Case Study: Expanding Information and Network Security Business
VerifiedAdded on 2020/02/24
|22
|5519
|114
Case Study
AI Summary
This case study examines the potential for business expansion of a Melbourne-based software company specializing in information and network security. The report provides an overview of current market applications, including authentication (Kerberos), web security standards, and IP security applications. It explores the company's opportunities to expand within the information and communication technology sector, considering strategies such as off-shelf software customization and in-house product development. The analysis includes factors for success and potential failure, along with recommendations for strategic growth, market segmentation, and compliance with regulations. The study also addresses the importance of information security in today's evolving digital landscape, emphasizing the need for robust security measures to protect against cyber threats.
Running head: CASE STUDY
Assessment 3-report
Case Study
Name of the Student
Name of the University
Author Note
Assessment 3-report
Case Study
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
CASE STUDY
Executive Summary
The purpose of this report is to examine the possibilities for the expansion of the business. The
following report provides the discussion regarding the information and the security applications
that are there in the market at present and its uses. The report also focuses on the security and the
technological aspects of the advantages and the risks involved. The respective Company is a
small software organization that was established less than five years ago. The software
organization is based in Melbourne. The company deals with the development and the
customization of the applications that specialize in the information and the network security area.
The Company at present and compiling the recent scenario is exploring option to expand its
business opportunities in the next five years to its other branches within the information and the
communication technology.
CASE STUDY
Executive Summary
The purpose of this report is to examine the possibilities for the expansion of the business. The
following report provides the discussion regarding the information and the security applications
that are there in the market at present and its uses. The report also focuses on the security and the
technological aspects of the advantages and the risks involved. The respective Company is a
small software organization that was established less than five years ago. The software
organization is based in Melbourne. The company deals with the development and the
customization of the applications that specialize in the information and the network security area.
The Company at present and compiling the recent scenario is exploring option to expand its
business opportunities in the next five years to its other branches within the information and the
communication technology.
2
CASE STUDY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................4
Information Security and Network Security................................................................................4
Information/Network Security Applications...............................................................................4
Authentication Applications (Kerberos)..................................................................................4
Web Security Standards...........................................................................................................5
IP Security Application............................................................................................................5
Expansion Opportunities of the Company...................................................................................6
To expand the business a few strategies have to be followed:................................................7
Off shelf software and in-house products....................................................................................7
Reasons for Success.....................................................................................................................8
Probable reasons for Failure........................................................................................................9
Conclusion.......................................................................................................................................9
Recommendations..........................................................................................................................10
References......................................................................................................................................12
Annotated Bibliography.................................................................................................................15
CASE STUDY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................4
Information Security and Network Security................................................................................4
Information/Network Security Applications...............................................................................4
Authentication Applications (Kerberos)..................................................................................4
Web Security Standards...........................................................................................................5
IP Security Application............................................................................................................5
Expansion Opportunities of the Company...................................................................................6
To expand the business a few strategies have to be followed:................................................7
Off shelf software and in-house products....................................................................................7
Reasons for Success.....................................................................................................................8
Probable reasons for Failure........................................................................................................9
Conclusion.......................................................................................................................................9
Recommendations..........................................................................................................................10
References......................................................................................................................................12
Annotated Bibliography.................................................................................................................15
3
CASE STUDY
Introduction
The respective Company is a small software organization that was established less than
five years ago. The software organization is based in Melbourne. The company deals with the
development and the customization of the applications that specialize in the information and the
network security area. The major clients of the company are based in the major cities of
Australia, which range from small to medium sized organizations. This organization at present is
undertaking projects that are developing applications in-house or the customization of the off-
shell software. These are done with agreement with the large vendors. The business scope of the
organization at present is limited to the development of the applications. The Company at present
and compiling the recent scenario is exploring option to expand its business opportunities in the
next five years to its other branches within the information and the communication technology.
The Company also plans to expand its business to all parts of Australia and if possible overseas
also. The future options of this organization are to diversify the business to provide the ongoing
information and the network security services to the various businesses, which have a presence
on the online platform. This will require management of the online security of those
organizations, websites and the database of the clients. The report is an investigation of the
possibility of the expansion of the business. The following report provides the discussion
regarding the information and the security applications that are there in the market at present and
its uses. The report also focuses on the security and the technological aspects of the advantages
and the risks involved.
CASE STUDY
Introduction
The respective Company is a small software organization that was established less than
five years ago. The software organization is based in Melbourne. The company deals with the
development and the customization of the applications that specialize in the information and the
network security area. The major clients of the company are based in the major cities of
Australia, which range from small to medium sized organizations. This organization at present is
undertaking projects that are developing applications in-house or the customization of the off-
shell software. These are done with agreement with the large vendors. The business scope of the
organization at present is limited to the development of the applications. The Company at present
and compiling the recent scenario is exploring option to expand its business opportunities in the
next five years to its other branches within the information and the communication technology.
The Company also plans to expand its business to all parts of Australia and if possible overseas
also. The future options of this organization are to diversify the business to provide the ongoing
information and the network security services to the various businesses, which have a presence
on the online platform. This will require management of the online security of those
organizations, websites and the database of the clients. The report is an investigation of the
possibility of the expansion of the business. The following report provides the discussion
regarding the information and the security applications that are there in the market at present and
its uses. The report also focuses on the security and the technological aspects of the advantages
and the risks involved.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
CASE STUDY
Discussion
Information Security and Network Security
The information security refers to the number of the strategies that are used to manage
the different processes, the tools and the policies, which are important for the prevention,
detection, documentation, and to counter the threats to the digital and the non-digital
information. It is also called as the ‘infosec’. Infosec has the responsibility to establish the
business process to protect the assets of information despite the information being in the mode of
formatting or transition or is at rest in the storage or being processed Panda, Abraham & Patra,
2012). The network security on the other hand refers to any action that is designed for the
protection of the usability and integrity of the network and the data. The network security is
effective and manages the access to the network. The duty of the network security is to target the
threats and stops them from spreading to the network of an individual. The network security is a
combination of the various layers of the defenses in the network. Each layer has its policies and
controls (Stallings & Tahiliani, 2014).
