Network Security | homework crew
[ad_1]
AimsThis assignment aims to establish a basic familiarity with network security topics via analysing,designing, and implementing solutions.Questions1. Network SecurityA bank system, including the internal and external sub-systems, is used by different users.Based on the security requirements, these accesses should be protected in different waysdepending on access methods. We will focus on network security for internal and externalaccess to the bank system in this task.• There are two types of users: bank customers and bank employees.• The bank system provides a range of services, such as personal savings, bankstatements, money transfer, internal message management, and accountmanagement.• As a customer, it is allowed to use web browsers to access the bank website and maketransactions.• A customer can also use the mobile app to access the services. In this case, thecustomer is likely to use a mobile network or WiFi connection.• As a bank employee, it is allowed to access the bank system via the website or desktopapplication.• When an employee is travelling for business, it may need to connect the bank serversvia a secure connection.Your task.a. Consider the security of the above system, discuss two potential security issues andprovide countermeasures.For each of the issues, specify the related security service(s), attack(s) andmechanism(s). The demonstrated issues must not relate to the same securityservice(s). (2 marks)b. Consider that a bank employee requests to modify a bank customer’s daily cashtransfer limit. Briefly describe the essential security-related step(s) that demonstratethe security checks for the operation. For each step, specify the aimed securityservice(s). (2 marks)c. An employee accesses the internal system with proper authentication andauthorisation. Consider Kerberos, SAML, and OAuth, which one is better for internalsystem authentication and authorisation? Justify your answer. (3 marks)d. To provide secure connection services for the travelling employees, which of IPSec,SSL/TLS, and SSH, would be a better option? Justify your answer. (3 marks)2. Programming TaskA client and a server are planning to do data exchange. They decide to use a simplified SSLhandshake (see Figure 1) to establish a secure channel (session key) then exchange data. Thesimplified SSL handshake removes the messages for alert, change cipher spec, certificate, etc.FAQ1. What is about the “Setup_Request: Hello” message?It is just the text “Hello” that initiates the setup phase.2. Can I use modpow() (or some function like that from the library) for modularexponentiation computation?No. You need to implement the function based on the pseudocode in Lab 2.3. What are the identities like IDs?They are random character/number string of your choice.4. Which is the shared session key for (CTR-AES256) encryption and HMAC?It is k ′.5. Can I use the “CTR” encryption mode from the library?No. You need to implement CTR encryption and decryption processes.6. What should I send for the data exchange demonstration?Anything, as long as 64 bytes of each message.7. Can I use the external cryptography library?Yes, but you have to implement the required components.8. Can I reuse the code from the labs?Yes
"96% of our customers have reported a 90% and above score. You might want to place an order with us."
