BIT243: Analysis of Network Security Architecture and Tools

Verified

Added on 2022/11/23

AI Summary

This report provides a comprehensive overview of network security, focusing on its architecture, cryptographic techniques, and implementation strategies. The executive summary highlights the importance of network security for businesses, emphasizing the need for robust measures to prevent attacks and protect sensitive information. The report delves into the Network Security Architecture, exploring its attributes such as relationships and dependencies, and its various forms including conventional controls. It also discusses the importance of encryption, including symmetric and asymmetric encryption methods, and their application in digital certificates. Furthermore, the report examines the OSI Security Architecture, outlining security attacks, mechanisms, and services. It also covers the implementation of information systems security, emphasizing measures such as integrity, confidentiality, and availability, along with tools like authentication, access control, and encryption. Finally, the report explores various security techniques including digital signatures, authentication, and access control to ensure data integrity and prevent unauthorized access. The report is based on the assignment brief for BIT243 Network Security, which requires students to explain key concepts of OSI security architecture, design and implement detection and prevention systems, and evaluate effective uses of security techniques.

TITLE: Networking Security
Networking Security
Student’s Name:
Student’s ID:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Executive Summary
Security to computers and any other digital devices has become the top priority because of the
essential function and support to the business and commerce hence attackers targets them. It is
necessary for individual and organization to ensure that they is no compromise of the systems in
any way. Strict security measures should always be practice to avoid any attack. Network Security
Architecture is a special design build in order to address the requirements and potential risks
experienced in certain scenarios in different network environments. It also give information when
and where to apply security controls. The design principles are reported clearly and with full details
of security controls specifications. Security architecture have several attributes. First is relationship
and dependencies which signifies the relationships which exist between various components in the
IT architecture and how they mutually depend on each other. The benefits we get from security
architecture is the standardization and affordability due to its cost effective because of the re-use
advantage. Second is its form, it takes several forms such as conventional controls which is an
advantage to its relationships diagrams, principles among others. Security controls are mainly based
on risk management, bench-marking, financial, and legal and regulatory (Yu, Qi & Li, 2019).

Abstract
Security attack is the mechanism where actions which compromises the security of the information
owned by the organizations are structured. This type of security architecture always keeps all the
vulnerabilities which might be the threads. Security mechanisms are the architectural processes that
are welled designed to to detect, prevent, or recover from a security attack. It takes control all those
process by monitoring and giving out the results. Due to its capabilities, it is the most reliable
mechanism to use in the network security. Security service is a scenario where the data processing
and the information transfers are enhanced by good communications in the company. The services
provision are enhanced by well structured security measures (Cohen, 2019).
Introduction
Network Security Architecture is a special design build in order to address the requirements and
potential risks experienced in certain scenarios in different network environments. It also give
information when and where to apply security controls. The design principles are reported clearly
and with full details of security controls specifications (Cohen, 2019). Security architecture have
several attributes. First is relationship and dependencies which signifies the relationships which
exist between various components in the IT architecture and how they mutually depend on each
other. In businesses and organizations, customers are given log in access by activating their
accounts after registering for the services. These should not involve any compromisations because
this will lead to security breaching rules. Availability means that the information should be
available to only authorized personnel's. This is very important since if there is any error made then
it can be correct by such personnel's. Some information authorizations depends sometimes with the
level of seniority in the company. Some are only accessible by CEO and others to the respective
departments managers. This is also important for the business and companies (Peixiao, Chopra,
Wing, Ganti, Corde & Patil, 2019).