Information/Network Security Applications
Authentication Applications (Kerberos)
The Kerberos is an authentication protocol that is designed for the internet protocol and
the transmission control protocol. This service acts on the concerned network acts as trusted
intermediary. This application allows the clients to access to other different clients and services
on the respective network. This application keeps a database of the various clients and their
protected keys. The services require the authentication of the clients by registration of the
password keys with this application. There is the creation of the shared password session that is
CASE STUDY
Discussion
Information Security and Network Security
The information security refers to the number of the strategies that are used to manage
the different processes, the tools and the policies, which are important for the prevention,
detection, documentation, and to counter the threats to the digital and the non-digital
information. It is also called as the ‘infosec’. Infosec has the responsibility to establish the
business process to protect the assets of information despite the information being in the mode of
formatting or transition or is at rest in the storage or being processed Panda, Abraham & Patra,
2012). The network security on the other hand refers to any action that is designed for the
protection of the usability and integrity of the network and the data. The network security is
effective and manages the access to the network. The duty of the network security is to target the
threats and stops them from spreading to the network of an individual. The network security is a
combination of the various layers of the defenses in the network. Each layer has its policies and
controls (Stallings & Tahiliani, 2014).
Information/Network Security Applications
Authentication Applications (Kerberos)
The Kerberos is an authentication protocol that is designed for the internet protocol and
the transmission control protocol. This service acts on the concerned network acts as trusted
intermediary. This application allows the clients to access to other different clients and services
on the respective network. This application keeps a database of the various clients and their
protected keys. The services require the authentication of the clients by registration of the
password keys with this application. There is the creation of the shared password session that is
5
CASE STUDY
provided to the client and the server for the encryption of the messages. For the purpose of the
encryption the Kerberos uses DES that is the data encryption standard. The customer or the client
has make a request for the ticket granting service from the application and then this application
sends the ticket to the respective client that has the encryption of the client password key. The
generation of the authenticators by the client is done by sharing the password keys. If the
credentials provided by the client are approved, then the server grants access to the service
(Mahajan & Sachdeva, 2013). There is a possibility to replace all the client Kerberos software
with a version, which records the passwords.
Web Security Standards
These use the SSL (Secure Socket Layer) protocol for providing a reliable and secure
service on the Transmission Control Protocol. The web security threats are located at the server
or the customer and include passive and active attacks. The passive attacks comprises of the
access to the network traffic between the browser and the server and accessing the restricted
information. The active attacks comprise of the impersonation as another user and alteration of
the messages and the information on a website. There are security parameters to define the
association between the browser and the server. There is provision of the confidentiality by using
the symmetric encryption and message integrity. The message integrity is determined by the
shared password key, which is used in the form of the ‘message authentication code’. During the
alert, there is through a simple warning and if the alert is fatal then there is termination of the
connection. The alert messages are sent using the codes (Kumar, Ashok & Subramanian, 2012).
IP Security Application
This application is an agenda of the open standards that ensure private and secure
communications over the internet protocol networks using the cryptographic protection services.
CASE STUDY
provided to the client and the server for the encryption of the messages. For the purpose of the
encryption the Kerberos uses DES that is the data encryption standard. The customer or the client
has make a request for the ticket granting service from the application and then this application
sends the ticket to the respective client that has the encryption of the client password key. The
generation of the authenticators by the client is done by sharing the password keys. If the
credentials provided by the client are approved, then the server grants access to the service
(Mahajan & Sachdeva, 2013). There is a possibility to replace all the client Kerberos software
with a version, which records the passwords.
Web Security Standards
These use the SSL (Secure Socket Layer) protocol for providing a reliable and secure
service on the Transmission Control Protocol. The web security threats are located at the server
or the customer and include passive and active attacks. The passive attacks comprises of the
access to the network traffic between the browser and the server and accessing the restricted
information. The active attacks comprise of the impersonation as another user and alteration of
the messages and the information on a website. There are security parameters to define the
association between the browser and the server. There is provision of the confidentiality by using
the symmetric encryption and message integrity. The message integrity is determined by the
shared password key, which is used in the form of the ‘message authentication code’. During the
alert, there is through a simple warning and if the alert is fatal then there is termination of the
connection. The alert messages are sent using the codes (Kumar, Ashok & Subramanian, 2012).
IP Security Application
This application is an agenda of the open standards that ensure private and secure
communications over the internet protocol networks using the cryptographic protection services.
6
CASE STUDY
This security is a collection of protection services that are cryptography based. The
authentication and the privacy mechanisms of the protected internet protocol provide the basis
for the security strategy for the individuals (Park et al., 2012). There is protection of the pair of
hosts and security gateways. There is the provision of the authentication of the origin of the data,
encryption that ensures the data is not leaked and the data has not been changed on the way.
There is also detection of the things that are received more than once so help to protect against
the defiance of the service attacks. The implementation of this application enables the provision
of a strong security. This application is below the transport layer and is transparent in nature. The
implementation of this application in the end system does not affect the upper layer software and
the applications. This application also provides security to the individual users if required.
