In: Computer Science
What unstated requirements are there, and what
method(s) would you use to collect a more comprehensive set of
requirements? Develop a Word document that describes all of the
requirements and explains how they would be met using hardware,
software, networking, and security. In other words, summarize the
elements of the solution that are necessary to address the
requirements. Support your proposal.
The document should be APA-formatted.
hardware security
Hardware security as a system created through cryptography architecture includes hardware design, access control, secure MLS account, secure key storage, code integrity assurance and measures to ensure that the product supply chain built is secure among other things.
Hardware Security Unit (HSM) is a physical computing device that protects and manages digital keys for strong authentication and provides cryptographic processing. These modules typically come in the form of a plug-in card or an external device that connects directly to a computer or a network server.
Backdoors devices are backdoors in hardware. Conceptually related, the Trojan hardware (HT) is a malicious electronic system modification, especially in the context of an integrated circuit.
The non-cloning physical function (PUF) is a physical entity that is materialized and easy to assess but difficult to predict. Moreover, the individual PUF must be easy but virtually impossible to reproduce, even if we consider the precise manufacturing process that produced it. In this regard is analog devices of one-way function. The "non-cloning physical function" name may be a little misleading because some PUFs are cloned, and most PUFs are noisy and therefore do not meet the functionality requirements. Today, PUFs are typically implemented in integrated circuits and are typically used in applications with high security requirements.
software security
Software security is an idea implemented to protect software against malicious attack and other hacker risks so that the software continues to function correctly under such potential risks. Security is necessary to provide integrity, authentication and availability
Various Types of Software Security are:
Cyber Security Solutions: Security solutions for networks, servers, and applications against potential external security threats, including viruses, worms, and hackers.
Network Security Services: It includes security features such as multi factor authentication, One time password and SSH File Transfer Protocol (SFTP)
Business Security Services: security solutions facilitates scalability with dedicated servers for fast performance and reliability, and a private cloud for ultimate control.
Mobile Enterprise Security Solutions: Mobile security services which prevent fraud protection capabilities for mobile devices.
IT Security Services: IT security services and use technologies such as MyBatis (iBATIS), SiteMinder SSO, Auth0, and Armor (Firehost)
The only way to avoid various fraud attacks is to contact to a best cyber security software solutions provider who can deliver best System-level security using better firewalls
Proper software security helps detect security issues as well
as, defend the application from any external vulnerabilities.
It is important for every web application developer to be trained
in applictaion security. After all, according to a report from
Trustwave - 2018 Global Security Report (100% of Web Apps Contain
Vulnerabilities) 100% of all web applications contain at least one
vulnerability.
Certified Ethical Hacker - InfoSec Cyber Security Certification
would be an ideal choice to hone your penetration testing skills
through their VAPT track - Certified Ethical Hacker - CEH
Certification | EC-Council, EC-Council Certified Security Analyst -
ECSA | EC-Council, and Advanced Penetration Testing Program – LPT
(Master) | EC-Council. As for Application security, EC-Council is
also releasing an all-new certification and training application
security program - Certified Application Security Engineer (CASE) -
which is said to be the most comprehensive application security
training program, ranging from pre-deployment to post-deployment
security techniques/measures
This program will be launching on the 20th of June and
registrations are open to only a few select application development
professional
network security:-
Network security is an organization's strategy and provisions for ensuring the security of its assets and of all network traffic. It is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network and the resources accessed through the network from unauthorized access. This system is typically on layers of protection and consists of multiple components including networking monitoring and security software.
etwork security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.
Definitions are fine as top-level statements of intent. But how do you lay out a plan for implementing that vision? Stephen Northcutt wrote a primer on the basics of network security for CSOonline over a decade ago, but we feel strongly that his vision of the three phases of network security is still relevant and should be the underlying framework for your strategy. In his telling, network security consists of:
This, in short, is a defense in depth strategy. If there's one common theme among security experts, it's that relying on one single line of defense is dangerous, because any single defensive tool can be defeated by a determined adversary. Your network isn't a line or a point: it's a territory, and even if an attacker has invaded part of it, you still have the resources to regroup and expel them, if you've organized your defense properly.
Network security methods
To implement this kind of defense in depth, there are a variety of specialized techniques and types of network security you will want to roll out. Cisco, a networking infrastructure company, uses the following schema to break down the different types of network security, and while some of it is informed by their product categories, it's a useful way to think about the different ways to secure a network.
[ Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial! ]