Presentation is loading. Please wait.

Presentation is loading. Please wait.

ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data”

Similar presentations


Presentation on theme: "ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data”"— Presentation transcript:

1 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data” These include: Natural hazards such as fire, floods, hurricanes or earthquakes Deliberate corruption or destruction of data by malicious or terrorist acts Illegal access to data by ‘hackers’ Accidental destruction of data by hardware failure or program or operator error

2 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 2 Keeping Data secure No unauthorised access to secure areas, such as computer operations rooms, by means of machine-readable cards. Use of passwords to gain access from terminals Educating staff to be aware of possible breaches of security Appointing a security manager and using special software which can monitor all terminal activity. Using special monitoring software: Such software can enable the security manager to see. It will also record statistics such as number of logins at each terminal, hours of login time It will even log the security manager’s activities.

3 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 3 Keeping Data Secure Measures to counteract these risks include the following Careful vetting of prospective employee Removal of employees who have been sacked or resign, and cancellation of all passwords Separation of duties Trying to ensure that it would take the collusion of two or more employees to be able to defraud the company

4 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 4 Password Protection Most password schemes use tables to store the current password for each authorized user. These tables will be stored on disk and will be backed up along with other vital system. For this reason password lists should not be stored in plain form but should be encrypted.

5 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 5 User IDs and Password Each user in an organization who is permitted to access a company computer system is issued with a user id and a password. Common rules issued by companies regarding passwords include the following. Passwords must be at least 6 characters Password display must be automatically suppressed on screen or printed output Files containing passwords must be encrypted. All users must ensure that their password is kept confidential not written down, not made up of easily guessed words and changed regularly.

6 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 6 Communications security Telecommunication system are vulnerable to hackers who discover a user id and password and can gain entry to a networked computer system from their own computer. One way of preventing this is to use a call back procedure

7 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 7 Data Encryption To stop people looking at the data that is held in a file or that is being transmitted from one place to another it is common to use some form of encryption. This basically means performing some kind of transformation on the data so that cannot be read by another person. An example of encryption of the message 'THE ANSWER WAS ATOM BOMB' might be to write the message on a 8 x 3 grid: by reading down the columns instead of across the rows the message becomes TETHROE*M*W*AABNSOS*MWAB THE*ANSW ER*WAS*A TOM*BOMB

8 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 8 Security Measures Access rights users see only what they need Biometric security measures Iris recognition Disaster planning Periodic backups Recovery procedures contingency plan

9 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 9 Access Rights Authorized users do not normally have the right to see all the data held on a company computer system. In a hospital, for example, receptionists may have right to view and change some patient details such as name, address and appointments but may not access the patient’s medical records. Access rights to a particular set of data could typically be set to Read-only Read/write No Access

10 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 10 Access Right None –User may not know of the existence of the file –User is not allowed to read the user directory that includes the file Knowledge –User can only determine that the file exists and who its owner is Execution –The user can load and execute a program but cannot copy it Reading –The user can read the file for any purpose, including copying and execution Appending –The user can add data to the file but cannot modify or delete any of the file’s contents

11 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 11 Access Right Updating –The user can modify, deleted, and add to the file’s data. This includes creating the file, rewriting it, and removing all or part of the data Changing protection –User can change access rights granted to other users Deletion –User can delete the file Owners –Has all rights previously listed –May grant rights to others using the following classes of users Specific user User groups All for public files

12 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 12 Biometric Security measure Biometric methods of identifying an authorized user include Finger recognition Voice recognition Face recognition Such system uses an infra-red scanner to capture the unique pattern of blood vessels under the skin Benefit: In this way passwords are not effective if people use them unproperly

13 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 13 Disaster Planning Fire, flood, lightning, hurricanes, bombs,... hardware failure - eg hard drive head crash software failure - resource problems or bugs in the system deliberate hacking accidental altering of data eg by inexperienced employees. networks may go down preventing communication. Precaution: Companies need to make sure that in their computer systems there are adequate disaster recovery procedures.

14 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 14 Phases of Disaster Planning Before risk analysis, preventive measures staff training. During what response should staff make when the disaster occurs. After recovery measures Hardware can be easily (possible expensively!) replaced. Software can be re-installed. (or de-bugged by the programming department). The real problem is the data. No business can afford to lose its data.

15 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 15 Periodic Backups The most common technique used to ensure that data is not lost is to make periodic backups, by copying files regularly and keeping them is a safe place. Weakness in backups: Updates to a file since the last backup lost System may need shut down during backup operations Backup of large files can be time consuming Failure occurs,recovery from the backup can be even more time consuming. Benefits: Files which may have become fragmented by additions and deletions can be reorganized to occupy contiguous space which is much faster. Safe storage of backup copies

16 ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 16 Recovery Procedures A contingency plan needs to be developed to allow rapid recovery from major disruptions. In additions to file back-up procedures, it is necessary to: Identify alternative compatible equipment and security facilities, which provides replacement equipment when needed. This may include putting up temporary office space. Have provision for alternative communication links


Download ppt "ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data”"

Similar presentations


Ads by Google