logo

Security in Information Technology | Assignments

13 Pages3545 Words119 Views
   

Added on  2020-02-24

Security in Information Technology | Assignments

   Added on 2020-02-24

ShareRelated Documents
Running head: SECURITY IN INFORMATION TECHNOLOGYSecurity in Information TechnologyName of the Student:Name of the University:Author Note:
Security in Information Technology | Assignments_1
1SECURITY IN INFORMATION TECHNOLOGYCryptography is a process using which information can be converted into a formatthat cannot be read normally. The purpose of cryptography is to conceal any secret messagefrom any unwanted viewer and only the intended recipient will be provided with the methodto convert it to readable text (Stallings & Tahiliani, 2014).A data that can be read andunderstood without the involvement of any special technique is known as plaintext. Themethod of masking a plaintext with the intention to hide its contents is calledencryption.Encryption of a plaintext results in an unreadable format known asciphertext.Symmetric key encryption is a type of cryptography method that involves thesharing of a secret key to encrypt and decrypt the data (Agrawal & Mishra, 2012). Symmetricencryption algorithms have high efficiency in processing large amounts of information andcomputationally less intensive compared to the process of asymmetric encryptionalgorithm.Stream ciphers and block ciphers are the two types of symmetric key encryptionalgorithm that provides bit-by-bit and block encryption respectively. Data EncryptionStandard (DES), Triple Data Encryption Standard (3DES), Advanced Encryption Standard(AES) and BLOWFISH are examples of various symmetric key algorithms (Surya & Diviya,2012).Public Key Encryption also known as Asymmetric Encryption is a type ofCryptography that employs two keys for the process of encrypting and decrypting a data.Onekey is used for the encryption of a data; however, it cannot be used for decrypting theencrypted data. Similarly, another key is used for decrypting the data, which cannot be usedfor encrypting the same (Wee, 2012). The two keys are public key and private key. Publickey is used for encrypting the data and is in possession of both the sender and the recipientwhile the private key is possessed only by the receiver of the message. To decrypt anencrypted message the recipient will require using both the public and private key.The publickey is open to all however, it alone cannot be used to decrypt the coded message (Hofheinz &
Security in Information Technology | Assignments_2
2SECURITY IN INFORMATION TECHNOLOGYJager, 2012). Therefore, the encryption is secure. Both the public and private keys are basedon very lengthy prime numbers. There is almost infinite amount of prime numbers available,which creates an infinite amount of possibility for creating such keys. This enhances thesecurity of the system extremely.An example can be cited in support of the topic mentionedabove. Suppose a person A sends an encrypted data to person B. A encrypts the data with apublic key and sends the data to B with the key (Hsu, Yang & Hwang, 2013). B already hasthe private key to decode the data in possession and after receiving the package decodes thedata using both the public and private key. Any intermediate viewer can see the packagehowever; will be unable to decode the data, as they do not possess both the public as well asthe private key (Jeeva, Palanisamy & Kanagaram, 2012).The term hashing typically means the process of reducing any object from its originaldimension. In technological perspective, hashing signifies the conversion of a stringcharacters into a smaller value or key of fixed length that represents the original string.Thepurpose of hashing is to summarise and retrieve items in a database, as it is a quicker processto locate the object using the shorter key than to find it using the original value. Hashing findsits utility in many encryption algorithms as well (Park et al., 2012).All the techniques mentioned above are encryption techniques that are used formaintaining confidentiality and authentication. However, the public key encryption method isbest suited to maintain confidentiality and authentication as it has two encryption keysinvolved in the process of encryption and decryption that uses a long set of prime numbers.This method increases the complexity level of encryption thereby enhancing the security ofthe confidential data.
Security in Information Technology | Assignments_3
3SECURITY IN INFORMATION TECHNOLOGYDenial-of-Service or DoS is a form of cyberattack that is carried out on any personalor organisational network. The purpose of this type of attack generally is not to expose orretrieve any type of confidential information from the network; rather it is used to cause agreat deal of issue for the users in a network. A DoS attack uses the technique of flooding anetwork with requests that increases the traffic of the network. This results in slow networkconnection and websites failing to load properly (Gunasekhar et al., 2014). In anorganisation, a DoS attack can clod the network because of which, the employees in theorganisation will be unable to access any web services to perform organisational operation.The DoS is effective in rendering the services of an organisation offline that can cause loss inbusiness and negative publicity of the same. A DoS attack is almost impossible to stopoccurring in an organisation, especially the advanced DDoS (Distributed Denial of Service)attack that is botnet-driven. It is almost impossible to identify an infected request from alegitimate request as these requests often use the same protocols or ports and may haveresemblance to a legitimate request in respect to its content.However, some precautions canbe taken to prevent DoS attacks in an organisation (Durcekova, Schwartz & Shahmehri,2012).The organisation can purchase a lot of bandwidth. It is an expensive processthough but is the simplest process as well. Implementing a lot of bandwidth, theorganisation will create a situation where the attacker will face difficulties incarrying out a successful DoS attack. This is because the more bandwidth anetwork has the more the attacker must clog by flooding with requests(Malekzadeh, Ghani & Subramaniam, 2012).Another method of precaution is using DoS attack identification and detectiontechniques like wavelet-based signal analysis, activity profiling and change-pointdetection that will help to recognise a malicious traffic from a legitimate one. In
Security in Information Technology | Assignments_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Principle and Method in Cryptographic Security | Discussion
|4
|638
|19

Cryptography Assignment 2022
|8
|559
|16

Encryption Symmetric Key Encryption
|9
|2853
|351

Encryption Techniques Assignment 2022
|9
|2287
|7

Symmetric Encryption Assignment
|5
|884
|175

Cryptography and System Security .
|7
|1528
|232