Page 39 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 39

Unit 3: Building Blocks of Information Security




          3.2.4 Integrity                                                                       Notes

          Integrity means that information is protected against unauthorized changes that are not detectable
          to authorized users; many incidents of hacking compromise the integrity of databases and other
          resources. Integrity is discussed in detail in next section.

          3.2.5 Accuracy

          The accuracy and completeness of information systems and  the data maintained within the
          systems should be a management concern. Information which has been inappropriately modified
          or  destroyed  (by  outsiders or  employees)  can  adversely  impact  the  organization.  Each
          organization must establish controls to ensure that data entered into and stored in its automated
          files and data bases are complete and accurate, as well as ensure the accuracy of disseminated
          information.




             Notes  Depending upon the nature of the information being protected and the threats to
             which it is subjected, additional measures may be required to ensure the integrity and
             security of automated files and databases can range from password protection to encryption.

          Self Assessment

          Fill in the blanks:

          6.   Maintaining ....................... means not only that users can access only those resources and
               services to which they are entitled, but also that they are not denied resources that they
               legitimately can expect to access.
          7.   ....................... refers to the power  you have over distinguishing authorized users from
               unauthorized users, and levels of access in-between.

          8.   ....................... on the Internet is about protecting one’s personal information, even if the
               information does not seem sensitive.
          9.   The ....................... and completeness of information systems and the data maintained within
               the systems should be a management concern.

          3.3 Terms

          Alert: Warning that a  particular attack has  been directed  at  the information  system of  an
          organization.
          Attack: Deliberate act of trying to bypass one or more computer or network.
          Authenticate: To authenticate the identity of a user, user device, or other entity, or the integrity
          of data stored, transmitted, or otherwise exposed to unauthorized alteration in an information
          system, or to institute the authority of a transmission.
          Authentication: Security measure intended to begin the validity of a transmission, message, or
          originator, or a means of verifying an individual’s authorization to obtain particular categories
          of  information.

          Back Door: Hidden software or hardware mechanism used  to  avoid security controls. It is
          identical to trap door.




                                           LOVELY PROFESSIONAL UNIVERSITY                                   33
   34   35   36   37   38   39   40   41   42   43   44