Crypto Security Architecture Exercise

Scenario

 

You work for the Apex Trucking Company. This is a firm that moves materials for clients all over North America and Europe. The leadership of the company has no real knowledge of technology, but wants to use encryption to protect the information the company has. The information to be protected consists of future marketing plans for the company, financial data, employee records, customer records, and customer shipping date.

 

 

The company wants the capability to securely allow customers to track their orders in real time from their origin to their destination on-line over the Internet. The information that is to be supplied to customers is tracking number, location of shipment, size of shipment, value of shipment, and estimated time of arrival as well as the customer contact information for this shipment.

 

 

While this information can be made available from a central server, the marketing groups in Europe, Mexico and Canada need management access to the data to enter new shipments and change orders before they ship.

 

 

The company currently is using desktops running Windows XP and Windows based servers. There are only passwords used for security, and a firewall, but no encryption to protect the information.

 

 

The project is to provide the above capability securely using encryption, as well as providing additional security to the company via encryption. You will need to address new technology, the reasons and costs behind your choices, and what policy and legal implications there are to your encryption solution

 

 

There is at least one marketing group in Mexico, Germany, and Canada, as well as three in the US. The company is based in New York. It is important that customers can rely on the shipping data being accurate, and from the company. 

 

 

You’re assigned this crypto architecture project.

 

 

Configuration

 

The current configuration has one server acting as a firewall and web server. This server is directly attached to the Internet. 

 

 

There is a database server behind the firewall, as well as a separate server for HR and marketing. The marketing server needs to be securely accessed by the marketing teams. They also need to access the database server through an Internet connection to manage data and display reports.

 

 

All databases use MySQL and are currently not secured.

 

 

Constraints

 

Your tasking is crypto architecture. The normal replacement of computers is done on a rotating schedule. It is outside the scope of your project to plan for the replacement of computers. Your architecture should work with the computers you have. You may consider the replacement of equipment if an upgrade or new equipment would be critical to the crypto architecture.

 

 

Specific Tasking

 

You have been specifically tasked to do the following things and develop a complete and sound crypto architecture. Remember, the president is very knowledgeable about cryptography and wants lots of details about how you are going to implement the encryption.

 

 

 

  

Describe in detail what new cryptographic      systems you are going to propose, how they work, and how they will enhance      security. Be specific about these      systems weaknesses and how you plan to compensate for the weaknesses.

 

  

Describe and explain the impact the new      cryptographic security architecture will have on the current security      features and how this impact will be mitigated.

 

  

What new issues will arise as a result of      implementing the new cryptographic solutions and what are the arguments on      either side of these issues?

 

  

Show a clear and detailed understanding of      the existing encryption being used such as passwords, and operating      encryption features not being used and whether you plan to use these or      not, and if not why not.

 

  

How well will all these new cryptographic      features work together?  Identify      any areas of concern, and how you propose to resolve conflicts and issues.

 

  

What if any current security features can      be eliminated cost effectively by the new crypto architecture?

You can leave a response, or trackback from your own site.
error: Content is protected !!