StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...

Computer Sciences and Information Technology - Essay Example

Cite this document
Summary
DQWeek 4 By Course of Learning: Date: DQWeek 4 DQ: Monitoring Systems Most people have a divided opinion on the role played by threat models in the process of coming up with a system that is secure. Although some people may despise my argument, I believe that it is meaningful to say that threat models have been remarkable in the constructions of secure systems…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.9% of users find it useful
Computer Sciences and Information Technology
Read Text Preview

Extract of sample "Computer Sciences and Information Technology"

Download file to see previous pages

The recent years have been marked by a shift of resources to more secure designs now that the implementation bags have proved to be scarce courtesy of SDL (Viega and McGraw, 2002, p. 67) Threat models are SDL’s cornerstone as they make it possible for the development team to figure out secure designs in a way that is structured. To achieve this effectively, threat model has been simplified into several tasks; coming up with pictures of data flows software, the application of the “stride per element” method in an effort to identify threats applicable to the desired design, taking a look at each threat and verification to ensure that the software has been modeled enough by putting into consideration each threat and addressing all the discovered threats (Pfleeger, 1997, p. 78) The basic element of a threat model is in its delineation of the entry points in its application.

The threat model is in such a way that it is able to capture the entry points in form of trust boundaries during the phase commonly referred to as the “picture-drawing”. Good examples of this include; registry and files entry points and networking entry points. A threat model that is good enough should also be in a position to capture the authorization as well as the authentication requirements and the network accessibility of the interfaces. This process involves network accessibility via the IP address including the remote and local, local-only access and local subnet.

The process also includes the authorization and authentication levels, user access, administrator-only access and anonymous access. When it comes to Windows access control lists (ACLs), the authorization levels come as finer-grained (Pfleeger, 1997, p. 56). The process identity is another critical data piece that is always captured by this model. In this case, the running code’s interference is what is taken to be the entry point and the resulting process which is high-privilege is considered to be very dangerous if it is compromised.

In the case of Windows, the administrator or the system process are regarded as being the highest privilege. In Mac OS X or Linux situation, the running process happens to be the most privileged (Viega and McGraw, 2002, p. 108). References List Pfleeger, C. 1997. Security in Computing. Prentice Hall: New Jersey Viega, J & McGraw, G. 2002. Building Secure Software. Addison-Wesley: New York DQ: RBAC The Role-Based Access Control (RBAC) is an essential access management approach. It offers a provision method that is straight forward and in the right access level and to the correct users every time it is being applied.

Despite RBAC applications, most of the security teams are still facing difficulties when it comes to account implementation and the process of access management on RBAC. The reason for the above scenario is that most of the internal developer’s teams and vendors are not coming up with capabilities based on the expected role into the solutions at hand. RBAC has been applicable in major overhaul in the last two years resulting to its application being assigned to more than 20, 000 users on each product.

Many vendors tend to be attracted to such products. This indicates how RBAC has value to the management and its users. The latest RBAC model is designed in such a way that it enforces the least segregation and

...Download file to see next pages Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Computer Sciences and Information Technology Essay - 5”, n.d.)
Retrieved from https://studentshare.org/information-technology/1455134-dqweek
(Computer Sciences and Information Technology Essay - 5)
https://studentshare.org/information-technology/1455134-dqweek.
“Computer Sciences and Information Technology Essay - 5”, n.d. https://studentshare.org/information-technology/1455134-dqweek.
  • Cited: 0 times

CHECK THESE SAMPLES OF Computer Sciences and Information Technology

Computer Sciences and Information Technology. User Experience

In order to get information regarding their experiences of using the website, the users are given a website usability form to be filled so that the website of the Phone4u can be evaluated.... This will require acquisition of user opinions and to present analysis of the information to guide the decision on the areas of improvement.... The evaluation will lead to the decision making for the new version of the website based on the information from user response....
9 Pages (2250 words) Essay

Discussion 1 and 2

Jobs in the networking industry are highly competitive therefore it is important that if one Computer Sciences and Information Technology Computer Sciences and Information Technology Part Employment Possibilities in the Networking Area There are a lot of employment opportunities in the networking area.... Some of the job titles related to a job in the area of networking include network administrator, network systems engineer, network service technician, network programmer/analyst and network/information systems… Positions in the networking area have varied salary ranges which will depend on one's experience and skills and the size and location of the company hiring....
1 Pages (250 words) Assignment

The Internet Provider ASA

Computer Sciences and Information Technology al affiliation Computer Sciences and Information Technology The moment users in the direct network or firm network desire an access to servers in the DMZ, the most appropriate practice would be enabling the verification of the internet provider's ASA.... Principles of information Security....
1 Pages (250 words) Essay

Personal statement for graduate school

Indeed, on completing my degree in Bachelor of Management Information… Therefore, I am applying for the same and I believe that by broadening my knowledge in this field, I will polish my skills more, and thus enable me to be even more Personal ment, Computer Sciences and Information Technology Affiliation Personal ment, Computer Sciences, and Information TechnologyTo me, being a normal worker is not gratifying.... ata technology is consistently developing at an un-recordable rate, and that makes PC machines the most significant devices in our lives, they are our present and future....
2 Pages (500 words) Personal Statement

Comparison of Closed Mobile Ecosystems with the Open One

The author states that the current market share in the United States is on rising where most people are opting to use Open Mobile ecosystem, as they are flexible since they can be used anywhere.... The most developers that have lost in the United States market is the Blackberry.... nbsp;… A closed mobile ecosystem, on the other hand, is one that does not allow its users to have access to wireless networks using mobile devices....
1 Pages (250 words) Assignment

Computer Sciences and Information Technology - Scheduled Installment System

The paper "Computer Sciences and Information Technology - Scheduled Installment System " highlights that with all the functionalities and qualitative features of the two applications, it is evident that Microsoft Dynamic GP stands a better chance than the Scheduled to be selected by organizations.... s Scheduled Installment gives an ordinary system user interface with real time accessibility to all of the properties, Microsoft Dynamics GP gives each user a customized and personal interface, which is task-oriented and with pre-defined, customized roles and information look....
7 Pages (1750 words) Case Study

Reflection on Plasticized

The writer of the essay "Reflection on Plasticized" suggests that plastic will degrade automatically just like all other organic material that is used for packaging, while plastic never biodegrades.... Most of the world is unaware that plastic will not finish off on its own.... hellip; The research was a basic search of the ocean for plastic debris....
3 Pages (750 words) Essay

Planning Stage in Computer Sciences and Information Technology

The paper "Planning Stage in Computer Sciences and Information Technology" explains that before initiation of an IT project it is great to conduct research of the context of the project in terms of will encompass and time for its implementation and collecting data pertaining to project conducting....
14 Pages (3500 words) Research Proposal
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us