Posted: September 19th, 2022

Research report

 

 Need to present a research reports on 

1. Machine learning method

2. User Behavior Analytics (UBA)

 Both reports should be written with a word count of 70-105 words(not more than the count provided) and should provide a URL reference link too . 

Note : NO PLAGIARISM 

Should have minimum of 3 statements which describes the information about the report.

Tips: Should be in simple own words and no usage of critical words and attached the file to know in detail to write on it. This question is from a cyber security subject so that the matter should relate to cyber security for sure and should connect to readers.

Deadline Sep10, 2022 12:00Pm.Cst

Security in Computing,
Fifth Edition

Chapter 8: Cloud Computing

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780

1

34085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

1

Objectives for Chapter 8
Define cloud services, including types and service models
How to define cloud service requirements and identify appropriate services
Survey cloud-based security capabilities and offerings
Discuss cloud storage encryption considerations
Protection of cloud-based applications and infrastructures
Explain the major federated identity management standards and how they differ

2

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

What Is Cloud Computing?
On-demand self-service
Add or subtract resources as necessary
Broad network access
Mobile, desktop, mainframe
Resource pooling
Multiple tenants share resources that can be reassigned dynamically according to need and invisibly to the tenants
Rapid elasticity
Services can quickly and automatically scale up or down to meet customer need
Measure service
Like water, gas, or telephone service, usage can be monitored for billing
3

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Service Models
Software as a service (SaaS)
The cloud provider gives the customer access to applications running in the cloud
Platform as a service (PaaS)
The customer has his or her own applications, but the cloud provides the languages and tools for creating and running them
Infrastructure as a service (IaaS)
The cloud provider offers processing, storage, networks, and other computing resources that enable customers to run any kind of software
4

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Service Models

5

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Deployment Models
Private cloud
Infrastructure that is operated exclusively by and for the organization that owns it
Community cloud
Shared by several organizations with common needs, interests, or goals
Public cloud
Owned by a cloud service provider and offered to the general public
Hybrid cloud
Composed of two or more types of clouds, connected by technology that enables data and applications to balance loads among those clouds
6

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Cloud Migration Risk Analysis
Identify assets
Determine vulnerabilities
Estimate likelihood of exploitation
Compute expected loss
Survey and select new controls
Project savings
7

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The steps here are the same as for a normal risk analysis, but here they need to be approached from a specific perspective: How does a cloud deployment, compared to an on-premise deployment, change the answers? Vulnerabilities, likelihood of exploitation, and control options will be the most different in cloud environments, as they are dependent on compatible tools, security mechanisms, and incident response capabilities.
7

Cloud Provider Assessment
Security issues to consider:
Authentication, authorization, and access control options
Encryption options
Audit logging capabilities
Incident response capabilities
Reliability and uptime
Resources to help with assessment:
FedRAMP (Federal Risk and Authorization Management Program)
PCI DSS (Payment Card Industry Data Security Standard)
CSA STAR (CSA Security, Trust & Assurance Registry)
8

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The specifics of the security issues will depend on the security requirements of the capability that’s being moved to the cloud and therefore on the risk assessment. The three listed resources are databases of cloud providers that have been assessed for their compliance with well-known cloud security standards.
8

Switching Cloud Providers
Switching cloud providers is expensive and difficult but sometimes becomes necessary and urgent
It is best to have backup options in place in case a migration away from a cloud provider is necessary, but many cloud providers make that practically impossible
SaaS providers are generally hardest to migrate away from, followed by PaaS, then IaaS
9

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Security Benefits of Cloud Services
Geographic diversity
Many cloud providers run data centers in disparate geographic locations and mirror data across locations, providing protection from natural and other local disasters.
Platform and infrastructure diversity
Different platforms and infrastructures mean different bugs and vulnerabilities, which makes a single attack or error less likely to bring a system down. Using cloud services as part of a larger system can be a good way to diversify your technology stack.
10

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Cloud-Based Security Functions
Some security functions may be best handled by cloud service providers:
Email filtering
Since email is already hopping through a variety of SMTP servers, adding a cloud-based email filter is as simple as adding another hop.
DDoS protection
Cloud-based DDoS protection services update your DNS records to insert their servers as proxies in front of yours. They maintain sufficient bandwidth to handle the flood of attack traffic.
Network monitoring
Cloud-based solutions can help customers deal with steep hardware requirements and can provide monitoring and incident response expertise.
11

