Information Security Management

Question: Case Study on the "Information Security Management". Answer: Introduction: - According to Disterer (2013), with the extensive developments in the Information Technology field and its widespread implementation in the commercial and the educational fields, there is an essential requirement for the maintenance and management of the security for the information transmission and storage. The information along with the entire information system is the fundamental backbone of the company that is established in Sydney and has satellite branches in three Southeast Asian nations. The organization-specific data, as well as the parallel transmission of the data for the telemedicine healthcare facilities and the virtual classrooms, utilize the openly available networks or the Virtual Private Network. In this case, both the data are vulnerable to some security threats, which can result in the disruption of the telemedicine services and the online or virtual classroom learning processes (Luo and Qin 2015). According to Simonson and Zvacek (2014), the entire concept of the business and the service operations to be followed by the company is based on the use of the Information and communication technology. Both the telemedicine and the virtual learning for the nursing college sector involve the sharing and extensive distribution of information. The information includes operational and sensitive data which need to be secure. The database includes the Electronic Medical Records, the past medical records or confidential consultation records for the healthcare team and the study materials, research results, student details, which are always vulnerable to malicious intrusions and attacks for unauthorized and ill intended activities (Garingo et al. 2012). The records may also sometimes contain sensitive financial information which may succumb to embezzlement or skimming due to lack of security measures. The report successfully points out the areas of attack on the different fields of the company and presents some advanced techniques to counter them effectively. Security Issues in Telemedicine services: - Background of telemedicine technology: - Telemedicine is the advanced technology to provide medical services remotely telehealthcare applications, by the advances in the digitized data. However, the inefficient security management denies its overall success. E-health is the budding public healthcare business, providing remote clinical attention through the Internet by deploying Information and Communication Technology (Kvedar et al. 2014). Figure: - Components of telemedicine Privacy and security issues in Telemedicine: - The administrators and the clients( in need of medical attention) have the utmost right to the privacy of the necessary but confidential information like financial and personal details, for example, SSN, business details, finance-related data etc. As discussed by Eren et al. (2015), a secured database called the Electronic Patient Record is developed with an organized content authentication to ensure the quality, reliability and validity of the data. Telemedicine also requires security and confidentiality concerns for the sharing of files between the healthcare team and the clients (Young and Patel 2015). However, the fundamental security characteristics of Telemedicine are Confidentiality, Availability and Integrity. Besides, there are data storage issues and the means to access these data, because the wireless transfer of data is vulnerable to embezzlement or intrusions. The security issues regulate the extent to which the customer data mining and collection can be performed throughout the heterogeneous data, scattered along the medical fields and databases (Pendergrass et al. 2015). Security Service Descriptions Confidentiality Only the authorized users can access the medical information and multimedia files. Authentication mitigates the disclosure of the shared files to the intruders. Availability This ensures the organized access to the necessary data even in the cases of sudden power cut-offs and malfunctions of hardware/software. Integrity The consolidation of the sent files is ensured by the integrity, or the files are wirelessly transmitted without any loss in the sent information. Authentication The process ensures the security in communicating with the peer node so that an intruder cannot impersonate or fake the node that it intends to communicate. Non-repudiation The source of a sent file cannot oppose its origin and identity Non-impersonating algorithms These ensure that the authorized sources or clients profiles cannot be impersonated for false attacks and replays. Table: - Security requirements in Telemedicine technology Threats and attacks on security and the privacy of data: - The communication is nothing but the organized flow of information from the source to the multiple receptors, mainly through the network, popularly known as the Internet. According to Adhikari et al. (2014), the process of connecting the clients the healthcare team may succumb to data breaches and network threats. The threats to the telemedicine data are mainly active and passive attacks. The active attacks include the modification and fabrication of the medical files and multimedia. The active attacks result in the unauthorized reproduction of false information. Besides, the process of masquerading can modify the contents and retransmit the data to the unintended and unauthorized places. Masquerading is the technique through which, an attacker pretends to be the authorized client to enjoy the services and the privileges that are not assigned to him. The prime platform for a masquerading attack is the weak authentication protocols and algorithms. Masquerading sometimes results in the disclosure of the entire organizations data access to the attacker. Another vital, active attack is