NETWORK SERCURITY & CRYPTOGRAPHY

MCC Training Institute (Yangon) Level 5 Diploma in Computing

NETWORK SERCURITY & CRYPTOGRAPHY Nursing Home for Old People

CREATED BY AUNG ZAY YANCC EDUCATION

NCC Education

Level 5 Diploma in Computing

Network Security and CryptographyCentre Name : MCC - Yangon

Assignment Title : Nursing Home for Old PeopleExam Cycle : September 2015Candidate Name : Aung Zay YaNCC Education ID No. : 00155002Submission Date : - :

Markers Comment :

Moderators Comment :

Mark: Moderated Mark : Final Mark :

Statement and Confirmation of Own Work

Each time you submit an assignment you must attach this statement as the cover page for both the hard copy and the electronic version. If the statement is missing your work will not be marked.

Student Declaration

I have read and understood NCC Educations Policy on Academic Dishonesty and Plagiarism.

I can confirm the following details:

Programme/Qualification Name:Level 5 Diploma in Computing

Computer CComputer Studied

Student ID/Registration number:00155002

Name:Aung Zay Ya

Centre Name:MCC Yangon

Module Name:Network Security and Cryptography

Module Leader:U Tin Naing Htwe

Number of words:1749

I confirm that this is my own work and that I have not plagiarised any part of it. I have also noted the assessment criteria and pass mark for assignments.

Due Date:-

Student Signature:Aung

Submitted Date:-

Table of Contents3Table of Contents

4Introduction

5Acknowledgement

6Task 3

63 (a) Data storage and transfer

63 (a) (i). Data protection issues for

63 (a) (ii). Protection plans for data stored on Web servers and transmitted data

73 (a) (iii).Alternative Secure Architecture to secure delivery Nursing Home for Old People

83 (b) Network users will be authenticated, Data will be transmitted between server and over the internet, the network will be monitored for vulnerabilities and vulnerabilities will be removed

83 (b) (i).User authentication methods

83 (b) (ii).Discarded User Authentication Method

93 (b) (iii).Privacy and security of data transmitted between servers methods plan

93 (b) (iv).Discarded privacy and security of data transmitted methods plan for other security Encryption

103 (b) (v). Security vulnerabilities monitoring and vulnerabilities removing

113 (c) Reflective commentary

12References

IntroductionI am Aung Zay Ya.I am a Level 5 Diploma in computing student. I am attending at MCC (Myanmar Computer Company) Yangon Campus. We must study eight subjects in the whole year. These subjects are Professional Issues in IT (PIIT), Analysis, Design and Implementation (ADI), Information System Analysis (ISA), Networking Security and Cryptography (NSC), Agile Development (AD), Dynamic Website (DW), Database Design Development (DDD) and Project. I have to study four subjects in first semester. These subjects are Professional Issues in IT (PIIT), Analysis Design and Implementation (ADI), Information System Analysis (ISA) and Networking Security and Cryptography (NSC). All of these subjects have assignment. Therefore, I am doing this (NSC) assignment and the title is Nursing Home for Old People

The application is about building of Nursing Home for Old People of network. The purpose of the application is used for all old people, staff. In our Nursing Home is provided by only manual processing. So I will cover with my computerize application. In new application has provided by network access, storage space and access to a range user permissions. All network buildings is aimed for all old people, staff. It is provided by the all old people for controlling health and medical care resource Centre. For all members, it can use wireless access. In my project, I explain about the project how to do and how to control the network station detail.

Acknowledgement

My dream was IT (Developer) since my childhood. Now, I can learn IT courses of NCC Education (Nation Computing Center), UK at MCC Company Ltd of Myanmar. We are able to get their latest and updated information about the computer studies. We are having high quality learning because of NCC education and teachers.

Firstly, we are very thankful to all our teachers from MCC who teach us with understanding. Among them, I thank very much to our Networking Security and Cryptography (NSC) teachers U Tin Naing Htwe. They taught us every lecture, assignment and explain what we dont understand. Secondly, I thank all our teachers from MCC. Thirdly I thank MCC company services and staffs for supporting in our assignment. Finally, I thank very much who we should for everything to improve in IT. Task 3

3 (a) Data storage and transfer3 (a) (i). Data protection issues for

Hackers, Viruses,Spam, Spyware and threats are enabled attack your personal data through theInternet.

