Secure Data

This assignment is two tasks of a general project and should be about two to three pages. Please review the attached scenario of the project and also the step one and two descriptions.

Step 1: Initiating the Project and Defining Its Scope

As the cloud security architect, you will need to understand the security development lifecycle process. To learn about this, review the following resources:

Click the following links to learn more about critical infrastructure sectors:

  • Critical Infrastructure Sectors. Read their descriptions and consider which sector you support in your role.
  • Process Control Systems: Cybersecurity and Defense

To be completed by a designated team member:

In your report, you will tailor your life cycle using security development lifecycle elements as well as from the software development life cycle elements, which would use software development methodologies.

Provide the concepts of the project. Describe your rationalizations for your tailoring. Define the products needed. Describe the mission of the client organization and the business need to move to a community cloud. This can be fictional or modeled from a real-world example with citations in APA format.

Identify the scope of the security architecture and include a topology of the architecture of the cloud environment. The information can be fictional or modeled from a real-world example with citations in APA format.

Identify in the topology which security features are needed for each of the components. Examples of topology include Amazon Web services, Generic Hadoop, Map-r, Cloudera, or MS Azure. Look at the functional architecture of a cloud-based system and the security architecture. Identify which parts of the functional architecture are within the scope of the security architecture for the overall systems of systems in the cloud. Identify which security features are needed to protect each component, as data is in transit and data is at rest within the architecture. Include in your descriptions possible software and hardware components as well as an operating system and the security protections needed for those components.

Narrow the scope of the security architecture relevant to the project you are assigned and to achieve security for data in transit. State the security objective of this project. When you are considering the software development life cycle approach, consider what model you are following. Some examples are waterfall, spiral, agile, and extreme programming.

Other questions to consider in the project initiation discussion:

  • What tools are there?
  • Why should you use them?
  • What are the system issues and other concerns?
  • What is interoperability?

Possible technologies to consider include:

  • Data in transit
  • How protected
  • Data integrity

In the project initiation portion of the final report, you will also report on the risk information you have gathered and evaluated and introduce a risk management strategy. Think like an attacker, and describe what are threats and probability of likelihood of those threats being exploited. Think about data in use in the memory of the processing resources. Where in the system is the data most likely plaintext and unprotected?

Provide your reasoning and cite sources you used to arrive at your conclusions. Click the link to review the resources on threat modeling, and then include, in your own words, a definition of threat modeling and explain how it is used in determining risk.

After defining the project and scope, move to the next step, where the team, as part of your functional analysis and design, will use the SQUARE method for requirements information gathering.

Step 2: Begin Functional Analysis and Design—Use SQUARE for Requirements Information Gathering

Now that the team has initiated the project, they will now focus on the functional design of the project.

To be completed by a designated team member:

Click the following link to learn more about software quality requirements engineering (SQUARE). Then, identify the SQUARE process and provide an overview of how to collect requirements for the security technology and/or techniques that are being proposed.

This information will be added to the group report.

In the next step, the team will learn how to secure data in the cloud.

Do you need help with this assignment or any other? We got you! Place your order and leave the rest to our experts.

Quality Guaranteed

Any Deadline

No Plagiarism