1) Research and Reflection
Information technology is an integral part of a private firm in the functioning to fulfill its
operations. The inability to protect the information will affect the organization. From this
subject learned the ways of threats, attacks, breaches and how to protect the organizations
form attacks and design the policies accordingly.
The first step to protect the information, discretionary access control (DAC) was
implemented in the organization. As DAC is prescribed as the correct for commercial
organizations. By implementing the DAC the users were restricted with the privileges and
access to the information. Learned about the biometric Access control and types of biometric
controls to save information and maintain data integrity. Biometric authentication is one of the
fastest and safest ways of authentication. There are different types of biometric authentications
namely Fingerprint Recognition, Face Recognition, Iris Recognition, Voice Recognition,
The research is about Explaining the Error Rate Using Data Augmentation In
Continuous Authentication On Smartphones By Using Retinal Scanning which aided me in
understanding the better way of authentication either the iris scanning or the retinal. Retinal
scanning accuracy is not as precise as the iris scanning. The retinal part of humans changes as
age grows. So, Iris scanning is more reliable than the retinal scanning. The identity theft is
possible, it is also complex in the undertaking. The fake retinas are possibly printed onto the
lens before being used in fooling the retina scanners. The retina scanners are more secure,
more reliable and fast. Retina scanning is 10 times more accurate than the fingerprints
scanning (Chui, et al., 2016). The fact, behind this, is that it is protected and not subjected to
wear and tear like the fingers. They also do not need any physical contact thus making
authentication more seamless compared to swiping fingers.
The expectation of the biometric authentication is to be to offer protection yet this isn't
generally the situation. Despite the fact that the retina examining does not require physical
contact with a cell phone, one must take some extraordinary activities (Li, Hu, and Zhou, 2019).
In this research paper, explained how retinal scanning has been used in recent
technologies (Lee, 2018). However, it might not be 100% accurate but hackers have ways of
creating fake. Retina imaging is important, especially in the ophthalmology aspect. Use of
smartphones has raised in all the organizations. They have been applied to send the tokens
for the login into the organization emails and safes. Retinal imaging with a high quality
provide valuable screening methods with retinal cameras smartphones, shows that there
will be an increase in retinal imaging access (Jang, et al., 2017).
Consumers and biometric technologies go hand in hand. Fingerprints in
smartphones have been there for quite some time now. However, they are not as reliable as
such. Fingerprints have high chances of being copied and forged. As a result, the retina print
ID offers a secure method. In fact, theoretically, this can be said to be the perfect substitute
for security (Kamelia, et a; 2018). The research helped me to understand in the biometric
design and the performance of different types of authentications.
Chui, T. Y., Mo, S., Krawitz, B., Menon, N. R., Choudhury, N., Gan, A., ... & Rosen, R. B. (2016).
Human retinal microvascular imaging using adaptive optics scanning light
ophthalmoscopy. International journal of the retina and vitreous, 2(1), 11.
Li, Y., Hu, H., & Zhou, G. (2019). Using data augmentation in continuous authentication on
smartphones. IEEE Internet of Things Journal, 6(1), 628-640.
Jang, C., Bang, K., Moon, S., Kim, J., Lee, S., & Lee, B. (2017). Retinal 3D: augmented reality neareye display via pupil-tracked light field projection on the retina. ACM Transactions on
Graphics (TOG), 36(6), 190.
Lee, S. H. (2018). U.S. Patent Application No. 15/560,041.
Kamelia, L., Hamidi, E. A. D., Darmalaksana, W., & Nugraha, A. (2018, July). Real-Time Online
Attendance System Based on Fingerprint and GPS in the Smartphone. In 2018 4th
International Conference on Wireless and Telematics (ICWT)(pp. 1-4). IEEE.
R. S. Sandhu, "On Five Definitions of Data Integrity" in Database Security VII: Status and
Prospects, North-Holland, 1994.
Discussion Topic and Reflection
Cloud organizations and writing computer programs are a fundamental bit of
current advancement. Everything that we do online is connected with cloud. Most
associations don't structure their development to the cloud, yet in the meantime, they have
different customers of cloud benefits in their affiliation (Williamson, 2017). Everything that
we do online is connected with cloud. Relatively few associations use their neighborhood
servers in their association regions. Since cloud organizations are by and large on the web,
affiliations and associations need fiery and satisfactory security to guarantee their
customers and specialists can keep up the mystery and decency of the association data
(Mcllwraith, 2016). Directly, cloud organizations contain various sorts of programming
anticipated different stages. Marking in freely for every organization is dreary, dull and can
drive customers to use nonexclusive and easy to figure passwords.
For a significant long time, we have been talking about the need to replace
passwords with progressively secure and strong methods, yet then mystery word remains
the fundamental technique for guaranteeing accounts (Dickson, 2018). Bringing together
identity and access the administrators help to organize all cloud benefits paying little regard
to arrange (Teare and Paquet, 2005). Identity and access the board or IAM uses a lone signon framework to sign in to various related, yet self-governing programming organizations.
With this property, a customer can securely login with a singular ID and mystery expression
to get to any of a couple of related structures (Osmanoglu, 2013). Of course, IAM can in like
manner use a lone close down method where a lone movement of groaning out closures
access to different programming structures.
Identity and access the administrators is a technique of affirming character through approval
and giving endorsement available data and control access throughgauges and courses of action. Identity and
access the administrators is a basic thought for information security specialists. It incorporates making
speaks to customers over most of the structures they partner with and arranging those records (Chapple,
Ballad, Ballad, and Banks, 2014).
Identity the board ensures that simply affirmed customer approaches the
information and once the endeavor is done that approval is denied and character is deleted
from the system. According to Research and Markets (2019), the appointment of cloud
organizations has somewhat incredibly had the most gigantic impact so far on broad
associations instead of the little and medium-sized associations it was depended upon to
dismantle in to the IAM exhibit. Using cloud-based game plans, huge associations can even
more speedily handle a cross breed exhibit that better sponsorships both on-premises and
If an agent/customer of an affiliation needs to sign in freely for different
organizations/development stages offered by that affiliation, it will be dull and frustrating
for the customers. Also, separate login for free development stages will require IT
Administrators to manage such an expansive number of records and an over the top number
of endorsement levels for every organization. In case an IAM structure, customer check
joins all of the organizations, endorsement and accounting can be managed from one
passage (Teare and Paquet. 2005). Since IAM structures are accountable for customer
approval and endorsement; they have Single sign-on (SSO) and multifaceted check (MFA)
framework worked in (Roussos, Peterson, and Patel, 2003)
Aatif Sulleyman (2017). Google reveals how software engineers break into
people's Gmail accounts. Recouped
from https://www.independent.co.uk/lifestyle/contraptions and-tech/news/google-gmailaccount-hacked-mystery state security-phishing-keyloggers-hack-checkup-a8048416.html
Aitoro, J. R. (2008). Character Management. Government Executive, 40(7), 30.
Number, Bill, Ballad, Tricia, Banks, Erin. "Access control, approval, and open key
establishment (Second form)". Disseminated on July 2014.
Chapple, M., Ballad, B., Ballad, T., and Banks, E. K. (2014). Access control,
affirmation, and open key structure (Second discharge/ed.). Sudbury, MA: Jones and
Purchase answer to see full