6 Security, Privacy & Data Integrity

6.1 Data Security

Data Privacy:
 It protects data against unauthorized access.
 It is to keep data confidential.
This is achieved partly by Data Protection Laws. These laws vary from country to country, but
all follow the same eight guiding principles:

1. Data must be fairly and lawfully processed.

2. Data can only be processed for the stated purpose.
3. Data must be adequate, relevant and not excessive.
4. Data must be accurate.
5. Data must not be kept longer than necessary.
6. Data must be processed in accordance with the data subject’s rights.
7. Data must be kept secure.
8. Data must not be transferred to another country unless that country also has adequate
protection.

Data Security:
 It protects data against data loss/corruption.
 It is to keep the data safe from accidental or malicious damage/loss.
Why data needs to be kept secure (importance of data security):

 To stop the data being lost/corrupted/amended.

 To make sure it can be recovered.
 To prevent unauthorized access.
Why data and computer system both need to be kept secure from unauthorized access:

(i) Data:

 The data needs protecting from someone amending/deleting or taking it.

(ii) Computer System:

 The computer system needs protecting to stop people for example, installing malware or
damaging the system.

1
Ways/measures to keep data secure:
1. Biometric authentication
2. Two-step authentication
3. Install/run a firewall/proxy to monitor remote access requests
4. Encryption
5. Different access rights for different users
6. Up to date Anti-malware/Anti-virus software
7. Up to date Anti-spyware software
8. Username and strong password
9. Digital signatures
10. Data backup
11. Disk-mirroring
12. Physical methods (e.g. CCTV, locked rooms, security guards etc.)

Authentication:
 It is the process of determining whether somebody/something is who/what they claim to be.
 It is frequently done through log on passwords/biometrics.
 Since passwords can be stolen/cracked, digital certification is used.
 It helps to prevent unauthorized access to data.

Authentication Methods/Techniques:

1. Usernames and Passwords

2. Biometrics (fingerprint recognition, retina scanner)
3. Two-step verification
4. Token authentication // use of dongle // swipe cards

1) Usernames and Passwords:

 Passwords should be strong to prevent unauthorized access to data.

 The passwords should be updated on regular basis in case they have been seen by someone
else, illegally or accidentally.
 Strong passwords should contain:
 at least one capital letter
 at least one numerical value
 at least one other keyboard character (such as @, *, &)
Example of a strong password: Sy12@#TT90kj=0
Example of a weak password: GREEN

2
2) Biometrics:

 Biometrics rely on the unique characteristics of human beings.

 These are the unique features of individuals that cannot be guessed.
(i) Fingerprint recognition:

 The images of fingerprints are compared against previously scanned fingerprints stored in a
database.
 The system compares patterns of ‘ridges’ and ‘valleys’ of a finger which are fairly unique.
 If they match, then access is allowed; otherwise denied.
(ii) Retina scanner:

 It uses infra-red to scan the unique pattern of blood vessels in the retina (at the back of the
eye).
 It requires a person to stay still for 10 to 15 seconds while the scan takes place.
 It is very secure since nobody has yet found a way to duplicate the blood vessels patterns.
 If the blood vessel patterns match, then access is allowed; otherwise denied
3) Two-step verification:

 The two-step verification allows user to sign in to their account in two steps using their
password and device (phone).
 The additional data such as a pin code is sent to a device that is pre-set by the user so it is
difficult for hacker to obtain that specific device and therefore the pin code.
 Moreover, the data (pin code) has to be entered into the same system so if attempted from
a different location, it will not be accepted.

3
Security measures along with their description:
1) User accounts:

 User has a username and password.

 This ensures access to resources can be limited to specific accounts
 Therefore, cannot access system without valid username and password so prevents
unauthorized access to the system.

Password can be guessed if weak and can also be stolen. Therefore, a password does not prevent
unauthorized access, but instead it just makes it more difficult.

2) Access rights:

 Different access rights are set up for individuals/group of users.

 It restricts actions (e.g. read/read-write) of specific users.
 This stops users from reading/editing data they are not permitted to access.
3) Firewall:

 It prevents unauthorized access to the data.

 It can be software and/or hardware.
 It monitors all incoming and outgoing traffic.
 It blocks transmissions from unauthorized sources/websites/ports.
 It maintains a blacklist/whitelist of IP addresses.
 It stops unauthorized access/hackers gaining access to computer network.
 It stops malware (viruses and spyware) reaching a computer.

