dependable expert writers

With experience gained since 2003, EssayPride successfully completes 98% of all incoming orders. Select options, proceed, and consider your paper done!

Assignment type

Deadline (UTC)

Pages

Search our huge database of over 200,000 free example essays and research papers nearly on any topic imaginable!

Security Threats The Uas System example essay topic

1,976 words

Executive Summary The Unified Authentication Scheme to support all UK University does have potential benefits. The system allows registered staff and students to access the university resource at any computer facilities available, as long as the user has been granted with the access. It creates a centralised control of user access, which can reduce the computer support provided within the local university departments. The scale of the implementation is enormous as the requirements of the system would be different at different university so defining different level of security within each university is difficult. The amount of money that will need to be invested may not be appropriate just for funding a new authentication system. The timescale to migrate on to the UAS system would be difficult to estimate, as the organisation process would be tough to manage.

Requirement of the Unified Authentication Scheme (UAS) system. The Unified Authentication Scheme system will become one centralised authentication service that will serve all the UK university computer users... The system must be secure that it is strong enough to protect against any security threats such as eavesdropping, tampering and vandalism... The system must provide a reliable service that does not fall over which means a backup or cold stand-by must be available for any unlikely event... The system must provide a transparent authentication service where user should not be aware of the authentication is taking place to a limit where they only need to enter their password at login...

The system must also be scalable that is capable to provide the service to support large numbers of clients and server over all the UK university... The system will provide each registered user with one login id with its corresponding password, this will allow user to gain access to the service that has given rights to. Potential Benefits of UAS system. The UAS can become a comprehensive standard over the UK universities. It creates a centralised control of user access that means one centralised database holding all registered user so easier to manage. This can reduce the amount of duplicated information stored of users...

Communication between the same departments of different university can be made easily with the ability to share data and resources... Allowing registered staff or students to use the computer facilities available in any UK university campus with the one generic user login id and password... System can reduce the Computer Support provided in the university, in the ideal situation UAS can replace the Central Computing Service, Management Information System and local department computer support, which can reduce the running and staff cost. Potential Drawbacks of UAS system. The UAS system is a very complex and complicated system to implement in a full scale...

The timescale to have all UK university running with the scheme and all people in all universities to be registered with UAS will be impossible to estimate and will be assumed to be a very long period... The amount of information the system is covering may be difficult to manage... The system can be very fragile with high risk of security loopholes because once the centralised database has been broken into virtually all the information held could be tampered or vandalized... The UAS system has one centralised authentication service may not be able to cater for all the different department local service needs which includes administrative department or the general cluster room service for students. The administrative department has more sensitive and crucial information that needs higher security. UAS may not be able to provide this extra protection unlike the local computer service, which has tailored made security system.

Security Threats The UAS system is faced with a large number of possible security attacks over the network. One possible security threat is the intruder who is not authorized to use the computer and who penetrates the system's access control to exploit other user's account. The intruder who can be an insider or outsider can attempt to read privileged data, perform unauthorized modifications to data or disrupted the system. Another possible security threat is software trespass can take the form of a virus, worm or Trojan horse. The UAS system is wide open to such attack as a virus or Trojan horse may be introduced into the system by means of a diskette. These threats can be divided into two categories, those that need a host program and those that are independent.

The main goal of security is to prevent and restrict access to information and resources. Attacks and threats on a distributed system depend highly upon obtaining access to existing communication channels. Security threats can be classified into passive and active threats. Passive Threats The goal is to obtain information that is being transmitted in the form of eavesdropping, which is obtaining copies of messages without authority. This is usually obtained via an electronic mail message or a transferred file may contain sensitive and confidential information.

This form of attack is difficult to detect as it does not involve any alteration of the data so to prevent these kind of attacks is by initial prevention rather then detection. Active Threats This type of threats include interruption, modification and fabrication which means the attack involve some modification of the data or creation of false data which can be divided into four different categories... Masquerading that is sending or receiving messages using identity of another principal without authority... Replaying involves passive capture of data and sending them at a later time that is effective even with authenticated and encrypted messages... Modification of message where messages are intercepted and their content is altered before passing onto the intended recipient...

Denial of service is disruption of a network by flooding a channel or other resource with messages in order to degrade the performance or deny access for others. Architecture that address the UAS system The requirement of the UAS system is to be secure and reliable on protecting information held. It must be transparent to the user as they should not be aware of the authentication is taking place. No single security tool can secure the network but using effective collection of security tools each focusing on a particular security requirement to achieve the required system. The system must be scalable such that it is capable of supporting large numbers of clients and servers to achieve a truly distributed architecture.

To support the basic requirement of the UAS system, the overall scheme of Kerberos architecture with trusted third party authentication service that uses a protocol based on the proposed by Newham and Schroeder, can deal with this problem. The clients and servers of all the UK University trust Kerberos to mediate their mutual authentication. Therefore the Kerberos has become the Key Distribution Centre holding the Authentication database, which handles the Authentication service and Ticket granting service. The Authentication service verifies user's access right in the database, creates ticket granting ticket and session key. The Ticket granting service verifies request then creates ticket for user to access requested server. In order to run and support the full-scale UAS system the Kerberos server must have the user ID and hashed password of all participating user in its database.

The Kerberos server must share a secret key with each server that is registered. In turn this generates a realm that consists of the Kerberos service as a server running on a secure machine that is used, by a large number of clients and application servers. To support inter realm authentication would require the Kerberos server to share secret key with each inter operating server in other realm. The Kerberos server must be both registered on each other's domain. This mechanism for supporting inter-realm authentication can get extremely complex and cumbersome. The UAS system would want to avoid setting up different realms for different administrative organisation, as this would not be practical.