Network Security Architecture
Network Security Architecture is a special design build in order to address the requirements and
potential risks experienced in certain scenarios in different network environments. It also give
information when and where to apply security controls. The design principles are reported clearly
and with full details of security controls specifications. Security architecture have several attributes.
First is relationship and dependencies which signifies the relationships which exist between various
components in the IT architecture and how they mutually depend on each other. The benefits we get
from security architecture is the standardization and affordability due to its cost effective because of
the re-use advantage. Second is its form, it takes several forms such as conventional controls which
is an advantage to its relationships diagrams, principles among others. Security controls are mainly
based on risk management, bench-marking, financial, and legal and regulatory (Zong, Ritter,
Mueller & Wright, 2019).
Security encryption
Security encryption is the key factor to the modern communication networks. Encryption will make
sure that there are no loopholes in the network. Encryption can be used to tighten communication
security in two basic ways such as Symmetric and Asymmetric Encryption. The basics of this
principle is by use of algorithms such as cryptographic algorithms concepts (Alm, 2019).
Cryptography algorithm is the method of utilizing advanced mathematical principles in the process
of storing and transmitting data in a unique way which can be only be understood by the intended
users. Encryption is the key principle in cryptography. In this scenario, the message is encrypted
through encoding in a way that only the end user targeted will understand. This is the most secure
way of sending messages so that they cannot be red by the other persons but only the targeted
persons (Peixiao, Chopra, Wing, Ganti, Corde & Patil, 2019).
Symmetrical Encryption
Symmetrical Encryption is the most basic and simplest kind of encryption that involves only cipher
and decipher information secret keys. The sender should always be in a position of encrypting the
data through the software and the receiver will then decrypt the same message using the
appropriate software tool. Data is very save when it is send through this channels (Zong, Ritter,
Mueller & Wright, 2019).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Asymmetrical encryption
Asymmetrical encryption is well knowned as the key for the public encryption. This is the more
advanced version and it utilizes the use of two key criteria to send the encrypted data. It’s features
are more improved because the sender should be able to encrypt the data using public key and the
receive will always decrypt it using private key. This is the unique mode of data and information
transfer securities. (Yu, Qi & Li, 2019).
Asymmetric Encryption in Digital Certificates
To make use of the asymmetric encryption then there must be a way of discovering public keys.
This is the more advanced version and it utilizes the use of two key criteria to send the encrypted
data. It’s features are more improved because the sender should be able to encrypt the data using
public key and the receive will always decrypt it using private key. This is the unique mode of data
and information transfer securities (Zong, Ritter, Mueller & Wright, 2019).

The OSI Security Architecture
The OSI Security Architecture is a framework which provides a systematic and procedures
definition of the security requirements with the characteristics of the approaches to satisfied those
requirements. The framework defines security attacks, mechanisms, services and the relationships
among others (Lédeczi, Zare, & Stein, 2019, February).
Security attack is the mechanism where actions which compromises the security of the information
owned by the organizations are structured. This type of security architecture always keeps all the
vulnerabilities which might be the threads (Jalali, Razak, Gordon, Perakslis, & Madnick, 2019).
Security mechanisms are the architectural processes that are welled designed to to detect, prevent,
or recover from a security attack. It takes control all those process by monitoring and giving out the
results. Due to its capabilities, it is the most reliable mechanism to use in the network security (Alm,
2019).
Security service is a scenario where the data processing and the information transfers are enhanced
by good communications in the company. The services provision are enhanced by well structured
security measures (Addae, Sun, Towey, & Radenkovic, 2019).
Information Systems Security Implementation

Security to computers and any other digital devices has become the top priority because of the
essential function and support to the business and commerce hence attackers targets them. It is
necessary for individual and organization to ensure that they is no compromise of the systems in
any way. Strict security measures should always be practice to avoid any attack (Yu, Qi & Li,
2019).
Measures necessary to improve system securities:
1) Integrity
Integrity is the clear assurance of the information security without any alteration and the message
transferred to the intended persons. Everyone do not want their information to be distorted or fall
into wrong hands hence there should be clear assurance of the security of the information. This is
experienced by the everybody and sensitive information such as bank statements or details should
be kept secretly. This feature is very important and it should be used in all circumstances (Alm,
2019).
2) Confidentiality
Confidentiality is the situation where the information is well kept and unauthorized people should
not have an access to such information. Business or organizations financial audits or any other
information should be kept away from access by the competitors. It should only remain in the
within the organizations (Shah, SHAH & Shah, 2019).
3) Availability
Availability means that the information should be available to only authorized personnel's. This is
very important since if there is any error made then it can be correct by such personnel's. Some
information authorizations depends sometimes with the level of seniority in the company. Some are
only accessible by CEO and others to the respective departments managers. This is also important
for the business and companies (Laborde, Bulusu, Wazan, Barrère & Benzekri 2019, April).
Tools for Information Security
Tools for Information Security is very important in making confidentiality, integrity and
availability possible. These tools are necessary and they should be utilized as part of enhancing
security in general.
1) Authentication
Authentication is giving access rights to someone to access the services. These being the security
measures in the computer systems then it should be well utilized to ensure the right people are given
permission to access the services they deserve. It is only done by the relevant authorities which
gives the specific people rights to access information they have subscribed for. In businesses and
organizations, customers are given log in access by activating their accounts after registering for the
services. These should not involve any compromisations because this will lead to security breaching
rules (Lédeczi, Zare, & Stein, 2019, February).
2) Access Control

