HARAMAYA UNIVERSITY
COLLEGE OF COMPUTING AND INFORMATICS
DEPARTMENT OF INFORMATION SYSTEMS
Report on the practical attachment in Information Systems
Prepared by:
Rawuda Ahmed 2650/12
In campus Advisor: Mr. Kedir Genna
Organization supervisor: Mr. Kalkidan
Report submitted to: Information Systems Department
Date:
Haramaya University
Haramaya, Ethiopia
� HARAMAYA UNIVERSITY
COLLAGE OF COMPUTING AND INFORMATICS
DEPARTMENT OF INFORMATION SYSTEMS
Report on the Practical Attachment in Information Systems
Prepared by:
Rawuda Ahmed 2650/12
Organization that hosted the student
Name INSA
Region ADDIS ABABA
Zone ADDIS ABEBA
District WELO SEFER
Town BOLE
Telephone +251-111-2665737
The supervisor in the organization
Name Mr. KALKIDAN
Profession Network Administrator
Title
Telephone +251-922-110347
1
�Declaration
My name is Rawuda Ahmed. I am 4th year information system student. I have undertaken my
internship experience in Information network security administration / INSA / of Augest, 2022 –
October, 2022 under the guidance of Ins. Kedir Genna (Academic advisor) and Mr. Kalkidan
(Company advisor). As the student academic advisor, I clarify that the internship prepared by the
student is original work and compiled according to the guideline provided by the Institute
I therefore certify that all materials and data in this Practical attachment document are obtained
and presented in compliance with guidelines of Information Systems Department. I also declare
that, this work is entirely original and has never been presented or used by any other departments
Student Name______________
Signature __________________
Date ______________________
As an authorized Advisor, I have approved the submission of this Practical Attachment
document.
Advisor Name_________________
Signature __________________
Date ______________________
i
�Acknowledgement
In the first place we would like to thank HARAMAYA UNIVERSITY for giving me this
chance to imply our theoretical knowledge into an action in the organization.
Our second appreciating is indeed for the organization that helped at seek the implication
of our theoretical knowledge. And we would like to express our gratitude to our supervisor Mr.
kalkindan for their welcoming mentorship.
And finally we would like to thank all the staff members of Dallol tech who had helped us and
supported us in any way needed.
ii
�LIST OF ACRONYMS
JSON………………. JavaScript Object Notation
INSA…………….…..Information network security administration
NDL………………... Non-disclosure liability
HTML……………… Hyper-text markup language
CSS…………………..Cascading style sheet
iii
�Executive summary
This report is provided upon the completion of my practical attachment at the
organization Information network security administration / INSA / for the summer of 2014 E.C
as a partial fulfillment of my BSc. Degree in information system from Haramaya university.
The following document will summarize the nature of the organization I have been
participating in, The part of the organization I was a part of, The kind of work I have been
assigned to and executing, The impact my coursework and my former soft skills had in terms of
successful completion of the program, The impact this program has brought upon my soft skills
and both technical and theoretical skills and my overall opinion about the internship program.
This document is divided into different chapters and a reference part. It is fairly self-
explanatory and precise as to the reality of what actually happened. The identified problem and
the proposed solution are presented here, in a manner I was instructed to do so by the
organization.
Each part of the report is written in the sense that my own personal beliefs and opinions
are reflected through presenting what has happened in reality. The core concept of it was the
overall internship experience and the feeling I had toward it as well as the explanation of the
main project I had done whilst in the organization. While I was conducting my work in the
department I chose, I had another teammate assigned along with me who is called Ephraim
Solomon from the computer science department of Haramaya university. Therefore let it be
known that we have to conduct research, presentation, and implementations related to our
projects and other assigned tasks as a team .
iv
�List of tables and figures
Figure 1: Organizational Chart ........................................................................................................4
Figure 2: Landing page ................................................................................................................... 7
Figure 3: Submission page ............................................................................................................. 8
Figure 4: Profile details and editing page ........................................................................................9
v
�TABLE OF CONTENT
Table of Content
sDeclaration ....................................................................................................................................................i
Acknowledgement .........................................................................................................................................ii
LIST OF ACRONYMS ............................................................................................................................... iii
Executive summary ...................................................................................................................................... iv
List of tables and figures ............................................................................................................................... v
TABLE OF CONTENT ............................................................................................................................... vi
Table of Content ...........................................................................................................................................vi
INTRODUCTION .........................................................................................................................................1
Background of the organization .................................................................................................................... 1
Mission, vision and Core Values of the hosting organization ...................................................................1
Organizational chart .................................................................................................................................. 3
Statement of the problem .......................................................................................................................... 4
Task assigned ............................................................................................................................................ 4
Task completed .......................................................................................Error! Bookmark not defined.
