A Prototype for secure key management
Date
2015
Authors
Omondi, Fredrick
Journal Title
Journal ISSN
Volume Title
Publisher
Strathmore University
Abstract
Key Management refers to the cycle of maintaining key exchange from the moment of
initialization to retirement. It has proved to be a major concern for parties concerned where these
keys have landed in the wrong hands through hacking and other means. The weaknesses have
been perpetrated by taking advantage of weaknesses in the design of algorithms intended to
manage these security keys. The problem thus exists in the secure storage and distribution of
keys. The population on the case study area is Strathmore University from which the sample data
is also collected for usability testing. The prototype can however work in any institutional setup
where security is a highly valued concept. This research carries out an analysis of past works
done on key management protocol and coming up with a solution that addressed some security
vulnerabilities in these models. It combines aspects of all the architectures in an attempt to
develop a unique solution that captures the strongest points from them. The proposal will design
an algorithm that if implemented in code will be able to offer a more robust solution to secure
key management problems. Tools used to develop the prototype are basic content management
system, Joomla 3.3.6, MySql workbench for the database design and draw.io for the software
modeling diagrams. These are all Open source tools and will suffice for the proof of concept
being developed. The usability tests would be carried out amongst the sample users in the case
study with a view of assessing their level of appreciation of the proposed solution; whether they
would find it useful and collect any positive recommendations for improvement. There are many
application areas that this prototype could be deployed. Other than learning institutions such as
the case study area, other institutions like banks and insurance companies can still benefit from
it. Modifications would however be necessary to cater for their peculiar needs.
Description
Submitted in partial fulfillment of the requirements for the Degree of Masters of Science in Information Technology
Keywords
Secure key management, security, ICT, Information