Computer Science AS CIE
-
data-representation as5 主题
-
multimedia as3 主题
-
compression as2 主题
-
networks-and-the-internet as11 主题
-
computers-and-components as5 主题
-
logic-gates-and-logic-circuits as2 主题
-
central-processing-unit-cpu-architecture as6 主题
-
assembly-language- as4 主题
-
bit-manipulation as1 主题
-
operating-systems as3 主题
-
language-translators as2 主题
-
data-security as3 主题
-
data-integrity as1 主题
-
ethics-and-ownership as3 主题
-
database-concepts as3 主题
-
database-management-systems-dbms- as1 主题
-
data-definition-language-ddl-and-data-manipulation-language-dml as1 主题
-
computational-thinking-skills as1 主题
-
algorithms as4 主题
-
data-types-and-records as2 主题
-
arrays as2 主题
-
files as1 主题
-
introduction-to-abstract-data-types-adt as1 主题
-
programming-basics as1 主题
-
constructs as2 主题
-
structured-programming as1 主题
-
program-development-life-cycle as1 主题
-
program-design- as2 主题
-
program-testing-and-maintenance as3 主题
security-measures as
Exam code:9618
Security, privacy, integrity
What is the difference between data security, privacy and integrity?
|
Term |
Definition |
Key focus |
Example |
|---|---|---|---|
|
Data Security |
Protecting data from unauthorised access, theft, or attacks |
Preventing breaches or leaks |
Using encryption, firewalls, and passwords to protect stored data |
|
Data Privacy |
Ensuring data is collected, stored, and shared in a way that respects the user’s rights |
Controlling who can access and use personal data |
Asking for user consent before collecting or sharing personal information |
|
Data Integrity |
Ensuring data is accurate, complete, and unaltered during storage or transfer |
Maintaining correctness and reliability |
Using checksums or validation rules to detect accidental or unauthorised changes |
-
Security = keeping data safe from threats (e.g. hackers)
-
Privacy = making sure data is used fairly and with consent
-
Integrity = making sure data stays accurate and unchanged
Protection techniques
User accounts
-
User accounts are designed to control access to computer systems
-
They help protect data and system resources by ensuring only authorised individuals can log in and perform specific tasks
Passwords
-
Passwords are a digital lock to prevent unauthorised access to an account
-
They are often stored as an encrypted/ciphered text entry in a database, ensuring that even with unauthorised access to a database, a hacker would not be able to gain access to the individual passwords of users
Authentication
-
Authentication is the process of ensuring that a system is secure by asking the user to complete tasks to prove they are an authorised user of the system
-
Authentication is done because bots can submit data in online forms
-
Authentication can be done in several ways, including:
-
Digital signatures
-
Biometrics
-
Digital signatures
-
A digital signature is a secure way to prove that a digital message or document was sent by a specific person and that it has not been altered
-
It acts like a digital stamp of approval, confirming:
-
Who sent the data (authentication)
-
That the data hasn’t been changed (integrity)
-
Biometrics
-
Biometrics are an individuals personal characteristics used to identify them, such as
-
Fingerprints
-
Iris/retina scans (eyes)
-
Voice recognition
-
-
Biometrics provide a very secure method of confirming a users identity before allowing access/permission to a computer system
-
Biometric measures are often used on mobile devices to provide secure access
Firewall
-
A firewall is a barrier between a network and the internet
-
A firewall prevents unwanted traffic from entering a network by filtering requests to ensure they are legitimate
-
It can be both hardware and software and they are often used together to provide stronger security to a network
-
Hardware firewalls will protect the whole network and prevent unauthorised traffic
-
Software firewalls will protect the individual devices on the network, monitoring the data going to and from each computer
-
Anti-virus software
-
Anti-virus software is a term used to describe a combination of different software to prevent computers from being susceptible to viruses and other malicious software
-
Anti-virus scans through email attachments, websites and downloaded files to search for issues
-
Anti-virus software has a list of known malware signatures to block immediately if they try to access your device in any way
-
Anti-virus will also perform checks for updates to ensure the database of known issues is up to date
Anti-spyware software
-
Anti-spyware is a type of security software designed to detect, block, and remove spyware from a computer system
-
Spyware is a type of malicious software (malware) that secretly gathers information about a user without their knowledge
-
It can:
-
Record keystrokes (e.g. passwords, credit card numbers)
-
Monitor browsing habits
-
Access files and send them to a third party
-
Encryption
-
Encryption is the process of converting data into a secret code so that only authorised users can read it
-
It protects sensitive information (like passwords, personal data, or messages) from unauthorised access, especially when data is stored or sent over a network
|
Type |
Description |
|---|---|
|
Symmetric |
The same key is used to encrypt and decrypt. Fast but key must be shared securely |
|
Asymmetric |
Uses a public key for encryption and a private key for decryption. More secure for sending data |
Worked Example
A company has several security measures in place to prevent unauthorised access to the data on its computers.
Describe the difference between the security and privacy of data.[2]
Answer
-
Security protects data against loss [1 mark]
-
Privacy protects data against unauthorised access [1 mark]
Responses