StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Security in Computing - Assignment Example

Cite this document
Summary
The paper "Security in Computing" tells that confidentiality, integrity, and availability (CIA) are the major principles that need to be considered while designing security policies in order to counteract security threats for instance interruption, interception, fabrication, and modification…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.1% of users find it useful

Extract of sample "Security in Computing"

Information Security Student’ Name: Instructor: Subject: Date: 1. Confidentiality, integrity and availability (CIA) are the major principles which need to be considered while designing security policies in order counteract security threats for instance interruption, interception, fabrication and modification. Another aspect of consideration is eliminating the vulnerabilities of the computer system. With regard to interception, an unauthorised individual, program, or computer system is in better position to access information asset or resource. To control such there needs to be a robust information security system that has level of integrity and confidentiality thus making data/information unavailable to illegitimate users. On the other hand, if and when a computer system is interrupted by a malicious program, it becomes unusable or unavailable. Besides, unauthorised user may install such malicious programs into the computer system remotely. Conversely, tampering with the information asset or resource amounts to modification which may be done changing the extensions or codes of the database files. On the other hand, an illegitimate user may create counterfeit objects within the computer system which looks similar to the original programs (Pfleeger, 2006). To achieve Confidentiality, integrity and availability, it is required to have or institute access controls so as to avoid unauthorized access to information resources and/or systems. Such access controls comes in handy to achieve confidentiality or privacy (preventing unauthorized disclosure or access to information) and integrity (preventing unauthorized modification of information). Generally, access controls systems determine how a particular process (subject) may access an object (a resource). According to Gollmann (2010), access controls encompasses; instituting security policies (whereby principals are allowed to access specific resources), authentication of information accessed or supplied with an access request, and evaluation of access request in regard to a given security policy. Access controls may be either discretionary access controls and/or mandatory access controls. As such they stipulate whether an individual or a system running under a given user identity is allowed/authorized to access a particular resource. In such case, unnecessary interruption, interception, modification and fabrication of information or data is avoided. 2. DES as a standard has been adopted by national Bureau of Standards in USA and it is applied in many software and hardware systems. Because of the repeated application of permutation and substitution, DES algorithm is very strong when used in encrypting data. With reference to Shannon’s cryptographic standards, DES of logical operations and standard arithmetic on up to 64-bit numbers, it can be comfortably applied in more recent computers. On the other hand, DES complex and this does not limit its implementation on single-purpose chips. Besides, as Shannon had identified that by applying two weak ciphers together (product) would result in a more secure cipher, DES complies to this splitting data blocks into two, scrambling each half independently, combining the key with one half and swapping the other two halves. For the Advanced Encryption Standard (AES) it was an improvement of DES based on security features, cost of operation and the ease with which it could be implemented in computer software. AES can be easily implemented on simple processors and although it makes use of strong mathematical computations it applies transposition, substitution and the exclusive or shift operations. AES algorithm has got no room fro security flaws compared to DES as it has been established through research. On the other hand, longevity of AES is largely optimistic as well as difficult to understand. AES may apply an 18-bit, 192-bit, or 256-bit key which implies that the algorithm starts with a key which is twice the size of DES key and also has a room fro extending more. In this respect, as Shannon had observed, the ability of AES to double the length of the key would mean squaring the number of possible keys which are required to be tested in an attempt to break encryption. Therefore, AES would in future apply a longer key length with the advancing technology as it would be possible to double the current key size. AES differs with Shannon’s principle no. 2 as it is complex based on the fact tat complexity of implementation time is tolerable. Besides, AES has surpassed any other algorithm by being based on sound mathematics and ip to now, it has stood the test of time (Pfleeger, 2006). 