- Article 101. - A program for computing the original expression in any form, language or code, a set of instructions which, with a sequence, structure and specific organization, aims to make a computer or device performs a specific task or function.
- Article 102. - Computer programs are protected on the same terms as literary works. Such protection extends to both operating programs to application programs, whether in object code form. Save those computer programs which seek to cause harm to other programs or computers.
- Article 103. - Unless otherwise agreed in contract, economic rights in a computer program and its documentation, they have been created by one or more employees in the exercise of their duties as instructed by the employer, relate to this.
- Article 104. - As an exception to the provisions of Article 27 paragraph IV, the owner of copyright in a computer program or database shall, even after the sale of copies thereof, the right to authorize or prohibit the letting of such copies. This provision does not apply where the copy of the software does not constitute in itself an essential object of the license.
- Article 105. - The user of a computer program may make as many copies to authorize the license granted by the owner of the copyright, or a single copy of the program provided that:
1. Is essential for the use of the program;
2. Is intended exclusively as a backup to replace the legitimately acquired copy when it is not used for damage or loss. The backup must be destroyed when the user's end to use the computer program.
sábado, 12 de septiembre de 2009
What are individual rights referring to computers?
What are the most common ways to keep or maintain integrity of data?
- Entity integrity concerns the concept of a primary key. Entity integrity is an integrity rule which states that every table must have a primary key and that the column or columns chosen to be the primary key should be unique and not null.
- Referential integrity concerns the concept of a foreign key. The referential integrity rule states that any foreign key value can only be in one of two states. The usual state of affairs is that the foreign key value refers to a primary key value of some table in the database. Occasionally, and this will depend on the rules of the business, a foreign key value can be null. In this case we are explicitly saying that either there is no relationship between the objects represented in the database or that this relationship is unknown.
- Domain integrity specifies that all columns in relational database must be declared upon a defined domain. The primary unit of data in the relational data model is the data item. Such data items are said to be non-decomposable or atomic. A domain is a set of values of the same type. Domains are therefore pools of values from which actual values appearing in the columns of a table are drawn.
http://en.wikipedia.org/wiki/Data_integrity#Types_of_integrity_constraints
What is a backup?
In information technology, backup refers to making copies of data so that these additional copies may be used to restore the original after a data loss event. These additional copies are typically called "backups", and are useful primarily for two purposes:
- Restore a state following a disaster (called disaster recovery).
- Restore small numbers of files after they have been accidentally deleted or corrupted. Data loss is also very common. 66% of internet users have suffered from serious data loss.
What are encryption messages?
Encrypting a message protects the privacy of the message by converting it from plain, readable text into cipher (scrambled) text. Only the recipient who has the private key (private key: The secret key kept on the sender's computer that the sender uses to digitally sign messages to recipients and to decrypt (unlock) messages from recipients. Private keys should be password protected.) that matches the public key you used to encrypt the message can decipher the message. This is a separate process from digitally signing a message.
Which are the most common policies in virus detection?
- Stay aware of current virus news by checking sites specialized for that.
- Keep your anti-virus software up-to-date, and use it.
- Make sure that your anti-virus software checks all files every time they're opened.
- Don't open e-mail attachments that you didn't expect and don't know exactly what they are.
- When downloading files from the Internet, download only from reputable sites and scan the files before executing them.
- Be careful exchanging disks and files between computers. If you are taking a file to a computer lab for printing, write-protect the floppy disk.
- If you use Microsoft Outlook (not Express) for e-mail, make sure that the "automatic preview" feature is disabled. You can find this option under the "View" menu.
- Make sure that Microsoft Office macro virus protection is enabled.
- Consider deinstalling Windows Scripting Host.
viernes, 11 de septiembre de 2009
What is a firewall?
A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria.
Firewalls can be implemented in either hardware or software, or a combination of both, and are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
Many users complain of certain firewalls conflicting with legitimate programs or generally not working. The Internet slang term for these is "cottonwall".
There are several types of firewall techniques:
- Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
- Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
- Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
- Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
What are the most common security procedures?
The most common procedures when applying security are:
- Zipping the information or data.
- Giving a security code to the computer, so that only close members can have access to the data contained.
What is software security?
Software is itself a resource and thus must be afforded appropriate security. Software also contains and controls data and other resources. Therefore, it must be designed and implemented to protect those resources.
Software Security Assurance(SSA) is a process that helps achieve that goal, ensuring that software is designed to operate at a level of security that is consistent with the potential harm that could result from the loss, inaccuracy, alteration, unavailability, or missuse of the data and resources that it uses, controls, and protects.
- This begins by identifying and categorizing the information that is to be contained in, or used by, the software. The information should be categorized according to its sensitivity.
- Once the information is categorized, security requirements can be developed. The security requirements should address access control, including network access and physical access; data management and data access; environmental controls (power, air conditioning, etc.) and off-line storage; human resource security; and audit trails and usage records. kabseung.
All security vulnerabilities in software are the result of Security bugs, or defects, within the software. In most cases, these defects are created by two primary causes:
- Non-conformance, or a failure to satisfy requirements
- An error or omission in the software requirements.
