Professional Thesis Writing Service

Objective of this lab is to demonstrate the basics of designing a n

Databases are collection of raw fact and figures or in single word we can say data in digital form, databases are classified on the basis of their content like text document, bibliographic and statistical etc. Databases are managed by software called DBMS (Database Management System), DBMS are responsible of storing, retrieving, accessing, security, backup and querying the data as fast as possible and in most efficient way.

One of the most trusted DBMS in market is ORACLE DBMS. ORACLE is the most trusted in market and almost each and every organization uses it. One of the best security features of ORACLE is Secure Database Access.SDA is based on three things which are

Under USER MANAGEMENT comes how much space has to be provided to each user, what level of access has to be provided to users, the space and rights of one user does not interfere with other. Under PASSWORD MANAGEMENT come the default passwords of users, defining the password complexity, deciding the password expiry time limit, password lock facility etc. Under RESOURCE LIMTS comes deciding CPU time, logical reads, concurrent session per user, idle time, amount of private SGA for shared sessions.

The above mentioned security features comes with any enterprise level operating system for example SUN SOLARIS a UNIX flavored OS has all this security features where there is separate file system for all users, each and every file system and file has access permission defined for the root, the user and others, passwords for each user is there and they are stored in encrypted form and for each and every user the resources are defined.

Briefly describe the purpose of firewalls and how they work, including a comparison of at least three principal types.

Firewalls are a type of hardware or software which is used to protect the system or network. Firewall acts as fences around the system or network which do not allow anybody who wants unauthorized access or after access tries to do some sort of damage.

To protect ones data and network Firewalls employ a number of technologies, of which the first one is simple set of rules means all the ports should be closed initially and as one goes with applications there must be ports defined for them and only those ports are opened for those applications to use, open ports are like holes which any hacker can use to access your system. There are 2 physical types of firewalls software and hardware, software firewalls are mostly used in home environment like the one provided by Nortel and McAfee, they are responsible for protecting you home pc against any sort of external attack. Hardware firewalls are commonly used in business environment, they are dedicated units which have the external world plugged in outside and the trusted network from inside and they are often available as a pair so that failure of one unit does not make the network open for attack. Both type of firewalls use a number of different techniques to keep your system and network safe, the first thing described is a rules based or packet filter system, here all data in and out is scanned to see that is in and out to trusted ports on the system and possibly even trusted IP addresses.

Proxy server, this is in between the outside world internet and the trusted inside world network it scans all packets of data and make sure if they meet the packet filter rules before passing data to the machine in the trusted network. This adds a layer of security by never allowing the internet system come in direct contact with the trusted machine, network address translation do not make your internal IP address visible to the internet. A proxy server is great against brute force attacks.

What are the differences between public key encryption methods and symmetric key encryption methods? Please provide one example of each category.

The cryptographic technique based on two keys — a public key available to all and a private/secret key known only to the person intended to have it. An important part to the public key encryption is that the keys are related in such a manner that only the public key can be used in encryption of the messages and only the corresponding private key can be utilized in decryption of messages. By no chance one can get private using the public key.

Public-key encryption like Pretty Good Privacy (PGP), are growing in popularity for transferring information through internet. They are highly secure and comparatively simple to use. The one difficulty with public-key encryption is that one need to be aware of the recipient’s public key so that he/she can encrypt a message. What is required therefore is a global registration of public keys

Symmetric key encryption for both encryption and decryption uses a same secret key. Exchange of message requires exchange of keys also among users. Message encrypted with secret key can only be decrypted with same secret key

Secret-key algorithm is used in symmetric key encryption. Symmetric key encryption techniques are also called content-encryption algorithms.

The big limitation of secret-key algorithm is the requirement for sharing the secret-key. This can be overcome by deriving the same secret key at both ends by using a user supplied text string or we can say password based on password-based encryption algorithm, other way round is to securely exchange the secret-key among themselves.

Size of the key defines the strength of the symmetric key encryption used.

