Page 44 - DCAP309_INFORMATION_SECURITY_AND

Page 44 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY

P. 44

Information Security and Privacy

Notes  Confidentiality is related with guaranteeing that information of a particular classification
is not disseminated to persons outside the group for which it is classified.

 Integrity is related with the eminence and dependability of information; like management
can be guaranteed that the information on which decisions are relied has not been tailored
dishonestly or else when the data is transferred, captured and accumulated.

 The third pillar is the availability of the information. When systems or data are
unavailable, opportunities may be vanished, deadlines missed or commitments evaded.
 We can categorize the information on the basis of the purpose for which the information
is utilized. Depending upon the different types of decisions made by the management,
information is supplied to them according to the needs of their decision.

3.7 Keywords

Accuracy: The accuracy and completeness of information systems and the data maintained
within the systems should be a management concern.

Authenticity: It refers to the constant checks you have to run on the system to make sure
sensitive areas are protected and working properly.
Authorization: It refers to the power you have over distinguishing authorized users from
unauthorized users and levels of access in-between.
Confidentiality: It means that information cannot be access by unauthorized parties.
Information Security: It is the prevention and protection of computer assets from unauthorized
access, use, alteration, degradation, destruction and other threats.
Integrity: It means that information is protected against unauthorized changes that are not
detectable to authorized users; many incidents of hacking compromise the integrity of databases
and other resources.
Logical Computer Security: It involves non-physical protection, such as that provided by
authentication or encryption schemes.
Physical Computer Security: It involves tangible protection devices, such as locks, cables, fences,
safes or vaults.
3.8 Review Questions

1. What do you mean by information security?
2. Enlighten the various principles of information security.
3. What do you mean by “loss of integrity” in database security issue?
4. How accuracy and completeness of information systems can adversely impact the
organization?
5. Make distinction between physical computer security and logical computer security.
6. Explain the concept of confidentiality. Also illustrate why confidentiality is required in
information system.
7. How to ensure the safety, integrity and privacy of corporate information?
8. How data security breaches in an organization?

9. How database of an organization can be damaged?

38 LOVELY PROFESSIONAL UNIVERSITY

39 40 41 42 43 44 45 46 47 48 49