The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
Information Security Management in University Campus Using Cognitive SecurityCSCJournals
Nowadays, most universities offer free Internet connections, access to scientific databases, and advanced computer networks for the members of their community, which generates dynamic and complex scenarios. In this context, it is necessary to define proactive security strategies, as well as the integration of technology and research. This work presents a general vision of the experience adopted by the universities in the field of information security management using cognitive security.
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONSijfcstjournal
Recent advances in computing have caused cyber security to become an increasingly critical issue that
affects our everyday life. Both young and old in society are exposed to benefits and dangers that
accompany technological advance. Cyber security education is a vital part of reducing the risks associated
with cyber-threats. This is particularly important for current and future youth, who are the most
technology-literate generations. Many research studies and competitions have been undertaken around the
world to emphasize and identify the significance of cyber security as a relevant and pressing research area.
Cyber security competitions are great means of raising interest in the young generation and attracting them
to educational programmes in this area. These competitions show the need for cyber security to be taught
as a formal subject in secondary schools to enhance the effectiveness of computer science concepts in cyber
space. This paper presents an effective educational approach, justifying such competitions as a means of
introducing cyber security as a computer science subject for New Zealand secondary school students, and
also presents methods of implementation.
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
Increasingly, all kinds of organizations and institutions are adopting the E-business model to conduct their
activities and provide E-Services for their customers. In the process, whether they know it or not, those
organizations are also opening themselves up to the risk of information security breaches. Therefore
protecting an organization’s ICT infrastructure, IT systems, and Data is a vital issue that is often
underestimated. Research has shown that one of the most significant threats to information security comes
not from external attack but rather from the system's users, because they are familiar with the
infrastructure and have access to its resources, but may be unaware of the risks. Moreover, using only
technological solutions to protect an organization’s assets is not enough; there is a need to consider the
human factor by raising users’ security awareness. Our contribution to this problem is to propose an
Information Security Awareness Program that aims at raising and maintaining the level of users’ security
awareness. This paper puts forward a general model for an information security awareness program and
describes how it could be incorporated into an organization’s website through the process of development
life cycle.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
Information Security Management in University Campus Using Cognitive SecurityCSCJournals
Nowadays, most universities offer free Internet connections, access to scientific databases, and advanced computer networks for the members of their community, which generates dynamic and complex scenarios. In this context, it is necessary to define proactive security strategies, as well as the integration of technology and research. This work presents a general vision of the experience adopted by the universities in the field of information security management using cognitive security.
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONSijfcstjournal
Recent advances in computing have caused cyber security to become an increasingly critical issue that
affects our everyday life. Both young and old in society are exposed to benefits and dangers that
accompany technological advance. Cyber security education is a vital part of reducing the risks associated
with cyber-threats. This is particularly important for current and future youth, who are the most
technology-literate generations. Many research studies and competitions have been undertaken around the
world to emphasize and identify the significance of cyber security as a relevant and pressing research area.
Cyber security competitions are great means of raising interest in the young generation and attracting them
to educational programmes in this area. These competitions show the need for cyber security to be taught
as a formal subject in secondary schools to enhance the effectiveness of computer science concepts in cyber
space. This paper presents an effective educational approach, justifying such competitions as a means of
introducing cyber security as a computer science subject for New Zealand secondary school students, and
also presents methods of implementation.
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
Increasingly, all kinds of organizations and institutions are adopting the E-business model to conduct their
activities and provide E-Services for their customers. In the process, whether they know it or not, those
organizations are also opening themselves up to the risk of information security breaches. Therefore
protecting an organization’s ICT infrastructure, IT systems, and Data is a vital issue that is often
underestimated. Research has shown that one of the most significant threats to information security comes
not from external attack but rather from the system's users, because they are familiar with the
infrastructure and have access to its resources, but may be unaware of the risks. Moreover, using only
technological solutions to protect an organization’s assets is not enough; there is a need to consider the
human factor by raising users’ security awareness. Our contribution to this problem is to propose an
Information Security Awareness Program that aims at raising and maintaining the level of users’ security
awareness. This paper puts forward a general model for an information security awareness program and
describes how it could be incorporated into an organization’s website through the process of development
life cycle.
June 2020: Top Read Articles in Advanced Computingacijjournal
Advanced Computing: An International Journal (ACIJ) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the advanced computing. The journal focuses on all technical and practical aspects of high performance computing, green computing, pervasive computing, cloud computing etc. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding advances in computing and establishing new collaborations in these areas.
Authors are solicited to contribute to the journal by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the areas of computing.
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
Today threat landscape growing at the rapid rate with much organization continuously face complex and malicious cyber threats. In today's Internet connected world where technologies support almost every feature of our society, cyber security and forensic specialists are increasingly distributing with wide ranging cyber threats in almost. real time conditions. The capability to detect, analyze, and defend against such threats in near real time conditions is not possible without the employment of threat intelligence, big data, and machine learning techniques. Cyber Threat Intelligence CTI has become a hot topic and being under consideration for many organizations to counter the rise of cyber attacks. The vast majority of information security challenges we face today are the result of serendipitous and naive decisions made in the early stages of the Internet. Khin Myat Nwe Win | Yin Myo Kay Khine Thaw "Information Sharing of Cyber Threat Intelligence with their Issue and Challenges" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26504.pdfPaper URL: https://www.ijtsrd.com/computer-science/computer-security/26504/information-sharing-of-cyber-threat-intelligence-with-their-issue-and-challenges/khin-myat-nwe-win
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016Riina Vuorikari
Phase 1: Almost publishable version with comments from the consultation. Publication expected in the end of May - Phase2: 8 levels of learning outcomes in the end of 2016.
International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
Testimony of Terry V. Benzel, University of Southern California Information S...DETER-Project
Terry V. Benzel, Deputy Director of the Cyber Networks and Cyber Security Division of the Information Sciences Institute (ISI), part of the Viterbi School of Engineering at the University of Southern California (USC), presents testimony before the House Science, Space and Technology Committee Subcommittees on Research and Technology, at a hearing on Cyber R&D Challenges and Solutions, February 26, 2013. Ms. Benzel presents her perspective on the Committee's questions, and her comments on the Cyber Security Enhancement Act of 2013. Ms. Benzel's remarks are based on more than 30 years in the cyber security research and development community.
For additional information on this topic and related materials, please visit: http://www.deter-project.org/blog/testimony_house_subcommittee_cyber_rd_0
YouTube Video of Hearing: http://www.youtube.com/watch?v=nHEYHkcIHFc
Executive panel discussion at the 2010 BDPA Technology Conference on "Federal IT Initiatives".
Panel members: John James (US Navy), Bob Whitkp (US Navy), Tony McMahon (IRS) and Dr. Anthony Junior (US Navy)
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCengage Learning
Smartphones, socialmedia, downloading MP3music files,watchingmovies on tablet computers—these are the types
of activities that our students are constantly engaged in. However, these are the same activities that attackers are
targeting today, yet very fewof our students knowhowto protectthemselves fromthese targeted attacks. In this
presentation we will look at practical security instruction that can be added to any computer course in order to help
our students stay secure.
