Username is linked to a group or groups. These groups allow access or give permission for the user to access particular software (eg. Financial systems or HR) Passwords can allow the user access to the information system and software (eg. Internet access, word processor, spreadsheet, ) Further passwords can be set for access to sensitive data.

18 Usernames/Passwords Passwords should be a combination of letters and number that are difficult to guess. Stronger passwords normally contain special characters, combinations of upper and lower case, numbers. Many systems require the password to be types twice for verification and normally include a limit of password attempts. Double Authentication is now becoming more popular where people use different methods of accessing their account using passwords or keys

19 Permissions These are rules that determine who can access an object and what they can do with it. Examples could be shared access to a file on the network. Think about permissions within school – who can access student workgroups, staff workgroups. Think about people having the ability to edit files and those who only have read only access.

20 Encryption This is when data is encoded so that it cannot be understood by people who are not authorised to see it. Access can only be done with a secret code known as a key. Used primarily to protect data in case it has been hacked or accessed illegally. While encryption will not prevent hacking, it makes the data meaningless unless the recipient has the necessary decryption tools. Encryption uses a secret key that has the capability of altering the characters in a message. If this key is applied to a message, its content is changed, which then makes it unreadable unless the recipient also has the same secret key. When the key is applied to the encrypted message, it can be read. The key used to encrypt (encode) the message is called the encryption key; the key used to decrypt (decipher) the message is knows as the decryption key. When a message undergoes encryption it becomes cypher script, the original message is known as plain text. Figure 8.9 shows how these link together.

21 Encryption

22 Task Create these 2 tables on Physical and Digital Security.
Make notes on these different security methods and give advantages and disadvantages where possible Physical Security Measure Explanation How this increases security locks biometrics RFID Tokens (e.g. key fob) privacy screens shredding Digital Security Measure Explanation How this increases security anti-virus firewalls anti-spyware username/passwords permissions encryption

Download ppt "Unit 1 Fundamentals of IT"

Similar presentations

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Automatic Data Capture Devices & Methods

Automatic Data Capture Devices & Methods
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security-Authentication

Security-Authentication
Karthiknathan Srinivasan Sanchit Aggarwal

Karthiknathan Srinivasan Sanchit Aggarwal
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Security Equipment Equipment for preventing unauthorised access to data & information.

Security Equipment Equipment for preventing unauthorised access to data & information.
Prepared by:Nahed AlSalah Data Security 2 Unit 19.

Prepared by:Nahed AlSalah Data Security 2 Unit 19.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.

1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Data Confidentiality. Learning Objectives: By the end of this topic you should be able to: discuss the need to keep data confidential explain how data.

Data Confidentiality. Learning Objectives: By the end of this topic you should be able to: discuss the need to keep data confidential explain how data.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
N ew Security Approaches Biometric Technologies are Coming of Age ANIL KUMAR GUPTA & SUMIT KUMAR CHOUDHARY.

N ew Security Approaches Biometric Technologies are Coming of Age ANIL KUMAR GUPTA & SUMIT KUMAR CHOUDHARY.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
BIOMETRICS By: Lucas Clay and Tim Myers. WHAT IS IT?  Biometrics are a method of uniquely identifying a person based on physical or behavioral traits.

BIOMETRICS By: Lucas Clay and Tim Myers. WHAT IS IT?  Biometrics are a method of uniquely identifying a person based on physical or behavioral traits.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.

Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
ICT Homework- ICT Security Consultant PowerPoint.

ICT Homework- ICT Security Consultant PowerPoint.

Similar presentations

Ads by Google