A model that facilitate secure transmission of examinations data

Abstract

The tremendous growth of the digital data environments requires new architectures for security services prompting a need for secure transfer of data especially across institutions of higher learning. However, there are fundamental security concerns to be considered before data can be transferred and these include attacks both passive (unauthorized access) and active attacks (destruction), editing and data reproduction. This research brings forth a model that ensures integrity of data by minimizing unauthorized access attacks. This research uses symmetric key encryption algorithm, in which same structure of encryption and decryption is used. The model provides an extension called a guard where the algorithm uses key generation method by random number for increasing efficiency of algorithm. The internal key generator will store the sender key and send to the receiver end by other path for preventing harmful attacks on the model. To evaluate the developed security model, a prototype was developed using java. The prototype had inbuilt security logs to access who or what was being accessed in the prototype. A statistical method was used to determine the sample size of the security logs collected by the prototype for a period of one month. The logs were analyzed before the key generator was implemented and after implementing it. The analysis showed the Number of login failures after the key generator was implemented was 105, operation problems were 20 and potentially dangerous files were 17. An analysis on the number of unauthorized access before and after implementing the prototype was done and this shows that after the key generator was implemented, the number of users trying to access the prototype was reduced. Also the number of users who managed to access the prototype and tried to decrypt the uploaded text files had also reduced. These experiments showed that AES based model with key generator has improved the security aspect of the prototype and therefore text files can be uploaded in an encrypted format to ensure that unauthorized users don’t get access to the text files. This analysis shows that it is possible to confidently upload encrypted documents. This model provides a basic design allowing encryption and decryption to be performed by combining a high quality scrambling technique with a strong encryption/decryption mechanism. This research has brought forth a secure model for transmission of files with an emphasis on examinations related files.