Assignment 1: Network Security

Great Essays
to an extent through the encryption of data and proper access control management. Still even with these security measures in place, dubious attackers can breach the security measures and gain access to the data in the following ways [4].
• Cross-site scripting
• Cross-site request forgery
• Cookie manipulation
• OS and SQL injection
• Insecure storage
• Hidden field manipulation
Due to the vulnerabilities listed above, achieving data security in cloud remains a mammoth task.
1) Network Security: When using SaaS, the client transfer sensitive information to the application over the network. Hence, it is essential to secure the connection and provide proper network security. Currently, a majority of the SaaS vendor using Secure Socket Layer
…show more content…
As SaaS applications are available in a distributed environment, data integrity becomes an important issue. In distributed systems, the data integrity is achieved through a central transaction manager. But SaaS applications tend to be multi-tenant and run as services. These services often expose their functionality through an interface and serve data in the form of XML. Hence, the lack of clear transaction management and data integrity checks on these services can create serious vulnerabilities and provide unauthorized access to private data resulting in huge financial losses. Therefore, it is of utmost importance to ensure data integrity is not violated through the use of SaaS …show more content…
This can also be a source of security risk.
In addition to the above mentioned security flaws, PaaS inherits all the security risks present in SaaS model such as data security, network security etc.
B. Security challenges in Infrastructure as a Service
In IaaS, the vendor provides the customer with all the infrastructure necessary such as servers, storage, network and other computing resources primarily in the form of virtualized resources. Thus, provider is responsible for security only till the hypervisor and any other security issues above in the OS or application level should be handled by the customer. Thus, in IaaS the customers have greater control over the security policies implemented compared to other service models. However, this does not mean IaaS is not susceptible to security flaws. Some of sources of security flaws which are a cause for concern in IaaS are discussed

Related Documents

  • Improved Essays

    Nt1330 Unit 2

    • 369 Words
    • 2 Pages

    Media information systems should be controlled and physically protected to prevent damage to assets and interruption to business activities. Appropriate procedure should be established to protect documents, computer media, the data input / output and documented system from damage, theft and unauthorized access. 7. Attention should be given to protect the integrity of electronically published information to prevent modifications that may harm the company's reputation. The information provided to the public, such as information on the web that can be accessed via the internet must be in accordance with the laws, rules, and regulations in the jurisdiction 8.…

    • 369 Words
    • 2 Pages
    Improved Essays
  • Decent Essays

    Nt1330 Unit 1 Study Guide

    • 573 Words
    • 3 Pages

    1. Software as a Service (SaaS) – Model of software deployment where an application is hosted as a service provided across the internet. 2. Outsourcing is the transfer of information systems development, operation, or maintenance to an outside firm that provides these services for a fee on a temporary or long-term basis. 3.…

    • 573 Words
    • 3 Pages
    Decent Essays
  • Decent Essays

    Confidentiality: Only the authorized people can access the data, no other persons cannot access the data or accounts. Integrity: only the authorized person can change the data, no other people cannot access it. Availability: The data should be available to the authorized users 24/7.…

    • 342 Words
    • 2 Pages
    Decent Essays
  • Improved Essays

    1. The message I would have received as a hospital administrator from this video would have been: The importance of keeping my organization's information secure from anyone else not permitted to have my knowledge, and more specifically the knowledge of my patient's care as well as their demographic information. It is my responsibility as a hospital administrator to keep my data secure, and whether that means hiring a IT security company or maintaining a high security software is my responsibility in order to stay within HIPPA guidelines. 2.…

    • 477 Words
    • 2 Pages
    Improved Essays
  • Improved Essays

    Ba501 Week 1 Assignment

    • 740 Words
    • 3 Pages

    II Abstract Security is a need that is increasing at a rapid rate especially with a large organization and constant changes seem to be the norm.…

    • 740 Words
    • 3 Pages
    Improved Essays
  • Decent Essays

    1.02.01 Warning Banner

    • 567 Words
    • 3 Pages

    It is up to the end-user to make necessary countermeasures to keep the data protected and secure. Explanation • Tricky • We can’t control the application’s data Subsection 13.2.01.04 Protected Information in Information Systems and Applications Current Statement Permission rights to information systems and applications that transmit, receive and/or store Protected Information will be limited to and based on the user's job function. {ADD HERE}…

    • 567 Words
    • 3 Pages
    Decent Essays
  • Improved Essays

    HIPAA Compliance

    • 1020 Words
    • 5 Pages

    The applications associated approved clients with each other and backing the sharing of pictures, records and recordings. Shields exist to keep PHI from being transmitted past the social insurance association's system, duplicated and stuck or spared to an outer hard drive. All action is observed by a cloud-based "Programming as-a-Service" stage that produces movement reports and reviews for the reasons for consistency oversight and danger…