Objective / Aim of the task .........................................................................Error! Bookmark not defined.
General Objective ..................................................................................................................................6
Specific Objective ................................................................................................................................. 6
Methodology for business process analyses or case study ............................................................................6
Method of data collection ..........................................................................................................................6
Method of problem analysis ...................................................................................................................... 7
Difficulty in internship .............................................................................................................................. 9
Strength and weakness of the hosting organization ................................................................................ 10
Result and Discussion ................................................................................................................................. 10
3.2. Recommendation ..............................................................................................................................11
For the hosting company/organization ............................................................................................ 11
For Haramaya university college computing and informatics, Department of information systems
11
Conclusions ................................................................................................................................................. 12
References ................................................................................................................................................... 13
vi
�INTRODUCTION
Background of the organization
Information Network Security Administration (INSA) is an Ethiopian government agency which
is responsible to safeguard the national interest in cyber [Link] is established for the first time in
the year 2006 by Council of Ministers Regulation No.130/2006 with the objective to defend our
country’s information and information infrastructure from attack, and protect our national
interest. However, as it was necessary to amend the Administration's power and functions to
prevent cybercrimes that become gradually complex and to protect our national interest, its
establishment regulation was amended by Council of Ministers Regulation No.250/2011 and
recently re-amended by Proclamation No.808/2013 which led the organization to be referred to
as Information Network Security Administration.
The administration has the objective to defend and take countermeasures against information
attacks targeted at the national interest and ensure the security of information and information
infrastructures to facilitate their use for the implementation of the country's peace,
democratization, good governance, and development programs.
Mission, vision and Core Values of the hosting organization
Vision
Our Vision for 2025 is to see a globally competent National Cyber Security Institution that
plays a key role in the renaissance of the country
Mission
Our Mission is to protect the national interest by building a capability that enables
safeguarding the country’s information and information infrastructures.
Core values
The administration has the following duties and responsibilities:-
1
� Control and monitoring work
o Leads and prepares drafts of national policies, laws, standards, and strategies to
ensure the security of information and computer-based key infrastructure; When
approved, it monitors their implementation. controls;
o Regulates the production and circulation of cryptography; Develops a system of
use by establishing the necessary standards, enriches the cryptographic
infrastructure; facilitates.
o Serves as the National Root Certification Authority;
o Governmental and private institutions follow the national information security
policy and standard framework and make their own policies and standards to be
implemented; Monitor their performance.
o Controlling information technologies, information sensors, and attack
technologies entering and leaving the country in coordination with the relevant
parties in terms of prevention of the danger they may cause to the security of the
country;
o Designing education and training programs on information or computer-based
infrastructure security at its own training center or in collaboration with others;
Development and enrichment work
o Enhancing and deploying research-based information and computer-based key
infrastructure security products and services;
o Developing information management infrastructure and systems to enable key
infrastructure to be cyber secure;
o Providing security products and services to foreign partner countries based on the
government's decision;
o Enhancing and deploying secure information management infrastructure and
systems in gaps where national capacity is lacking;
Operational duties
o Establish a National Computer Emergency Response Center; To preside over;
o To take necessary countermeasures against cyber and electromagnetic attacks
against key information and computer-based infrastructures or systems or the
psyche of citizens;
2
� o Auditing the security of information and computer-based key infrastructure at any
time, notifying non-compliant infrastructure of corrective measures to adequately
protect their systems from cyber-attacks, and monitoring their performance;
issuing certificates of safety qualification to institutions that have met the criteria
or delegating to other institutions to perform these tasks.
o Establishing a laboratory center for information technology security testing and
evaluation
o To cooperate and provide support to the police and other bodies authorized by law
in the process of preventing and investigating cyber-crimes;
Organizational chart
The information network security Administration / INSA / is more of a confidential kind of
organization and having the details of the organizational structure is not as easy. I have been
drawing some pieces of information from the proclamation and different resources about the
organizational structure I will present them as follows.
According to Regulation No. 25012011 of the federal Negarit Gazeta. The information
network security administration shall have A Director General and, as may be necessary, Deputy
Director Generals to be appointed by the government; and the necessary staff.
