Professional Documents
Culture Documents
Christopher Fong
22 October 2019
Hamby, Chris. "Census at Risk From Glitches And Attackers." New York Times, 5 July 2019, p.
https://link.gale.com/apps/doc/A592222058/SCIC?u=char69915&sid=SCIC&xid=10548
This news article speaks about the concern over software glitches and cyberattacks that
could happen to the 2020 U.S. census data due to the move to newer data collection
methods, including cloud computing. In an effort to lower costs and raise response rates
the Census Bureau(CB) decided to move onto the cloud platform provided by Amazon.
However, what the CB failed to realize was that, in the previous year’s audit, there was
an unsecured door to sensitive data, which allowed a hacker to view, alter and delete
information collected in field tests. The CB has since patched up the breach, but are still
struggling to ensure the safety of information on the cloud, due to lack of resources.
According to former congressional staff member Terri Ann Lowenthal, if these issues are
not resolved in time “we could be headed toward a failed census,” which would be the
first since 1790. The article then moves on to speak about small technological problems
encountered by census workers during testing and the possible repercussions of having a
security breach. The bureau states that having these problems risks fear being spread
Chris Hamby is a journalist who is currently working for the New York Times. He has
won awards such as a Pulitzer Prize, a Goldsmith Prize, two White House
worked at BuzzFeed News and was a reporter at the Center for Public Integrity. Hamby
seems to hold slightly more liberal beliefs; however, is more objective in his writing. The
and a variety of other reliable sources speaking about the census. The source is
essentially an informative report on what has been happening in the build-up to the 2020
census. The intended audience is general higher education readers who care about politics
and the upcoming census. Unlike my other sources, this source isn’t mainly focused on
the dangers of rushing into cloud computing, but the effect that it can have society and
the dangers of a security breach. I wish that this source would’ve been more specific on
what the CB did to solve these issues and the issues that they encountered during their
test runs.
This source fits into my research by giving insight on a different side of the issue. When I
originally thought of my topic it was more about the business rushing into using cloud
computing; however, after reading this article it made it clear to me that this problem was
a lot larger than I had originally thought. Along with this, the article shows how pressing
this issue is by giving a current event that most people know about. This source will most
likely make an appearance in Extended Inquiry Project, due to the fact that it broadens
the scope of what I can talk about, and it provides a good example for people who may
Morrow, Timothy. “12 Risks, Threats, & Vulnerabilities in Moving to the Cloud.” 12 Risks,
Threats, & Vulnerabilities in Moving to the Cloud, Carnegie Mellon University, 5 Mar.
2018,https://insights.sei.cmu.edu/sei_blog/2018/03/12-risks-threats-vulnerabilities-in-mo
This blog lists 12 different risks, threats, and vulnerabilities associated with moving to
the cloud. This includes the reduced visibility and control of consumers, the
simplification of unauthorized use, and overall cybersecurity risk just to name a few.
Morrow states that consumers have reduced visibility and control because of the amount
of monitoring needed without the use of network-based monitoring. Next, he briefly talks
about how the increased demand for cloud computing increases unauthorized use of
cloud services and how unauthorized cloud services can result in an increase in malware.
The third item on Morrow’s list states that application programming interfaces (APIs),
manage assets and users, are much more accessible on the internet and expose them to
possible security breaches. After this, he states that there is an increased chance of data
leakage if the separation between users is not met. The last issue only affects cloud
computing pertains to deleting data on the cloud. Because many different CSPs have
different deletion procedures organizations may not be able to verify that their data was
securely deleted. This leaves organizations that switch between many CSPs more
vulnerable to data leaks. The remaining seven items on the list apply to both cloud and
on-premise data centers that hold the cloud servers. The first issue that he states is the
connectivity of the cloud. Because the cloud is so connected if a hacker gained access to
a user’s cloud credentials it can potentially be used to gain access to CSP administrator’s
data. This would be devastating due to the amount of rights administrators hold. While
this is pretty far fetched it can still be a possibility. The three main issues that Morrow
addresses in the list is the insider abuse that can occur, loss of data that can occur, and the
insufficient understanding of the cloud computing and the risks involved with it. Due to
this lack of knowledge, some organizations don’t provide the necessary security measures
The author Timothy Morrow, also known as Tim Morrow, is the situational awareness
technical manager in the SEI CERT Division’s Monitoring and Response Directorate. He
has past experience as technical support for DoD and non-DoD programs. Morrow is
objective in this blog post; however, he has a slight bias toward CSPs and makes it seem
like the blame is to fully put on organizations that implement cloud computing without
association are higher education people and businesses/organizations that are considering
implementing cloud computing. This source is much more general when compared to the
The source supplies me with a large amount of general information about the subject;
however, the information given in the blog post is a bit too general. If the author added
examples to each entry on the list the blog would be easier to understand and read as a
casual reader. This blog helps me understand different problems pertaining to cloud
computing and the different factors that make security in the cloud difficult. It has made
me take in the fact that there are three different parties that are interacting within the
cloud computing process, the consumer, organization, and provider. These three different
parties play an important role in ensuring the safety of the cloud platform.
Pugazhenthi, A, and Chitra, D. “Data Access Control and Secured Data Sharing Approach for
Health Care Data in Cloud Environment.” Journal of Medical Systems., vol. 43, no. 8,
This academic journal is about security issues pertaining to cloud computing and a
solution that in theory should work. It starts off talking about Google Docs and the
usefulness of that platform to talk about the overall usefulness of cloud computing;
however, the authors quickly explain that “while storing the data in the Cloud and
meanwhile of sharing the information, the security of the Cloud is more likely to be
violated.” After this, the academic journal goes on to speak about the previous research
on the issue. This includes, but is not limited to, Xinyi Huang’s Identity-based ring
signature method (ID-based), Huang Qinlong’s Efficient revocation (EABDS), and Hong
authors do this to show the previous research that much of the academic journal is about.
The rest of the academic journal goes on about how using the Improved Diffie Hellman
Key Exchange Algorithm (IDHKE) will ensure secured data transmission with accurate
and reliable authentication. The IDHKE is an algorithm that encrypts data, which makes
Author Chitra Duraisamy is a professor and Head of Computer Science and Engineering
than this information I could not find more information on the authors. Which is
extremely concerning to me. Because I really don’t know how reliable they are. I can
assume that they are because they are professors at universities doing research on the
topic. In the source, the authors are extremely objective showing little to no bias on the
subject. I couldn’t understand/comprehend most of the math in the source and some of
the terms were hard to understand as well. This is an academic publication. The purpose
of this journal was to help solve the cloud computing issue of security by creating an
encryption algorithm that could potentially make data stored in the could much safer. The
intended audience of this academic article is people who are already in the cloud
computing field and other higher educated people who care about computer science. My
other sources are much easier to read when compared to this source. This is because of
The source helps me with my general understanding of the topic. It also gives me a
solution to the problem that I have presented. However, I believe that the source is a bit
too complicated and hard to understand. The math that the source presents is a bit too
complicated for me to understand at times, even though it gives a step by step. The source
really does a good job of highlighting the complexity of the topic. It helped me
understand the different efforts that people are making to solve this situation. If I do
decide to use this source in my paper it will most likely be included in the last few