Unit – 1
Introduction to Cyber Security
Cyberspace
Cyberspace refers to the interconnected
environment of computer systems, networks, and digital communication. It is a
virtual space where electronic data, information, and online activities occur.
Cyberspace is like a vast, virtual world that
exists on the internet. It's the environment where all digital
communication, information, and activities take place. Imagine it is a giant interconnected space where people can
interact, share data, and perform various tasks using computers and other devices.
1) Nature: It is not a physical space but rather a conceptual space
where digital communication, information, and activities occur.
2) Components: Cyberspace includes the internet, websites,
online platforms, social media, and various digital technologies.
3) Interaction: In cyberspace, individuals and organizations
can interact, share data, access information, and perform various tasks
using computers and other electronic devices.
4) Global Reach: Cyberspace has a global reach, allowing
people from different parts of the world to connect and communicate in
real-time.
5) Importance: It plays a crucial role in modern
communication, commerce, education,
entertainment, and social interactions.
6) Security Concerns: As cyberspace continues to evolve, there are
concerns about
cybersecurity, including issues such as data
breaches, hacking, and the protection of personal information.
7) Technological Backbone: The infrastructure of cyberspace
relies on the underlying
technology of computer networks, servers,
routers, and various communication protocols.
8) Digital Economy: Cyberspace is a fundamental component of the
digital economy,
facilitating online transactions, e-commerce,
and the exchange of digital goods and services.
9) Challenges: Challenges in cyberspace include addressing
cyber security threats, ensuring online privacy, and navigating the
complexities of digital governance and regulation.
Advantages
1) Global Connectivity: Cyberspace allows people from around the
world to connect and
communicate in real-time. It has facilitated
global collaboration, breaking down geographical barriers.
2) Information Access: It
provides instant access to a vast amount of information. Users can quickly
retrieve data, research topics, and stay informed about current events from
virtually anywhere.
3) Communication: Cyberspace enables various forms of
communication, including emails, instant messaging, video calls, and social
media. It has revolutionized the way people interact and stay connected.
4) E-Commerce: The rise of cyberspace has fueled the
growth of e-commerce. Businesses and consumers can engage in online
transactions, making it convenient to buy and sell goods and services globally.
5) Education and Learning: Cyberspace has
transformed education by providing online learning platforms, e-books, and
educational resources. It allows students to access information and courses
from anywhere in the world.
Disadvantages
1) Cybersecurity Threats: One of the most significant drawbacks of
cyberspace is the constant risk of cybersecurity threats. These include
hacking, malware, phishing, and other malicious activities that can compromise
the confidentiality and integrity of information.
2) Privacy Concerns: Users often share personal information
online, raising concerns about privacy. Unauthorized access to personal data or
surveillance can lead to identity theft,stalking, and other privacy violations.
3) Cybercrime: The interconnected nature of cyberspace has
given rise to various forms of cybercrime, such as online fraud, scams, and
cyberattacks. Criminals exploit vulnerabilities to carry out illegal
activities, causing financial and reputational damage.
4) Digital Divide: Not everyone has equal access to cyberspace,
leading to a digital divide. Socioeconomic factors, geographical location, and
infrastructure limitations can create disparities in internet access and
digital literacy
5) Misinformation and Fake News: Cyberspace has
become a breeding ground for
misinformation and fake news. False information
spreads quickly through social media and other online channels, influencing
public opinion and creating confusion.
6) Addiction and Overdependence: Excessive use of the
internet and online platforms can lead to addiction and overdependence. This can
have negative effects on mental health, relationships, and overall well-being.
7) Online Harassment and Bullying: Cyberspace provides
a platform for online harassment, bullying, and cyberbullying. Individuals may
face harassment, threats, or intimidation, affecting their mental health and
safety.
8) Data Breaches: Organizations storing large amounts of data
online are susceptible to data breaches. If sensitive information falls into
the wrong hands, it can lead to financial losses, reputational damage, and
compromised privacy.
9) Disinformation Campaigns: Cyberspace is often used for
disinformation campaigns,
influencing public opinion and political
outcomes. This can have significant societal and
political implications.
10) Technology Dependence: Overreliance on technology in
cyberspace can lead to a
dependence that may have negative
consequences when systems fail or experience
disruptions. This dependence is especially
critical in areas such as finance, healthcare, and critical infrastructure.
Overview of computer
Computer definition
A computer is an electronic device that manipulates information, or data. It has the ability to
store, retrieve, and process the data and to perform multiple tasks given by
the users.
The title "Father of the Computer"
is often attributed to Charles Babbage, a 19th-century mathematician and
inventor. Invented the computer in the year 1822.
Two things all computers have in common:
hardware and software.
Hardware is any part of your computer that
has a physical structure, such as the keyboard or mouse. It also includes all
the computer's internal parts, like Motherboard, Optical drives and many more
Software is any set of instructions that
tells the hardware what to do and how to do it.
Examples of software include web browsers,
games, and word processors.
History of computer
2500 BC-The Abacus- It is considered as
the first computer which is originated in China. It is used to make some
calculation by sliding of beads it is arranged on the frame.
1614 AD-Napier bones-In the year 1550 to
1617 a Scottish mathematician named an John Napier invented Napier bones. It
consists of bones and it is marked with numbers which is used to perform
multiplication.
1642 AD-In the year 1642 Pascal invented
“Pascaline”. It is first adding machine which is used to perform addition.
1834 - Charles Babbage invents
the analytical engine,
which improved upon mechanized calculation technology and allowed for more
general-purpose calculation
1887 - Herman Hollerith
develops a tabulating system that uses punch cards to speed up processing for
the 1890 U.S. Census. This technology set the foundation for later
developments in computing.
1911 - Herman Hollerith's
Tabulating Machine Company merges with two other companies to form the
Computing-Tabulating-Recording Company, which is now called IBM.
1945 - University of
Pennsylvania professors John Mauchly and J. Presper Eckert develop the Electronic
Numerical Integrator and Calculator (ENIAC), an early digital computer. The ENIAC
used punch cards and was designed to help Army gunners aim their weapons with accuracy.
1947 - Bell Labs scientists
develop the first transistor, a solid state electronic device with three terminals
that can be used to control electric current and voltage flow between
terminals. The transistor is an important component in nearly all electronics
used today.
