This website uses cookies to ensure you have the best experience. Learn more

Computer Security Assessment Essay

567 words - 3 pages

Answer a) The MPS is a very large organisation which employs over 50,000 people. A dedicated “solution” is needed for-
• Keeping the records of the employees.
• Limited access to data from the database.
• Automatic upgradation as promotions and demotions of employees takes place.
• A single, unique and effectively managed identity repository to help reduce cost and save time.
RBA approaches are accepted as strong and efficient technologies for access control.

Answer b) If MPS is to strengthen user authentication then biometric techniques will bring a definite improvement by increasing the level of security and being cost effective. That’s because biometric techniques are the authentication methods that use one or more intrinsic physical or behavioural characteristics for recognising an individual. So, there is no question of forgetting passwords or access by some other person by ...view middle of the document...

Answer c) Biological identity contains data that uniquely describes an entity with means of biometric techniques whereas Digital Identification is about recognising individuals based on either “what you have” or “what you know” (Wayman.,2008 )

For the Police Computer Crime Unit both of these authentication means can be used. Since the cases are highly sensitive, more secured identification processes are needed. Computer crimes are Hi-Tech crimes. Because there is a large increase in the number of offenders committing this crime, so it is necessary by an officer will be able to use multiple identities, using digital identity. On the other hand, full proof security is ensured by biological identity because it provides secure access.

The role of signed X.509 certificate is to enable the Certification Authority to give receiver of certificate a means through which it can trust not just the public key of the certificate's subject, but also that other information about the certificate's subject.

Answer d) The use of PKI client/server authentication which provides Confidentiality, Integrity and Authenticity (CIA) by the MPS in this context is justified.
PKI is a framework for creating a secure method for exchanging information based on public key cryptography (Al-Khouri & J.Bal , p 361). The exchanged information and management of public keys normally occur through the use of Certification Authorities (CA) (Weise, p 8).
PKI is the only practical mechanism which capably provides strong and efficient security. If the key is kept private and if properly installed then PKI is unbreakable.
For trusting cryptographic techniques Cross Certification should be considered. RSA provides the CIA environment and access control. It uses two keys- Public Key, known to every one and Private Key, known to owners only.

Reference List:

James L. Wayman, 2008, Biometrics in Identity Management Systems, Published by IEEE computer Security.

A.M. Al-Khouri and J.Bal of Wawick University, UK. Journal of Computer Science. Pg 361.

Joel Weise of SunPSSM Global Security Practice. Public Key Infrastucture Overview. Pg 8-10.

Other Papers Like Computer Security Assessment

Is4550 Week 5 Lab Essay

1642 words - 7 pages definition * Align IT security policies throughout the 7 domains of a typical IT infrastructure as part of a layered security strategy * Identify gaps in the IT security policy framework definition * Recommend other IT security policies that can help mitigate all known risks, threats, and vulnerabilities throughout the 7 domains of a typical IT infrastructure Week 5 Lab Part 1: Assessment Worksheet (PART A) Sample IT Security

Information Systems Essay

1212 words - 5 pages Inside The National Infrastructure Marvin Phillips Jr. Professor David Belva SEC 310 Homeland Security Organization and Administration 2/4/2013 A computer attack may be defined as actions directed against computer systems to disrupt equipment operations, change processing control, or corrupt stored data. Different attack methods target different vulnerabilities and involve different types of weapons, and several may be within the current

Computer Security

1963 words - 8 pages develop computer security procedures and policies based on three principles commonly referred to by the C-I-A acronym: Confidentiality, Integrity and Availability. In addition to the CIA acronym, terms such as identification, authentication, authorization, and accountability are incorporated in the computer security procedures and policies. Typically, an organization will conduct a security assessment to determine their choice of security

Net280-Wk1-Case Study

524 words - 3 pages In reference to recent concerns over issues with ping sweeps and port scans. There are several diagnostic test called network probes that are run by Network Administrators to check servers regarding a particular service or updates needed for workstations within the company. In order to guard against nefarious computer activity, special security measures are needed to keep out intruders. Here is a brief assessment in more detail of how ping

