Paper 1: Testimonial

Security, privacy and data integrity

Data integrity: making sure that data is correct or valid, ensures that data received is the same as the data sent
Data privacy: only seen by authorized people, and keeps the data confidential, determines what data is shared with the third party
Data security: prevention of data loss and hackers using the data, to keep the data safe, protection of data on a computer system e.g encryption
System security: protection of the computer system, prevents hackers getting into the system/computer e.g passwords
Hacking: is unauthorized access to a computer system without the user’s knowledge or consent

Threats to computer and data security

Malware: software that is intentionally designed to damage a computer or computer network
- virus: software that replicates itself by inserting a copy of itself into another piece of software, malicious code, can cause loss of data or computer crash
- spyware: software that gathers online and offline information about the user, for example applications, accounts and downloaded files etc.
- risk restriction: install anti-virus and anti-spyware, and regularly update and run them
Hackers: illegal access to the computer system, they can obtain user’s confidential data, might led into data being stolen or corruption
- risk restriction: use firewall and strong passwords
Phishing: usually through email, when it is clicked it takes the user to a fake website and then install or gain information about the user
- risk restriction: ensure that your firewall includes spam filters, update your browser and do not click on unknown links on emails and pop-ups
Pharming: redirects user to a bogus site, malicious code installed on a computer or web server
- risk restriction: ensure that https is present in the URL, check the URL spelling, use a reliable ISP

Security measures to protect Computer Systems

user accounts:
- access to resources can be limited for different accounts
- using usernames and passwords will deny unauthorized access
- cannot access the system without their account/login details
passwords:
- restrict access to data or systems
- should be unique and changed frequently so it is hard to crack
authentication techniques such as digital signature and biometrics:
- process of confirming and determining someones identity
- digital signatures helps identifying who the sender is
- rely on the unique characteristics of humans, very hard to crack
firewall:
- can be both hardware and software
- filters information travelling between the computers
- manages the incoming and outgoing traffic
- firewall softwares can make decisions about what to allow and what to block according to detected illegal attempts
anti-virus software:
- has a database of known virus codes, compares possible viruses
- runs in the background
- checks files for known malicious patterns
- quarantine or delete any malicious or infected software or file found
anti-spyware software:
- detects and removes spyware
- can be based on rules that associated/matches with the spyware
- look for known structures and patterns to identify common spyware programs
encryption:
- converts the data by encoding it
- hacker might still delete the files, but the data is meaningless for them cannot use the data
- requires a key to decrypt the data

Security methods to protect the Security of the Data

encryption
access rights (authorization):
- different access levels for individuals and users
- which prevents them from accessing all data
data backup:
- a copy of data is made and stored somewhere else
  - full backup is made at regular intervals, perhaps weekly
  - incremental backups are made on a daily basis
- if the original data is lost it can be restored with the back-up file
- data might get lost because: corruption of the disk, natural hazards, system crashes, might be overwritten, location of the file is forgotten
disk mirroring:
- writes the data into two different disks at the same time
- if one of them is not working or it corrupts, second one is still there to be read off

Data validation: checks if the data entered is reasonable/valid, but doesn’t check its accuracy

Data validation methods:

range check: checks if the data entered is between a lower and upper limit
format check: data must follow the correct pattern, checks if the data has been entered i the agreed format
length check: checks whether the data has required number of characters
presence check: checks if data has been entered
existence check: checks if the data entered is actually exist
limit check: checks if the value entered is within the acceptable minimum or maximum value
check digit: an extra digit added to the number after performing arithmetic operations, if check digit doesn’t match the data is entered incorrectly

Data verification methods:

during data entry:
- visual check: manually comparing the data
- double entry: enter the data twice and compare
during data transfer:
- parity check:
  - all the data is transferred as bits
  - sender and receiver agrees if it is even or odd
  - two communicating devices decide there will always be an odd number of 1s. A byte is received that has even number of 1s so error occurred and receiving device would ask for it to be sent again
  - Not foolproof: if 2 bits are transposed, data accepted
  - Used also when data sent between parts of the CPU
- checksum:
  - Data sent from one place to another as block of bytes rather than individual bytes
  - Computer adds together all bytes being sent
  - Any bits lost at most-significant end as carry ignored so answer is an 8-bit number
  - Checksum calculated before and after data sent
  - If two bytes different, error occurred therefore block of bytes must be sent again

by: Elif Nur Cholak

Topic 6 - Security, privacy and data integrity Notes