1.3 Computer Security (Grade 10)

 1.3 Computer Security

Computer Security / Cyber Security

The security given to the computer for protecting computer data, information, program and hardware from being lost and damaged is called computer security. 

Proper computer security helps prevent viruses and malware, which allows programs to run quicker and smoother.

Hardware Security

The protection of computer Hardware from physical loss or theft and accidental harms is called Hardware Security.

Hardware security Measures:

• Regular maintenance: 
• Insurance:
• Free from dust: 
• Fire protection: 
• Power protecting device: 
• Protection from theft: 
• Air condition system: 

Why UPS is used in computer system?

UPS is used in computer system to supply backup electric power and to protect computer from power failure and power fluctuation.

Software security: 

The protection of software, program data, file, document etc. from being lost, damage or corrupted is known as software security. 

Some of the software security measures are:
• Use of password
• Backup system
• Virus prevention
• Cryptography

• Use of Firewall
• Using original software

Information Security (infosec)

Information security is the practice of protecting information from unauthorized access, misuse, destruction, or modification of data.

Key principles of Information Security

a) Confidentiality: - Only authorized users can access the data resources and information.
b) Integrity:- Only authorized users should be able to modify the data when needed.
c) Availability:- Data should be available to users when needed. 

Security Threats

A risk which can potentially harm computer systems and organization is called security risk.

1.  The cause could be physical such as someone stealing a computer that contains vital data. 
2. The cause could also be non-physical such as a virus attack.

Possible Security Threats

1. Internal Threats: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
2. External Threats: These threats include Lightning, floods, earthquakes, etc.
3. Human Threats: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
4. Loss or corruption of data.
5. Disturb business operations that rely on computer systems.
6. Loss of sensitive information.
7. Unauthorized access to computer systems resources such as data.

Malicious code (Malware)

Malicious code/malware refers to any software or code that is designed to harm, or gain unauthorized access to computer systems, networks, or data.

It includes computer viruses, worms, Trojan horses and spyware.

Types of malware

a) Virus: A virus is a man made destructive program which disturbs the normal functioning of the computer system. It is the most common type of malware which can execute itself and spread by infecting other programs or files.

b) Worm: Worms are self-replicating programs that can spread across networks without human intervention.

c) Trojan horse: Trojans is a malicious program that performs actions like stealing data, providing unauthorized access, or installing other malware

d) Spyware: Spyware is a malicious software that monitors a user's activities without their knowledge. like as collecting sensitive information such as passwords, credit card details, and browsing habits.

e) Keyloggers, is a malware software that records every keystroke made on the keyboard. This includes emails, opened web-s, programs and keystrokes.

f) Adware: Adware is a malware that automatically displays, play or download advertisements on computer or devices without user knowledge. it collects sensitive data and installs another unwanted program.

g) Ransomware: Ransomware is a malware that encrypts your file or locks your devices, then demands a ransom payment to restore access. It can lead to data loss and operational disruption.

How to Protect a system from infection

a) Never download files from unknown sources/sites.

b) Install latest antivirus software and update it regularly

c) Delete spam and junk emails without forwarding.

d) Always scan a pen drive from an unknown source for viruses before using it.

e) Backup your data regularly

f) Enable a firewall

g) Use strong and unique password

Security mechanisms

A mechanism that is designed to detect, prevent, or recover from a security attack. It includes

• Authentication Systems
• Firewalls
• Cryptography
• Antivirus Software
• Backup System

Authentication System

Authentication is the process of verifying the identity of a person or device.

Authentication system makes sure that right people enters the system and access the right information.

Types of Authentication

Password

Password is a set of secret characters or words used to authenticate access to a digital system. It ensures that unauthorized users do not access the computer.

Criteria for strong password are:

• Do not keep a password which can be easily guessed such as date of birth, nickname, etc.
•  Do not keep word as password that is currently popular.
•  Keep a password with mixture of alphabet, symbols and numbers which is difficult to guess.
•  Keep changing your password regularly.
• Password should be difficult to guess and determine and should be changed regularly and memorized
•  Password should be at least 8 characters long.

