Assignment: Software Development Life Cycle For Data In The Cloud Computing Environment
Member is a security software architect in a cloud service provider company, assigned to a project to provide the client with data integrity and confidentiality protections for data in transit that will be using applications in the cloud. Your client is an HR company that is moving HR applications and HR data into a community cloud, sharing tenancy with other clients. Your company has set up a software as a service, SAS, offering for its client base.
The data that the HR company will be pushing to and from the cloud will contain sensitive employee information, such as personally identifiable information, PII. You will have to address sensitive data and transit issues of the client data using the HR applications stored in the cloud, and provide a life cycle management report that includes solutions to the cloud computing architect of your company.
Software Development Life Cycle
Technology development and implementation usually follow a software development life cycle (SDLC) methodology. This approach ensures accuracy of information for analysis and decision making, as well as appropriate resources for effective technology management.
You and your team members will use components of the SDLC methodology to develop a life cycle management report for the cloud computing architect of a company. This is a group exercise, representing the kind of collaboration often required in the cybersecurity technology community.
There are 11 steps to lead you through this project. Similar steps are typically used in organizational SDLC projects. Most steps should take no more than two hours to complete, and the entire project should take no more than three weeks to complete. Begin with the workplace scenario, and then continue with Step 1: "Initiating the Project."
Life Cycle Management Report: A 10- to 15-page double-spaced Word document on data protection techniques for a cloud-based service with citations in APA format. The page count does not include figures or tables. There is no penalty for using additional pages if you need them. Include a minimum of six references. Include a reference list with the report.
As the cloud security architect, you must understand the security development life cycle process. Review the following resources to learn about the security development life cycle process:
• security development life cycle
• software development methodologies
Click the following links to learn more about critical infrastructure sectors:
• Critical Infrastructure Sectors. Read their descriptions and consider which sector you support in your role.
• Process Control Systems: Cybersecurity and Defense
To be completed by a designated team member:
You will begin your Life Cycle Management Report now.
1. Choose a fictional or actual organization. Describe the mission of the organization and the business need to move to a cloud environment.
2. Identify the scope of the security architecture and include a topology. To narrow your scope, focus on issues that application security engineers can control. Avoid discussing resilience and business continuity issues, physical security issues, traditional best practices for software development, or underlying infrastructure security. Examples of topology include Amazon Web Services, Generic Hadoop, Map-r, Cloudera, or Microsoft Azure.
3. In your report, you will combine security development life cycle and software development life cycle methodologies. When you are considering the software development life cycle approach, consider what model you are following. SDLC examples include Waterfall, Spiral, Agile, and Extreme Programming.
4. Address confidentiality, integrity, and availability requirements for data at rest and data in transit.
1. Think like an attacker exploiting software vulnerabilities and the likelihood of those vulnerabilities being exploited.
2. Think about data in use in the memory of the processing systems. Where in the system are the data most vulnerable?
5. Describe the concepts and products you chose and explain why these were chosen.
6. Include in your descriptions possible software and hardware components as well as an operating system and the security protections needed for those components.
7. Include a discussion of interoperability among the solutions you choose.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.
Attachment:- Life-Cycle-Management-Reportstep-Draft.rar