Security Of Information In Software
In the modern world, there has been a lot of speculations from different organizations or businesses that mostly uses the advanced technology to enhance operation efficiently in their work. They have been a lot of reports about the security of their vital information. This then has led to the future investigations on what is happening for this information to be lost, during the studies areas such as security properties, requirements and controls, and lastly the major menace buffer overflow.
1. Describe the three security properties of information.
The information system of an organization is very vital and should be looked at. This is because they are prone to attacks from many people (Vroom, 2004). To run a business and control its information we need to take this into consideration, these include confidentiality, integrity and the availability. The information should be confidential in that they should not be exposed to intruders who may alter its importance. The information should be right and also available to the firm to enable access and the ease to operate and safeguard the security of the data.
2. The difference between security requirement and safety control
Security control are mechanisms put in place as a safeguard or to shun, notice and to minimize the safety risks to the physical properties such as the computers while security requirements is a collective effort involving the participation of many people such as the analysts, architects and the regulatory bodies to come up with various tips to curb the mess in the society that involves the risks associated with the information from the attackers.
3. How a buffer overflow can allow an attack to the computer.
A buffer overflow is a weakness in a system that may allow a threat to exploit the software of the computer and thereby to affect the operation of the scheme. Taking a computer as an example, the memory space may get splits from the software (Bulgurcu, 2010). When the contents of a buffer are overflowed, this may overrule the portion of the computer’s memory. Therefore, the information stored in this memory space may be lost forever and hence create a gap for an attack. The split information may be used by the attackers to alter the operation of the software.
There has been a lot of cyber-crimes in the society as a result of the widespread of technology among the people. For example in 2003, singer Madonna-web was hacked by the intruders, and this made the singer of her distaste for internet piracy. This complaint has been reported from many businesses mostly the banks where the intruders have hacked and converted the large sum of money to their account. Therefore, we should look at the security of our information and protect the most vital information in the organization (Bulgurcu, 2010).
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523-548.
Vroom, C., & Von Solms, R. (2004). Towards information security behavioral compliance. Computers & Security, 23(3), 191-198.