Extract
[...] In fact, if these data were simply backed up, they would be lost after the passage of time. It would no longer be possible to track a computer attack, for example. On the other hand, archiving allows us to keep these data on a longer periodicity in order to drastically increase the chances of always having these data at the time of the discovery of the attack. 14/ In the archiving process described, confidentiality is respected. In fact, before transferring the log files to magnetic tapes, these files are compressed with encryption. [...]
[...] On the other hand, the integrity of the files is not guaranteed. In fact, the log files are compressed before being stored on magnetic tapes. This is a data processing process that can sometimes lead to data corruption. However, in the present case, there is no posterior verification of the control sums (the MD5 or SHA-256 digital fingerprint). The absence of posterior verification of the control sums prevents guaranteeing the integrity of the data. It will be necessary in the future, to ensure the integrity of the data, to ensure the control of the control sums after the compression of the files. [...]
[...] Whether on the side of attackers or defenders, AI presents itself as a tool. It allows, more and more, to automatically detect vulnerabilities and recommend security updates. This is how it becomes a help for the RSSI who is accompanied on a sometimes time-consuming task of vigilance. But it can also prove to be a proactive defense system, by analyzing network flows in real-time to detect threats through the identification of suspicious behavior patterns. On the other hand, the reverse is also true. [...]
[...] The current network solution of the AXI company is based on a client-light - server structure. This structure is defined by a light client, namely a light software layer executed on the user machine, which communicates with a server, responsible for storing data and executing applications. Concerning the advantages of this solution, It is first and foremost a solution that mobilizes few resources on the user side. In fact, the client only needs to communicate with the server, which will be responsible for executing and storing the data. [...]
[...] This prevents unauthorized disclosure of sensitive information. In the context of the AXI company's activity, this will aim to protect the client file, in particular. Next, the integrity criterion ensures that the information is accurate, complete, and not modified without authorization. This protects the data against accidental or malicious alterations. This is typically the risk mentioned in the previous question, with data alteration. If the order book or customer data were to be altered, a certain operational risk would occur. [...]
