These security requirements are represented in Figure 1, Classic Critical Security Requirements. This figure depicts the cross-domain solutions of informal controls, also known as human relationships, and formal and technical controls, which provide for organizational and physical information security controls, respectively. Two additional security requirements have recently been added that are of particular importance to networked environments because attacks now extend far beyond traditional firewall perimeters. These are authentication, which is used to assure a message actually comes from the source it claims to have originated; and, nonrepudiation, which can be applied to prevent an entity from denying performance of a particular action related to handling data, thereby assuring validity of content and origin. Figure 2, Core Data Security Set, depicts the interrelationship of the five core requirements of information security.
The remainder of this paper will focus on nonrepudiation, which may also be explained as a security protocol that allows an individual or organization to prove, for instance, t...
... middle of paper ...
...thenticated. The back end receives the transaction request, validates the signature information, and once successfully validated, the transaction may continue.
In closing, it must be understood there are certain variables that must be considered when applying a Challenge Response OTP Token and Digital Signature as nonrepudiation methods. These include costs, technical support, speed, latency time and others. A comparison of these important variables is provided in Figure 9.
Dhillon, G. (2007). Principles of Information Security Systems. John Wiley & Sons, Inc.
DHS. (2008). US CERT. Retrieved September 14, 2011, from United States Certification: http://www.us-cert.gov/control_systems/pdf/SCADA_Procurement_DHS_Final_to_Issue_08-19-08.pdf
Professional Development Center. (2010). Retrieved September 7 from http://pdc-riphah.edu.pk/site/?page_id=69
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- Cyber security is defined as the protection of information on computer systems and the protection of the hardware that supports or stores the information on computers or servers. This level of protection can include controlling physical access to the hardware, as well as protecting against harm that may come from local or remote network access, data and code injection and due to malpractice by system operators, who may have been tricked by outside personnel to place the system in a compromising situation.... [tags: Computer security, Information security, Computer]
833 words (2.4 pages)
- Background Security management within the context of information systems “needs a paradigm shift in order to successfully protect information assets” (Eloff & Eloff, 2003). Due the rapid increase in information security threats, security management measures have been taken to proactively remedy the growing threat facing information security. As a result of this, security management “is becoming more complex everyday, many organization’s security systems are failing, with serious results” (Fumey-Nassah, 2007).... [tags: Security ]
1081 words (3.1 pages)
- According to Wilshusen, information systems security plan refers to a formal plan that gives descriptions of the plan of action to secure an information system of an organization or business enterprise. The plan offers a systematic approach and methods for safeguarding information technology items of an organization from being accessed unauthorized users, guards against viruses and worms in addition to any other incidents that may jeopardize the underlying information system’s security (Wilshusen, 2011).... [tags: Information security, Computer security, Security]
1380 words (3.9 pages)
- Hardware, software and the data that resides in and among computer systems must be protected against security threats that exploit vulnerabilities. Organizations must therefore impose appropriate controls to monitor for, deter and prevent security breaches. Three areas have been considered, in a typical sense, as the basic critical security requirements for data protection: confidentiality is used to assure privacy; principles of integrity assure systems are changed in accordance with authorized practices; and, availability is applied to maintain proper system functions to sustain service delivery (Dhillon, 2007, p.... [tags: Information Technology ]
1931 words (5.5 pages)
- TABLE OF CONTENTS 1.0 HISTORY: 6 2.0 INTRODUCTION: 6 3.0 SCOPE: 7 4.0 RECOMMENDATIONS: 7 4.1 Physical Security: Operation Class; Physical and Environmental Family (ID:PE): 7 Table 1; Recommended Common Physical and Environmental Controls 6 4.2 Network Security: Technical Class; ID & Authentication (ID:IA), Access Control (ID:AC), Audit & Accountability (ID:AU) and System & Communications Protection (ID:SC): 7 Table 2; Recommended Common Network Controls (IA) 7 Table 3; Recommended Common Network Controls (AC) 6 Table 4; Recommended Common Network Controls (AU) 6 Table 5; Recommended Common Network Controls (SC) 7 4.3 Data Security: Technical Class; Systems and Information Integrity (SI): 7... [tags: Network Security]
1921 words (5.5 pages)
- Database auditing is considered as a contemporary article on database due to a vital role on the database security (Abraham, etal .,2002). There are many different of motivations that make one very excited to do this work , Nevertheless there are millions of database transactions that being executed among different of hosts all-round the organization sites. There are many question arise such as How to do some statistical analysis on database, also How to reveal out the crimes that the database is vulnerable to.... [tags: database auditing, contemporary article]
1204 words (3.4 pages)
- Everywhere, it seems. Headlines such as “Chinese hackers hacked into Google” or “Internet scammers stole 2 million credit card numbers” appear all over the place. Why do things like this happen. Who are the people who are supposed to protect this confidential information. The truth is that those in IT security are the ones on the forefront of the underground war on hackers and other threats to national security. Overall, IT security is one of the most precise and important jobs of the modern age.... [tags: Information Systems, Security, Authorization]
1068 words (3.1 pages)
- Security and Ethical Issues Affecting Information Systems Because information systems became increasingly important business assets, they also became harder and more expensive to replace. Having damage to information systems or theft of data can have negative consequences. Two of the major security threats are cybercrime and so-called malware. Cybercrime Computers provide efficient ways for people and employees to share information. But they could also allow people who have malicious intentions on using it, and some who could just have motives to see if they can actually do it.... [tags: Computer, Malware, Computer data storage]
1572 words (4.5 pages)
- Over the last 15 years, healthcare in the United States and across the world is changing and is in many cases struggling to keep up with the change. As the population in the United States ages and more and more are attaining age 65 and older, this cohort typically requires more medical intervention. What is worrisome, is this growth in the aging population is coming at a time when there is expected to be a shortage of healthcare providers (Hariharan & Selena, 2015). Add to the sicker population and the reduction in healthcare providers, newly implemented laws like the Affordable Care Act (ACA) that not only increased the number of individuals receiving healthcare services, but also makes pro... [tags: Health care, Health informatics]
1199 words (3.4 pages)
- Organizations today face many ominous cybersecurity concerns that must be addressed systematically and effectively to protect the organization, their customers, and their employees. Information systems which house significant amount of data can be extremely alluring to hackers. Thus, ensuring the classification, uprightness, and accessibility of databases ought to be incorporated as a component of the security arrangement for each association. Vulnerabilities and threats identified within our research has harmed their credibility, integrity, and confidentiality of iTrust databases.... [tags: Authentication, Access control]
1201 words (3.4 pages)