Additional information:

 The firewall sits between the user’s computer and an external network (such as the internet)
and filters information in and out of the computer.

 The firewall can be a hardware interface which is located somewhere between the computer
(or internal network external link) and the internet connection. In these cases, it is often
referred to as a gateway.
 Alternatively, the firewall can be software installed on a computer, sometimes as part of the
operating system.

However, sometimes the firewall cannot prevent potential harmful traffic as it cannot:

 Prevent individuals, on internal networks, using their own modems to by-pass the firewall.
 Control employee misconduct or carelessness (for example, control of passwords or user
accounts).
 Prevent users on stand-alone computers from disabling the firewall.

4
4) Encryption of data:

 It scrambles the data (so it is meaningless) using an encryption key/algorithm.

 If accessed, data cannot be understood by unauthorized personnel.
 It requires a decryption key/algorithm to unscramble.
 Therefore, if data is accessed it will be meaningless without a decryption key.

Encryption simply makes data incomprehensible (without decryption key/algorithm) and hackers
can still access the data and corrupt it, change it or delete it.

Describe what is meant by encryption and explain why it is used.

 The data is turned into cipher text and encoded using an encryption key/algorithm.
 It is used so that data cannot be understood if intercepted without the decryption key.
5) Digital Signatures:

 It is a mathematical algorithm (encrypted data) attached to electronically transmitted

document to verify its content/that it comes from a trusted source.

6) Authentication Methods/Techniques:

 Usernames and Passwords, Biometrics (fingerprint recognition, retina scanner) and Two-step
verification should be used to help prevent unauthorized access.

7) Up to date Anti-malware // Anti-virus software:

 It scans for malicious software/viruses.

 It compares possible viruses against a database of known viruses.
 It removes/quarantines the malicious software/viruses found.
 The scans can be scheduled at regular intervals.
 It should be kept up to date.

8) Anti-spyware software:

 It scans the computer system for spyware.

 It removes any spyware that is found.
 It checks data before it is downloaded and then accordingly either stops download or warns
user if spyware is found.

9) Data backup:

 A copy of data is made at regular intervals e.g. daily, weekly etc.

 They are stored in different location (to separate device or offsite) to enable recovery if
necessary.
 So, in the event of data loss/corruption, the backup can be used to recover the original data.

5
10) Disk-mirroring:

 The data is written to two or more disks simultaneously.

 All activity is duplicated to a second disk in real time.
 So, in the event of hardware failure, a second identical copy is immediately available.
 If the first disk drive fails, the data is accessed from the second disk.

11) Auditing:

 Logging all actions/changes to the system in order to identify any unauthorized use.
12) Application Security:

 It is applying regular updates/patches.

 This helps in finding, fixing and preventing security vulnerabilities in any (installed)
application.

13) Physical measures:

 CCTV cameras and alarms should be installed and used for surveillance.
 The doors of rooms (with sensitive data) should be locked.
 Security guards should be employed for protection of areas (with sensitive data).
 These methods will alert and detect unauthorized access near the place of computer system.

6
Threats to computer and data security:

1) Hacking:
Description:

 It is the act of gaining illegal/unauthorized access to a computer system/data without the

owner’s consent or knowledge.

Effects:

1. This can lead to identity theft or gaining personal information.

2. The data can be deleted by the hacker.
3. The data can be corrupted by the hacker.
4. The data can be changed/altered by the hacker.

Prevention:

1. It can be prevented using firewalls or proxy servers.

2. It can be prevented by using strong passwords and user ids.
3. It can be prevented by using biometrics.
4. It can be prevented by using two-step verification.
5. It can be prevented by using anti-hacking software.

2) Malware:
There are several forms of malware as described below:

(i) Viruses:
Description:

 It is a malicious code/software/program that replicates/copies itself and is designed to

amend, delete, corrupt or copy data and files on a user’s computer without their
consent/knowledge.

Effects:

1. It can delete files/data.

2. It can corrupt files/data.
3. It can cause the computer to crash, stop functioning normally or become unresponsive.
4. It can fill up hard disk with unnecessary data.

