Page 47 - CITS - Computer Software Application -TT
P. 47
COMPUTER SOFTWARE APPLICATION - CITS
• Access Control: Regulating who can access what resources based on user identities and permissions.
• Multi-factor Authentication (MFA): Requiring multiple forms of verification for user authentication.
• Vulnerability Assessment: Identifying and assessing vulnerabilities in systems and networks.
• Penetration Testing: Simulating attacks to identify vulnerabilities and weaknesses in security defenses.
• Security Information and Event Management (SIEM): Collecting and analyzing security data to detect and
respond to threats.
These components - attacks, services, and mechanisms—are integral to the field of cybersecurity, helping
organizations protect their systems, data, and networks from a wide range of threats.
Security Services: Security services refer to various measures and mechanisms put in place to ensure the
protection of information and resources in a computer system or network.
These services are designed to maintain the confidentiality, integrity, availability, and authenticity of data. Some
common security services include access control, encryption, authentication, and auditing.
Integrity Check: Integrity refers to the accuracy and reliability of data. An integrity check is a process or mechanism
used to verify that data has not been tampered with or altered in an unauthorized manner.
This can involve various techniques such as checksums, hash functions, and digital signatures to detect any
unauthorized modifications to data.
Digital Signatures
A digital signature is a cryptographic technique that provides authentication, data integrity, and non-repudiation for
digital documents or messages. It’s a way to ensure that the sender of a message is verified, that the message
hasn’t been altered in transit, and that the sender cannot later deny having sent the message.
Here’s how a digital signature works:
1 Message Digest Generation:
The sender creates a unique hash value (also known as a message digest) of the content they want to sign. This
is typically done using a hash function like SHA-256. The hash value is a fixed-size string of characters that is
unique to the content of the message.
2 Signing:
The sender uses their private key to encrypt the hash value of the message. This encrypted hash value is the
digital signature. The private key is a secret and should only be known to the sender.
3 Sending:
The original message, along with the digital signature, is sent to the recipient.
4 Verification:
The recipient uses the sender’s public key (which is available to everyone) to decrypt the digital signature. This
produces the original hash value.
5 Message Digest Calculation:
The recipient independently calculates the hash value of the received message using the same hash function.
6 Comparison:
The recipient compares the calculated hash value to the decrypted hash value (original hash value from the
sender). If they match, it means the message hasn’t been altered in transit and that the signature is valid.
The digital signature ensures the following:
• Authentication: The recipient can verify the identity of the sender because only the sender’s private key could
have produced the correct digital signature.
• Data Integrity: Any modification of the original message, even a minor one, will result in a completely different
hash value. This means that the recipient can detect if the message has been tampered with.
• Non-Repudiation: Since the digital signature is tied to the sender’s private key, the sender cannot deny
sending the message later on.
34
CITS : IT&ITES - Computer Software Application - Lesson 01-17