Consider the following cipher text: EHWWHU EH GHVSLVHG IRU WRR DQALRXV DSSUHKHQVLRQV WKDQ UXLQHG EB WRR FRQILGHQW VHFXULWB (Edmund Burke)

a) Decipher the cipher text above using a 26-character Caesar Cipher. Explain your reasoning

Explain how you would quickly determine if the above cipher text is the result of a simple substitution or a transposition cipher, also explaining the difference between each. Please justify your answer.

The cipher text gets decrypted to “BETTER BE DESPISED FOR TOO ANXIOUS APPREHENSIONS, THAN RUINED BY TOO CONFIDENT SECURITY”

A shift of 3 was used to give the output as the quote mentioned above. The above cipher can be determined as simple substitution cipher as we can list down the two alphabet words in English and shifting each alphabet to certain position gives any one of the word.

Substitution cipher is all about replacing one character or alphabet with other and transposition cipher is all about jumbling of the words together instead of replacing characters, transposition cipher changes the order of the characters and can be analyzed by frequency analysis.

Unfortunately your computer has been infected by some malicious code and you do not know when this infection happened. Luckily you have performed backups on a weekly basis since you acquired your computer. Your idea is to use the backups starting from the beginning, rebuilding the first backup and so on, applying all changes in order. Discuss the feasibility of this approach offering ways to improve it, if necessary.

This is the safest way of rebuilding computer again and would definitely solve the issue as this is the gradual step by step up gradation of the system and would bring the system to state where it was infected but without the problem. What I feel like if we start restoring the system from back rather than doing from start and checking for the stability of the system. This approach saves time and effort as after restoring first only you have the probability of solving the issue or what we can do is not do one by one incremental steps but keep an interval of the backups and do.

Please compare and contrast incident response plans and business continuity plans. List heir key elements (what would one expect to see in such a document?)

The incident response plan is defined as what make up a security incident and highlight the phases of incident response. The incident response plan document is focused on how information reaches the appropriate personnel, investigation of the incident, bringing down damage and strategy to respond, documentation and evidence preservation. The incident response plan consists of responsibility area and pen down and brings in effect procedures for handing security incidents. The document emphasizes on the considerations required to create an incident response plan.

The incident is formulated to safeguard against intrusion to organizational resources. An incident is defined as information confidentiality loss, data integrity compromise, theft or damage of IT assets like computer, printer etc, service denial, misuse of assets or services or data, system infection by malicious software, unauthorized access, system abnormal behavior, alarms for intrusion detection and their responses.

The incident response goals are incident occurrence verification, business restoration continuity, minimized incident impact, determine the way of attack, prevention against future attacks, response time of security and incident should be improved, illegal activity prosecution, situation and response has to be made aware to management.

The incident response life cycle begins by incident preparation, then comes the discovery of the incident, notification, analysis and assessment, response strategy, containment, re infection prevention, affected system restoration, documentation, preservation of evidence, external agencies notification, update policies and response review.

The business continuity planning is required for making an organization safe from internal and external threats and identifies the soft and hard assets to provide effective recovery and prevention of the organization. The following threats are there to an organization as

Staff death or injury, building are damaged, loss of communication and IT infrastructure, disruption in transport making staff unavailable, stress and demoralization in staff, other business disruption or closing down on which a company is dependent, reputation damage and business change demands. To cover up the following threats following steps should have been planned sufficient workforce with right expertise and motivation to manage and lead the organization, access to key IT system and records, staff communication should be reliable and clear, ability of paying the staff in case of crisis also, product and services procurement and media demand responses. The steps involved in developing a business continuity plan in systematic way are analysis of business, risk assessment, strategy development, plan development and plans should be rehearsed.

One hundred years ago, Louis Brandeis and Samuel Warren warned us that, “Numerous mechanical devices threaten to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the housetops.'”

