Data and Computer Communications - The Issue of Security - Assignment Example

SECURITY Name Institution Question 1 Confidentiality is the property that is desecrated anytime information is revealed to unauthorized individual. An asset that is confidential cannot be imitated or copied by a definite set of attacks. Message encryption has been used over time to maintain confidentiality. This is made possible by sending the message mixed with bits of information while maintaining the randomness. The receiver would have to decrypt the received random information in order to get the intended information. However wireless networking is more vulnerable to attacks than a solution based upon cables use: by structure, information may be spread out to anyone within range. It is obvious to expect that the security necessities of a wireless system will include addressing this distress (Curtin, 2005). Integrity, with reference to data and network security, is the guarantee that information can only be accessed or effect changes by those endorsed to do so. It can be violated whenever information is distorted in an unauthorized manner. Various practices to guard data integrity in the physical surroundings include keeping transmission media like connectors and cables are covered thus making servers available only to network administrators and protected to guarantee that they cannot be tapped or hacked into. It also involves protecting hardware and any storage media from power surges, magnetism and electrostatic discharges. Like confidentiality, the wireless nature of communications amplifies the defenselessness of the system to integrity violations: if for example the recipient listens to the strongest signal that may seem correct, an attacker who would want to replace with counterfeit messages for the original ones only needs to shout loudly enough, without having to link any cables (Curtin, 2005). Availability of a system always credits any rightful requests by authorized principals. This is the domain of backup tactic, Storage array networks (SANs), tape drives, high availability clusters and so on. However there is no point in encrypting and defending your data if it is inaccessible. Availability is violated when the attacker denies access of information to the authorized personnel or user. Additionally another high-risk to data availability is called DoS attack. This attack is sometimes forced by political or vastly opinionated individuals. DoS attack can also be employed for bragging rights or as part of a way to silence some kind of security machine. Question 2 AES has the capability to stay safe for more than 20 to 30 years as the AES comprises of a keys block and round size potential that all of the algorithm presents a variety of utility that help the AES to be used for a longer period of time. Based on the performance measures for fundamental architecture, it is probable to obtain methodically estimated formulas for parameters of more composite architectures (Bollapragada and Khalid, 2005). In the non-feedback mode, encryption of individual succeeding blocks of data can be presented independently from processing other blocks. Fastidiously, all blocks can be encrypted in parallel. As a result, all blocks can be encrypted sequentially, with no capability for parallel processing. The restraints forced by the feedback modes in no way concerns decryption, which can be carried out on a number of blocks of cipher text in parallel for both feedback and non feedback in service modes (Bollapragada and Khalid, 2005). The incorporation of Rijndael has greatly influenced its lifespan .Rijndael is a simple self-sustaining cipher that does not rely on use of supplementary cryptographic apparatus. It has the competence to secure against both recognized and strange attacks. Additionally, it can code density and velocity across a range of platforms. It implements a quick block cipher square algorithm that can be professionally executed across diverse platforms. The Rijndael design uses a changeable number of rounds. It has nine rounds if 128 bit length is used for the block and key. It has eleven rounds if a 192 bit length is used for either the block or key. If bit length is 256 for either the block or key, there are thirteen rounds. This has by far improved as compared to the earlier DES (Bollapragada and Khalid, 2005). From the above illustrations justifies that the EAS can be used for a significant period of time as it has proven to be secure with new encryption method. Question 3 Computer vulnerabilities are major experienced in the information entity, a major constraint in the computer world. The principle of least common mechanism states that, if multiple components in the system need the same function then there would be a common mechanism that can be used by all of them. Using least common mechanism is essential as it assists in minimizing or reducing complexity as well as entities related to it. This includes complexity of the system that may be cumbersome to maintain. Considerations should also be emphasized on persistent problems (Stallings, 2000). The principle of clear abstraction states that: a system should have simple, well-defined interface. It assists in clearly representing the data and provided functions. The elegance of the interface of the system combined with precise definition of their behavior promotes a good analysis. This proficiently exhibits clarity of obstructions. Additionally the principle of partially ordered dependencies states that: the calling, synchronization and