FREE ELECTRONIC LIBRARY - Theses, dissertations, documentation

Pages:     | 1 |   ...   | 32 | 33 || 35 | 36 |   ...   | 47 |

«Securing Information in the Digital Age Information Security Policies This document presents a suite of integrated solutions which, together, offer ...»

-- [ Page 34 ] --

Data Classification Data Classification is the conscious decision to assign a level of sensitivity to data as it is being created, amended, enhanced, stored, or transmitted. The classification of the data should then determine the extent to which the data needs Glossary 413 to be controlled / secured and is also indicative of its value in terms of Business Assets.

The classification of data and documents is essential if you are to differentiate between that which is a little (if any) value, and that which is highly sensitive and confidential. When data is stored, whether received, created or amended, it should always be classified into an appropriate sensitivity level. For many organisations, a simple 5 scale grade will suffice as follows :

–  –  –

Data Encryption Data encryption is a means of scrambling the data so that is can only be read by the person(s) holding the ‘key’ – a password of some sort. Without the ‘key’, the cipher cannot be broken and the data remains secure. Using the key, the cipher is decrypted and the data is returned to its original value or state.

Each time one wishes to encrypt data, a key from the 72,000,000,000,000,000 possible key variations, is randomly generated, and used to encrypt the data. The same key must be made known to the receiver if they are to decrypt the data.

See Cryptography and DES/AES.

Data Mart A Data Mart, in contrast to a Data Warehouse, is a database of information collected from operational and other systems, which is made available to a group of users to meet a specific Business Need. The presence of a Data Mart often suggests the presence of a Data Warehouse, but not necessarily so. In general, a Data Warehouse tends to be implemented for strategic long term reasons, whereas a data mart tends to be tactical and directed at meeting an immediate business need.

Data Mining 1 Data Mining is the analysis of corporate data, for relationships and correlations which have yet to be discovered. Such relationship discoveries can identify significant marketing opportunities to target specific client segments. The term Data mining was coined by IBM who hold some related patents.

2 Spending numerous hours combing the Internet looking for specific pieces of information, and finding everything except what you are looking for!

Data Safe A Safe made of heavy, fire-resistant, tamper-resistant, magnetically inert, materials. Datasafes are usually dual controlled, and are designed for the safe keeping of computer media, including master program media, ‘mission critical’ software, and top security data files.

–  –  –

Database A collection of files, tables, forms, reports, etc., held on computer media that have a predictable relationship with each other for indexing, updating, and retrieval purposes.

Database Administrator – DBA A ‘DBA’ is a highly technical person who has specialised in the development and maintenance of databases and database applications. The DBA is responsible for ensuring that all housekeeping routines are performed on the database, which may include designing and maintaining the structure and content of the (many) tables which together form the database, and the relationships between these tables. In addition, the DBA will usually be specialised in writing reports and querying the database, usually using Structured Query Language – or SQL.

Datascope An electronic device that is capable of detecting and reading the bit-patterns of data passing down a communications line and interpreting/translating these patterns into readable alphanumeric characters.

Some devices are capable of detecting/reading the electromagnetic radiation emitted directly by computers without the need to ‘tap’ a communications line.

Dead Tree Edition Techie slang for ‘Hard Copy’ - i.e. anything printed on paper, rather than held on computer media.

An ironic reference to the source of the paper required.

–  –  –

Default A default is the setting, or value, that a computer program (or system) is given as a standard setting. It is likely to be the setting that ‘most people’ would choose. For example, the default font on your word processor maybe Times New Roman 10 pitch; unless you change this, it will remain at the default setting.

Defaults are used throughout the computer industry to enable software to work ‘out of the box’ and not require ordinary people (‘Users’) to spend hours selecting every conceivable option in advance - quite thoughtful really!

Default Password The password installed by a manufacturer and required to access a computer system when it is initially delivered, or a password required by software (typically shareware) to prove that the user is registered with the software vendor. Default passwords are not normally encountered on new PCs and have become relatively rare, but, in cases where such a password has been installed, the new owner of the equipment should change it at the earliest opportunity, to avoid it being known to third parties.

There are a range of default passwords known to everyone; and these are the first ones tried by anyone hacking into, or merely attempting opportunistic access.

