Page 140 - DCOM509_ADVANCED_AUDITING
P. 140

Unit 8: Auditing in Computerized Environment




          members of a group and others.  Thus in UNIX environment,  those working on a  common  Notes
          project could be assigned to the same group and can share access each other’s file. More generally,
          the system administrator decides who goes into which group. Further, for each of these three
          types of users, the system also keeps track of three sorts of permissions: read, write and execute.


                 Example: If one possesses a read permission for a file, one can use commands that read
          a file without altering it. Write permission allows one to alter a file and one could edit or delete
          a file. Similarly, execute permission lets one run a file containing a programme.

          8.3.2 Relational Database Management System (RDBMS) Controls

          There are no controls available in simple database management systems such as dBase, FoxPro
          and MS Access. However relational database systems such as Oracle and Sybase provide for
          different types of controls, the integrity of these is dependent on controls in any application
          programs that process transactions against database. In RDBMS, database is distributed and may
          be accessed by different users simultaneously. As such, an important part of RDBMS is to allow
          different users of database to share the same data source, for which it allows certain concurrency
          and access controls measures.
          RDBMS also allows existence controls, which restore the data in the event of a local or global
          loss due to application programme error, system software error, procedural error, hardware
          failure or environmental  failure. Apart from this, file-handling controls in RDBMS prevent
          accidental destruction of data contained on a  storage media. These controls are exercised by
          hardware, software and operators, who mount and dismount storage media used for database.
          RDBMS also allows for creation of audit trails, which maintain chronology of events (such as
          creation, modifications, deletions and retrievals) that occur either to database or to database
          definitions.

          8.3.3 Application Software Controls

          Apart from the above, access controls can also be created in application software for identification
          and authentication by users and generation and authentication of exception reports, audit trails
          etc. Other identification or access controls are use of plastic cards, Personal Identification Number
          (PIN) and now biometrics too. As regards input controls, check  digits, batch totals/controls,
          data coding errors, data validation controls can also be built into application software. One can
          also have various type of processing controls such as  real memory  controls (controls over
          memory to detect and correct errors that occur in memory cells and protect areas of memory
          assigned to a program from illegal access by another programme), operating system integrity
          controls  (such threats may be  accidental or deliberate causing  system  to  crash or  process
          erroneously).

          Self Assessment


          Fill in the blanks:
          6.   The vulnerabilities in IT arise as creation and authentication of financial transactions on
               computer systems is done…………………………………...

          7.   The  principle of  least privilege  means that  every  individual  is  given  access to  the
               ………………………… information strictly on the need to know basis.
          8.   The most common type of single user operating system is …………………………………..






                                           LOVELY PROFESSIONAL UNIVERSITY                                   135
   135   136   137   138   139   140   141   142   143   144   145