Data security

In this article various topics like Data security, Electronic Payment System, Laser Printers, Inkjet Printers, Dot Matrix Printers, Number System, Number System,binary code, Digital Signature, Unicode, ICT Audit, Phishing, antivirus software, Audit Trail, MICR etc  have been disclosed with detail. Let's know the detail.

___________________________________________________________________________________________

Data security through Encryption & Decryption.

In cryptography, encryption is the process of encoding messages (or information) in such a way that third parties cannot read it, and only authorized parties can. Encryption doesn't prevent hacking but it prevents the hacker from reading the data that is encrypted. In an encryption scheme, the message or information (referred to as plain-text) is encrypted using an encryption algorithm, turning it into an unreadable cipher-text (ibid.). This is usually done with the use of an encryption key, which specifies how the message is to be encoded. Any adversary that can see the cipher-text should not be able to determine anything about the original message. An authorized party, however, is able to decode the cipher-text using a decryption algorithm, that usually requires a secret decryption key, that adversaries do not have access to. For technical reasons, an encryption scheme usually needs a key-generation  algorithm to randomly produce keys.

To encrypt more than a small amount of data, symmetric encryption is used. A symmetric key is used during both the encryption and decryption processes. To decrypt a particular piece of  ciphertext, the key that was used to encrypt the data must be used. 

The goal of every encryption algorithm is to make it as difficult as possible to decrypt the generated ciphertext without using the key. If a really good encryption algorithm is used, there is no technique significantly better than methodically trying every possible key. For such an algorithm, the longer the key, the more difficult it is to decrypt a piece of ciphertext without possessing the key.

It is difficult to determine the quality of an encryption algorithm. Algorithms that look promising sometimes turn out to be very easy to break, given the proper attack. When selecting an encryption algorithm, it is a good idea to choose one that has been in use for several years and has successfully resisted all attacks.

Laser Printers Inkjet Printers Dot Matrix Printers.

SN	Points	Laser Printers	Inkjet Printers	Dot Matrix Printers
1	Invented	1969 by Gary Stark weather.	Developed in the early 1950s.	Introduced by Digital Equipment Corporation in 1970
2	How it works	Laser printers use fine ink powder and heat the powder on the paper.	Inkjet printers spray liquid ink on paper through microscopic nozzles	Dot Matrix works having pins pushed against an ink soaked ribbon to paper.
3	Types	Personal and Office  printers. Black and White or color printers.	Continuous (CIJ) and drop-on demand (DOD).	Serial Dot Matrix printers and Line Dot Matrix.
4	Price per page	USD 0.6 for black and white page. Much higher for a color page.	USD 0.20 color page; USD 0.4-0.5 black & white page.	Copies are quite cheap.
5	Cost for basic  printer	Approximately USD 60-1000, depending on the size and use of the printer.	Approximately USD 100-150	Basic cost of printer is quite expensive. Compared to an inkjet, dot matrix can cost between  two to ten times more.
6	Printing speed	20 pages a minute.	6 pages a minute.	30-550 characters per second
7	Quality	Printing quality is  adequate. Best for black and white.	Printing quality is good, especially for smaller fonts.	Printing quality is bad if  printing images. In terms  of text, printing is fine.
8	Color Printing	Basic models only offer black and white, with higher models providing color printing.	Yes provides color  printing.	Limited color printing.
9	Color Quality .	Color quality is a bit poor, with banding.	Color printing is sharp and excellent.	Only works best with lowers images
10	Size	Smaller is available but is more common in larger sizes.	Smaller and more  compact.	Size ranges depending on usage. New compact ones are also available
11	Features	Offers scanners and faxing machines built in. Has bigger input trays, direct  connecting facilities (wireless)	Can be used for wider range of papers (photo paper, vinyl, self-adhesive papers), accurate photographic images, ink is not waterproof.	Used for a variety of purposes. Can print on various types of papers.
12	Usage	Most commonly used for commercial purposes and places that require black  and white printing.	More commonly used for homes as the unit is smaller and ink is cheaper.	Used to be used for office uses, but now only used by select places such as banks.
13	Maintenance	Expensive	Cheaper	Expensive, parts are hard to come by.
14	Advantages	Prints faster, bigger input trays.	Quieter in operation, high print quality, no warm up time, low cost per page.	Cheaper to print as ribbon is cheap.