1958 - The integrated
circuit debuts. Jack Kilby and Robert Noyce designed the integrated circuit,
which is also known as the computer chip. Kilby received a Nobel Prize in
Physics for his efforts.
1971 - Intel introduces the
first microprocessor, the Intel 4004. This microprocessor combined all the
necessary chips onto one chip and made the PC possible.
Different parts of computer
Monitor
A computer monitor is an output device that shows pictures for computers.
Monitors often look like smaller televisions.
The primary use of a monitor is to display images, text,
video, and graphics information generated by the computer. It can be
referred to as the main output device of a computer device.
Mouse
The mouse is a small, movable device, mouse has two
buttons, and some will have a wheel in between. It is also called as pointing
device.
An important function of a computer mouse is
to move the cursor from place to place, open an icon, close open an application, and select
a folder, a text file, or drag-and-drop.
CPU
The CPU is the brain of a computer, containing all the
circuitry needed to process input, store data, and output results.
The CPU is constantly following instructions
of computer programs that tell it which data to process and how to process it.
Without a CPU, we could not run programs on a computer.
Computer case
The computer case is the metal and plastic
box that contains the main components of the computer, including the motherboard, central
processing unit (CPU), and power supply.
The desktop computer case helps protect the
components from electrical interference and
physical damage.
Keyboard
A computer keyboard is an input device used to enter
characters and functions into the computer system by pressing buttons, or keys.
The main purpose of a keyboard is to provide
a way for users to interact with the computer
and input information.
Motherboard
The motherboard is a computer's central
communications backbone connectivity point, through which all components and
external peripherals connect. Without it, none of the computer pieces, such as the CPU,
GPU, or hard drive, could interact. Total motherboard functionality is
necessary for a computer to work well.
RAM
RAM stands for random-access memory. RAM is
a temporary
memory bank where your computer stores data it needs to retrieve
quickly.
It is where the data is stored that your
computer processor needs to run your applications
and open your files.
Hard Disk Drive
An HDD is a “non-volatile” storage drive, which means it
can retain the stored data even when no power is supplied to the device.
Your documents, pictures, music, videos,
programs, application preferences, and operating
system represent digital content stored on a
hard drive. Hard drives can be external or internal.
Optical Disk Drive
An optical disk drive (ODD) uses a laser light to read data from or write data to an
optical disc. This allows you to play music or watch movies using
pre-recorded discs. The back end of the optical drive contains a port for a
cable that connects to the motherboard.
Power supply unit
A power supply unit (PSU) is a hardware device
that converts AC (alternating current) electricity into DC electricity and then
distributes it to the rest of the computer. A power supply unit is used to
provide stable electricity.
Advantages of Computer
High Speed: One of the reasons for the improvement in the quality of
life is the personal
computer's speed. The modern computer offers
great speed, helping us to do our tasks within a matter of seconds. They can
handle the most complex calculations with ease and give error-free answers
Accuracy: Humans make errors. Hence, while performing complex
calculations, we check once with the calculator. The fact that computers
are extremely
accurate makes them quite reliable. You will trust the information or
answer that a calculator gives, just due to its accuracy.
Automation: A lot of tasks can be automated saving a lot of time.
For example, instead of
manually calculating some values like the
mean or median of a large dataset, we just use Excel. This saves a lot of time
ensuring 100% accuracy.
Storage: The storage capacity of computers is usually in Gigabytes (GBs)
or more.
Storage devices such as flash drives
and hard disks are a fundamental component of most digital devices since they
allow users to preserve all kinds of information such as videos, documents, pictures,
and raw data.
Ease of Access: Let us say we must search for a book in a
library and we don't know anything except the name of the book. It would be an arduous (difficult) task. But, on a computer,
just type the name of the file, and voila! (there it is) This ease of access provided by
our personal computer contributes towards saving our time and efforts.
Multitasking: Multitasking means working on multiple tasks
simultaneously. Suppose you read an article online and you need to write
down the meanings of the words that are unfamiliar. You can search on Google,
note down the meaning on a Word file, and continue reading the article. This is
one example of multitasking offered by computers.
Better understanding of data: A computer supports a lot of tools
for data analysis and mining. (the process of
sorting through large data sets to identify patterns and relationships) Organizations
make use of the benefit of computers to support data analysis and visualization
helpful for decision making.
Reliability of Computer: The results produced by the computer system
are reliable, but this can only be true when the input data given by the user
is correct and authentic.
Data Security: Today data is wealth, and computers play an
important role in restoring this
wealth. Protecting digital data is the most vital role played by
the computer. The computer protects the data from breaches and helps the user
restore data whenever needed.
Reduces Workload: As any technological invention is made, it helps humans
reduce their
workload, as does the computer. At the same time, the computer's
information is accessed by more than one person without any duplication of
work.
Disadvantages of Computer
1)Virus and Hacking Attacks: As the technologies are developing, some other technologies
try to find loopholes in their working through various means. A virus can go to
the computer systems through email attachments, and through a removable device
like a USB, etc. Further, hacking is also unauthorized access over a computer
for a few illicit purposes.
2)Fake News: Computers enable a wide array of data-sharing options. But,
this becomes a medium for the spread of spurious news. Many cases are there
when fake news is shared among people using messaging apps.
3)Lack of Concentration and Irritation: Multitasking makes our lives easier, but it comes with its
disadvantages. We try to focus on multiple tasks and notifications. This leads
to a decrease in attention span and a lack of concentration on one particular
task. Also, addictive games played on the computer contribute to irritability
when not allowed to play.
4)Health Problems: Prolonged use of computers to work leads to various health
problems. Working for long hours with a computer may affect the sitting posture
of the user and sometimes irritates the eyes.
5)Increases Waste and Impacts the
Environment: As technology advancements are made,
there is also updating made in particular devices. For example, mobile phones
are replaced with their updated latest versions. And with the speed at which
computers and other electronic devices replace older devices, electronic waste
increases which are adversely affecting the environment.
Characteristics of Computer
1)The Diligence of Computer: The Computer is not human, so it is free from tiredness, lack
of concentration, and several other human errors. And due to this feature, it
overpowered human beings on several occasions and performed continuous
operations for a long time without any physical or mental error.
2)The Versatility of Computers: In today's world, versatility is very important, as human
beings have to perform different functions at the same time, and computers have
to perform different types of tasks and operations at the same time with full
accuracy and efficiency. And today Computer is not just a calculating machine
anymore.