To protect more restricted and critical information in administrative departments, digital certificate will be deploy to control access from a Certificate Authority to establish secure communications to allow approved user to gain access to critical information. Firewalls are also needed to control traffic between the internal computers against the outside computer. The firewalls embrace a restrictive policy of denying access unless specifically granted. Local servers must have up to date virus checker installed and be active to scan on the local network to detect any infection cause by careless users. All of the above security protocols must be well designed in order to provide a secure authentication service but the security server itself must be secure. This would mean that the server itself is guarded like in a locked room.

It can only be access by operation staff with valid access. Issues migrating to Proposed system and Operational Issues The time period to deliver the proposed system is a major issue, in order for the UAS system to be up and running all severs and all users in each university will need to be registered onto the system. The funding agent must have a well planned and structure organisation to commence the move from old system to the new one. The proposed system can only be migrated in a sensible progress with one university at one time. This would include system operations staff to carry out all relevant hardware and software installation. Testing the system once the migration has occurred which includes the need to verify data migrated correctly and to verify the system functionality works.

Operational Issues. The UAS system is aimed to reduce the number of support staff at the lower level at each University to reduce cost. The task that was carried out by Central Computing Service, Management Information System and local department computer support must be handled over with proper procedures... The operational team must have a first line of support that deals with day-to-day user problem such as forgetting their password.

Standard procedures such as registering new users on to the system must be well documented... Staff training is essential in order to become a system administrator... The system must have reliable backup if the system fails in any unlikely event, which means the backup procedures must be well structure and planned which allows restoring files from backup to be trivial... Must monitor system activity and try to tune system parameters to avoid the system being overloaded and must look out for abnormal system behaviour and to detect and security attacks.

Recommendation After examining at all the aspect relating to setting up the UAS system for the all UK University, which includes technical and operational issues. There are clear benefits in funding the system but the overall drawbacks overcome the potential move to the proposed system. This is due to the scale of the implementation being too ambitious. It requires a radical change in the management of computing support and service in each university. The UAS system may not be able to protect and to provide an appropriate level of protection for all applications. The investment of UAS system is large and difficult to establish a certain budget, as it is difficult to estimate the time period needed to implement the whole security model over the all universities.

The UAS system can work effective within one university, for example in UCL where students can have one generic student id and password to access all the computer facilities.

Things every student should keep in mind

Free example essays found anywhere online are available to anyone, which makes them used, re-used, paraphrased, and abused millions of times.
Watch out, some are poorly written!
We strongly discourage you to submit free essays or any of their parts for credit at your school -- they are easily detected by PLAGIARISM CHECKERS.
Get a brand-new, 100% original paper that will be written especially for you following YOUR EXACT instructions.

100% money back, no questions asked if you paper is plagiarized (this won't happen anyway).

We use a simple but effective principle: one satisfied customer will come back for more, but one who was cheated and misled will tell 10 others too.

Our clients are treated with the highest level of respect that a legitimate student deserves. You, as a customer, will feel this attitude starting from your first contact with our essay service and all the way through.

A significant percentage of cheap essay writing services have also been the source of complaints from students for selling cut and pasted work off the net -- this is a world away from the personalized essay service that EssayPride offers. All our guarantees are always kept -- we are nothing without quality, affordable prices, and the high degree of customer satisfaction!

What our customers say

Piotr S.
Toronto, Canada

I am an ESL student and I am only learning how to write good papers in English. Thanks to EssayPride I am mastering this skill much faster. They help me because they always respond any questions and explain me things I do not understand. They also strictly follow the deadlines and I am never late with my assignments. Thank you very much, guys, your hard work is appreciated. I will surely be ordering more.

Lindsay M.
Winston Salem, NC

Oh my Gosh! My life has become sooo much easier after I've come across this website. I am a working student, so sometimes I am too overwhelmed with so many things and I really need a hand with my papers. I am glad I have found a company I can trust. I have confidence in these guys, because they proved to be good quite a few times.

Kirk N.
Austin, TX

I never leave reviews for products or services because I am quite particular and picky. Surprisingly enough, EssayPride has managed to satisfy all of my requirements, even though I asked for several alterations to the paper they've sent initially. My assignments are quite complicated and it is essential to possess a certain level of knowledge in order to write a decent paper. These guys have managed, so I give them four stars.

Emma Ch.
Birmingham, UK

Customer service is very responsive to your queries, they answer any question within an hour. Even if you have a problem with an order, you can contact them and they will fix it promptly. The quality of writing is very good, writer knows what he is talking about. I had a very positive experience using this website, I will be a returning customer.

Travis J.
Perth, Australia

I used this website more than once and every time my experience turned out to be extremely positive. I think their price-quality ratio is very good, because I couldn't find anyone writing better than these guys, who would work for this money. Thank you!

Myung O.
Seoul, South Korea

I am a Korean student studying in the US. I would like to thank essaypride staff, especially writer Jeff P., for helping me out so much. My grades are good with all your help and I keep calm about the results of my year.

Boyi Zh.
St. Louis, MO

As probably any student, I was quite hesitant about asking somebody else to do my assignments at first. However, after EssayPride has sent me my first paper and I've read it, I understood that I could actually learn a lot from them. The research they've done was impressive and I understood the topic even better than after going to class and reading my textbook. I am not using this website to "cheat", I am using it as a tutoring service, they help me to understand the material better.

Order ANY essay at an affordable price!

Samples of professionally written essays produced by our company. Feel the difference!

Free example essays, top 50

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X-Z

Our website uses cookies. By continuing, you agree to their use. Learn more, including how to control cookies.