Communications Architecture Distributed Systems

Question: Discuss about the Communications Architecture for Distributed Systems. Answer: Introduction Security management is a broad field which encompasses many things from the supervision of the security guards at malls and museum other than this many high-tech security management systems which are designed to protect large firms and organisation from getting theft. Security management provides safety in different ways which are particularly on the logical side as well as in the physical security. Security of the server room, backup room, and network components is required so that company can work effectively. Professionals work collectively for the security of the organization, IT professionals who develop high-tech network systems and software applications to protect the organisation from facing the problem of data theft which the Boston dynamic is facing. Any organisation uses the security management process for the risk assessments and risk analysis to identify the threats, rate system vulnerabilities and categories assets. All this are done to implement some effective control to the organisation. Information security management system is a policy which is concerned with information security management or IT related risks (Hassan, 2010). Security threats The company Boston Dynamic is got attack by the data theft which steals all the data from the computer. It is primarily caused by system administrators and office worker with the help of technology like a database server, desktop computer or growing list of hand. It store all the digital information, USB flash drive, iPods, or digital cameras. If the person who is involved in data theft, if they get caught they get a serious punishment law. Attacking the individual computer user or organisation with the data theft is illegal. The data theft is done through different ways like when be give any personal information to any online site sometimes the data are theft from that (Parker, 1973). Data Theft Nowadays the data theft is becoming a common problem individual user and the big corporate organisation. Data theft is mainly the stealing computer-based information from an unknowing person with the intent of compromising privacy or obtaining confidential information from them. This data theft attacks the Boston Dynamic company and steals many important data which are used to make an advanced robot for the different company. The company also have a loss because of this attack (Grier, 2011). The different ways of data theft are: E-commerce site: As we do the online shopping and do the online payment then we have to give some of the personal information of our bank account and some carelessness in this lead to leaking of private data of your account and later the hacker can hack the bank account and do the transaction. Password Cracking: Sometimes the hacker cracks your password of the computer and can take the valuable data. Laptop theft: It took place when any organisation or firm sell their equipment to any other company and if any information left in it then the competitor can hack the details of yours and it may have a problem. Carelessness and lack of laptop data encryption can lead to major losses for the firm. Risk and Impact of attack Threat Device Solution Unauthorized access Computer, server, database 1. Well planned security matrix 2. Firewall over server and databases 3. Logical security Phishing Server, Network 1. Provide users information about how to identify the fake emails. 2. Training employees about latest threats 3. Securing system and server Password-Based Attacks Computer network 1. Obtain lists of a valid user and computer names and network information. 2. Modify and reroute and delete the data already present. Denial-of-Service Attack Network, server 1. Easy Installation on Apache and IIS servers. 2. Strong security against hacking activities 3. Interface and API for managing multiple servers. Sniffer Attack Company Network 1. Network security arrangement and security analysis 2. Read your communication The steps which are involved by the attacker is they use the data theft which steals all the data from the computer, laptop or through some online sites. This is one of the most common attacks which is done by the hacker who knows hacking and this way many organisation gets an attack of hacker and they lose many data and face the loss in the company. After researching on the attack data theft I found that mostly the data theft are dome through the online website when we put the data account detail for the transaction the data are theft through online (Young, 2009). Recently it has been found that Montreal police are asking for the public help to find the suspect connection of the data theft at Concordia University. This attack mainly spoils the company as the hacker hack all the information of the company and create different problem to the company website and some spam emails are sent to the client of this company which gives a bad remark. The consequences of this attack are when a company Boston dynamic get hacked then it destroys the reputation of the company as the data are theft then the wrong code of the robot are sent to the client by the hacker to destroy the company reputation. The company account details were also hacked and all the money which was sent by the client were stolen by the hacker. It also damaged some the intellectual property of the business and destroy it. Security Assessment: Since the company infrastructure is divided into three departments the corporate environment, IT department and a network security. Incorporate department, there is 12 staff and in It, there are 3 staff and few more staff in network security. So I suggest that all the staff of the company Boston dynamic should work with honesty without doing any illegal task within the organization like they should not give the security code and vital information to the other member of any other company. It is the responsibility of all the staff of the company to work for the company with trustworthy and with honest motivation towards the company. Checklist: The team will create a checklist which will be used by the team while performing risk assessment in the company. Each organization has to follow some sort of guidelines whether these are provided by the company or by the government authorities. The federal government has also proposed a set of guidelines for the companies so that they can follow and secure the