2.3.1 Encryption
The process of encoding data so it can only be read by someone with the correct key.
- Plaintext: The original, readable data.
- Ciphertext: The scrambled, unreadable data.
- Purpose: Protects data during transmission (e.g., HTTPS/SSL) or while stored on a drive.
2.3.2 Authentication
The process of verifying that a user is who they claim to be.
- Note: This is different from Authorisation (which is what you’re allowed to do).
2.3.2.1 Passwords
The most common “something you know” method.
- Best Practice: Use high complexity (length, symbols, numbers) and Multi-Factor Authentication (MFA) to prevent brute-force attacks.
2.3.2.2 Biometrics
Authentication using “something you are” (physical traits).
- Examples: Fingerprint scanners, facial recognition, iris scans.
- Pros: Hard to lose or forget; unique to the individual.
- Cons: Cannot be changed if the data is stolen; privacy concerns regarding stored body data.
2.3.2.3 Digital Signature
A mathematical technique used to validate the authenticity and integrity of a message or document.
- How it works: Uses a Public Key Infrastructure (PKI) to prove that the sender is real and that the data hasn’t been tampered with since it was signed.
Site Title 