Authentication

Summary

Materials

• Day 8 PowerPoint deck
• Official Trailer: Hackers (1995)
• 2FA: Two Factor Authentication in 1 minute - For Kids and Parents
• Protect Your Computer from Malware | Federal Trade Commission
• One-Pager Brainstorm-Planning Sheet
• Cybersecurity Tip Sheets

Instructional Activities and Classroom Assessments

1. Encryption and Authentication Discussion (10 minutes)
2. Authentication Measures (5 minutes)
3. Hazards to Your PII and Computing Devices (5 minutes)
4. Protecting Your Computer (5 minutes)
5. Group Activity (25 minutes)
6. Homework

Learning Objectives

Computational Thinking Practice 5.E.

• IOC-2.B Explain how computing resources can be protected and can be misused.
• IOC-2.C Explain how unauthorized access to computing resources is gained.

Essential Knowledge

• IOC-2.B.1
• IOC-2.B.2
• IOC-2.B.3
• IOC-2.B.4
• IOC-2.B.5 Encryption is the process of encoding data to prevent unauthorized access. Decryption is the process of decoding the data. Two common encryption approaches are:
  • Symmetric key encryption involves one key for both encryption and decryption.
  • Public key encryption pairs a public key for encryption and a private key for decryption. The sender does not need the receiver's private key to encrypt a message, but the receiver's private key is required to decrypt the message.
• IOC-2.B.6 Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications and are based on a trust model.
• IOC-2.B.7 Computer virus and malware scanning software can help protect a computing system against infection.
• IOC-2.B.8 A computer virus is a malicious program that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer.
• IOC-2.B.9 Malware is a software intended to damage a computing system or to take partial control over its operation.
• IOC-2.B.10 All real-world systems have errors or design flaw that can be exploited to compromise them. Regular software updates help fix errors that could compromise a computing system.
• IOC-2.B.11 Users can control the permissions programs have for collecting user information. Users should review the permission settings of programs to protect their privacy.
• IOC-2.C.1 Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails.
• IOC-2.C.2 Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.
• IOC-2.C.3 Data sent over public networks can be intercepted, analyzed, and modified. One way that this can happen is through a rogue access point.
• IOC-2.C.4 A rogue access point is a wireless access point that gives unauthorized access to secure networks.
• IOC-2.C.5 A malicious link can be disguised on a web page or in an email message.
• IOC-2.C.6 Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whos security has been compromised.
• IOC-2.C.7 Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.

Details

1. Encryption discussion (10 minutes)

• Break students into groups of 4-5.
• Ask them to discuss the questions regarding the pages they read from Chapter 5 last night.
• When students have finished discussing their answers, ask groups to share their answers to ensure everyone has the correct response.

2. Authentication measures (5 minutes)

• Define authentication
• Explain three factors of authentication
• Explain multi-factor authentication

3. Hazards to your PII and computing devices (5 minutes)

• Explain what a hacker is:
  • Play the Hackers film trailer (you do not have to play the entire video).
• Explain how computing devices can be misused:
  • Malware
  • Computer viruses
  • Spyware
  • Worms
  • Trojan horses
  • Phishing schemes
  • Rogue access points

4. Protecting your computer (5 minutes)

• Play the Protect Your Computer from Malware | Federal Trade Commission video.
• Discuss any questions students have.

5. Group activity (25 minutes)

• Organize students in pairs.
• You can use the Group Generator program to randomly sort students.
• Task them with creating a one-page visual that teaches others about protecting their PII and their computers from hackers.
• Explain that this is a mini-project that they should be able to complete in class, but if they need to, they can complete it for homework tonight. They will include:
  • Authentication measures.
  • Ways to protect their computer from viruses and malware.
• Students can use any program they want to create their one-pager.
• Encourage them to make it attractive and eye-catching.
• Show them a sample of a visual teaching children how to stay safe when talking to people online.
• Explain that the sample does not cover the topics of their one-pager, but it demonstrates one way they could present their information.
• Emphasize that their one-pager should answer the following questions:
  • What are authentication measures?
  • Why are they important?
  • Why is two-factor authentication recommended?
  • How can you protect your computer from viruses and malware?
  • What is a phishing scheme?
  • How do you avoid them?
• Encourage them to use the One-Pager Brainstorm-Planning Sheet to guide their work.
• Collect their finished products by the end of the class, or allow them to finish the one-pager for homework.

6. Homework

• If student groups do not finish their one-page visual, they need to finish it for homework.