Cryptography and Network Security Applications

Cryptography and Network Security Applications Part I Cryptography and Data Security Role of Cryptography in Securing Data Cryptography plays a key role in securing any company’s online data. Encryption is the most widely used method to implement cryptography on the companies’ data as it secures the data while simultaneously allowing it to be transferred to others. It is very difficult for an outsider to break into an encrypted file and access the sensitive information. Encryption acts as a crucial component of security for protecting the cloud storage data as it is vulnerable to being attacked by outsiders, for concealing the operating systems, and for keeping security on emails which are the most common method of communication in business. Purpose of Symmetric and Asymmetric Encryptions In symmetric encryption, the message is encrypted by the application of a secret key which can be in the form of a number, a word, or an alphanumeric string. The key is applied to the message (also known as plaintext) by the sender, and as long as the recipient has the key, they can decrypt the encrypted message (also known as cipher-text). Confidentiality is achieved by this method of encryption. If the symmetric key is changed in every session of communication the key is known as a session key that is valid for one session only and this provides improved confidentiality. This is a traditional method of encryption, using it becomes frantic when secure communication is needed by a number of employees in an organization as everyone will have a number of keys to communicate with different individuals. Secure key distribution among all the members is another problem in using symmetric encryption. In order to resolve these issues, Asymmetric encryption should be used in this organization. Each member has two keys namely public and private key. Public keys are used to encrypt and decrypt messages which are to be shared among all the members of the organization. Private keys are for to secure a private communication taking place between two persons. In this way, the all public and private communication inside premises is secured using these authentication methods and the files shared with these messages as attachments are also secured. Advanced Encryption Standard (AES) Algorithm: This algorithm is trusted as a standard by most government organizations as it is tremendously efficient in protecting the data of 128-bit. However, it is also used for data of 192 and 256 bits.Message Authentication Code  (MAC) Algorithm: This is also known as a tag, it is small information used for  authenticating a message which means it confirms the authenticity of the message by checking that the received message has been sent by the authenticated sender of it. The MAC value helps in protecting a messages  data authenticity and its integrity, by allowing the concerned persons to detect if the content of the message has been changed. Digital Signatures Digital signatures are commonly used for verifying the authenticity of digital documents and messages. It ensures the recipient that the received message has come from a known sender and the integrity of the message has not been altered during its transmission process. Since all the paper documents in the organization are now replaced with the electronic documents, digital signatures can be considered as an alternative to ink signatures and stamps of authenticity. Application of digital signatures offers authentication, integrity, and most importantly non-repudiation, i.e. one cannot deny their signature later if they have signed the document. Hence, digital signatures should be considered as one of the security measures while planning data security in this organization. These features can improve the transparency and security among the businesses through communications. These are basically comprised of 3 algorithms namely key generation algorithm, signing algorithm, and a signature verifying algorithm. It is very easy to create digital signatures, one can just open the electronic document that needs to be signed in an electronic signature tool such as Docusign or Microsoft office tools. Further steps differ as per the tool and document and these steps are instructed to the user as he opens the document in the tool. Users just have to follow the instructions and verify their identity in order to add their digital signatures on the document. When messages are sent after being digitally signed, the hash value ensures that no changes have been made in the document. All of this handled automatically handled by a software tool, which shows warning if a decrypted hash value produces an altered output. The encrypted value of the hash is added to the bottom or as an attachment in the email. Part II Cryptographic Keys and User Authentication   Ã‚  Ã‚  A user authentication system can be recommended to provide strict authenticity for users to access the companys resources. In this system, an identity is stated by the users who then applies an authenticator such as a password or a security key or combination of both of these in order to validate their identity. The security key presented by the user to verify their identity must be unique so that it authenticates only one particular user. The keys should be made in such a way that they are easy to remember by the user but cannot be stolen, copied, or forged. The process of revoking the previous key and issuing a new key should be easy. It should be impossible for the users to transfer their security keys to another user. The system should be protected against any attacker during the transit of data. Asymmetric encryption methods can be used as one of the user authentication methods to validate this system. Since the information secured through cryptographic keys depends directly on the key strength, key mechanisms and protocols effectiveness, and afforded protection. It is important to have a proper key management system in order to ensure proper distribution of keys. The user authentication should be made in such a way that it offers key protection against any modification. Private keys should be protected against any type of unauthorized disclosure. System Recommended for Employees to Get Discounts on Fruit Juice and Nut Bar The system recommended for the employees to make proper use of ijuice.com and nutbar.com is that when the employees click on the link given on the employee benefits page, a login or signup page should appear. If the employee is new to the system, they employee must make an account on the