.

.

Number System.

When we type some letters or words, the computer translates them in numbers as computers can understand only numbers. A computer can understand positional number system where there are only a few symbols called digits and these symbols represent different values depending on the position they occupy in the number.

A value of each digit in a number can be determined using:

 The digit

 The position of the digit in the number

 The base of the number system (where base is defined as the total number of digits available in the number system).

Decimal Number System

The number system that we use in our day-to-day life is the decimal number system. Decimal  number system has base 10 as it uses 10 digits from 0 to 9. In decimal number system, the successive positions to the left of the decimal point represent units, tens, hundreds, thousands and so on. Each position represents a specific power of the base (10). For example, the decimal number 1234 consists of the digit 4 in the units position, 3 in the tens position, 2 in the hundreds position, and 1 in the thousands position, and its value can be written as

(1x1000)+ (2x100)+ (3x10)+ (4xl)

(1x103)+ (2x102)+ (3x101)+ (4xl00)

1000 + 200 + 30 + 4

1234

As a computer programmer or an IT professional, you should understand the following number systems, which are frequently used in computers.

Binary Number System

Characteristics

 Uses two digits, 0 and 1.

 Also called base 2 number system.

 Each position in a binary number represents a 0 power of the base (2). Example, 20.

 Last position in a binary number represents a x power of the base (2). Example, 2x

where x represents the last position -

Example

Binary Number: 101012

Calculating Decimal Equivalent:

Note: 101012 is normally written as 10101.

Octal Number System

Characteristics

 Uses eight digits: 0, 1, 2, 3, 4, 5, 6, 7.

 Also called base 8 number system.

 Each position in a octal number represents a 0 power of the base (8). Example, 80.

 Last position in a octal number represents a x power of the base (8). Example, 8x where x represents the last position - 1.

Example

Octal Number: 125708

Calculating Decimal Equivalent:

Note: 125708 is normally written as 12570.

Hexadecimal Number System

Characteristics

 Uses 10 digits and 6 letters: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F.

 Letters represent numbers starting from 10. A = 10. B = 11, C = 12, D = 13, E = 14, F = 15.

 Also called base 16 number system.

 Each position in a hexadecimal number represents a 0 power of the base (16). Example, 160.

 Last position in a hexadecimal number represents a x power of the base (16). Example, 16x where x represents the last position - 1

Example

Hexadecimal Number: 19FDE16

Calculating Decimal Equivalent:

Number System.

A parity bit, or check bit, is a bit added to the end of a string of binary code that indicates whether the number of bits in the string with the value one is even or odd. Parity bits are used as the simplest form of error detecting code. There are two variants of parity bits: even parity bit and odd parity bit. In case of even parity, the parity bit is set to 1 if the count of ones in a given set of bits (not including the  parity bit) is odd, making the count of ones in the entire set of bits (including the parity bit) even. If the count of ones in a given set of bits is already even, it is set to a 0. When using odd  parity, the parity bit is set to 1 if the count of ones in a given set of bits (not including the parity bit) is even, making the count of ones in the entire set of bits (including the parity bit) odd. When the count of set bits is odd, then the odd parity bit is set to 0.

If the parity bit is present but not used, it may be referred to as mark parity (when the parity bit is always 1) or space parity (the bit is always 0).

A parity bit is a single bit added to a binary data transmission used to indicate if whether the 0's and 1's within that data transmission is an even or odd number. The parity bit is used in parity error checking to find errors that may occur during data transmission. In the picture to the right, is an example of a 8-bit binary number with the ninth digit being the parity bit.

ASCII, BCD, UNICODE

**ASCII : 

ASCII codes represent text in computers, communications equipment, and other devices that work with text. ASCII, pronounced "ask-ee" is the acronym for American Standard Code for Information Interchange. It's a set of characters which, unlike the characters in word processing documents, allow no special formatting like different fonts, bold, underlined or italic text. ASCII is computer code for the interchange of information between terminals.

