Add to collection(s) Add to saved
  1. No category
Uploaded by yoyehes880

NetworkSecuirtyAnalysisbyGPDCMJayasekaraResearchPaperSSRN2022

advertisement 
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/363566821
Network Security: Case Study Analysis
Technical Report · September 2022
DOI: 10.13140/RG.2.2.21160.44800
CITATIONS
READS
0
1,655
1 author:
Chamoth Madushan Jayasekara
University of Plymouth
35 PUBLICATIONS 1 CITATION
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
New Innovation Ideas View project
Plymouth University View project
All content following this page was uploaded by Chamoth Madushan Jayasekara on 15 September 2022.
The user has requested enhancement of the downloaded file.
NETWORK SECUIRTY
Network Security: Case Study Analysis
By: GPDCM Jayasekara
GPDCM JAYASEKARA
1
NETWORK SECUIRTY
Case Overview
To provide a course of study leading to an understanding of the theory and practical issues that are involved
with securing computer networks; and an understanding of key security techniques employed within personal
and professional computer networks.
Hypothetical Case Study Details
XYZ Enterprises is one of the leading groups of companies in Sri Lanka. They are running businesses in
different areas and fields. XYZ Enterprises has branch offices in different countries. Due to COVID-19
pandemic situation, all the countries in the world have faced many problems in running their business. The
management of this group of companies has decided to automate the entire operations provided by all
companies in the group. The automation also targets to improve all the internal operations and the public
services which provide online access to their customers and their remote employees. The group of companies
have World-wide branch network. All the companies and branches are connected to the corporate office which
is in Colombo. They are running business such as Finance (private banks, etc.), Manufacturing and selling
networking equipment’s, electrical and electronic appliances, Providing Cloud and Data Centre facilities.
Most of their companies interact with customers, distributors, dealers, remote employees via internet.
Following key functionality and task to be consider in establishing the security infrastructure.
1. Customers, distributers, dealers, remote employees should be able to seek following through online
(web/mobile) systems.
• Customers should be able view their products
• Customers should be place online orders and make online payments
• Submit all the related documents online and download all relevant documents
• Distributers and dealers should be able check their stock levels and place online orders
• Certificate verification to identify legitimate business entities.
• People should be able to perform their financial transactions securely
• Customers should ably reserve transport facilities and track the goods
• Maintain continues communication with remote employees and their offices
• People can purchase Cloud and Data Centre facilities.
2. The corporate office will maintain and host all their internal systems in a private cloud infrastructure
environment and external systems in a public cloud.
3. One company of the group runs a medium scale business of providing Cloud & Data Centre services
4. The companies will maintain direct connectivity to following key organizations to precede their
business.
• Foreign Authorities
• Shipping companies
• Partners
• Board of Investments of Sri Lanka
• Local and Oversea Banks
• Sri Lanka Customs
5. The security infrastructure must consider all related threats from inside, outside as well as the
connected institutions & The security infrastructure must be able to build and enhance the trust in
public to use the facility and must reflect in providing the services.
GPDCM JAYASEKARA
2
NETWORK SECUIRTY
Task
Develop a comprehensive security infrastructure plan providing answers to following key questions.
1. Identify potential risks/threats to the above system.
2. Identify key security requirements on applications /users/ infrastructure.
3. Identify all the key features /components of the security infrastructure plan to address all the aboveidentified items.
4. Explain how you can address number 5 of the above. Give a detail approach and steps you will carry
out to enhance the public trust highlighting both technical and nontechnical steps.
Note:
The report can exclude the implementation of application-level security related to the development platform
or related technology. All the security threats must be identified and must be clearly identified the applicationlevel implementation requirements. The core equipment, technologies and infrastructure components must be
address in detail.
GPDCM JAYASEKARA
3
NETWORK SECUIRTY
Acknowledgement
First, I would like to show my deepest gratitude & respect to Mr. Harshapriya Rajakaruna, for helping & guiding me
throughout this research. The completion of this research report gives me much fascination, as it would not have been
successful without the hard work, dedication & determination that has been put into this. I was able to provide with
optimum commitment to the research. Thank you, dear sir for making this a success!
GPDCM JAYASEKARA
4
NETWORK SECUIRTY
Table of Contents
Case Overview ................................................................................................................................... 2
Acknowledgement .............................................................................................................................. 4
XYZ Enterprises Security System ..................................................................................................... 6
1)
Potential Risks/Threats Towards The Security System .............................................................. 6
2)
Potential Key Security Requirements On Applications/Users/Infrastructure ................................. 8
3)
Identify All The Key Features/Components Of The Security Infrastructure Plan To Address All
The Above-Identified Items ............................................................................................................. 9
4)
Explain How You Can Address Number 5 Of The Above. Give A Detail Approach & Steps You
Will Carry Out To Enhance The Public Trust Highlighting Both Technical & Nontechnical Steps. ........ 11
About Author ................................................................................................................................... 12
END REPORT ................................................................................................................................. 13
GPDCM JAYASEKARA
5
NETWORK SECUIRTY
XYZ Enterprises Security System
1) Potential Risks/Threats Towards The Security System
“We have identified 22 security threats that would adversely affect the company and its branches.”
