StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

EBuy Control Station - Case Study Example

Cite this document
Summary
The paper 'EBuy Control Station' focuses on a strong online platform to be able to carry out its global business successfully. The strength of the platform should be in terms of data security and the ability to serve big global traffic of customers at the same time…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.3% of users find it useful
EBuy Control Station
Read Text Preview

Extract of sample "EBuy Control Station"

Information Systems Topography Topographical Infrastructure illustration and eBuy requires astrong online platform to be able to carry out its global business successfully. The strength of the platform should be in terms of data security and the ability to serve a big global traffic of customers at the same time. The information system security is in two levels, and cloud is used at both levels (Norman, 2007). First of all, there internet services providers (ISPs) must keep secure all the data of those they secure. Everything starts at this point. The cloud service used must be an encrypted one to ensure that there are no data leakages at all. From the ISPs, there is a system of routers and switches leading to eBuy control station. The control station has servers which must be linked to the core. The core is where high speed internet is generated. The speed of the internet at the core can be as high as 100Tps. There is cloud security at the core as well, with numerous encryptions in form of complex codes and very strong passwords (Lucas, 2005). From the ISPs, there is a DDoS mitigation centre. DDoS stands for distributed denial of service, normally meant to attack the available networks. The attacked network is passed through high capacity networks with filters. The filters will help to scrub the traffic. The traffics must be identified correctly through signature comparison and also by examining its different attributes such as JavaScript footprints, IP addresses, http headers and cookie variations (Lucas, 2005). The filters should also be able to separate human traffic from traffics caused by hijacked browsers. In this front, the company must go for the latest anti-DDoS technology. There are also cloud-based providers of the DDoS mitigation (Norman, 2007). There are outer switches and inner ones. The switches are placed between Wide Area Network (WAN) routers. The switches are used together with network intrusion detectors and firewalls. The intrusion detection system (IDS) is a software application that watches over the entire network system and guards against any malicious activities. eBuy Pharmaceuticals would use a host-based intrusion detection system rather than a network-based one. The IDSes will also help to detect and deter any violations of the laid-down security policies. They record all the information related to all the malicious activities and any attempted security policy violations and send reports to the administrators at the main control station. The firewalls provide a buffer between the WAN and Local Area Network (LAN). In many cases, the WAN is more trusted than WAN. LAN is the internal network, and is always secure, whereas WAN is the internet and is always not-so secure. A system of firewalls will thus provide a barrier between secure connections and insecure ones (Bhattacharya, 2009). eBuy Pharmaceuticals will use both software firewalls and hardware appliance firewalls. The hardware-based firewalls will also act as dynamic host configuration protocol (DHCP) servers. The computers can then request networking parameters and IP addresses from the DHCP servers, instead of administrators at the main control station having to manually configure those settings. Firewalls operate according to given sets of instructions. The component acting as the intrusion detector will also ensure secure messaging and act as the web application firewall (WAF). The WAF performs functions such as applying a set of instructions and rules to HTTP conversations. The rules will cover and prevent attacks such as SQL Injections and cross site scripting (XXS). Firewalls always have configured policies. The WAF monitors and blocks any system calls, outputs and inputs that violate such configured policies (Kim & Solomon, 2012). There is also the open systems interconnection (OSI) layer which partitions the communication system into abstraction layers. Partitioning the communication system helps to standardize its functions. The WAF controls any network traffic on the OSI layers all the way to the application layer. The application layer is also an OSI layer, but the one that the end user is able to operate. It is layer 7 of the OSI layers. The inner layers include the physical layer (layer 1), data link layer (layer 2), network layer (layer 3), transport layer, and the session layer (layer 6). From the inner switch, there is an endpoint security and a demilitarized zone. The endpoint security safeguards endpoints, mobile devices and servers from attacks and threats. It involves installation of software on the endpoint devices and servers and helps to monitor their software, activities, status, authentication and authorization (Bhattacharya, 2009). The software installed for endpoint security purposes may be a host intrusion prevention system (HIPS), an antivirus or a firewall. The devices that do not meet the corporate security policies will be quarantined and denied access. eBuy Pharmaceuticals will definitely have consultants and business partners who, like clients and customers, must have a web sign-up. Whenever any of those signed up attempt to log in, the endpoint security verifies and validates their information their credentials. It also scans the devices used for any unauthorized software and checks updated virtual private networks (VPNs) as well. The network administrators will also build a demilitarized zone (DMZ) at the endpoint to separate trusted networks from untrusted ones. It keeps hackers and data thieves from the secure network zones. Once the administrators have created the DMZ, they may decide to put some proxy servers in it. The proxy servers will act on behalf of the users in requesting for services from the trusted and secure network (Kim & Solomon, 2012). What this means is that any visitors can only access services once the DMZ has obtained them from the secure network. Administrators will use firewalls to form a bridge between the DMZ and the trusted network zones. A system of routers is used in this case. There is a router that connects to the insecure network, another connecting the insecure network to the DMZ and lastly one that connects the DMZ to the firewall used to guard the secure network. Security policy eBuy Pharmaceuticals will have a set of comprehensive information system security policies. This will help to project all the data and also prescribe the extent to which some information may be made public or available for others to see. The security policies are all in compliance with the confidentiality, integrity and availability (CIA) triangle provisions. 1. The information/data security team will classify data into various categories. The categories include: Confidential- confidential data include the sensitive personal and company information that must be accorded protection from access by unauthorized users. Any unauthorized access would mean invasion of privacy, an offence punishable by the existing federal privacy laws. Internal use only- these are data that are less sensitive than the confidential data. They are meant to be used within eBuy. Exposing such data to unauthorized users can have adverse impact on the reputation of the company, personal interests or the company’s finances. They may include internal memo and other draft documents that are meant to circulate within the company premises. Public- these are data that are made available for public access. They also include data that if made available to the public, wouldn’t have any effect on the company or personal interests. 2. All the eBuy Pharmaceuticals information resources must be assigned security classification level depending on the sensitivity of the information they contain. The information resources include but are not limited to electronic databases and physical documents. 3. In a case where there is some information that has not been classified, it will automatically be treated as confidential information. 4. There shall be a data security committee that will be mandated to give information security classifications from time to time. The committee may also establish more detailed provisions concerning specific data or information resources by issuing data security directives. 5. All users, including business partners, consultants, clients and customers of eBuy Pharmaceuticals also have security responsibilities. eBuy Pharmaceuticals maintains an information security system that provides, to the technically feasible extent,: a. Secure authentication protocols that include but are not limited to: Restriction of access to active users and their accounts only A secure criterion of selecting and assigning passwords Controlling data protection passwords to make sure that such passwords are kept in formats that do not compromise the security of the data they are meant to protect b. Updated versions of the security systems software which include malware protection and other updated virus definitions. References Bhattacharya, B. (2009). Algorithms, architectures and information systems security. Hackensack, NJ: World Scientific. Kim, D., & Solomon, M. (2012). Fundamentals of information systems security. Sudbury, Mass.: Jones & Bartlett Learning. Lucas, H. (2005). The analysis, design, and implementation of information systems (3rd ed.). New York: McGraw-Hill. Norman, T. (2007). Integrated security systems design concepts, specifications, and implementation. Amsterdam: Elsevier Butterworth-Heinemann. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(EBuy Control Station Case Study Example | Topics and Well Written Essays - 1250 words, n.d.)
EBuy Control Station Case Study Example | Topics and Well Written Essays - 1250 words. https://studentshare.org/information-technology/1862232-deliverable-4-infrastructure-and-security
(EBuy Control Station Case Study Example | Topics and Well Written Essays - 1250 Words)
EBuy Control Station Case Study Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1862232-deliverable-4-infrastructure-and-security.
“EBuy Control Station Case Study Example | Topics and Well Written Essays - 1250 Words”. https://studentshare.org/information-technology/1862232-deliverable-4-infrastructure-and-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF EBuy Control Station

