1. Data storage and access:
a. Access Control Solution:
i. Access control refers to the mechanisms that identify who can and cannot access a network, resource, application, specific action. ii. User access must be considered and then strategies to ensure that only the correct users are able to access the material but be designed. iii. Authentication, authorization, and access controls are closely related.
b. Discretionary Access Control:
i. DAC is based on the permissions associated with authentication credentials like a username and password or a smart card system object by way of an access control list. ii. Access to information is controlled by the owner of the information
c. Mandatory Access Control:
i. MAC assigns a security level to all information and clearances to each user.
ii.…show more content… CSA:
i. The Cloud Security Alliance provides guidance for critical areas of focus in cloud computing. ii. They provide guidance on cloud architecture, governing the cloud, and even operating the cloud. iii. As more and more technology moves to cloud based technology it is almost certain that the CSA will have new and emerging regulations that may impact the web application security landscape.
With the amount of business that UNFO is projecting for the website in the first year it is important to have a well thought out and documented plan for the implementation of the website. It is important to have documentation not only on the development and implementation but of everything involved in the development and lifecycle of the e-commerce platform. The project isn’t over once the website is up and open for business, there is always continued development to improve the site and make if more secure. References
• Harwood, M. (2011). Security strategies in Web applications and social networking. Sudbury, Mass.: Jones & Bartlett Learning.
• European Union Agency for Network and Information Security. (n.d.). ENISA. Retrieved May 31, 2014, from