Government Mobile Apps Security Assessment & Strategy

For this research report you will research and then present your findings about cybersecurity issues specific to mobile applications. You will also provide a set of recommendations for best practices (your “strategy”) for security architectures and designs for mobile apps. 

Mobile applications are important because they allow citizens and other stakeholders to access information and services through the federal government’s digital government initiatives. For more information about requirements to provide mobile friendly websites and mobile apps see this blog posting from GSA.GOV https://www.gsa.gov/blog/2018/08/07/collaborating-for-better-design-technology-and-user-experience and the text of the Connected Government Act Public Law 115-114 https://www.congress.gov/115/plaws/publ114/PLAW-115publ114.pdf 

Note: this assignment requires inclusion of diagrams or graphics that help to explain the information provided in your analysis and strategy. You are not required to create these on your own. Instead, you should look for useful graphics/diagrams in the readings and use those to support your work. You must cite the source for each piece of artwork used in your project. Put a figure caption under the diagram or chart and then place the in-text citation at the end of the caption. See the example at the end of this file.

Research:

1. Review the Weekly readings.

2. Review recent changes in US Laws regarding the requirement for mobile friendly government websites.

a. https://www.congress.gov/115/plaws/publ114/PLAW-115publ114.pdf 

b. https://www.nextgov.com/ideas/2018/01/what-digital-government-cx-pros-should-know-about-connected-government-act/144987/

c. https://www.fedscoop.com/bill-mobile-friendly-government-websites-cruises-senate/ 

3. Research the “best” of federal mobile apps to see examples of the type of apps that other agencies have created in the past.

a. 19 of the Coolest Government Mobile Apps https://www.govloop.com/community/blog/cool-gov-mobile-apps/ 

b. 10 Most Entertaining Government Mobile Apps https://www.govloop.com/community/blog/10-most-entertaining-government-mobile-apps/

c. The Best Government Mobile Apps for Business…and Your Office https://www.govloop.com/community/blog/best-government-mobile-apps-business-office/

d. 3 Innovative Ways Agencies are Leveraging Mobile Apps http://fedscoop.com/great-government-mobile-apps 

4. Research the federal government’s perspective on mobile app security architectures and design recommendations. Here are three sources to help you get started:

a. App Developers: Start with Security
https://www.ftc.gov/tips-advice/business-center/guidance/app-developers-start-security  

b. Mobile Security Reference Architecture
https://s3.amazonaws.com/sitesusa/wp-content/uploads/sites/1151/downloads/2013/05/Mobile-Security-Reference-Architecture.pdf 

c. How to build a secure mobile app: 10 tips
https://www.techrepublic.com/article/how-to-build-a-secure-mobile-app-10-tips/ 

5. Research industry recommendations for mobile app security. Begin with the following sources:

a.  OWASP Mobile Security Project https://www.owasp.org/index.php/OWASP_Mobile_Security_Project 

b. Top 10 Mobile Risks (click on tab) https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Risks 

c. Mobile app security: Always keep the back door locked http://arstechnica.com/security/2013/02/mobile-app-security-always-keep-the-back-door-locked/  

6. Find five or more best practice recommendations for ensuring the security of mobile apps. These recommendations must include security for the platform (mobile device), the data on the device, and the transmission path between the device and the mobile application server. Your focus should be upon recommendations that can be implemented as part of a strategy for reducing risk.

Write:

Write a five to seven page report in which you summarize your research and present your “best practices” based strategy for reducing risk and ensuring security for government provided mobile apps and their users. You should focus upon clarity and conciseness more than length when determining what content to include in your paper. At a minimum, your report must include the following:

1. An introduction or overview of mobile apps for digital government. Include 5 or more examples of mobile apps recognized as being innovative or “best of category” applications for delivering government information and services to mobile devices. This introduction should be suitable for an executive audience.

2. A separate section in which you discuss the federal government’s requirements and recommendations for mobile app security architectures and the associated design recommendations. Write this section for non-technical managers; you will need to translate from tech-speak to manager-speak. Include at least three diagrams or pictures in this section and remember to include the appropriate in-text citations for the source (append to the figure caption).

3. A separate section in which you discuss industry’s recommendations for security architectures and risk reduction for mobile app security. Write this section for non-technical managers; you will need to translate from tech-speak to manager-speak. Include at least three diagrams or pictures in this section and remember to include the appropriate in-text citations for the source (append to the figure caption).