    • 1020 Words
    • 5 Pages
    Improved Essays
  • Improved Essays

    Project Part 1 Task 1: Outline Security Policy First World Bank Savings and Loan; a financial institution that offers banking services (loans and deposits). The bank would like to provide online banking services to the customers, which includes online credit card use for loan applications. Recommendations are based on such factors as: ownership total cost, scalability, and reliability. Decisions and recommendations made need to be appropriate from the CIA triad perspective.…

    • 1249 Words
    • 5 Pages
    Improved Essays
  • Improved Essays

    4. CORRESPONDING DUTIES: As a user of the company network you have the following obligations: 1) To answer for your personal account granted to you by CRI company. 2) To keep confidentiality of company’s information, maintaining its integrity and keeping information from being accessed by non-authorized users.…

    • 1019 Words
    • 5 Pages
    Improved Essays
  • Decent Essays

    In the proposed algorithm, data recovered is same as saved on the server and Integrity and confidentiality is maintained. It is important to maintain confidentiality, integrity and recovery of complete data. 4.4 CONCLUSION The recreation of the proposed work exhibits that the it is most suitable for those Cloud organization suppliers who are responsible for storing the client's information and where crucial focus is to give secured data stockpiling organizations. They provide confidentiality, easy recovery of the data as all computer operators are not literate regarding the internal process going on to maintain the security.…

    • 599 Words
    • 3 Pages
    Decent Essays
  • Improved Essays

    IT security threats and cryptography 7/A. P1: Explain the different security threats that can affect the IT systems of originations. 7/A.M1: Assess the impact that IT security threats can have on organization's IT systems and business whilst taking account of the principles of information security and legal requirements In today's society data is a very valuable thing companies have to take in to account how to protect that data from the threats, Threats is a way in which the data is vulnerable and therefore rules and regulations have been put in place to stop these potential threats for example all will have adhere to the principles of information security this is a way in which data is protected, I have been working for a start-up company…

    • 1332 Words
    • 6 Pages
    Improved Essays
  • Superior Essays

    Zillow Case Study Essay

    • 1460 Words
    • 6 Pages

    Introduction In this case study, the business of Zillow.com in providing real estate information to all users to its website is explored, and the use of business intelligence by Zillow.com in its offering to customer, and the way it uses a data mart to market its new product, are discussed. In addition, this case study includes a discussion of various characteristics of information quality as seen from Zillow’s perspective, and how Zillow is using a data-driven website. Analysis Background of Zillow.com Zillow.com is an online web-based real estate site helping homeonwers, buyers to find and share information about real estate and mortgages. It allows users to access information anonoyoumously and free of charge, using the kinds of tools…

    • 1460 Words
    • 6 Pages
    Superior Essays
  • Superior Essays

    Command Prompt

    • 1077 Words
    • 5 Pages

    Introduction Organizations handle vast amounts of data. A large organization may have to deal with terabytes or petabytes worth of data. For a company to be successful, there must be a meaningful way in which the data that is used as a part of company operations is managed. This includes an effective file management system, in which the files are appropriately secured, and the information is backed up in order to meet company requirements. The files generated as a part of company operations are company property, and as such the information must be managed effectively.…

    • 1077 Words
    • 5 Pages
    Superior Essays
  • Improved Essays

    Security Life Cycle

    • 1189 Words
    • 5 Pages

    Web Server and Security Development Life Cycle Most organizations use web applications through the use of the internet as part of their business process and functions to fulfill their objectives, business requirements and needs of their company. When implementing these applications, they have to make sure that security is a part of each step that they follow in the development lifecycle. If security is not implemented, then such software or applications, such as web server or web application, can be detrimental to the organization and cost in money, time, production, and many other areas of the business. There is so much information that is used and passed along within an organization that it is imperative that the correct information is used…

    • 1189 Words
    • 5 Pages
    Improved Essays
  • Superior Essays

    Hierarchal Database “In the network model, the data are represented by collections of records and relationships between data are represented by links. This structure holds for the hierarchical model as well. The only difference is that, in the hierarchical model, records are organized as collections of trees, rather than as arbitrary graphs. ”(http://codex.cs.yale.edu/avi/db-book/db6/appendices-dir/e.pdf, 17-10-2014) This database model use rules as each child has one parent and each parent can have many children nodes.…

    • 938 Words
    • 4 Pages
    Superior Essays