EMCS – Network Security
This is considered to be your final project of the required EMCS Network Security 2020. The project will give you the individual ability and confidence. You will be able to learn problem-solving skills in area of network security analysis, fabrication and testing.
In this project, you will be tested to apply the knowledge learned over the course in order to develop solution for different scenarios.
Number of scenarios will be presented, and you need to design solution for these systems. As a Network Security Administrator, justifying methods would be important.
You are required to research and report on this topic according to the Detail of Question below.
A. This country allows patients to access their own medical records. To implement this online, a database system is needed to store medical records, and it is connected to the Internet.
1. Design a solution to allow the system to securely send a large medical record to its associated patient (e.g. by email) upon his/her request.
2. The record should be sent efficiently with the assurance of message secrecy, integrity and authenticity.
Outline of Problem
Detail of Questions
3. Any cryptographic methods could be used, however, justify your choice.
B. Alice works for a, financial company. She regularly works from home and transfers files of private/sensitive financial data between her home computer and the company’s file server, Bob, which is connected to the Internet through the company’s network. The files transferred often contain large amounts of data.
1. Identify two security requirements for the protection of communications between Alice and Bob, and explain why these two requirements are essential.
2. Design a secure communication protocol that allows:
• Alice to request a private file from Bob
• Bob to respond by sending the requested file to Alice, where both symmetric and asymmetric (or public-key) cryptosystems including secure hash functions are available for the protocol design.
• Explain how the designed protocol operates.
3. Justify how the protocol produced in B (2) satisfies each of the two security requirements identified in B (1).
C. A personal health monitor worn by a patient transmits collected health data through wireless communication to a software system P to produce the patient’s health monitoring reports. P is supposed to run on a trusted network host in the vicinity of the patient’s location. Another software system G used by the patient’s GP (or doctor) operates on a networked computer or a mobile device such as PDA (Personal Digital Assistant). G can request the latest health monitoring report from P to allow the GP to check the report and take necessary actions when needed.
1. Identify two security threats to the communications between the two systems P and G mentioned above and explain the consequences that could be caused by each of the identified threats.
2. Clearly, a communication protocol is needed to allow system G to request and read the patient’s private health monitoring reports from system P. Note that the protocol is permitted to use any (symmetric and/or asymmetric) cryptosystems including secure hash functions.
o Design such a protocol. State any assumptions you have made for the design, and explain how the designed protocol operates.
3. Justify how the designed protocol can prevent each of the two security threats identified in C (1).
D. E-mail is a critical Internet application. However, as more people join the Internet, concerns over privacy are mounting. PGP (Pretty Good Privacy) tries to combat these concerns.
1. Explain how PGP can achieve the confidentiality, integrity and authenticity of an e-mail message.
2. Discuss why trust management is essential to PGP public-key rings, and what relationships exist among the four fields of a public-key ring: Owner Trust, Key Legitimacy, Signature(s), and Signature Trust(s).
E. The Firewall function of a Router is made up of rules. By using Firewall Rules, form the below rules:
1. Block a website IP address from accessing your Wifi.
2. Block your browser from sending or receiving network traffic from your device.
3. For both rules: o Present the steps and explain your choices. o Test the rule and display the output to support your rule.
A report following the structure outlined in ‘Detail of Questions’ above. All sources of information MUST be referenced. You can choose one part from have Part (A) or (B) or (C) but you have to answer (D) & (E) Therefore, by handing this assignment 3 questions in total with their answers would be submitted.
– While solving part (A), (B) , (C) You can: o Create your own assumptions if needed.
o Indicate the algorithm component that been chosen. – While solving part (D) you have to: o Support your answer
– While solving part (E) you have to: o While naming the rules use this format: block “website name”. block
o Indicate the steps were used o Present screenshot for the steps.
o Present the final output
What you should hand in
Other information Plagiarism
Such a cheap price for your free time and healthy sleep
All online transactions are done using all major Credit Cards or Electronic Check through PayPal. These are safe, secure, and efficient online payment methods.