Security: Protecting data's confidentiality, integrity, and availability.
Applicable to private messages and public websites.
Protects against unauthorized access, modification, or disruptions.
Like a padlock on a door.
Confidentiality: Protection from unauthorized access.
Integrity: Protection from unauthorized modification.
Availability: Ability to access data in a timely manner.
Privacy: Protecting the confidentiality and control of personal data.
Overlaps with security, focusing on confidentiality.
Protects user identity and personal data (name, address, etc.).
Includes control over how personal data is used or shared.
Like curtains on a window.
Key Terms
Security: Protecting data's confidentiality, integrity, and availability.
Personal data: Data that can identify an individual.
Privacy: Protecting the confidentiality and control of personal data.
Comparison between Security and Privacy
Security:
Definition: Protecting confidentiality, integrity, and availability of data.
Kind of Data: Data in general.
What Data is Protected From: Unauthorized access/modification and reduced accessibility.
How Protection is Enforced: Technical (encryption) and legal (Computer Misuse Act) measures, plus best practices.
Privacy:
Definition: Protecting the confidentiality and control of personal data.
Kind of Data: Personal data specifically.
What Data is Protected From: Unauthorized access and reduced control over personal data use.
How Protection is Enforced: Technical (encryption) and legal (Personal Digital Protection Act) measures, understanding privacy policies.
11.1.1 Confidentiality
Definition: Protecting data from unauthorized access.
Applies to both security and privacy.
Unauthorized access: Data used without permission.
Consequences for individuals: Identity theft, financial loss, bullying.
Consequences for businesses: Financial losses, loss of trust, legal repercussions.
11.1.2 Integrity
Definition: Protecting data from unauthorized modification.
Applies to security
Unauthorized modification: Data altered or made incomplete without permission.
Consequences: Data becomes untrustworthy.
Examples: Modified bank transactions or healthcare records leading to incorrect treatments.
11.1.3 Availability
Definition: Providing timely and uninterrupted data access.
Applies to security
Data inaccessibility: Caused by equipment failure, network issues, or natural disasters.
Example: Denial-of-service attacks causing server overloads.
Relationship between integrity and availability: Unauthorized modification can corrupt data, affecting its usability.
Data Corruption: Introduction of errors and inconsistencies into data.
Effects of Data Corruption on Availability:
Vary depending on the amount and type of corrupted data.
Small amount of corrupted data is like having smudged cells in a printed table, only affecting the corrupted data itself.
Large amount of corrupted data is like having smudged headers in a printed table, affecting the entire table of data.
Consequences of disrupted availability: Business interruptions leading to financial losses and interference with emergency responses, endangering lives.
Denial-of-service attack: A type of attack where a server is overwhelmed with excessive requests such that it cannot respond or responds very slowly to legitimate requests.
11.2 Threats
Human Actions:
Threaten data integrity through physical or non-physical means.
Physical: Damage or extreme temperatures on storage media.
Non-Physical: Overwriting data or incorrect data entry.
Human actions can also threaten privacy through the malicious or accidental exposure of private data.
Adware:
Malware that installs without user knowledge and displays ads.
Threatens computer integrity and can lead to further malware installations.
May collect user data and promote phishing sites.
Adware: A type of malware that installs itself without the user’s knowledge and displays unwanted advertisements.
Spyware:
Hidden malware secretly collecting and transmitting personal user data.
Threatens both security (confidentiality) and privacy.
Spyware: A type of hidden malware that secretly collects personal information about its users and transmits this information to attackers without the users’ knowledge
Malicious software (or malware): Software that is intentionally used to damage, disrupt or gain unauthorised access to a computer system
Viruses and Worms:
Viruses: Attach to programs/files, spreading copies to infect others.
Worms: Spread copies to other computers without needing to attach to existing files.
Cookies:
Small data pieces stored by browsers when visiting websites.
Track user movements and preferences within a site.
Advertising companies use cookies to track users across multiple sites, threatening data privacy.
Phishing:
Uses fake emails/websites from reputable companies to steal personal data.
Threatens security (confidentiality) and privacy.
Phishing: The use of emails, messages and fake websites that appear to be from reputable companies to steal personal data from users
Pharming:
Intercepts requests to legitimate websites and redirects users to fake sites.
Aims to steal personal data, like phishing, but is more serious.
Requires malware on the user's computer or control over a network device.
11.3 Defenses
Multiple forms of defense are needed so threats that manage to overcome weaknesses in one form of defence can be stopped by the other forms of defence that are present.
Anti-Malware Programs:
Detect and prevent malware from running.
Remove existing malware.
Rely on signature lists that must be updated regularly.
Anti-malware: Software to detect, remove and stop malware from running
Signature (malware): Identifying characteristics that are used to detect a known version of some malicious software
Trojan horses: Malware programs that pretend to be legitimate software.
Firewalls:
Hardware or software that monitors network traffic.
Blocks or permits data based on set rules.
Protects networks from unauthorized access.
Firewall: Device or computer program that prevents unauthorised access to or from a network
Encryption:
Encodes data, requiring a secret key to read.
Protects data from unauthorized access.
Encryption: Process of encoding a message so that a secret key is needed to decode the data
Personal Data Protection Act (PDPA):
Requires organizations to:
Seek consent for data collection.
Disclose the purpose of data collection.
Retain data only as long as necessary.
Personal Data Protection Act (PDPA)
: Law that governs the collection, protection and use of personal data in Singapore
Good Computing Practices:
Use Strong Passwords: Avoid common passwords and update them regularly.
Authentication: Process of verifying the identity of a user
Multi-Factor Authentication: Use multiple authentication factors (something you know, own, or are).
Authentication factor: Category of evidence that is used for authentication: something the user knows or owns, or something that is measured from a physical part of the user.
Two-factor authentication: Type of authentication that uses evidence from both something the user knows and something the user owns.
Security token: Device that is used specifically for authentication purposes.
Biometrics: Type of authentication based on the measurement of human physical characteristics
Identify Scam Attempts: Recognize signs of phishing emails.
Update Software Regularly: Fix bugs that can be exploited by malware.
Manage Cookies: Control how websites track your movements.
Make Regular Backups: Restore data after corruption or accidental loss.
11.4 Analysis
Anti-malware, Firewalls, and Encryption against Threats
Anti-Malware:
Highly Effective against Adware and Spyware.
Somewhat Effective against Phishing and Pharming.
Firewalls:
Somewhat Effective against Adware, Spyware, Phishing, and Pharming.
Encryption:
Somewhat Effective against Spyware and Human Actions.
PDPA:
Highly Effective against Cookies and Human Actions.