Management and Implementation of Secure Information Systems - Assignment Example

Exam Question Compare and contrast the influence that change in these domains has had on the management and implementation of secure information systems Specialist Questions: 1. Explain the underlying principles of a public key encryption system, comparing them with those of a symmetrical cryptosystem. Give examples of commercial applications of both systems. Symmetric encryption is also known as single key encryption or conventional encryption. This was the only type of encryption that was used before the development of public-key encryption. The assumption is that it is impractical to decrypt a message on the basis of the Cipher text while utilizing the knowledge of the encryption or decryption algorithm. In other words, there is no need to keep the algorithm secret; instead to keep only the key secret. Another problem is that the sender and the receiver need to have obtained copies of the secret key in a secure fashion. It must also keep the key secure. In other words, someone can determine the key and knows the algorithm, and therefore all communications using this key is readable. For this reason, one can use a public-key cryptosystem for a secure key exchange. Public key cryptography is the drastic departure from all that has gone before. Currently, all the cryptographic systems are based on the basic tools of substitution and combination(Kim & Solomon, 2012). . p-k encryption is more protected from cryptanalysis than conventional encryption. However, the security of any system depends on key length and the computational work engaged in breaking the cipher. In addition, the p-k encryption has superseded single key encryption. This is unlikely because of the increased processing power required The model of P-K evolved from the attempt to solve two problems, key distribution, and how to develop digital signatures (Kim & Solomon, 2012). . For conventional encryption, the same key is used for encryption and decryption. This means that it is feasible to develop a cryptographic system that relies on one key for encryption and a different key that is related for decryption. Additionally, these algorithms have the following important characteristics such as it is computationally infeasible to find out the decryption key when provided with only the knowledge of the algorithm and the encryption key. In addition to this some algorithms such as RSA, exhibits the following characteristics: Either of the two related keys can be used for encryption, while the other can also be used for decryption. Examples of commercial application of the two models. 1. Public Key Cryptography: Secrecy and Authentication. Encryption/decryption: This is where the sender encrypts the message using the receivers Public key. 2.Digital signature: This happens when the sender signs a message with his private key. 3. Key exchange: several approaches later. Although not all algorithms are suitable for all three applications, some can be used only for digital signatures. RSA therefore can be used for all three. 2. The implementation of a “covert channel” is a popular technique for subverting security safeguards. Two approaches to this method involve implementing “storage” or “timing” channels. Describe how such channels could be implemented in an actual system, and suggest ways in which the presence of such channels can be detected. Computers originally are made to ease the exchange of information. Latest information technology infrastructure has the central computers main framework ,while others do not develop into a personal computer. Additionally, the information revolve around and is opened in new avenues of IT ( Kim & Solomon, 2012).. This has also opened new possibilities for crimes. The attackers take advantage and use these opportunities to have passwords and therefore have the access to information and create disastrous effects on such networks and computers. For example: The nature of the computers has changed over the recent years.. Different networks were designed and made to facilitate for sharing the sharing and distributing data and information. Therefore, controlling the access to such resources has become a problem that needs a balance between access to free information and those that are of value to the content of that information. Most of this information is more sensitive in nature than other information; this urges for the need for security requirements. Currently, IT security is progressing to other levels. Different user names and passwords are involved. This has caused the involvement of digital identities, biometric authentication methods, and modular security strategies (Kim & Solomon, 2012).. 3. Considering the threats posed to information systems by their users, critically evaluate safeguarding methods that can be employed to reduce these threats. One of the greatest threats to computer systems to their information comes from the human beings. By different actions that are malicious and ignorantly placed, the action is self-motivated on a goal that is very generally for the attack. For example, the goal could be disrupting the normal business operations. By denying the data available and production could have happened between the two rival companies. For instance, Computer security is the protection of information that deals with the preventing and detecting of unauthorized actions by users of a computer. Currently, it has happened to an extend that includes privacy, confidentiality, and integrity. For example for security reasons, two parties agreeing to seal their transactions by use of digital signatures. The signature cannot be ruled invalid by state legislature or other law-making bodies because it uniquely identifies the individuals involved. Another example is when you visit the Web page, the site collecting more confidential information one is willing to divulge to the site and distribute the data out to the other parties(Kim & Solomon, 2012). By taking the above measures, then there is understanding of how information is compromised. Some of the measures taken to ensure that the information is not compromised is through : Confidentiality. This is the prevention of unauthorized disclosure of information. This occurs as a result of poor security to the information leaking to different personnel. For example, poor security measures would result to allow anonymous access some or all the sensitive information. Integrity. This also the prevention of modifications of limited information. Only the authorized users are probably the cause of similar errors of omissions and alliterating of data. In order to store the correct data in the system it is proper instead of losing data. The attackers also could modify, or delete, or corrupt information that is vital in the correct operation of business functions. 4. The Bell – La Padula security model throws up a paradox when applied to a practical system. Critically evaluate the difficulty this paradox presents to the designer of a multi level secure system. The model was mainly proposed by Bell and La padula. It is one of the earliest models that embodied in the Orange book that was put out by the NCSC. The Bell-La Padula security model controls the information flow to ensure system security. The model is non-linear and it consists of different components, including sets of subjects and objects. It also has a security control matrix. The use of the Bell-La Padula security model supports the designing of multilevel security. However, it has some difficulties that must be taken into account. The model only addresses the issues relating to confidentiality, writing control, and property access control. In addition, it only mentions the covert channels without addressing them comprehensively (Kim & Solomon, 2012). The model entails a set of subjects S and objects O. Subjects are active in both principals and processes that acted as principals. Whilst objects ,such as files. Security level is defined along with mapping. The classification of every subject suggests that there are only two modes of access Read and Write. The information –flow policy is captured by applying the two rules. The Subject S is allows reading access to the Object O. This only applies when the Cs dominates. C(o). This means that a subject is allowed to read only while the objects classification is dominates through its clearance .Therefore , in a particular subject , it cannot read more than the Object of much higher classification. 