product website by signing up using their authentic credentials and their confidential employee ID along with a username or password that would be the key they use to access their account. As the user logs into the website, a session is created, and by the received login information of the user, special discount coupons unique to the employee is available to be added to their accounts so that they can use the coupon when they purchase any specific coupon applicable item. Once the user logs out from their account, the session is terminated, and the information about the session remains safe with the servers of ijuice.com and nutbar.com. Part III Secure Cloud Computing for Handling the Companys Data Implementation   John will want to implement most of the data used and stored for the company in a virtual cloud system. This will provide a certain effective measurement of security, efficiency, transfer methods, time saving and cost reductions. The first step in implementing cloud based storage is the replacement of physical infrastructures with virtual infrastructures. A software layer generates a virtual instance of the hardware as the controlling software point and is much easier to manage, interactive with, share and make changes too.  The second step, includes the decision making process of what cloud storage system would be best suited for the company. A common cloud service is ‘Google Drive’ ‘Oricle’ or IBM. These cloud services offer a greater visability into the usage and cost of virtual infrastructure as well as assisting in tracking and assessing shared computer resource usage accuracy. The third step of implementing cloud is realizing in companies where most of the work data flow demands server regularity without the interference of attacks and that’s where cloud security comes in. Blowfish, AES (Advanced Encryption Standard), and RSA (Rivest-Shamir-Adleman) are some of the most commonly used cloud computing algorithms to provide efficient security to cloud platforms. AES encryption algorithms were described previously, but RSA encryption relies upon the computational difficulty of processing large integer values. The strength of this encryption is left up to the key size which are usually 1024- or 2048-bits in length, which is huge and is why it would be a great choice to implement upon cloud infrastructure storage security. Risks Denial of Service (DoS) Attacks: These attacks prevents the users from accessing the services by flooding the systems or networks with traffic to make the resources work on unnecessary data or inevitably crash which then prevents the user from accessing their data . Such attacks have more computational power in cloud computing.Malware Injection Attack: These attacks inject harmful software to the victims data in the cloud and takes control of it. The results of successful injection can be very disastrous, it can even allow the propagation of computer worms which then can potentially use the company’s data distribution methods as a platform to spread the attack to individuals or groups who authentically interact with the company’s data.Side Channel Attack: These attacks place a virtual machine with the victim’s virtual machine in order to target cryptographic implementation of the systems instead of using any theoretical weaknesses of the algorithms or any other force. Cache attack, timing attack, power – monitoring attack, electromagnetic attack, acoustic cryptanalysis, differential fault analysis, data reminisce, and software-initiated fault attacks are different forms of side channel attacks. Countermeasures The data stored in the cloud must be zipped up with either a password or AES encryption and the keys must not be shared with anyone.Login authentication should not be simple in terms of guess work and rather should implement multifactor authentication.A CCSP (Certified Cloud Security Professional) should be hired to manage the cloud after installation.Data integrity must be verified by implementing data encryption and decryption over the wire. It is advisable to use cloud computing for the operational purposes in order to reduce the hardware infrastructure cost and maintain efficient management of databases and confidential data if all the vulnerabilities are taken care of by using proper countermeasures. Part IV Business and Blockchain Integration Blockchain technology has created a backbone for a new kind of internet. A blockchains store information across a network of computers making them not just decentralized but distributed which means no single individual or company owns a system but everyone can use it and help run it. It can be looked at in three different ways: technical, legal, and business (Nair & Sebastian, 2017).  As per technical aspect, it could be seen as a backend database which has a distributed ledger. As per business aspect, it is an exchange network that can be used by peers for transferring value. This mechanism validates a transaction and may validate it from a legal point of view. There is no requirement of any middlemen to make a transaction valid. In order to ensure proper functioning of blockchains at such a corporate level, a consensus algorithm is required which must be secure, functional, and efficient. â€Å"Proof of work†, â€Å"Proof of Authority†, and â€Å"Proof of stake† are some of the consensus algorithm which are considered as potential for blockchain integration. However, the use of a â€Å"Proof of Work† algorithm has already been started for blockchains in Bitcoins. Blockchains can enhance the security in three different forms which are: blockage of identity thefts, prevention from denial of service attacks, and prevention of data tampering. Advantages It allows people to sell or buy anything they like to and or from anybody in the world, without letting any other party to interfere and impose rules upon them.Every consumer can choose their identity in transactions, such can remain anonymous, public, or private as per their choice.Approach used in blockchains for storing DNS entries could increase security by eliminating the single target that can be attacked by the hackers. This will not cause the entire system to be compromised by the attack.Blockchain will also eliminate the network fees on DNS reads and will only charge for new entries and updates, of course depending upon the DNS provider that John chooses to go with. Drawbacks Financial services will be impacted as blockchain is defined as everything that a bank does.Government services as one can choose to buy or sell anything to anyone without any geographical boundaries. No one will go to government departments for completing the formalities.Blockchains will require a lot of computational power as compared to centralized database processes. Blockchain provides the ability for every node in the network to process the request independently.Existing currencies are regulated and created by the national governments, but blockchain and a product of blockchain such as Bitcoin will face hurdles in being adopted by the already existing financial institutions if the regulation status of the governments remain unsettled. References Stallings, W., & Tahiliani, M. P. (2014).  