The Basic Concepts Behind Data Bases Information Technology Essay

The prefatorial Concepts Behind Data Bases In gaination Technology EssayDatabases be sight of raw fact and figures or in single word we stack say data in digital form, databases ar classified on the basis of their content analogous text document, bibliographic and statistical and so forth Databases atomic number 18 managed by softwargon called database management offline (Database Management System), DBMS ar responsible of storing, retrieving, accessing, aegis, title and querying the data as fast as realizable and in most efficient commission.One of the most received(p) DBMS in market is ORACLE DBMS. ORACLE is the most bank in market and almost to each iodin and every organization enforces it. One of the high hat credentials features of ORACLE is Secure Database Access.SDA is based on three functions which atomic number 18Under USER MANAGEMENT comes how much space has to be provided to each drug substance abuser, what level of access has to be provided to user s, the space and rights of one user does non interfere with early(a). Under PASSWORD MANAGEMENT come the default passwords of users, delimitate the password complexity, deciding the password expiry time limit, password plight facility etc. Under RESOURCE LIMTS comes deciding CPU time, rational reads, con live session per user, idle time, amount of non normal SGA for sh ard sessions.The above mentioned protective covering features comes with both enterprise level operating system for showcase SUN SOLARIS a UNIX flavored OS has all this security features w here(predicate) there is go to pieces file system for all users, each and every file system and file has access permission defined for the root, the user and others, passwords for each user is there and they are stored in encrypted form and for each and every user the resources are defined.Briefly describe the purpose of firewalls and how they work, including a comparison of at least three principal types.Firewalls are a type of hardware or software which is use to protect the system or network. Firewall acts as fences around the system or network which do not forfeit anybody who wants unauthorized access or after access tries to do slightly sort of damage.To protect ones data and network Firewalls employ a fare of technologies, of which the first one is simple set of rules means all the ports should be closed initially and as one goes with applications there must be ports defined for them and only those ports are o create verballyed for those applications to use, open ports are like holes which any hacker push aside use to access your system. There are 2 physical types of firewalls software and hardware, software firewalls are mostly used in home environment like the one provided by Nortel and McAfee, they are responsible for protecting you home pc against any sort of remote attack. Hardware firewalls are commonly used in short letter environment, they are dedicated units which have the exte rnal world plugged in distant and the trusted network from inside and they are often available as a pair so that failure of one unit does not make the network open for attack. Both type of firewalls use a number of different techniques to keep your system and network safe, the first thing described is a rules based or packet filter system, here all data in and out is s tail endned to see that is in and out to trusted ports on the system and possibly even trusted IP addresses.Proxy server, this is in between the outside world internet and the trusted inside world network it s displacefuls all packets of data and make certainly if they meet the packet filter rules before passing data to the political machine in the trusted network. This adds a layer of security by never allowing the internet system come in direct contact with the trusted machine, network address translation do not make your innate IP address visible to the internet. A proxy server is nifty against brute force a ttacks.What are the differences between public refer encoding methods and radiate identify encryption methods? get off provide one modelling of each category.The cryptographic technique based on two secerns a public key available to all and a private/ clandestine key known only to the person intended to have it. An classic part to the public key encryption is that the keys are related in such(prenominal) a manner that only the public key bum be used in encryption of the capacitys and only the corresponding private key can be utilized in decipherment of messages. By no chance one can get private use the public key.Public-key encryption like Pretty Good Privacy (PGP), are growing in popularity for enthrallring entropy through internet. They are highly limit and comparatively simple to use. The one difficulty with public-key encryption is that one choose to be aware of the recipients public key so that he/she can encrypt a message. What is mandatory therefore is a glo bal enrollment of public keysSymmetric key encryption for both encryption and decryption uses a uniform secret key. Exchange of message requires exchange of keys excessively among users. Message encrypted with secret key can only be decrypted with same secret keySecret-key algorithm is used in symmetric key encryption. Symmetric key encryption techniques are besides called content-encryption algorithms.The big restriction of secret-key algorithm is the requirement for sharing the secret-key. This can be overcome by deriving the same secret key at both ends by employ a user supplied text string or we can say password based on password-based encryption algorithm, other way round is to securely exchange the secret-key among themselves.Size of the key defines the strength of the symmetric key encryption used.Consider the following cipher text EHWWHU EH GHVSLVHG IRU WRR DQALRXV DSSUHKHQVLRQV WKDQ UXLQHG EB WRR FRQILGHQW VHFXULWB (Edmund Burke)a) line the cipher text above using a 26- use Caesar Cipher. Explain your thinkExplain how you would quickly determine if the above cipher text is the top of a simple substitution or a transposition cipher, also explaining the difference between each. Please justify your answer.The cipher text gets decrypted to wagerer BE DESPISED FOR besides ANXIOUS APPREHENSIONS, THAN RUINED BY TOO CONFIDENT SECURITYA shift of 3 was used to own the output as the quote mentioned above. The above cipher can be determined as simple substitution cipher as we can list down the two alphabet words in incline and shifting each alphabet to certain position gives any one of the word.Substitution cipher is all roughly replacing one character or alphabet with other and transposition cipher is all about jumbling of the words together instead of replacing characters, transposition cipher changes the range of the characters and can be analyzed by frequency analysis.Unfortunately your electronic computer has been give by some beady-eyed co de and you do not know when this transmission system happened. Luckily you have performed sustainups on a periodical basis since you acquired your computer. Your idea is to use the backups starting from the beginning, rebuilding the first backup and so on, applying all changes in order. Discuss the feasibility of this approach fling ways to improve it, if necessary.This is the safest way of rebuilding computer again and would in spades solve the put under as this is the gradual graduation by step up gradation of the system and