It543m4-4: Design An Implementation Of Cryptographic Methods For An Organization

IT543M4-4: Design an implementation of cryptographic methods for an organization.

Assignment Instructions:

Part 1

Perform the lab “Wireshark — Capturing SSL Packets”.

Follow the directions and perform the instructions as indicated and provide the requested information.

Take screenshots of each step to show that you are working through the steps.

Directions for Submitting Your Assignment:

Compose your assessment in a Word document and save it as IT543 YourName_M4.doc and submit it to the Dropbox for Module 4.

Part 2

Assignment Instructions:

Part 2 requires you to analyze a system, identify the cryptographic requirements, and then design a set of solutions to secure the data and the communication within the system. The system to be developed is based on the following scenario:

The ACME Yearbook Company has an existing desktop application that allows customers to create school yearbooks. The desktop application imports a portrait template containing a text document with student and faculty names, grades, and filenames. The filenames identify the yearbook photo for the respective individual. The application then allows the customer to edit the portrait database and to design the school’s yearbook, including the ability to import additional photographs and then lay out each page of the yearbook. When the yearbook is completed, the application uploads a data set to the portrait database “in the cloud” and all of the layout data for each page of the yearbook.

Note: Their previous product used CD ROMSs, and there was no Internet access for development, viewing, or purchase.

This data set is used by the company so that the company can produce a high-resolution PDF of the yearbook, which is then used to produce the printed hardcopy yearbooks for the school. Additionally, the schools can request electronic copies of the yearbook on CDs for record keeping or for direct sale to students to accompany their hardcopies.

The ACME Yearbook Company has hired you to help them develop an Internet-based product to complement the existing desktop application. Write a report to the company explaining what features need to be added to their product to make it secure.

The Internet-based product should include the following additional features:

Allow all of the yearbook data to be stored on ACME’s servers, rather than on the customer’s local computer.
Allow the desktop product to be used to edit the yearbook, in addition to any new Internet version of the product.
Allow multiple people to edit the yearbook at the same time (including any students who are working on the yearbook).
Allow people to purchase copies of the completed yearbook using a credit card.
Allow a low-resolution PDF of the completed yearbook to be available to the school for proofing. Also make available a high-resolution PDF that can only be accessed by ACME’s printing facilities and partners.
Security concerns include:

Licensing of the application client on school PCs.
Security for the output designs on the cloud and on CDs.
Secure storage of multiple yearbooks from multiple clients at ACME and in the cloud.
Online purchasing of electronic copies of yearbooks.
Communications security.
You must do the following:

Identify and list RISKS to be addressed.
Design a solution or a solution set.
You do not have to address all of the items below, but here are some possible topics to consider:

Email
Remote Access (VPN)
Whole disk encryption
Encrypted flash sticks
Ecommerce transactions
Database encryption
Use of Hashes (e.g., for checksums, passwords, perhaps even credit card information)
Cloud access security
Digital certificates (at various levels)
DRM for electronic copies of yearbooks
Acceptable Use policies regarding use of company computers, personal computers, and perhaps even use of personal encryption
Identify potential vulnerabilities with your proposed solution (Note: not all vulnerabilities can be solved with encryption).
Finally, in case the company cannot implement all of your suggestions at once, list the features that you recommend and rank order them by importance.
Your design should take into consideration the data storage, data processing, and data communication needs of the system.

It is anticipated that the length of the paper will be 10–12 pages.

Directions for Submitting Your Assignment:

Compose your assignment in a Word document and save it as IT543 YourName_M4.doc and submit it to the Dropbox for Module 4.