Cryptography is an enabling technology for self-help privacy. Conversely, cryptography can be used to conceal criminal conspiracies and activities, including espionage.

a) How have computers changed the ways in which we have to keep certain information private?

b) What new threats do computer systems and networks pose to personal privacy? Conversely, what threats are enabled or enhanced by computer systems and networks?

c) How does cryptography help or hinder protection of privacy and public safety?

d) What policies are needed and appropriate in a networked world regarding the use of cryptography?

e) Consider a public key encryption. Ann wants to send Bill a message. Let Annpriv and Annpub be Ann’s private and public keys respectively. The same for Bill (Billpriv and Billpub).

i) If Ann sends a message to Bill, what encryption should Ann use so that only Bill can decrypt the message (secrecy)?

ii) Can Ann encrypt the message so that anyone who receives the message is assured that the message only came from Ann (authenticity)?

iii) Is it possible for Ann to devise a method that will allow for both secrecy and authenticity for her message? Please justify your answer.

Computers help a lot in keeping private information’s secure. With all the security features into the system like firewalls and other security features one can keeps his/her information secure from un authorized access. Initially for keeping the information private one has to classify the physical files or documents having information as classified or confidential and have to be kept in safe custody so that unauthorized access is not there, the initially the information transfer has to be taken through physically under supervision but with computers and secure software systems and various encryptions which are efficient and complex to break, transport of information has become easy without any extra effort. With increasing use of information technology in form of computers has also created new types of threats where hackers who are experts in breaking the system security and network security and get easy access of one’s private data. People use the information transfer and other IT means to transfer information which cannot be scanned by authorities for example terrorist organizations uses the networks and other safe methods to transport the information which could not be easily get hold of decrypted by organizations working against them.

The biggest advantage of public key cryptography is the secure nature of the private key. In fact, it never needs to be transmitted or revealed to anyone. It enables the use of digital certificates and digital timestamps, which is a very secure technique of signature authorization. We will look at digital timestamps and digital signatures in a moment, but as discussed above cryptography can be used by organizations or individuals involved in wrong activities to transfer data which cannot be caught or decrypted by authorities working against them, hence cryptography can go against world peace. Cryptography use should be mandated for the right purposes.

There are few cryptographic policies that have been challenged, both literally and figuratively. In particular export controls, key escrow and government control have been issues argued recently, with final decisions still unresolved. International agreements and foreign decisions regarding these topics have influenced the current U.S. position.

Ann should use the public key encryption method to send a message to Bill.

Ann can create her digital signature of the message using the private key which can be verified using public key to see message is authentic.

Yes Ann can use public key encryption for encrypting the message to maintain the confidentiality or secrecy of message and she can use digital signatures with public key encryption to maintain the authenticity of the message.

 

etwork, taking into consideration the users, services and locations of the hosts.

Overview:

The major purpose is designing a network and optimizing it to have a maximized network performance, taking into consideration the cost constraint and the required services to be offered to different types of users. Periodical network optimization should be done throughout the whole life of network to get maximum network performance as well as to monitor the utilization of network resources.

In this lab we will design a network for a company having four departments which includes Engineering, E-Commerce, Research and Sales. We will utilize a LAN model that allows simulating multiple clients and servers in one simulation object. This will reduce the amount of configuration work as well as amount of memory required to execute the simulation. After completing this laboratory we will be able to study how different design affects the performance of the network.

Implementation:

Scenario 1 (Simple Network):

We will design a campus network

We will following objects in the network:

Application Config: It will be used in configuration of profiles for users.

Profile Config: It will describe profile for users.

Subnet

We will configure subnets as Engineering, Research, E-Commerce and Sales.

Each node has a 10BaseT LAN and Ethernet_16Switch connected by 10BaseT link.

We will create 4 profiles with respect to the nodes which are Engineer, Researcher, E- Commerce Customer and Sales Person.

The main server subnet has one Ethernet_16switch and three Ethernet_servers connected by 10BaseT link. These servers are web server, file server and database server.

Web server supports the services like Web Browsing (Light HTTP1.1), Web Browsing(Heavy HTTP1.1), E-mail (Light) and Telnet Session (Light)

File Server supports the services like File Transfer (Light) and File Print (Light).

Database Server provides the service of Database Access (Light).

100BaseT link is used to connect all the four subnets with the server subnet. Thus there will be a connection between profile switch as a node A and server switch as node B.

The final network will look like Figure 1.

Figure 1: Network Design

Statistics: We used Page Response Time from the HTTP protocol for the testing the networks performance.

Simulation: Duration for simulation will be set to 30 minutes.

