threat modeling

profileraj9999
Week6-Full1.pptx
Home>Computer Science homework help>threat modeling

Week 6 - Full

Objectives

Describe Threat Modeling

Identify several security models

Explain public key infrastructure

Reading Assignments

Chapter 8

Cagnazzo, M., Hertlein, M., Holz, T., & Pohlmann, N. (2018). Threat Modeling for Mobile Health Systems. https://ieeexplore.ieee.org/document/8369033 Click PDF, In Institution name box, enter: University of the Cumberlands, UC OneLogin will pop up and login with UC email address and Password.

Ruiz, N., Bargal, S.A., & Sclaroff, S. (2020). Disrupting DeepFakes: Adversarial Attacks Against Conditional Image Translation Networks and Facial Manipulation Systems. https://arxiv.org/abs/2003.01279 There is a link to the PDF of this article in the right column of this record under Download.

Fundamentals Issues of why dissertations fail

Dr. Steven Brown, PhD IT Program Director, has a created a presentation on identifying several areas where, and why dissertations fail, and how to correct these areas

https://us-lti.bbcollab.com/recording/561678eb60b94cb6ba9f5d8350bc86ed

Assignment

Threat Modeling

A new medium-sized health care facility just opened and you are hired as the CIO. The CEO is somewhat technical and has tasked you with creating a threat model. The CEO needs to decide from 3 selected models but needs your recommendation. Review this week’s readings, conduct your own research, then choose a model to recommend with proper justifications. Items to include (at a minimum) are:

User authentication and credentials with third-party applications

3 common security risks with ratings: low, medium or high

Justification of your threat model (why it was chosen over the other two: compare and contrast)

You will research several threat models as it applies to the health care industry, summarize three models and choose one as a recommendation to the CEO in a summary with a model using UML Diagrams (Do not copy and paste images from the Internet). In your research paper, be sure to discuss the security risks and assign a label of low, medium or high risks and the CEO will make the determination to accept the risks or mitigate them.