Estrella, Duff Michael O.

II-BINS
Principles of Network Security
Coursework 1 : CIA Variations

1. Discuss the following CIA Variations :

A. Parkerian Hexad
 Parker proposed an alternative model to the classic CIA Triad that he called the
Parkerian Hexad because he felt the Triad was too insufficient to describe the
totality of what we need to consider in the infosec field. His Hexad model added
an additional three attributes which are; Possession or Control, Integrity and
Utility.
B. McCumber Cube
 The Cybersecurity Cube also called the McCumber Cube is a tool developed by
John McCumber, one of the early cybersecurity experts, in order to help manage
the protection of networks, domains, and the Internet. The Cybersecurity Cube
has three dimensions and looks somewhat like a Rubik’s Cube. The first
dimension of the Cybersecurity Cube includes the three principles of information
security. The second dimension identifies the three states of information or data.
The third dimension of the cube identifies the expertise required to provide
protection. These are often called the three categories of cybersecurity
safeguards.

Reference Model of Information Assurance and Security (RMIAS)

a. Security Development Cycle

 The Microsoft SDL introduces security and privacy considerations throughout all
phases of the development process, helping developers build highly secure
software, address security compliance requirements, and reduce development
costs.

b. Information Taxonomy
 CNOM, IFIP WG 6.6, the IRTF NMRG, and the EMANICS Network of
Excellence, have developed a taxonomy for network and service management.
The goal of this taxonomy is to structure the research area in terms of a two-
level, well-defined set of keywords. These keywords can be used by authors to
annotate their papers and, more generally, by researchers to indicate their area of
expertise and interest. By matching paper keywords to reviewers expertise,
organizers of journals and conferences can use this taxonomy to improve quality
of reviews.

c. Security Counter Measures

Estrella, Duff Michael O.
II-BINS
 Security countermeasures are the controls used to protect the confidentiality,
integrity, and availability of data and information systems. There is a wide array
of security controls available at every layer of the stack.

d. Security Goals
 The RMIAS adjusts to one of its measurements called IAS octave-An
arrangement of 8 security objectives and they are confidentiality, integrity,
availability, accountability, non- reproduction, authenticity, trustworthiness and
privacy.

2. Compare and contrast these standards to CIA Triad

 CIA triad usually focuses on technology and ignoring human elements on the
other hand, Parkerian Hexad addresses the human element.

3. If you are the Chief Information Officer what standard/s are you going to implement in
University of Makati?
 The standard/s that I am going to implement in University of Makati is adding a
feature that includes cloud storage or drive. This will provide a cost effective
solution for storing data, delivering services and providing access to information.
The cloud can also be used for monitoring and managing the operating system
for all devices connected to it. It will also help in protecting data from
unauthorized access by ensuring that only authorized users have access to the
system. This will also avoid any hackers from accessing this important
information about the database and making sure that the data is safe.