Cryptography and Network Security Applications

cryptogram and Network protective cover Applications start out I Cryptography and Data SecurityRole of Cryptography in Securing DataCryptography plays a primeval role in securing any companys online data. Encryption is the most widely used method to implement cryptography on the companies data as it secures the data while simultaneously all(a)owing it to be transferred to others. It is very difficult for an outsider to fit into an encrypted file and access the sensitive information. Encryption acts as a crucial component of security for protecting the defile entrepot data as it is under fire(predicate) to world attacked by outsiders, for concealing the operating systems, and for keeping security on emails which atomic number 18 the most everyday method of communication in business.Purpose of symmetrical and Asymmetric Encryptions Insymmetric encoding, the sum is encrypted by the application of a secretkey which potentiometer be in the form of a number, a word, or an al phanumeric string.The key is applied to the communicate (also cognize as plaintext) by the sender, andas long as the recipient has the key, they bathroom decrypt the encrypted message(also known as cipher-text). Confidentiality is achieved by this method ofencryption. If the symmetric key is changed in every seance of communicationthe key is known as a session key that is valid for one session only and this appends improved confidentiality. This is a traditional method of encryption,using it becomes frantic when secure communication is needed by a number ofemployees in an organization as everyone impart suck a number of keys tocommunicate with different individuals. Secure key distribution among all the particles is another problem in using symmetric encryption.Inorder to resolve these issues, Asymmetric encryption should be used in thisorganization. Each member has two keys namely public and private key. Publickeys be used to encrypt and decrypt messages which are to be shar ed among allthe members of the organization. Private keys are for to secure a privatecommunication taking place between two persons. In this way, the all public andprivate communication inside premise is secured using these trademarkmethods and the files shared with these messages as attachments are alsosecured.Advanced Encryption Standard (AES) algorithmic program This algorithm is trusted as a bill by most organization organizations as it is tremendously efficient in protecting the data of 128-bit. However, it is also used for data of 192 and 256 bits.Message Authentication Code(MAC) Algorithm This is also known as a tag, it is small information used forauthenticating a message which means it confirms the authenticity of the message by checking that the certain message has been sent by the authenticated sender of it. The MAC value helps in protecting a messagesdata authenticity and its integrity, by allowing the concerned persons to detect if the discipline of the message has been changed.Digital SignaturesDigital signatures are commonly used for verifying the authenticity of digital documents and messages. It ensures the recipient that the received message has come from a known sender and the integrity of the message has not been alter during its transmission treat. Since all the paper documents in the organization are now replaced with the electronic documents, digital signatures great deal be considered as an alternative to ink signatures and stamps of authenticity. Application of digital signatures offers authentication, integrity, and most importantly non-repudiation, i.e. one cannot deny their signature later if they have signed the document. Hence, digital signatures should be considered as one of the security measures while planning data security in this organization.Thesefeatures can improve the transparency and security among the businesses throughcommunications. These are basically comprised of 3 algorithms namely keygeneration algorithm, signing algorithm, and a signature verifying algorithm. Itis very easy to create digital signatures, one can just open the electronicdocument that needs to be signed in an electronic signature tool such asDocusign or Microsoft ability tools. Further steps differ as per the tool anddocument and these steps are instructed to the user as he opens the document inthe tool. Users just have to follow the instructions and verify their identityin order to add their digital signatures on the document. Whenmessages are sent after being digitally signed, the hasheesh value ensures that nochanges have been made in the document. All of this handled automaticallyhandled by a software tool, which shows warning if a decrypted hash value producesan altered output. The encrypted value of the hash is added to the bottom or asan attachment in the email.Part II Cryptographic Keys and User AuthenticationA user authentication system can be recommended to provide strict authenticity for users to access the companys resources. In this system, an identity is stated by the users who then applies an authenticator such as a password or a security key or combination of both of these in order to clear their identity. The security key presented by the user to verify their identity must be unique so that it authenticates only one particular user. The keys should be made in such a way that they are easy to remember by the user but cannot be stolen, copied, or forged. The process of revoking the previous key and issuing a vernal key should be easy. It should be impossible for the users to transfer their security keys to another user. The system should be protected against any attacker during the transit of data. Asymmetric encryption methods can be used as one of the user authentication methods to validate this system.Sincethe information secured through cryptographic keys depends directly on the keystrength, key mechanisms and protocols effectiveness, and afforded protection.It is importa nt to have a proper key management system in order to ensureproper distribution of keys. The user authentication should be made in such away that it offers key protection against any modification. Private keys shouldbe protected against any type of unauthorized disclosure. form Recommended for Employees to Get Discounts on Fruit Juice and Nut BarThesystem recommended for the employees to make proper use of ijuice.com andnutbar.com is that when the employees click on the link given on the employeebenefits page, a login or signup page should appear. If the employee is new tothe system, they employee must make an account on the product website bysigning up using their authentic certificate and their confidential employee IDalong with a username or password that would be the key they use to accesstheir account. As the user logs into the website, a session is created, and bythe received login information of the user, special discount coupons unique tothe employee is available to be adde d to their accounts so that they can usethe coupon when they purchase any specific coupon applicable item. Once theuser logs out from their account, the session is terminated, and theinformation about the session remains safe with the servers of ijuice.com