Expansion Opportunities of the Company
The Company at present and compiling the recent scenario is exploring option to expand
its business opportunities in the next five years to its other branches within the information and
the communication technology. The Company also plans to expand its business to all parts of
Australia and if possible overseas also (Franke & Brynielsson, 2014). The future options of this
organization are to diversify the business to provide the ongoing information and the network
security services to the various businesses, which have a presence on the online platform. This
will require management of the online security of those organizations, websites and the database
of the clients. The world is changing at a pace and there are risks to the information assets of the
businesses and the individuals. Online applications, cloud computing and the mobility are the
new technologies that are adopted as the value of the information is high and is a major
organizational asset. The incidents of the cyber attacks, cyber spying, ransomware, threats of the
insider are reported frequently. The immunity to these security breaches is low hence, the usage
CASE STUDY
This security is a collection of protection services that are cryptography based. The
authentication and the privacy mechanisms of the protected internet protocol provide the basis
for the security strategy for the individuals (Park et al., 2012). There is protection of the pair of
hosts and security gateways. There is the provision of the authentication of the origin of the data,
encryption that ensures the data is not leaked and the data has not been changed on the way.
There is also detection of the things that are received more than once so help to protect against
the defiance of the service attacks. The implementation of this application enables the provision
of a strong security. This application is below the transport layer and is transparent in nature. The
implementation of this application in the end system does not affect the upper layer software and
the applications. This application also provides security to the individual users if required.
Expansion Opportunities of the Company
The Company at present and compiling the recent scenario is exploring option to expand
its business opportunities in the next five years to its other branches within the information and
the communication technology. The Company also plans to expand its business to all parts of
Australia and if possible overseas also (Franke & Brynielsson, 2014). The future options of this
organization are to diversify the business to provide the ongoing information and the network
security services to the various businesses, which have a presence on the online platform. This
will require management of the online security of those organizations, websites and the database
of the clients. The world is changing at a pace and there are risks to the information assets of the
businesses and the individuals. Online applications, cloud computing and the mobility are the
new technologies that are adopted as the value of the information is high and is a major
organizational asset. The incidents of the cyber attacks, cyber spying, ransomware, threats of the
insider are reported frequently. The immunity to these security breaches is low hence, the usage
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CASE STUDY
of the applications that specialize in the information and the network security area is necessary.
Before the consideration for expansion of the business, there are some points to be kept in mind.
The managing of the new locations for the expansion is necessary (Barnaghi et al., 2012). There
has to be the managing of the energy and the resources between the new and the old locations. It
has to be kept in mind if the expanding entity will be a separate entity or subsidiary of the main
Company. The tax implications and the policies have to be kept in mind. A comprehensive
analysis of the financial investment is important. The information about the competitors and their
operations is necessary. The performance of the competitors also has to be tracked and analyzed.
To expand the business a few strategies have to be followed:
A market segmentation analysis has to be done firstly. The SWOT analysis of the
Organization has to be performed before the expansion of the Company all over Australia
and overseas.
There has to be a development of a strategy and a business plan.
The setting of the reasonable goals to measure the progress and the cost benefits has to be
done by the management.
The tactical project has to be planned with commitment of the dates.
The government and the industry specific regulations have to be ensured and reviewed
with proper certifications.
Off shelf software and in-house products
The off-shelf software has a lower up-front cost that contains the features that is required.
The support can be added with the maintenance contract and the upgrades are provided at a
reduced cost. If the software is a software-as-a-service them there is o requirement of installation
of hardware or software (Barnaghi et al., 2012). The customization may be started with the
CASE STUDY
of the applications that specialize in the information and the network security area is necessary.
Before the consideration for expansion of the business, there are some points to be kept in mind.
The managing of the new locations for the expansion is necessary (Barnaghi et al., 2012). There
has to be the managing of the energy and the resources between the new and the old locations. It
has to be kept in mind if the expanding entity will be a separate entity or subsidiary of the main
Company. The tax implications and the policies have to be kept in mind. A comprehensive
analysis of the financial investment is important. The information about the competitors and their
operations is necessary. The performance of the competitors also has to be tracked and analyzed.
To expand the business a few strategies have to be followed:
A market segmentation analysis has to be done firstly. The SWOT analysis of the
Organization has to be performed before the expansion of the Company all over Australia
and overseas.
There has to be a development of a strategy and a business plan.
The setting of the reasonable goals to measure the progress and the cost benefits has to be
done by the management.
The tactical project has to be planned with commitment of the dates.
The government and the industry specific regulations have to be ensured and reviewed
with proper certifications.
Off shelf software and in-house products
The off-shelf software has a lower up-front cost that contains the features that is required.
The support can be added with the maintenance contract and the upgrades are provided at a
reduced cost. If the software is a software-as-a-service them there is o requirement of installation
of hardware or software (Barnaghi et al., 2012). The customization may be started with the
8
CASE STUDY
minimum necessary requirements and can be added on later. This can be also tailored according
to the needs and the processes of the organization. The desired changes can be made quickly.
However, there is high initial cost involved. Most of the changes and the features that will be
requested will have to be paid. The ramping up of the new developers may incur additional costs.
While the in-house software will be produced by the organization that may later be available for
the commercial use and be on the solitary judgment of the organization, which is developing.
The need to develop this software is when there is the non-availability of the software in the
market. Both the customization of the off shelf software and the development of the in-house
software has its pros and cons but the customization of the off-shelf software will enable the
Company in the opportunity to expand its business (Choo, 2014).
Reasons for Success
The ‘security adults’ helps to identify the security risks and the validation of the
protection devices. The security adults enable the laying of the groundwork for identification to
secure the infrastructure. These also provide the objective insight on the effectiveness of the
complete security program (Barnaghi et al., 2012). The ‘managing security’ helps to manage the
security flaws. There is the maintenance and administration along with the reliable monitoring
and evaluation of the events, which take place on a daily basis. The advancement in the security
management software has reduced the responsibilities of the security personnel. The ‘security
policy’ is another reason for the success of the organization. The company has an information
security policy and the company expects to conduct it themselves with the matters that affect the
security position of the business. Some policies are related to security and the other policies are
in terms of their impact to the security risks regarding to the non-IT employees. The security is
classified as the deep technology category and there is the use of the complex techniques that
CASE STUDY
minimum necessary requirements and can be added on later. This can be also tailored according
to the needs and the processes of the organization. The desired changes can be made quickly.
