Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Computer Security Analysis
Security Analysis
Managing security strategies for an enterprise requires intensive levels of planning and integration across each of the functional area, in conjunction with synchronization across departments, business units and divisions (Bellone, de Basquiat, Rodriguez, 2008). Enterprise Security Management strategies continue to become part of the overall strategic plans of an enterprise, supporting each strategic initiative and its related tactics to ensure profitable growth (Bellone, de Basquiat, Rodriguez, 2008). The aspects of intrusion detection, web security, deterring and defeating hackers, and the development and execution of an effective security strategic plan is the purpose of this analysis.
Defining A Framework for Enterprise Security Management
Developing an effective framework for managing security needs to begin with an analysis of an organizations' data availability, confidentiality and data integrity needs overall (Bellone, de Basquiat, Rodriguez, 2008). This is often defined as an Information Security Management Systems (ISMS) strategic plan or initiative as it seeks to synchronize security across all functional areas and systems. A successful ISMS implementation will be agile enough to respond to the needs of the organization for data access across all supported channels...
When the strategic role of security is taken into account in conjunction with the overarching needs for role-based data access, the Confidentiality, Integrity and Availability (CIA) Model takes shape and delivers the framework needed to make security a core part of any strategic plan (Bellone, de Basquiat, Rodriguez, 2008). Figure 1, The Building Blocks of a Successful ISMIS Implementation., illustrates the concepts of this model. It also highlights how each must be balanced from a system standpoint in order to be effective.
Figure 1: The Building Blocks of a Successful ISMS Implementation
Source: (Bellone, de Basquiat, Rodriguez, 2008)
This model is often supplanted with more role-based analysis that denotes the processes and procedures of employees who need access to secured information to do their jobs. The following human-in-the-loop framework illustrates this concept (Cranor, 2008).
Figure 2: Human-in-the-Loop Security Framework
Source: (Cranor, 2008)
Using these frameworks as the basis of evaluating security strategies and defining anti-intrusion system fixes while re-architecting key integration points to make them secure is one of…
References
Jason Bellone, Segolene de Basquiat, Juan Rodriguez. 2008. Reaching escape velocity: A practiced approach to information security management system implementation. Information Management & Computer Security 16, no. 1
(January 1): 49-57.
Cranor, L. (2008) A Framework for Reasoning About the Human in the Loop. Retrieved on June 10, 2011 from http://www.usenix.org/events/upsec08/tech/full_papers/cranor/cranor.pdf
DiBattiste, C. (2009) Privacy and Information Security 101: Have a plan Information Security Best Practices 2009 conference archive The Wharton School, University of Pennsylvania. Zicklin Center for Business Ethics Research. Retrieved on July 26, 2010 from http://technopolity.editme.com/files/isbp2009talks/DiBattiste-summary.doc
Miller, M. (2005). Computer Security: Fact Forum Framework Retrieved on July 26, 2010 from http://www.caplet.com/security/taxonomy/index.html
Computer Security: Corporate Security Documentation Suitable for a Large Corporation Item (I) in-Depth Defense Measures (II) Firewall Design (III) Intrusion Detection System (IV) Operating System Security (V) Database Security (VI) Corporate Contingency of Operation (VII) Corporate Disaster Recovery Plan (VIII) Team Members and Roles of Each (IX) Timeline with Goal Description (X) Data Schema (XI) Graphical Interface Design (XII) Testing Plan (XIII) Support Plan (XIV) Schematics Computer Security: Corporate Security Documentation Suitable for a Large Corporation (I) In-Depth Defense Measures Information Technology (IT) Acceptable Use Policy The intentions of
The public-key cryptography approach also creates a more efficient means of cryptographic security by ensuring RSA-compliant encryption and decryption throughout the secured network (Sarkar, Maitra, 2010). As a result the use of public-key cryptography hardens and makes more secure each connection and node on a network (Chevalier, Rusinowitch, 2010). C3. What will help you trust a public-key that belongs to an unfamiliar person or Web site, and why does it
Security Assessment and Recommendations My Name My Teacher SE571 Principles of Information Security and Privacy TOC o "1-3" h z u AS Company Overview Two Security Vulnerabilities Software Vulnerability Recommended Solutions Telecommunications Closet Security Recommendation Impact on Business Processes Budget Aircraft Solutions (AS) is a globally recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Their manufacturing plants are located in San Diego, California and a second, in Santa
His study includes the following; The U.S. government through the executive to provide appropriate leadership to steer the country in the domain of cyber security. The state to conduct immediate risk assessment aimed at neutralizing all the vulnerabilities. The creation of an effective national security strategy as well as the creation of an elaborate national military strategy. Molander (1996) uses a qualitative research approach and methodology .The method used is constructive. The constructive
Computer Security is vitally important to the success of any 21st century firm. However the integrity of computer security has been greatly compromised in recent years and hackers have found creative ways to invade computer systems. The purpose of this paper is to assess how vendor's solutions enable organizations to better meet their overall business goals and strategies. We will also discuss the security of several vendors, which include www.requisite.com,
Computer Security People, process and technology are three things which are involved in information security. Biometrics, passwords and firewalls are some of the technical measures and these are not enough in justifying threats to information. In order to protect information from destruction and to secure systems, a blend of different procedures is required. While deploying information security some factors need to be considered for instance processes like de-registration and registration