Duplicate Scenario (Busy Network):

In this scenario we will set the Background Utilization between the 2 servers to 99% instead of 0%.

Result:

After simulating the both scenarios we will get result for Page Response Time as shown in Figure 2.

Figure 2: Graph for Page Response Time for both scenarios.

It can be seen from the Figure 2 that Page Response Time for busy network is always higher than the simple network. It also being noticed that in the beginning page response time increases for both the networks but after some time they will be in stable state.

Analysis:

It can be seen that page response time for busy network is higher than the simple network. This is because we set the Background Utilization to 99% in Busy Network. Thus as the CPU Utilization increases the page response time decreases.

Expectation:

As we have set the Background utilization to 99% in the Busy network, we are expecting higher page response time in this scenario. Result of the laboratory is identical to our expectation.

Questions / Answers:

Analyze the result we obtained regarding HTTP page response time. Collect four other statistics of your choice and rerun the simulation of the Simple and the Busy network scenarios. Get the graphs that compare the collected statistics. Comment on these results.

Page Response time: Page response time is higher in Busy network than simple network. This higher page response time is because of background utilization is 99%.

Figure 2: Graph comparing Page Response Time for both scenarios.

Object Response Time: It can be seen in Figure 3 that Object Response Time is very less for Simple network in compare to Busy network. Less response time means that access of the object in the network is higher.

Figure 3: Graph comparing Object Response Time for both scenarios.

Upload Response Time: It can be seen in Figure 4 that Upload Response Time for Simple network is constant throughout the simulation while for the Busy network it will vary. As network is busy it takes more time uploading in FTP connection for Busy Network while in Simple network uploading time is less.

Figure 4: Graph comparing Upload Response Time for both scenarios.

Download Response Time: Downloading a file in a busy network is high compare to simple network. It can be also seen from Figure 5 that downloading time for simple network is constant while for busy network it is varying with time.

Figure 5: Graph comparing Download Response Time for both scenarios.

Ethernet Delay: It can be seen in Figure 6 that delay for busy network is higher than simple networks. This proves that delay is directly proportional to the background utilization.

Figure 6: Graph comparing Ethernet Delay for both scenarios.

In the BusyNetwork scenario, study the utilization% of the CPUs in the servers.

CPU Utilization:

Web Server: CPU utilization increases in the early state and then become constant for the remaining period of time.

Figure 7: CPU Utilization for Web Server in BusyNetwork .

File Server: CPU utilization goes high as we access the File Server but letter it will decreases exponentially.

Figure 8: CPU Utilization for File Server in BusyNetwork.

Database Server: CPU utilization will go high as database server is accessed and it will remain almost constant with very less fluctuation for remaining time span.

Figure 9: CPU Utilization for Databse Server in BusyNetwork.

Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new scenario Q3_OneServer. Replace the three servers with only one server that supports all required services. Study the utilization% of that server’s CPU. Compare this utilization with the three CPU utilization you obtained in the previous question.

One Server:

Combining all the server in one server doesn’t make much difference in CPU utilization. CPU utilization for BusyNetwork and Q3_OneServer is very similar.

The utilization of one server is very much similar to the utilization for databse server and web server. It is not matching with the File server utilization as one server is serving all three purposes it is not decreasing unlike in File server.

Figure 10: CPU Utilization for Server in OneServer Network.

Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new scenario Q4_FasterNetwork. In the Q4_FasterNetwork scenario, replace all 100baseT link with 10Gbps Ethernet links and replace all 10BaseT links with 100BaseT links. Study how increasing the bandwidth of the link affects the performance of the network in the new scenario (e.g. compare the HTTP page response time in the new scenario with that of the BusyNetwork).

In this new scenario we are increasing the speed of the link which will directly increase the speed of network. Faster network have less response time as data rate is high compare to BusyNetwork. Figure 11 shows that pager response time is less for FasterNetwork is less in compare to BusyNetwork because of the high data rate.

Figure 11: Graph for page response time of Busy and Faster Network

Conclusion:

Through this laboratory we learned to design a network, taking consideration of the users, services and locations of the hosts. It has also demonstrated the effect of devices on CPU utilization.