Data transmissions are any process. It makes to transport information of any typeof methods.All data are transmitted from Sender to receiver on separate communication lines.Moreover,Client sent to server with infects content. So, Server must be protected.

Multiple file typesare sending between server and client. Servers send to client Text or Image. It may cause multiple security threats. Nursing Home for Old People use website to register fees. Thiswebsite canhack data and then,there may be loss of money.

For example, Mozilla software is very confuse, they don't see their security holes. So, Hacker are detectsthis is not good for Mozilla.

Multiple clients are connected with server by multipleconnections.Server get attack and compromise by virus and spyware, etc., andthen many users will be effected by it.

Personal computer and Internet can be used without Anti-Virus Software.Itmay be used without updating. You should use updated Anti-Virus software, it can delete or remove latest virus.

Some untrained users may be made variety mistakes when using online Nursing Home for Old People Application.

This service organization is necessary to regular auditing for Internet.

3 (a) (ii). Protection plans for data stored on Web servers and transmitted data

EFS (Encrypting File System)

Each Operating System contains encryption system originally. This windows feature is called EFS (encrypting file system). EFS store the data in Hard disk by the encrypted way. EFS can use to protect the data until across the network. You can act such as hidden disk by creating invisible folders within disk. Disk can be encrypted (E.g. flash drive) and it canthat allow encryption require disk.

SSL(Secure Socket Layer)

It supports tosecure between server and browser and also provide the data transmission security. SSL uses TCP to support consistent and secure end-to-endrelationships. SSL is not a single protocol. Itis two layers of protocol. SSL connections are transient to support a relevant service. Each SSL connection is combined7 with a session.

Stateless Filtering

It has a simple instruction. Thats easy to implement. But, itis not flexible. Filtering process is dumb applies a set of static rules to every packet. It does not store any results from previous packets. No intelligence or learning built into the stateless filtering system.

3 (a) (iii).Alternative Secure Architecture to secure delivery Nursing Home for Old PeopleEncrypting files

Encryption file system can support most operating systems. Window OS has Encryption File System (EFS) feature. It can be stored information on the disk by encrypted format. EFS file use only to protect storing data.

Encrypting Disks

These are packages to allowencrypt of an entire disk and it locks the whole data of a disk data or disk partition.Data are auto encrypted whenit is written to the hard disk.Data Back-up

It methods contain to protect data in the case of a hacker successfully gaining access. This Nursing Home for Old People will need to data back-up for sensitive information in their database. These are many packages that allow for automated back-up of data. Enterprise databases include back-up facilities as part of the DBMS.

Access Control Mechanisms

Access control mechanisms can be used to set access permission to: groups of networks users, individual network users, and other machines on the network. These mechanisms can set permissions for folders, sub-folders and individuals files.

3 (b) Network users will be authenticated, Data will be transmitted between server and over the internet, the network will be monitored for vulnerabilities and vulnerabilities will be removed

3 (b) (i).User authentication methods

For user login verification, uses verification phone number. To make authentication for Nursing Home for Old People uses your phone number.Need to correct enter of your phone number. And then, they can play send confirm code or calling toyou. Finally, you can use Nursing Home for Old People.Use User Name & Passwords for user login. Nursing Home for Old People Company uses your username and password. They will check this username and password is or not the same with existing username in database. This username and password does not exist in database you cannot enter the Nursing Home for Old People application.Use Email for user login. Your email is used to your email to send validate link from Nursing Home for Old People Company. You can be entered in Nursing Home for Old People from this link.

3 (b) (ii).Discarded User Authentication MethodBiometrics

It authentication methods used to recognize the different characteristics of human. It prevents access unauthorized user to the network. It can also use more than one trait (e.g Physical traits and Behavioral traits)

Fingerprints

Fingertips have ridges and valleys.Thats different to that fingertip. It is used by police for a long time. It also used most common biometric method. It is available for laptops and personal computers.

Face Recognition

It captures the facial image in the visible spectrum. It can use a standard camera and also use central portion of face. An alternative version captures an infra-red image of the heat emitted by a face. But, it is avoided changing features such as hair.Speech RecognitionSome speech features arediffering between persons. These speech features are checked of the speaker and also produced reflect the anatomy of the speaker. These patterns are reflected the patterns of speech such as a result of location, peers, language.