the Denial of Service. The DoS attack makes sure that the network or the machine resource is unavailable to the authorized user temporarily or for an indefinite span of time, thus resulting in the suspension of the host services to the healthcare team and the clients in need of remote clini cal attention (Adhikari et al. 2014). The passive attacks are characterized by the skimming and eavesdropping by the attacker. In this case, the attacker keeps track of the system while it does its operations and collects the data and information required, by intercepting the information flow, not necessarily altering the data. The traffic analysis of the data reveals the data patterns to the attackers and the disclosure of the confidential message content is carried out. Figure: - Security attacks in telemedicine technology Information security in the virtual classrooms of the satellite campuses: - Background of virtual classrooms in satellite campuses: - The fundamental design of the virtual classrooms in the distant campuses is shown below. Figure: - Fundamental design of virtual classrooms The security in the virtual classroom design and the e-Learning methods must be developed through the analysis of the network security intrusions and attacks. The prime concern for the secure communications in the virtual classrooms is the satisfaction of the faculty in the satellite campuses and the students in the distant branches of the university. On a fundamental assessment, the system comprises the human resources along with the learning system facilitated by the network and the hardware or software equipment (Ben Arfa Rabai et al. 2012). Security issues in the Virtual Classroom learning: - According to Levy et al. (2013), in the context of the virtual classroom design and functioning, the security and privacy issues and the attacks should be well understood and the respective mitigation techniques must be well ordered in the deployment design. The virtual classrooms network systems are widespread with extensive variety of the resources for the users. The prime areas of the security attacks are the breaches in the access to the selected network, the Malware and the theft of the equipment. However, in this case, the main concentration is on the security issues in the online process of teaching and learning, which is the backbone of the virtual classrooms as well as the other components such as the web access services, the client and server equipment, the database systems and the online classroom services (Miguel et al. 2014). The probable vulnerabilities to affect the distant learning process are the following: - Distributed Denial of Service attack: - In this case, the attacker attempts to lock the server with a relatively higher network speed and as a result, the network card is disrupted and subsequently blocks the legitimate traffic. In this case, the authorized student may lose access to the servers in the midst of an examination or an important lecture. The loss of the access privileges may be temporary or for an indefinite period, according to the extent of disruption of the network card, or the intensity of attack of the attacker. Key Loggers: - The technique called Key Loggers help the students to install and misuse, embezzle or steal the administrator or the faculty authentication information, to log into their accounts and modify or change grades and questions. Search SPAM: - It is almost similar to the DDOS attack. In this case, the intruder or a hacker to be precise infuses innumerable dummy search commands by utilizing words of high frequency. Generally, the prepositions used, into the search engine used by the student or the standard search engine used by the college system. The immediate result of the Search SPAM attack is the unnecessary consumption of the CPU scheduler time by the PHP or JSP page generator engines, the MySQL database servers, and the Apache or Tomcat engine. The other various security concerns for the wireless communication in the virtual classrooms are the following: - Spoofing and alteration of the routing information: - This attack is characterized by the replaying of the routing loops, infiltrate or repel the legit student or teacher traffic, generate false information to the students, increase the latency between the nodes, etc. Selective Forwarding attack: - The malware containing nodes manipulate the forwarding or the sending of files or if required even trash them without the propagation of messages along the network. Sinkhole attacks: - By this attack, the attacker accumulates traffic at a particular area by com promising a particular node. Hello-flood attacks: - The nodes send Hello packets to the neighbor nodes. The adversary forces the bodes to recognize it to be the authorized neighbor through enough adversary power. All the mentioned attacks result in the disruption of the virtual classroom process and the online learning methods (Oseni et al. 2013). The security management issues in the virtual classroom network: - The prime security requirements that should be included in the distant and virtual learning systems are - Security requirements Sub-factor Access administration Authorization Identification of the user Authentication of the identity Availability of information Allocation of resources Expiry of former information Response time Non-repudiation Software consolidation Integrity Personal data integrity Integrity of hardware and software Integrity of data Cardinality Consent and intimation Privacy Aggregation Attributes Encryption keys Confidentiality Anonymous approach Table: - Security Management in Virtual classroom and online learning Recommendation of cloud computing for the entire business, learning and telemedicine operations: - According to Mansuri, et al. (2014), the advantages that are delivered by the cloud computing technology for the University cum healthcare