INFORMATION TECHNOLOGY

Security and Integrity of Data

The Security and Integrity of Data

The security of data means the protection of data.

Security involves protecting data and software from being: Lost losing disks, badly named Destroyed fire or flood, deletion Corrupted scratches on disk Modified written over, updated by mistake Disclosed unauthorised access

Possible threats to data security

Hacking means obtaining access to a computer system without authority. It is now illegal. There are 3 main offences:

Gaining unauthorised access Altering programs and data Gaining access to commit fraud

A computer virus is a program which copies itself without the user intending it to.

They usually affect .exe files, can delete files on a hard disk.

Macro viruses affect data in programs such as Word

Ways to protect data

A backup file is a copy of a file which is kept in case anything happens to the original file. Can be kept on a floppy or a different hard disk Can be kept on a backup data tape

Archive files are kept in long term storage in case they are required. Often from a back up data tape

Back-up systems often use: Grandfather – Father – Son principal

Physical safeguards for data protection

Physical safeguards for data include: Locking files in a fireproof safe To protect files being overwritten use

the write protect tab on disks & tapes Keeping unauthorised people from

entering secure areas by using locks and security passes etc.

Other safeguards

Software safeguards include giving users: A user identity and a password.

Users of this type of system have to log in and log out every time they use it.

Other safeguards include: Password individual files. Data encryption.

To encrypt data is to encode it so that it is unreadable by anyone else who does not have the ‘key’.

Data integrity The integrity of data means its accuracy

and completeness. Data has integrity if it has not been corrupted in any way. Common causes of errors are: Mistakes in data capture (faulty sensors etc) Transmission errors (over the internet etc) Transcription errors (transposition of lettres)

Data is said to be corrupt if errors are introduced into it. Usually the errors have been introduced by faulty equipment.

Ways of checking data integrity (1)

A check digit is an extra digit added to a number so that, if a number is changed, the error will be detected. Method

Starting from the right, multiply the first digit by 1, the second by 2 etc

Add the results together Use the last digit of the result and add to end of

number. Example: 56037 becomes 560372 Example: 50637 becomes 506376

Ways of checking data integrity (2)

Verification is checking data which has been copied from one place to another to see if that it is still the same.

Verification of keyed data may involve re-keying it.

Double-entry verification involves 2 people keying in the same data and then comparing the data for anomalies.

Ways of checking data integrity (3)

Validation is checking data before processing to see that it is acceptable for the process and include: Type checks (e.g. numeric or alphanumeric) Length checks (right number of characters) Range checks (days between 1-31; months 1-12)

Both Databases and spreadsheet programs have methods of validating data input so that obviously incorrect data is not accepted by the software which then warns the user.

EXAM QUESTIONS

1. Describe how a computer hacker might do more harm than an office burglar.

2. Give two ways of protecting personal data.

3. Why is is a good idea to have at least 6 characters in a password.

EXAM QUESTIONS

4. Dates are read into a computer in the following format:

DDMMMYY e.g. 15DEC92a) Each of the following dates has been rejected

by a validation program. State which validation check has been used to discover each error.

AUG21663JAN7131SEP72

b) Produce a comprehensive list of test data to test the data on this program.