1.

Implementation of Rivest-Shamir-Adleman Encryption Algorithm to a

Company Information Management System.

 Rationale of the study

The rationale for implementing the Rivest-Shamir-Adleman (RSA) encryption

algorithm to a company information management system is to protect the
confidentiality, integrity, and authenticity of sensitive data. RSA is a public-key
encryption algorithm, which means that it uses two separate keys: a public key and a
private key. The public key is used to encrypt data, while the private key is used to
decrypt it.

Implementing RSA encryption to a company information management system would

provide a number of benefits, including:

 Confidentiality: RSA encryption would ensure that only authorized individuals

would be able to access sensitive data. This would help to protect the
company from data breaches and unauthorized access.
 Integrity: RSA encryption would help to ensure that sensitive data is not
tampered with. If any changes are made to encrypted data, the decryption will
fail. This would help to protect the company from data corruption and fraud.
 Authenticity: RSA encryption can be used to create digital signatures. Digital
signatures can be used to verify the identity of the sender of a message or the
authenticity of a document. This would help to protect the company from
identity theft and phishing attacks.

In addition to these benefits, RSA encryption is also relatively easy to implement and
manage. There are a number of software libraries and tools available that make it
easy to integrate RSA encryption into existing systems.

 Objectives of the study

The specific objectives of the study will vary depending on the specific needs of the
company. However, the overall goal of the study is to improve the security of the
company's information management system by implementing RSA encryption.

The objectives of the Rivest-Shamir-Adleman (RSA) encryption algorithm are to:

 Provide confidentiality: RSA encryption ensures that only authorized

individuals can read encrypted data.
 Provide integrity: RSA encryption can help to ensure that encrypted data
has not been tampered with.
  Provide authenticity: RSA encryption can be used to create digital
signatures, which can be used to verify the identity of the sender of a
message or the authenticity of a document.

 Intended beneficiaries and significance of the study

The intended beneficiaries of the study on the implementation of the Rivest-Shamir-

Adleman (RSA) encryption algorithm to a company information management system
are:

 The company itself. The company will benefit from the improved security of
its information management system. This will help to protect the company
from data breaches, ransomware attacks, and other cyber threats.
 The company's customers. The company's customers will benefit from the
fact that their personal information is protected by RSA encryption. This will
help to build trust between the company and its customers.
 The company's employees. The company's employees will benefit from the
fact that the company is taking steps to protect its information management
system. This will help to create a more secure work environment for
employees.

The significance of the study is that it will provide a guideline for how companies can
implement RSA encryption to protect their information management systems. The
study will also identify and mitigate any potential risks associated with implementing
RSA encryption. The study will also contribute to the body of knowledge on
encryption for security. This knowledge can be used by other companies to improve
the security of their own information management systems. Overall, the study on the
implementation of RSA encryption to a company information management system is
a significant and valuable contribution to the field of cybersecurity.

 At least 6 reviewed literatures and studies

Literature

Yu and others said that the data operation, generally speaking, includes three
aspects: first, processing, second, transmission, and storage. Weathersby and
others said that the link of network transmission is the most prone to problems in
these three aspects, so the security of data in network communication becomes
particularly important. Wu and others said that common means of data theft and
attack include: illegally stealing data information through system vulnerabilities;
malicious tampering with data distorting the data during transmission, and the data
receiver cannot recognize the data information. An unauthorized user logs in as an
authorized user to access the system. Li and others said that the problem of safe
data transmission in the network usually includes the following aspects: first, to
ensure that the user is safe, that is, to verify that the user is legitimate. Chen and
others said that the second is to ensure that the data has not been damaged or
stolen, that is, the application of encryption technology, digital signature, and other
technologies, as well as the management and traceability of access and operation
logs. Zhao and others said that at present, the most effective response to the
problem of how to ensure communication security on the Internet is to encrypt the
data.

Studies

In 2012 Suyash Verma et al proposed “An Efficient Developed New Symmetric Key
Cryptography Algorithm for Information Security”. They proposed new encryption
algorithm and used block cipher generating mechanism. They proposed evaluation,
results by calculation with different plaintexts in the same key (DPSK) mode. By the
results they show that, under the same key size and for the same size of the data,
proposed algorithm work faster than existing algorithm

In 2013 Prerna Mahajanet al proposed “A Study of Encryption Algorithms AES, DES

and RSA for Security”. They implemented three encryption techniques like AES,
DES and RSA algorithms and compared their performance of other encryption
techniques based on time for encryption and decryption. They also show results of
analyses of effectiveness of each algorithm. Based on the text files used and the
experimental result

2. Enhanced Security for Company File Sharing using Steganography

Application.

