Cryptography and Network Security Applications

Verified

Added on 2022/12/22

AI Summary

This report explores the applications of cryptography and network security. It covers topics such as data encryption, user authentication, and secure cloud computing. The report provides security advice for iCreative Company to maintain a strong security posture.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: Network Security 1
Cryptography and Network Security Applications
Name of the Student
Name of the Institution

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Network Security 2
Cryptography and Network Security Applications
Introduction
Computer systems and technological developments have grown to become indispensable
in the present-day’s world. Network systems allow seamless, faster access to information and
communications. As organizations move from the traditional filesystem to a highly distributed
client-server architecture, they too connect to the internet so as to sustain visible presence with
suppliers, clients, and partners (Allen, 2001). However, the risks associated with computer
networks and the internet are devastating. Successful network attacks cause loss or manipulation
of private data and information, money and lives and money. These risks security a very critical
consideration for all systems (Stošić & Veličković, 2013). The main purpose of this report is to
provide security advice to the management of iCreative Company with the aim of helping the
Company maintain an acceptable ‘security posture.' Parts 1, 2 and 3 of the report explore
cryptography and data security, cryptographic keys and user authentication, and secure cloud
computing platform for handling the Company’s data respectively.
Part I: Cryptography and Data Security
Cryptography explanation
Explain symmetric and asymmetric encryption in relation to the company data in company data
in
All security efforts are aimed at ensuring that the confidentiality, integrity, and
availability of a system are safeguarded (Cherdantseva & Hilton, 2013). The confidentiality
aspect of security implies that data is only accessible for use by the right (authorized) persons, at
the right time and from the right place. The integrity aspect implies that data is not edited,

Network Security 3
deleted, manipulated or passively listened to by unauthorized persons. Systems’ availability
feature means that systems are not only available but also process information correctly,
effectively and efficiently.
Several technologies and mechanisms have been devised to help maintain secure systems.
Cryptography is one such method which is used to secure and protect data from unauthorised
access. It includes several techniques for disguising data (both in transit and in store), in such a
way that the original data is only available to the right personnel (Stallings, 2017). iCreative
Company will be required to implement cryptographic algorithms that will secure the
confidentiality, integrity, and authentication of its data. Cryptography will protect the company’s
information secrecy and confidentiality by ensuring that even in cases where transmission media
or storage devices are compromised, the encrypted information remains useless to the attacker.
As such, the company will be required to store and transmit information in encrypted form
(Kolkowska, Hedström, & Karlsson, 2009).
Data in transit
Data in transit- also called data in motion refers to data that is actively moving from one
location to another usually through a private network or across the internet. For the case of
iCreative, such data will be moving from one branch to another (Boneh & Shoup, 2016).
Data at rest
Data at rest, on the other hand, refers to data that is not moving from one device to
another or across the internet. iCreative stores such data in hard drives, archived storage media
and flash disks among other media. Data in transit is more vulnerable to attacks, iCreative would
use multiple security methods that guarantee a defense-in-depth strategy. Asymmetric

Network Security 4
encryption and two way factor authentication would ensure that no unauthorised access to data is
successful.
Message authentication
It will be a good security practice for the company to implement message authentication
code- MAC. MAC protects message integrity by verifying their sources and ensuring that they
are not modified along the transmission channel. Hash functions would be used to generate
symmetric keys for message authentication and route them together with the messages being
sent.
Symmetric and asymmetric encryption
Encryption algorithms used to ‘convert’ plain text messages at the sender’s end and to
decrypt the ciphertext at the recipients’ end demand that communicating parties have a common
value (mathematical function) to encrypt and decipher the information. Symmetric encryption
technique relies on a single key that is shared among intended participants. Asymmetric
encryption, on the other hand, depends on shared of public and private keys to encrypt or decrypt
messages (Paar & Pelzl, 2010). These two algorithms, when used in the company, will help
secure its data in bot storage facilities and while being exchanged between the various company
branches and/or sites.
Security Recommendation
Hashing algorithms and message digests used in cryptography will be used to prevent
unauthorized persons from deleting, or manipulating data thus ensuring its integrity while digital
signatures, certificates and public key infrastructure (PKI) will be used to will be used for non-
repudiation and authentication purposes