An "ASCII file" is a data or text file that contains only characters coded from the standard ASCII character set. Characters 0 through 127 comprise the Standard ASCII Set and characters 128 to 255 are considered to be in the Extended ASCII Set. These codes, however, may not be the same in all computers and files containing these characters may not display or convert properly by another ASCII program. ASCII characters are the ones used to send and receive email.

**The reflected binary code

It is also known as Gray Code after Frank Gray, is a binary numeral system where two successive values differ in only one digit.The reflected binary code was originally designed to prevent spurious output from elector-mechanical switches. Today, Gray codes are widely used to facilitate error correction in digital communications such as digital terrestrial television and some cable TV systems. This is a variable weighted code and is cyclic. This means that it is arranged so that every transition from one value to the next value involves only one bit change. The gray code is sometimes referred to as reflected binary, because the first eight values compare with those of the last 8 values, but in reverse order. The gray code is often used in mechanical applications such as shaft encoders. 

**Unicode 

Unicode is an industry standard allowing computers to represent & manipulate text expressed in any of the world’s writing systems. It consists of about 10000 characters, a set of code charts for visual reference, an encoding methodology and a set of character encoding, rules, etc. It allows for combining characters as it contains precomposed versions of most letter combinations in normal use. This makes conversion to and from encoding simpler. It covers almost all scripts like Arabic, Bengali, Greek, Hebrew, Latin, Gujrati, etc. It is used in operating systems, email, web, fonts, etc.

**Binary coded decimal (BCD) is a system of writing numerals that assigns a four-digit binary code to each digit 0 through 9 in a decimal (base-10) numeral. The four-bit BCD code for any particular single base-10 digit is its representation in binary notation, as follows:

0 = 0000

1 = 0001

2 = 0010

3 = 0011

4 = 0100

5 = 0101

6 = 0110

7 = 0111

8 = 1000

9 = 1001

Numbers larger than 9, having two or more digits in the decimal system, are expressed digit by digit. For example, the BCD rendition of the base-10 number 1895 is 0001 1000 1001 0101. The binary equivalents of 1, 8, 9, and 5, always in a four-digit format, go from left to right.

The BCD representation of a number is not the same, in general, as its simple binary representation. In binary form, for example, the decimal quantity 1895 appears as 11101100111. Other bit patterns are sometimes used in BCD format to represent special characters relevant to a particular system, such as sign (positive or negative), error condition, or overflow condition.

The BCD system offers relative ease of conversion between machine-readable and human readable numerals. As compared to the simple binary system, however, BCD increases the circuit complexity. The BCD system is not as widely used today as it was a few decades ago, although some systems still employ BCD in financial applications. Inter-Branch Reconciliation: Inter-branch reconciliation is a major activity for banks and financial institutions looking to create a balanced co-ordination between their various branches and their activities. Inter-branch reconciliation can help the organisation discover any errors or negligence in transactions and make due changes.

Information and communications technology (ICT) Audit.

ICT Audit

ICT audit is the process of collecting and evaluating evidence to determine whether a computer system has been designed to maintain data integrity, safeguard assets, allows organisational goals to be achieved effectively and uses resources efficiently. An effective information system leads the organisation to achieve its objectives and an efficient information system uses minimum resources in achieving the required objectives. IT auditors must know the characteristics of users of the information system and the decision-making environment in the auditee organisation while evaluating the effectiveness of any system.

Use of computer facilities has brought about radically different ways of processing, recording and controlling information and has combined many previously separated functions. The potential for material systems error has thereby been greatly increased causing great costs to the organisation. The highly repetitive nature of many computer applications means that small errors may lead to large losses. For example, an error in the calculation of income tax to be paid by employees in a manual system will not occur in each case, but once an error is introduced in a computerized system, it will affect each case. This makes it imperative for the auditor to test the invisible processes and to identify the vulnerabilities in a computer information system, as through errors and irregularities, the costs involved can be high.

