System Architecture and Integration(III)

Operating system Security (OS security) is a data and information protection integrated system that aims at ensuring the availability, integrity, and confidentiality of data. In the modern day, information technology has skyrocketed leading to new and viable information security systems. However, with a similar rate, cybercrime and other forms of data confidentiality breach and identity thefts have thrived (Cameron et al. 2010). Criminals use such websites as Dark web and sophisticated software to infiltrate information system and cause information and data vulnerability.

OS integrated security system comes to the rescue of individuals and organizations in protecting the OS from hacker intrusions, malware, viruses, worms, and other forms of threats. The OS security is an integration of all preventive control techniques used in ensuring data safety. For example, single physical computing hardware that shares I/O devices, disk, and CPU among others tend to be vulnerable to threats and attacks from multiple access points (In Vacca, 2014). The target of any hacker is to control the operating system where the key to all other access points lies.

The bank is one enterprise that is targeted by hackers either directly to its servers or via the security details of the customers. Hackers try to infiltrate the servers and Central Processing Unit of a banking organization, so that they can introduce malware that can help them take control of the banking system and credit their accounts with money (Cameron et al. 2010). On the other hand, they also hack the customer’s security systems and steal their identity and in the process withdrawing all their money (Tran & Park, 2014).

The aim of the project is to employ OS integrated security system in safeguarding data and information integrity and protection. Security provision refers to the aspect of ensuring such computer systems as software programs, disks, CPU and the memory are all protected from malware, manipulation, threats, worms, viruses, and malicious and unauthorized access. The project aims at using an integrated OS security system to promote data and information integrity and security for the banking sector.

The upgrading of the organization’s data security system will be the priority of the project by ensuring that the OS security systems are integrated in such a manner that data integrity and security for the banking sector is enhanced. Some of the vulnerabilities that lead to security breach include the user’s use of weak passwords. Secondly, poor data encryption system, such programs threats as Trojan horse, virus, logic bomb, and Trapdoor. The organization’s system is prone to such threats as worm, port scanning, and denial of service (Silberschatz, Gagne & Galvin, 2013).

In a bid to enhance the OS security system integration, some desirable practices should be practiced by every bank staff and stakeholders. The operating system can be secured through best practices that mitigate the vulnerability of the entire information security system. When it comes to the user accounts in the bank, the number if computers connected to the organization’s server must be limited. Only a few trusted users should be allowed to access the bank's server via computers as this would give ease in maintaining accountability (Silberschatz, Gagne & Galvin, 2013).

When it comes to account policies, strong password for both personal computers (PCs) and the server should be made as string as possible with frequent password change schedule. The file system should be designed in such a manner that it grants read-only access permissions to discourage the hackers. The system should be set to deny access by default if it identifies unauthorized access (Tran & Park, 2014). When it comes to the bank’s network services, the level of access permissions by the users should be limited and restrictive to the public.

Most importantly, the latest vendor patches for the OS security must be functional and integrated into the entire system. Also, a regular maintenance schedule should be set for an update of security patches (Tran & Park, 2014). Considering that the bank has multiple operations, there is need to implement a protection for buffer overflow using third party software. System login files must be monitored frequently while ensuring that they are safe by restricting access permissions to them. Finally, the system resources should be backed up on a regular basis (In Vacca, 2014).

Enterprise Information

The banking sector is one of the areas that high-level sensitivity information is stored. There is thus the need to boost information security measures to mitigate the vulnerabilities that have been causing multiple cyber-attacks on banks. Many banks have lost money through direct infiltration in their databases or through external attacks whereby client’s identity is stolen and used to access their accounts (In Vacca, 2014).

Valley wood Bank is one institution that has reported four major cyber-attacks that have cost its running and public confidence a great deal. Security measures have been upgraded after every attack but the attackers have always found new strategies to conquer the banks data protection system. As a result, there is need to see to it that the bank adopts a new security system that is reliable and effective in ensuring data security (Silberschatz, Gagne & Galvin, 2013).

.

