CSIA 360 Paper #2 Mobile App Security Assessment + Strategy v4. Due on March 11
csia_360_paper__2_mobile_app_security_assessment___strategy_v4.docx

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
CSIA 360 Paper #2 Mobile App Security Assessment + Strategy v4
Just from $10/Page
Order Essay

CSIA 360: Cybersecurity in Government Organizations
Paper #2: Mobile App Security Assessment & Strategy
Scenario:
A federal agency has asked your cybersecurity consulting firm to provide it with a white paper
that discusses best practices for security architectures and designs for mobile apps. The white paper
should also present the agency with a strategy for developing an award winning digital government
mobile app for its submission to next years’ Mobi-Gov awards. The agency had several mobile apps in
the “honorable mention” category this past year but, each of the apps failed to make passing scores in
the mobile app security category. The contest rules do not allow revision and resubmission of entries
from prior years. For this reason, your starting point should be recommendations for a security
architecture for a completely new mobile app.
The scoring for the awards is organized around the three strategies from the federal
government’s digital government strategy (posted in the Week 3 readings).
1. Enable the American people and an increasingly mobile workforce to access high-quality digital
government information and services anywhere, anytime, on any device.
2. Ensure that as the government adjusts to this new digital world, we seize the opportunity to
procure and manage devices, applications, and data in smart, secure and affordable ways.
3. Unlock the power of government data to spur innovation across our Nation and improve the
quality of services for the American people.
Research:
1. Research the “best” of federal mobile apps to see examples of the type of apps the agency will be
competing against next year.
a. 19 of the Coolest Government Mobile Apps

