The Use of Network Applications - Assignment Example

Task: Assignment: The Security Properties Of Network Applications 1 Introduction This report will look into a variety of aspects that have become quite useful as well as critical at this day and age. That is; the use of network applications. Due to the fact that these applications are now being majorly used, it is without doubt that the security of the data and information that is passed on in these channels should be adequately protected thereby ensuring the three essentials of data security. That is; confidentiality, integrity and availability of data to the right person. Not only will this report cover the network applications security, but it will also look into the network applications architecture and how this architecture can be best implemented so as to ensure data confidentiality, data integrity and data availability. For this case study, BF is a social network application that aids individuals to have a social forum with other people. Through that, an interested individual will have to register with BF so that they can be in a position to communicate with other individuals through the use of text and sending of images and videos. 1.2 Application description What are network applications? These are programs that run on a network and they allow for more than one user to have access to the program. Network applications can either be run online or offline. Offline network applications can be related to programs such as Office. These programs can be installed and/ or networked from the main server so that they can allow more that one individual to have access to using the program. When it comes to online network applications, these are applications that need an online server and a client; both of which must communicate in real time else they will no longer be referred to as online network applications. In this case, there is a server which is located in the data centre. The server stores all the relevant data and information that may be queried by a client. The client on most occasions could be a web browser or another computer/ laptop/ or gadget. How does BF work? What is the user experience of BF? Based on the above application description, the same ideology can be applied to our case; that is the BF social network application program. It is important to note that BF also uses the same application description where there exists a server and a client. The servers (s) are always located in the data centre. This is to ensure that they are not accessed by individuals who are not authorised to come into contact with them. In addition to that, the client in this instance will be the web browser that the user will use so as to key in the Universal Resource Locator (URL) of BF. Example: http: //www.BF.com Once the user hits the search button from their web browser, that will send a request for the search of the URL (http: //www.BF.com) and the corresponding BF server will respond to the request by providing that particular web page that the user searched for. After that, the user will register/ sign up with BF by providing their personal details such as: their email address, physical address and real names. Assumptions made about BF: Based on the BF social network application program, some of the assumptions that can be made include: Communication concurrency: Due to the fact that BF is an online social network application, information is prone to be exchanged between the server and the client. With that, communication concurrency should be adhered to strictly. An assumption is that the lack of communication concurrency between the server and the client will lead to data loss. Stability: Stability is critical to a social network application program. Lack of stability can cause huge losses due to downtime of the program. This is majorly caused when the servers cannot handle user’s overwhelming requests. Data security: There is exchange of data between the server and the client. Therefore, data security should be critically analysed. An assumption is that the lack of data security will lead to information breach. Throughput: When it comes to social network applications, throughput should be maximized. The aim of this is to eliminate inconveniences such as data or information delays on the part of the servers. 1.3. Architecture and data flow How is a network application built? A social network application program is in most cases built using the following analogy: First, developers use open source software. The benefit of open source software is that it allows developers to use the free source code platform that is readily available and additionally the developers have to develop their own code that is specific to their needs. In most cases, the open source code is Linux based. That is the reason why most social networking platforms offer free registration. Secondly, they must implement the use of superior servers which act as the data centre. That is, they store all the information related to the social network application program. In most instances, the Apache web server is commonly used with social network programs. Thirdly, there must be a reliable and stable database that will store data and/ or information such as; personal details of an individual. Lastly, there should be the implementation of application programming interfaces (API’s) which define how the different software components will communicate with each other. How BF is built: BF implements the same architecture that has been described above. Therefore, it consists of the following elements: Open source software: This acts as a platform that developers use so as to create their preferred code. Servers: They act as the central data repository; hence they are always located in the data centre. Databases: These act as the central repository for the users details. The database holds information such as: usernames, passwords, email addresses, status updates and telephone number. API’s: These are software components that describe how applications should interact with each other coherently. BF Architectural diagram: API’S BF SERVERS & DATABASE COMPUTERS AND/ OR WEB BROWSERS BF user registration data flow diagram and its components: The following diagram showcases BF user registration data flow diagram No User registers/creates account Yes Yes No 1.4 Security analysis – Detecting security issues using the STRIDE method Security issues that may be encountered include: Spoofing – This is falsification of data by a rogue program and it could happen while a user is signing up. A solution would be to implement user authentication. This could be done by offering the user a simple mathematical question such as: 1 + 5 and they would have to key in the answer. This eliminates the chance of rogue programs posing as humans and performing false registrations. Tampering – This may occur while a user in keying in their user name and password to a web browser. The rogue web browser could pose as the real one, thereby getting a users login credentials. A solution would be to implement data integrity. Repudiation – This may happen after a user has signed in into their account and their account sends message to other people. With that, the user could deny sending the messages. Therefore, a solution would be to implement non repudiation techniques such as data verification and/ or data originality. Information disclosure – This may happen while the user is keying in their credentials. A solution would be to ensure data confidentiality is implemented. Denial of service – A user may be denied log in capabilities. Data availability on the server’s end would solve this problem. Elevation of privilege – A user may be denied some rights while they are accessing their account information. Implementing information authorization would eliminate this problem. 1.5 Conclusions and recommendations Some of the generalizations that can be made from these findings are that data security is very critical in social network applications programs. There are a lot of issues which may arise from the start process where the user registers with the social networking forum. With that, solutions such as: non repudiation, confidentiality, integrity and data availability must be implemented else the latter results may not be quite compelling or may even lead to massive losses. Therefore, network application builders and/ or developers should be keen to ensure that data and information security is not an option but a priority. Recommendations: While implementing network security, it is essential to perform frequent tests on the solutions which will be implemented. Through this, any loop holes which may be encountered can be solved immediately. This process can be very tedious; however, developers should treat the loop holes found as an opportunity to improve on the social network application program being developed. Once these loop holes have been solved, it is an assurance that the program being developed will be futuristic and dependable. 1.6 References Hernan, Shawn, Lambert, Scott, Ostwald, Tomasz and Shostack, Adam (2006) Uncover Security Design Flaws Using The STRIDE Approach [Online] Available from: http://msdn.microsoft.com/en-us/magazine/cc163519.aspx [Accessed: 30 October 2013] Som.csudh.edu (n.d) What is a network based application? [Online] Available from: http://som.csudh.edu/cis/lpress/471/hout/apps/whatis.htm [Accessed: 30 October 2013] Vaughan-Nichols, Steven J. (7 January 2010) How Social Networking Works [Online] Available from: http://www.itworld.com/software/91803/how-social-networking-works [Accessed: 30 October 2013] Read More