Securing Linux Platforms and Applications Project
Project Part 1 Task 1: Outline Security Policy
This security policy is essential to the First World Bank Savings and Loan. It is used to break up the security plan not measurable, specific, and testable goals and objectives.
This security policy would be used to provide all current and prospective customers online banking services while keeping the First World Saing bank competitive in the financial marketplace. This solution is also an imperative due to an estimated revenue of $100,0000,000 flowing in by virtue of online credit card transactions specific to banking and loan application based services. This security policy will go on ...view middle of the document...
Availability aspect with reference to First World Savings Bank – Availability refers to the principle that states that individuals or systems need to be granted timely access to the required information and other resources to perform the required operations.
The process of conducting financial transactions and overall business using internet to move money throughout various accounts, conduct business using credit cards, and allowing customers to view their account details, past transactions, and pertinent details have to comply with a number of government regulations.
A number of possible penalties for any on-compliance including but not limited to jail-time and monetary violations need to be adhered to via performing the required audits as per the statutory specifications. Any violation found in the company need to be delt with as war the guidelines laid down by the government.
A number of security access control mechanism are recommended in order to establish a comprehensive security system such as using LSM (Linux Security Module). The process of using unique user-id a password combination for system access does well from user management perspective but poses serious threats from a system vulnerability standpoint. This gap can be closed by using LSM that can provide a multitude of access control models to be created and deployed.
Many enhanced access control implementations such as DTE (Domain and Type Enforcement) , SELinux, ad LIDS(Linux Intrusion Detection System) need to be enabled via the ability of threads belonging to security-enhanced control implementation to work independently of the main Linux kernel.
Project Part 1 Task 2: Provide Open Source Server Solutions
There are a number of open source software that can be used in the Savings and Loan division of the First World Bank. Each of them has its strengths and below are my recommendations along with the underlying rationale:
1. SugarCRM - This software suite belongs to the CRM (Customer Relationship Management) domain and is known for its marketing model and disruptive engineering approach. SuagrCRM can be engaged in a commercial relationship with a customer while you continue to use the out of the box product offering with standard functionality. This unique model and the corresponding value proposition has resulted in SuagrCRM being one of the leading CRM product. I would still recommend against using SugarCRM as it is known to have security flaws that make it more vulnerable to hacker attacks.
2. Mono - This technology is sponsored by Novell and combines two seemingly different worlds of Microsoft and*nix into a single agile, open source and stable realm. Mono is the open-source implementation of Microsoft's.NET technologies. Mono allows you to develop advanced and powerful applications (server-side) on Linux, Mac OS X, and Windows.
3.Zenoss - Zenoss consists of an alert console, network discovery, performance monitoring, service monitoring, and inventory...