COPPERBELT UNIVERSITY

SCHOOL OF INFORMATION AND COMMUNICATION

TECHNOLOGY

CS120
Data Control and Security
Introduction

Security and control have become a critical, although perhaps unappreciated, area of
information systems investment. When computer systems fail to run or work as required,
firms that depend heavily on computers experience a serious loss of business function.
The longer computer systems are down, the more serious the consequences for the firm.
Some firms relying on computers to process their critical business transactions might
experience a total loss of business function if they lose computer capability for more than
a few days. And with so much business now dependent on the Internet and networked
systems, firms are more vulnerable than ever to disruption and harm. Security incidents
have been growing at a phenomenal rate.

For example, in 2003 corporate networks and home computer systems were overwhelmed
by attacks from the SoBig.F worm. SoBig.F disguises itself in e-mail, which, once
opened, scans a computer for e-mail addresses and then sends scores of messages to the
addresses it has collected using its own built-in sending program. SoBig.F caused
millions of dollars in damage in the United States, temporarily disabling freight and
computer traffic in Washington, D.C., and overwhelming computer systems with the
sheer volume of e-mail.

Companies have very valuable information assets to protect. Systems often house
confidential information about individuals’ taxes, financial assets, medical records, and
job performance reviews. They also may contain information on corporate operations,
including trade secrets, new product development plans, and marketing strategies.
Government systems may store information on weapons systems, intelligence operations,
and military targets. These information assets have tremendous value, and the
repercussions can be devastating if they are lost, destroyed, or placed in the wrong hands.

Protection of information resources requires a well-designed set of controls. Computer

systems are controlled by a combination of general controls and application controls.
General controls govern the design, security, and use of computer programs and the
security of data files in general throughout the organization’s information technology
infrastructure. On the whole, general controls apply to all computerized applications and
consist of a combination of hardware, software, and manual procedures that create an
 2

overall control environment. Application controls are specific controls unique to each
computerized application, such as payroll or order processing. They consist of controls
applied from the business functional area of a particular system and from programmed
procedures.

GENERAL CONTROLS

General controls include software controls, physical hardware controls, computer

operation controls, data security controls, controls over the systems implementation
process. The following table describes each type of control:

Type of General Control Description

Software controls Monitor the use of system software and prevent
unauthorized access of software programs, system
software, and computer programs. System software
is an important control area because it performs
overall control functions for the programs that
directly process data and data files.
Hardware controls Ensure that computer hardware is physically secure
and check for equipment malfunction. Computer
equipment should be specially protected against fires
and extremes of temperature and humidity.
Organizations that are dependent on their computers
also must make provisions for backup or continued
operation to maintain constant service.
Computer operations controls Oversee the work of the computer department to
ensure that programmed procedures are consistently
and correctly applied to the storage and processing of
data. They include controls over the setup of
computer processing jobs and computer operations
and backup and recovery procedures for processing
that ends abnormally.
Data security controls Ensure that valuable business data files on either disk
or tape are not subject to unauthorized access,
change, or destruction while they are in use or in
storage.
Implementation controls Audit the systems development process at various
points to ensure that the process is properly controlled
and managed. The systems development audit looks
for the presence of formal reviews by users and
management at various stages of development; the
level of user involvement at each stage of
implementation; and the use of a formal cost-benefit
methodology in establishing system feasibility. The
audit should look for the use of controls and quality
assurance techniques for program development,

2
 3

conversion, and testing and for complete and

thorough system, user, and operations documentation.

APPLICATION CONTROLS

Application controls include both automated and manual procedures that ensure that only
authorized data are completely and accurately processed by that application. Application
controls can be classified as

1. input controls
2. processing controls, and
3. output controls.