However, there is high initial cost involved. Most of the changes and the features that will be
requested will have to be paid. The ramping up of the new developers may incur additional costs.
While the in-house software will be produced by the organization that may later be available for
the commercial use and be on the solitary judgment of the organization, which is developing.
The need to develop this software is when there is the non-availability of the software in the
market. Both the customization of the off shelf software and the development of the in-house
software has its pros and cons but the customization of the off-shelf software will enable the
Company in the opportunity to expand its business (Choo, 2014).
Reasons for Success
The ‘security adults’ helps to identify the security risks and the validation of the
protection devices. The security adults enable the laying of the groundwork for identification to
secure the infrastructure. These also provide the objective insight on the effectiveness of the
complete security program (Barnaghi et al., 2012). The ‘managing security’ helps to manage the
security flaws. There is the maintenance and administration along with the reliable monitoring
and evaluation of the events, which take place on a daily basis. The advancement in the security
management software has reduced the responsibilities of the security personnel. The ‘security
policy’ is another reason for the success of the organization. The company has an information
security policy and the company expects to conduct it themselves with the matters that affect the
security position of the business. Some policies are related to security and the other policies are
in terms of their impact to the security risks regarding to the non-IT employees. The security is
classified as the deep technology category and there is the use of the complex techniques that
9
CASE STUDY
includes the block chain. The fusion of the technical expertise with the domain expertise is a
powerful combination (Alrajeh, Khan & Shams, 2013).
Probable reasons for Failure
There may be common misconceptions arising in the organization. There has to be the
availability of the latest data-loss prevention tool with the organization. The fundamental issue
within the culture of the organization that may cause some risks to arise is a problem. The
applications of the traditional security strategies also tend to give rise to risks. These traditional
security methods do not provide the visibility f the different risks. There is security risk in the
culture and the enforcement area also. There are certain manners and activities, which correlate
to the likelihood of a breach-taking place (Vacca, 2012). There has to be the provision of the
necessary data that support the strategic decision-making, if these are not provided then risks will
arise which may lead to the failure. The choice overload may also be a reason for the failure of
the plan to expand the business (Barnaghi et al., 2012). The underinvestment for this plan for
expansion may lead to the failure of the expansion plan. There can be threats by the hackers and
of the cyber breaches. The organization has to be prepared for these threats and attacks. It will be
impossible to respond to each one of the reported attacks but the company has to be alert at every
moment.
Conclusion
Thereby the following report is an investigation of the possibility of the expansion of the
business. The following report gives the discussion regarding the information and the security
functions that are there in the market at hand and its uses. The report has provided with a focus
on the protection and the technical aspects of the advantages and the risks involved. The
CASE STUDY
includes the block chain. The fusion of the technical expertise with the domain expertise is a
powerful combination (Alrajeh, Khan & Shams, 2013).
Probable reasons for Failure
There may be common misconceptions arising in the organization. There has to be the
availability of the latest data-loss prevention tool with the organization. The fundamental issue
within the culture of the organization that may cause some risks to arise is a problem. The
applications of the traditional security strategies also tend to give rise to risks. These traditional
security methods do not provide the visibility f the different risks. There is security risk in the
culture and the enforcement area also. There are certain manners and activities, which correlate
to the likelihood of a breach-taking place (Vacca, 2012). There has to be the provision of the
necessary data that support the strategic decision-making, if these are not provided then risks will
arise which may lead to the failure. The choice overload may also be a reason for the failure of
the plan to expand the business (Barnaghi et al., 2012). The underinvestment for this plan for
expansion may lead to the failure of the expansion plan. There can be threats by the hackers and
of the cyber breaches. The organization has to be prepared for these threats and attacks. It will be
impossible to respond to each one of the reported attacks but the company has to be alert at every
moment.
Conclusion
Thereby the following report is an investigation of the possibility of the expansion of the
business. The following report gives the discussion regarding the information and the security
functions that are there in the market at hand and its uses. The report has provided with a focus
on the protection and the technical aspects of the advantages and the risks involved. The
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
CASE STUDY
respective Company is a small software organization that was established less than five years
ago. The software organization is based in Melbourne. The company deals with the expansion
and the customization of the applications that concentrate in the information and the network
security area. The Company at present and compiling the recent circumstances is exploring
option to increase its production opportunities in the next five years to its other branches within
the information and the communication technology. The events of the cyber attacks, cyber
spying, ransomware, threats of the insider are reported frequently. The immunity to these
protection breaches is low hence, the usage of the applications that focus in the information and
the network security area is necessary. Before the deliberation for expansion of the business,
there are some points to be kept in mind, which have been discussed in the report. The managing
of the new locations for the expansion is necessary. There has to be the managing of the energy
and the resources between the new and the old locations. The network security is effective and
manages the access to the network. The duty of the network security is to target the threats and
stops them from spreading to the network of an individual.
Recommendations
1. There should be the implementation of the network segmentation. This comprises of the
classifying and the categorizing of the information and technology assets, data and the
employees into definite groups. The placing of the resources in the different areas of the
network of the organization will not allow the exploitation of the entire system. If this is
not there in the system of the Company then the cyber threats will make the organization
vulnerable (Enck et al., 2014).
2. There should be usage of the secure remote access methods, which have the ability to
connect to the network in a remote manner. This enhances the convenience for the end
CASE STUDY
respective Company is a small software organization that was established less than five years
ago. The software organization is based in Melbourne. The company deals with the expansion
and the customization of the applications that concentrate in the information and the network
security area. The Company at present and compiling the recent circumstances is exploring
option to increase its production opportunities in the next five years to its other branches within
the information and the communication technology. The events of the cyber attacks, cyber
spying, ransomware, threats of the insider are reported frequently. The immunity to these
protection breaches is low hence, the usage of the applications that focus in the information and
the network security area is necessary. Before the deliberation for expansion of the business,
there are some points to be kept in mind, which have been discussed in the report. The managing
of the new locations for the expansion is necessary. There has to be the managing of the energy
and the resources between the new and the old locations. The network security is effective and
manages the access to the network. The duty of the network security is to target the threats and
stops them from spreading to the network of an individual.
