Write My Paper Button

WhatsApp Widget

LD7007 Networks Security Assignment Brief 2024-25 | N LD7007 Instructions on Assessment:  This assignment constitutes 30%towards the final mark for this module.

By /

LD7007 Networks Security Assignment Brief 2024-25 | N

LD7007 Instructions on Assessment: 

This assignment constitutes 30%towards the final mark for this module. Any queries relating to this assignment should be discussed with the module tutor. This is a group work contributing to the module assessment. Deliverables should be assembled into a single report document, which includes (critical appraisal, research, and snapshot evidence of tasks carried out and justification of technologies used). Submission will be in the form of an MS Word report (4500 words). 

LD7007 Brief: 

This is a group assignment. This task weighs 30% of the overall grade.

In this task, you will create a Certification Authority (CA) which will act as a subordinate Enterprise Certification Authority to issue certificates for web communication for an organisation called SELDOM. An offline root Certification Authority is expected to be installed and configured to establish the fundamentals of the PKI architecture. You will also demonstrate a comprehensive threat modelling. The group is advised to use Windows 2012 server or a later release. Groups are free to completely virtualise the testing environment. 

Important Note: The project report must be based on academic references. Please use IEEE Explore, ACM, and ELSEVIER databases for references related to threat models, security technologies, cloud computing, etc. CAUTION: Merely providing a generic answer without addressing the project deliverables will result in a very low mark. A single file submission must be made ONLY by a delegated group member, including any appendices, tables, diagrams, etc (No word limitation for appendices). Feedback will be distributed to all group members as appropriate 

Section 1: SSL PKI Design & Implementation [45 marks]

(Suggested word limit for this section is 1500 words) 

The technical requirements are listed as follows: 

1. Install and configure an offline Root Certification Authority

2. Configure the appropriate certificate templates of the issuing CA

3. Create a fully operational TLS-enabled Web page 

4. Observe encrypted traffic using Wireshark  

Section 2: SSL PKI Threat Modelling & Ethical Considerations [35 marks] 

(Suggested word limit for this section is 2500 words) 

The non-technical requirements are listed as follows: 

1. SSL PKI threat model: Identify the threats, attacks arising from the proposed description of the SSL PKI security issues raised in your design/proposal. Create and discuss a taxonomy of those threats relevant to your design and propose suitable mitigation plans with clear references to the literature. You are required to threat model only against identity spoofing and certificate authority threats using a standardised methodology to identify and rank the threats identified.

2. Threat Ranking: Define, adopt, and validate the appropriate method to rank threats in SSL PKI architecture. 

3. Threat Mitigation Plan: A detailed threat mitigation plan is also required as part of your deliverables. Clear evidence of a systematic approach taken to validate threats identified must be clearly articulated as part of your analysis.

 4. PKI Risks: Critically discuss at least two (2) significant risks/attacks/threats to PKI and link these to privacy (confidentiality/Integrity). What kind of ethical and legal concerns are raised in the context of PKI and identified risks/attacks/threats? The functionality provides a narrative elaborating on the rationale behind the location on the network. 

Deliverable(s) 

Project Report: The project report should provide your design and recommendations for the planned exercise. Please pay attention to the following points in designing your PKI security solution and preparation of the report; at its basic form, the report should be structured as follows: 

1. Executive Summary: Provide an executive summary [~150 words; 5 Marks] 

2. Introduction: An introduction using appropriate information and a problem statement from the team. [~200 words; 5 Marks] 

3. SSL PKI Design & Implementation: In this section, you address all technical requirements in Section 1 of the brief with a clear articulation of the process followed to achieve the outcomes requested. [~1500 words, excl. figures, diagrams and tables; 45 marks] 

4. SSL PKI threat modelling & Ethical Considerations: This section must include a systematic approach to the identification of threats, methodologies used to rank them and a detailed mitigation plan against the threat vectors given in the brief. You should also discuss ethical and legal implications of risks/attacks/threats by the adaptation of PKI. [~2500 words excl. figures and tables; 35 Marks]

5. Conclusion & References: Design recommendations, summary of key points/findings from your investigation [~150 words; 10 Marks] 

Mapping to Programme Goals and Objectives

The following learning outcomes will be assessed by this assignment: 

1. Apply appropriate theory, practices, and tools to the design/development of network security solutions. 

2. Critically evaluate the legal, ethical, and social implications of security

Related Posts

Scroll to Top