Input controls check data for accuracy and completeness when they enter the system.
There are specific input controls for input authorization, data conversion, data editing,
and error handling. Processing controls establish that data are complete and accurate
during updating. Run control totals, computer matching, and programmed edit checks
are used as processing controls. Output controls ensure that the results of computer
processing are accurate, complete, and properly distributed. The following table provides
more detailed examples of each type of application control:

3
 4

Name of Control Type of Application Description

Control
Control totals Input, processing Totals established beforehand for
input and processing transactions.
These totals can range from a
simple document count to totals for
quantity fields, such as total sales
amount (for a batch of
transactions). Computer programs
count the totals from transactions
input or processed.
Edit checks Input Programmed routines that can be
performed to edit input data for
errors before they are processed.
Transactions that do not meet edit
criteria are rejected. For example,
data might be checked to make sure
they are in the right format (for
instance, a nine-digit social security
number should not contain any
alphanumeric characters).
Computer matching Input, processing Matches input data with
information held on master or
suspense files and notes unmatched
items for investigation. For
example, a matching program might
match employee time cards with a
payroll master file and report
missing or duplicate time cards.
Run control totals Processing, output Balance the total of transactions
processed with total number of
transactions input or output.
Report distribution logs Output Documentation specifying that
authorized recipients have received
their reports, cheques, or other
critical documents.

NOTE
Not all of the application controls discussed here are used in every information system.
Some systems require more of these controls than others, depending on the importance of
the data and the nature of the application.

Control, therefore, applies throughout the process of data processing. One important
aspect of control is the control of data to prevent its loss, misuse or disclosure. This type
of control is called “data security”.

4
 5

DATA CONTROL

Data to be processed by the computer must be presented to it in machine-sensible form.

Therein lies the basic problem since much data originates in a form which is far from
machine sensible. Thus a painful error-prone process of transcription must be undergone
before the data is suitable for input to the computer.

INPUT CONTROLS

Murphy’s Law: ‘If something can go wrong, it will go wrong.’

Input designs are aimed at reducing the chance of mistakes or errors during data entry.
However, the analyst must always assume that errors will occur.

The term given to methods aimed at detecting errors in input is input validation. Three
main categories of these methods are concerned with:

1. Checking the transaction;

2. Checking the transaction data; and
3. Changing or modifying the transaction data.

CHECKING THE TRANSACTION

First and foremost, it is essential to identify any transactions that are not valid, that is, not
acceptable. Transactions can be invalid because they are incomplete, unauthorized, or
even out of order.

TRANSACTION VALIDATION

Transaction validation is the examination of input from, especially, a remote site to

determine if it is acceptable for processing on the system. A transaction can be new data
to be stored in the system, data to update an existing record, or a request to retrieve data
(print a report or display answers to an inquiry) from the system. Users may sometimes
submit invalid or unacceptable transactions for processing. It is the responsibility of the
analyst to specify validation procedures that test the acceptability of a transaction.

The steps the system takes to ensure that the transaction is acceptable are called
transaction validation. The system must verify that it is capable of processing the
request. For example, if a user enters a request to retrieve sales data while using a
personnel system, the transaction is invalid. However, unless the system is designed to
detect that this is an invalid request, refuse to process it, and alert the user through an
error message, the system could crash. Crashing occurs when the program attempts to
process a request that it has not anticipated, that is, an undefined operation. Unless the
design specifies how to handle undefined operations, all processing will stop and the

5
 6

system will have to be restarted (with the likelihood that there will be loss of data in
memory at the time the system crashed). Transaction validation is performed in
conjunction with user identification procedures. Several different levels of user
identification are needed to fully protect a system from accidental loss of data and
unauthorized use.

As the user signs onto the system, the first level of identification takes place. This is
done by provision of an individual password that uniquely identifies them or a general
password that all authorized users should know. (The general password is changed
periodically by supervisors to protect against unauthorized users who accidentally learn
it.) In some systems, it is also necessary to provide an approved account number against
which usage costs are to be charged.

Even if an authorized user is signed onto the system and attempting to submit a
transaction the system is able to process, the combination of user and transaction may not
be valid. In other words, systems analysts can specify additional levels of protection that
require individuals to prove they have authorization. Analysts sometimes design systems
so that the user is automatically signed off if an invalid request is made. However, this is
an extreme action, since honest mistakes in keying (typing errors) will occur. A better
approach is allowing individuals to reenter the password a second or third time and, if
still incorrect, to then terminate processing.

