Posted: April 26th, 2022

Authentication techniques

Computer Sciences and Information Technology
Authentication techniques
Module 07: Critical Thinking
Authentication techniques (25 points)

Scenario:

You are the network administrator of a regional bank based in Jeddah. Your team has been faced with hackers intercepting the bank’s website and customers’ mobile application information. You need to develop a strategy using security best practices to protect the customers’ data.

Directions:

Write a paper that includes the following:

A description of the major security concerns for web or mobile application development,
A detailed explanation of the security measures you would incorporate to transmit data, and
Assessment of the security measures needed to be considered and implemented to ensure the proper authentication and authorization.
Keep in mind, we are most interested in your ability to describe the SDLC stages and the steps you would take to enforce security during each stage. Use diagrams, where appropriate.

Deliverables:

Your paper should be 4-5 pages in length, not including the title and reference pages.
You must include a minimum of two credible sources and information from the module to support your writing. The Saudi Digital Library is a good source for resources.
Your paper must follow Saudi Electronic University academic writing standards and APA style guidelines, as appropriate.
Authentication techniques
Businesses and organizations face cybersecurity risks and threats that negatively affect them, and thus there is a need to adopt effective and efficient countermeasures. Security threats and risks have adverse social and economic impacts on the businesses to the point of failing. In this regard, there is a great need to protect and safeguard the organizational computer and network from hackers and other cyber-related criminals. The cybercriminals target the organizational computers and network toto defraud or cause other specified harm at the expense of the victims. In this regard, the organizations and businesses need to adopt the best practices and approaches to counter the malicious and illegitimate acts of the cyber-criminals. The best practices and approaches take the form of security measures to transmit data, proper authentication, and authorization techniques as well as adopting advanced security measures to protect their organization. Cyber Security threats and risks negatively affect organizations and businesses. Thus there is a need to incorporate effective, appropriate, and security measures of protecting data on transit and proper authentication and authorization measures.
A description of the major security concerns for web or mobile application development
Businesses and organizations face critical security threats in the course of incorporating web or mobile application development. The security concerns are threats and risk that negatively affects the operations organizations to the point of failing. First, a data breach is a security concern that is associated with web and mobile application development in businesses (Elmaghraby and Losavio, 2014). Data breach takes the illegitimate and authorization process of accessing the organization’s sensitive and confidential data. The infiltration of data source and extraction of sensitive information leaves an organization exposed and vulnerable.
Malware attacks are a security issue of concern that needs to be considered as it enhances to disruption of operations. A malware attack takes the introduction of a malicious software platform without the knowledge of the owner of the system (Elmaghraby and Losavio, 2014). The malware software is introduced to the system of an organization through file sharing, use of free software programs, and failure to acquire security software programs and in removable devices. The malware attack negatively affects the operations of the businesses in the interest of the attackers.
Loss of sensitive data by the adoption of web and mobile application is a security concern that needs to be addressed to prevent organizational challenges. The data is lost in different ways that include the use of unreliable storage mediums, deletion, and alteration of the internet or the different devices (Elmaghraby and Losavio, 2014). The loss of data had negative consequences such as draining the organizational finances, damaging the reputation of the business, and loss of customers. The lost data lands on the wrong hands that use it in their benefits at the expense of the business.
Hacking security concerns takes the cybercriminals accessing and controlling the organizational computer and network at the expense of the organizations. Businesses and organization conduct their operation and function over the internet of things that has different weak points or loopholes for exploitation by cybercriminals (Elmaghraby and Losavio, 2014). Hacking is made possible by access to passwords or credentials, especially when sharing. Hacking makes the cybercriminals to control the computer system and network through identity theft, thus allowing them to implement malicious and illegitimate operations.
Security measures to incorporate to transmit data
