Application Security Lasa
Assignment 2: LASA 2: Kenne Jarson Laboratories: Phase 2
This assignment builds upon LASA 1. Please review the initial scenario and company background provided in LASA 1.
You will complete phase 2 of the web application portal project for Kenne Jarson Laboratories.
In a Microsoft PowerPoint presentation with speaker notes, you will provide security recommendations that describe the authentication, access control, and encryption or cryptography utilized to ensure security of confidential information.
Security Control Overview: The first 7–8 slides will introduce and describe the importance of security controls and mechanism for the new web application portal. In particular, the following items should be covered:
Authentication: Define the term and describe its relevance and usage in maintaining security in a web application portal.
Access Control: Describe the term and explain how access control will be provided or limited for those using the web application portal.
Cryptography and Encryption: The web application portal will share confidential and highly sensitive information between the company and its wholesalers or distributors. Describe how cryptography and encryption can help provide secure communications.
Security Comparison of Authentication Technologies: The next 3–4 slides should describe various authentication tools or technologies that can be used in an online or a web setting to authenticate users. Provide a recommendation, along with a justification, for your selection that aligns with the requirements of the organization.
Access Control Plan: You should include 3–4 slides on how user access control will be maintained for the web application portal. Suggest potential security groupings and techniques to maintain user access control.
Cryptography and Encryption: The final 5–6 slides should discuss the security measures that will be used to ensure secure communications between the company’s web application portal and that of its partners or distributors. Describe what cryptography and encryption schemes should be used to secure the web application portal.
Save the presentation as M5_A2_Lastname_Firstname.ppt.
By the due date assigned, submit your presentation to the Submissions Area.
LASA 2 Grading Criteria and Rubric:
All LASAs in this course will be graded using a rubric. This assignment is worth 300 points. Download the rubric and carefully read it to understand the expectations.
Assignment 2 Grading CriteriaMaximum PointsDefined the authentication and described its relevance and usage in maintaining security in a web application portal.32Described the access control and explained how access control will be provided or limited for those using the web application portal.32Described how cryptography and encryption can help provide secure communications.32Described various authentication tools or technologies that can be used in an online/web setting to authenticate users. Provided a recommendation, along with a justification, for your selection that aligns with the requirements of the organization.48Described how user access control will be maintained for the web application portal. Suggested potential security groupings and techniques to maintain user access control.44Identified and described the security measures that will be used to ensure secure communications between the company’s web application portal and that of its partners or distributors. Described what cryptography and encryption schemes should be used to secure the web application portal.48
Usage and Mechanics (16)
APA Elements (24)
The Initial Scenario it is referring to:
Kenne Jarson Laboratories is a large pharmaceutical company that specializes in the development and manufacturing of various prescription medications designed to help treat specific types of cancer. The company has three branches:
Research and Development: This section of the organization develops tests and prototypes for new drugs.
Marketing: This wing of the company markets, promotes, and advertises new products and drugs.
Manufacturing and Distribution: This area of the company is responsible for manufacturing the pharmaceuticals offered by the company and distributing them to its wholesale partners.
The company is in the process of launching a new web application portal that can be used by the company’s wholesale partners and distributors. The portal will provide access to wholesale drug pricing guides, allow orders to be placed, and track shipments. It will also provide information on the status of new drugs being developed along with their estimated date of availability for purchase.
You serve as an information security specialist with the organization and have been tasked to work with the team developing the web application portal to address the security concerns or issues that may arise.