Enterprise Key Management

In this step, you will conduct independent research on key management issues in existing corporations. These will be used to help identify

gaps in key management, in each of the key management areas within Superior Health Care.
First, conduct independent research to identify the gaps in key management that are in existing corporations. Any factual information

should be cited using APA format. If data is lacking, use fictitious information.
Then, identify the posed risks to the cryptographic systems as a result of these gaps, including but not limited to crypto attacks. Read

these resources to brush up on your understanding of crypto attacks.
Next, propose solutions that the companies could have used to address these gaps. Be sure to identify what is needed to implement these

Finally, identify challenges other companies have faced in implementing a key management system. Include any proposed remedies to these

Include this information in your enterprise key management plan. Also create a summary table of the information into a table to be

included in the plan.
You will use and submit this information in your implementation plan.
In the next step, you will provide additional ideas for the CISO to consider.
Consider these additional objectives of an enterprise key management system.

1. Explain the uses of encryption and the benefits of securing communications by hash functions and other types of encryption. when

discussing encryption, be sure to evaluate and assess whether or not to incorporate technologies. To complete these tasks, review the

resources provided to you. You’ll need to understand the following topics:
a. uses of encryption
b. hash functions
c. types of encryptions
d. DES
e. triple DES
2. Describe the use and purpose of hashes and digital signatures in providing message authentication and integrity. Focus on

resources pertaining to message authentication.

3. Review the resources related to cryptanalysis, then explain the use of cryptography and cryptanalysis in data confidentiality.

Cryptanalysts are a very technical and specialized workforce. Your organization already has a workforce of SEs. Conduct research on the

need, cost and benefits to adding cryptanalysts to the corporation’s workforce. This is to support part of the operation and maintenance

function of the enterprise key management system. You are determining if it’s more effective to develop the SEs to perform these tasks. If

the corporation does not develop this new skilled community, what are other means for obtaining results of cryptanalysis?

4. Research and explain the concepts, in practice, that are commonly used for data confidentiality: the private and public key protocol

for authentication, public key infrastructure (PKI), the x.509 cryptography standard, and PKI security.

Use this information in your implementation plan.
In the next step, you will provide information on different cryptographic systems from the CISO.

In this step, you will provide the CISO with information on different cryptographic systems either in use by other companies or systems

that the company should consider procuring. You will need to independently research what key system products are available. You may

research a company you have worked for or know about regarding the use of an enterprise key management system.

Describe the cryptographic system, its effectiveness and efficiencies.

Provide analysis of the trade-offs of different cryptographic systems. Review and include information learned from conducting independent

research on the following:
securing index rating
level of complexity
availability or utilization of system resources

Also include information on expenses as pertains to various cryptographic ciphers.

Use this information in your implementation plan.

In this enterprise key management plan, you will identify the key components, the possible solutions, the risk and benefits comparisons of

each solution, and proposed mitigations to the risks. These, too, should be considered as a separate section or could be integrated within

the implementation, operation and maintenance sections.

A possible outline could be:
key components
benefits and risks

The length of this report should be a 8-10 pages double spaced Word document with citations in APA format. Include a minimum of 3