Know and understand other authentication methods including zero login, biometric methods, magnetic stripes, smart cards, physical tokens, electronic tokens
1 Types of Computer Systems, Hardware & Software
1.1 Computer System Classifications
- Personal computers (PCs) – desktop or laptop used by individuals.
- Servers – provide services (files, email, web) to other computers on a network.
- Embedded / micro‑processor‑controlled devices – specialised computers built into appliances, vehicles, medical equipment, etc.
- Super‑computers – high‑performance machines for scientific modelling and large‑scale data processing.
1.2 Hardware vs. Software
| Hardware | Software |
|---|---|
| Physical components that can be touched – CPU, RAM, storage media, motherboard, input‑output devices. | Intangible instructions that tell the hardware what to do – operating systems, application programmes, utility software. |
1.3 Core Hardware Components
- CPU (Central Processing Unit) – executes instructions; contains an arithmetic‑logic unit (ALU) and control unit.
- Memory
- RAM (Random‑Access Memory) – volatile, fast, stores data/programs while in use.
- ROM (Read‑Only Memory) – non‑volatile, stores firmware such as BIOS.
- Storage
- Magnetic (hard‑disk drives – HDD)
- Optical (CD, DVD, Blu‑ray)
- Solid‑state (SSD, flash drives)
- Motherboard & Bus architecture – connects CPU, memory, storage and peripherals.
1.4 Input & Output Devices
| Input Device | Typical Use | Output Device | Typical Use |
|---|---|---|---|
| Keyboard | Text entry, commands | Monitor | Display graphics, text |
| Mouse / Touchpad | Point‑and‑click navigation | Printer | Hard copy of documents, images |
| Scanner | Digitise paper documents | Speakers / Headphones | Audio output |
| Microphone | Voice input, recordings | Projector | Large‑format visual display |
1.5 Storage Media Comparison
| Media | Capacity (typical) | Speed | Durability | Typical Use |
|---|---|---|---|---|
| Magnetic HDD | 500 GB – 10 TB | 80‑200 MB/s | Sensitive to shock, magnetic fields | Desktop / laptop primary storage |
| SSD (Flash) | 128 GB – 4 TB | 300‑3500 MB/s | No moving parts, very robust | High‑performance laptops, servers |
| Optical (DVD‑R) | 4.7 GB (single‑layer) | ~10 MB/s | Resistant to magnetic fields, can degrade over years | Software distribution, backups |
| USB Flash Drive | 8 GB – 256 GB | 50‑500 MB/s | Portable, easy to lose | Data transfer, temporary storage |
2 Networks and the Effects of Using Them
2.1 Network Hardware & Concepts (Existing)
| Device / Concept | Purpose in a Network | Key Advantages | Key Disadvantages |
|---|---|---|---|
| Network Interface Card (NIC) | Provides a physical connection (wired or wireless) between a computer and the network. | Enables data transmission; built‑in to most devices. | Limited to the speed of the port (e.g., 1 Gbps). |
| Hub | Repeats incoming signals to all ports (OSI Layer 1). | Very cheap; easy to set up. | Creates collisions; no traffic management. |
| Switch | Forwards frames only to the intended port (OSI Layer 2). | Reduces collisions; supports full‑duplex. | More expensive than hubs. |
| Router | Connects different networks and routes IP packets (OSI Layer 3). | Enables internet access; can provide NAT, firewall, DHCP. | Configuration can be complex. |
| Bridge | Links two LAN segments and filters traffic based on MAC addresses. | Improves performance by reducing collisions. | Superseded by switches in most modern networks. |
| Wi‑Fi (WLAN) | Wireless LAN using radio waves (IEEE 802.11). | Mobility; easy to add devices. | Signal interference; lower security if not configured. |
| Bluetooth | Short‑range wireless technology for peripherals and small‑data transfers. | Low power; built into many devices. | Limited range and bandwidth. |
| LAN, WLAN, WAN | LAN – local area network (single site). WLAN – wireless LAN. WAN – wide area network (covers cities, countries, or the globe). | LAN/WLAN: high speed, low latency. WAN: connects remote sites. | WAN: higher latency, higher cost. |
| Intranet / Extranet / Internet | Intranet – private network for an organisation. Extranet – controlled access to part of an intranet for external users. Internet – global public network. | Intranet: secure internal communication. Extranet: collaboration with partners. Internet: vast resources. | Intranet/Extranet: need robust security. Internet: exposure to threats. |
| Cloud Computing | Delivery of IT services (storage, processing, applications) over the internet. | Scalable; reduces need for on‑site hardware. | Depends on internet connectivity; data stored off‑site raises privacy concerns. |
2.2 Network Topologies & Basic IP Concepts
- Topologies
- Star – all devices connect to a central switch or hub (most common in schools).
