Chapter VIII data and database Information security

advertisement
Chapter VIII
data and database
Information security
File fundamentals
Database fundamentals
Malware and computer security
Dr. Nazih Abdallah - Modern business computer
1
Lecture objectives
• Understand file creation, naming and saving
• Understand database and database structure
• Understand the use of database.
• Understand database query and manipulation
• Be able to compare database approach to file approach in business
management
• Be aware of threats targeting information and computer network.
• Understand backup policy
Dr. Nazih Abdallah - Modern business computer
2
File fundamentals
• A file is the smallest named collection of data/information or
instructions stored on a storage medium.
• A file must have a name before being saved.
• File name must be descriptive to indicate the content of the file and
must abide by the following criteria:
• Maximum length shouldn’t exceed 255 characters
• Avoid prohibited characters *?”/I><:\
• Case sensitive: “A” and “a” are different characters in the file name.
• The file name must end with an extension that is related to the
format used when the file was saved. (.txt, .doc, .gif, .xls, etc…)
• File name extension cannot exceed 3 characters.
• Operating system can be set to hide the file name extension
• Native file format is format used when we create the file: Example (if
we use MS word to create a document then we save the document as
a pdf file its native file format will be .doc and its filename extension
will be .pdf)
Dr. Nazih Abdallah - Modern business computer
3
Types of files
• Program file or software file:
• consists of software instructions designed to instruct the computer how to perform
specific applications
• an application may consist of one or several programs
• all program files are saved on the hard disk in a folder called “program files” folder
which is the default folder used by the operating system to store software programs
including the ones that you download from the WEB.
• Program file can be ASCII text file that needs conversion to binary or binary executable
file that don’t need any conversion.
• Data files:
• Files that hold data/information of all types
• No instructions included in data files.
• Content vary from text to document to multimedia (pictures, audio, video, etc…)
Dr. Nazih Abdallah - Modern business computer
4
Physical storage Model
• Each storage medium is formatted and divided into sectors (CD has one single track about 3
miles long: 336000 sectors of 2048 bytes each 336000 x 2048 = about 700 megabytes
• The smallest storage location is not the sector but the cluster
• A cluster is formed of several contiguous sectors.
• Operating system stores each record of a saved file in an available cluster and gives it a flag
and order number in the corresponding file.
• Consequently, a given file has its records dispersed all over the storage medium
• Operating system maintain a list of addresses of files in a FAT (File Allocation Table) that
serves like the occupancy board at the entrance of office buildings.
• Defragmentation utility brings same file records as close to each other as possible
• The FAT addressing technology helps the operating system to retrieve the file when we want
them to be displayed.
• NTFS (New Technology File System) and HPFS (High Performance File System) and IFS
(Installable File System) are newer more advanced technologies than FAT which is still used
because of its effectiveness
Dr. Nazih Abdallah - Modern business computer
5
Logical storage model
• The operating system creates a directory for each storage medium and
maintain an addressing table for all files stored on that directory
• The directory is considered to be the logical storage model that
identifies the path to each file thru directories and subdirectories.
• This logical storage model is like a tree metaphor that consists of:
• Root directory: The storage medium depicted as the trunk of the
tree. Example for the hard disk (C:\)
• Subdirectories: considered as the folders and subfolders depicted as
the branches.
• Files depicted as the leaves
• Example: C:\electronics\computers\notebook\apple.xls
• The above example in computer store represents the path of the
available apple notebooks excel file stored in the notebook
subfolder which is stored in the computer subfolder which is also
stored in the electronic folder on the hard disk.
Dr. Nazih Abdallah - Modern business computer
6
File management software
windows explorer – Mac finder
allows you to manipulate files and folders in the following
ways:
• Rename: Change the name use (Save as)
• Copy: make a copy of the file so you can paste it in
another location
• Move: You can move the file from its actual location to
another and change its logical storage model
accordingly.
• Delete: Move the file to the recycle bin folder
Dr. Nazih Abdallah - Modern business computer
7
MOVE/DELETE files
• When you move a file from one location to another all
its bits stay where they were until they are overwritten
by other files.
• Only the status of the corresponding clusters will be
turned from occupied to vacant so they will be reused by
the Operating system.
• When you delete a file, you in fact, are moving it to the
recycle bin folder where it will stay and can be retrieved
as long as that folder is not emptied or overloaded.
• File shredder is software that overwrites the old file
ASCII code using random zeroes and ones.
Dr. Nazih Abdallah - Modern business computer
8
Database fundamentals
• A database is a collection of related data files that consists of
all data/information of a business or organization.
