Expert answer:****NEEDS TO BE AN ADDITIONAL SEVEN PAGES*****You are now ready to start representing your system integration project by utilizing a system integration framework, which you researched as part of your Discussion Board assignment. You will also decide which components you might want to acquire and which components you want develop internally.Assignment GuidelinesFor this week’s assignment, you will be providing detail on the overall system integration architecture and the implementation framework.New Content (Week 4) Proposed System Integration Components ArchitectureThoroughly describe the architecture of the proposed integrated system, including all interfaces and components for the system integration and deployment.Represent this architecture diagrammatically.Discuss which components and interfaces could be acquired and those that need to be developed from scratch.Implementation FrameworkSelect and describe in detail the framework that you used to define and implement the system integration project.Define the project in terms of the selected framework.Discuss advantages for using the selected framework.Discuss integration challenges that were highlighted by defining the framework.Make sure that the document is in APA format.Submit the document for grading.*****NEEDS TO BE AN ADDITIONAL SEVEN PAGES*****
last_first_itsd425_unit3.docx
Unformatted Attachment Preview
Running head: SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT
Systems Integration OS Banking Security Project (IIII)
ITSD425 Unit4
First Last
12.12.2017
School
1
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT2
1. Project Information
3
2. Project Plan
4
3. System Integration Best Practices
5
Project Plan
9
4. Requirements Specifications
13
5. Enterprise System Integration Analysis
21
6. Systems Integration Approach Evaluation and Selection
25
7. Proposed System Integration Components Architecture
30
8. Implementation Framework
31
9. System Integration Implementation Plan
32
References
33
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT3
1. Project Information
Operating system Security (OS security) is a data and information protection
integrated system that aims at ensuring the availability, integrity, and confidentiality of data.
In the modern day, information technology has skyrocketed leading to new and viable
information security systems. However, with a similar rate, cybercrime and other forms of
data confidentiality breach and identity thefts have thrived (Cameron et al. 2010). Criminals
use such websites as Dark web and sophisticated software to infiltrate information system
and cause information and data vulnerability.
OS integrated security system comes to the rescue of individuals and organizations in
protecting the OS from hacker intrusions, malware, viruses, worms, and other forms of
threats. The OS security is an integration of all preventive control techniques used in ensuring
data safety. For example, single physical computing hardware that shares I/O devices, disk,
and CPU among others tend to be vulnerable to threats and attacks from multiple access
points (In Vacca, 2014). The target of any hacker is to control the operating system where the
key to all other access points lies.
The bank is one enterprise that is targeted by hackers either directly to its servers or
via the security details of the customers. Hackers try to infiltrate the servers and Central
Processing Unit of a banking organization, so that they can introduce malware that can help
them take control of the banking system and credit their accounts with money (Cameron et al.
2010). On the other hand, they also hack the customer’s security systems and steal their
identity and in the process withdrawing all their money (Tran & Park, 2014).
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT4
2. Project Plan
The aim of the project is to employ OS integrated security system in safeguarding
data and information integrity and protection. Security provision refers to the aspect of
ensuring such computer systems as software programs, disks, CPU and the memory are all
protected from malware, manipulation, threats, worms, viruses, and malicious and
unauthorized access. The project aims at using an integrated OS security system to promote
data and information integrity and security for the banking sector.
The upgrading of the organization’s data security system will be the priority of the
project by ensuring that the OS security systems are integrated in such a manner that data
integrity and security for the banking sector is enhanced. Some of the vulnerabilities that lead
to security breach include the user’s use of weak passwords. Secondly, poor data encryption
system, such programs threats as Trojan horse, virus, logic bomb, and Trapdoor. The
organization’s system is prone to such threats as worm, port scanning, and denial of service
(Silberschatz, Gagne & Galvin, 2013).
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT5
3. System Integration Best Practices
In a bid to enhance the OS security system integration, some desirable practices
should be practiced by every bank staff and stakeholders. The operating system can be
secured through best practices that mitigate the vulnerability of the entire information
security system. When it comes to the user accounts in the bank, the number if computers
connected to the organization’s server must be limited. Only a few trusted users should be
allowed to access the bank’s server via computers as this would give ease in maintaining
accountability (Silberschatz, Gagne & Galvin, 2013).