other dependencies in the system should be partially ordered .Interlayer dependency is crucial as it helps with design layering of the modules and components. Layering can thus be either partially ordered dependencies or system layering .It actively contributes to the system simplicity. Consequently, the principle of efficiency mediated access states that: the access control mechanism for each subset should be performed by the most efficient system mechanism present. This has been realized by the use of hardware memory management mechanism to officiate various access control function. Lastly the principle of minimized sharing states that no computer resource should be shared between components or objects unless if it is indispensable to do so. It has been understood that in order to protect user-domain information, a user has to request for it in order to be granted privileges to accessing it. Nevertheless internal sharing must be designed with care to avoid performance and covert channel problems. This can be cut down by designing the system to be efficient in order to facilitate virtual private data space for each component (Stallings, 2000). Question 4 Network protocols always provide a standardized way of communication. The method entails maintaining the state in stateless server surroundings. Basically it receives a request from the user that involves operation application form. First and foremost there would be extraction of the first stated URL and it immediately evaluates it. It then proceeds to assemble the second state information that is in relation to the first state information and evaluates it. The second state mainly entails the clients’ identification information, the application form and a counter. The counter comes in handy as it helps with keeping record of the number of times the client has interacted with the user (Stallings, 2000). A computer implemented d system comprises of session manager. This is responsible for extracting information state from URL that is in relation to request for performance, evaluation of extracted information and assemble information state. Contained in the information state is the client identification and counter as earlier stated. With relation to preserving notion state, the state can be maintained in a variety of ways. In a system, each interaction is taken into perspective and consideration is emphasized on the proceedings .Interactive Voice Response is by far an example of a state session. The state of interaction is intact provided that the link between user and application links is not interrupted. The application assumes responsibility to maintain the current state, in effect the user is expected to maintain the transaction open. Protocols like HTTP are stateless as compared to those of IVR that are intrinsically stateful .Consequently every request independently treated; therefore the server may not have records. The use of stateless protocols has proven efficient and simple. In some cases there are situations that require maintenance of state during communication. This however may present problems (Stallings, 2000). Question 5 Firewalls and VPNs are related and work in relation. Several firewall products give encrypted firewall-to-firewall tunnels. In particular, it was affirmed that application gateways provide IP address hiding by summarizing one IP packet in another. This, by our description, is the tunneling connected with VPNs .Firewalls manage access to corporate network resources and institute trust between the network and user. The firewall at each network wheels admission to resources in the network. On the other hand, the data relayed between the two sites is still susceptible to attack as it surpasses the Internet (Behringer and Morrow, 2005). Relatively, VPNs are shaped to offer privacy between two sites; often there is no trust between the two sites. An amalgamation of firewalls and a VPN establishes trust and provides privacy between the two sites. This approach presents more security than using either firewall at both sites or a VPN between the two sites. In the past, firewall products provided only firewall security service. However, many new firewall products now support VPN functionality. As stated earlier, both firewall functionality and VPN functionality are needed to establish effective security control (Behringer and Morrow, 2005). Proxy servers are responsible for redirecting users’ requests to the definite services based on an organization’s security guidelines. All communications between the individuals connected take place here. This thus forms a platform for insecurity as anyone can hack into the server and interfere with VPN(virtual private network) As VPN provides a secure connection between the sender and receiver.VPN requires a secure connection as opposed to the servers since they ac t as checkpoints where requests are validated thus might not be appropriately secure (Behringer and Morrow, 2005). References: Behringer, M. H., & Morrow, M. (2005). MPLS VPN security. Indianapolis, Ind.: Cisco ;. Bollapragada, V., & Khalid, M. (2005). IPSec VPN design. Indianapolis, IN.: Cisco Press. Curtin, M. (2005). Brute force: cracking the data encryption standard. New York: Copernicus Books. Shelly, G. B., Vermaat, M., Quasney, J. J., Sebok, S. L., & Freund, S. M. (2011). Discovering computers 2011: living in a digital world : complete. Boston, MA: Course Technology, Cengage Learning. Stallings, W. (2000). Data and computer communications (6th ed.). Upper Saddle River, N.J.: Prentice Hall. Read More