Enterprise Data Security Requirements
In this assignment, a case study has been proposed where the computer communication of a police department has been taken as the main point of concern. The report has been devised for implementing a protected encryption technology for the city government as the current encryption technologies were not adequate. The best possible solution for encryption has been proposed in the following assignment. The impact the technology has on the It professionals have been highlighted in the following sections as well. This report has been written by (your list of team members) for The It department manager, John Jackson.
The aim of this report is to
- Understand the different modes of encryption mechanisms
- Devise an encryption mechanism for the mentioned case study
- Assess the risk factors and the potential impacts of the implemented encryption mechanism on the potential stakeholders
The scope of the report is to provide experts, institutions and concerned government bodies with proper and relevant information about the encryption technologies that are present in the market now and asses the utilization of the technology.
In this assignment, the enterprise data security requirements that will be addressed will be the levels of data confidentiality and the identification of sensitive data. The data classification needs to be addressed in short. The security policy needs to be defined and the accessible level of threats needs to be evaluated. For leveraging the optimum practices the authorization and authentication policies need to be assessed. Next, the data requirements require the identification of the legislative measures. The point of implementation needs to be chosen to understand what work needs to be done (Xi et al. 2014). A data privacy plan needs to be implemented and the encryption modes needs to be assessed according to their storage, database and network level. For evaluating the modes of implementation, the data privacy solution needs to be checked. Authorization and authentication as well as key management cryptographic solution is required in this mentioned case study to be assessed for understanding the key business requirements of this report.
Security plan review for appropriate encryption method
|
TYPE |
CONSIDERATIONS AND TRADE-OFFS |
|
Container or Volume |
· When put in the proposed volume, the information is encrypted · Loss of authentication keys which will result in the loss of the total system · Performance affect – some software can slow the rest of the system down |
|
Full Disk |
· Automatic encryption of all the information that are stored by the installed software · Performance affect – some software can slow the rest of the system down · Loss of authentication keys which will result in the loss of the total system |
|
File or Folder |
· Every data that is designated needs to be managed · For proper encryption of data the manual management of information is required · Loss of authentication keys which will result in the loss of the total system |
|
Application |
· Automatic encryption of all the information that are stored by the installed software · Loss of authentication keys which will result in the loss of the total system · Only the application data is encrypted · The data may not be encrypted which extracted from the application (Liang et al. 2015) · The application and the user application has to make out the scope of the data that is encrypted by the application |
In some industries and financial institutions, Triple DES technology is used nowadays. It was widely used in the industry just a few years ago. 56 bit individual triplet keys were used in this encryption technology. The total added up to one sixty eight bits. This technology is however not suitable for this mentioned case study.
The technology is age old and has been defeated by hackers multiple times. It is since been phased out of several institutions.
AES or Advanced Encryption Standard is one of the encryption technology that is trusted by several institutions all over the world. The technology uses 128 bit form but for some serious encryption purposes, keus with 256 bits as well as 192 bits can be used (Deng et al. 2014). Experts related to security believe that the technology will be eventually be turned into a standard for every industry but the system can be technically defeated with brute force. If all types of possible communications of the mentioned keys are used.
Evaluation of Encryption Technologies
Blowfish is an encryption technology that is designed to replace the age old DES technology. The messages were splitted into blocks of sixty four bits. The best part is that the technology encrypts them individually. It is a renowned technology known for its effectiveness and speed. The technology can be used in the mentioned case study as it can be availed for free in the public domain. This technology can be chosen to be used in the municipality as it has never have been defeated as is used in many e commerce sites nowadays (Kaur, 2013). Moreover, it is known for its flexibility as well and can be used for encrypting the sensitive messages in the ploice department.
The costs associated with every encryption option is written as follows:-
|
Encryption option |
Costs |
|
Triple DES technology |
$2500 / month |
|
Advanced Encryption Standard |
$5000 / month |
|
Blowfish |
$4,650 / month |
Encryption options and costs documentation and appropriate decision maker
|
Options |
Cost |
|
VeraCrypt (Windows/OS X/Linux) |
Free |
|
AxCrypt (Windows) |
Free |
|
BitLocker (Windows) |
Free |
|
GNU Privacy Guard (Windows/OS X/Linux) |
Free |
The encryption technology will prevent communications from being intercepted by external corrupt individuals. The technology if employed in the municipality will enhance the freedom of expression with the concerned people. By reducing the number of anonymous tools and encryption, the human rights of certain people are threatened as it inhibits them from speaking openly without retribution (Anees, Siddiqui & Ahmed, 2014). The new encryption technology will allow the users to speak confidentially safely and maintain their human rights and privacy. The administrator will have to routinely check out if anyone has tampered with the system by running a full system analysis periodically.
