APPLICATION OF SECURED NETWORK ON INTERNAL CONTROL OF AN ORGANIZATION


Content

ABSTRACT

 

The main objective of this project is to find a way of improving data and voice communication over Lagos State University network and to ensure the integrity of data that is sent across the network during communication and transmission of data.

Finally, there is no doubt that an overview of the whole project has achieved its aim and objectives. I believe that proper implementation of this project will improve data integrity and communication security within Lagos State University network.


TABLE OF CONTENT

Title page                                                                                          i

Certification                                                                                                ii

Dedication                                                                                         iii

Acknowledgement                                                                                      iv

Abstract                                                                                            v

Table of Content                                                                               iv

 

CHAPTER ONE

1.0     INTRODUCTION                                                                             1

1.1     STATEMENT OF THE PROBLEM                                       2

1.2     AIM AND OBJECTIVES OF THE STUDY                                    3

1.3     SIGNIFICANCE OF THE STUDY                                         4

1.4     SCOPE OF THE STUDY                                                       4

1.5     METHODOLOGY                                                                  5

1.6     DEFINITION OF TERMS                                                      5

 

CHAPTER TWO 

LITERATURE REVIEW

2.0     OVERVIEW OFCOMPUTER NETWORK SECURITY                 7

2.1     NETWORK OVERVIEW                                                       12

2.2     ORGANIZATIONS IMPLEMENTING LOCAL

AREA NETWORK INFRASTRUCTURE                                       16

 

2.2.1  IMPLEMENTATION OF METROPOLITAN

NETWORK AND WIDE AREA NETWORK                        17

 

2.3     NETWORKING MEDIUM AND DEVICES                          18

2.4     NETWORK PROTOCOL                                                       19

2.5     COMPUTER SECURITY                                                       19

2.6     PHYSICAL COMPUTER THREAT AND SECURITY

          MEASURES ENFORCED                                                      22

 

2.7     NETWORK SECURITY ISSUES AND REVIEW                           24

2.8     NETWORK SECURITY AND DATA

TRANSMISSION REQUIREMENT                                      25

 

2.8.1  NETWORK SPECIFIC COMMUNICATION

THREAT AND ATTACK                                                      26

 

2.9     DATA ENCRYPTION AND DECRYPTION ANALYSIS     29

2.10   TYPES OF CRYPTOGRAPHIC ALGORITHMS

THAT CAN BE IMPLEMENTED                                          30

 

CHAPTER THREE

SYSTEMS ANALYSIS AND DESIGN

3.0     INTRODUCTION                                                                            32

3.1     SYSTEM DESCRIPTION                                                      32

3.1.1  HISTORICAL BACKGROUND                                             33

3.1.2  NETWORK RESOURCES SHARED

AT LASUCOM GROUP                                                                  35

 

3.1.3  NETWORKING WHAT AND HOW                                               35

3.2     DESIGN APPROACH                                                            38

3.3     PROGRAM LAYOUT AND DESIGN                                   38

3.3.1  OUTPUT DESIGN                                                                 38

3.3.2  INPUT DESIGN                                                                     39

3.3.3  ALGORITHM FOR SHA-1 BITWISE PROCESS                           41

 

CHAPTER FOUR

SYSTEMS IMPLEMENTATION AND DOCUMENTATION

4.1     SYSTEM IMPLEMENTATION                                             44

4.2     SITE PREPARATION                                                            44

4.3     HARDWARE SPECIFICATION                                            45

4.4     SOFTWARE SPECIFICATION                                             45

4.5     PROTOCOL SPECIFICATION                                              46

4.6     HARDWARE MAINTENANCE                                            47

4.7     PROGRAM DOCUMENTATION                                          48

4.8     CHOICE OF PROGRAMMING LANGUAGE                       49

 

 

CHAPTER FIVE

SUMMARY, CONCLUSION AND RECOMMENDATIONS

5.0     SUMMARY                                                                            58

5.1     LIMITATIONS                                                                       58

5.2     CONCLUSION                                                                       58

5.3     RECOMMENDATION                                                           58

REFERENCES                                                                                59

APENDIX 1        FLOW CHART                                                    60

APENDIX 2        PROGRAM LISTING                                          61

 

 

 

 

 

CHAPTER ONE

 

1.0     INTRODUCTION

The use of the internet for electronic transfer of both business and personal information has been on the increase in the past decade. As a result, Internet has become a key resource of information. But the same Internet can be and has been used by terrorists, criminals and others to communicate information about unlawful activities. Organizations such as LASUCOM must adopt effective and practical security solution assets.

