Information Security: The John McCumber Model Essay

1128 Words5 Pages
1) McCumber model:

There are number of different models proposed as framework for information security but one of the best model is McCumber model which was designed by John McCumber. In this model the elements to be studied are organized in a cube structure, in which each axis indicates a dissimilar viewpoint of some information security issue and there are three major modules in each axis. This model with 27 little cubes all organized together looks similar like a Rubik's cube. There are three axes in the cube they are: goals desired, Information states, and measures to be taken. At the intersection of three axes you can research on all angles of an information security problem.

Goals desired the three goals expected when you are
…show more content…
2) Confidentiality- Policy& practice- Transmission:
The university should have a policy for students and faculty, such as they are not permitted to share the lecture notes or subject information with anyone else who is not registered for the class or not authorized.
3) Confidentiality-Technology- Transmission:
The university should allocate separate username and password for only the students who are registered into the subject to check the lecture material and updates.
4) Confidentiality - Education& Training-Storage:
The university should educate the students and faculty to access authorized data without exposing the data to outsiders.
5) Confidentiality- Policy& Practice- Storage:
The university should have a policy, such as the access to lecture notes posted or info of the subject can be accessed by registered students only
6) Confidentiality-Technology- Storage:
The university should have the latest technology and antivirus to maintain the database servers from threats.
7) Confidentiality - Education& Training- Processing: The confidentiality can be protected in the state of processing through education is by educating and training the students and lecturers to exchange information among the authorized persons only through allocated secured student email.
8) Confidentiality - Policy and Practice-Processing:
The university should have a policy that the students and lecturers are authorized
Open Document