•
As the management of this group has decided to automate the entire company provided by all
companies in the group, so during this period all operations must be put on hold. If any company
during in this period is in operation, then it has higher chance of the security of being breached. Due
to the worldwide branch network, there are possibilities that a series of cyber-attacks may occur
towards the XYZ enterprises.
•
As they run businesses based on finance, so basically there is huge monetary involvement and therefore
if there is a man-in-middle attack during financial transactions, it may lead to a financial downfall.
•
If the system lacks confidentiality, then unauthorized parties maybe able to view the customer’s
products and if the system lacks integrity, if a series of man-in-middle attacks, there will be ability for
attackers to modify the details of orders, stocks, transport information etc.
•
If the system lacks non-repudiation, if a man-in-middle attack occurs, there would be a misuse of the
transactions between the company and users as attackers would satisfy their monetary goals by
modifying the values of transactions without users’ and recipient knowledge.
•
If the company stores the customers’ credit card details into their main system, and if there is an attack
occurs, customer’s confidential information at a risk as they can even steal that information. This
would lead the business to heavy fines by law and lead it into bankruptcy and if the system gets
compromised by hackers using infect scripts on the company’s website, and they will replace an
infected link that motivates users to submit their documents online resulting it going to the
unauthorized parties.
•
The download link for download the relevant documents also can be compromised by intruders
embedding malicious codes on the download link to motivate the users to download the infected files
without users’ knowledge on their computers resulting that attackers will try to target the users’
computer to try and gain access to their sensitive information via infected downloaded files.
•
If the company made a deal with a legitimate looking business entity but holding fraudulent
certifications will put the company at the risk.
GPDCM JAYASEKARA
6
NETWORK SECUIRTY
•
When the system lacks poor security frameworks and lacks poor security standards, that may results
data breaches & If the system only encrypts the card holder data but if not secure other non-sensitive
data like address, contact, these non-sensitive data would be enough for an attacker to gain the access
which has been encrypted. It is usually, to fulfil the tracking, the business should have to add the
customers’ private information like address details, if an attack happens, attackers are willing to steal
that personal information of users’ as it is same as stealing an identity of a user.
•
Since the business starts to communicate with remote employees, there is high chance that one of the
remote employees being affected by an attack, if that case happens that would be a huge threat to whole
network because just a single employee’s computer has enough information to make an attack and
unauthorized intruders like attackers may impersonate as an employee and gain access to the internal
workspace.
•
Usually, a public cloud is maintaining by the service provider and the company. This would be less
secure than private cloud. Attackers can gain access by phishing emails to employees to gain the access
to service provider and they able to access the customers’, distributors’, dealers’ etc. data and
information that leads to occur tons of data breaches.
•
As this is the main centralized system, it should have high security as if any physical threats occur,
then whole system will be crashed down and if their physical data centres get destroyed by natural
disasters or if an attacker deletes and modifies the data or if service provider/customer deletes their
data without their consent, this will lead to loss of the data. As all the companies and branches are
connected to the corporate office located in Colombo, which has a centralized system, so if a particular
cyber-attack launched toward the system in all the companies and branches will get compromised.
•
Since they start providing cloud and data service, if a single vulnerability of a software can let the
attackers get in the cloud and exploit data of customers who are using the same service and when
people buy clouds from the company, there might be risks occurred like if a breach of a client's data
can be devastating as per the extent of the breach. This will result is higher investigation and resolving
cost of the breach and associated legal expenses. This might also lead to a loss of company's reputation
which might even make the company to shut down its doors.
•
If an employee who works on the cloud service providing, has access to the cloud can consider as a
security threat as if that employee turned into an attacker surely, he or she can launch the unsecured
codes on the infrastructure of the software that can allow for a series of unethical hackings.
GPDCM JAYASEKARA
7
NETWORK SECUIRTY
2) Potential Key Security Requirements On Applications/Users/Infrastructure
•
During any automation or upgrading of the internal system all the services and operations must be
remain offline.
•
The business should never store credit card information on their internal servers and ensure their
payment gateways security is not at risk.
•
The business should use the latest proven security measures like factor-based authentication to ensure
the confidentiality.
