• researchhelpinc@outlook.com
  • +1 862 207 3288
  • WhatsApp

A Case Study in Security

Posted on by admin

Assessment Criteria:
Read the following case study and then answer the questions that follow. Be sure to directly relate your answers to the specific details given in the case study. You are asked to produce a written report. It is vital that in the composition of this report, you supplement any arguments you make with appropriate references. PLAGIARISM WILL BE HEAVILY PENALISED, please don’t waste your time and ours by copying from books or the Internet – it is invariably detected.

Make sure you provide a full and comprehensive list of references.

MOD (Ministry of Defence) Main Assignment Case Study
Military Systems tend to involve large numbers of widely dispersed people who need to be ready within moments to perform difficult functions within life threatening military battlefield context of use. Even when the initial system meets the client’s requirements at the outset, the service design is not always thought through. That is, when tested under “real” conditions of war such systems fail to perform adequately, due to the fact that no given simulation can optimally match what is known as the chaos of war. Supporting novel technologies can also prove to be problematic in theatre. Obviously IT systems are embedded within many MOD operations and these systems are particularly prone to a lack of quality and robustness due to the harsh conditions under which these systems are required to operate. One major MOD contractor of biometric technologies to the MOD, Steria has learnt that it is essential to build as complete a picture as possible in order to ensure that these systems are robust, usable and deliver within battlefield conditions. “We have a very good understanding of the environmental, operational and cultural issues that have to be taken into consideration when delivering leading edge IT services. In particular we have to fully understand the users of the system and their operational needs if the systems are to perform and continue to perform as expected under battlefield conditions.
One specific example of Steria’s work in support of military operations is the biometric access control – a successful example of the Urgent Operational Requirements Process supported by reference to ITIL (Information Technology Infrastructure Library). Steriadeveloped an deployed the first UK biometric access control system for the UK MOD in 2006. This was known as the biometric Identification Verification (BIV) System. The BIV leverages facial and fingerprint biometrics and was designed to be fully supportable by the military user. Steria deployed CONDO (Contractors on Deployed Operations) to carry out significant changes to the system and to support continuous improvement. Steria evolved BIV into a more complex solution called the Biometric Data Capture System (BDCS) in 2009 through a continuous improvement process.
The fully evolved system leverages facial, iris, fingerprint as well as leading edge palm biometric capabilities. BDCS uses multiple biometric criteria to check and guarantee the identity of an individual. Specifically, the user biometrics are captured through an enrolment process based on mobile as well as fixed line technology components that can be interconnected to suit heterogeneous deployment contexts and communications availability.
Steria provides engineering, service management and support back in the UK, and critically, provides training and support, deploying to operational (i.e. battlefield contexts of use) anywhere in the world as required. The system is currently operational across 22 military sites with a core, forensic level, biometric database that can be extended as required. The system is designed to provide a reliable, high availability security solution.

KEY POINTS:

 The BDCS project combines identity checking, biometric site access control and mobile biometric capabilities; with HRS responsible for working with global biometric partners, L1, to integrate a number of additional key functions within the mobile platform.

 The system identifies individuals as they enter UK Controlled Bases and provides confirmation of identity via multi-modal biometric enrolment and search capabilities. Individuals enroll both iris’, 10 fingerprints, facial image and biographic data.

 Viewed by the MoD as essential to help secure and control access to military facilities in the field; BDCS is currently operational across a number military sites, and provides an integral mobile biometric capability that can be scaled to meet requirements.

 BDCS is the second successful project delivered by HRS to the MoD. In 2006, HRS worked with Steria to deliver a Biometric Identity Verification (BIV) project which provided the foundations for the BDCS program.

“This was a highly complex and challenging project to deliver. HRS were involved from the early design stages, through development to delivery. HRS took a pragmatic approach to really understand the users and their environment, ensuring the delivered system met the requirements and all functionality.” – Tim Lammers, Biometrics Project Manager for the MoD
____________________________________________

Assessment Criteria:

General guidance

Quality of ideas, evidence of literature review, demonstration of up to date knowledge, together with appropriate comprehensive referencing is of more importance than the precise length of submission. The ability to critically analyse a case-study and /or setting and ability to apply knowledge so as to identify solutions to potential problem is essential. Length of submission should be between 1500 and 2000 words.

Further Guidance: [100 marks available/pass mark = 40]

The dangers of getting the balance right as between security, easy access and reduction of risk in demanding military contexts of use are to be the main focus of your response to the following tasks. All arguments presented are expected to be supported by evidence. You should answer each question in the order given below. Full citations (referencing) are needed for any information sources you identify.

a) Steria states a significant cost savings of a dedicated biometric solution over traditional password administration for the MoD case. One feasible solution might be the combination of PKI with biometrics for a set of security systems within MoD. Critically discuss benefits and limitations of such an approach to encrypt and digitally sign network traffic in that particular context.

[40 marks]

b) Give a full rational behind the alternatives to biometric templates MoD can use. What are the limitations and risks of template(s) usage in that particular case? Fully discuss their suitability and any inherent dangers or other weaknesses applied.
[30 marks]

c) Discuss the optimal means of protection at the end-user level (PC) that Steria can employ as part of the security policy imposed. Critically present your findings and give full arguments on their suitability in that particular scenario.

[30 marks]

MARKING GRID

A70-100% Outstanding/Excellent quality of ideas arguments. Very good grasp of technical aspects such as cryptographic methods, passwords and biometric techniques. Fully referenced submission. Clear and consistent demonstration of ability to relate arguments to the specifics of the case-study.

B60-69% Very good grasp of arguments and cryptographic methods, passwords
and biometrics. Well referenced submission. Consistent demonstration
of ability to relate to the specifics of the case-study.

C 50-59% Adequate grasp of arguments. Well referenced submission. Clear demonstration of ability to relate arguments to the specifics of the case-study.

D40-49% Barely adequate grasp of the arguments and weak but acceptable supportive evidence. Citations are adequate and some evidence of the ability to relate arguments to the specifics of the case study.

Below 40% Failure to meet the standard as specified above

© 2020 customphdthesis.com. All Rights Reserved. | Disclaimer: for assistance purposes only. These custom papers should be used with proper reference.