Discuss about the Security Architecture Based on Defense.
Microsoft Word, the commonly used graphical word processor worldwide developed by Microsoft, is a component of the Microsoft Office suite productivity. The usability of Microsoft Word depends on the version of Microsoft Office. The security system of the Word Processor also depends upon the version of the Microsoft Word or the Microsoft Office. This happens to be evolving from time to time. Out of the applications in the Office Suite, except for Power Point, all of the applications contains some or the other level of encryptions. In spite of the level of encryptions that Microsoft Word possesses, hackers still try to hack into the systems of Microsoft Word (Mavroeidakos, Michalas & Vergados, 2016). The following report would focus on such a try of an attacker who would like to view the contents of a Microsoft Word file to which the attacker does not have the rights to view or do not possess any kind of access. This would be done in two parts in the report. The first part would consist of the credential brief of the assignment, the operations of the access control mechanisms and the core security mechanisms that Windows implements to prevent the attackers. The second part of the report would include the discussion if the attacker gains the administrator access to the Word files. The discussion would include the failure of the existing architecture, the operation of the control mechanism and the core security mechanism that Windows implements to prevent the attackers.
The Microsoft Word documents that the attackers are most likely to gain access over do not have the right to do so, rather they are not willing to gain the right but illegally hack the system (Niemelä, 2017). However, the need for hacking into the secured system needs to barge into the networks that are presented with some features would require a standard level of expertise. There are certain credentials to the systems which are to be discussed as below:
The Access Control Mechanism can be defined as a set of controls that helps in restricting the access towards certain resources (Peiris, Balachandran & Sharma, 2018). There are various kinds of access controls, however, according to the Windows access control mechanisms in case of Microsoft Word security, the logical access controls are considered. These different kinds of access control mechanisms can be described in details as below:
In the contemporary times, it has been found that the people using Microsoft Word remain very concerned about the security hazards of the information they share in the media. This exists because of the vulnerabilities that are there in the data security that fails to recognize the confidentiality, integrity, authenticity and availability of the contents.
Security is considered to be one of the primary components of the current version of Microsoft Office. This extends to the Microsoft Word application as well. The access control systems defined by Microsoft thus helps in providing security to the important portion in the operating system under which the Microsoft Office works in a system (Sawicki et al., 2016). These access controls not only helps in the accession of files, but also assists only the secured users to perform designated changes in the system. The applications that come under the Microsoft Office operated by Windows, offers access controls to these files. There are thus two approaches that are used to monitor the access control in a Windows system (Varadharajan et al., 2018). These are to be described as follows:
Instead of the security systems that the Microsoft Words and Windows provide with access controls, the attacker seems to gain access over the files by acquiring the administrative access over the security systems (Caelli & Janczewski, 2016). This has also resulted in the doubting of many organizations to the access control systems as there have been many occurrences of file accession by attackers. After investigating the current data gaps, it has been found that a different approach must be given to the current security systems that Microsoft Word predominantly uses nowadays (Tao et al., 2017). If the old security system be followed, there are chances that data might again be unattainable given the current circumstances. The attacker might be successful again in accessing administrative controls over the files that are otherwise secured from these attackers.
Thus, this proves that the traditional systems for restricting access to these files in Microsoft Word are vulnerable to threats that would enable the attackers to get access over the administration to the files (Zulkefli et al., 2015). The situation is thus seen to have reached a certain point of bending, which shall require a different kind of approach to the information security techniques for saving the access controls to the files thus created in Microsoft Word as provided by the Windows operating system.
The security vulnerability that the traditional existing security architecture possesses makes the attackers to access the administrative rights over the files of Microsoft Word in spite of their existing security systems (Langer, 2016). Thus, new security architecture can be suggested that would successfully replace the existing system for a better secured atmosphere to stop the attackers. This is thus known as the OSI Security Architecture that has the ability to prevent the attackers from gaining administrative access to the files.
This security framework can be successfully defined by the design artefacts that are able to illustrate the safety arrangement and their interconnection in the overall plan of the systems. The modified security architecture can be denoted as the OSI Privacy Architecture. This happens to prohibit the security attacks that the malicious attackers impose upon the access systems of Microsoft Word governed by the Windows architecture (Kostopoulos, 2017). The OSI architecture often happens to prohibit the attacks on the security system, especially when the system administration and file access system needs securing. One of the most important security services that have been offered by the security architecture of OSI happens to be the x.800 (Khadim et al., 2015). The service of x.800 is constructed with the help of the protocol layer generally used for broadcasting the open system. This system however, ensures that the presence of security system that are sufficient for providing security to the networks as well as the devices.
