













Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Computer Security Data Security Network Security Unauthorized access security
Typology: Study Guides, Projects, Research
1 / 21
This page cannot be seen from the preview
Don't miss anything!














Shadman Shoumick-
BRAC Business School
Arifur Rahman Khan Lecturer BRAC Business School
Submission date: February 17, 2016
February 17, 2016
Arifur Rahman Khan Lecturer BRAC Business School BRAC University 66, Mohakhali, Dhaka, Bangladesh
Subject: Submission of Term Paper on Technology and methods used to ensure security in Database and IT system.
Dear Sir, It is a great opportunity for us to hand over the report of our hardship of the technology and methods used to ensure security in database and IT systems. We have tried our level best for preparing this report. The report is mainly based on technology used in security systems. We have gathered all of the information from online shop and some trading corporation. All of us gave our hundred percent for making this report come together.
We, therefore hope that you will find this plan worth reading. Hope you will appreciate our hard work and oblige thereby.
Thank you.
Sincerely,
Shadman Shoumick
Taraqul Haque
In this modern era, people are heavily being dependent on technology for their storage of information, computation and communication purposes. So, in this assignment, personal computer security, network security and database security. Moreover, ways of security these systems are also discussed.
Computer security, also known as cyber security or IT security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. In addition to that, Network security is also a very challenging fact in these days as many and many networks are being connected to together every day. As a result, networks are being vulnerable to hackers. Besides, Database security is also an important part which makes database safe by encryption, limiting access control, hardening authentication and firewall.
To sum up, information of this term paper will help to the better understanding of security system of today’s world. Besides, it will help to be prepared for future security problem in this modern era.
system updates on a regular basis. Look in your Control Panel and find System or Automatic Updates. You can also find Windows updates in the Tools menu in Internet Explorer, or by visiting Microsoft's Web site at http://windowsupdate.microsoft.com.
Network security begins with verifying, ordinarily with a username and a password. Since this requires just one detail authenticating the user name —i.e., the password— this is sometimes termed one-factor authentication With two-component verification, something the client has additionally utilized a security token, dongle, an ATM card, or a cell telephone and with three- element confirmation, sometimes the clients likewise utilized a unique finger impression. Once confirmed, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) helps detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis. Communication between two hosts using a network may be encrypted to maintain privacy. Honeypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot. A honeypot can also direct an attacker's attention away from legitimate servers. A honeypot encourages attackers to spend their time and energy on the decoy server while distracting their attention from the data on the real server. Similar to a honeypot, a honeynet is a network set up with intentional vulnerabilities. Its purpose is also to invite attacks so that the attacker's methods can be studied and that information can be used to increase network security. A honeynet typically contains one or more honeypots.
Database is a structured set of data held in a computer, especially one that is accessible in various ways. However, Database is important to a company. With complete loss database, a company may need full shutdown of its operations for good. So, it is extremely important to secure database.
Database security: Database security means taking measures to protect and secure a database or database management software from illegitimate use and malicious threats and attacks. Several important ways of securing database are described below
Access control: Access control is a security technique that can be used to regulate who or what can view or use resources in a computing environment. There are two main types of access control: physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access limits connections to computer networks, system files and data.
Auditing: Auditing refers to analyzing user’s action on database so that user’s illegal actions can be detected or identified. Database administrator often employees auditing consultant to check the database system to find out any potential threat.
Authentication: Authentication is the process of verifying the identity of a User who wishes to access it. There are three Factors to perform authentication which are described below.
Security research has determined that for a positive authentication, elements from at least two, and preferably all three, factors should be verified.
Intrusion detection: Intrusion detection systems identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into database system. After identifying, it triggers the alarm system right away.
To sum up, above mentioned methods can be used to secure a company’s database system. However, Ross J. Anderson has often said that by their nature large databases will never be free of abuse by breaches of security; if a large system is designed for ease of access it becomes insecure; if made watertight it becomes impossible to use. This is sometimes known as Anderson's Rule.
