Monday, August 5, 2019

The Basic Concepts Behind Data Bases Information Technology Essay

The Basic Concepts Behind Data Bases Information Technology Essay Databases are collection of raw fact and figures or in single word we can say data in digital form, databases are classified on the basis of their content like text document, bibliographic and statistical etc. Databases are managed by software called DBMS (Database Management System), DBMS are responsible of storing, retrieving, accessing, security, backup and querying the data as fast as possible and in most efficient way. One of the most trusted DBMS in market is ORACLE DBMS. ORACLE is the most trusted in market and almost each and every organization uses it. One of the best security features of ORACLE is Secure Database Access.SDA is based on three things which are Under USER MANAGEMENT comes how much space has to be provided to each user, what level of access has to be provided to users, the space and rights of one user does not interfere with other. Under PASSWORD MANAGEMENT come the default passwords of users, defining the password complexity, deciding the password expiry time limit, password lock facility etc. Under RESOURCE LIMTS comes deciding CPU time, logical reads, concurrent session per user, idle time, amount of private SGA for shared sessions. The above mentioned security features comes with any enterprise level operating system for example SUN SOLARIS a UNIX flavored OS has all this security features where there is separate file system for all users, each and every file system and file has access permission defined for the root, the user and others, passwords for each user is there and they are stored in encrypted form and for each and every user the resources are defined. Briefly describe the purpose of firewalls and how they work, including a comparison of at least three principal types. Firewalls are a type of hardware or software which is used to protect the system or network. Firewall acts as fences around the system or network which do not allow anybody who wants unauthorized access or after access tries to do some sort of damage. To protect ones data and network Firewalls employ a number of technologies, of which the first one is simple set of rules means all the ports should be closed initially and as one goes with applications there must be ports defined for them and only those ports are opened for those applications to use, open ports are like holes which any hacker can use to access your system. There are 2 physical types of firewalls software and hardware, software firewalls are mostly used in home environment like the one provided by Nortel and McAfee, they are responsible for protecting you home pc against any sort of external attack. Hardware firewalls are commonly used in business environment, they are dedicated units which have the external world plugged in outside and the trusted network from inside and they are often available as a pair so that failure of one unit does not make the network open for attack. Both type of firewalls use a number of different techniques to keep your system and network safe, the first thing described is a rules based or packet filter system, here all data in and out is scanned to see that is in and out to trusted ports on the system and possibly even trusted IP addresses. Proxy server, this is in between the outside world internet and the trusted inside world network it scans all packets of data and make sure if they meet the packet filter rules before passing data to the machine in the trusted network. This adds a layer of security by never allowing the internet system come in direct contact with the trusted machine, network address translation do not make your internal IP address visible to the internet. A proxy server is great against brute force attacks. What are the differences between public key encryption methods and symmetric key encryption methods? Please provide one example of each category. The cryptographic technique based on two keys a public key available to all and a private/secret key known only to the person intended to have it. An important part to the public key encryption is that the keys are related in such a manner that only the public key can be used in encryption of the messages and only the corresponding private key can be utilized in decryption of messages. By no chance one can get private using the public key. Public-key encryption like Pretty Good Privacy (PGP), are growing in popularity for transferring information through internet. They are highly secure and comparatively simple to use. The one difficulty with public-key encryption is that one need to be aware of the recipients public key so that he/she can encrypt a message. What is required therefore is a global registration of public keys Symmetric key encryption for both encryption and decryption uses a same secret key. Exchange of message requires exchange of keys also among users. Message encrypted with secret key can only be decrypted with same secret key Secret-key algorithm is used in symmetric key encryption. Symmetric key encryption techniques are also called content-encryption algorithms. The big limitation of secret-key algorithm is the requirement for sharing the secret-key. This can be overcome by deriving the same secret key at both ends by using a user supplied text string or we can say password based on password-based encryption algorithm, other way round is to securely exchange the secret-key among themselves. Size of the key defines the strength of the symmetric key encryption used. Consider the following cipher text: EHWWHU EH GHVSLVHG IRU WRR DQALRXV DSSUHKHQVLRQV WKDQ UXLQHG EB WRR FRQILGHQW VHFXULWB (Edmund Burke) a) Decipher the cipher text above using a 26-character Caesar Cipher. Explain your reasoning Explain how you would quickly determine if the above cipher text is the result of a simple substitution or a transposition cipher, also explaining the difference between each. Please justify your answer. The cipher text gets decrypted to BETTER BE DESPISED FOR TOO ANXIOUS APPREHENSIONS, THAN RUINED BY TOO CONFIDENT SECURITY A shift of 3 was used to give the output as the quote mentioned above. The above cipher can be determined as simple substitution cipher as we can list down the two alphabet words in English and shifting each alphabet to certain position gives any one of the word. Substitution cipher is all about replacing one character or alphabet with other and transposition cipher is all about jumbling of the words together instead of replacing characters, transposition cipher changes the order of the characters and can be analyzed by frequency analysis. Unfortunately your computer has been infected by some malicious code and you do not know when this infection happened. Luckily you have performed backups on a weekly basis since you acquired your computer. Your idea is to use the backups starting from the beginning, rebuilding the first backup and so on, applying all changes in order. Discuss the feasibility of this approach offering ways to improve it, if necessary. This is the safest way of rebuilding computer again and would definitely solve the issue as this is the gradual step by step up gradation of the system and would bring the system to state where it was infected but without the problem. What I feel like if we start restoring the system