The process of protect the internet-connected system from unauthorized user or cyber attack known as Cyber Security or you can say it Computer Security
It actually includes hardware, software and electronic data. The main goal of Cyber Security is to prevent the hackers to hack or damage the data. Hardware and software including demoralize the services they allocate.
Why Cyber Security is Important?
The approach of illegal users becoming popular to sensitive data or information. Now a days, Internet is a risky place for all organizations as well as personals to share or safe the data. The important thing is that the persons with IT skills can steal the data easily they wants. Because the hacking tools are available at different sites by browsing because of hacking tutorials are available on websites. Moreover, A person having basic knowledge of security system can make approach to your system and can harm it. Actually, the Technology is increasing day-by-day. Therefore, the network security or cyber security is most important now a days. The administration should have the information about security mechanisms, risks, firewalls, antiviruses etc to secure the data or system from illegal use.
There are three components to secure the data, information from unauthorized access
Confidentiality means to have confident that no one can read my data. It is the concealment of data from third party.
Two persons texting via encrypted email and they know decryption keys of each other, so, they can read data by entering decryption keys. If third person read the keys when they entering, then the confidentiality of that email is compromised.
Integrity means to have trust that only authorized persons can update the data. It is defined as to prevent unauthorized users to improper changes to secured data or information.
Let Suppose, you are paying 10$ online, but your data would be change without your knowledge by sending 10000$. then you can lost highest amount.
Basically, the secured or encrypted data must be available to authorized users known as availability. Furthermore, Authorized persons should have access the data at the time they needed. If the right data will not available at right time, it would be harmful.
As, a hacker can access the web server of bank and put it down. The authenticated user wants to shift data by e-banking transfer then it would not be possible.
Cyber Security Services
The service use to enhancement the security of data/information transfers known as Security Services.
Data Confidentiality defines that the data and information you are sending is just available to you and the person you want to send the data. And no one else can read or change it during the transfer of data and information. So, it is secured with using encrypting algorithms and private keys, that cannot be available to any third party use. If the third person read encrypted key when entering then the confidentiality of that email will compromised.
Data Integrity means to have trust that the data and information is transferring or updating by authorized person only. It is the prevention of hackers or the third party to improper changes to the sensitive data and information. As, if you are sending the data will not be change or update by unknown person.
It is the most important security service. Authentication means the protection of data from unknown user. If the data is transferring through internet, then it should be authenticate the authorized person by email and password. Moreover, It is the best way to authenticate or keep the data and information secure from unknown users.
There are different applications use to authenticate the data.
- Authentication Server
Non repudiation means the assurance that someone cannot refuse to something. Like, if you are contracting with another organization then you should have tangible evidence of data or their signatures on document. It is the authentication that can be said to be genuine with full confidence. As well as, the other person should not refuse his statement. Another example is
Access control means giving or providing the access of data to authorized users when they needed. The secured or encrypted data must be available to authorized users. So, If the right data will not available at right time, it would be harmful. As, a hacker can access the web server of bank and put it down. So, the authenticated user wants to shift data by e-banking transfer then it would not be possible.
Cyber Security Machanisms
Here are some security mechanisms to implement the security services. Keep reading, the First one and most important is
Encipherment is way of encryption of data . While transferring the data in encrypted way, the plain text encrypted with key and become encipher text. The code of encipher text is different from plain text. Plain text is the actual message, by using encryption algorithms it becomes encipher text, that cannot be understood by the hacker or third person. As well as the user at receiving point can decrypt it by using private key provided by sender and read the actual message. Therefore, it is the best security mechanism.
In encrypted emails, users have check value while sending or receiving the data. So, the security mechanism of data integrity match the check value of sender and receiver. If the check value matched of sender and receiver then the data will be decrypt otherwise it will not show the actual message.
Digital signature is used to verify the data. It is the process to assure that the contents of message have not been changed or updated during transition. Additionally, when a server digitally sign a document, then it add one-hash encryption of message content using the pair of your public and private key. So, your client can still read it, but the process creates the signature that only decrypt with server’s public key. As, the client, using server’s public key, can then validate the sender as well as the integrity of message contents.
In security mechanism, authentication exchange is the process of verifying the actual sender and receiver. For Example, If we share the data through Bluetooth then it verifies the sender as well as receiver. The data is exchanged in the case of the address is matched and sender or receiver gives the permission to access the data.
Traffic Padding is the way of adding unwanted variables or data to confuse the hacker. When you are sharing sensitive data then add unwanted variables, if the hacker hacks the information then it would be useless for him and cannot understood by unauthorized person.
Routing control is the process of path the data at different routers to prevent the attacks. This mechanism is use to confuse the hacker when he attacks to steal the data and information or wants to improper changes.
Notarization is a three-part process that guarantees the parties of transactions that document is authentic and can be trusted. For Example, you pass the message to your friend through your other friend. It becomes three-part transaction within trusted and authentic people.