COMPUTER SECURITY
Computer Security refers to
protecting computer system ( hardware and software ) and its resources such as
information ( data and programs ), against unwanted access, damage,
modification or destruction.
Computer can be given security
under the following headings:
a) Environmental
security
b) Hardware
security
c) Software
security
d) Security
of data
e) Safety
from viruses
Environmental Security:
i)
Natural disaster
ii)
Electric power supply
iii)
Air conditioning
iv)
Access control
v)
Building construction and design
vi)
Fire protection
vii)
Insurance
Electric power supply- Computer needs
220 volts (AC) -240 volts (AC) supply as the input voltage to its power supply
unit. The frequency of AC (Alternating Current ) supply should be 49.5 Hz to 50
Hz.
Uninterrupted Power Supply (UPS)- An
UPS is one which provides uninterrupted supply of power in case of failure of
regular supply to the computer system.Whenever there is a power cut or supply
problem, automatic switching takes place between regular supply lines and the
UPS and without interruption a continuous or constant supply of the power to
the computer is maintained. Hence UPS saves the system from any electric
damages to any unit or circuits and from loss of data.
Air conditioning- Air conditioning is
needed to maintain proper temperature and relative humidity for computer
installations.
Access control- Unnecessary persons
should not be allowed inside the computer room. The entry and exit point of the
computer room should be controlled and monitored properly using ID card system.
Access control saves the computer from theft too.
The commonly
used access control methods are:
·
By using ID card system
·
By using mechanical locks
·
By using electronic card system
Hardware Security- Hardware security includes all types of checks
to detect the errors (fault present in the hardware) and to correct them.
Hardware security measures- Modern computers (processors) has
special engineering controls inside it. Such type of control detects the malfunction
arising or existing in the system and record them so that the faults can be
removed or fixed afterwards.
Some hardware diagnostics
facilities are used for priority check to ensure that data is correctly stored,
such hardware checks are included by the manufacturer.
Software security- The security of software includes protection of
both system and application software including data and information.
General software security measures:
Backup
Password
Hard-lock key
Using original software
Anti-virus programs
Backup- Sometimes the software or the database stored in the
harddisk could be damaged due to crash of the hard disk or due to viruses. This
type of problem can be solved by making use of back-up of the database and of
the software, provided the system has the backup files. Hence to prevent such
problems the user must create the backup files from time to time.
Password- The set of letters, numbers or a combination of both
which is used by a user as a code for accessing the computer system and its
resources such as data, information and software. Password is one important
measures of computer security.
Hard-lock key- Hard-lock key is a
kind of checking point available within the software during its running time.
The user needs to type kind of password when the software asks the hard lock
key to be typed, if it matches, the software suns otherwise it does not work.
Thus, the hard lock key protects from software piracy.
Security of data- Data and information are the important resources
of a computer system which is needed to be protected from being misused. The
security of data can be done by making use of software, access control,
password etc.
Use of original software- Original software is a virus free
software, hence the use of original software provides a computer optimum
security.
The software having proper
security system is able to:
i)
Identify each and every system user.
ii)
Maintain a log of all usage.
iii) Control the access over data and program etc. so
that only the authorized users are allowed to access them.
Computer Virus
Computer Virus - Computer Virus is a self-replicating computer
program that interferes with the computer’s hardware or the operating system
resulting in the malfunctioning of a computer system.Viruses are designed to replicate
and elude detection.
Examples of viruses: TIME BOMB,
C-BRAIN,DATA CRIME, MARIJUANA, PAKISTANI VIRUS, ITALIAN VIRUS, FRENCH VIRUS,
INDIAN VIRUS, MICHAELANGELO VIRUS, DARK AVENGER, STONE VIRUS, JUNE 12 VIRUS,
CALIFORNIA VIRUS, WIN32 VIRUS etc.
Types of viruses- The number of viruses are unlimited, everyday
people are encountering a number of new viruses.
Depending on their nature (
characteristics) of a virus, viruses are classified into three types.
a) Start-up
infectors or boot sector infectors
b) System
infectors ( DOS system or OS system infectors)
c) Application
program infectors.