When it comes to account policies, strong password for both personal computers
(PCs) and the server should be made as string as possible with frequent password change
schedule. The file system should be designed in such a manner that it grants read-only access
permissions to discourage the hackers. The system should be set to deny access by default if
it identifies unauthorized access (Tran & Park, 2014). When it comes to the bank’s network
services, the level of access permissions by the users should be limited and restrictive to the
public.
Most importantly, the latest vendor patches for the OS security must be functional and
integrated into the entire system. Also, a regular maintenance schedule should be set for an
update of security patches (Tran & Park, 2014). Considering that the bank has multiple
operations, there is need to implement a protection for buffer overflow using third party
software. System login files must be monitored frequently while ensuring that they are safe
by restricting access permissions to them. Finally, the system resources should be backed up
on a regular basis (In Vacca, 2014).
Enterprise Information
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT6
The banking sector is one of the areas that high-level sensitivity information is stored.
There is thus the need to boost information security measures to mitigate the vulnerabilities
that have been causing multiple cyber-attacks on banks. Many banks have lost money
through direct infiltration in their databases or through external attacks whereby client’s
identity is stolen and used to access their accounts (In Vacca, 2014).
Valley wood Bank is one institution that has reported four major cyber-attacks that have cost
its running and public confidence a great deal. Security measures have been upgraded after
every attack but the attackers have always found new strategies to conquer the banks data
protection system. As a result, there is need to see to it that the bank adopts a new security
system that is reliable and effective in ensuring data security (Silberschatz, Gagne &
Galvin, 2013).
Project Objectives
The objectives of the project are to restore public confidence in trusting the bank
again with their money by coming up with a long terms solution to data and information
security for both the bank’s database and the user’s schema. The project will, therefore, look
to fulfilling the following objectives;
● Outlining and demonstrating the importance of OS security system in a banking
system
● Make an enterprise system integration analysis on Valley Wood Bank
● Evaluate how the application of OS security can ensure data security and
confidentiality for the bank are enhanced
● Analysing strategies to protect the bank from current and future threats
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT7
The planning of an effective OS security system that can be adopted by Valley wood bank to
ensure a long-term security system (Silberschatz, Gagne & Galvin, 2013).
Business/Technical Needs to be met by the Project
Considering the sensitivity of the information that pertains to financial matters for
clients on their savings, the project should meet number if technical aspects. First, many
customers are resulting to online backing and other major financial transactions that link to
the bank. There is thus the need to ensure that the customer is protected while they use the
mobile banking that has become the new trend in the banking industry (In Vacca, 2014).
Valley wood should stop using weak and old system security measures and adopt the OS
security system. The OS of any system tends to control major operations of the entire
organization. As a result, protecting the customer and organization by first boosting the
security of the OS is recommendable.
The first technical aspect will be to upgrade and implement better and secure communication
methods within the bank and with the clients. Communication system that is insecure is
detrimental for any organization considering that information is the greatest weapon an
organization can have. Internal and external banking communication will be addressed.
Secondly, the need to create a strong password strategy for the bank and the user’s systems
will be crucial (Silberschatz, Gagne & Galvin, 2013).
The project will also advocate for the creation of internal awareness to threats in the
bank by ensuring that internal protocols are strengthened. Creation of awareness on both
employees and customers will be a boost to the security system of the bank. Most
importantly, the project looks at formulating a plan to strengthen database security by
integrating a safe OS security system to control internal security aspects (In Vacca, 2014).
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT8
Moreover, it will outline the creation of a secure backup plan by analysing data centre
management and application of cloud computing to the Os security system to enable
addressing security concerns for customers (Silberschatz, Gagne & Galvin, 2013). An
upgraded security system that will utilize OS security system to enhance security by sending
alarm signals to alert the customer or the bank on any probable attempts to access the user’s
account or the bank’s database.
