N/A
Nangeh
Template.docxI. IT Systems Architecture
a. Architecture of IT Systems
b. Types of Threats
c. Security Mechanisms
d. Table
i. Column 1 (Components)– Lan Security, Identity Management, Physical Security, Personal Security, Availability, Privacy
ii. Column 2 (Common Threats) – Name the threats that are common to the components listed above.
iii. Column 3 (Likely or Unlikely) – Use a X to indicate if the threat is likely or unlikely to your organization
iv. Column 4 (Security Mechanisms) – List the security mechanisms that would mitigate these attacks.
v. Colum 5 (Encryption) – List any of the encryption technologies that can be used to protect the components from Column 1. (These technologies are listed in Step 3 of the project).
e. Cyberattacks
i. Theft of sensitive date
1. Security defenses against these attacks
ii. Gaining unauthorized access
1. Security defenses against these attacks
iii. Sniffing passwords
1. Security defenses against these attacks
II. Plan of Protection
a. Information – describe the process to information transmission, storage and usage. This would just be a brief synopsis of how information is transmitted (different components needed for this), as with storage and usage. Then in the below describe how you would protect information in the following:
i. Identity
ii. Access
iii. Authorization
iv. Non-repudiation
b. Cryptographic Program
i. Files
ii. Network
iii. Databases
iv. Email
c. Cryptography
i. Steganography
1. Benefits
2. Risks
ii. Encryption/Decryption
1. Benefits
2. Risks
III. Data Hiding Technologies
a. Encryption Technologies
i. Shift/Caesar Cipher
ii. Polyalphabetic Cipher
iii. One Time Pad Cipher
1. Vernam Cipher
2. Perfect Cipher
iv. Block Ciphers
v. Triple DES
vi. RSA
vii. Advanced Encryption Standard (AES)
viii. Symmetric Encryption
ix. Test Block Coding
b. Data Hiding Technologies
i. Steganography
ii. Digital Watermarking
iii. Masks and Filtering
IV. Creating the Network Security Vulnerability and Threat Table
V. Access Control based on Smart card Strategies
a. Access Control
b. Common Access Card (CAC)
c. CAC Deployment Plan
i. Deployment Strategy
ii. Cryptographic Solutions for CAC
iii. Identity Management and CAC
VI. The Email Security Strategy
a. Private Key Pairing
i. Authentication
ii. Non-repudiation
iii. Hashing
1. Integrity
b. Public Key Infrastructure (PKI)
c. Mobile Device Encryption
i. iOS Encryption
ii. Blackberry Encryption
d. Pretty Good Privacy (PGP) Algorithm
e. Digital Signature
Project 5 Deliverable
I. Title Page
II. Abstract
III. IT Systems
a. Architecture
b. Type of Attacks
c. Security Mechanisms
d. (Insert Table)
IV. Protection Mechanisms
a. Information Protection (explain why the below areas need information protection)
i. Identity
ii. Access
iii. Authorization
iv. Non-repudiation
b. Cryptography Protection
i. Types (for each type list benefits and risks. Refer to step 2 and 3 for different types).
1. Benefits
2. Risks
3. Recommendation (Recommend which protection is best for your organization)
V. Common Access Cards (CAC) Deployment Strategy
a. Common Access Cards (CAC) (describe what this is)
b. CAC Deployment Plan (describe the deployment strategy)
i. Cryptographic Solutions for CAC
ii. Identity Management and CAC
VI. Email Security Strategy
a. Encryption Protections (describe why email security is important)
i. Type (list at least 3 email security technologies)
1. Benefits
2. Risk
3. Recommendation
VII. Conclusion
VIII. References
References
National Institute of Standards and Technology, US Department of Commerce. (1994). Specifications for guideline for the analysis local area network security (Federal Information Processing Standards Publication 191). Retrieved from http://www.nist.gov/itl/upload/fips191.pdf
Souppaya, M., & Scarfone, K., National Institute of Standards and Technology, US Department of Commerce. (2012). Computer security: Guidelines for securing wireless local area networks (WLANs): Recommendations of the National Institute of Standards and Technology (NIST Special Publication 800-153). Retrieved from http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-153.pdf
Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Computer security: Guide to cyber threat information sharing.(NIST Special Publication 800-150, 2nd draft). Retrieved from http://csrc.nist.gov/publications/drafts/800-150/sp800_150_second_draft.pdf
Dworkin, M. (2001).Computer security: Recommendation for block cipher modes of operation.. U.S. Department of Commerce, National Institute of Standards and Technology. Retrieved August 8, 2016, from http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
Barker, E., National Institute of Standards and Technology, US Department of Commerce. (2016). Computer Security: Recommendation for key management (NIST Special Publication 800-57, Part 1, Revision 4). Retrieved from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
