7026CEM Security of Emerging Connected Systems

7026CEM Assignment Help

Security of Emerging Connected Systems Assignment help

Module Learning Outcomes Assessed:

1. Critically evaluate the role of a security policy for protecting information assets and be able to propose appropriate security policies to defend those assets based on an understanding of security concepts and their application to internet-based technologies.
2. Demonstrate a sound understanding of the key legislation that relates to information security and how it influences the security policy of an organisation.

VERY IMPORTANT NOTES
This CW1 brief is ONLY for students whole had an upheld ACO outcome on a previous CW1 submission, OR approved deferrals.
– If you have already passed CW2 on a previous attempt using Domus, then pick the PHP/HTML related security issue, you do NOT need to run, test, and report the either or both systems again, still up to you if you wish to run them in case you need to refresh your memory or double check on any issue.

If you are doing CW2 then a zipped file named “DefACO.zip” is necessary for CW2.
You MUST create a folder in the VM desktop, name it exactly “<first_name> <last_name>-<ID>”, unzip and place the DefACO.zip inside the folder you created, the unzipped folder MUST be the same name, i.e., DefACO. In each command line, you MUST show this folder path in EVERY screenshot within your report. Screenshots MUST be clear and easy to read.
For example, if your first name is “Alice” your last name is “Bob”, and your ID is “123456”, then the folder’s name on the desktop is:
“Alice Bob-123456”

Full path to the given system MUST include:
…/Alice Bob-123456/DefACO
You MUST include proper evidence of preforming the experiments in CW2 such as screenshots, failure to do so will unquestionably result in failing CW1.

Task and Mark distribution:
This coursework consists of two pieces. Students MUST do both pieces.
For this coursework, you should have done or part of CW2 or already passed it; successfully tested all or part of DefACO system. Discuss the laws and the legal background related to the PHP/HTML security issues that has been found in DefACO system. As well as laws and the legal background related to the leaked Personal Identifiable Information (PII). If you have already passed CW2 on a previous attempt using Domus, then pick the PHP/HTML related security issue, you do NOT need to run, test, and report the either or both systems again, still up to you if you wish to run them in case you need to refresh your memory or double check on any issue.

1. First piece: laws and legal background of the PHP/HTML related issue.
If you are submitting CW2 for November 2022 attempt, then you MUST discuss the legal background about the PHP/HTML security issue that you have analysed in DefACO system.

2. Second piece: laws and legal background of the leaked PII.
If you are submitting CW2 for November 2022 attempt, then you MUST discuss the legal background of the PII leakage real IoT system security incident.

Laws and legal background:
For each piece, report must discuss UK and US law that might be applicable. Covering legal aspects, legal implications and the legal consequences and security recommendations.

Consider penalties for the attacker and/or the party that is holding the system. Legal consequences for both pieces can be for example but not limited to, any legal consequences on the household or the company operating this system. Any legal consequences on the vendor or the company that has produced this system.

Consider any suggestions to mitigation, through technology, policy, license, or user agreements.

• UK Law understanding and coverage (40%, ~600 words): coverage of all applicable legal aspects and demonstration of a good understanding of them. And the applicable legal consequences or penalties.
• US Law understanding and coverage (40%, ~450 words): coverage of key aspects to be considered. And the applicable legal consequences or penalties.
• Technical Recommendations (30%, ~300 words): Full marks for legal and security recommendations covering all points in the brief and reference to suitable real-world cases.

Report (10%): a report suitable for both technical staff and non-technical management; the style/structure of the report, and the use of language and grammar. Use proper way of citations, check Coventry University’s guide on writing. Style recommendations:

o Use 3rd person and passive voice rather than 1st and 2nd person.
o Use MS Word with Arial /Sans Serif font or Times New Roman, size 12, and 1.15 line spacing.
o Paragraphs are left alignment or justified.
o Acronyms should be capitalised, explained, and added to a table of acronyms at the beginning of the report.
o Figures, tables, and graphs should be captioned and added to list of figures, tables, and graphs.
o Add a table of contents at the beginning of the report.
o Avoid using American English and use British English.