Network security
Authentication
In order to access a A group of interconnected computers/devices., it is important that the user has permission to see and use the Units of information. In computing there can be different data types, including integers, characters and Boolean. Data is often acted on by instructions. on the network. Whether the network is for home or business purposes, it is likely that sensitive data is held on one or more connected devices, and there are a number of ways that this can be protected.
Verifying the identity of a user. is the process of a user confirming that they are who they say they are on a computer system. In a network, this is often done through inputting a username and password. For networks that require high levels of security, this may include other factors.
The factors of authentication can be broken down into three main groups:
- something you are - username, bank account number, or anything that identifies the user uniquely
- something you know - password, pin, secret answer to a question
- something you have - swipe card, Authentication techniques that rely on measurable physical characteristics (eg fingerprint or iris) that can be automatically checked., any other physical identifying device
These are known as the three factors of authentication and can be combined in any order to create a secure login to a system. Read more about this in the fundamentals of cyber security study guide.
Encryption
Files that are encrypted have been altered using a secret code and are unreadable to unauthorised parties. is the process of disguising a message so that it cannot be understood by anyone but its intended recipient. Encryption requires the use of a key. The key is secret as to how the message has been disguised.
Five facts about encryption
Unencrypted messages are referred to as An unencrypted message. messages and encrypted messages are known as An encrypted message..
A simple method of encryption requires the use of a technique known as the A simple method of encryption named after Julius Caesar. Each plaintext letter is replaced by a new letter using a key. works by giving a number value to a key. Each plaintext letter is replaced by a new letter, the one found at the original letter's position in the alphabet plus the value of the key.
For example, a key value of 3 would change the plaintext message “see you tonight” to the ciphertext message “vhh brx wrqljkw”.
To decrypt the message, the process is reversed.
Although this is a good example of encryption, much more complicated A sequence of logical instructions for carrying out a task. In computing, algorithms are needed to design computer programs. are used to encrypt messages today.
Firewalls
A An application that prevents unauthorised connections to and from the Internet. is The programs, applications and data in a computer system. Any parts of a computer system that aren't physical. that blocks unexpected connections coming into or out of a network. Most operating systems include a firewall as a piece of software, but firewalls can also be The physical parts of a computer system, eg a graphics card, hard disk drive or CD drive. devices that sit alongside or as part of the A device for connecting computers and other network capable devices together to form a network..
Firewalls use ports which only allow specific data into and out of networks. The network manager is able to open or close the ports depending on the type of traffic they want to use for the network. By keeping more ports closed on a firewall, less internet traffic can come through, making the network more secure.
MAC address filtering
Because a device's Media access control - each unique piece of hardware on a network has a MAC address. is unique to the device, the network manager can create a more secure network by using this address to limit the devices on the network.
They have two options to do this:
- A Only the device addresses on the list are allowed to access the network. - only the device addresses on the list are allowed to access the network. This is more secure, but creates extra work for the network manager as they must add data every time a new device needs to join the network.
- A Devices on the list are banned from the network. - devices on the list are banned from the network. This is less secure than a whitelist, but is easier to maintain.
More guides on this topic
- Computer systems - AQA
- Classification of programming languages and translators - AQA
- Systems architecture - AQA
- Fundamentals of computer networks - AQA
- Fundamentals of cyber security - AQA
- Relational databases and structured query language (SQL) - AQA
- Ethical, legal and environmental impacts of digital technology - AQA
