This website uses cookies to ensure you have the best experience. Learn more

Data Security Essay

8305 words - 34 pages

I. -------------------------------------------------
Chapter 2: Context and Background
n this chapter, we introduce the main concepts related to the problem we are addressing, in order to provide the casual reader with the necessary background information for this dissertation. As the title of this thesis is “Analysis of Security and QoS in Network with time constraints”, it is clear that our work requires a deep understanding of three main topics: security, Quality of Service (QoS) and network applications with time constraints. These three fundamental topics will be addressed in this chapter.
2.1. Security
In today's business environment, users demand seamless connectivity and ...view middle of the document...

Protecting confidentiality involves implementing procedures and measures to prevent malicious and accidental disclosure of information to unauthorized readers. This means that the computer system must:
* prevent users from reading confidential information (unless permitted),
* and prevent authorized users from disclosing secret information to other unauthorized users.

The term “information” must be taken in the widest sense: it covers not only the data itself, but also the flow of information and knowledge of the existence of data or communications. Ensuring the confidentiality of a system is a complex task. We must analyze all the paths that information in a particular system can take to ensure they are secure.

Attacks against confidentiality are attempts to obtain information that must be protected, despite the means of protection and security measures. For example, passive eavesdropping involves accessing data transmitted over a communication channel (such as, a cable network) or stored on a vulnerable storage medium (external drives, for example). Such eavesdropping may, under certain circumstances, allow access to sensitive information, such as the password of a user typing on a terminal connected to a central computer and transmitting clear text between the terminal and the machine. We also see that this attack can be particularly difficult to identify a posteriori, given the total absence of traces left in the system [Abouelkalam 2003a]. Integrity
Integrity is the property that refers to ensuring that information is unaltered. It is the assurance that information remains intact, correct, and authentic. Protecting the integrity involves preventing and detecting unauthorized creation, modification, or destruction of information [Cole et al. 2005]. To protect the integrity of information, we must also prevent incorrect modification by authorized user or process.

To protect data integrity, it is important to implement some mechanisms to perform two important functions: the first is to detect changes of information; and the second is to control access to information (by managing access rights for programs and users).
An example of a malicious attack against the integrity is user intervention to modify a communication between two other users. Another example is of an accidental damage of information integrity caused by the modification of data when it is transmitted through unreliable wireless communication media. Clearly, the protection of information integrity from both accidental or malicious alteration is a must for the proper functioning of information technology. Availability
Availability refers to ensuring that authorized users can access and work with information assets, resources, and systems when needed and with the required response and performance. This means that the computer system must:
* provide access to information so that authorized users can read or...

Other assignments on Data Security

Database Security Essay

281 words - 2 pages run its day to day activities smoothly. * It is a deliberate effort to protect an organization data against threats such as accidental or intentional loss destruction or misuse. * Threats Of DataBase Security * Loss of availability * Elevated Privileges * Weak Audit Trial * Data corruption, Network flooding and Resource overload * Weak System and Procedures for performing authentication * Intrusion

The Internet Essay

989 words - 4 pages identifiable information, and identity theft grow. Business partners, suppliers, and vendors are requiring it from one another, particularly when providing mutual network and information access. Networked efforts to steal competitive intelligence and engage in extortion are becoming more prevalent and widespread. Security breaches and data disclosure increasingly arise from criminal behavior motivated by financial gain. As additional evidence of

Ethical Issues Arising From The Intersection Of Law, Compliance & Investigations

417 words - 2 pages Act of 1987 (PL 100-235) and Computer Matching and Privacy Act which deals with securing of personal information that are stored in federal computer systems. This law is responsible for planning of security standards for protecting data against theft. Resolving Ethical issues It is the responsibility of security professionals to follow ethical codes and conducts for providing maximum security to an organization. These security professionals

