We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 35
Information Security
Course supervisor: Athar Ali
Information Security Foundations Information security refers to the processes and methods designed to protect information from unauthorized access, use, disclosure, disruption, modification, or destruction. It's crucial for ensuring the confidentiality, integrity, and availability (CIA) of data. Example: Imagine a library. The books (information) need to be protected: 1. Confidentiality: Only authorized people can read certain books. 2. Integrity: Data and Information Integrity refers to the accuracy, consistency, and reliability of data and information over its lifecycle. Each book's title, author, ISBN, availability status, and location in the library must be accurately recorded. If data integrity is compromised (e.g., if a book's status shows as "available" when it is actually checked out), this could cause confusion and inefficiency for both librarians and patrons. 3. Availability: The books are always accessible when someone needs to read them. Security Design Principles: Security design principles are strategies used when building systems to make them secure from the beginning. These principles ensure systems are robust against attacks and can withstand potential threats. Security Design Principles: Key Principles: 1. Least Privilege: Give users only the access they need. o Example: A receptionist only has access to appointment scheduling software, not financial records. 2. Defense in Depth: Use multiple layers of security. o Example: A bank has locks on the doors (physical security), guards (personnel security), and an alarm system (technology security). 3. Fail-Safe Defaults: Deny access by default, unless explicitly allowed. o Example: A security system locks the doors automatically when no one is inside. 4. Economy of Mechanism: Keep the design simple to minimize errors. o Example: A password system only requires input of the password, not complex steps. Why we need to protect data • Keeping data safe is extremely important for a number of reasons. It may be personal data that you want to keep within your family or your close friends, or commercial data, such as passwords and bank account details, which need to be kept safe to protect your money. Threats Data and Information Integrity • Data and Information Integrity refers to the accuracy, consistency, and reliability of data and information over its lifecycle. Maintaining data integrity means ensuring that data is complete, unaltered, and free from errors, whether it’s stored in a database, transmitted over a network, or processed by applications. High data integrity is essential for making reliable decisions, as compromised data can lead to incorrect conclusions or ineffective actions. Data and Information Integrity and its Relation to Error Detection Methods
• Error detection methods play a key role in maintaining data integrity.
These methods help identify errors that might have occurred during data entry, storage, or transmission, thus allowing for correction and preserving data accuracy. Error detection and correction methods • When data is transmitted, there is always a risk that it may be corrupted, lost or even gained. The need to check for errors • Errors can occur during data transmission due to: » interference (all types of cable can suffer from electrical interference, which can cause data to be corrupted or even lost) » problems during packet switching (this can lead to data loss – or it is even possible to gain data!) » skewing of data (this occurs during parallel data transmission and can cause data corruption if the bits arrive out of synchronisation). Basics of Data representation • In order to understand data security we need to understand some basics of how the data is represented internally in the computer. [a quick revision of number systems] Methods for error checking • There are a number of ways data can be checked for errors following • transmission: • » parity checks • » checksum • » echo check. • » ARQ Parity bit • Parity checking is one method used to check whether data has been changed or • corrupted following data transmission. This method is based on the number of 1-bits in a byte of data. Types of Parity bit
Before data is transferred, an agreement is made between
sender and receiver regarding which type of parity is being used. Parity checks are therefore being used as a type of transmission protocol. Sending end: • There are a number of ways data can be checked for errors following • transmission: • » parity checks • » checksum • » echo check. • » ARQ Receiving end: Activity: Limitations of Parity bit: If two of the bits change value following data transmission, it may be impossible to locate the error using parity checking. Let us imagine we are transmitting the following byte, using even parity. Checksum One of the limitations of parity bit is that it can detect one bit of error. This limitation is overcome by checksum.