What is meant by "physical security"?
Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.
Physical security is often overlooked (and its importance underestimated) in favor of more technical and dramatic issues such as hacking, viruses, Trojans, and spyware. However, breaches of physical security can be carried out with little or no technical knowledge on the part of an attacker. Moreover, accidents and natural disasters are a part of everyday life, and in the long term, are inevitable.
The three main components to this physical security are:
Physical security is often overlooked (and its importance underestimated) in favor of more technical and dramatic issues such as hacking, viruses, Trojans, and spyware. However, breaches of physical security can be carried out with little or no technical knowledge on the part of an attacker. Moreover, accidents and natural disasters are a part of everyday life, and in the long term, are inevitable.
The three main components to this physical security are:
- Obstacles can be placed in the way of potential attackers and sites can be hardened against accidents and environmental disasters. Such measures can include multiple locks, fencing, walls, fireproof safes, and water sprinklers.
- Surveillance and notification systems can be put in place, such as lighting, heat sensors, smoke detectors, intrusion detectors, alarms, and cameras.
- Methods can be implemented to apprehend attackers (preferably before any damage has been done) and to recover quickly from accidents, fires, or natural disasters.
What is meant by "data privacy"?
Information privacy, or data privacy is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them.
Privacy concerns exist wherever personally identifiable information is collected and stored - in digital form or otherwise. Improper or non-existent disclosure control can be the root cause for privacy issues. Data privacy issues can arise in response to information from a wide range of sources, such as:
Privacy concerns exist wherever personally identifiable information is collected and stored - in digital form or otherwise. Improper or non-existent disclosure control can be the root cause for privacy issues. Data privacy issues can arise in response to information from a wide range of sources, such as:
- Healthcare records
- Criminal justice investigations and proceedings
- Financial institutions and transactions
- Biological traits, such as genetic material
- Residence and geographic records
- Ethnicity
The challenge in data privacy is to share data while protecting personally identifiable information. The fields of data security and information security design and utilize software, hardware and human resources to address this issue.
jueves, 10 de septiembre de 2009
What is meant by "data integrity"?
Data integrity is a term used in computer science and telecommunications that can mean ensuring data is "whole" or complete, the condition in which data is identically maintained during any operation (such as transfer, storage or retrieval), the preservation of data for their intended use, or, relative to specified operations, the a priori expectation of data quality. Put simply, data integrity is the assurance that data is consistent and correct.
Often such integrity is ensured by use of a number referred to as a Message Integrity Code (MIC) or Message Authentication Code (MAC).
In cryptography and information security in general, integrity refers to the validity of data. Integrity can be compromised through:
Often such integrity is ensured by use of a number referred to as a Message Integrity Code (MIC) or Message Authentication Code (MAC).
In cryptography and information security in general, integrity refers to the validity of data. Integrity can be compromised through:
- Malicious altering, such as an attacker altering an account number in a bank transaction, or forgery of an identity document.
- Accidental altering, such as a transmission error, or a hard disk crash.
- Programming errors that result in inconsistencies in the data.
viernes, 4 de septiembre de 2009
What is meant by security of data?
The seventh Data Protection Principle requires that precautions should be taken against the physical loss or damage of personal data, and that access to and disclosure of personal data should be restricted.
Here are some recommendations that can be useful just for general guidance only, considering the hundreds of indications for keeping data secure:
Manual data
- When not in use, files containing personal data should be kept in locked stores or cabinets to which only authorised staff have access.
- Procedures for booking files in and out of storage should be developed, so that file movements can be tracked.
- Files should be put away in secure storage at the end of the working day, and should not be left on desks overnight.
Electronic data
Attention is drawn in particular to the following policies, which are directly relevant to the security of personal data and other data, like:
- Covering security of usernames, passwords, shared file areas, etc.
- Covering overall responsibility for IT security.
- Duties of staff responsible for servers.
- Authorised use of hardware and software.
- Authorised use of network connections.
- Care must be taken to ensure that PCs and terminals on which personal data are processed are not visible to unauthorised persons, especially in public places. Screens on which personal data are displayed should not be left unattended.
- Particular care must be taken when transmitting personal data. Appropriate security precautions, such as the use of encryption and digital signatures, should be taken when sending personal data by email. Transmission of personal data by fax should generally be avoided.
Taken from http://www.soas.ac.uk/infocomp/dpa/policy/security/
What is data?
- The term data is given to distinct pieces of information, usually formatted in a special way. All software is divided into two general categories: data and programs. Programs are collections of instructions for manipulating data.
- Data can exist in a variety of forms -- as numbers or text on pieces of paper, as bits and bytes stored in electronic memory, or as facts stored in a person's mind.
- The term data is often used to distinguish binary machine-readable information from textual human-readable information. For example, some applications make a distinction between data files (files that contain binary data) and text files (files that contain ASCII data).
- In database management systems, data files are the files that store the database information, whereas other files, such as index files and data dictionaries, store administrative information, known as metadata.
Suscribirse a:
Entradas (Atom)
