Physical and Environmental Security Policy Research

Verified

Added on 2023/06/03

AI Summary

This assignment is an annotated bibliography focusing on physical and environmental security policies, a key section within information security. The student researched four relevant academic papers to aid in developing such policies, as required by the ENGR8762 Computer Networks and Cybersecurity course. The selected papers cover diverse aspects of security, including cloud computing, cyber systems resilience, information security risk control, and the security challenges within the Internet of Things (IoT). The first paper analyzes security issues in cloud computing, emphasizing vulnerabilities and countermeasures. The second paper explores resilience metrics for cyber systems, highlighting human factors and risk management. The third paper presents a hybrid model for information security risk control assessment, incorporating techniques like DEMATEL, VIKOR, and ANP. The final paper discusses the evolving security landscape of the IoT and the need for new approaches to address the growing number of devices and vulnerabilities. The bibliography provides summaries of each paper, including key findings and methodologies, making it a valuable resource for anyone studying or working in the field of cybersecurity.

Running head: PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
Physical and Environmental Security Policy
Name of the Student
Name of the University
Author’s note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), p.5.
The article is chosen from the Journal of Internet Services and Applications. The article
discusses about the topic based on Cloud Computing. The environment of cloud computing have
provided a cost-effective, flexible and a proper form of delivery platform for the different
business and IT organizations. With the great forms of inventions and latest developments, there
have also been some form of additional forms of risk that have been added within the platform.
Hashizume et al. (2013) have discussed about the systematic forms of reviews based on
the security issues within the cloud computing environment. Based on the proper form of
surveying of the article, the authors have formulated a question based on the most recent forms
of vulnerabilities that have been recorded within the areas of Cloud Computing. This kind of
question would be in relation with the aim of the works of research. The works of research based
on the areas of cloud computing would deal with Cloud systems. They also discuss about the
different kinds of vulnerabilities within the systems and also help in defining the best form of
recommendations and the practices within the cloud platform.
The authors have also discussed about the different forms of results that have been
derived within the areas of research based on the article. Based on the derived conclusions from
the research, the authors have thus also discussed about the different forms of countermeasures
that could be applied for the security of information within the physical environment of the cloud
platforms. The web services have also led to different forms of challenges that could also be
addressable. The authors have also discussed about the report from the different surveys based

2PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
on the vulnerabilities and threats. They have also discussed about the complex architecture that
would composed of different technologies.
Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A., 2013.
Resilience metrics for cyber systems. Environment Systems and Decisions, 33(4), pp.471-
476.
This paper discusses about the security of information within the environment of
cyberspace and cyber systems. In the recent times, there has been a growing importance of the
use of cyber security within various developing nations. Linkov et al. (2013) have discussed
about the growing importance of cyber security that has expanded in the recent years. The reach
of this technology have crossed the boundaries of the traditional methods of information security.
They have thus included the protection of the resources of information. The paper also discusses
about the different roles of various persons within a particular organisation based on the
resilience against attacks in the cyber systems.
In this particular research paper, the authors have discussed that the factors of human
dependence within the security processes would play a major role. In the article, the authors have
discussed about the resilience matrix framework, which defines the current works of resilience
within cyber systems. These are thus considered to be the most vital form of standards based on
the security of information within computers. The research on the paper discusses about the
different forms of recent publications that are able to deal with the security of the cyberspace.
The authors have also discussed about the various forms of scenarios related to cyber security
such as cyber bullying, digital media, home automation and cyber terrorism.

3PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
The authors also discuss the different metrics based on cyber systems. With the help of
research on the paper, the authors have thus argued about the growing complexity of cyber
systems and cyber threats that would require the integration of the process of risk management.
The authors have thus provided vast definitions on the subject and have thus described various
policies based on protection of information within the environment.
Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on
DEMATEL and ANP for information security risk control assessment. Information
Sciences, 232, pp.482-500.
In this article, Yang, Shieh and Tzeng (2013) have discussed that the organizations and
companies have relied on the computer networks to a much extent. With the extent of the huge
form of usage, the management of the security within the devices have grown to a much extent.
In order to meet with the security concerns, the enterprises should be efficient enough for
safeguarding the private information.
The authors have discussed about a kind of a hybrid model, which is known as the
Multiple Criteria Decision-making (MCDM) model that combines the Decision-making Trail
and Evaluation Laboratory (DEMATEL), VIKOR and Analytic Network Process (ANP)
techniques for solving the different kinds of problems based on the criteria of confliction.
The authors have thus discussed that the different government organizations should
adjust the management policy of information security for the purpose of meeting the level of
information security, which would be meant for the intended users. These organizations should
keep a regular check on the controls over the information security over the organisation. The
authors have thus discussed that however as there have been a large number of regular form of

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
controls over the security of information, hence they should be able to maintain the controls of
security of the organisation and should also ensure the safety of the makers of the decisions
within the organisation.
This research paper is thus chosen for gaining knowledge over the different forms of
evaluation and controls over the areas of prioritization. The proper form of evaluation would be
helpful for the IT managers for improving the gaps within the areas of control and perform
optimization. The utilisation of the methods would also be helpful for diagnosis over the
problems within the areas of information security within the concerning organisation.
Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C., 2015, November. Handling a trillion
(unfixable) flaws on a billion devices: Rethinking network security for the internet-of-
things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.
This article describes the world of Internet of Things (IoT). The world of IoT has shifted
to a much more advanced platform with a lot of devices to get connected to the platform. The
authors have discussed about the different kinds of policies that have affected the world of IoT
and the connected devices within the framework. The IoT based devices are able to interact with
each other and have the permissibility to put an impact on the physical world. The authors have
thus discussed about the various kinds of tests that were performed within the IoT connected
devices. The results gained were thus able to depict that the security of interconnection within
the devices would be much more dynamic and complex. This has been described as the reason
based within the computational and physical elements.
The authors have also discussed about the coupling of IoT devices with the help of
physical environment that would lead to implicit form of dependencies. Unlike the traditional

5PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
form of IoT connected devices. The dependencies based cross-devices connections would be
very much common. Yu et al. (2015) have described about the different abstractions based on
existing policies. They have also described as the firewall rules or the IoT protocol management.
There is also a brief representation of Finite State Machine (FSM) policy abstraction. They
would be able to capture the environmental, cross-device and within the contexts of security.
Based on the discussion from the research article, it could be concluded that with the
huge forms of reforms within the sector of IoT and connected devices, the traditional approaches
should adopt several secure methods. The paper discusses about the discussion on the different
forms of challenges based on the based on the capturing of data within the IoT framework.

6PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
References
Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An analysis of
security issues for cloud computing. Journal of internet services and applications, 4(1), p.5.
https://link.springer.com/article/10.1186/1869-0238-4-5
Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A., 2013. Resilience
metrics for cyber systems. Environment Systems and Decisions, 33(4), pp.471-476.
https://s3.amazonaws.com/academia.edu.documents/40031296/
Resilience_metrics_for_cyber_systems20151115-3624-xb1dlf.pdf?
AWSAccessKeyId=AKIAIWOWYYGZ2Y53UL3A&Expires=1539675283&Signature=JNeXY
vBCzFwwWYbOd2jmsYqIP8g%3D&response-content-disposition=inline%3B%20filename
%3DResilience_metrics_for_cyber_systems.pdf
Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on DEMATEL
and ANP for information security risk control assessment. Information Sciences, 232, pp.482-
500.
https://www.sciencedirect.com/science/article/pii/S0020025511004695
Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C., 2015, November. Handling a trillion
(unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In
Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.
https://dl.acm.org/citation.cfm?id=2834095