Excellent Example of What is Meant by Evaluation

The paper "Excellent Example of What is Meant by Evaluation" describes that evaluating right from the beginning helps in identifying the mistakes as soon as they erupt.... Instead of evaluating the whole scenario in the end, it is always better to keep evaluating things from time to time.... hellip; Of late it was experiencing certain problems due to indiscipline and unruly behavior of a few members of the club....
8 Pages (2000 words) Essay

The Internal Control Environment of the Company

In the paper “The Internal control Environment of the Company” the author identifies and explains the main sections of the annual report.... The management gives its own opinion on the company's financial positions and the factors they believe affect the company's performance....
3 Pages (750 words) Assignment

Issue with communication

Similar to Best Buy and eBay, Future Shop understands the importance of using many different social communication channels to interact with customers.... Located on the home page of the company's website are links to Facebook, Twitter, YouTube, forums, and blogs.... Also included is… To the unsuspected Internet user these pages would seem to be abandoned. Although Future Shop created its Google+ page in late 2011, they currently only have 23 followers....
5 Pages (1250 words) Essay

Technology Guide

The software offers a central place for stock control, advanced reporting on sales and product details from different channels (Intelligence Retail, 2015).... The world wide web has enabled on-line customers to view and compare prices and quality of products before purchasing them on-line (Robert, 2001)....
2 Pages (500 words) Essay

Theft of a Walking Stick Belonging to the John Lewis Partnership

Olmeda contacted his colleague in the video control room to have the camera operator focus on Mr.... The paper "Theft of a Walking Stick Belonging to the John Lewis Partnership" discusses that Mr Wearn was charged with one count of theft.... It is alleged that he stole a walking stick from John Lewis on 8 December 2010....
13 Pages (3250 words) Case Study

Business Requirements and Project Plan of eBuy Pharmaceuticals

The author of this coursework " Business Requirements and Project Plan of ebuy Pharmaceuticals" describes ebuy website and its key features.... This paper outlines the role of the scope, integration with other systems and infrastructure, levels of networking, and ebuy business plan.... nbsp;… The information system is the greatest investment because it is the biggest ebuy Pharmaceuticals employee....
7 Pages (1750 words) Coursework

Three Major Types Of Buying Situation

Check this "Three Major Types Of Buying Situation" essay.... Client direct is the evaluation of individuals, gatherings, or affiliations and the methods they use to pick, fumes, and take out things, get-togethers, reports, or considerations to satisfy their necessities and the impacts that those techniques have on the purchaser and society (Noel, 2009)....
5 Pages (1250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us