Electronic Business: Concepts, Methodologies, Tools, and Applications (4-Volumes) P221 pptx

As illustrated in Figure 3, this security blue-print consists of four security control layers, start-ing from physical access, network communication, operating system, to application.. A

and good functionality can be provided at the same

time A secure e-business environment must also

be resilient and scalable

This section will develop a security blueprint

for an e-business environment based on a

three-tiered e-business architecture and major

compo-nents described in the previous section

Security Blueprint Overview

This security blueprint emulates as closely as

possible the functional requirements of the

typical e-business environment discussed in the

previous section, which can help people to build

or maintain a secure e-business environment for

e-business applications

As illustrated in Figure 3, this security

blue-print consists of four security control layers,

start-ing from physical access, network communication,

operating system, to application As part of this

security blueprint, to maintain a secure e-business

environment, the major security management

processes included and staged are planning,

de-ployment, administration, and auditing

Security Control Layers

As part of the security blueprint for e-business environment, the security control layers cover all PDMRUFRPSRQHQWVLGHQWL¿HGLQDW\SLFDOWKUHH tiered e-business environment, including physi-cal access, network communication, operating system, and application layer

Physical Access Layer

The security control for physical access is an extremely important part of keeping all sensi-tive devices and data secure in an e-business environment In the typical e-business environ-ment discussed previously, all components of the business logic layer and data layer are considered

as critical devices from a security perspective, as illustrated in the Table 1 It is necessary to put all critical devices into a separate space (data center, computer room, and even server racks) and main-tain very strict control over who can enter it, then use card key or keypad systems, log books, and human security to limit unauthorized access

Figure 3 Security blueprint overview

Network Communication Layer

The corporate network and the Internet are the

major components that fall into this layer, as

il-lustrated in Table 1 These components perform

VSHFL¿FUROHVLQDQHEXVLQHVVHQYLURQPHQWDQG

WKXV WKH\ KDYH VSHFL¿F VHFXULW\ UHTXLUHPHQWV

1HWZRUN DWWDFNV DUH DPRQJ WKH PRVW GLI¿FXOW

attacks to deal with because they typically take

advantage of an intrinsic characteristic of the

way the corporate network operates Hence, most

security technologies are applied at this layer to

DQDO\]HWKHQHWZRUNWUDI¿FDQGHOLPLQDWHPDOL-cious threats, including router access control,

VZLWFKDFFHVVFRQWURO¿UHZDOOLQWUXVLRQGHWHFWLRQ

system, virus detection system, virtual private

network, and secure sockets layer

Operating System Layer

As the most likely target during an attack, the

operating system layer presents some of the most

GLI¿FXOWFKDOOHQJHVLQDQHEXVLQHVVHQYLURQPHQW

from a security perspective In a typical

e-busi-ness environment, the major components, such as

the Web browser, Web server, application server,

database server, and AAA/directory service, are

all running on top of various operating systems like Unix, Linux, Windows, and the like, as il-lustrated in the Table 1

Meanwhile, for various reasons, these operat-ing systems provide strong functionality to support different application services while numerous system holes or bugs remain Because of this vulnerability, operating systems are the most frequently attacked components in an e-business environment

To secure these operating systems, careful attention must be paid to each of the components

in the e-business environment Here are two im-portant guidelines to reinforce operating system layer: (1) keep any operating system up-to-date ZLWKWKHODWHVWSDWFKHV¿[HVDQGVRIRUWKDQG (2) lock down any operating system by disabling unwanted service

Application Layer

Most components of a typical e-business envi-ronment, such as a Web browser, Web server, application server, database server, and AAA/di-rectory service, fall into this layer, as illustrated

