| Date | May 2018 | Marks available | 2 | Reference code | 18M.1.SL.TZ0.2 |
| Level | SL | Paper | 1 | Time zone | no time zone |
| Command term | Identify | Question number | 2 | Adapted from | N/A |
Question
Digital currency
Bitcoin is a type of digital currency (cryptocurrency). This is money that can be sent via the internet and exchanged for goods, services, or money in different currencies. Users can buy bitcoins using real money, and bitcoins can either be spent or stored in a digital wallet for later use. Bitcoins can be used in every country, and sending bitcoins is as simple as sending an email.
A bitcoin wallet is an application that can be installed on a computer or mobile device. Once a bitcoin wallet is installed, the user will get a bitcoin address to use when transferring bitcoins to and from the wallet. This transfer uses private and public key encryption. Users should have a strong password to access their bitcoin wallet.
Bitcoin operates on a peer-to-peer (P2P) network, and users of bitcoins are identified by their bitcoin address. Some users of bitcoins wish to remain anonymous, but this is not always possible.
Identify two characteristics of a peer-to-peer (P2P) network.
Identify two characteristics of a strong password.
The use of a password is one method of authentication.
Identify two other methods of authentication.
Explain one reason why bitcoin makes use of encryption when transmitting data.
Explain one reason why it may be difficult to ensure the security of information in a large peer-to-peer network such as bitcoin.
Some users of bitcoins are concerned that their anonymity may be compromised by their bitcoin address.
Explain one way in which a bitcoin address may be used to reveal information about a bitcoin user.
Bitcoin transactions are made between individuals without the knowledge of banks, governments, or credit card companies. Some governments are investigating whether they should regulate digital transactions, such as those made using bitcoins.
To what extent is it appropriate for governments to regulate digital transactions, such as those made using bitcoins?
Markscheme
Answers may include:
- There is no central administrator.
- All users of the network have the same importance.
- Each computer acts as both client and server.
- Each computer can exchange files directly with every other computer on the network.
Award [1] mark for identifying each characteristic of a peer-to-peer network up to a maximum of [2] marks.
Answers may include:
- Sufficient length (usually more than six characters)
- Made up of a mixture of letters, numbers and symbols
- Uses upper and lower case characters
- Not a dictionary word/common word
- Not based on personal information (e.g., name, birth date, etc.) (i.e., can’t be guessed).
Award [1] mark for identifying each characteristic of a strong password up to a maximum of [2] marks.
Answers may include:
- Biometric authentication
- Fingerprint
- Palm print
- Palm vein
- Facial recognition
- Voice recognition
- Retinal scan
- PIN
- Passphrase
- Two-factor authentication
- Authentication token (or security token)
- One-time code, i.e., contact user via phone/SMS/email to provide the code
- Asking user to provide answers to security questions set-up when creating an account (e.g., what was the first school you attended?).
Award [1] mark for identifying each additional method of authentication up to a maximum of [2] marks.
Answers may include:
- To ensure there is trust in the security of the data…
- as users see this as an additional layer of data security.
- To prevent regulatory fines…
- as encryption may be seen to as an attempt to comply with regulations such as GDPR.
Award [1] for the reason why encryption is used when transmitting data and an additional [1] for the explanation up to a maximum of [2].
Answers may include:
- The security may be carried out at the level of the individual user.
- This may mean that the network’s security may only be as strong as the weakest link.
- There is no central control that manages the security of each computer by providing virus protection/firewall…
- so an inexperienced user may unintentionally allow access to their whole hard drive instead of allowing access to specific folders.
Award [1] for the reason why the security of information may be difficult to maintain in a large peer-to-peer network such as bitcoin and an additional [1] for the explanation up to a maximum of [2].
Answers may include:
- When transmitted, a bitcoin address may include additional information, such as the IP address of the user’s device.
- This information may be aggregated from a number of sources and this larger data set will then provide sufficient information to link the bitcoin address to a person’s identity.
Award [1] for identifying how a bitcoin address may be used to reveal the name of a bitcoin user and an additional [1] for the explanation up to a maximum of [2] marks.
Answers may include:
- If transactions can be done without disclosing the name of the individuals (anonymity), it could be a way to use money obtained illegally (money laundering – values).
- Governments will not be able to see all commercial transactions and therefore may miss the possibility to tax commercial activities – informality, lack of transparency.
- Bitcoin wallet providers may have an agreement with clients not to disclose information – privacy invasion.
- It is also possible to send a payment without revealing your identity. This allows people to transfer funds across country borders without cost but also allows users to buy illegal products anonymously.
