Research Report: Application Security Analysis - MITS5004 Unit

Verified

Added on 2022/11/18

AI Summary

This report provides a comprehensive analysis of application security, focusing on the critical aspects of network security, data protection, and software security. The report begins with an introduction to the concept of application security and then proceeds to critique the article "Application security: Building in security during the development stage" by A. Main. The critique examines the article's intention, content, and the issues highlighted, such as third-party interferences, data transit threats, and VPN vulnerabilities. The report discusses the results of the article, emphasizing the categories associated with application security (network security, data security, and software protection) and their significance in maintaining application security. The report also explores the threats associated with these categories and the proposed solutions, including the use of cryptography and the importance of planning for secure network infrastructure. The report concludes by summarizing the importance of application security and the need for robust security models to protect data within network servers and the overall network infrastructure. The report uses IEEE style citations and is approximately 1500 words in length.

Running head: APPLICATION SECURITY
APPLICATION SECURITY
Name of the student:
Name of the university:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1APPLICATION SECURITY
Table of Contents
1.0 Introduction..........................................................................................................................2
2.0 Article Critique.....................................................................................................................2
2.1 Intention and Content of the article..................................................................................2
2.2 Issues highlighted in this context.....................................................................................4
2.3 Discussing the results.......................................................................................................5
3.0 Conclusion............................................................................................................................6
4.0 References............................................................................................................................7

2APPLICATION SECURITY
1.0 Introduction
The overall network system is depicted to be useful for the effective transmission of
data from a source to its recipient. The delivery of the messages that carries information is to
be maintained as well as the integrity and the security of the data is to be kept in respect to
the transmission of data. This significant report tends to provide a clear reflection in respect
to the overall details of the application security development for the data that are present
within the network systems that are used for the information exchange. The application
security concept will be critically evaluated in respect to the data transmission as well as the
potential relevance to the significant security of the data; the security related to work that is
being carried out as well as the protection of the overall software.
2.0 Article Critique
The significant article that is to be analysed in this report is depicted as “A. Main,
Application security: Building in security during the development stage. Information Systems
Security, 13(2), pp.31-37., 2004”.
2.1 Intention and Content of the article
The main purpose of the article revolves round the fact of application security in
respect to the applications that are used for the transmission of the data within the various
parts of the network. The article certainly deals with the overall application that are present
within the network as well as used for the enhanced transmission of data within the
environment of highly distributed architecture [1]. Providing the enhanced security within the
environment of the networked information systems is depicted to be useful for the protection
of data as well as the implication of the cryptographic theory. The overall article intends to
provide a critical assessment in respect to the security of the network in which the possible
risks are also judged for the betterment of the transmission of data. The potential evaluation

3APPLICATION SECURITY
of the noteworthy security of the implied information systems as well as providing a clear
assessment of the threats associated with this area of information system is depicted to be
well evaluated within the article [6]. The current trends with respect to the security of the
applications as well as the technological advancements within these fields are also identified
within the article. The main motive of the article thus can be identified as the fact of gaining
the significant competitive advantage with respect to the application security thus adhering
the fact of the communication channels as well as the possible risks and it detailed overview
in respect to the data transmission within the overall network channels present in the
specified information systems [11].
The article significantly describes the overall categories that are potentially related
with the concept of application security. This category is predominantly divide into network
security, protection of software as well as security of data. The category of network security
is depicted to address the overall external attacks that can hamper the overall resources with
respect to the firewall tampering [4]. This category provides a significant layer of protection
in respect to the overall services within the network. The intrusion detection systems in
respect to the network security services is depicted within the article thus critically assessing
the virus. The potential threat to the network may be observed to be generated in respect to
the external as well as the internal factors.
The next category that is analysed within the article is related with the security of the
data that are transferred with the network. The usage of the cryptography technology has
included the overall solution for keeping the significant integrity as well as the confidentiality
of the overall data [8]. The potential threats related with the security of the data is identified
from both the inside as well as the outside layer of the firewall that are attached within a
particular network. The authorization of the VPN’s are also necessary in respect to the fact of
maintaining the security of the data that are being transferred within the network.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4APPLICATION SECURITY
The last category that deals with the overall management of the application security is
depicted to be the concept of software protection. This includes the significant protection of
the overall services that are provided as well as focused by the relevant software used within
the system [2]. The potential attacks that can be considered in respect to the protection of the
overall data is depicted to be specified with in the article.
The relevant usage of the cryptography in respect to the security of the overall
information associated with the transmission within the network is critically assessed within
the article. The overall selection of the cryptographic tools as well as the overall usage of the
significant software models in respect to prevent the potential threats not to hit the network
servers is depicted within the article [9]. The evolution of the threat models presented within
the article tends to provide a clear overview to the potential data tamper that flows within the
network. The encryption model used for the noteworthy security of the overall data is
identified to be important in respect to the security of the whole application.
The article also provides a clear reflection of the possible issues that may occur within
the network, further providing effective solutions in respect to the overall data that are being
transmitted within the network. These solutions are depicted to be useful in respect to the
security of the applications.
2.2 Issues highlighted in this context
The potential issue that are being significantly highlighted in the overall articles
revolves round the fact of the application as well as the data security of the information that
are being relevantly transmitted within the different nodes of the network [8]. The potential
issue that are defined within the article is depicted as the third party interferences within the
firewall of the network as well as the threats to the data that are within the transit. Moreover,
the protection against the threats are also identified in respect to the overall determination of