Other technical improvements will include better authentication processes. It will also
outline improved authorization processes controlled by the banks database. The other aspect
is resource protection by setting up a system that gives limited access to vital areas in the
organization. Data and system integrity will be enhanced as well. In addition, other aspects to
be addressed will include nonrepudiation and confidentiality.
Major Components to be integrated
In a bid to enhance a reliable OS security system, many major components will be
integrated to make up a complete system. The first component will be the server and the
second will be the database. These are the core components that are regulated by the
operating system and if infiltrated or compromised, they lead to outright cyber-attacks or
corruption of data by malware. Other components will involve a video surveillance system
with IP cameras being installed. Intruder alarms will also be integrated in the system and
linked to the IP cameras to enhance the video surveillance.
Access control forms the other OS security integrated component each subsystem will
be expected to have an access control system so that any suspicious access attempt can be
recorded and relayed to the alarm system and to the server. Alarms and visitor management
platforms will form part of the access control. Standards and protocol control system will also
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT9
be a part of the OS security integration and they will give access protocols that discourage
identity theft and infiltration (In Vacca, 2014).
Centralized control will also be a must have integration linked directly to the OS
system. Customers will be able to view all security aspects using a single user interface. With
the availability of a centralized control integrated to a video surveillance, and access control,
greater visibility and control will be enhanced. The OS security system will utilize this
integration in delivering secure and reliable integrity information.
Boundaries of the Project (what it will not address)
The project will not consider the actual software development for OS security system
but it will assume that the software is already there. It will only major on its design, planning
and implementation to show how banking security can be improved. It will also not address
the various types of system vulnerabilities, malware and viruses among other aspects that
lead to cyber insecurity. It will just mention them briefly.
Project Plan
Work Breakdown Structure
In a bid to ensure that the scope and objectives of the project are achieved with minimal
wastage of human resource and in ensuring timely delivery of the project, a Work Breakdown
Structure is important.
Task
Scope definition
Project objectives
Threat analysis
Streamlining
communication
System security
Requirement
Start Date
End Date
Task Bearer
6/11/2017
9/11/2017
12/11/2017
8/11/2017
10/11/2017
14/11/2017
John
Lucy
Cleopas
15/11/2017
18/11/2017
James
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT10
specification
Software
requirements
Authentication
requirements
Security
Monitoring and
control
Design
Systems
Integration Approach
19/11/2017
20/11/2017
Billy
21/11/2017
23/11/2017
Zack
24/11/2017
27/11/2017
26/11/2017
28/11/2017
Lucy
John
29/11/2017
1/12/2017
Billy
Integration
Components
2/12/2017
4/12/2017
James
Technical needs
5/12/2017
6/12/2017
Billy
8/12/2017
10/12/2017
Cleoppas
Lucy
15/12/2017
17/12/2017
Zack
Implementation
Implementation
Frameworks
System integration
implementation plan
Process Flow Diagram
OS Security System
Development Project
Definition and
Design
scope
ation
Project Objectives
Systems
Threat analysis
Streamline
communication
System security
Software
hardware
Implement
Integration Approach
Integration
Components
Technical
needs
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT11
System integration
implementation plan
Requirement
specification
Control and
authentication
monitoring
List of Resources required completing Project
The project will require IT and system installation expertise. Hardware infrastructure
such as alarm systems, surveillance videos, servers, database, LAN and WAN integration
components, and computer subsystems will be part of the required resources. When it comes
to software requirements, cloud computing programs, and signal sensors to be integrated to
the customer’s phone. Installation capital will also be needed to see the project to completion
(Silberschatz, Gagne & Galvin, 2013).
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT12
4. Requirements Specifications
For the upgrading and installation of an effective OS security to be effective, there is
need to analyse software requirement specification for the project. It is the determination of
what the OS security will do and its expectations to perform. Software Requirement
Specification (SRS) will be used as vision tool since the security of banking security has been
a global concern (In Oshana & In Kraeling, 2013). In this case, the banking OS Security
system will require some performance and software requirements so that it can work
effectively in protecting customer information, and possibilities of hacking.