Cryptography and network security: principles and practice  (Vol. 6). London: Pearson. Jonsson, J., Moriarty, K., Kaliski, B., & Rusch, A. (2016). PKCS# 1: RSA Cryptography Specifications Version 2.2. Salomaa, A. (2013).  Public-key cryptography. Springer Science & Business Media. Hernandez, K. (2017). Blockchain for Development–Hope or Hype?. Nair, G. R., & Sebastian, S. (2017). BlockChain Technology Centralised Ledger to Distributed Ledger. Rittinghouse, J. W., & Ransome, J. F. (2016).  Cloud computing: implementation, management, and security. CRC press. Stojmenovic, I. (2014, November). Fog computing: A cloud to the ground support for smart things and machine-to-machine networks. In  Telecommunication Networks and Applications Conference (ATNAC), 2014 Australasian  (pp. 117-122). IEEE.

Virtuality vs. Reality

Your Name Eng. 111-01 Teachers Name Virtuality Vs. Reality Computers have become one of the most sought-after devices to date. One reason perhaps is the overwhelming popularity of the internet. Seems as if no one is immune to using the internet and even some restaurants offer free wi-fi for their patrons. There is virtually nothing that can't be done on the internet.Because of its popularity, everyday millions of people log on the internet either for online shopping, socializing, or researching. Going to malls and department stores may soon be a past activity for the busy person due to the popularity of shopping on the internet. People may chose shopping online because it is very convenient, cheap, and variety is offered right at a person's finger tips. First of all, the convenience of shopping online is very time saving, and it eliminates the need to drive around to several different stores searching for that perfect gift.For example, a person can shop right at home using a smartph one, a laptop, or an Ipad in the convenience of her own bed. In addition to being convenient, online shopping can be money saving. Searching for deals online can save an individual a lot of money. Besides finding deals on the internet; moreover, staying home, and purchasing online can also save tremendously on gas expenses. While saving money is a good asset of shopping online, included in shopping online is the wide selections of websites to chose from.Depending on what a person is looking there is always something unique that can be found shopping online. Since there are so many stores available right in the palm of one's hand, why would anyone want to leave home? In brief, if one makes up her mind to stay home and do online shopping, she would not only be saving time and money but can also have the world wide web of shopping readily available at her finger tips. Having considered shopping online to being popular for the busy person, it is also reasonable to look at socializing th rough the internet as a preferred way that most timid people communicate.One example of social communicating online is the constant use of Facebook. People from all walks of life, from different ages, different nationalities, and social classes sign on to Facebook everyday to keep up with the statuses of their Facebook friends, comment on their statuses, or to simply see how their friends are doing. An individual can also use Facebook to stay in contact with far away family members, to search for missing family members, to communicate with old classmates, or to play online games with their Facebook acquaintances.In addition to connecting with people on Facebook, there are several online gaming websites that cater to a more eccentric way of socializing. For instance, a game called, â€Å"World of Warcraft† is a widely played game where one can socialize with another individual through in-game chat messaging. In this online gaming world, individuals can communicate with one ano ther, help each other complete missions, and conquer the game. Online gaming is also an easier way of conversing for a person who is intimidated by meeting new people in real-life.Finally, a person can meet new people through online dating more simply than meeting them in person. Online dating would eliminate the nervousness one feels in real-life and would give way to a more relaxed person. Not only will an individual be more comfortable, but online dating would allow her to be more herself. Individuals who engage in online dating can socialize through messaging, email, the dating website, or cell phones. There are several different ways using the internet can bring people together whether it be Facebook, online gaming, or online dating.Thirdly, conducting research online is another important feature of the internet and adds to its popularity. For example, a student has a project due at school and instead of spending hours looking in a library,the student, on the other hand, can go right to a computer and find all the information he needs to complete his project. Not only can a student find research material for his school project, but can also find ideas for craft projects. Searching online can be very helpful when it comes to â€Å"do-it-yourself† projects.Mothers can go online to research craft ideas she and her child can do together as family time. Moreover, mothers can not only find â€Å"do-it-yourself† projects, but can use the internet for researching recipes. There are thousands and thousands of databases full of recipes. From easy thirty minutes meals, to crockpot cookers, and baked goods, characteristics of these recipes can be found on several different websites. For instance, if an individual wants to find a recipe for banana read, all that one would need to do is to go online and Google banana bread recipes. In conclusion, with people using the computer every day, it is no wonder that the internet has become so popular. Because an individual can shop, socialize, and research areas of interest on the computer, society has become dependent on the internet. The ultimate question is have we as a society become more comfortable with machine than to come face to face with man.