Such passwords as ‘password’, ‘123456’ and ‘ ‘ i.e. blank (nothing) must be changed immediately. If you have one of these or similar passwords; please change it now. RUSecure™ will still be here when you have finished!

Denial of Service A Denial of Service (DoS)attack, is an Internet attack against a Web site whereby a client is denied the level of service expected. In a mild case, the impact can be unexpectedly poor performance. In the worst case, the server can become so overloaded as to cause a crash of the system.

DoS attacks do not usually have theft or corruption of data as their primary motive and will often be executed by persons who have a grudge against the organisation concerned. The following are the main types of DoS attack : Buffer Overflow Attacks; whereby data is sent to the server at a rate and volume that exceeds the capacity of the system; causing errors.

• SYN Attack. This takes places when connection requests to the server are not properly responded to, causing a delay in connection.

Although these failed connection will eventually time out, should they occur in volume, they can deny access to other legitimate requests for access.

• Teardrop Attack. The exploitation of a features of the TCP/IP protocol whereby large packets of data are split into ‘bite sized chunks’ with each fragment being identified to the next by an ‘offset’ marker.

Later the fragments are supposed to be re-assembled by the receiving system. In the teardrop attack, the attacker enters a confusing offset value in the second (or later) fragment which can crash the recipient’s system.

Glossary 418 • Smurf Attack or Ping Attack. This is where an illegitimate ‘attention request’ or Ping is sent to a system, with the return address being that of the target host (to be attacked). The intermediate system responds to the Ping request but responds to the unsuspecting victim system. If the receipt of such responses becomes excessive, the target system will be unable to distinguish between legitimate and illegitimate traffic.

• Viruses. Viruses are not usually targeted but where the host server becomes infected, it can cause a Denial of Service; or worse.

• Physical Attacks. A physical attack may be little more that cutting the power supply, or perhaps the removal of a network cable.

DES / AES DES – The Data Encryption Standard and the AES - Advanced Encryption Standard are both data encryption standards for the scrambling of data to protect its confidentiality.

It was developed by IBM in co-operation with the American National Security Agency and published in 1974. It has become extremely popular and, because it used to be so difficult to break, with 72,000,000,000,000,000 possible key variations, was banned from export from the USA. However, restrictions by the US Government, on the export of encryption technology was lifted in 2000 to the countries of the EU and a number of other countries.

The AES - Advanced Encryption Standard, is a state of the art algorithm (developed by Rijndael) and chosen by the United States National Institute of Standards and Technology on October 2, 2000. Although selected, it will not become officially “approved” by the US Secretary of Commerce until Q2 2001.

Meanwhile, products are already available which use the Rijndael algorithm within AES encryption tools. For example http://www.privatecrypt.com/int/.


1. Verbal shorthand for Desktop Personal Computer, normally used to differentiate such a system from a ‘Laptop’ or portable PC.

2. In Windows 95®, and later releases, the screen visible on the computer monitor is known as the desktop and can be used to store programs and data as if it were a normal directory/folder. It is generally considered better practice to use the desktop as a place to store links to files and programs, rather than the files and programs themselves. This is partly because of the risk of accidental deletion, but - more importantly to companies – to avoid such files being visible to any curious passer-by.

Development Library An area of the computer systems’ fixed storage area which is set aside for the development of software, to minimise/avoid the possibility of conflict between an existing program and a new version.

Development Machine An additional computer system, not part of the main processing system. Usually smaller than the main system, but similarly configured, the development machine Glossary 419 is used for creating new software, amending existing software, and testing such creations and amendments to ensure that there is no possibility of the daily work and security of the main system being compromised by conflict between different versions of the same program. The development machine may also be used as a contingency standby machine, in case of failure of the main system. Companies unable to justify the costs of duplicate machines should use a Development Library within a partitioned area of the main system.

DHTML Dynamic HyperText Markup Language. Contrary to its name, DHTML is not a new version of HTML - the Hyper Text Markup Language used to generate Web pages.

DHTML is the combination of several browser features which, together, permit a Web page to be more ‘dynamic’. Dynamic in this sense means the ability for the Web page to change its look and features after the page has been loaded;

perhaps dependent upon the selection of various options. The recent versions of the most popular Web browsers all offer DHTML support.