PresIDIo 1 & 2 WhAT shoulD I geT ouT
Application of Cloud Computing Models in Educationijtsrd
The cloud computing is a rapidly developing technology, which has brought significant changes and opportunities to various sectors in India. It is a pervasive computing paradigm that has revolutionized how Information Technology infrastructure and services can be delivered. There is a growing interest around the utilization of cloud computing in the education sector. Education plays an essential role in maintaining the economic growth of a country. Now a days the classroom teaching is changing and students are becoming more technology oriented in his changing environment, it's critical that we think about the latest technologies to incorporate in the teaching and learning process. The survey identifies and analyses the advantages and dangers that the use of cloud computing may have for the main stakeholders in education. Dr. S. VenkateshKumar | M, Karthick "Application of Cloud Computing Models in Education" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29341.pdf Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/29341/application-of-cloud-computing-models-in-education/dr-s-venkateshkumar
Topic: Cloud Computing
Type: Research Paper Subject: Information Technology
Academic Level: Undergraduate
Style: MLA
Language: English (U.S)
Number of pages: 8 (double spaced, Times New Roman, Font 12)
Number of sources: 5
Task details
Write a 2000-word research paper that discusses the current state-of-the-art in cloud computing. The paper should discuss both the currently available technology and possible
New developments and designs to come in the next decade. The sources for your paper
are limited to the primary articles (not columns) in IEEE publications that have appeared
Since Jan. 2009:
Presentation includes illustrative scenarios where citizens interact wtih AI systems and then goes on to talk about what knowledge, skills and attitudes are needed to use digital technologies in a safe, responsible and critical way.
Proposed high level solutions to counter online examination fraud using digit...Ivans Kigwana
In this current digital age, most of the tasks are conducted electronically. Some academic institutions have not been left behind as they have adopted the norm of presenting exams via online means to students. The present-day paradigm creates opportunities for students to use this as an opening to cheat or commit online examination fraud because of the absence of exam proctors. Having electronic evidence would be vital if there was a disciplinary hearing into examination fraud. In the case when an institution is not prepared before-hand for such an incident, it is likely that there won’t be important electronic evidence that is admissible before the disciplinary committee. In this case, it could be damaging to the institution’s reputation and how it handles its academic affairs. In order to prepare institutions for such an incident, there should be proactive measures (digital forensic readiness measures) that need to be in place. These digital forensic readiness techniques can be used interchangeably because most, if not all of them, capture different kinds of data. So the institution needs a proper plan on what data might be useful before any technique can be implemented. Various factors such as cost of implementation and difficulty of implementation of these digital forensic readiness methods make its implementation even more difficult. This paper aims to explore the various ways how students commit online examination fraud and later propose high level digital forensic readiness techniques that can be used to capture as much information as possible before-hand which can later be used when there is need for a digital forensic investigation or perhaps suspicion of examination malpractice. We later evaluate the proposed techniques based on difficulty of implementation, cost of implementation and efficiency of operation of each particular technique. As motivation, we choose six (6) techniques which are explained in detail to help the reader understand why and how they can be used to suit a given digital forensic readiness purpose.
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Christian Glahn
In this presentation I outline some educational design patterns for making use of mobile learning.
The presentation has been held at the Interagency Mobile Learning Webinar Series on 22 May 2014 - Make certain you also watch the recording: http://bit.ly/1m06gRz
Virtualization has become a widely and attractive employed technology in cloud computing environments. Sharing of a single physical machine between multiple isolated virtual machines leading to a more optimized hardware usage, as well as make the migration and management of a virtual system more efficiently than its physical counterpart. Virtualization is a fundamental technology in a cloud environment. However, the presence of an additional abstraction layer among software and hardware causes new security issues. Security issues related to virtualization technology have become a significant concern for organizations due to arising some new security challenges.
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECTawnaDelatorrejs
CAPSTONE PROJECT: LITERATURE REVIEW ASSIGNMENT 1
CAPSTONE PROJECT: LITERATURE REVIEW ASSIGNMENT 8
LITERATURE REVIEW ASSIGNMENT
Jerry L. Quarles
School of Engineering & Computer Science, Liberty University
Author Note
Jerry L. Quarles
I have no known conflict of interest to disclose.
Correspondence concerning this article should be addressed to Jerry L. Quarles.
Email: [email protected]
Table of Contents
Introduction 3
Problem Statement 5
Research Question(s) 8
Literature Review 9
Literature Review Findings and Gaps……………………………………………………………17
Conclusion 19
References 21
Appendix…..……………………………………………………………………………………..26
Error in red – not booked marked correctly
FAILED THIS ASSIGNMENT ALL THE WORK THAT IS MARKED THRU WAS PLAGARISM COPIED WORK!
Total word count needs to be 4000 words so you can use anything highlighted in yellow again to get a total of 4000 words!
Introduction
DO NOT USE MARKED THRU WORDS -Rapid advancements in modern technology have changed the digital landscape and increased the demand for secure internet and communication Technology and Cloud computing is one of them. Cloud computing has grown in popularity as a study and application field (Rashid, & Chaturvedi, 2019). A growing number of technology companies and manufacturing industries have started to implement cloud-based services or are planning to do so. Nonetheless, there are a few drawbacks to using public and or private cloud technologies. As a result, quite a few institutions are already using private cloud technologies. Day by day cloud computing is in growth as many organizations adopted cloud technology, but in parallel, several security issues are raised. Each organization chooses secure infrastructures when they move its data to remote locations. According to the NIST security, portability and interoperability are the major obstacles to the adoption of cloud computing.
Can Use Highlighted words
Our motivation for creating a new design of a hybrid architecture using key cloud technologies build a new private cloud platform for Amazon Inc. that requires high data availability at a low cost. Big data approaches relying on traditional data warehouses often pose latency problems, making them unsuitable for new data use cases (Hsu, Fox, and Min, 2019). Many cloud services are provided by a trusted third party which arises new security threats. The cloud provider provides its services through the Internet and uses many web technologies that arise new security issues. This paper discussed the basic features of cloud computing, security issues, threats, and their solutions. Additionally, the paper describes several key topics related to the cloud, namely cloud architecture framework, service and deployment model, cloud technologies, cloud security concepts, threats, and attacks.
When data is stored in remote storage, the cloud user loses control over the data, at this time consumers may not be conscious of the details of security policies, vulne ...
June 2020: Top Read Articles in Advanced Computingacijjournal
Advanced Computing: An International Journal (ACIJ) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the advanced computing. The journal focuses on all technical and practical aspects of high performance computing, green computing, pervasive computing, cloud computing etc. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding advances in computing and establishing new collaborations in these areas.
Authors are solicited to contribute to the journal by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the areas of computing.
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
Today threat landscape growing at the rapid rate with much organization continuously face complex and malicious cyber threats. In today's Internet connected world where technologies support almost every feature of our society, cyber security and forensic specialists are increasingly distributing with wide ranging cyber threats in almost. real time conditions. The capability to detect, analyze, and defend against such threats in near real time conditions is not possible without the employment of threat intelligence, big data, and machine learning techniques. Cyber Threat Intelligence CTI has become a hot topic and being under consideration for many organizations to counter the rise of cyber attacks. The vast majority of information security challenges we face today are the result of serendipitous and naive decisions made in the early stages of the Internet. Khin Myat Nwe Win | Yin Myo Kay Khine Thaw "Information Sharing of Cyber Threat Intelligence with their Issue and Challenges" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26504.pdfPaper URL: https://www.ijtsrd.com/computer-science/computer-security/26504/information-sharing-of-cyber-threat-intelligence-with-their-issue-and-challenges/khin-myat-nwe-win
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016Riina Vuorikari
Phase 1: Almost publishable version with comments from the consultation. Publication expected in the end of May - Phase2: 8 levels of learning outcomes in the end of 2016.
