Cloud Provider Assurances
The answer to the first question is not the correct answer. The answer provided is inadequate and does not explain how the proposed mechanism or model is to provide authentication. The question is how to maintain an authentication system, the answer only addresses the system that is to be used and lacks an explanation of the model of security and authentication to be implemented, how it is implemented , and the security benefits it has over other available security and authentication models. Border(2010) explains several other security mechanisms and models and how they can be implemented in an organization. The air reservation, and any other reservation industry, are more vulnerable to authentication threats due to the simultaneous access to a common database by several users; thus a more elaborate authentication and security model should be implemented. The model should have a capability to establish a reliable and secure connection and communication between the client and the server at a time.
Regarding the assurance of clients’ confidentiality, the answer provided is correct. A number of ways as explained by Border in Bidgoli’s book handbook of information security have been created to ensure clients data and information confidentiality. However, the most appropriate is ensuring the storage of the information and data is confidential , and the channels through which the data and information is relayed is confidential. The use of separate storage area networks in the network and database provides the most reliable confidentiality to clients’ data and information.
The third question about the client’s assurance on the maintenance of security system is correct. The assurance the client can get is the fact that there is always an SLA between the service provider and the client. In this case, the client provider will provide periodic and regular security maintenance to the company’s network and databases security systems. However, in addition, the answer should include other guidelines and legislations provided that ensures privacy of users’ data and information in any organization. The company is required legally to provide security of data and to assure confidentiality of client’s data and information.
Border, C. (2010). Foundations of Information, Computer and Network Security. In H. Bidgoli, Handbook of information security (pp. 45-50). New York: John Wiley & sons.
Buck, K., & Hanf, D. (2010, september). Cloud SLA considerations for the Government consumer. Retrieved july 28, 2012, from Mitre.org: Http://www.mitre.org/work/tech_papers/2010/10_2902/cloud_sla_considerations_government.pdf