Free Essay

O1` Valero Energy, Elkay Manufacturing, J&J, and Overstock.Com: the Move Toward Fact-Based Decision Making

In: Business and Management

Submitted By stimunga
Words 1010
Pages 5
ST.PAULS UNIVERSITY

FACULTY OF BUSINESS AND COMMUNICATION

DEPARTMENT: COMPUTER SCIENCE

UNIT CODE: BSC 3206

UNIT TITLE: COMPUTER SECURITY

TASK: ASSIGNMENT

STUDENT ADM: BSC/LMR/2065/15

1.Differentiate between symmetric and asymmetric encryption.
SYMMETRIC ENCRYPTION This is also referred to as Secret Key Encryption. In this type of encryption a secret word which could either be a number, word or string of characters is applied to the text of a message to change the content in a particular way such as shifting each letter by a number of places in the alphabet but both the sender and the receiver should know the secret key in order to encrypt and decrypt all messages that use this key. Symmetric Encryption is more efficient and is more efficiently used for bulk data encryption. Symmetric key encryption can use either stream ciphers which encrypt the digits of the message one at a time and block ciphers that take a number of bits and encrypt them as a single unit padding the plain text so that it is a multiple of the block used. Widely used symmetric key algorithms include Blowfish, Serpent, Advanced Encryption Standards (AES) and Data Encryption Standard (DES).

Disadvantages
-During exchange of secret keys over the internet while preventing them from falling into the wrong hands since anyone who knows the secret keys can decrypt.
ASYMMETRIC ENCRYPTION
There are two related keys. A public key used for encrypting and a private key used for decrypting .A public key is made freely available to anyone who might want to send a message and a second private key is kept secret so that only you know it. Any message that is encrypted by using the public key can only be decrypted by using the matching private key and any message encrypted using the private key can only be decrypted by using the pubic key .Asymmetric encryption is often used for secure key exchanges. Widely used asymmetric algorithms are RSA and DSA.
Disadvantages
-Asymmetric encryption is slower than symmetric encryption since it requires more processing power to both encrypt and decrypt the content of the message.

2. Discuss Intrusion Detection
This is the type of security management system for computers and networks. Intrusion Detection systems gather information and analyzes information from various areas within a computer or network to identify possible security breaches including intrusions that is attacks from outside and misuse. It uses vulnerability assessment (scanning) technology developed to assess the security of s computer system or network.

The Intrusion Detection system follows a two step process:
a. Host-based that is considered the passive components. It includes inspection of the system’s configuration files to detect inadvisable settings,
b. Network-based that is considered the active components where the mechanisms are set in place to reenact known methods of attack and record system responses.
Prevention involves implementation of mechanisms that users cannot override and that are trusted to be implemented in a correct, unalterable way so that the attackers cannot defeat the mechanism. Simple preventative mechanisms such as password aim to prevent unauthorized users from accessing the system. Preventative mechanisms prevent compromise of parts of the system, once in place the resource protected by the mechanisms need not to be monitored for security problems.

3. Describe the following Access Control Mechanisms
a)Bell Lapadula
This model prevents the unauthorized disclosure of information .It was developed by David Elliot Bell and Leonard J. Lapadula. This model is a multilevel security system used by the US military and government which uses classification levels in conjunction with a user’s security clearance level in order to prevent information from being leaked or mishandled.
It is a multi-level security system in that multiple users with different clearance levels can access the same system.
It has classification levels rated lowest to highest.
SUBJECT (Security Clearance) OBJECT (Security Classification)
TOP SECRET (TS) User 2& 4 Personnel Files
SECRET(S) User 3&1 Electronic Mail Files
CONFIDENTIAL(C) User 6&7 Activity Log Files
UNCLASSIFIED (UC) User 8,9,10 Telephone List Files
The people I trust with my personnel files and electronic mail files must have a clearance level to have access to important information. An object can be a file or data resource on a system that does nothing without interaction ,it has a security classification for example the security classification of Activity Log Files is CONFIDENTIAL(C).A subject is the user of the object and has a security clearance ;User 3 ‘s security clearance is SECRET.
The goal of the Bell Lapadula security Model is to prevent read access to objects at a security classification higher than the subject’s clearance.
Simple Security rule states that a subject cannot read an object with a higher classification level than the subject’s clearance level. For example User 6 and 7 cannot read personnel files but user 2 and 4 can read Activity Log Files, meaning with the Simple Security rule you can only read at your level of comprehension and lower.
Star Property Rule states that a subject cannot write to a lower classification .Foe example because the activity log files are classified C and user 4 has clearance of TS, the user cannot write to the activity log files.
Strong Star Property rule states that a subject can read and write to an object if they share the same clearance level.

b)Chinese Wall Model
This is a model of a security policy that refers equally to confidentiality and integrity. Its idea stems from the ability to read or write information .In that you are able to access any information you want from any company but once you access that information you are no longer allowed to access information from another company within that class of companies.
An object is the lowest level of the chart and can be any information related to a company.
A company dataset (CD) contains objects related to a single company.
A conflict of Interest (COI) contains datasets of companies in competition.

