CSE - Creating a Safe Environment for Computing [OVERVIEW]

MSCompSci2_OverviewBannerTopCreating a Safe Environment for Computing

Introduction

In today's digital age, understanding cybersecurity is crucial in safeguarding society.

By grasping cybersecurity first principles, applying encryption concepts, and summarizing essential knowledge of anti-malware, firewalls, and intrusion detection systems, students can protect vital information from cyber threats.

Additionally, by delving into cybersecurity ethics, digital citizenship, and privacy laws, you analyze and describe the ethical responsibilities and legal aspects of ensuring a secure online environment for everyone.

Like understanding sharing personal information online and how unethical practices like spreading misinformation or engaging in cyberbullying can lead to cybersecurity breaches or violations of privacy laws.

Understanding how encryption secures payment information between buyers and sellers can empower students to make informed choices while engaging in e-commerce activities, ensuring their financial data remains protected from cyber threats.

Learning Questions

    • Students will be able to express the needs of cybersecurity in protecting society.
    • Students will be able to define cybersecurity first principles, apply concepts related to encryption, and summarize the basic understanding of anti-malware, firewalls, and intrusion detection systems.
    • Students will be able to analyze and describe the characteristics of cybersecurity ethics, digital citizenship, and laws governing privacy.

Module Key Terms

Abstraction | Removal of clutter.

Access controls | Security features that control how users and systems communicate and interact with other systems and resources.

Accountability | Provides insight into how well the access control process is working: whether or not subjects abuse their access.

Authentication | The method of proving the subject's identity; such as a password, passphrase, or PIN. 

Authorization | The method of controlling the access of objects by the subject. 

Availability | Data and systems are available and accessible when needed by authorized users.

Confidentiality | Assurance that sensitive information remains private and accessible only to authorized individuals or entities. 

Cryptography | The process of hiding or coding information so that only the person a message was intended for can read it.

Domain Separation | The division of power within a system. No one part of a system should have complete control over another part.

Encryption | The idea is to scramble a message in such a way that only the intended recipient of the message can unscramble it, so that only the two of you know the message.

Firewall | A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Hashing | With hashing, you create a number (called the hash) from a file or string using a process that's hard to reverse.

Identification | The method of ensuring that a subject is the entity it claims to be.

Information Hiding | Users having an interface to interact with the system behind the scenes.

Integrity | Accuracy and reliability of data and systems.

Intrusion Detection System (IDS) | A network security tool that monitors network traffic and devices for known malicious activity, suspicious activity, or security policy violations.

Intrusion Prevention System (IPS) | Monitoring network traffic for potential threats and automatically blocks them by alerting the security team, terminating dangerous connections, removing malicious content, or triggering other security devices.

Layering | Having multiple forms of security. 

Least Privilege | The assurance that an entity only has the minimal amount of privileges to perform their duties.

Minimization | Mechanisms used to access resources should not be shared.

Modularity | Breaking down of larger tasks into smaller, more manageable tasks.

Non-Repudiation |  A user cannot deny (repudiate) having performed a transaction. It combines authentication and integrity: non-repudiation authenticates the identity of a user who performs a transaction, and ensures the integrity of that transaction.

Process Isolation | Individual processes or tasks running in their own space. This ensures that the processes will have enough resources to run and will not interfere with other processes running.

Resource Encapsulation | The ability to only use a resource as it was designed to be used. 

Risk Management | An ongoing process of identifying these security risks and implementing plans to address them.

Simplicity | The ability to reduce the learning curve when analyzing and understanding the hardware or software involved in the information system.

Steganography | Technique of hiding data within an ordinary, nonsecret file or message to avoid detection.

Virtual Private Network (VPN) | A communications session between devices that can safely traverse public networks and has been made virtually private through the use of encryption technology.

[CC BY-NC-SA 4.0 Links to an external site.] UNLESS OTHERWISE NOTED | IMAGES: LICENSED AND USED ACCORDING TO TERMS OF SUBSCRIPTION - INTENDED ONLY FOR USE WITHIN LESSON.