Data Protection: Securing Information System Essay

Exclusively available on Available only on IvyPanda® Made by Human No AI

Securing an internet-based information system requires one to understand the kind of risk exposure such system is exposed to. This is because even though several security applications developed for internet security protection, the internet is still too vulnerable to malware attacks. As such managing information security for StoreItRite, Inc would need to consider several options Furnell, 2008).

As the company’s CIO I will develop and implement several security protocols to guarantee confidentiality in different types of client information and communication. This is to avoid sniffing or eavesdropping on client data by Man-In-The-Middle attacks. As such I will help StoreItRite, Inc to install basic security cryptographic protocols to thwart any MITM attack.

Such a protocol is the Interlock Protocol public key cryptography. This system will help StoreItRite, Inc and the client create private keys. The two communicants can only access information using the keys. The security of this system is guaranteed by using the use of key certificates, a system that digitally asks for authorization to send a message.

Coupled with this will be the other systems that do not allow for identification of users but again, cannot facilitate a MITM two-way communication. This is useful for real-time communication but unsafe for email-based communication. A system that pre-checks for user identity by sending user keys will be used for telephone communication. This allows for user identification before any information is passed (Krumm, Abowd, and Seneviratne 2007).

The integrity of client data will be guaranteed by the installation of intermediate systems that do not allow for tampering and editing of data once it has been recorded. One such system is the e-time stamping available for commercial purposes and costs as little as US $ 0.40 for every stamp.

A timestamp is a digital fingerprinting certificate that will help the company to identify if client data integrity has been violated by creating and sending a signal to a time-stamping authority (TSA) once data has been altered. Furthermore, the confidentiality of client data will be guaranteed as the TSA does not access the original data ( Dupuy, and Paradinas, 2001).

The company will need to facilitate daily back op of client information and possible data upgrade. As such there will be a need to create a secure network that guarantees that only authentic data is upgraded. This will include the use of a modified object-based database management system. This system only allows for the upgrade of complicated as well as highly complicated data and only presents summarized data upon request. As such no unauthorized editing is possible.

Furthermore, when information is entered into the existing database, it must be consistent with the entire database otherwise it will be rejected. This means that there has to be meaning-relatedness between the inputted data and the existing database. To avoid losing or eavesdropping on data when upgrading I will help StoreItRite, Inc to install a two-phase locking protocol.

This system creates a similar transaction account for use during the upgrade. This ensures that no damage or loss of original data should something go wrong during the upgrade. Data is only written into the system when the upgrade has been completed and authenticated (Harrington, 2000).

StoreItRite, Inc clients must be able to access their data upon request. As such I will enable its information system to support the oracle row-level security system that guarantees security for each of the data levels. This will be accompanied by inferences control that allocates random figures to different types of data to prevent inferential attacks ( Knox, Gaetjen, Jahangir, Muth, Sack, Wark and Wise, 2010). As such I would have ensured that this company meets its client’s need for secured data storage solutions.

Reference List

Dupuy, M., & Paradinas, P. (2001). Trusted information: the new decade challenge: IFIP TC11 16th InternationalMassachusetts : Kluwer Academic Publisher.

Furnell, S. (2008). Securing information and communications systems: principles. Norwood, MA: Artech House, Inc.

Harrington, J. (2000). Object-oriented database design clearly explained. San Diego, CA: Academic Press.

Knox, D., Gaetjen, S., Jahangir, H., Muth, T., Sack, R., Wark, R. and Wise, B. (2010). Applied oracle security: developing secure database and middleware environments. New York: McGraw-Hill.

Krumm, J., Abowd, G., & Seneviratne, A. (2007). UbiComp 2007: ubiquitous computing: 9th international conference. Berlin: Springer.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, March 25). Data Protection: Securing Information System. https://ivypanda.com/essays/data-protection-securing-information-system/

Work Cited

"Data Protection: Securing Information System." IvyPanda, 25 Mar. 2022, ivypanda.com/essays/data-protection-securing-information-system/.

References

IvyPanda. (2022) 'Data Protection: Securing Information System'. 25 March.

References

IvyPanda. 2022. "Data Protection: Securing Information System." March 25, 2022. https://ivypanda.com/essays/data-protection-securing-information-system/.

1. IvyPanda. "Data Protection: Securing Information System." March 25, 2022. https://ivypanda.com/essays/data-protection-securing-information-system/.


Bibliography


IvyPanda. "Data Protection: Securing Information System." March 25, 2022. https://ivypanda.com/essays/data-protection-securing-information-system/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1