MSIT 3150-Assignment 3

docx

School

Clark University *

*We aren’t endorsed by this school

Course

3150

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

4

Uploaded by PrivateMorning9896

Report
Assignment 3 Assignment 3 School of Professional Studies, Clark University MSIT3150-01-F23 : Security Architecture & Design Professor Peter Sullivan September 15, 2023 1. Question 1 1
Assignment 3 On the Internet, encryption is critical for protecting sensitive information while also ensuring privacy and security. The practice of encoding information or data into a code to prevent unwanted access or interception is known as encryption. It means using an algorithm and a key to convert plaintext into ciphertext, which can only be decoded by someone with the appropriate decryption key. In everyone's day-to-day life, we know it or not, many systems use encryption algorithms to secure the communication. For example, online banking protects financial information from attackers during account access and transactions in online banking, with the "https://" denoting a secure connection. Email providers use encryption to secure email content, and services such as ProtonMail provide end-to-end encryption for sender-recipient privacy. In addition, encryption secures websites and encrypts data in transit, such as login passwords and payment card information, to prevent eavesdropping. Cloud storage services use encryption to protect files, frequently with client-side encryption to prevent service provider access. Furthermore, virtual private networks (VPNs) use encryption to ensure the secrecy of data transmitted by remote workers to their company's networks. 2. Question 2 Developing a safe encryption method is a difficult challenge. Cryptographers spend years creating and testing algorithms to assure the security of algorithms. Alice should be prepared for the complexities involved and aware that even slight errors can lead to severe weaknesses and exposure to information. I would personally not recommend Alice to develop her own encryption algorithm. I would advise Alice to assess if her project needs this new algorithm or whether she can achieve her objectives using a well-known and secure encryption algorithm such as AES. For several reasons, creating a new algorithm has more drawbacks than benefits for Alice. 2
Assignment 3 Lack of usage: AES and RSA have been developed for many years and are well known for their security and functionality. When developing a new algorithm, Alice would need to learn what weaknesses and vulnerabilities the algorithm has. Integration: Alice should also consider how this new encryption algorithm will be integrated into the travel agency software; for many experts, this is a hugely challenging task to achieve by herself. Compliance: There are many regulations that Alice should consider on how her new algorithm will comply with these regulations and laws. Software developers may improve security and boost user confidence by making hash verification a regular practice. Vendors enable customers like Omar to independently check the integrity of downloaded files by including a cryptographic hash value, such as SHA-256, or SHA-512, in their original software packages. 3. Question 3 Software vendors should use hash verification as a routine practice by providing Omar with a cryptographic value for each piece of software. By including a cryptographic hash value, such as SHA-256, in their original software packages, software vendors allow Omar to validate the integrity of downloaded files independently. If those are compared and verified, then Omar can proceed with installation. In cases where the hashes don't match, it means that there is a possibility of unauthorized modifications, and Omar could notify and report the issue to the vendor software. Cryptographic hash values are used for many other benefits, such as password storage and digital signatures; in this case, Omar benefits from data verification for his work. 4. Question 4 3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Assignment 3 Franklin should ask for more information about the application's password policies, storage, and transmission methods when meeting with the PlusWare developer to ensure proper security practices are in place, such as implementing strong password criteria, encrypting and salting stored passwords, using HTTPS/SSL connections, implementing multi-factor authentication, and having brute force attack safeguards. In addition, Franklin should advocate introducing restrictions to prevent users from using common passwords, prompting them to set unique passwords, and integrating a credible password manager solution into PlusWare to enable and promote the usage of strong, different passwords across all platforms. Password Manager assures that the actual passwords are safe even if the database is compromised. It is critical to ensure that PlusWare has a robust and up-to- date password hashing algorithm, as older or weaker algorithms, such as MD5 or SHA-1 are more vulnerable to brute force and rainbow table assaults. 4

Related Documents

Case Study week main 3.docx
Screenshot 5.8.2 2.png
assignment3_MECHTRON_3X03.pdf
HomeWork1_ML_Assignment.pdf
McCurley-Shimer_Assignment #4.docx
MSIT 3150 - Quiz 5.docx
Textbook Assignment 3.docx
McCurley-Shimer_Assignment #2.docx
McCurley-Shimer_Assignment #2.docx
Lab 5 - Stego.docx
McCurley-Shimer_Assignment #3.docx
McCurley-Shimer_Assignment #1.docx
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS