Information Security
Added on 2023-04-21
15 Pages2918 Words245 Views
|
|
|
Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the student:
Name of the university:
Author note:
INFORMATION SECURITY
Name of the student:
Name of the university:
Author note:
1INFORMATION SECURITY
Table of Contents
Analysis of the problem situation:.............................................................................................2
Primary users and their requirements:....................................................................................3
Assets to be protected:...............................................................................................................5
Possible vulnerabilities and threats:...........................................................................................6
Security policy for threats and vulnerabilities:..........................................................................7
Providing Confidentiality:..................................................................................................7
Providing Integrity:............................................................................................................7
Providing Availability:.......................................................................................................7
User authentication:...............................................................................................................8
Access control scheme:..........................................................................................................8
Website protection:................................................................................................................8
Suitability of proposed security controls:..............................................................................9
References:...............................................................................................................................10
Appendix..................................................................................................................................12
Table of Contents
Analysis of the problem situation:.............................................................................................2
Primary users and their requirements:....................................................................................3
Assets to be protected:...............................................................................................................5
Possible vulnerabilities and threats:...........................................................................................6
Security policy for threats and vulnerabilities:..........................................................................7
Providing Confidentiality:..................................................................................................7
Providing Integrity:............................................................................................................7
Providing Availability:.......................................................................................................7
User authentication:...............................................................................................................8
Access control scheme:..........................................................................................................8
Website protection:................................................................................................................8
Suitability of proposed security controls:..............................................................................9
References:...............................................................................................................................10
Appendix..................................................................................................................................12
2INFORMATION SECURITY
Analysis of the problem situation:
Presently there are a number of issues in the system in the ISCSR 2020 paper review
system. Security of the papers and the maintaining the authenticity is one of the primary
concerns. The credibility and respects of the authors depend on the number of citations that
are done for the submitted papers. More number of citations of a given paper give more
prestige to the authors of that paper.
In case a paper is accepted but not published, there is a high chance that the ideas and
contents of the papers are stolen or exploited without the knowledge of the authors
themselves. Since such unpublished papers cannot be cited, other authors can exploit the
information by adding their own information to come up with other better research papers.
Therefore, it is extremely important that such unpublished material should be taken care of by
the committee. Lack of adequate security measures will cause the authors to lose their faith
on the committee’s security policies and they may stop submitting their papers in the future
[1]. Presently there are many ethical issues in the system wherein the board members often
reveal the information from the different papers submitted by the authors. They also often use
the information from valuable papers for their own research until the papers are made
available to the delegates of the conference [13]. The employees are not following the code of
ethics properly.
Presently the required levels of confidentiality, integrity as well as availability of the
papers is not available. The authors of different papers are not given the prestige and
credibility that they deserve for the original papers that they submit. Furthermore, there is no
systematized user authentication system and the access is often available to people who are
not supposed to access the papers and other important information within the system [12].
Due to the lack of a proper access control system, users with less privilege also often gain
Analysis of the problem situation:
Presently there are a number of issues in the system in the ISCSR 2020 paper review
system. Security of the papers and the maintaining the authenticity is one of the primary
concerns. The credibility and respects of the authors depend on the number of citations that
are done for the submitted papers. More number of citations of a given paper give more
prestige to the authors of that paper.
In case a paper is accepted but not published, there is a high chance that the ideas and
contents of the papers are stolen or exploited without the knowledge of the authors
themselves. Since such unpublished papers cannot be cited, other authors can exploit the
information by adding their own information to come up with other better research papers.
Therefore, it is extremely important that such unpublished material should be taken care of by
the committee. Lack of adequate security measures will cause the authors to lose their faith
on the committee’s security policies and they may stop submitting their papers in the future
[1]. Presently there are many ethical issues in the system wherein the board members often
reveal the information from the different papers submitted by the authors. They also often use
the information from valuable papers for their own research until the papers are made
available to the delegates of the conference [13]. The employees are not following the code of
ethics properly.
Presently the required levels of confidentiality, integrity as well as availability of the
papers is not available. The authors of different papers are not given the prestige and
credibility that they deserve for the original papers that they submit. Furthermore, there is no
systematized user authentication system and the access is often available to people who are
not supposed to access the papers and other important information within the system [12].
Due to the lack of a proper access control system, users with less privilege also often gain
3INFORMATION SECURITY
access to the important information of the committee and eventually breaching the privacy of
the research papers [2]. The website lacks adequate security features, leading to the
vulnerability of being hacked by the hackers at any point in time.
Primary users and their requirements:
Primary users Roles Requirements
Steering committee They are responsible for
deciding on the date as well
as location for the different
conferences.
They need the proper
schedule from the
management regarding the
tentative dates as well as
privilege of selecting other
important members.
Programme Committee
Chair or the PC Chair.
The Programme Committee
Chair is solely responsible
for planning the entire
conference programme
He should have adequate
knowledge of the number of
authors submitting their
papers as well as the
deadlines assigned [14]. He
should have access to the
information systems
managing the data of the
paper reviewers as well as
the program committee.
Programme Committee or
PC.
They have important
responsibilities to properly
review the credibility of the
information in the different
PC members should be
given full access to the
papers submitted by the
different authors and
access to the important information of the committee and eventually breaching the privacy of
the research papers [2]. The website lacks adequate security features, leading to the
vulnerability of being hacked by the hackers at any point in time.
Primary users and their requirements:
Primary users Roles Requirements
Steering committee They are responsible for
deciding on the date as well
as location for the different
conferences.
They need the proper
schedule from the
management regarding the
tentative dates as well as
privilege of selecting other
important members.
Programme Committee
Chair or the PC Chair.
The Programme Committee
Chair is solely responsible
for planning the entire
conference programme
He should have adequate
knowledge of the number of
authors submitting their
papers as well as the
deadlines assigned [14]. He
should have access to the
information systems
managing the data of the
paper reviewers as well as
the program committee.
Programme Committee or
PC.
They have important
responsibilities to properly
review the credibility of the
information in the different
PC members should be
given full access to the
papers submitted by the
different authors and
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Importance of Database Security in Maintaining Confidentiality, Integrity and Availability of Informationlg...
|9
|1906
|181
BYOD Policy Design for Southern Cross Universitylg...
|8
|1829
|264
Penetration Testing Reportlg...
|16
|2973
|89
Information Assurance And Serviceslg...
|8
|1697
|18
Identification of Security Breacheslg...
|2
|1667
|355
Security Evaluation for WidgetsInc Web-Storelg...
|11
|4054
|388