New England College of Business E Health Frameworks ?Threat Modeling Paper

User Generated

znyq

Computer Science

New England College of Business and Finance

Description

Threat modeling

A new medium-sized health care facility just opened, and you are hired as the CIO, the CEO is somewhat technical and has tasked you with creating a threat model. The CEO needs to decide from 3 selected models but needs your recommendation as well to make sound decisions. The concern is user authentication and credentials with third-party applications which is common in the health care industry.

You will research several threat models as it applies to the health care industry, summarize three models and choose one as a recommendation to the CEO in a summary with a model using UML Diagrams (Do not copy and paste images from the Internet). In your document be sure to discuss the security risks and assign a label of low, medium or high risks and the CEO will make the determination to accept the risks or mitigate them).

The CEO has provided the attached article as a reference.

Task:

  • Explain why the other threat models are not ideal (compare and contrast)
  • Provide one recommendation with summary and UML diagram
  • Must be in full APA
  • 3-page minimum not including the title page, abstract and references.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

heyplease check out what I have done and tell me if you like itThank you for believing in meHope to always work with youI have also uploaded a picture of Study pool plagiarism checker.

E-Health frameworks (EHS) this was created to cater for the large files that kept coming and
since the there were no physical offices, they needed somewhere to store the records and thus
came up with the framework to aid them.

It has really come to the aid of the social insurance sector because now storage of records has
become very easy and also the fact that these records are easily accessible without having to tire
looking for them makes it even more advantageous. It has also become a very convenient way in
which patients are able to communicate with the necessary specialists.

Threat model:

This model refers to ways in which records are stored ad organized in a particular way and kept
away from any dangers that may arise by ensuring that something of importance is not tampered
with, for example, the secret information or the innovations that are yet to be released.

Example:


Dread



STRIDE



TRIKE

UML:

This refers to a modeling language that is mainly made up of diagrams and was created to help
any developer that was dealing with any kind of program to be able to specify, visualize,
construct and document anything that they learn or they come up with as they were using a
particular software.

DREAD THREAT MODELLING

DREAD is a computer structure that is looking for any security risks that may occur to stored
information and is famous because of how its commonly used by big companies such as
Microsoft.
It’s simply the bodyguard of stored information and is able to track any unnecessary movements
and actions that may be directed to the stored information.

The classifications are:


Damage - how dreadful would an ambush be?



Reproducibility - how basic is it to reproduce the ambush?



Exploit-ability - what measure of work is it to dispatch the ambush?



Exploit-ability - what number of people will be influenced?



Discoverability - how basic is it to discover the hazard?

When it gets to the point where the DREAD is being used, then all the categorize that...


Anonymous
Just what I was looking for! Super helpful.

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Content

Related Tags