19 of the Coolest Government Mobile Apps

b. 10 Most Entertaining Government Mobile Apps
https://www.govloop.com/community/blog/10-most-entertaining-government-mobileapps/
c. 3 Innovative Ways Agencies are Leveraging Mobile Apps http://fedscoop.com/greatgovernment-mobile-apps
2. Research the federal government’s perspective on mobile app security architectures and design
recommendations. Here are three sources to help you get started:
a. Mobile App Developers: Start with Security
https://www.ftc.gov/tips-advice/business-center/guidance/mobile-app-developersstart-security
b. Mobile Security Reference Architecture
https://cio.gov/wp-content/uploads/downloads/2013/05/Mobile-Security-ReferenceArchitecture.pdf
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 360: Cybersecurity in Government Organizations
c. Architecture and Design Considerations for Secure Software (Mobile Applications)
https://buildsecurityin.uscert.gov/sites/default/files/ArchitectureAndDesign_PocketGuide_v2%200_05182012_P
ostOnline.pdf
3. Research industry recommendations for mobile app security. Begin with the following sources:
a. OWASP Mobile Security Project
https://www.owasp.org/index.php/OWASP_Mobile_Security_Project
b. Top 10 Mobile Risks (click on tab)
https://www.owasp.org/index.php/OWASP_Mobile_Security_Project
c. Mobile app security: Always keep the back door locked
http://arstechnica.com/security/2013/02/mobile-app-security-always-keep-the-backdoor-locked/
4. Find five or more best practice recommendations for ensuring the security of mobile apps. These
recommendations must include security for the platform (mobile device), the data on the device,
and the transmission path between the device and the mobile application server.
Write:
Write a five (5) to eight (8) page white paper in which you summarize your research and present
your “best practices” based strategy for developing an award winning, secure mobile app. You should
focus upon clarity and conciseness more than length when determining what content to include in your
paper. At a minimum, your white paper must include the following:
1. An introduction or overview of mobile apps for digital government. Your overview should include
examples of mobile apps which are recognized as being innovative and “best of category” for
delivering government information and services to mobile devices. This introduction should be
suitable for an executive audience.
2. A separate section in which you discuss the federal government’s requirements and
recommendations for mobile app security architectures and the associated design
recommendations. This section should be written for non-technical managers; you will need to
translate from tech-speak to manager-speak. Diagrams and pictures may be useful but, remember
to include the appropriate in-text citations for the source (append to the figure caption).
3. A separate section in which you discuss industry’s recommendations for security architectures and
risk reduction for mobile app security.
4. A section in which you present 5 or more best practice recommendations for building security into
the new mobile app which will become next year’s entry into the Mobi-Gov awards contest. These
recommendations should be presented as your “strategy” for “winning” the security evaluation
category for mobile apps.
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 360: Cybersecurity in Government Organizations
Submit For Grading
1. Submit your white paper in MS Word format (.docx or .doc file) using the OPEN Data Assignment in
your assignment folder. (Attach the file.)
2. You must also submit your white paper to TurnItIn before the due date for this assignment.
Additional Information
1. Your white paper should use standard terms and definitions for cybersecurity concepts. The
following sources are recommended:
• ISACA Glossary http://www.isaca.org/pages/glossary.aspx
• Guidelines on Security and Privacy in Public Cloud Computing
http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdf
2. You are expected to credit your sources using in-text citations and reference list entries. Both your
citations and your reference list entries must comply with APA 6th edition Style requirements.
Failure to credit your sources will result in penalties as provided for under the university’s Academic
Integrity policy.
3. Use APA 6th edition style (formatting) for the organization and appearance of the MS Word
document that you submit to your assignment folder. This includes margins, section headings, and
consistent use of fonts (Times New Roman 12 in black), paragraph styles (first line indent by ½ inch),
and line spacing (double). Formatting requirements and examples are found under Course
Resources > APA Resources. Your file should contain both a title page and a separate References
page. Use page breaks to ensure that the title page and references page are separate from the body
of the paper.
4. You are expected to write grammatically correct English in every assignment that you submit for
grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying
that your punctuation is correct and (d) reviewing your work for correct word usage and correctly
structured sentences and paragraphs. These items are graded under Professionalism and constitute
15% of the assignment grade.
Criteria
Excellent
15 points
Outstanding
14 points
Acceptable
13 points
Needs
Improvement
Needs
Impr
11 points
4 points
Introduction or
Overview for
Mobile Apps
Provided an excellent
overview of mobile
apps for digital
government.
Discussion included 5
or more examples of
mobile apps which
have been recognized
as being innovative or
Provided an
outstanding overview
of mobile apps for
digital government.
Discussion included 3
or more examples of
mobile apps which
have been recognized
as being innovative or
Provided an overview
of mobile apps for
digital government.
Discussed the purpose
of mobile apps from
the federal
government. Included
at least one example
of a mobile app that is
Provided an overview
but the section lacked
important details
about federal
government mobile
apps. Information from
authoritative sources
was cited and used in
the overview.
Copyright ©2017 by University of Maryland University College. All Rights Reserved
Attempted to p
introduction to
section lacked
not well suppo
information dr
authoritative s
CSIA 360: Cybersecurity in Government Organizations
“best of category” for
delivering
government
information and
services to mobile
devices. The overview
appropriately used
information from 3 or
more authoritative
sources.
20 points
“best of category” for
delivering
government
information and
services to mobile
devices. The overview
appropriately used
information from 2 or
more authoritative
sources.
available from the
federal government’s
app store. The
overview appropriately
used information from
1 or more
authoritative sources.
18 points
16 points
Federal
Perspective on
Mobile App
Security
Industry
Perspective on
Mobile App
Security
Provided an excellent
overview of the
federal government’s
requirements and
recommendations for
mobile app security
architectures and the
associated design
recommendations.
Explanations were
written for nontechnical managers
and included at least
three useful diagrams
or pictures with
appropriate in-text
citations for the
source (appended to
the figure caption).
Appropriately used
information from 3 or
more authoritative