andnutbar.com.Part III Secure Cloud Computing for manipulation the Companys DataImplementationJohn will want to implement most of the data used and stored for the company in a virtual cloud system. This will provide a certain effective measurement of security, efficiency, transfer methods, time saving and cost reductions. Thefirst step in implementing cloud based storage is the replacement of physicalinfrastructures with virtual infrastructures. A software layer generates avirtual instance of the ironware as the controlling software point and is a great dealeasier to manage, interactive with, share and make changes too.The secondstep, includes the decision making process of what cloud storage system wouldbe best suited for the company. A common cloud service is Google DriveOricle or IBM. These cloud services offer a greater visability into the usageand cost of virtual infrastructure as tumefy as assisting in tracking andassessing shared computer resource usage accuracy. The third step ofimplementing cloud is realizing in companies where most of the work data prevaildemands server regularity without the interference of attacks and thats wherecloud security comes in. Blowfish,AES (Advanced Encryption Standard), and RSA (Rivest-Shamir-Adleman) are some ofthe most commonly used cloud computation algorithms to provide efficient securityto cloud platforms. AES encryption algorithms were described previously, butRSA encryption relies upon the computational difficulty of processing largeinteger values. The strength of this encryption is left wing up to the key sizewhich are usually 1024- or 2048-bits in length, which is huge and is why itwould be a great choice to implement upon cloud infrastructure storagese curity.RisksDenialof Service (DoS) Attacks These attacks prevents theusers from accessing the services by flooding the systems or meshs with trafficto make the resources work on unnecessary data or inevitably crash which thenprevents the user from accessing their data . Such attacks have morecomputational power in cloud computing.MalwareInjection Attack These attacks photograph harmfulsoftware to the victims data in the cloud and takes control of it. The resultsof successful injection can be very disastrous, it can even allow the multiplication of computer worms which then can potentially use the companys datadistribution methods as a platform to spread the attack to individuals orgroups who authentically interact with the companys data.SideChannel Attack These attacks place a virtual machine withthe victims virtual machine in order to target cryptographic implementation ofthe systems instead of using any theoretical weaknesses of the algorithms orany other force. Cache attack, ti ming attack, power observe attack,electromagnetic attack, acoustic cryptanalysis, differential fault analysis,data reminisce, and software-initiated fault attacks are different forms ofside channel attacks.CountermeasuresThe data stored in the cloudmust be zipped up with either a password or AES encryption and the keys mustnot be shared with anyone.Login authentication shouldnot be simple in terms of guess work and rather should implement multifactorauthentication.A CCSP (Certified CloudSecurity Professional) should be hired to manage the cloud after installation.Data integrity must beverified by implementing data encryption and decryption over the wire.Itis advisable to use cloud computing for the operational purposes in order toreduce the hardware infrastructure cost and maintain efficient management ofdatabases and confidential data if all the vulnerabilities are taken care of byusing proper countermeasures.PartIV Business and Blockchain IntegrationBlockchaintechnology has cre ated a backbone for a new kind of internet. A blockchainsstore information across a network of computers making them not justdecentralized but distributed which means no single individual or company ownsa system but everyone can use it and help run it. It can be looked at in threedifferent ways technical, legal, and business (Nair & Sebastian,2017).As per technical aspect, it could be seen as a backend databasewhich has a distributed ledger. As per business aspect, it is an exchangenetwork that can be used by peers for transferring value. This mechanismvalidates a transaction and may validate it from a legal point of view. Thereis no requirement of any middlemen to make a transaction valid. Inorder to ensure proper function of blockchains at such a corporate level, aconsensus algorithm is required which must be secure, functional, andefficient. Proof of work, Proof of Authority, and Proof of menace are someof the consensus algorithm which are considered as potential for blockchain integration. However, the use of a Proof of Work algorithm has already beenstarted for blockchains in Bitcoins. Blockchains can resurrect the security inthree different forms which are blockage of identity thefts, prevention fromdenial of service attacks, and prevention of data tampering.AdvantagesIt allows people to sell orbuy anything they like to and or from anybody in the world, without letting anyother party to interfere and impose rules upon them.Every consumer can choosetheir identity in transactions, such can remain anonymous, public, or privateas per their choice.Approach used in blockchainsfor storing DNS entries could increase security by eliminating the singletarget that can be attacked by the hackers. This will not cause the entiresystem to be compromised by the attack.Blockchain will also eliminatethe network fees on DNS reads and will only shoot down for new entries and updates,of course depending upon the DNS provider that John chooses to go with.DrawbacksFinancial services will beimpacted as blockchain is defined as everything that a banking concern does.Government services as one canchoose to buy or sell anything to anyone without any geographical boundaries. Noone will go to government departments for completing the formalities.Blockchains will require a lotof computational power as compared to centralized database processes. Blockchainprovides the ability for every node in the network to process the requestindependently.Existing currencies areregulated and created by the national governments, but blockchain and a productof blockchain such as Bitcoin will face hurdles in being adopted by the alreadyexisting financial institutions if the regulation status of the governmentsremain unsettled.ReferencesStallings, W., &Tahiliani, M. P. (2014).Cryptography and network security principlesand practice(Vol. 6). London Pearson.Jonsson, J., Moriarty,K., Kaliski, B., & Rusch, A. (2016). PKCS 1 RSA CryptographySpecifications Version 2.2.Salomaa, A.(20 13).Public-key cryptography. Springer Science & BusinessMedia.Hernandez, K. (2017).Blockchain for DevelopmentHope or Hype?.Nair, G. R., &Sebastian, S. (2017). BlockChain Technology Centralised Ledger to DistributedLedger.Rittinghouse, J. W.,& Ransome, J. F. (2016).Cloud computing implementation, management,and security. CRC press.Stojmenovic, I. (2014,November). Fog computing A cloud to the ground support for smart things andmachine-to-machine networks. InTelecommunication Networks andApplications Conference (ATNAC), 2014 Australasian(pp. 117-122).IEEE.