info security
Student Name: RAIHANA TABASSUM KHAN NATASHA
Student No.: 11535347
Subject Code: ITC 595
Subject Name: INFORMATION SECURITY
Assessment No.: 02
Lecturer: NECTAR COSTADOPOULOS
Assessment due date: 06/04/14
Date Assessment submitted: 06/04/14
Table of contents:
Contents
Answer 1:
Confidentiality:
Confidentiality refers to the information should be secret for the person except the authorized person. If information is confidential attacks cannot steal or copy the information. Confidentiality is much more valuable in passwords and cryptographic keys. It is a shield contrary to unapproved person.
Hacking is a failure of confidentiality. In 2013 LivingSocial stated that their system was hacked which was an unauthorized access. This affected more than fifty millions of their users. User name, email, password, date of birth everything were stolen. This was a failure of confidentiality.(Scmagazine.com,2014) Integrity:
Integrity mainly refers to the honesty, source, and inclusiveness of information and also it blocks wrong and unauthorized alteration of information. It maintains and makes sure that the information is accurate and constant. It has to be same from the source to the recipient.
As an example, the source code of software can be altered to open the security holes on users end before releasing to the open. (Cs.uic.edu,2014)
Availability:
Availability is information being available when an authorized person has requested the information.
As an example we can mention Denial of service (DOS), where the person who is attacking tries to block out the authorized person from using the system totally or nearly being unusable. Normally he overflows the system with unusable information because a system can process definite number of request. If the system is overflowed it can’t process the authorized persons request and it will eventually go into liquidation rejecting
Student No.: 11535347
Subject Code: ITC 595
Subject Name: INFORMATION SECURITY
Assessment No.: 02
Lecturer: NECTAR COSTADOPOULOS
Assessment due date: 06/04/14
Date Assessment submitted: 06/04/14
Table of contents:
Contents
Answer 1:
Confidentiality:
Confidentiality refers to the information should be secret for the person except the authorized person. If information is confidential attacks cannot steal or copy the information. Confidentiality is much more valuable in passwords and cryptographic keys. It is a shield contrary to unapproved person.
Hacking is a failure of confidentiality. In 2013 LivingSocial stated that their system was hacked which was an unauthorized access. This affected more than fifty millions of their users. User name, email, password, date of birth everything were stolen. This was a failure of confidentiality.(Scmagazine.com,2014) Integrity:
Integrity mainly refers to the honesty, source, and inclusiveness of information and also it blocks wrong and unauthorized alteration of information. It maintains and makes sure that the information is accurate and constant. It has to be same from the source to the recipient.
As an example, the source code of software can be altered to open the security holes on users end before releasing to the open. (Cs.uic.edu,2014)
Availability:
Availability is information being available when an authorized person has requested the information.
As an example we can mention Denial of service (DOS), where the person who is attacking tries to block out the authorized person from using the system totally or nearly being unusable. Normally he overflows the system with unusable information because a system can process definite number of request. If the system is overflowed it can’t process the authorized persons request and it will eventually go into liquidation rejecting