Cyber Security Assessment and Cloud Computing Solutions for ZP
VerifiedAdded on 2024/05/30
|13
|2591
|355
Report
AI Summary
This report assesses the cyber security challenges related to cloud computing, specifically for Zoom Printing (ZP). It identifies top cyber security problems, including malware threats, shadow broker exploits, mobile vulnerabilities, alert overload, firewall limitations, cloud misconfigurations, and insider threats. The report also addresses potential cloud computing issues related to transparency, data control, security measures, and accountability. The proposition section explores solutions like homomorphic encryption, decentralized information flow control, and provable data integrity. Alternative privacy defense structures and data sanitization methods are considered. The report concludes by highlighting the advantages and costs associated with cloud computing, emphasizing the importance of data security principles and regulatory compliance. This student contributed document is available on Desklib, which provides a wide range of study resources and AI-powered tools for students.
Computer Security
Assessment 2
Student Name
Student Number
Table of Contents
Assessment 2
Student Name
Student Number
Table of Contents
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction.....................................................................................................................................3
Top Eight Problems related to Cyber Security.................................................................................4
Potential problems of Cloud Computing.........................................................................................7
Proposition.......................................................................................................................................9
Major Alternatives.........................................................................................................................10
Cost of Applying Cloud Computing Problem Solution...................................................................11
Conclusion......................................................................................................................................12
References.....................................................................................................................................13
1
Top Eight Problems related to Cyber Security.................................................................................4
Potential problems of Cloud Computing.........................................................................................7
Proposition.......................................................................................................................................9
Major Alternatives.........................................................................................................................10
Cost of Applying Cloud Computing Problem Solution...................................................................11
Conclusion......................................................................................................................................12
References.....................................................................................................................................13
1
Introduction
Zoom Printing Complexity and volume of cybersecurity attacks is increasing with the
passage of time. Criminals are targeting banks around the world and hospitals across the US
even stealing $12.7 million in a massive ATM heist in Japan. All companies are facing such
cyber-security attacks. Businesses reported 64 percent more security incidents in 2015
compared to 2014. The severity of attacks will get worse as the mobile devices propagate and
more equipment is plug up into this internet thing. This study will uncover major issues due to
cloud computing for Zoom Printing.
2
Zoom Printing Complexity and volume of cybersecurity attacks is increasing with the
passage of time. Criminals are targeting banks around the world and hospitals across the US
even stealing $12.7 million in a massive ATM heist in Japan. All companies are facing such
cyber-security attacks. Businesses reported 64 percent more security incidents in 2015
compared to 2014. The severity of attacks will get worse as the mobile devices propagate and
more equipment is plug up into this internet thing. This study will uncover major issues due to
cloud computing for Zoom Printing.
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Top Eight Problems related to Cyber Security
Shadow brokers have been the underscore events so far that regularly discarding NSA
hacking tools for communal utilization. These shiny modern toys are being used by
cybercriminals to run amok fabricating NotPetya and WannaCry (Aljabre, 2012). 6 million
dollars are paid by HBO due to threats by criminals on the early unveiling of its newest show.
Top executives are asked by SC media about the major problems that will be a facade in next
few months. This will be an existing catalog with additional intimidation being supplementary
as they emerge (Armbrust et al., 2010).
1. Malware with maggot competences
Wanna cry is spreading rapidly and it is only achievable due to its worm constituent. It
rings a bell that how speedily malware can proliferate with distressing effects. Trickbot banking
Trojan is an example of malware which is designed by adding worm aptitude.
2. Discharge of further Shadow Brokers apparatus
Double Pulsar and EternalBlue are vital components of Wanna Cry. These are just the
slant of the iceberg of what may arrive from the Shadow Brokers. These complicated apparatus
have a huge universal impact and more gigantic results could be expected to arise (Armbrust et
al., 2010).
3. Receiving back to fundamentals (endpoint, patching, hygiene)
It is considered as the major issue of the era and malware has revealed how effortless it
is to encompass systems.
4. The mobile mover’s susceptibility
Growing realization is one of the major issues that industry is facing today. World’s
voice, as well as data, is transferred through carrier networks. These networks are methodically
susceptible for monitoring and interception. Internetworking procedures are being acquired to
take advantage. This is performed by hackers, foreign governments, and terrorist organizations
and it could be done from anywhere in the world (Buyya, Yeo, & Venugopal, 2008).