References
Computer Security Art And Science Matt Bishop…...

Similar Documents

Premium Essay

J and J

...Johnson & Johnson developed the tamperproof packaging that would make it much more difficult for a similar incident to occur in future. How Did Johnson & Johnson Make These Decisions? The public relations decisions made in light of the Tylenol crisis had to have come from somewhere. This basis for decision making became a bit more clear in 1983, when the New Jersey Bell Journal published article written by Lawrence G. Foster. Foster, Corporate Vice President of Johnson & Johnson, at the time of the Tylenol poisonings, joined the company in 1957 and helped the company build its first public relations department. In this article he explains that Johnson & Johnson simply turned to their corporate business philosophy, which they call "Our Credo," when determining how to handle the Tylenol situation. Foster discusses that although, at the time of the crisis, corporate planning groups were including crisis management in their preparations for a healthy business environment, no crisis management plan would have been appropriate to tackle the Tylenol poisonings. This is because no management could ever be prepared for a tragedy of this scale. So, Johnson & Johnson turned to their credo for help. "It was the credo that prompted the decisions that enabled us to make the right early decisions that eventually led to the comeback phase," said David R. Clare, president of Johnson & Johnson at the time. (Foster, 2) The credo was written in the mid-1940's by......

Words: 836 - Pages: 4

Premium Essay

Making Decisions Based on Demand and Forecasting

... Myopic Addiction Demand Model 30 Rational Addiction Demand Model 30 Demand Specifications for Monthly Time-Series Data 30 Apply Instrumental Variable Techniques 31 Administer Specification and Diagnostic Tests 33 Coefficient Tests 33 Residual Tests 34 Specification and Stability Tests 36 Multicollinearity 38 Specification and Diagnostic Test Examples 38 Cross-Sectional Data 38 Understand the Limitations of Aggregate Time-Series Data 40 Investigate Individual-Level Demand Decisions 40 Define Key Variables 41 Specify Demand Functions for Cross-Sectional Data 46 Demand Models for Household or Individual Level Data 47 Expect Results for Quantitative Independent Variables 51 Expect Results for Qualitative Independent Variables 52 Pooled Time-Series and Cross-Sectional Data 55 VII. Review and Understand the Results 56 Calculate Elasticities of Demand 56 Conventional Demand Model 56 Addictive Demand Models 58 Expect Results for Quantitative Independent Variables 59 ...

Words: 36281 - Pages: 146

Premium Essay

Making Decisions Based on Demand and Forecasting

...Making Decisions Based on Demand and Forecasting Robyn Wilson Strayer University Econ 550 Assignment One January 31, 2013 Report the demographic and independent variables that are relevant to complete a demand analysis providing a rationale for the selection of the variables. Demographics are an important variable when choosing target marketing strategies. The variables are relevant to complete a demand analysis by providing a rationale for the selection of the variables. Whithin my area, Cross, SC, I am looking at local demographics and paying special attention to the following: • Age: Persons under 18 years percent 27.4% • Income levels: Average 39,779 per household • Persons below poverty level: 17.2% • Education: Bachelor degree age 25+ percent 13.1% • Housing: ownership rate 57.9% Making an informed analysis will inform you about the spending and eating habits of the people who live in the servicing area. Demogrphics give you a clear understanding of the areas behavior, values, cultures, interests and lifestyles of the community. Data research was consider because of the amount of time given for the assignment. The success of Domino’s opening a location in Cross, SC will depend on the factors listed above. Having a customer loyalty program that will have frequent customers that will come buy the products will help the company save on selling......