- Unregulated services, such as bitcoin, do not provide the protection of regulated services, such as banks.
- For governments to be able to forecast financial trends, they need to have all of the information available. If some information is withheld, it makes forecasting more problematic.
- There is an ongoing debate between the privacy of the user versus the security of the state. The questions could be reframed as what is an acceptable level of regulation/surveillance?
- If regulation is too strict, it will stifle innovation and may prevent worthwhile developments in digital currency.
- Different degrees of regulation by governments of different countries could create an uneven playing field for digital currency transactions.
- As bitcoin is global, regulation could also impact the rights of people outside the government’s jurisdiction.
In part (c) of this question it is expected there will be a balance between the terminology related to digital systems and the terminology related to social and ethical impacts.
Keywords: laws, regulations, environment, cryptocurrency, privacy, anonymity, surveillance, change, power, systems, values
Refer to SL/HL paper 1, part c markbands when awarding marks. These can be found under the "Your tests" tab > supplemental materials > Digital society markbands and guidance document.
Examiners report
Syllabus sections
-
22M.1.SL.TZ0.1a.ii:
Identify two ways the smartwatch and cellphone (mobile phone) could use to communicate with each other.
-
22M.1.SL.TZ0.3c:
A new school has opened in Switzerland, and its principal and IT manager are considering two options:
Option 1: Using a local client–server network.
Option 2: Using a cloud-based service.
Evaluate these two options.
-
22M.1.SL.TZ0.3a.iii:
Identify two ways in which students could authenticate themselves on their local area network (LAN).
-
22M.1.SL.TZ0.1c:
Many people use smartwatches to monitor their vital signs and manage their health.
To what extent should an individual use a smartwatch to manage their health?
-
19M.2.SL.TZ0.1:
In Source A, employees are using an embedded microchip to gain access to the building.
Identify two digital systems, in addition to implanted microchips, that an employee could use to gain access to a building in Source A.
-
21M.1.SL.TZ0.2c:
Discuss whether Daniela should make every teacher at Orams Academy use the same learning platform or allow each teacher to choose their own preferred learning management approach.
-
18N.1.SL.TZ0.3a.ii:
Identify two file compression techniques.
-
22M.1.SL.TZ0.1a.iii:
Outline one reason why protocols such as https are used in the URL to enable digital devices such as the smartwatch and cellphone to communicate with each other.
-
22M.1.SL.TZ0.3a.i:
Identify two types of cloud computing software applications that students might use at school.
-
22M.1.SL.TZ0.3a.ii:
If the schools in Hesse can no longer use cloud computing software applications, they will need to store their data on a local file server and access it through a local area network (LAN).
Identify two ways in which data could be secured if the school stored it locally.
-
22M.1.SL.TZ0.4a.iii:
Describe the difference between identification and authentication.
-
22M.1.SL.TZ0.4b.ii:
Explain why using high-resolution images could be a challenge to the implementation of a facial recognition system.
-
18M.2.SL.TZ0.1:
Identify two trends of social media usage that can be seen in Source A.
-
19N.1.SL.TZ0.3a.iii:
Outline how a firewall functions.
-
21N.1.SL.TZ0.1a.ii:
Identify two features of a virtual private network (VPN).
-
18M.1.SL.TZ0.2a.ii:
Identify two characteristics of a strong password.
-
18M.1.SL.TZ0.2c:
Bitcoin transactions are made between individuals without the knowledge of banks, governments, or credit card companies. Some governments are investigating whether they should regulate digital transactions, such as those made using bitcoins.
To what extent is it appropriate for governments to regulate digital transactions, such as those made using bitcoins?
-
17N.1.SL.TZ0.1a.ii:
Identify the steps used by the voice biometrics technology to authenticate a customer calling CBR Bank.
-
17N.1.SL.TZ0.2a.i:
In addition to providing access to the internet, identify two functions of an internet service provider (ISP).
-
17N.1.SL.TZ0.2a.ii:
Identify two characteristics of a proxy server.
-
17N.1.SL.TZ0.2b:
Many schools block access to social networking websites like Twitter, Facebook and YouTube. However, other schools are investigating two different options:
- Monitoring the network to view what websites the students are viewing.
- Giving different ages of students different levels of access to social media sites.
Analyse these two options.
-
18M.1.SL.TZ0.1c:
The Okavango Medical Centre has received additional funding from the local authority. The centre is investigating the possibility of using these funds to purchase IT equipment that would allow surgeons in Gaborone to carry out surgery remotely.
Evaluate the impact of the purchase of this IT equipment on the medical centre and its patients.