• Database files are also called tables or relations because they
are tables similar to spreadsheet files.
• If the number of files in a business or organization is too big,
which is usually the case in big businesses, then several
databases will be necessary and a data warehouse is created
which consists of a collection of several related databases.
• A small data warehouse is known as a data-mart.
• Creation and manipulation of database is not possible
without a powerful software known as DBMS (Database
management software). MS Access is a database
management system.
Dr. Nazih Abdallah - Modern business computer
9
Functions of DBMS
• Helps create the database files or projects
• Helps manipulate the database: update information, add new
information delete and all necessary operations.
• Sort data based on given criteria.
• Provides interface between the user and the database thru 2
applications;
• Front end application interface between the user like the forms
and direct links provided by the application
• Back end application interacts with program and applications of
the database that are used by the users.
• Prepare routine tasks using available data:
• Paychecks for employees
• Issue letters and labels and other promotional material.
• Tax forms
• Client and supplier accounts
• Etc…
Dr. Nazih Abdallah - Modern business computer
10
Functions of DBMS
• Help decision makers with the decision process by
providing reports and statistics needed for that
purpose.
• Provide for possibility to query the database by
authorized people in order to get needed information
and data.
• Help in enhancing data security by protecting data
from intruders, attacks and all unauthorized queries.
Dr. Nazih Abdallah - Modern business computer
11
Database structure
• Field: is the building bloc of the database and its data. It is the
smallest data element that must have well defined characteristics:
•
•
•
•
Length: how many characters and if it is fixed or variable.
Type: Alpha, numeral, decimal, currency, date, etc…
Never store last name and first name in the same field.
Each part of the name must have its own field. Example the name Dr. Maya N.
Abdallah Jr. must be stored in 5 fields.
• Each data element that fits in a field is known as the field attribute.
Dr. Nazih Abdallah - Modern business computer
12
Database structure
• Record:
• The record is a collection of related fields.
• If the number of fields is too big the record will be very bulky
and we may need to create another record and consequently
another file.
• Table or relation
• The file in a database is known as table or relation.
• It consists of a collection of many related records
• Files in the database have relationships necessary to extract all
information we need from different files.
• Each table, regardless of its size, is composed of:
• One record type which consists of the record template of all
the labels of the record.
• A number of record occurrences equal to the number of the
population of the file
Dr. Nazih Abdallah - Modern business computer
13
Database structure
• Database is a collection of related files used as a
centralized homogeneous source of data/information
used by many users in a business and is very flexible to
allow the following procedures:
• Collect and store data
• Update data
• Organize and output data
• Find and analyze data
Dr. Nazih Abdallah - Modern business computer
14
Database structure
Database structure is depicted in the following database sample
of a department store where the database is composed of 5
tables as follow: Clients, Suppliers, Employees, Inventory, Sales
Employees file has a sample depicted in the table below:
ID #
Last name
First name
suffix
Department #
Date of hire
123456
Smith
Ted
Sr
22
050508
456789
Rogers
Bill
19
022599
157157
Salam
Ziad
18
031608
989898
Jolie
Raya
22
111210
Jr.
Dr. Nazih Abdallah - Modern business computer
15
KEYS
• Database manipulation and data retrieval from a database
will not be possible without a key that identify data and
information stored into the database.
• There are two types of keys;
• The primary key: which is a field unique to each record (PID, SSN,
ID#, etc…) database designer must be very careful when defining
primary keys especially for inventory items.
• Secondary key: May be any other field of the file.
• In the sample file above:
• ID# is the primary key that is unique to each employee (it is
not possible that 2 employees get the same ID# in the same
business)
• All other fields of the record type may be used as secondary
keys used when needed to extract information. Example: We
may use the date of hire as key to get a list of all employees
that were hired in 2008 for example.
Dr. Nazih Abdallah - Modern business computer
16
Database relationship
One to one
supps
prods
supps
prods
supps
prods
One to many
Many to many
Dr. Nazih Abdallah - Modern business computer
17
Data warehouse
• A data warehouse is a collection of related databases that
include all databases in multidimensional establishment.
• A small data warehouse is known as data-mart.
• They can be depicted as a cube shape where each cut
represents a separate
Market
product
Sales person
Dr. Nazih Abdallah - Modern business computer
18
Database operations
• Normalization: process of eliminating redundant data
which results in reducing the size of the database.
• Selection: process of selecting from the database
records that meet given criteria. Example clients whose
accounts payables exceed $ 5000.
