Want to create interactive content? It’s easy in Genially!
The McCumber Cube
Diego Torres Luna
Created on June 13, 2023
xd
Start designing with a free template
Discover more than 1500 professional designs like these:
Transcript
The McCumber Cube
By: Diego Torres Luna
Index
- Cover (1)
- Index (2)
- What is? (3)
- Relevant data (4)
- Security Goals (5)
- Information States (6)
- Countermeasures (7)
- An example (8)
- Video (9)
- Question (10)
- Conclusion (11)
- Game link (12)
What is?
The McCumber Cube is a model framework for establishing and evaluating information security programs created by John McCumber in 1991 . It consists of three dimensions: confidentiality, integrity, and availability, which are used to evaluate security in a layered approach. The McCumber Cube is a popular tool for assessing IT security and risk management and has been modified to create an attack taxonomy.
Here you can include a relevant fact to highlight
Each dimention contain 3 attributes
The 3 dimentions of the McCumber Cube - Security Goals
- Information States
- Conutermeasures
Security Goals
- Confidentiality is a set of rules that prevents sensitive information from being disclosed to unauthorized persons, resource space, and processes. Methods used to ensure confidentiality include data encryption, authentication, and access control.
- Integrity ensures that information or system processes are protected against intentional or accidental modification. One way to ensure integrity is to use a hash or checksum function.
- Availability means that authorized users can access systems and data when and where it is needed and those who do not meet the established conditions are not. This can be accomplished by maintaining your computer, performing hardware repairs, keeping operating systems and software up to date, and creating backup copies.
Information States
- Processing refers to data that is used to perform an operation such as updating a database record (in-process data).
- Storage refers to data stored in memory or on a permanent storage device such as a hard drive, solid state drive, or USB drive (data at rest).
- Transmission refers to data that travels between information systems (data in transit).
Countermeasures
- Awareness (People), training, and education are the measures implemented by an organization to ensure that users are informed about potential security threats and the actions they can take to protect information systems.
- Technology refers to software (and hardware)-based solutions designed to protect information systems such as firewalls, which continually monitor your network for potential malicious incidents.
- Policy and procedure refer to the administrative controls that provide a foundation for how an organization implements information assurance, such as incident response plans and best practice guidelines.
- In the transmission of the information we need to have confidentiality when we are sending the info with a secure technology so the info can arrive safely
How to apply this in daily life?
Suppose you want to share this table with your boss, so you apply the following...
Video
This video is not mine, but it can help to know more about the McCumber Cube...
Question
Conclusion
This model offers a comprehensive and effective way to address information security challenges in modern organizations.