Skip to main content

Week 12

 Data security means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach. 

 

Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data to make it unrecoverable, making the system unusable. Hardware-based security solutions prevent reading and writing access to data, which provides strong protection against tampering and unauthorized access. 

Hardware-based security or assisted computer security offers an alternative to software-only computer security. Security tokens such as those using PKCS#11, or a mobile phone may be more secure due to the physical access required to be compromised. Access is enabled only when the token is connected, and the correct PIN is entered (two-factor authentication). However, dongles can be used by anyone who can gain physical access to them. Newer technologies in hardware-based security solve this problem by offering full proof of security for data. 

Working off hardware-based security: A hardware device allows a user to log in and log out through manual actions. The device uses biometric technology to prevent malicious users from logging in, logging out, and changing privilege levels. The current state of a user of the device is read by controllers in peripheral devices such as hard disks. Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by hard disk and DVD controllers making illegal access to data impossible. Hardware-based access control is more secure than the protection provided by the operating systems as operating systems are vulnerable to malicious attacks by viruses and hackers. The data on hard disks can be corrupted after malicious access is obtained. With hardware-based protection, the software cannot manipulate the user privilege levels. A hacker or a malicious program cannot gain access to secure data protected by hardware or perform unauthorized privileged operations. This assumption is broken only if the hardware itself is malicious or contains a backdoor. The hardware protects the operating system image and file system privileges from being tampered with. Therefore, a completely secure system can be created using a combination of hardware-based security and secure system administration policies. 


 Wrap-up


I enjoyed the experience of writing a blog and doing research about the topic and the body of the blog, it enabled me to read and learn more about the weekly chapter I needed to read. Writing a blog is helpful because it pushes me to study and read materials from my textbook to design a blog. 

I think I do see myself blogging in the future if it is not required for an assignment and if I have the time to do so. I am not sure blogging is desirable to most employers because I have yet to see it in a job description, but I hope it is the case. 

Comments

Post a Comment

Popular posts from this blog

Week 6 Cloud Computing

     Key Features of Azure DNS DNS Hosting : Azure DNS allows you to host your DNS domains in Azure. You can manage your DNS records using the same credentials, APIs, tools, and billing as your other Azure services. Public and Private DNS Zones : Public DNS Zones : These are used for hosting domains accessible over the internet. You can manage DNS records for your public domains using Azure DNS. Private DNS Zones : These are used for managing and resolving domain names within your virtual network without configuring a custom DNS solution. This is useful for internal name resolution within your Azure environment. DNS Resolution : Azure DNS provides fast and reliable DNS resolution using a global network of name servers. Anycast networking allows DNS queries to automatically route to the closest name servers for the best possible performance.   DNS Private Resolver : This service enables you to query Azure DNS private zones from an on-premises...
Post a Comment
Read more

System Hardening Week 2

  The  Application layer  is the seventh and highest layer of the OSI and TCP/IP models. It specifies the shared communication protocols and interface methods hosts use in a communications network. The protocols in the Application layer are responsible for providing services to the user, such as file transfer, email, and web browsing.
Post a Comment
Read more

System Hardening Week 12.

  Network automation offers several compelling benefits, and its impact on IT professionals is significant. Below are some advantages.   Benefits of Network Automation: It eliminates manual tasks by automating network processes. This boosts IT productivity, allowing professionals to focus on strategic initiatives that drive business growth. Network automation enables faster provisioning of critical data services, optimizes network performance, and speeds up the rollout of new services and applications. Previously infrequent network changes have become more frequent due to automation, reducing manual adjustments' time-consuming and resource-intensive nature. It helps build a reliable network for an infrastructure-as-code approach that consistently maintains network state and configuration, enhancing reliability from data centers to edge location...
Post a Comment
Read more