Can someone help me with the following: Part 1: For the scenarios that follow, i

Question

Can someone help me with the following:

Part 1: For the scenarios that follow, identify the data that would need to be protected. Recommend how you would implement one or more of the access controls for the given scenario. Justify your recommendations.

Scenarios:

A small construction company consisting of 12 computers that have Internet access.

A small advertising company consisting of 12 computers that have Internet access.

All employees communicate using smartphones.

A multinational IT services company consisting of 120,000 computers that have Internet access and 45,000 servers. All employees communicate using smartphones and e-mail. Many employees work from home and travel extensively.

A defense contractor that builds communications parts for the military. All employees communicate using smartphones and e-mail.

A military-support branch consisting of 14,000,000 computers with Internet access and 250,000 servers. All employees must have security clearances, and they communicate mainly using BlackBerry devices and e-mail.

Part 2: Select an access control model that best prevents unauthorized access for each of the five scenarios . Which types of logical access controls should be used in each scenario? Justify your recommendations.

Access control models:

Mandatory access controls

Discretionary access controls

Role-based access controls

Rule-based access controls

Content-dependent access controls

Nondiscretionary access controls

Access Controls

Administrative controls: Policies approved by management and passed down to staff, such as policies on password length.

Logical/technical controls: Control access to a computer system or network, such as a username and password combination

Hardware controls: Equipment that checks and validates IDs, such as a smart-card for or security token for multifactor authentication.

Software controls: Controls embedded in operating system and application software, such as NTFS permissions.

Physical controls: Control entry into buildings, parking lots, and protected areas, such as a lock on an office door

Explanation / Answer

Part 1

The one which needs protection is A military-support branch consisting of 14,000,000 computers with Internet access and 250,000 servers using MAC.

This is because it has following benefits:

Through its implementation of Bell-LaPadula in Multi-Layer Secure (MLS) systems, MAC is the main access control model used by the military and intelligence agencies to maintain classification policy access restrictions. The combination of Bell-LaPadula and trusted component assurance also has the nice benefit of making MLS systems immune to Trojan Horse attacks. In perfect implementations, MLS systems implementing Bell-LaPadula MAC are not susceptible Trojan Horse forced security violations because users do not have the ability to declassify information. Additionally, MAC is relatively straightforward and is considered a good model for commercial systems that operate in hostile environments (web servers and financial institutions) where the risk of attack is very high, confidentiality is a primary access control concern, or the objects being protected are valuable

Part 2:

1. A small construction company consisting of 12 computers that have Internet access.and A small advertising company consisting of 12 computers that have Internet access.

To protect this we use LDAP (Lightweight Directory Access Protocol).LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet

This is recommended because by implementing LDAP enviornment using Windows Active Directory, a small private firm can better secure its information, manage the information more efficiently and enable remote access for its field employees

For A multinational IT services company consisting of 120,000 computers that have Internet access and 45,000 servers. All employees communicate using smartphones and e-mail. Many employees work from home and travel extensively we use Role Based Access Control because

Role Based Access Control is an approach that is more realistic and aligned with most business models. Analyst and administrators look at the actual role that the end user will be taking. This approach to security 'looks' at the end user and defines what they can or cannot do.Role-based access control (RBAC) is an access control method that organizations implement to ensure that access to data is performed by authorized users. Unlike other access control methods, role-based access control assigns users to specific roles, and permissions are granted to each role based on the user's job requirements. Users can be assigned any number of roles in order to conduct day-to-day tasks. For example, a user may need to have a developer role, as well as an analyst role. Each role would define the permissions that are needed to access different objects.

For military purpose we use Mandatory Access Control

The process is when the owner (above) defines a policy or policies that can strictly define the end user and their use of programs or files. Because MAC is typically used in the defense industry, this ensures that documents or files are secured.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.