Introduction to Computer Security - Essay Sample

Introduction

Technology has now been integrated into every aspect of our day to day living, and it is difficult to engage in any form of activity without interacting with a technological interface. Some of the various sectors where technology has been largely embraced include; banking whereby most of the bank data and client information is stored in databases, the health sector, here electronic health records EHR are used to store crucial patient information that is easily accessed and retrieved. The transport sector as well has embraced technology with modern applications such as lyft and uber being just among some of the few top transport applications.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Although technology has been instrumental in the increased efficiency that has been observed in the various areas where it has been integrated, certain shortcomings are associated with this form of advancement. With such vast amounts of sensitive information available out there, it is possible for any individual to access it and some may be with malicious intentions (Chen & Chandran, 2007). The term hacking is a common terminology that is used in the computer world referring to the unauthorized access of data or information on a computer. There are two major categories of hacking, i.e. ethical hacking and unethical hacking. The latter necessitates the implementation of computer security measures that aid in the restriction of access from data or any information by unintended individuals or users.

Computer security can be defined as a form of information technology security system that is aimed at the protection of computer security systems, i.e. hardware and the software components from any form of disruption in their performance that may affect the function ability of these components. As a result of the increased dependency on these computer systems, the field of computer security has grown significantly in the attempt to ensure that there is enough protection from access by unauthorized personnel as well as mitigating any data corruption that would adversely affect the credibility of the information stored within.

There are various ways in which computer security may get breached including; eavesdropping, direct access by unintended individuals, tampering, spoofing, backdoor access among other avenues. Through the understanding and application of computer security measures, it is possible to alleviate these breaches totally, and in case the total eradication is not possible, then the severity of the effects related could be reduced.

The Culture of Information Security

The culture of information security is linked to some variable dependencies that may either directly or indirectly influence the effectiveness of the applied computer security measures. For instance, the worker's behavior could have a significant effect on the security systems of an organization and the data safety of the firm's electronic data. Computer technology allows for the sharing of resources such as access to data files, servers, printers among other resources that get utilized in the operational procedures of an organization. As a result of the shared infrastructural components, other materials get shared such as passwords and other encrypted forms of data. However, as a result of the shared password's and user accounts, it is possible for a single individual to leak this information to an external party putting the firm's information and data at higher risk.

The above behavior got identified whereby; the employees do not consider themselves to be part of the information security team. Instead, they think it to be the organization's responsibility to oversee and follow up on the security implementation measures that are aimed at information protection.

Biometrics and Cryptography Background

Cryptography has been adopted as one of the safest ways of enhancing information security. Cryptography could be defined as the securing of communication where there is a third party involved to prevent the spread or leaking of this information to unintended individuals. Biometric cryptography also referred to as biometric encryption is a relatively new field in the computer security department that entails technologies that securely bind a digital key to a biometric or generate a digital key from the biometric so that no biometric image or template is stored (Hao, Anderson & Daugman, 2006). It must be computationally difficult to retrieve either the key or the biometric from the stored BE template, which is also called "helper data." The key will be recreated only if the original biometric sample is presented on verification (Hao, Anderson & Daugman, 2006). The output of the BE authentication is either a key (correct or incorrect) or a failure message. The difference between biometric encryption and the conventional methods of encryption is the fact that there is the concept of natural variability that arises as a result of the biometric.

Decentralized biometric cryptography involves the storage of user data and credentials in an offline platform where the data is only retrievable upon the provision of a cryptographic digital key such as an eye retina that gets scanned or a fingerprint. Some common examples of biometric encryption include; windows hello and the iPhone touch. These are all recent advancements that have been continually developed and perfected over time in the attempt to oversee that security is buffered and that user data is stored securely without any access from third parties or any other kind of authenticity breach.

The Basic Underlying Technology, Standards, and Processes

The basic underlying technological standards in biometric encryption are quite simple and follow a preset conditioned command in data and information protection. Comparison between two data sets, i.e. a preset bio-info, and new bio info are the standard procedures in biometric cryptography. The fingerprint scanner which is the most common type of biometric encryption amongst smartphones users applies this kind of two-step verification process (Barni, Droandi & Lazzeretti, 2015). First, to set-up encryption, the device owner is required to provide a fingerprint which will be used as the standard comparative against any other print that is presented in the attempt to decrypt the encryption.

