Project 4: Cloud Computing

Project 4: Cloud Computing 150 150 Affordable Capstone Projects Written from Scratch

Project 4 Instructions: Each team member is a security software architect in a cloud service provider company, assigned to a project to provide the client with data integrity and confidentiality protections for data in transit that will be using applications in the cloud. Your client is an HR company that is moving HR applications and HR data into a community cloud, sharing tenancy with other clients. Your company has set up a software as a service, SAS, offering for its client base.

The data that the HR company will be pushing to and from the cloud will contain sensitive employee information, such as personally identifiable information, PII. You will have to address sensitive data and transit issues of the client data using the HR applications stored in the cloud, and provide a lifecycle management report that includes solutions to the cloud computing architect of your company.

The team will decide on a team leader, who may divide sections to complete by small groups of team members. You decide to make an outline of the report, and to use the phases of the software development lifecycle, SDLC, as a basis for the report. The outline includes the following: examine the cloud computing environment and determine the protection techniques and how they will be applied to components within the cloud to ensure end-to-end protection of data in transit. Consider what security techniques and methods are applicable, and tailor the software development lifecycle methodology for the cloud computing environment.

Select the best methods and techniques for protecting confidentiality and integrity of data in transit, and apply principles to the whole study approach. These are the software development life cycle phases to use as the report outline: initiating projects/defining scope, functional design, analysis and planning, system design specifications, software development, installation/implementation, tailoring, operation and maintenance, and disposal. Work in partnership teams to create the report.

The team has decided to use a hospital as our organization, the name of our hospital is University Hospital.

Software Development Life Cycle

Technology development and implementation usually follow a software development life cycle (SDLC) methodology that ensures that the right information is provided for analysis and decision making, and the right resources are applied for the most effective and efficient technology management approach.

You and your team members will use the components of the SDLC to formulate a life cycle management report to the cloud computing architect of a company. This is a group exercise, representing the kind of collaboration often required in the cybersecurity technology community. The report will include data protection techniques for a cloud-based service. The length of the group report should be 10-15 double-spaced pages.

There are 11 steps that will lead you through this project, and those steps mirror those in a typical SDLC. Most steps of this project should take no more than two hours to complete, and the project as a whole should take no more than three weeks to complete. Begin with the workplace scenario, and then continue with Step 1: “Initiating the Project.”

When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.

  • 1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment.
  • 2: Develop coherent paragraphs or points to be internally unified and function as part of the whole document or presentation.
  • 3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
  • 1: Identify and clearly explain the issue, question, problem under consideration.
  • 2: Locate and access sufficient information to investigate the issue or problem.
  • 5: Develop well-reasoned ideas, conclusions, checking against relevant criteria.
  • 1: Lead and participate in a diverse group accomplish projects and assignments.
  • 2: Plan and execute a project, articulating clear objectives and goals for the team.
  • 3: Contribute to projects, assignments, or goals as an engaged member of a team.
  • 4: Demonstrate diversity and inclusiveness in a team setting.
  • 6: Possess knowledge of the secure principles, methods, and tools used in the software development life cycle.

Step 1: Initiating the Project and Defining Its Scope

As the cloud security architect, you will need to understand the security development lifecycle process. To learn about this, review the following resources:

  • security development life cycle
  • software development methodologies

Click the following links to learn more about critical infrastructure sectors:

To be completed by a designated team member:

In your report, you will tailor your life cycle using security development lifecycle elements as well as from the software development life cycle elements, which would use software development methodologies.

Provide the concepts of the project. Describe your rationalizations for your tailoring. Define the products needed. Describe the mission of the client organization and the business need to move to a community cloud. This can be fictional or modeled from a real-world example with citations in APA format.

Identify the scope of the security architecture and include a topology of the architecture of the cloud environment. The information can be fictional or modeled from a real-world example with citations in APA format.

Identify in the topology which security features are needed for each of the components. Examples of topology include Amazon Web services, Generic Hadoop, Map-r, Cloudera, or MS Azure. Look at the functional architecture of a cloud-based system and the security architecture. Identify which parts of the functional architecture are within the scope of the security architecture for the overall systems of systems in the cloud. Identify which security features are needed to protect each component, as data is in transit and data is at rest within the architecture. Include in your descriptions possible software and hardware components as well as an operating system and the security protections needed for those components.

Narrow the scope of the security architecture relevant to the project you are assigned and to achieve security for data in transit. State the security objective of this project. When you are considering the software development life cycle approach, consider what model you are following. Some examples are waterfall, spiral, agile, and extreme programming.

Other questions to consider in the project initiation discussion:

  • What tools are there?
  • Why should you use them?
  • What are the system issues and other concerns?
  • What is interoperability?

Possible technologies to consider include:

  • Data in transit
  • How protected
  • Data integrity

In the project initiation portion of the final report, you will also report on the risk information you have gathered and evaluated and introduce a risk management strategy. Think like an attacker, and describe what are threats and probability of likelihood of those threats being exploited. Think about data in use in the memory of the processing resources. Where in the system is the data most likely plaintext and unprotected?

Provide your reasoning and cite sources you used to arrive at your conclusions. Click the link to review the resources on threat modeling, and then include, in your own words, a definition of threat modeling and explain how it is used in determining risk.