Increasing use of computers for processing organisational data has added new scope to the review and evaluation of internal controls for audit purposes. The IT internal controls are of great value in any computerized system and it is an important task for an auditor to see that not only adequate controls exist, but that they also work effectively to ensure results and achieve objectives. Also internal controls should be commensurated with the risk assessed so as to reduce the impact of identified risks to acceptable levels. IT auditors need to evaluate the adequacy of internal controls in computer systems to mitigate the risk of loss due to errors, fraud and other acts and disasters or incidents that cause the system to be unavailable.

Need For ICT Audit

Management employing the use of information systems have objectives and expectations of what they intend to achieve from the large investment made in utilizing technology. Reasons for implementing ICT within the organisation include the desire to obtain business value through reduced costs, greater effectiveness, enhanced efficiency and/or increased service delivery. It is against these objectives that an IT auditor is required to provide management assurance. Typically, management’s goals and objectives in utilizing technology to support business processes include:

• Confidentiality;

• Integrity;

• Availability;

• Reliability; and

• Compliance with legal and regulatory requirements.

Underpinning these goals and objectives is the need to ensure information technology, and the controls supporting such technology, assists the organisation to achieve its business objectives (effectiveness) with appropriate use of resources (efficiency).

 Confidentiality

Confidentiality concerns the protection of sensitive information from unauthorized disclosure.Consideration needs to be given to the level of sensitivity to the data, as this will determine how stringent controls over its access should be.Management need assurance of the organisation’s ability to maintain information confidential, as compromises in confidentiality could lead to significant public reputation harm, particularly where the information relates to sensitive client data.

 Integrity

Integrity refers to the accuracy and completeness of information as well as to its validity in accordance with business values and expectations. This is an important audit objective to gain assurance on because it provides assurance to both management and external report users that the information produced by the organisation’s information systems can be relied and trusted upon to make business decisions.

 Availability

Availability relates to information being available when required by the business process now and in the future. It also concerns the safeguarding of necessary resources and associated capabilities. Given the high-risk nature of keeping important information stored on computer systems, it is important that organisations gain assurance that the information they need for decision-making is available when required. This implies ensuring that the organisation has measures in place to ensure business continuity and ensuring that recovery can be made in a timely manner from disasters so that information is available to users as and when required.

 Reliability

Reliability refers to the degree of consistency of a system or the ability of a system (or component) to perform its required function under stated conditions.Reliability is an important audit objective in order to provide assurance that the system consistently operates and performs its stated functions as expected.

 Compliance with Legal and Regulatory Requirements

Compliance deals with complying with those laws, regulations and contractual obligations to 

which the business process is subject, that is, externally imposed business criteria. 

Management and key stakeholders require assurance that necessary compliance procedures 

have been put in place, as there is a potential risk that the organisation could incur penalties 

should legal and regulatory procedures not be enforced.

Phishing.

Phishing is a fraudulent attempt, usually made through email, to steal your personal information. The best way to protect yourself from phishing is to learn how to recognize a phish. Phishing emails usually appear to come from a well-known organization and ask for your personal information. such as- credit card number, social security number, account number or password. Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account. 

In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email.

What to look for in a phishing email?

1. Generic greeting. 

Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like "First Generic Bank Customer" so they don't have to type all recipients' names out and send emails one-by-one. If you don't see your name, be suspicious.

2. Forged link. 

Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepancy, don't click on the link. Also, websites where it is safe to enter personal information begin with "https"  the "s" stands for secure. If you don't see "https" do not proceed.

3. Requests personal information. 

The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt. 

4. Sense of urgency. 

Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.

Prevention:

Phishing scams are usually presented in the form of spam or pop-ups and are often difficult to detect. Once the fraudsters obtain your personal information, they can use it for all types of identity theft, putting your good credit and good name at risk. Because phishing is one of the most devious forms of identity theft, it is important for you to become familiar with various types of phishing scams as well as to learn how to guard against them. 

8 Ways To Avoid Phishing Scams 

To help you protect yourself from phishing, we offer the following tips:

1. Guard against spam. Be especially cautious of emails that:

* Come from unrecognized senders.