Power and duties of the director general include: The Director General shall be the chief
executive officer of the administration and shall direct and administer the activities of the
Administration.
The Director General may delegate part of his powers and duties to other officers and
employees of the Administration to the extent necessary for the efficient performance of the
activities of the Administration.
3
� Figure 1: Organizational Chart
Statement of the problem
The main problem underlying the initiation of the entire project taken upon by the
department as well as the modular part of the project given to us is that in the name of
proprietary ness and services the sensitive and confidential data of the organization are being
scattered to many places and unknown servers thereby questioning the integrity and security of
each bit.
This is a highly prevalent problem in the ecosystem of digital Africa because we always
trust 100% of what we pay and acquire from the western world. In reality, we do not really know
what happens to the pieces of data and information we have been providing in the name of some
type of proprietary services. As I have tried to mention in different parts of this report the
4
�information network security agency / INSA / has the liability to develop and provide locally
made and competent tech services to governmental and non-governmental institutions
throughout Ethiopia. This goes without first getting itself out of this loop and developing and
employing services, software, and engines built locally and to be more specific by the
organization itself to further ensure the integrity and security of the data circulating and being
used.
Task assigned
Web-based portal for sharing threat intelligence research documents
The department I have been working at had a lot of research and forensics done in the cyber
threat analytic and prevention subjects. This department, to successfully handle the work, has
been using a lot of subscription and non-subscription-based third-party proprietary engines and
sources.
But due to the nature of the data the organization provides to those third-party engines or sources
to make the necessary processing on them is sensitive and confidential, the integrity and security
of the data being provided to them are always under question. Therefore, the organization and
the department decided to build their own versions of the engines they used to acquire for
analysis, indexing, and processing purposes.
Having those in mind we were asked to develop a web portal that will make the display and
sharing of the data circulating and being fed to those said engines very easy and trackable so as
to know who is responsible for which work done on them.
The web portal will have to be accessible only to the right people with the right credentials and is
swiftly integrated with the engines and sources. It’s as if it is built on top of what they have been
developing for sometimes significant now.
5
�General Objective
The general objective of my internship was to take part in and contribute to the organizations
effort on securing and protection of sensitive data.
Specific Objective
The objectives of the specific department as well as the organization as a whole led to the
pre-conception. Conception and implementation of an organizational-wide program where each
department will try and develop products and services we used to obtain from elsewhere. Thus,
us being involved and developing the web portal.
I worked with Ephraim solomon, from the computer science department, was assigned to
develop a web portal to make the sharing of the JSON files organized as well as to view the
results of the analysis don
Methodology for business process analyses or case study
Method of data collection
Interview: This is one of data collection method that enables to gather information from the
organization directly in the form of asking question and getting answers for those questions.
Observation: This is also another data collecting method. In fact, we have also used this
observation method to gather data. This method enables us observing and understanding.
Document analysis: The team reviewed documents such as books, e-books and some related
previously done projects which are very important to develop our project. During the analysis of
documents, we give a special consideration to those documents which can bring more features to
our system.
6
�Method of problem analysis
In terms of methodology, we have employed a client-server architecture of web development
where the web has a front end and back end designed to handle the load and services they are
designed to. We have used Github as a version control cloud service to commit/ contribute our
code to the project from anywhere at any time and our mentor is able to track our record through
the web from anywhere at any time.
The programming language and programming schemes we used are already outlined in the
previous sections of this document and upon completion of the needed task, we were able to taste
and deploy our system as per our supervisor’s request.
Below I will try to outline the workings of the system with the screenshots I can try and
provide here because some of the work we did could not leave the company building and was
subject to an NDL.
Figure 2: Landing page
7
� This Is the landing page displayed when entering the domain into the web browser prompting
them to enter the credentials to access the portal. This is designed to be responsive when
displayed to different kinds of screens and orientations. The page basically uses HTML,CSS and
bootstrap.
Figure 3: Submission page
This page is where the biggest operation happens in the life cycle of any data being
ingested in the engine underlying our portal. The submission is validated across different test
cases to make sure they are in the right format. This is done with JavaScript to make sure all the
format is in the desired form.
Then after accepting the data it will transfer it into the right part of the underlying engines
as well as backs it up into its own built Databases to further account the data. The submission is
done using both a file and a URL to a certain file. In the case of the URL all the ingestion and
validation is done with the underlying engines entirely.
