Upload
rolf-foster
View
213
Download
0
Embed Size (px)
Citation preview
1. The Nature, Impact and Issues of Information
Technology
1.6 Strategies used to Prevent Deliberate and Accidental Illegal
Actions
Access Authentication Authentication is the process of determining
whether someone or something is, in fact, who or what it is declared to be.
* Copied from whatis.com
Wsdq KROSKHWIKA
Access Authentication authentication is commonly done through the use of
logon passwords Knowledge of the password is assumed to
guarantee that the user is authentic Each user registers initially (or is registered by
someone else), using an assigned or self-declared password
On each subsequent use, the user must know and use the previously declared password
* Copied from whatis.com
Access Authentication The weakness in this system for
transactions that are significant (such as the exchange of money) is that passwords can often be stolen, accidentally revealed, or forgotten
the password only validates that a correct number has been entered, not that it the actual person
Using biometric techniques (fingerprints, eyes, voice, etc.) is a more secure method
* Copied from whatis.com and techweb.com
Access Authentication For this reason, Internet business and many
other transactions require a more stringent authentication process
The use of digital certificates issued and verified by a Certificate Authority (CA) as part of a public key infrastructure is considered likely to become the standard way to perform authentication on the Internet.
Copied from whatis.com
Protective Measures Information Protection Physical Protection Copy Protection
Information Protection Information transmitted over networks is of high
risk because it can be intercepted. One way to protect sensitive data is to use encryption
Encryption is the process of converting readable data into unreadable characters
The person who receives the message will use encryption key to decrypt the data back into the original readable form
Copied from dmedia.com.hk*
Physical Protection Physical security measures such as locked doors
and windows usually are adequate to protect the equipment
Some school offices install alarm system and cables that lock the equipment to a desk or floor
Copied from dmedia.com.hk*
Physical Protection
Copied from techweb.com
Copy Protection Software piracy is the unauthorized and illegal
copying of copyrighted software Software piracy causes loss of millions of dollars
to the software producers
Copied from dmedia.com.hk*
Data Verification Data verification is to check the correctness of
data Errors may be caused by
– Poor handwriting– Typing mistakes
It is usually used when data is entered into the computer system
Data is verified if there is no discrepancy in the transcribing process
Copied from Computer Studies for the New Generation Vol. 1, W.H. Kwan, Chung Tai Ed. Press*
Data Verification Two common methods are
used in data verification:– Double Entry
The same data are entered twice. If the second input is different from
the first input, the computer system will displays a warning message
* Copied from Computer Studies for the New Generation Vol. 1, W.H. Kwan, Chung Tai Ed. Press
sidhsiels;
Data Verification Two common methods are used in data
verification:– Parallel Entry
The same data is entered by two operations independently. The computer then compares the records entered An error report will be produced if any two corresponding
items are found to be different
* Copied from Computer Studies for the New Generation Vol. 1, W.H. Kwan, Chung Tai Ed. Press
Data Validation Data validation is to check whether the data are reasonable
Data validation is the process of checking whether the data input meets the predefined criteria
If the data input cannot meet the predefined criteria, the computer program will reject the data
It is usually used when data is entering into the computer system
Data validation is used when specific criteria can be defined in advance.
* Copied from Computer Studies for the New Generation Vol. 1, W.H. Kwan, Chung Tai Ed. Press
Data Validation Examples:
– The month should fall between 1 and 12 inclusively
– The telephone number should contain 8 digits
– Age above 100 may be considered as unreasonable
* Copied from Computer Studies for the New Generation Vol. 1, W.H. Kwan, Chung Tai Ed. Press
Data Validation Several common methods are used in data
validation:– Presence Check
– Range Check
– Type Check
– Check Digit
– Control Total
* Copied from Computer Studies for the New Generation Vol. 1, W.H. Kwan, Chung Tai Ed. Press
Reference Sites http://searchsecurity.techtarget.com/sDefinition/
0,,sid14_gci523595,00.html
Copied from dmedia.com.hk*