1
7504ICT Network and Information Security
Assignment 2
Due date: 23rd May 2014 (Friday of Week 11)
The report should be submitted through the SafeAssigment under the Assessment section on the course site at Learning@Griffith.
Value: 10% of the total assessment.
You can choose one of the following two options to complete the assignment:
Option 1:
You can are required to research into one of the following topics on data security or computer-network security and to write a report. The report should be of 1500 – 2000 words. Topics to select from are:
Cryptanalysis of well-known ciphers (e.g., AES, RSA, SHA, etc.)
Multi-factor authentication and its applications
Security in digital content distributing systems
Digital copyright protection
Privacy protection in electronic commerce
Privacy and security issues in eHealth
Access control and data integrity for hospital databases
Protection of network-based systems against distributed denial-of-service attacks
IPsec implementation issues in wireless networks
Secure wireless routing
Challenges and solutions for security in mobile ad-hoc networks
Security in peer-to-peer networks
Security in on-line network games
IPv6 security issues
Digital watermarking and fingerprinting
The report should provide an in-depth analysis of the topic based on your research. It is expected that: (1) The security theories, principles, and techniques covered by the subject are applied to your analysis; and (2) The report should include your research findings.
2
Please note that every student is welcome to choose this option. If you have completed a research report for your first assignment, you may select a new topic to do or continue your topic for the first assignment.
For those who choose to do research and to write reports for both assignments 1 and 2, please make sure that the two research reports are different in the following aspects.
(1) The second research report should include applications of the security theories, principles, and techniques of the subject.
(2) The second report should include your research findings (such as, improved security techniques, improved protocols, or new security techniques proposed by yourself).
(3) The two reports should not have 20% or more overlap (if you choose the same topic as the first assignment).
Option 2:
Based on the following background information and project requirements, complete a project making use of OPNET:
Background: AusCloud Brisbane is an IT company located in Brisbane. The company has offices in Melbourne and Sydney. They are now planning to extend the businesses to Singapore and Hong Kong. The company has experienced several security attacks in the past, for example, some business data labelled as “sensitive” and “confidential” has been found in a report published on the Internet, and a number of malicious intrusions to the network of the company have been detected. The company has just made a budget to support a plan for improving the security of the network and information system. The plan includes improving the security of the current network and establishing a secure environment for data exchange between the headquarters (Brisbane) and other offices.
Project Description: The objectives of the project include: (1) to study how the database and web services can be protected against unauthorized use while maintaining access for authorized users by using firewall and VPN techniques; and (2) to study how secure data exchange over the Internet can be achieved by using encryption.
For the project, you are required, based on the background information given above, to implement a simulator using the OPNET IT Guru. On completion of the project you are expected to submit a report. (The requirements for the simulator and the report will be given below).
Requirements for the simulator:
(a). The simulator will have at least two servers: database server and web server.
(b). The offices in Melbourne and Sydney can access all the data, web services, and other applications.
(c). The office in Singapore cannot access the database.
(d). The office in Hong Kong cannot access the web services.
(e). The information exchange between the headquarters and authorized offices should be protected by encryption (hints will be given below on simulating the effect of encryption by using OPNET).
3
(f). The simulator should include the following scenarios for comparison purpose:
Scenario 1: No firewall, VPN, or encryption is employed, that is, a network without any protection.
Scenario 2: Only firewall is implemented.
Scenario 3: Employing both firewall(s) and VPN(s) to meet the requirements (a) – (d) given above.
Scenario 4: Implementing firewall(s), VPN(s), and encryption to meet the requirements (a)-(e).
The report should include:
A summary of the addressed topic and the objectives of the project.
Procedure of implementing the simulator, including the steps of creating and configuring the scenarios.
Results obtained throughout the simulation.
Analysis of the simulation results, a comparison of the results between scenarios, and a comparison of the simulation results with the theoretical expectations. This part should include an explanation of the following:
− For each of the requirements (b)-(e), how do you know it has been met? and by what simulation results?
− How does the implementation of security techniques affect the network performance?
A conclusion that includes what you have learned and recommendations you wish to make to the company, AusCloud Brisbane.
