Description
PLEASE WRITE A DOCUMENT WITH 15 PAGES AND 10 REFERENCES
please do good online research and do the document
topic-Software security system
Justify How ,
What
when
Who
please justify topic
Your document must content
project outline
Abstract
Summary
Table of content
introduction
topic explaination
EXAMPLES
Figures
real life usage
when we can use
how can we use
conclusion
I have attached a file that how to write a document please see below
Note- 15PAGES ,10 REFERENCES MANDATORY,
No plagiarism
APA format
please be on time
please use below references and internet resources to finish the document perfectly
- The Free Dictionary, http://www.thefreedictionary.com/data, Farlex.
- Fundamentals of database systems Elmasri, Ramez; Navathe, Sham. Fundamentals of database systems, Reading MA, Harlow: Addison Wesley Longman.
- D. Owens, Integrating Software Security into The Software Development Lifecycle, IMPACT, http://www.impact-alliance.org/download/pdf/resour... cop/isc/integrating.software.security.into.the.pdf, San Diego, California, USA.
- R. Etges, K. McNeil, Understanding Data Classification Based on Business and Security Requirements, Journal Online, pp.1--8.
- Federal Information Security Management Act (FISMA) Implementation Project, National Institute of Standards and Technology (NIST), http://www.nist.gov/itl/csd/soi/fisma.cfm.
- J. Heiser, Data Classification Best Practices: Techniques, Methods and Projects, SearchSecurity.com.
- O. H. Alhazmi, S. Woo, Y. K. Malaiya, Security Vulnerability CategoriesIn Major Software Systems, Colorado State University, Fort Collins, Colorado.
- WEBOPEDIA, Software, IT Business Edge, Foster City, California, United States, www.webopedia.com/TERM/S/software.html.
- WEBOPEDIA, Software, IT Business Edge, Foster City, California, United States, http://www.webopedia.com/TERM/D/data.html.
- Verizon. (2013). 2013 data breach investigations report. Basking Ridge, NJ: Author.
- Career Bless, Conceptual Database Design - Entity Relationship(ER) Modeling, http://www.careerbless.com/db/rdbms/c1/design.php, 2013.
- Woody, Enterprise Security: A Data-Centric Approach to Securing the Enterprise, Packt Publishing, 2013.
- Aberdeen Group, Three Steps to Successful Data Classification, Harte-Hanks Company, 2013.
- Pcicompliance.org, What are the PCI DSS Requirements, http://www.pcicompliance.org/pci-compliance-faqs/what-are-the-pci-dssrequirements. shtml, 2013.
- A combined approach to ensure data security in cloud computing
Sood, Sandeep K.. Journal of Network and Computer Applications35.6 (Nov 2012): 1831-8.
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
Please see attachment, plagiarism was already checked. Kindly let me know if you have some questions and let me edit if something you did not like, :).
Running Head: SOFTWARE SECURITY SYSTEM
Software Security System
Student's name
Professor's name
Course
Date
1
SOFTWARE SECURITY SYSTEM
2
ABSTRACT
It's very simple, download the applications and start using them. The first gigs and 'apps'
are usually free. But there are many who think that these services of cloud storage and cloud
computing will eventually force us to acquire the systems. At best, we will have to settle for
"minor versions" of the full payment software. At this point, cloud computing is a success: it
allows users to save files, share them conveniently or even automatically and use applications
hosted on a server. Technology, again, opens a world of possibilities , although, of course, it is
the companies that are promoting the use of these services. But, undoubtedly the data stored in
the cloud are vulnerable , we must be careful. Wikleaks stated that site operators obtained up to
250,000 confidential documents via web storage. We should know that the data we upload to the
cloud will be only as secure as the providers' servers and backup procedures. Cloud computing
incorporates software as a service (Software as a Service, SaaS). It consists of being able to use
an application from a client computer on a server. As a great advantage, the updates are
automatic and keep the job. However, this makes us very dependent on the service provider . The
worst thing is that, by not having access to the source code or the executable file, it is impossible
for us as users to know what our programs actually do with our data. Storage on the Web allows
us to back up the information, which is a very practical protection against viruses and malware.
SOFTWARE SECURITY SYSTEM
3
SUMMARY
One of the emerging trends observed at the moment and that will mark the field of
information and communication technologies in the coming years is what has come to be called
Cloud Computing or cloud computing. Cloud computing can be considered a new model that is
in the process of evolution; From the large, expensive mainframes that were used centrally in the
1960s to personalization and decentralization in the 1980s, thanks to the massification of
personal computers and their penetration into the general public. Then, in the 1990s, the clientserver model was implemented, which shares similarities with both models. At the beginning of
the 21st century, the Internet becomes a key element, although the client-server model is still in
force. It is considered that cloud computing dates back to 2005, thanks to new technologies and
infrastructures, intelligence and services are beginning to be in the Internet cloud. This paper will
analyze the concept of cloud computing, and its consequences in the implantation in the
companies; As well as the implications that this new model will have or has for IT
professionals. In addition, we will talk about the controversies generated by this paradigm, its
implications for data security, the privacy of information and loss of control that its detractors
claim. Cloud computing can be seen as a new paradigm that allows users to use an infrastructure
over the network, such as a service provided by a provider. These resources (hardware and
software) are scalable, growing in relation to demand and can be used anywhere. Note that - as in
any commercial software - the controls that are implemented are not necessarily responsible for
mitigating all the risks that they identify and that do not necessarily identify all the risks that
concern the users. Consequently, customers also need to ensure themselves that cloud
applications are adequately secured for their specific purposes, including their compliance
obligations. The services offered can be of very different type, cloud computing allows to "rent"
SOFTWARE SECURITY SYSTEM
4
hardware infrastructure in the network (IaaS, Infrastructure as a Service), use collaborative
platforms and development tools available in the cloud (PaaS, Platform as a Service ) Or directly
consume software applications offered by the service provider or belonging to the company itself
that will improve its internal organization or offer advanced online services to its customers
(SaaS, Software as a Service). What's really innovative about cloud computing is the change of
mindset that is taking place for technology to be used by consumers, worrying only about what it
can do with it, not how to implement it. In the same way, that power companies sell energy and
voice telephony operators, technology services (whether storage, processing capacity or software
applications) begins to be supplied under a service contract. However, like any technology that is
in its infancy, cloud computing is not without controversy; The lack of service level agreements
(SLAs), the responsibility for data storage and its control in the hands of external suppliers, new
security challenges arising from regulatory compliance in certain productive sectors.
SOFTWARE SECURITY SYSTEM
5
Table of Contents
I. INTRODUCTION ..................................................................................................................................... 6
II. DESCRIPTION ........................................................................................................................................ 7
III. IMPLICATIONS .................................................................................................................................... 8
IV. SECURITY CONTROLS IN THE CLOUD .......................................................................................... 9
Disinfactive controls ................................................................................................................................. 9
Preventive controls.................................................................................................................................... 9
Detection Controls .................................................................................................................................... 9
Corrective Controls ................................................................................................................................. 10
Security of computation in the cloud ...................................................................................................... 10
Security of Information ........................................................................................................................... 10
V. INFRASTRUCTURE SECURITY ........................................................................................................ 11
VI. EXAMPLES OF CLOUD COMPUTING...