What Exactly Is Behavioral Finance Essay - Free Essay Example

Sample details Pages: 4 Words: 1164 Downloads: 1 Date added: 2017/06/26 Category Finance Essay Type Analytical essay Did you like this example? Traditional economics describes human beings as rational decision makers , but it has been observed that investor do not always act rationally. Behavioural finance is the study of the influence of psychology on the behaviour of financial practitioners and the subsequent effect on markets. Behavioural finance is of interest because it helps explain why and how markets might be inefficient (Sewell, 2001). Don’t waste time! Our writers will create an original "What Exactly Is Behavioral Finance Essay" essay for you Create order SEWELL, Martin, 2001. Behavioural finance. https://www.behaviouralfinance.net/ . Behavioral finance in recent times become a issue of significant interest to investors because it is a relatively new and evolving field in economics and consequently not well defined, a legitimate question is: What exactly is behavioral finance? but it is Described in various ways i.e. Behavioral finance is the integration of classical economics and finance with psychology and the decision-making sciences or an attempt to explain what causes some of the anomalies that have been observed and reported in the finance literature or the study of how investors systematically make errors in judgement, or mental mistakes. All economic models make simplifying assumptions about both market conditions and the behavior of market participants. Sometimes the simplifying assumptions underlying the model are explicitly stated and sometimes the assumptions are implicit, the latter is often the case reg arding the behavioral assumptions underlying the model. To illustrate, consider the efficient market hypothesis (EMH), an economic model of considerable importance to investors. The simplifying assumptions regarding market conditions that underlie the EMH frequently include, among others, assumptions such as: Transaction costs are zero, Markets are not segmented, Easy (even unlimited) entry into the security markets exists. The behavioral assumptions that underlie the Efficient Market Hypothesis can be expressed as: Investors act, in an unbiased fashion, to maximize the value of their portfolios, Investors always act in their own self-interest. The first behavioral assumption is frequently stated as investors are rational expectations wealth maximizers this means that investors form unbiased expectations of the future and given these expectations, they buy and sell in the securities markets at prices which they believe will maximize the future value of their portfolio s. Behavioral finance questions whether the behavioral assumptions underlying the EMH are true. For example, consider the assumption that individuals always act in their economic self-interest. Suppose you are having dinner at an out-of-town restaurant and it is extremely unlikely that you will ever return to this restaurant. Do you leave a tip? Most people do, but in this case leaving a tip decreases, rather than increases ones wealth, and because you wont be returning to this restaurant there are (presumably) no costs associated with not leaving a tip. In this case leaving a tip violates the rational expectations and self-interest assumptions. More germane to the EMH, consider social investing such as arbitrarily deciding not to invest in tobacco stocks or deciding to overweight environmentally clean industries, etc. Such behavior is not consistent with pure wealth maximization, if for no other reason than opportunities for forming better-diversified portfolios are foregone. Why investors might engage in non-wealth maximizing behavior, and what are the implications of such behavior for security pricing, are areas of inquiry in behavioral finance. Another aspect of behavioral finance concerns how investors form expectations regarding the future and how these expectations are transformed into security prices. Researchers in cognitive psychology and the decision sciences have documented that, under certain conditions, people systematically make errors in judgement or mental mistakes. These mental mistakes can cause investors to form biased expectations regarding the future that, in turn, can cause securities to be mispriced. By considering that investors may not always act in a wealth maximizing manner and that investors may have biased expectations, behavioral finance may be able to explain some of the anomalies to the EMH that have been reported in the finance literature.Anomalous returns such as those associated with value stock s, earnings surprises etc Cognitive psychologists have documented many patterns regarding how people behave. Some of these patterns are as follows: Heuristics Heuristics, or rules of thumb, make decision-making easier. But they can sometimes lead to biases, especially when things change. These can lead to suboptimal investment decisions. When faced with N choices for