-
18M.1.HL.TZ0.6:
Policing as a human activity?
Toby Walsh, Professor of Artificial Intelligence at the University of New South Wales, Australia, notes that the use of police robots raises “many important questions that we, as a society, have to think about”.
Singapore has started testing patrol robots that survey pedestrian areas in the city-state. Xavier, the mall-cop robot, will be autonomously rolling through the Toa Payoh central district for three weeks scanning for “undesirable social behaviours”.
Figure 4 shows an example of a patrol robot.
Figure 4: An example of a patrol robot
[Image by Jdietsch. PatrolBot.jpg (https://commons.wikimedia.org/wiki/File:PatrolBot.jpg).
Under copyright and licensed under a Creative Commons Attribution 3.0 International License,
https://creativecommons.org/licenses/by-sa/3.0/deed.en (image cropped)]
It has been claimed that the use of patrol robots will lead to more efficient policing.Discuss the extent to which police departments should use patrol robots as a strategy to aid policing.
-
18N.1.SL.TZ0.3b.i:
Explain why each image has its resolution reduced before it is uploaded to ACP’s website.
-
17N.1.SL.TZ0.2a.iii:
Identify two ways that the government could have determined the identity of the persons responsible for posting the offensive images on social media.
-
18M.1.SL.TZ0.1a.i:
Identify two characteristics of voice over internet protocol (VOIP).
-
18M.1.SL.TZ0.2a.iii:
The use of a password is one method of authentication.
Identify two other methods of authentication.
-
21M.1.SL.TZ0.3a.i:
Lyrebird uses a person’s voice print to determine their identity.
Identify three other methods of biometric identification that could be used to determine a person’s identity.
-
21M.1.SL.TZ0.2a.iii:
Identify two potential disadvantages of using online digital media.
-
21M.1.SL.TZ0.3a.ii:
A person’s voice print can be compressed.
Identify three problems that may result from compressing the voice print.
-
18N.1.SL.TZ0.2a.iii:
Outline the difference between the internet and the World Wide Web.
-
19N.1.SL.TZ0.3b:
There are two possible methods for ensuring students use the TailorEd online learning system responsibly. They are:
- restricting access to sites that may be considered inappropriate
- educating the students about acceptable use.
Analyse these two methods.
-
20N.1.HL.TZ0.5:
Clouds under the sea
Microsoft has located one of its data centres on the seabed. Project Natick is now operating 100 feet below the surface of the North Sea (see Figure 4).
Figure 4: An artist’s representation of a data centre on the sea bed
[Adapted under sea photo by NOAA on Unsplash]
Microsoft has chosen to develop data centres on the seabed because they claim there are concerns about the environmental impact of data centres built on land. These seabed data centres can be constructed and placed on the sea bed in 90 days. This is compared to the two years that are required for land-based data centres.
Google patented their design for an underwater data centre in 2009. Even though functioning prototypes have been trialled, none have been used commercially.
The demand for data storage is doubling every two years, so it is likely that an increasing number of data centres will need to be constructed. These data centres can be constructed either under the sea or on land.
Discuss whether companies like Microsoft should build data centres on the seabed.
-
21N.1.SL.TZ0.3c:
The chief executive officer of MediResearch is considering using cloud-based storage to store the genome data.
Discuss whether MediResearch should move to cloud-based storage.
-
20N.1.SL.TZ0.2a.i:
Identify two pieces of information that would be used to identify a device on the IT network.
-
18M.2.SL.TZ0.4:
Mobile devices provide many benefits for children but can also be used inappropriately. Some groups claim it is the responsibility of parents to ensure their children use their mobile devices responsibly, while other groups claim that responsibility lies with other stakeholders, such as schools.
With reference to all the sources and your own knowledge, to what extent do you agree that parents should be responsible for ensuring their children develop safe and healthy habits for mobile device usage?
-
17N.1.SL.TZ0.1c:
The chief executive officer (CEO) of CBR Bank, Alice McEwan, said in a recent interview, “CBR Bank will be replacing all passwords, PINs and personal verification questions for our online banking and mobile banking with voice biometrics recognition.”
To what extent are the changes proposed by Alice beneficial for both CBR Bank’s customers and CBR Bank’s IT support?
-
19M.1.SL.TZ0.2b.iii:
Explain why the data collected about Hurricane Irma was not encrypted prior to being transmitted.
-
18N.1.SL.TZ0.2c:
The government of Cameroon is watching the results of the Agritexte initiative. It is considering two options:
- extending the functionality of Agritexte into a web-based information system
- investing in education and training on the use of the existing Agritexte SMS system.