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Access Control is controlling of the information or services that the clients are only appropriate to
access. These makes it it relevant access of information because certain information or services are
only relevant to certain individuals not all. After the authentications, clients are not control inside
not to access inappropriate information which might be not necessary (Ricci, Breitinger, & Baggili,
2019).
3) Encryption
Security encryption is the key factor to the modern communication networks. This is the more
advanced version and it utilizes the use of two key criteria to send the encrypted data. It’s features
are more improved because the sender should be able to encrypt the data using public key and the
receive will always decrypt it using private key. This is the unique mode of data and information
transfer securities (Laborde, Bulusu, Wazan, Barrère & Benzekri 2019, April).
Security Techniques

1) Digital Signature
Digital Signature is the technique used to validate the authenticity and integrity of the data, software
or digital document. It offers more inherent security and its main target is to solve tampering and
impersonation problem in digital communications. It provides the assurance of original evidence,
identify and also status of an electronic document, transactions and messages. These is nowadays
consider legal mode of security (Shah, SHAH & Shah, 2019).
2) Authentication
Authentication is giving access rights to someone to access the services. These being the security
measures in the computer systems then it should be well utilized to ensure the right people are given
permission to access the services they deserve. It is only done by the relevant authorities which
gives the specific people rights to access information they have subscribed for. In businesses and
organizations, customers are given log in access by activating their accounts after registering for the
services. These should not involve any compromisations because this will lead to security breaching
rules (Mcdonald, Hansen, Balzotti, & Bonsignore, 2019, January).
3) Access Control

Access Control is controlling of the information or services that the clients are only appropriate to
access. These makes it it relevant access of information because certain information or services are
only relevant to certain individuals not all. After the authentications, clients are not control inside
not to access inappropriate information which might be not necessary (Linkov, Zámečník,
Havlíčková, & Pai, 2019).
4) Identity Management
Availability means that the information should be available to only authorized personnel's. This is
very important since if there is any error made then it can be correct by such personnel's. Some
information authorizations depends sometimes with the level of seniority in the company. Some are
only accessible by CEO and others to the respective departments managers. This is also important
for the business and companies (Dameff, Selzer, Fisher, Killeen, & Tully, 2019).
5) Public key encryption

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Asymmetrical encryption is well knowned as the key for the public encryption. This is the new and
more advanced version to the symmetric encryption. It applies two keys to encrypt the plain data.
The secret keys are exchanged over the internet or large network. This will make sure that malicious
people will not access the key in any way. It is well understood that any person who have secret key
can decrypt data and this is the reason why asymmetric encryption uses two related keys to enhance
the security. A public key is made freely and available to everyone who would like to send the
message but the second private key is well kept as a secret so that you can know. Messages that are
encrypted using a public key will only be decrypted by use of the private key and the vice verse
applies also. Public key does not require and security because it is on the public and anyone can see
in the internet. Asymmetrical encryption is widely used because of it's features and security purpose
(Li, He, Xu, Ash, Anwar, & Yuan, 2019).
Analysis and Evaluation

Availability means that the information should be available to only authorized personnel's. This is
very important since if there is any error made then it can be correct by such personnel's. Some
information authorizations depends sometimes with the level of seniority in the company. Some are
only accessible by CEO and others to the respective departments managers. This is also important
for the business and companies. Security to computers and any other digital devices has become the
top priority because of the essential function and support to the business and commerce hence
attackers targets them. It is necessary for individual and organization to ensure that they is no
compromise of the systems in any way. Strict security measures should always be practice to
avoid any attack (Li, He, Xu, Ash, Anwar, & Yuan, 2019). Security encryption is the key factor to
the modern communication networks. Encryption will make sure that there are no loopholes in the
network. Encryption can be used to tighten communication security in two basic ways such as
Symmetric and Asymmetric Encryption. The basics of this principle is by use of algorithms such as
cryptographic algorithms concepts. Digital Signature is the mathematical technique used to validate
the authenticity and integrity of the message, software or digital document. It offers more inherent
security and its main target is to solve tampering and impersonation problem in digital
communications. It provides the assurance of original evidence, identify and also status of an
electronic document, transactions and messages. These is nowadays consider legal mode of security.
Authentication is giving access rights to someone to access the services. These being the security
measures in the computer systems then it should be well utilized to ensure the right people are given
permission to access the services they deserve. It is only done by the relevant authorities which
gives the specific people rights to access information they have subscribed for. In businesses and
organizations, customers are given log in access by activating their accounts after registering for the
services. These should not involve any compromisations because this will lead to security breaching
rules (Shah, SHAH & Shah, 2019).
Conclusion