Mccumber Cube

In: Other Topics

Submitted By mohamedakram
Words 275
Pages 2
McCumber Cube

What is the McCumber Cube? model framework for establishing and evaluating information security (information assurance) programs
What are the three dimensions of the McCumber Cube?
Desired goals, Information states and security measures
What are the desired goals?
Confidentiality , integrity and availability.
What are the information states?
Storage, transmission and processed
What are the security measures?
Technology, policies, people
Define confidentiality as it relates to the McCumber Cube.
Prevent the disclosure of sensitive information from unauthorized people, resources, and processes
Define integrity as it relates to the McCumber Cube.
The protection of system information or processes from intentional or accidental modification
Define availability as it relates to the McCumber Cube.
The assurance that systems and data are accessible by authorized users when needed

Define storage as it relates to the McCumber Cube.
Data at rest, information that is stored in memory or on disk
Define transmission as it relates to the McCumber Cube.
Data in transit, transferring data between information systems
Define processing as it relates to the McCumber Cube. performing operations on data in order to achieve a desired objective.
Define policies as it relates to the McCumber Cube. administrative controls, such as management directives, that provide a foundation for how information assurance is to be implemented within an organization
Define people as it relates to the McCumber Cube. ensuring that the users of information systems are aware of their roles and responsibilities regarding the protection of information systems and are capable of following standards
Define technology as it relates to the McCumber Cube. software and hardware-based solutions designed to protect information systems (examples: anti-virus, firewalls,…...

Similar Documents

Rubric Cube

...Running head: Rubric Cube Rubric Cube Nancy Malicki Grand Canyon University SPE 330 October 7, 2012 Rubric Cube A rubric is an essential tool for any teacher of any age group. It provides the ability to accurately display the results of evaluating just about any activity or event, even websites. The following pages contain two rubrics that can be used by a teacher for evaluating specific website experiences. The first rubric will evaluate a website about special education. The second rubric will evaluate the author’s potential achievement of the National Board for Professional Teaching Standards: Exceptional Needs Specialists/Early Childhood Through Young Adult Standards (NBPTS:ENS/ECTYAS). Rubric 1 Evaluate Web Site | Poor 1 pts | Fair 2 pts | Good 3 pts | Content | Information garbled or does not match search topic. | Provides cursory information about the search topic. | Provides ample and in depth information about the search engine topic. | Quality of Information | More ads than information on site. | Site loads well and has some information that can be used. | Information is well researched, well presented, and well organized. | User Friendly | Links broken, pop-up ads everywhere, information not available or site down or not up and running yet. | Limited amount of actual information intermingled with link for ads or other search engines. | Site was well organized and easy to follow. Information was provided with limited or no......

Words: 1072 - Pages: 5

Parallel Querying of Rolap Cubes in the Presence of Hierarchies

...of organizational data. OLAP is often supported by a logical structure known as a data cube, a multidimen- sional data model that offers an intuitive array-based per- spective of the underlying data. Supporting efficient index- ing facilities for multi-dimensional cube queries is an issue of some complexity. In practice, the difficulty of the in- dexing problem is exacerbated by the existence of attribute hierarchies that sub-divide attributes into aggregation layers of varying granularity. In this paper, we present a hierar- chy and caching framework that supports the efficient and transparent manipulation of attribute hierarchies within a parallel ROLAP environment. Experimental results verify that, when compared to the non-hierarchical case, very little overhead is required to handle streams of arbitrary hierar- chical queries. Categories and Subject Descriptors H.2.7.b [Database Management]: Data Warehouse and Repository; H.2.2.a [DatabaseManagement]: AccessMeth- ods General Terms Algorithms Design Performance Keywords Hierarchies, Caching, Data Cubes, Aggregation, Indexing, OLAP, Granularity, Materialization, Parallelization 1. INTRODUCTION Online Analytical Processing (OLAP) has become an im- portant component of contemporary Decision Support Sys- tems (DSS). Central to OLAP is the data cube, a multidi- mensional data model that presents an intuitive cube-like Permission to make digital or hard copies of all or part of this work......

