KIT501 Networks Assignment
Essay Topic 3. Some government and industries prohibit cloud-based services that use
physical infrastructure in foreign-countries, as information may then be subject to
foreign-country laws. For example, the Australian Government recently mandated
that their COVIDSafe application’s data storage, hosted by Amazon, must be
physically hosted in Australia. Discuss the security implications that arise in this
type of scenario.
Table of Contents
The physical infrastructure is the basic physical structure which is required for the economy to properly function and then survive the network transition or the power grid and the sewerage or the disposal system of waste. The physical structure is based on handling the security with working on the reduced risks to handle the critical infrastructure or the defence of the cyber measures to intrusions, attacks and the effects related to the natural and other man-made disasters. The discussion is based on cloud computing where there are no uniform view defined for the same. It includes the IT functions like the information storage and the processing power as services over internet through usage of the external remote servers. The storing information on a home or the company requires the access through internet. The cloud computing and services are for the trading of services like the IT support and the administration which can be developed and increased with the assistance of cloud computing. The cloud services are different from the internet based services that requires the indefinable servers and larger amount of information over the national boundaries. Hence, the physical structures need to make sure about handling the cyber risks like the DDoS attacks, malware and the scams of phishing with breach of data.
The legal systems comes under the different servers where the cloud services are being used for the proper processing of the data and information is moved in between the servers. The Government Digital Transformation Agency has been manly concerned for the cloud storage services with security that is vetted with the higher level contracts. Amazon has been involved with the tracing app to Digital Transformation that comes with management of the data and contact app which is in development. According to the ABC news there are database keys which can easily be managed through the key management system (KMS) which is a wide security service (Lodders et al., 2020). The example is that the South Korean government has been using the smartphone location data with the surveillance footage and the credit card records for the monitoring of the people and their complying with the different self-isolation measures. The security and resilience is managing the risks with the organization involved in conducting the cyber risks assessment and then implementing the better practices which are for the CIS controls. The organization needs to focus on new to risks analysis with modelling the threats which are against any of the CIS controls.
Figure: Key Management System
The physical security has been effective measure where the countermeasures requires to secure the system and then handle the security plan which is for the security efforts. It includes the forms with the information and software contained from theft, with natural disaster and the damage from any electrical surge. The solid building construction or the suitable emergency preparedness requires the power supply and the climate control. The secured site includes the series of compromises with identifying the vulnerabilities when one needs to be aware of the security solutions. The argument is about the new facilities with documenting the vulnerabilities with deciding on the recommendations with the risks assessment. The certainty is based on the variations which is based on the priorities needed. The full time security guards are for the options to deal on the security monitoring activities with the part time staff on watch with the critical periods. The countermeasure solutions can implement a given strategy of security with installing equipment with not focusing on the procedures on completing the internal working orders.
Considering the AWS services, the focus is on the large cloud services which are operated under the US law with the security legislation that includes the providing of the data with the federal law enforcement that comes with handling the data which is in US or overseas. The US Cloud Act is for keeping the Australian data through the Biosecurity Act and legislation. It will be offence to transfer the data to other country and hence, there is a need to make use of AWS which will include ASD to ensure the data security. For this, there is a need to contact the tracing with the ability to focus on personal information in app. The local providers includes the health and agriculture with issued cloud storage contracts to AWS with the current plan and the whole of government agreement.
Figure: Cloud Storage
The physical security requires to focus on minimizing the risks of the resources of the theft and the destruction. Hence, there is a need to work on the room assignments, with the procedural emergency and the regulations. The physical threats are related to the extreme temperatures, heavy rains and the lighting. The processes includes the security implementation with the countermeasures that includes the sizes, shapes and the levels of the complexity. The strategy is to maintain the focus on the risks assessment with the determining of the organization at the high end countermeasure like the retinal scanner and the voice analysers (Goggin, 2020). The government wants to focus on reducing the spread of coronavirus with the protection of apps and community. The critical tools are related to protect the health of community with alerting the people with risks of having contact as well.
The privacy concerns are for the app take up with the mixed messaging by the government. It includes the government privacy by designing approach. The Australian government needs to focus on the potential privacy risks with the key management system that is for the security approach with the cryptographic keys and the cryptosystem. There is a need to handle the exchange, storage and the use of the replacement of keys. The key management concerns includes the security of the cryptosystem with challenges related to the social engineering like the system policy and the user training or the department interactions. It comes with the use of the systematic symmetric key algorithm with the handling of the keys which requires the organization to establish the infrastructure to create and then manage the public and the private key pairs with the digital certificates (McLachlan et al., 2020). The starting points includes the regulations and requirements with the PCI-DSS that is for the demand stringent security and management of cryptographic keys that includes the review the management control and processes. The private keys are used with the certificates where there is a need to secure any of the unauthorised individuals that can lead to the interception of the confidential communication. The key management steps are for the exchange, storage and use. The security communication includes how the users are able to setup the details with the instances that require the proper exchange of the identical keys. Here, the clear key text exchange is to enable the interceptor for the encrypted data.
