Scribd Logo
Carica

Benvenuto in Scribd!

  • TABK Pert10pROCESS cONTROL

    Caricato da

    Aisyah Maharani
    23 visualizzazioni15 pagine

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    23 visualizzazioni15 pagine

    TABK Pert10pROCESS cONTROL

    Caricato da

    Aisyah Maharani

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 15

    Process control

    • Bagaimana terjadinya pengendalian proses


    • Komponen apa dari sistem Informasi yang
    bertanggung jawab akan pengendalian
    process
    Processing controls
    • Processing control subsystem is responsible
    for computing, sorting, classifying, and
    summarizing data.
    • Major Components are
    – Central Processing on which programs are
    executed
    – Real and Virtual memory in which program and
    data are stored
    – Operating System that manages system
    resources
    – Application program that execute instructions to
    achieve specific user requirements
    10/4/11 ROn Weber, Information System
    Control and Audits
    Processing controls:
    Central Processing
    • Four type of controls are used to reduce expected
    looses from errors and irregularities associated with
    the central processor.
    • Four type of control are used
    – Error processors can be detected via parity checks or be
    corrected by attempting to execute failed instructions
    again.
    – To prevent irregularities, privileged instruction can be
    executed only if the processor is in a supervisor state.
    – Timing controls can be used to prevent the processors
    remaining in an endless loop because of a program error
    – Processor components can be replicated to allow
    processing to continue in the event that a processor
    component fails

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    Real and Virtual memory
    • Two type of controls are used to reduce
    expected looses from errors and irregularities
    associated with real memory.
    • Two type of controls
    – Memory errors can be detected via parity check
    and hamming codes. Hamming codes also allow
    errors to be corrected
    – Access control, which are implemented via
    boundary registered can be used to ensure one
    process does not gain authorized access to the
    real memory assigned to another process
    10/4/11 ROn Weber, Information System
    Control and Audits
    Processing controls
    Real and Virtual memory
    • Virtual memory exist when the addressable
    storage space is larger than the available real
    memory space.
    • Two type of controls can be exercised over
    blocks of virtual memory.
    – The addressing mechanism should be check that
    the memory reference is within the bounds of the
    block allocated to the process.
    – An access control mechanism should check to
    see that the actions a process want to exercise
    on a block are within allowed set of privileges.

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing Controls
    Operating System
    • A reliable operating system achieves five
    goals
    – It protects itself from user process
    – It protects users from one another
    – It protects user from themselves
    – It protects itself from itself
    – It brings operation to an orderly halt in the
    event of environment failure

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    Operating System
    • There are four type of threats to operating
    system integrity
    – Privileged personnel abuse their powers
    – Would be penetrators deceived privilege personnel
    into giving them special powers
    – Special devices are used to detect electromagnetic
    radiation, emit electromagnetic radiation or wiretap
    communication line
    – Would be penetrators interact with an operating
    system to determine and exploit a flaw in the system

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    Operating System
    • Operating system integrity can be
    breached via two types of covert
    channel
    – A process can communicate
    confidential information to another
    process by changing the value of any
    state variables in the system
    – Process by changing the time that the
    system take to complete a function.
    10/4/11 ROn Weber, Information System
    Control and Audits
    Processing controls
    • Operating system flaw (cacat) arise for two
    reasons
    – Access control policy designed for the system
    is defective
    – Access control policy is implemented
    incorrectly in the operating system

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    • To improve the design and implementation of
    the security features in an operating system,
    reference monitors area sometimes used.
    • Reference monitor is an abstract mechanism
    that check ach request by a subject to user
    an object compiles with a security policy.
    • A reference monitors is implemented via a
    security kernel, which is a mechanism
    supported by either hardware, firmware or
    software

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    • Application software can exercised three
    levels of checks in the processing subsystem
    – Field checks which evaluate whether field
    overflow or out of range values have occurred
    – Record check which evaluate whether the content
    of a field are reasonable or whether a field has
    the correct sign
    – File Check which employ cross footing and
    control totals to check overall processing is
    accurate and complete.
    10/4/11 ROn Weber, Information System
    Control and Audits
    Processing controls
    • The reliability of application software can be improved if
    programmer use good programming style in the software they
    write.
    – They should handle rounding correctly when the level of
    precision required for an arithmetic is less than the level of
    precocious actually calculated
    – Print run to run control totals to allow users to check the
    accuracy and completeness of application program processing
    – Minimize human intervention in providing parameter values to
    determine the type of processing to undertaken
    – Understand hardware/software numerical hazard when writing
    program that undertake numerical calculations
    – Use redundant routine to cross check the accuracy of complex
    numerical calculation
    – Avoid closed routine that assume the existence of a values when
    the test for all other values fails

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    • Accounting audit trail in the
    processing subsystem must allow
    processing to be traced and
    replicated. If transaction are triggered
    by some event, the audit trail must
    show the event that triggered the
    transaction and the nature of the
    processing undertake as a result

    10/4/11 ROn Weber, Information System


    Control and Audits
    Processing controls
    • An important existence control in the
    processing subsystem is a checkpoint/restart
    facility. Checkpoint/restart facilities allow
    programs to be established at some period.
    Valid intermediate point in their processing
    and restarted from that point. data does not
    have to be processed from scratch, Careful
    control must exercised over
    checkpoint/restart logs. However, because
    unauthorized change to a log can result in
    integrity breaches

    10/4/11 ROn Weber, Information System


    Control and Audits

    Potrebbero piacerti anche