For this assignment, review the attached research article “Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks” and evaluate it in 2 pages or less (700 words), using your own words, by addressing the following:
· What did the authors investigate, and in general how did they do so?
· Identify the hypothesis or question being tested
· Summarize the overall article.
· Identify the conclusions of the authors
o indicate whether or not you think the data support their conclusions/hypothesis
o consider alternative explanations for the results
· Provide any additional comments pertaining to other approaches to testing their hypothesis -logical follow-up studies to build on, confirm or refute the conclusions The article you use must be at least 3 pages long and be a primary or original research article.
o The relevance or importance of the study
o The appropriateness of the experimental design
When you write your evaluation be brief and concise, this is not meant to be an essay but an objective evaluation that one can read very easily and quickly. Also, you should include a complete reference (title, authors, journal, issue, pages) and a photocopy of the article when you turn in your evaluation.
Running Head:
SECURITY MODEL
1
SECURITY MODEL 7
SECURITY MODEL
Institution Affiliation
Student Name
Date
Abstract
The concept of trusted computing has been in existence for a very long time. It has had an influence on security systems and solutions. In this paper, I will explain the history of TCB. Ways to implement trusted base computing. I will also explain some of the barriers and how to bypass them.
Introduction
The trusted computing base contains hardware, firmware and software that are essential in establishing as well as maintaining security. Moreover, it also includes an operating system with all specific system hardware, in-built security control, software and network hardware, (Ranganathan, 2017). When designing a trusted computing base provision such as access control, giving privileges, user authentication support, authorization of particular processes or systems, backing up information and protection against viruses and malware. It is the responsibility of a trusted computing base to maintain the integrity and confidentiality of information. It monitors the input and output operations.
History
In December 1985, the United States Department of Defense put out the trusted computing system evaluating criteria that well-defined TCB. TCB can be understood when it performs as a centralized, trusted entity, (Scott-Nash, et al., 2016). The structures that get the uppermost level security accredited and certification have a centralized system design. The TCSEC accepted the view of peer trusted nodes describing them as members of the NTCB which protects the network system including the firmware, software and hardware. This combination is responsible for enforcing a security policy.
How is the model implemented?
TCB contains four security mechanisms, including authentication and identification, auditing, labelling and security policy. In order to understand how TCB is implemented and work. Let’s take the example of a bank—one of the most trusted icons in society today. When we make deposits, the money is recorded and safeguarded. It will be available when we want it back. We hardly consider the security mechanism in the back since we trust the banking system. All the mechanisms of TCB are in place. Before withdrawing money from the account, one is required to identify and authenticate themselves to the teller with the account number and signature. There is also discretionary access control that is who is authorized to withdraw money from the account. There are very few clerical problems since all the transactions that take place are audited. In development, the environment has to enforce the security model. Other concepts that are used when developing TCB include memory protection and handle, (Noorman, et al., 2019). This falls under the NIST requirement for assurance. When implementing TCB, it is essential to ensure that the application meets the basic requirements of NIST.
Barriers
The first barrier is that the design can be fundamentally flawed since they expose society to new threats of non-consumer behaviour. Manufacturers can secretly implement them incorrectly. Another barrier is third party uncertainty concerning the software environment. Even thou the hardware is implemented in accordance with the specification, it will be used in a way that will harm the computer owner, (Moon, et al., 2019). Although TCB provides security benefits, they may include features that can detriment and abuse the clients who have been requested to adopt the technology. Security design mainly involves specifying a threat model. Determine the kind of threat and the type of attacker the security model prevents against. A security measure that prevents one attack can be ineffective from another kind of attack.
How to bypass barriers and other pertinent information?
Attestation is appropriate for preventing the software on the computer from being changed without the knowledge or consent of the computer owner. These barriers can be bypassed through owner override. Lack of computer owner control of the verification content can be a major issue. Owner override fixes the issue by restoring another inability to determine the software that is running, (Jomaa, et al., 2018). Attestation only informs the parties whether the software on the computer has been altered. Attestation, as well as Owner override, can be used by the parties to determine whether the software in the computers has altered without their consent. One of the main advantages of using Attestation together with Owner override is that a company can enforce or implement policies against its own members or employees as long as they are using computers owned by the company. Owners of computer retain control over local software.
Conclusion
TCB contains four security mechanisms, including authentication and identification, auditing, labelling and security policy. The trusted computing base contains hardware, firmware and software that are essential in establishing as well as maintaining security. Some of the barriers include the design can be fundamentally flawed since they expose society to new threats of non-consumer behaviour. Manufacturers can secretly implement them incorrectly. Another barrier is third party uncertainty concerning the software environment. These barriers can be bypassed through owner override, (Hardjono & Smith, 2019). Lack of computer owner control of the verification content can be a major issue. Owner override fixes the issue by restoring another inability to determine the software that is running. Attestation only informs the parties whether the software on the computer has been altered. Attestation, as well as Owner override, can be used by the parties to determine whether the software in the computers has altered without their consent. One of the main advantages of using Attestation together with Owner override is that a company can enforce or implement policies against its own members or employees as long as they are using computers owned by the company.
Reference
Hardjono, T., & Smith, N. (2019). Decentralized trusted computing base for blockchain infrastructure security. arXiv preprint arXiv:1905.04412. Retrieved from
https://arxiv.org/abs/1905.04412
Jomaa, N., Torrini, P., Nowak, D., Grimaud, G., & Hym, S. (2018, July). Proof-oriented design of a separation kernel with minimal trusted computing base. Retrieved from
https://hal.archives-ouvertes.fr/hal-01816830/
Moon, Y. H., Kim, D. W., Kim, Y. S., Yoon, S. Y., Han, J. H., Kim, J. N., & Lim, J. D. (2019). U.S. Patent Application No. 16/204,802. Retrieved from
https://patents.google.com/patent/US20190163910A1/en
Noorman, J., Agten, P., Daniels, W., Strackx, R., Van Herrewege, A., Huygens, C., … & Piessens, F. (2019). Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In Presented as part of the 22nd {USENIX} Security Symposium ({USENIX} Security 13) (pp. 479-498). Retrieved from
https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/noorman
Ranganathan, K. (2017). U.S. Patent No. 7,313,679. Washington, DC: U.S. Patent and Trademark Office. Retrieved from
https://patents.google.com/patent/US7313679B2/en
Scott-Nash, M. E., Dasari, A., & Wiseman, W. M. (2016). U.S. Patent No. 9,461,994. Washington, DC: U.S. Patent and Trademark Office. Retrieved from https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/noorman
We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.
Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.
Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.
Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.
Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.
Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.
We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.
Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.
You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.
Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.
Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.
You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.
You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.
Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.
We create perfect papers according to the guidelines.
We seamlessly edit out errors from your papers.
We thoroughly read your final draft to identify errors.
Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!
Dedication. Quality. Commitment. Punctuality
Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.
We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.
We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.
We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.
We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.