CIS3003 2013 Assignment 3
Description Marks out of Wtg(%) Due date
Assignment 3 100 30% Due Data 31 May 2013
For the third assignment you need to write a single report not more than 20 pages in the body. Read the section describing the formatting requirements for the assignment carefully.
Report: Security in Mobile Systems, Virtualization and Clouds
Our organisation, after implementing mobile services has discovered that a lot of the expected benefits have not been achieved. While the staff agree and can see how the new untethered access to business data and services can help in their day to day activities the overhead of using the services due to authentication has made the system poorly accepted.
The security mechanism was imposed to limit the likelihood of having long term connections from external partners which may be abused by external entities. The organisation has a large number of external business partners who regularly connect to the organisation resources as part of cooperative business processes.
After the appointment of an external consultant specialising in dealing with user productivity and business network design a number of problems were highlighted.
Firstly, the system was designed so that the security management was pushed onto the mobile devices making the use of the service disruptive to the users. The accessing of different services while using mobile devices required a separate login in to each service. Not only that, but prolonged inactivity would shut down the connection to the mobile device requiring a twostep process to re-establish a connection to the device then reconnection to the service.
Secondly, to implement the new network design making the data more accessible from various parts of the network resulted in explosion in the number of duplicated physical servers on the system. Most of the time the servers are idle in anticipation of work being allocated to them from a user connection. The extra servers resulted as an expense in purchasing setting up and maintaining the servers for day to day operations. The number of IT staff has doubled since the introduction of the new design just to be able to maintain all the services and keep the systems functioning.
The consultation report suggested that more cost effective alternatives may be to either virtualize the servers or move the services to an appropriate cloud. Once the design has been decided we could solve the multiple log on requirements with the adoption of a single sign on solution.
These approaches and technologies are new to the organisation. The IT department grew up on the need to provide services as they are needed and not a long term strategic planning for future needs. As a result you have been tasked with writing a report to explain and explore the following technology and services:
a) Investigate and report on types of virtualizations and benefits to their adoption in an organisation? How will the technological adoption help resolve some of the issues with the current network solution?
b) The world is currently abuzz with cloud services. Investigate and report what cloud services are, what kind of cloud services is there and what is the benefit of the different type of services?
c) The report lists the adoption of a single sign on process as a part of the solution. Investigate and report what are single sign on solutions and how do single sign on services work?
d) One of the reasons for original security design was the external connections with our partners. It was recommended that they should consider a VPN solution for external connections. Investigate and report the on types of VPNs, working and functionality of VPN and how they would help with the security requirements for external partner access.
e) Seeing that we have two options as a possible solution to our current design (virtualization and cloud services) which solution would you recommend that they adopt? Justify your recommendations.
Please read the next section very carefully.
Format for Assignment 3
Your report MUST follow the structure for a report as specified in the Faculty of Business Communications skills handbook, however, you will not be required to submit the following sections: Glossary, or Appendices. You may want to consider the structure of the marking scheme when structuring the body of your report.
Your report must include references where you have used other sources (both in the body text and listed at the end of the report) as specified in the Communication skills handbook. For current reference style guide please refer to the document online at http://www.usq.edu.au/library/help/referencing/harvard . Work submitted with no references in the body of the report will NOT be accepted.
Your report must be printed with 1.5 line spacing; at least 12-point font size; and the body of the report should be no more than 20 pages of single-sided A4 paper. Penalty will apply for exceeding the page limit.
Assignments not following the report style will be heavily penalised.
WIKIPEDIA is not considered a suitable reference source and its use in referencing is strongly discouraged. You should not have it as a reference in the assignment.
The assignment is to be submitted using the EASE system which will be made available for that purpose a week before the due date.
Important Referencing guide
Please refer to the USQ Library web site for referencing guides in the Harvard style. Go to http://www.usq.edu.au/library/referencing and click on ‘What is referencing’ under the ‘Reference’ heading. This provides details on the referencing of print and electronic publications. This is a must. Failing to correctly reference your sources will result in submitted work being penalized severely.
Marking guide: assignment 3
Name: ______________________________ Number:________________________
Note: This sheet must be attached to the assignment.
Report Maximum marks Marks obtained
Security ISO and Cloud computing
a) Virtualizations and benefits
b) Cloud services and the benefits
c) Single sign on solutions
d) VPN types and solutions
e) Solution selection and recommendation
Presentation and structure of the report
Title page, Letter of transmittal, Executive summary, Table of contents, Introduction, Body, Conclusion/Recommendations, List of references
Use of references 5
Penalty for exceeding page limit
–5 marks for every page. Maximum 20 marks
Total marks 100