how to invest retirement money, many people allocate using the 1/N rule. If there are three funds, one-third goes into each. If two are stock funds, two-thirds goes into equities. If one of the three is a stock fund, one-third goes into equities. (Benartzi and Thaler, 2001) Overconfidence People are overconfident about their abilities. Entrepreneurs are especially likely to be overconfident. Overconfidence manifests itself in a number of ways. One example is too little diversification, because of a tendency to invest too much in what one is familiar with. Thus, people invest in local companies, even though this is bad from a diversification viewpoint because their real estate (the house they own) is tied to the companys fortunes. Think of auto industry employees in Detroit, construction industry employees in Hong Kong or Tokyo, or computer hardware engineers in Silicon Valley. People invest way too much in the stock of the company that they work for. Men tend to be more overconfident than women. This manifests itself in many ways, including trading behavior. According to Barber and Odean they analyzed the trading activities ofpeople with discount brokerage accounts. They found that the more people traded, the worse they did, on average. And men traded more, and did worse than, women investors. Mental Accounting People sometimes separate decisions that should, in principle, be combined. For example, many people have a household budget for food, and a household budget for entertaining. At home, where the food budget is present, they will not eat lobster or shrimp because they are much more expensive than a fish casserole. But in a restaurant, they will order lobster and shrimp even though the cost is much higher than a simple fish dinner. If they instead ate lobster and shrimp at home, and the simple fish in a restaurant, they could save money. But because they are thinking separately about restaurant meals and food at home, they choose to limit their food at home. Framing Framing is the notion that how a concept is presented to individuals matters. For example, restaurants may advertise early-bird specials or after-theatre discounts, but they never use peak-period surcharges. They get more business if people feel they are getting a discount at off-peak times rather than paying a surcharge at peak periods, even if the prices are identical. Cognitive psychologists have documented that doctors make different recommendations if they see evidence that is presented as survival probabilities rather than mortality rates, even though survival probabilities plus mortality rates add up to 100%. Representativeness People underweight long-term averages. People tend to put too much weight on recent experience. This is sometimes known as the law of small numbers. As an example, when equity returns have been high for many years (such as 1982-2000 in the U.S. and western Europe), many people begin to believe that high equity returns are normal.

Tacot Parsons’s Contribution to the Sociology of Health Essay

In this essay I would analyse the concept of health and illness, I would critically examines the contribution of Parsons Theory to health and illness and the criticisms of Parsons model of sick role. In addition, the paper will discuss inequality in health and the findings of black report. I would also discuss sickle cell disease and coronary heart disease. Talcott Parsons has revolutionised the way to deal with the disease and he structured his ideas in to practice and interlink with core issues that the utilitarian society must have. In that sense Parsons noticed that when a person is sick, they are unable to carry out their social responsibility normally. Therefore, Parsons implies that the only way to understand the illness and its†¦show more content†¦Giddens A 6th edition online version. Parsons idea of the sick role was to prescribe ways to control and challenge social deviance thus his model of the sick role has provided the sick person with rights and obligations as followed: 1. Sick person is exempted from their normal duties 2. They are not responsible for their sickness. Obligations: 1) Should seek medical help from professionals 2) Should see sickness as undesirable Some theorist has argued Parsons model has not fully cover every issue in his methodology of the sick role subsequently, on issues of patient –doctor relationship, chronic illness and inequality in health .Here the argument would be presented to measure and weigh the model and engage this model to see if it could still function in today’s society. Taylor S Field 2003 pg The arguments of the sick role: On doctor- patient relationship he emphasize that doctor should protect sick person’s privacy and well-being ,doctor should be skilled he should take the needs of patient as prioriy and be able to interact well with their patients. Doctors should also act according to the medical code of practice and ethics. On the other hand Doctors have unrestricted access to patient. Moreover, they have