International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
Testimony of Terry V. Benzel, University of Southern California Information S...DETER-Project
Terry V. Benzel, Deputy Director of the Cyber Networks and Cyber Security Division of the Information Sciences Institute (ISI), part of the Viterbi School of Engineering at the University of Southern California (USC), presents testimony before the House Science, Space and Technology Committee Subcommittees on Research and Technology, at a hearing on Cyber R&D Challenges and Solutions, February 26, 2013. Ms. Benzel presents her perspective on the Committee's questions, and her comments on the Cyber Security Enhancement Act of 2013. Ms. Benzel's remarks are based on more than 30 years in the cyber security research and development community.
For additional information on this topic and related materials, please visit: http://www.deter-project.org/blog/testimony_house_subcommittee_cyber_rd_0
YouTube Video of Hearing: http://www.youtube.com/watch?v=nHEYHkcIHFc
Executive panel discussion at the 2010 BDPA Technology Conference on "Federal IT Initiatives".
Panel members: John James (US Navy), Bob Whitkp (US Navy), Tony McMahon (IRS) and Dr. Anthony Junior (US Navy)
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCengage Learning
Smartphones, socialmedia, downloading MP3music files,watchingmovies on tablet computers—these are the types
of activities that our students are constantly engaged in. However, these are the same activities that attackers are
targeting today, yet very fewof our students knowhowto protectthemselves fromthese targeted attacks. In this
presentation we will look at practical security instruction that can be added to any computer course in order to help
our students stay secure.
PresIDIo 1 & 2 WhAT shoulD I geT ouT
Application of Cloud Computing Models in Educationijtsrd
The cloud computing is a rapidly developing technology, which has brought significant changes and opportunities to various sectors in India. It is a pervasive computing paradigm that has revolutionized how Information Technology infrastructure and services can be delivered. There is a growing interest around the utilization of cloud computing in the education sector. Education plays an essential role in maintaining the economic growth of a country. Now a days the classroom teaching is changing and students are becoming more technology oriented in his changing environment, it's critical that we think about the latest technologies to incorporate in the teaching and learning process. The survey identifies and analyses the advantages and dangers that the use of cloud computing may have for the main stakeholders in education. Dr. S. VenkateshKumar | M, Karthick "Application of Cloud Computing Models in Education" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29341.pdf Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/29341/application-of-cloud-computing-models-in-education/dr-s-venkateshkumar
Topic: Cloud Computing
Type: Research Paper Subject: Information Technology
Academic Level: Undergraduate
Style: MLA
Language: English (U.S)
Number of pages: 8 (double spaced, Times New Roman, Font 12)
Number of sources: 5
Task details
Write a 2000-word research paper that discusses the current state-of-the-art in cloud computing. The paper should discuss both the currently available technology and possible
New developments and designs to come in the next decade. The sources for your paper
are limited to the primary articles (not columns) in IEEE publications that have appeared
Since Jan. 2009:
Presentation includes illustrative scenarios where citizens interact wtih AI systems and then goes on to talk about what knowledge, skills and attitudes are needed to use digital technologies in a safe, responsible and critical way.
Proposed high level solutions to counter online examination fraud using digit...Ivans Kigwana
In this current digital age, most of the tasks are conducted electronically. Some academic institutions have not been left behind as they have adopted the norm of presenting exams via online means to students. The present-day paradigm creates opportunities for students to use this as an opening to cheat or commit online examination fraud because of the absence of exam proctors. Having electronic evidence would be vital if there was a disciplinary hearing into examination fraud. In the case when an institution is not prepared before-hand for such an incident, it is likely that there won’t be important electronic evidence that is admissible before the disciplinary committee. In this case, it could be damaging to the institution’s reputation and how it handles its academic affairs. In order to prepare institutions for such an incident, there should be proactive measures (digital forensic readiness measures) that need to be in place. These digital forensic readiness techniques can be used interchangeably because most, if not all of them, capture different kinds of data. So the institution needs a proper plan on what data might be useful before any technique can be implemented. Various factors such as cost of implementation and difficulty of implementation of these digital forensic readiness methods make its implementation even more difficult. This paper aims to explore the various ways how students commit online examination fraud and later propose high level digital forensic readiness techniques that can be used to capture as much information as possible before-hand which can later be used when there is need for a digital forensic investigation or perhaps suspicion of examination malpractice. We later evaluate the proposed techniques based on difficulty of implementation, cost of implementation and efficiency of operation of each particular technique. As motivation, we choose six (6) techniques which are explained in detail to help the reader understand why and how they can be used to suit a given digital forensic readiness purpose.
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Christian Glahn
In this presentation I outline some educational design patterns for making use of mobile learning.
The presentation has been held at the Interagency Mobile Learning Webinar Series on 22 May 2014 - Make certain you also watch the recording: http://bit.ly/1m06gRz
Virtualization has become a widely and attractive employed technology in cloud computing environments. Sharing of a single physical machine between multiple isolated virtual machines leading to a more optimized hardware usage, as well as make the migration and management of a virtual system more efficiently than its physical counterpart. Virtualization is a fundamental technology in a cloud environment. However, the presence of an additional abstraction layer among software and hardware causes new security issues. Security issues related to virtualization technology have become a significant concern for organizations due to arising some new security challenges.
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECTawnaDelatorrejs
CAPSTONE PROJECT: LITERATURE REVIEW ASSIGNMENT 1
CAPSTONE PROJECT: LITERATURE REVIEW ASSIGNMENT 8
LITERATURE REVIEW ASSIGNMENT
Jerry L. Quarles
School of Engineering & Computer Science, Liberty University
Author Note
Jerry L. Quarles
I have no known conflict of interest to disclose.
Correspondence concerning this article should be addressed to Jerry L. Quarles.
Email: [email protected]
Table of Contents
Introduction 3
Problem Statement 5
Research Question(s) 8
Literature Review 9
Literature Review Findings and Gaps……………………………………………………………17
Conclusion 19
References 21
Appendix…..……………………………………………………………………………………..26
Error in red – not booked marked correctly
FAILED THIS ASSIGNMENT ALL THE WORK THAT IS MARKED THRU WAS PLAGARISM COPIED WORK!
Total word count needs to be 4000 words so you can use anything highlighted in yellow again to get a total of 4000 words!
Introduction
DO NOT USE MARKED THRU WORDS -Rapid advancements in modern technology have changed the digital landscape and increased the demand for secure internet and communication Technology and Cloud computing is one of them. Cloud computing has grown in popularity as a study and application field (Rashid, & Chaturvedi, 2019). A growing number of technology companies and manufacturing industries have started to implement cloud-based services or are planning to do so. Nonetheless, there are a few drawbacks to using public and or private cloud technologies. As a result, quite a few institutions are already using private cloud technologies. Day by day cloud computing is in growth as many organizations adopted cloud technology, but in parallel, several security issues are raised. Each organization chooses secure infrastructures when they move its data to remote locations. According to the NIST security, portability and interoperability are the major obstacles to the adoption of cloud computing.