Project Objectives

The objectives of the project are to restore public confidence in trusting the bank again with their money by coming up with a long terms solution to data and information security for both the bank’s database and the user’s schema. The project will, therefore, look to fulfilling the following objectives;

· Outlining and demonstrating the importance of OS security system in a banking system

· Make an enterprise system integration analysis on Valley Wood Bank

· Evaluate how the application of OS security can ensure data security and confidentiality for the bank are enhanced

· Analysing strategies to protect the bank from current and future threats

The planning of an effective OS security system that can be adopted by Valley wood bank to ensure a long-term security system (Silberschatz, Gagne & Galvin, 2013).

Business/Technical Needs to be met by the Project

Considering the sensitivity of the information that pertains to financial matters for clients on their savings, the project should meet number if technical aspects. First, many customers are resulting to online backing and other major financial transactions that link to the bank. There is thus the need to ensure that the customer is protected while they use the mobile banking that has become the new trend in the banking industry (In Vacca, 2014). Valley wood should stop using weak and old system security measures and adopt the OS security system. The OS of any system tends to control major operations of the entire organization. As a result, protecting the customer and organization by first boosting the security of the OS is recommendable.

The first technical aspect will be to upgrade and implement better and secure communication methods within the bank and with the clients. Communication system that is insecure is detrimental for any organization considering that information is the greatest weapon an organization can have. Internal and external banking communication will be addressed. Secondly, the need to create a strong password strategy for the bank and the user’s systems will be crucial (Silberschatz, Gagne & Galvin, 2013).

The project will also advocate for the creation of internal awareness to threats in the bank by ensuring that internal protocols are strengthened. Creation of awareness on both employees and customers will be a boost to the security system of the bank. Most importantly, the project looks at formulating a plan to strengthen database security by integrating a safe OS security system to control internal security aspects (In Vacca, 2014).

Moreover, it will outline the creation of a secure backup plan by analysing data centre management and application of cloud computing to the Os security system to enable addressing security concerns for customers (Silberschatz, Gagne & Galvin, 2013). An upgraded security system that will utilize OS security system to enhance security by sending alarm signals to alert the customer or the bank on any probable attempts to access the user’s account or the bank’s database.

Other technical improvements will include better authentication processes. It will also outline improved authorization processes controlled by the banks database. The other aspect is resource protection by setting up a system that gives limited access to vital areas in the organization. Data and system integrity will be enhanced as well. In addition, other aspects to be addressed will include nonrepudiation and confidentiality.

Major Components to be integrated

In a bid to enhance a reliable OS security system, many major components will be integrated to make up a complete system. The first component will be the server and the second will be the database. These are the core components that are regulated by the operating system and if infiltrated or compromised, they lead to outright cyber-attacks or corruption of data by malware. Other components will involve a video surveillance system with IP cameras being installed. Intruder alarms will also be integrated in the system and linked to the IP cameras to enhance the video surveillance.

Access control forms the other OS security integrated component each subsystem will be expected to have an access control system so that any suspicious access attempt can be recorded and relayed to the alarm system and to the server. Alarms and visitor management platforms will form part of the access control. Standards and protocol control system will also be a part of the OS security integration and they will give access protocols that discourage identity theft and infiltration (In Vacca, 2014).

Boundaries of the Project (what it will not address)

The project will not consider the actual software development for OS security system but it will assume that the software is already there. It will only major on its design, planning and implementation to show how banking security can be improved. It will also not address the various types of system vulnerabilities, malware and viruses among other aspects that lead to cyber insecurity. It will just mention them briefly.

Project Plan

Work Breakdown Structure

In a bid to ensure that the scope and objectives of the project are achieved with minimal wastage of human resource and in ensuring timely delivery of the project, a Work Breakdown Structure is important.

Process Flow Diagram

System integration implementation plan

Implementation

Threat analysis

Software requirements

hardware

Project Objectives

OS Security System Development Project

Definition and scope

Design

System security

Streamline communication

Control and monitoring

Integration Components

Technical needs

Systems Integration Approach

Requirement specification

authentication

List of Resources required completing Project

The project will require IT and system installation expertise. Hardware infrastructure such as alarm systems, surveillance videos, servers, database, LAN and WAN integration components, and computer subsystems. When it comes to software requirements, cloud computing programs, and signal sensors to be integrated to the customer’s phone. Installation capital will also be needed to see the project to completion (Silberschatz, Gagne & Galvin, 2013).