Recommendations
1. There should be the implementation of the network segmentation. This comprises of the
classifying and the categorizing of the information and technology assets, data and the
employees into definite groups. The placing of the resources in the different areas of the
network of the organization will not allow the exploitation of the entire system. If this is
not there in the system of the Company then the cyber threats will make the organization
vulnerable (Enck et al., 2014).
2. There should be usage of the secure remote access methods, which have the ability to
connect to the network in a remote manner. This enhances the convenience for the end
11
CASE STUDY
users. The encrypted data channel allows for sending and receiving data through the
public infrastructure. With the help of the Virtual Private Network, the users will have
remotely access to their resources.
3. There should be use of strong passwords only to keep the system and the information
secure. The use of different passwords for different accounts will enable better control.
The passwords should have eight characters approximately and the greater number of
characters will need the hackers to guess more. The installation of the new software
should have the ability to change all the passwords with permission of the user.
CASE STUDY
users. The encrypted data channel allows for sending and receiving data through the
public infrastructure. With the help of the Virtual Private Network, the users will have
remotely access to their resources.
3. There should be use of strong passwords only to keep the system and the information
secure. The use of different passwords for different accounts will enable better control.
The passwords should have eight characters approximately and the greater number of
characters will need the hackers to guess more. The installation of the new software
should have the ability to change all the passwords with permission of the user.
12
CASE STUDY
References
Anderson, R., & Moore, T. (2012). The economics of information security. Science, 314(5799),
610-613.
Choo, K. K. R. (2014). A cloud security risk-management strategy. IEEE Cloud
Computing, 1(2), 52-56.
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B. G., Cox, L. P., ... & Sheth, A. N. (2014).
TaintDroid: an information-flow tracking system for realtime privacy monitoring on
smartphones. ACM Transactions on Computer Systems (TOCS), 32(2), 5.
Kim, S. H., Wang, Q. H., & Ullrich, J. B. (2012). A comparative study of
cyberattacks. Communications of the ACM, 55(3), 66-73.
Ren, K., Wang, C., & Wang, Q. (2012). Security challenges for the public cloud. IEEE Internet
Computing, 16(1), 69-73.
Shiravi, H., Shiravi, A., & Ghorbani, A. A. (2012). A survey of visualization systems for
network security. IEEE Transactions on visualization and computer graphics, 18(8),
1313-1329.
Stallings, W. (2012). Cryptography and network security: principles and practices. Pearson
Education India.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
CASE STUDY
References
Anderson, R., & Moore, T. (2012). The economics of information security. Science, 314(5799),
610-613.
Choo, K. K. R. (2014). A cloud security risk-management strategy. IEEE Cloud
Computing, 1(2), 52-56.
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B. G., Cox, L. P., ... & Sheth, A. N. (2014).
TaintDroid: an information-flow tracking system for realtime privacy monitoring on
smartphones. ACM Transactions on Computer Systems (TOCS), 32(2), 5.
Kim, S. H., Wang, Q. H., & Ullrich, J. B. (2012). A comparative study of
cyberattacks. Communications of the ACM, 55(3), 66-73.
Ren, K., Wang, C., & Wang, Q. (2012). Security challenges for the public cloud. IEEE Internet
Computing, 16(1), 69-73.
Shiravi, H., Shiravi, A., & Ghorbani, A. A. (2012). A survey of visualization systems for
network security. IEEE Transactions on visualization and computer graphics, 18(8),
1313-1329.
Stallings, W. (2012). Cryptography and network security: principles and practices. Pearson
Education India.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13
CASE STUDY
Suo, H., Wan, J., Huang, L., & Zou, C. (2012, March). Issues and challenges of wireless sensor
networks localization in emerging applications. In Computer Science and Electronics
Engineering (ICCSEE), 2012 International Conference on (Vol. 3, pp. 447-451). IEEE.
Vacca, J. R. (2012). Computer and information security handbook. Newnes.
CASE STUDY
Suo, H., Wan, J., Huang, L., & Zou, C. (2012, March). Issues and challenges of wireless sensor
networks localization in emerging applications. In Computer Science and Electronics
Engineering (ICCSEE), 2012 International Conference on (Vol. 3, pp. 447-451). IEEE.
Vacca, J. R. (2012). Computer and information security handbook. Newnes.
14
CASE STUDY
Assessment4- portfolio
Annotated Bibliography
Name of the Student
Name of the University
Author Note
CASE STUDY
Assessment4- portfolio
Annotated Bibliography
Name of the Student
Name of the University
Author Note
15
CASE STUDY
Annotated Bibliography
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
William Stallings and Mohit P Tahillani is one of the reputed workers of the Congestion control
mechanism of next generation internet. M P Tahllani is is also an M. Tech in Computer Science
and Engineering from a Visveswaraya Technological University, Belgaum with another B.E. in
computer science also form the same university. This book has given me insight in approaching
in the widespread knowledge use of data processing equipment, the security of information that
are felt to be valuable to an organization. The list of parameter that intrudes the security
measurement of the ERP of an organisation malicious codes, GUI intruder tools and hijacking
information through code attacks this have also been helpful in building a report based on that
detail. Their research on the cited and peer reviewed article is based on the principle and practice
that supports in building a trusted network security systems. The teachings and process of
including a backup security as a precaution of entire security building blocks. Both the authors
are expert in their field and the different authors review the journal.
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B. G., Cox, L. P., ... & Sheth, A. N.