5APPLICATION SECURITY
the data security and integrity that flows with a network infrastructure [7]. The significant
VPN that is depicted in regards to the network security is also an important area from which
data transmission issues may occur or the data may be tampered.
2.3 Discussing the results
The significant results that are being highlighted within the selected article that there
are potential threats related to application theory. The overall categories that are associated
with the application security [3]. These security categories are defined as the network
security, security of data as well as protection of software. These categories are noteworthy in
respect to maintain the security of the application. The disruptive services with the non-
maintenance of the security in respect to the application is depicted to be an important sector
of data security. The application security threat models defines the overall sectors, which are
associated with important in accordance to the security of the application [10]. The
noteworthy sector associated with the Digital Rights Management tends to help the users with
the security of some specified users. This system allows the users to secure their overall data
with the significant encryption of the data that are being transmitted within the network
modes. The article also depicts that planning is an important area that is to be focused while
the secure network infrastructure is being implemented within a network server. The potential
designs are significantly design the automated tools, which further helps in the maintenance
of the security in respect to the applications [5]. The development of the important techniques
in respect to adhere the threats that may hit the overall application with the network as well as
the data security is a noteworthy approach for the enhancement of the application security.
The secret algorithm that is depicted within the projects associated with the defense
department is identified as one of the technique in respect to the security of the application.
The usage of the cryptographic technique in respect to the security of the data within the

6APPLICATION SECURITY
application is one of the enhanced technique for the maintenance of security in respect to the
applications.
3.0 Conclusion
Thus, the overall report states the need in respect to the security within the
application. Moreover, the categories that are identified with respect to the focus of the
sectors within the application security are depicted as important. The sectors that are
highlighted within the application security deals with the security of data, the protection of
the software as well as security of the network. The potential threats associated with the
significant sectors are depicted as the important issues highlighted within the article and are
provided with the noteworthy solutions for the enhancement of the application security. Thus,
it can be concluded that the overall issues as well as the solutions provided within the article
clearly suggests the importance of the application security. These security models tends to
focus on the network servers thus enhancing the security of the overall data that are being
transmitted within the network serves as well as the whole network model aligned with the
network server infrastructure.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7APPLICATION SECURITY
4.0 References
[1] A. Main, Application security: Building in security during the development stage.
Information Systems Security, 13(2), pp.31-37.”, 2004.
[2] D., He, S. Chan and M. Guizani, Mobile application security: malware threats and
defenses. IEEE Wireless Communications, 22(1), pp.138-144, 2015.
[3] H.C., Huang, Z.K., Zhang, H.W. Cheng and S.W., Shieh, Web application security:
threats, countermeasures, and pitfalls. Computer, (6), pp.81-85, 2017.
[4] C. Joshi and U.K., Singh, Performance evaluation of web application security scanners for
more effective defense. International Journal of Scientific and Research Publications
(IJSRP), 6(6), pp.660-667, 2016.
[5] A., Rahman, P., Pradhan, A. Partho and L., Williams, Predicting Android application
security and privacy risk with static code metrics. In 2017 IEEE/ACM 4th International
Conference on Mobile Software Engineering and Systems (MOBILESoft) (pp. 149-153).
IEEE, 2017, May.
[6] S., Zhu, L. Lu and K., Singh, Case: Comprehensive application security enforcement on
cots mobile devices. In Proceedings of the 14th Annual International Conference on Mobile
Systems, Applications, and Services (pp. 375-386). ACM, 2016, June.
[7] R., Bhattarai, G. Joyce and S., Dutta, Information security application design:
understanding your users. In International Conference on Human Aspects of Information
Security, Privacy, and Trust (pp. 103-113). Springer, Cham, 2016, July.
[8] D., Tse, B., Zhang, Y., Yang, C. Cheng and H., Mu, Blockchain application in food
supply information security. In 2017 IEEE International Conference on Industrial
Engineering and Engineering Management (IEEM) (pp. 1357-1361). IEEE, 2017, December.

8APPLICATION SECURITY
[9] C. Joshi and U.K., Singh, Security testing and assessment of vulnerability scanners in
quest of current information security landscape. International Journal of Computer
Applications, 145(2), pp.1-7, 2016.
[10] S. Salva and S.R., Zafimiharisoa, APSET, an Android aPplication SEcurity Testing tool
for detecting intent-based vulnerabilities. International Journal on Software Tools for
Technology Transfer, 17(2), pp.201-221, 2015.
[11] A.M., Hasan, D.T., Meva, A.K. Roy and J., Doshi, Perusal of web application security
approach. In 2017 International Conference on Intelligent Communication and
Computational Techniques (ICCT) (pp. 90-95). IEEE, 2017, December.
[12] S.E., Idrissi, N., Berbiche, F. Guerouate, and M., Shibi, Performance evaluation of web
application security scanners for prevention and protection against vulnerabilities.
International Journal of Applied Engineering Research, 12(21), pp.11068-11076, 2017.