3. In designing security principles, a lot needs to be considered with respect to the extent with which confidentiality, integrity and availability of data/information would be achieved or mitigated. Thus, as a basis, the person mandated with ensuring information security of an organization, should as a basis consider a number of issues. First consideration is the main objective or products of the organization. This would facilitate in giving an insight of what are the priorities to make with regard to information security. Second consideration would probably be the number of departments as well as the main tasks they carried out in them daily. What is the volume of data involved? Who are the personnel authorised to handle sensitive or non-sensitive data/information? Third consideration is the number, type and location of information security assets within the organization in general and departments in particular. Fourth aspect to consider would be establishing the type of risks the information assets are predisposed to with respect to interaction among employees, vendors, and customers. This would come in handy while instituting counter measures of the identified threats and vulnerabilities. In regard to confidentiality, it should only be authorized personnel that have access to information assets. As such, physical security controls e.g. lock and key and human security guards may be employed. Besides, software based access controls may be employed; for instance Role-Based Access Controls (RBAC) that specifies particular job functions on a need-to know basis. This would restrict the users in performing certain kind of task on the computer system. The most common RBAC model which is applied by NIST identifies various forms of RBAC –flat, hierarchical, constrained, and symmetric RBAC. To some extent, confidentiality is also referred o as information privacy or secrecy. Subsequently, access controls determines the level of integrity fro computer information/data. They stipulate who is responsible for creating, deleting or modifying information/data. Another security design principle which needs to be considered is availability of information/data. There should be no denial to any legitimate person fro any data at any particular time. With these considerations, among others, an information security manager would succeed in instituting an all comprehensive security design (Pfleeger, 2006). 4. To compensate clock drift, the concept of password token is implemented. Generally, password is generated randomly in such a way that it is hard to predict and up on reaching the receiving end, validation process (es) is/are initiated. New numbers are generated after every minute or so and each user is given access to displayed on the device which acts as a one-time period. Conversely, on the receiving side, a computer through an algorithm process is able to process a password by using the current time. A successful authentication happens if the password produced through the algorithm matches the one that was computed/ generated remotely. It happens that at some times devices that are generating passwords may be misaligned –this happens if one clock runs faster than the other. To keep this on check, it is done by the use of natural rules making the subject devices to account for any minor drift that may be experienced. The use of one-time password ensures that issues of mine trapping and spoofing are kept at bay. However, problems are encountered in case the user looses the device generating the password mostly if it falls in the wrong hands (attacker). The slice window can be used by the attackers to launch this attack into the system. To overcome the time slice experienced, amore sophisticated scheme is used –challenge and response device. Such a device works well by subjecting the user to an authentication process by means of a PIN –a random number sent by the remote system which is technically referred to as the ‘challenge’. It is important to note that the random number is what the user enters into the device. In order to complete this process, the remote device finally responds by will with another final number that the user transmits to the system. For each and every use, a user is prompted by the system for a new challenge. Nevertheless, it is practically clear that the issues of rogue remote hosts are not addressed (Pfleeger, 2006). 5. For a network security expert encryption is one of the tools that come in handy since it is able to provide limited access data as a whole at the same time compromising integrity, privacy, etc. To make a network secure data keeping in mind the high percentage of risk involved there’s the urge to combine both encryption and other available methods (controls). In a nutshell, link and end-to-end encryption can be used at the same time. The main reason being if you can have an encrypted system that has a loophole (flawed) it remains vulnerable in terms of its design, encryption main objective is to protect whatever data that is already encrypted. Encryption cannot protect against malicious codes of software like Trojans hence the importance of combining it with other controls that are readily available. When encryption is implemented between two existing hosts it is termed as link encryption while when implemented between two application/programs it is termed as end-to-end encryption. The main advantage by the above combination is that of duplication of security of the data involved is guaranteed with a very little negative impact. This can be explained by a scenario whereby a particular user doesn’t trust the quality of the link in use thereby applying end-to-end encryption as an added measure, while a system administrator can opt to use links encryption if he is concerned with the security of an end-to-end encryption control (Pfleeger, 2006) . References Gollmann, D. (2010). Computer security. WIREs Comp Stat, 2(9/10), 544–554. Pfleeger, C.P. (2006). Security in Computing, 4th ed. New Jersey: Prentice Hall. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Security in Computing Assignment Example | Topics and Well Written Essays - 1500 words, n.d.)
Security in Computing Assignment Example | Topics and Well Written Essays - 1500 words. https://studentshare.org/information-technology/2058616-it-security-assignment-5-questions350words-peranswer
(Security in Computing Assignment Example | Topics and Well Written Essays - 1500 Words)
Security in Computing Assignment Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/information-technology/2058616-it-security-assignment-5-questions350words-peranswer.
“Security in Computing Assignment Example | Topics and Well Written Essays - 1500 Words”. https://studentshare.org/information-technology/2058616-it-security-assignment-5-questions350words-peranswer.
  • Cited: 0 times