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Network Security 5
Part II: Cryptographic Keys and User Authentication
Part II.I User authentication
The Advanced Encryption Standard (AES) is the most secure block cipher encryption
algorithm that was developed as a response to the vulnerabilities associated with the Data
Encryption Standard algorithm and its variants (Abdullah, 2017). Using this algorithm, all
company's data will be encrypted in blocks of either 128, 192 or 256-bit blocks sizes unlike the
bit-wise encryption approaches in other algorithms. All file transfer protocols including SFTP,
HTTPS, and FTP among others will be secured using this algorithm. AES will help secure
sensitive data from attackers since the blocks are hard to crack. Additionally, the algorithm has
high computational efficiency and can, therefore, be used in a wide range of applications in the
company.
AES uses a combination of symmetric and asymmetric key generation and distribution.
This implies that the security loopholes in either of the algorithm are addressed by the other
algorithm. The public key encryption is best suited for encrypting session keys during symmetric
encryption. Symmetric key ciphers, on the other hand, will be used to encrypt data and
commands since they use less computational resources.
User authentication extends the capability of traditional networks of enabling network
security and personalization. All users requesting access to network services and infrastructure
will be authenticated to ensure maximum security. Apart from running an authentication server
and protocols such as RADIUS and AAA applications, iCreative can also install authentication
software (RSA SecureID Access for this case) that stores authentication data. such software is

Network Security 6
specialized solutions used to authenticate users using biometric info, advanced administration
user identities, SMS verification and two- or multifactor authentication among other data.
Part Three: Secure Cloud Computing
Explain the possibility of employing CC for the company’s valuable data
Cloud computing is an emerging technology that is based on ‘virtualization' of the
computing environment, infrastructure, and services (Kumar, Ravi, Raj, & Jelciana, 2018).
Holding data within local storage facilities means that data is under complete control of the
enterprise in all its lifecycle phases of creation, storage, use sharing, archiving and destroying.
iCreative will need a backup for its clients, staff and transactional data. A cloud computing
platform (platform as a service) will, therefore, be needed to ensure that data is sufficiently and
securely backup. Additionally, cloud computing will enhance remote access and feasible data
sharing capabilities.
Explain how data can be sent to an authorised partner securely from the Cloud.
While encryption remains largely associated with traditional storage facilities on which
companies have direct access to and control, iCreative have to depend on contractual language to
protect its assets and data by selecting a cloud service provider that will encrypt its data during
storage and processing. A SaaS provider could be contracted to manage the encryption and
decryption of all organizational data.
Explain which kinds of CC service/s can be used for the company’s data.
Cloud computing applications also risk intellectual and identity theft, distributed denial of
service, malware infections, diminished customer trust, spoofing, hacking and other sophisticated

Network Security 7
attacks. Effective Identity and Access management system will be used to protect the
confidentiality and integrity of data while on the cloud. The company should also design and
enforce access management policy to ensure data is accessed by the right persons and for the
right purposes. Third party auditing (TPA) can as well be used to ensure data integrity while
Provable data Possession will be used to investigate the correctness of data without having to
retrieve it from the cloud.
Conclusions
ICreative Company must invest heavily and implement sound security strategies. All
data, whether in storage or in transit must be encrypted to protect it from falling into the hands of
harmful individuals who might compromise its confidentiality, integrity, and availability. AES is
the best encryption standard that will rely on symmetric and asymmetric key exchanges. Cloud
computing, though a viable security solution, should be approached with care since it also has its
own security vulnerabilities that can be overcome by effective IAM systems and access
management policies.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Network Security 8
References
Abdullah, A. M. (2017). Advanced encryption standard (AES) algorithm to encrypt and decrypt
data. Cryptography and Network Security.
Allen, J. H. (2001). The CERT guide to system and network security practices. Addison-Wesley.
Boneh, D., & Shoup, V. (2016, December). A graduate course in applied cryptography. Draft of
a book.
Cherdantseva, Y., & Hilton, J. (2013). A reference model of information assurance & security.
2013 International Conference on Availability, Reliability, and Security (pp. 546-555).
IEEE.
Kolkowska, E., Hedström, K., & Karlsson, F. (2009). "Information security goals in a Swedish
hospital. 8th Annual Security Conference. Las Vegas.
Kumar, P., Ravi, P., Raj, H., & Jelciana, P. (2018). Exploring data security issues and solutions
in cloud computing. Procedia Computer Science, 125, 691-697.
Paar, C., & Pelzl, J. (2010). Introduction to public-key cryptography. In Understanding
Cryptography (pp. 149-171). Berlin, Heidelberg: Springer.
Stallings, W. (2017). Cryptography and network security: principles and practice. Upper Saddle
River: Pearson.
Stošić, L., & Veličković, D. (2013). Computer security and security technologies. Journal of
Process Management. New Technologies, 1(1), 14-19.