Prevention:

1. It can be prevented by using an anti-virus/anti-malware software.

2. It can be prevented by using firewall or proxy server.
3. It can be prevented if the user does not download software or data from unknown sources.
4. It can be prevented if user is careful when opening emails/attachments from unknown
senders.

7
Examples of when a virus checker (anti-virus software) should perform a check:

 It checks for boot sector viruses when machine is first turned on.
 It checks for viruses when an external storage device is connected.
 It checks a file/web page for viruses when it accessed/downloaded.
Different ways through which a malware/virus could be introduced to a computer system or
a website/network:

1. A hacker hacked the computer/network and downloaded the malware onto the
computer/network.
2. The user clicked on a link or attachment from an email or web page and the malware could
be embedded into the link or attachment.
3. The user downloaded a file from an email or web page and the malware could be embedded
into the file.
4. The user opened an infected software package which triggered the malware to download
onto the computer/network.
5. The user inserted an infected portable storage device which downloaded the malware onto
the computer/network.
6. The firewalls were turned off and so the malware was not detected when it was entering the
computer/network.
7. The anti-malware was turned off and so the malware was not detected when virus containing
files were downloaded.

(ii) Worms:
 It is a type of stand-alone virus that can replicate themselves with the intention of spreading
to other computers.
 They often use networks to search out computers with weak security.
(iii) Logic bombs:
 It is a code embedded in a program on a computer.
 When certain conditions are met (such as a specific date) they are activated to carry out tasks
such as deleting files or sending data to a hacker.

(iv) Trojan horses:

 It is a malicious program often disguised as legitimate software.
 They replace all or part of the legitimate software with the intent of carrying out some harm
to the user’s computer system.

(v) Bots (internet robots):

 They are not always harmful and can be used, for example, to search automatically for an item
on the internet.
 However, they can cause harm by taking control over a computer system and launching
attacks.
8
(vi) Spyware:
Description:
 It is a software that monitors user’s activity by reading key presses on a user’s keyboard.
 The user activity is relayed/sent to a third party/originator of the software.
 The user activity/key presses can be analyzed to find sensitive data (e.g. passwords).
 It is also known as key logging software.
Effects:
1. It gives the originator access to all data entered using a keyboard on the user’s computer.
2. This can lead to stealing of personal information as the originator can analyze the key presses
to find sensitive data (e.g. passwords).
3. The software is able to install other spyware programs.
4. It is able to read cookie data.
5. It is able to change a user’s default web browser.
Prevention:
1. It can be prevented by using anti-spyware software.
2. It can be prevented by using other methods of data entry such as virtual (onscreen) keyboard
and drop-down boxes instead of keyboard.
3. It can be prevented by using firewall or proxy server.
4. It can be prevented by using two-step verification.
5. It can be prevented if the user is alert and he/she looks out for clues that their keyboard
activity is being monitored.
Purpose of drop-down boxes & virtual (onscreen) keyboards:
 These are used to defeat spyware/key logging software.
 The key logger records key presses and in case of drop-down boxes or onscreen keyboards,
there is no key pressed.
 It means key logger cannot collect data and relay it to third party
Similarities & differences between spyware and a virus:
Similarities:
1. Both are pieces of malicious software.
2. Both are downloaded/installed/run without the user's knowledge
3. Both can pretend to be/are embedded in other legitimate software when downloaded.
4. Both try to avoid the firewall.
5. Both run in the background.
Differences:
1. Virus can damage computer data whereas spyware only records/accesses data.
2. Virus does not send data out of the computer whereas spyware sends recorded data to third
party.
3. Virus replicates itself whereas spyware does not replicate itself.
9
3) Phishing:
Description:
 It is a legitimate-looking email sent to a user.
 It requires the user to click and open the link in the email or attachment.
 This link/attachment redirects the user to a fake/bogus website without their
consent/knowledge to steal and obtain user data (e.g. personal or financial information).
Effects:
1. The creator of the email can gain personal data such as bank account numbers from users
when they visit the fake website.
2. This can lead to fraud or identity theft.
Prevention:
1. It can be prevented by looking out for https and/or the green padlock symbol in the address
bar (both suggest that traffic to and from the website is encrypted).
2. It can be prevented if user does not open/click emails or attachments from unknown sources.
3. It can be prevented by using firewalls as some of them can detect fake/bogus websites.
4. It can be prevented by using an up-to-date browser, with all of the latest security upgrades,
is running, and run a good firewall in the background at all times.
5. It can be prevented by Internet Service Providers (ISPs) as some of them filter out phishing
emails automatically.
6. It can be prevented if user is always cautious when opening emails or attachments.
Note:

 The legitimate looking emails often use large companies, such as well-known banks, to try to
convince customers that the email is authentic.