Data on transit is at a high risk of being intercepted, diverted, altered, or deleted by hackers for their different agendas. In this regard, there is a need to adopt the necessary and appropriate measures to protects and safeguard data on transit. First, there is a need to effectively plan for the data on transit through evaluating the scope of the project ( help with nursing paper writing from experts with MSN & DNP degrees) and ensuring that the requirement for the transmission of data is present (Jain and Shanbhag, 2012). The planning entails establishment the encryption and authenticity standards to be adopted based on compliance and legal standards.
The analysis and designing stage is critical upon understanding the requirements to enhance the establishment of patterns and architecture for the transmission of data. In this stage, the encryption for the data on transit is enforced (Jain and Shanbhag, 2012). The business and organization establish the encryption needs based on best practices and standards to ensure that the architectural plan adopted in the transit of data is safe and secure.
The implementation stage takes the adoption of the best practices and approaches in the transit of data. The implementation is done in two ways that include the automation of the detection of data leak and the authenticating of network communications (Jain and Shanbhag, 2012). Under the automation of detection of a data leak, detection mechanism, and tool to detect any attempts to move data beyond the set boundaries. On the other hand, the authentication of the network communication entails the verification of communication identity by using different tools such as IPsec, Transport Layer Security, thus reducing the tempering of data of its loss.
The maintenance stage takes the improvement plan for the transmission process and path to enhance the safety of data on transit (Jain and Shanbhag, 2012). The improvement process takes the identification of compliance requirements, the identification of AWS compliance resources, the definition of the encryption standards, establishment of a certificate management solution, and the certificate revocation process, thus improving data security.
Security measures to be considered and implemented in the authentication and authorization
The effective and appropriate security measures need to be adopted in the authentication and authorization of the computers and networks to enhance the safety of the organization. The authentication takes the confirmation of the identity, while authorization entails the granting of permission to access the system (Bajpai, Vardhan, and Kushwaha, 2012). The planning stage in the authentication and authorization takes the configuration of the active directory infrastructure. This approach ensures that the operation and interaction with other sites to ensure that security is not compromised. The steps adopted in this case include optimization of the authentication process by reducing authentication traffic, provision of rapid and reliable communication, increase the performance of the network, and replication that ensures safe transferring of data.
The designing and analysis stage entails the examination and improvement of the ISA server to improve the authentication process (Bajpai, Vardhan, and Kushwaha, 2012). The server is assessed to ensure the exchange and operation of data between different parties is safe and secure. The improvement of the authentication is made using the remote authentication or the window built-in authentication. This approach ensures that authentication on a higher level.
At the implementation stage, the resource-efficient multi-source authentication is adopted in the authentication process (Bajpai, Vardhan, and Kushwaha, 2012). This process is made effective through the adoption of the split join a one-way key chain that defines the authentication process. The authentication process is advanced to improve security through efficient and effective authentication and authorization.
Additionally, the maintenances state entails the management and organization of the security framework to continually improve the authorization and authentication processes. The security is maintained by continually updating the security framework through the adoption of the Local Security Authority. LSA defines the process of authentication.
Conclusion
Different security threats face businesses and authentication, and thus effective security measures that incorporate effective and efficient authentication and authorization processes need to be adopted. The security threats and risks take interference with the organizational network and security. The interference puts data and sensitive information at risk, and they are subject to misuse by hackers and cybercriminals. In this regard, effective security measures need to be adopted in the protection of data in transits. On the other hand, the authentication and authorization process needs to be improved to limit and control the access to the computer system and network of the organizations.

References
Bajpai, D., Vardhan, M., & Kushwaha, D. S. (2012, August). Authentication and authorization interface using security service level agreements for accessing cloud services. In International Conference on Contemporary Computing (pp. 370-382). Springer, Berlin, Heidelberg.
Elmaghraby, A. S., & Losavio, M. M. (2014). Cyber security challenges in Smart Cities: Safety, security and privacy. Journal of advanced research, 5(4), 491-497.
Jain, A. K., & Shanbhag, D. (2012). Addressing security and privacy risks in mobile applications. IT Professional, 14(5), 28-33.

Order | Check Discount

Tags: best dissertation writing services, best research paper writing services, college paper writing service, dissertation writing services cost, dissertation writing services near me