in the Table 1

Table 1 Major components in security control layers

Components

Layers

Web Browser

Web Server

Application Server

Database Server

AAA/

Directory Service

Corporate Network Internet Physical Access

Network

Communication

Layer

Operating System

As we know, applications are coded by

hu-man beings (mostly) and, as such, are subject to

numerous errors These errors can be benign (e.g.,

an error that causes a document to print

incor-rectly) or malignant (e.g., an error that makes the

credit card numbers on a database server

avail-able via an anonymous FTP) It is the malignant

problems, as well as other more general security

vulnerabilities, that need careful attention Similar

to the operating system layer, care needs to be

taken to ensure that all applications within an

e-business environment are up-to-date with the

ODWHVWVHFXULW\¿[HV

Management Process Stages

To maintain a secure e-business environment,

numerous security management processes of the

daily operations of e-businesses are involved As

part of the security blueprint for an e-business

en-vironment, the management processes have been

organized into four stages, planning, deployment,

administration, and auditing

Planning Stage

The most important stage of security management

is planning It is not possible to plan for security,

unless a full risk assessment has been performed

Security planning involves three processes: asset

LGHQWL¿FDWLRQ, risk assessment, and action

plan-ning, as illustrated in Figure 4

$VVHWLGHQWL¿FDWLRQLVXVHGWRLGHQWLI\DOOWKH

targets of the actual e-business environment Risk

assessment is used to analyze the risks for each

asset and determine the category of the cause of

the risk (natural disaster risk, intentional risk,

or unintentional risk) Action planning is used

to describe the security guidelines and present a

security architecture using the enabling security

technologies

Deployment Stage

The deployment stage is relatively simpler than the planning stage At this stage, the action plan developed at planning stage will be implemented accordingly This stage includes three key

pro-cesses: installation, FRQ¿JXUDWLRQ, and testing, as

illustrated in Figure 5

Administration Stage

$IWHUWKHGHSOR\PHQWVWDJHD³VHFXUH´HEXVLQHVV environment has been built However, it is not really secure without a proper security admin-istration This is true because most assets need

to be maintained daily to ensure that they have

no proven vulnerabilities In addition, security V\VWHPV VXFKDV ¿UHZDOO ,'6 DQWLYLUXV NHHS generating alerts, events, and logs that require adminito strators take necessary actions The administration layer consists of four

ma-jor processes, including daily monitoring, online

blocking, log analysis, and periodic reporting, as

illustrated in Figure 6 These processes are not only applied to security systems, but also to other assets in the actual e-business environment

Auditing Stage

The auditing stage provides the formal exami-nation and review of the established e-business environment This layer contains two major

processes, periodic auditing and audit reporting,

as illustrated in Figure 7 These processes can

be carried on by either internal staff or external parties In an e-business environment, an annual security audit conducted by external party is recommended

CASE STUDY

Company XYZ, with its operational headquarters

LQ6LQJDSRUHDQGEUDQFKRI¿FHVLQWKH86-D-pan, India, Thailand, Malaysia, and Hong Kong,

is a telecommunications service provider that

provides end-to-end networking and managed

services to multinational corporations (MNC)

and small and medium enterprises (SME) across

Asia

The company has points-of-presence (POP)

located in 17 cities across 14 countries Technical

support is available 24 hours a day and 7 days a

week The company has built an Internet data

center (iDC) in Singapore to provide e-business

hosting services as part of its managed services

Of course, its own e-business applications, such

as customer portal system, billing system, and

trouble ticketing system, are running on this

iDC as well

This section will discuss the applicability of the developed security blueprint using the Singapore-based MNC company as a case study

Figure 4 Processes at the planning stage Figure 5 Processes at the deployment stage

Figure 6 Processes at the administration stage Figure 7 Processes at the auditing stage

Established E-Business

Environment

$Q ,QWHUQHW GDWD FHQWHU LV GH¿QHG DV D VHUYLFH

provider offering server outsourcing, hosting, and

collocation services, as well as IP and broadband

connectivity, virtual private networks (VPNs), and

other network and transport services It needs to

be physically secure against physical intrusions

DQGHTXLSSHGZLWK¿UHVXSSUHVVLRQXQLQWHUUXSWHG

power supply, and disaster recovery systems

As a telcom provider and managed services

provider, the company’s iDC has a complex

architecture and multiple functions However, the authors just intend to discuss the environ-ment related to e-business hosting service in this FKDSWHU7KHVLPSOL¿HGHEXVLQHVVHQYLURQPHQW

is shown in Figure 8 This established e-business environment is mainly made up of core routers (two Cisco 7513 routers), distribution switches WZR &LVFR &DWDO\VW  VZLWFKHV ¿UHZDOOV access switches, and other necessary devices All WKRVH FULWLFDO GHYLFHV DUH FRQ¿JXUHG DV GXSOH[

to provide redundancy to ensure the continuous operations of e-business applications

