Competition For Authenticated Encryption - Myassignmenthelp.Com

Question: Discuss About The Competition For Authenticated Encryption? Answer: Introduction To satisfy the authorities of the wills system , the project manager ask the program director if they can deliver the project early than the proposed time. The manger desperately wants the project to be submitted early so that the company can grab the next project worth three million from the client company. However, the program director does not approve the idea of submitting the project early as the program is still in development phase and encryption algorithm needs to be incorporated to the system to enhance the security measure. Without the encryption algorithm the system will be easily hacked and this is something that the program director cannot approve. However the project manger thinks that this is not a major issue as far the security of the system is concerned. He further suggests the program director that even if there is a need for the encryption algorithm, it can be easily provided via software updates. According to the manager, it is more important to provide the client with the product solution rather than the encryption technology. The manger is so much desperate in proving his point and how much important it is for the company, he tries to convince the program director with the benefits that the company is going to achieve with the project. He further adds that, if the team can deliver the product early it will draw award and recognition not only for him, but also for the whole development team working on this project. The program director is much more after product quality one rather than rewards and recognition following some unethical methods. This definitely creates an ethical dilemma for Gregg, the director of the programming team. Q2. What are the facts? In reference to the discussion, this section highlights some facts: Encryption maintains data secure: With Encryption, software can be made more secured, reliable and robust (Han et al., 2015). According to the authors, encryption helps in strengthening system security by maintaining three major aspects of data security: Confidentiality it maintains data privacy Integrity it provides data accuracy Availability it keeps web server online to ensure data availability on demand. Encryption, with the help of cryptographic algorithm to provide data security as discussed in the article. Software updates resolves security issues: Software updates are rolled out for removing bugs encountered by the software encounters at some point during execution. Even after providing best efforts for the design, it is not always possible to produce software that does not have any issues. In the long run, the software will create issues as far as the execution or performance of the software is concerned (Khatarkar Kamble 2015). Regular updates ensure smooth execution with less error. Q3. What are the issues? There are some issues regarding the project, which will be discussed below: Integration of the encryption algorithm: Without the integration of the encryption technology, the software becomes less secure. It is true that it will take much more time to complete the integration process and it will delay the project, still delivering the project without encryption is also not accepted, as it will compromise with the software security and overall quality of the product. From the business point of view of the company needs to deliver the project within time to avoid issues that the client may raise if not delivered in time. However, without the encryption technology the system will be less secure (Subramanyan,, Ray Malik, 2015). Resolving security issues with software updates: Even though security issues are claimed to be resolved with software updates, it is not an effective solution to resolve the security issues that is due to some faults in the design process itself. Software updates are effective to bring changes in the day-to-day activities that the software is designed for to bring improvement in performance. However, it does not analyze the root causes that lead to system bug. The best practice that should be followed in order to deal with security issues more efficiently, is to design solution to problems identified in the software testing process (Bernstein , 2014). Otherwise, it is not easy to fix the security related issues with software updates as pointed out by the authors. Q4. Who is affected? It is the client company that will be affected most. If the manufacturing company delivers the software to the client company without considering the security issues it will also affect the customers associated with the organization including the company itself. In addition to that if the project is delivered without ensuring optimum performance, the manufacturing company have to face the accusations for the client site which may see cancelation of further project allocation or any project related works. Q5. What are the ethical issues and their implications? Violation of security: Whenever an organization develop any product for any client organizations, it is the responsibility and ethical duty of the company to treat the project with highest priority to maintain quality of the service. However, in this context as discussed, the security issues are being overlooked by the manufacturing company to deliver the product early in order to show the promptness to get the attention of the client so that they can get further. This move can be regarded highly unethical, as the system which is being developed will deal with personal data of thousands of customer that need to be secured. Compromising on the quality and security of such sensitive project can be overlooked at any cost. Compromising of quality over money: To deliver the project early in order to fetch the next project worth millions, the manager is even ready to compromise the quality of the product. This move can be regarded as unethical as it affect the client both in terms of security and reputation. Additionally, it will also affect the reputation of the manufacturing company. Q6. What could have been done about it? To finish the project so that it can be delivered early, the project should have been started in full swing right from beginning rather than opting for unethical means at the later part of the project development. Q7. What are the options? Considering current circumstances, two options are available to be followed right now. Either, the authorities should come up with an approach to convince the client company for delivery date extension or they should deliver the product without ensuring proper performance measure. Q8. Which option is the best and why? Considering the available options, it is obviously best to make the company understand why they need to extended the delivery and what improvements will be done in this context. This approach is best because if they chose to deliver the product that is not fully optimized, it will create issues in the later part when the system will be actually in use. This might create a bad impression for the client and on basis of that, the company might lose the next project and even any further project from the client. References Bernstein, D. J. (2014). Caesar: Competition for authenticated encryption: Security, applicability, and robustness. Han, J., Susilo, W., Mu, Y., Zhou, J., Au, M. H. A. (2015). Improving privacy and security in decentralized ciphertext-policy attribute-based encryption.IEEE transactions on information forensics and security,10(3), 665-678. Khatarkar, S., Kamble, R. (2015). A Survey and Performance Analysis of Various RSA based Encryption Techniques.International Journal of Computer Applications,114(7). Subramanyan, P., Ray, S., Malik, S. (2015, May). Evaluating the security of logic encryption algorithms. InHardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on(pp. 137-143). IEEE.