3
Shadow brokers have been the underscore events so far that regularly discarding NSA
hacking tools for communal utilization. These shiny modern toys are being used by
cybercriminals to run amok fabricating NotPetya and WannaCry (Aljabre, 2012). 6 million
dollars are paid by HBO due to threats by criminals on the early unveiling of its newest show.
Top executives are asked by SC media about the major problems that will be a facade in next
few months. This will be an existing catalog with additional intimidation being supplementary
as they emerge (Armbrust et al., 2010).
1. Malware with maggot competences
Wanna cry is spreading rapidly and it is only achievable due to its worm constituent. It
rings a bell that how speedily malware can proliferate with distressing effects. Trickbot banking
Trojan is an example of malware which is designed by adding worm aptitude.
2. Discharge of further Shadow Brokers apparatus
Double Pulsar and EternalBlue are vital components of Wanna Cry. These are just the
slant of the iceberg of what may arrive from the Shadow Brokers. These complicated apparatus
have a huge universal impact and more gigantic results could be expected to arise (Armbrust et
al., 2010).
3. Receiving back to fundamentals (endpoint, patching, hygiene)
It is considered as the major issue of the era and malware has revealed how effortless it
is to encompass systems.
4. The mobile mover’s susceptibility
Growing realization is one of the major issues that industry is facing today. World’s
voice, as well as data, is transferred through carrier networks. These networks are methodically
susceptible for monitoring and interception. Internetworking procedures are being acquired to
take advantage. This is performed by hackers, foreign governments, and terrorist organizations
and it could be done from anywhere in the world (Buyya, Yeo, & Venugopal, 2008).
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
5. Discontinue crushing customers with alerts!
Organizations like ZP could be easily devastated through a great number of alerts that
are generated by safety controls. 100,000 safety alerts are generated in large companies likes
banks on daily basis. It requires thousands of analysts and security engineers to cope up with
these alerts (Buyya et al., 2008).
6. New threats could be facade by implementing a firewall
Development of firewall is not complete yet. The firewall will have to adapt the rapidly
changing networking technology. Conventional role of the firewall is endangered by SDN,
Cloud, and containers. Flat networks are replacing the conventional segmentation network. Flat
networks not only diminishes the intricacy of the network but also establishes the momentous
confront to the firewall (Buyya, Yeo, Venugopal, Broberg, & Brandic, 2009).
7. Scrutinizing Cloud arrangement and defense
Cloud technologies are being adopted by companies at a swift rate but information
security is not synchronizing with it. Missed configurations have discovered that leads to data
leaks. Monitoring of cloud infrastructure and related assets will be a challenge due to rapid
change of machinery, fast-paced acceptance and massive deviation of skills.
8. Attacks of elevated collision
A major challenge that stands out to me is “impact” for the rest of the year. Vicious
effect of attacks that were encountered so far this year cannot be denied by anyone. Influence
of malicious codes has observed by the world during the attacks from Shamoon v2, to NotPetya
and WannaCry. On the whole escalating risk of exceedingly complex leaked code cannot be
overlooked by companies. These leaked codes are dispersion extensively against all companies
regardless of their size. It has been revealed that it’s only the trade secrets, customer data, or
finances that are at risk. These attacks had closed the whole companies due to their distressing
effects on industry, consumers, and workers.
9. The Insider Threat
It is not compulsory that data hacking and data theft could be done by the cybercriminals. It
could be done by third parties and workers that have admittance to sensitive information. It
4
Organizations like ZP could be easily devastated through a great number of alerts that
are generated by safety controls. 100,000 safety alerts are generated in large companies likes
banks on daily basis. It requires thousands of analysts and security engineers to cope up with
these alerts (Buyya et al., 2008).
6. New threats could be facade by implementing a firewall
Development of firewall is not complete yet. The firewall will have to adapt the rapidly
changing networking technology. Conventional role of the firewall is endangered by SDN,
Cloud, and containers. Flat networks are replacing the conventional segmentation network. Flat
networks not only diminishes the intricacy of the network but also establishes the momentous
confront to the firewall (Buyya, Yeo, Venugopal, Broberg, & Brandic, 2009).
