IS 414 Business

Network
Technology
Group Members:
Ayesha Lata- S11003003
WEEK 11 CASE STUDY TUTORIAL
Nitlesh Buttru- S11190954
Yonal Sen – S11123891
Rahul Prasad- S11108216
Siddarth Singh- S11121210
Response Layout

 1. Introduction
 2. Relevance to the Course
 3. Dissection of the Case Study
 4. Solutions
 5. Recommendation
 6. Conclusion
Case Study Question

Western Bank is a small, family-owned bank

with six branches spread over the country. It
has decided to move onto the Internet with a
website that permits customers to access their
accounts and pay bills. Design the key
security hardware and software the bank
should use.
Network security
What is Network security
Network security is a software designed to protect the usability and accessibility of
network and data.
Network and Internet Security prevents and detects the hackers, viruses and many
other different types of intruders that try to enter the network system without
permission.
There are two types of attacks in network:
1.) Active attacks- is where the attacker modifies the content of the messages. E.g.
Denial-of-service.
2.) Passive attack- the attacker observes the messages and uses them for malicious
purposes.
Basic Security Services
 Authentication
 All users connected in the network is given username and unique password to secure their account and manage
their online transections.
 Access control
 Prevents the unauthorized user to access the network.
 Data Confidentiality
 The data is protected from unauthorized disclosure.
 Data Integrity
 Assurance that the data received are exactly as sent by an authorized sender. No modification in between the
transection made.
 Non-Repudiation
 Protection against denial by one of the parties in the communication or data exchanging. The confirmation is also
made upon the sending and receiving of data.
 Security Mechanisms
Cryptographic Security

Software and hardware for access limitations

Intrusion Detection and Prevention Systems

Traffic Padding

Hardware for authentication

Security Policies / Access Control

Physical security
Cryptographic Security
 The encrypted Data is sent where the data is changed into unreadable form and when the data is received by the
authorized person the data is decrypted so that it is readable. This is done by using Encryption Program or Hash coding.
 Message Digest – data is encrypted with no recovery
 Two types of Keys used in Cryptographic Process- Symmetric key system and Public (Asymmetric) key system.
Why western bank is moving online

 Websites work. No matter what your business or profession, a website can

generate business, promote goodwill among customers and prospects, and deliver
strong marketing messages - whether your business is small, large or in-between,
well-established or brand-new.
 Perhaps the most common misconception about business websites is that they
must offer products for purchase, accept credit cards and process financial
transactions, and so on. Nothing could be farther from the truth.
Questions

 What are the common threats for online services?

 What security measures will you recommend?
Solution
In order to commence with the website, our team proposes that the bank firstly, needs to
encrypt this website for the security and protection of its users.
There are two fundamentally different types of encryption: symmetric and asymmetric.
 Western Bank should use a public key encryption because with a single key
encryption, keys must be shared among the senders and receivers very carefully
 Public key encryption is one of the most secure encryption techniques used
in todays secured world. As the length of software keys increases to
accommodate evolving needs for greater security, so the marketplace
demands a wider variety of cryptographic implementations.
 The very high level of security for financial transactions is a timely example
of why and how only embedded cryptography can protect both those systems
and their users.
 In terms of hardware, security can pertain to a device used to scan a system or
monitor network traffic.
 Common examples include hardware firewalls and proxy servers. More
examples include hardware security modules (HSM), which provision
cryptographic keys for critical functions such as encryption, decryption
and authentication for various systems
 For cyber attacks and Identity theft from online banking. Firstly, authentication
(do you have an account) and second, two-factor authentication (an ATM
card/security pin). IPS and anti-malware devices work in concert with Security
Information and Event Management solutions to serve as security cameras,
performing additional security checks. These solutions leverage crowd
sourcing and big-data analytics to analyze data from a massive global
community and identify bank-robbing malware in advance.
 Conclusion and Recommendation

Nevertheless, unlike the vast array of consumer devices, financial

01 Conclusion
terminals still require a high level of security. These terminals are critical
targets for tampering, so security for the standard PCI PTS addresses must
include physical protection and broad use of cryptography

02 Conclusion
hardware, security can pertain to a device used to scan a system or
monitor network traffic.

Western Bank should use a public key encryption because with a single key
03 Recommendation encryption, keys must be shared among the senders and receivers very
carefully.

Companies often do not want one company to be able to read messages they

04 Recommendation
send to another company, so this means that there must be a separate key
used for communication with each company. These keys must be recorded but
kept secure so that they cannot be stolen.
Thank You!!