Words: 868 - Pages: 4

Premium Essay

Making Decision Based on Demmand and for Forcasting

...Making Decision Based on Demand and For Casting Presented By: Earnest Lee Sims Presented By: Dr. Domino’s pizza is conducting data to decide to whether to open a store in Lake Providence, Louisiana. Domino’s pizza will complete an indept evaluation and research of this city to determine should they open up a store and the potential demand for the area. Domino will collect data and information on the following areas males, females, children, population, unemployment, and income and food environment. Upon collecting conduct a regression analysis. According to McCvigar. Moyer, and Harris stated that “given any particular value of (mana gerial economics, doll). We can therefore, assess demand for Domino pizza in Lake Providence, Louisiana on various factors such as population, education and food environment. Demographic and Independent Variables The new location of a new Domino’s pizza will be in Lake Providence, Louisiana 71254 which is located in East Carroll Parish, we will be conducting a demand analysis on Lake Providence being the only major city has a population of 3,848 in 2012 in East Carroll Parish in 2012 (city-data). The population also consists 1,728 or 44.9% males, 2,120 or 55.1% females, median resident age 31.0 years, income $19,650, number of grocery stores 3, and number of full services restaurants. Population and income will play a crucial role in Domino’s pizza decision to open up a chain in Lake Providence, Louisiana. According to McGigan, Moyer and......

Words: 549 - Pages: 3

Premium Essay

Making Decisions Based on Demands

...Making Decisions Based on Demand and Forecasting Latonya Woodrow Instructor Name: Dr.Samuel F. Onipede ECO 550 –Managerial Economics and Globalization July 21, 2013 College Students buy pizza in large quantities for a cheap price, but if the prices were to increase, then these same students may look for similar alternatives that will not empty their wallets.   These are possible alternatives that offer a large quantity of food at a reasonable price that can affect the demand of pizza.   However, monitoring the costs of the competing fast food restaurants in the Charlotte, North Carolina, area will allow Domino’s Pizza to offer certain specials and pizza deals to the community that can keep their demand at a high rate. A market demand analysis is used to help understand how much consumer demand there is for a given product or service.   This type of analysis will help determine if a business can successfully enter a market and generate enough revenue and profit to maintain the business.   One must identify the market and the growth potential. Domino’s Pizza was incorporated in 1963 and has been franchising since 1967.   A traditional Domino’s store is located in shopping centers and/or strip malls with appropriate parking for delivery vehicles and walk-in customers for carry-out services...

Words: 1234 - Pages: 5

Premium Essay

J&J Johnson and Johnson

...situation………………………………………………………..………………... 3 What to do in the Future……………………………………………………..……..…….4 List of literature……………………………………………..……………………..…….4 SWOT Johnson & Johnson Johnson and Johnson is known as the largest and most extensive healthcare producer on the planet. The company has divisions straight through consumer markets, pharmaceutical and professional medical markets. This means they have a wide variety of products to serve the people around the world. This variety allows Johnson and Johnson to have a great product diversification and not focus just on one product. The pharmaceutical, Medical Devices & Diagnostics and Consumer Health division try to act independent, this allows a greater range of choice when It comes to the decision process. One of the strength is that Johnson & Johnson has a sustainable marketing arsenal, they can fall back upon a network of affiliates, which dispose a lot of expertise in sales and marketing as in some therapy areas. The company always tries to attract joint venture possibilities, with its global sales force. Johnson & Johnson also maintained a robust financial position by utilizing cash reserves to finance timely corporate acquisitions. ( http://marketingteacher.com/) The company possesses a global sales force which proves a strong global market. The sales went up 13 percent in the most important markets like Brazil, Russia, India and China, plus they launched a couple of new pharmaceutical products in the......

Words: 966 - Pages: 4

Premium Essay

Information Based Decision Making

...| Information based decision making | Unit 5002V1 | | | 4/1/2015 | Task 1 (600-700 words): A.C.1.1 – Examine the nature of data and information Data comprises of factual information. Data are the facts from which information is derived. Data is not necessarily informative on its own but needs to be structured, interpreted, analysed and contextualised. Once data undergoes this process, it transforms in to information. Information should be accessible and understood by the reader without needing to be interpreted or manipulated in any way. Knowledge is the framework for understanding information and using it to inform judgements, opinions, predictions and decisions – a pyramidal relationship (See diagram 1) Diagram 1: There are 2 types of knowledge: 1) Explicit knowledge (“know that”) – derived from facts, easily communicated via hard data and facts and 2) Tacit knowledge (“know how”) – more of a personal framework informed by beliefs, schemata, mental frameworks, difficult to verbalise or write down, more based on process rather than factual content. In the field of knowledge management, tacit knowledge is individual specific and can be acquired without language through observation and practice. This type of knowledge is acquired through experience, and therefore from a knowledge management perspective, shared experiences are a key platform to share tacit knowledge. A clinical example: The Trust has a standard assessment proforma for new patients...

