Network Security and Cryptography – Data protection, Information security

Data Protection issues, Method of ensuring information security, Plans for secure data storage, Plans for secure data transfer, authentication methods, security vulnerability

Data Protection Issues :

Unauthorized access:
Gaining access to the network by unauthenticated user makes the leakage of data. So, all the staff should be trained for preventing unauthorized access of data.

Untrained users:
Lack of proper training to the users about the importance of data and data protection plan, there can be leakage of data.

Weak password:
Weak password such as dictionary word, easily guessable password makes easy for unauthorized users to access the network which may cause data leakage.

Use of unauthorized application:
The malicious content inside the unauthorized application may cause the data leakage. So, only the authorized application should be used in the system.

Poor access control mechanism:
If all of the types of users are given full control over the data then there will be security threat. So, the access control mechanism should be made according to the type of user.


Method of ensuring information security that have been created is discussed below:

Plans for secure data storage:

Back up data:
Data backup should be kept in different geographical location with strict access control mechanism.

Access Control:
Strong access control plan should be made. Packet filtering, Intrusion Detection System, etc. can be used to prevent from unauthorized access to the network. Staff members and

Disk Encryption:
Software and Hardware tools are used to encrypt part of disk or whole disk with the aim of preventing unauthorized access.

Authentication:
Multifactor authentication can be used for the security of data. Authentication ensures the accountability of users.

Staff training:
The trained staffs can be aware about the importance of data security. So they will be preventing the unauthorized access to data.

Plans for secure data transfer:

File Encryption:
Only the encrypted file should be transferred from the network. So, that only the cypher text can be viewed when someone is trying the access any of the packets.

Use of VPN:
A separate tunnel is made to have a communication through the internet which is called Virtual Private Network. VPN avoids the unauthorized access to the network. It ensures authentication, integrity, confidentiality, and access control.

Network firewall:
As firewall is the first line of defense for network, it prevent intruders from gaining access to the network. It checks the incoming and outgoing traffic to and from the network and blocks on both directions as per the rules defined on it.

Use of SSL (Secure Socket Layer):
It creates a secure connection between staff’s web browser and server of national data center. By encrypting all the information which is send through web browser, it ensures data confidentiality.

Alternative data protection method

Use of private network:
Leased line circuit can be to make the data transfer more secure. As internet is not involved whilst transferring the data, it is secure.

Increase Bandwidth:
When the bandwidth is increased, packet traffic analysis is prevented to some extinct.

Cloud Computing:
Data can be protected by placing it securely in the cloud. Different data centers in the world, offers this service.

Use of Digital Certificate:
By the use of digital certificate data integrity is ensured. As Certificate Authority (CA) issues certificate and verify the identity of the owner to a standard by signing the certificate, it is expansive.

Authentication method plan:

Multifactor authentication
Multifactor authentication can be used to ensure the accountability of the users.

Password
It is the common and widely used authentication method. Only the authorized users who knows the security key can access the system.

Fingerprint scanning
It is one of the biometric authentication method where finger prints are used to identify and validate the authenticated users.

Smart Card
Smart card allow nurses getting information about the old people and give proper treatment according to the requirement.

Other user authentication method

Iris Scanning
It is one of the biometric authentication method where the pattern in the colored area around the pupil of the eye is used for identification of uniqueness.

Face Detection
Visible spectrum and infra-red spectrum are used to record heat signature of face.

Speech Recognition
It can be more useful in authenticating the blind users. The speech of individuals is recognized by the pattern of speech.

Writing signatures
Writing pattern is matched in this type of authentication method. It is used in authenticating the signatures in cheque.

Typing patterns
By measuring the way of typing password via typing speed, interval time between individual characters, a user is authenticated.

Other security methods:

Use of Wired Equivalent Privacy (WEP):
It aims to prevent unauthorized access to the network by encrypting wireless traffic. It is less secure than WPA.

Use of HTTPS:
Here HTTP is used over SSL. The URL of requested document is encrypted with HTTP header. All the content in the form of a website are also encrypted.

Use of RADIUS (Remote Authentication Dial-In User Service):
It is a networking protocol providing centralized authentication. It is an alternate option for making secure communication from tablets to central database in Nursing Home for Old People.

Discussion on security vulnerability:
Security vulnerability is the weakness in the network by which unauthorized access in the network is emphasized. Some of the reasons causing security vulnerability are discussed below:

– Untrained staffs
– Implementation of new software
– Poor access control mechanism
– Poor password policy
– Default setting of operating system

There are several ways of monitoring security vulnerability which are discussed below:

Use of port scanner:
Port scanner is a software that probes for open ports. It is used by network administrator to test the network.

Use of Network scanner:
It is used to resolve host name, auto detect internal and external IP address, discover share folders.

Regular testing:
Network should be tested regularly by network administrator to find the security vulnerability in the network.

Traffic analysis:
Traffic analysis helps in monitoring the possible security vulnerability in the network.

Network vulnerability will be removed by the following methods:

Staff training:
Staff should be trained about secure networking.

Regular updates:
Operating system and applications should be regularly updated.

Strong access control plan:
Access control plan should be strict. Only the authorized user should give access to the network.

Use of anti-virus software:
Anti-viruses and internet security can be used to prevent malware in the system.