10
4) Pharming:
Description:
 It is a malicious code/software installed on a user’s hard drive in computer or on the actual
web server.
 This code redirects the user to a fake/bogus website without their consent/knowledge to steal
and obtain user data (e.g. personal or financial information of user).
Why does pharming pose a threat to data security?

 Pharming redirects users to a fake or malicious website set up by, for example, a hacker.
 Redirection from a legitimate website can be done using DNS cache poisoning.
 Every time a user types in a URL, their web browser contacts the DNS server.
 The IP address of the website is then sent back to their web browser.
 However, DNS cache poisoning changes the real IP address values to those of the fake
website consequently, the user’s computer connects to the fake website.

Effects:
1. The creator of the code can gain personal data such as bank account numbers from users
when they visit the fake website.
2. This can lead to fraud or identity theft.
Prevention:
1. It can be prevented by using antivirus software, which can detect unauthorized alterations to
a website address and warn the user.
2. It can be prevented by using anti-spyware software as some of them can identify and remove
the pharming code from the hard drive.
3. It can be prevented by using modern web browsers that alert users to pharming and phishing
attacks.
4. It can be prevented by trusting and using only secure websites (e.g. those with https protocol
or those having a green padlock sign next to the website URL).
5. It can be prevented by checking and confirming that the URL exactly matches the intended
site.
6. It can be prevented if the user is alert and he/she looks out for clues that they are being
redirected to another website.
Similarities & differences between phishing and pharming:
Similarities:
1. Both are designed to steal personal data.
2. They both pose as a real company/person.
Differences:
1. Pharming uses malicious code installed on hard drive whereas Phishing is in form of an email.
2. Phishing requires user to follow a link/open an attachment.

11
Data Recovery:
This section covers the potential impact on data caused by:

1. accidental mal-operation
2. hardware malfunction
3. software malfunction on a computer system

In each case, the method of data recovery and safeguards to minimize the risk are considered:

 In all cases, the backing up of data regularly (automatically and/or manually at the end of the
day) onto another medium (such as cloud storage, or removable HDD) is key to data recovery.
 The back-up should be stored in a separate location in case of, for example, a fire or an office
break-in.
 Somebody should be given the role of carrying out back-ups, to ensure it is always done.
 Backing up data may not be a suitable method of recovery in the case of a virus infection, as
the backed up data may contain strands of the virus which could re-infect the ‘cleaned’
computer.

12
6.2 Data Integrity
Data Integrity:
 It is ensuring the consistency/accuracy of the data.
 It is to make sure that the data received is correct and same as the data sent.
Two of the methods used to ensure data integrity are:

1. Validation
2. Verification

1. Validation:

 It checks whether the data entered is reasonable/sensible and meets given criteria.
 It cannot check if data is correct or accurate.
 It is used at the input stage.
Note: Validation can only prevent incorrect data if there is an attempt to input data that is of the
wrong type, in the wrong format or out of range.
Data validation is implemented by software associated with a data entry interface.

Examples of validation:

There are a number of different types of check that can be made. Typical examples are:

1. Range check
2. Format check
3. Length check
4. Presence check
5. Existence check
6. Type check
7. Limit check
8. Consistency check
9. Uniqueness check

13
The following table summarizes the concepts of all kinds of data validation checks:

14
2. Verification:

 It checks whether the data copied/transferred is the same as the original.

 It does not check whether data is sensible/reasonable/acceptable.
 It is used at the input stage and during data transmission.
Examples of verification:

Verification is used during data entry and during data transmission.

Typical examples of verification during data entry are:

1. Double entry
2. Visual checks
3. Check digit

Typical examples of verification during data transfer are:

1. Checksums
2. Parity check
3. Automatic repeat request (ARQ)

Description of ways of maintaining data integrity during the input stage:

1) Double Entry:

 The data is entered twice by two different people.

 The system automatically compares them to see if they are the same (either after data entry
or during the data entry process).

2) Visual Check:

 The data entered is manually compared with the original (document).

