SENIOR SCHOOL YEAR 2

7TH WEEK

Security of Data con’td

Additional Security of data Online
• Firewalls
• Security protocols
• Encryption
 FIREWALLS

• Firewall can be software or hardware. It sits

between user's computer and an external
network(internet) and filters information
coming in and out of the user’s computer.
 Tasks carried out by firewalls

• To examine the traffic between a user’s computer (internal

network) and a public network(internet).
• Checks whether incoming or outgoing data meets a given a set
of given criteria, if the data fails the criteria, the firewall block
the traffic.
• It can be used to log all incoming and outgoing traffic to allow
later interrogation by the network manager.
• Criteria can be set so that the firewall prevents access to certain
undesirable sites.
• It is possible for firewall to help prevent hackers gaining access
to the user’s computer or network.
• The user is warned if some software on their system is trying to
access an external data source(automatic software upgrade).
• The firewall can be a hardware interface that
is located somewhere between the computer
and the internet connection, in which case is
often referred to as GATEWAY.
• Alternately, the firewall can be software
installed on a computer, in some cases it is
part of the operating system(Windows
firewall).
Certain circumstances where the firewall
can’t prevent potential harmful traffic.
• It cannot prevent individuals, on the internal
networks using their own modems to bypass
the firewall.
• Employee misconduct or carelessness cannot
be controlled by firewalls e.g control of
passwords or user accounts).
• Users on stand-alone computers can choose to
disable the firewall.
 Security Protocols
• Communicate with one another over the
internet requires these two forms of security
protocols (set of rules used by computers)
1) Secure Socket Layer (SSL)
2) Transport Layer Security (TLS)
 Secure Socket Layer (SSL)

Secure Socket Layer (SSL): is a type of protocol that

allows data to be sent and received securely/safely
over the internet.
• When a user logs on to a website, SSL secures and
encrypts the data – only the user’s computer and
the web server are able to make sense of what is
being transmitted.
• A user will know if SSL is being applied when they
see https (as part of the web address) or a small
padlock in the status bar at the top of the screen.
 Secure Socket Layer (SSL)
• SSL is used on (e-commerce) websites where we
use bank or credit card details in order to make
purchases.
• Examples:
Secure websites start with https and have an icon of
a padlock.
Non-secure websites start with http.
• Buying products over the internet is known as e-
commerce. Examples of e-commerce websites
include Amazon, Ebay, Jumia, Konga, Walmart
e.t.c.
How to identified secure and non-secure
websites
 Transport Layer Security
• Transport Layer Security (TLS): is similar to SSL,
but is more recent security system.
• TLS is a form of protocol that ensures the
security and privacy of a data between devices
and users when communicating over the
internet.
• It is essentially designed to provide encryption,
authentication and data integrity.
 Layers of Transport Layer Security (TLS)

• Record Protocol: This part of communication

can be used with or without encryption. It is also
responsible for securing application data and
verifying its integrity and origin/source)
• Handshake protocol: this permits the website
and the user to authenticate each other and to
make use of encryption algorithms (a secure
session between user and website is
established).
 Differences between SSL and TLS
• TLS is possible to be extended by adding new
authentication method.
• TLS make use of session caching, which
improves the overall performance compared
to SSL.
 Session caching
• Session caching: when opening a TLS session,
it requires a lot of computer time due to the
complex encryption key being used.
• The use of session caching can avoid the need
to utilize so much computer time for each
connection.
• TLS can either establish a new session or
attempt to resume an existing session.
 ENCRYPTION
• Encryption is used to protect data in case it has
been hacked and accessed illegally.
• Encryption doesn’t prevent hacking, it makes
the data meaningless or un-readable unless the
recipient has the necessary decryption tools.
• Whenever you use a computer device that is
connected to the internet, you are potentially
vulnerable to hackers.
Encryption turns data into scrambled and unreadable
nonsense.
 An example of encryption
• Bob wants to send a personal message to Mary.
• Bob wants to encrypt the message so that it can
only be read by Mary.
• Go to the next slide to see the encryption
process.
 The example below explains how the encryption
process works
1) Bob first needs to create an encryption key.
The key will usually be a very long random
number.

2) Bob will now give Mary a copy of the

encryption key.

3) Bob can now encrypt (lock) the personal

message using encryption software and the
encryption key.
Once encrypted, the message will just look
like scrambled nonsense.

4) Bob can now send the encrypted message to Mary

via the internet.
5) When Mary receives the message, she will use her
copy of the encryption key to decrypt (unlock) the
message.

6) Mary can now read the message sent by Bob

 When should you use encryption?
It is a good idea to use encryption and stop
unauthorised people from reading your data in the
following circumstances.
• Any files containing bank account or credit card
data.
• When buying items on the internet using
credit/bank cards
• Any data containing confidential medical records
• Emails that you wish to remain private.
• Any data that could be used to commit identity
fraud (social security numbers, insurance
numbers etc.).