A new medium-sized health care facility just opened and you are hired as the CIO. The CEO is somewhat technical and has tasked you with creating a threat model. The CEO needs to decide from 3 selected models but needs your recommendation. Review this week’s readings, conduct your own research, then choose a model to recommend with proper justifications. Items to include (at a minimum) are:
- User authentication and credentials with third-party applications
- 3 common security risks with ratings: low, medium or high
- Justification of your threat model (why it was chosen over the other two: compare and contrast)
You will research several threat models as it applies to the health care industry, summarize three models and choose one as a recommendation to the CEO in a summary with a model using UML Diagrams (Do not copy and paste images from the Internet). In your research paper, be sure to discuss the security risks and assign a label of low, medium or high risks and the CEO will make the determination to accept the risks or mitigate them. Your paper should meet the following requirements:
- Be approximately five to six pages in length, not including the required cover page and reference page. (Remember, APA is double spaced)
- Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
- Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
- Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.
BURKE, MCDONALD, J., & AUSTIN, T. (2000). Architectural support for fast symmetric-key cryptography. Operating Systems Review, 34(5), 178–189.
Diffie, & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.
Ullah, de Roode, G., Meratnia, N., & Havinga, P. (2021). Threat Modeling — How to Visualize Attacks on IOTA? Sensors (Basel, Switzerland), 21(5), 1834–.
Li, Yu, Y., Lou, C., Guizani, N., & Wang, L. (2020). Decentralized Public Key Infrastructures atop Blockchain. IEEE Network, 34(6), 133–139.
Chia, Heng, S.-H., Chin, J.-J., Tan, S.-Y., & Yau, W.-C. (2021). An Implementation Suite for a Hybrid Public Key Infrastructure. Symmetry (Basel), 13(8), 1535–.