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Cloud Storage
By default, most cloud storage solutions either store users’ data unencrypted or encrypt all data for all customers using a single key and therefore don’t provide strong confidentiality
Some cloud services provide better confidentiality by generating keys on a per-user basis based on that user’s password or some other secret
For maximum confidentiality, some cloud providers embrace a trust no one (TNO) model in which even the provider does not have the keys to decrypt user data
12

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Lastpass TNO Implementation

13

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

This flowchart shows how Lastpass is able to authenticate users but unable to decrypt those users’ data. The critical element is that the hash Lastpass derives from the user’s password for authentication is different from, and cannot be calculated using, the hash Lastpass derives from the user’s password for decryption. Decryption takes place client-side.
13

Boxcryptor TNO Implementation

14

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The main benefit of the Boxcryptor implementation is that it allows users to selectively share files with other users. It does so by generating a per-file random key and then using each authorized user’s public key to encrypt that random key.
14

Data Loss Prevention (DLP)
DLP is more difficult in cloud environments than on-premise environments, as cloud customers have much less control over data ingress and egress points
DLP options for cloud-based corporate data:
Force users to work through the corporate virtual private network (VPN) to access corporate-contracted cloud resources
Install DLP agents on users’ corporate systems
In IaaS environments, insert a DLP server as a proxy between user systems and other corporate cloud servers
15

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

15

Cloud Application Security
Attacks against shared resources
Shared computing resources change the threat landscape. Sharing a system with a vulnerable application may result in those shared resources becoming compromised and consequently spreading attacks to your applications. There are also attacks, such as cryptographic side-channel attacks, that specifically target shared resource environments.
Attacks against insecure APIs (app programming interface)
Cloud vendors have a history of using known broken APIs. A recent survey of cloud security incidents over a 5-year period found that almost one-third of those incidents were caused by insecure interfaces and APIs.1 A separate study found major security weaknesses in SSL libraries used by major cloud service providers, including Amazon and PayPal.2
16

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Cryptographic side-channel attacks use incidental information—processor and memory response, temperature, and so on—to reduce the search space of cryptographic keys. They have been proven effective in small, cloud-like laboratory environments.

1. Ko, R., et al. “Cloud Computing Vulnerability Incidents: A Statistical Overview.” Cloud
Security Alliance white paper, 13 Mar 2013.
2. Georgiev, M., et al. “The Most Dangerous Code in the World: Validating SSL Certificates
in Non-Browser Software.”ACM Conf on Comp and Comm Security ’12, 2012.
16

Federated Identity Management (FIdM)

17

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

FIdM enables identity information to be shared among several entities and across trust domains. In this diagram, the user wishes to access the service provider, but the service provider needs to check with a completely unrelated, but trusted, identity provider to ensure the user’s validity and authority first.
17

Security Assertion Markup Language (SAML)
An XML-based standard that defines a way for systems to securely exchange user identity and privilege information
Commonly used when a company wants to give its employees access to corporate cloud service subscriptions
If an employee leaves the company, his corporate login credentials are disabled and, by extension, so are his login rights to the cloud service
18

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

SAML Authentication Process

19

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The IdP is often a corporate identity store, and the SP is often a cloud service provider.
19

OAuth
Whereas SAML is an authentication standard, OAuth is an authorization standard
OAuth enables a user to allow third-party applications to access APIs on that user’s behalf
When Facebook asks a user if a new application can have access to his photos, that’s OAuth
OAuth allows users to give third-party applications access to only the account resources they need, and to do so without sharing passwords; users can revoke access at any time
20

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

OAuth Authorization

21

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The flow is too long to fit on one slide, so it is cut in half. The left half is first, followed by the right half.
21

OpenID Connect (OIDC)
OAuth has been extended to support authentication in the form of OIDC
OIDC is a relatively new standard for FIdM
OIDC provides much better support for native applications (versus web applications) than does SAML
Works by adding an identity token to the existing authorization tokens, essentially treating identity information as another authorization right
22

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

OIDC Authentication

23

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The flow is too long to fit on one slide, so it is cut in half. The left half is first, followed by the right half.
23

