Information Technology Reference
In-Depth Information
Table 1. Use cases
Use Case Name
Add/edit Mobile user
Goals/Description
Provide authentication mechanisms
Scenario example
All users must be subscribed in the Grid
Description
- A new user fills in or edits an electronic subscription form with his/her profile information
- The Grid administrator adds a new user to the system by approving the form or approves the user profile
change
Use Case Name
Search for news
A journalist can search for news material through the system interface in:
1. public sources
2. his organisation's historical archive
3. trusted commercial portals according to the subscriptions paid-for.
Goals/Description
Scenario example
The journalist familiarizes himself with the topic
- A user formulates a search query
- The user selects sources to search from a list
- The user submits the query
Description
Use Case Name
Get query results
Goals/Description
Receive query results from available repositories
Scenario example
The Journalist receives a list with the results of the search query
- The system returns results based on the metadata description of the stored material.
- Results can be sorted according to the journalist's needs, such as thematic groups.
- Visualization of results is based on the end user device capabilities (low resolution video for mobile
devices)
Description
In this first iteration of our case study, we define
the most important assets related to the use cases
aforementioned that we must protect and that
are the reference for the identification of threats,
attacks and security use cases. These assets are:
etc.) which contain sensitive information
that have to be protected from external dis-
closure or alteration.
Step 2.3: Identify Threats,
Attacks and Risks
•
Personal information
about the journalist
or editors: name, age, address, subscrip-
tions, salaries. All this personal informa-
tion is stored in the system and must be
protected from unauthorized access.
•
Media information
used: photos, articles,
recordings, videos, intellectual property
rights. This information is of a profession-
al nature and will be exchanged between
Grid users and stored in different localiza-
tions of the Grid system for an easy and
quick acess.
•
Exchange information
: messages, queries,
transactions. The data transmitted between
Grid elements (users, resources, server,
The set of threats and attacks that can occur in a
Mobile Grid system is similar to that produced
in a distributed system by adding those occurring
in the mobile environment with wireless network
and limited resources.
Examples of threats are unauthorized disclo-
sure of information, attacks to the content of a
message through wireless links, denial-of-service
attacks, network authentication related attacks,
physical node attacks, alteration of information,
and so on. In Table 3 we can see the threats con-
sidered for the assets identified in Mobile Grid
environments.
Search WWH ::
Custom Search