6.5 Security Methods | Impacts Of Computing | Computer Science 12

Security methods are techniques and tools used to protect computing systems, networks, and data from unauthorized access, misuse, or damage. Choosing the right security method always involves a tradeoff between security and usability — stronger security often means more steps for the user, higher cost, or reduced convenience.

1. Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) requires a user to provide two or more verification factors from different categories before gaining access:

Factor Category	Example
Something you know	Password, PIN
Something you have	OTP via SMS, hardware token
Something you are	Fingerprint, face scan

Tradeoff: MFA greatly increases security but adds extra steps, which can frustrate users and slow down access.

2. Biometric Authentication

Biometric Authentication verifies identity using an individual's unique biological characteristics:

Fingerprint scanning
Facial recognition
Iris / retina scanning
Voice recognition

Tradeoff: Highly convenient (no password to remember) and difficult to forge, but raises privacy concerns — biometric data cannot be changed if compromised, unlike a password.

3. Encryption

Encryption converts readable plaintext into unreadable ciphertext using an algorithm and a key. Only a party with the correct decryption key can read the data.

Symmetric Encryption

Uses a single shared key for both encryption and decryption.
Fast and efficient for large data.
Risk: The key must be shared securely between parties.
Example: AES (Advanced Encryption Standard)

Asymmetric Encryption

Uses a key pair: a Public Key (shared openly) and a Private Key (kept secret).
The sender encrypts with the recipient's Public Key; only the recipient's Private Key can decrypt.
Slower than symmetric but solves the key-sharing problem.
Example: RSA

Tradeoff: Strong encryption protects confidentiality but increases processing overhead and can slow down systems.

4. Firewall

A Firewall is a network security system (hardware or software) that monitors and filters incoming and outgoing network traffic based on predefined security rules. It acts as a barrier between a trusted internal network (e.g., a company LAN) and an untrusted external network (e.g., the Internet).

Packet filtering firewalls inspect individual packets.
Stateful firewalls track active connections.
Application-layer firewalls inspect content at the application level.

Tradeoff: Firewalls improve security but can block legitimate traffic, require configuration expertise, and may introduce latency.

5. Digital Signatures

A Digital Signature is a cryptographic mechanism that provides:

Authentication — confirms the sender's identity.
Integrity — ensures the message has not been altered.
Non-repudiation — the sender cannot deny sending the message.

How it works: The sender encrypts a hash of the message with their Private Key. The recipient decrypts it with the sender's Public Key and compares hashes.

Tradeoff: Digital signatures add overhead to communication but are essential for legal and financial documents.

6. Usability vs. Security Tradeoffs

Every security measure involves tradeoffs across multiple factors:

Factor	Consideration
Efficiency	Does the method slow down normal operations?
Cost	Is the hardware/software affordable?
Privacy	Does it collect sensitive personal data (e.g., biometrics)?
Ethics	Is it fair and non-discriminatory?

Example: A hospital may choose MFA over a simple password for patient records because the security benefit outweighs the slight inconvenience, given the sensitivity of the data.

Summary Table

Security Method	Primary Purpose	Key Tradeoff
MFA	Prevent unauthorized login	Convenience vs. security
Biometric Auth	Identity verification	Privacy vs. ease of use
Symmetric Encryption	Fast data confidentiality	Key distribution risk
Asymmetric Encryption	Secure key exchange	Speed vs. security
Firewall	Network access control	Blocking legitimate traffic
Digital Signature	Authentication & integrity	Processing overhead

1. Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) requires a user to provide two or more verification factors from different categories before gaining access:

Factor Category	Example
Something you know	Password, PIN
Something you have	OTP via SMS, hardware token
Something you are	Fingerprint, face scan

Tradeoff: MFA greatly increases security but adds extra steps, which can frustrate users and slow down access.

2. Biometric Authentication

Biometric Authentication verifies identity using an individual's unique biological characteristics:

Fingerprint scanning
Facial recognition
Iris / retina scanning
Voice recognition

Tradeoff: Highly convenient (no password to remember) and difficult to forge, but raises privacy concerns — biometric data cannot be changed if compromised, unlike a password.

3. Encryption

Encryption converts readable plaintext into unreadable ciphertext using an algorithm and a key. Only a party with the correct decryption key can read the data.

Symmetric Encryption

Uses a single shared key for both encryption and decryption.
Fast and efficient for large data.
Risk: The key must be shared securely between parties.
Example: AES (Advanced Encryption Standard)

Asymmetric Encryption

Uses a key pair: a Public Key (shared openly) and a Private Key (kept secret).
The sender encrypts with the recipient's Public Key; only the recipient's Private Key can decrypt.
Slower than symmetric but solves the key-sharing problem.
Example: RSA

Tradeoff: Strong encryption protects confidentiality but increases processing overhead and can slow down systems.

4. Firewall

Packet filtering firewalls inspect individual packets.
Stateful firewalls track active connections.
Application-layer firewalls inspect content at the application level.

Tradeoff: Firewalls improve security but can block legitimate traffic, require configuration expertise, and may introduce latency.

5. Digital Signatures

A Digital Signature is a cryptographic mechanism that provides:

Authentication — confirms the sender's identity.
Integrity — ensures the message has not been altered.
Non-repudiation — the sender cannot deny sending the message.

How it works: The sender encrypts a hash of the message with their Private Key. The recipient decrypts it with the sender's Public Key and compares hashes.

Tradeoff: Digital signatures add overhead to communication but are essential for legal and financial documents.

6. Usability vs. Security Tradeoffs

Every security measure involves tradeoffs across multiple factors:

Factor	Consideration
Efficiency	Does the method slow down normal operations?
Cost	Is the hardware/software affordable?
Privacy	Does it collect sensitive personal data (e.g., biometrics)?
Ethics	Is it fair and non-discriminatory?

Example: A hospital may choose MFA over a simple password for patient records because the security benefit outweighs the slight inconvenience, given the sensitivity of the data.

Summary Table

Security Method	Primary Purpose	Key Tradeoff
MFA	Prevent unauthorized login	Convenience vs. security
Biometric Auth	Identity verification	Privacy vs. ease of use
Symmetric Encryption	Fast data confidentiality	Key distribution risk
Asymmetric Encryption	Secure key exchange	Speed vs. security
Firewall	Network access control	Blocking legitimate traffic
Digital Signature	Authentication & integrity	Processing overhead