A model that facilitate secure transmission of examinations data
Abstract
The tremendous growth of the digital data environments requires new architectures for
security services prompting a need for secure transfer of data especially across institutions of
higher learning. However, there are fundamental security concerns to be considered before
data can be transferred and these include attacks both passive (unauthorized access) and
active attacks (destruction), editing and data reproduction. This research brings forth a model
that ensures integrity of data by minimizing unauthorized access attacks. This research uses
symmetric key encryption algorithm, in which same structure of encryption and decryption is
used. The model provides an extension called a guard where the algorithm uses key
generation method by random number for increasing efficiency of algorithm. The internal
key generator will store the sender key and send to the receiver end by other path for
preventing harmful attacks on the model.
To evaluate the developed security model, a prototype was developed using java. The
prototype had inbuilt security logs to access who or what was being accessed in the
prototype. A statistical method was used to determine the sample size of the security logs
collected by the prototype for a period of one month. The logs were analyzed before the key
generator was implemented and after implementing it. The analysis showed the Number of
login failures after the key generator was implemented was 105, operation problems were 20
and potentially dangerous files were 17. An analysis on the number of unauthorized access
before and after implementing the prototype was done and this shows that after the key
generator was implemented, the number of users trying to access the prototype was reduced.
Also the number of users who managed to access the prototype and tried to decrypt the
uploaded text files had also reduced. These experiments showed that AES based model with
key generator has improved the security aspect of the prototype and therefore text files can be
uploaded in an encrypted format to ensure that unauthorized users don’t get access to the text
files. This analysis shows that it is possible to confidently upload encrypted documents.
This model provides a basic design allowing encryption and decryption to be performed by
combining a high quality scrambling technique with a strong encryption/decryption
mechanism. This research has brought forth a secure model for transmission of files with an
emphasis on examinations related files.
Publisher
University of Nairobi
Description
Thesis