* Ask you to confirm personal or financial information over the Internet and/or make urgent requests for this information.

* Aren’t personalized.

* Try to upset you into acting quickly by threatening you with frightening information.

2. Communicate personal information only via phone or secure web sites. In fact:

When conducting online transactions, look for a sign that the site is secure such as a lock icon on the browser’s status bar or a “https:” URL whereby the “s” stands for “secure” rather than a “http:”. Also, beware of phone phishing schemes. Do not divulge personal information over the phone unless you initiate the call. Be cautious of emails that ask you to call a phone number to update your account information as well.

3. Do not click on links, download files or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender.

4. Never email personal or financial information, even if you are close with the recipient. You never know who may gain access to your email account, or to the person’s account to whom you are emailing.

5. Beware of links in emails that ask for personal information, even if the email appears to come from an enterprise you do business with. Phishing web sites often copy the entire look of a legitimate web site, making it appear authentic. To be safe, call the legitimate enterprise first to see if they really sent that email to you. After all, businesses should not request personal information to be sent via email.

6. Beware of pop-ups and follow these tips:

* Never enter personal information in a pop-up screen. 

* Do not click on links in a pop-up screen.

* Do not copy web addresses into your browser from pop-ups.

* Legitimate enterprises should never ask you to submit personal information in pop-up screens, so don’t do it.

7. Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software. Do some research to ensure you are getting the most up-to-date software, and update them all regularly to ensure that you are blocking from new viruses and spyware.

8. Check your online accounts and bank statements regularly to ensure that no unauthorized transactions have been made. 

Name of different antivirus software.

1. Kaspersky

2. Avira

3. Avast

4. AVG

5. Symantec (Norton)

6. Quick Heal

7. ESET

8. McAfee

9. Microsoft Security Essentials

10. Bit-defender.

Electronic Payment System.

A means of making payments over an electronic network such as the Internet. Today, many users make payments electronically rather than in person. Hundreds of electronic payment systems have been developed to provide secure Internet transactions. Electronic payment systems are generally classified into four categories: credit card and debit cards; electronic cash; micro-payment systems; and session-level protocols for secure communications.

A secure electronic financial transaction has to meet the following four requirements:

1. ensure that communications are private;

2. verify that the communications have not been changed in transmission.

3. ensure that the client and server are who each claims to be.

4. and ensure that the data to be transferred was, in fact, generated by the signed author.Two cryptographic methods used in electronic payment systems include the secret key (which uses the same key to encrypt and decrypt and is the fastest method; however, in the initial transmission to the recipient, the secret key is not secure) and the public key (which uses both a private and a public 

key).

Difference between OMR, OCR, and MICR.

a) MICR: 

MICR is a character recognition technology used primarily by the banking industry to facilitate the processing of cheques. The human readable characters are printed on documents using a magnetic ink. It stands for Magnetic Ink Character Recognition. (Magnetic Ink Character Recognition is a character recognition system that uses special ink and characters. When a document that contains this ink needs to be read, it passes through a machine, which magnetizes the ink and then translates the magnetic information into characters.

MICR technology is used by banks. Numbers and characters found on the bottom of checks (usually containing the check number, sort number, and account number) are printed using Magnetic Ink. To print Magnetic Ink need, you need a laser printer that accepts MICR toner. MICR provides a secure, high-speed method of scanning and processing information.)

b) OMR: 

OMR which stands for Optical Mark Recognition is the process of gathering data with an optical scanner by measuring the reflectively of light at predetermined positions on a surface. (Short for optical mark recognition, the technology of electronically extracting intended data from marked fields, such as checkboxes and fill-infields, on printed forms. OMR technology scans a printed form and reads predefined positions and records where marks are made on the form. This technology is useful for applications in which large numbers of hand-filled forms need to be processed quickly and with great accuracy, such as surveys, reply cards, questionnaires and ballots. A common OMR application is the use of “bubble sheets” for multiple-choice tests used by schools. The student indicates the answer on the test by filling in the corresponding bubble, and the form is fed through an optical mark reader (also abbreviated as OMR, a device that scans the document and reads the data from the marked fields. The error rate for OMR technology is less than 1%.)

