Page 48 - CITS - Computer Software Application -TT
P. 48

COMPUTER SOFTWARE APPLICATION - CITS



           Digital signatures are widely used for various purposes, such as signing contracts electronically, securing email
           communications, validating software updates, and more. They play a crucial role in ensuring the authenticity and
           integrity of digital transactions and communications

           CIA Tried
           The CIA triad is a widely recognized model for information security. It stands for Confidentiality, Integrity, and
           Availability, which are three essential concepts that help to ensure the security of sensitive information.
























           Confidentiality
           This refers to the protection of information from unauthorized access or disclosure. Confidentiality ensures that
           sensitive  information  is  only  accessible  to  authorized  individuals  or  systems.  This  can  be  achieved  through
           methods such as encryption, access controls, and secure communications.
           Tools for Confidentiality



















           •  Encryption
           Encryption involves converting information into an unintelligible form to prevent unauthorized individuals from
           comprehending it. This is achieved through the utilization of algorithms, with the transformation of data being
           facilitated by a confidential encryption key. Consequently, only those in possession of the corresponding decryption
           key can revert the transformed data back into a readable format. By employing encryption, confidential data such
           as credit card details can be safeguarded as it is converted into an indecipherable ciphertext. The sole method to
           access this encrypted data is by employing decryption. The two main categories of encryption are asymmetric-
           key and symmetric-key encryption.
           •  Access control
           Access control establishes regulations and guidelines for restricting entry to a system, as well as to tangible or
           digital assets. It constitutes a procedure through which users receive permission to access systems, assets,
           or  information  along  with  specific  entitlements.  Access  control  mechanisms  necessitate  users  to  furnish
           authentication details prior to obtaining entry, which can encompass individual names or device identifiers. In
           instances of tangible setups, these validation elements can assume diverse formats, although non-transferable
           credentials offer the highest degree of security.


                                                           35

                              CITS : IT&ITES - Computer Software Application - Lesson 01-17
   43   44   45   46   47   48   49   50   51   52   53