100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
Previously searched by you
Summary P4/M2: Investigate cryptographic techniques and processes used to protect data | | UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing$12.25
Add to cart
Learning aim B: Investigate cryptographic techniques and processes used to protect data
B.P4 Explain the principles and uses of cryptography to secure and protect data.
B.M2 Analyse how the principles and uses of cryptography
impact the security and protection of data.
P4/M2 Cryptography: Securing
and protecting data
Cryptography is a process of storing and then transmitting data; so that it is hidden and can only be
processed and read by its intended recipient. As an online money transfer company, it will be
integral that we use cryptography methods as it will enable us to electronically make financial
transactions without the possibility of the data being intercepted and read, due to the data being
encrypted to anyone other than the sender and recipient. In this document I will outline the
principles and uses of cryptography and how to use it in your business.
Principles and uses of cryptography
There are many reasons why cryptography is used - not just for financial transactions or personal
data transfer - and these are listed below:
Digital Rights Management (DRM)
This type of system is used to provide copyright protection for digital media (e.g. films and games).
Its main purpose is to prevent - by making it difficult - the unauthorised copping and distribution of
all types of digital media. An example of this is the ‘AACS’ system on Blu-ray disks which encrypts the
media data meaning in order for it to be played, it has to be unencrypted. This makes it harder to
copy the content off the disk.
This management system will play an important role in
the protection of data within our company as it would
make it harder for hackers to access and then copy our
information; therefore, lowering the chances of a
breach and the impacts on the company that may have.
Password storage
Within your company, you will need to make sure that all passwords are stored as encrypted files.
This will ensure that if the system was hacked, the hacker wouldn’t be able to view the passwords
and access the data on that account. Any passwords that are not encrypted are stored in plain text
and are considered risks as they are easy to read if someone gained access to the system. Another
thing to consider is password strength; all employees should have long passwords with letters,
numbers and special characters to ensure it is harder to find out what the password is - therefore
increasing security.
Both these methods should be used as they will make sure that all passwords are secured safely and
that they are hard to crack; therefore,
meeting our requirements to protect
data. It also limits the impact a potential
breach could have as all the passwords
are stored in encrypted form.
Two-factor authentication
Unit 7: IT Systems Security and Encryption
, This is a method which uses multiple methods to verify a user’s ‘claimed identity’, before they are
granted access to certain data. Entering a second
password (normally numbers) which is sent to a linked
device or CAPTCHA are examples of second methods
of authentication which could be used. They are used
in order to give an extra layer of security, and to
protect and confirm the information being entered
into the site matches that of the user’s actual identity.
As a company, we should use this mechanism as it
would only grant people access to our money transfer
site after they had successfully presented two or more
pieces of evidence to verify that they are the holders of the bank account linked to our site. This
method will ensure that the customers’ accounts can only be accessed by themselves, meaning we
are meeting the requirements to protect people’s data and limit the effects of any potential data
breach, by making it harder to access information.
Apple’s ‘Two-Factor Authentication’ system protects their customer’s products by
only allowing access to their account on devices they trust, like their iPhone, iPad or
Mac. This means that when you sign into your account you will need to enter two
pieces of information – your password and six-digit code which is sent to another of
your trusted devices. A system like this is used as it verifies whether the owner of
the new device matches the Apple ID account.
To implement this system at the company, alongside regular passwords, we would
need to use security tokens which contain cryptographic keys, as this would allow
us to use Two-factor authentication effectively.
Obfuscation and steganography
These are two ways of encrypting data and, when used
together, can provide two levels of security. Obfuscation is
when you can tell a message - normally in the form of source
or machine code - has been encrypted, but you cannot decode
or understand the message without knowing the proper key,
meaning it is unclear and difficult to break for humans to
understand. In contrast, steganography is when the message
or data is easier to decode, however you wouldn’t find it as
easy to detect, as the file, message, image, or video is hidden
within another file, message, image, or video.
Most computer programs are designed to encrypt any data on them using cryptography methods,
and this would be useful for your business as it would insure all the data was hidden and hard to
decode.
Secure transactions
Our customers will be transferring highly
confidential information over the internet
through our site. This means that we need to
make sure that our side has an SSL Certificate,
which would mean the site was secure, and that
Unit 7: IT Systems Security and Encryption
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BTECcomputingANDbusiness. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.25. You're not tied to anything after your purchase.