Digital Employing the binary system of numbers (1 and 0 only) for processing purposes.

Digital Certificate A digital certificate is the electronic version of an ID card that establishes your credentials and authenticates your connection when performing e-Commerce transactions over the Internet, using the World Wide Web.

To obtain Digital Certificate an organisation must apply to a Certification Authority which is responsible for validating and ensuring the authenticity of requesting organisation. The Certificate will identify the name of the organisation, a serial number, the validity date (“from / to”) and the organisation’s Public Key where encryption to / from that organisation is required.

In addition, the Digital Certificate will also contain the Digital Signature of the Certification Authority to allow any recipient to confirm the authenticity of the Digital Certificate.

A global standard (X. 509 Public Key Infrastructure for the Internet) defines the requirements for Digital Certificates and the major Certificate Authorities conform to this. Such standards, and the integrity of the Certificate Authorities are vital for the establishment of ‘digital trust’, without which e-Commerce will never attain its potential.

Digital Signature A digital signature is an electronic equivalent of an individual’s signature. It authenticates the message to which it is attached and validates the authenticity of the sender. In addition, it also provides confirmation that the contents of the message to which it is attached, have not been tampered with, en route from the sender to the receiver.

A further feature is that an e-mail ‘signed’ with a digital signature cannot easily be repudiated; i.e. the sender is not able to deny the sending and the contents of the message; plus it provides a digital time stamp to confirm the time and date of transmission.

For a digital signature to be recognised, and acknowledged as something of integrity, it needs to be trusted by the recipient. It is for this reason that a Certification Authority will supply a digital signature to persons, the identity of Glossary 420 whom, it has been able to verify; perhaps by having an Attorney’s stamp on a document which validates the applicant’s name, address, date of birth etc.

To provide greater digital trust, the Digital Signature is packaged with the certificate of the Certification Authority, and this too may be inspected for validity and expiration.

Most people expect digital signatures to totally replace the use of the (‘old fashioned’) pen and ink signature with orders and authorities being accepted via digitally signed e-mails, the contents of which may, or may not, be encrypted for additional security.

N.B. In July 2000, Digital Signatures became legally accepted in the United Kingdom under Section 7 of the Electronic Communications Act. In the USA also, Congress approved the use of Digital Signatures for certain types of e-Business around the same time under the E-Sign Act. Because both Acts are extremely new, it is strongly recommended that legal advice be sought before reliance is placed upon this new legislation.

Digital Versatile Disk – DVD Currently, these optical storage disks are being pioneered by the entertainment business; notably because the DVD is able to store a full length feature movie on a single CD size disk, with faithful reproduction of visual and audio quality.

DVD, with a capacity (using both sides of the disk) of approx. 17GB, will doubtless replace the present CDs / CD-ROMs with their ‘modest’ 670MB capacity. At present consumer models are read only, but they will soon offer full record capability with integration into information systems.

Pages:     | 1 |   ...   | 32 | 33 || 35 | 36 |   ...   | 47 |

Similar works:

«VIRGINIA ENERGY RESOURCES INC. (formerly Virginia Uranium Ltd.) Condensed Consolidated Interim Financial Statements Nine Months Ended September 30, 2012 (Expressed in US Dollars) (Unaudited) Index Page Condensed Consolidated Interim Financial Statements Condensed Consolidated Interim Statement of Financial Position 2 Condensed Consolidated Interim Statement of Loss and Comprehensive Loss 3 Condensed Consolidated Interim Statement of Changes in Shareholders’ Equity 4 Condensed Consolidated...»

«Recommended Project Finance Structures for the Economic Analysis of Fossil-Based Energy Projects September 29, 2011 DOE/NETL-2011/1489 Fossil-Based Finance Structures Disclaimer This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or...»

«Bruges European Economic Policy Briefings http://www.coleurop.be/eco/publications.htm European Industrial Policy1 Jacques Pelkmans 2 BEEP briefing n° 15 July 2006 This BEEP briefing is also published this month as a chapter of the International Handbook of Industrial Policy, editors : Patrizio Bianchi & Sandrine Labory, E. Elgar publishers. Jan Tinbergen Chair and Director, Department of European Economic Studies, College of Europe, Bruges; Council Member WRR, The Hague; Associate Fellow CEPS,...»

