This homework is due before class on Thursday, September 13. You are allowed to

Question

This homework is due before class on Thursday, September 13.

You are allowed to discuss the problems and your general approach with other students in the class. However, the answers you turn in must be your own original work, and you are bound by the Honor Code. Solutions should be submitted as private posts in Piazza in plain text format by completing the template shown below.

For each scenario below, imagine that you are in charge of security. Apply the security mindset to answer these questions:
What assets are important for you to protect?
What security threats will you choose to defend against?
What countermeasures can you justify, in terms of costs and benefits?

Answer each of the above in the form of a bulleted list, with brief justifications or explanations as necessary. State any critical assumptions you decide to make. Your grade will be based on the thoroughness, realism, and thoughtfulness of your analysis. You will be required to analyze two scenarios, as described below.

1.Pick one of the following scenarios.
(a) You are managing the security of checked luggage at O'Hare Airport.
(b) You are in charge of security at Chicabo Bulls' home arena.
(c) Your work for a company that does background checks for prospective hires for the Federal government.
(d) You are developing and deploying a self-checkout system for a super market chain.
(e) You manage a bug tracker for the developers of a popular web browser; some bug reports are about sensitive security issues.

2. Choose another scenario from everyday life that we haven’t discussed in class. Your choice may be directly related to computer security, but it doesn’t have to be.

It could be about a specific security aspect of any given organization/company/university/etc.

Explanation / Answer

1. c) Your work for a company that does background checks for prospective hires for the Federal government.

What assets are important for you to protect? Integrity of the candidate, Competitiveness in working, Clean record (no criminal offence throughout)

What security threats will you choose to defend against? Impersonification

What countermeasures can you justify, in terms of costs and benefits? Check with government id of the candidate and check in to the permanent address of the candidate

e) You manage a bug tracker for the developers of a popular web browser; some bug reports are about sensitive security issues.

What assets are important for you to protect? Robustness of the web browser, Speedy navigation, secured server
What security threats will you choose to defend against?  Hacking attempts, Manipulating the front end of the site
What countermeasures can you justify, in terms of costs and benefits? Have web browser tested by cyber security experts.

2. Working on a cloud computing platform like salessforce and developing force.com applications

What assets are important for you to protect? Speedy navigation, Assurance to be within the governer limits while development for rich experience
What security threats will you choose to defend against? Regular backup of code, not only on the cloud, checks for SOQL injection
What countermeasures can you justify, in terms of costs and benefits? Usage of static resources to load heavy images, Check for vulnerabilities via online force.com security scanner

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.