7. Scrutinizing Cloud arrangement and defense
Cloud technologies are being adopted by companies at a swift rate but information
security is not synchronizing with it. Missed configurations have discovered that leads to data
leaks. Monitoring of cloud infrastructure and related assets will be a challenge due to rapid
change of machinery, fast-paced acceptance and massive deviation of skills.
8. Attacks of elevated collision
A major challenge that stands out to me is “impact” for the rest of the year. Vicious
effect of attacks that were encountered so far this year cannot be denied by anyone. Influence
of malicious codes has observed by the world during the attacks from Shamoon v2, to NotPetya
and WannaCry. On the whole escalating risk of exceedingly complex leaked code cannot be
overlooked by companies. These leaked codes are dispersion extensively against all companies
regardless of their size. It has been revealed that it’s only the trade secrets, customer data, or
finances that are at risk. These attacks had closed the whole companies due to their distressing
effects on industry, consumers, and workers.
9. The Insider Threat
It is not compulsory that data hacking and data theft could be done by the cybercriminals. It
could be done by third parties and workers that have admittance to sensitive information. It
4
could be done by them for the sake of their own work. On the other hand, data stealing could
be also due to transferring data incidentally to unsanctioned and unofficial receivers. In past
few years, many such cases have seen by different organizations. The chances of data breaching
are double by parties having insider data. Anti-viruses and firewalls become unseeing in these
kinds of attacks because no external penetration happens and no malware is involved
(Calheiros, Ranjan, Beloglazov, De Rose, & Buyya, 2011).
10. Operationalizing GDPR
Guidelines regarding enterprise security squads in a universe of change are escorted by
the EU's pending statistics defense directive. Security and IT specialists without authenticating
and recognizing data collection movement will join powers with risk, confidentiality and
compliance chiefs to operationalize statistics supremacy policies. Data is collected from
websites of third parties unknowingly on regular basis to ensure proper implementation of data
security procedures and policies. Such techniques are being monitored actively and
implementation of these will be a major focus foremost up to May 2018.
5
be also due to transferring data incidentally to unsanctioned and unofficial receivers. In past
few years, many such cases have seen by different organizations. The chances of data breaching
are double by parties having insider data. Anti-viruses and firewalls become unseeing in these
kinds of attacks because no external penetration happens and no malware is involved
(Calheiros, Ranjan, Beloglazov, De Rose, & Buyya, 2011).
10. Operationalizing GDPR
Guidelines regarding enterprise security squads in a universe of change are escorted by
the EU's pending statistics defense directive. Security and IT specialists without authenticating
and recognizing data collection movement will join powers with risk, confidentiality and
compliance chiefs to operationalize statistics supremacy policies. Data is collected from
websites of third parties unknowingly on regular basis to ensure proper implementation of data
security procedures and policies. Such techniques are being monitored actively and
implementation of these will be a major focus foremost up to May 2018.
5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Potential problems of Cloud Computing
In 9 aspects, key data safety issues due to cloud computing in ZP could be summed up:
Declaration, transparency, and openness: The entities who want to use the information stored
in the cloud should be provided with all details by cloud figuring service suppliers. For instance,
what statistics they can use, how elongated they will retain it; how they use it, and with whom
will they share it, and other practices they anticipated for the information. Users must also be
warned if the service providers want to change the use of information. Users should also get
reminders and alerts if data to be passed to the third party. Data safety policies should be open
to all customers through websites and other forums. They should also be easy to understand as
well (Grossman, 2009).
License, right, and power: Users must be given the right whether they want to gather their
data or not by service providers. The license should be issued for use, collection, and disclosure
of individually identifiable evidence. But the services providers of cloud still have the authority
to control data.
Diminishing: Statistics that is required to fulfill the extent endorsed should be composed of
used shared, collection or disclosure. Simultaneously, the use of latitude and available
information must be minimized.
Truthfulness: To check the accuracy of data and who are consuming this and to see what is
being presented about them are the admittance factors that should be provided to data
owners. All payment should be made to assure that data presented on their behalf is accurate
and unmodified.
Security measures: Standardization, laws and regulations and regulatory approach these are
the safeguards that are required for data safety. These measures prevent unauthorized access,
copying, use, disclosure or modification of individually identifiable data (Grossman, 2009).
Defiance: Client must be capable enough to challenge procedures of an agency’s data security.