The process of checking the transaction has the following parts:

1. Ensuring the transaction is valid;

2. Ensuring the data are valid; and
3. Ensuring the data are not invalid due to error.

SEQUENCE TEST

Sequence tests use codes in the data (serial numbers) to test for either of two different
conditions depending on the characteristics of the application. In some systems, the order
of transactions is important. For example, when processing bank cheque deposits and
withdrawals, it is important to ensure that each is processed in the order in which it
arrived. If a series of withdrawals is mistakenly processed before a deposit that actually
occurred first, the customer could be penalized for overdrawing the account when in fact
that did not actually happen.

Sequence tests also point out missing items. Cheque numbers are used to identify every
cheque. When reconciling an account at the end of a month or quarter, it is usual to sort
the cheques into order based on cheque numbers.

COMPLETENESS TEST

Point-of-sale (POS) systems in retail centers are oriented to automatically performing

completeness tests. Many POS terminals use systems of lights that instruct the operators

6
 7

what to do next. The light under the key for transaction type lights up first. Until a valid
transaction code (such as sale, void, or credit) is entered, nothing else can happen; the
keyboard locks. Following entry of a valid transaction code, the operator is guided
through the transaction by a system of lights under the keys that shows which key to
depress next.

Completeness tests are one more way of validating the transaction to ensure that it is
accurate and acceptable.

CHECKING THE TRANSACTION DATA

Even valid transactions can contain invalid data. Therefore, analysts should be sure to
specify methods for validating the data when developing input procedures. There are
four data validation methods. These are:

1. Existence tests;
2. Limit and Range tests;
3. Combination test; and
4. Duplicate processing.

EXISTENCE TEST

Some data fields in transactions are designed to not be left empty or blank. Existence
tests examine those essential fields to determine that they contain data. In a file
maintenance processing program, for example, some items, for instance a key field,
should always exist, as should a code indicating the type of transaction (add, delete, or
change).

It is the responsibility of the analyst, working with the users, to learn when data items
must be present and when their absence is acceptable. This information belongs in the
design specification and should be passed along to the programmers.

LIMIT AND RANGE TESTS

These tests verify the reasonableness of the transaction. They can also be used to verify
the result of processing. Limit tests validate either the minimum or maximum amount
acceptable for an item. Range tests validate both minimum and maximum values.

In most banks, tellers must notify a bank officer before completing a cash transaction in
excess of a certain amount. Analysts working on the design of banking systems must
build the maximum amount figure foe cash transactions into their specifications. When
unauthorized transactions occur, the system should note the exception and reject the
invalid transactions.
Sometimes both upper and lower limits are important.
COMBINATION TEST

7
 8

Combination tests validate that several data items jointly have acceptable values; that is,
the value for one element of data determines whether other data values are correct.

Example
An ordering system for the motor car industry should note that a customer order for a car
with factory air-conditioning must also specify other options, such as heavy-duty battery,
an oversize radiator, etc. All must be ordered in combination with each other.

DUPLICATE PROCESSING

In especially sensitive areas, it may be necessary to process data more than once, either
on different equipment or in different ways. The results are then compared for agreement
and accuracy.

In the United States Space programme, which relies heavily on computers for course and
direction control, multiple computers process the same data and compare results.
Duplicate processing ensures utmost accuracy. (If there is disagreement, there are also
specific procedures used to resolve the difference).

CHANGING OR MODIFYING THE TRANSACTION DATA

A third way of validating data involves modifying the data themselves. Two methods
are:

1. Automatic correction of errors; and

2. Self-checking digits on key fields.

AUTOMATIC CORRECTION OF ERRORS

Sometimes analysts specify that programs be written to correct errors in the data. This
input validation method is used to minimize the number of separate error correction steps
or rejections of transactions during processing. This method simply requires the program
to detect an error and make the correction automatically.

Example
Data entry personnel keying data into, say, a six-digit numeric field can enter only three
digits. Yet the entire field must contain numbers. (A blank is not a number). Rather
than have the program reject the transaction because of missing leading zeros (i.e. zeros
in the unused positions at the beginning of a data field), it can be designed to insert them
automatically. There is no need to insert trailing zeros automatically.

CHECK DIGITS ON KEY FIELDS

Two of the most common errors in handling data occur with data that are captured
correctly but entered incorrectly into processing. These are:

8
 9

1. Transcription errors; and

2. Transposition errors.

Transcription errors occur if data are inadvertently copied incorrectly by the data entry
person. E.g. A customer number of 24589 is transcribed incorrectly if it is entered as
24587. With transposition errors two or more digits are reversed so that their positions
in the data are incorrect. E.g. entering 24598 instead of 24589.

