Thursday, November 28, 2019
White paper on Information security systems free essay sample
Over the past decade Panther Industries has been providing banks worldwide with safe banking solutions and protection against cybercriminals. However with 128 million malware programs written each year1, banking institutions are only becoming more vulnerable to the threats of cyber-attacks. So it is no surprise that Panther Industries ââ¬â a world leader in web-banking technology has itself become a target of these emerging threats. More specifically our systems have recently faced attacks from two newer forms of security threats namely ââ¬ËMan in the browserââ¬â¢ (MITB) and ââ¬ËMan in the middleââ¬â¢ (MITB) ââ¬â two Trojan horse type programs. These two threats work by altering the confidential banking data of the users and Panther Industriesââ¬â¢ security mechanism. MITB has targeted the two most widely used browsers ââ¬â IE and Firefox by modifying their web assembly structure and stealing user information such as passwords. MITM implements a similar technique of ââ¬Ëphishingââ¬â¢ by intruding verification and redirecting bank customers to a counterfeit server which captures the sensitive information. We will write a custom essay sample on White paper on Information security systems or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page To retain clientsââ¬â¢ confidence in Panther Industries strong authentication and transaction verification techniques need to be implemented to prevent fraud and identity theft. This white paper details the nature of MITB and MITM attacks and their ability to intercept and modify an online banking transaction. As a protection against these threats this paper also offers as a solution the use of mobile phones and personal digital assistants (PDAs) as software tokens to generate unique Digital Signatures that will lend security and authenticity to browser-based transactions. With the ever-increasing advancements in next generation mobile commerce and smartphone technology, this solution is not only secure but also convenient. Another solution proposed in this paper is the creation of VPS or Virtual Private Sessions wherein the server sends a confirmation to the user which the user must approve for the transaction to be processed. 2. System Description The software architecture at Panther Industries is designed to provide stable enterprise functionality with a host interface that integrates with a back-end with in real-time. This architecture provides the convenience of defining and executing business functions through more than one customer channels. The first tier of the software architecture is the user interface which is simply the web browser such as IE or Firefox used by the bank customers to sign-in to their online banking account. Our banking clients require no special installation for this. The second tier is a PHP based secure application server that offers enterprise level application. At Panther Industries PHP and not HTML was chosen for scripting as it is the most popular web development language which is used and recommended by IBM, Oracle, HP and many other technology leaders. PHP is a simple, flexible yet powerful and accessible programming language suited for coding and executing web applications. At Panther Industries PHP has been the lead scripting language used for integrating banking functions and data from a range of existing systems and applications. The third tier consists of a database server which Panther Industries has developed per ANSI 92 industry standard to be deployed on highly scalable database engines such as Oracle and MySQL. The software platform finds three ways of deployment namely centralized, distributed (inside) and distributed (outside). In the centralized form of deployment, the central database could be accessed via a single point with the same control panel for all system administrators and bank managers. When deployed as distributed (inside), the system supports head offices as well as branches. The system administrator module, back office and the primary servers ââ¬â application server and database server are located in the head office with each branch retaining its own copy. In the database (outside) type of deployment the two primary servers are installed on the tenanted facilities and on the network of the data center which is located outside the bank. This use of this software platform at Panther Industries is two-fold. It is used by personal and corporate clients as well as the bank employees. The client registration process consists of two stages. The first stage is the preliminary registration wherein the client fills out the personal details on the registration page which generates open and private keys for further use. Upon acceptance of the bank service agreement the clientââ¬â¢s user account is made active by the administrator. From that point on, the client can access and analyze various banking documents online. All the documents and records accessed by the client are archived and business continuity is ensured as per the service agreement. The system permanently removes all of the clientââ¬â¢s financial information in case the service agreement is terminated. The other users of this are the bank employees namely the System Administrator (SA), Branch Administrator (BA), Bank Manager (BM) and Technical Administrator (TA). The SA acts as the supervisor for the system by registering all the bank employees and managing the user accounts. The control panel provides the SA with analytical and statistical reports about the bank activity. The BA administers the managers and clientsââ¬â¢ user accounts, assigns a bank manager for each account and schedules and synchronizes system operation. The BM is primarily responsible for processing clientsââ¬â¢ financial documents, check for the accuracy of clientââ¬â¢s activity and respond to client requests via mail. The TA is responsible for the overall monitoring, administrating and configuring the system. 3. System Strengths and Weaknesses 3. 1 System strengths The software architecture at Panther Industries is designed to provide stable enterprise via a robust front-end architecture and with real-time integration with back-end systems via a host interface. To proactively manage cyber-security risks Panther Industries provides its clients with the following security tools: 1. Data encryption: Latest encryption techniques such as 128-bit Secure Socket Layer (SSL) are followed to ensure a secure transmission of data. 128-bit SSL ensures that the customer is communicating with the bankââ¬â¢s website and not another computer impersonating the customer. This type of encryption also scrambles the sensitive data so that it cannot be read by hackers. At 128 bits, the data can be encrypted using 288 times the number of combinations as compared to a standard 40-bit encryption making this encryption a trillion times stronger5. Panther Industries provides the technology to our clients to offer this encryption to 99. 99% of their customers. Lastly 128-bit encryption ensures that no data was altered or tampered with during transmission. 2. Session handling: To heighten cyber-security, Panther industries also provides its clients with session handling wherein the application server creates and assigns a new and unique session id after a successful user authorization. In this technique the session identifiers ensure that can each customer is working with their own financial information. 