For the upgrading and installation of an effective OS security to be effective, there is need to analyse software requirement specification for the project. It is the determination of what the OS security will do and its expectations to perform. Software Requirement Specification (SRS) will be used as vision tool since the security of banking security has been a global concern (In Oshana & In Kraeling, 2013). In this case, the banking OS Security system will require some performance and software requirements so that it can work effectively in protecting customer information, and possibilities of hacking.

First, the OS security system will have to route the bank’s defined internal communication systems and route them to external networks. This is a requirement that will need authentication proxy servers to be installed. The servers will be managed boundary protected interfaces. The proxy server will be designed in such a way that it hides the identity of the clients whenever they decide to make connections to the server on the outside of the bank’s networks. As a result, any hacking attempt outside of the learning IP will be prevented (Jacobs, 2014).

The other requirement will be the need to ensure that the OS security system communicates outside the communication path of the bank to prevent remote devices that can establish a non-remote connection from hacking into the bank's main server. The project will consider authentication, communication, software, hardware, and intrusion monitoring requirements needed to ensure that the OS security of the bank will be implemented effectively (In Oshana & In Kraeling, 2013).

Authentication Requirements

These refer to the strategies that the OS security system will employ in resolving such issues as expiry of inactive sessions, forgotten passwords, and account lockouts among other customer-related challenges that pose vulnerability to the bank. The system will need to determine whether someone is whom they claim to be and decide that will either deny or allow them access (Yang & Alves-Foss, 2013).

Communication Requirements

In ensuring an effective communication system, such requirements as reliable internet system will be considered. The running of a banking system must be efficient enough to make online transactions as quickly as possible while ensuring data security is maintained. For the project to be completed effectively, a proper chain of communication will be determined so that all project requirements can be communicated effectively (Yang & Alves-Foss, 2013).

The OS will, therefore, establish an internet connection that can assist the stakeholders to surf and make other online transactions. Requirements needed to make communication protocols between the bank and the client will be enabled by an effective OS security system that will ensure that no information communication platform is infiltrated. Therefore, requirements on the management of Wi-Fi and Ethernet connections will be considered so that seamless communication can occur between the bank and the client, or the client and the machine during a financial interaction (Yang & Alves-Foss, 2013).

Software Requirements

When it comes to software requirements, the OS security system will ensure that the software used is strong and efficient enough to protect the bank's database and its servers. The first thing will be to train clients and the banking staff on cybersecurity (Jacobs, 2014). The aspect of firewall protection to enable internet protection for customers will be considered. Thirdly, keeping the software up to date is an important aspect that ensures malicious attacks on the OS security system does not happen. Up--to-date browser will see to it that security is enhanced (Peltier, 2014).

Provision of antivirus for the banking software and the user machine devices is a crucial requirement. Anti-virus is meant to keep viruses that hackers put on the internet from infiltrating user and bank systems to create vulnerabilities that they can exploit (Yang & Alves-Foss, 2013). The anti-spyware software will be installed in the OS security system to ensure that malicious attempts are reported as early as the hacker tried to access the database and appropriate measures taken by the system on an automated response.

Other aspects to be considered in the OS security software include efficiency and cost. The software used must be efficient enough to handle bulky transactions and security capabilities. This is because a bank is an outright target for cybercriminals and thus vigilance if required. Secondly, the complexity of infiltration capability will be considered to measure how strong the bank's security system will be (Serpanos & Wolf, 2011). When it comes to cost, the software must be of quality performance and fair price based on its durability and efficiency in protecting organizational data and transactions.

Hardware Requirements

In hardware requirements, the project will look at enhancing security in hardware components that support the bank. First, it will look at enhancing security to its servers and database. Thirdly, external storage protection for hard disks and usage of external data storage devices will have to be regulated by both organizational staff and clients. The type of browsers that the bank will use will also be evaluated (Serpanos & Wolf, 2011).

Intrusion and Monitoring Requirements

Some of the intrusion and monitoring requirements needed for the project include database security. It will consider protecting the bank from the following threats; Trojan, worms, spyware, malware, security software that are rogue, phishing, spam, and rootkit among others (Yang & Alves-Foss, 2013). The bank's database and the way users use online transactions, and their vigilance to cybercrime will be the requirements for intrusion and data safety.

Functional Requirements