Start-up infectors- Virus, which alters the data or the application
soft wares available on the computer as soon as the system is started are known
as start-up or boot sector infectors. Hence, one should be aware of this virus,
these viruses reside on the boot sector of your disk.
System infectors- The system infectors infect and destroy or
corrupt the system files concerning the operating system of the computer. Once
the computer is infected with these virus the system files fail to perform
their function and the system may not be booted.
Application program infectors- The virus infects and damages the
application soft wares like word processor ( e.g. MS-Word) database package (
e.g. MS-Access) or spreadsheet package
(e.g. MS-Excel) are known as application infectors.
Indications of computer virus infection:
a) Files
disappear and or strange files appear.
b) Change
occurs in the size of executable files.
c) Drive
lites come on for no reason
d) Unusual
error messages or screen display appear
e) Memory
and disk space are suddenly reduced
f) Loading
program and disk access takes excessively long time.
Harmful effects of Viruses:
i)
Changes the orderly arrangement of the program
ii)
The data are lost whenever it is infected by
some virus
iii)
The size of the file is altered .
iv)
When a file is infected by a virus, there is
every possibility that it spreads to most of the other important files.
Computer virus comes from:
a) External
disks or pen drive infected with viruses.
b) Virus
infected games and programs
c) E-mail,
Internet, Intranet etc.
Safety from computer virus:
Steps to follow
to keep our computer system free from viruses:
i)
Do not download any program from infected disk
or any networks to the hard-disk of your computer unless you are confirmed that
they are virus free.
ii)
Do not boot your system with virus infected
cd/dvd, pen drives.
iii) Watch for unexplained changes in the way your
system functions, for example disk drive running for no good reason.
iv)
Prevent the use of your system by unnecessary
persons use password.
v)
Have password protection for your software
access.
vi)
Keep backup of your program s or data everytime
you update it.
vii)
Always keep the backup of .COM, .EXE, and data
files.
Why is computer virus made?
a) To
protect programs from piracy.
b) To
introduce entertainment during the use of the program.
c) To
let the software companies more money.
Points to remember
There are other harmful computer
programs that are similar to viruses but they do not replicate and elude
detection. These programs fall into three categories and they are:
i)
Trojan Horse
ii)
Logic Bombs
iii)
Worms
Trojan Horse- Trojan horse appears to
be something interesting, such as a game but when it runs it may have harmful
effects.
Logic Bombs- A logic bomb delivers its
payloads when it is triggered by a specific condition, such as when a
particular date or time is reached or when a combination of letters is typed.
Worms- A worm only makes a copy of
itself so it cramps the computer’s memory and slows down the processes.
Antivirus Software- Antivirus
software’s are the best possible means of protecting a computer system and its
resources from viruses.
Antivirus
software are capable of detecting and eliminating viruses. Antivirus software’s
needs to be updated constantly (dialy).
Examples of
antivirus software:
AVAST,
AVIRA,AVG, MCAFEE,KASPERSKY, BIT DEFENDER, NORTRON ANTIVIRUS, PC-CILLIN,CPAV,
MSAV etc.
Notes :
Multipartite virus- Multipartite virus
combine the abilities of the parasitic and bootstrap sector viruses and are able to infect either
files or boot sectors. These types of viruses can be spread is a computer user
boots from an infected diskette or accesses infected files.
Micro virus ( Document Infector virus )
– Micro viruses are viruses that infect Microsoft office programs such as
Excel, Word, Access and Powerpoint. MS-OFFICE has the facility to create macros
to maximize the efficiency of documentation, but now a days there are cases
seen frequently where macros are created to perform as viruses.
Melissa, Love
Letter etc. are macro viruses.
Script virus- Script viruses are
written in script programming languages such as VBScript (Visual Basic Script)
and Java Script. “HTML.Redlof.A” is a script virus. Due to this virus opening
of web pages becomes very slow.
CYBER LAW AND COMPUTER ETHICS
Cyber Law- Cyber law may be defined as the law or acts or rules
framed and adopted by the concerned authority like the individuals,
organizations or Government for safeguarding against digital crime or any
crimes concerned with computers or any other digital media that are performed
by the people willfully to damage, make loss or steal information etc.