Figure 8 A case study for security blueprint

The corporate LAN of this company is

con-nected into distribution switches, thus allowing

internal staff to access the company’s e-business

applications such as the customer portal, billing

system, and trouble ticketing system for daily jobs

Putting these e-business applications into iDC

will take advantage of the established e-business

environment while saving money on the security

protection for the corporate network

Security Control Analysis

Applying security control to the e-business

envi-ronment is critical for building a trust relationship

between e-business owners and the company

Physical Access Layer

In order to prevent unauthorized people from

getting into the company’s iDC, which keeps

all the network devices, application servers and

important data, the company has implemented

very strict physical access control systems,

in-cluding biometrics HandKey II system, access

card control system, lifetime CCTV recorder

system, multi-level password restriction,

central-ized UPS system, and standby power generator

Besides these systems, the iDC is also monitored

by on-shift engineers all the time In addition, all

equipment (network devices and hosts) are put into

server racks and locked, while all network cables

DUHSXWXQGHUWKHÀRDWLQJÀRRURUZLWKLQVHUYHU

racks Authorized personnel must sign in and out

at memo books to obtain the rack keys

Additionally, to protect the data backup against

¿UHWKHIWDQGRWKHUQDWXUDOULVNVWKHFRPSDQ\

has an agreement with another managed service

provider for off-site backup, which allows both

companies to store data backup media for each

other The data backup media will be duplicated

monthly

Network Communication Layer

As most attacks come from the Internet and corporate network, the company has employed industry-standard security systems in place to eliminate risks at the network communication OD\HU 7KHVH LQFOXGH ¿UHZDOO FOXVWHU JDWHZD\

antivirus cluster, intrusion detection system (IDS),

AAA system, reverse Telnet access, and VPN access In addition to the security systems, all network devices including routers and switches

are locked down, and access control list (ACL)

is applied for better security control

All network devices and hosts are also

con-¿JXUHG WR VHQG simple network management

protocol (SNMP) traps and logs to HP OpenView

and NetCool systems for monitoring purpose HP OpenView shows a graphic diagram of the health status of the e-business environment, while Net-Cool collects all logs and SNMP traps from net-work devices and hosts On-shift engineers keep monitoring this information to ensure the network health and security protection is in place

Operating System Layer

The company uses various operating systems to implement its services, such as SUN Solaris,

HP-UX, and Windows NT/2000 As required by the corporate security policy, all operating systems must be hardened and kept updated with the latest security patches from their manufacturers

Application Layer

The security control for this layer is mainly to keep security patches and service packs for com-mercial applications up-to-date (for example, CheckPoint Firewall-1 service pack 6, Radiator RADIUS patches, virus pattern for TrendMicro InterScan Viruswall, attack signature for RealSe-cure IDS, etc.)

For customized e-business applications, such

as a customer portal system, billing system, and

trouble ticketing system, the software

develop-ment team is responsible to review program

logics and coding to avoid any system holes and

backdoors

Management Processes Analysis

In addition to the four layers of security control

im-plemented at iDC, the company has also installed

security management processes to continuously

maintain a secure e-business environment A

secu-rity team has been formed by the engineers from

different departments (IT, network operations,

network planning, and software development) and

is led by a security specialist who reports directly

to the FKLHIWHFKQRORJ\RI¿FHU (CTO)

This section discusses the related security

management processes in the established

e-busi-ness environment using a real e-busie-busi-ness

appli-cation — a Web-based trouble ticketing system

(TTS)

The TTS enables customers to report fault

and check status online, and allows engineers

to enter the troubleshooting progress and sales

to understand the troubleshooting procedure

It couples with the customer portal and billing

system to provide a single-point solution to

cor-porate customers The TTS consists of one Web

server, one application server, and one database

server Both the Web server and the application

server are running at one physical server box,

while the database server is running at another

server box

Planning Stage

Three processes are executed at this stage,

in-FOXGLQJDVVHWLGHQWL¿FDWLRQULVNDVVHVVPHQWDQG

action planning

:KHQUXQQLQJWKHDVVHWLGHQWL¿FDWLRQSURFHVV

WKH PDMRU DVVHWV IRU 776 ZLOO EH LGHQWL¿HG DV

follows: Web and application server, database server, and TTS data

Following the risk assessment process, the PDMRUULVNVWRWKRVHLGHQWL¿HGDVVHWVDUHOLVWHGDV follows: physical attack to the server boxes and network devices; network attack to the operating systems, Web server, application server, database server, and TTS application; and attack or damage

