Two fundamental concepts in computer and information security are the security model, which outlines how security is to be implemented. Basically providing a blueprint and the architecture of a computer system, which fulfills this blueprint. A security model is a statement that outlines the requirements necessary to properly support and implement a certain security policy. A security model provides a deeper explanation of how a computer operating system should be developed to properly support a specific security policy (Whitman, 2014).
Explain that some security architecture models are implemented into computer hardware and software, some are implemented as policies and practices, and some encompass both
Information security is made up of three main attributes: Availability is the prevention of loss of access to resources and data. Integrity is the prevention of unauthorized modification of data, and Confidentiality is the prevention of unauthorized disclosure of data. These attributes branch off into more granular security attributes
such as authenticity, accountability, non-repudiation, and dependability (Whitman, 2014).
A security model incorporates the security policy that should be enforced by the system. A model is a figurative representation of a policy. It maps the desires of the policy makers into a set of rules that are to be followed by a computer system
A security model is usually represented in mathematics and analytical ideas, which are then mapped to system specifications, and then developed by programmers through code. Specifications are then developed to provide a bridge to what this means in a computing environment and how ...
... middle of paper ...
... of protection between the subject and the object and further restricts the type of actions that can take place on that object, thus protecting the integrity of the object. So the Clark-Wilson model prevents authorized users from making modifications by requiring them to go through programs to modify objects. It also prevents authorized users from making improper modifications by enforcing separation of duties, and maintains an audit log for external transactions (Whitman, 2014).
Conclude with your recommendation of which model would be best to use in your organization
I would recommend the Clark-Wilson for my organization. It would prevent fellow coworker from making changes to my test rack and my integration rack. I feel that it would help my IX2 from disappearing and it would also help with someone making network changes to my test rack and not changing it back.
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- In this essay we will present security issues of a networking concept referred to as ambient networks, which aims to enable the cooperation of heterogeneous networks belonging to different operator or technology domains. In this way, it appears as homogeneous to the users of the network services. Providing security in ambient networks is a huge challenge. The main reason is that the traditional security model is not valid anymore. Traditional security assumes that there is a vulnerable channel between communicating parties, where eavesdropping, modification of messages or denial of service attacks can occur.... [tags: Ambient Network Security, AmI]
2184 words (6.2 pages)
- ... Other areas of concern include cost and usability. Cost refers to the price attached to information accessed. Network operators, content providers and other stakeholders need to keep access cost affordable. Usability refers to how easy it is for a mobile user to access information, however it is subject to the type of application and mobile device been used. Stakeholders need to ensure that applications, services and devices maintain a high level of usability for mobile commerce to thrive. In addition Privacy and security concerns exist, as data sharing increases.... [tags: electronic transactions using smartphones]
1330 words (3.8 pages)
- Security Issues in Cloud Computing Introduction The first computer ENIAC was invented by Charles Babbage in 18th century. But the real technological advancement of the computers came with the invention of the first four bit microprocessor in 1971. From 1971 till date, in the span of these 40+ years many operating systems came into existence (such as Windows 95, Windows 98, Windows 2000, Windows NT, Windows XP, Windows 7, Fedora, Mac, Redhat, Ubuntu, Kubuntu, Solaris etc.), many programming languages and web languages came into existence ( such as C, CPP, JAVA, .NET, HTML, XML, DHTML, SQL, PLSQL etc.), and many Multi-National Companies came into existence(such as Wipro, Genpact, Apple, Goo... [tags: IT, Computer Science]
1875 words (5.4 pages)
- The correctional system has tried to determine what the best method for dealing with criminals is, particularly criminals who are deemed to be the "worst criminal" type. There are two different models that have been suggested, the dispersion model and the consolidation model. To define it simply, the dispersion model "scatters offenders with unusually dangerous histories or disruptive behavioral patterns throughout the correctional system, thus avoiding a concentration of such offenders in any one location" (Hickey, 2010, p.... [tags: Criminal Justice]
1377 words (3.9 pages)
- A huge number of mobile and embedded device interconnecting constantly by mobile and wireless networks with heterogeneous infrastructures , sharing serious and sensitive information, these ubiquitous computing environments ; however, may arise some security and privacy issues. Indeed, security is becoming increasingly a major issue in ubiquitous computing environments. This is because the big difference between traditional wired networks; and wireless, sensor and mobile ad hoc networks that are used in UbiCom environments.... [tags: mobility, openness, scalability ]
1402 words (4 pages)
- The implementation of several security measures after September 11 has led to new types of developments in the collection of data. With the rapid growth of information technology and its reach around the world as well as the average citizen’s ever-growing reliance on technologies, arguments have risen over the importance of individual freedom and privacy. The leaks from those such as Edward Snowden and their revelations of how the National Security Agency’s (NSA) surveillance practices target and monitor their own citizens led to even further scrutiny of big data mining by government agencies.... [tags: Data, Data analysis, Mass surveillance]
1570 words (4.5 pages)
- ... Unfortunately, this may also impose massive hardships by increasing the costs and labor for agencies to establish permissible access. However, this expected and justified expense comes with risk reduction. It is also worth noting that FISMA protects certain government information from being subjected to release by the Freedom of Information Act (FOIA) (Feinberg, 2004). GLBA repealed acts such as the Glass-Steagall Act of 1933 and the Bank Holding Company Act of 1965, which barred financial bodies from performing any mixture of roles such as banks delving into insurance underwriting, securities, and other investment functions (Mamun, Hassan, & Maroney, 2005).... [tags: information security, models, protection]
1683 words (4.8 pages)
- I. INTRODUCTION System safety is a complex concept, which is represented by multiple attributes and which requires diverse sources of evidence to demonstrate its achievement. Safety-critical systems, which provide safety-critical services to their users, must be designed to be safe. This means that despite their complexities and despite variable environmental conditions, their operation should be demonstrably safety. A fundamental difficulty in measuring system safety arises due to the complexity of the notion – it is made up of multiple, potentially conflicting attributes, and difficult trade-offs may need to be made between these attributes.... [tags: Information Technology]
1413 words (4 pages)
- Well-being is slowly being recognized as a subjective concept. While others may view an individual’s situation as less than ideal, that person may still be perfectly satisfied with their situation. Taking this into account, researchers focusing on subjective well-being realize that any circumstance may be interpreted differently, depending upon one’s own goals and current life stage (Encyclopedia of Applied Psychology, 2004). Goals and life stages are interwoven in that the current position one stands will have a dramatic effect on current or upcoming goals and aspirations.... [tags: happiness and well-being ]
2561 words (7.3 pages)
Critically Discuss The Various Existing Models Linking Organizational/ Business Strategy With Hrm Strategy
- In today’s rapidly changing globalised business environment, human capital has become one of the keys to competitive advantage. Consequently, any good business strategy must fully utilise the inimitable assets of people through their knowledge, skills and abilities. This highlights the need for strategic human resource management (SHRM). The key assumption of SHRM is that organisational performance is affected by employees through a set of human resource (HR) practices (Pan et al 2006). A review of the literature linking HR practices to business strategy shows two conflicting perspectives in SHRM.... [tags: Business Strategy]
1912 words (5.5 pages)