The below page is all about displaying the information associated with the account. You
can edit and amend the data according to the needs suiting you. This is going to make able the
users to amend their data according to the needs of the person and / or the administrator of the
system.
8
�Figure 4: Profile details and editing page
Difficulty in internship
Problem-solving is one of the most desirable skills recruiters look for in a certain
candidate. I believe being equipped with such a skill is as important as having the right
theoretical and practical knowledge.
At the industrial level problem solving might be a bit complicated but with the right
practice, it can be assured to be practiced swiftly. I have been given a chance to be flexible and
creative in certain parts of the project so it had given me the chance to think outside the box and
propose and try my own approach to the solution for a certain problem and constraints in the
system. Having those privileges had let me explore different approaches of problem-solving
schemes and techniques to successfully deploy the system
And I have to consider being more dedicated to improving my soft skills such as
communicating better and having a compassionate understanding. This goes without saying that
maintaining and learning to maintain those skills throughout my future industrial experience is a
must.
9
�Strength and weakness of the hosting organization
The organization actively engages in Grand National technology projects. Those projects
include software development, hardware programming, and network security projects. The
administration undertook above 200 projects in the last 5 years. Some of the grand projects
undertaken by INSA include the Commercial bank of Ethiopia core banking system,
Condominium lottery system, Grand renaissance dam Electrical and computer system, Federal
police biometrics system, installation of a secured network, and development of websites for
different governmental organizations, and e.t.c.
As it is mentioned earlier the organization has the jurisdiction to monitor the whole
cryptocurrency network and anyone who would like to involve in crypto in any kind of way is
subjected to comply with the administration’s rules and be registered and report directly to the
administration. So they are considered one of the end users of the organization.
Result and Discussion
The results were remarkable considering the time frame and the significance of the
project we were going through. Although I couldn’t provide each and everything we have done
there for the sake of the confidentiality they had over not only the date but the approaches we
used too.
The system proposed and employed will for sure make a great difference in the
foreseeable future in the entire technology industry in terms of being dependent on and trusting
locally produced products and services as well as will encourage further creativity and local
talents.
Overall the concept of practical attachment is very beneficial for the student as well as the
hosting company in terms of creating a valuable integration of the teaching-learning-production
chain and making the students familiar with the industrial environment to which they are going
to be subjected to at the end of their school years.
10
�3.2. Recommendation
For the hosting company/organization
The internship was generally a success because we were able to achieve most the
objectives we had set for example we were able to apply the knowledge we acquired during
classroom teaching to the real work place environment, appreciate how team work is applied,
obtain critical skills needed for us to proactively observe and analyze problems/challenges
encountered while executing career duties and responsibilities, Interact with and learn from
experienced professionals in a work environment and write a detailed internship report after the
internship period.
Information network security administration / INSA / is a hosting organization I highly
will recommend for the future having seen the amount of effort that they put into training their
trainees and the warm approach they had towards us and each other as well.
The newly built headquarters have state-of-the-art facilities which inspire trainees to aim
further and be enthusiastic about the niche they are currently involved in. Furthermore, the
organization belonging to the Ethiopian government and being one of the highest contributors to
the direction of the niche we are involved in as a country will surely spark up the patriotism and
work ethics of the future trainees
For Haramaya university college computing and informatics, Department
of information systems
This internship program has offered us a great opportunity to grow and develop. It has
propelled us to be able to overcome challenges and develop our career. We learnt extensively
about software development, web development, Applications. The program has enhanced our
critical thinking and analytical skills as well as improved our professional and ability to work in
a multicultural environment.
The only thing I will recommend for the betterment of this program is that the money
provided is of very little significance in today's current living conditions and it is really
inconsiderate to be expected to handle 45 days with such an amount of money at hand.
11
�Conclusions
Overall the concept of practical attachment is very beneficial for the student as well as the
hosting company in terms of creating a valuable integration of the teaching-learning-production
chain and making the students familiar with the industrial environment to which they are going
to be subjected to at the end of their school years.
Therefore, the internship at INSA was very good opportunity for us to attain the necessary
practical skills and be able to accomplish a requirement for the full stack developer was a success.
12
�References
[1] [Link]
[2] House of peoples representative proclamations
[3] Elastic search and kibana
[4] Federal negarit gazeta
[5]. HTML & CSS Design and Build Websites by Jon Duckett.
[6]. JAVASCRIPT & JQUERY Interactive Front-End Web Development also by JON
DUCKETT.
13