Please enable JavaScript.
Coggle requires JavaScript to display documents.
IA3 Data Exchange & Security investigation - Coggle Diagram
IA3 Data Exchange & Security investigation
data security
open data - publicly accessible - allows developers to create applications using datasets
data security risks
Confidentiality
- the possibility that unauthorised person can observe data in transit.
Integrity
- possibility that data message can be intercepted & modified or replaced
Availability
- possibility that someone may interfere with transmission & prevent data packets from reaching intended destination.
impact of unsecured data exchanges - personal data must be protected against unauthorized/malicious use
cybersecurity - responsibility enforced under Australian & International law - developer obligations in protecting data in transit.
data security techniques/processes
Encryption
- scrambling message so it cannot be read, but can still be decrypted by authorised recipient with secret key
Authentication
- verifying identification of sender by using digital signature/authentication code
Checksums
- ensuring data transmissions are accurate without accidental corruption/loss
Hashing
- generating secure message digest to verify data integrity of message to protect against interference
API
API function - allows two applications to interact, interpretation & presentation of data is done via API
acronym fpr Application Programming Interface
formats - REST, RPC, SOAP, stored through JSON, CSV, XML
API keys - public used by multiple users and private used for individual users
types - static & dynamic - meaning set amount of data (static) or constantly updated (dynamic)
data exchange
requirements
constraints & requirements of data exchange solution - deliver data with speed & simplicity in flexible & well-documented format
Robust
- Updates available in real-time, timestamps used to synchronise live updates & maintain data integrity, manage errors & failed requests
Fast
- Fast data transmission times, allow data consumer to access all data, minimize transmission traffic, can manage high volumes
Simple
- Minimise query complexity to maximise flexibility of data structures, easy to understand, simple to impliment - no complex libraries
Open
- publish session data in standard open format, follows standards where they exist
between device systems - export & import data
components of data exchange systems
Open active exchange of data is between the
data system provider system
and the
data consumer
when the data consumer requests the data.
The data system provider system generates a dataset and formats into sections/groups of activities that are transmitted through the internet to the data consumer system.
Time/date - data is kept relevant through the date format used to ensure timestamps can be used to order the data - deleted/out-of-date data is not presented to the
requesting system
.
System boundaries - API created to publish specific data in open format while also protecting personal information of members
web applications
applications incorporate live shared data - in order to disperse information in an organized manner to benefit/inform a group of users on select pieces of data from a larger dataset.
UXI
The
User Experience Index
(UXI) measures the overall performance/health of an application, based on several inputs: the number of crashes per hour of out the total usage time, the percentage of hang time of out the total usage time, the percentage wait time of out the total usage time.
filtering of data
Filtering means setting a condition against a collection of resources in order to subset the collection to only those resources for which the condition is true. SAS REST APIs support two forms of filtering: basic filtering and a filter query parameter. The two forms may be combined.
basic filtering - Basic filtering allows selecting resources by matching one or more members of the resource to values passed as query parameters
Australian privacy principles regarding - transparency, ananomity, collection of personal information, security, access