Professional Documents
Culture Documents
Data Security:
It protects data against data loss/corruption.
It is to keep the data safe from accidental or malicious damage/loss.
Why data needs to be kept secure (importance of data security):
(i) Data:
The computer system needs protecting to stop people for example, installing malware or
damaging the system.
1
Ways/measures to keep data secure:
1. Biometric authentication
2. Two-step authentication
3. Install/run a firewall/proxy to monitor remote access requests
4. Encryption
5. Different access rights for different users
6. Up to date Anti-malware/Anti-virus software
7. Up to date Anti-spyware software
8. Username and strong password
9. Digital signatures
10. Data backup
11. Disk-mirroring
12. Physical methods (e.g. CCTV, locked rooms, security guards etc.)
Authentication:
It is the process of determining whether somebody/something is who/what they claim to be.
It is frequently done through log on passwords/biometrics.
Since passwords can be stolen/cracked, digital certification is used.
It helps to prevent unauthorized access to data.
Authentication Methods/Techniques:
2
2) Biometrics:
The images of fingerprints are compared against previously scanned fingerprints stored in a
database.
The system compares patterns of ‘ridges’ and ‘valleys’ of a finger which are fairly unique.
If they match, then access is allowed; otherwise denied.
(ii) Retina scanner:
It uses infra-red to scan the unique pattern of blood vessels in the retina (at the back of the
eye).
It requires a person to stay still for 10 to 15 seconds while the scan takes place.
It is very secure since nobody has yet found a way to duplicate the blood vessels patterns.
If the blood vessel patterns match, then access is allowed; otherwise denied
3) Two-step verification:
The two-step verification allows user to sign in to their account in two steps using their
password and device (phone).
The additional data such as a pin code is sent to a device that is pre-set by the user so it is
difficult for hacker to obtain that specific device and therefore the pin code.
Moreover, the data (pin code) has to be entered into the same system so if attempted from
a different location, it will not be accepted.
3
Security measures along with their description:
1) User accounts:
Password can be guessed if weak and can also be stolen. Therefore, a password does not prevent
unauthorized access, but instead it just makes it more difficult.
2) Access rights:
Additional information:
The firewall sits between the user’s computer and an external network (such as the internet)
and filters information in and out of the computer.
The firewall can be a hardware interface which is located somewhere between the computer
(or internal network external link) and the internet connection. In these cases, it is often
referred to as a gateway.
Alternatively, the firewall can be software installed on a computer, sometimes as part of the
operating system.
However, sometimes the firewall cannot prevent potential harmful traffic as it cannot:
Prevent individuals, on internal networks, using their own modems to by-pass the firewall.
Control employee misconduct or carelessness (for example, control of passwords or user
accounts).
Prevent users on stand-alone computers from disabling the firewall.
4
4) Encryption of data:
Encryption simply makes data incomprehensible (without decryption key/algorithm) and hackers
can still access the data and corrupt it, change it or delete it.
The data is turned into cipher text and encoded using an encryption key/algorithm.
It is used so that data cannot be understood if intercepted without the decryption key.
5) Digital Signatures:
6) Authentication Methods/Techniques:
Usernames and Passwords, Biometrics (fingerprint recognition, retina scanner) and Two-step
verification should be used to help prevent unauthorized access.
8) Anti-spyware software:
9) Data backup:
5
10) Disk-mirroring:
11) Auditing:
Logging all actions/changes to the system in order to identify any unauthorized use.
12) Application Security:
CCTV cameras and alarms should be installed and used for surveillance.
The doors of rooms (with sensitive data) should be locked.
Security guards should be employed for protection of areas (with sensitive data).
These methods will alert and detect unauthorized access near the place of computer system.
6
Threats to computer and data security:
1) Hacking:
Description:
Effects:
Prevention:
2) Malware:
There are several forms of malware as described below:
(i) Viruses:
Description:
Effects:
Prevention:
7
Examples of when a virus checker (anti-virus software) should perform a check:
It checks for boot sector viruses when machine is first turned on.
It checks for viruses when an external storage device is connected.
It checks a file/web page for viruses when it accessed/downloaded.
Different ways through which a malware/virus could be introduced to a computer system or
a website/network:
1. A hacker hacked the computer/network and downloaded the malware onto the
computer/network.
2. The user clicked on a link or attachment from an email or web page and the malware could
be embedded into the link or attachment.
3. The user downloaded a file from an email or web page and the malware could be embedded
into the file.
4. The user opened an infected software package which triggered the malware to download
onto the computer/network.
