Data security in theory and practice Possibile security holes

Abstract

There are no enterprises which would not use computers to fulfill their administrative tasks. Computers became part of everyday administration, or, better to say: they became part of everyday life. This is why our age is called 'information age'. Both the amount of digital data and our dependency from these data has been growing intensively so digital data is high-valued as resource. Data owners and/or managers must, or at least ought to, protect their data from stealing or tampering with. Luckily standard communication protocols and methods have been developed for this purpose, they only ought to be used. If not, that will result in a high level of risk. We, at Óbuda University, have been using a computer based system called Neptun for about ten years to manage the scholar records of the students. In this paper I show some possible motivations and technical solutions why and how one could gain unauthorized access to such a system.