Security, privacy, and data integrity

Data integrity: a requirement for data to be accurate and up to date

Data privacy: a requirement for data to be available only to authorized users

Data protection law: a law that relates to data privacy

Data security: a requirement for data to be available for use when needed, ensures that only

authorized users have access to the system and data can be recovered if lost or corrupted.

Threats to the security of a computer system and of

the data stored in it

The threats to the security of a system include the following types:

individual user not taking appropriate care

internal mismanagement

natural disasters

unauthorized intrusion into the system by an individual

malicious software entering the system.

Malware: malicious software that has the intention of causing harm to a system or its contents

Types of malware

The various types of malware-containing program code are:

virus: tries to replicate itself inside other executable code

worm: runs independently and transfers itself to other network hosts

logic bomb: stays inactive until some condition is met

Trojan horse: replaces all or part of a previously useful program

spyware: collects information and transmits it to another system

Bot: takes control of another computer and uses it to launch attacks.

Malware can also be classified in terms of the activity involved:

phishing: sending an email or electronic message from an apparently legitimate source

requesting confidential information

pharming: setting up a bogus website which appears to be a legitimate site

key logger: recording keyboard usage by the legitimate user of the system.

User authentication

Even if a PC is used by only one person there should be a user account set up. User accounts

are, of course, essential for a multi-user (timesharing) system. The main security feature

of a user account is the authentication of the user.

Firewall: hardware or software that monitors and controls network traffic

The primary defense to malware entering a system through a network connection is to

install a firewall. Ideally a firewall will be a hardware device that acts like a security gate at

an international airport. Nothing is allowed through without it being inspected. Alternatively,

a firewall can run as software.

Recovering from data loss

In addition to problems arising from malicious activity there are a variety of reasons for

accidental loss of data:

a disk or tape gets corrupted

a disk or tape is destroyed

the system crashes

the file is erased or overwritten by mistake

the location of the file is forgotten.

Authorization: definition of a user’s access rights to system components

Validation: a check that data entered is of the correct type and format; it does not guarantee that data

is accurate

Verification: confirmation of data received by a system