3)Automation in Computer: Another important function of a computer is the automation of
tasks or routine with the help of the computer's features, such as launching a
specific application or software, sending an email, scanning for viruses, and
many other maintenance tasks.
4)Storage Capacity of Computer: Computers are used to store vast amounts of data. As the
advancement in technology is increasing, computers increased their storage
capacity compared to earlier times because now computers have to store more
data.
5)Task Completer: The Computer performs those task or operation which is almost
impossible for humans to complete. The computer is a task completer as it
produces an output of any task which is impossible for a human.
6)Reduces Workload: As any technological invention is made, it helps humans reduce
their workload, as does the computer. At the same time, the computer's
information is accessed by more than one person without any duplication of
work.
7)Consistency of Computer: And the Computer is so consistent that it can perform
trillions of processes without errors. It means that a computer can work for 24
hours a day or 365 days continuously. Also, it provides consistent results for
the same set of data. It means that if the same set of data is provided
multiple times, it will give the same result each time.
8)The Memory of Computer: The Computer's memory is one of the most useful features of the
computer system. Computer memory stores a tremendous amount of data and makes
it available when the need arises. Computer memory is built-in memory, and it
has two types Random Access Memory and primary memory.
Generations of Computer
First Generation (1940s-1950s):
1)
Characterized by vacuum tubes and
punched cards.
2)
These computers were very heavy and
large.
3)
They used low-level programming
language and used no OS.
4)
They were too bulky; Punch cards were
used for improving the information for external storage. Magnetic card used.
5)
Examples of the first-generation
computer are IBM 650, IBM 701, ENIAC, UNIVAC1, etc.
Second Generation (1956-1963)
1)
Second-generation computers used the
technology of transistors rather than bulky vacuum tubes.
2)
The programming language was shifted
from low level to high level programming language and made programming
comparatively a simple task for programmers.
3)
Languages used for programming during
this era were FORTRAN (1956), ALGOL (1958), and COBOL (1959).
4)
Examples of the second-generation
computer are PDP-8, IBM1400 series, IBM 7090 and 7094,
UNIVAC
1107, CDC 3600, etc.
Third Generation (1964-1971)
1)
During the third generation, technology
envisaged a shift from huge transistors to integrated circuits, also referred
to as IC.
2)
The value size was reduced and memory
space and dealing efficiency were increased during this generation.
3)
Programming was now wiped-out
Higher-level languages like BASIC (Beginners All-purpose Symbolic Instruction
Code).
4)
Examples of the third-generation
computer are IBM 360, IBM 370, PDP-11, NCR 395, B6500,
UNIVAC
1108, etc.
Fourth Generation Computers (1971-Present)
1)
In 1971 First microprocessors were
used, the large-scale of integration LSI circuits built on one chip called
microprocessors.
2)
Input/output devices used are pointing
devices, optical scanning, keyboard, monitor, printer, etc.
3)
Technologies like multiprocessing,
multiprogramming, time-sharing, operating speed, and virtual memory made it a
more user-friendly and customary device.
4)
Examples of the fourth-generation
computer are IBM PC, STAR 1000, APPLE II, Apple
Macintosh,
Alter 8800, etc.
Fifth generation Computers (Present and Beyond)
1)
Main electronic component based on
artificial intelligence, uses the Ultra Large-Scale Integration (ULSI)
technology and parallel processing method (ULSI has millions of
transistors
on a single microchip and the Parallel processing method use two or more
microprocessors to run tasks simultaneously).
2)
Input /output devices used are Trackpad
(or touchpad), touchscreen, pen, speech input (recognize voice/speech), light
scanner, printer, keyboard, monitor, mouse, etc.
3)
Examples of fifth generation computer
are Desktops, laptops, tablets, smartphones, etc.
Different types of Computers
1) Desktop Computer
A desktop computer is a personal
computing device designed to fit on top of a typical office desk. It houses the
physical hardware that makes a computer run and connects to input devices such
as the monitor, keyboard and mouse users interact with.
2) Micro Computer
A microcomputer is a small, relatively inexpensive computer
having a central processing unit (CPU) made from a microprocessor.[2] The
computer also includes memory and input/output (I/O) circuitry together mounted
on a printed circuit board (PCB)
3) Smart Phone
A
smartphone (or simply a phone) is a portable computer device that combines
mobile telephone functions and personal computing functions into one unit.
4) Mainframe Computer
A mainframe computer, informally called a mainframe or big
iron, is a computer used primarily by large organizations for critical
applications like bulk data processing for tasks such as censuses, industry and
consumer statistics, enterprise resource planning, and large-scale transaction
processing.
5) Analog Computer
An analog computer is a computer which is used to process
analog data. Analog computers store data in a continuous form of physical
quantities and perform calculations with the help of measures.
6) Digital Computer
Digital computer, any of a class of devices capable of solving
problems by processing information in discrete form. It operates on data,
including magnitudes,
letters, and symbols, that are
expressed in binary code—i.e., using only the two digits 0 and 1.
7) Hybrid Computer
Hybrid
computer is a computer intended to provide functions and features in both
analog and digital computers. Developing a combined or hybrid computer model
aims to produce a functional device
that incorporates the most beneficial aspects of both computer systems.
8) Ultrabook
An
Ultrabook is a specific type of ultramobile notebook, defined by Intel.
Ultrabook’s are thin, lightweight and offer longer battery life by utilizing
new low-power CPUs integrated with instant-on capability, all without
compromising performance.
Web Technology:
Web technology refers to the tools,
software, protocols, and languages used to create, manage, and access content
on the internet.
• HTML: HTML (Hyper Text Markup Language) is the standard language
used to create and structure web pages on the internet.
• CSS: CSS (Cascading Style Sheets) is a stylesheet language used to
describe how HTML elements are displayed on a web page.
• JavaScript: JavaScript is a programming language commonly used in web
development to add interactivity, functionality, and dynamic features to
websites.
• HTTP: HTTP (Hypertext Transfer Protocol) is a set of rules that
allows web browsers and servers to communicate with each other.
• URL: A URL (Uniform Resource Locator) is the web address that
specifies the location of a resource on the internet.
• Webpage: A webpage is a single document or file on the internet that
can contain text, images, videos, and other multimedia elements.
