Embed Size (px)
Citation preview
MSIT 641 IS Security and
Assurance
Final Project Design a security plan for an individual application
I. SYSTEM OVERVIEW
I.1 ApplicationThis application is a (POS) a point of sale software ready to
be used by Wal*Mart for shoppers. As such, it requires special attention to security due to the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of the information in the application. As a system, the security issues will focus on the hardware, software, information, data, applications, communications, and people
“Electronic wallets” Status: second year of operation
I.6 roles and responsibilities of users
• Administrator: setup users account
• Managers and supervisors: Special cash functions
• Accounting personnel: Verify amount tender daily
• Technicians: Service equipment
• Sales Associates: Special usage
• CEO and CIO: Special privileges
I.8 General Description
• The function and purpose of this system is to save time in a protected data environment. To use the system, Wal*Mart customers to set up an account by scanning their fingerprint at an in-store kiosk, and entering their phone number, and then submit checking and credit card account information. To make a purchase, they place their finger on a scanner at the register, enter their phone number, and choose how they want to pay (credit, debit, or checking.)
I.9 Environment• This application will be used in a shopping and purchasing
environment. According to a 2003 Federal Trade Commission Of the nearly 10 million cases of identity theft annually, survey, 13% occurred during a purchase transaction. The “electronic wallets" software reduces the potential for fraud and identity theft, speeds up the checkout process, and most importantly, lowers transaction processing fees for retailers. But we know that bio-anything raises the question of privacy advocates, and this process is no exception. Main safety here is that the fingerprint image itself is not stored. Instead, tiny measurements from the print are encrypted and stored, making it impossible to recreate a full fingerprint. “Biometric payment” systems make conducting transactions safer for consumers. Privacy issue in the shopping area remains very critical. Pervasive usage can be alleviated by this application.
I.10 Interconnection-Information Sharing
• The system used in a retail store such as Wal*Mart will be interconnected with other software such as the accounting office, credit card company, and probably to a police security station in case of fraud. Prior to interconnection with any software, a security and data integrity meeting need to be held with the security officers of that software.
I.11 Laws and Regulations • Pay By Touch is a licensee of the TRUSTe Privacy Program. An
independent, non-profit organization whose mission is to build users’ trust and confidence in the Internet by promoting the use of fair information practices. To demonstrate its commitment to its privacy policy and laws, Pay By Touch has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.
• When we think Biometric technologies we also think threat to freedoms of individuals, as well as of data privacy. The system will be regulated by state and federal laws about finance. The bill, known as H.R. 3997 or the "Financial Data Protection Act of 2005" regulates the software. As a result of the federal Financial Services Modernization Act, banks, insurance companies, and brokerage firms are now able to affiliate with one another under one corporate roof. This law, known as Gramm-Leach-Bliley (GLB) after its sponsors, was implemented in 2001. Credit card companies, banks, insurance companies, and brokerage firms may share their respective databases with one another in a program called affiliate sharing. But they cannot sell customer data to third parties without providing an opt-out notice to their customers
I.12 Classification of Information
• The system uses three category of information.• Account and Identity information: which includes your name, address, email
address, government-issued photo ID, account information for the payment cards and checking accounts you enroll, and loyalty account information. In addition, social security number is obtained for US Check Cashing Customers as part of identity verification and to comply with check cashing regulations.Biometric information, i.e., the finger scan that you provide during the voluntary enrollment process, which assures the system that “you are you”.Transaction information generated whenever you use the Pay By Touch services.
• The information and data is critical and sensitive. For security raisons this information will be placed at different level of sensitivity, High, Medium, or Low.
• Low Sensitivity information requires a minimal amount of protection. This level includes information considered to be in the public domain.
• Medium Sensitivity includes important data that must be protected from unauthorized alteration.
• High Sensitivity information requires the greatest safeguards at the user level, i.e. proprietary information, financial data, or records subject to the Privacy Act.
II.1 Risk Assessment and Management
• The risk assessment will be conducted by the owner of the system by identifying the assets of the clients such as software, hardware, payment information, users, communication channels, by placing values on these items, high medium or low.
• The methodology will also include the threat to the system such as human errors, safeguard and controls, downtime impact and the probability to occur, and the monitoring of the system. The main element of the risk assessment will be the human error to manipulate the system.
