8 Security
-
Overview of the chapter:
8.1 Data Privacy
8.2 Data Security
8.3 Data Integrity
8.1 Data Privacy
Data Privacy: Keep the data to be available only to authorized users
-> See more in Chapter 9: EthicsWays to authenticate the user:
- Password
- Biometric Methods
- Tokens
There are also other tips to adhere:
- Never leave computer running while not attended
- Don't write down details of accessing the computer.
8.2 Data Security
Data Security: A requirement for data to be recoverable if lost or corrupted.
Threats to data security
Risk Example Solution Hardware Failure Natural disasters 1. Backup: <br/>Regular Full backup, kept attest 2 generations <br/>Regular Incremental backups <br />Record system changes during intervals between backups. 2. Alternative system - e.g. RAID <br/>Systems running in parallel. Unauthorized access Hacker 1. Encryption to files 2. Set access levels e.g. Read only access Malware Virus entering the system 1. Firewall - Examines all data in and out of system. 2. Virus Checker 3. Digital Signiture
8.3 Data Integrity
Data Integrity: A requirement for data to be accurate and up-to-date
Ways ensuring data integrity:
8.3.1 For users:
Validation
Checks the format of data entered is correct, that if data matches a certain criteria. Does not confirm content.
Ways of verification:
- Presence Check (Not NULL)
- Format Check (Must DD-MM-YY)
- Length Check (4-digit student num)
- Type Check (int expected)
- Range Check (A1 student num <=5200)
Validation
Prevents error when data is copied form one medium to another. Does not confirm content.
Common used method: Double entry.
8.3.2 During Transmissions:
Parity Check
Make sure that no bit-changes occurred during transmission.
A parity bit is appended at the end to match the protocol, for example:
If agreed on even parity, there should be even number of '1's in a bit. Parity Bit Appended | v 1 1 1 1 0 0 1 [1] Is correctly transmitted. 1 1 1 1 0 0 0 [1] Is incorrectly transmitted, since there is odd (5) number of 1s.
Checksum
Each bit is regarded as a binary number following a algorithm. The sum of all bits are transmitted with original data.
Same algorithm is run by the receiver. His sum is compared with transmitted sum. If they are no match then there is a data corruption.