Richman Investments is an investment and consulting firm Richman wants to expand its business operations both in the U S and in foreign countries Richman intends to eventually have 10,000 employees in 20 countries The Richman corporate headquarters is located in Phoenix, Arizona Currently there are eight branch offices in Atlanta, Georgia Chicago, Illinois Cincinnati, Ohio Denver, Colorado Los Angeles, California Montreal, Canada New York City, New York Washington, D C The North American offices have a total of 5,000 employees who use desktops, laptops, and wireless devices All offices deal with several sensitive applications Management from each office shares application information hosted at the corporate office Instructions Based on the security objectives in the following table, design an enterprise encryption strategya public key infrastructure (PKI) that supports internal employees, external business partners, and clients Include the design and reasoning for using the selected encryption strategy Security Objective Description Privacy or confidentiality Keeping information secret from all but those who are authorized to see it Integrity Ensuring information has not been altered by unauthorized or unknown means Entity authentication or identification Corroborating the identity of an entity, for example a person, a computer terminal, or a credit card Message authentication Corroborating the source of information, also known as data origin authentication Signature Binding information to an entity Authorization Providing conveyance, to another entity, of official sanction to do or be something Validation Providing timeliness of authorization to use or manipulate information or resources Access control Restricting access to resources to privileged entities Certification Endorsing information by a trusted entity Timestamping Recording the time of creation or existence of information Witnessing Verifying the creation or existence of information by an entity other than the creator Receipt Acknowledging that information has been received Confirmation Acknowledging that services have been provided Ownership Providing an entity with the legal right to use or transfer a resource to others Anonymity Concealing the identity of an entity involved in some process Nonrepudiation Preventing the denial of previous commitments or actions Revocation Retracting certification or authorization

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Sep 26, 2024

Richman Investments is an investment and consulting firm. Richman wants to expand its business operations both in the U.S. and in foreign countries. Richman intends

Richman Investments is an investment and consulting firm. Richman wants to expand its business operations both in the U.S. and in foreign countries. Richman intends to eventually have 10,000 employees in 20 countries.

The Richman corporate headquarters is located in Phoenix, Arizona. Currently there are eight branch offices in:

Atlanta, Georgia

Chicago, Illinois

Cincinnati, Ohio

Denver, Colorado

Los Angeles, California

Montreal, Canada

New York City, New York

Washington, D.C.

The North American offices have a total of 5,000 employees who use desktops, laptops, and wireless devices. All offices deal with several sensitive applications. Management from each office shares application information hosted at the corporate office.

Instructions:

Based on the security objectives in the following table, design an enterprise encryption strategya public key infrastructure (PKI) that supports internal employees, external business partners, and clients. Include the design and reasoning for using the selected encryption strategy.

Security Objective	Description
Privacy or confidentiality	Keeping information secret from all but those who are authorized to see it
Integrity	Ensuring information has not been altered by unauthorized or unknown means
Entity authentication or identification	Corroborating the identity of an entity, for example a person, a computer terminal, or a credit card
Message authentication	Corroborating the source of information, also known as data origin authentication
Signature	Binding information to an entity
Authorization	Providing conveyance, to another entity, of official sanction to do or be something
Validation	Providing timeliness of authorization to use or manipulate information or resources
Access control	Restricting access to resources to privileged entities
Certification	Endorsing information by a trusted entity
Timestamping	Recording the time of creation or existence of information
Witnessing	Verifying the creation or existence of information by an entity other than the creator
Receipt	Acknowledging that information has been received
Confirmation	Acknowledging that services have been provided
Ownership	Providing an entity with the legal right to use or transfer a resource to others
Anonymity	Concealing the identity of an entity involved in some process
Nonrepudiation	Preventing the denial of previous commitments or actions
Revocation	Retracting certification or authorization