info security

Topics: Authentication, Access control, Computer security Pages: 12 (2065 words) Published: April 19, 2014


Student Name:RAIHANA TABASSUM KHAN NATASHA

Student No.:11535347

Subject Code:ITC 595

Subject Name: INFORMATION SECURITY

Assessment No.:02

Lecturer:NECTAR COSTADOPOULOS

Assessment due date: 06/04/14

Date Assessment submitted: 06/04/14

Table of contents:

Contents

Answer 1:
Confidentiality:
Confidentiality refers to the information should be secret for the person except the authorized person. If information is confidential attacks cannot steal or copy the information. Confidentiality is much more valuable in passwords and cryptographic keys. It is a shield contrary to unapproved person. Hacking is a failure of confidentiality. In 2013 LivingSocial stated that their system was hacked which was an unauthorized access. This affected more than fifty millions of their users. User name, email, password, date of birth everything were stolen. This was a failure of confidentiality.(Scmagazine.com,2014) Integrity:

Integrity mainly refers to the honesty, source, and inclusiveness of information and also it blocks wrong and unauthorized alteration of information. It maintains and makes sure that the information is accurate and constant. It has to be same from the source to the recipient. As an example, the source code of software can be altered to open the security holes on users end before releasing to the open. (Cs.uic.edu,2014) Availability:

Availability is information being available when an authorized person has requested the information. As an example we can mention Denial of service (DOS), where the person who is attacking tries to block out the authorized person from using the system totally or nearly being unusable. Normally he overflows the system with unusable information because a system can process definite number of request. If the system is overflowed it can’t process the authorized persons request and it will eventually go into liquidation rejecting access to authorized person.

Answer 2:

Computer security failure is a lot frequent now a day. Recently there was a major hack in target in New York. The hackers stole bank card data from about forty million accounts. There was a lack of adequate protection in terms of security. They did not have the rational and the correct ways to guard the information. The hackers have the all the customer information who shopped between 27th of November to 15th of December, to make a duplicate card. They even encrypted the PIN when it was hacked. The hackers retrieved to the point of sale data which is actually refer to the easiest penetration. They managed to get to terminals where the customer was swiping the card with their information. The situation could be minimized if it was caught earlier but it was about 2 weeks when they realized of the hacking which can be an example of lack of effectiveness. (Gregory Wallace, 2013, p. xx-xx)

Answer 3.
Asynchronous I/O gives the permission to continue process before finishing the transmission. It does not provide full memory protection for transfers. A base register is mainly a variable fence register. Only a starting address (lower bound) is delivered by fence register. But an upper bound can specify how much area in given and in checking overflows in prohibited space. For this reason a second register is added which is called bound. Each program address has to be above the base and below the bound register so that the addresses are in the space between base and bound register. This prohibits alteration by other users. (Pfleeger, 1997) The problems with asynchronous I/O can be solved by bringing in another pair of base and bound register. (Pfleeger, 1997) Paging is equal sized pieces of a program. Paging do not need to unite to the things on a page, so there is no method to institute that values on a page should be protected at the same level. To eradicate the drawback paging and segmentation could be...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Handling Security And Ethical Issues IT Essay
  • Atm Security Essay
  • Essay on Case Study Mobile Device Security
  • Network Security Fundamental Essay
  • Security Risk Associated with Mobile Devices Essay
  • A Brief Discussion of Current Information Security Threats on Facebook Essay
  • Cmgt 400 Week 2 Common Information Security Threats Essay
  • Theats to Information Security Essay

Become a StudyMode Member

Sign Up - It's Free