5. The user inserted an infected portable storage device which downloaded the malware onto
the computer/network.
6. The firewalls were turned off and so the malware was not detected when it was entering the
computer/network.
7. The anti-malware was turned off and so the malware was not detected when virus containing
files were downloaded.
(ii) Worms:
It is a type of stand-alone virus that can replicate themselves with the intention of spreading
to other computers.
They often use networks to search out computers with weak security.
(iii) Logic bombs:
It is a code embedded in a program on a computer.
When certain conditions are met (such as a specific date) they are activated to carry out tasks
such as deleting files or sending data to a hacker.
The legitimate looking emails often use large companies, such as well-known banks, to try to
convince customers that the email is authentic.
10
4) Pharming:
Description:
It is a malicious code/software installed on a user’s hard drive in computer or on the actual
web server.
This code redirects the user to a fake/bogus website without their consent/knowledge to steal
and obtain user data (e.g. personal or financial information of user).
Why does pharming pose a threat to data security?
Pharming redirects users to a fake or malicious website set up by, for example, a hacker.
Redirection from a legitimate website can be done using DNS cache poisoning.
Every time a user types in a URL, their web browser contacts the DNS server.
The IP address of the website is then sent back to their web browser.
However, DNS cache poisoning changes the real IP address values to those of the fake
website consequently, the user’s computer connects to the fake website.
Effects:
1. The creator of the code can gain personal data such as bank account numbers from users
when they visit the fake website.
2. This can lead to fraud or identity theft.
Prevention:
1. It can be prevented by using antivirus software, which can detect unauthorized alterations to
a website address and warn the user.
2. It can be prevented by using anti-spyware software as some of them can identify and remove
the pharming code from the hard drive.
3. It can be prevented by using modern web browsers that alert users to pharming and phishing
attacks.
4. It can be prevented by trusting and using only secure websites (e.g. those with https protocol
or those having a green padlock sign next to the website URL).
5. It can be prevented by checking and confirming that the URL exactly matches the intended
site.
6. It can be prevented if the user is alert and he/she looks out for clues that they are being
redirected to another website.
Similarities & differences between phishing and pharming:
Similarities:
1. Both are designed to steal personal data.
2. They both pose as a real company/person.
Differences:
1. Pharming uses malicious code installed on hard drive whereas Phishing is in form of an email.
2. Phishing requires user to follow a link/open an attachment.
11
Data Recovery:
This section covers the potential impact on data caused by:
1. accidental mal-operation
2. hardware malfunction
3. software malfunction on a computer system
In each case, the method of data recovery and safeguards to minimize the risk are considered:
In all cases, the backing up of data regularly (automatically and/or manually at the end of the
day) onto another medium (such as cloud storage, or removable HDD) is key to data recovery.
The back-up should be stored in a separate location in case of, for example, a fire or an office
break-in.
Somebody should be given the role of carrying out back-ups, to ensure it is always done.
Backing up data may not be a suitable method of recovery in the case of a virus infection, as
the backed up data may contain strands of the virus which could re-infect the ‘cleaned’
computer.
12
6.2 Data Integrity
Data Integrity:
It is ensuring the consistency/accuracy of the data.
It is to make sure that the data received is correct and same as the data sent.
Two of the methods used to ensure data integrity are:
1. Validation
2. Verification
1. Validation:
It checks whether the data entered is reasonable/sensible and meets given criteria.
It cannot check if data is correct or accurate.
It is used at the input stage.
Note: Validation can only prevent incorrect data if there is an attempt to input data that is of the
wrong type, in the wrong format or out of range.
Data validation is implemented by software associated with a data entry interface.
Examples of validation:
There are a number of different types of check that can be made. Typical examples are:
1. Range check
2. Format check
3. Length check
4. Presence check
5. Existence check
6. Type check
7. Limit check
8. Consistency check
9. Uniqueness check
13
The following table summarizes the concepts of all kinds of data validation checks:
14
2. Verification:
1. Double entry
2. Visual checks
3. Check digit
1. Checksums
2. Parity check
3. Automatic repeat request (ARQ)
1) Double Entry:
2) Visual Check:
3) Check Digit:
15
The check digit can catch errors including:
Modulo-11:
The following algorithm is used to generate the check digit for a number with seven digits:
1. Each digit in the number is given a weighting of 7, 6, 5, 4, 3, 2 or 1, starting from the left.
2. The digit is multiplied by its weighting and then each value is added to make a total.
3. The total is divided by 11 and the remainder subtracted from 11.
4. The check digit is the value generated; note if the check digit is 10 then X is used.
When this number is entered, the check digit is recalculated and, if the same value is not
generated, an error has occurred.
