MGAD30H3 Lecture Notes - Electronic Data Interchange, Public-Key Cryptography, Public Key Certificate
Document Summary
Chapter 3 security part i auditing. Principal threats to the os and control techniques. Risks that arise in connection with edi. Allows users to share and access common computer resources (i. e. processors, databases) 3 main tasks: translate computer language, allocate computer resources, manages tasks of scheduling. Jobs are sent to computer through: system operator, batch-job queues, and telecommunications. 5 control objectives: protect from users, users to each other, users to themselves, itself, and environment. Log-on procedure: requests for user id and password. Access token: contains information about user, user id, password, and access privileges. Access control list: database of who has access to what. Central system admin determines who has access. 3 threats: privileged personnel who abuse their authority, those who seek to exploit security flaws, those who intentionally insert destructive programs into operating systems. Contra security to passwords: forgetting, failing to change, post-it syndrome, simple passwords. System audit trails are logs that record activity.