security, privacy and data integrity Flashcards
1
Q
file based-approach
A
the data is stored in one or more separate computer files
2
Q
relational database
A
a way of structuring info in table rows and columns
3
Q
file-based limitations
A
- data redundancy (repeated data)
- data dependency (changes to data mean changes to the program accessing the data)
- lack of data integrity
- lack of data privacy
4
Q
relational database pros
A
- multiple tables are linked together: which reduces data redundancy, increases data integrity
- program-data independence: structure of data can change and does not affect the program and vice-versa
- complex queries can be easily written: to find specific data
- different users can be given different access rights: improves security
5
Q
entity
A
the concept or object in the system that we want to model and store info about
6
Q
attributes
A
a column or field in a table
7
Q
primary key
A
unique identifier for each tuple
8
Q
foreign key
A
a field in one table that links to a primary key in another table
9
Q
candidate keys
A
a set of keys that can be used to uniquely identify a record
10
Q
tuple/record
A
data in one row of a table
11
Q
referential integrity
A
- making sure that tables do not try to reference data that does not exist
- a primary key can’t be deleted unless all dependent records are already deleted
- a primary key can’t be updates unless all dependent records are already updated
- every foreign key value has a matching value in the corresponding primary key
12
Q
how can relational database reduce data redundancy
A
- because each record of data is stored once and referenced by a primary key
- as data is stored in individual tables
- tables are linked by relationships
- by this proper use of primary and foreign eys
- by enforcing referential integrity
13
Q
developer interface
A
- creates user friendly features
- creates outputs
- creates interactive features
14
Q
query processor
A
- creates SQL queries
- searches for data that meets set criteria
- performs calculation of extracted data
15
Q
data dictionary
A
stores all the info about the database e.g: fields, datatypes, keys
16
Q
tasks performed by DBMS developer interface
A
- create a table
- set up relationships between tables
- create a form
- create a report
- create a query
17
Q
DBMS software to ensure the security of data
A
- issue usernames and passwords
- access rights
- regular backups
- encryption of data
18
Q
normalization
A
a method to remove or reduce data redundancy
19
Q
1NF
A
- no repeated group of attributes
- no duplicate rows
- all attributes should be atomic
20
Q
2NF
A
should be in 1NF + no partial dependencies
21
Q
3NF
A
- should be in 1NF and 2NF + have no non-key dependencies
22
Q
external schema
A
the individual’s view of the database
23
Q
logical schema
A
describes how the relationships will be implemented in the logic structure of the database
23
Q
conceptual schema
A
describes the views which user of the database might have
24
data integrity
- is making sure that data is correct
- ensures that data received is the same as the sent data
- e.g: parity check
25
data privacy
- keeps data confidential
- only seen by authorized personnel
26
data security
- to keep data safe
- prevention of data loss
- e.g: data backup
27
encryption
- scrambles the source code
- using an encryption key
- if file is accessed without authorization it will be meaningless
- it requires a decryption key to unscramble the algorithm
28
data backup
- a copy of data will have bene made and stored elsewhere
- if original data is lost, the backup can be used to restore the data
29
disk mirroring
- data is stored on two disks simultaneously
- if the first data disk drive fails the data is accessed from the second disk
30
firewall
- prevents unauthorized access to the data
- monitors incoming and outgoing traffic
- blocks transmission from unauthorized sources/websites
- maintains an allow list
- can be software or hardware or both
- can help to prevent hacking
31
user account
- user has a username and password
- access to resources can be limited to a specific account
- a person cannot access the system without valid username and password
32
anti-malware
- scans for malicious code
- quarantines or deletes any malicious software found
- scans can be scheduled at regular intervals
33
access rights
- different access rights for individuals and groups
- to stop users from editing the program
34
physical measure
- locked doors/keyboards
- secure method of access
35
methods to protect data online
- running up to date anti virus
- use of proxy server
- strong biometrics
36
malware
software that's intentionally designed to cause damage to a computer or server
37
virus
programs or program code that can replicate itself by inserting itself into another piece of software with the intention of deleting or corrputing files
38
ways to protect from a virus
- using anti-virus
- update anti-virus on regular basis
- avoid downloads from unknown sources
- use a firewall
- avoid suspicious websites
39
worms
- a standalone piece of software that can replicate itself automatically and does not require a host
- can corrupt user's computer, delete data and consume bandwidth
40
logic bombs
code embedded in a program on a computer. when certain conditions are met, they are activated to carry out tasks such as deleting files or sending data to a hacker
41
trojan horses
malicious program often disguised as legitimate software with the intent of harming the computer
42
spyware
- software that gathers info by monitoring (e.g: a key on the user's keyboard being pressed)
- the info is then sent back to the person who sent the software
43
phising
- phisher sends e-mail to the user
- when clicked, it takes the user to a fake website so their confidential data can be obtained or malware can be installed on their device
- falls under identity fraud and misuse of financial data
44
pharming
malicious code installed on user's computer or webserver. the code redirects the user to a fake website
45
validation
checks that the data entered is reasonable
46
verification
checks that the data entered is the same as the original
47
calculating check-digit
- each digit in the number is given a weighting e.g: 7,6,4,4,3,2,1 starting from the left
- digit is multiplied by its weighting and then each value is added to make a total
- the total is divided by 11 and the remainder should be substracted from 11
48
checksum
- bytes sent as a block
- bytes added up before transmission
- results of addition is sent with the data block
- receiver will add all the blocks and the answer should be ALL 1s if it's transferred correctly
49
even parity
even number of 1s
50
odd parity
odd number of 1s
51
how digital signature ensures that the e-mail is authentic
- e-mail message is put through hashing algorithm to produce a digest
- digest is encrypted with sender's private key to create digital signature
- digital signature can only be decrypted with matching sender's public key
52
hashing algorithm
mathematical function that produces a hash key