Evaluate these two options.
-
19N.1.SL.TZ0.2b:
Two methods for informing tourists about wildfires in Kinakora National Park are:
- short message service (SMS) texting/text messaging
- posting information on the Kinakora National Park website.
Analyse these two methods.
-
18M.1.SL.TZ0.2b.iii:
Some users of bitcoins are concerned that their anonymity may be compromised by their bitcoin address.
Explain one way in which a bitcoin address may be used to reveal information about a bitcoin user.
-
19M.1.SL.TZ0.3a.ii:
Identify two features of authentication.
-
19M.1.SL.TZ0.3a.iii:
Identify two features of encryption.
-
19M.1.HL.TZ0.5:
How to appropriately interact in an online environment
Increasing numbers of parents are claiming digital technologies that monitor online activities are the best way to protect their children from offensive content. A number of companies, such as mSpy and Qustodio, have developed online monitoring apps.
Other parents claim it is not necessary to monitor their children’s online behaviour, preferring to encourage their children to develop the knowledge and skills to make appropriate choices.
Parents can consider two different interventions to ensure their children use the online environment appropriately:
- Monitor their children’s online behaviour using apps
- Encourage their children to develop the knowledge and skills to use the online environment and make appropriate choices.
With reference to real-life scenarios, evaluate these two interventions.
-
17N.1.SL.TZ0.1a.i:
In addition to their voice, identify two ways how a customer can be recognized by CBR Bank’s biometrics technology.
-
17N.1.SL.TZ0.2c:
Many citizens have raised concerns about the surveillance of their web browsing history or the censorship of selected websites by their national government.
To what extent is it appropriate for national governments to use surveillance and censorship to control citizens’ access to websites?
-
18M.1.SL.TZ0.2b.i:
Explain one reason why bitcoin makes use of encryption when transmitting data.
-
18N.1.SL.TZ0.3a.iii:
Outline one problem that may be caused by the use of file compression techniques.
-
18N.1.SL.TZ0.3b.ii:
Explain why each image is watermarked before it is uploaded to ACP’s website.
-
21M.1.SL.TZ0.2a.ii:
Identify two reasons why there might be a lack of bandwidth at times on the school’s network.
-
21M.1.SL.TZ0.2b:
The increasing use of cloud-based applications and online collaborative tools has led to Orams Academy introducing an acceptable use policy for students and teachers.
Explain three reasons why Orams Academy decided to introduce an acceptable use policy.
-
19N.1.HL.TZ0.5:
Sharing dashcam* footage with police
Many police departments have started campaigns to encourage members of the public to upload footage of possible offences committed by drivers to police websites. The police are looking for footage of activities such as dangerous driving and driving whilst talking on a cellphone/mobile phone.
Members of the public can create an account on the police website to upload footage from their dashcam (see Figure 3). They can also upload their dashcam footage anonymously.
The police claim that using dashcam footage uploaded by the public will help reduce the number of accidents caused by dangerous driving.
Figure 3: An example of a dashcam
* dashcam: a video camera mounted in a vehicle to record activity on roads
Discuss whether this dashcam footage should be used by the police as part of their strategy to reduce the number of accidents caused by dangerous driving. -
20N.1.SL.TZ0.2c:
Discuss whether Xingu Academy should become a bring-your-own-device (BYOD) school.
-
21N.1.SL.TZ0.1a.iii:
Identify two features of a protocol.
-
21N.1.SL.TZ0.1c:
To what extent is it acceptable for Rajesh to use services like a virtual private network (VPN) to access content that may be blocked in the country he is visiting?
-
21N.1.HL.TZ0.5:
Smart farming
A government in East Africa is using the expertise of scientists at a university in the region to promote the culture of smart farming and increase the productivity of farmers (see Figure 5). To do this, they have developed an app that the farmers can use to assist them in their decision-making.
Figure 5: An example of farming in East Africa
[Palmer, N., 2010. A farmer at work in Kenya’s Mount Kenya region [image] [online] Available at: https://commons.wikimedia.org/wiki/File:2DU_Kenya_86_(5367322642).jpg (CC BY-SA 2.0) https://creativecommons.org/licenses/by-sa/2.0/deed.en [Accessed 18 May 2020].]
Unfortunately, the scientists who developed the app have received many complaints from farmers who have been unable to use it. They are considering two options:
- making the existing system more user-friendly
- educating the farmers to use the existing system.
The scientists claim by making changes to the app it will make the app more user-friendly for the farmers. However, the farmers claim it would be better to provide them with education, such as training, so they can use the existing app.
Evaluate these two claims.