3 (b) (iii).Privacy and security of data transmitted between servers methods planIP Sec Authentication Header (AH) supports authentication services. It is verified the originator of a message and also verifies that the data has not been change on route. It makes available protection in contrast torerun attacks. It ensures integrity but not privacy for data transmission between servers. Using ESP, datagram can be further protected and encrypts the payload of the IP datagram.

SSL(Secure Socket Layer)SSL maintains the integrity of information. If encryption and message digests are applied to the information being sent.During transmission, thereceiver can determine that it was not damaged.Hyper Text Transfer Protocol Secure(HTTPS)HTTP is used to create secure communication between a Web browser and Web server. So, it used in Nursing Home for Old People Register by fees. It is built into modern browser.Itsupports website authentication and web server communicating. It is required server to support HTTPS communication such as at the time of writing; the Google search engine does not support connections via HTTPS. The main task of HTTPS is protected wiretapping and man-in-the-middle attacks. 3 (b) (iv).Discarded privacy and security of data transmitted methods plan for other security Encryption

Encryption includes transforming messages to make legible only for the recipients.Encryptionis the method of interpreting theplain textintocipher text. Encryption algorithmmentions to the stages that a PC receipts to turn plain text into ciphertext. It is a better system that permits you to send several messages. It also permits any message to be transmitted. So, this encryption system is very valuable.Access control

Network traffic is in the form of IP/TCP/UDP packets. These packets of header contain information to source and destination of the packets. Moreover, routing devices are used the source and destination address to route traffic through the network. These addresses can be used to create access control rules. The order of the rule is important. The plan should be a tool for managing all of the resources that prevent unauthorized access such as checking log files, tools updated, plans and procedures reviewed. TCP

It protocol is used to data transfer. It is provided to safeguard data moving.Often, the entire suite is called TCP/IP. TCP supportsthe error-checked delivery of a torrent between programs running. At the transport layer,TCP data are used to destroy.IP

Most important network protocol also contains Internet Protocol(IP). It is a network layer protocol. It is

Internet Protocol (IP) is the most important network protocol. IP is a network layer protocol. It is showed the data transmission of packages from a home machine to a target. Up to 64Kb long from one place to the another place, data is lost into packets during data transmission. The packages are permitted to get their targetsome traffic of program and reach in some order. Because, all IP packets will be carried the routers along the way. IP packet contains two addresses. They are the home address and the target address.

User Datagram Protocol (UDP) UDP does not guarantee A Package sent from the US to other parts of the program, I decided tellthing hear until you get an indication of this, TCP is absolutely functioning medium-Internet Protocol and User Datagram Protocol it. you can get almost the same services. It is suitable for both TCP and standardized way. This is not the burden of Annex customer floodrule Router UDP rather carelessly.UDP is no guarantee. Or, listening to this, but neither has he kept to the end he decided to something of the order of the progression of the package delivered by the A bis, that no symptoms.3 (b) (v). Security vulnerabilities monitoring and vulnerabilities removing

In a system or network has a flaw or a weakness security. Vulnerability causes from new software, hardware, organisation procedures, personnel and physical environment. The Internet rapidly spreads the knowledge of these flaws and increases the likelihood of them being quickly exploited.All networkswill containvulnerabilities. Therefore managingthese vulnerabilities and therisks associated withthem is a key taskof network management.The Port Scanner software to be a server or host for open ports probe. It is often used by administrators to monitor the security of their networks by hackers to identify services with the aim of compromising.3 (c) Reflective commentary

Using Password, The right to use your password, you do not need special equipment. The name and passwordUsing SSL(Secure Socket Layer), supports safe and approved the connection between server and browser. It also supports road safety. SSL uses TCP to create a stable and secure peer-to-peer services.

Using IP Sec Authentication Header (AH) provides authentication. Check germs message. Verifies, these changes do not true. route. Provides order to prevent attacks

Using Transmission Control Protocol (TCP), Move Control Protocol (TCP) TCP reliable means for the organization and the local area network, intranet or the public Internet in a program that runs on a computer connected to a stream of bytes used for error checking Apple.Hyper Text Transfer Protocol Secure(HTTPS), To ensure safe delivery, (HTTPS) protocol, hypertext transfer protocol record. Https communication and testing provides web server and web site.Using Smart Cards to authenticate users to transfer very easily. PIN or password can be used.References

www.wikipedia.org Network security and cryptography lecture notes by NCC

00155002_AUNG ZAY YA NSC ASSIGNMENT1