Cr-1

After reading chapter 1, compare and contrast two fundamental security design principles. Analyze how these principles and how they impact an organizations security posture.  The initial post must be completed by Thursday at 11:59 eastern.  You must use at least one scholarly resource. 

Every discussion posting must be properly APA formatted.

 

Plagiarism in the discussion will not be tolerated.

CHAPTER-1

Comments-1 – 100 words Introduction

Security is the fundamental concern in operation or development of an information technology product. Usually there are three elements to be ensured in securing a product or service. These are – Confidentiality, Integrity and Availability of data or services (Kibet & Karume, 2018). Some design principles are followed by the developers of IT tools to comply with these requirements.

Security Design

            Personnel responsible for developing a product needs to ensure security for both hardware and software elements. Two very basic but crucial aspects of security that needs to be kept in mind are access control and authentication. Authentication is the assurance that the intended or permitted user is accessing the system. Thus, breach of security by third party access can be controlled with proper authentication mechanism. Access control is of two different kinds – internal and external. External access control is closely related with authentication itself as it concerns with restricting access for external users of information system (Kibet & Karume, 2018). But, while authentication determines whether or no a user will be allowed to get access, access control determines to what extent a user can have access to the same. In internal organizational environment, Principle of Least Privilege (POLP) is often established to ensure access control for internal users. This principle can be applied in designing or developing IT products and services as well. Developers need to segment different tasks in the programme to enable POLP (Zheng, Xie, Dai, Chen & Wang, 2017). Least privilege not only helps in protecting information system from external attacks but also from human error that passes on to the connecting device or units. Today, most manufacturers and programmers are designing security with multi-factor authentication where security is more ensured by at least two different authentication factors such as a password and a biometric record.

Conclusion

            However, standards and compliances are increasingly indicating the importance of security by design for IT products and performances. The aim behind this practice is reduce threat surface.

 

References

Kibet, A., & Karume, S. (2018). A Synopsis of Blockchain Technology. International Journal Of Advanced Research In Computer Engineering & Technology, 7(11), 789-795.

Zheng, Z., Xie, S., Dai, H., Chen, X., & Wang, H. (2017). An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends. 2017 IEEE International Congress On Big Data (Bigdata Congress). doi: 10.1109/bigdatacongress.2017.85

Comments-2 – 100 words

Fundamental Design Principles

Complete mediation and open design are important fundamental security design principles that should be included in the consideration. Complete mediation involves a situation where each access should be checked against the access control mechanism that is applied. Platforms are not supposed to be relying on the access decisions that are retrieved from a particular cache. For a system that is designed for continuous operation, then this technique will have a special consideration (Alazzam et al., 2016). The access decisions need to be remembered for future use while changes in the authority need to be carefully considered depending on the alterations in the authoritative issuance of instructions to the designated directories.

The appearance of platforms for resource access usually gives instances of the platform required to provide compliance with the principle (Stallings, 2018). After file access and opening by end users, there would be no checking to see the changes in permission. The full implementation of mediation would require every user to read a field or record that is associated with a file. The data item in a particular database would also involve a system that exercises access control. Furthermore, the asset-draining technique is seldom used.

The principle involving open design involves designing a particular security mechanism in such a way that it is open instead of a secret (Alazzam et al., 2016).  Even though encryption keys need hiding, keys for encryption are required to be open source for public analysis. Keys can also be further analyzed by most of the experts to ensure that users are highly confident when using them (Stallings, 2018). The National Institute of Standards and Technology (NIST) includes the scenario where there are hash algorithms and standardized algorithms, which have led to an increasing in algorithms that are NIST-approved.

References

Alazzam, I., Alsmadi, I., & Nahar, K. M. (2016). Software design principles to enhance SDN architecture. change, 7(8).

Stallings, W. (2018). Cryptography & Network Security GE (8th ed.). Pearson Australia Pty Limited.