DATA SECURITY

Data Security: It is to keep the data safe and prevent if from accidental or
deliberate loss.

Two types of threats to data:

1. Physical / Environmental / Human threats
2. Computer / Program based threats

Physical / Environmental / Human threats

1. Theft: Theft is an act of crime where a computer system, disks, CDs etc are
stolen.
Precaution: Use proper security measures like locks, bolts, security guards,
burglar alarm system, spy cameras (CCTV), entry cards, less number of doors and
gates, magnetic locks, finger print lock systems etc.

2. Fire: Accidental or deliberate fire can damage the computer and all the data in
it.
Precaution: Use fire proof doors and windows, use fire extinguisher and use
smoke detectors / fire alarms.
3. Lightning: Lightning can also cause severe damage to the computer system.
Precaution: Use earth and lightning conductors.
4. Water: Water can also damage the computer and data in it (floods, cyclones
and tsunami)
Precaution: keep the computer system away from water; don’t bring coffee or
tea (liquids) near the computer or the keyboard.
5. Dust: Dust can cause interruptions in data flow as it might jam the connection
ports.
Precaution: Keep the doors closed, and use a vacuum cleaner if possible.
6. Heat: Higher temperature can damage the disks and the computer system.
Precaution: Use an Air conditioner; make sure exhaust fans in the systems work;
7. Electricity: Short circuits, low and high voltages can severely damage the
computer and the disks in it.
Precaution: Use UPS or current stabiliser; circuit breakers

©A IS DA TA S EC UR ITY C OM P UTER SC I ENC E – 2 2 1 0 P age 1 of 6

Computer / Program based threats
1. Theft: people can steal, copy, delete or modify our data. If important data is
lost then we have to face many problems. If personal data is lost or modified,
then it causes many problems. Think of some situations!
Precaution: Use passwords; use User Access Rights like restricted users, read
only users etc.
2. Virus: A virus is a computer program that usually corrupts or destroys our
data. Viruses could do more by hiding, renaming, corrupting files.
Precaution: Use an Antivirus program;
3. Hacking: hacking is unauthorised access to a secure computer, sometimes
using a network connection.
Consequences of hacking:
1. Data can be deleted, modified, copied, hidden etc
2. Personal data can be accessed and that data becomes no more personal
3. Bank account number, credit card number can be stolen
Precaution: Use firewall programs. Use data encryption while transferring data
through a communication link; disconnect systems from network when not in use.

4. Phishing: Using official-looking email to lure (attract) individuals to a fake

website in order to obtain their banking or credit card information for use in
identity theft. The email will ask the recipient to supply confidential
information, such as bank account details, PINs or passwords; these details are
then used by the owners of the website to conduct fraud.
Precaution: use of anti-phishing software

5. Pharming: The fraudulent practice done by a malicious code, directing Internet

users to a fake website that mimics the appearance of a legitimate one, in order to
obtain personal information such as passwords, account numbers, etc.
Precaution: use of anti-pharming software

6. Spyware: A type of software that monitors what you do on your computer

and then relays that information to someone else over the Internet. Some
programs track what kind of Web sites you visit and the results are shared with
advertising agencies.
Keylogger: A spyware that installs a program which records all the key strokes
that are pressed and relays the information to a hacker.
Precaution: use of anti-spyware software; use of virtual keyboard especially to
input usernames and passwords.

7. Cookie: A cookie is a small text file that is stored on a user’s web browser. The
cookie is set by request by a web server to a web browser. A cookie is entirely
‘passive’ and does not contain software programmes, a virus or spyware.
Cookies actually remember the last settings a user chose on the website. This is
©A IS DA TA S EC UR ITY C OM P UTER SC I ENC E – 2 2 1 0 P age 2 of 6
easy as the user need not go to preferences and set preferences on the webpage
again. Cookies are harmless but spyware programs can make use of the
information which cookies contain and raise security issues.

8. Wardriving: The act of locating and using wireless internet connections

illegally; it requires a laptop or a smart phone which is capable of picking up
wireless signals. It is possible for a user’s wireless network to be hacked and user
names and passwords stolen. It is also possible to steal a user’s internet time or
download limit by simply downloading large sized movies or software.
Precaution: use of firewall software; use of strong passwords to protect the wi-fi
router; frequent changing of passwords, use WEP key to secure wireless
connection;

9. Spam: This is sending loads of unacceptable junk mail to e-mail lists,

newsgroups, and so on. Spam is also mostly visible in public chat rooms.

10. Cracking: Cracking is the editing of a program source code so it fulfils a

particular condition. Ex: cracking a software to extend its trial period.

11. DOS attacks: In a (Denial of Service) attack an authorised user is denied of

using certain services. Ex: denied of changing date / time, wallpaper etc.

Firewall: Firewalls can be either software or hardware. It sits between the user's
computer and an external network (e.g. the internet.) and filters information in
and out of the computer.

