Professional Documents
Culture Documents
Info 2 Summary
Info 2 Summary
Attributes
Properties of entities: Attributes of an entity type "person" are e.g. name, address, age
A "particular" entity has "values" for each of its attributes
Types of attributes
Simple (atomic) attribute (e.g. firstname, streetname)
Composite attribute, e.g. address (may be divided in name,street, city...)
Single-valued attributes (e.g. age)
Multivalued attributes (e.g. color of a car - more than one coloror college degree - no, one,
many; functions of employees in a company)
Stored attribute (e.g. date of birth)
Derived attribute (e.g. age, which is computed from current date and date of birth)
NULL Value, e.g. no college degree
Key attributes
ERD parts
ERD connections
Cardinality
specifies the maximum number of relationship instances that an entity can participate in
Cardinality Ratios
1:1 = one to one
1:N = one to zero (!) or more
M:N = zero or more to zero or more
Personal data
Privacy
IT security
Date of Birth
Address, telephone-no.
Email, Internetprofile (e.g. what I,m buying)
Bank account No, credit card no.
Insurance No., heath data (e.g. fitness tracker data, blood
pressure)
Religion, political opinion, sexual orientation etc.
GDPR
Regulations!
Not an EU-directive
It is law since May 2018
Wider effect
Relevant if EU individuals are involved
Relevant for companies who offer products and services in theEU
Data breach
Within 72 hours information to EU authorities and to the customers; If connected with
damage for the customer
Privacy by design
If a company plans to collect or process personal data it should plan the risks beforehand
There are now high penalties
Explicit Consent
Breach notification
Right to access
Right to be forgotten
Data portability
Privacy by design
Data Protection Officer
Reference
IT- Security
Abstract goals of IT Security
Objects to be protected:
Software (program, data), Hardware, Networks, Data media, e.g. external harddisk, backup
tape, Infrastructure: e.g. buildings, rooms
Natural and social disasters: Fire, water, lightning, storm, earthquake, Strike, rebellion,
revolt, Explosion, sabotage
Failures
Espionage
Password Guessing
Brute-Force-Attacks
Try (with computer/software) systematically possible combinations
(of passwords)
Dictionary Attacks
Try (with computer/software) systematically possible combinations
(of passwords), which are in dictionaries/lists
Social Engineering
Trying to know peoples birthday, name of spouse, children etc.
e.g. Asking by telephone employees to give their password,
pretending to be an IT official
Sniffing
Logging (capturing) the data transfer in (internal/wireless) networks
Monitoring
e.g. Key logger
Phishing / X-Spoofing
Pretending to be another identity, e.g. your bank
Phishing = username, password fishing
Loss or manipulation:
Hardware, software, data: Unauthorized use Use of hardware, software, Username,
passwords, company secrets, personal data
Safety precautions
1. Determining threats
2. Estimate (costs of) damage
7. Control compliance