Risk and Scenarios

BismiAllah-I-Rahman-I-Raheem

Risk and Scenarios

Threats to computer internal databases and software come from internal and external attacks . Many internal threats are sometimes intentional or unintentional . It may be from legitimate users or illegitimate person This is important to enhance and promote information security in an organization . The first step is to implement a wise security plan

Once the data is lost it creates a number of problems and incurs heavy cost in retrieving the data and taking new measures for the security

Security also implies to the protection of systems on

which data is saved . This includes protecting computers , networking elements , services and applications

Protecting networks is important for keeping the information confidential , to maintain the integrity of information , authentication of legalize users , and availability of data

Possible threats and dangers to the Networks

A threat to the secure data on computers comes from both inside and outside users . It may be intended or it may be unintentional and accidental . There are also passive and active threats . Passive threats are those where only secure information is released without affecting the system (Computer Security , 1998 . In case of active threats information and system both are affected (Computer Security , 1998 ) and this is mostly intentional

Threats could be from hackers who masquerade for accessing secure data or spreading virus . Insider attacks could come from the loss of confidential secure data by authorized users where as outsider attacks are intentional site invasion or data access by illegitimate users . Some users can create trap doors that allow unauthorized person to access information . In addition , threat is from viral attacks that may damage important data , s and hardware . Exhaustion attacks to access passwords or any other encrypt data . Many other accidental failures can also cause damage to database and software including hazards to equipment and systems . For e .g , power failures , rain /snow /air storm earthquakes etc

Protection from outside threat

Protection from external threats include implications of following measures

Encryption Software /data

Encryption is to encode the information into an unreadable format using specific mathematical key . In this way message cannot be read in the hands of unauthorized persons . Only authorized person having the same matching key can decrypt and read the message

There are different encryption models for encrypting /decrypting s These models in turn have variable keys , coming in various size and numbers . The smaller the key , the easier is to crack the message Therefore , for very secure and confidential information , larger and tougher keys should be used to encode and decode the messages

Two types of keys are important for encryption system i .e , single key and public /private key . In case of single key there is only one key which is exchanged by the companies privately and which is not known by any third party or unauthorized users . Where as public /private key is a pair of public and private key . Public key is known to public and anyone can use that key to send encrypted messages to the company...