Can Use Highlighted words
Our motivation for creating a new design of a hybrid architecture using key cloud technologies build a new private cloud platform for Amazon Inc. that requires high data availability at a low cost. Big data approaches relying on traditional data warehouses often pose latency problems, making them unsuitable for new data use cases (Hsu, Fox, and Min, 2019). Many cloud services are provided by a trusted third party which arises new security threats. The cloud provider provides its services through the Internet and uses many web technologies that arise new security issues. This paper discussed the basic features of cloud computing, security issues, threats, and their solutions. Additionally, the paper describes several key topics related to the cloud, namely cloud architecture framework, service and deployment model, cloud technologies, cloud security concepts, threats, and attacks.
When data is stored in remote storage, the cloud user loses control over the data, at this time consumers may not be conscious of the details of security policies, vulne ...
7/13/2019 Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=ed81c06e-b4f4-426c-9cee-f04b1533665… 1/6
%34
%9
%3
%3
SafeAssign Originality Report
Summer 2019 - Application Security (ISOL-534-50) (ISOL-534-51) - Co… • Week 4 -Annotated Bibliography
%50Total Score: High riskNaresh Rama
Submission UUID: 83163885-57ee-26aa-181e-67ee890ed175
Total Number of Reports
1
Highest Match
50 %
AnnotatedBibliography.docx
Average Match
50 %
Submitted on
05/31/19
04:46 PM CDT
Average Word Count
2,482
Highest: AnnotatedBibliography.docx
%50Attachment 1
Global database (6)
Student paper Student paper Student paper
Student paper Student paper Student paper
Institutional database (4)
Student paper Student paper Student paper
Student paper
Scholarly journals & publications (1)
ProQuest document
Internet (2)
journals archives-ouvertes
Top sources (3)
Excluded sources (0)
View Originality Report - Old Design
Word Count: 2,482
AnnotatedBibliography.docx
4 1 12
7 10 5
3 13 2
9
8
6 11
4 Student paper 1 Student paper 12 Student paper
Running head: DATA SECURITY AND CLOUD COMPUTING
DATA SECURITY AND CLOUD COMPUTING
DATA SECURITY AND CLOUD COMPUTING
Naresh Rama
University of the Cumberland’s
Chang, V., & Ramachandran, M. (2015). Towards achieving data security with the cloud computing adoption framework. IEEE Transactions on Services
Computing, 9(1), 138-151. The author of the article describes the various ways through which we can achieve cloud computing and adoption substructure, the author
of the article describes real-time data security for big units of data which is among the most essential for cloud computing. Cloud computing and Data security are
essential because it can be achieved throughan approach which is well-structured, adoptable and systematic. The author says that CCAF is usually demonstrated by
the design of the system which is usually based on the implementation and requirements and illustrated by the CCAF securitywhich has several layers. The targeted
audience of the author is the organizations which rely cloud computing for the purposes of storing information. Almorsy, M., Grundy, J., & Müller, I. (2016). An
1
2 3
4
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport?attemptId=ed81c06e-b4f4-426c-9cee-f04b15336656&course_id=_109656_1&download=true&includeDeleted=true&print=true&force=true
7/13/2019 Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=ed81c06e-b4f4-426c-9cee-f04b1533665… 2/6
analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107. Almorsy alludes that cloud computing is among the latest computational patterns
which provides an innovative business model for entities so that they can adopt Information Technology without upfront expenditure. Notwithstanding the probable
gains which are obtaine.
Framework for the Development of Virtual Labs for Industrial Internet of Thin...Maurice Dawson
The purpose of this paper is to provide a framework that allows for the development of a virtual lab that incorporates emerging technologies such as the Industrial Internet of Things and embedded systems while incorporating open source components. The global shortage of talent is a significant concern as organizations continue to embrace and roll out new technologies such as 5G, and Artificial Intelligence. Several countries such as those in developing countries face issues regarding technology use in the classroom. Thus, to provide a learning environment where cybersecurity and information systems concepts can be taught in an exploratory environment.
Application Threat Modeling In Risk ManagementMel Drews
How to perform threat modeling of software to protect your business, critical assets and communicate your message to your boss and the Board of Directors
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiShreedeep Rayamajhi
This Research was done as Part of the Diplo Foundation internet Governance Capacity Building program 2009. It deals with the basic Idea of Cyber warfare and terrorism and its impact on today's world. Cyber security has been an important issues where this research report highlights the vulnerabilities
A review: Artificial intelligence and expert systems for cyber securitybijejournal
Artificial intelligence (AI) and expert systems are essential and vital tools to counter potentially dangerous threats
in cyber security. The protection of data requires skilled cyber security technicians for various types of roles. The
essential role of an expert system is to monitor the threats and assist the technician to strengthen security. The
system uses various datasets like a machine and deep learning as well as reinforced learning in order to make
intelligent decisions. The Internet of Things (IoT) is one of the major concerns for cyber security because it is
potentially the second most likely vulnerable link in the cyber security environment because an attacker can easily
gain access to the system by breaching any IoT device that is connected to the system. Still human is the strongest
and potentially the weakest link in the cyber security environment. This review intends to present AI and expert
systems for cyber security
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyOrganization
Many major companies realize the continued importance of data and systems protection. Organizations will need to remain vigilant with regard to remote work policies, data access, and upskilling. Learn more about the different types of cyber security trends by PM Integrated.
The emergence of cloud computing has changed perception of all regarding software delivery, development models and infrastructure. Cloud computing has a potential of providing elastic, easily manageable, powerful and cost-effective solutions. The rapid transition to cloud computing has fueled concerns on the security issues. The migration of the user’s data and applications in a shared environment of a cloud, where there is a collocation of several users increases security related concerns. Several research efforts have been made in evaluating challenges related to security faced by the cloud computing environments, a number of solutions of such problems have also been proposed. Integrated security solutions should be devised to deal with the increasing security risks. In this paper, a detailed cloud computing survey, key services and concepts are being presented. This paper attempts to evaluate various security threats to cloud computing and a number of security solutions have also been discussed. Furthermore, a brief view of the cloud security regulatory bodies and compliance have also been presented. Despite the research efforts in cloud security field, there are still some open research problems and challenges which are discussed in this paper.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
A Security Model for Virtual Infrastructure in the CloudEditor IJCATR
Accordin to easily manage cloud computing, flexibility and powerful resources on space, provide great potential for
improving cost efficiency. Cloud computin capabilities through the efficient use of shared hardware resources increases. Properties
mentioned above, incentive agencies and other users of their programs and sevices in this space with a series with a series of threats
and risks are also met.
This ensures higher accuracy virtualization and cloud infrastrure components of the virtual machines is. In this regard, particularly for
initial design thesis developed a new model called cloud protectionsystem, it is suggested and shown that the proposed model, can
increase supply security in the cloud. And packets received by sources and do not be discarded. How to test this architecture, in terms
of effectiveness and efficiency in the fight against offensive attacks mentioned above, partly expressed and tools for simulating and
measuring the efficiency of the system may be useful, recommended.
Digital forensics research: The next 10 yearsMehedi Hasan
Today’s Golden Age of computer forensics is quickly coming to an end. Without a clear strategy for enabling research efforts that build upon one another, forensic research will fall behind the market, tools will become increasingly obsolete, and law enforcement, military and other users of computer forensics products will be unable to rely on the results of forensic analysis. This article summarizes current forensic research directions and argues that to move forward the community needs to adopt standardized, modular approaches for data representation and forensic processing.