Information is been shared using various mediums and means in most organizations both to control its activities and to ensure that organization goals and objectives are met. This project will be looking into the Application of Secured Network on Internal Control of an Organization; with more attention placed on the need of making sure that the network is secured. The internet has improved tremendous technology advancements for organizations, resulting in improved business efficiencies and productivity gains. Security threats such as hacking, viruses and remote technologies are threating. A recent trend is the shift to financially motivated attacks and exploits: The 2009 Computer Crime and Security Survey shows that the most expensive computer security incidents were those involving financial fraud.

Increased collaboration and globalization introduce further security challenges. Mobile users bring their laptops and handheld devices in and out of the school’s network. Remote-access users connect from their offices and from public locations. Students who are business outsourcing require direct partner access into the internal network. Onsite visitors, vendors, and contractors may need access to the internal network to accomplish their work. Even “in the-office” workers are subject to threats coming through internet access, and e-mail use. Traditional security products designed to protect closed environments with well-defined security boundaries are no longer effective in securing a network.

Most IT and security departments also face budgetary and personnel resource constraint. Adding to the challenge are the growing complexity and sophistication of new security threats, often, less-than-efficient operations. The college must streamline work processes, improve operational efficiency, and reduce security incidents and financial losses to remain competitive.

 

1.1      STATEMENT OF THE PROBLEM

There are many problems facing network security generally, but to mention few;

v Network infrastructure problem i.e problem with the network model and Architecture implemented.

v Problem of the nature of medium used for communication.

v Physical limitation of equipment used for communication (cable type, data transmission method and computer equipment used)

v OSI model security infrastructure

v Hacking and cracking infrastructure

To effectively protect the college network, the college as an organization need to address several key security questions, including:

v Does the college have full control over who is accessing the network and where each user is permitted to go?

v Does the college have the ability to implement security policies on endpoints-before they connect? Other problems are:

 

1.2     AIM AND OBJECTIVES OF THE STUDY

The purpose of this study is to ensure that LASUCOM implement the right type of network infrastructure and to ensure maximum security of LASUCOM network through implementation of security infrastructure that cannot be easily breached i.e using Cryptographic Hash Function to achieve these goals.

This project explains how the college can use Cryptographic Hash Function to strengthen their security. It discusses how Cryptographic Hash Function is integrated into the college’s lifecycle in terms of supporting role b assed access control Cryptographic Hash Function helps reduce the potential loss of the college’s sensitive information. This helps prevent unauthorized access via the wired, wireless, or remote-access network for better running of the college.

 

1.3     SIGNIFICANCE OF THE STUDY

The project is basically on how to proffer a better means of securing the organization’s data over the network and to better serve the college while using the internet facility.

 

1.4     SCOPE OF THE STUDY

The scope of the project is limited to network model and secure information sharing within LASUCOM using computer hardware and software network infrastructure.

Majority of communication medium, system and technology this day stands the risk of been broken into by unscrupulous individual who either use the opportunity to steal data, back information, crack company security or to seek revenge by attacking network with virus. Having seen these problem posed on network communication, there will be a serious need for secure information infrastructure to be put in place for organization information security. 


 

1.5     METHODOLOGY

The following steps will be followed in carrying out this project:

v Detailed study of the network type and Architecture use in Communication.

v An oral interview will also be carried out to get necessary information about LASUCOM network problem types and its associated security issues.

v Review of different security infrastructure used in transferring information from one location to another.

v Design of different kind of level of network model for secure and non-secure information sharing.

v Creating a security procedure and data originality check procedure for network i.e (cryptographic, Authentication, variation, secrecy rules). 

v Enabling security on Equipment used for a network.

 

1.6     DEFINITION OF TERMS

Cryptography: Art of secret communication and writing.

Security: Act of save keeping, protecting data and information from unauthorized users.

Networking: This is an interconnectivity of two or more systems for communication purposes.

 

Sneaker net: is not informal term describing the transfer of electronic information especially computer files, by physically moving removable media such as magnetic tape, floppy disks, compact discs, USB flash drives, or external hard drives from one computer to another.

Network Security: consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Information Security: means protecting information and information systems from authorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Intrusion Prevention System (IPS): also known as Intrusion Detection and Prevention System (IDPS), they are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about said activity, attempt to block/stop activity, and report activity.

Security Management: is a broad field of management related to asset identification of an organization’s information assets and the development, documentation and implementation of policies, standards, procedures and guidelines.


 

Order Complete Project