ABSTRACT
Information inside the
database is shared by multiple parties such as internal users, partners,
contractors and others. Sensitive data stored in database could be a target to
attackers. The attacker for data stored in database not only from external but
also from within the organization. Adding the database encryption, valuable
information in database becomes more secure since the encrypted data ensure the
confidentiality of the data. Many cipher techniques have been developed over
years for database encryption yet database are still compromised.
To solve the problem of
encrypting mechanism of a database system provide, this research proposed a
database encrypting system architecture. The study examined some encryption architectures
such as DES, PGP, DIFFE and RSA. The database encryption system was developed using
Microsoft C sharp (C#) language.
The result has shown that
the algorithm is working properly, where the decryption process produced
similar output as the original plaintext and it ran through specified
configuration and evaluated thoroughly with respect to database approach and
algorithm technique to prove the design.
TABLE OF
CONTENTS
CHAPTER
ONE
1.0 INTRODUCTION
1.1
BACKGROUND OF THE STUDY
1.2 STATEMENT OF THE PROBLEM
1.3 OBJECTIVES
OF THE STUDY
1.4 SIGNIFICANCE OF THE STUDY
1.5
LIMITATIONS OF THE STUDY
1.6
SCOPE OF THE STUDY
1.6 DEFINITION
OF TERMS
CHAPTER TWO
2.0 LITERATURE
REVIEW
2.1 THE CONCEPT OF CRYPTOSECURITY
2.2 CRYPTOGRAPHY
2.3 DES
– DATA ENCRYPTION STANDARD
2.4 PGP
– PRETTY GOOD PRIVACY
2.5 DIFFE-HELLMAN-MERKEL KEY EXCHANGE
2.6 RSA-
Rivest, Shamir and Adleman
2.7 THE
IMPACT OF MODERN ELECTRONICS ON CRYPTOGRAPHICAL SYSTEMS
2.8 APPLICATION OF CRYTOLOGY IN PRIVATE AND COMMERCIAL LIFE
CHAPTER THREE
3.0 RESEARCH
METHODOLOGY AND SYSTEM ANALYSIS
3.I SYSTEM
INVESTIGATIONS AND ANALYSIS
3.2 FACT
FINDING
3.3 RESEARCH
METHODOLOGY
3.4
SOURCES OF DATA
3.5 METHODS OF DATA COLLECTION
3.6 ANALYSIS
OF DATA
3.7 SYSTEM ANAYSIS
3.8 CRYPTOGRAPHY
KEYS
3.9 SYMMETRIC-KEY
CRYPTOGRAPHY
3.10 Ciphers
3.10.1
Substitution Ciphers:
3.10.2
Transposition Cipher:
3.11 PUBLIC
KEY CRYPTOGRAPHY
3.11.1
Public-Key Certification
3.11.2
Certification Authority (CA)
3.12 MESSAGE
SECURITY
3.12.1
Message Privacy
3.12.2
Privacy with Symmetric-Key Cryptography
3.12.3
Privacy with Public Cryptography
3.12.4
Message Authentication
3.12.5
Integrity
3.12.6
Non-repudiation or Data origin
3.13 DIGITAL
SIGNATURE
3.14
SIGNING THE DIGEST
3.
15 KEY
MANAGEMENT
3.16 SYMMETRIC KEY DISTRIBUTION
3.16.1
Certification Authority (CA)
3.16.2 Session Keys
3.16.3 Diffie – Hellman method
3.16.4 Prerequisites:
3.16.5 Procedure:
3.17 DESIGN OF THE NEW SYSTEM
3.18 PROPOSAL OF THE NEW SYSTEM
3.19 OBJECTIVES OF THE NEW SYSTEM
3.20 DESIGN
OF THE NEW SYSTEM
3.21 THE ALGORITHM
CHAPTER FOUR
4.0 PROGRAMMING,
IMPLEMENTATION AND TEST RUN
4.1 CHOICE
OF PROGRAMMING LANGUAGE
4.2
PROGRAM DEVELOPMENT PROGRAM DESIGN
4.3 CREATING THE SOURCE PROGRAM
4.4 TAKING
IT OUT FOR A TEST RUN
4.5 THE
PROGRAM FRAME WORK
4.6 PROGRAM
FLOWCHARTS
4.7 PROGRAM
IMPLEMENTATION
4.7.1 INTRODUCTION
CHAPTER FIVE
5.0 SUMMARY, RECOMMENDATIONS
AND CONCLUSION
5.1 SUMMARY
5.3 RECOMMENDATION:
5.2 CONCLUSION:
BIBLIOGRAPHY
APPENDIX
1: FLOWCHART
APPENDIX 2:
PROGRAM SOURCE CODE
CHAPTER ONE
1.0 INTRODUCTION
In the past, security was simply a
matter of locking the door or storing files in a locked filing cabinet or safe.
Today, paper is no longer the only medium of choice for housing information.
Files are stored in computer databases as well as file cabinets. Hard drives
and floppy disks hold many of our secret information..
In the physical world, security is a
fairly simple concept. If the locks on your house’s doors and windows are so
strong that a thief cannot break in to steal your belongings, the house is
secure. For further protection against intruders breaking through the locks,
you might have security alarms. Similarly, if someone tries to fraudulently
withdraw money from your bank account but the teller asks for identification
and does not trust the thief’s story, your money is secure. When you sign a
contract with another person, the signatures are the legal driving force that
impels both parties to honor their word.
