Welcome to Chapter 6: Security, Privacy, and Data Integrity!
In today’s digital world, data is as valuable as gold. Whether it's your private messages, bank details, or game progress, we need to keep that data safe, private, and correct. In this chapter, we will learn how computers protect information from "bad actors" and how they ensure that data doesn't get messed up when we type it in or send it across the world. Don't worry if some of the terms sound technical—we'll break them down using simple analogies!
6.1 Data Security
Before we jump into the tools, we need to understand the three "big ideas" of this chapter. Students often mix these up, so let's clear them up first!
Security, Privacy, and Integrity: What’s the difference?
Imagine you have a private diary:
1. Security is the lock on the diary and the box you hide it in. It is the set of measures you take to prevent people from stealing or damaging it.
2. Privacy is your right to keep the secrets inside the diary to yourself. It's about who has the permission to see the data.
3. Integrity is making sure no one has ripped out pages or scribbled over your words. It means the data is exactly as it should be—accurate and up-to-date.
Threats: The "Bad Guys" of the Internet
To protect data, we need to know what we are protecting it from. Here are the common threats mentioned in your syllabus:
Hacking: When someone tries to break into a computer system without permission to steal or change data.
Phishing: You get an email that looks like it's from your bank or Netflix, asking you to click a link and "update your password." It’s a trap to steal your login details!
Pharming: This is sneakier. Malicious code is installed on your PC or a server that redirects you to a fake website even if you type the correct address (like www.yourbank.com).
Malware: This stands for "Malicious Software." Two main types you need to know are:
- Viruses: Programs that replicate themselves and aim to delete or corrupt data.
- Spyware: Software that secretly watches what you do (like recording your keystrokes) and sends the info back to a hacker.
Security Measures: Your Digital Fortress
How do we fight back? We use layers of protection:
1. User Accounts and Passwords: The most basic level. Only people with the "key" (password) can get in.
2. Biometrics: Using your unique body parts as a key, like fingerprints or facial recognition. It's much harder to steal a thumb than a password!
3. Firewall: Think of this as a security guard standing at the entrance of your network. It checks all data coming in and out and blocks anything suspicious.
5. Encryption: This turns your data into a secret code. Even if a hacker steals your file, they won't be able to read it without the decryption key.
6. Digital Signatures: This is like a wax seal on an envelope. It proves that a document really came from the person who sent it and hasn't been changed.
Quick Review: Security Measures
To protect the system, use firewalls and anti-virus. To protect the data itself, use encryption and access rights (permissions).
Key Takeaway: Security is about protection, Privacy is about control, and Integrity is about accuracy. Threats like Phishing and Malware are always evolving, so we use "layered" security to stay safe.
6.2 Data Integrity
Data Integrity is all about making sure data is correct. This happens in two stages: when you enter the data (Validation and Verification) and when the data is sent over a network.
Validation vs. Verification
Don't worry if this seems tricky at first—this is the most common place students lose marks!
Validation is a computer check. The computer checks if the data is sensible or follows certain rules. It doesn't know if the data is "true," just that it is "allowed."
Common Validation Methods:
- Range Check: Is the number within a limit? (e.g., a month must be between 1 and 12).
- Format Check: Does it look right? (e.g., a Postcode must be Letters and Numbers).
- Length Check: Is it too short or too long? (e.g., a password must be at least 8 characters).
- Presence Check: Did you leave the box empty?
- Check Digit: An extra number at the end of a code (like on a barcode) calculated from the other digits to ensure the code was typed correctly.
Verification is checking if the data actually matches the original source. It’s about making sure you didn't make a typo.
Verification Methods during Data Entry:
- Double Entry: You type the password twice (if they don't match, you made a mistake).
- Visual Check: You look at the screen and compare it to the paper you are typing from.
Common Mistake Alert!
Validation is NOT Verification. If you type your name as "Zyxwv" and the computer accepts it, it has passed Validation (it's letters), but it failed Verification because that isn't your real name!
Data Integrity during Transfer
When data travels through cables or Wi-Fi, bits (0s and 1s) can sometimes flip by accident due to electrical interference. We use these methods to spot errors:
1. Parity Check (Byte): We add an extra bit (the parity bit) to a byte to make the total number of 1s either Even or Odd. If a byte arrives with the wrong number of 1s, we know there’s an error!
2. Parity Block: This is like a grid. We check parity for the rows AND the columns. This is even better because it can tell us exactly which bit flipped and fix it automatically!
3. Checksum: Before sending, the computer runs a mathematical formula on the data to get a value (the checksum). The receiving computer runs the same formula. If the numbers don't match, the data was corrupted during the trip.
Formula Example: \( \text{Data Value} \pmod{\text{Key}} = \text{Checksum} \)
Did you know?
Checksums are used every time you download a large file. If the "Hash" or "Checksum" provided by the website doesn't match the one your computer calculates after downloading, your download is corrupted!
Quick Review: Integrity Checks
Validation: Rules (Range, Length, Format).
Verification: Humans (Double entry, Visual check).
Transfer: Math (Parity, Checksums).
Key Takeaway: Data Integrity ensures data remains accurate from the moment it is typed until it reaches its destination. Validation checks if it's "legal," Verification checks if it's "correct," and Parity/Checksums check if it "survived the journey."