II.2 Review of Security Controls
• As check and balance an independent security reviewer will conduct a review on the application/system every end of the year. The evaluation will include how well the sensitive data is handled
II.3 Planning for Security in the Life Cycle
For a brand new system, the security planning will addressed the Initiation, Development, Implementation, Operation and Maintenance phase.
III.1 Contingency Planning
• As contingency planning, the security will be based upon heavy data back up. Briefly describe the procedures (contingency plan) that would be followed to ensure that the application/system continues to be processed if the supporting IT application/system were unavailable. The system is back up with a non biometric system that is capable of operating for several days. The data backup procedure is done daily. To minimize this problem the employees are trained in their roles and responsibilities relative to the emergency, disaster, and contingency plans.
III.2 Data Integrity-Validation Controls
• The system need to be protected by virus detection and elimination software and automatically update virus signature files. It will also be a manual virus scans, and virus eradication and reporting resolve any discrepancies. The system will use an integrity verification programs to look for evidence of data tampering, errors, and omissions. An intrusion detection tool is installed to monitor the application/system. Tools of application/system performance monitoring are used to analyze performance logs in real time to look for availability problems, including active attacks, and application/system and network slowdowns and crashes.
Data Integrity & Security • Most of the data given to the system will be processed online, so Pay By Touch acknowledges its
responsibility to safeguard the privacy and security of the information that is entrusted to the organization. Customer will interact with Pay By Touch many time during their membership. It is important for them to know how the company may do that. The interaction will be done online, via email, or over the telephone. Customer needs to know exactly what to expect in their interactions with Pay By Touch. To recognize identity theft scams. Pay By Touch recommend to its customers avoid providing private information to unsolicited emails or telephone calls, take precautions with their computer and make sure that their are operating with the latest security patches and have anti-virus software, use of personal firewalls and anti-spyware software. For Online Web Interactions, the only site recommended is www.paybytouch.com. Pay By Touch will always require that you have a valid online ID and password to securely logon to your account before asking you to provide any personal or financial information. To help you to identify legitimate emails from Pay By Touch versus fraudulent emails, Pay By Touch uses the following safeguards:
• Pay By Touch does not include web links in our emails. • Pay By Touch will not request that you respond to our emails with your private information. • Pay By Touch will not send you a form in an email that requires you to enter private information. • If you receive an email that you suspect is fraudulent or does not conform to the safeguards
above, you may report it to Pay By Touch by forwarding it to [email protected], or contact our Customer Service representatives at 866-PAYBYTOUCH (866-729-2986). If you are contacted by telephone, you will be given the opportunity to call the corporate offices at 1-866-PAY-BY-TOUCH
• III.3 Data Integrity & Validation Controls
IV. Documentation
• Documentation includes descriptions of the hardware and software, policies, procedures, and approvals related to automated information security in the application/system. Related Documentation include
• Testing procedures and resultsRecords of verification reviews/site inspections Standard operating procedures User rules/manuals Emergency proceduresContingency plansRisk assessments
V Security Awareness and Training
• A system such as biometric payment is very new to most employees. The employees contractors and personnel will be trained in a classroom setting every month for operation, and security awareness.
VI Incident Response Capability
• All incidents are reported immediately to a technician on duty for immediate response
• According the severity of the incident the software owner is notified for intervention and decides the usage of the alternative system.
VII Audit Trails
• The system will be audited frequently and the audit trail will provide accountability showing trace of user actions, record appropriate information that can assist in intrusion detection and remediation include sufficient information to establish what events occurred and what caused them, such as, user ID associated with the event, program or command used to initiate the event. The confidentiality of the audit trail information will be protected if it records personal user information. Frequently audit trails are reviewed at administrator level.
References
• Andress Amanda, (2003), Surviving Security: How to Integrate People, Process, and Technology (1st Ed.). New York: Sams Publishing.
• Eric Greenberg, (2003): Mission-Critical Security Planner: When Hackers Won't Take No for an Answer (1st Ed) Wiley publishing, Inc Indiana, Indianapolis
• ISO 17799 Section 3.1 Information security policyISO 17799 Section 3.1.2 Review and evaluation
• http://www.securityfocus.com/columnists/169• http://www.criticalsecurity.com/FreeSecurityPlanningTemplates/
index.htm