 Rationale of the study

The rationale of the study on enhanced security for company file sharing using
steganography application is to protect the confidentiality and integrity of sensitive
data that is shared between employees and other stakeholders. Steganography is a
technique of hiding data within another medium, such as an image, personal
information file or video file. This makes it difficult for unauthorized individuals to
detect the presence of the hidden data.

 Objectives of the study

The objective of the study is to protect sensitive data from unauthorized access,
tampering, and disclosure.

Steganography can be used by companies to achieve a variety of security

objectives. It can be used to protect intellectual property, such as trade secrets and
confidential business information. By hiding intellectual property within other media,
companies can make it more difficult for competitors to steal their intellectual
property. Many data protection regulations require companies to implement technical
and organizational measures to protect sensitive data. Steganography can be used
as one of these measures to help companies comply with their data protection
obligations. Data breaches can be costly and damaging for companies. By using
steganography to protect sensitive data, companies can reduce the risk of data
breaches and the associated financial and reputational damage.

 Intended beneficiaries and significance of the study

The intended beneficiaries of the study on the implementation of multi-factor

authentication (MFA) to a company network security monitoring system are:

 The company itself. The company will benefit from the improved security of
its network security monitoring system. This will help to protect the company
from unauthorized access to its network and data.
 The company's customers. The company's customers will benefit from the
fact that their data is protected by MFA. This will help to build trust between
the company and its customers.
 The company's employees. The company's employees will benefit from the
fact that the company is taking steps to protect its network security monitoring
system. This will help to create a more secure work environment for employee

 At least 6 reviewed literatures and studies

Literature

In the year of 2013 Akhtar, N.; Johri, P.; Khan, S., [2] implemented a variation of
plain LSB (Least Significant Bit) algorithm. The stego-image quality has been
improved by using bit-inversion technique. LSB method improving the PSNR of
stego-image. Through storing the bit patterns for which LSBs are inverted, image
may be obtained correctly. For the improving the robustness of steganography, RC4
algorithm had been implemented to achieve the randomization in hiding message
image bits into cover image pixels instead of storing them sequentially. This method
randomly disperses the bits of the message in the cover image and thus, harder for
unauthorized people to extract the original message. The presented method shows
good enhancement to Least Significant Bit technique in consideration to security as
well as image quality.

In the year of 2013 Prabakaran, G.; Bhavani, R. and Rajeswari P.S. [3] Investigated
on Medical records are extremely sensitive patient information a multi secure and
robustness of medical image-based steganography scheme is proposed. This
methodology provides an efficient and storage security mechanism for the protection
of digital medical images. Authors proposed a viable steganography method using
Integer Wavelet Transform to protect the MRI medical image into a single container
image. The patient's medical diagnosis image has been taken as secret image and
Arnold transform was applied and scrambled secret image was obtained. In this
case, the scrambled secret image was embedded into the dummy container image
and Inverse IWT was taken to get a dummy secret image. It has been observed that
the quality parameters are improved with acceptable PSNR compared to the existing
algorithms

Studies

In 2008, Alwan and his colleagues (2008) performed some applications on how to
select pixels in image steganography. In this study, edge finding and edge pixel
correlation are used. The selection of the pixel to hide the information using this
correlation is described in detail. Fridrich and his colleague discussed and detailed
the detection of steganography performed with the LSB (Least Significant Bits) in
gray level and color images in their articles. In this study, RS (Rescaled Range
Analysis) tried to obtain information that was hidden from the data hidden by
programs such as Cover image, Steganos and Hide4PGP.

In 2010, Cheddad and his colleagues investigated steganography methods and

steganographic software. In the study, they explained the methods and advantages
and disadvantages of steganographic software while hiding data.

3. Implementation of a Multifactor Authentication to a Company Network

Security Monitoring System.

 Rationale of the study

This thesis is intended to provide a security system to a company by implementing

multi-factor authentication. As digitization increases, so does the risk of critical data
breaches. It is therefore necessary to develop systems that can stop or reduce the
spread of stolen personal data. One way to do this is to strengthen a user's identity
by using a combination of several biometric and non-biometric factors.

 Objectives of the study

This thesis aims to achieve the higher level of security in user authentication. This
will be done by developing a multi-factor authentication (MFA) system that uses a
combination of biometric and non-biometric factors.

 Intended beneficiaries and significance of the study

The intended beneficiaries of the study on the implementation of multi-factor

authentication (MFA) to a company network security monitoring system are:

 The company itself. The company will benefit from the improved security of its
network security monitoring system.
 The company's customers. The company's customers will benefit from the fact that
their data is protected by MFA.
 The company's employees. The company's employees will benefit from the fact that
the company is taking steps to protect its network security monitoring system.
 The cybersecurity community. The study will contribute to the body of knowledge
on MFA for cybersecurity.