• Website: A website is a collection of related webpages that are
typically accessed through a single domain name.
• Web Server: A web server is a computer system or software that stores, processes,
and delivers web content to users over the internet.
• WWW: The World Wide Web (WWW) is a network of interconnected
webpages and digital content accessible over the internet.
• Web Browser: A web browser is a software application that allows users to
access, view, and interact with information on the World Wide Web.
Internet
• The Internet is a
vast global network that connects millions of computers and devices worldwide.
• The internet is like a global library where computers and
devices connect to share information, letting people from anywhere explore,
learn, and communicate with each other easily.
• The internet is a global network of interconnected computer
networks that use the Internet protocol suite (TCP/IP) to communicate with each
other.
• Internet is a vast collection of private, public, business,
academic and government networks that facilitate communication and data
services.
•
The internet enables global
communication, providing access to vast information and resources. It
facilitates online transactions, entertainment, and learning across various
platforms and devices.
• The internet is a gateway to boundless possibilities, shaping
societies, economies, and cultures, while constantly evolving to redefine how
we interact, learn, work, and perceive the world.
Advantages Of Internet:
1)
Information Access:
Provides instant access to a vast amount of information, facilitating research,
learning, and staying updated on various topics.
2)
Communication:
Facilitates easy and quick communication globally through emails, messaging,
video calls, and social media platforms.
3)
Commerce and Business:
Supports e-commerce, allowing businesses to reach a wider audience.
4)
Entertainment:
Provides a wide range of entertainment options like streaming movies, music,
gaming, social media, and creative content.
5)
Convenience:
Enables online shopping, banking, and accessing various services from home,
saving time and effort.
6)
Education: Allows access to
online courses, educational resources, and tutorials, fostering learning
opportunities for students, professionals.
7)
News and Media Consumption:
People rely on the internet for accessing news articles, online publications,
blogs, and multimedia content from around the world.
8)
Social Networking: It
facilitates connections with friends, family, and colleagues through social
networking platforms like Facebook, Twitter, LinkedIn, and Instagram.
9)
Research and Information Gathering: Professionals, students, and individuals use the internet
extensively for research, gathering information, and accessing databases for
various purposes.
10)
Innovation: Serves as a
platform for innovation, fostering the development of new technologies and
solutions across various industries.
Disadvantages Of Internet:
1)
Cybersecurity Risks:
Cybersecurity threats such as hacking, identity theft, malware, phishing, and
data breaches can compromise personal information and privacy.
2)
Misinformation: The
internet can spread false or misleading information quickly, contributing to
misinformation, conspiracy theories, and fake news.
3)
Cyberbullying:
Online platforms can be used for harassment, cyberbullying, and negative
interactions, causing emotional distress and mental health issues.
4)
Addiction and Distraction:
Excessive use of the internet, social media, and online entertainment can lead
to addiction, distraction, and reduced productivity.
5)
Online Scams:
Exposure to various fraudulent schemes and scams online.
6)
Privacy Concerns:
Sharing personal information online can lead to privacy concerns, as data
collected by companies may be used or sold without users' explicit consent.
7)
Impact on Mental Health:
Excessive internet use can contribute to anxiety, depression, and low self-esteem,
especially in vulnerable individuals.
8)
Social Isolation:
Overreliance on online interactions might reduce face-to-face social
interactions, leading to feelings of isolation and social disconnect.
9)
Dependency on Technology:
Overdependence on the internet for daily tasks can result in difficulty
functioning without it during outages or disruptions.
10)
Health Concerns:
Prolonged screen time can lead to health issues such as eye strain, sleep
disturbances, and a sedentary lifestyle.
Architecture Of Cyberspace
The architecture of cyberspace refers to the structure or
design of the interconnected digital world where information, communication,
and online activities take place. In simple words, it's like the blueprint or
layout of the internet and related technologies.
Imagine cyberspace as a vast city. The architecture outlines
how different buildings (websites, servers, devices) are connected through
roads and pathways (networks and communication protocols). There are specific
rules and systems (internet standards and protocols) that govern how traffic
(data) moves between these buildings. Just as a city has different
neighbourhoods, cyberspace has various sections for websites, social media,
emails, and more.
The architecture involves hardware (physical devices like
servers and routers) and software (programs and protocols) working together to
enable the flow of information. Security measures, like gates and locks in a
city, are also part of the architecture to protect against cyber threats.
In essence, the architecture of cyberspace is the organized
structure that allows digital communication and activities to happen smoothly
and securely in the vast virtual world of the internet.
Architecture of cyberspace:
1)
End Systems:
• User Devices: These include computers, smartphones, tablets,
and other devices that individuals use to access cyberspace.
• Servers: Specialized computers that host and serve content,
applications, and services to users. They respond to user requests and facilitate
data storage and processing.
2)
Communication Networks:
•
Internet Backbone: High-capacity,
long-distance communication networks that form the core infrastructure of the
internet. They interconnect major data centers and network hubs globally.
•
Local Area Networks (LANs) and Wide
Area Networks (WANs): Networks that connect devices within a limited geographic
area (LAN) or over a larger geographical area (WAN), such as a city or country.
3)
Protocols and Standards:
• Transmission Control Protocol (TCP) and Internet Protocol (IP):
Fundamental protocols that enable communication between devices on the
internet.
• Hypertext Transfer Protocol (HTTP) and HTTPS: Protocols for
transferring and accessing web content.
• Domain Name System (DNS): Translates human-readable domain
names into IP addresses, facilitating the identification of devices on the
internet.
4)
Data Centres:
•
Centralized Facilities: Large-scale
facilities that house servers, storage systems, and networking equipment. They
store and process massive amounts of data, providing services to end-users.
5)
Cloud Computing:
• Virtualization: Technology that allows the creation of virtual
instances of computing resources, such as servers and storage, enabling
flexibility and scalability.
•
Service Models (IaaS, PaaS, SaaS):
Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software
as a Service (SaaS) models that define the level of control users have over
computing resources.
6)
Software Layers:
• Operating Systems: The software that manages hardware resources
and provides a platform for other software applications.
• Applications and Services: Software programs and services that
users interact with, such as web browsers, email clients, social media
platforms, and online applications.
7)
Cybersecurity Layers:
• Firewalls and Intrusion Detection Systems (IDS): Security
mechanisms that protect networks by monitoring and controlling incoming and
outgoing traffic.