5. Discuss the extent to which physical security measures such as locks, doors and security guards need to interact with information systems in order to provide overall security. Physical security measures can e integrated with information systems to enhance security in various ways. Relevant procedures and policies are developed and used to foster the efficiency of physical security measures in ensuring overall security. For instance, information system policies can be developed to limit unauthorized entry into specific facilities. Such policies should indicate the individuals, including employees and business associates, who have access to the facilities. In addition to policies outlining the individuals accessing specific facilities, electronic access controls should be used to regulate access to specific resources. Video monitoring can also be integrated with the physical security measures for the identification of the individuals entering the secured areas. By using relevant control access mechanisms, the physical security measures will ensure that only the individuals with legitimate business objectives are allowed to access the secured facilities (Kim & Solomon, 2012). Moreover, the physical security measures can interact with the information systems using appropriate facility security plans that cover the risks associated with entry into the secured facility. For instance, the security plans should protect facilities from tampering, unauthorized access, and theft, among other illegal acts. The interaction of physical security measures with information systems may include the use of signs warning indicated restricted areas, alarm systems, and surveillance cameras. The security measures may also include property control tags and engraving the equipment. Other measures may include the use of identification badges and guest badges. In addition, private security services and patrols can be integrated with information systems to enhance security (Kim & Solomon, 2012). 6. In the design of secure systems, stratagem known as a “Honey Pot” is sometimes employed. Explain the logic behind this approach, assessing strengths and weaknesses and giving an example of how one could be employed. The Honey pot stratagem is a trap that is set to detect, deflect, and counteract at unauthorized utilization of information systems present in the computer. The honey pot mainly consists of the computer data and the network site that appears to be part of the network that isolates and monitors the contained information that is valued by the attackers. The diagram above would help in understanding the concept of this topic. It has a similar application as the [police baiting a criminal then conducting an undercover surveillance. 7. Assess the relationship between organizational culture and information systems security. Discuss ways in which an organization could cultivate a positive security culture. Security mainly, advocates for the recommended strategies that help in shaping the user behavior as part of the overall management program in information security. The major challenge facing the organization s is how to encourage the employees to comply with the information system security policies . It is recognized that among the information system security most scholars and practioners who are the mainly the users have a weak security link and therefore the organizations should develop good strategies that are used shape the behavior of the user. Factors such as the influence of workers attitude and beliefs as well as the moral reasoning and coping mechanism act as antecedent to complaint security behavior. This factors affect on users IS security compliance decisions specifically predict the security culture. Additionally, job satisfaction and the perceived organizational support have a greater positive effect on the users IS security compliance intentions. Security culture therefore is the multidimensional construct that consist of top management and commitment to security. Among other applications, security communication and computer monitoring are the predictors of the complaint behavior. Organizational culture is the pattern of beliefs and main expectations that are shared by the organization members. The researchers have identified that security culture is an important factor in the processes of maintaining the adequate level of information security in organizations that have asserted only the significant change in the security culture can reduce the number of security breaches. Most of this work incorporates the elements from moral development research models and the theory that reasoned the planned behavior and the social bond theory, in the differential association and neutralization. In summary, we realize that we need additional research that could provide a complete understanding of what motivates the users to engage in compliant security behavior. On the other hand , the Organizational behavior provides more information on the factors that contribute to variety of workplace behaviors that adhere to corporate policies that identify job satisfaction and perceived organizational support. Therefore , Educating of the employees about their roles and responsibilities as well as the security and the aspect of security culture could lead to more positive attitude and better security in the whole organization and also its manifestation in security culture. 8. Explain the concept of the “Trusted Computing Base” and how this is used to provide security within an operating system. Trusted computing base (TCB) is a component of a computer system characterized by a set of firmware, hardware, and software elements that serve an important purpose in protecting the computer system. The TCB is characterized by vulnerabilities and bugs that do not jeopardize the security of the entire operating system. Additionally, the different components of the computer system, which are outside the TCB must behave properly to avoid leaking the security privileges granted to them based on the appropriate security policy (Kim & Solomon, 2012). Based on a careful design and implementation of the trusted computing base, the security of an operating system is significantly improved. For instance, the designing of modern operating systems is conducted effectively to reduce the size of the trusted computing base to enhance the effective examination of the TCB’s code base. As a result, the development of the TCB results in the operating systems providing their own security. In contrast, operating systems that do not have the trusted computing base tend to depend on external sources of security. For example, a computer in a locked room, with no network connection may remain secure based on the security policy, irrespective of the software integrated in it (Kim & Solomon, 2012). Moreover, to ensure the security of the entire operating system, the different software parts of the trusted computing base must have the capacity to protect themselves against any form of tampering. For instance, the trusted computing base must protect its software parts from being written to. This will ensure that the overall security of the operating system is maintained (Kim & Solomon, 2012). Reference Kim, D., & Solomon, M. (2012). Fundamentals of information systems security. Sudbury, MA: Jones & Bartlett Learning. Read More