Cyber Crime- Cyber -crime relates to the criminal activity
involving the use of computers and other electronic media. Cyber Crime may be defined in a
general way as an unlawful act wherein the computer is either a tool or a
target or both.
Cyber- crime involves activities
such as theft of money, services, data and programs , destruction of data and
programs by computer viruses, violation of privacy (hacking) and violation of
anti-trust or International law etc.
Effects of cyber crime
·
Loss of time and resources (money) in tracing, fixing
and managing the safety mechanisms.
·
Privacy of public and important governmental
information can be leaked and used for ulterior motives.
Safety from cyber crime:
·
Controlling the access of computer and its
resources with authentication system such as the username and password.
·
Using firewalls and antivirus programs etc.
Cyber Space-In computer jargon, the community of networked
computers and the culture that has developed among the users of these computers
is termed as cyberspace.
***note***
The term cyber space was coined
by an American writer William Gibson and is first published in his 1984 science
fiction novel Neuromancer. In which he described cyberspace as a place of
unthinkable complexity.
The term has given rise to a
vocabulary of cyber terms such as cyber-cafes, cyber-malls etc.
Cyber law of USA:
To provide all types of computer
security, software security and avoid computer crimes, the US Government passed
different bills at different times. The Government tried to apply them as a
national and international cyber laws. The important cyber laws are as follows:
i)
Fair Credit Reporting Act in 1970, USA
ii)
Freedom of Information Act 1970, USA
iii)
Federal Privacy Act 1974, USA
iv)
Video Privacy Protection Act 1988, USA
v)
Computer Matching and Privacy Act 1988, USA
vi)
Copyright Act 1992 USA, etc.
Evolution of Cyber Law of Nepal – In order to regulate and maintain
proper usage of computers and electronic media in Nepal, HMG ministry of
science and technology (MOST) passed the bill of cyber law in 2002 A.D. (2059
B.S.)
For the first time, it was passed
and announced to be implemented from 2061/5/30 as a testing phase. Then after
six months again MOST HMG Nepal revised and passed the cyber law 2002 in
2061/11/28.
In Nepal the title of this cyber
law is “ Bidyutiya Karobar Adhyades dated 2061/11/28”.
Present day cyber law of Nepal - The government of Nepal (House of
Representatives) has approved the Electronic Transaction Act-2063 on 4th
December 2006. The law does not only legalize all sort of electronic
transactions and digital signatures, it has implied the ways to run several
computer-based mechanisms and penalize cyber crime. Apart from that the act has
formulated the terms of Comptroller of Certification Authority which is further
divided into 12 sections and 80 clauses. For more effectiveness it has assigned
separate judicial body called IT Tribunal and Appellate Tribunal to keep an eye
into all cases which are connected to computer and cyber crime. If anyone is
found to be violating Cyber Law then he/ she is equally punished like other
crimes.
Penalties for cyber crimes
According to Cyber Law in Nepal
if an individual is found in cyber crime like hacking the intellectual property
of others he or she will be punished for minimum 6 months to 3 years in prison
and has to pay minimum 50 thousand to max 3 lakhs.
Computer Ethics
Computer ethics is a new branch
of philosophy which deals with computer and electronic media related moral
dilemmas and also defines ethical principles for computer users and
professionals.
Computer ethics emphasizes to use
computer for performing only legal and accepted activities, and it encourages users to abstain from illegal activities such as :
a) Plagiarism
b) Copyright
Infringement
c) Software
Piracy
d) Hacking
etc.
Points of computer ethics:
i)
Not to copy use others data, file or programs
without the permission of the owner.
ii)
Not to inject any type of computer virus in the
users program or in any computer system.
iii)
Not to abuse and fraud other’s software or
database records etc.
iv)
Not to publish the fraud information or notice
etc.
Hacking- Hacking is the gaining of access(wanted or unwanted) to a
computer system and viewing, copying, or creating data(leaving a trace) without
the intention of destroying data or maliciously harming the computer.
Cracking -Method by which a person who gains unauthorized access to
a computer system with the intention of causing damage.
Phishing -
Is the attempt to obtain sensitive information such as usernames, passwords,
and credit card details (and sometimes, indirectly, money), often for malicious
reasons, by masquerading (acting) as a trustworthy entity in an electronic
communication.