Words: 2953 - Pages: 12

Free Essay

Standard Based Decision Making

...Standard-Based Decision Making Courteney Alderman ETH/376 March 23, 2015 Juanita Davis Audit Opinions When performing an audit there are four different types of audit opinions that Green and Associates can provide when the audit has been finished. They can provide an unqualified, unqualified with explanatory paragraph, qualified, and an adverse opinion. * Unqualified opinion- An auditor can give an unqualified opinion when it comes to a company’s financial statements when the financials show their financial position, shows the results of their operations, and shows the company’s cash flows. This type of opinion can also be known as a clean opinion which means that the financials show to be presented fairly. * Unqualified with explanatory paragraph opinion- This type of opinion only happens when one of five situations are reported. When a justified departure from GAAP happens, when there is an inconsistent application of GAAP, when there is a growing concern, when there is an emphasis of a matter, and when there is a need to reference other auditors. * Qualified opinion- This type of opinion means that the auditor has taken an exception to certain current-period accounting applications or is unable to establish the potential outcome of a material uncertainty. Also meaning that the auditors’ reservations or has an uncertainty about how fairly the material is presented in some different areas of the financial statements. This opinion is stated qualified......

Words: 777 - Pages: 4

Premium Essay

J&J Analysis

...Summers Daniel Vijayakumar SUMMARY Johnson & Johnson (“J&J”), one of the largest, well-known organizations in the world, produces products for consumer health care and for use by medical professionals in care and diagnostics. Some of their most recognizable brands include Tylenol, Neutrogena, Listerine, Band-Aid and Reactine. These, along with their many other brands, are produced in over 60 countries by more than 250 different operating companies that make up the J&J organization. In total, more than 114,000 employees are part of the organization, and they are managed through a system of decentralized management with a wide span of control. J&J faces the unique challenge of trying to create one corporate culture that all parts of their organization believe in and adhere to. One of the strategies used to combat these obstacles is values-based leadership and linking employees and subsidiaries under a common set of values, as outlined in "Our Credo". J&J works extremely hard to uphold their Credo, which was written by Robert Wood Johnson – one of the founders of the organization – in 1943. It is a set of values that J&J vow to work by and which lend to the present culture that is so important in the organization today. J&J also attempts to induce a culture of innovation and promote diversity and acceptance of differences throughout its subsidiaries. Since organizational culture is such a vital piece in connecting J&J’s subsidiaries, a very strong culture has developed. In......

Words: 5893 - Pages: 24

Premium Essay

Exxon Valdez, J&J

...Exxon was fined $150 million, it was the largest fine imposed for an environmental crime. The court forgave $125 million in acknowledging Exxon’s cooperation in cleaning up the spill. During the clean-up, Exxon hired thousands of workers through several companies. There were more than 11, 000 workers, 1, 400 vessels and 80 aircraft involved. No one knows how many animals died and were affected from the oil spill. Exxon assured that no people were harm during the incident. II. ANALYSIS Oil Spill is the release of liquid petroleum to different bodies of water that threatens the environment. This tremendous incident that shocked almost everybody affected the ecosystem. Exxon Valdez was considered as one of the largest companies among the energy industries in the United States. Exxon’s failure to recognize the problem right after the incident made the situation worse. CEO Lawrence Rawl refused to be interviewed and avoided the public to apologize and explain what had happened. The public misinterpreted his behaviour in taking full responsibility to the incident. After the crisis, they came up with different strategies in order to regenerate the reef in Alaska’s Prince William Sound including the other affected areas. Media center was set up to disseminate information immediately. Since the nonappearance of the CEO was being questioned, he was criticized for not rescuing sea birds himself. Fortunately, the company coordinated with animal rescue centers and consulted the......

Words: 2581 - Pages: 11

Premium Essay

Evidence Based and Decision Making and Discovery

...Evidence Based Decision Making and Discovery | |Compare |Contrast | |Quantitative Research |-Requires the collection, analysis, and |-Research is deductive, logical or | | |reporting of data. |reasonable. | | |-Reporting data consist of supplying |-A hypothesis is needed to begin research. | | |readers with participant information, data |- The researcher is ideally an objective | | |patterns, recognition of biases, and |observer that neither participates in nor | | |further research to be conducted |did influence what is being study (Barnes, | | |surrounding the topic. |2005). ...