• Encryption: Techniques used to secure data in transit and at
rest, ensuring privacy and confidentiality.
• Authentication and Authorization: Processes that verify the
identity of users and determine their access rights to resources.
8)
Regulatory and Governance Frameworks:
• Laws and Regulations: Legal frameworks that govern online
activities, data protection, and cybersecurity.
• Internet Governance Bodies: Organizations and entities
responsible for coordinating and overseeing the development and maintenance of
internet standards and policies.
Communication and web technology
Communication
and web technology are closely interlinked, as web technology serves as the
foundation for various forms of digital communication. Web technology enables
the creation, transmission and reception of information and message over the
Internet, transforming how individual businesses and organisations communicate.
1)
Email: Email is a
fundamental form of digital communication that relies on web technology. Web
servers and email clients use protocols like SMTP (Simple Mail Transfer
Protocol and IMAP (Internet Message Access Protocol) to send, receive, and
manage email messages. Web-based email services like Gmail operate entirely
within a web technology framework, allowing users to access their emails from
anywhere with an internet connection.
2)
Instant Messaging and Chat:
Instant messaging applications and chat platforms, such as WhatsApp, Facebook
Messenger, and Slack, are web-based and utilize web technology to enable
real-time communication. These platforms operate through web browsers and
dedicated applications that leverage web protocols.
3)
VoIP and Video Calls: Voice
over Internet Protocol (VoIP) and video conferencing services, such as Skype,
Zoom, and Microsoft Teams, rely on web technology for communication. These
services use web-based protocols for audio and video transmission over the
internet.
4)
Social Media:
Social media networks like Facebook, Twitter, and Instagram are built on web
technology. They allow users to share text, images, videos, and links, and
engage in online conversations through web-based interfaces.
5)
Web Conferencing and Webinars: Web conferencing tools like Webex and GoToMeeting, as well as
webinar platforms, enable remote meetings and presentations. These technologies
use web-based communication protocols to facilitate collaboration and
information sharing.
6)
Blogs and Forums:
Blogging platforms and online forums enable users to engage in discussions and
share information. These platforms are web-based and use web technology to
publish and access content.
7)
Social Networking Sites:
platforms like LinkedIn and professional networking sites enable users to
connect with others, share professional information, and communicate with peers
and colleagues using web technology.
8)
News and Media: News
websites, online publications, and multimedia content providers use web
technology to distribute news articles, videos, and multimedia content to a
global audience.
9)
Web Forms and Surveys: Web
forms and survey tools facilitate data collection and feedback gathering
through web-based interfaces.
10)
Online Collaboration:
Collaborative tools, including project management software and document sharing
services, rely on web technology for communication and real-time collaboration
among team members.
WWW
• Stands for the "World Wide Web."
• The World Wide Web (WWW or simply the Web) is a subset of the Internet
consisting of Website and Webpage that are accessible via a Web Browser. It is
also known simply as "the Web."
• The Web was invented by English computer scientist Tim
Berners-Lee while at CERN in 1989 and opened to the public in 1991.
•
The World Wide Web -- also known as the
web, WWW or W3 -- refers to all the public websites or pages that users can
access on their local computers and other devices through the internet. These
pages and documents are interconnected by means of hyperlinks that users click
on for information. This information can be in different formats, including
text, images, audio, and video.
•
Viewing a web page on the World Wide
Web normally begins either by typing the URL (Uniform Resource Locator) of the
page into a web browser or by following a hyperlink to that page or resource.
The web browser then initiates a series of background communication messages to
fetch and display the requested page.
•
Uniform Resource Locator (URL):URL
provide the hypertext links between one document and another. These links can
access a variety of protocols (e.g., FTP) on different machines on your own
machine.
Advent Of Internet
The
advent of the internet marked a revolutionary turning point in the way humanity
communicates, accesses information, conducts business, and interacts with the
world. The origins of the internet can be traced back to various developments
and milestones:
1) Early Concepts
(1960s): The concept of a global network of
computers was envisioned in the early 1960s. J.C.R Licklider, an MIT scientist,
conceived the idea of an “Intergalactic Network” of computers.
2) Arpanet (1969): The Advanced Research Projects Agency Network (ARPANET) was
the first wide- area packet-switched network with distributed control and one
of the first computer networks to implement the TCP/IP protocol suite. Both
technologies became the technical foundation of the Internet. The ARPANET was
established by the Advanced Research Projects Agency (ARPA) of the United
States Department of Defense.
3) Email and File Sharing
(1970s): Ray Tomlinson sent the first
networked email in 1971, using the “@” symbol to allow sending messages between
users on different machines. File Transfer Protocol (FTP) was introduced in
1971 for efficient file sharing. FTP stands for File Transfer Protocol, and it
is used to upload files to your website. Websites are hosted on computers
called servers, so these servers hold the files for your website. When a
visitor to your site visits your website, their computer asks the server for
the files.
4) TCP/IP Protocol
(1970s): The development of the Transmission
Control Protocol (TCP) and Internet Protocol (IP) by Vinton Cerf and Bob Kahn
in the 1970s was a crucial step towards the unification of various networks
into a single global network of networks, forming the basis of the modern
internet.
5) Ethernet and Local
Area Networks (LAN) (1970s): Ethernet,
developed by Robert Metcalfe, allowed multiple computers to communicate on a
local network. This technology laid the foundation for local area networks
(LANs) and facilitated the growth of interconnected networks.
6) DNS (1983): Domain Name System (DNS) is the system that converts website
domain names (hostnames) into numerical values (IP address) so they can be
found and loaded into your web browser. Domain Name System was introduced to
convert human-readable domain names into numerical IP addresses, making it
easier to access websites.
7) World Wide Web
(1991): Tim Berners-Lee, while working at
CERN, proposed the World Wide Web (WWW), introducing HTML (Hyper Text Markup
Language), HTTP (Hyper Text Transfer Protocol), and the first web browser. This
marked the birth of the user-friendly internet we are familiar with today.
8) Commercialization
and Expansion (Mid-1990s): The National
Science Foundation (NSF) lifted restrictions on the commercial use of the
internet, leading to a surge in internet service providers (ISPs) and a rapid
increase in internet in internet usage globally.
9) Dot-Com Bubble
(Late 1990s): The late 1990s saw a massive rise in
internet-based companies, leading to the dot-com bubble, where stock prices of
internet companies soared before dramatically crashing in the early 2000s.
