Security Architecture and Design

profilesameer

 General Instructions 1. Use the course cover sheet. Start working on page 2 of the cover sheet. 2. Upload your final document to Blackboard by the due date. Problems 1. Consider an electronic bill-paying system (such as Quicken Bill Pay), see https://www.quicken.com/. The key features of this system: A customer using Quicken (on their computer) can pay bills using their computer’s app (the Quicken program). Paying a bill with such a system directs the customer’s bank to send money electronically to pay the bill. You can imagine that the bank just sends a check instead of the person writing the check, but the payments are made electronically between the customer’s bank and the payee’s bank (and that transaction is outside the scope of our analysis). To make communication between customers and the service more efficient, the service itself maintains an account for each customer. Also, for each customer, the service maintains records of the customer's bank and the customer’s account for each payee. Such records include the customer’s account number for that payee and the local address of the payee. a. Draw a network mode of the Quicken Bill Pay service. Use the program from Lab 2 or any other design/drawing tool. Remember, convert your final drawing to a PDF file. Make sure that your work is neat, lines are correct, and you use the correct design shapes (any shape will not work). Label each shape. (50 points). b. From the point of view of the Quicken Bill Pay service, what are the assets to be protected in such a system? (Only consider the part of the service that allows bill payments and queries about bill payments by customers). [Do not other services such as transferring money between accounts]). You should list at least five. (25 pts). c. From the point of view of the Quicken Bill Pay service, what are the threats for the service? List and explain five threats to the system. (25 pts). 

    • 5 years ago
    • 5
    Answer(0)