Words: 653 - Pages: 3

Premium Essay

Decision Making Based on Mission and Vision of an Organization

...Decision Making Based on Mission and Vision of an Organization Donna Wahlmeier MHA 601 Professor: Martha Plant September 5, 2011 Decision Making Based on Mission and Vision of an Organization The following case study will be examined to find the best possible solution to the problem that will be in the best interest of the Community Medical Center. During this examination we will use the mission statement that will best fit the organizational. The president needs to make a decision that will benefit all involved and follow the mission statement that the organization stands by. The mission statement for Community Medical Center states: The mission of Community Medical Center is to improve the health of our community by providing high quality, caring, culturally appropriate primary health care that addresses the needs of people .In order to accomplish this mission in a way that is consistent with the values of the organization, programs and policies must be established. Medical Center is committed to maintaining and improving the health of all County residents. The Medical Center will provide comprehensive, high quality medical treatment, health promotion, and health maintenance through an integrated system of hospitals, clinics, and health services staffed by individuals who are responsive to the diverse cultural needs of our community. The Medical Center, as a training institution, is committed to maintaining an environment that is supportive of a wide......

Words: 1253 - Pages: 6

Premium Essay

J and J

...  In industries as competitive as pharmaceutical, medical devices and consumer goods, analyzing the environment is vital for being able to make sound strategic decisions. Since Johnson & Johnson strives to anticipate the external factors that affect its international business environment, as well as adapt to those changes, it is important that it understands the environment in which it is operating. The two sets of external forces that face the company are competitive and contextual.   A. Competitive Environments – Five Forces Model   Michael Porter’s five forces model provides a way of analyzing Johnson & Johnson’s competitive environment. Due to a lack of available information about the bargaining power of suppliers as it applies to Johnson & Johnson, this paper will address the four other forces: the threat of new entrants, the threat of substitutes, the bargaining power of customers, and the rivalry among industry competitors. 1. The Threat of New Entrants – High Barriers to Entry The threat of new entrants is not of particular concern to Johnson & Johnson. Barriers to entry, especially in the industries of pharmaceuticals and medical devices, are extremely high if not unsurpassable. The world’s top pharmaceutical companies have extensive manufacturing capabilities, distribution systems, and economies of scale that have been built up over decades and would be virtually impossible for a new entrant to replicate.......

Words: 4303 - Pages: 18

Free Essay

J&J Strategy

....................................................................................................62 . 1. L’ Azienda 2.1 Informazioni generali Johnson & Johnson è una società farmaceutica multinazionale americana che produce farmaci, apparecchiature mediche e prodotti per la cura personale e l'automedicazione. Il quartier generale della società è situato a New Brunswick (New Jersey), USA. La sua divisione prodotti di consumo è situata a Skillman (New Jersey). La società comprende circa 230 filiali che operano in 57 diversi stati. I suoi prodotti sono venduti in 175 diversi paesi. Nella seguente figura è rappresentata la distribuzione nei vari paesi in funzione dell’anno di insediamento: Figura 1: Filiali J & J nel mondo In particolare troviamo: * Europa: Austria, Belgio, Croazia, Finlandia, Francia, Germania, Gran Bretagna, Italia, Olanda, Polonia, Repubblica Ceca, Slovacchia, Slovenia, Svezia, Turchia, Spagna, Portogallo, ecc. * America del Nord: Stati Uniti, Canada. * America del Sud: Brasile, Argentina, Perù, Colombia, Messico, Venezuela, Cile ecc. * Asia: Giappone, India, Cina, , Filippine, Thailandia, ecc. * Oceania: Australia, Nuova Zelanda, ecc. * Africa: Sud Africa, Egitto. La società si presenta con molti brand, tra cui i principali sono: I prodotti che offre coprono una vasta gamma di farmaci di prescrizione e da banco, linee di fasciature e medicazioni,......

Words: 15412 - Pages: 62

Premium Essay

Information Based Decision Making

...the criteria a manager will use for selection of data and information An explanation of how managers filter/evaluate which data/information is useful and what is not useful. 1.4 List and discuss local legislation/UK. Legislation that protect against the collection of data and information 2.1 state a few models Evaluate at least 2 of the models Examples - Adair model SWOT SPELT Rational model Pros & cons 2.2 Name/list of persons Examples of how they would analyze information to make a decision 2.3 list the methods of presenting decision made and valuated as least 2 methods – how a senior manager will present decision to - Board - Other Manager - Stake holder 3.1 evaluate how a middle manager will communicate the decision to the staff 3.2 discuss the process of implementing a communication method How would you put in place a communication method to share decision with others? Example - Meeting – what is the best time to have the meeting - E-mail – do everyone have and e-mail account / how often do they check the e-mail 3.3 evaluate on 3.2 How effective is the communication method to the organization Is it effective will it work...

Words: 250 - Pages: 1