4. A section in which you present 5 or more best practice recommendations for building security (the confidentiality, integrity, availability, authenticity, and non-repudiation for Mobile Applications) into mobile applications used to deliver government information and services. Present these strategies as recommendations for reducing risk.

5. A separate section in which you summarize your research and recommendations.

Submit For Grading 

Submit your work in MS Word format (.docx or .doc file) using the Project 3 Assignment in your assignment folder. (Attach the file.)

Additional Information

1. Consult the grading rubric for specific content and formatting requirements for this assignment.

2. Your 5- to 7-page research report should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings and page breaks to organize your paper. 

3. Your paper should use standard terms and definitions for cybersecurity. See Course Resources > Cybersecurity Concepts Review for recommended resources.

4. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,DEC2018).docx.  

5. You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s page count. 

6. You should write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.  

7. You must credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.). 

Example Diagram with Citation and Reference List Entry

Figure 1. Enterprise Core Services (Adapted from Figure 1 in CIO Council, 2013, p. 5)

Federal CIO Council & Department of Homeland Security. (2013). Mobile security reference architecture. Retrieved from https://s3.amazonaws.com/sitesusa/wp-content/‌uploads/sites/‌1151/‌downloads/‌2013/05/Mobile 

Required Reading

• Chapter 5 in the text
• LE BA PHONG, LEI HUI, & THAN THANH SON. (2018). How Leadership and Trust in Leaders Foster Employees’ Behavior toward Knowledge Sharing. Social Behavior & Personality: An International Journal, 46(5), 705–720. https://doi.org/10.2224/sbp.6711http://search.ebscohost.com/login.aspx?direct=true&AuthType=shib&db=pbh&AN=129468910&site=eds-live&custid=s8501869&groupid=main&profile=eds_new
• CHANHOO SONG, KWANGSEO RYAN PARK, & SEUNG-WAN KANG. (2015). Servant Leadership and Team Performance: The Mediating Role of Knowledge-Sharing Climate. Social Behavior & Personality: An International Journal, 43(10), 1749–1760. https://doi.org/10.2224/sbp.2015.43.10.1749http://search.ebscohost.com/login.aspx?direct=true&AuthType=shib&db=pbh&AN=111059573&site=eds-live&custid=s8501869&groupid=main&profile=eds_new

Optional Resources:

Chapter 5 Journal articles

• Journal Article 5.1:Bormann, K.C. and Rowold, J. (2016) ‘Ethical leadership’s potential and boundaries in organizational change: a moderated mediation model of employee silence,’ German Journal of Human Resource Management, 30(3–4): 225–245.
• Journal Article 5.2:Haney, A.B., Pope, J. and Arden, Z. (2018) ‘Making it personal: developing sustainability leaders in business,’ Organization & Environment. DOI: 10.1177/1086026618806201

This week’s journal articles focus on transformation leadership and knowledge and knowledge sharing within an organization, please review these concepts and answer the following questions:

1. How do trustworthy and ethical leaders enhance knowledge sharing in organizations?  How does this impact the rate of information technology implementations?  How does this impact data management within organizations? 
2. How does servant leadership assist with transferring knowledge in an organization?
3. When thinking about data analytics, how does transformation leadership assist with building good data structures?

Be sure to use the UC Library for scholarly research. Google Scholar is also a great source for research.  Please be sure that journal articles are peer-reviewed and are published within the last five years.

The paper should meet the following requirements:

• 3-5 pages in length (not including title page or references)
• APA guidelines must be followed.  The paper must include a cover page, an introduction, a body with fully developed content, and a conclusion.
• A minimum of five peer-reviewed journal articles.

The writing should be clear and concise.  Headings should be used to transition thoughts.  Don’t forget that the grade also includes the quality of writing.

• 1 What are the essential ingredients of a symmetric cipher?
• 2 What are the two basic functions used in encryption algorithms?
• 3 How many keys are required for two people to communicate via a symmetric cipher?
• 4 What is the difference between a block cipher and a stream cipher?
• 5 What are the two general approaches to attacking a cipher?
• 6 Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?
• 7 What is triple encryption?
• 8 Why is the middle portion of 3DES a decryption rather than an encryption?

