Security System Design: Building Defensible Systems There are a number of fundamental security system design principals that may be incorporated into applications and systems to make them secure. The principals as described by Emerging Technology (2013) include minimizing the attack surface, least privilege, …

SMS in GSM Explained: Origination to Cell Broadcast As part of the Global System for Mobile Communications (GSM) the short message service (SMS) exists and provides a means to transfer short text messages between user equipment (UE) and a short message service center (SMSC) as described by Korhonen (2001). Messages …

How Network Defenders Classify Suspicious Traffic Computer networking traffic can be classified into three categories of normal, suspicious and malicious network as described by Bejtlich (2004). Each category effects the security posture. Network security analysis as described by Bejtlich (2013) is the process of …

Risk Analysis: The Core of Security Risk Assessment While performing information security management many things need to be in place before information security management can start as Raggad (2010) points out. The organization has to be in agreement with an accepted business mission, strategic plan and a standardized …

Active vs Passive Security Threats Explained A threat as described by Workman, Phelps & Gathegi (2013) in relation to information security, view a threat to the potential of a security breach in relation to a vulnerability. Vulnerabilities as described by Workman, Phelps & Gathegi (2013), is an artifact of a system in …

IT Requirements for an E-Commerce Affiliate Marketing Business Katalogs Plus is a new business planning to launch in the next year. The company mission is to build e-commerce mobile applications and websites that sell merchants products and services. Affiliate marketing product and service data feeds will be used to …

Six-Phase Information Assurance Risk Assessment Process The organization DigitalGlobe has been chosen for an abbreviated assessment. The paper will discuss the considerations for decreasing risk and mitigating assessed vulnerabilities. Information covered will be a summary of the assessed challenges in the information …

Information Assurance Capability Maturity Model Explained The organization DigitalGlobe is the organization that has been chosen for an abbreviated assessment. The paper will discuss the considerations for decreasing risk and mitigating assessed vulnerabilities. Information covered will be a summary of the assessed …

Building an Information Assurance Plan with ISO 27002 This proposal has been assembled to address the void of a Information Assurance (IA) program at the Heavy Metal Engineering (HME) Corporation. The proposal will layout an IA plan for HME that includes an overview of IA requirements and discusses the fundamentals of …

IoT Security Threats: Authentication and Denial of Service Recent Gartner research predicts that there will be more than 2.9 billion connected IoT devices in consumer smart home environments in 2015. These connected devices could provide a much larger surface for attackers to target home networks (Barcena & Wueest, …