Project
dloand
InfrastructureAndSecurity.docx1
OnBuy E-Commerce Project: Infrastructure and Security Policy Document
Tom Anderson
Professor Urimindi
February 28, 2021
OnBuy E-Commerce Project: Infrastructure and Security Policy Document
a. Logical and Physical Typographical Layout of the Network
Table 1
Logical Diagram
Table 2
Physical Network Typographical Diagram
b. Possible Placement of Servers
The e-commerce platform will utilize multiple servers to provide products and services on the internet. The utilization of many servers plays an integral role in improving the performance and robustness of a network system (Sahoo et al., 2016). Therefore, the number, location, and distribution of the servers significantly influence the performance and reliability of the e-commerce platform. In this case, the server placement will be determined based on the need to distribute service requests to the servers according to the measured response time of each server. As the internet is projected to grow phenomenally in the next few years, the increasing number of services on the internet will become indispensable to the company’s clients. Thus, the organization will provide its products and services on the internet using multiple servers in order to improve performance and robustness. For that reason, server placement will be an important factor in the quality of the firm’s services.
While the best-server selection will be assumed for the firm’s server placement, it will not necessarily be the case for many services that the company will use, such as the Domain Name System. Thus, different selection mechanisms will inform the process of placing servers. For all the user groups to receive good performance, it will be important to place servers close to them since some servers could be very far on the internet. Additionally, the availability of services will be increased by enabling the users to switch to an alternative server if needed. In case the nearest server fails, or its performance declines, the users will need to choose another server to continuously receive the services in good quality.
The organization will collaborate with internet service providers to provide effective system-wide performance. Load-sharing among the servers will also be considered an important part of the server placement process than the performance from the administrator’s perspective. Thus, there will be a need to take an additional server to minimize the load of heavily loaded servers. The location of the new servers will be selected in a way that distributes the service load appropriately. Moreover, it will be necessary to take into consideration the potential impacts of the placement on the performance as perceived by the users as well. This implies that the server placement process will not sacrifice the overall system’s performance due to the loading distribution.
The placement process will be guided by server selection algorithms. When sets of servers for the organization are available, the potential users may select one of the servers. As such, different mechanisms will be employed to select a server for use. These include the best server algorithm, uniform algorithm, and reciprocal algorithm. The best-server algorithm measures the conditions of the servers and selects one as the best server for users. This tool can use round-trip, the number of hops, or other forms of network distance. The best server algorithm can be selected from such measurement indicators. It is also optimal in performance but hard to control the load-sharing. The uniform algorithm, on the other hand, will be employed to select all the servers uniformly. This can be attained by employing round-robin or random selection processes and does not require utilizing any metric. This algorithm will be easy to implement because it plays an integral role in load sharing. Further, the reciprocal algorithm will be employed to select a server with a probability reciprocal to some metrics. In this respect, the access probability to each server is often a function of some metrics. In case the distance is utilized as a metric, for example, a near server can be used more frequently than a far one, and the two are located at the same distance are used equally. This method is adaptive in fluctuating server conditions because the selection is often dynamically determined by the fluctuation.
c. The Rationale for the Logical and Physical Topographies
There are various reasons for the adoption of the logical and physical topographical layout of the planned network. The physical topology will define the real structuring of the network. In contrast, the logical topology will describe the communication mechanisms that the devices will utilize on the local area network (LAN) for the purpose of data transmission. Moreover, the physical topology will clarify how the network looks and functions in the real-world. In contrast, its logical topology will describe how data will travel in the e-commerce system logistically. Additionally, the physical topology that has been used employs both bus and ring topology, while the logical typography utilizes bus topology alone (Truppel et al., 2020). Furthermore, the physical topology is based on physical connections such as cables and wires. The logical one, on the other hand, is founded on the path that data travels in a network system. The physical topology affects the costs, scalability, flexibility, and bandwidth capacity of the network. This is because it defines the number of servers that will be installed and the necessary resources that are required to develop and adopt it.
In the organization’s logical topology, the data will travel linearly in the network, similar to bus topology. This implies that when the devices are linked inside the network using a hub, the real physical network will appear similar to a star topology. When connected with the utilization of a hub, the network becomes shared media, and data travels linearly, as with bus topology. In the platform’s physical topology, the signals will propagate along the entire length of the bus. The logical topology will work to allow all the devices on the network to receive every message that is transmitted. In this respect, each device will be responsible for recognizing the messages meant for it all. In case a device is not the authorized receiver, the message is ignored.
The network operates well when it has a clearly defined physical topology. Utilizing it also makes it easier to find the media type to be used in a network. Physical topology also makes it easier to perform network routing through the cables. In case the nodes are not shared, the routes may not be established easily. Through the physical topology, the organization will create datasets with better quality control and integrity. These datasets will be easily validated, and the errors that are detected will be found in them. Such a process helps in the efficacious management of the data. Moreover, the physical typography also enables the network administrators to easily find the relationships between the topologies and the elements shared with each type of topology. As a result, it enables the editing of one database and updating the features with other datasets. All such sets are synchronized with each other, and the systems and devices are kept close to each other with the support of topology as the cables and the features are connected. The interconnection of the systems plays an integral role in the efficacious management of the network.
d. Network Security Policy Document
i. Policy
Preamble
OnBuy acknowledges the important role that information technology plays in bringing people together and making products accessible to all. However, we also recognize the danger that digital networks' widespread adoption poses to their users and organizations. A safe environment is important in preventing fraudulent activities that result in adverse events such as theft of customer financial data, hacking, denial of network service attacks, and alteration or deletion of data by unauthorized parties. Thus, the purpose of this policy is to protect the integrity of the organization's network, prevent the risks and losses related to security threats and breaches, and ensure that there are secure and reliable network access and performance for the entire OnBuy community. Therefore, this policy paper is essential in providing a reliable organizational network, support seamless business operations, and mitigate unauthorized access to corporate, research, and personal data.
