System Security Essay Research Paper System Security

System Security Essay, Research Paper

System Security System security is the amount of protection against unforeseen events, which might cause the system to fail. The amount of security in a given system depends upon the value of the information contained within the system. As the information becomes more valuable, the amount of money spent on protecting the information also increases. An example of this would be someone keeping their valuables in a home fire safe whereas a bank might keep their valuables in a time-controlled vault. Data security is the protection of data through emergency recovery plans and the controlling of end user privileges. This is the actual maintenance of the data itself. Through emergency recovery plans, data is protected from natural disasters and hardware failures. An emergency recovery plan should include a regular schedule for back-ups to be made of the system data. It should also allow for large disasters sometimes referred to as acts of God. Recovery plans allow for these disasters by having a back-up that is located off-site. This means that if the building collapsed in an earthquake, there would still be a copy of the system data at a site that wasn t effected. Now to be really effective the back-ups have to be maintained regularly. This way there isn t too much lost data when the back-up is restored as the main system. The back-ups should be maintained at a certain regular schedule and several back-ups should be maintained. This allows for data corruption. If the data was corrupted before the last back-up was run then that back-up would also contain the errors. By keeping multiple back-ups, the system can be restored from a previous back-up that hadn t had a chance to become corrupted yet. Another form of data security is the controlling of user privileges. Operating systems such as Novel NetWare and Unix allow for the controlling of individual users access to files and directories. By allowing only authorized users access to sensitive files, the system can be more fully protected against malicious use of the data or from errors caused from incompetence. In controlling the users on a system care should be taken in the assignment of passwords. Passwords should contain letters and at least one number or special character. If at all possible, passwords shouldn t be names or standard dictionary words. Passwords aren t effective if they can be guessed in any small amount of time. Lastly if there is any doubt on the security a password offers, change it often. This technique makes it much harder for an unauthorized user to gain access more than once. A system should also be protected from out-side sources that necessarily are not directly related to the users of the system. Protection from outside attacks is increasingly more important in our electronic commerce community. Any data transfer, which takes place outside of a corporate network, is free game for whoever wants to try and read it. Encryption Encryption is the answer that has been developed to protect information from eyes that were never meant to see it. Codes and ciphers have been around for hundreds of years. The secret decoder ring is a classic example of a simple code. Each letter of the alphabet is replaced by an offset. In this scenario A would be C and B is replaced by D, and so on. This allows for the sending of an unreadable message that can be decoded by the person that knows the proper offset. When a line of text is in normal readable form it is considered to be plaintext. Once plaintext is encrypted it becomes ciphertext. The ciphertext produced by present encryption standards follows the same idea as the decoder ring but the algorithms involved are much more complex. Now in today s world a simple cipher couldn t protect sensitive data with any measure of real security. There have come about several different approaches to how data is encrypted. They generally fall into two categories normal encryption and public-key encryption. In a standard encryption scheme the message is encrypted with a certain key word that the receiver of the message needs to know to decrypt the message. In public-key encryption the key used to encrypt the message is different from the key used to decrypt the message. This scenario allows one of the keys to become public. In this way the sender can encrypt a message to his friend, using the friends public-key, and there would be no need for any other contact between them for the friend to read the message. This was a problem with standard encryption because the channel used to send the key to the recipient would have to be secure otherwise there would be no reason to use encryption. It s interesting to note that when using public-key encryption to send an encrypted message, the sender can t read his own message once it has been encrypted. The only person who is able to read the message is the receiver. Due to the fact that the receiver is the only one who knows the secret key needed to decrypt the message. DES or Data Encryption Standard is one of the popular computer encryption algorithms in use today. It is an international standard that has been around since the 1970 s. It was created to allow different companies to create coding devices that would be able to work together. Another advantage of the Data Encryption Standard was that it was tested to be secure. The testing of the algorithm was accomplished by trying to break the code with a great amount of re