Communications should comply with the legislation of data safety.
6
In 9 aspects, key data safety issues due to cloud computing in ZP could be summed up:
Declaration, transparency, and openness: The entities who want to use the information stored
in the cloud should be provided with all details by cloud figuring service suppliers. For instance,
what statistics they can use, how elongated they will retain it; how they use it, and with whom
will they share it, and other practices they anticipated for the information. Users must also be
warned if the service providers want to change the use of information. Users should also get
reminders and alerts if data to be passed to the third party. Data safety policies should be open
to all customers through websites and other forums. They should also be easy to understand as
well (Grossman, 2009).
License, right, and power: Users must be given the right whether they want to gather their
data or not by service providers. The license should be issued for use, collection, and disclosure
of individually identifiable evidence. But the services providers of cloud still have the authority
to control data.
Diminishing: Statistics that is required to fulfill the extent endorsed should be composed of
used shared, collection or disclosure. Simultaneously, the use of latitude and available
information must be minimized.
Truthfulness: To check the accuracy of data and who are consuming this and to see what is
being presented about them are the admittance factors that should be provided to data
owners. All payment should be made to assure that data presented on their behalf is accurate
and unmodified.
Security measures: Standardization, laws and regulations and regulatory approach these are
the safeguards that are required for data safety. These measures prevent unauthorized access,
copying, use, disclosure or modification of individually identifiable data (Grossman, 2009).
Defiance: Client must be capable enough to challenge procedures of an agency’s data security.
Communications should comply with the legislation of data safety.
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Aim: For sharing and collection of personal data there should be an evidently indicated
purpose. The purpose up to which data owners agree data usage should be limited to that level.
Retention and disclosure of limited use: The parties that are authorized to data should only be
disclosed to data and to the extent they are permitted to information disclosure. Individual
statistics should only be reserved as long as is essential.
Answerability: Execution of information safety procedures must be assured by cloud service
suppliers. A sound audit function should also be there to observe the data amendment and
personal information access. These factors are known as accountability.
7
purpose. The purpose up to which data owners agree data usage should be limited to that level.
Retention and disclosure of limited use: The parties that are authorized to data should only be
disclosed to data and to the extent they are permitted to information disclosure. Individual
statistics should only be reserved as long as is essential.
Answerability: Execution of information safety procedures must be assured by cloud service
suppliers. A sound audit function should also be there to observe the data amendment and
personal information access. These factors are known as accountability.
7
Proposition
In June 2009, a fully homomorphic encryption scheme was developed by IBM. This
scheme permits statistics to be administered without being decrypted. Decentralized
information flow control (DIFC) and distinction privacy defense tools were smeared by
Ramadan and Roy. These techniques are incorporated into ZP data compeers and control
phases in the cloud and they put forward a privacy defense system known as air vat. In Map-
Reduce figuring process, privacy leakage without proper permission could be prevented
through this system (Hashem et al., 2015).
Key management of ZP is a major problem for data encryption solutions and consumers
have not enough skills to accomplish their sources. For improvement of Structured Information
Standards (OASIS) Key Management Interoperability Protocol (KMIP) is exasperating to resolve
such issues. The user cannot first download and then upload the information because of
integrity verification, time cost and transfer fee during information communication process.
Data reliability procedures are no elongated appropriate because of initiation of data in cloud
storage.
Provable data integrity (PDI) solution of NEC Lab can support ZP communal statistics
integrity confirmation. To authenticate the reliability of information that is stockpiled in the
cloud a mathematical way was proposed by Cong Wang. Client-based confidentiality
administration tool was recommended by Mowbray in the stages of use and data storing.
Worker centric trust model is provided through this which helps workers to control the use and
storing of delicate data in the cloud. Problems which are faced by current confidentiality
protection techniques are discussed by Munts-Mulero. Data pre-processing approaches, Graph
Anonymization and K anonymous are examples of the above-said problems. “Guidelines for
Media Sanitization” was provided by National Institute of Standards and Technology (NIST) in
Special Publication, 800-88. Sharing of data is the main challenge of data privacy while
protecting personal privacy information.