@2010 Digital Forensic Research Workshop. Published by Elsevier Ltd. All rights reserved
Cloud computing is an advanced computing technology used by different organization or individuals for
transferring, overseeing and storing over the internet. Security is an important issue that needs to be studied deeply and
accurately when designing the digital library. Security shortcomings in libraries, combined with assaults or different sorts
of disappointments, can prompt private data being improperly gotten to, or loss of honesty and integrity of the
information put away. This paper will be introduced the concept and characteristics of cloud computing, the relationship
between cloud computing and digital library will be analysis, the cloud computing security management problems under
the environment of digital libraries will be studied , the availability level will be taken into research consideration while
studying security management problems in digital library cloud computing. The main goal will be trying to present a
possible solution for the preventing security threats and hackers on a digital library management system based on cloud
computing.
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
Research Paper Topic
ITS835 – Enterprise Risk Management
Dr. Jerry Alsay
University of the Cumberlands
Introduction
All research reports begin with an introduction. (1 – 2 Pages)
Background
Provide your reader with a broad base of understanding of the research topic. The goal is to give the reader an overview of the topic, and its context within the real world, research literature, and theory. (3 – 5 Pages)
Problem Statement
This section should clearly articulate how the study will relate to the current literature. This is done by describing findings from the research literature that define the gap. Should be very clear what the research problem is and why it should be solved. Provide a general/board problem and a specific problem (150 – 200 Words)
Literature Review
Using your annotated bibliography, construct a literature review. (3-5 pages)
Discussion
Provide a discussion about your specific topic findings. Using the literature, you found, how do you solve your problem? How does it affect your general/board problem?
References
Running Head: CLOUD COMPUTING AND DATA SECURITY1
Cloud Computing and Data Security
Naresh Rama
Professor Dr.Jerry Alsay
07/14/2019
Cloud Computing and Data Security
Introduction
In today's world, the movement of data is from a store that is severe and it is located centrally to the storage of cloud, services in the cloud offer the flexibility, scalability, and concerns that are proportionate that concerns the issue of security. Safety is an aspect that is important and it associated with the computing of cloud because information can be stored on the cloud by the users with the help of providers that works in the service of the cloud. In the security f data and computing of the cloud, there are some problems that are available. They include backups of data that is improper and inadequate that have caused organizations been among those that are vulnerable to threats that re-associated with security measures.
Data that is found in an organization and is stored in files that are encrypted are interfered by these threats. Problem found under these investigations is significant to this study and these show that the threats that emerge because of backups concerning data that is improper lead to an issue that is significant in the security of data in the computing cloud and also security concerning data.
The study tends to shows that security of data and computing of data leads to the provision of ways that helps in the protection of data that is private and also information that is classified away from such threats. That may include attacks in the cyber sector and losses that occur in case of disasters (Strategic Cyber Security, 2011). This study has limitations that state that assurance of security to the computing of cloud is not available and that there is no protection of data that is vital in an organization to a hundred percent.
Background
Hacke ...
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...IJITE
Team work is an important training element of future software engineers. However, the evaluation of the
performance of collaboration among individuals is very subjective. Meanwhile, how to effectively
promote the collaboration in an academic setting is an even more challenging task. The lack of a common
standard or method for the assessment is a practical issue in software engineering projects. With the
rapid development of shared authoring environments, such as Wiki, more and more educational
institutions are studying the adaptability of such kind of collaborative platforms. In order to study the
applicability of adopting wiki-based shared authoring environments in software engineering education,
we have proposed three major research questions. By solving these problems, we try to answer some of
the most important questions in adopting shared authoring platforms in academic settings.
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
The introduction of Internet of Things (IoT) applications into daily life has raised serious privacy concerns
among consumers, network service providers, device manufacturers, and other parties involved. This paper
gives a high-level overview of the three phases of data collecting, transmission, and storage in IoT systems
as well as current privacy-preserving technologies. The following elements were investigated during these
three phases:(1) Physical and data connection layer security mechanisms(2) Network remedies(3)
Techniques for distributing and storing data. Real-world systems frequently have multiple phases and
incorporate a variety of methods to guarantee privacy. Therefore, for IoT research, design, development,
and operation, having a thorough understanding of all phases and their technologies can be beneficial. In
this Study introduced two independent methodologies namely generic differential privacy (GenDP) and
Cluster-Based Differential privacy ( Cluster-based DP) algorithms for handling metadata as intents and
intent scope to maintain privacy and security of IoT data in cloud environments. With its help, we can
virtual and connect enormous numbers of devices, get a clearer understanding of the IoT architecture, and
store data eternally. However, due of the dynamic nature of the environment, the diversity of devices, the
ad hoc requirements of multiple stakeholders, and hardware or network failures, it is a very challenging
task to create security-, privacy-, safety-, and quality-aware Internet of Things apps. It is becoming more
and more important to improve data privacy and security through appropriate data acquisition. The
proposed approach resulted in reduced loss performance as compared to Support Vector Machine (SVM) ,
Random Forest (RF) .
PwC industry expert, Josh McKibben, helps us break down what a breach is truly comprised of, analyze key breaches as examples, and look for lessons you can bring back to your organization to avoid being the next headline.
Similar to Cyber security training using virtual labs 3 cs umuc presentation august 2018 (20)
How to create a Makerspace (or Hacker Space) using a proven method/by example. Additional Makerspace resources are provided to assist you with your Makerspace.
Ron McFarland is an American Poet. Love and Loss is a collection of contemporary American poems that speak to spirituality, youth, love, growing old, loss and many other emotions that we each share.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
This is a presentation by Dada Robert in a Your Skill Boost masterclass organised by the Excellence Foundation for South Sudan (EFSS) on Saturday, the 25th and Sunday, the 26th of May 2024.
He discussed the concept of quality improvement, emphasizing its applicability to various aspects of life, including personal, project, and program improvements. He defined quality as doing the right thing at the right time in the right way to achieve the best possible results and discussed the concept of the "gap" between what we know and what we do, and how this gap represents the areas we need to improve. He explained the scientific approach to quality improvement, which involves systematic performance analysis, testing and learning, and implementing change ideas. He also highlighted the importance of client focus and a team approach to quality improvement.
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Cyber security training using virtual labs 3 cs umuc presentation august 2018
1. Many hands make light work
- Combining regional
resources to make a
powerful
Cybersecurity program
(Fri: 5:00 to 6:00 p.m., P3B-1)
Dr. Ron McFarland, Ph.D., PMP, CISSP
Cybersecurity Project Manager – College of the Canyons
Post-doc Researcher: University of Maryland, University College
Center for Cybersecurity Studies
2. Collaboration within
a region of colleges
for cybersecurity
education
South Central Coast Regional Consortium of
the California Community Colleges
4. 4
Topics
• A summarization of the obvious need for increased cyber
security training that will support industry, academia, and
governmental agencies
• Discussion of the opportunity to leverage shared resources for
cyber security training
• How the SCCRC is accomplishing this
5. 5
Organizations and governments are just not
ready…
• An expanding threat scape…
• A predominance of cyber security issues nationally and within our organizations today that
are not being readily addressed.
• GDPR-compliance requirements for companies doing business in the European Union
(EU). Many companies will not be GDPR-compliant by the deadline of May 25, 2018
(Drake, 2017).