Fig.1 the operational principles of a biometric system

After the comparative standard has been established, the encryption set-up is completed, and whenever the cryptography is active, the initially provided standard will be required to match the original print to gain access to the stored data. The match requires a similarity of 90% or above to unlock the encryption. This is because it is difficult to obtain a 100% identical biometric owing to natural factors such as sweat or scars.

Advanced Security-Related Aspects of the Underlying Technology

There are more recent advancements that have gotten observed in the field of biometrics and cryptography in an attempt to bolster computer security. The latest form of cryptography being referred to as cryptanalysis which is a process that involves the critical analysis of information systems in the attempt to understand the concealed characteristics of the system. Cryptanalysis is utilized as a reverse engineering tool that gets utilized in the determination of the weak spots in a developed or developing encryption procedure and is used to eliminate these shortcomings (Barni, Droandi & Lazzeretti, 2015). In other instances, the technology could also get utilized in the deciphering of cryptographic systems and grant access to encrypted data in the absence of a cryptographic key.

Mathematical analysis of cryptographic algorithms has continually contributed towards the further enhancement of this technology thereby increasing its reliability in the field of computer security. The continually advancing technology is a factor that is leading to the continued necessity for further advancements in the cryptography algorithms. As a given computer security measure advances in time and usage, so does it become either outdated, i.e. obsolete but also more prone to hacking. The goal is therefore usually to stay one step ahead of the hackers and ensure that there is constant upgrading in the user credentials encryption.

One of the latest advancements in biometric encryption is the embedded software whereby it is virtually impossible to access encrypted information in the absence of these chips that are often embedded in the owner's body parts. Some of these include RFID chips that are the external key required for the completion of the decryption process. It is only possible to decrypt the security system upon the provision of the external key near the encryption infrastructure. Some areas where this kind of technology is being utilized include; private organizations or corporations where safes are used for the storage of essential material.

Privacy and Data Security in Computer Security

Sometimes, it is difficult to achieve total privacy in the computing world given that in most cases, most information is always a single click away. To achieve some level of privacy, there are basic cryptography options available for the users that could help keep their essential information safe. One of the most common and ancient encryption methods is the use of passwords and passcodes. A password could be defined as a word, a combination of alphabetical letters and numerals that is unique and only known to individuals with authorized access to the information at hand (Soutar et al., 2009). On the other hand, passcodes are a combination of numerical figures that are intended to serve the same purpose as the passwords. The above methods were initially the basic encryption options available but are continually getting outdated as the biometric encryption continues to advance more.

The primary reason as to why these cryptographic options are losing popularity among their users is the fact that they are prone to hacking thereby are less secure. For instance, even an individual with a little understanding of the hacking process they could bypass these security systems by guessing the combination of numbers or letters and accessing the encrypted information. As a result, the privacy in these methodologies is not guaranteed and could put sensitive information at a much greater risk of unwanted access.

The three fundamental principles of data security include; integrity, confidentiality, and availability. The integrity models are aimed at keeping the data unadulterated and ensure that the data remains pure as it was uploaded. Data integrity is achieved through; user prevention from any form of data modification, maintenance of internal and external data consistency as well as affiliated programs. The availability platforms ensure that the data remains accessible to authorized personnel or users. One major area of data security that is often overlooked is the data availability (Natgunanathan et al., 2016). Most individuals tend to think that data security only entails the prevention of access from unintended third parties. However, sometimes, it is possible or stored data to be lost via a virus and other forms of adulteration. Via data availability modules, it is ensured that the stored information is not lost through some unknown means.

Some activities that preserve confidentiality, integrity, and availability are granting access only to authorized personnel, (Soutar et al, 2009) - applying encryption to information that will be sent over the Internet or stored on digital media, periodically testing computer system security to uncover new vulnerabilities, building software defensively, and developing a disaster recovery plan to ensure that the business can continue to exist in...