ISYS326: Information Systems Security
Assignment 2, Semester 2, 2019
(Weighting 35%)
Assignment Description:
In this assignment, you have to choose an Information System or IT system to write a reflective report on security analysis. You can choose a system from the following list or your own. If you select your own topic, it must be based on a peer reviewed journal paper (e.g., published by IEEE, ACM, Springer and Elsevier). The report would be based on two security models: STRIDE and DREAD. First, you need to identify 5 common security threats to your selected system. Then, you should list the security requirements to deal with those threats using STRIDE model. In the second part of your report, you have to analyse the risk of each threat on your system using DREAD model. You also need to measure the overall risk of the system and propose the appropriate security measures to overcome the threats. The assignment is a group assignment and each group may have 2 members at best.
List of IS or IT Systems:
- Enterprise Resource Planning
- Data Warehousing
- Office Automation
- Global Information Systems
- Library Management Systems
- Online Ticket Reservation Systems
- Hotel Management System
- Banking System
- Healthcare System
- Supply Chain Management System
Report Structure:
You should use the IEEE conference paper template to write the report like assignment 1. The template can be downloaded from the unit LEO site. The report should not exceed 3000 words in total including bibliography and appendix.
Abstract: An abstract (a short summary of the report) needs to convey a complete synopsis of the paper, but within a word tight limit. Writing an abstract includes brief introduction to the general topic of the work and then explanation of the exact research strategies, including the aims. It should then highlight the outcomes.
Introduction: In the Introduction, you are attempting to inform the reader about the rationale behind the work. The introduction does not have a strict word limit, unlike the abstract, but it should be as concise as possible. It can be a tricky part of the paper to write, so many scientists and researchers prefer to write it last, ensuring that they miss no major points. The introduction gives an overall view of the report but does address a few slightly different issues from the abstract. An introduction should emphasize on background, importance, limitations, and assumptions. You should provide a short overview of the chosen system in this section.
Identify Five Common Security Threats: In this section, you will be identifying five common security threats that might have significant impacts on your system. You have to choose specific security attack on different security services such as attacks on integrity, data confidentiality, availability, authentication, non-repudiation and so on.
Analyse Security Requirements using STRIDE model: Now you need to analyse the security requirements using STRIDE model and also map the requirements with respect to security attacks (known as STRIDE threat classification). An explanation should be provided whether the chosen system can defend the security threats classified by the STRIDE model.
Risk Rating Using DREAD Model: In this section, you have to calculate risk values for each threat. Using DREAD model, you have to quantify the risk factor for each category and then calculate the overall risk value to evaluate the severity of risks on your information or IT system. You also need to describe some mitigation techniques to overcome the risks.
Conclusion: This is really just a more elaborate version of the abstract. In a few lines you should summarize your findings and recommendations. Your abstract will do most of this for you but, as long as you do not get carried away, especially for longer reports, it can help the reader absorb your findings a little more.
References: All papers that are used in the report must be cited in the reference section. Your report should include at least 4 peer reviewed conference and/or journal papers. Please ensure that you reference properly and acknowledge all sources using the Harvard (AGPS) style (check LEO site for guidelines). Don’t use IEEE referencing style.
Marking Scheme: Please check the marking rubric on the next page.
A report template has been uploaded on the LEO site for your reference.
A research report on STRIDE and DREAD model can also be downloaded from the unit LEO site.
