INFORMATION TECHNOLOGY

Security and Integrity of Data

The Security and Integrity of Data

The security of data means the protection of data. Security involves protecting data and software from being:

Lost Destroyed Corrupted Modified Disclosed

losing disks, badly named fire or flood, deletion scratches on disk written over, updated by mistake unauthorised access

Possible threats to data security

Hacking means obtaining access to a computer system without authority.

It is now illegal. There are 3 main offences:

Gaining unauthorised access Altering programs and data Gaining access to commit fraud

A computer virus is a program which copies itself without the user intending it to.

They usually affect .exe files, can delete files on a hard disk. Macro viruses affect data in programs such as Word

Ways to protect data

A backup file is a copy of a file which is kept in case anything happens to the original file.

Archive files are kept in long term storage in case they are required.

Can be kept on a floppy or a different hard disk Can be kept on a backup data tape

Back-up systems often use:

Often from a back up data tape

Grandfather Father Son principal

Physical safeguards for data protection

Physical safeguards for data include:

Locking files in a fireproof safe To protect files being overwritten use the write protect tab on disks & tapes Keeping unauthorised people from entering secure areas by using locks and security passes etc.

Other safeguards

Software safeguards include giving users:

A user identity and a password.

Users of this type of system have to log in and log out every time they use it.

Other safeguards include:

Password individual files. Data encryption.

To encrypt data is to encode it so that it is unreadable by anyone else who does not have the key.

Data integrity

The integrity of data means its accuracy and completeness. Data has integrity if it has not been corrupted in any way. Common causes of errors are:

Data is said to be corrupt if errors are introduced into it. Usually the errors have been introduced by faulty equipment.

Mistakes in data capture (faulty sensors etc) Transmission errors (over the internet etc) Transcription errors (transposition of lettres)

Ways of checking data integrity (1)

A check digit is an extra digit added to a number so that, if a number is changed, the error will be detected.

Method

Example: 56037 becomes 560372 Example: 50637 becomes 506376

Starting from the right, multiply the first digit by 1, the second by 2 etc Add the results together Use the last digit of the result and add to end of number.

Ways of checking data integrity (2)

Verification is checking data which has been copied from one place to another to see if that it is still the same. Verification of keyed data may involve rekeying it. Double-entry verification involves 2 people keying in the same data and then comparing the data for anomalies.

Ways of checking data integrity (3)

Validation is checking data before processing to see that it is acceptable for the process and include:

Type checks (e.g. numeric or alphanumeric) Length checks (right number of characters) Range checks (days between 1-31; months 1-12)

Both Databases and spreadsheet programs have methods of validating data input so that obviously incorrect data is not accepted by the software which then warns the user.

EXAM QUESTIONS
1.

2.

3.

Describe how a computer hacker might do more harm than an office burglar. Give two ways of protecting personal data. Why is is a good idea to have at least 6 characters in a password.

EXAM QUESTIONS
4.

Dates are read into a computer in the following format:

DDMMMYY e.g. 15DEC92
a)

b)

Each of the following dates has been rejected by a validation program. State which validation check has been used to discover each error. AUG2166 3JAN71 31SEP72 Produce a comprehensive list of test data to test the data on this program.