First, the OS security system will have to route the bank’s defined internal
communication systems and route them to external networks. This is a requirement that will
need authentication proxy servers to be installed. The servers will be managed boundary
protected interfaces. The proxy server will be designed in such a way that it hides the identity
of the clients whenever they decide to make connections to the server on the outside of the
bank’s networks. As a result, any hacking attempt outside of the learning IP will be prevented
(Jacobs, 2014).
The other requirement will be the need to ensure that the OS security system
communicates outside the communication path of the bank to prevent remote devices that can
establish a non-remote connection from hacking into the bank’s main server. The project will
consider authentication, communication, software, hardware, and intrusion monitoring
requirements needed to ensure that the OS security of the bank will be implemented
effectively (In Oshana & In Kraeling, 2013).
Authentication Requirements
These refer to the strategies that the OS security system will employ in resolving such
issues as expiry of inactive sessions, forgotten passwords, and account lockouts among other
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT13
customer-related challenges that pose vulnerability to the bank. The system will need to
determine whether someone is whom they claim to be and decide that will either deny or
allow them access (Yang & Alves-Foss, 2013).
Communication Requirements
In ensuring an effective communication system, such requirements as reliable internet
system will be considered. The running of a banking system must be efficient enough to
make online transactions as quickly as possible while ensuring data security is maintained.
For the project to be completed effectively, a proper chain of communication will be
determined so that all project requirements can be communicated effectively (Yang & AlvesFoss, 2013).
The OS will, therefore, establish an internet connection that can assist the stakeholders to surf
and make other online transactions. Requirements needed to make communication protocols
between the bank and the client will be enabled by an effective OS security system that will
ensure that no information communication platform is infiltrated. Therefore, requirements on
the management of Wi-Fi and Ethernet connections will be considered so that seamless
communication can occur between the bank and the client, or the client and the machine
during a financial interaction (Yang & Alves-Foss, 2013).
Software Requirements
When it comes to software requirements, the OS security system will ensure that the
software used is strong and efficient enough to protect the bank’s database and its servers.
The first thing will be to train clients and the banking staff on cybersecurity (Jacobs, 2014).
The aspect of firewall protection to enable internet protection for customers will be
considered. Thirdly, keeping the software up to date is an important aspect that ensures
malicious attacks on the OS security system does not happen. Up–to-date browser will see to
it that security is enhanced (Peltier, 2014).
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT14
Provision of antivirus for the banking software and the user machine devices is a
crucial requirement. Anti-virus is meant to keep viruses that hackers put on the internet from
infiltrating user and bank systems to create vulnerabilities that they can exploit (Yang &
Alves-Foss, 2013). The anti-spyware software will be installed in the OS security system to
ensure that malicious attempts are reported as early as the hacker tried to access the database
and appropriate measures taken by the system on an automated response.
Other aspects to be considered in the OS security software include efficiency and cost.
The software used must be efficient enough to handle bulky transactions and security
capabilities. This is because a bank is an outright target for cybercriminals and thus vigilance
if required. Secondly, the complexity of infiltration capability will be considered to measure
how strong the bank’s security system will be (Serpanos & Wolf, 2011). When it comes to
cost, the software must be of quality performance and fair price based on its durability and
efficiency in protecting organizational data and transactions.
SYSTEMS INTEGRATION OS BANKING SECURITY PROJECT15
Hardware Requirements
In hardware requirements, the project will look at enhancing security in hardware
components that support the bank. First, it will look at enhancing security to its servers and
database. Thirdly, external storage protection for hard disks and usage of external data
storage devices will have to be regulated by both organizational staff and clients. The type of
browsers that the bank will use will also be evaluated (Serpanos & Wolf, 2011).
Intrusion and Monitoring Requirements
Some of the intrusion and monitoring requirements needed for the project include database
security. It will consider protecting the bank from the following threats; Trojan, worms,
spyware, malware, security software that are rogue, phishing, spam, and rootkit among others
(Yang & Alves-F …
Purchase answer to see full
attachment