Spam -Irrelevant or inappropriate messages ( Junk mail ) sent on the Internet to a large
number of recipients.
Digital Signature - A digital signature is a technique used to
validate the authenticity and integrity of a message, software or digital
document. A digital signature is the digital identity of the sender that
uniquely identifies the particular sender electronically
Multimedia and it’s
Applications
Multimedia –
Multimedia refers to the technology that combines texts, pictures, sounds,
videos etc. and which includes interactive facilities.
Multimedia System-
A multimedia computer system needs the following devices (hardware
requirements)
a)
Computer set
b)
Compatible software
c)
CD/DVD ROM reading drive
d)
Sound card
e)
Microphone
f)
Headphone
g)
Web-cam etc.
Multimedia Technology
– A multimedia technology is a special computerized t3echnique, which helps the
user by providing techniques to combine text, pictures, sound and video films
including interactive facilities to the user to create, store, edit, delete and
copy information or data in the computer media.
Application of
multimedia- The use of multimedia technology is enormous, multimedia
technology is being used in almost every field. Multimedia is extensively used
in creating or making
a)
Video games
b)
Film making
c)
Software training
d)
Education
e)
Seminar
Advantages of
multimedia :
1.
It helps to use in the nice multimedia presentation
for all subjects and all level
2.
Convenient to use, carry and store its
applications.
3.
Powerful presenting tool with coloured pictures,
motion pictures and graphical pictures with multiple facilities.
4. Useable in interactive web page, Internet, video
conferencing, open university and distance education and seminars etc.
Disadvantages of
multimedia :
1.
The multimedia productions are costly.
2.
Requires skilled manpower to use it.
3.
Requires expensive hardware to use it.
4.
Poor people cannot afford to use multimedia due
to high cost.
Multimedia Software
– Multimedia software is a set of programs and utilities for creating
multimedia applications. For example Maya, 3D-MAX etc.
Virtual Reality: Virtual reality is the term used to describe a three-dimensional, computer generated environment
which can be explored and interacted with by a person. That person becomes part
of this virtual world or is immersed within this environment and whilst there,
is able to manipulate objects or perform a series of actions.
The definition of ‘virtual’ is near and reality is what we
experience as human beings.
Virtual reality or virtual realities (VR),
also known as immersive multimedia or computer-simulated reality, is a computer
technology that replicates an environment, real or imagined, and simulates a
user's physical presence that environment in a way that allows the user to
interact with it.
Virtual Reality is a computer
generated reality manipulated and explored using various input devices such as
goggles, headphones, gloves, or a computer. Using these devices a user can
browse through a virtual world or pickup and manipulate virtual objects.
MS-ACCESS (DATABASE
MANAGEMENT SYSTEM)
Types of software :
1.
System software (which includes)
a)
Operating system
b)
Language processors
c)
Utility programs
Examples of operating systems:
MS-DOS, WINDOWS/XP/7/8, UNIX,
LINUX etc.
2.
Application software:
Examples of application software:
MS-WORD (Word processor)
MS-EXCEL ( Spreadsheet )
MS-ACCESS ( DBMS)
MS-POWERPOINT (Presentation )
QBASIC – High Level Programming Language
HTML – To create hypertext documents (web pages)
Web browsers – Internet Explorer, Mozilla firefox, Google
chrome etc.
Data – Data
relates to certain facts about certain event, task or transaction. Data are
basically treated as raw or un processed facts.
Processing – The
systematic manipulation of data to generate information is termed as processing.
Information (output)
– The result of processed data is referred as information.
MS-ACCESS-
Microsoft access is one of the most popular database management program used in
windows environment.
Features of MS-ACCESS
a)
Storage of multiple databases.
b)
Using databases individually or in group.
c)
Creating queries and generating reports.
d)
Designing and printing sophisticated databases
etc.
Database Management
System ( DBMS )
A DBMS is a software which provides an environment that is
both convenient and efficient to use in storing and retrieving database
information.
A collection of data and a set of programs makes the
environment for database management system.