A special method devised to help detect these errors during computer processing is called
the check digit method. This method adds an additional digit to a data element being
used for identification purposes. The check digit is added to the original number before
that number goes into use. To use check digits with four-digit customer numbers, the
check digit is computed and added to the customer number, making it a five-digit
number, before it is assigned to any customer.

ILLUSTRATION
Suppose we have a system of four-digit customer numbers and want to assign check
digits. The original customer number is 2458. Let’s use modular division to
develop the check digit (10 mod 5 = 0, 11 mod 5 = 1, etc.). We select 11 as the
divisor, a commonly used one for this method, hence the name Modulus 11 check
method.

First we assign weights to each digit, starting from the low order (right) position in the
data, using values 2 through 10 (starting over again with 2 if we run out of digits), and
moving to the left. The following shows weights of 2, 3, 4, and 5 under each digit in our
customer number 2458.

Customer Number: 2 4 5 8
Weights: 5 4 3 2
Multiply numbers by weights 10 16 15 16
Sum results: 10+16+15+16 = 57
Divide by modulus number: 57 mod 11 = 2
Subtract remainder from modulus number: 11 – 2 = 9
Add check digit to original number: 24589

Thus the number 9 is the check digit and becomes a permanent part of the customer
number when the number is assigned.

TRANSPOSITION ERRORS
When the data are entered for processing (batch or directly in an online system), the
program reads the first four digits of the customer number, 2453. The modulus 11
process is carried out. The result of multiplying and adding the digits is 47. 47 mod 11 =
3 which when subtracted from 11 produces a check digit of 8. When the program
compares the value 8 with the original digit of 9, it will find that they do not match and
can produce an error message.

9
 10

Although check digits add an additional number to the data they improve the quality of
data entering the system by helping to eliminate transposition and transcription errors.

AUDITING

Users often have a tendency to trust systems more than they should, to the extent that
they frequently believe the results produced through a computer-based information
system without sufficient skepticism. Therefore, the need to ensure that adequate
controls are included in the system is an essential step in the selection of software.
Auditors must have the ability to validate reports and output and to test the authenticity
and accuracy of data and information.

Specific audit and control procedures of interest include these abilities:

1. Trace a transaction through each processing step by having the capability to

examine intermediate data values produced during processing.
2. Print selected records and transactions in the system that meet certain criteria
(such as a highly active account or a high-balance account) to validate the
accuracy and authenticity of both transactions and results.
3. Maintain a constant balance in the system when financial matters are involved and
report whether the system is in balance.
4. Produce a detailed journal of all transactions and the effect of the transactions on
account balances or master file records.
5. Provide sufficient controls on input, such as batch and transaction controls and
counts.

AUDIT TRAIL

In online systems, unlike batch environments, there may not be copies of input source
documents to fall back on if the system fails during processing. It is also possible for
online users to sign onto a system, alter data stored in the files, and sign off again,
without leaving a visible clue as to what happened. Unless the systems analyst develops
an audit trail, no such protection exists in online and distributed systems.

An audit trail is designed to permit tracing of any input record or process performed on a
system back to its original source. One way of accomplishing this is by automatically
maintaining a transaction log. The details of each transaction are recorded in a separate
transaction file on the system. Before and after images can provide information on how
the record was changed. The storage of these details is automatic and invisible to the
user, about whom information should also be stored so that it is clear who conducted the
transaction. If the system has an internal clock, each transaction is also time-stamped to
tell when it occurred. If the need arises to audit a particular record in a file, it is relatively
easy to determine who submitted the transaction, when it occurred, what data the
transaction contained, and how the database or master file record was modified. In other
words, there is a complete trail of the entire transaction and its effect on the system.

10
 11

Another form of audit trail presumes that storing transaction data on magnetic disk is not
fully reliable. For example, in some small business systems, if the system is turned off,
perhaps through a power failure, before the data captured on disk during an editing
session has been backed up, it will be lost completely. (Some computer systems use disk
systems in which the read-write heads drop down to the disk surface when the power is
turned off. In these systems, users must remove the disk before powering down or they
will lose data.)