Securing IaaS
Shared storage
When you deallocate shared storage, it gets reallocated to other users, potentially exposing your data. Encrypted storage volumes are the most reliable mitigation.
Shared network
Typical practice among IaaS providers prevents users from sniffing one another’s network traffic, but the safest bet is to encrypt all network traffic to and from virtual machines whenever possible
Host access
Require two-factor authentication
Do not use shared accounts
Enforce the principle of least privilege
Use OAuth rather than passwords to give applications access to API interfaces
Use FIdM wherever possible so as to only manage one set of accounts
24

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

IaaS Security Architecture

25

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

In this diagram, each server type is in its own security enclave, with the critical servers being protected by both firewalls and application proxies. Each of these servers is dedicated to a very specific purpose and is therefore simple and predictable enough to allow for application whitelisting, which greatly limits malware potential. This level of VM specialization is not always practical, but it greatly limits potential vulnerability.
25

Summary
When considering a move to cloud infrastructure, a full risk assessment will reveal critical requirements and bring up important unexpected issues
Cloud storage encryption options vary widely—confidentiality requirements are a key consideration
FIdM, including SAML, OAuth, and OIDC, provides strong security benefits by centralizing account and authorization management
In IaaS infrastructures, use server specialization, security enclaves, and application whitelisting to greatly limit the potential attack surface
26

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

26

image2.emf

image3.emf

image4.emf

image5.emf

image6.emf

image7.emf

image8.emf

image9.emf

image10.emf

image11.emf

Security in Computing,
Fifth Edition

Chapter 7: Databases

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780

1

34085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

1

Objectives for Chapter 7
Basic database terminology and concepts
Security requirements for databases
Implementing access controls in databases
Protecting sensitive data
Data mining and big data
2
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Database Terms
Database (DB)
Database administrator (DBA)
Database management system (DBMS)
Table
Record
Field/element
Schema
Subschema
Attribute
Relation
3
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Database: A collection of data and a set of rules that organize the data by specifying certain relationships among the data
Database administrator: Person who defines the rules that organize the data and controls who should have access to what parts of the data
Database management system: The system through which users interact with the database
Record: One related group of data
Field/element: Elementary data items that make up a record (e.g., name, address, city)
Schema: Logical structure of a database
Subschema: The portion of a database a given user has access to
Attribute: A column in a database
Relation: A set of database columns
3

Database Terms
DB: A collection of data and a set of rules that organize the data by specifying certain relationships among the data
DBA: Person who defines the rules that organize the data and controls who should have access to what parts of the data
DBMS: The system through which users interact with the database
Table: A collection of records
Record: One related group of data
Field/element: Elementary data items that make up a record (e.g., name, address, city)
Schema: Logical structure of a database
Subschema: The portion of a database a given user has access to
Attribute: A column in a database
Relation: A set of database columns
4
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

4

Database Example
5
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

A database with three tables
5

Database Example

6
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

A database with three tables
6

Schema Example

7
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

The schema of the database from the previous slide
7

Queries
A query is a command that tells the database to retrieve, modify, add, or delete a field or record
The most common database query language is SQL
8
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

8

Example SQL Query
SELECT ZIP=‘43210’
9

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Where do we find databases?

10
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

This is a good time to encourage students to think about places databases are commonly used and all the purposes they may be used for. Examples such as banks, large retailers, and law enforcement quickly make clear why all of these requirements are critically important. We’ve already discussed many of the ways these requirements are achieved in previous chapters, but the remainder of this chapter covers special considerations for databases.
10

Where do we find databases?
Purpose and Use

11
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

This is a good time to encourage students to think about places databases are commonly used and all the purposes they may be used for. Examples such as banks, large retailers, and law enforcement quickly make clear why all of these requirements are critically important. We’ve already discussed many of the ways these requirements are achieved in previous chapters, but the remainder of this chapter covers special considerations for databases.
11

Where do we find databases?
Purpose and Use

CIA

12
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

This is a good time to encourage students to think about places databases are commonly used and all the purposes they may be used for. Examples such as banks, large retailers, and law enforcement quickly make clear why all of these requirements are critically important. We’ve already discussed many of the ways these requirements are achieved in previous chapters, but the remainder of this chapter covers special considerations for databases.
12

