We should know how to control access to information system. So here we discuss some topics regarding this matter below:
With the introduction of computers, the need for automated tools for protecting files and other information stored in computers became important. This is especially important for a shared system such as a time-sharing system or distributed system.
In such systems, data can be accessed over a public telephone or data network. The authority of a person or organization to some specific data is defined as access.
The generic name for the collection of tools designed to protect data and thwart hackers is computer security. On the other hand, the right of persons to control the distribution of information is termed privacy.
In order to assess the access, security, and privacy needs of an organization effectively and to evaluate and choose various tools and policies, the responsible manager needs a systematic way of defining requirements and characterizing approaches opt to satisfy the requirements.
This is difficult enough in a centralized data-processing environment. With the use of the local area and wide area networks, the problems are compounded.
A list of persons who cause security problems and their objectives are given in Table.
Table: Persons who cause security problems and their objectives
|
Adversaries |
Objectives |
| Sales Representative | Claiming to represent all of the country, not just a city |
| Businessman | Discovering a competitor’s strategic marketing plan |
| Hacker | Testing out someone’s security system; stealing data etc. |
| Accountant |
Embezzling money from the company |
| Con-man | Stealing credit card numbers for sale |
| Ex-employee | Getting revenge for being fired |
| Student | Having fun with others security, for instance, e-mail |
| Stockbroker | Denying a promise made to a customer by e-mail |
You May Like Also:
