6 - security, privacy and data integrity Flashcards
how to prevent data loss / restrict access
user accounts
passwords
firewalls
antivirus software
antispyware software
encryption
biometrics
user accounts
authenticate a user - control access rights
passwords
- should be hard to crack and changed frequently - run antispyware software - mix of cases, numbers, keyboard characters
firewalls
sits between the comp and a network and filters info in/ out - software or hardware or both
- Examines traffic
- Checks if data going in/out meets criteria
- Blocks traffic if it fails the criteria and warns of security issue
- Logs all incoming/ outgoing traffic
- Prevents access to undesirable sites (keeps a list of IPs)
- Helps prevent viruses/ hackers
- Warns the user if software is trying to access an external data source
antivirus software
- Checks software before its opened on comp
- Compares possible viruses against a database of known viruses
- Carries out heuristic checking
- Quarantines possible infected files
antispyware software
- detects and removes spyware programs that have been illegally installed
encryption
- if a hacker accesses data without the encryption keys it cant decode the data
biometrics
- rely on unique human features eg fingerprints - compares ridges/valleys, retina scans - compare blood vessels in the retina
risks to data security
hacking
phishing
pharming
malware
- viruses
- worms
- logic bombs
- Trojan horses
- bots
- spyware
malicious vs ethical hacking
Malicious hacking - illegal access to a comp system without users permission or knowledge - intent of deleting altering, corrupting files or to gain personal details
Ethical hacking - authorised by companies to check their security and how robust the system is
virus
- replicate themselves with the intent to delete or corrupt files causing malfunction
worm
can replicate themselves with the intent of spreading to other comps - use networks to find weak comps
logic bomb
embedded in a program on a comp - when conditioned are met they are activated to delete files or send data to hackers
trojan horses
disguised as legitimate software
bots
Not always harmful- can search automatically for an item on the internet- can cause harm by taking control over a computer system and launching attacks
spyware
gathers information by monitoring then sending it back to the hacker eg key presses
phishing
- Someone sends legitimate emails
- May contain links
- Take user to fake website
- Trick user into entering personal data
phishing - how to prevent
○ Make users aware of new scams
○ Don’t click unsafe links
○ Run anti-phishing toolbars on web browsers
○ Look for https in address
○ Check accounts and change passwords regularly
○ Keep browser security up to date
○ Block pop ups
pharming
- Malicious code on users comp / server - can be stored on HDD without the user knowing
- Redirects the user to a fake website (without knowing- don’t take an action unlike phishing where they have to click)
- The hacker can then gain personal data
- Website appears to be trusted
pharming - how to prevent
○ Antivirus software
○ Use browsers that alert to attacks
○ Check website URL spelling
○ Check for https
data integrity
should be accurate consistent and up to data
compromising data integrity
Can be compromised
- During data entry/ transmission
- By malicious attacks
- By accidental loss (hardware issues)
Mitigated by - validation and verification
validation
- check if data entered is reasonable and within a given criteria
Eg type, range, format, length, presence, existence, limit check, consistency check, uniqueness check
verification
- way of preventing errors when data is entered manually
verification during entry
- Double entry - entered twice using 2 diff people + compared
- Visual check - compared to original document
- Check digits- additional digit added to a number eg barcodes/ VINs - ensures correct numbers have been entered
verification during transfer
- Checksums
- Parity checks
- ARQ - automatic repeat request
checksums
- Data is sent in blocks
- An additional value (checksum) is sent at the end of the block
parity checks
- A byte of data is allocated a parity bit
- Even parity - have an even no. 1s
- Odd parity - have an odd no. 1s
- Before transfer users agree on the type of parity (protocol)
If the received data isn’t the correct type an error has occurred - cant know which bit is the error but know there is one (can fix this by using parity blocks)
parity blocks
○ A block of data is sent and the no. 1s are totalled horizontally and vertically (a parity check is done in both directions)
○ So can identify there is an error and where the error is
AQR - automatic repeat request
- Uses acknowledgment (message to receiver to say its been sent) and timeout (interval to allow for acknowledgment)
- When the receiving device detects an error- asks packet to be resent
- If no error a positive acknowledgment will be sent
- Sending device will resend
○ If receives a request to resend
○ A timeout occurred - Continuous until packet is correctly received or until the AQR limit is reached
data privacy
the privacy of personal info or other info stored on a comp that should not be accessed by unauthorised parites
data security
methods to prevent unauthorised access to data and to recover lost data
data protection laws
data must be
- fairly and lawfully processed
- can only be processed for stated purpose
- adequate relevant and not excessive
- accurate
- not kept for longer than needed
- processed in accordance with the data subjects rights
- kept secure
- not transferred to over countries without adequate protection
data recovery
- use back ups in case data is lost
- save data regularly
type check
checks if non numeric data has been input into a numeric onyl field
range check
he is if data is in the right range
format check
checks if it’s in the agreed format eg dd/mm/yy
length check
checks where data has required number of characters
presence check
checks field is not empty
existence check
checks if data in a file/ a file name actually exists
limit check
checks one limit eg upper or lower
consistency check
checks whether data in 2 or more fields match
uniqueness check
checks that each value entered is unique
modulo-11
example of a check digit
- each digit is giving a weighting 7-1 left to right
- multiplied by weighting then added to make a total
- total divided by 11 and remainder is subtracted from 11
- check digit in the value generated
how checksums work
- the sun of the bits / 256
- round down to nearest whole number
- times by 256
- calc difference between this and the sum
- this value is checksum