Rubric – Assessment 2: Information Systems Security Analysis and Planning (Total marks = 35)
|
ILO |
Criteria |
Standards |
||||
|
Below Expectations |
Meets Expectations |
Exceeds Expectations |
||||
|
Level 1 (e.g. F) |
Level 2 (e.g. P) |
Level 3 (e.g. C) |
Level 4 (e.g. D) |
Level 5 (e.g. HD) |
||
|
L5 |
A report which evaluates the security risk of a system in an organisation using standard risk assessment models. (20 Marks) |
No submission or submission containing little or no material relevant to risk assessment. |
Some omissions and/or inconsistencies such that an incomplete risk assessment report is submitted. |
Minor omissions and/or inconsistencies which might raise some concerns such as incorrect evaluation of a security threat |
Sufficient detail such that comprehensive risk assessment and analysis that demonstrates that the student is aware of and understands all obvious relevant issues. |
All relevant information provided including risk scores, severity and potential consequences. |
|
L4 |
A well-structured and understandable report that implements appropriate security measures to minimise the risks. (15Marks) |
No submission or material in the submission related to mitigation techniques. |
Submitted late and/or much too long or too short and/or illogical structure or inconsistent style. Inappropriate security measures are recommended. |
Submitted on time but lacking successful integration of different security measures to overcome the threats |
All possible mitigation techniques are discussed, and the right security measures have been selected to minimise the impacts |
A clear, concise, wellstructured report identifying all mitigation techniques, implementation costs of those techniques, and justification of selecting the right one |
Assignment Service Australia | CDR Writing Help | TAFE Assignment Help | Perth Assignment Help | Melbourne Assignment Help | Darwin Assignment Help | Adelaide Assignment Help | Assignment Help Victoria | Sydney Assignment Help | Canberra Assignment Help | Brisbane Assignment Help | CDR for Australian immigration | Course For Australian History
Diploma Universities Assignments
- Laureate International Universities Assignment
- Holmes Institute Assignment
- Tafe NSW
- Yes College Australia
- ACC508 Informatics and Financial Applications Task 2 T2, 2019
- ACC512 Accounting
- ACC520 Legal Regulation of Business Structures Semester 2, 2019
- ACCT20074 Contemporary Accounting Theory Term 2 Assessment 3
- AERO2463 Computational Engineering Analysis : Assignment 4
- B01DBFN212 Database Fundamentals Assessment 1
- BE01106 - Business Statistics Assignment
- BFA301 Advanced Financial Accounting
- BFA504 Accounting Systems Assessment 3
- BSB61015 Advanced Diploma of Leadership and Management
- BSBADV602 Develop an Advertising Campaign
- BSBCOM603 Plan and establish compliance management systems case study
- BSBCOM603 Plan and establish compliance management systems Assessment Task 1
- BSBCOM603 Plan and establish compliance management systems Assessment Task 2
- BSBCOM603 Plan and establish compliance management systems Assessment Task 3
- BSBFIM501 Manage Budgets And Financial Plans Assessment Task 1
- BSBHRM602 Manage Human Resources Strategic Planning
- BSBINM601 Manage Knowledge and Information
- BSBWOR501 Assessment Task 3 Plan Personal Development Plan Project
- BSBMGT517 Manage Operational Plan
- BSBWHS521 Ensure a Safe Workplace For a Work Area
- BSBWRK510 Manage employee relations
- BUSS1030 Accounting, Business and Society
- CAB202 Microprocessors and Digital Systems Assignment Help
- CHC40213 Certificate IV in Education Support
- CHCAGE001 Facilitate the empowerment of older people
- CHCAGE005 Provide support to people living with dementia
- CHCCCS023 Support independence and wellbeing
- CHCCCS025 Support relationships with carers and families
- CHCCOM005 Communicate and CHCLEG001 Work Legally Ethically
- CHCDIS002 Follow established person-centred behaviour supports
- CHCECE019 Early Childhood Education and Care
- CHCHCS001 Provide home and community support services
- COMP10002 Foundations of Algorithms
- COMP90038 Algorithms and Complexity
- COSC2633/2637 Big Data Processing
- COSC473 Introduction to Computer Systems
- CPCCBC5011A Manage Environmental Management Practices And Processes In Building And Construction
- CPCCBC5018A Apply structural Principles Medium rise Construction
- CSE3OSA Assignment 2019
- ELEC242 2019 Session 2
- ENN543 Data Analytics and Optimisation
- ENN543 Data Analytics and Optimisation Semester 2, 2019
- FINM202 Financial Management Assessment 3 Group Report
- Forensic Investigation Case Assignment ECU University
- HA2042 Accounting Information Systems T2 2019
- HC1010 Holmes Institute Accounting For Business
- HC2112 Service Marketing and Relationship Marketing Individual Assignment T2 2019
- HC2121 Comparative Business Ethics & Social Responsibility T2 2019
- HI5002 Holmes Institute Finance for Business
- HI5003 Economics for Business Trimester 2 2019
