ICT 0417 – Networks: Privacy and Confidentiality of Data Transfer
Networks and the Effects of Using Them
Objective
Know and understand privacy and confidentiality of data transfer.
1. Introduction
When data is sent over a network it can be exposed to unauthorised access. Protecting the privacy (who can see the data) and confidentiality (ensuring only the intended recipient can read it) is essential for individuals, businesses and organisations.
2. Key Concepts
Privacy – the right of individuals to control who accesses their personal information.
Confidentiality – the assurance that data is only readable by authorised parties.
Encryption – converting plain‑text data into ciphertext using an algorithm and a key.
Authentication – verifying the identity of a user or device before granting access.
Secure Protocols – communication standards that incorporate encryption (e.g., HTTPS, FTPS, SSH, VPN).
Firewalls & Intrusion Detection Systems (IDS) – hardware or software that monitors and controls network traffic.
3. Risks to Privacy and Confidentiality
Eavesdropping – unauthorised interception of data as it travels across a network.
Man‑in‑the‑Middle (MitM) attacks – attacker intercepts and possibly alters communication between two parties.
Data Breaches – unauthorised access to stored data, often due to weak passwords or unencrypted storage.
Sniffing tools – software that captures packets on a network, revealing unencrypted information.
4. Measures to Protect Data Transfer
4.1 Encryption Types
Encryption Type
Key Length (Typical)
Use Cases
Strengths
Symmetric (e.g., AES)
128, 192, 256 bits
File encryption, VPN tunnels
Fast, efficient for large data
Asymmetric (e.g., RSA)
1024–4096 bits
Secure key exchange, digital signatures
Provides authentication, no need to share secret key
Hash Functions (e.g., SHA‑256)
256 bits output
Password storage, data integrity checks
One‑way, cannot be reversed
4.2 Secure Communication Protocols
HTTPS – HTTP over TLS/SSL for web traffic.
FTPS / SFTP – Secure file transfer.
SSH – Secure remote login.
VPN (IPsec, SSL‑VPN) – Creates an encrypted tunnel over public networks.
4.3 Authentication & Access Controls
Strong passwords & regular changes.
Two‑factor authentication (2FA).
Role‑based access control (RBAC) – users receive permissions based on job function.
4.4 Policies and Best Practices
Data classification – label data as public, internal, confidential, or restricted.
Acceptable Use Policy – defines permissible network activities.
Regular security audits and vulnerability scanning.
Employee training on phishing and safe handling of data.
5. Legal and Ethical Considerations
Many countries have legislation that protects personal data (e.g., GDPR, Data Protection Act). Breaches can lead to legal penalties, loss of reputation and financial loss. Ethical handling of data includes obtaining consent, limiting data collection to what is necessary, and ensuring secure disposal.
6. Summary Checklist
Identify the type of data being transferred.
Determine the appropriate level of confidentiality.
Select a suitable encryption method and key length.
Use a secure protocol (HTTPS, SSH, VPN, etc.).
Implement strong authentication and access controls.
Apply relevant legal and organisational policies.
7. Suggested Classroom Activities
Demonstrate packet sniffing with a tool like Wireshark on an unencrypted network and then repeat using HTTPS.
Set up a simple \cdot PN between two computers and compare latency with a direct connection.
Create a short case study where students evaluate a data breach and propose preventive measures.
8. Suggested Diagram
Suggested diagram: Flow of encrypted data from a client to a server via a \cdot PN tunnel, showing where authentication, encryption, and firewalls operate.