Technology Essay Example on Information Security Management System

There are many critical areas where computer systems are used, and the incidences of failure can have lasting impacts. For this reason, there is a need to develop procedures of relating the software quality attributes of the system to the system architecture. This will facilitate making the objective decisions about the designs of the system useful in determining the characteristics of the system that are free from bias and assumptions. There are certain features associated with critical applications. For instance, the application must allow interaction with the hardware devices and should ensure continuous operations. The purpose of this paper is to explore how the choosing one technology over another can satisfy security as one of the quality attributes.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Non-functional requirements refer to the non-observable properties present in a system (Bruijn, Fensel, Kerrigan, Keller, Lausen & Scicluna, 2008). They indicate the quality attributes regarding how the design of the system or how it is implemented. Such characteristics include the adaptability, security, cost, testability, maintainability, performance among others. The security attributes refer to the ability of the system to block accidental or the malicious actions outside the designed usage that is affecting the system or prevent the disclosure or the loss of the information. Application of different technologies can make this attribute either satisfactory or non-satisfactory. Proper technology can be of great importance for several reasons. Firstly, it reduces the possibility of the attack to the system. Secondly, it can reduce the cost involved in recovering the lost data. The various factors affecting the security of the system include the integrity, confidentiality, and the availability. The features that are used to protect the system include encryption, logging, auditing, and authentication (Naik & Tripathy, 2011). Good technology should, therefore, guarantee the entire security of the system. One of the techniques used in maintaining the system quality attribute is security architecture. Security architecture refers to the design artifacts describing the position of security controls also known as security countermeasure and their relationship with the entire information technology architecture. The controls maintain the quality attributes of the systems such as confidentiality, accountability, availability, and assurance.

For a technology to satisfy the characteristic of the security, it should guarantee physical security of the system. Advances in security related to the equipment have brought significant transformation in the protection of the systems and applications. For instance, using technologies with sensors over another without will allow reporting of the unauthorized removal of items. Also, a technology with access control systems and personal identification will be superior to the one without since such features will be capable of reading the unique personal characteristics such as the hand geometry and the voice quality thereby satisfying the security requirement of a system. Choosing the technology with Surveillance devices will also meet the attributes of security. Such features will enable scanning the premises of the machines at night and preventing unauthorized entry.

Superior technology will also allow for proofing of the user identity, which is an important aspect of ensuring integrity. Besides, it will allow authorization and authentication by identifying the trust boundaries and allowing only a few people to cross them. Technology that prevents malicious input will also satisfy the security attribute than the one without such features. It will prevent damage to the system by ensuring there is a validation of all input for length, format, range, and the type by utilizing the reject, constraint, and sanitize principles. Technology that allows coding of the should be adopted over another that do not allow since it ensures that data is only meaningful to the to the intended recipients. Besides, such technology will prevent the tampering of the data.

The technology such as information security management system will ensure that there is the partitioning of the sites into the anonymous authenticated and identified users and utilize the application instrumentation for logging and exposing the behaviors that can be monitored. This technology will be superior to biometrics. This technology satisfies the security attributes by allowing repudiation of the user actions by utilizing the instrumentation for logging and auditing all the user interaction for critical application operations. Auditing and logins are used as add-on security features to the operating systems and applications that had insufficient security during the development. Such internal factors play a great role in ensuring that any actions taken are logged and audited to establish the base cause of the problem in case there is any security violation. Applying this technology will also prevent the disclosure of the information and loss of the sensitive data. This is achieved by carrying out the design of all the aspects of the application for preventing the exposure of the sensitive system and the application information.

Technology that prevents the interruption of the services because of denial of the service attacks is superior to the one without these features. In satisfying the security attributes, the technology will reduce the sessions timeout and implement the code or the hardware to mitigate or detect attacks. Given this background, becomes evident that there is a reduction of losses and damages by preventing or reducing the impacts of the security incidents.

Some of the technologies such as security architecture are more superior to biometrics in satisfying the security attributes since they pose several challenges in ensuring the security as one of the quality attributes. For instance, some of the biometrics are hard to use without proper training. Furthermore, environmental condition and time may affect the accuracy regarding the biometric data. For instance, the biometric may reflect change if the individual gets old. Environmental condition either alters the biometric directly or can even interfere with the data collection. The accuracy of the biometric data is also not assured (Ahmad, Ali & Adnan, 2012).

Technology that reduces the cost of maintaining the security of the software is superior to the other that does not save cost. For instance, technologies that allow for automatic update reduces cases where the cost of maintaining security attributes keeps on recurring. Such technology will be satisfactory as compared to the one with an expiry date. The latter can also expose the system to potential risk between the time of expiry and renewal.

Superior technology will allow identification and analysis of the risks associated with the software. Besides, it will allow specification and the implementation and reviewing of the safeguards. Safeguards will prevent the attack of the system and the cost associated with the correction of the errors of the system. Moreover, it will improve security by allowing early detection and subsequent reaction related to the security incidences.

In summary, the paper has established that many factors will influence the choice of technology over another to enhance the safety of the system. However, all the criteria for preferring a technology to another are aimed at ensuring that they guarantee the safety by making sure that there is confidentiality, availability, and assurance.

References

Ahmad, S. M. S., Ali, B. M., & Adnan, W. A. W. (2012). Technical issues and challenges of biometric applications as access control tools of information security. International journal of innovative computing, information, and control, 8(11), 7983-7999.

ces: the web service modeling language. Springer Publishing Company, Incorporated.

Naik, K., & Tripathy, P. (2011). Software testing and quality assurance: theory and practice. John Wiley & Sons.