• Because of the recent dramatic market swings and expanded popularity of
cryptocurrencies, cybercriminals will focus more on cryptocurrencies (Goldman,
Maruyama, Roesnberg, Saravalle and Solomon-Strauss, 2017).
• As AI more fully develops and becomes more main-streamed, AI-Powered attacks will
increase over the existing high levels of AI-related attacks of 2018. AI will influence an
increase in data breaches (Turchin and Denkenberger, 2018).
• Researchers noted that more Mobile Threats were due to the increasing amount of
unique mobile ransomware. To deliver the malware to the biggest audience, hackers
exploited Google Play store by attacking the Android mobile OS (Goel and Jain, 2017).
6. 6
Organizations and governments are just not
ready…
• Cloud security will be a top priority concern. As the number of
companies is growing, the cloud adoption rate has risen. Cloud
security is a top concern for 70% of IT Professionals, including
unauthorized access, malware, and DoS attacks (Mir, Suhaimi,
Adam, Ul Islam Khan, Mattoo, Mueen, and Olanrewaju, 2017).
• Ransomware and IoT - Ransomware have targeted more IoT
devices in 2018. Many IOT devices are getting locked up by
ransomware (Maurya, Kumar, Agrawal, and Kahn, 2018).
• A Rise in State-Sponsored Attacks - When it comes to state-
sponsored attacks, the intention goes beyond monetary value.
These attacks are political in nature, and they don’t target any
business or person (Jalali and Kaiser, 2018).
7. 7
Organizations and governments are just not
ready…
• Cyber war - In 2018, we can further see the escalation of
international conflicts in cyberspace. This may disrupt the
normal operations of government and financial systems
(Robinson, Jones, Janicke, and Maglaras, 2018).
• The Decline of Password-Only Authentication – Alternative
security access - Multi-Factor Authentication, and Risk Factor
Authentication (Krishnamoorthy, 2018).
• In general, the overall level of data breaches doubled from 2016
to 2017 and is expected to double again when measured at the
end of 2018 (Wang, Jan, Hu, Bossart, and Wang, 2018).
8. 8
1.5 million to 3.5 million security professionals
are needed
• Cisco’s (2014) Annual Security Report ventured a widely popular cybersecurity
jobs forecast stating “It’s estimated that by 2014, the industry will still be short
more than a million security professionals across the globe.”
• In 2015, Symantic anticipated that the demand for cybersecurity talent would rise
to 6 million globally by 2019, with a projected shortfall of 1.5 million additional
personnel needed worldwide.
• Also, a skills gap analysis from ISACA (2016) estimated the global shortage to be
around 2 million cybersecurity professionals by 2019 (a half-million more than
Symantec’s prior estimate). In a more recent discussion regarding the impact of
Artificial Intelligence on cyber security hacking, the author estimated that 3.5
million cyber security positions will go unfilled by 2021 due to new technology
used by attackers (Veiga, 2018).
• In terms of the financial estimates, another study states that cybersecurity jobs
forecasts have been unable to keep pace with the dramatic rise in cybercrime,
which is predicted to cost the world $6 trillion annually by 2021, up from $3 trillion
in 2015 (Askari, 2018).
9. 9
Top salaries are paid in cybersecurity
• CyberSeek (2018) noted the top six cyber-related average salaries,
which includes:
•
• Application Security Engineer: $100,000 to $210,000,
• Network Security Analyst: $90,000 and $150,000,
• IS Security Manager (CISO, CTO, and CDO): $120,00 and
$180,000,
• Cybersecurity Analyst: $90,000 and $185,000,
• Penetration Tester: $90,000 to $180,000,
• IS Security Engineer: $90,000 to $150,000.
10. 10
Educational Issues
• There is a strong need to provide skills training that includes
scenario-based skills practice (Kam, et. al, 2014).
• Given the high-availability of online learning environments,
which include cloud-based and virtual environment alternatives,
training environments that are informal allow learners to engage
in real-life scenarios and activities (Kam, et. al, 2014).
• For more effective learning to occur, cybersecurity education
requires learners to acquire knowledge through hands-on
activities and authentic learning, whereby real-life scenarios are
investigated and acted upon (Kam, et. al, 2014).
11. 11
Educational Issues
• Case studies that provide scenario-based learning opportunities are a
particular viable strategy for authentic learning. Authentic learning allows
learners to discover both the “how” and “why” for given cyber security
attacks.
• Scenario-based training, researchers found that learners expected more
work and felt more fully supported with their learning objectives when
additional discussion opportunities existed with their peers, which
suggests the need for discussions about scenario-based training (Kam,
Gogolin & Emerick, 2014).
• Researchers identified two key challenges with setting up authentic
learning environments.
• (a) the time-consuming process for faculty in setting up a given course
• (b) effectively addressing the potential student bias and emotional attachment
because of prior learning experiences, which may have occurred on-the-job (Kam,
Gogolin & Emerick, 2014).
12. 12
Lecturing and Simulated/Virtual
Environments
• Herbert and Wigley (2015) indicated that lecturing is readily achieved in
higher education, as it pertains to computer networking and related
security courses, but the delivery is often poorly done (Herbert & Wigley,
2015).
• However, several types of tools that can be used in conjunction or as an
adjunct to lecture. Fontes, Mahfoundi, Dabbous, Turletti, and Rothenberg
(2017) define these tool types as:
• Emulation Tools: Emulation tools is used to replicate the function and features of
physical devices.
• Software Simulators: Simulators are programmed to mimic a given environment, yet
due to the limitations of programming, not all real-world scenarios are represented in
a real environment.
• Virtualization: Virtualization is a way to make one or many resource(s) (such as an
operating system) run on a given hardware platform. Each virtualized environment is
identical to the corresponding physical environment.
13. 13
Specific Virtualization Technologies
• Cisco VIRL (Virtual Internet Routing Lab): For computer
networking training, including network security courses,
researchers have found that the Cisco Virtual Internet Routing
Lab (VIRL), released by Cisco Systems in December, 2014, is
designed for student work in the computer networking
laboratory environment (Herbert & Wigley, 2015).
• Cisco Packet Tracer: A simulated environment. Cisco Packet
Tracer is a common tool used by students in computer
networking and security courses. Emulation tools often have
limited commands and lack the realism of a true network, but
are good to use to practice networking skills.
14. 14
Simulators may be inadequate
• Herbert and Wigley (2015) further suggested that simulation tools,
like Cisco’s Packet Tracer is a viable option, but simulation tools may
lead the student to a mis-perception that all networks and security
scenarios will behave as does Packet Tracer, since simulators lack
real-world functionality.
• The risk of using simulators exclusively for education and training
can have the effect of degrading a student’s learning experience
(Herbert & Wigley, 2015).
• Further, other researchers noted that the use of a simulation
environment alone in networking education is inadequate unless
students have developed a way to understand conceptual aspects of
networking technology (Frezzo, Behrens, & Mislevy, 2010).
15. 15
General Virtualized Lab Environments
• Decentralized: The deployment of a VDI (Virtual Desktop Integration) image, which is a
decentralized lab approach, can be implemented where students can install and run
desktop virtualization software on their personal computers using tools like VMWare
Workstation or Oracle VM Virtualbox (Son, Irrechukwu, & Fitzgibbons, 2012). In a
decentralized lab setup, students use their own equipment (computer) to practice
computer networking and security skills. A limitation of the decentralized approach is that
each student will need to lease or purchase their own equipment for use, which may be a
barrier for some financially-strapped students.