(2014). TaintDroid: an information-flow tracking system for realtime privacy
monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2),
5.
CASE STUDY
Annotated Bibliography
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
William Stallings and Mohit P Tahillani is one of the reputed workers of the Congestion control
mechanism of next generation internet. M P Tahllani is is also an M. Tech in Computer Science
and Engineering from a Visveswaraya Technological University, Belgaum with another B.E. in
computer science also form the same university. This book has given me insight in approaching
in the widespread knowledge use of data processing equipment, the security of information that
are felt to be valuable to an organization. The list of parameter that intrudes the security
measurement of the ERP of an organisation malicious codes, GUI intruder tools and hijacking
information through code attacks this have also been helpful in building a report based on that
detail. Their research on the cited and peer reviewed article is based on the principle and practice
that supports in building a trusted network security systems. The teachings and process of
including a backup security as a precaution of entire security building blocks. Both the authors
are expert in their field and the different authors review the journal.
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B. G., Cox, L. P., ... & Sheth, A. N.
(2014). TaintDroid: an information-flow tracking system for realtime privacy
monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2),
5.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16
CASE STUDY
The seven authors of this article are reputes scholars working in the similar fields. Peter Gilbert
and Landon P Cox are the professor of Duke University and working under the field of
developing the privacy system for businesses. Others are researchers working in university of
Washington, Seoul, and Microsoft research centre. They have discussed in their paper about the
Smartphone operation and visibility in third party application. The automatic taint droid system
enabler, which gives a real-time analysis of privacy system. This has been helpful in determining
the level of private information used in the virtual systems and reliability of input data in
Smartphone applications. The increase in usage of security services of firms seeking to identify
misbehaving applications and how it is useful for small firms like ICT.
Shiravi, H., Shiravi, A., & Ghorbani, A. A. (2012). A survey of visualization systems for
network security. IEEE Transactions on visualization and computer graphics, 18(8),
1313-1329.
This article is co-written by the three authors Hadi Shiravi, the Bachalor in engineering degree in
software from University and science and culture ad also a PhD student on Information Security
Centre of Excellence, University of New Brunswick, Canada. Ali Shiravi is also a BEng degree
holder of Tarbiat Moallem University of Tehran and also a PhD student in the University of
New Brunswick, Canada . Mr. Ali A Ghorbani is a professor of the same university and the
Director of Information Security Centre of Excellence and a coordinator of Privacy, Security and
Trust Network annual conference and computational intelligence. From this article, I have
learned security visualisation, which is security related data processing. This has given me
insight in the company data needs of ICT and related forms. This article was also useful for me
to examine issues and concerns regarding network security visualisations and provided
guidelines for direction for future use.
CASE STUDY
The seven authors of this article are reputes scholars working in the similar fields. Peter Gilbert
and Landon P Cox are the professor of Duke University and working under the field of
developing the privacy system for businesses. Others are researchers working in university of
Washington, Seoul, and Microsoft research centre. They have discussed in their paper about the
Smartphone operation and visibility in third party application. The automatic taint droid system
enabler, which gives a real-time analysis of privacy system. This has been helpful in determining
the level of private information used in the virtual systems and reliability of input data in
Smartphone applications. The increase in usage of security services of firms seeking to identify
misbehaving applications and how it is useful for small firms like ICT.
Shiravi, H., Shiravi, A., & Ghorbani, A. A. (2012). A survey of visualization systems for
network security. IEEE Transactions on visualization and computer graphics, 18(8),
1313-1329.
This article is co-written by the three authors Hadi Shiravi, the Bachalor in engineering degree in
software from University and science and culture ad also a PhD student on Information Security
Centre of Excellence, University of New Brunswick, Canada. Ali Shiravi is also a BEng degree
holder of Tarbiat Moallem University of Tehran and also a PhD student in the University of
New Brunswick, Canada . Mr. Ali A Ghorbani is a professor of the same university and the
Director of Information Security Centre of Excellence and a coordinator of Privacy, Security and
Trust Network annual conference and computational intelligence. From this article, I have
learned security visualisation, which is security related data processing. This has given me
insight in the company data needs of ICT and related forms. This article was also useful for me
to examine issues and concerns regarding network security visualisations and provided
guidelines for direction for future use.
17
CASE STUDY
Barnaghi, P., Wang, W., Henson, C., & Taylor, K. (2012). Semantics for the Internet of
Things: early progress and back to the future. International Journal on Semantic
Web and Information Systems (IJSWIS), 8(1), 1-21.
Professor Payam Barnaghi and Wei Wang of University of Surrey from UK have discussed the
core matter of semantics of web and information technologies. The co-writer of this article is
professor of Wright State University in USA and Kerry Taylor, is the member of Commonwealth
scientific and Industrial Research organisation, ICT Centre in Australia. Internet of things has
recently gained the attention of both academic and technological industry. This concept has
helped me in taking insights on the future internet aspects. As a device manufacturer, building
efficient hardware device is essential for preventing cyber attacks and communication has same
influence in internet world. Semantic and technologies for processing information is of dire need
of this industry. The article also discusses the developments and application of technologies. The
challenges and generic solution of processing techniques of systems in the journal they have
shared, integrate and developed according the technologies and Internet of Things have given me
the review to consider some key recommendation to the staff for ICT.
Alrajeh, N. A., Khan, S., & Shams, B. (2013). Intrusion detection systems in wireless sensor
networks: a review. International Journal of Distributed Sensor Networks, 9(5),
167575.
Nabil Ali Alrajeh is the senior author of the article and is a professor of the Biomedical
Technology Department, College of Applied Medical Sciences, King Saud University, Riyadh,
Saudi Arabia. S khan is the co-writer of this assignment is also a professor of the Institute of
CASE STUDY
Barnaghi, P., Wang, W., Henson, C., & Taylor, K. (2012). Semantics for the Internet of
Things: early progress and back to the future. International Journal on Semantic
Web and Information Systems (IJSWIS), 8(1), 1-21.