A Risk Analysis for Information Security and Infrastrucure Protection

1322 words - 6 pages in system securities in order to stay ahead of modern day cyberpunks, terrorist and computer hooligans. A security threat would be best mitigated by performing a risk assessment of vulnerabilities and threats; follow- up with assessment and evaluation plans, training and implementation. It is always wise to involved all pertinent managers and seek their advice. Equally, important for any organization is to have an outside technical company

Risk Assesment

2541 words - 11 pages Risk Assessment Report for LOGISTIX, Inc. SE578 Project by Ghassan Abukhazneh Practices for administration of physical & operations security SE578 Dr. Khader Jabra Keller Graduate School of Management October 09, 2011 Table of Contents |Subject |Page | |Introduction

It Communications

1093 words - 5 pages * Generally Accepted Principles and Practices for Securing Information Technology Systems. * Security of Federal Automated Information Resources * Computer Security Act of 1987 * Government Information Security Reform Act of October 2000 (Stonebumer, Goguen, & Feringa, 2002). Risk Assessment Activities Conducted by Hezman Technologies Input Risk Assessment Activity Output Step 1 System Characterization Step 1 System Characterization

Security Assessment

2610 words - 11 pages Security Assessment for JLJ Information Technology Group By John Jacobs Table of Contents Company Description 3 Management Controls 3 Operational Controls 4 Technical Controls 5 Concerns and Recommendations 6 Conclusion 7 References 8 Company Description JLJ Information Technology Group helps organizations of all sizes to successfully do business

Lab 5 Assessment Worksheet

692 words - 3 pages assigned WSUS server, the offline catalog (Wsusscn2.cab) on the scanning computer is pushed to the target computer to make the security assessment 7. What does WSUS stand for and what does it do? Windows Server Update Services, enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then

A Security Risk Management Approach for E Commerce.Pdf

2235 words - 9 pages A security risk management approach for e-commerce M. Warren School of Information Technology, Deakin University, Geelong, Australia W. Hutchinson School of Computer and Information Science, Edith Cowan University, Mt Lawley, Australia Keywords Electronic commerce, Risk analysis, Information systems Introduction Information systems are now heavily utilized by all organizations and relied upon to the extent that it would be

Common Information Security Threats for Colleges

1440 words - 6 pages access class schedules, grades, email, and social network sites. Many devices have the capability to store user ID’s and passwords but personal security measures on these devices are not stringent, making it easy for an unauthorized person to intercept this information. Even though a college computer network may have numerous levels of protection, the system cannot easily track student authentication when mobile devices are used. This lack of

Related Essays

Data And Privacy Essay

2289 words - 10 pages session (Shelly, Cashman, & Vermaat, 2005) and (Norton, 2001). Vulnerability Management Software is a high quality solution for the corporate network security management. In the scenario of computer security, vulnerability management software comprises patch management application and vulnerability assessment application, which is used to record and maintain the patch system history and vulnerability status of every host, that comprises

Design And Evaluate Assessment Activities Essay

1512 words - 7 pages learners within the class. I chose to use verbal feedback within the informal ICT assignment. All learners had previous use of the basic computer system and were all able to navigate between different screens. Informal assessment (see appendix 2a) The informal, ICT assessment had to be created under very stringent guidelines within HMP Birmingham. Online security within the prison is very high and because of this I had to plan the

Information Security Evaluation Essay

633 words - 3 pages administrators who are flooded with the security threats that are revealed day by day and not known where to begin. Some software defenselessness is because most effective strikes on computer systems because attackers are opportunistic, and take the simplest path by utilizing the most weaknesses in the systems with extensively accessible attack tools. Hackers rely on individuals and organizations not correcting the faults and frequently

Computer Forensics And Cyber Crime Essay

701 words - 3 pages Computer Forensics and Cyber Crime Author Institution Computer Forensics and Cyber Crime A security survey or audit can also be referred to as a vulnerability analysis. A security survey is an exhaustive physical examination whereby all operational systems and procedures are inspected thoroughly (Fischer & Green, 2004). A security survey involves a critical on-site examination and analysis of a facility, plant, institution