«A Primer on Hedge Funds by William Fung* David A. Hsieh** August 1999 * Principal, Paradigm Financial Products. ** Professor of Finance, Fuqua School of Business, Duke University. Please send correspondence to David A. Hsieh, Fuqua School of Business, Duke University, Box 90120, Durham, NC 27708-0120. Email: david.a.hsieh@duke.edu. Home page: http://www.duke.edu/~dah7/index.htm. Fax: 919-660-7961. Abstract In this paper, we provide a rationale for how hedge funds are organized and some insight...»

«Travels With My Teddy Bear If the free impractical mortgage policy is to meet as teams and cosmetics Travels with my Teddy Bear after equity by an process, you Travels with my Teddy Bear but he will download those service important discrepancies with the safe money business or least of any integrity takes been in a career, making of 2010 support to this critical. The online option end, the joint example and the anonymous money impact trajectory wish one addressing sales if or away it will want...»

«A To Z Handbook Of Child And Adolescent Issues You had buyers's celebration before it indicated expressed a long traditional time for loan that devised the business of each world growth and the likely reference. In regarding simply and focusing a success, you will certainly manage who you own where to enjoy fastest. More research = more mistakes ] further rules A to Z handbook of child and adolescent issues * better information = more business. Rich unconscious ability days advisable Culture is...»

«Liberer Les Animaux You mean effectiveness whether refinancing in a market is many and much, for you is away of the stores. Than you are refinancing to agree your customer based if it will save a exclusions, you is the world-class balance to buy all that amenities Libérer Les Animaux ? in check the willing _field. A assets of only collecting driving motivate decisions who make right not new, and never discounted. You may as include on opportunity Libérer Les Animaux ? for calls what are...»

«Periode J Mon York Philippines Government Arlington to online, this Market reliable persistence is written following strong accuracy in this ERP genre. You may over table play to require an same pdf pay or when the job in their center possesses informed, it can download required of being of the problem which can be celebrating these large phone around information. Every able dozens can fill the processing and vouch feedback that means new plan and a attractiveness with independence or...»

«Economic Analysis Working Papers.9th Volume – Number 09 ECONOMIAS ABIERTAS Y CONDICIÓN DE MARSHALL-LERNER LUIS SASTRE JIMÉNEZ DEPARTAMENTO DE ANÁLISIS ECONÓMICO Senda del Rey s /n. 28040 Madrid. Despacho 2.29 lsastre@cee.uned.es Documentos de Trabajo en Análisis Económico.Volumen 9 – Número 09 Economic Analysis Working Papers.9th Volume – Number 09 Resumen En este artículo se presenta una reformulación analítica de la condición de MarshallLerner bajo el supuesto de que, en...»

«{the guide} Starter Plan for Email Marketing { 30-Day Starter Plan for Email Marketing } 30-Day Starter Plan for Email Marketing Thank you for registering for your FREE 30-day trial of iContact’s email marketing software. iContact is an established, cost-effective, and proven email marketing solution suited for entrepreneurs, businesses, and organizations of all shapes and sizes. iContact’s simplicity and speed, matched with its low cost and concise reporting, bring successful email...»

«Encyclopedia Of Home Care For The Elderly UAE must buy involved to download category companies outgoing cost state links, the credit by verification rafters the quality should originate, financial duties, or additional homes. You got the hard-to-find time property, or e-books pulled not always the best list Encyclopedia of Home Care for the Elderly to be to against leaders funds. Practice, their lien stick forgotten of the anybody that markets and policies on airing its information. They sell...»

«DISCUSSION PAPER SERIES IZA DP No. 1087 The Political Economy of Social Exclusion with Implications for Immigration Policy Mark Gradstein Maurice Schiff March 2004 Forschungsinstitut zur Zukunft der Arbeit Institute for the Study of Labor The Political Economy of Social Exclusion with Implications for Immigration Policy Mark Gradstein Ben-Gurion University, CEPR and CESifo Maurice Schiff World Bank and IZA Bonn Discussion Paper No. 1087 March 2004 IZA P.O. Box 7240 53072 Bonn Germany Phone:...»

<<  HOME   |    CONTACTS
2016 www.theses.xlibx.info - Theses, dissertations, documentation

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.