PC Fundamentals  

Student  Name:  

1. A ______________________ is a machine that is known as a thinking machine. By thinking we mean it processes data into meaningful information.  
2. The information processing cycle consists of the following processes:   
3. Some different types of computers include:    
4. The _____________________________ is known as the brain of the computer.  
5. The four basic types of hardware are:   
6. A_______________ is a type of computer for both home and office use which can operate independently of any other computer (it can think on its own).  
7. The two major computer operating systems are (we divided desktop computers into two categories). Not talking about the two types of software:      
8. System Software:     
9. The __________________ is the word to describe the physical parts of the computer that you can touch or hold in your hand.  
10. What kind of operating systems will you find on an ATM machine or a car’s entertainment system.   
11. A network is:  
12. ________________ help us do the things we need to do on the computer.  
13. Computers need ______________ to do everything, even the simple operation of shutting down properly.  
14. The _________________ helps us to operate our computer (software).  
15. What are the four types of keys on our Keyboard (Lesson Plan)?   
16. The left mouse button is used to (Lesson Plan) ___________________.  
17. What Does BIOS Stand for?   
18. Mac iOS and Android are examples of ______.  
19. RAM stands for ______________ access memory.  
20. ________ is a form of memory that stores all actively running programs. It is cleared out when the computer is turned off.  
21. F1 through F12 located at the top of the keyboard are known as _________________.  
22. What is a drive:  
23. Information that we give the computer  
24. What is a Processor’s Core: 
25. The right mouse button will produce a(n) ________________.  
26. Which are the 3 modifier keys.  
27. _________ is sets of instructions that tell your computer what to do.  
28. The Movement keys move the __________________.  
29. A Gigabyte is equal to ____________________  
30. A __________ is the speed at which a computer executes instructions.  
31. The display system that allows us to view our output much like a TV.  
32. The four basic types of hardware are 
33. The DVD-ROM is one example of a ________________ drive 
34. What is an output device? 
35. Programs that help you perform a specific task.

 Topic – Spam Email Detection

Research content (at least 1000 words and 6 references – 3 must be scholarly peer-reviewed articles)

Create visualizations using R Language as applicable, discuss findings

**Must be APA formatted** **College Level Writing****No grammar issues and no  spelling issues**

• Title Page – Include Group number and names of all contributors from the group
• No abstract is to be included
• Document body with citations (rewrite all information used from sources)
• Reference Page

Using the Internet, each member of your team should read at least One academically reviewed articles on Team designing. Summarize the articles in 300 words or more. Provide appropriate reference. 

Write a case study on 1-2 pages, take a e-business as an example and describe how project stakeholder management relates to the e- business and its operations.

Do your research on statistical  research methods and choose one article that used statistical qualitative research method. Review the article and write a report following  the steps below:

 1. Be approximately 3-5 pages in length, not including the required cover page and reference page.

2. Follow APA guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.

At least the article must be peer-reviewed, full-text article that used quantitative research methods from scholarly journals.

Note: When reading an article use the PECO to analyze the paper:

· P – Population being study, techniques used in the paper, E – Exposure (what), C – Control(how), 

O- outcome

Each community requires independent evaluation to identify the vulnerability of the area. Two of the contributing factors for this analysis are minority status and language limitations. The data may lack credibility due to the fear of reprisal for persons that fall into these categories. Exploring the social and physical characteristics, excluding these metrics can provide insight on the overall impact on the SVI.

Question 1: What impact does the exclusion of the metrics that represent minorities and language limited individuals have on the predictability of the CDC’s SVI, based on the 2018 data (CDC, 2018a; CDC, 2018b)?

Question 2: Does the CDC’s SVI have key characteristics that impact the preclude potential exclusion without limiting the overall predictability of the SVI, based on the 2018 data (CDC, 2018a; CDC, 2018b)?

Question 1: What impact does the exclusion of the metrics that represent minorities and language limited individuals have on the predictability of the CDC’s SVI, based on the 2018 data (CDC, 2018a; CDC, 2018b)?

Question 2: Does the CDC’s SVI have key characteristics that impact the preclude potential exclusion without limiting the overall predictability of the SVI, based on the 2018 data (CDC, 2018a; CDC, 2018b)?

Please refer file attached for more detail, looking for a paper of 800 words.

• 2.1 What are the essential ingredients of a symmetric cipher?
• 2.2 What are the two basic functions used in encryption algorithms?
• 2.3 How many keys are required for two people to communicate via a symmetric cipher?
• 2.4 What is the difference between a block cipher and a stream cipher?
• 2.5 What are the two general approaches to attacking a cipher?
• 2.6 Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?
• 2.7 What is triple encryption?
• 2.8 Why is the middle portion of 3DES a decryption rather than an encryption?