Chapter6_SecurityPrivactAndDataIntegrity
Data security
- Security vs privacy vs integrity
- Security
- Security is keeping data safe from accidental damage
- Security is the prevention of data loss
- Privacy
- Privacy is the need to restrict access to personal data/keep data confidential
- To avoid being seen by unauthorized people
- Integrity
- Integrity is making sure the data is correct / valid / accurate / consistent / up-to-date
- Integrity ensures that the data received is the same as the data sent
- Security
- Security measure
- User accounts and password
- Digital signatures
- Firewall
- Examine the traffic between the computer and the internet
- Check whether incoming or outgoing data meets a given set of criteria
- Block the traffic if the data fails to meet the criteria, and giving the user a warning
- Log all incoming and outgoing traffic to allow later interrogation
- Prevent access to certain undesirable sites
- Helps to prevent viruses or hackers
- Sent warning if some software is trying to access an external data source
- Anti-virus software
- Check software before they run on a computer
- Compare possible virus against a database of known viruses
- Carry out heuristic checking
- Quarantine files which are possibly infected
- Anti-spyware
- Encryption
- Data are scrambled so they cannot be understand unless a decryption key is given
- Security threats
- Malware (virus, spyware)
- Virus
- Malicious program
- Replicates itself
- Can cause loss of data
- Can cause computer to crash
- Can fill up hard disk with data
- Spyware
- Gathers information by monitoring key presses on user’s keyboard
- Virus
- Hacker
- Illegal access to a computer system without the user’s permission. Intentional delete, alter or corrupt user’s files, or to gain personal information
- Phishing
- Legitimate-looking emails containing links or attachments which, when clicked, take the user to fake website, or they may trick the user into responding with personal data
- Pharming
- Malicious code installed on a user’s computer or web server, redirects to a fake website without their knowledge and gain personal information
- Malware (virus, spyware)
- Security methods
- Encryption
- Access rights
Data integrity
Validation
Check if the data entered is sensible, reasonable, acceptable
Does not check if the data is correct
Range check
Checks whether data entered is between a lower and an upper limit
Format check
Checks whether data has been entered in the agreed format
Length check
Checks whether data has the required number of characters or numbers
Presence check
Checks to make sure a field is not left empty when it should contain data
Existence check
Checks if data in a file or file name actually exists
Limit check
Checks only one of the limits (such as the upper limit OR the lower limit)
Check digit
An additional digit, which is calculated from the existing number, added to the number to check integrity
Verification
- Check if the entered data exactly matches the original data
- Does not check if data is sensible/acceptable
- Visual check
- Compare entered data and original data manually
- By 2 different people
- Double entry
- The data is entered twice by different people
- The computer automatically compare 2 versions of data
- Parity check
- Uses even or odd parity which is decided before the data sent
- Each byte has a parity bit
- Parity bit is set to 0 or 1 to make parity for byte correct
- After transmission, parity of each byte is rechecked
- If it is not consistent, an error is flagged
- Parity blocks could be used to precisely locate the error
- Checksum
- A calculation if carried out on the data to be sent
- The result is sent, along with data to recipient
- Checksum us re-calculated at receiving end
- If both sums are the same, no error has occurred
- If the sums are different, the data has been corrupted during transmission
- Request is sent to re-send the data