10)
Broadband and High-Speed Internet (2000s): The 2000s saw a widespread rollout of broadband internet,
significantly improving internet speed and enabling new possibilities such as
streaming media and online gaming.
11)
Mobile Internet (2000s onwards): The proliferation of smartphones and mobile devices brought
internet access to a wider audience, revolutionizing communication,
entertainment, and commerce.
12)
Web 2.0 and Social Media (2000s onwards): The advent of Web 2.0, characterized by user-generated content
and interactive web applications, led to the rise of social media platforms
like Facebook, Twitter, YouTube, and others, transforming how people connect
and share information.
Internet Infrastructure for Data Transfer and Governance
The internet’s infrastructure for data transfer and governance
is a complex system of interconnected components and protocols that enable the
transmission, exchange, and management of data globally. It encompasses both
the physical and logical elements that facilitate data movement and the
policies, standards, and organizations that govern its usage.
1)
Physical Infrastructure
2)
Data Transmission Protocols
3)
Open Standards and Protocols
1)
Physical Infrastructure:
The physical
infrastructure of the internet comprises the tangible components that enable
the transmission of data and the functioning of digital communication. These
components include
cables, data centers, network devices,
and other hardware that make up the foundation of the internet. Here are the
key elements of the Physical Infrastructure:
• Submarine Cables: Fiber-optic cables laid on the ocean floor that connect
continents and regions, the primary backbone of international internet
connectivity.
• Terrestrial
Cables: Fiber-optic or copper cables that
traverse land, connecting cities, towns, and regions. These cables form the
backbone of national and regional internet networks.
•
Data Centers:
Facilities that house network servers and other computing equipment. Data
centers are critical for storing, processing, and managing vast amounts of data
and services.
• Network Servers: High-powered computers within data centers that store and
serve data and applications to users across the internet.
•
Switches and Routers:
Network devices that direct data packets to their intended destinations within
a network or across networks. Routers operate at the network layer, making
routing decisions based on IP addresses.
•
Firewalls and Security Appliances: Hardware devices that provide security by monitoring and
controlling incoming and outgoing network traffic, protecting against
unauthorized access and cyber threats.
• Modems and Routers
in Homes and Businesses: Devices used to
connect end- user’s devices (computers, smartphones, IoT devices) to the
internet via wired or wireless connections.
•
Satellite Communication Systems: Ground stations and satellites that facilitate internet
connectivity in remote or geographically challenging areas where traditional infrastructure
is
impractical.
Types Of Physical Infrastructure
a)
Network Backbone:
High-speed, long-distance fiber optic cables and satellite links form the
backbone of the internet, connecting continents and regions.
b)
Internet Service Providers (ISPs): ISPs manage the last-mile connectivity to homes and businesses
through wired (DSL, fiber, cable) and wireless (Wi-Fi, mobile networks)
technologies.
2) Data Transmission
Protocols:
Data transmission protocols are a set
of rules and conventions that govern the format, timing, sequencing, and error
control during the exchange of data between devices over a network. These
protocols ensure that data can be sent
and received accurately and efficiently. Here are some important data
transmission protocols:
•
Transmission Control Protocol (TCP): TCP is a connection-oriented protocol that provides reliable,
ordered, and error- checked delivery of data between devices. It establishes a
connection, maintains flow control, and retransmits lost packets.
•
User Datagram Protocol (UDP):
UDP is a connectionless protocol that offers a faster but less reliable way to
send data. It does not establish a connection and does not guarantee delivery,
making it suitable for real-time applications like video streaming and online
gaming.
•
Internet Protocol (IP): IP is
a network layer protocol responsible for routing packets across a network. IPv4
and I Pv6 are the most common versions of IP. IPv6 has been developed to
address the limitations of IPv4, primarily the limited number of unique
addresses.
•
HyperText Transfer Protocol (HTTP): HTTP is the foundation of data communication on the World Wide
Web. It defines how messages are formatted and transmitted, and how web servers
and browsers should respond to different commands.
•
HyperText Transfer Protocol Secure (HTTPS): HTTPS is the secure version of HTTP, providing encrypted
communication by using Secure Sockets Layer (SSL) or Transport Layer Security
(TLS) protocols.
• File Transfer
Protocol (FTP): FTP is a standard network protocol
used to transfer files from one host to another over a TCP-based network like
the internet.
• SMTP: is used for sending emails between servers. It defines the
message format and how the messages should be relayed between mail servers.
•
POP: Post Office Protocol version 3 (POP3)
and Internet Message Access Protocol (IMAP), POP3 and IMAP are used by email
clients to retrieve messages from a mail server. POP3 usually downloads and
deletes the messages, while IMAP keeps the messages on the server.
3)
Open Standards and Protocols:
Development and adherence to open, consensus-based standards
and protocols by organizations like the Internet Engineering Task Force (IETF)
and World Wide web Consortium (W3C).
Open standards and protocols are universally agreed-upon rules,
conventions, and formats that enable interoperability, compatibility, and
consistency in the functioning of systems, devices, and applications. These
standards are openly available, transparent, and not owned by any
specific
entity, encouraging collaboration and innovation. Here are important open
standards and protocols in the realm of information technology:
•
Internet Protocol Suite (TCP/IP): The foundation of the internet TCP/IP is a suite of protocols
governing communication over networks. It includes protocols like TCP, UDP, IP,
ICMP, and more.
•
HyperText Transfer Protocol (HTTP) and HTTPS: HTTP is the fundamental protocol for transferring data on the
Worldwide. HTTPS is the secure, encrypted version of HTTP, providing secure
communication.
• SMTP: is a standard for email transmission, specifying how emails
are sent received between mail servers.
• File Transfer
Protocol (FTP): FTP is a standard protocol for
transferring files between a client and a server on a network.
• Domain Name System
(DNS): DNS is an essential standard for
translating domain names into IP addresses, making internet resources
accessible using human-readable names.
•
Transport Layer Security (TLS) and Secure Socket Layer (SSL): TLS and SSL are cryptographic protocols that provide secure
communication over a computer network. They are widely used to secure web
browsing, email, and other internet-based applications.
• Simple Network
Management Protocol (SNMP): SNMP is a
standard protocol used for network management and monitoring of devices like
routers, switches, and servers.
