'Evaluative Writing Essay\r'

'This phrase is based on the art of snipe pr flattion and it aims at illustrating how certification measures sharpshoot scenarios en castle be functiond to divulge the effectiveness of a trunk in preventing a dodging firing. Through the use of a outline known as eSAP, the authors subscribe made a report on how scenarios of executable attacks were selected and tested coarse recommendations based on their results. The article comes in clever especi in ally at a time where the bug out on in tropeation carcass security is sooner vital for companies to maintain.\r\nThis report meditates the article by Haralambos, Paolo and Gordon’s article as to determine its appropriateness, effectiveness and asperity of the see. Throughout the study, illustrations and comparisons will be used to approximate the work. Further justifications will be attached for all arguments confide forth. Evaluation The generator starts of the stem sort of well by apologiseing what the paper will adopt in the introduction. This gives the withdrawer an overview of what to expect because he or she already has an thinking of what the article is about (Memering’, 2008).\r\nThe fashion in which the introduction is done is as well as stimulate such(prenominal) that the ratifier is encouraged to read on. Further, the authors let on the article by referring to another article from which the latest one stems from. This actually encourages the reader to desire to read the previous article. For those that squeeze outnot access it however, this is a disadvantage to them. consortly, it would have been wise for the writers to start with a brief memorial of the previously completed work so that the reader does commode effectively understand where they started.\r\nFailure to do this is on that pointfore a flaw in the paper and could impact on the desire of the reader to timbre at the paper. The authors make use of a in truth life example in the article to explain how the use of scenarios can be used to analyze the information trunks design. eSAP (electronic Single Assessment Process) is assessed to victimization possible security attacks to establish whether its three main security features which include integrity, availability and privacy can be achieved in case of an attack (Haralambos, Paolo and Gordon, 2007).\r\nAttacks such as interruption, interception and modification were used to check eSAP. The use of an example not wholly makes the article more fire to read but similarly enhances the understandability or the reader so that he or she can grasp exactly what the writers intend to say (Memering’, 2008). at any rate this, the authors make use of a diagram for illustration. harmonise to Memering, 2007), this is an effective way of making the readers to get the idea that the author is trying to pass across at a glance.\r\nFor example, when a procedure is described in move, the reader can actually follow these ste ps to and understand the described process better than when only the text was available. The article by Haralambos, Paolo and Gordon is quite expedient in attack prevention. In the current times, more companies have been faced with threats of system attacks hence the bespeak to avoid them. An example is a recent attack on Kaspersky, a major anti-virus vendor which occurred on the customer support site in February 2009 (O’Donnell, 2009).\r\nSince this paper handlees the possible ways in which systems meant to handle such cases can be tested, it is of significant importance. This paper could form a useful background for information system analysts to gauge the ability of different systems to effectively address the desired security cin one caserns. Another reason wherefore this article is very useful is that for every cistron tested, there is a recommendation given to get the likelihood of the occurrence of that action in factual life. For example, after exam the sou ndity of passwords and the ability of the system to keep off intruders, the authors suggest the use of one-time passwords.\r\nsuch(prenominal) kind of advice could be used by technicians to tho enhance system security and thereby hold dear it from attack. This study is quite relevant in the study of information system security because it is quite peculiar in its own way. While other studies concentrate on showing the likely situations that are may face the security system, this paper suggests ways of testing them as well. Liu and Yu (2007) are some of the authors who came closest to doing this kind of research by analyzing the possible intentions of attackers which are also contained in this paper.\r\nThey however left the research at that and did not proceed to test the scenarios. According to Liu and Yu (2007), once the attackers’ intentions are identified, the countermeasures to prevent attack can so be identified. They however fail to show the criteria that would be used to prevent attacks. Through the use of the eSAP scenario, Haralambos, Paolo and Gordon introduce out the concept so well and even give suggestions on how to handle attacks. It is a impregnable way of testing the effectiveness of a system in handling divers(a) security attacks which the wariness can utilize to establish which system to use in attack prevention.\r\nThis is in line with what Liu and Yu (2009) suggest. According to them, a system can only be useful if it performs the job it is designed for. As an example, there is no way a system can allow every employee in a subdivision to have a password and expect that this to be a secure way of protecting their system from attackers. This is a well researched article and it would be secure to say that it is valid both in price of facts and expressions made by the authors. Before the authors could perform the test, a set of scenarios are selected which are then put through a scenario validation procedure.\r\nThis is done using software inspections so that the data validity is assured. The authors also make use of numerous sources to as reinforcement for the study which makes the information contained valid to a large extent. Conclusion A paper that succeeds in put across the desired message is said to be appropriate. If it is of benefit, then it is useful to the leaders. Should the paper give facts that can be evidenced then we can move over to say that it is valid. The article by Haralambos, Paolo and Gordon leaves the reader with a lot of knowledge to grasp.\r\nIt is well researched using various books and the results can be said to be valid as they made use of a original life situation to test the system. The authors make the article simpler to understand through the use of examples and a diagram. The recommendations given in the paper could also prove useful to future managers and system technicians in designing strategies of attack prevention.\r\nReferences Liu, L. , Yu, E. , Mylopoulos, J . , (2007). Analyzing Security Requirements as Relationships Among Strategic Actors, Proceedings of the second Symposium on Requirements Engineering for Information Security (SREIS’02), Raleigh-North Carolina. Memering, D. (2008). The writer’s work: guide to effective composition. impertinent York: Prentice-Hall. Mouratidis, H. , Giorgini, P. & Manson, G. (2007). Using Security Attack Scenarios to probe Security During Information Systems Design. Retrieved on July 20, 2009 from http://homepages. uel. ac. uk/H. Mouratidis/Paper91_CR. pdf O’Donnell, A. (2009). Kaspersky suffers attack on support site, no apparent data breach. Retrieved on July 20, 2009 from http://blogs. zdnet. com/security/? p=2511\r\n'