In
the digital world, security works in a similar way. One concept is privacy, meaning that no one can
break into files to read your sensitive data (such as medical records) or steal
money (by, for example, obtaining credit card numbers or online brokerage
accounts information). Privacy is the lock on the door. Another concept, data integrity, refers to a mechanism
that tells us when something has been altered. That’s the alarm. By applying
the practice of authentication, we
can verify identities. That’s comparable to the ID required to withdraw money
from a bank account (or conduct a transaction with an online broker). And
finally, non repudiation is a
legal driving force that impels people to honor their word.
As
the Internet becomes a more pervasive part of daily life, the need for
e-security becomes even more critical. Any organization engaged in online
activity must assess and manage the e-security risks associated with this
activity. Effective use of cryptographic techniques is at the core of many of
these risk-management strategies. The most important security tool is
cryptography.
1.2
BACKGROUND
OF THE STUDY
Before the modern era, cryptography was concerned
solely with message confidentiality (i.e., encryption) — conversion of messages
from a comprehensible form into an incomprehensible one, and back again at the
other end, rendering it unreadable by interceptors or eavesdroppers without
secret knowledge (namely, the key needed for decryption of that message). In
recent decades, the field has expanded beyond confidentiality concerns to
include techniques for message integrity checking, sender/receiver identity
authentication, digital signatures, interactive proofs, and secure computation,
amongst others.
Encryption attempts to ensure secrecy in
communications, such as those of spies, military leaders, and diplomats, but it
have also had religious applications.
Steganography (i.e., hiding even the existence of a
message so as to keep it confidential) was also first developed in ancient
times. An early example, from Herodotus, concealed a message - a tattoo on a
slave's shaved head - under the regrown hair. More modern examples of
steganographyk include the use of invisible ink, microdots, and digital watermarks
to conceal information.
1.2 STATEMENT
OF THE PROBLEM
The
problem is security. The password method used in almost all commercial
operating systems is probably not very strong against a sophisticated or
unsophisticated attacker. The choice of data encryption comes next in the minds
of those that want reduction of unauthorized access on confidential files or
data.
Security provided by the computer
operating systems come with a preset super user account and password. The super
user may have a password to control network functionality, another to conduct
or access nightly backups, create accounts, and so on. For a cracker, logging
on to a system as the super user is possibly the best way to collect data or do
damage. If the super user has not changed an operating system’s preprogrammed
passwords, the network is vulnerable to attack. Most crackers know these
passwords, and their first attempt to break into a network is simply to try
them. If an attacker cannot log on as the super user, the next best thing might
be to figure out the user name and password of a regular user. It is used to be
standard practice in most Universities and colleges, and in some commercial
companies, to assign every student or employee an account with user name and
initial password – the password being the user name. Everyone was instructed to
log on and change the password, but often, hackers and crackers logged on
before legitimate users had a chance.
1.3 OBJECTIVES
OF THE STUDY
a.
To
understand and improve the computer data security through encryption of data.
b.
To
provide a means of safeguarding data in
a system
c.
To
enhance the integrity of data
d.
To
facilitate the use of more sopheasted tool against hacking, cracking, bugging
of a system.
e.
To
develop a platform to complement physical security.
1.4 SIGNIFICANCE
OF THE STUDY
Data
security in these contemporary times is a
must. For your secrets to be secure, it may be necessary to add
protections not provided by your computer operating systems. The built-in
protections may be adequate in some cases. If no one ever tries to break into
or steal data from a particular computer, its data will be safe. Or if the
intruder has not learned how to get around the simple default mechanisms,
they’re sufficient. But many attackers do have the skills and resources to
break various security systems. If you decide to do nothing and hope that no
skilled cracker targets your information, you may get lucky, and nothing bad
will happen.
One
of the most important tools for protecting your data from an authorized access
is Data Encryption, any of various methods that are used to turn readable files
into gibberish. Even if an attacker obtains the contents of the file, it is
gibberish. It does not matter whether or not the operating system protections worked.
1.7
LIMITATIONS OF THE STUDY
Technology constraint: The problem encountered here is
searching information about computer security through Data Encryption and Key
Hash Algorithm and another problem is
since the secret key has to be send to the receiver of the encrypted data, it
is hard to securely pass the key over the network to the receiver.
Time constraint: the time giving for the submission of
this project work was not really enough
for the researcher to extensively carry out more research on this work.
Financial constraint: there was not enough money to
extensively carry out this work.
1.8
SCOPE OF THE STUDY
Computer
Security has been defined as the art of protecting computer system and
information from harm and unauthorized use .the most important security tool
beyond human integrity used is cryptography. which is used to hide data from
public view and to ensure that the integrity and privacy of any data sent
across a network is not compromised. cryptography involves encryption and
decryption process .the scope of this study covers the message security
,message integrity, user authentication and key management of messages.
1.6 DEFINITION
OF TERMS
SECURITY: The set of accesses controls and
permission that are used to determine if a server can grant a request for a
service or resource from a client.
PASSWORD: An identity that defines an
authorized users of a computer in order to access to the system.
SOFTWARE: A collection of computer programs
that runs as a group to accomplish a set of objectives which could be referred
to as job.
SYSTEM: An organized unit which composed of
two or more inter related parts that functions together to achieve a particular
goal.
ENCRYPTION: The process of converting ordinary
information (plaintext) into unintelligible gibberish (that is, cipher text).
DECRYPTION: The reverse, moving from
unintelligible cipher text to plain text.
ALOGRITM: This is a sequential way of solving a
problem.
CRYPTOGRAPHY: This is used to hide data from public
view and to ensure that the integrity and privacy of any data sent across a
network has not been compromised.
Login To Comment