• Joining table: to shrink the number of tables or files in a
database we may join 2 or more tables together to form
one table.
• Query database: SQL (Structured Query Language) is
used in forms that are converted into queries by the
DBMS. Example: grade form on CGS2100 website.
Dr. Nazih Abdallah - Modern business computer
19
SQL (Structured Query Language)
• SQL used keywords are:
• CREATE
• DELETE
• INSERT
• JOIN
• SET
• SELECT
• UPDATE
• Example: SELECT 32” TV FROM electronics Where TV Brand = Sony
• SQL also allows the use of logical operators: AND, OR, NOT
• The grade form on the course website: When you fill and submit it will be
converted into SQL to select your grade page from the grades database.
Dr. Nazih Abdallah - Modern business computer
20
User interface
• Forms are the most used user interface they should be
designed carefully to make it user friendly as much as
possible. Forms must be:
• Fields arranged in a logical order
• Boxes areas should be clear, visible and consistent with
data to fill
• Provide easy samples with instructions about the filling
of data.
Dr. Nazih Abdallah - Modern business computer
21
OODB (Object oriented database
• Data is stored as objects that are grouped into classes and subclasses
• OODB is reusable and portable because:
• Functions and application methods are defined with each object and
can be reused by all subclasses.
• You only need to add your special parameters and the model will work
for you if you belong to the same class activity.
• Example: If transportation network is an object: there are general
functions and attributes that are valid for all kind of transportation
classes:
• Air transportation
• Water transportation
• Ground transportation
• In Ground transportation there are general functions and attribute
that are valid for all forms of ground transportation
• We don’t have to start always from scratch when building a
database
• OODBMS (Object Oriented Database Management System) is needed to
manipulate the OODB
• Access can manipulate all types of databases including OODB.
Dr. Nazih Abdallah - Modern business computer
22
File approach
• File approach: each department will create and maintain its own files
• Strengths:
• More security
• Limited and clear responsibility
• Close knowledge of the subject matter of data/information
• Weaknesses:
•
•
•
•
•
Redundancy: same record is repeated in many departments.
Limited involvement in the general business picture
No or limited networking possibility
No cooperation between all business department
Poor quality reports and decision making information tool.
Dr. Nazih Abdallah - Modern business computer
23
Database approach
• Strengths:
• No redundancy
• Centralized source of same information among all
departments
• Networking heaven because of database server
that will be able to provide information to all
clients
• Security is enhanced thru strict central policy and
limited people are manipulating the database.
• Much better quality report and customer and
supplier service.
Dr. Nazih Abdallah - Modern business computer
24
The Changing Face of Crime
• Corporate and government networks are under attack,
and the Internet is the battlefield
• Many types of attacks can be made on computer
systems
• Malware: Viruses, worms and Trojan horses
• Identity theft
• Theft of personal information
• Unauthorized use of other’s computer
• Information security involves
• Confidentiality, integrity, availability
Viruses and Worms
• Virus
• Program that attaches itself to a file
• Spreads to other files, and delivers a destructive action called a payload
• Time bomb: Virus that delivers payload on a specific time (birthday of
celebrity, anniversary of an incident, etc…)
• Logic bomb: delivers payload on specific conditions (click a link, open a
file, boot, etc…)
• Trojan horses
• Appear to be harmless programs
• When they run, they install programs on the computer that can be
harmful
• Backdoor Trojans open ports on the computer for hackers access.
• Worm : Acts as a free agent, replicating itself numerous times in an effort
to overwhelm systems causing denial of service attack on a network (traffic
jam).
• War driving: Driving through neighborhoods with a wireless notebook
or handheld computer looking for unsecured Wi-Fi networks.
26
Defending Against Viruses and
Worms
• Antivirus software uses several techniques to:
• Find viruses: 2 steps:
• Detect the virus presence using Checksum of the file.
• Checksum is the actual number of bytes in the file saved by the AV software and compared
to the new number. If the numbers are different there should be a virus.
• Find the identity of the virus by comparing its signature to the available list of virus
signatures.
• AV then removes them if possible or quarantine them until they can be
removed.