CHECK THESE SAMPLES OF Security in Computing

Computer Sciences and Information Technology

Security in Computing.... hellip; It is common for people to immediately think of implementation bugs when the issue of security vulnerability comes up.... Despite RBAC applications, most of the security teams are still facing difficulties when it comes to account implementation and the process of access management on RBAC....
3 Pages (750 words) Essay

Information Technology Security

Name: Tutor: Course: Date: University: Information Technology and security Introduction CIA denotes confidentiality of information, integrity of information, and availability of information.... hellip; The protection of such information as bank account statements, credit card numbers, personal information, government documents, and trade secrets remain a critical part of information security.... SSL/TSL details a security protocol for communication over the internet has overtime been employed, in conjunction with a broad range on internet protocols, to guarantee security (Whitman and Mattord 2012, p....
3 Pages (750 words) Essay

HSBC E-Business Challenges and Mitigation

nbsp;… According to the study the various security concerns arise as a result of various individuals who passionately developed intelligent programs with negative and illicit attitude and make sure that all the various concerns are highlighted to its full extent.... The various security concerns are dependent on the technologies in use like Ajax and other majority of technologies used.... The composite feature of the security concerns are as follows:This paper outlines that the largest threat is content exploitation and the various implications of duplicating a wrong site to the transacting parties....
5 Pages (1250 words) Essay

File management in UNIX

Security in Computing.... Practical UNIX and Internet security.... Operating system security.... The reporter describes UNIX file system as a method of managing large amounts of data by storing and organizing them in a chronological manner (Pfleeger et al, 2003)....
2 Pages (500 words) Essay

Security Issues in Delivering Infrastucture as a Service in Cloud Computing and Business

This paper ''Security Issues in Delivering Infrastucture as a Service in Cloud computing and Business'' purposes to explore the infrastructure as service (IaaS) paradigm introduced by cloud computing.... nbsp;Cloud computing has introduced new traditions of administration and management of computing assets.... Cloud computing is a very rapidly and extensively evolving paradigm in the world of information technology and it is basically the resultant of the trend of service provision to remote users....
4 Pages (1000 words) Literature review

Cloud Computing as an Important Invention in the Technological Sector

The paper "Cloud computing as an Important Invention in the Technological Sector" discusses challenges that face the company from migrating to cloud computing.... Privacy of the information of the enterprise is an issue that affects many cloud-computing companies.... The storage capacities that cloud-computing offers are unequaled.... loud computing offers many services like the backup of data that will help in recovery in cases the computers are damaged or the files become corrupt....
5 Pages (1250 words) Case Study

Security Management in the Cloud

nbsp; Cloud computing enables organizations to achieve convenience, on-demand network access to be obtained over shared computer resources that can be configured to fit each user's needs.... The author of the paper titled "security Management in the Cloud" focuses on the NIST Cloud Standards which goals are to achieve fungible clouds that ensure application portability, standard interfaces, programming models for the cloud, and semantics.... nbsp;… The NIST Cloud Standards also seeks to make federated security services and that there is effective implementation by all the competing vendors of the cloud....
1 Pages (250 words) Essay

Building a Secure Computing System

security in terms of information technology refers to the state or quality of data being secure.... This assignment "Building a Secure computing System" presents information security as inclusive of data security, information security management, network security, and data security.... The policy is the major part of all information security efforts.... The protection of confidentiality is facilitated by the execution of the following measures; secure document storage, end users education, the classification of information, and the use of general security policies....
8 Pages (2000 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us