For example, if 4 1 5 7 6 1 0 4 was entered, the check digit generated would be 3, indicating
an error.
16
Description of ways of maintaining data integrity during the transmission stage:
1) Checksum:
We will assume the checksum of a block of data is 1 byte in length. This gives a maximum value of
28 – 1 (i.e. 255). The value 0000 0000 is ignored in this calculation.
If the sum of all the bytes in the transmitted block of data is <=
255, then the checksum is this value. However, if the sum of all
the bytes in the data block > 255, then the checksum is found
using the simple algorithm shown below:
Example:
Suppose the value of X is 1185, so we get:
X = 1185
1185/256 = 4.629
Rounding to nearest whole number gives Y = 4
Z = Y x 256
Z = 4 x 256 = 1024
X – Z = 1185 – 1024 = 161
Checksum = 161
17
2) Parity Check:
Example: 10010111 has parity bit set to 1 in MSB since system uses odd parity
(original data: 0010111 which has four 1 bits)
It uses error detection method (e.g. parity check or check sum) to detect errors in individual
packets.
It uses an acknowledgment and timeout.
It sends a negative acknowledgement if an error has occurred.
It uses timeouts to detect missing packets.
If an error is detected, then a request is automatically sent to resend data.
Resend request is repeatedly sent until data is received correctly or limit is reached.
Why the data in the system may not be correct even after validating and verifying the data:
18
Tips for Exam Style Questions of Parity Checking in Registers:
1) Systems that use EVEN PARITY have an even number of 1- bits; systems that use ODD PARITY
have an odd number of 1-bits.
2) If it is given in a question that even parity is used and an incomplete register like below is given,
you need to count the number of 1’s to see if they are even or odd. If they are even already, then
simply add 0’s in the blank space. If 1’s are odd, then you need to balance and write 1’s until the
total number of 1’s become even.
3) Similarly, if it is given in a question that odd parity is used and an incomplete register is given,
you need to count the number of 1’s to see if they are even or odd. If they are odd already, then
simply add 0’s in the blank space. If 1’s are even, then you need to balance and write 1’s until the
total number of 1’s become odd.
4) If the examiner gives you a complete register filled with 8 bits, and tells you that even parity
is used, asking you to identify if the data was transmitted correctly. You simply need to count
the number of 1’s in the register and check if they are even. If they are even then data was
transmitted correctly and if they are odd then it was corrupted during transmission.
5) Similarly, if the examiner gives you a complete register filled with 8 bits, and tells you that odd
parity is used, asking you to identify if the data was transmitted correctly. You simply need to
count the number of 1’s in the register and check if they are odd. If they are odd then data was
transmitted correctly and if they are even then it was corrupted during transmission.
19
Tips for Exam Style Questions of Parity Checking in Parity Blocks:
In this method, a block of data is sent and the number of 1-bits are totalled horizontally and vertically
(in other words, a parity check is done in both horizontal and vertical directions).
As the following example shows, this method not only identifies that an error has occurred but also
indicates where the error is.
20
ii) How did you arrive to your answer in part (i)? (2) *The corrupted bit has been encircled
as well for you to understand (though
Column 6 has odd number of 1’s (7 ones).
it is not the requirement of this
Byte 7 has odd number of 1’s (3 ones).
question) *
1. Error will not be detected if there are multiple errors in same byte that still produce the same
parity bit.
2. It will not be detected if an even/odd number of digits are changed (depending upon
even/odd parity used).
3. It will not be detected if a transposition error has occurred.
21
Exam Style Questions:
Question 1:
(i) Describe how a parity block check can identify a bit that has been corrupted during
transmission.
(ii) Give a situation where a parity block check cannot identify corrupted bits
There are errors in an even number of bits (could cancel each other out).
22
Question 2:
(a)(i) Describe how the data logger calculates the parity bit for each of the bytes in the data
block.
It counts the number of one bits in the first seven bit positions.
It adds a 0 or 1 to bit position 0, to make the count of one bits an odd number.
(a)(ii) State the two missing parity bits labelled A and B.
A=1
B=1
(a)(iii) Describe how the computer uses the parity byte to perform a further check on the
received data bytes.
23
Answer of (b)(i):
(b)(ii) Explain how you arrived at your answers for part (b)(i).
24
Question 3:
Answer:
25
Question 4:
Answer:
26
Question 5:
Answer:
27
Question 6:
Answer:
28
Question 7:
29
Answer:
30