Course Code - CSI6199 Report on contemporary cyber security issues

Introduction

TrueCrypt is considered as a discontinued source available freeware utility that is used for encryption. From the current scenario it has been focused that Imperial cyber has been contracted for providing Consultancy Services to ABS. Hence the client has contracted Imperial cyber regarding the cyber issues that have taken place recently in the business context. It has been found that TrueCrypt is a significant threat to ABS and this product has been used throughout the business. Here the Imperial cyber has been assigned to justify an alternative open source product that can be reduced the issues in ABS. The study will be developed based on the product that is going to be suggested by Imperial Cyber to ABS and its test plan.

Demonstrate the issues and vulnerabilities within the TrueCrypt can be faced by the client

Issues in TrueCrypt

Considering the given scenario it has been identified that the firm Auto Body Supplies has experienced major factors that have taken place in the business context due to TrueCrypt.  This section is going to critically identify and evaluate the various issues that take place within the business context due to the use of TrueCrypt. TrueCrypt husband found with major vulnerabilities and it is known for various attacks that are also present in other software based disk encryption software. it has been found that in recent times this tool does not support any encryption within the system drive that has been converted into the dynamic disks. different documentations and information are being distributed with the help of TrueCrypt and here due to lack of security concerns it has become a valuable problem for the client to maintain the security precautions within the business infrastructure. Moreover it has been found that the software tool has a major security problem due to its encryption of the entire hard drive and it is not free from security bugs too. Therefore auto body suppliers have faced various issues due to lack of encrypted data and security flaws (Levesque, 2017).

Communicate the Vulnerabilities faced by ABS due to TrueCrypt

From the given scenario it has been found that Imperial Cyber has been appointed by Auto Body Supplies in order to find major vulnerabilities that are present within the software TrueCrypt that have created e-mail problems for the firm. In this concerned aspect the primary thing that has become the most important is to communicate with the client and to make him convinced that the entire platform should stop using TrueCrypt as soon as possible. Hence while communicating with the client determines that the issues that have been faced by him have been illustrated based on the issues that have been faced by the ABS Company. The reason behind declaring software tools are not secure is going to be stated below. While meeting with client it must be convinced that there are enough reasons behind telling him to stop using TrueCrypt for any kind of data and fractions. In accordance of the developers regarding this existing software it has been stated that they have mentioned that TrueCrypt is not secure as it has been found with various unfixed security issues. It has been found that in the program there could be compromise and in users machines where the  back-doors access cannot be allowed but the register reports that can be used for both record keystrokes and installing spyware to the host machine. In this respect it can be stated that this security flaw can make the developer capable sufficiently to capture all the drive encryption keys according to their end user security practices. therefore the Imperial Cyber has communicated with the client and demonstrated to him to instantly stop using the software in his business (Lawrie& Gacek, 2016).

Open source product with of both symmetric and asymmetric encryption

PGP which stands for Pretty Good Privacy can be the next encryption software that can be used by Auto Body Suppliers. in accordance with the Imperial Cyber it is necessary for ABS to incorporate such a software. Moreover it can be stated that it is not only open source but has both of the facilities symmetric and asymmetric encryption. Considering this scenario it can be stated that PGP can be the best option which has both symmetric and asymmetric platform of data encryption. Considering some of the main features and functions of PGP the below section is going to be encompassed.

Product Description

Wireless writing in regards of PGP it can be stated that it is a encryption software that has been designed for providing security, authentication and privacy for online communication system and concept of openPGP, recommended to ABS. that can be considered as standard of PGP encryption which is open source for public use this standard allows the users to use software freely. Hence along with various tools and features open source PGP encryption technology is being used in the PGP software.

