security, privacy and data integrity Flashcards
file based-approach
the data is stored in one or more separate computer files
relational database
a way of structuring info in table rows and columns
file-based limitations
- data redundancy (repeated data)
- data dependency (changes to data mean changes to the program accessing the data)
- lack of data integrity
- lack of data privacy
relational database pros
- multiple tables are linked together: which reduces data redundancy, increases data integrity
- program-data independence: structure of data can change and does not affect the program and vice-versa
- complex queries can be easily written: to find specific data
- different users can be given different access rights: improves security
entity
the concept or object in the system that we want to model and store info about
attributes
a column or field in a table
primary key
unique identifier for each tuple
foreign key
a field in one table that links to a primary key in another table
candidate keys
a set of keys that can be used to uniquely identify a record
tuple/record
data in one row of a table
referential integrity
- making sure that tables do not try to reference data that does not exist
- a primary key can’t be deleted unless all dependent records are already deleted
- a primary key can’t be updates unless all dependent records are already updated
- every foreign key value has a matching value in the corresponding primary key
how can relational database reduce data redundancy
- because each record of data is stored once and referenced by a primary key
- as data is stored in individual tables
- tables are linked by relationships
- by this proper use of primary and foreign eys
- by enforcing referential integrity
developer interface
- creates user friendly features
- creates outputs
- creates interactive features
query processor
- creates SQL queries
- searches for data that meets set criteria
- performs calculation of extracted data
data dictionary
stores all the info about the database e.g: fields, datatypes, keys
tasks performed by DBMS developer interface
- create a table
- set up relationships between tables
- create a form
- create a report
- create a query
DBMS software to ensure the security of data
- issue usernames and passwords
- access rights
- regular backups
- encryption of data
normalization
a method to remove or reduce data redundancy
1NF
- no repeated group of attributes
- no duplicate rows
- all attributes should be atomic
2NF
should be in 1NF + no partial dependencies
3NF
- should be in 1NF and 2NF + have no non-key dependencies
external schema
the individual’s view of the database
logical schema
describes how the relationships will be implemented in the logic structure of the database
conceptual schema
describes the views which user of the database might have
data integrity
- is making sure that data is correct
- ensures that data received is the same as the sent data
- e.g: parity check
data privacy
- keeps data confidential
- only seen by authorized personnel
data security
- to keep data safe
- prevention of data loss
- e.g: data backup
encryption
- scrambles the source code
- using an encryption key
- if file is accessed without authorization it will be meaningless
- it requires a decryption key to unscramble the algorithm
data backup
- a copy of data will have bene made and stored elsewhere
- if original data is lost, the backup can be used to restore the data
disk mirroring
- data is stored on two disks simultaneously
- if the first data disk drive fails the data is accessed from the second disk
firewall
- prevents unauthorized access to the data
- monitors incoming and outgoing traffic
- blocks transmission from unauthorized sources/websites
- maintains an allow list
- can be software or hardware or both
- can help to prevent hacking
user account
- user has a username and password
- access to resources can be limited to a specific account
- a person cannot access the system without valid username and password
anti-malware
- scans for malicious code
- quarantines or deletes any malicious software found
- scans can be scheduled at regular intervals
access rights
- different access rights for individuals and groups
- to stop users from editing the program
physical measure
- locked doors/keyboards
- secure method of access
methods to protect data online
- running up to date anti virus
- use of proxy server
- strong biometrics
malware
software that’s intentionally designed to cause damage to a computer or server
virus
programs or program code that can replicate itself by inserting itself into another piece of software with the intention of deleting or corrputing files
ways to protect from a virus
- using anti-virus
- update anti-virus on regular basis
- avoid downloads from unknown sources
- use a firewall
- avoid suspicious websites
worms
- a standalone piece of software that can replicate itself automatically and does not require a host
- can corrupt user’s computer, delete data and consume bandwidth
logic bombs
code embedded in a program on a computer. when certain conditions are met, they are activated to carry out tasks such as deleting files or sending data to a hacker
trojan horses
malicious program often disguised as legitimate software with the intent of harming the computer
spyware
- software that gathers info by monitoring (e.g: a key on the user’s keyboard being pressed)
- the info is then sent back to the person who sent the software
phising
- phisher sends e-mail to the user
- when clicked, it takes the user to a fake website so their confidential data can be obtained or malware can be installed on their device
- falls under identity fraud and misuse of financial data
pharming
malicious code installed on user’s computer or webserver. the code redirects the user to a fake website
validation
checks that the data entered is reasonable
verification
checks that the data entered is the same as the original
calculating check-digit
- each digit in the number is given a weighting e.g: 7,6,4,4,3,2,1 starting from the left
- digit is multiplied by its weighting and then each value is added to make a total
- the total is divided by 11 and the remainder should be substracted from 11
checksum
- bytes sent as a block
- bytes added up before transmission
- results of addition is sent with the data block
- receiver will add all the blocks and the answer should be ALL 1s if it’s transferred correctly
even parity
even number of 1s
odd parity
odd number of 1s
how digital signature ensures that the e-mail is authentic
- e-mail message is put through hashing algorithm to produce a digest
- digest is encrypted with sender’s private key to create digital signature
- digital signature can only be decrypted with matching sender’s public key
hashing algorithm
mathematical function that produces a hash key