Figure: Cryptographic Key Security
The Wireshark is for the open source network protocol analyser. It includes the network packet analyser which is for handling the packet capturing with the real time and the display for the human reading format (Saw et al., 2020). It includes the live capture with offline campus which includes the colouring rules for better analysis. The Wireshark is passive with the corporation involved with investigating the security and analysing the network protocols as well. The NIC is set with the promiscuous model where the traffic is read and addressed to that machine. The host scan is for the entire network and the port is including the OS with the TCP and the UDP ports for the running on the machine. The Wireshark works with the effective user interface with the filtering and searching the traffic or saving the data for the files to handling the offline analysis (Sun et al., 2020). Not only this, the client server paradigm is for the creation to handle the requests and the terminates. With this, the file server also store the user files with the use of peer-to-peer access long with handling the no centralized administration. The application layer protocols are set for the DNS, TELNET and the FTP to ensure about the transport layer with the orientation of the streams and the segment format. The domain name system is built for the addressing of the name, machine preferring the numbers as well. Apart from this, the key exchange involves the encapsulating factors with the exchange of secured methods and then there are larger scale to handle the common techniques which makes use of the block ciphers and the cryptographic hash functions. The key storage is based on maintaining the communication security with the system involves with handling and managing the keys for the user depending on the access password for controlling the proper use of key. The key use is for the frequency of replacement with limiting the loss of information. Some of the challenges includes the scalability, availability and the governance which helps in policy driven access control and the data protection as well (Bradford et al., 2020). The key management compliance is based on demonstrating the keys with the physical security with the surveillance cameras with the handling of the logical standards. It comes with handling the detailed procedures with working on the cryptographic key management system and enterprise key management. The protocols are defined for the public key and the private key which has been set for the virtual private network connection (Sun et al., 2020).
The companies tend to collect and analyse the data which is personal to better understand the preferences of the customer with the willingness to pay and then adapt to the products and services. The benefits are for the companies, consumers and economies which holds the ability of organization to share the data (Bradford et al., 2020). This involves the enabling of surveillance and government access for enforcement of law and then determine about the facilitating of cooperation among the government. The Telnet Protocol comes with the processes that includes the establish the TCP connection with users to perform the authorised functions on the server. Telnet has been involved with the Virtual Terminal sessions and connection which is for the command line interface and the authentication is based on supporting the communication with data sent across TELNET connection which visible (Abbas et al., 2020).
The File Transfer Protocol is for the setting of connection along with the TCP port with proper authentication of password. The trivial FTP is the cut down version which includes simple file transfer mechanism with providing the control mechanisms. The sending side is to break the app message into the segments and then passing to the network layer. The Transmission Control Protocol is for the TCP segment format with connecting and disconnecting. TCP has been effective for the port numbers with the source port and the destination ports. It allows the identification on the services and application of the data or requests that needs to be sent. The multi-tasking machine is about the application holding the process number with allocating the data sequential. Hence, this is for the defining of port numbers with the operating systems that allow the process to communicate through port. Hence, the foreign ports and the sender needs to send the data with the IP address for the destination machine and the port number (Hobson et al., 2020).
The security issues are related to the filtering or the censorship of content in Australia. The focus is on the implementation of the simple agreement process which is based on the obligations that are applied to the e-commerce agreements. The creation of the secured environment includes the understanding about the maximised structural protection with minimising the external access for the secured forms with handling the cabling with the secured room that needs to be protected (Michael et al., 2020). The personal data is collected with providing the range and the phone number about the information encrypted for user ID. The data, once with consent requires the authorities charged with the proper tracing of contact with the ability to access it.
Abbas, R. and Michael, K., 2020. COVID-19 Contact Trace App Deployments: Learnings from Australia and Singapore. IEEE Consumer Electronics Magazine, 9(5), pp.65-70.
Bradford, L.R., Aboy, M. and Liddell, K., 2020. COVID-19 Contact Tracing Apps: A Stress Test for Privacy, the GDPR and Data Protection Regimes. Journal of Law and the Biosciences.
Goggin, G., 2020. <? covid19?> COVID-19 apps in Singapore and Australia: reimagining healthy nations with digital technology. Media International Australia, p.1329878X20949770.
Goggin, G., 2020. COVID-19 apps in Singapore and Australia: reimagining healthy nations with digital technology. Media International Australia.
Hobson, S., Hind, M., Mojsilovic, A. and Varshney, K.R., 2020. Trust and transparency in contact tracing applications. arXiv preprint arXiv:2006.11356.
Lodders, A. and Paterson, J.M., 2020. Scrutinising COVIDSafe: Frameworks for evaluating digital contact tracing technologies. Alternative Law Journal, p.1037969X20948262.
McLachlan, S., Lucas, P., Dube, K., McLachlan, G.S., Hitman, G.A., Osman, M. and Fenton, N.E., 2020. The fundamental limitations of COVID-19 contact tracing methods and how to resolve them with a Bayesian network approach.
Michael, K. and Abbas, R., 2020. Behind COVID-19 Contact Trace Apps: The Google–Apple Partnership. IEEE Consumer Electronics Magazine, 9(5), pp.71-76.
Saw, Y.E., Tan, E.Y., Liu, J.S. and Liu, J.C., 2020. Towards a digital solution: Predicting public take-up of Singapore′ s contact tracing application during the COVID-19 crisis. medRxiv.
Sun, R., Wang, W., Xue, M., Tyson, G., Camtepe, S. and Ranasinghe, D., 2020. Vetting Security and Privacy of Global COVID-19 Contact Tracing Applications. arXiv preprint arXiv:2006.10933.