Technology is omnipresent in the workplace and the use of technological tools and equipment by companies has grown exponentially. People are using various types of electronic equipment. Those equipment were previously reserved for military or scientific facilities (Computers, smartphones, CCTV cameras, GPS systems, or biometric devices) but many private companies are now commonly using it. They are easy and cheap to install. Technology undoubtedly provides companies with new opportunities for improving work performance and increasing security on their premises. Now-a-days those technology are also using in our country to ensure the unauthorized access in the workplace. Companies are now very much conscious about their security system. They are now investing a lot of money on their security purpose.
Modern advanced technology plays a quite significant role in our daily lives. The digital walkthrough metal detector is such a vivid example. For instance, it provides convenience for employees in the workplace and provides safety for travellers at the airport. Metal detector gate is a kind of apparatus which detects whether people take along metal materials. It is also called safety-check or security door. At one time, metal detector was primarily seen just in airport.
Today we see walk through detectors in a variety of location including police station, schools, public and private buildings and for corporate work place security. Companies can use metal detector in front of the entrance .Every person must walk through a metal detector and all items must go through an X-ray machine. Metal detector door is also becoming popular in Bangladesh. Many well-known companies are using this device for their security purpose. MCD, GUARD SPIRIT (Made in China),Thruscan (Made In Turkey) Brand etc are available in Bangladesh. Their price varies from model to model. The approximate price of this device is 80,000 – 2, 50000 BDT. Some metal detector door price is given in the appendix (A-1)
CCTV (closed-circuit television) is a TV system in which signals are not publicly distributed but are monitored, primarily for surveillance and security purposes. Older CCTV systems used small, low-resolution black and white monitors with no interactive capabilities. Modern CCTV displays can be color, high-resolution displays and can include the ability to zoom in on an image or track something among their features. Talk CCTV allows an overseer to speak to people within range of the camera's associated speakers. The most common use of CCTV is in security camera systems. They’ve been found for years in areas like large retail shops, banks, and government institutions. Thanks to reduced costs in the manufacture of cameras and video recording equipment, camera systems are becoming more and more commonplace in smaller businesses, and even private homes. In our country, Private and public companies are using this device in front of the office door to ensure security in the work place. The price is very reasonable of this device. HIKVISION, JOVISION, WATASHI, REDFOX, GEOVISION, DAHUA etc brand cctv camera is available in our country. Some price of the device is given in the appendix (A-3)
Dome Cameras
The dome camera is obviously named for its dome shape. Everyone has seen these security cameras in businesses and stores. Because of its shape, it is difficult to tell exactly where the camera is aiming unless you see it up close. Dome cameras are generally used inside buildings, although the armor domes can be used outside as well. You can mount them on the ceiling or on a wall. They are available in black and white (b/w) and color, and the basic unit has good video resolution (400 lines for b/w, 380 for color).
Infra-Red Cameras
An infrared security camera has infrared LED lighting (light from a different region of the electromagnetic spectrum than we normally use to see) installed around the outside of the lens of the camera. This lighting allows the camera to capture a good image in no light at all. With a little bit of light (called low light) the infrared camera can capture a picture that looks just like daytime. People use infrared security cameras for businesses that have the lights out at night (in case of break-ins). Or for outside, nighttime viewing. Keep in mind that even at nightime there is a normally some light from the moon, stars, or street lights.
Bullet Cameras
The term Bullet Camera comes from its resemblance to a rifle bullet. Generally long and tapered like a cylinder, it looks like an oversized ammo cartridge. Most bullet cameras come with a fixed 3.6mm lens that allows 80 degree angle of view. This is the widest angle you can have without distorting the picture. A 4mm lens will allow you to see facial features out to about 35 feet. If infrared is included you can generally see 35 feet minimum with no external lighting, some can see up to 70 feet. .
C-Mount Cameras
Retrieved from: http://www.microtechbd.net/cctv_camera_price_list.php http://www.crediblebd.com/Bangladesh-cctv-camera-price.php http://www.bdstall.com/listingDetail/index/8718/ http://www.nanosoftsystem.com/productpricelist-attendance- machine/ fingerprint-time-attendance