•
The company can implement one way hash to ensure the integrity by sending the specific set of specific
information towards the authorized parties and expect no feedbacks.
•
Using signature-based schemes and factor-based authentication system can ensure the nonrepudiation in the system.
•
Using secured protocols on the networks, standards and certificates can keep the website away from
security threats.
•
By checking the certifications of other business before getting partnered can avoid the fake and illegal
partners
•
Making sure to encrypt all the customers’ private information and insert them into a secured database
would help to not to leave the unencrypted data for hackers.
•
By keeping the database software and operating system up to date would help to maximize security of
the users’ data.
•
By advising the users to keep the eye on their private information, to use the strong passwords, to keep
update the firewalls and some warnings like fake emails can prevent the identity theft of the users.
•
Developing the policy to ensure the safety of the remote employees stating guidelines like to update
the firewalls and protocols.
•
Private clouds give the access to trusted parties like admin and high ranked employee by using the
server-side authentication for access the control.
•
Should advise the staff who are responsible for physical data centres, to do the constant monitoring
and configuring, to ensure the existence of the private cloud especially when using centralized
computer system.
•
By motivating developers to find the vulnerabilities of the software(s) can help the system not to leave
any backdoors for hackers.
•
To prevent that attacks that would cause from insiders like employees, the company should advise the
insiders to use strong authentication system with multi factor authentication enabled and should use
physical modern authentication systems like biometrics scanning.
GPDCM JAYASEKARA
8
NETWORK SECUIRTY
3) Identify All The Key Features/Components Of The Security Infrastructure Plan To Address All
The Above-Identified Items
•
As people should be able to perform to perform their financial transactions, the company can use third
party payment processing systems to bring on the process off-premises. Sample options like Sampath
Vishwa, PayPal, etc.
•
As if the customers able to view their details like order details, transport, stock etc without witnessing
by unauthorized parties, the company should provide a 2- factor authentication system to make sure
their accounts secured.
•
As if the customer placing online orders without unauthorized altering by man-in-middle attack, the
company can ensure the non-repudiation by using digital signatures and multi factor authentications,
by doing this company can ensure that the customers place online orders correctly.
•
As if the user submits the documents online and the user download the documents via links without
getting infected, the company needs to secure the website by using a secured link protocol called
HTTPS, a security certificate SSL, and few standards.
•
Data should be protected and backed up regularly at the end of the day, by using incremental backups,
and updated new or modified data by using differential backups and at the end of the year a full and
complete backup of the entire system should be made.
•
Can implement frameworks like public key infrastructures frameworks to ensure the confidentiality.
•
To avoid partnering with illegal companies, the company can check their certificate details by
contacting relevant authorities like certificate authority.
•
As the company maintain and host all their external system in public cloud securely, the company must
choose a trusted cloud service provider that has more security features, and the company has a partial
control over their public cloud, with that, they can use firewalls, intrusion prevention system (IPS),
secured protocols, anti-virus, and anti-malware to secure their external system.
•
The company could use recognised standards such as ISO 27001 as it has been prepared for
Implementing, Operating, Monitoring, Reviewing, Maintaining, and improving an Information
Security Management System (ISMS).
•
Also the company could implement ISO/IEC 27002 as this provides the best solutions as recommended
on Information security of the ISMS as it provides Risk Assessment , Security Policy, Organization
of Information Security , Asset Management,
Human Resources Security,
Physical and
Environmental Security , Communications and Operations Management, Access Control, Information
Systems Acquisition, development and maintenance, Information Security Incident Management,
Business Continuity Management and Compliance.
GPDCM JAYASEKARA
9
NETWORK SECUIRTY
•
They can use other standards like:
➢ ISO/IEC 27004:2009 - Information Security Management Measurement Standard
➢ ISO/IEC 27005:2011 -Information Security Risk Management Standard
➢ ISO/IEC 27007:2011 -Auditing Information Security Management Systems
➢ ISO/IEC 27032:2012 - Cybersecurity
➢ ISO/IEC 27033 - IT Network Security (Parts 1, 2 & 3 Are Published)
➢ ISO/IEC 27035:2011 - Information Security Incident Management
➢ ISO/IEC 27037 – Digital Evidence
➢ ISO/IEC 27039 - Intrusion Detection & Prevention Systems
•
As the company stores and manage their internal system inside their private cloud system, the company
should be aware of legal risks in future when establishing the data centres. It is better to check whether
that if data centres violate the legal procedures or not.
•
Next-Generation-Firewall (NGFW) can provide as a more secure option as traditional firewalls are
only intended to grant access or revoke. These kinds of firewall solution are inherent as they rely on
policies and limitations that has been programmed. If the company successfully set the updated policies
so these firewalls can deny the access of new and unknown threats. However, if not yet, the company
can use additional tools such as AMP and NGIPS with using NGFW, so it can provide control,
automation, and penetrations.
