Page 47 - CITS - Computer Software Application -TT
P. 47

COMPUTER SOFTWARE APPLICATION - CITS



           •  Access Control: Regulating who can access what resources based on user identities and permissions.

           •  Multi-factor Authentication (MFA): Requiring multiple forms of verification for user authentication.
           •  Vulnerability Assessment: Identifying and assessing vulnerabilities in systems and networks.
           •  Penetration Testing: Simulating attacks to identify vulnerabilities and weaknesses in security defenses.
           •  Security Information and Event Management (SIEM): Collecting and analyzing security data to detect and
              respond to threats.
           These  components  -  attacks,  services,  and  mechanisms—are  integral  to  the  field  of  cybersecurity,  helping
           organizations protect their systems, data, and networks from a wide range of threats.

           Security Services: Security services refer to various measures and mechanisms put in place to ensure the
           protection of information and resources in a computer system or network.
           These services are designed to maintain the confidentiality, integrity, availability, and authenticity of data. Some
           common security services include access control, encryption, authentication, and auditing.
           Integrity Check: Integrity refers to the accuracy and reliability of data. An integrity check is a process or mechanism
           used to verify that data has not been tampered with or altered in an unauthorized manner.

           This can involve various techniques such as checksums, hash functions, and digital signatures to detect any
           unauthorized modifications to data.
           Digital Signatures

           A digital signature is a cryptographic technique that provides authentication, data integrity, and non-repudiation for
           digital documents or messages. It’s a way to ensure that the sender of a message is verified, that the message
           hasn’t been altered in transit, and that the sender cannot later deny having sent the message.
           Here’s how a digital signature works:
           1  Message Digest Generation:
           The sender creates a unique hash value (also known as a message digest) of the content they want to sign. This
           is typically done using a hash function like SHA-256. The hash value is a fixed-size string of characters that is
           unique to the content of the message.

           2  Signing:
           The sender uses their private key to encrypt the hash value of the message. This encrypted hash value is the
           digital signature. The private key is a secret and should only be known to the sender.
           3  Sending:

           The original message, along with the digital signature, is sent to the recipient.
           4  Verification:
           The recipient uses the sender’s public key (which is available to everyone) to decrypt the digital signature. This
           produces the original hash value.
           5  Message Digest Calculation:
           The recipient independently calculates the hash value of the received message using the same hash function.
           6  Comparison:
           The recipient compares the calculated hash value to the decrypted hash value (original hash value from the
           sender). If they match, it means the message hasn’t been altered in transit and that the signature is valid.
           The digital signature ensures the following:
           •  Authentication: The recipient can verify the identity of the sender because only the sender’s private key could
              have produced the correct digital signature.
           •  Data Integrity: Any modification of the original message, even a minor one, will result in a completely different
              hash value. This means that the recipient can detect if the message has been tampered with.
           •  Non-Repudiation: Since the digital signature is tied to the sender’s private key, the sender cannot deny
              sending the message later on.


                                                           34

                              CITS : IT&ITES - Computer Software Application - Lesson 01-17
   42   43   44   45   46   47   48   49   50   51   52