Professor Payam Barnaghi and Wei Wang of University of Surrey from UK have discussed the
core matter of semantics of web and information technologies. The co-writer of this article is
professor of Wright State University in USA and Kerry Taylor, is the member of Commonwealth
scientific and Industrial Research organisation, ICT Centre in Australia. Internet of things has
recently gained the attention of both academic and technological industry. This concept has
helped me in taking insights on the future internet aspects. As a device manufacturer, building
efficient hardware device is essential for preventing cyber attacks and communication has same
influence in internet world. Semantic and technologies for processing information is of dire need
of this industry. The article also discusses the developments and application of technologies. The
challenges and generic solution of processing techniques of systems in the journal they have
shared, integrate and developed according the technologies and Internet of Things have given me
the review to consider some key recommendation to the staff for ICT.
Alrajeh, N. A., Khan, S., & Shams, B. (2013). Intrusion detection systems in wireless sensor
networks: a review. International Journal of Distributed Sensor Networks, 9(5),
167575.
Nabil Ali Alrajeh is the senior author of the article and is a professor of the Biomedical
Technology Department, College of Applied Medical Sciences, King Saud University, Riyadh,
Saudi Arabia. S khan is the co-writer of this assignment is also a professor of the Institute of
18
CASE STUDY
Information Technology, Kohat University of Science and Technology Kohat in Pakistan. In this
article, he has discussed the wireless network systems and how to collect relevant information
from the surrounding environment. The Intrusion detection systems play an important role and
this detection system has open research problems related to security. The WSNs are quite
vulnerable in security attacks and preventing the detection system from its security role. This has
given me useful insights if the security measures, if integrated wireless system can be useful for
ICT. The IDS system has been helpful in taking a different perspective of security importance in
an organization.
Franke, U., & Brynielsson, J. (2014). Cyber situational awareness–a systematic review of
the literature. Computers & Security, 46, 18-31.
The author of this article, Ulrik Franke is a senior scientist at Swedish Research Agency and
Enterprise infrastructure. His area of expertise lies in the national security and ICT politics. He
also have published some articles in network and service management. Joel Brynielsson is also a
scientist in the same research centre and an adjunct associate professor at the Royal Institute of
Technology and a PhD in computer science. They have thoroughly discussed the situational
awareness of the attracting much attention and national cyber strategies that they apply in
national system security measures. This has also helped me in taking into consideration about
scientific literature review discussed on the cyber situational awareness. The systematic queries
of leading scientific databases also discussed in the paper. The cyber strategies in science and
direction on future use to build a social awareness of the future research are also used as a
reference in the paper. National cyber strategies are also discussed in the paper.
CASE STUDY
Information Technology, Kohat University of Science and Technology Kohat in Pakistan. In this
article, he has discussed the wireless network systems and how to collect relevant information
from the surrounding environment. The Intrusion detection systems play an important role and
this detection system has open research problems related to security. The WSNs are quite
vulnerable in security attacks and preventing the detection system from its security role. This has
given me useful insights if the security measures, if integrated wireless system can be useful for
ICT. The IDS system has been helpful in taking a different perspective of security importance in
an organization.
Franke, U., & Brynielsson, J. (2014). Cyber situational awareness–a systematic review of
the literature. Computers & Security, 46, 18-31.
The author of this article, Ulrik Franke is a senior scientist at Swedish Research Agency and
Enterprise infrastructure. His area of expertise lies in the national security and ICT politics. He
also have published some articles in network and service management. Joel Brynielsson is also a
scientist in the same research centre and an adjunct associate professor at the Royal Institute of
Technology and a PhD in computer science. They have thoroughly discussed the situational
awareness of the attracting much attention and national cyber strategies that they apply in
national system security measures. This has also helped me in taking into consideration about
scientific literature review discussed on the cyber situational awareness. The systematic queries
of leading scientific databases also discussed in the paper. The cyber strategies in science and
direction on future use to build a social awareness of the future research are also used as a
reference in the paper. National cyber strategies are also discussed in the paper.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
19
CASE STUDY
Park, D. H., Kim, H. K., Choi, I. Y., & Kim, J. K. (2012). A literature review and
classification of recommender systems research. International journal of Expert
Systems with Applications, 39(11), 10059-10072.
The co-writer of this article is Deuk Hee Park and is a professor of Kyung-Hee University,
department of system management. Mr. Kyeong Kim is also a colleague of the professor in the
same department. They have discussed the recommender system and conducted a field research
in a company. The emergence of collaborative filtering in information system is one of the
research classification techniques they have reviewed from the paper. The data mining
techniques, link analysis, neutral network system, regression, and other heuristic methods have
also been discussed in the system. The has been helpful in identifying the main criteria of using a
cyber attack preventing system for corruption. Being careful and performing private key
operations in cryptosystems is known as a decipher texting and using applications for
customising program is known as protection algorithm. These algorithms are used as a building
block of system protection plan, which has been helpful in building an expert system in ICT. The
recommendations have been helpful from this article.
Mahajan, P., & Sachdeva, A. (2013). A Study of Encryption Algorithms AES, DES and
RSA for security. Global Journal of Computer Science and Technology.
The peer reviewed article of network security and encryption solution has an important role in
information security. The protection of shared data is done through cryptography and secured
data is shared through rework. Data transmission is encrypt technique like AES, DES, RSA
algorithms are compared and performance of encryption techniques are based on the analysis is
is effective for information system of an organization. This detail has helped me in taking
CASE STUDY
Park, D. H., Kim, H. K., Choi, I. Y., & Kim, J. K. (2012). A literature review and
classification of recommender systems research. International journal of Expert
Systems with Applications, 39(11), 10059-10072.