 For example, in other words, what is on the screen is compared to the data on the original
paper documents.

3) Check Digit:

 It is an additional digit added to a number (usually in the right-most position).

 It is a digit that is calculated from the data.
 It is then added to the data.
 Digit is recalculated when data is entered.
 Digits are compared to check for error.
 If digits are different, error is detected.
 If digits match, no error is detected.
 They are often used in barcodes, ISBNs (found on the cover of a book) and VINs (vehicle
identification number).
 An example of a check digit calculation is Modulo-11.

15
The check digit can catch errors including:

1. An incorrect digit being entered (such as 8190 instead of 8180)

2. A transposition error where two numbers have been swapped (such as 8108 instead of 8180)
3. Digits being omitted or added (such as 818 or 81180 instead of 8180)
4. Phonetic errors such as 13 (thirteen) instead of 30 (thirty).

Modulo-11:

The following algorithm is used to generate the check digit for a number with seven digits:

1. Each digit in the number is given a weighting of 7, 6, 5, 4, 3, 2 or 1, starting from the left.
2. The digit is multiplied by its weighting and then each value is added to make a total.
3. The total is divided by 11 and the remainder subtracted from 11.
4. The check digit is the value generated; note if the check digit is 10 then X is used.

Example of Modulo-11 algorithm:

 When this number is entered, the check digit is recalculated and, if the same value is not
generated, an error has occurred.
 For example, if 4 1 5 7 6 1 0 4 was entered, the check digit generated would be 3, indicating
an error.

16
Description of ways of maintaining data integrity during the transmission stage:

1) Checksum:

 A calculation is done on a block of data to get an additional value called checksum.

 The result (checksum) is transmitted with the block of data.
 This calculation is repeated at receiver’s end.
 Comparison is made between checksum before and after transmission.
 If both sums are the same, no error has occurred.
 If the sums are different, the data has been corrupted during transmission and request is sent
to re-send data.

Example algorithm of Checksum:

We will assume the checksum of a block of data is 1 byte in length. This gives a maximum value of
28 – 1 (i.e. 255). The value 0000 0000 is ignored in this calculation.

If the sum of all the bytes in the transmitted block of data is <=
255, then the checksum is this value. However, if the sum of all
the bytes in the data block > 255, then the checksum is found
using the simple algorithm shown below:

Example:
Suppose the value of X is 1185, so we get:
X = 1185
1185/256 = 4.629
Rounding to nearest whole number gives Y = 4
Z = Y x 256
Z = 4 x 256 = 1024
X – Z = 1185 – 1024 = 161
Checksum = 161

17
2) Parity Check:

 It uses even or odd parity which is decided before data is sent.

 One of the bits is reserved as parity bit and it is allocated to each byte.
 Parity bit is set to 0 or 1 to make parity for byte correct.
 e.g. 10110110 uses odd parity and so number of 1s must be odd
 The parity is checked at receiver’s end.
 Any change in parity indicates data corruption.

Example to illustrate parity checking:

 The parity can be even or odd.

 The parity check uses the number of 1s in a binary pattern.
 If there is an even number of 1s, then the parity is even.
 Parity of each byte checked following the transmission.
 A parity bit is used to make sure binary pattern has correct parity.

Example: 10010111 has parity bit set to 1 in MSB since system uses odd parity
(original data: 0010111 which has four 1 bits)

How parity checks protect the integrity of the data:

 It automatically checks for errors on receipt of data.

 It alerts if data has been received incorrectly and requests data to be re-sent.
 It provides a verification check on data.
3) Automatic Repeat Request (ARQ)

 It uses error detection method (e.g. parity check or check sum) to detect errors in individual
packets.
 It uses an acknowledgment and timeout.
 It sends a negative acknowledgement if an error has occurred.
 It uses timeouts to detect missing packets.
 If an error is detected, then a request is automatically sent to resend data.
 Resend request is repeatedly sent until data is received correctly or limit is reached.

What is acknowledgment? What is timeout?

It is a message sent by the receiver indicating It is the time allowed to elapse before an
that data has been received correctly. acknowledgment is received.

Why the data in the system may not be correct even after validating and verifying the data:

 Validation checks data is reasonable/within bounds.

 It does not check that accurate data has been entered.
 Verification checks if the data matches the data given.
 It does not check if the original data is accurate.