8
In June 2009, a fully homomorphic encryption scheme was developed by IBM. This
scheme permits statistics to be administered without being decrypted. Decentralized
information flow control (DIFC) and distinction privacy defense tools were smeared by
Ramadan and Roy. These techniques are incorporated into ZP data compeers and control
phases in the cloud and they put forward a privacy defense system known as air vat. In Map-
Reduce figuring process, privacy leakage without proper permission could be prevented
through this system (Hashem et al., 2015).
Key management of ZP is a major problem for data encryption solutions and consumers
have not enough skills to accomplish their sources. For improvement of Structured Information
Standards (OASIS) Key Management Interoperability Protocol (KMIP) is exasperating to resolve
such issues. The user cannot first download and then upload the information because of
integrity verification, time cost and transfer fee during information communication process.
Data reliability procedures are no elongated appropriate because of initiation of data in cloud
storage.
Provable data integrity (PDI) solution of NEC Lab can support ZP communal statistics
integrity confirmation. To authenticate the reliability of information that is stockpiled in the
cloud a mathematical way was proposed by Cong Wang. Client-based confidentiality
administration tool was recommended by Mowbray in the stages of use and data storing.
Worker centric trust model is provided through this which helps workers to control the use and
storing of delicate data in the cloud. Problems which are faced by current confidentiality
protection techniques are discussed by Munts-Mulero. Data pre-processing approaches, Graph
Anonymization and K anonymous are examples of the above-said problems. “Guidelines for
Media Sanitization” was provided by National Institute of Standards and Technology (NIST) in
Special Publication, 800-88. Sharing of data is the main challenge of data privacy while
protecting personal privacy information.
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Major Alternatives
For Zoom Printing, Privacy defense structure based on statistics accountability (IA)
components was proposed by Randike Gajanayake. Type of information used and accessed can
be identified by an IA agent. To hold the consumers answerable for misuse the mediator
outlines a set of procedures when any misuse is detected by an agent. U.S. Department of
Defense (DoD) 5220.22-M (the National Industrial Security Program Operating Manual)
illustrations two permitted methods of data (devastation) safety, but it does not deliver any
precise desires for how these two procedures are to be realized.
9
For Zoom Printing, Privacy defense structure based on statistics accountability (IA)
components was proposed by Randike Gajanayake. Type of information used and accessed can
be identified by an IA agent. To hold the consumers answerable for misuse the mediator
outlines a set of procedures when any misuse is detected by an agent. U.S. Department of
Defense (DoD) 5220.22-M (the National Industrial Security Program Operating Manual)
illustrations two permitted methods of data (devastation) safety, but it does not deliver any
precise desires for how these two procedures are to be realized.
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cost of Applying Cloud Computing Problem Solution
On-demand admittance to a collective pool of calculating resources is Cloud computing.
Cloud technologies have various advantages if used appropriately (Hurwitz, Bloor, Kaufman, &
Halper, 2010). Some advantages are it reduces management responsibilities, reduces cost,
increases efficiency and agility of companies. One of the main services that are provided by
cloud providers is cloud storage. The total cost for Zoom Printing will be $10,000.
10
On-demand admittance to a collective pool of calculating resources is Cloud computing.
Cloud technologies have various advantages if used appropriately (Hurwitz, Bloor, Kaufman, &
Halper, 2010). Some advantages are it reduces management responsibilities, reduces cost,
increases efficiency and agility of companies. One of the main services that are provided by
cloud providers is cloud storage. The total cost for Zoom Printing will be $10,000.
10
Conclusion
In Zoom Printing, Cloud storage stores data of customers in a 90 remote server. Claim
that stored information will be secure and unharmed is made by cloud providers. But
sometimes, loss of data occurs due to attacks by cybercriminals. Data safety principles are
executed in the way to overcome the loss of data. Many other aspects are also associated with
data security such as regulatory approach, standardization, laws, and rules, etc. Efforts of
enhancement of related laws and regulations will grant secured services to consumers.
11
In Zoom Printing, Cloud storage stores data of customers in a 90 remote server. Claim
that stored information will be secure and unharmed is made by cloud providers. But
sometimes, loss of data occurs due to attacks by cybercriminals. Data safety principles are
executed in the way to overcome the loss of data. Many other aspects are also associated with
data security such as regulatory approach, standardization, laws, and rules, etc. Efforts of
enhancement of related laws and regulations will grant secured services to consumers.
11
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 13
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.