If Symmetric and asymmetric both

While suggesting PGP for ABS it must be elucidated that this encryption software has become the widely available software that is mostly influenced by the organizational owners in order to have public key cryptography. This hybrid system uses both symmetric and asymmetric encryption in order to achieve a high level of security. The combination of symmetric and asymmetric encryption allows users to secure their information and the cryptographic keys to the internet. hence does encryption software derive benefits from both the security of asymmetric Cryptography and symmetric encryption. Additionally it can be stated that the speed security and digital signatures in short the integrity of authenticity and data of the center will help to reduce uncertainties within their online platform. While elaborating this section it can be stated that openPGP protocol has allowed the emergence of standardized competitive environment for most of the companies. The symmetric and asymmetric encryption will help ideas to ensure the high potential security within the business infrastructure even by allowing the users to generate the keys and files in one program and to use in another program without having any kind of disturbances that is going to be very much useful for the firm (Desouza, Awazu& Baloh, 2017).

 

Test Plan for the Product

 

Name of the Product

PGP or  Pretty Good Privacy

Approved by

The Managerial Department of ABS

Recommended By

Imperial Cyber

Test Plan Identifier

While testing the software the configuration manage system has been taken into account

Overview , Goals and Any Constraints

The entire test plan will be conducted upon the recommended encryption software which is PGP. The primary goal is to critically evaluate the capabilities of PGP to provide high security

References

The entire project plan along with the configuration management plan will be taken into account for the entire test plan

Test Items

The version of the software, features, high potential to give security all will be tested

Features

The digital signature that is being used by PGP with a combination of public and hashing key encryption will be tested and examined in this entire testing process

Approach

The approach that has been taken into account while testing the software is its capabilities to provide authentication, integrity and non-repudiation.

Pass/Fail Criteria

Through the test plan it has been reached that the entire software and its potential capabilities have been succeeded to reach its variables (Sagheb, 2014).

Environment

The suitable environment will be sought while conducting the software testing within the software premises.

Schedule

From 10 am and after checking the test case the entire test review will take approximately 2 or 3days.

Staffing

Skilled staff will be recruited within the business context who will be assigned in different roles. Hence during the implementation of the software it will be necessary to give effective training facilities to the staff in order to make them efficient.

Risks

Several risk factors may take place such as loss of money and lack of infrastructure.

Responsibilities

The software developers will take the responsibility. Hence the managerial department will provide the necessary information and support.

Assumptions

The software PGP will reach its milestones to provide high security

Approvals

After the test plan the manager of the company will approve it.

 

Outcome of the Test Plan

While elaborating the outcome of the test plan it can be stated that the test plan must be sufficiently precise to address its approach. Hence it has been reached that with the proper implication of PGP encryption software, ABS firm would be able to reduce its  uncertainties that have taken place due to TrueCrypt (Redmond, 2014).

Conclusion

It can be concluded that considering the various issues and security flaws that have taken place in the company ABS the consultant of Imperial Cyber has been a pointer. Hence based on the issues the most effective open source prod that is capable of both symmetric and asymmetric has been recommended and implemented by passing through the test plan.

 

 

References

Desouza, K., Awazu, Y., & Baloh, P. (2017). Managing Knowledge in Global Software Development Efforts: Issues and Practices. IEEE Software, 23(5), 30-37. https://doi.org/10.1109/ms.2006.135

Lawrie, T., & Gacek, C. (2016). Issues of dependability in open source software development. ACM SIGSOFT Software Engineering Notes, 27(3), 34. https://doi.org/10.1145/638574.638584

Levesque, M. (2017). Fundamental issues with open source software development. First Monday, 9(4). https://doi.org/10.5210/fm.v9i4.1137

Redmond-pyle, D. (2014). Software development methods and tools: some trends and issues. Software Engineering Journal, 11(2), 99. https://doi.org/10.1049/sej.1996.0013

Sagheb-Tehrani, M. (2014). Expert systems development. ACM SIGSOFT Software Engineering Notes, 30(2), 1. https://doi.org/10.1145/1050849.1050864

No Need To Pay Extra
  • Turnitin Report

    $10.00
  • Proofreading and Editing

    $9.00
    Per Page
  • Consultation with Expert

    $35.00
    Per Hour
  • Live Session 1-on-1

    $40.00
    Per 30 min.
  • Quality Check

    $25.00
  • Total

    Free

New Special Offer

Get 25% Off

review

Call Back