data related to the clients. Latest data breach events with different companies around the world has impacted the companies in various ways. The data and information related with the customers has become volatile and intruders are successfully involved in data breach. The checklist which we have created for the company consists of a security matrix which is being applied by the company. ISO and federal government has proposed some guidelines for the data security in an organization. In that case we will analyze the security arrangement as per the guidelines (Derogatis, 1980). Arrangement and Findings: The checklist is mainly done to determine the involvement of different factors such as human factor in the case of security. The ISO guideline 27002 states the importance of well trained personnels and their involvement in the case of information and organization security. The internal threats means, in which the data are internally theft like the data are stolen by any member of the organization itself or any other employee of the competitor company get inside the company and stole the data. There are many employees who work in the company but if any competitor company give more money than theft does the data theft and provide theft in getting more money. This type of employee affects the company policy and also the break the rule of the company and destroys security arrangement of the company (Converse, 2001). The external thefts mean, in which the data externally theft like through any online site like E-commerce website, or any business site in which online transaction are done so the account details given on it and the hacker hack the details and create a problem for the company. Since the company is thinking to implement some of the security management which will help them to clear the attack and help to protect the company from future attack. So the company is doing a plan how to implement the security management system and the company should provide a proper security training to all the staff so they can work on it well and protect the network and resources from getting attack by the competitor company. The best security management for the Boston dynamic will be if they implement the software which will protect the machine which they are using like if they use id and password system in their machine and put a software which randomly changes the password after 10 minutes which will be known by the user of the machine (Pool, 1997). Then all the email and website will also be protected and nobody can hack the information and nobody will have the permission to open the machine without the particular person who is using the network and machine of the company. Security Guideline: It is a security code which has been issued by the International organization for Standardization. It is relevant to all type of organization and many companies use this code for safety and security. It was first introduced by the Shell and later on adopted by the British standard council and ISO. So the Boston Dynamic company also uses this security guideline to protect the data and code of the robot. Along with the training, some ethics also needs to be taught to all the staff of the employee. The company should tell the employee about the rules and policy to all the staff of the company. All the policy should be followed by all the staff of the company. All employee should work with full dedication and with trustworthy. Conclusion Whole assessment of the Boston Dynamic is done by the 3 IT staff of the company. The company work with full motivation and provide the robot to the client after a doing the proper testing and also check the algorithm. The client of this company is a large organisation which is basically used in military and commercial environments. Now the company wants to implement security management process in the company to keep the data and code of the robot with safe and secure from hacker of a different organisation. Since company gets an attack of data theft which steals all the data from the computer. Data theft which steals all the data from the computer. Nowadays the data theft is becoming a common problem individual user and the big corporate organisation. The consequences of these attacks are when company Boston dynamic get hacked then it destroys the reputation of the company as the data are theft then the wrong code of the robot are sent to the client by the hacker to destroy the compa ny reputation. Since the company infrastructure is divided into three departments the corporate environment, IT department and a network security. Incorporate department, there is 12 staff and in It, there are 3 staff and few more staff in network security. So I suggest that all the staff of the company Boston dynamic should work with honesty without doing any illegal task within the organization. Some of the security guidelines are also used by the Boston Company like ISO 27002 to protect the data of the company. Reference Cypser, R.J. (1978)Communications architecture for distributed systems. Reading, MA: Addison-Wesley Pub. Co. Hassan, A. and Bahgat, W. (2010) A framework for translating a high-level security policy into low-level security mechanisms,Journal of Electrical Engineering, 61(1). doi: 10.2478/v10187-010-0003-x Young, J.R., (2009) Top 10 Threats to Computer Systems Include Professors and Students.Education Digest, Essential Readings Condensed for Quick Review Parker, D.B., (1973),Threats to computer systems, CALIFORNIA UNIV BERKELEY LAWRENCE LIVERMORE LAB. Disterer, G. (2013) ISO/IEC 27000, 27001 and 27002 for information security management,Journal of Information Security, 04(02), pp. 92100. doi: 10.4236/jis.2013.42011. Pool, V. (1997) COBIT audit guidance on effective implementation,Computers Security, 16(6), pp. 518521. doi: 10.1016/s0167-4048(97)84675-5 Razzaq, A., Anwar, Z., Ahmad, H.F., Latif, K. and Munir, F. (2014) Ontology for attack detection: An intelligent approach to web application security,Computers Security, 45, pp. 124146. doi: 10.1016/j.cose.2014.05.005. Skorin-Kapov, N., Chen, J. and Wosinska, L., (2010). A new approach to optical networks security: attack-aware routing and wavelength assignment. IEEE/ACM transactions on networking, Converse, K. and Edmark, R., International Business Machines Corporation, 2001.Web server intrusion detection method and apparatus. U.S. Patent Application 09/810,028. Grier, J., 2011. Detecting data theft using stochastic forensics.the digital investigation,8, pp.S71-S77.