International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010 82                  1 Syed S. Rizvi, 2 Aasia Riasat, 3 Khaled M. Elleithy 1, 3 Computer Science & Engineering Department, University of Bridgeport, Bridgeport, CT 1 srizvi, 3 elleithy@bridgeport.edu 2 Computer Science Department, Institute of Business Management 2 aasia.riasat@iobm.edu.pk ABSTRACT This paper presents the implementation of a secure application for an academic institution that offers numerous services to both students and the faculty. The primary focus of this paper is to provide a technical implementation of a new architecture for encrypting the database. The scope of this paper mainly includes but is not limited to symmetric and public-key cryptography, authentication, key management, and digital signatures. The final results of this paper demonstrate that what security features one should implement in order to achieve a highly secured application. This paper presents the implementation of a stand alone system that can be implemented on any legacy systems, and still operates effectively. In other words, it is self sufficient in terms of the data that it stores. KEYWORDS Data inscription standard, Rijndael Algorithm, secret Key Algorithm, & WEP 1. INTRODUCTION Some of the major services that the intended application offers to both students and the faculty are as follows: - The intended application is flexible in a sense that it gives ability to add/delete users, courses, students, and documents. - Flexibility to change passwords. The secure application provides highly transparent environment to its users. There should be minimal input from the user due to security features. - One of the key features that the proposed application offers is the “forgotten passwords”. In other words, the secure application makes sure that if a user forgets his/her password, they should not completely lose their documents. - In addition, the proposed application ensures that an administrator should not be able to decrypt the documents. - Finally we design and develop this secure application by assuming that the communication is not secure at all. Some of the security measures that we consider during the design and development of the targeted secure applications are as follows: Log all accesses activities to the server and provide features in the secure application to search for unusual access patterns. If possible, put an upper limit on the number of document that a single user can access or we should have a warning mechanism in the application to ensure fairness. Our secure application should have a