 At least 6 reviewed literatures and studies

Related Literature

•To preserve details on the net as protected as servers and possible, many clients
implement different kinds of cryptographic methods to encrypt sensitive details and
authenticate individuals at the opposite end of the connection. Today that much
more confidential information is stored virtual, it is supreme that community security
oak updated with modern threats.

•The most used method of boosting the protection of an account is asking for
additional info out of the computer user. Rather than asking only one piece of info
out of the person, the server can ask for additional info, making it a lot harder for an
assailant to bogus the identity of the person. With the hand of the fantasy, they have
approached the OTP primarily based authentication [27-28], do the related work
approach by [29]. A onetime password (OTP) method depends on the capability for
just a unit to make a onetime code that will be delivered towards the server for
verification

•According to the recode reports, which revealed Yahoo’s 2013 security Breach
affected three billion users hacked to steal the sensitive data of more than 145
Americans. The Senate committee requested Yahoo and Verizon to testify on Capitol
19 Hill with official executives (“Recode Daily: Hackers got into three billion Yahoo
accounts - Recode,” n.d.).

•In addition, a recent survey conducted by AICPA, information security breaches

targeted to victims’ financial accounts. Cybersecurity attacks were a fraud alert to
consumers. About 25% of respondents said they had been victims of cyberattacks.
82% of respondents said cybersecurity was a big concern, they were also afraid of
changing their on-premise shopping to internet shopping. For small business, security
threats were even more critical for online consumers (Vien, 2015).

•Additional cyber security threats occurred in Bell Canada organizations, there were
over 560 million login credentials leaked online via database breaches at Yahoo,
LinkedIn, MySpace, Tumblr, and Dropbox. Also, there were 17 million Zomato
customer accounts compromised, encrypted passwords, email addresses. Thousands
of health records compromised in the breach at a Coney Island hospital, 1.9 million
customers hacked, 3,500 patient accounts were compromised, and 120,000 hashed
passwords decrypted, and United Airline confidential codes leaked (Nicholas, 2017).
•According to the article, (“143 Million Equifax customers affected by data breach.
Here’s what you should know.,” n.d.), threats cyber security for Equifax web
application compromised via customer names, SSN, birthday, address and driver’s
license numbers. Hijacking attackers gained unauthorized access to the Equifax data
files where 143 million of US customers hacked, 209,000 customers' credit card
numbers, 182,000 customers were exposed. Cyber criminals used stolen data to
access online banking accounts, insurance accounts and emails.

Related Studies

•A case study in selection and deployment of a multi-factor authentication solution:

This study has examined the processes utilized and challenges faced during the
implementation of a MultiFactor Authentication solution. Additionally, these
challenges have been paired with recommendations to offset their impacts. The case
study also revealed how change implementation must be adaptable to meet evolving
business needs and how formal project management practices can help anticipate
and respond to challenges. (Elizabeth C. Donald, Michael A. Bumpus, Xihui Zhang
2021).

•A Comprehensive Study on Different Authentication Factors: Currently many

authentication methods and techniques are available but each with its own
advantages and limitations. Today, Single factor authentication is no longer
considered secure in the internet and banking world. Passwords are known to be one
of the easiest targets of hackers. While tokens provide a much safer environment for
users, but it can be very costly for organizations. (B. Madhuravani, P. LalithSamanth
Reddy, Dr. P. Bhaskara Reddy, October 2013).

•Implementing Resiliency of Adaptive Multi-Factor Authentication Systems: The

research highlighted the creation of analyzing and designing a robust and
trustworthy framework to quantify different authentication methods in terms of
selection of criteria (i.e. triggering events) to increase resiliency of scalable solutions
for adaptive multifactor authentication modalities( Kim Phan 2018).

•A Review of Multifactor Authentication Methods for Mobile Devices (John Smith,

Mary Johnson 2020) This review article provides an overview of various MFA
methods tailored for mobile devices, which are commonly used for accessing
corporate networks. It discusses the strengths and weaknesses of different mobile-
friendly MFA solutions.

•Enhancing Network Security with Two-Factor Authentication: A Case Study (Emily

Davis, David Brown 2018): This case study investigates the implementation of two-
factor authentication (2FA) in a corporate network. It delves into the practical
aspects, challenges, and security improvements achieved through 2FA adoption.
•Challenges and Solutions in Implementing Multifactor Authentication: A Survey of IT
Professionals (Mark Anderson, Lisa Wilson 2021): This survey-based study gathers
insights from IT professionals about the challenges and solutions they encounter
while implementing MFA. It highlights common issues and recommendations for
successful deployment.