Reliability and Integrity
Reliability: in the context of databases, reliability is the ability to run for long periods without failing
Database integrity: concern that the database as a whole is protected against damage
Element integrity: concern that the value of a specific data element is written or changed only by authorized users
Element accuracy: concern that only correct values are written into the elements of a database
13
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Two-Phase Update (2PC)
Phase 1: Intent
DBMS does everything it can, other than making changes to the database, to prepare for the update
Collects records, opens files, locks out users, makes calculations
DBMS checks commit flag to the database
Phase 2: Commit
DBS sets commit flag in the database
DBMS completes all write operations
DBMS removes the commit flag
If the DBMS fails during either phase 1 or phase 2, it can be restarted and repeat that phase without causing harm
Register for class example (15 seats, 1 left)
14
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Solution to the concern that the database system would fail in the middle of an update, leaving the database in a partially updated and inconsistent state.
14

Other Database Security Concerns
Error detection and correction codes to protect data integrity
For recovery purposes, a database can maintain a change log, allowing it to repeat changes as necessary when recovering from failure
Databases use locks and atomic operations to maintain consistency
Writes are treated as atomic operations (atomicity = all or nothing)
Records are locked during write so they cannot be read in a partially updated state
15
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Sensitive Data (Confidentiality)
Inherently sensitive
Passwords, locations of weapons
From a sensitive source
Confidential informant
Declared sensitive
Classified document, name of an anonymous donor
Part of a sensitive attribute or record
Salary attribute in an employment database
Sensitive in relation to previously disclosed information
An encrypted file combined with the password to open it
16
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Types of Disclosures
Exact data (payroll)
Bounds (protect or present)
Negative result (not 0 or not honors)
Existence
Probable value (management survey)
Direct inference
Inference by arithmetic
Aggregation
Hidden data attributes
File tags
Geotags
17
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
It is important to understand both the range of possible contents of each attribute and the data available to potential attackers in order to apply the appropriate protection mechanisms.

Keeping records from being dumped out of the database is not sufficient to actually prevent disclosure. There are many ways to deduce the content of a database listed on this slide, and all of them must be considered when protecting sensitive database information. It is important to understand both the range of possible contents of each attribute and the data available to potential attackers in order to apply the appropriate protection mechanisms.
17

Preventing Disclosure
Suppress obviously sensitive information – restricts usefulness of database
Keep track of what each user knows based on past queries – expensive and not fool proof
Disguise the data – exact value hard to discern
18
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Security vs. Precision

19
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Precise, complete, and consistent responses to queries against sensitive information make it more likely that the sensitive information will be disclosed.
19

Suppression Techniques
Limited response suppression
Eliminates certain low-frequency elements from being displayed
Combined results
Ranges, rounding, sums, averages
Random sample
Blocking small sample sizes
Random data perturbation
Randomly add or subtract a small error value to/from actual values
Swapping
Randomly swapping values for individual records while keeping statistical results the same
20
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Less complex data makes for simpler inference and therefore is more likely to require suppression. The disclosure prevention must be balanced against the database requirements, as the loss of precision and completeness may make the database unusable.
20

Data Mining
Data mining uses statistics, machine learning, mathematical models, pattern recognition, and other techniques to discover patterns and relations on large datasets
The size and value of the datasets present an important security and privacy challenge, as the consequences of disclosure are naturally high
21
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

Data Mining Challenges
Correcting mistakes in data
Preserving privacy
Granular access control
Secure data storage
Transaction logs
Real-time security monitoring
22
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

These remain open challenges, though some are partially solved or are solved in certain data mining packages. Access control, for instance, can often be performed in a coarse way. Correcting mistakes is a problem because data is often moved to more databases before the original database can be corrected—if the need for correction is ever discovered. Data storage is an issue because data may be collected globally and through cloud providers, where security details are largely unknown to users. As data mining platforms evolve, these features will mature.
22

Summary
Database security requirements include:
Physical integrity
Logical integrity
Element integrity
Auditability
Access control
User authentication
Availability
There are many subtle ways for sensitive data to be inadvertently disclosed, and there is no single answer for prevention
Data mining and big data have numerous open security and privacy challenges

23
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.

23

image2

image3.emf

image4

image5

image6.emf

Expert paper writers are just a few clicks away

Place an order in 3 easy steps. Takes less than 5 mins.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00