• Centralized: Researchers agree that server virtualization, as a centralized server
approach, is more suitable to deploy cyber security-related virtual labs, which often
require high-end equipment and resources, in contrast to client virtualization, which often
does not scale well for cyber security courses (Son, Irrechukwu, & Fitzgibbons, 2012).
Students can connect directly to a centralized physical lab (and equipment) at their
educational institution to practice computer networking and security skills. Physical labs
contain high costs associated with the maintenance and repair of the hardware and
software. Further, researchers noted that the cost limitations for a physical lab should
include electricity and physical environmental costs.
16. 16
Cloud-based service options
• The use of cloud-based services is an additional option for some
cybersecurity training, with limitations (Padhy, 2012).
• Padhy (2012) notes that virtualization is software that separates physical
infrastructures to create various dedicated resources (ex. virtualizing a
Windows 10 computer on a MacOS computer). Virtualization software
makes it possible to run multiple operating systems and multiple
applications on the same server at the same time.
• In contrast, cloud computing is the delivery of shared computing
resources, software or data as a service and on-demand through the
Internet (Padhy, 2012).
• As a general distinction - virtualization is software that manipulates
hardware, while cloud computing refers to a service that results from that
manipulation.
17. 17
Emerging Cloud-based offerings
• EDURange is a cloud-based platform that implements
cybersecurity exercises to assist undergraduates develop
analytical abilities and a security mindset (Weiss, Turbak,
Mache, and Locasto, 2017).
• However, Sohal, Sandhu, Sood and Chang (2018) discuss the
use of cloud-based services as a cybersecurity training
framework to identify edge device in fog computer and in the
cloud-of-things (CoT) environments, which presently has a
narrow training and educational reach.
18. 18
Efficacy and situated cognition theory
• Virtualitization can provide the opportunity for educational efficacy
through the use of the theory of situated cognition theory that
includes, “the problem’s physical and conceptual structure as well as
the purpose of the activity and the social milieu in which it is
embedded.”
• More specifically, situated cognition theory focuses on the cognitive
ability for students to transfer learned knowledge, skills and abilities
(KSAs) to real-life scenarios through problem solving, which was
noted in seminal research by Rogoff (1984).
• Moreover, Rogoff (1984) noted that situated cognition theory defines
the details for thinking and how thinking evolves, which impacts the
understanding of real-life contexts, as it can be applied in a
virtualized environment.
19. 19
Efficacy of Virtualization for learning
• Accessibility: The virtual lab must provide seamless access to the virtual remote learner. The
authors recommend that students will not have to reserve time and will have access to a 24x7x365
virtual lab environment (Son, Irrechukwu, & Fitzgibbons, 2012).
• Reliability: The remote virtual server(s) must support a significant number of concurrent users with
limited dedicated resources. In addition, there should be no significant delay with a large number of
concurrent users (Son, Irrechukwu, & Fitzgibbons, 2012).
• Virtual Machine (VM) configuration: The appropriate operating systems(s) and related system
images that support the cyber security labs must be ready and available for students. To further
support student course requirements, the researchers dissuaded the additional time and effort
necessary to configure or install software, unless that task was necessary for the given lab (Son,
Irrechukwu, & Fitzgibbons, 2012).
• Privilege rights: Both privilege rights and access rights on virtual machines must be significantly
open to students so that they can accomplish network and security modifications without restrictions
on the virtual machines, as related to the given lab assignment(s) (Son, Irrechukwu, & Fitzgibbons,
2012).
20. 20
Changes are pushing forward the need for
virtualized education/training
• Demographic trends: enrollments will soften until at least 2020, necessitating
institutions to seek creative ways to ensure courses ‘make’ at institutions by using
online and virtualized environments.
• Tuition cost: students cannot afford higher tuition and will become more resistant
to increased tuition costs. As a result, students will become smarter shoppers for
relevant education, which will have an impact on how colleges offer courses to
students, including online and virtualized courses.
• Continued proliferation of Internet-technologies: Accelerating and converging
technology trends will provide new student training opportunities that students will
progressively be required by employers, especially in the Information Technology
fields.
• Trend towards Competency-based education: CBE will allow students to leverage
their prior experiences to attain their desired certificate and degree goals in an
adaptive manner, suggesting that courses must offer real-life case scenarios.
•
21. 21
Building forward
• Institutions must consistently provide training and education in ways
that students demand in order to be viable in the near future. This
can be accomplished by predictive analysis (Cini & Krause, 2014).
• Predictive analysis: Institutions will progressively use predictive
analysis to determine the most suitable design to create successful
student experiences, which can be gathered from online and
virtualized learning environments.
• Predictive analysis will assist in determining suitable educational
technologies, curriculum design, adaptive institutional policies, and
can assist in understanding and adapting to emerging student
behaviors (Cini & Krause, 2014).
22. 22
Concerns
• Herbert and Wigley (2015) emphasize that the development of a student’s
experience (related to computer networking skills, including networking
security) must address both problem-solving and soft skills (such as
teamwork).
• Further, the researchers noted the high-cost for physical labs, which may
not be economically feasible for all colleges.
• Moreover, virtualization environments can virtualized desktops and servers
quite well, the virtualization of networking equipment including routers and
switches is done poorly (Herbert & Wigley, 2015).
• However, both researchers noted that the “Laboratory-As-A-Service”
(LaaS) is evolving with NDG’s NetLab and Cisco’s vSphere, which
increasingly provides students with full virtualization of Cisco routers and
switches (Herbert & Wigley, 2015).
23. 23
User discussions needed (e.g. faculty)
• Understand, inform and discuss for areas considering
Cybersecurity (virtual/mixed-mode) education:
• Virtualization and Cloud-based services between and among
partners
• Virtualization and Cloud-based security concerns and mitigation
strategies
• Discussion about a design that leverages existing processes
and controls (and potential enhancements)
• Additional robust security controls offered by given virtualization
and cloud services platforms
24. 24
Architectural Conversations
• Scaffold requirements for each partner that determines what is
organizationally appropriate (processes, procedures, risk
appetite, maintenance and support).
• Investigate and discuss the technical aspects that tie to the
educational drivers including server consolidation,
administration, server to administrative ratio, provisioning of
instances, reconfiguration, and agility across schools.
25. 25
Authentic Conversations about Concerns
• Manageability of the environment and who is responsible,
• Security of management infrastructure, change management, capacity planning and SLA
(service level agreements)/planning,
• Physical access (including location, access, security, etc.),
• VM sprawl (and contingency plans to manage the sprawl),
• Licensing compliance issues,
• Degree of resource utilization (bandwidth, servers, physical space, human resources),
• Cost to acquire and operate (initial & fixed costs vs. marginal cost),
• Complexity of design (provisioning multiple courses, multiple instructors, multiple
colleges),
• Reliance on virtualization (in contrast to physical environment),
• Reliance on the organization’s/school’s/consortium capabilities and risk management
approach.
26. 26
General background for any virtual lab
environment design and discussion
• Opportunity to leverage combined resources, reduce
incremental student costs, and possibly, offer expanded
opportunities to a broader base of students and learners.