Securing the Domain Services
1. The organization’s network administrators are solely responsible for the management of internet domain names associated with it. Thus, employees and other user groups shall not develop or support additional internet domains without prior approval from the company.
2. To guarantee the stability and reliability of the communication systems, the network administrator will provide and manage both the public and private IP address spaces that are in use by the company.
3. These administrative tasks may be delegated to individuals or organizations for defined network ranges but remains the right of ownership for such networks.
Network Security
1. OnBuy shall investigate any unauthorized access of computer networks, systems, or devices. The company will also collaborate with professionals, administrative departments, and law enforcers when necessary.
2. All the devices that will be connected to the network will have sufficient security controls that will be introduced and configured to prohibit unauthorized access or misuse of data.
3. In the event that a security breach is detected, it will be the responsibility of OnBuy’s network users to report the issues to the IT department for further investigations.
4. OnBuy reserves the right to disconnect any system or device from accessing its network if suspicious activities are detected from it at any given moment.
5. Network user groups that are evaluated and deemed as secure will be permitted to continue utilizing out system. However, suspicious activities, such as access or attaching unauthorized network devices will be blocked. These activities may include packet sniffing, snooping, and installing a system that appears to be like another authorized system on the network.
Confidentiality
1. The company believes in protecting the privacy of all users.
2. Therefore, we will protect all the customer data from disclosure to third parties or unauthorized individuals and groups.
3. Employees are banned from sharing private customer data such as their credit card and socials security details to unauthorized parties.
4. All confidential data will be locked or secured at all times and will not be taken outside the firm’s premises.
5. Data will only be disclosed to others upon seeking permission from users or senior management.
Integrity
1. To promote data integrity, the organization will take various steps, such as:
a. Qualifying and validating the system.
b. Archiving regularly
c. Selecting appropriate systems and service providers
d. Regularly auditing the trails.
Monitoring and Auditing
1. The company will continually monitor and audit traffic logs for all the network devices and tools for security purposes.
2. OnBuy reserves the right to examine, access, retrieve, and disclose data communications when it has sufficient reasonable cause to suspect a federal or organizational policy violation or criminal activities have occurred.
3. The company may perform regular penetration testing of any of its owned devices or reduces to determine the potential risks that are related to safeguarding its information systems.
Security Controls
1. The company has introduced network security controls to mitigate potential security breaches.
2. Technical controls will include use of multifactor authentication, intrusion detection and prevention systems, antivirus software, firewalls, encryption, as well as access control lists.
3. Physical controls will include use of surveillance cameras, biometric identification, security personnel, and strong locks and fencing systems.
ii. Ethical Aspects
The ethical issues that may arise include sharing of passwords and keys with unauthorized people. In case people who have been entrusted with the passwords of their departments or areas of jurisdiction share their passwords with unauthorized individuals, there is the risk of access of vital information by the unauthorized individuals, which presents privacy concerns (Stahl & Wright, 2018). Unauthorized individuals can steal vital information such as patent rights or misuse stakeholders’ information, including their health and financial information. When such sensitive information is accessed by malicious individuals, they will steal from the stakeholders, including the organization, which will lower their confidence in the company and sue for compensation and breach of privacy. Besides, crucial organizational information can be leaked to competitors, thereby reducing the company’s competitiveness. For instance, if contractors accidentally access procurement data, they can use the information to manipulate the company for financial gains or to win tenders unfairly.
Access to the organization's network information is restricted to the authorized people alone. In case employees or any other stakeholders share the network key, the company will be at risk of having its confidential information leaked to wrong parties, including competitors and fraudsters (Stahl & Wright, 2018). The organization's plans and patented information will then be used maliciously to the peril of the company. Therefore, it is crucial for all employees and the stakeholders who know passwords maintain discretion regarding unauthorized sharing. Employees are not expected to share the access passwords for their departments with unauthorized people who include fellow employees working for the company but are in different departments. Additionally, the organization's passwords are not to be shared by outsiders who include but are not limited to the employees' friends and families to avert possible ethical concerns that may arise due to unauthorized access to the organization's network.
References
Sahoo, J., Salahuddin, M. A., Glitho, R., Elbiaze, H., & Ajib, W. (2016). A survey on replica
server placement algorithms for content delivery networks. IEEE Communications
Surveys & Tutorials, 19(2), 1002-1026.
Stahl, B. C., & Wright, D. (2018). Ethics and privacy in AI and big data: Implementing
responsible research and innovation. IEEE Security & Privacy, 16(3), 26-33.
Truppel, A., Tseng, T. M., Bertozzi, D., Alves, J. C., & Schlichtmann, U. (2020). PSION+:
Combining logical topology and physical layout optimization for Wavelength-Routed
ONoCs. IEEE Transactions on Computer-Aided Design of Integrated Circuits and
Systems, 39(12), 5197-5210.