Internet Society
The Internet Society is a global nonprofit organization
dedicated to ensuring an open, globally connected, secure, and trustworthy
Internet for everyone. Founded in 1992, it works on various fronts to promote
the development, availability, and accessibility of the Internet, advocating
for policies that support these goals.
The
Internet Society (ISOC) was founded in 1992 by a group of early Internet
pioneers and visionaries. The founding members included individuals like Vint
Cerf and Bob Kahn, who are known for their significant contributions to the
development of the Internet and its underlying protocols. Vint Cerf is often
referred to as one of the "fathers of the Internet" for his work on
TCP/IP protocols, while Bob Kahn co-designed the TCP/IP protocols and the
architecture of the Internet.
Roles and Objectives/Key Aspects
1)
Advocacy: The organization
works to influence policies and standards that promote an open and accessible
Internet, advocating for principles like net neutrality, privacy protection,
and universal access.
2)
Internet Standards and Technology: It plays a crucial role in the development of technical
standards through the Internet Engineering Task Force (IETF) and supports the
deployment of these standards to ensure a stable and interoperable Internet
infrastructure.
3)
Capacity Building and Education: The Internet Society promotes education and training programs
to build the skills and knowledge necessary for people to contribute to and
benefit from the Internet effectively, particularly in underserved communities.
4)
Community Networks and Connectivity: Encouraging the development of community networks and
supporting efforts to expand Internet access in underserved or remote areas to
bridge the digital divide.
5)
Internet Governance:
Participating in discussions and forums on global Internet governance issues,
aiming to ensure that decisions about the Internet's future are made
inclusively and transparently.
6)
Cybersecurity and Trust:
Working to enhance the security and resilience of the Internet by promoting
best practices, raising awareness about cybersecurity threats, and advocating
for measures to build trust in online environments.
Regulation of Cyberspace
Regulation
of cyberspace involves a complex interplay of laws, policies, and agreements at
national, international, and supranational levels. Given the global nature of
the internet and its impact on various aspects of life, there's ongoing debate
and efforts to establish frameworks that address different aspects of
cyberspace.
Here are key areas and approaches
related to the regulation of cyberspace:
1)
Cybersecurity:
Governments worldwide enact laws and regulations to protect critical
infrastructure, personal data, and national security in cyberspace. These laws
often address data protection, incident reporting, and measures against cyber
threats.
2)
Data Privacy and Protection:
Many countries have established regulations (e.g., GDPR in the European Union,
CCPA in California) that govern the collection, processing, and sharing of
personal data online to safeguard individuals' privacy rights.
3)
Intellectual Property Rights:
Laws governing copyrights, patents, trademarks, and digital content
distribution attempt to protect intellectual property rights in cyberspace,
addressing issues like piracy, illegal file sharing, and plagiarism.
4)
Internet Governance:
Various organizations, such as ICANN (Internet Corporation for Assigned Names
and Numbers), oversee domain names and IP address allocations. There's ongoing
debate about who should manage internet governance and how it should be
regulated to ensure a fair, open, and accessible internet for all.
5)
Cybercrime Legislation: Laws
and regulations are designed to combat cybercrimes, including hacking, fraud,
identity theft, and cyberbullying. Many countries have specific legislation
that criminalizes such activities and defines penalties.
6)
Content Regulation:
There are efforts to regulate online content to curb hate speech,
misinformation, and illegal activities on the internet. This includes laws
addressing social media platforms' responsibilities in moderating content and
ensuring a safe online environment.
7)
International Cooperation and Treaties: Nations collaborate through treaties and agreements to
establish norms and rules for responsible behaviour in cyberspace. Examples
include the Budapest Convention on Cybercrime and the Tallinn Manual on the
International Law Applicable to Cyber Warfare.
8)
Net Neutrality:
Policies and regulations aim to maintain a neutral and open internet,
preventing
discrimination by internet service providers in terms of speed, access, or
content delivery.
Regulating
cyberspace is a complex task due to the borderless and rapidly evolving nature
of the internet. Balancing security, privacy, innovation, and free expression
remains a significant challenge in creating effective and globally accepted
regulatory frameworks for the digital world.
Concept of Cybersecurity
Cybersecurity refers to the practice of
protecting computer systems, networks, programs, and data from digital attacks,
unauthorized access, damage, or theft. Its primary goal is to ensure the
confidentiality, integrity, and availability of information and computing
resources. Key concepts within cybersecurity include:
1)
Confidentiality:
Keeping sensitive information private and accessible only to authorized users
or entities. This involves encryption, access controls, and secure
communication protocols to prevent unauthorized access.
2)
Integrity: Ensuring that
data remains accurate, complete, and trustworthy. Protection against
unauthorized alterations, modifications, or corruption of data is critical for
maintaining integrity.
3)
Availability:
Ensuring that systems and information are accessible and usable when needed.
Measures such as redundancy, backups, and robust infrastructure help prevent
and mitigate service disruptions caused by cyber attacks or technical failures.
4)
Authentication and Access Control: Verifying the identity of users and entities attempting to
access systems or data. Strong authentication methods like passwords,
multi-factor authentication, and biometrics help control access and prevent
unauthorized entry.
5)
Vulnerability Management:
Identifying, assessing, and mitigating potential weaknesses or vulnerabilities
in systems and software. Regular updates, patches, and security measures help
protect against known vulnerabilities.
6)
Threat Detection and Prevention: Using tools and technologies to detect and respond to cyber
threats in real-time. This includes intrusion detection systems, firewalls,
antivirus software, and security monitoring to identify and thwart attacks.
7)
Incident Response:
Developing plans and procedures to respond effectively to cybersecurity
incidents when they occur. This involves containing the incident, minimizing
damage, and restoring systems and services to normal operations.
8)
Security Awareness and Training: Educating users and employees about cybersecurity best
practices, potential threats, and their roles in maintaining a secure computing
environment. Human error is often a significant factor in cyber incidents, so
awareness is crucial.
Cybersecurity
is a dynamic field that continually evolves to counter new and sophisticated
threats. It encompasses a range of technologies, processes, practices, and
policies aimed at protecting information and systems from a broad spectrum of
cyber risks in an interconnected and digitized world.
