Scribd Logo
Upload

Welcome to Scribd!

  • CSC 410 Day 29 The Aerowright Case

    Uploaded by

    Alex Tran
    9 views10 pages
    1) The case discusses an IT security breach at the aerospace company Aerowright after they implemented a wireless network (WLAN) without properly addressing security concerns. A dictionary attack was able to decrypt files and corporate secrets were leaked. 2) The systems security engineer warned about security risks but was ignored by the commercial director Arthur Daly who prioritized accessibility and convenience over security. 3) The case will be analyzed by examining the vocational responsibilities of those involved, different ethical theories, and relevant professional codes to determine what could have been handled better and lessons around balancing accessibility and security.

    Original Description:

    Original Title

    CSC 410 Day 29 the Aerowright Case

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1) The case discusses an IT security breach at the aerospace company Aerowright after they implemented a wireless network (WLAN) without properly addressing security concerns. A dictionary attack was able to decrypt files and corporate secrets were leaked. 2) The systems security engineer warned about security risks but was ignored by the commercial director Arthur Daly who prioritized accessibility and convenience over security. 3) The case will be analyzed by examining the vocational responsibilities of those involved, different ethical theories, and relevant professional codes to determine what could have been handled better and lessons around balancing accessibility and security.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    9 views10 pages

    CSC 410 Day 29 The Aerowright Case

    Uploaded by

    Alex Tran
    1) The case discusses an IT security breach at the aerospace company Aerowright after they implemented a wireless network (WLAN) without properly addressing security concerns. A dictionary attack was able to decrypt files and corporate secrets were leaked. 2) The systems security engineer warned about security risks but was ignored by the commercial director Arthur Daly who prioritized accessibility and convenience over security. 3) The case will be analyzed by examining the vocational responsibilities of those involved, different ethical theories, and relevant professional codes to determine what could have been handled better and lessons around balancing accessibility and security.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 10

    CSC 410 Day 29

    Computer Security:
    The Aerowright Case

    1
    Admin.

    1. Take in project plans.

    2. Work on building up your bibliography of


    relevant sources.
    ◦ Include relevant sources in ethics (see
    https://plato.stanford.edu/) as well as technical
    sources and computer news.

    2
    Plan.
    The Aerowright Case.

    ◦ 1. Vocational Analysis.

    ◦ 2. Application of Ethical Theory.

    ◦ 3. Application of Professional Codes.

    ◦ 4. What can we learn?

    3
    The Aerowright Case
    (fictional, but realistic).
    Aerowright is an aerospace company with an IT
    system called AIRNET.
    The commercial director, Arthur Daly wanted
    to upgrade to a wireless system.
    Goals:
    ◦ Make relevant technical information “available on
    demand during actual negotiations” (129)

    ◦ Negotiators could then “use their laptops or hand-


    held computers to connect to AirNET while they
    were in meetings” (129)
    4
    How the adoption decision was made
    The WLAN supplier explained the convenience
    and cost benefits and fast implementation

    The AirNET applications would not change and


    existing security would remain in place.

    Did not seem like an IT security issue.


    ◦ Security warnings from the system security
    engineer were ignored as AirNET had never been
    breached before.

    5
    The implementation
    Initially went well.
    ◦ Ease of negotiation was improved.
    ◦ No problems for 6 months.

    Then a dictionary-building attack was able to


    translate encrypted files.
    Corporate secrets were posted on bulletin
    boards, wing design documents were destroyed.
    Corporate credibility plummeted, and
    Aerowright may go out of business!
    6
    1. Vocational Analysis.
    1)What vocational responsibilities may have
    been avoided by Arthur Daly?
    ◦ How are abdication and usurpation of vocation
    relevant?

    2)Did the system security engineer fulfill his


    vocational duties?

    3)Which neighbors were poorly served and


    why?

    7
    2. Application of Ethical Theories.
    1. What ethical theory seemed to guide
    Arthur Daly’s thinking?

    2. How would the case be evaluated by:


    ◦ 1) Ethical egoism
    ◦ 2) Utilitarianism
    ◦ 3) Deontological Ethics
    ◦ 4) Virtue Ethics

    8
    3. Application of Professional Codes.
    1. Refer to the professional codes in the
    Appendix (169-201).

    2. Are there any rules or emphases that show


    problems in the handling of this case by
    Arthur Daly or the systems security
    engineer?

    9
    4. What can we learn?
    1. What could Arthur Daly have done better?

    2. What could the systems security engineer


    have done better?

    3. What general lessons emerge about the


    tradeoffs between accessibility and security?

    4. How would you, as an IT professional,


    handle a similar situation?

    10

    You might also like