Security, privacy, and data integrity
Data integrity: a requirement for data to be accurate and up to date
Data privacy: a requirement for data to be available only to authorized users
Data protection law: a law that relates to data privacy
Data security: a requirement for data to be available for use when needed, ensures that only
authorized users have access to the system and data can be recovered if lost or corrupted.
Threats to the security of a computer system and of
the data stored in it
The threats to the security of a system include the following types:
• individual user not taking appropriate care
• internal mismanagement
• natural disasters
• unauthorized intrusion into the system by an individual
• malicious software entering the system.
Malware: malicious software that has the intention of causing harm to a system or its contents
Types of malware
The various types of malware-containing program code are:
• virus: tries to replicate itself inside other executable code
• worm: runs independently and transfers itself to other network hosts
• logic bomb: stays inactive until some condition is met
• Trojan horse: replaces all or part of a previously useful program
• spyware: collects information and transmits it to another system
• Bot: takes control of another computer and uses it to launch attacks.
Malware can also be classified in terms of the activity involved:
• phishing: sending an email or electronic message from an apparently legitimate source
requesting confidential information
• pharming: setting up a bogus website which appears to be a legitimate site
• key logger: recording keyboard usage by the legitimate user of the system.
User authentication
Even if a PC is used by only one person there should be a user account set up. User accounts
are, of course, essential for a multi-user (timesharing) system. The main security feature
of a user account is the authentication of the user.
Firewall: hardware or software that monitors and controls network traffic
The primary defense to malware entering a system through a network connection is to
install a firewall. Ideally a firewall will be a hardware device that acts like a security gate at
an international airport. Nothing is allowed through without it being inspected. Alternatively,
a firewall can run as software.
Recovering from data loss
In addition to problems arising from malicious activity there are a variety of reasons for
accidental loss of data:
• a disk or tape gets corrupted
• a disk or tape is destroyed
• the system crashes
• the file is erased or overwritten by mistake
• the location of the file is forgotten.
Authorization: definition of a user’s access rights to system components
Validation: a check that data entered is of the correct type and format; it does not guarantee that data
is accurate
Verification: confirmation of data received by a system