1. Let us consider an application where we need to run a secure Information Management System. We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised. Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself. Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen. i. Based on your knowledge in computer security, which cryptographic mechanisms would you implement in order to run the system as required and why? Explain how the chosen mechanism can be used. ii. Which cryptographic mechanisms would you implement in order to protect the usernames and passwords and why?
1. Let us consider an application where we need to run a secure
We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised.
Your job as
Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole
i. Based on your knowledge in computer security, which cryptographic mechanisms would you implement in order to run the system as required and why? Explain how the chosen
ii. Which cryptographic mechanisms would you implement in order to protect the usernames and passwords and why?
Step by step
Solved in 2 steps