from back rather than doing from start and checking for the stability of the system. This approach saves time and effort as after restoring first only you have the probability of solving the issue or what we can do is not do one by one incremental steps but keep an interval of the backups and do. Please compare and contrast incident response plans and business continuity plans. List heir key elements (what would one expect to see in such a document?) The incident response plan is defined as what make up a security incident and highlight the phases of incident response. The incident response plan document is focused on how information reaches the appropriate personnel, investigation of the incident, bringing down damage and strategy to respond, documentation and evidence preservation. The incident response plan consists of responsibility area and pen down and brings in effect procedures for handing security incidents. The document emphasizes on the considerations required to create an incident response plan. The incident is formulated to safeguard against intrusion to organizational resources. An incident is defined as information confidentiality loss, data integrity compromise, theft or damage of IT assets like computer, printer etc, service denial, misuse of assets or services or data, system infection by malicious software, unauthorized access, system abnormal behavior, alarms for intrusion detection and their responses. The incident response goals are incident occurrence verification, business restoration continuity, minimized incident impact, determine the way of attack, prevention against future attacks, response time of security and incident should be improved, illegal activity prosecution, situation and response has to be made aware to management. The incident response life cycle begins by incident preparation, then comes the discovery of the incident, notification, analysis and assessment, response strategy, containment, re infection prevention, affected system restoration, documentation, preservation of evidence, external agencies notification, update policies and response review. The business continuity planning is required for making an organization safe from internal and external threats and identifies the soft and hard assets to provide effective recovery and prevention of the organization. The following threats are there to an organization as Staff death or injury, building are damaged, loss of communication and IT infrastructure, disruption in transport making staff unavailable, stress and demoralization in staff, other business disruption or closing down on which a company is dependent, reputation damage and business change demands. To cover up the following threats following steps should have been planned sufficient workforce with right expertise and motivation to manage and lead the organization, access to key IT system and records, staff communication should be reliable and clear, ability of paying the staff in case of crisis also, product and services procurement and media demand responses. The steps involved in developing a business continuity plan in systematic way are analysis of business, risk assessment, strategy development, plan development and plans should be rehearsed. One hundred years ago, Louis Brandeis and Samuel Warren warned us that, Numerous mechanical devices threaten to make good the prediction that what is whispered in the closet shall be proclaimed from the housetops.' Cryptography is an enabling technology for self-help privacy. Conversely, cryptography can be used to conceal criminal conspiracies and activities, including espionage. a) How have computers changed the ways in which we have to keep certain information private? b) What new threats do computer systems and networks pose to personal privacy? Conversely, what threats are enabled or enhanced by computer systems and networks? c) How does cryptography help or hinder protection of privacy and public safety? d) What policies are needed and appropriate in a networked world regarding the use of cryptography? e) Consider a public key encryption. Ann wants to send Bill a message. Let Annpriv and Annpub be Anns private and public keys respectively. The same for Bill (Billpriv and Billpub). i) If Ann sends a message to Bill, what encryption should Ann use so that only Bill can decrypt the message (secrecy)? ii) Can Ann encrypt the message so that anyone who receives the message is assured that the message only came from Ann (authenticity)? iii) Is it possible for Ann to devise a method that will allow for both secrecy and authenticity for her message? Please justify your answer. Computers help a lot in keeping private informations secure. With all the security features into the system like firewalls and other security features one can keeps his/her information secure from un authorized access. Initially for keeping the information private one has to classify the physical files or documents having information as classified or confidential and have to be kept in safe custody so that unauthorized access is not there, the initially the information transfer has to be taken through physically under supervision but with computers and secure software systems and various encryptions which are efficient and complex to break, transport of information has become easy without any extra effort. With increasing use of information technology in form of computers has also created new types of threats where hackers who are experts in breaking the system security and network security and get easy access of ones private data. People use the information transfer and other IT mea ns to transfer information which cannot be scanned by authorities for example terrorist organizations uses the networks and other safe methods to transport the information which could not be easily get hold of decrypted by organizations working against them. The biggest advantage of public key cryptography is the secure nature of the private key. In fact, it never needs to be transmitted or revealed to anyone. It enables the use of digital certificates and digital timestamps, which is a very secure technique of signature authorization. We will look at digital timestamps and digital signatures in a moment, but as discussed above cryptography can be used by organizations or individuals involved in wrong activities to transfer data which cannot be caught or decrypted by authorities working against them, hence cryptography can go against world peace. Cryptography use should be mandated for the right purposes. There are few cryptographic policies that have been challenged, both literally and figuratively. In particular export controls, key escrow and government control have been issues argued recently, with final decisions still unresolved. International agreements and foreign decisions regarding these topics have influenced the current U.S. position. Ann should use the public key encryption method to send a message to Bill. Ann can create her digital signature of the message using the private key which can be verified using public key to see message is authentic. Yes Ann can use public key encryption for encrypting the message to maintain the confidentiality or secrecy of message and she can use digital signatures with public key encryption to maintain the authenticity of the message.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.