Words: 760 - Pages: 4

Stock Market Crash

...solution could be put in place. President Harding also passed the Fordney–McCumber Tariff which bolstered the American tariffs to help protect American factories as well as farms. When President Harding passed his Vice President Calvin Coolidge stepped up to take the reins. Now President, Coolidge began his administration by focusing on decreasing the income taxes of the wealthy. Coolidge managed to sustain economic stability and growth throughout most of his presidency and the decade. But soon overconfidence took its toll which contributed to the stock market crashing in 1929. By the time Herbert Hoover was elected the government continued to act the role of arbiter instead of entity. Hoover tried to end the depression by trying to convince business to cooperate and stand together to end the finical atrocity. Hoover never succeeded. When looking at the situation the United States was in, the stock market crash of 1929 was unavoidable. There were no laws or regulations set in by the government so the market itself started to become a ticking time bomb. I honestly think that people in the 1920’s saw the stock market as a means of making substantial amounts of money, with no consequences in the end. Through the Presidencies of the 1920 we see no real push to majorly stimulate the economy to continue its progression upwards. Yes Harding may have passed both the Emergency Tariff of 1921and the Fordney–McCumber Tariff but both only helped out farmers slightly by lessening......

Words: 891 - Pages: 4

Computer Security Management

...CSE 4482 Computer Security Management: Assessment and Forensics Introduction to Information Security Instructor: N. Vlajic, Fall 2010 Learning Objectives Upon completion of this material, you should be able to: • Define key terms and critical concepts of information security. List the key challenges of information security, and key protection layers. Describe the CNSS security model (McCumber Cube). Be able to differentiate between threats and attacks to information. Identify today’s most common threats and attacks against information. • • • • Introduction “In the last 20 years, technology has permeated every facet of the business environment. The business place is no longer static – it moves whenever employees travel from office to office, from office to home, from city to city. Since business have become more fluid, …, information security is no longer the sole responsibility of a small dedicated group of professionals, …, it is now the responsibility of every employee, especially managers.” http://www.businessandleadership.com/fs/img/news/200811/378x/business-traveller.jpg http://www.businessandleadership.com/fs/img/news/200811/378x/businesshttp://www.koolringtones.co.uk/wp-content/uploads/2010/01/mobile-phones.jpg http://www.koolringtones.co.uk/wp- content/uploads/2010/01/mobile- Information Technology • Information Technology – enables storage and transportation of information from one business unit to another in many......

Words: 4051 - Pages: 17

Truthfulness

...the general principals in particular how individuals and communities should make their way through human world. Other than that McCumber state that exchange among the edges are ethically more significant than action occurring on each level separately. Other than using McCumber ideas, the article also using ideas from May that describes the notion of the responsibility that focuses on edges in terms of sharing responsibility. Bunge adds that, thou shall search for the truth, pursue it wherever it may lead, and communicate it to whoever may interest in it. A few standard relating to its core ethical principles of honesty. First, IMA with four standards of conduct that is competence, confidentiality, integrity and credibility. Second, AICPA code professional conduct is mandates CPA independence in fact and appearance conducting audits. And lastly, GOA with their core values are accountability, integrity and reliability. According to McCumber’s, what salient facts are omitted by accountants in the narratives they provide about entities will depend on how much accountant devotes to focusing on edges of ethics. It is related to Enron; certainly the accounting narrative about Enron omitted important facts and was the organization itself. A real problem for accounting raised by truth where it cannot easily finessed by appeals to decision usefulness. McCumber (2005) also shows how truth and ethics are interconnected from the concepts of truths. Accountants’ relationship to management......