- Bus – devices share a single cable; rare today.
- Ring – each device connects to two neighbours; used in some fibre networks.
- Mesh – multiple redundant paths; provides high reliability for critical links.
- IPv4 Addressing
- Four octets separated by dots (e.g.,
192.168.1.10). - Subnet mask determines the network portion (e.g.,
255.255.255.0). - DHCP can assign addresses automatically.
- Four octets separated by dots (e.g.,
- Simple Subnetting Example
Network
192.168.10.0/24(mask255.255.255.0) provides 254 usable host addresses (192.168.10.1–192.168.10.254). Splitting into two sub‑nets using/25gives two networks:192.168.10.0/25(hosts .1‑.126) and192.168.10.128/25(hosts .129‑.254).
2.3 Effects of Using a Network
- Bandwidth – maximum amount of data that can travel per second; limited by the slowest link.
- Latency – delay between sending a request and receiving a response; higher on long‑distance WANs.
- Data‑transfer costs – ISPs may charge per GB for large uploads/downloads; organisations must budget for usage.
- Security implications – more devices mean a larger attack surface; firewalls, encryption and authentication are essential.
2.4 Password Good Practice
- Length & complexity: minimum 8 characters; mix upper‑case, lower‑case, numbers, symbols.
- Change frequency: every 3–6 months or immediately after a suspected breach.
- Uniqueness: never reuse the same password on different services.
- Storage: avoid writing in plain view; use a reputable password manager.
- Multi‑factor authentication (MFA): combine something you know (password) with something you have (token) or something you are (biometrics).
2.5 Anti‑Malware & Security Software
- Real‑time scanning for viruses, spyware, ransomware.
- Automatic definition updates.
- Firewalls (software or hardware) to filter traffic.
- Safe‑browsing settings and email filtering to block phishing.
- Scheduled full system scans and periodic security audits.
2.6 E‑Conferencing (Audio/Video/Web)
- Hardware needed: webcam, microphone, speakers/headphones, stable internet.
- Common platforms: Zoom, Microsoft Teams, Google Meet, Cisco Webex.
- Security considerations:
- Password‑protected meetings or unique meeting IDs.
- Waiting rooms or host‑only entry.
- Prefer services offering end‑to‑end encryption.
- Etiquette: mute when not speaking, use virtual backgrounds if required, respect time zones.
3 Authentication Methods (Beyond Passwords)
| Method | Description | Advantages | Disadvantages | Typical Use |
|---|---|---|---|---|
| Zero‑Login (Password‑less) | Access granted after an initial trusted enrolment using device‑based certificates, TPMs or biometric enrolment. |
|
| Enterprise SSO, cloud services (e.g., Windows Hello, Apple Sign‑in with Apple ID) |
| Biometric Methods | Verification of physiological (fingerprint, iris, facial) or behavioural (voice, keystroke dynamics, gait) traits. |
|
| Smartphones, secure facilities, time‑and‑attendance systems |
| Magnetic Stripe Cards | Plastic cards with a magnetic stripe that stores data read by a swipe reader. |
|
| Public‑transport tickets, basic building access |
| Smart Cards | Cards with an embedded microprocessor that can store and process data securely; contact or contactless. |
|
| Corporate ID badges, e‑government services, payment cards |
| Physical Tokens (Hardware Tokens) | Small devices that generate a one‑time password (OTP) using a secret key and a time‑ or counter‑based algorithm (e.g., RSA SecurID). |
|
| Banking, VPN access, corporate remote login |
| Electronic Tokens (Software Tokens) | Apps or mobile programmes that generate OTPs (TOTP/HOTP) or send push‑notification approvals (e.g., Google Authenticator, Microsoft Authenticator). |
|
| Cloud services, email accounts, social‑media platforms |
3.1 How Token‑Based OTPs Work (TOTP)
The Time‑Based One‑Time Password algorithm (RFC 6238) is:
TOTP = Truncate( HMAC‑SHA1( K , T ) )
- K – shared secret key stored on both token and authentication server.
