Crypto Security Architecture Exercise

Crypto Security Architecture Exercise

Scenario

You work for the Apex Trucking Company. This is a firm that moves materials for

clients all over North America and Europe. The leadership of the company has no real

knowledge of technology, but wants to use encryption to protect the information the

company has. The information to be protected consists of future marketing plans for the

company, financial data, employee records, customer records, and customer shipping

date.

The company wants the capability to securely allow customers to track their orders in real

time from their origin to their destination on-line over the Internet. The information that

is to be supplied to customers is tracking number, location of shipment, size of shipment,

value of shipment, and estimated time of arrival as well as the customer contact

information for this shipment.

While this information can be made available from a central server, the marketing groups

in Europe, Mexico and Canada need management access to the data to enter new

shipments and change orders before they ship.

The company currently is using desktops running Windows XP and Windows based

servers. There are only passwords used for security, and a firewall, but no encryption to

protect the information.

The project is to provide the above capability securely using encryption, as well as

providing additional security to the company via encryption. You will need to address

new technology, the reasons and costs behind your choices, and what policy and legal

implications there are to your encryption solution

There is at least one marketing group in Mexico, Germany, and Canada, as well as three

in the US. The company is based in New York. It is important that customers can rely

on the shipping data being accurate, and from the company.

You’re assigned this crypto architecture project.

Configuration

The current configuration has one server acting as a firewall and web server. This server

is directly attached to the Internet.

There is a database server behind the firewall, as well as a separate server for HR and

marketing. The marketing server needs to be securely accessed by the marketing teams.

They also need to access the database server through an Internet connection to manage

data and display reports.

All databases use MySQL and are currently not secured.

Constraints

Your tasking is crypto architecture. The normal replacement of computers is done on a

rotating schedule. It is outside the scope of your project to plan for the replacement of

computers. Your architecture should work with the computers you have. You may

consider the replacement of equipment if an upgrade or new equipment would be critical

to the crypto architecture.

Specific Tasking

You have been specifically tasked to do the following things and develop a complete and

sound crypto architecture. Remember, the president is very knowledgeable about

cryptography and wants lots of details about how you are going to implement the

encryption.

1. Describe in detail what new cryptographic systems you are going to propose, how

they work, and how they will enhance security. Be specific about these systems

weaknesses and how you plan to compensate for the weaknesses.

2. Describe and explain the impact the new cryptographic security architecture will

have on the current security features and how this impact will be mitigated.

3. What new issues will arise as a result of implementing the new cryptographic

solutions and what are the arguments on either side of these issues?

4. Show a clear and detailed understanding of the existing encryption being used

such as passwords, and operating encryption features not being used and whether

you plan to use these or not, and if not why not.

5. How well will all these new cryptographic features work together? Identify any

areas of concern, and how you propose to resolve conflicts and issues.

6. What if any current security features can be eliminated cost effectively by the new

crypto architecture?

Have fun!