The co-writer of this article is Deuk Hee Park and is a professor of Kyung-Hee University,
department of system management. Mr. Kyeong Kim is also a colleague of the professor in the
same department. They have discussed the recommender system and conducted a field research
in a company. The emergence of collaborative filtering in information system is one of the
research classification techniques they have reviewed from the paper. The data mining
techniques, link analysis, neutral network system, regression, and other heuristic methods have
also been discussed in the system. The has been helpful in identifying the main criteria of using a
cyber attack preventing system for corruption. Being careful and performing private key
operations in cryptosystems is known as a decipher texting and using applications for
customising program is known as protection algorithm. These algorithms are used as a building
block of system protection plan, which has been helpful in building an expert system in ICT. The
recommendations have been helpful from this article.
Mahajan, P., & Sachdeva, A. (2013). A Study of Encryption Algorithms AES, DES and
RSA for security. Global Journal of Computer Science and Technology.
The peer reviewed article of network security and encryption solution has an important role in
information security. The protection of shared data is done through cryptography and secured
data is shared through rework. Data transmission is encrypt technique like AES, DES, RSA
algorithms are compared and performance of encryption techniques are based on the analysis is
is effective for information system of an organization. This detail has helped me in taking
20
CASE STUDY
insights in the matter of ICT security system. The more it is used in the communication the less
the vulnerability of the company information security. Ms. Prerna Mahajon and Abhishek
Sachdeva are association professor of IITM, India. Encryption and cryptography solution is there
area of expertise. The well known technology of the combination data and cipher text retrieval is
of great use provided they are in this format is discussed in the paper.
Panda, M., Abraham, A., & Patra, M. R. (2012). A hybrid intelligent approach for network
intrusion detection. Procedia Engineering, 30, 1-9.
Mrityunjay Panda professor of Gandhi Institute of Technological advances, Bhubaneswar, India
is a EC engineer and Ajith Abraham of the Machine Intelligence research Labs, WA, USA is
also a reputed former professor of the same university. Both conducted a research in the
procedurance of engineering department and computer network study in growing internet world.
Manas Ranjan Patra is the co-associate in Behrampur University, department of computer
science. The most intrusion detection system IDSs are network specific anomalous that gives an
insight to the filtering process of overall protection performance. The general procedure in this is
to follow the supervised or un-supervised data filtering with classifier or clusterer first overall
training dataset and then the output is applied to another classifier to classify the data. The
strategy of the similar validation of data has also given men insights to normal and classified
intrusion sources. The hybrid approach to network intrusion detection.
Kumar, P. S., Ashok, M. S., & Subramanian, R. (2012). A publicly verifiable dynamic
secret sharing protocol for secure and dependable data storage in cloud
CASE STUDY
insights in the matter of ICT security system. The more it is used in the communication the less
the vulnerability of the company information security. Ms. Prerna Mahajon and Abhishek
Sachdeva are association professor of IITM, India. Encryption and cryptography solution is there
area of expertise. The well known technology of the combination data and cipher text retrieval is
of great use provided they are in this format is discussed in the paper.
Panda, M., Abraham, A., & Patra, M. R. (2012). A hybrid intelligent approach for network
intrusion detection. Procedia Engineering, 30, 1-9.
Mrityunjay Panda professor of Gandhi Institute of Technological advances, Bhubaneswar, India
is a EC engineer and Ajith Abraham of the Machine Intelligence research Labs, WA, USA is
also a reputed former professor of the same university. Both conducted a research in the
procedurance of engineering department and computer network study in growing internet world.
Manas Ranjan Patra is the co-associate in Behrampur University, department of computer
science. The most intrusion detection system IDSs are network specific anomalous that gives an
insight to the filtering process of overall protection performance. The general procedure in this is
to follow the supervised or un-supervised data filtering with classifier or clusterer first overall
training dataset and then the output is applied to another classifier to classify the data. The
strategy of the similar validation of data has also given men insights to normal and classified
intrusion sources. The hybrid approach to network intrusion detection.
Kumar, P. S., Ashok, M. S., & Subramanian, R. (2012). A publicly verifiable dynamic
secret sharing protocol for secure and dependable data storage in cloud
21
CASE STUDY
computing. International Journal of Cloud Applications and Computing
(IJCAC), 2(3), 1-25.
A verified source of dependable secure source protocol is discussed in the article. This has also
given me insight to incorporating the cloud storage facility incorporation in management
information system. The article is peer reviewed from the International Journal of Cloud and
computing. The security challenges as in confidentiality, integrity and availability of the data and
analysis of the scheme. The probabilistic proof of integrity of data and challenging random
blocks of efficiency of existing schemes, which may not be efficient in building a index table
program of shortened data is also helpful in viewing the system. Their scheme takes advantages
of both Secret Sharing and Tornado code, which can achieve the computational security and
maintain low communication overhead in terms of shortened data dispersing size. P. Syam
Kumar and Marie Stanislas Ashok of Pondicherry University, India is the main author of this
article and R. Subramanian is from the same university an adjunct professor.
CASE STUDY
computing. International Journal of Cloud Applications and Computing
(IJCAC), 2(3), 1-25.
A verified source of dependable secure source protocol is discussed in the article. This has also
given me insight to incorporating the cloud storage facility incorporation in management
information system. The article is peer reviewed from the International Journal of Cloud and
computing. The security challenges as in confidentiality, integrity and availability of the data and
analysis of the scheme. The probabilistic proof of integrity of data and challenging random
blocks of efficiency of existing schemes, which may not be efficient in building a index table
program of shortened data is also helpful in viewing the system. Their scheme takes advantages
of both Secret Sharing and Tornado code, which can achieve the computational security and
maintain low communication overhead in terms of shortened data dispersing size. P. Syam
Kumar and Marie Stanislas Ashok of Pondicherry University, India is the main author of this
article and R. Subramanian is from the same university an adjunct professor.
1 out of 22
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.