facilities provided by the university are discussed below. Virtual classes and laboratories: - According to Stein et al. (2013), due to the day-by-day increase in the number of faculties, human resources or the students in the distant campuses, the cloud can accommodate for a scalable quantity of virtual equipment by providing the users with remote software versions. Deterioration of the IT machine: - The university may reduce the costs for maintaining the costs of IT equipment which result in the computers becoming outdated and failing to support the advanced versions of the software. However, the Cloud technology may utilize the weak machines as thin clients while the information will be processed on the server networks. Reduction of the software costs: - SaaS provides cheaper software investments. There is no need buy the licenses for the advanced software (Dinh et al. 2013). Data storage and backup: - As argued by Cao et al. (2012), the various materials for the students or healthcare such Electronic Medical Records, lectures, images and videos and the students projects consume excessive disk capacity. The files may be backed up and sent to the Cloud servers that account for the storage and their backup. Load balancing of the servers: - The computing capacities may be rented on need. It helps the health or the education sector to reduce and balance the load on the servers (Patel et al. 2013). Learn anywhere and everywhere: - The students or the healthcare team has access to the working environments 24*7*365 irrespective of the personal devices. Security threats and attacks in Cloud computing: - The vulnerabilities for Cloud computing are discussed in the table below. Vulnerabilities Discussion Layer specification Unlimited resource allocation The inaccurate allocation of the resources may result in excess booking and provisions. Software/ Platform/ Infrastructure Unprotected Application Program Interface The API grants the access to the various services provided by the Cloud technology. So its security depends on the securities of the interfaces. Software/ Platform/ Infrastructure Virtual Machine operations Unregulated resource allocation Vulnerability of the displayed IP addresses across the cloud Unrestricted rollback attack The migration of VMs for fault tolerance and other properties Covert channels in parallel VMs Infrastructure Data vulnerability Data is sometimes collocated with the informational data of unauthorized owners who can be intruders Data, confidential or not, cannot be completely omitted. Data storage and transmission in plain text Data is located in different jurisdiction venues The data back-up sometimes is performed by third-parties who cannot be trusted Software/ Platform/ Infrastructure Virtual machine multimedia Unrestricted allocation of multimedia in public platform The images cannot be patched due to being non-active Infrastructure Hypervisors Complicated codes of Hypervisors Scalable configurations of the Virtual system and the Hypervisors as per institutional requirements Infrastructure Virtual Network vulnerability The sharing service of the bridges by the Virtual machines Infrastructure Table: - Vulnerabilities of the Cloud Computing Technology The data storage and virtualization are the prime areas, which are susceptible to severe attacks. Threats in the Cloud Computing Technology:- Threats Discussion Layer specification Scavenging of data Until the destruction of the platform, some data cannot be completely omitted irrespective of their confidentiality and hence may succumb to recovery attacks. Software/ Platform/ Infrastructure Hijacking of service An account stealth is characterized by accessing the authorized users credentials by the intruder to modify or manipulate data to perform malicious operations Software/ Platform/ Infrastructure Denial of Service The system fails to grant service or privileges to the authorized users as the malicious attacker uses the available resources Software/ Platform/ Infrastructure Leakage of data During transmission, data can fall into the malicious boundaries Software/ Platform/ Infrastructure Manipulation of the clients data The web applications are invaded by sending manipulated data to the server. Examples are Cross-site scripts, SQL injection, injection of commands, etc. Software VM hopping and escape Escape provokes the hypervisor to control the underlying platform, and hopping refers to the access gain to another VM from one VM. Infrastructure Creation of unauthorized VM An intruder with a valid fake account creates a malicious multimedia file Infrastructure Unprotected migration of VM The intruder can access the data illegally in the time of migration Transfer of the VM to an unauthorized host server Migrate or create multiple VMs thus resulting in the disruption of service or DoS Infrastructure Virtual Network spoofing The malicious intruders VM can eavesdrop the virtual network operations and spoof packets to unintended or malicious VMs Infrastructure Table: - Threats in Cloud Computing Technology The security and privacy threats mitigation techniques: - Threat Vulnerability Description Counter-technique Hijacking of service Unprotected interface and API The victims account is used to access the target Identity management and guidance Dynamic Credential technique Data scavenging Data vulnerability Data from disks are not completely deleted Specification of deletion strategies in the SLAs Data Leaks Virtual machine and network migrations The attacker gets confidential information Encryption and Digital Signatures FRS techniques DoS Unprotected interface and API and Data vulnerability The attacker requests extension in the computational resource Limitation to resource allocation Manipulation of Clients data Unprotected interface and API Destruction of websites at times Web application scanning techniques VM escape Hypervisor