Printing a copy of the transaction before processing it is one of the best ways to protect
against data loss. Then, if anything happens during the online session, a backup copy of
the master file can be mounted and the transaction reentered by using the printed
transaction list.

Users a long distance away have no way of knowing when a malfunction occurs. As long
as they can continue to enter transactions, they have every reason to believe that the
system is operating correctly. Therefore, the systems analyst must anticipate these
problems for safeguarding the integrity of a system by providing ways to audit its use.

FILE CONTROL AND ON-LINE SECURITY

File control is to ensure suitable storage and to limit access to the files. Files are labeled
and stored in a library when not in use. Entry to this library is controlled so that
unauthorized persons cannot gain access to the files held.

In any configuration involving terminals, procedures are needed to ensure that access to
the system is gained for legitimate purposes only. Passwords or some equivalent should
be used to restrict access to the system or parts of it. Dedicated terminals may be used
where only certain facilities are needed by the persons who use these terminals. Further
control is provided by logging all terminal usage. Possible attempts to use the system
illegally can be highlighted by a review of the log together with an exception report on
invalid use. At the data file level, write-protect facilities provide yet another layer of
control.

OUTPUT CONTROLS

The major concerns in this area are dissemination of output and the verification of the
necessary relationships between input and output. Systems should exist, therefore, to
ensure that output is distributed to authorized persons only, and that the data contained in
that output have been reconciled with the various controls established over input and
files.

FILE CONTROLS

As the whole file is passed in each processing run in sequential-file processing, it is

comparatively simple to compute file controls by counting the number of records on the
file and summing key fields. These totals can then be compared against totals calculated

11
 12

from the total of transactions input plus the total of the file at the end of the previous
processing run. These ‘run-to-run’ controls afford a very high degree of file integrity,
particularly when used in conjunction with a grandfather-father-son method of file
version retention.

With direct access files it is uneconomical to read through the entire file after each
updating run to sum the key fields. So only the records updated are included in the
addition, and the assumption is made that the other records have not changed. Every so
often the file must be checked by a complete pass through it to ensure the actual sum of
the fields equals the calculated sum. This is normally done each time the file is backed
up, when it must be read in its entirety.

SECURITY

Security may be defined simply as “protection against attack or failure”.

Computer-based systems are designed to perform particular functions or provide

particular services: any loss of security may result in the inability or failure to do these
things in the way intended.

Data security is the protection of data. In some situations, data security will be concerned
with preventing the loss of data eg. in the file security method used during updates. In
other situations, data security will be concerned with preventing the misuse or unwanted
modification of data eg. due to access by unauthorized persons. A third situation is the
prevention of disclosure of data to unauthorized persons eg. where the data is important
to national security.

Various measures can be taken to ensure all three types of security. The following are
some common methods.

1. The use of backup copies of tapes or disks eg. in conjunction with generations of
files.
2. Physical prevention eg.

(a) Write permit rings (security tag holes on diskettes and magnetic tape which
can be covered by tape which are used when there is a need to stop recorded
data being accidentally lost).
(b) Restricting the access of personnel.
(c) Keeping data under lock and key.

3. The use of passwords to prevent unauthorized use of computer terminals or

unauthorized access to online files.
4. Constant checks of security.

12
 13

Computer security focuses on the security attacks, security mechanisms and security
services.
 Security attacks are the reasons for breach of security. Security attacks comprise
of all actions that breaches the computer security.
 Security mechanisms are the tools that include the algorithms, protocols or
devices, that are designed to detect, prevent, or recover from a security attack.
 Security services are the services that are provided by a system for a specific kind
of protection to the system resources.

The purpose of computer security is to provide reliable security services in the

environments suffering security attacks, by using security mechanisms. The security
services use one or more security mechanism(s).