- T – current time step (e.g., number of 30‑second intervals since the Unix epoch).
- The result is a 6‑ or 8‑digit code that is valid for a short period (usually 30 seconds).
3.2 Choosing the Right Authentication Method
- Security level required – high‑value transactions usually need MFA (token + biometric or smart card).
- Cost & scalability – magnetic stripe cards are cheap but less secure; smart cards and tokens involve higher upfront costs.
- User convenience – zero‑login and biometrics score highest on usability.
- Infrastructure compatibility – ensure readers, servers and software support the chosen method.
- Legal / regulatory compliance – PCI‑DSS, GDPR, or local data‑protection laws may dictate encryption strength or data‑retention policies.
4 Health & Societal Impact of Using IT
4.1 Physical Health Effects
- Repetitive‑strain injury (RSI) – prolonged keyboard/mouse use; mitigate with regular breaks and ergonomic peripherals.
- Eye strain – follow the 20‑20‑20 rule (every 20 minutes look at something 20 ft away for 20 seconds) and adjust screen brightness.
- Poor posture – use adjustable chairs, monitor stands and footrests.
4.2 Micro‑Processor‑Controlled Devices
Devices such as smart‑home locks, wearable health monitors and connected vehicles improve convenience and safety but introduce new security and privacy considerations. Proper configuration, regular firmware updates and awareness of data‑sharing settings are essential.
4.3 Social & Ethical Overview (concise)
IT can widen opportunities (e‑learning, tele‑medicine) but also creates a digital divide for those lacking access. The use of biometric data and location tracking raises privacy concerns; organisations must follow data‑protection legislation and adopt transparent policies.
5 ICT Applications (Cambridge Syllabus Alignment)
| Application Area | Typical Use & Example |
|---|---|
| Communication | Email, instant messaging, video‑conferencing (e.g., Zoom, Teams). |
| Modelling & Simulation | CAD for engineering design; physics or climate simulations. |
| School Management Systems | Student records, timetabling, online grading (Moodle, PowerSchool). |
| Banking & Financial Services | ATMs, online banking – use PINs, smart‑cards, token authentication. |
| Computer‑Controlled Systems | Industrial PLCs, home automation (smart lights, locks), robotics. |
| Booking Systems | Online ticket/reservation platforms for travel, cinema, sports events. |
| Medicine & Healthcare | Electronic health records, tele‑consultations, wearable monitoring devices. |
| Expert Systems | Decision‑support tools such as medical diagnosis assistants or fault‑diagnosis in engineering. |
| Retail & E‑commerce | Online stores, point‑of‑sale terminals – rely on secure payment gateways. |
| Recognition Systems | Facial‑recognition entry, voice‑activated assistants, fingerprint scanners. |
| Satellite & GPS | Navigation, weather forecasting, remote sensing for agriculture. |
6 Systems Life‑Cycle (SLDC)
6.1 Key Stages
- Analyse – identify user needs, constraints and feasibility.
- Design – create logical & physical designs, data models, UI mock‑ups.
- Development – write code, configure hardware, integrate components.
- Testing – verify functionality, performance, security; fix defects.
- Implementation – install, train users, roll‑out the system.
- Maintenance – monitor, update, troubleshoot and improve over time.