•
As one of the companies of the group runs a medium scale business providing cloud and data services
securely, the company need to make sure to secure as they are providing the public cloud services that
are using shared technology where public can reach. Due to public reach, there would be high chance
of being attacked, to prepare for that, the business should automate the software and cover the
vulnerabilities so their customers can receive best secured cloud services.
•
Malwares can be in any form of Viruses, Trojans, Worms, Spyware, Rootkits, Adware, etc. The best
security requirement to prevent from these malwares is to install an anti-virus software as it scans the
computer to detect and clean the malwares and provides automatic updates to provide more protection.
Also, by placing a firewall it will prevent all unauthorized access from private computer networks.
Therefore, these anti-virus software and firewalls will bring an extra barrier for malwares to attack the
computers.
GPDCM JAYASEKARA
10
NETWORK SECUIRTY
4) Explain How You Can Address Number 5 Of The Above. Give A Detail Approach & Steps
You Will Carry Out To Enhance The Public Trust Highlighting Both Technical &
Nontechnical Steps.
• Public trust is an essential component for every internet based digital business. Trust can be change
according to reviews, rating, and recent highlights of the company. If the company’s history is not
good enough to establish the trust, then it should identify what was wrong and recover it as there is no
successful digital based business without strong public trust. Initially, Authentication and
Authorization can use as a primary security feature so they are significant to gain the public trust, with
this, signature-based schema like digital signatures can be used here as it is a modern technical solution
that help to maximize the trust among the customers and users. Therefore, it is required to use identity
certificates to merge the authentication services but using identity certificates are known as impractical
solutions. To recover this, a key infrastructure, public key infrastructure (PKI) can be use here, as it
contributes to bear the confidentiality, integrity, and non-repudiation of the system.
•
Next, it is required to make the transactions between users and company secure and confidential. The
company and the customer should make sure whether their requests are compromise or not. In a
transaction between the customer and company, man-middle-attacks can cause compromises, in this
kind of sense, non-repudiation will be the critical role to consider and to ensure it company can
implement the key infrastructure frameworks and modern authentication systems. Additionally, the
company can partner with trusted and secured third party services, as this is also widely used modern
technical solution.
•
As a company, to avoid the collapse of public trust because of insider attacks, they should understand
that most of insider attacks are caused by internal employees. Therefore, both of technical and nontechnical solution can be provide here. Using physical intrusion detection systems like security
cameras, using devices that able to lock the assets without being stolen, training employees, and using
physical authentication systems like biometric scanning, etc can be provide as non-technical solution
and firewalls can use as a technical solution to protect all the assets of this enterprise’s network, without
being attacked that able to pull the company away from the public trust.
•
Then, when establishing the connection with other institutions, it is better to partner with most trusted
and legal institutions. However, due to the highly competence between companies in the modern
world, this company must need to protect their information as they should consider the information as
an important factor to make sure to keep the public trust. As customers’ information reside in the
company, it is required to protect them by providing more secure access methods and controls, using
encryption methods, and monitoring network for potential threats can be use as technical solution and
educate to use strong authentication codes and security can be use as a non-technical solution, so the
customers’ and employee cannot share their passwords among the networks.
GPDCM JAYASEKARA
11
NETWORK SECUIRTY
About Author
Personal Quote
“You'll never get what you want if you don't pursue it. If you don't ask,
you'll always get a no. If you don't move forward, you remain
stationary.”
Who Is GPDCM Jayasekara?
“My name is GPDCM Jayasekara, I consider myself an optimistic & creative individual who has
passion in the field of computer networks & automation & hope to create a difference in the industry.
I am a smart and diligent collaborator who enjoys exceeding targets. I am also enthusiastic and
willing to learn new things that would challenge me both personally and academically, which would
help me be a better version of myself.
Personal Objective
To carve a niche for myself as a professional in the computer network industry with a reputed and
well-managed organization where my potential is utilized to the fullest, thereby leading to the growth
of both the organization as well as my career in the organization. Further, I’m interested in pursuing
higher studies in computer security in which I can help improve my knowledge for the betterment of
the organization and our society.
GPDCM JAYASEKARA
12
NETWORK SECUIRTY
END REPORT
GPDCM JAYASEKARA
View publication stats
13
Related documents
ELEMENTS OF WEATHER SUMMARY
ELEMENTS OF WEATHER SUMMARY
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU 12-2011
EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU 12-2011
Cloud Based Business Growth Support Processes
Cloud Based Business Growth Support Processes
Download
advertisement