User Account

All Pages

Explain what cost-effective protections are available

Assignment Help Other Subject
Reference no: EM132882506

Scenario - Security Analysis and Solutions to Conference Management Systems

A conference manage system is a web-based management system which allows researchers submit research papers, the program committee (PC) members (reviewers) to browse papers and contribute reviews, scores and discussion, and release decisions (such as rejection or accept) via the Web. In one arrangement, the conference chair downloads and hosts the appropriate server software.

The system allows users to submit papers, enter reviews & scores and access reviews & scores associated with events (conferences or workshops) regarding to the role of the uses. A user is granted access to the system by providing a role (chair, reviewer, or author) along with a user-id and associated password. Permissible roles for each user are specified at the time a new event is added to the management system. Reviews & scores on papers are initially assigned by chairs (chairs assign papers to reviewers for reviewing, one reviewers can be assigned multiple papers, one paper can be allocated to multiple reviewers). Reviewing are done by reviewers. And a chair can perform any and/or all of these actions, but a chair's updates can only be changed by the chair. An author, in addition to learning about his or her reviews & grades on individual papers, is entitled to learn the acceptance statistics (but not other papers' reviews), and the conference program.

Threat model: The adversary is a user who desires to learn the reviews & scores, changes reviews & scores, or prevent others from learning or changing reviews & scores. The adversary has access to the management system and also can read, delete, and/or update network messages in transit. The adversary cannot physically access or run programs on a user's machine that is running a browser to access the management system. And the adversary cannot physically access or run programs on the server hosting the management system.

Your tasks: You are asked to produce a report (1500-2000words) to provide contemplate descriptions of the above Web-based Conference Management System and identify the following:

A. Assets and security properties: what objects should be protected, what security properties might we expect the system to enforce? For each such security property, label it with one of: confidentiality, integrity, or availability?

B. Vulnerability: explain the vulnerability in the system and use an attack tree/model to describe how an attack could be mounted. Restrict your consideration to the threat model provided.

C. Protection: explain what cost-effective protections are available against the threats that you identify. Remember the focus is on software vulnerabilities.

Hint: Assuming that the manager is not a technical person, craft your explanation in a way that can be explained to a layman and include figures where necessary.

Reference no: EM132882506

Questions Cloud

What information use to increse of emotional intelligence : Explain what information can use to increase your level of Emotional Intelligence that has been discussed in Peter-O'Grady and Malloch readings.
Design a two-day training module for the repatriates : Design a two-day training module for the repatriates. Also suggest repatriation strategies, other than training, which may reduce the attrition rate?
Describe the three cornerstones of financial management : Question - Describe the three cornerstones of financial management in the public sector in Canada, with examples of each cornerstone
Explain concept of tying performance to organizational goals : A strategic purpose for a well-blended compensation program, one that includes various types of direct compensation, is gaining employee commitment and producti
Explain what cost-effective protections are available : Produce a report to provide contemplate descriptions of the above Web-based Conference Management System - what security properties might we expect the system
What total amount should be charged against income : What total amount should be charged against income in 2015, assuming that the asset had a total useful life of 10 years from date of acquisition
Identify the use of power and exercise : Give an example of a work situation where you can identify the use of power and its exercise, in the example you gave, who is the protagonists
Describes implementation of a theoretical model in facility : If you have not, find an article that describes the implementation of a theoretical model in a facility and summarize the article for the class.
How might the term be confused or misinterpreted : How might the terms used differ from the general use of the term? How might the term be confused or misinterpreted? Format your theory in the form psychosocial

Reviews

Write a Review

Other Subject Questions & Answers

  What interventions can be used to improve the problem

What interventions can be used to improve the problem? What resources are available? What are the associated costs? Is this idea sustainable?

  Depression and option of treatment

Mary informs you that there is a history in her family of cardiac arrhythmias, and that her heart "flutters" once in a while when she feels anxious. Given only this information, the best course of action is:

  Most efficient and productive economic model

Is economic liberalism (aka free market capitalism) the most efficient and productive economic model we have?

  Explain how the issue will affect correctional populations

Explain how the issue will affect correctional populations. Identify how other policing agencies, courts, and society are affected by the current status of this issue.

  Define eriksons concepts of mal-development and malignancy

Define Erikson's concepts of mal-development and malignancy.  Why are these bad for your personality?  How can these conditions be corrected (be specific)

  Describe the key concepts under investigation

Describe the key concepts under investigation. Discuss ways in which scientific merit could have been improved in the article.

  Describe the systems-based context for recommendations

Describe the systems-based context for your recommendations, integrating the cost-benefit analysis within the organization as a whole.

  How leaders of your chosen company handled various issues

For the project of this course, you will select any one of the following companies and analyze how leaders of your chosen company handled various international.

  What types of elder abuse did you notice in the scenario

Mr. CO is a 75, year old male. He was admitted to your unit with Pulmonary Fibrosis. As you are walking towards his room to administer medications you hear his.

  Rsults of the project what would they learn about you

description of the project. where would they look? what kind of evidence would exist? what would be missing?results

  How many benefit periods were used during calendar year

How many benefit periods were used during this calendar year? Were any lifetime reserve days used during this period of time? If so, how many?

  Structure of sports and their impact on men

View the Tough Guise Video presented in the weekly lesson and read the Messner article on the structure of sports and their impact on men.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd