Access Control: Lecture Notes

Threat: Loss of data due to wear or deterioration of the storage devices (e.g., disks, papers, etc.)
Control: Data backups! Either periodic backups (every X minutes, days, etc.) or whenever an important file is changed/updated.
Threat: Papers with confidential info are viewed after being dumped.
Control: Shred documents with sensitive information or any personal information, e.g., names, addresses, IDs, bank account numbers (even partially-displayed ones.)
Threat: Physical espionage, e.g., peeping over the shoulder or through the window at someone's screen.
Control 1: Apply a privacy filter that tints the screen so that glancing at an angle makes a screen's contents invisible.
Control 2: Install thick curtains in rooms with computers that store confidential data.
Threat: Data whose bits are corrupted either intentionally or unintentionally (due to errors during transition.)
Control: error-detecting and error-correcting (error-control) codes to detect and properly correct the corrupted bits.