Words: 1279 - Pages: 6

Introduction to Computer Security

...Introduction to Computer Security CSE 3482 Introduction to Information/Computer Security Instructor: N. Vlajic, Winter 2014 Learning Objectives Upon completion of this material, you should be able to: • Describe the key security requirements of confidentiality, integrity and availability (CIA). • Describe the CNSS security model (McCumber Cube). • Identify today’s most common threats and attacks against information. • Distinguish between different main categories of malware. Required Reading Computer Security, Stallings: Chapter 1 Computer Security, Stallings: Chapter 6 Introduction • Information Technology – technology involving development & use of computer systems & networks for the purpose of processing & distribution of data  in many organizations, information/data is seen as the most valuable asset categories of IT jobs:  IT administrator - installs, maintains, repairs IT equipment  IT architect - draws up plans for IT systems and how they will be implemented  IT engineer - develops new or upgrades existing IT equipment (software or hardware)  IT manager - oversees other IT employees, has authority to buy technology and plan budgets  Introduction (cont.) • Information System – entire set of data, software, hardware, networks, people, procedures and policies that deal with processing & distribution of information in an organization  each component has its own strengths, weaknesses, and its own security......

Words: 1194 - Pages: 5

Causes of Great Depression

...Another one of the main causes for the Great Depression was due to the high tariffs and war debts. Many European nations owed billions of dollars to the United States. These nations that were so far in debt were impacted so strongly by World War I that they had no way of paying back their debt. The United States insisted the debt be paid off. The allies then demanded that Germany pay them through the Treaty of Versailles. This led to financial crisis when Europe couldn’t purchase goods from the United States. The United States also passed the Fordney-McCumber Act in 1922, which put high tariffs, or tax, on industrial products that were imports. This angered the other nations and they retaliated which led to a decline in world trade which was a major contributor to the Great Depression. A decline in world trade leads to a decline in Real GDP and this is bad for the economy. Overproduction in industry also played a pivotal role in the Great Depression. While factories were producing mass amounts of products, wages were not increasing at the same pace. Due to low wages and overproduction, workers could not afford to buy all of the factory output. The United States tried to sell the surplus of goods overseas, but the high tariffs and lack of money in Europe did not support this solution. An additional overproduction also occurred in the agriculture and farm industry. The average income for farm families was about a third of what average American families......

Words: 377 - Pages: 2

Dude

...layer that enables it to best reduce the targeted risk in the least invasive manner. For example, using encryption at the presentation layer protects the data but may leave the details of the actual exchange exposed and vulnerable. Encrypting at the transport layer, on the other hand, can protect more details but potentially interferes with the effectiveness and efficiency of some of the protocols used. An information assurance model devised by Maconachy et al. can be used to relate information assurance to networks. This model is an extension of an earlier information security model developed by McCumber. As shown in Figure 2 below, computer networks (i.e., the transmission layer) are represented by the top row of the "Rubik's Cube." The five pillars of information assurance are shown across the top, and security countermeasures (e.g., technology) are on the right face of the cube. Figure 2. Information assurance model (source: http://www.itoc.usma.edu/Workshop/2001/Authors/Submitted_Abstracts/paperW2C3(55).pdf) This information assurance model shows multiple intersections between the five pillars and the transmission layer. This also holds true for the intersections between the five pillars and the OSI model; the security services can be expected to apply to the OSI model's multiple layers. Note that the information assurance model has a column labeled "people." Perhaps the OSI model needs an eighth layer to describe information assurance services that......

Words: 9561 - Pages: 39

How Far Were the Policies of the Republican Party the Main Reason for America’s Economic Success in the 1920’s

...to making the American dream a reality. The Republicans remained in power throughout the 1920’s because they won votes off the senate and the House of Representatives; the public supported the Republicans because of the policies they introduced during the decade. In my opinion the most important policy that the Republicans introduced in the 1920’s was tariffs. This policy was put into place when Warren Harding promised a “return to normality” In order for his promise to be fulfilled he increased tariffs and introduced the Fordney McCumber Act of 1922. The Fordney McCumber act imposed a tax on goods from foreign countries making them ALWAYS more expensive than American goods. Also cutting taxes would be an effective policy for the Republican government because they believed that if taxes were low, people would have more money to invest in stocks and shares. These investments would help the American industries expand. The danger with the Fordney McCumber tariff for the American economy in the long run was that every country used them and stopped American exports, which damaged the international trade, a reason why the Republicans disliked trade unions. The name of this Republican policy was protectionism. Another policy that was introduced was by Calvin Coolidge (1923-29) and that policy was Laissez-Faire. Laissez-Faire is French and it translates ‘to leave alone’, which is exactly what the government did by interfering as little as possible with the running of the businesses......

