Embedded Files
Security, Privacy and Data Integrity
1.6.1 — Data security
1.6.2 — Data integrity
1.6.1 Data security
1.6.1 Data security
- Explain the difference between the terms security, privacy and integrity of data
- Show appreciation of the need for both the security of data and the security of the computer system
System security
System security
System security is needed to protect the system and its data from the event of being lost.
Threats to system security
Threats to system security
- internal mismanagement
- unauthorised intrusion into the system
- malicious software entering the system
- natural disasters
Data security
Data security
A requirement for data to be recoverable if lost or corrupted.
Data privacy
Data privacy
A requirement for data to be available only to authorised users.
Data integrity
Data integrity
A requirement for data to be accurate and up to date.
- Describe security measures designed to protect computer systems, ranging from the stand-alone PC to a network of computers
- Describe security measures designed to protect the security of data
Protecting Systems
Protecting Systems
Methods that helps to protect the computer from any unauthorised code or software that is a potential threat to the system.
User accounts
User accounts
- each user has an ID and confidential password for login
- can restrict the privileges of a user, preventing them from gaining admin rights
- whitelist files to only users with rights of access
Firewall
Firewall
- a set of programs that protects a private network from users of other networks
- located at the network gateway
Other authentication methods
Other authentication methods
Passwords
Passwords
- a string of characters that allows access
- a larger, unpredictable set of characters reduces the chance of decryption
Digital signatures
Digital signatures
- an encrypted key that can be mathematically decoded to determine if the sender is genuine
- can only be decoded with the correct recipient key
Protecting Data
Protecting Data
Data backup
Data backup
The most common types of backup are full backup, incremental backup and differential backup.
- backups are stored as archives in a separate disk
Full backup
Full backup
- a complete backup of every file on storage
Incremental backup
Incremental backup
- a backup of only the files that have been changed since the last backup
Differential backup
Differential backup
- similar to incremental, but keeps each revision of backup
Disk-mirroring
Disk-mirroring
- data is duplicated by being written to two or more identical hard drives
- these are connected to one disk controller card acting as an interface to the system
- if one hard drive fails, the data can be retrieved from the other mirrored hard drives
Encryption
Encryption
- encoding a message or information so only individuals with the correct authority can access it
- the message will be incomprehensible and appears meaningless without a key
Authorisation
Authorisation
- the access rights of an individual to data
- Show awareness of what kind of errors can occur and what can be done about them
Possible errors
Possible errors
Data in a system may become corrupted during processing.
Error on input
Error on input
- data is incorrectly keyed in; data may be lost or repeated
Program errors
Program errors
- may corrupt files that only become prevalent later on
Viruses
Viruses
- data may be corrupted or deleted if a virus infects the storage
Transmission errors
Transmission errors
- interference may misplace bits causing data to incorrectly received
1.6.2 Data integrity
1.6.2 Data integrity
- Describe error detection and correction measures designed to protect the integrity of data
Verification
Verification
Checks that the data entered is accurate.
Data entry
Data entry
- comparing entered data with original data to check if it is correct
- e.g: entering a new password twice
Data transfer
Data transfer
- needed as errors may occur when transmitting data from one point to another
Parity check
Parity check
Not 100% fail-safe; if the parity is incorrect and the count of 1s matches the incorrect parity then the transmission succeeds without being notified of an error.
- sender and receiver decide on either odd or even parity
- the total number of 1s should either be an odd or even number
Checksum check
Checksum check
The checksum is a number that is decided between the sender and receiver to check whether a message has been correctly sent.
- data is sent as a group of bytes rather than a single byte at a time
- each of the blocks are added together to produce a sum
- a divisor is determined between the sender and receiver
- when the sum is divided by the divisor, the remainder becomes the checksum
- if the calculated checksum at the end is different from the originally agreed value, then an error has occurred
Validation
Validation
Checks that the data entered is sensible.
- although the input may be of the correct data type, validation does not check whether the data entered is accurate
Types of check
Types of check
Presence check
Presence check
- checks that the input field is not left blank
Type check
Type check
- checks that the input is the correct data type
- e.g: a telephone number can only accept digits
Format check
Format check
- checks whether the data is entered in the correct format
- e.g: date is in DD/MM/YYYY
Length check
Length check
- checks that the number of input characters does not exceed a limit
- e.g: a telephone number has a maximum of 10 digits
Range check
Range check
- checks whether the data is within the correct range of values
- e.g: the date of a month cannot exceed 12 or be lower than 1
Google Sites
Report abuse