After defining the project and scope, move to the next step, where the team, as part of your functional analysis and design, will use the SQUARE method for requirements information gathering.

Step 2: Begin Functional Analysis and Design—Use SQUARE for Requirements Information Gathering

Now that the team has initiated the project, they will now focus on the functional design of the project.

To be completed by a designated team member:

Click the following link to learn more about software quality requirements engineering (SQUARE). Then, identify the SQUARE process and provide an overview of how to collect requirements for the security technology and/or techniques that are being proposed.

This information will be added to the group report.

In the next step, the team will learn how to secure data in the cloud.

Step 3: Learning Different Ways to Secure Data in the Cloud

The team has successfully examined the phases of a software development life cycle, defined the scope, and analyzed requirements for the project. Now you must begin your research into the Hadoop cloud environment to better understand what it takes to secure data in the cloud. To learn more about databases, review the following: Database Models

Enter Workspace and complete the “Software Development Life Cycle for Data in Cloud Computing” exercise. Do some quick independent research on Hadoop and the cloud as it applies to this assignment.


You will use the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to Discussions List for registration information) in which you can access resources to enable you to complete this project successfully.

Click here to access the instructions for Navigating the Workspace and the Lab Setup.

Click here to access the Project 4 Workspace Exercise Instructions. Explore the tutorials and user guides to learn more about the tools you will use. Then, enter Workspace.

Each team member will do the lab and collaborate on the final results Include your analysis on ways of securing data as part of the the final report.

In the next step, the team will provide the basis for evaluating technologies with analysis and planning.

Step 4: Provide Analysis and Planning for Evaluating Technologies

Once the team members have completed their functional analysis and design in the previous step, provide a summary on analysis and planning for the evaluation of the technologies and/or techniques examined for protection of client data in transit. To prepare, click the following links and learn more about virtualization and cloud computing:

To be completed by a designated team member:

Compare different technologies and techniques, including encryption, access control, and other technique; consider their efficiency, effectiveness, and other factors that may affect the security of the data in the cloud. Include your reasoning and conclusions in your evaluation. Conclude which is generally a better, stronger technique and why.

You will include this summary in your report.

In the next step, the team will work on system design specifications.

Step 5: Create System Design Specifications

In the last step, the team completed an analysis of technologies and techniques. For this step, provide system design specifications for a data-in-transit protection model.

To be completed by a designated team member:

Describe a fictitious infrastructure or model a real-world key management Infrastructure, citing sources using APA format.

You will include these specifications in the final report.

For the next step, the team is ready to explain the software development plan.

Step 6: Explain the Software Development Plan

Now that the team has identified system specifications, provide an explanation of the software development need and the plan for software development, if any.

To be completed by a designated team member:

Identify different design and development considerations for the system.

Include this explanation in the final report.

In the next step, the team will outline plans for testing and integration.

Step 7: Provide a Plan for Testing and Integration

Now that you have explained the software development plan, the next step in the software development life cycle and the next section of the report covers installation and implementation.

To be completed by a designated team member:

Provide a three-page explanation for testing and integration. Include the test plan and the evaluation of methodologies. Whatever is designed, ensure that the techniques are compatible with other systems such as the user workstations and other entry devices.

The test plan should include transactions on data within the cloud and use of methods on data in transit outside the cloud. Provide research and justification for the applying data confidentiality and data integrity protections.

Consider examples of technologies and/or techniques that can be used to protect the data in transit. Provide the expected results from implementing these technologies and/or techniques.

Consider these areas to address in your test plan, within the life cycle management report of data protection while in transit to and from the cloud computing environment:

  • Define the methods for protecting data in transit. How does the technology and/or technique protect data in transit?
  • Define the methods for protecting the integrity of data in transit. How are these technologies and/or techniques used to ensure data integrity? Explain.
  • Develop a test plan based on your test evaluation strategy.
  • Determine if data could be compromised while in transit.

Include the plan in the final report.

In the next step, the team will discuss how to tailor and deploy the technology as appropriate for software as a service (SaaS) in the cloud.

Step 8: Describe How to Tailor the Technology

Once the team has successfully explained testing and implementation methodologies, it’s time for tailoring of the technology as appropriate for software as a service (SaaS) in the cloud model.

To be completed by a designated team member:

Provide a description of this to include in the final report. Include a deployment strategy after the tailoring of the data protections for the SaaS cloud infrastructure.

With respect to the deployment strategy, consider the following: Where in the topology of the cloud would you employ the use of techniques? Identify which components would use which techniques. Include this description in the final report.

In the next step, the team will account for operations and maintenance.

Step 9: Provide a Plan for Operations and Maintenance

After the tailoring of technology comes an account of operations and maintenance.

To be completed by a designated team member:

Provide a briefing on an operations and maintenance plan for the protection of this information. Include an auditing plan to audit the security of the data in transit and what is in place for security. Within the auditing plan, include process for continuous monitoring of the data in transit architecture.

Include this briefing in the final report.

In the final step, the team will create a disposal plan.

Step 10: Create a Disposal Plan

The last section of the final report and the last stage in the software development life cycle is the disposal plan.

To be completed by a designated team member:

Provide a summary on disposal of the technology and/or techniques. Include this in the final report.