Vulnerability Security breaches in the Virtual Machines Mirage Creation of false VM Virtual machine multimedia vulnerability VM image containing malware Mirage Spoofing Virtual networks Virtual network vulnerability Spoof the virtual networks Xen network mode Table: - Security countermeasures in Cloud Computing Technology Guidelines to the Security management techniques: - Identity management guidance: - The service provided by the Cloud Service Alliance assesses the identities and manages effectively the access according to the authorized identities. Dynamic credentials: - It is an algorithm to change the value of the user's location change and after the transfer of several packets. FRS technique: - The fragmentation redundancy and scattering technique securely store data by dividing it into fragments and scattering them across the entire network, thus not assigning complete importance to the fragmented information. Digital signatures: - The data to be transmitted is encrypted with these and recognized again at the authorized receptor side, adhering to certain algorithms. Encryption: - This technique is developed to secure the sensitive information with the help of camouflage algorithms, and the data can be recovered adhering to certain decryption algorithms. Web Application Scanning technique: - The web apps are susceptible to attacks due to public delivery. The program scans the websites form the front end to indicate the areas of attack. Besides, the Web Application Firewalls scans the web traffic to identify the attacks. HyperSafe protocol: - The approach integrates the hypervisor flow of control. It successfully prevents attacks such as Hypervisor code modification, code injection, page table modification and return table tampering. TCCP: - The trusted cloud computing platform secures the environment for the Virtual Machines. Other techniques like this are Privacy CA, Direct Anonymous Attestation, etc. Mirage: - The virtual machine layer security technique comprises the techniques namely access control design, filtering image, tracking provenance, and maintain the repository services. It secures the image management in the virtual machine environment. Xen: Virtual network security: - It has bridged as well as routed communication methods for secure virtual network communication. It has three prime layers namely Firewall, shared network and routing layers. Conclusion: - Though cloud computing technique facilitates the company with an overall virtual management of the telemedicine and the nursing institution fields, it also involves several security and privacy breach issues, which need to be countered with the utmost attention. The data storage and hosting, web applications the machine virtual and network have carefully scanned to identify the security issues, and solutions have also been offered to counter these problems. However, the solutions are getting advanced day-by-day, and the information security management needs to be managed efficiently. References: - Adhikari, R., Richards, D. and Scott, K., 2014. Security and privacy issues related to the use of mobile health apps. ACIS. Ashktorab, V. and Taghizadeh, S.R., 2012. Security threats and countermeasures in cloud computing.International Journal of Application or Innovation in Engineering Management (IJAIEM),1(2), pp.234-245. Ben Arfa Rabai, L., Rjaibi, N. and Ben Aissa, A., 2012, July. Quantifying security threats for E-learning systems. InEducation and e-Learning Innovations (ICEELI), 2012 International Conference on(pp. 1-6). IEEE. Cao, N., Yu, S., Yang, Z., Lou, W. and Hou, Y.T., 2012, March. Lt codes-based secure and reliable cloud storage service. InINFOCOM, 2012 Proceedings IEEE(pp. 693-701). IEEE. Chau, M., Wong, A., Wang, M., Lai, S., Chan, K.W., Li, T.M., Chu, D., Chan, I.K. and Sung, W.K., 2013. Using 3D virtual environments to facilitate students in constructivist learning.Decision Support Systems,56, pp.115-121. Dinh, H.T., Lee, C., Niyato, D. and Wang, P., 2013. A survey of mobile cloud computing: architecture, applications, and approaches.Wireless communications and mobile computing,13(18), pp.1587-1611. Disterer, G., 2013. ISO/IEC 27000, 27001 and 27002 for information security management. Eren, H., Webster, J.G., Fruhling, A.L., Raman, S. and McGrath, S., 2015. The Handbook of Electronic Medicine, Electronic Heath, Telemedicine, Telehealth and Mobile Health. Garingo, A., Friedlich, P., Tesoriero, L., Patil, S., Jackson, P. and Seri, I., 2012. The use of mobile robotic telemedicine technology in the neonatal intensive care unit.Journal of Perinatology,32(1), pp.55-63. Hashizume, K., Rosado, D.G., Fernndez-Medina, E. and Fernandez, E.B., 2013. An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), pp.1-13. Kvedar, J., Coye, M.J. and Everett, W., 2014. Connected health: a review of technologies and strategies to improve patient care with telemedicine and telehealth.Health Affairs,33(2), pp.194-199. Levy, Y., Ramim, M.M. and Hackney, R.A., 2013. Assessing ethical severity of e-learning systems security attacks.Journal of Computer Information Systems,53(3), pp.75-84. Luo, Z.Y. and Qin, Z.W., 2015, May. Research on building multi-campus adult education platform model based on VPN technology. InElectronic Engineering and Information Science: Proceedings of the International Conference of Electronic Engineering and Information Science 2015 (ICEEIS 2015), January 17-18, 2015, Harbin, China(p. 215). CRC Press. Mansuri, A.M., Verma, M., and Laxkar, P., 2014. The benefit of Cloud Computing for Educational Institutions and Online Marketing.Information Security and Computer Fraud,2(1), pp.5-9. Miguel, J., Caball, S., Xhafa, F. and Prieto, J., 2014, May. Security in Online Learning Assessment Towards an Effective Trustworthiness Approach to Support E-Learning Teams. InAdvanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on(pp. 123-130). IEEE.