Jimmer Paper

624 words - 3 pages Sebastian Ramirez, Ch 8, OPTION B 1. As my particular small company, I will share with you our currently business model, and a vendor we have chosen to outsource our computer security to. My small business is a pizza shop where all my financial and product data are stored on a ERM system. Our system is largely monitored by myself, and the two managers I have employed at the business. I have chosen to outsource our computer security has it

Computer Security & Privacy - Tjx

620 words - 3 pages / card invalidated / expiring the spending power, Financial Institutions –re-issue the cards for those customers whose information was compromised, Store Associates –change their credentials for system access, Vendors, Merchandisers - Modify the information shared due to mutual network and Richel Owen, CSO- design long and short term strategy to address the security breach issue. Intruders utilized the data stolen to produce bogus credit/debit cards

Database Management Chapter 2

416 words - 2 pages 1. Besides redundancy, what other problems are associated with the nondatabase approach to processing data? Another problem with the nondatabase approach is accessing related data. In order to access data that is related to one another, you would have to open multiple spreadsheets, nondatabase systems also have way less security features than a database system. 2. What is a relationship? A one to many relationship? A relationship is an

Cyber Security In Business

1513 words - 7 pages . Cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction. Although each of the terms above are very specific in their security objectives, all three have a central theme, the protection of valuable information; data. Regardless of how the data is stored, why it is stored, where it is stored, or for how long it is stored, the protection of data is paramount and a


319 words - 2 pages company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. * Workstation Domain Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the

Is3230 Unit 2 Assignment 1

307 words - 2 pages the Corp Techs IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could be exploited to violate system security policy. Implement Strong access Control Measures: Access control allows Corp Tech to permit or deny the use of physical or technical means to access Corp Techs data. Access will be granted on a business need to know basis. Antivirus software is also needed to make sure

Security Plan Outline For Richman Investments

501 words - 3 pages Security Plan Outline for Richman Investments User Domain • Restrict access to data and applications that is not required for employee to do their job. • Review and Revise user conduct and security polices every six months. • Conduct annual security training seminars with system users and staff. Conducting annual security training for the user in the user domain will cover the Acceptable Use Policy (AUP) for which users will be informed

Secutiry Threats

452 words - 2 pages Security Threats Computer security is no longer just an organization’s concern but everyone’s who uses their computer to access the internet. Anyone who uses their personal computer to access the internet faces potential security threat. This document will identify all the potential security threats on a personal computer and some techniques an attacker might employ to access information on the file system. Security threats can be broadly

Similar Documents

Network Engineer Essay

301 words - 2 pages in the wrong hands because my company could get sued for not having the proper security for their systems. All of the customers equipment is locked up separated and segregated from our internal network. We hire a third party to do security audit to help keep up with the security precautions. IT Asset Description | Seven Domains of Typical IT | Privacy Data Impact | Assessment[Critical-Major-Minor] | User Passwords | Workstation Domain | User

Document Essay

315 words - 2 pages 1) Information security is specific to securing information systems security of the systems that house the information? True 2) Software manufacturers limit their liability when selling software using which of the following? A. End user licensing agreements. (EULA) 3) The ______ tenet of information systems security is concerned with the recovery time objective. 4) Encrypting data on storage devices or hard drives is a main

Security Policy Essay

304 words - 2 pages were the starting point for Smith Systems Consulting to design a security strategy to best fit Riordan Manufacturing. The existing security policy consists of location-based data access to on-site servers and on-site access to Unix servers for ERP and MRP systems. Also, it was evident that there are a number of servers and data to be accessed from different operating systems that are deployed throughout the locations. The management of the

Principles Of Information Security Essay

953 words - 4 pages assessment. B. EXTERNAL THREATS External threats arise from the transmission of data outside of the institution, as well as attempts to penetrate the bank’s security system by outside parties, such as computer hackers. External threats also include damage to data caused by outside forces, such as a fire or flood. Therefore, in review for external threats, you should: List the reasons and ways in which personal data is transmitted out of the