Tasks carried out by a firewall include:

• examining the 'traffic' between the user's computer (or internal network) and
a public network (e.g. the internet)
• checking whether incoming or outgoing data meets a given set of criteria
• If the data fails the criteria, the firewall will block the 'traffic' and give the user
(or network manager) a warning that there may be a security issue
• logging all incoming and outgoing 'traffic' to be later checked by the user
• Criteria can be set to prevent access to certain undesirable sites; firewall can
keep a list of all undesirable IP addresses
• helping to prevent viruses or hackers entering the user's computer (or internal
network)
• warning the user if some software on their system is trying to access an
external data source (e.g. automatic software upgrade); the user is given the
option of allowing it to go ahead or requesting that such access is denied.

Limits of Firewall:
• It cannot prevent individuals, on internal networks, using their own modems
to bypass the firewall
©A IS DA TA S EC UR ITY C OM P UTER SC I ENC E – 2 2 1 0 P age 3 of 6
• Employee misconduct or carelessness cannot be controlled by firewalls (for
example, control of passwords or use of accounts)
• Users on stand-alone computers can choose to disable the firewall, leaving
their computer open to harmful 'traffic' from the internet.

Proxy Server: Proxy servers act as an intermediary between the user and a web
server
Web browser Web browser
sends request request forwarded
User’s Proxy Web
Computer Server Server
Web server Web server send
response is filtered back response to
proxy server
Functions of proxy server include:
• allowing the internet 'traffic' to be filtered; they can block access to a website
if necessary (similar type or reaction as a firewall)
• by using the feature known as a cache, they can speed up access to
information from a website; when the website is first visited, the home page is
stored on the proxy server; when the user next visits the website, it now goes
through the proxy server cache instead, giving much faster access
• keeping the user's IP address secret — this clearly improves security
• acting as a firewall

Authentication methods
Password: A most common method of verifying user authenticity by comparing
the input username / password with one securely stored in the computer.
Digital Signature: A digital code (generated and authenticated by public key
encryption) which is attached to an electronically transmitted document to
verify its contents and the sender's identity.
Biometrics: Biometrics is the technical term for body measurements and
calculations. It refers to metrics related to human characteristics. Biometrics
authentication is used in computer science as a form of identification and access
control

Encryption: It is the conversion of electronic data into another form, called

cipher text, which cannot be easily understood by anyone except authorized
parties. Basically there are two types of encryption techniques, namely
Symmetric and Asymmetric.

©A IS DA TA S EC UR ITY C OM P UTER SC I ENC E – 2 2 1 0 P age 4 of 6

1. Symmetric Encryption
 Symmetric cryptography uses a single key for encryption and decryption.
 Symmetric cryptography requires that both parties have the key.
 Key distribution is the inherent weakness in symmetric cryptography.

Example of a simple symmetric encryption technique:

PLAIN TEXT CYPHER TEXT PLAIN TEXT

Encrypt L zdqw wr vhqg d Decrypt
I want to send a I want to send a
secret message vhfuhw phvvdjh secret message

Shift each letter

by three positions

KEY

2. Asymmetric Encryption
 Asymmetric encryption uses a pair of keys namely public key, and a
private key to encrypt and decrypt messages when communicating.
 Public key is made available to everybody
 Private key is only known to the server
 Plain text which is encrypted by public key can be decrypted only by a
private key

©A IS DA TA S EC UR ITY C OM P UTER SC I ENC E – 2 2 1 0 P age 5 of 6

Security protocols

1. Secure Sockets Layer (SSL)

Secure Sockets Layer is a type of protocol (a set of rules used by computers to
communicate with each other across a network). This allows data to be sent and
received securely over the internet. When a user logs onto a website, SSL
encrypts the data — only the user's computer and the web server are able to
make sense of what is being transmitted. A user will know if SSL is being applied
when they see the small padlock in the address bar at the top of the screen
along with “https”.
In SSL, each party calculates the secret key individually using random values
known to each side. The parties then send messages encrypted using the secret
key.

Example SSL Handshake:

Stage Client / Browser Server

1 Sends “hello” and requests for SSL
Certificate
Asks the server to choose an
encryption algorithm
2 Replies “hello” and sends SSL
Certificate
Gets a public key from the server Chooses and informs client about
the encryption algorithm
Sends a public key
3 Verifies the SSL certificate by contacting a certificate authority
4 After verification both start sending and receiving encrypted messages using
SSL encryption

2. Transport Layer Security (TLS)

Transport Layer Security is a form of protocol that ensures the security and
privacy of data between devices and users when communicating over the
internet. It is essentially designed to provide encryption, authentication and data
integrity in a more effective way than SSL. When a website and client (user)
communicate over the internet, TLS is designed to prevent a third party hacking
into this communication.
It is made up of a record protocol (contains data being transferred) and a
handshake protocol (contains encryption algorithms for permitting
communication).

Session Caching: It is to establish a new connection or attempt to continue using

an existing connection to avoid wastage of time for a new session.

©A IS DA TA S EC UR ITY C OM P UTER SC I ENC E – 2 2 1 0 P age 6 of 6