Security Measures For Protecting Data Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In a computer system has a virtual memory to allow a computer to store data and information. Virtual memory was user logical memory that was separated from physical memory. The virtual memory system with paging, page frame that are in the system might be all being occupied. Therefore, system needs more space to store the information from other memory storage. Firstly, which page in the main memory may be use as replacement such as overwrite and remove must be clarified. Thus, page-replacement strategies were implemented. Page-replacement strategies was meant to reduce the pages that failed to process to the lowest condition. Memory management system needs to assign the location of pages to load it into main memory from the secondary storage. Updating the appropriate page table entry is also a task of memory management system.

Random (RAND) page replacement is one of the strategies used. RAND is an easy-to-implement, low overhead page replacement strategy. Each and every page in main memory has the same chances being selected for replacement purpose. RAND could make decisions on selecting the page for replacement quick and fairly. The probability of choosing the same page or page that that being used again immediately for replacement is lower. However, there is a problem using RAND. It would replace the page that will be referenced as the next page or even worse. RAND system is rarely seen.

Name and explain all the security measures that can be taken to protect data and information in the computer or being exchanged in a network.

Confidentiality, integrity and availability are the aim of the security. In order to achieve all the aim, security trinity was created. The security trinity criteria are prevention, detection and response. Prevention is the foundation of the security trinity. Prevention should be implementing before detection and response. It cost more but easier and efficient comparing to detection and response. If the prevention is failed to do so, detection is needed to detect the problems. Sooner a problem is detected, it could be solve in time. An organization needs to response to a security breaches by coming out a plan that could identify the problem. Understand the threat that will harm our computer is the first thing needed to do so that we could solve the problem in a correct way.

Classic malware such as worms, Trojans, and viruses could harm our computer. Viruses are a program that known as piggybacks on other executable programs. This is mainly because viruses could not work by themselves. In another word, the virus codes will only acts when a virus is attached with a program and when the program is being executed. Virus's actions normally would spread to other programs and disks. Some viruses are malicious and could automatically delete files or cause systems unusable. Trojan horses are a category of classic malware that hide its malicious attempt. A Trojan horse is different from viruses. It is a completed and self contained program that can act by own. It was created to represents something that attracts the user. As for worms, it is a program that does not need any assistance from user. Worms could spread around by its own and replicates by itself.

A compromised system which is also known as incident or breaches is one of the systems that use by hackers. Hackers would normally place few back doors on a system so that it can be access by them later again. These back doors are put together is called a rootkit. Trojan versions of system binaries are included in rootkit. With the help of Trojan versions, hackers could manage to hide their presence. Hackers would not allow other hackers to gain access to the system that they manage to hack in, so they will normally do a clean job on closing up vulnerabilities. Passwords could be cracked when hackers copied the system's passwords file back to another system. Usually, hackers will load a password sniffer for capturing other systems password. Once the system is compromised, that existence system will be used to irrupt other system or for reconnaissance purpose.

Denial-of-service (DoS) attacks are attacks towards computer system and networks. DoS is categorized into few types. Denial of access to information which causes the information unavailable is one of the DoS attacks. This could destroy the information and turned it into an unusable form. This attack could also move the information to an inaccessible location even the information is still exists. Another type of DoS attack is denial access to applications. Denial access to applications is targeting the applications for not performing properly. Generally, this attack targets are computers that are running an application. Organizations that are using certain application could not perform their works that are done by the application. The third denial of access to system is to bring down a computer system. Stored data would be unavailable once this access attacks a computer application. Lastly, this DoS attacks had been playing a role for many years till now. Denial of access to communications aims is the communications media. Flooding networks with excessive traffics is often being seen. Systems are left by its own, but the lack of communications prevents access to systems and data.

Fraud is a kind of crime that uses computer to gain access to other party information such as credit cards and copyrights. Credit card fraud is an attack which involves many computers in stealing of credit card numbers so that they could obtain the victim's money. Intruders could actually gain access to a large number of credit card numbers through a computer system which he or she does not have to authorize access is a violation of this statute. Whereby, copyrights fraud is defined that a copycat had illegally used others work as their own. An individual had reproduce and distribute copyrighted material over a limited extend. The owner of the work would be suffering a cost of loss if his work had been stolen. A computer system is being compromised for the purpose of producing more copyrighted works to others as theirs. This action had been declared as a crime.

An organization will use several computers for business purpose and these computers are handled by its own employee. In the other words, the privacy of information is depending on the behaviour of the employees. Employees that are not responsibility may betray the organization in the way of providing information of the organization to other organization. This could be a serious matter as an organization may suffer from loss and integrity.

However, there are ways to protect our computer and networks in order to keep our files save. Therefore, security is needed to prevent network threats and protect our computers and networks. Under security concepts that provide information security (INFOSEC) have included communication Security (COMSEC), emission security (EMSEC), computer security (COMPUSEC) and network security (NETSEC). This concept is to ensure that our computer could be protected from hazard. Several types of security measure are necessary such as the anti-virus software, access control, firewall and more.

Anti-virus software has been implemented to protect our computers from losing data. It is a good security system program. The anti-virus software could auto-detect the virus and delete or quarantine the virus once detected. Anti-virus software need to be installed using original software program to ensure that it could be updated from directed websites. Pirated software does not provide proper updating system. There are viruses that are newly created to harm our computers. Improper anti-virus software that could not be updated accordingly to prevent the new viruses will affect our computer. End-user should fully responsible in regard to practices proper anti-virus protection.

An organization should come out with a system that has the capability to restrict users to access to certain files based on their user ID and attempting access. Therefore, legitimate user will be restricted from files that exceeded from their range. This system is known file access control. As long as the legitimate user could not gain access to the file, they will not be able to harm our information.

For network, generating a strong password is an important thing for users. Frequently change our password could ensure that our information is always in a safe situation. A strong password must consist of different character so that the legitimate user could not be able to guess the passwords. Other than that, deleting the internet browser's cookies or disable all cookies. Cookies are text field that normally we use to store our information such as remembering our e-mail and password in facebook so we could save time from typing our information again.

Devices control of a network and help to protect an organization's data in an internal network from external attack could be done by using firewalls protection. Firewalls are border security products as they stood between an internal network and an external network. Firewalls have become an important security network as time goes by.

More and more people are using computer over time goes by. Computers have become an important role in their life. However, there are problems occurred when computers are connected to each other as a network. For example, there are several types of network connections such as Local Area Network (LAN) and Wide Area Network (WAN) for communication purpose. A group of people would misuse these connection systems that may lead the network to a risk. Therefore, security is needed to prevent network threats and protect our computers and networks. There goes a saying prevention is better than cure.

Maiwald. E (2004). Fundamentals of Network Security. United States: Brandon A. Nordin. p8-268.

COMSEC - protect information intransit

EMSEC - enemy has significant resources to read the electronic emissions from our computer system.

COMPUSEC - control access on our computer system

NETSEC - control the security of our local area network

Maiwald. E (2004). Fundamentals of Network Security. United States: Brandon A. Nordin. p8-268.