Dtgov digital signatures | Computer Science homework help
Complete the assigned weekly reading and review the case study below and Respond to the questions below in a 3 pages Word document.
Case Study Example
With DTGOV’s client portfolio expanding to include public-sector organizations, many of its cloud computing policies have become unsuitable and require modification. Considering that public-sector organizations frequently handle strategic information, security safeguards need to be established to protect data manipulation and to establish a means of auditing activities that may impact government operations.
DTGOV proceeds to implement the digital signature mechanism specifically to protect its Web-based management environment (Figure 10.6). Virtual server self-provisioning inside the IaaS environment and the tracking functionality of realtime SLA and billing are all performed via Web portals. As a result, user error or malicious actions could result in legal and financial consequences. Image Figure 10.6 Whenever a cloud consumer performs a management action that is related to IT resources provisioned by DTGOV, the cloud service consumer program must include a digital signature in the message request to prove the legitimacy of its user. Digital signatures provide DTGOV with the guarantee that every action performed is linked to its legitimate originator. Unauthorized access is expected to become highly improbable, since digital signatures are only accepted if the encryption key is identical to the secret key held by the rightful owner. Users will not have grounds to deny attempts at message adulteration because the digital signatures will confirm message integrity.
Answer the following questions in a substantive manner:
1. Do you agree that digital signatures are the best way to protect the data in question?
2. Do you agree with the author’s statement that digital signatures provide a guarantee that every action performed is linked to its legitimate originator?
3. DTGOV appears to be Canadian based. Does PIPEDA have any rulings on digital signatures?