The users of this technology will both comprise of technical as well as non-technical people. The non-technical people will not feel a change but only a firewall login notification whenever they are trying to access the system network. They have to know the basics about finite field arithmetic and public key encryption. The Blowfish technology will be automatically start working as soon as the infrastructures are booted up. The technical team will have known about combination generators, filter generators, clock control generators and Stream ciphers. They have to know about threats and understand digital signatures (ZHANG & FANG, 2015). They have to recognize the threats and how to mitigate them in a systematic manner. The cryptographic tools and public key infrastructure management will fall under their responsibility to protect from any anonymous hackers who might be trying to look into sensitive information.
For verifying the emails that has been signed and that other software has deteriorated in performance, the user needs to go through the formal authentication authority for digital signature trust of the multi organization (Zhao, Li & Liu, 2014). The checking of every certificate in a certificate per user basis may impact the other softwares in the long run.
Cost Analysis of Encryption Options
The actions that needs to be taken for the problems reported in the help desk are:-
- The digitally signed message needs to be opened
- By the status line, the signed option needs to be checked for the person who has signed the email message
- The signed by status line needs to be clicked on to check whether the signature is valid or not
John Jackson’s email problem may be caused form the encryption technology that has been implemented in the above case study. The firewall that has been used might be causing the above log detail problem. Maybe the firewall has not authenticated the SSL certificate of the proposed email client and is failing to validate it (Wang et al. 2014).
Jackson needs to go to the authentication menu of the firewall and put the proposed email client in its list. He needs to reboot the entire system and clear the cache files to prevent further issues. Lastly, he should update the security protocol to all the existing firewall server so that such problem does not repeat again
The encryption issues and compromises are written as follows:-
- Encryption policies cannot be added
- Permission denied messages while writing, reading and opening a file
- For a data type file if the value is too large, hten it can fail
- Mount failure for a system of files that have rules of encryption
- For key rewrap, failure pf providing access permission
Conclusion
In this assignment, various encryption technologies have been evaluated and assessed. In the proposal, an appropriate tools and technologies related to encryption has been discussed and their cost has been evaluated that will be viable for implementing it in the above mentioned case study. The municipality and the police station were both weak in encryptions and were vulnerable form outside hackers. Their calls and messages could have been already compromised but with these assessment, the organization can finally come up with a plausible solution as what technology to implement so that these vulnerabilities do not turn into threats. The proposal also addresses the conditions that take place after the technologies have been implemented and addresses a mail issue that pops up in the help desk records every time. By reviewing the log file, the problem has been evaluated and the possible mode of problem has been discussed. Last but not the least, this assignment plans to provide the user with an idea about the encryption technologies that are available in the market and gives a solid evidence of their impact that the organization could be facing if implemented.
References
Anees, A., Siddiqui, A. M., & Ahmed, F. (2014). Chaotic substitution for highly autocorrelated data in encryption algorithm. Communications in Nonlinear Science and Numerical Simulation, 19(9), 3106-3118.
Deng, X. H., Liao, C. L., Zhu, C. X., & Chen, Z. G. (2014). Image encryption algorithms based on chaos through dual scrambling of pixel position and bit. J. Commun, 3, 025.
Kaur, R. (2013). Comparative analysis and implementation of image encryption algorithms. International Journal of Computer Science and Network Security (IJCSNS), 13(12), 53.
Liang, K., Au, M. H., Liu, J. K., Susilo, W., Wong, D. S., Yang, G., … & Yang, A. (2015). A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. Future Generation Computer Systems, 52, 95-108.
Wang, Z. P., Zhang, S., Liu, H. Z., & Qin, Y. (2014). Single-intensity-recording optical encryption technique based on phase retrieval algorithm and QR code. Optics Communications, 332, 36-41.
Xi, S. X., Wang, X., Sun, X., Chang, S., & Lin, L. (2013). Three random phase encryption technology in the Fresnel diffraction system based on computer-generated hologram. Optical Engineering, 53(1), 011004.
ZHANG, J., & FANG, D. (2015). Image encryption technology applied chaotic maps index and DNA coding. Computer Engineering and Design, 36(3), 613-618.
Zhao, F., Li, C., & Liu, C. F. (2014, February). A cloud computing security solution based on fully homomorphic encryption. In Advanced Communication Technology (ICACT), 2014 16th International Conference on (pp. 485-488). IEEE.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