to the TTS data either physical or remotely Once the above asset and risks have been LGHQWL¿HGWKHIROORZLQJDFWLRQVDUHGHYHORSHGWR eliminate those risks to the assets: (1) physically locate those server boxes and network devices into iDC and lock them to server racks; (2) deploy the Web and application server boxes according to the GDWDEDVHVHJPHQWXWLOL]HWKH¿UHZDOOFOXVWHU WREORFNPRVWUHPRWHDWWDFNVZLWKFHUWDLQ¿UHZDOO policies; (4) utilize each IDS sensor located at distribution switches to monitor potential attacks and intruders; (5) utilize the gateway antivirus cluster to scan and clean viruses contained in +773WUDI¿FORFNGRZQWKHRSHUDWLQJV\VWHP for Web and application server boxes and allow only Web and application services to run; (7) lock down the operating system for the database server boxes and allow only database services to run; (8) examine the TTS program code to prevent any system holes and back doors

Deployment Stage

Following the action planning, the installation process will be carried out to setup physically all server boxes and access switches if any, and install the operation system and software such

as Web server, application server, oracle server, DQG776DSSOLFDWLRQ7KHFRQ¿JXUDWLRQSURFHVV will go through the lock-down procedures for operation system and application software, and tunes up parameters for better performance 6RPHWLPHV VLQFH PLVFRQ¿JXUDWLRQ PD\ FDXVH more risks and even bring the server down and crash application services, the testing process will

ensure that deployment is in compliance with the

action plan

Administration Stage

The security team coupled with the on-shift

opera-WLRQWHDPFDUULHVRXWDOOSURFHVVHVGH¿QHGDWWKLV

stage at any time Daily monitoring includes the

following tasks: network diagram view from HP

2SHQ9LHZ6103WUDSVIURP1HW&RRO¿UHZDOO

console, IDS console, antivirus console, and

syslog window

Online blocking will be carried out once a

re-PRWHDWWDFNKDVEHHQLGHQWL¿HG7KHVHFXULW\WHDP

will do the log analysis every day and generate

security reports every week and every month

Auditing Stage

The security team will carry out an internal audit

every half year to determine the effectiveness

of existing security controls, watch for system

misuse or abuse by users, verify compliance

with corporate security policies, validate that

documented procedures are followed, and so

on An audit report will be generated after the

auditing and given to management for review

and further action

&RVW%HQH¿W$QDO\VLV

The cost of building a secure e-business environ-ment involves not only the one-time hardware/ software/project expenses but also the recurring cost for users, operations, and ongoing changes For the company’s established e-business environ-ment, the cost analysis can be done via four areas, including iDC features, security systems, network and communications, and maintenance staff 7KHSK\VLFDOFRQVWUXFWLRQLQFOXGLQJDÀRDWLQJ ÀRRU&&79FDPHUDV\VWHPELRPHWULFVKDQGNH\ system, server racks, UPS, and power generator, together form the iDC features

6HFXULW\V\VWHPVFRQVLVWRIWKH¿UHZDOOFOXV-ter, gateway antivirus clus6HFXULW\V\VWHPVFRQVLVWRIWKH¿UHZDOOFOXV-ter, IDS console and sensors, Cisco VPN concentrator, and various monitoring and logging systems

Network and communication cost refers

to the expense of the Cisco router 7513, Cisco switch 6509, network cabling, Internet bandwidth subscription, and access switches for individual QHWZRUNVHJPHQWVEHKLQGWKH¿UHZDOOFOXVWHU Maintenance staff means internal skilled manpower needed to maintain this established HEXVLQHVVHQYLURQPHQWIRUIXO¿OOLQJRSHUDWLRQ and security requirements This mainly refers to

Cost (SG$)

