Smart Card

A smart card,chip card or integrated circuit card(ICC) is a pocket sized plastic card with embedded integrated circuits.A hologram may be embedded in the card to prevent counterfeiting.Smart cards may also provide strong security authentication for single sign on within large organisations or mid sized firms.Smart cards can be used for authentication,identification,data storage and application processing.

Some of the most common smart card applications are:

• Credit/Debit cards
• Computer security systems
• Electronic cash
• Wireless communication
• Banking
• Satellite TV
• Government identification

Security Token

A security token or an authentication token is a small hardware device that the owner carries to authorize access to a network service.The security token acts as a electronic key which provides access to something and is used in addition to or in place of a password to verify one's identity.

The user of a security token has a personal identification number(PIN) which authorizes the user as the owner of the device, and the device too displays a number which uniquely identifies the user to the service,allowing the user to log in.The user identification number is usually changed in every 5 minutes or so.

A security token is a physical object which makes it different from a password.It is in the form of a smart card or may be embedded in a commonly used object such as a key chain.

Advent Of Cyber Crime

Computers have come a long way,from a 6ft tall machine to palm size micro computers promising to turn every atom in a glass of water into a computer capable of performing a billion operations per second.

With the development came the flip side of it- crimes. Crimes relating to computers and IT are thus called cyber crimes.IT security certification provides insights to these concepts.

Cyber crimes pose a serious threat to every stakeholder today no matter you are an indivisual, a company, a software developer or as in my case a blogger. In today's era where we wake up with technology and then finally we go to bed with technology, it is of utmost importance to understand cyber security and few basic techniques through which one can secure his/her living. 

Basic principles to be followed in order to maintain physical security

Security begins at the very basic level i.e the physical level.We have discussed earlier the need of physical security in cyber tech.
Now we should focus on what should be done so that the network and its components have been protected at the physical level.Following are some general principles that should be followed:

• Keeping people away to prevent any unauthorized access.
• Lock up the server room.
• CPU case should also be locked up to prevent someone from stealing the machine.
• Setting up surveillance to keep an eye on people coming in and going out.
• It is necessary to keep the most vulnerable devices in the locked room as the safe is of no use if we keep all our precious belongings on the dining table.
• Prevent intruders from opening the case as it is much easier to walk away with a hard drive rather than taking your machine.
• Backups should be kept at a very secure location better to keep it offsite.
• Disable the drives so that a intruder could not copy data into their removable media.
• Many printers nowadays can store document content in their own on-board memories so protect your printers too.

Following these principles is not all but yet these can serve as the basic guideline in maintaining physical security.

Physical Security

Cybertech Security is one of the most essential requirements today. Not only professionals working in this field but also we as an individual need to understand the implications of a Cybertech Security.

Till now we have learnt about password basics. Further we will understand other aspects related to cyber security such as physical security.

Physical Security

Computer security is defined as "the measures applied to ensure security and availability of the information processed,stored and transmitted by the computer".With each level of security requirements,the security measures applied may differ.

Physical security as the name signifies refers to the security of tangible assets such as computers,modems,printers,servers, etc.Physical security can be achieved through locks,bio-metrics,guards,closed circuit television,smart cards,tokens etc.

Improper physical access may result into:

• Unauthorized entry

• Damage or theft of equipments or documents

• Copying or viewing of sensitive data

• Abuse of data 

• Illegal physical access

Create a strong and memorable password in 5 steps

• Think of a sentence that you can remember.For example pass phrase like "I Have 2 sisters and 1 brother."

• Check if the computer or online system supports the pass phrase directly.

• If the computer or online system does not support pass phrases,convert it to a password like "Ih2sa1b",first letter of each word of the sentence.

• Add complexity by mixing uppercase and lowercase letters and numbers.It is valuable to use some letter swapping or misspellings as well.For instance,in the pass phrase above,consider misspellings Hav,or substituting the word "two" for the number 2.There are many possible substitutions,and the longer sentence,the more complex your password can be.Your passphrase might become "I HaVe twO sisters And1 BrOther" n if it is rejected then make it as a "IhTSa1b"

• Finally,substitute some special characters,You can use symbols that look like letters,combine words(remove spaces)and other ways to make the password more complex.Use these tricks,we create a password of "Ih@vE2$&1b".

What are the types of password attack?

So now as we know what a password actually is,its time to discuss the common methods of cracking a password.The three most common of them are Dictionary attack,Brute force attack and Hybrid attack.

A brief description of each will help us understand these methods hindering tech security.

1. Dictionary Attack : In this an attacker tries to use the entire password prewritten in separate files called a  dictionary which contains common passwords used by people and English dictionary words.This is the least time consuming method but the success rate here is very poor.

2. Brute Force Attack : This attack can have a success rate upto 100% at times because here an attacker tries to use permutation and combinations possible by a set of character sets such as 0-9, A-Z, a-z and symbols.However in case of a lengthy password this method becomes very slow hence making it almost unfeasible.

3. Hybrid Attack : Hybrid attack is where an attacker uses the combination of the above mentioned  methods or any other method. Hybrid attack also involve pre computed tables of hashes which increases the speed and tables are generated by using all the character sets thereby increasing the success rate.

Passwords

Most of us know in general what a password means and why is it used? Almost everyone of us has some or the other social account,or some bank account etc which we can access through passwords.

"A password is a secret word or string of characters that is used for authentication,to prove identity or to gain access to a resource"

Types of password:

A password can be broadly classified into two categories viz. BIOS password and System password.

1. BIOS(Basic Input Output System) is the first program which is run when a computer starts. A bios password is set at this level hence it prevents the system from starting if the correct password is not provided.
2. System password is of two types i.e user password and administrator password where user passwords are assigned to users on a single machine or domain  and different users may be granted different permissions.Administrator password on the other hand is assigned to the administrator of the machine who has all the power to make changes on the system and assign priviles to various users.

This article briefly describes the basic concepts related to a password.In my next article we will learn about types of password attacks.

Cyber Security Illustration

Cyber Security is also known as Information Security as it is applied to computers and networks. Its objective is to protect sensitive and valuable information from unauthorised access,hacking or natural disaster and at the same time keeping it accessible and productive to its intended users.

It is thus termed as the process of preventing and detecting unauthorised use of one's computer and network. It prevents unauthorised users ( intruders) from accessing any part of your computer system. It gives answers to questions such as:

• Did someone attempt to break into your system?
• Were they successful or not?
• Did they harm your system by any means?
• What security measures may help to overcome the loss,if any?

I hope this article was enough to explain what cyber security broadly means.If you want to share something or have any questions related to cyber security then please do comment below or contact me through the contact form.