Professional Documents
Culture Documents
- Examines the ‘traffic’ between the user’s computer and a public network as well as checking the
information to meet a given set of criteria.
- Blocks data which fails the criteria and gives out the user a warning that there can be a security
issue
- Logs all incoming and outcoming ‘traffic’ to allow later interrogation by the user.
- Can also keep a list of all undesirable IP addresses
- Helps to prevent hackers or viruses entering the user’s computer
- Warns the user if some software on their system is trying to access an external data source
-
Proxy Servers
IP addresses can be masked by using a proxy server. Anyone can use a proxy server. Many are set up by
criminal gangs to entice people to download software with viruses, or to enter personal details about
themselves. They can also be used legitimately, e.g. by businesses to mask their internal company
network.
When a user logs onto a website, SSL encrypts the data – only the user’s computer and the web server
are able to make sense of what is being transmitted. A user will know if SSL is being applied when they
see https or a small padlock in the status bar at the top of the screen.
Session caching
The use of session caching can avoid the need to utilize so much computer time for each connection. TLS
can either establish a new session or attempt to resume an existing one; using the latter can
considerably boost system performance.
Encryption
Is used primarily to protect data in case it has been hacked. Whilst encryption won’t prevent hacking, it
makes the data meaningless unless the recipient has the necessary decryption tools.
Symmetric encryption
It is a secret key, a combination of characters. If this key is applied to a message, its content is changed
which makes it unreadable unless the recipient also has the decryption key.
There is a risk of KEY DISTRIBUTION PROBLEM when the code is being sent or transferred from the
sender to the recipient. An ENCRYPTION ALGORITHM is used. It uses an encryption key to produce a
message which appears to be meaningless unless the same key is applied to ‘unlock’ the original
message.
Asymmetric encryption
Is a more secure method of encryption comparing to symmetric encryption. A private key (known by the
computer user) and a public key (available to everybody) are needed.
User A applies a symmetric key to encrypt the message. The symmetric key is then encrypted using the
public key known to both A and B. User A sends the message over the internet. User B decrypts the
symmetric key by applying their own private key. The decoded symmetric key is now used to decrypt
the message sent by user A.
Sometimes, a HASHING ALGORITHM is applied. It takes a message and translates it into a string of
characters usually shown in hex notation. This makes the message impossible to read if it is intercepted
by a hacker. This algorithm has to be applied at both ends – sender and receiver.
Plain text
Is described as the text or normal representation of data before it goes through an encryption
algorithm. Written as ‘plaintext’.
Cypher text
Is the output from an encryption algorithm. Written as ‘cyphertext’ or ‘ciphertext’.
Authentication
Is used to verify that data comes from a trusted source. It works with encryption to strengthen internet
security. Includes:
- Passwords
- Digital signatures
- Biometrics: fingerprint scans and retina scans.
Computer ethics
It is a set of principles set out to regulate the use of computers. Three factors are considered:
1. INTELLECTUAL PROPERTY RIGHTS – copying of software without the permission of the owner.
2. PRIVACY ISSUES – hacking or any illegal access to another person’s personal data.
3. Effect of computers on society – job losses, social impacts and so on.
Plagiarism – when a person takes another person’s idea/work and claims it as their own.
Free software
Users have right to run, copy, change or adapt free software. E.g. photograph manager (F-spot), DTP
(Scribus) and word processor (Abiword). The user is guaranteed freedom to study and modify the
software source code in any way to suit their requirements.
Freeware
It is a software a user can download from the internet free of charge. Once they have downloaded it,
there are no fees associated with using the software (e.g. Adobe, Skype or media players). The user is
not allowed to study or modify the source code in any way.
Shareware
It is a software which can be tried out free of charge for a trial period. At the end of the trial period, the
author of the software will request that you pay a fee if you like it. Once the fee is paid, the user is
registered with the originator of the software and free updates and help are then provided.
Phishing The creator sends out a 1.Many ISPs filter out phishing
legitimate-looking email; as emails
soon as the recipient clicks on 2.The user should always be
a link in the cautious when opening emails
email/attachment, the user is or attachments.
sent to a fake/bogus website.