18
Tips for Exam Style Questions of Parity Checking in Registers:
1) Systems that use EVEN PARITY have an even number of 1- bits; systems that use ODD PARITY
have an odd number of 1-bits.

2) If it is given in a question that even parity is used and an incomplete register like below is given,
you need to count the number of 1’s to see if they are even or odd. If they are even already, then
simply add 0’s in the blank space. If 1’s are odd, then you need to balance and write 1’s until the
total number of 1’s become even.

3) Similarly, if it is given in a question that odd parity is used and an incomplete register is given,
you need to count the number of 1’s to see if they are even or odd. If they are odd already, then
simply add 0’s in the blank space. If 1’s are even, then you need to balance and write 1’s until the
total number of 1’s become odd.

4) If the examiner gives you a complete register filled with 8 bits, and tells you that even parity
is used, asking you to identify if the data was transmitted correctly. You simply need to count
the number of 1’s in the register and check if they are even. If they are even then data was
transmitted correctly and if they are odd then it was corrupted during transmission.

5) Similarly, if the examiner gives you a complete register filled with 8 bits, and tells you that odd
parity is used, asking you to identify if the data was transmitted correctly. You simply need to
count the number of 1’s in the register and check if they are odd. If they are odd then data was
transmitted correctly and if they are even then it was corrupted during transmission.

19
Tips for Exam Style Questions of Parity Checking in Parity Blocks:
In this method, a block of data is sent and the number of 1-bits are totalled horizontally and vertically
(in other words, a parity check is done in both horizontal and vertical directions).

As the following example shows, this method not only identifies that an error has occurred but also
indicates where the error is.

To solve questions like the following:

1) First we need to see what type of parity is used.

2) According to the even/odd parity used, we need to count 1’s in all columns and check which of
the column does not follow the even/odd parity used.
3) Then we need to count 1’s in all bytes (rows) and check which of the rows does not follow the
even/odd parity used.
4) The intersection point of the column and byte gives the corrupted bit.
5) If the examiner asks to circle the corrupted bit then simply encircle the bit at the intersection
point.
6) If the examiner asks to write byte number and column number, we simply write the byte number
with wrong parity and the column number with wrong parity.

20
ii) How did you arrive to your answer in part (i)? (2) *The corrupted bit has been encircled
as well for you to understand (though
 Column 6 has odd number of 1’s (7 ones).
it is not the requirement of this
 Byte 7 has odd number of 1’s (3 ones).
question) *

Situations in which a parity check cannot detect corruption of a byte:

1. Error will not be detected if there are multiple errors in same byte that still produce the same
parity bit.
2. It will not be detected if an even/odd number of digits are changed (depending upon
even/odd parity used).
3. It will not be detected if a transposition error has occurred.

21
Exam Style Questions:
Question 1:

(i) Describe how a parity block check can identify a bit that has been corrupted during
transmission.

 Each byte has a parity bit // horizontal parity.

 An additional parity byte is sent with vertical (and horizontal) parity.
 Each row and column must have an even/odd number of 1s.
 Identify the incorrect row and column.
 The intersection is the error.

(ii) Give a situation where a parity block check cannot identify corrupted bits

 There are errors in an even number of bits (could cancel each other out).

22
Question 2:

(a)(i) Describe how the data logger calculates the parity bit for each of the bytes in the data
block.

 It counts the number of one bits in the first seven bit positions.
 It adds a 0 or 1 to bit position 0, to make the count of one bits an odd number.
(a)(ii) State the two missing parity bits labelled A and B.

 A=1
 B=1
(a)(iii) Describe how the computer uses the parity byte to perform a further check on the
received data bytes.

 A parity bit is worked out for each column.

 The computer checks the parity of each bit position in parity byte and compares.
 If incorrect parity, then there is an error in the data received.
 The position of the incorrect bit can be determined.

23
Answer of (b)(i):

(b)(ii) Explain how you arrived at your answers for part (b)(i).

 Consider each row in sequence.

 Identify any row with incorrect parity.
 Repeat the process for each column in sequence.
 Identify where a row and column with incorrect parity intersect.

24
Question 3:

Answer:

25
Question 4:

Answer:

26
Question 5:

Answer:

27
Question 6:

Answer:

28
Question 7:

29
Answer:

30