would bring the system to state where it was infected but without the problem. What I feel like if we start restoring the system from back rather than doing from start and checking for the stability of the system. This approach saves time and effort as after restoring first only you have the probability of solving the issue or what we can do is not do one by one incremental steps but keep an interval of the backups and do.Please compare and contrast sequ ent response plans and business persistence plans. keep down heir key elements (what would one expect to see in such a document?)The hap response plan is defined as what make up a security incident and highlight the phases of incident response. The incident response plan document is focused on how instruction reaches the appropriate personnel, investigation of the incident, bringing down damage and strategy to respond, livelihood and evidence preservation. The incident response plan consists of responsibility area and pen down and brings in effect procedures for handing security incidents. The document emphasizes on the considerations required to create an incident response plan.The incident is formulated to safeguard against violation to organizational resources. An incident is defined as cultivation confidentiality loss, data rightfulness compromise, theft or damage of IT assets like computer, printer etc, service denial, reproach of assets or services or data, system infe ction by malicious software, unauthorized access, system abnormal behavior, alarms for intrusion detection and their responses.The incident response goals are incident occurrence verification, business restoration continuity, minimized incident impact, determine the way of attack, measure against future attacks, response time of security and incident should be improved, illegal activity prosecution, situation and response has to be made aware to management.The incident response life cycle begins by incident preparation, then comes the discovery of the incident, notification, analysis and assessment, response strategy, containment, re infection prevention, affected system restoration, documentation, preservation of evidence, external agencies notification, update policies and response review.The business continuity planning is required for making an organization safe from internecine and external threats and identifies the soft and hard assets to provide effective recovery and preve ntion of the organization. The following threats are there to an organization asStaff expiry or injury, building are damaged, loss of communication and IT infrastructure, disruption in transport making staff unavailable, stress and demoralization in staff, other business disruption or closing down on which a company is dependent, reputation damage and business change involves. To cover up the following threats following steps should have been planned sufficient hands with right expertise and motivation to manage and lead the organization, access to key IT system and records, staff communication should be reliable and clear, ability of gainful the staff in case of crisis also, product and services procurement and media demand responses. The steps involved in developing a business continuity plan in systematic way are analysis of business, attempt assessment, strategy development, plan development and plans should be rehearsed.One hundred long time ago, Louis Brandeis and Samuel Warren warned us that, Numerous mechanical devices threaten to make expert the prediction that what is whispered in the closet shall be proclaimed from the housetops. coding is an enabling technology for self-help privacy. Conversely, secret writing can be used to inter criminal conspiracies and activities, including espionage.a) How have computers changed the ways in which we have to keep certain information private?b) What new threats do computer systems and networks pose to personalised privacy? Conversely, what threats are enabled or enhanced by computer systems and networks?c) How does cryptography help or hinder protection of privacy and public galosh?d) What policies are needed and appropriate in a networked world regarding the use of cryptography?e) Consider a public key encryption. Ann wants to send amount a message. Let Annpriv and Annpub be Anns private and public keys respectively. The same for height ( agitatepriv and Billpub).i) If Ann sends a message to Bill, w hat encryption should Ann use so that only Bill can decrypt the message (secrecy)?ii) Can Ann encrypt the message so that anyone who receives the message is assured that the message only came from Ann ( legitimacy)?iii) Is it possible for Ann to devise a method that will allow for both secrecy and authenticity for her message? Please justify your answer.Computers help a lot in property private informations secure. With all the security features into the system like firewalls and other security features one can keeps his/her information secure from un authorized access. Initially for safekeeping the information private one has to classify the physical files or documents having information as classified or confidential and have to be unploughed in safe custody so that unauthorized access is not there, the initially the information transfer has to be taken through physically under supervision but with computers and secure software systems and various encryptions which are efficient a nd complex to break, transport of information has become easy without any extra effort. With increasing use of information technology in form of computers has also created new types of threats where hackers who are experts in breaking the system security and network security and get easy access of ones private data. flock use the information transfer and other IT means to transfer information which cannot be scanned by authorities for example terrorist organizations uses the networks and other safe methods to transport the information which could not be easily get hold of decrypted by organizations working against them.The biggest advantage of public key cryptography is the secure nature of the private key. In fact, it never needs to be transmitted or revealed to anyone. It enables the use of digital certificates and digital timestamps, which is a very secure technique of signature authorization. We will look at digital timestamps and digital signatures in a moment, but as discuss ed above cryptography can be used by organizations or individuals involved in wrong activities to transfer data which cannot be caught or decrypted by authorities working against them, then cryptography can go against world peace. Cryptography use should be mandated for the right purposes.There are few cryptographic policies that have been challenged, both literally and figuratively. In particular export understands, key escrow and government control have been issues argued recently, with final decisions still unresolved. International agreements and foreign decisions regarding these topics have influenced the current U.S. position.Ann should use the public key encryption method to send a message to Bill.Ann can create her digital signature of the message using the private key which can be verified using public key to see message is authentic.Yes Ann can use public key encryption for encrypting the message to maintain the confidentiality or secrecy of message and she can use digit al signatures with public key encryption to maintain the authenticity of the message.