Words: 2565 - Pages: 11

How Far Were the Policies of the Republican Party the Main Reason for America’s Economic Success in the 1920’s

...to making the American dream a reality. The Republicans remained in power throughout the 1920’s because they won votes off the senate and the House of Representatives; the public supported the Republicans because of the policies they introduced during the decade. In my opinion the most important policy that the Republicans introduced in the 1920’s was tariffs. This policy was put into place when Warren Harding promised a “return to normality” In order for his promise to be fulfilled he increased tariffs and introduced the Fordney McCumber Act of 1922. The Fordney McCumber act imposed a tax on goods from foreign countries making them ALWAYS more expensive than American goods. Also cutting taxes would be an effective policy for the Republican government because they believed that if taxes were low, people would have more money to invest in stocks and shares. These investments would help the American industries expand. The danger with the Fordney McCumber tariff for the American economy in the long run was that every country used them and stopped American exports, which damaged the international trade, a reason why the Republicans disliked trade unions. The name of this Republican policy was protectionism. Another policy that was introduced was by Calvin Coolidge (1923-29) and that policy was Laissez-Faire. Laissez-Faire is French and it translates ‘to leave alone’, which is exactly what the government did by interfering as little as possible with the running of the businesses......

Words: 2565 - Pages: 11

Marketing the Rubric Cube

...Running Head: Marketing The Rubric’s Cube Marketing The Rubik’s Cube Teresa M. Taylor Principals of Marketing Business 330 Instructor, Garlyn Lewis November 26, 2014 Running Head: Marketing The Rubrik’s Cube Marketing across cultures around the world is increasingly becoming a thriving business with the fast-speed globalization nowadays. The Four ‘Ps’ of marketing, namely product, price, place and promotion, include most of the elements of marketing decision-making. However, socio-cultural factors, in considering the combination of marketing strategies, will always run through them. Socio-cultural factors have a huge influence in people's concept of product and buying behavior. Lack of cultural awareness not only can lead to a decrease of product sales, but can even collapses the company’s whole international image. In this sense, understanding cultural differences plays an incredibly significant role in process of developing marketing strategies.  The partnership should be cohesive and be aligned with one another’s future endeavors and goals. Demographics, psychographics, and data from general areas in a given target market are beneficial information that is useful in developing marketing strategies. It assists with the marketing decisions that are results of the four P’s. When deciding if a company should expand business into a global market, it is important to conduct market research. Global market research gathers and collects data and information and......

Words: 3230 - Pages: 13

Ch1 Comp Security

...or unauthorized modification, or disclosure? a.|Exploit|c.|Vulnerability| b.|Exposure|d.|Loss| ANS: D PTS: 1 REF: 5 5. Organizations must minimize ____ to match their risk appetite. a.|threats|c.|risk| b.|access|d.|loss| ANS: C PTS: 1 REF: 5 6. An unlocked door is an example of a(n) ____. a.|vulnerability|c.|risk| b.|threat|d.|exploit| ANS: A PTS: 1 REF: 5-6 7. The CIA triad is based on three characteristics of information that form the foundation for many security programs: ____. a.|confidentiality, integrity, and asset| b.|confidentiality, integrity, and availability| c.|confidentiality, information, and availability| d.|communication, information, and asset| ANS: B PTS: 1 REF: 7 8. The McCumber Cube provides a ____ description of the architectural approach widely used in computer and information security. a.|linear|c.|graphical| b.|triangular|d.|semantic| ANS: C PTS: 1 REF: 8 9. Which individual interferes with or disrupts systems to protest the operations, policies, or actions of an organization or government agency? a.|Cyberterrorist|c.|Phreaker| b.|Packet monkey|d.|Hacktivist| ANS: D PTS: 1 REF: 11 10. Which individual is considered to be a script kiddie who uses automated tools to inundate a Web site with a barrage of network traffic, usually resulting in a denial of service? a.|Cyberterrorist|c.|Phreaker| b.|Packet monkey|d.|Hacktivist| ANS: B PTS: 1 REF: 12 11. Which threat is the most......