Barker, E., National Institute of Standards and Technology, US Department of Commerce. (2016). Computer Security: Recommendation for key management, Part 1: General (NIST Special Publication 800-57, Part 1, Revision 4). Retrieved from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
Barker, E., Chen, L., & Moody, D. National Institute of Standards and Technology, US Department of Commerce. (2014). Recommendation for pair-wise key establishment schemes using integer factorization cryptography (NIST Special Publication 800-56B, Revision 1). Retrieved from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br1.pdf
National Institute of Standards and Technology, US Department of Commerce. (2001). Announcing the advanced encryption standard (AES) (Federal Information Processing Standards Publication 197). Retrieved from http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Barker, E. (2016). Computer security: Recommendation for key management (Special Publication 800-57, Part 1). U.S. Department of Commerce, National Institute of Standards and Technology. Retrieved August 8, 2016, from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
Defense Human Resource Activity (DHRA). (n.d.). Common access card (CAC). Retrieved August 8, 2016, from http://www.cac.mil/common-access-card/
Defense Human Resource Activity (DHRA). (n.d.). Common access card (CAC) security. Retrieved August 8, 2016, from http://www.cac.mil/common-access-card/cac-security/
Kuhn, D. R., Hu, V. C., Polk, W. T., & Chang, S., National Institute of Standards and Technology, U.S. Department of Commerce. (2001). Introduction to public key technology and the federal PKI infrastructure (SP 800-32). Retrieved from http://csrc.nist.gov/publications/nistpubs/800-32/sp800-32.pdf
Apple Inc. (2016). iOS security. Retrieved from https://www.apple.com/business/docs/iOS_Security_Guide.pdf
BlackBerry. (2015). BBM security note. Retrieved from http://help.blackberry.com/en/bbm-security/latest/bbm-security-pdf/BBM-Security_Note-1336480397548-en.pdf
BlackBerry. (n.d.). BBM Protected: Enterprise grade encryption for BBM messages between iPhone, Android and BlackBerry smartphones.. Retrieved from http://us.blackberry.com/enterprise/products/bbm-protected.html
Project 5 Outline
I.
IT Systems Architecture
a.
Architecture of IT Systems
b.
Types of Threats
c.
Security Mechanisms
d.
Table
i.
Column 1 (Components)
–
Lan Security, Identity Management, Physical
Security, Personal Security, Availability, Privacy
ii.
Column 2 (Common Threats)
–
Name the threats that are common to the
components listed above.
iii.
Column 3 (Likely or Unlikely)
–
Use a X to indicate if the threat is likely
or unlikely to your organization
iv.
Column 4 (Security Mechanisms)
–
List the security m
echanisms that
would mitigate these attacks.
v.
Colum 5 (Encryption)
–
List any of the encryption technologies that can
be used to protect the components from Column 1. (These technologies
are listed in Step 3 of the project).
e.
Cyberattacks
i.
Theft of sensitive
date
1.
Security defenses against these attacks
ii.
Gaining unauthorized access
1.
Security defenses against these attacks
iii.
Sniffing passwords
1.
Security defenses against these attacks
II.
Plan of Protection
a.
Information
–
describe the process to information transmission,
storage and usage.
This would just be a brief synopsis of how information is transmitted (different
components needed for this), as with storage and usage. Then in the below
describe how you would protect information in the following:
i.
Identity
ii.
Access
iii.
Authorization
iv.
Non
-
repudiation
b.
Cryptographic Program
i.
Files
ii.
Network
iii.
Databases
iv.
c.
Cryptography
i.
Steganography
Project 5 Outline
I. IT Systems Architecture
a. Architecture of IT Systems
b. Types of Threats
c. Security Mechanisms
d. Table
i. Column 1 (Components)– Lan Security, Identity Management, Physical
Security, Personal Security, Availability, Privacy
ii. Column 2 (Common Threats) – Name the threats that are common to the
components listed above.
iii. Column 3 (Likely or Unlikely) – Use a X to indicate if the threat is likely
or unlikely to your organization
iv. Column 4 (Security Mechanisms) – List the security mechanisms that
would mitigate these attacks.
v. Colum 5 (Encryption) – List any of the encryption technologies that can
be used to protect the components from Column 1. (These technologies
are listed in Step 3 of the project).
e. Cyberattacks
i. Theft of sensitive date
1. Security defenses against these attacks
ii. Gaining unauthorized access
1. Security defenses against these attacks
iii. Sniffing passwords
1. Security defenses against these attacks
II. Plan of Protection
a. Information – describe the process to information transmission, storage and usage.
This would just be a brief synopsis of how information is transmitted (different
components needed for this), as with storage and usage. Then in the below
describe how you would protect information in the following:
i. Identity
ii. Access
iii. Authorization
iv. Non-repudiation
b. Cryptographic Program
i. Files
ii. Network
iii. Databases
iv. Email
c. Cryptography
i. Steganography
