- The first criteria
- The second criteria
- The third criteria
- The part that it did not encompass the available principle.
- Why do you agree or disagree?
The first criteria
1.a. The principle of easiest penetration (Leszek, n.d, p.5) is in line with the specified criteria. This is backed by the fact that the amount of task which has to be done is influenced with the amount of secrecy that is desired.
2.a. I disagree that the specified criteria are not ln line with the specified principle, the principle of easiest penetration (Leszek, n.d, p.5). This notion is based on the strength that belongs to the weakest link, and that has to be placed within the system. Accordingly, the principle of weakest link (Leszek, n.d, p.27) is, indeed, the suggected notion.
3.a. The specified criteria belongs to the principle of easiest penetration (Leszek, n.d, p.5). As far as I am concerned, the implementation should be easy and it should be in line with the mentioned principle. As to my agreement, while maintaining the simplicity in interpretation, ensuring that the security system agrees with the principle of easiest penetration (Leszek, n.d, p.5) should be a priority.
4.a. I disagree, as the stated criteria do not relate to the specified principle. Principle of effectiveness (Leszek, n.d, p.26) is the one that is in line with this criterion. Especially, if one considers that the principle of easiest penetration (Leszek, n.d, p.5) argues that any point of weakness as well as secured section can be used to penetrate a system (Calabrese 2004).
The second criteria
1.a. I side with the degree of secrecy that determines the amount of labor to achieve the degree of secrecy. This is in relation with the principle of adequate protection (Leszek, n.d, p.16) as it provides evidence that adequate protection should be given to the intended information system. To ensure this is achieved, it will be influenced with the degree of secrecy that is desired hence determining the amount of labor that is required for a specific task (Leszek n.d).
2.a. I side with this combination, this is from the fact that while ensuring that the set of keys and enciphering algorithm are free from protection the principle of adequate protection (Leszek, n.d, p.16) has to be observed so as not to interfere with the level of security that is desired for the items.
3.a. I concur with this combination because from the principle of adequate protection (Leszek, n.d, p.16), effective protection has to be provided to items in the information system. This concept is supported by the specified criteria of ensuring that the implementation of the security should be as simple as possible. However, this should ensure that adequate protection is provided to all the items present in the system (Leszek n.d).
4.a. I respectfully disagree with this combination. This is because I dont think that there is any relation between the criteria of ensuring error are limited with the principle of adequate protection (Leszek, n.d, p.16). The principle recommendable for this is the principle of adequate protection (Leszek, n.d, p.16).
The third criteria
1.a. I agree that the needed degree of secrecy is directly correlated with the amount of labor that needs to be provided to achieve the specified degree of security which is similar to the principle of effectiveness (Leszek, n.d, p.26). Putting the correct labor for a specific task ensures that the effectiveness of the security system is enhanced (Calabrese 2004).
2.a..I concur with the combination of the criteria of algorithm simplicity with the principle of effectiveness. This is from the fact that reducing the complexity of the algorithm makes it possible to develop a security system which is effective (Calabrese 2004).
3.a. I agree, there is a relation between the criteria and the specified principle. this is because, ensuring that the algorithms are free from complexity, the achievement of effective system is achieved.
4.a. I agree that the principle of effectiveness (Leszek, n.d, p.26) is in relation with the specified criteria. this is based on the fact that implementation is made simple thus making the effectiveness of the system to be easily guaranteed (Calabrese 2004).
The part that it did not encompass the available principle.
Why do you agree or disagree?
5b-i) The basis of the principle of easiest penetration (Leszek, n.d, p.5) is that an intruder will use any means which is available for penetration. Thus, they will consider using the less protected points as well as some of the strengthened points of the system. Moreover, it is in line with the criteria for size, which is focused on the amount of data to be dealt with in the system. From this point of view, the two are connected because the principle influences the criteria (Shostack 2014).
5b-ii) I do not agree as the principle of adequate protection (Leszek, n.d, p.16) states that data needs to be protected depending on its value. Subsequently, if the quantity does not influence the quality of the data it serves as an evidence of missing connection between the two approaches (Whitman& Mattord 2011). Therefore, as in accordance to the mentioned principle, the security level depends on the value of the items (Dhillon 2007), regardless of the amount of information in a storage device.
5b-iii) The principle of effectiveness (Leszek, n.d, p.26) concentrates on controls used to secure the system. Basing on this principle such means should be simple and effective (Dhillon 2007). Their simplicity is aimed at ensuring that the process of usage will not result in confusion for the user. Hence, it is logical that the more information is stored the more complex should be its protection, which proves tthe connection between the principle and the criteria (Dhillon 2007).
5b-iv) Principle of weakest link (Leszek, n.d, p.27) is the most interesting notion mentioned. According to it, the security of the system is as strong as its weakest link. Hence, one should focus on ensuring that the the weakest is as much protected as possible. The reason as to why I think this principle answers to the criteria in question is that the more the information held on a system the more complex the controls should be thus influencing the weakest parts of the system (Nestler 2015).
If You interested in other types of paper, it is not a problem for our professional writers! Just pick the features of your assignment on assignment calc below, order it and entrust the rest for our professionals! Plus, You will get 15% SALE on first order!