SECURITY THREAT AND SECURITY ATTACK

A threat is a potential violation of security and causes harm. A threat can be a malicious
program, a natural disaster or a thief. Vulnerability is a weakness of system that is left
unprotected. Systems that are vulnerable are exposed to threats. Threat is a possible
danger that might exploit vulnerability; the actions that cause it to occur are the security
attacks. For example, if we leave the house lock open—it is vulnerable to theft; an
intruder in our locality (might exploit the open lock)—is a security threat; the intruder
comes to know of the open lock and gets inside the house. This is a security attack. A
security attack may be a passive attack or an active attack.
 The aim of a passive attack is to get information from the system but it does not
affect the system resources. Passive attacks are similar to eavesdropping. Passive
attacks may analyze the traffic to find the nature of communication that is taking
place, or, release the contents of the message to a person other than the intended
receiver of the message. Passive attacks are difficult to detect because they do not
involve any alteration of the data. Thus, the emphasis in dealing with passive
attacks is on prevention rather than detection.
 An active attack tries to alter the system resources or affect its operations. Active
attack may modify the data or create a false data. An active attack may be a
masquerade (an entity pretends to be someone else), replay (capture events and
replay them), modification of messages, and denial of service. Active attacks are
difficult to prevent. However, an attempt is made to detect an active attack and
recover from them.

Attacks on users could be to the identity of user and to the privacy of user. Identity
attacks result in someone else acting on your behalf by using personal information like
password, PIN number in an ATM, credit card number, social security number etc.
Attacks on the privacy of user involve tracking of users’ habits and actions—the website
user visits, the buying habit of the user etc. Cookies and spam mails are used for
attacking the privacy of users.

13
 14

 Attacks on computer hardware could be due to a natural calamity like floods or

earthquakes; due to power related problems like power fluctuations etc.; or by
destructive actions of a burglar.
 Software attacks harm the data stored in the computer. Software attacks may be
due to malicious software, or, due to hacking. Malicious software or malware is a
software code included into the system with a purpose to harm the system.
Hacking is intruding into another computer or network to perform an illegal act.

MALICIOUS SOFTWARE
Malicious users use different methods to break into the systems. The software that is
intentionally included into a system with the intention to harm the system is called
malicious software. Viruses, Trojan horse, and Worms are examples of malicious
programs. Javascripts and Java applets written with the purpose of attacking are also
malicious programs.
Virus
Virus is a software program that is destructive in nature. Virus programs have the
following properties:
 It can attach itself to other healthy programs.
 It can replicate itself and thus can spread across a network.
 It is difficult to trace a virus after it has spread across a network.

Viruses harm the computer in many ways—

 Corrupt or delete data or files on the computer,
 Change the functionality of software applications,
 Use e-mail program to spread itself to other computers,
 Erase everything on the hard disk, or,
 Degrade performance of the system by utilizing resources such as memory or disk
space.

Virus infects an executable file or program. The virus executes when a program infected
with virus is executed or you start a computer from a disk that has infected system files.
Once a virus is active, it loads into the computer’s memory and may save itself to the
hard drive or copies itself to applications or system files on the disk.
However, viruses cannot infect write protected disks or infect written documents. Viruses
do not infect an already compressed file. Viruses also do not infect computer hardware;
they only infect software.
Viruses are most easily spread by attachments in e-mail messages. Viruses also spread
through download on the Internet.

Worms
Worm is self-replicating software that uses network and security holes to replicate itself.
A copy of the worm scans the network for another machine that has a specific security
hole. It copies itself to the new machine using the security hole, and then starts

14
 15

replicating from there, as well. A worm is however different from a virus. A worm does
not modify a program like a virus; it however replicates so much that it consumes the
resources of the computer and makes it slow.

Trojan horse
Trojan horse is destructive programs that masquerade as useful programs. The name
“Trojan horse” is given because of the Greek soldiers who reached the city of Troy by
hiding themselves inside a large wooden horse. The people of the city of Troy themselves
pulled the horse inside their city, unaware of the fact that the Greek soldiers were hiding
inside the horse. Similarly, users install Trojan horses thinking that it will serve a useful
purpose such as a game or provide entertainment. However, Trojan horses contain
programs that corrupt the data or damage the files. Trojan horses can corrupt software
applications. They can also damage files and can contain viruses that destroy and corrupt
data and programs. Trojan horse does not replicate themselves like viruses.