The service also has some important features that help in maintaining the security of the system. These features include the confidentiality of data, dignity of data, data honesty, and availability of services, authorization of services, non-repudiation, and maintaining authenticity of digital signatures, traffic padding and routing control that helps in protecting the information from the attackers (Karmakar et al., 2016). All these make a malicious attacker to lose the authorized access to a Windows network and further authorization to a Microsoft file.
Although the OSI security architecture has many advantages to provide security to Windows model as well as Microsoft Word files, there are also prevailing disadvantages to the security architecture. It can be found with the security mechanism of OSI is that when there is an increasing amount of security levels of authority, that is, the information security authorization levels, it somehow results in the restricting the authorization of the security systems (Dänekas et al., 2016). There are even restrictions faced by the initial security systems when there are more levels of security added to it. The added layers also make the usability access functions of the controls difficult to the users.
Conclusion
Thus, it can be finally concluded that in spite of the successful security access controls that the previous Microsoft Word possessed, there could be security issues and vulnerabilities imposed upon the system by malicious attackers. The situation is thus assumed where at first the security system has secured access control providing safety to the files, again in another case, in spite of the security systems, the malicious attackers have attained success in gaining access controls over the files. The above report has thus focused on such a try of an attacker who would like to view the contents of a Microsoft Word file to which the attacker does not have the rights to view or do not possess any kind of access. This had been done in two parts in the report. The first part consists of the credential brief of the assignment, the operations of the access control mechanisms and the core security mechanisms that Windows implements to prevent the attackers. The second part of the report includes the discussion if the attacker gains the administrator access to the Word files. The discussion also holds the failure of the existing architecture, the operation of the control mechanism and the core security mechanism that Windows implements to prevent the attackers. The situation is concluded with a suggestion of another impermeable and non-vulnerable security system for the files and also the limitations of the security approach.
Reference
Caelli, W., & Janczewski, L. J. (2016). Security of Small Countries: Summary and Model. In Cyber Conflicts and Small States (pp. 197-216). Routledge.
Dänekas, C., Neureiter, C., Rohjans, S., Uslar, M., & Engel, D. (2014). Towards a model-driven-architecture process for smart grid projects. In Digital enterprise design & management (pp. 47-58). Springer, Cham.
Karmakar, K. K., Varadharajan, V., Tupakula, U., & Hitchens, M. (2016, April). Policy based security architecture for software defined networks. In Proceedings of the 31st Annual ACM Symposium on Applied Computing (pp. 658-663). ACM.
Khadim, U., Khan, A., Ahmad, B., & Khan, A. (2015). Information hiding in text to improve performance for word document. International Journal of Technology and Research, 3(3), 50.
Kostopoulos, G. (2017). Cyberspace and cybersecurity. Auerbach Publications.
Langer, A. M. (2016). Cyber Security, ISO 9000, and the Software Development Life Cycle. In Guide to Software Development (pp. 341-354). Springer, London.
Mavroeidakos, T., Michalas, A., & Vergados, D. D. (2016, April). Security architecture based on defense in depth for Cloud Computing environment. In Computer Communications Workshops (INFOCOM WKSHPS), 2016 IEEE Conference on(pp. 334-339). IEEE.
Niemelä, J. (2017). U.S. Patent No. 9,779,267. Washington, DC: U.S. Patent and Trademark Office.
Padmaja, K., & Seshadri, R. (2016). A review on cloud computing technologies and security issues. Indian Journal of Science and Technology, 9(45).
Peiris, C., Balachandran, B., & Sharma, D. (2018). Cloud computing tipping point model. GSTF Journal on Computing (JoC), 1(1).
Rathi, N., De, A., Naeimi, H., & Ghosh, S. (2016). Cache bypassing and checkpointing to circumvent data security attacks on STTRAM. arXiv preprint arXiv:1603.06227.
Sawicki, M., Namba, K. A., Jones, B., & Pratley, C. (2016). U.S. Patent No. 9,256,753. Washington, DC: U.S. Patent and Trademark Office.
Susanto, H., Kang, C., & Leu, F. (2016). A Lesson Learn from IT as Enable of Business Process Re-Design.
Tao, Y., Zhang, Y. X., Ma, S. Y., Fan, K., Li, M. Y., Guo, F. M., & Xu, Z. (2017). Combining the big data analysis and the threat intelligence technologies for the classified protection model. Cluster Computing, 20(2), 1035-1046.
Varadharajan, V., Karmakar, K., Tupakula, U., & Hitchens, M. (2018). A Policy based Security Architecture for Software Defined Networks. arXiv preprint arXiv:1806.02053.
Zulkefli, Z., Singh, M. M., & Malim, N. H. A. H. (2015, June). Advanced Persistent Threat Mitigation Using Multi Level Security–Access Control Framework. In International Conference on Computational Science and Its Applications(pp. 90-105). Springer, Cham.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download