A Prototype for secure key management
Key Management refers to the cycle of maintaining key exchange from the moment of initialization to retirement. It has proved to be a major concern for parties concerned where these keys have landed in the wrong hands through hacking and other means. The weaknesses have been perpetrated by taking advantage of weaknesses in the design of algorithms intended to manage these security keys. The problem thus exists in the secure storage and distribution of keys. The population on the case study area is Strathmore University from which the sample data is also collected for usability testing. The prototype can however work in any institutional setup where security is a highly valued concept. This research carries out an analysis of past works done on key management protocol and coming up with a solution that addressed some security vulnerabilities in these models. It combines aspects of all the architectures in an attempt to develop a unique solution that captures the strongest points from them. The proposal will design an algorithm that if implemented in code will be able to offer a more robust solution to secure key management problems. Tools used to develop the prototype are basic content management system, Joomla 3.3.6, MySql workbench for the database design and draw.io for the software modeling diagrams. These are all Open source tools and will suffice for the proof of concept being developed. The usability tests would be carried out amongst the sample users in the case study with a view of assessing their level of appreciation of the proposed solution; whether they would find it useful and collect any positive recommendations for improvement. There are many application areas that this prototype could be deployed. Other than learning institutions such as the case study area, other institutions like banks and insurance companies can still benefit from it. Modifications would however be necessary to cater for their peculiar needs.
Submitted in partial fulfillment of the requirements for the Degree of Masters of Science in Information Technology
Secure key management, security, ICT, Information