• Overview of the various modes of instructional delivery that
included lecture, the use of simulators, virtualized
environments, and cloud-based services, each which offers
both benefits and drawbacks.
• Communication with users to define services and service-levels
27. 27
How the SCCRC is approaching this
(discussion)
• Background
• 8 regional colleges in the California Community College System
• Allan Hancock
• Antelope Valley
• Cuesta College
• Santa Barbara
• Ventura District (Moorpark, Oxnard, Ventura College)
• College of the Canyons
28. 28
SCCRC General Approach (discussion)
• Consensus-driven approach
• Review of several platforms including:
• Cybrary
• NetLabs (NDG)
• Practice Labs
29. 29
References
Angeles, S. (2014, January 20). Virtualization vs. Cloud Computing: What's the Difference? Retrieved June 26, 2018, from
https://www.businessnewsdaily.com/5791-virtualization-vs-cloud-computing.html
Anisetti, M., Bellandi, V., Colombo, A., Cremonini, M., Damiani, E., Frati, F., & Rebeccani, D. (2007). Learning computer networking on open paravirtual
laboratories. IEEE Transactions on Education, 50(4), 302-311.
Askari, M. M. U. R. (2018). Significance of Ever-evolving Cybersecurity Landscape: Challenges and Possible Pathways. National Journal of Cyber
Security Law, 1(1), 22-37.
Chan, J. (2011). Virtualization: Security and IT Audit Perspectives. Retrieved May 31, 2018, from https://www.slideshare.net/jason_chan/virtualization-
security-and-it-audit-perspectives?utm_source=slideshow02&utm_medium=ssemail&utm_campaign=share_slideshow
Cini, M., & Krause, A. (2017, January 30). Technology Set to Redefine Higher Education. Retrieved June 24, 2018, from
https://evolllution.com/opinions/technology-set-redefine-higher-education/
Cybersecurity Supply And Demand Heat Map. (n.d.). Retrieved June 27, 2018, from https://www.cyberseek.org/heatmap.html Evolve Academy. (2017,
June 12). Is It Time to Learn Cyber Security? Retrieved June 26, 2018, from https://www.switchup.org/blog/is-it-time-to-learn-cyber-security
Drake, G. (2017). Navigating the Atlantic: Understanding EU Data Privacy Compliance Amidst a Sea of Uncertainty. S. Cal. L. Rev., 91, 163.
Fontes, R. D. R., Mahfoudi, M., Dabbous, W., Turletti, T., & Rothenberg, C. (2017). How far can we go? towards realistic software-defined wireless
networking experiments. The Computer Journal, 60(10), 1458-1471.
Frezzo, D., Behrens, J. and Mislevy, R. (2010). Design Patterns for Learning and Assessment: Facilitating the Introduction of a Complex Simulation-
Based Learning Environment into a Community of Instructors. Journal of Science Education and Technology, 19, pp. 105-114.
García, J., & Entrialgo, J. (2015). Using computer virtualization and software tools to implement a low cost laboratory for the teaching of storage area
networks. computer applications in engineering education, 23(5), 715-723.
Goel, D., & Jain, A. K. (2017). Mobile phishing attacks and defence mechanisms: State of art and open research challenges. Computers & Security.
30. 30
References
Goldman, Z. K., Maruyama, E., Rosenberg, E., Saravalle, E., & Solomon-Strauss, J. (2017). Terrorist Use of Virtual Currencies. Washington DC: Center
for a New American Security, May, 3.
Herbert, B. M., & Wigley, G. B. (2015). The Role of Cisco Virtual Internet Routing Lab in network training environments.
Jalali, M., & Kaiser, J. (2018). Cyber Resiliency in Hospitals: A Systematic, Organizational Perspective.
Kam, H. J., Gogolin, G., & Emerick, G. (2014, October). Authentic Learning in Cybersecurity: Learning Opportunities and Pedagogical Challenges. In
2014 IEEE Frontiers in Education Conference (FIE) (pp. 1-4). IEEE.
Krishnamoorthy, S. (2018). Identification of User Behavioural Biometrics for Authentication using Keystroke Dynamics and Machine Learning.
Li, P., Mohammed, T., Toderick, L., Lunsford, P., & Li, C. (2008, June). A portable virtual networking lab for IT security instruction. In Proceedings of 2008
ASEE Annual Conference.
Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target and Safety Measures.
Megmittal. (n.d.). 10 Cybersecurity Predictions for 2018. Retrieved June 26, 2018, from https://www.cybrary.it/0p3n/10-cybersecurity-predictions-for-
2018/
Mir, M. S., Suhaimi, B., Adam, M., Ul Islam Kahn, B. U. R. H. A. N., Matoo, U. I., Mueen, M., & Olanrewaju, R. F. (2017). Critical Security Challenges in
Cloud Computing Environment: An Appraisal. Journal of Theoretical & Applied Information Technology, 95(10).
Padhy, R. P. (2012). Virtualization techniques & technologies: state-of-the-art. Journal of Global research in Computer science, 2(12), 29-43.
Padman, V., & Memon, N. (2002). Design of a virtual laboratory for information assurance education and research. In Workshop on Information
Assurance and Security (Vol. 1, p. 1555).
Xu, L., Huang, D. & Tsai, W. (2014). Cloud-based virtual laboratory for network security education. IEEE Transactions in Education, 57, 39-46.
Robinson, M., Jones, K., Janicke, H., & Maglaras, L. (2018). An introduction to cyber peacekeeping. Journal of Network and Computer Applications, 114,
70-87.
31. 31
References
Rogoff, B. (1984). Introduction: Thinking and learning in social context. In B. Rogoff & J. Lave (Eds.). Everyday cognition: Its
development in social-context. Cambridge, MA: Harvard University Press, 1-8.
Sohal, A. S., Sandhu, R., Sood, S. K., & Chang, V. (2018). A cybersecurity framework to identify malicious edge device in fog
computing and cloud-of-things environments. Computers & Security, 74, 340-354.
Son, J., Irrechukwu, C., & Fitzgibbons, P. (2012). Virtual Lab for Online Cyber Security Education. Communications of the IIMA,
12(4), 5.
Turchin, A., & Denkenberger, D. (2018). Classification of global catastrophic risks connected with artificial intelligence. AI &
SOCIETY, 1-17.
Vize, S. (2018, January 08). 6 Highest-Paid Cybersecurity Jobs | Mondo: Tech & IT Staffing. Retrieved June 26, 2018, from
https://www.mondo.com/blog-highest-paid-cybersecurity-jobs/
Veiga, A. P. (2018). Applications of Artificial Intelligence to Network Security. arXiv preprint arXiv:1803.09992.
Wang, C., Jan, S. T., Hu, H., Bossart, D., & Wang, G. (2018, March). The Next Domino to Fall: Empirical Analysis of User
Passwords across Online Services. In Proceedings of the Eighth ACM Conference on Data and Application Security and
Privacy (pp. 196-203). ACM.
Weiss, R. S., Turbak, F., Mache, J., & Locasto, M. E. (2017). Cybersecurity education and assessment in EDURange. IEEE
Security & Privacy, 15(3), 90-95.
Zaki, M., Erman, H., Azman, A., Faizal, A., & Rahayu, S. (2010, June). Virtualization technology in teaching information technology
security. In Proceedings 3rd Regional Conference on Engineering Education and Research in Higher Education, Sarawak, Malaysia.