Know and understand privacy and confidentiality of data transfer

Networks and the Effects of Using Them

Objective

Know and understand privacy and confidentiality of data transfer.

1. Introduction

When data is sent over a network it can be exposed to unauthorised access. Protecting the privacy (who can see the data) and confidentiality (ensuring only the intended recipient can read it) is essential for individuals, businesses and organisations.

2. Key Concepts

• Privacy – the right of individuals to control who accesses their personal information.
• Confidentiality – the assurance that data is only readable by authorised parties.
• Encryption – converting plain‑text data into ciphertext using an algorithm and a key.
• Authentication – verifying the identity of a user or device before granting access.
• Secure Protocols – communication standards that incorporate encryption (e.g., HTTPS, FTPS, SSH, VPN).
• Firewalls & Intrusion Detection Systems (IDS) – hardware or software that monitors and controls network traffic.

3. Risks to Privacy and Confidentiality

1. **Eavesdropping** – unauthorised interception of data as it travels across a network.
2. **Man‑in‑the‑Middle (MitM) attacks** – attacker intercepts and possibly alters communication between two parties.
3. **Data Breaches** – unauthorised access to stored data, often due to weak passwords or unencrypted storage.
4. **Sniffing tools** – software that captures packets on a network, revealing unencrypted information.

4. Measures to Protect Data Transfer

4.1 Encryption Types

Encryption Type	Key Length (Typical)	Use Cases	Strengths
Symmetric (e.g., AES)	128, 192, 256 bits	File encryption, VPN tunnels	Fast, efficient for large data
Asymmetric (e.g., RSA)	1024–4096 bits	Secure key exchange, digital signatures	Provides authentication, no need to share secret key
Hash Functions (e.g., SHA‑256)	256 bits output	Password storage, data integrity checks	One‑way, cannot be reversed

4.2 Secure Communication Protocols

• HTTPS – HTTP over TLS/SSL for web traffic.
• FTPS / SFTP – Secure file transfer.
• SSH – Secure remote login.
• VPN (IPsec, SSL‑VPN) – Creates an encrypted tunnel over public networks.

4.3 Authentication & Access Controls

• Strong passwords & regular changes.
• Two‑factor authentication (2FA).
• Role‑based access control (RBAC) – users receive permissions based on job function.

4.4 Policies and Best Practices

• Data classification – label data as public, internal, confidential, or restricted.
• Acceptable Use Policy – defines permissible network activities.
• Regular security audits and vulnerability scanning.
• Employee training on phishing and safe handling of data.

5. Legal and Ethical Considerations

Many countries have legislation that protects personal data (e.g., GDPR, Data Protection Act). Breaches can lead to legal penalties, loss of reputation and financial loss. Ethical handling of data includes obtaining consent, limiting data collection to what is necessary, and ensuring secure disposal.

6. Summary Checklist

1. Identify the type of data being transferred.
2. Determine the appropriate level of confidentiality.
3. Select a suitable encryption method and key length.
4. Use a secure protocol (HTTPS, SSH, VPN, etc.).
5. Implement strong authentication and access controls.
6. Apply relevant legal and organisational policies.

7. Suggested Classroom Activities

• Demonstrate packet sniffing with a tool like Wireshark on an unencrypted network and then repeat using HTTPS.
• Set up a simple \cdot PN between two computers and compare latency with a direct connection.
• Create a short case study where students evaluate a data breach and propose preventive measures.

8. Suggested Diagram