• Keep additional viruses from infecting the system
27
Information Security and
Vulnerability
• Organizational
information
• Compromised information can lead to
• Loss of market share
• Business failure
• Business intelligence
• Process of gathering information in the pursuit of business
advantage
• Competitive intelligence
• Concerned with information about competitors
• Counterintelligence
• Concerned with protecting your own information from access by
your competitors
28
National and Global Security
• Cyber-terrorism
• Uses attacks over the Internet to intimidate or harm a
population
• United States Computer Emergency Readiness Team
(US-CERT)
• Monitors the security of US networks and the Internet
• Responds to attacks
• National Strategy to Secure Cyberspace
• Prevent cyber-attacks against US infrastructure
• Reduce national vulnerability to cyber-rattack
• Minimize damage and recovery time
29
Threats to Information Security:
Software and Network Vulnerabilities
• Security vulnerabilities or security holes
• Software bugs that allow violations of information security
• Software patches
• Corrections to software bugs that cause security holes
30
Threats to Information Security:
Hackers, Crackers, Intruders, and Attackers
• System penetration: Someone subverting the security of a system without
authorization
• Hackers, crackers, intruders, and attackers
• Hackers convene every year in Las Vegas the convention is nicknamed HOPE
(Hackers On Planet Earth): Media, businesses and government specialists
attend the convention to be aware of new hacking and security advances .
• White-hat hacker: No criminal intention, Don’t make money
• THEY MAY BE HIRED BY BUSINESSES TO CHECK AND CONSOLIDATE
THEIR NETWORK SECURITY (in this case they make legally money).
• Black-hat hacker: Criminal intention, make money (cracker).
• Gray-hat hacker: Can be either one
• Script kiddie: Try to gain access to a network using scripts of other hackers.
• Computer forensics
• Process of examining computer equipment to determine if it has been used
for illegal, unauthorized, or unusual activities
31
ZOMBIE computer
A computer that carries out actions (often malicious)
under the remote control of a hacker either directly
or through spyware or a virus is called a zombie
computer.
Zombie computers can join together to form zombie
networks (botnet). Zombie networks apply the
power of multiple PCs to overwhelm Web sites with
distributed denial-of-service attacks, to crack
complicated security codes, or to generate huge
batches of spam.
Dr. Nazih Abdallah - Modern business computer
32
Machine-Level Security
• Common forms of authentication
• Something you know
• Password or personal identification number (PIN)
• Something you have
• ID cards, smartcards, badges, keys,
• Something about you
• Unique physical characteristics such as fingerprints
33
ID Devices and Biometrics
• Biometrics
• The science and technology of authentication by scanning
and measuring a person’s unique physical features
• Facial pattern recognition
• Uses mathematical technique to measure the distances
between 128 points on the face
• Retinal scanning
• Analyzes the pattern of blood vessels at the back of the
eye
• Fingerprint scan
• Increasingly common method for access to secure areas,
logging onto computers, and even validating credit
34
Encrypting Stored Data
• Encryption
• Uses high-level mathematical functions and computer algorithms to encode
data
• Files
• Can be encrypted “on the fly” as they are being saved, and decrypted as they
are opened
• Encryption and decryption
• Tend to slow down computer slightly when opening and saving files
35
Backing up Data Files
• Backup software typically provides the following
options
• Select the files and folders you wish to back up
• Choose the location to store the archive file
• Choose whether to back up all files (a full backup), or just those
that have changed since the last backup (an incremental
backup)
• Mirroring
• Creating a copy of the system or a portion of it
• Real-time mirroring
• As files are saved, they are automatically updated in the
mirrored copy
36
Scams, Spam, Fraud, and Hoaxes
• Virus hoaxes
• E-mail that warns of a virus that doesn’t exist
• In some cases, just a nuisance, but they can cause great harm in
other cases
• Hoax may ask you to delete a “virus” file that is actually an uninfected,
important system file
• Deleting such a file may make your computer unusable
37
Scams, Spam, Fraud, and Hoaxes
• Virus hoaxes
• E-mail that warns of a virus that doesn’t exist
• In some cases, just a nuisance, but they can cause great harm in
other cases
• Hoax may ask you to delete a “virus” file that is actually an uninfected,
important system file
• Deleting such a file may make your computer unusable
38
Scams, Spam, Fraud, and Hoaxes
• Spam solutions
•
•
•
•
•
Bayesian filters
Simple authentication software
“Trusted sender” technology
Reputation systems
Interfaces for client-side tools to allow end users to report spam
39
Scams, Spam, Fraud, and Hoaxes
• Defending against scams, spam, fraud, and hoaxes
• Awareness and common sense
• Do not click links sent by e-mail
• Type URLs directly into the browser
• Examine Web addresses to make sure they are legitimate
• Do not believe virus alerts sent through e-mail unless they come from a
reputable source
• Use spam filters
40
Download