Words: 2296 - Pages: 10

Firewall Solution

...wiring infrastructure and ongoing monitoring of network traffic to find anomalous traffic. 23. What is a buffer overflow, and how is it used against a Web server? A buffer overflow is an attack in which more data is sent to a buffer than it can handle. The data received might then overflow the input buffer and modify the memory state of the program without authorization. Web servers are susceptible since all access to them is, by design, through an open port, which makes them susceptible to this form of attack unless the server’s operating systems and Web server programs are kept up to date. Real World Exercises 1. Assume that a security model is needed for the protection of information in your class. Using the CNSS model (McCumber Cube), write a brief statement on how you would address the three components represented in each cell. The student answer to this question will vary since it is a personal response to the problem. 2. Consider the most important item among all the categories of information stored on your personal computer. As it applies to that item of information (your information asset), identify an example of a corresponding threat, threat agent, vulnerability, exposure, risk, attack, and exploit. The student answer to this question will vary since it is a personal response to the problem. 3. Using the Web, identify the chief information officer, chief information security officer, and one systems administrator for your school. Which of......

Words: 1780 - Pages: 8

Information Systems

...This document presents a comprehensive information security model and has become a widely accepted evaluation standard for the security of information systems. The model, created by John McCumber in 1991, provides a graphical representation of the architectural approach widely used in computer and information security; it is now known as the McCumber Cube.17 The McCumber Cube in Figure 1-6, shows three dimensions. If extrapolated, the three dimensions of each axis become a 3 × 3 × 3 cube with 27 cells representing areas that must be addressed to secure today’s information systems. To ensure system security, each of the 27 areas must be properly addressed during the security process. For example, the intersection between technology, integrity, and storage requires a control or safeguard that addresses the need to use technology to protect the integrity of information while in storage. One such control might be a system for detecting host intrusion that protects the integrity of 1 Chapter 1 d ion ucat yE Polic tio nT ec Ed uc a Confidentiality Integrity Po lic y Integrity hn olo gy Confidentiality y olog n Tech Availability Availability Storage Processing Transmission Storage Processing Transmission Figure 1-6 The McCumber Cube18 Source: Course Technology/Cengage Learning information by alerting the security administrators to the potential modification of a critical file. What is commonly left......

Words: 15965 - Pages: 64

Introduction to Triple Cube

...THE INTERNATIONAL UNIVERSITY VNU-HCM [pic] SCHOOL OF BUSINESS (BA117IU) INTRODUCTION TO MICROECONOMICS COURSE GUIDELINE June 2015 CONTENT 1. COURSE STAFF 3 1.2. Communication with Staff 3 2. INFORMATION ABOUT THE COURSE 3 2.2. Teaching times and Locations 3 2.3. Units of Credit 3 2.4. Perquisite and Parallel courses 3 2.5. Relationship of this course to other course offerings 3 2.6. Approach to learning and teaching 4 3. COURSE OBJECTIVES AND OUTCOMES 4 3.2. Course objectives 4 3.3. Student learning and outcomes 4 3.4. Teaching Strategies 4 4. STUDENT RESPONSIBILITIES AND CONDUCT 5 4.1. Workload 5 4.2. Attendance 5 4.3. General Conduct and Behavior 5 4.4. Keeping informed 5 5. LEARNING ASSESSMENT 5 5.1. Assessment details 5 5.2. Assignment Submission Procedure 7 5.3. Late submission 7 5.4. Assignment Format 7 6. ACADEMIC HONESTY AND PLAGIARISM 7 7. STUDENT RESOURCES 8 7.1. Course Resources 8 8. COURSE SCHEDULE 9 COURSE STAFF Teaching Staff: Cao Minh Man PhD Room: A1-308 Phone: Email: cmman@hcmiu.edu.vn Consultant times: To be advised/ also by appointment Tutor: Room: Phone: Email: Consultant times: 1 Communication with Staff Student are advised to contact staff during consultant times, or by arranging an appointment INFORMATION ABOUT THE COURSE 2. Units of......

Words: 1521 - Pages: 7