Types of Cybersecurity
1)
Network Security
2)
Endpoint Security
3)
Cloud Security
4)
Application Security
5)
Data Security
6)
Identify And Access Management (IAM)
7)
Incident Response and Disaster Recovery
8)
IoT Security
9)
Network Security: Focuses on securing
the infrastructure and connections between devices and systems. It involves
implementing firewalls, intrusion detection systems (IDS), intrusion prevention
systems (IPS), VPNs (Virtual Private Networks), and other tools to protect
networks from unauthorized access, attacks, and vulnerabilities.
10)
Endpoint Security: Centres on
protecting individual devices (endpoints) like computers, laptops, mobile
devices, and IoT (Internet of Things) devices. Endpoint security involves
antivirus software, anti-malware tools, encryption, and access controls to
safeguard these devices from threats.
11)
Cloud Security: Concentrates on
securing data, applications, and infrastructure hosted in cloud environments.
It involves ensuring proper access controls, data encryption, regular audits,
and compliance with security best practices within cloud services.
12)
Application Security: Involves securing
software and applications throughout the development lifecycle. It includes
practices like secure coding, vulnerability assessments, penetration testing,
and regular updates to prevent exploitation of vulnerabilities in applications.
13)
Data Security: Focuses on protecting
sensitive data from unauthorized access, theft, or corruption. Encryption,
access controls, data masking, tokenization, and data loss prevention (DLP)
technologies are used to secure data at rest, in transit, and during
processing.
14)
Identity and Access Management (IAM):
Manages and controls user access to systems and resources. IAM systems ensure
that only authorized individuals have appropriate access to data and resources,
employing techniques such as multi-factor authentication, least privilege
access, and identity governance.
15)
Incident Response and Disaster
Recovery: Involves preparing for and responding to cybersecurity incidents. It
includes developing plans, procedures, and teams to detect, contain, mitigate,
and recover from security breaches or cyber-attacks. Disaster recovery plans
ensure business continuity after incidents.
16)
IoT Security: Focuses on securing the
interconnected devices and systems in the Internet of Things ecosystem. IoT
security addresses vulnerabilities in smart devices, sensors, and networks to
prevent unauthorized access and potential exploitation.
Issues of Cybersecurity
1)
Data Breaches:
Unauthorized access or theft of sensitive information from organizations,
leading to the exposure of personal data, financial information, or
intellectual property.
2)
Malware and Ransomware:
Malicious software designed to disrupt, damage, or gain unauthorized access to
computer systems. Ransomware specifically encrypts files or systems, demanding
payment for decryption.
3)
Phishing Attacks:
Deceptive attempts to acquire sensitive information (such as usernames,
passwords, or financial details) by posing as a trustworthy entity through
emails, messages, or websites.
4)
Weak Authentication and Access Control: Inadequate or poorly implemented systems for user
authentication, including weak passwords, lack of two-factor authentication,
and improper access controls, which can lead to unauthorized access.
5)
IoT (Internet of Things) Vulnerabilities: Devices connected to the internet, such as smart home
appliances, wearables, and industrial systems, may have security
vulnerabilities that can be exploited to gain access to networks or compromise
user privacy.
6)
Insider Threats:
Employees, contractors, or associates within an organization intentionally or
unintentionally causing security breaches, whether through malicious actions or
negligence.
7)
Lack of Security Updates and Patch Management: Failure to regularly update software and systems leaves them
vulnerable to known exploits and vulnerabilities.
8)
Supply Chain Attacks:
Cyberattacks targeting vulnerabilities in the supply chain, aiming to
compromise software, hardware, or services that organizations rely on.
9)
Regulatory and Compliance Challenges: Adhering to various cybersecurity regulations and compliance
standards, which vary across industries and regions, can be challenging for
organizations.
10)
Cybersecurity Skills Shortage:
There is a shortage of skilled cybersecurity professionals, making it difficult
for organizations to find and retain talent to protect against evolving
threats.
11)
Emerging Technologies and Threats: Rapid advancements in technologies like AI, machine learning,
and quantum computing bring new security challenges as cyber threats evolve
alongside these innovations.
Challenges of Cybersecurity
1)
Sophisticated Cyber Threats:
The rapid evolution of cyber threats, including malware, ransomware, phishing
attacks, and advanced persistent threats (APTs), poses significant challenges
for cybersecurity professionals. Cybercriminals continuously develop more
sophisticated and harder-to-detect attack methods.
2)
Shortage of Skilled Professionals: There's a global shortage of cybersecurity experts and
professionals. The demand for skilled individuals who can combat cyber threats
surpasses the available workforce, creating a significant skills gap in the
industry.
3)
Complexity of IT Environments:
Increasingly complex IT infrastructures, including hybrid cloud environments,
IoT devices, interconnected systems, and diverse networks, make it challenging
to implement consistent and comprehensive security measures across all
components.
4)
Vulnerabilities in Software and Systems: The discovery of software vulnerabilities and weaknesses,
especially in widely used applications and systems, poses a continuous
challenge. Patching and securing these vulnerabilities before exploitation by
threat actors are critical yet demanding tasks.
5)
Lack of Security Awareness:
Human error remains a major contributor to cybersecurity incidents. A lack of
awareness among employees and individuals about cybersecurity best practices,
including phishing awareness and proper password management, can lead to
vulnerabilities.
6)
Regulatory Compliance:
Meeting the requirements of various cybersecurity regulations and standards
(such as GDPR, HIPAA, or PCI DSS) is challenging for organizations. Compliance
often demands substantial resources and effort to ensure adherence to specific
security measures and protocols.
7)
Privacy Concerns:
Safeguarding user privacy while collecting, storing, and processing data is a
persistent challenge. Balancing the need for data collection with privacy
regulations and ethical considerations presents a complex dilemma.
8)
Supply Chain Risks:
Dependencies on third-party vendors, suppliers, and interconnected supply
chains create vulnerabilities. Cyber-attacks targeting supply chains can have
far-reaching consequences and require robust security measures across the
entire ecosystem.
9)
Rapidly Changing Technology:
The pace of technological advancement outstrips security measures. New
technologies like AI, IoT, cloud computing, and quantum computing introduce
novel attack surfaces that demand proactive security measures to protect
against emerging threats.
10)
Critical Infrastructure Vulnerabilities: The cybersecurity of critical infrastructure sectors (energy,
healthcare, transportation, etc.) is a growing concern. Attacks targeting these
sectors could have severe societal and economic impacts.