- HI5004 Marketing Management T1 2020 Individual Report
- HI5004 Marketing Management T1 2020 Group Report
- HI5004 Holmes Institute Marketing Management
- HI5014 International Business across Borders Assignment 1
- HI5014 International Business across Borders
- HI5017 Managerial Accounting T2 2019
- HI5017 Managerial Accounting T1 2019
- HI5019 Tutorial Questions 1
- HI5019 Strategic Information Systems for Business and Enterprise T1 2020
- HI5019 Holmes Institute Strategic Information Systems T2
- HI5019 T2 2019
- HI5019 T1 2019
- HI5020 Corporate Accounting T3 2019
- HI5020 Corporate Accounting T2 2019
- HI6005: Management and Organisations in a Global Environment
- HI6006 Tutorial questions
- HI6006 Competitive Strategy Individual T1 2020
- HI6006 Holmes Institute Competitive Strategy
- HI6006 Competitive Strategy T3 2019
- HI6007 Statistics for business decisions
- HI6007 Assessment 2 T1 2020
- HI6007 T1 2019
- HI6008 T2 2019
- HI6008 Holmes Institute Research Project
- HI6025 Accounting Theory and Current Issues
- HI6026 Audit, Assurance and Compliance Assignment Help
- HI6026 Audit, Assurance and Compliance
- HI6027 business and corporate law tutorial Assignment T1 2021
- HI6027 Business and Corporate Law T3 2019
- HI6027 Business and Corporate Law T2 2019
- HI6028 Taxation Theory, Practice and Law T2 2021
- Hi6028 taxation theory, practice and law Final Assessment t1 2021
- HI6028 Taxation Theory, Practice and Law T2 2019
- HI6028 Taxation Theory T1 2019
- HI6028 Taxation Law Holmes
- HLTAAP001 Recognise healthy body systems
- HLTWHS002 Follow safe practices for direct client care
- HOTL5003 Hotel Property and Operations
- HPS771 - Research Methods in Psychology A
- HS2021 Database Design
- ICTICT307 Customise packaged software applications for clients
- IFN619 Data Analytics for Strategic Decision Makers
- INF80028 Business Process Management Swinburne University
- ISY2005 Case Assignment Assessment 2
- ISYS326: Information Systems Security Assignment 2, Semester 2, 2019
- ITAP3010 Developing Data Access Solutions Project
- ITECH1103- Big Data and Analytics – Lab 3 – Working with Data Items
- ITECH1103- Big Data and Analytics Assignment Semester 1, 2020
- ITECH 5500 Professional Research and Communication
- Kent Institute Australia Assignment
- MA5830 Data Visualisation Assignment 2
- MGMT7020 Project Management Plan
- Mgt 301 Assessment 3
- MGT215 Project Management Individual Assignment
- MIS102 Data and Networking Assignment Help
- MITS4002 Object Oriented Software Development
- MITS5002 Software Engineering Methodology
- MKT01760 Tourism Planning Environments Assessment 4
- MKT01760 Tourism Planning Environments
- MKT01906 International Tourism Systems
- MKT5000 Marketing Management S2 2019
- MNG03236 Report Writing SCU
- MRE5003 Industrial Techniques In Maintenance Management Assignment 4
- MRE5003 Industrial Techniques In Maintenance Management Assignment 3
- MRE5003 Industrial Techniques In Maintenance Management
- Network Security and Mitigation Strategies Answers
- NIT2213 Software Engineering Assignment
- NSB231 Integrated Nursing Practice Assessment Task 1
- Science Literacy Assessment 4
- SIT323 Practical Software Development T 2, 2019
- SIT718 Using aggregation functions for data analysis
- SITXCOM002 Show Social and Cultural Sensitivity
- TLIL5055 Manage a supply chain
- TLIR5014 Manage Suppliers
- USQ ACC5502 Accounting and Financial Management
- UTS: 48370 Road and Transport Engineering Assessment 2
- CHCAGE001 Facilitate the empowerment of older people
- CHCAGE005 Provide support to people living with dementia
- CHCCCS011 Meet personal support needs
- CHCCCS015 Provide Individualised Support
- CHCCCS023 Support independence and wellbeing
- CHCCCS025 Support relationships with carers and families
- CHCCOM005 Communicate and work in health or community services
- CHCDIS001 Contribute to ongoing skills development
- CHCDIS002 Follow established person-centred behaviour supports
- CHCDIS003 Support community participation and social inclusion
- CHCDIS005 Develop and provide person-centred service responses
- CHCDIS007 Facilitate the empowerment of people with disability
- CHCDIS008 Facilitate community participation and social inclusion
- CHCDIS009 Facilitate ongoing skills development
- CHCDIS010 Provide person-centred services
- CHCDIV001 Work with diverse people
- CHCHCS001 Provide home and community support services
- CHCLEG001 Work legally and ethically
- CHCLEG003 Manage legal and ethical compliance
- HLTAAP001 Recognise healthy body systems
- HLTAID003 Provide First Aid
- HLTHPS007 Administer and monitor medications
- HLTWHS002 Follow safe work practices for direct client care
- CORPFIN 7101 managerial finance assignment answers
- Assignment 2 Introduction to Digital Forensics
- MGT603 Systems Thinking Assessment 1
- MGT603 Systems Thinking Assessment 2
- Hi5017 Managerial Accounting T1 2021
- HI6028 Taxation Theory, Practice and Law T1 2021
- OODP101 Assessment Task 3 T1 2021
- ITNE2003R Network Configuration and Management Project