Posted: February 28th, 2023

project 4

see attach

In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in future enhancements to system and data access protection. This may help you define long-term solutions for your leadership.

Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan.

The deliverables for this project are as follows:

1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format. Page count does not include diagrams or tables. The report must cover the following:

· network security and threat table

· Common Access Card deployment strategy

· email security strategy

Topic: Cryptography

I. Introduction

II. IT Systems Architecture

a.

LAN Security

b. Identity Management

c. Physical Security

d. Personal Security

e. Availability

f. Privacy

g. Cyberattacks

i. List the attacks likely to affect the organization

ii. What security defenses we use to mitigate these attacks

III. Data Hiding Technologies

a. Hiding Technologies

i. Information Hiding

ii. Digital Watermarking

iii. Masking and Filtering

b. Encryption Technologies

i. Shift/Caesar Cipher

ii. Polyalphabetic Cipher

iii. One-time pad cipher/Vernam cipher/perfect cipher

iv. Block Ciphers

v. Triple DES

vi. RSA

vii. Advanced Encryption Standard (AES)

viii. Symmetric Encryption

ix. Texture Block Coding

IV. Plan of Protection

a. Steganography

b. Explain how an organization can monitor, identify, and remedy embedded files

c. Provide recommendations to include nonrepudiation options

d. Explain the plan to protect identity, access, authorization and nonrepudiation of information transmission, storage and usage

V. Common Access Card deployment strategy

a.

VI. Email Security strategy

a.

VII. Conclusion

You are a senior-level employee, and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization. Remember that your deliverables should include proper citations.

Leadership is not familiar with the architecture of the IT systems, nor are they familiar with the types of threats that are likely or the security mechanisms in place to ward off those threats. You will provide this information in tabular format and call it the Network Security and Vulnerability Threat Table. Refer to this 

threat table template

 for guidance on creating this document.

Before you begin, select the links below to review some material on information security. These resources will help you complete the network security and vulnerability threat table.

·

LAN security

·

availability

Now you’re ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely:

· LAN security

· identity management

· physical security

· personal security

· availability

· privacy

Next, review the different types of cyberattacks described in the following resource: 

cyberattacks

. As you’re reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table.

You will describe to your organization the various cryptographic means of protecting its assets. Select the links below to review encryption techniques and encryption technologies, then provide your organization with a brief overview of each.

Encryption technologies

1.

shift/Caesar cipher

2.

polyalphabetic cipher

3.

one-time pad cipher/Vernam cipher/perfect cipher

4.

block ciphers

5.

triple DES

6.

RSA

7.

Advanced Encryption Standard (AES)

8.

symmetric encryption

9.

texture block coding

Data Hiding Technologies

1.

information hiding

 and steganography

2.

digital watermarking

3.

masking and filtering

These descriptions will be included in the network security vulnerability and threat table for leadership.

Using the information you’ve gathered from the previous steps, prepare the network security vulnerability and threat table, in which you outline the following:

· security architecture of the organization

· the cryptographic means of protecting the assets of the organization

· the types of known attacks against those types of protections

· means to ward off the attacks

Create your Network Security Vulnerability and Threat Table and include it in your submission to the organization. Refer to this 

threat table template
 for guidance on creating this document.

Smart cards use encryption chips to identify the user’s identity, role, and sometimes use the user’s personal identifiable information (PII). 

Two examples of smart cards are the federal government’s use of Common Access Cards (CACs), and the financial sector’s use of encryption chips in credit cards.

You have completed your threat table, and you’ve decided that you want to modernize the access control methods for your organization. To that end, read the following resources to gather some background information on access control and the various encryption schemas associated with a CAC:

·

access control

·

Common Access Card (CAC)

You plan to deploy CAC to the company and you are tasked with devising that CAC deployment strategy, which includes the cryptographic solutions used with the CAC.

In the Common Access Card Deployment Strategy final deliverable, describe how identity management would be a part of your overall security program and your CAC deployment plan:

Create your Common Access Card Deployment Strategy and include it in your submission to the organization.

After completing the CAC, your next step is to build the Secure Email Strategy for the organization. You will present this tool to your leadership.

Provide an overview of the types of public-private key pairing, and show how this provides authentication and nonrepudiation. You will also add hashing and describe how this added security benefit ensures the integrity of messaging.

Begin preparing your strategy by reviewing the following resources that will aid you in becoming well informed on encryption technologies for email:

·

public key infrastructure (PKI)

·

iOS encryption

Then start developing your strategy.  Define these strong encryption technologies as general principles in secure email:

Pretty Good Policy (PGP algorithm)

· GNU Privacy Guard (GPG)

· public key infrastructure (PKI)

· digital signature

· mobile device encryption (e.g., iOS encryption and Android encryption)

In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in the future enhancements to system and data access protection. This may help you define long-term solutions for your leadership.

Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan.

The deliverables for this project are as follows:

1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format. Page count does not include diagrams or tables. The report must cover the following:

· network security and threat table

· Common Access Card deployment strategy

· email security strategy

2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab.

Submit your deliverables after reading the instructions below.