Javascripts, Java Applets and ActiveX Controls

Applets (Java programs), and ActiveX controls are used with Microsoft technology,
which can be inserted in a Web page and are downloaded on the client browser for
execution. Applets and ActiveX controls are generally used to provide added
functionality such as sound and animation. However, these programs when designed with
a malicious intention can be disastrous for the client machine. Java Applets have strong
security checks that define what an applet can do and what it cannot. ActiveX controls do
not have such security checks. Normally, ActiveX controls must be kept disabled while
working on the Internet.
JavaScript is a scripting language generally nested within HTML code. The client-side
scripts on a HTML page execute inside the Web browser on the client computer.
JavaScript codes can be used to transfer files, send e-mails and write to local files. If used
with a maligned intention, the scripts can be dangerous for the client machine.

SECURITY MEASURES: SYSTEM AND FILE ACCESS CONTROLS

CONTROLLED ACCESS TO THE SYSTEM

Most computer crimes can be prevented by denying access to the system to all who
should not have access. There are two widely used mechanisms for controlling access to
computer systems:

 Identification codes and

 Passwords

The first way is to have each user appropriately authorized to access the computer or
network in question. This involves assigning users unique ID, or identification, coeds
that they must use to access the network. The second control mechanism is to issue each
user a password.

15
 16

With these controls in place, in order to access a computer system a user must have a
valid ID and a password. The password can be suitably encrypted within the computer
system so that the user alone creates his/her unique password. As an additional measure
of security, users should change their passwords frequently and make sure that the
password is not something tat can easily be guessed.

To use such a system, you are first prompted for a user ID. If the ID is accepted, you are
then prompted for a password. If it matches the recorded password for the ID, then you
are allowed access to the system. If the password does not match, you are either
disconnected or prompted again for the correct password. Usually, after a limited
number of unsuccessful tries, the unauthorized user will be locked off the system.

CONTROLLED ACCESS TO FILES

The second step in creating a secure system is to control access to the files of data
themselves. Combinations of passwords and access rights are usually used. Access
rights provide that only the creator (owner) of a given file or certain restricted classes of
users may read it or write to it.

DATA ENCRYPTION

A final security technique is to use data encryption, in which data is processed with a
secret key to render it unintelligible except to the receiver of the file who holds the
necessary key to de-encrypt the data. Such a scheme is regularly used in military or
banking telecommunications environments. This encryption/de-encryption process can
be done with either hardware or software, but it can substantially slow the rate of data
transfer due to the additional encrypting and de-encrypting task. This technique not only
shields the data from unauthorized users, but also carries with it a measure of control of
the integrity of the data: if encrypted data has been tampered with, then the de-encrypting
process will fail.

SECURITY SERVICES
The security services provide specific kind of protection to system resources. Security
services ensure Confidentiality, Integrity, Authentication, and Non- Repudiation of data
or message stored on the computer, or when transmitted over the network. Additionally,
it provides assurance for access control and availability of resources to its authorized
users.
 Confidentiality — the confidentiality aspect specifies availability of information
to only authorized users. In other words, it is the protection of data from
unauthorized disclosure. It requires ensuring the privacy of data stored on a server
or transmitted via a network, from being intercepted or stolen by unauthorized
users. Data encryption stores or transmits data, in a form that unauthorized users
cannot understand. Data encryption is used for ensuring confidentiality.

16
 17

 Integrity — it assures that the received data is exactly as sent by the sender, i.e.
the data has not been modified, duplicated, reordered, inserted or deleted before
reaching the intended recipient. The data received is the one actually sent and is
not modified in transit.

 Authentication — Authentication is the process of ensuring and confirming the

identity of the user before revealing any information to the user. Authentication
provides confidence in the identity of the user or the entity connected. It also
assures that the source of the received data is as claimed. Authentication is
facilitated by the use of username and password, smart cards, biometric methods
like retina scanning and fingerprints.

 Non-Repudiation prevents either sender or receiver from denying a transmitted

message. For a message that is transmitted, proofs are available that the message
was sent by the alleged sender and the message was received by the intended
recipient. For example, if a sender places an order for a certain product to be
purchased in a particular quantity, the receiver knows that it came from a
specified sender. Non-repudiation deals with signatures.

 Access Control — it is the prevention of unauthorized use of a resource. This

specifies the users who can have access to the resource, and what are the users
permitted to do once access is allowed.

 Availability — it assures that the data and resources requested by authorized

users are available to them when requested.

17