Mobile Application Threat Modeling

Discussions List Tool Navigation Discussions List selected Subscriptions Filter by: Filter Unread Hide All Topics Class Success Resources Topic Threads Posts Last Post Course Orientation Simplified instructions for Projects 1-4 are provided for your convenience in this forum. For Project 5, use the Projects Tab at the top and navigate to Project 5. We have provided a Reading and Resource List for all projects in this forum also for your convenience. You can download the PDF files for the course and refer to it for future courses while you are a student in this program. 0 0 Project 3 and 5 – Excel Template Use this Excel template for Project 3 and Project 5 as part of your Workspace exercises: Project 3 Excel Template for CST620 0 0 Project 1 Simplified Instructions This set of simplified project instructions is available as a PDF document for your convenience: Project 1 – Enterprise Key Management Project 1: Enterprise Key Management Project 1 Start Here Transcript As a security architect and cryptography specialist for Superior Healthcare you’re familiar with the information systems throughout the company and the ranges of sensitivity in the information that is used, stored, and transmitted. You’re also expected to understand healthcare regulations and guidelines because you’re responsible for advising the Chief Information Security Officer, or CSO, on a range of patient services, including the confidentiality and integrity of billing, payments, and insurance claims processing, as well as the security of patient information covered under the Health Insurance Portability and Accountability Act, or HIPAA. You also have a team of Security Engineers, SEs, that help implement new cryptographic plans and policies and collaborate with the IT deployment and operations department during migrations to new technology initiatives. This week, this CSO calls you into his office to let you know about the company’s latest initiative. “We’re implementing eFi, web-based electronic health care, and that means we need to modernize our enterprise key management system during the migration.”, he says. The CSO asks for an enterprise key management plan that identifies the top components, possible solutions, comparisons of each solution, risks and benefits, and proposed risk mitigations. The plan will help create an enterprise key management system. The SEs would be responsible for the implementation, operation, and maintenance of the plan and system. The CSO also wants you to come up with an enterprise key management policy that provides processes, procedures, rules of behavior, and training. The new web -based system needs to be running in a month. So you’ll have a week to put together your enterprise key management plan and the accompanying policy. Transcript End In the previous course, you learned how security professionals employ cryptography, a system of algorithms that hide data. You learned systems can be unlocked with a key provided to those who have a need to know that data. An important part of cryptography is how to manage these keys to the kingdom. This involves learning and understanding enterprise key management systems and concepts. Cryptography is the application of algorithms to ensure the confidentiality, integrity, and availability of data, while it is at rest, in motion, or in use. Cryptography systems can include local encryptions at the file or disk level or databases. Cryptography systems can also extend to an enterprise-wide public key infrastructure for whole agencies or corporations. The following are the deliverables for this project: Deliverables: Enterprise Key Management Plan: An eight to 10 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. Enterprise Key Management Policy: A two to three page double-spaced Word document. Lab Report: A Word document sharing your lab experience along with screenshots. There are seven steps to complete the project. Most steps of this project should take no more than two hours to complete. The entire project should take no more than one week to complete. Begin with the workplace scenario, then continue to Step 1, “Identify Components of Key Management.” When you submit your project, your work will be evaluated using the competencies at the end. Project 1 Step 1: Identify Components of Key Management Key management will be an important aspect of the new electronic protected health information (e-PHI). Key management is often considered the most difficult part of designing a cryptosystem. Choose a fictitious or an actual organization. The idea is to provide an overview of the current state of enterprise key management for Superior Health Care. Review these authentication resources to learn about authentication and the characteristics of key management.

#Mobile #Application #Threat #Modeling

Share This Post


Order a Similar Paper and get 15% Discount on your First Order

Related Questions