c) OCR: 

OCR stands for Optical Character Recognition. OCR is the recognition of printed or written text characters by a computer. It is the application software that allows a computer to recognize printed or written characters, e.g. letters, numbers, punctuation marks, and pictograms using an optical scanner for input. OCR is being used by libraries to digitize and preserve their holdings. (Often abbreviated OCR, optical character recognition refers to the branch of computer science that involves reading text from paper and translating the images into a form that the computer can manipulate (for example, into ASCII codes). An OCR system enables you to take a book or a magazine article, feed it directly into an electronic computer file, and then edit the file using a word processor.

All OCR systems include an optical scanner for reading text, and sophisticated software for analyzing images. Most OCR systems use a combination of hardware (specialized circuit boards) and software to recognize characters, although some inexpensive systems do it entirely through software. Advanced OCR systems can read text in large variety of fonts, but they still have difficulty with handwritten text. The potential of OCR systems is enormous because they enable users to harness the power of computers to access printed documents. OCR is already being used widely in the legal profession, where searches that once required hours or days can now be accomplished in a few seconds.)

d) OBR: 

It stands for Optical Bar Code Reader which is used for reading bar-coded data. It scans a set of vertical bars of different width for specific data and is used to read tags. Bar code reading is done by a light pen or scanner connected to a computer.

Digital Signature.

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time￾stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.

A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real.

Digital Signature & Data Genuineness

Just as handwritten signatures or physical thumbprints are commonly used to uniquely identify people for legal proceedings or transactions, so digital signatures ("digital thumbprints") are commonly used to identify electronic entities for online transactions. A digital signature uniquely identifies the originator of digitally signed data and also ensures the integrity of the signed data against tampering or corruption.

One possible method for creating a digital signature is for the originator of data to create the signature by encrypting all of the data with the originator's private key and enclosing the signature with the original data. Anyone with the originator's public key can decrypt the signature and compare the decrypted message to the original message. Because only someone with the private key can create the signature, the integrity of the message is verified when the decrypted message matches the original. If an intruder alters the original message during transit, the intruder cannot also create a new valid signature. If an intruder alters the signature during transit, the signature does not verify properly and is invalid.

RSA Data Security Digital Signature Process

In the RSA digital signature process, the private key is used to encrypt only the message digest. The encrypted message digest becomes the digital signature and is attached to the original data. Figure 14.7 illustrates the basic RSA Data Security digital signature process.To verify the contents of digitally signed data, the recipient generates a new message digest from the data that was received, decrypts the original message digest with the originator's public key, and compares the decrypted digest with the newly generated digest. If the two digests match, the integrity of the message is verified. The identify of the originator also is confirmed because the public key can decrypt only data that has been encrypted with the corresponding private key.

Audit Trail.

A record showing who has accessed a computer system and what operations he or she has performed 

during a given period of time. Audit trails are useful both for maintaining security and for recovering 

lost transactions. Most accounting systems and database management systems include an audit trail component. In addition, there are separate audit trail software products that enable network administrators to monitor use of network resources.An audit trail (or audit log) is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event. Audit records typically result from activities such as financial transactions, scientific research and health care data transactions or communications by individual people, systems, accounts, or other entities.

The process that creates an audit trail is typically required to always run in a privileged mode, so it can access and supervise all actions from all users; a normal user should not be allowed to stop/change it. Furthermore, for the same reason, trail file or database table with a trail should not be accessible to normal users. Another way of handling this issue is through the use of a role-based security model in the software. The software can operate with the closed-looped controls, or as a 'closed system,' as required by many companies when using audit trail functionality. 

In accounting, an audit trail is the sequence of paperwork that validates or invalidates accounting entries. In computing, the term is also used for an electronic or paper log used to track computer activity. For example, a corporate employee might have access to a section of a network in a corporation such as billing but be unauthorized to access all other sections. If that employee attempts to access an unauthorized section by typing in passwords, this improper activity is recorded in the audit trail.