sources.
Provided an
outstanding overview
of the federal
government’s
requirements and
recommendations for
mobile app security
architectures and the
associated design
recommendations.
Explanations were
written for nontechnical managers
and included at least
two useful diagrams
or pictures with
appropriate in-text
citations for the
source (appended to
the figure caption).
Appropriately used
information from 2 or
more authoritative
sources.
Provided an overview
of the federal
government’s
requirements and
recommendations for
mobile app security
architectures and the
associated design
recommendations.
Included at one or
more useful diagrams
or pictures with
appropriate in-text
citations for the source
(appended to the
figure caption).
Appropriately used
information from 1 or
more authoritative
sources.
20 points
18 points
16 points
Provided an excellent
overview of industry
recommendations for
mobile app security
architectures and the
associated design
recommendations.
Explanations were
written for nontechnical managers
Provided an
outstanding overview
of industry
recommendations for
mobile app security
architectures and the
associated design
recommendations.
Explanations were
written for non-
Provided an overview
of industry
recommendations for
mobile app security
architectures and the
associated design
recommendations.
Included at one or
more useful diagrams
or pictures with
14 points
10 points
Provided a discussion
of the federal
government’s
requirements or
recommendations for
mobil app
security.Appropriately
used information from
authoritative sources.
Provided a disc
app security in
federal govern
discussion lack
was not well su
information dr
authoritative s
14 points
10 points
Provided a discussion
of industry
recommendations for
mobil app
security.Appropriately
used information from
authoritative sources.
Provided a disc
app security fr
perspective. Th
discussion lack
was not well su
information dr
authoritative s
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 360: Cybersecurity in Government Organizations
and included at least
three useful diagrams
or pictures with
appropriate in-text
citations for the
source (appended to
the figure caption).
Appropriately used
information from 3 or
more authoritative
sources.
15 points
technical managers
and included at least
two useful diagrams
or pictures with
appropriate in-text
citations for the
source (appended to
the figure caption).
Appropriately used
information from 2 or
more authoritative
sources.
appropriate in-text
citations for the source
(appended to the
figure caption).
Appropriately used
information from 1 or
more authoritative
sources.
14 points
13 points
Provided an excellent
discussion of best
practice
recommendations for
ensuring the
confidentiality,
Best Practice
Recommendations integrity, availability,
for Mobile App
authenticity, and nonSecurity
repudiation for
Mobile Applications.
Included 5 or more
specific
recommendations.
Appropriately used
information from 3 or
more authoritative
sources.
5 points
Provided an
outstanding
discussion of best
practice
recommendations for
ensuring the
confidentiality,
integrity, availability,
authenticity, and nonrepudiation for
Mobile Applications.
Included 4 or more
specific
recommendations.
Appropriately used
information from 2 or
more authoritative
sources.
Provided a discussion
of best practice
recommendations for
ensuring the
confidentiality,
integrity, availability,
authenticity, and nonrepudiation for Mobile
Applications. Included
3 or more specific
recommendations.
Appropriately used
information from 1 or
more authoritative
sources.
4 points
11 points
4 points
Discussion provided
some information
about best practices
for ensuring
security for Mobile
Applications.
Mentioned information
obtained from
authoritative sources.
Discussion pro
information ab
for ensuring se
Applications, b
detail and/or w
by information
authoritative s
2 points
3 points
Addressed
security issues
using standard
cybersecurity
terminology
APA Formatting
for Citations and
Reference List
1 point
Demonstrated
excellence in the
integration of
standard
cybersecurity
terminology into the
case study.
Provided an
outstanding
integration of
standard
cybersecurity
terminology into the
case study.
Integrated standard
cybersecurity
terminology into the
into the case study
Used standard
cybersecurity
terminology but this
usage was not well
integrated with the
discussion.
Misused stand
terminology.
5 points
4 points
3 points
2 points
1 point
Work contains a
Work contains a
Work contains a
reference list
reference list
reference list
containing entries for containing entries for containing entries for
Work has no more
Work attempts
than three paragraphs but demonstra
with omissions of
failure to unde
Copyright ©2017 by University of Maryland University College. All Rights Reserved
CSIA 360: Cybersecurity in Government Organizations
all cited resources.
Reference list entries
and in-text citations
are correctly
formatted using the
appropriate APA style
for each type of
resource.
all cited resources.
One or two minor
errors in APA format
for in-text citations
and/or reference list
entries.
4 points
5 points
Professionalism
Part I:
Organization &
Appearance
Submitted work
shows outstanding
organization and the
use of color, fonts,
titles, headings and
sub-headings, etc. is
appropriate to the
assignment type.
all cited resources. No
more than 3 minor
errors in APA format
for in-text citations
and/or reference list
entries.
citations crediting
sources for facts and
information. Work
contains a reference
list containing entries
for cited resources.
Work contains no more
than 5 minor errors in
APA format for in-text
citations and/or
reference list entries.
the APA forma
defined in the
Manual of the
Psychological
Association (6t
3 points
2 points
Submitted work has
minor style or
formatting flaws but
still presents a
professional
appearance.
Submitted work is
well organized and
appropriately uses
color, fonts, and
section headings (per
the assignment’s
directions).
Organization and/or
appearance of
submitted work could
be improved through
better use of fonts,
color, titles, headings,
etc. OR Submitted
work has multiple style
or formatting errors.
Professional
appearance could be
improved.
Submitted work has
multiple style or
formatting errors.
Organization and
professional
appearance need
substantial
improvement.
14 points
13 points
11 points
1 point
Submitted wor
requirements b
and formatting
disorganized a
rewritten for r
professional ap
4 points
15 points
Professionalism
Part II: Execution
Overall Score
Work contains minor
errors in formatting,
No formatting,
grammar, spelling or
grammar, spelling, or punctuation which do
punctuation errors.
not significantly
impact professional
appearance.
Excellent
90 or more
Outstanding
80 or more
Errors in formatting,
spelling, grammar, or
punctuation which
detract from
professional
appearance of the
submitted work.
Acceptable
70 or more
Submitted work has
numerous errors in
formatting, spelling,
grammar, or
punctuation. Work is
unprofessional in
appearance.
Needs
Improvement
56 or more
Copyright ©2017 by University of Maryland University College. All Rights Reserved
Submitted wor
read / underst
significant erro
spelling, gramm
or word usage
Needs
Impr
36 o

Purchase answer to see full
attachment

cheap essay site

Order your essay today and save 30% with the discount code ESSAYSHELP