Why use DBMS ? ( Advantages)
i)
Easy to add new data.
ii)
Easy to modify data.
iii)
Able to delete old records.
iv)
Able to arrange data in a necessary sequence.
v)
Data can be sorted, indexed and organized the
way a user wants.
vi)
Queries or search can be done easily in a
database.
vii)
Necessary data can be easily filtered and
retrieved etc.
A B C
Database/ RDBMS objects
a) Table
b) Queries
c) Forms
d) Reports
Table- A table is a collection of data about a specific topic.
Table is where data is stored as a record.
Advantage of table- Table makes a database more efficient and
reduces data entry errors.
Components of a table
A table consists of columns and
rows.
Column- Each column represents a field, a field stores only a
specific category of information.
Row – each row in a table is called record and it consists of
number of related fields.
Example of a table in a database,
consisting of columns, rows, fields and records:
COLUMNS
|
roll no
|
Name
|
|
||
|
Amit
|
|
||
2
|
Babin
|
VII
|
||
3
|
Chunki
|
VII
|
Fields- An item or a field of a record is a unit of meaningful
information about an entity or a field is a piece of meaningful information in
a table of a database. ( a number of fields forms a record)
Records- A record is a collection of fields or related data items.
A record is an information about a particular entity in a field. (each record should have a field to uniquely
identify it)
Queries- Queries allows to manipulate the data of a table that
meets a certain criteria or condition and displays the information on screen in
a simple format.
Uses of query:
·
To bring data from multiple tables and sort it
in a particular order.
·
To perform calculations on group of records.
Forms- Forms are used mainly
for data entry or to display existing data in a user friendly format. Forms are
used to view, enter or update information in a database. Forms present one
record at a time on the screen.
Reports- Reports are specially formatted collection of data organized according to
your specification for summarizing and printing listings of database data.
Reports are designed to be viewed and printed.
Uses of report:
a) Creating
mailing labels
b) Add
a logo or picture
c) Show
totals in a chart
d) Group
t records into categories and calculate totals etc.
Data Type – each field of a database file should be classified into data type or field type to represent the nature of record in a field. For e.g. text, number etc.
Types of fields (data
types)
i)
Text
ii)
Memo
iii)
Number
iv)
Date/time
v)
Currency
vi)
Auto
number
vii)
Yes/no
viii)
Ole
object
ix)
Hyperlink
x)
Lookup
wizard
Text – (default) text or combination of
text and numbers , upto 255 characters.
Memo – Lengthy text oer combination of
text and numbers ,upto 65,535 characters.
Number – numeric data used in mathematical
calculations.
Date/Time – date and time values for th year
100 through 9999.
Currency – currency values and numeric data used in
mathematical calculations involving data with one to four decimal places.
Auto Number – A unique sequential (increment by
1) number or random number assigned by Microsoft access whenever a new record
is added to a table. Auto number fields cannot be updated.
Yes/No – yes and No values and fields that
contain only one of two values (Yes /No , True/False or On/Off )
OLE (Object Linking and
Embedding) – An
object such as Microsoft Excel spreadsheet, a Microsoft word document ,
graphics , sound etc.
Hyperlink – Text or combination of text and
numbers stored and used as hyperlink address.
Lookup wizard – it creates a field that allows you
to choose a value from another table or from a list of values by using a list
box or combo box.
Field properties- Field properties are the attributes
assigned to a field. Example field size,
format etc.
List of field
properties:
i)
Field
size
ii)
Format
iii)
Caption
iv)
Default
value
v)
Validation
rule
vi)
Validation
text
vii)
Input
mask
viii)
Decimal
places
ix)
Required
x)
Allow
0 length
xi)
Indexed
xii)
Smart
tags
Field size – the field size property is set to
the maximum size for data stored in the field set to text or number data type.
For text data , the default field size is %) and for numeric data it varies
depending on field setting as byte, integer , long integer, single and double.
Format – It allows you to display data in a
different format than the way you stored in the database.
Decimal places – Decimal places are valid only for
numeric and currency data. The decimal place number varies from 0 to 15.
Input Mask – input mask allows to have control
over data entry by defining validation for each character that is entered in
the field. You can use input mask wizard for additional information or you can
even create input masks as required.