Acquisition &

implementation Operation

Ongoing Changes &

Growth

Total % of Total

Network &

Table 2 Cost analysis for e-business environment

the company’s security team and on-shift

opera-tion engineer team

In this study, the acquisition and

implementa-tion cost is a one-time charge and takes a very

huge percentage (65%), while expenses for

opera-tion costs and ongoing changes and growth are

estimated on an annual basis, assuming there

are no big changes required on the e-business

environment Table 2 shows the summarized

implementation cost and other estimated costs

Although the cost may be high to SMEs, it is

indeed cost-effective for large organizations and

HEXVLQHVV SURYLGHUV GXH WR WKH JUHDW EHQH¿WV

obtained from the secure e-business environment

7KHVHEHQH¿WVLQFOXGHVKDUHGEDQGZLGWKVKDUHG

security protection, scalability, reliability, and

total ownership cost saving

CONCLUSION

Building a secure e-business environment is very

critical to e-business applications The chapter

develops a security blueprint for an e-business

environment based on the analysis of a three-tiered

architecture and provides general best practices

for companies to secure their e-business

environ-ments Also discussed is the applicability of this

security blueprint based on the case study of a

Singapore-based MNC This case study shows

that the security blueprint for e-business

environ-ment is suitable and cost-effective in particular

for large companies like multi-national

corpora-tions (MNC)

REFERENCES

Agre, P E., & Rotenberg, M (1997) Technology

and privacy: The new landscape Cambridge,

MA: MIT Press

Bingi, P., Mir, A., & Khamalah, J (2000) The

challenges facing global e-commerce Information

Systems Management, 17(4), 26-34.

Clarke, R (1999) (OHFWURQLFFRPPHUFHGH¿QLWLRQ.

Retrieved July 30, 2004, from http://www.anu.edu au/people/Roger.Clarke/EC/ECDefns.html Gartner Group (2002) Retrieved May 20, 2003, from http://www.zeroknowledge.com/business/ default.asp

Lichtenstein, S., & Swatman, P M C (2001, June 25-26) Effective management and policy

in e-business security In B O’Keefe, C Loeb-becke, J Gricar, A Pucihar, & G Lenart (Eds.),

Proceedings of Fourteenth International Bled Electronic Commerce Conference, Bled, Slovenia

Kranj: Moderna organizacija

Siau, K., & Davis, S (2000) Electronic business curriculum-evolution and revolution @ the speed

of innovation Journal of Informatics Education

& Research, 2(1), 21-28.

This work was previously published in Enterprise Information Systems Assurance and Systems Security: Managerial and Technical Issues, edited by M Warkentin, pp 80-94, copyright 2006 by IGI Publishing (an imprint of IGI Global).

Chapter 7.12

A Model of Information Security

Governance for E-Business

Dieter Fink

Edith Cowan University, Australia

Tobias Huegle

Edith Cowan University, Australia

Martin Dortschy

Institute of Electronic Business—University of Arts, Germany

ABSTRACT

7KLV FKDSWHU LGHQWL¿HV YDULRXV OHYHOV RI

JRYHU-nance followed by a focus on the role of

informa-tion technology (IT) governance with reference

to information security for today’s electronic

business (e-business) environment It outlines

levels of enterprise, corporate, and business

governance in relation to IT governance before

integrating the latter with e-business security

management E-business has made organisations

even more reliant on the application of IT while

exploiting its capabilities for generating business

advantages The emergence of and dependence on

new technologies, like the Internet, have increased

exposure of businesses to technology-originated

threats and have created new requirements for

security management and governance Previous IT

governance frameworks, such as those provided by the IT Governance Institute, Standards Australia, and The National Cyber Security Partnership, have not given the connection between IT governance DQGHEXVLQHVVVHFXULW\VXI¿FLHQWDWWHQWLRQ7KH proposed model achieves the necessary integration through risk management in which the tensions between threat reduction and value generation activities have to be balanced

INTRODUCTION

Governance has gained increasing attention in recent years, primarily due to the failures of well-known corporations such as Enron® The expectations for improved corporate governance have become very noticeable, especially in the

collocation services, as well as IP and broadband

connectivity, virtual private networks (VPNs), and

other network and transport services... enables customers to report fault

and check status online, and allows engineers

to enter the troubleshooting progress and sales

to understand the troubleshooting procedure

It... attacks and intruders; (5) utilize the gateway antivirus cluster to scan and clean viruses contained in +773WUDI¿FORFNGRZQWKHRSHUDWLQJV\VWHP for Web and application server boxes and allow