Short note on Security Assessment.

-

Security Assessment 

- Security assessment has something in common with a safety assessment.

- It is intended to demonstrate that the system cannot enter some state (an unsafe or an insecure state) rather than to demonstrate that the system can do something.

- However, there are differences

  • Safety problems are accidental; security problems are deliberate;
  • Security problems are more generic - many systems suffer from the same problems; Safety problems are mostly related to the application domain


Security validation

Experience-based validation

- The system is reviewed and analyzed against the types of attacks that are known to the validation team.

Tool-based validation

- Various security tools such as password checkers are used to analyze the system in operation.

Tiger teams

- A team is established whose goal is to breach the security of the system by simulating attacks on the system.

Formal verification

- The system is verified against a formal security specification.



Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more

Describe how cloud computing technology can be applied to support remote ECG monitoring.

-
Image
  Healthcare: ECG (Electrocardiogram) Analysis in cloud computing Healthcare is a field, subject, sector, or territory in which information technology has several uses. These apps are being used to aid businesses in supporting scientists in developing disease prevention solutions. Cloud computing has emerged as an appealing alternative for constructing health monitoring systems as a result of the development of the Internet or to put it another way, as a result of the availability of the internet. The ECG machine, for example, is a health monitoring device that measures the human body's heartbeat and prints the results on graph paper. The electrocardiogram (ECG) measures the electrical activity of the heart's Cardium. A waveform is created as a result of this action, which is repeated throughout time and symbolizes the heartbeat.  The analysis of the shape is used to identify arrhythmias, and it is the most common way of detecting heart diseases. Here the meaning of arrhythmias
Read more

Explain market-Oriented Cloud computing architecture.

-
Image
  Market Oriented Cloud Computing (Mocc) As customers rely on Cloud providers to cover all of their computing needs, they will expect certain Qe from their providers to fulfill their objectives and continue their operations. Cloud providers must examine and satisfy the various QoS standards of each unique consumer as stipulated in unique SLAs. To do this, cloud providers cannot continue to install traditional system-centric resource management architectures that do not give incentives for them to share their resources while still treating all service requests as equal insignificance. Instead, market-oriented resource management is required to maintain the supply and demand for Cloud resources at market equilibrium, provide feedback in the form of economic incentives for both Cloud consumers and providers, and promote QoS-based resource allocation mechanisms that differentiate service requests based on their utility. The diagram depicts a high-level architecture for enabling market-orie
Read more