Caption – caption field is used when you
want to display an alternate name for the field to make the field name more
explanatory. It can contain upto 2048 characters.
Default value – default value is the one that is
displayed automatically for the field when you add a new record to the table.
This can be any value that matches the data types of the field. The default
value can be changed during data entry time.
Validation Rule – The data validation rule enables
to limit values that can be accepted into a field. Validation rule can be
automatic or you can define a method for this purpose.
Validation Text- When a user enters wrong data that
overrides the validation rule, the prompt message can be shown. This is an
option error message typed to display for the precaution of wrong data entry.
Required – you can enter a Yes value for
required if field should always receive a value during data entry time.
Indexed – you can choose whether you want to
index the table. The available index options are: unique index and duplicate
index.
Starting Microsoft Access
When we start MS-ACCESS, Access
will provide windows with three options.
1) Blank Access Database – to create a new
database format.
2) Access Database Wizard Page and Project -
to create a database from wizard.
3) Open an existing file – to open the
existing file from any storage device.
Creating a new database:
When creating a new database, the
database dialogue box will display three options for creating tables:
a) Create table in design view: - Using
design view you see exactly how a table is created and you take on a much more
hands on role in the process.
b) Create table using wizard: - Using
wizard helps to feel free to explore this approach for subsequent tables that
you build on your own.
c) Create table by entering data: - Using
entering data approach is fast but it doesn’t enable you to set up and
customize your fields.
Primary key- A primary key is a field that contains unique data for
each record. It identifies the record in a database. (When a primary key is
set, the filed will get a small key symbol)
Field
|
Data
type
|
Roll
no.
|
Number
|
Name
|
Text
|
Γ
Table wizard – table wizard is a facility that provides many pre-defined sample table formats.
Closing the database- After working with the database in order to
retain changes , a database should be saved and closed.
Opening an existing database – The process of retrieving the saved
database is referred as opening a database.
Adding a field – The process of creating a new field to accommodate
new data or records in a database. (Fields can be added column or row wise)
Deleting a field – The process of removing unwanted field from a
database.
Adjusting column width (size) and row height – It is a process of
increasing or decreasing the column width (size or row height to accommodate
data in the cell.
Cell – the intersection of column and rows is called a cell.
Editing the table structure
– The process of changing the field name, data type, field size etc.
Hiding a field – If a table is too long, all fields may not be seen
on the screen, one can temporarily hide one or more fields of a table to work
with the table in a convenient manner.
Importance of hiding a field:
a) To
view only those records upon which a user wants to work.
b) To
take the printouts of only certain fields.
Sort – The process of arranging records of a field in a database is
called sorting. Sorting can be done in two ways: a)
Ascending (a-z) b)
Descending (z-a)
Filter – Filter
means to find records based on whether they contain a specific value in a
particular field. Filtering data allows to select and restrict to display the
records based on criteria that you specify.
Filters can be
applied in four ways:
a)
Filter by form
b)
Filter by selection/ filter excluding selection
c)
Filter for input
d)
Advance filter / sort
Filter by form –
This technique allows you to choose a type of value that you want the filter
records to contain in empty fields.
Filter by selection
– This technique retrieves only records that contain the selected value in a
data sheet or a form.
Filter for input
– filter for input is used for filtering records that uses a value or
expressions that you enter to find only records that contain the value or
satisfy the expression.
Advanced filter –
advanced filter allows you to apply more than one criteria or condition on
multiple fields.
Arithmetic,
Relational and logical functions used in MS-ACCESS
Arithmetic operators:
+ addition, - subtraction, * multiplication, / division, ^ exponential, %
percentage.
Relational operators:
= equal to, > greater than, < less than, >= greater than equal to,
<= less than equal to, <> not equal, & text concatenation.
Logical operators:
AND – returns
TRUE if all its arguments are TRUE, returns FALSE if one or more arguments are
FALSE.
OR – Returns TRUE
if any argument is TRUE, returns FALSE if all arguments are FALSE.
NOT – Reverses
the value of its argument. Use NOT when you want to make sure a value is not
equal to one particular value.
Examples of DBMS/RDBMS
a)
Dbase III+
b)
Dbase IV
c)
Sybase
d)
Foxprow
e)
Oracle etc.