Biometric

Biometrics are physical or behavioral human characteristics that can be used to digitally identify a person to grant access to systems, devices or data.

• Examples of these biometric identifiers are fingerprints, facial patterns and voice.
• Apple's Face ID (introduced with the iPhone X) authenticates users by facial recognition.
• Retinal scanners, which require an eye scan to allow authorized individuals to access secure areas.

Firewall

A firewall is a network security device or software application designed to monitor, filter, and control incoming and outgoing network traffic based on predetermined security rules.

• Firewall blocks unwanted traffic as well as malicious software from infecting your computer.
• Firewalls helps to prevent unauthorized access.
• Software firewalls are designed to protect a computer by blocking certain programs from sending
• and receiving information from a local network or the Internet.
• Hardware firewalls are found on most network routers and can be configured through the router setup screen.

Cryptography

Cryptography is the practice of protecting information by changing it into a secret code so that only the right people can read it.

The prefix “crypt” means “hidden” and suffix graphy means “writing”.

• Cryptography uses mathematical algorithms to convert readable data (plaintext) into coded data (ciphertext) to ensure confidentiality, integrity, authentication, and non-repudiation during communication.

Features of Cryptography

Confidentiality: Only the intended person can access the information.

Integrity: The information cannot be changed without being noticed.

Non-repudiation: The sender cannot deny sending the information.

Authentication: The identities of the sender and receiver are verified.

Techniques used in cryptography

1. Encryption 
2. Decryption

Encryption

Encryption is the process of converting readable information (called plaintext) into a unreadable form (called ciphertext) so that only authorized people can understand it.

Data is encrypted to make it safe from stealing. However, many known companies also encrypt data to keep their trade secret from their competitors.

 Decryption

Decryption is a process of converting encoded/encrypted (cipher text) data into readable and understood form (plain text).

This method is performed by un-encrypting the text manually or by using keys used to encrypt the original data.

KEY DIFFERENCE BETWEEN ENCRYPTION AND DECRYPTION

1. Encryption is a process of converting normal data into an unreadable form whereas Decryption is a method of converting the unreadable/coded data into its original form.
2. Encryption is done by the person who is sending the data to the destination, but the decryption is done at the person who is receiving the data.
3. The same algorithm with the same key is used for both the encryption-decryption processes.

Antivirus software

Antivirus software is software designed to detect and remove virus from computer system and ensures virus free environment.

E.g. Kaspersky, Quick Heal, Norton Antivirus, Panda Antivirus, AVG, McAfee, NOD 32 etc.

Main use of antivirus is to protect computer from viruses and remove viruses that are detected and also protects data and programs from being corrupted.

Backup system 

It is the system of copying data and programs into another location or creating a duplicate copy of it in a secured place.

Importance of Backup

Backup is vital to computer security system 

• to save the data from being lost or damaged due to accidental or intentional harm. 
• To recover lost data and software.

These files are kept on hard disks, CDs and tapes and on the internet.

Power Protection Device

Power protection device is an electric device that controls electric voltage and provides enough backup to the computer system when there is power failure.

• Computer needs 220 volts to 240 volts constantly.

Some common power protection devices are:

a) UPS

b) Volt Guard

c) CVT

d) Stabilizer

e) Spike Guard

f) Surge Suppressor

Why Power Protection Device needed?

To protect computer system from power failure and power fluctuation power protection device it needed. It provides constant output voltage to the computer system.

Volt Guard.

A power protection device that provides constant output voltage to the computer system in case of high input voltage coming from the source.

UPS

UPS is a battery supported power protection device which protect system from power failure and power fluctuation and provide constants output voltage.

Importance of UPS

The importance of UPS in computer security system is that it controls fluctuation of electric voltage and provides enough backup electric power to the computer system when there is power failure.

Spike Guard

A device designed to protect electrical devices from voltage spikes.

Automatically maintains a constant voltage level.