3. Logging: Via this technique Panther Industries provides its clients an ability to log all customer and employee activity such as IP addresses, sessions etc. The log history generated via this technique provides for efficient supervisory and archival control. 3. 2 System weaknesses Despite of the strong security measures it provides, the system suffers from some weaknesses which can result in a compromise of customerââ¬â¢s financial data. More specifically the system is not secured against most recent and emerging threats as we have experienced recently ââ¬â the MITB and MITM referenced in section 1. These two forms of attacks bypass the authentication measures by installing a false sense of security. What makes these hard to detect is the fact that they use authenticated sessions to piggyback on. The authentication techniques used at Panther Industries can successfully prevent attacks wherein hackers are trying to impersonate or are trying to steal identity. But since authenticated sessions are used by hackers that deploy MITB or MITM, our authentication techniques cannot prevent these forms of attacks. Another characteristic of these attacks is that they relay legitimate verified credentials in the real-time. Since these are validated credentials, they are able to successfully fool the user-session tokens created on the server. This technique buys the hacker 30-60 seconds ââ¬â enough time to steal sensitive information such as passwords. 4. System protection options To provide our banking clients with a robust approach to tackle these emerging threats, we have outlined a few protection options in this section. 4. 1 Protection from Man-In-The-Browser attack 1. Digital signatures: To offer protection to the customers from a Man-In-The-Browser attack we need to (i) ensure the integrity of the transactional data between the bank and the customer and (ii) offer a higher degree of authentication to the transactions. So to successfully curb this form of attack we need to discontinue the use of a browser as a means to conduct transactions and even detect the variation in the transactions. This will take away the medium that hackers use to mount the attack in the first place. This can be achieved by offering digital signatures which can be used to sign digital PDF forms rather than conventional web-based HTML or PHP forms. So when the customer clicks the submit button the information travels via a PDF form which is digitally signed by him. The submitted information, therefore, is never exposed to the browser environment and therefore cannot be intercepted by the MITB technique. 2. Creation of Virtual Private Sessions: As the name suggests Virtual Private Sessions (VPS) are virtual sessions created with the end-user wherein the server alerts the user of any modifications made to a transaction. The transaction goes through only if the user approves it. The duration of such a session is very small and expires in 30 seconds, which doesnââ¬â¢t give the interceptor enough time to capture, alter or modify the data. 4. 2 Protection from Main-In-The-Middle attack To prevent the MITM attacks we propose the use of Public Key Infrastructure (PKI) technology. In this technique, a challenge protocol is used to ensure a safe and authenticated transaction between the customer and the bank portal. The challenge protocol helps the PKI to validate the website which is requesting the authentication is the bankââ¬â¢s website which issued them in the first place. This validation is done automatically and will thwart any username and password requests made via an unverified URL. 5. Risk mitigation strategies The risk management strategies to mitigate any risks that arise from the MITB and MITM attacks primarily consist of educating our client about the constantly changing landscape of the cyber-security for online banking operations and the solutions that we offer via our technology. This will help the banking institutions that use our software platform to have a clear strategy in offering their customers a safe and secure online banking experience. The checklist should include the following best practices for online banking for the bank employees to prevent fraud: (i) Most current versions of anti-virus programs as well as firewall should be installed on all computers. (ii) A designated network engineer should be tasked with the responsibility of regularly updating the bank software (iii) Disable the services and / or conduits that are not in use (iv) Provide limited access to the internet to abate the risk of connecting to a malicious website (v) Not all employees should have the ââ¬Ëadministrator privilegesââ¬â¢ on the computers. Such privileges should only be granted to system administrator or higher management. (vi) Make sure that the employees have scanned their mobile devices before connecting them to the banking software. (vii) Bank employees should make use of an email client that block the most commonly used email attachments which are used by hackers to install a malware on any computer. (viii) A reputable pop-up blocker should be installed on all computers. (ix) Internal bank documents used by employees are always the most recent and virus-free. (x) Unusually high transactions should be immediately brought to the attention of upper management. (xi) Banks should encourage their customers to check their account balance daily so that they can detect any suspicious transaction on their account at an early stage. (xii) Ensure that all bank employees have a high-level of awareness and follow good security practices overall. 6. Conclusion We need to acknowledge the sophistication of the Man-In-The-Browser (MITB) and Man-In-The-Middle (MITM) attacks that clients of Panther Industries can face. Despite the secure authentication and encryption techniques that Panther Industries has developed, these malware programs can steal identity and create a financial fraud in the banking sector by combining a Trojan horse program with phishing. To retain our clientsââ¬â¢ confidence, Panther Industries has to develop new technologies to stay a step ahead of these cyber-threats. To counter the threats presented by MITB and MITM, Panther Industries should provide its clients with multi-tier authentication and digital signature technology described in section 4. The digital signature is created by encrypting the customerââ¬â¢s private key and associating the transactional data with it. The bankââ¬â¢s system validates the same and compares it with the userââ¬â¢s decrypted public key and authorizes the transaction. All in all clients of Panther Industries stand to benefit a lot by deploying the solutions outlined in this white paper while still offering the current ease use for their customers. 7. References
Sunday, November 24, 2019
Meet the Nubian Pharaohs of Twenty-Fifth Dynasty Egypt
Meet the Nubian Pharaohs of Twenty-Fifth Dynasty Egypt By the chaoticà Third Intermediate Periodà in Egypt, which came the in the first half of the first millennium B.C., a lot of local rulers were battling it out for control of the Two Lands. But before the Assyrians and Persians made Kemet their own, there was a final resurgence of culture and classic Egyptian iconography from their neighbors to the south in Nubia, who made this spot their own. Meet the fantastic pharaohs of the Twenty-Fifth Dynasty. Enter Stage Egypt At this time, Egypts decentralized power structure allowed one powerful individual to sweep in and take control, as a Nubian king named Piye (ruled c. 747 to 716 B.C.) did. Located to the south of Egypt in modern Sudan, Nubia was intermittently ruled by Egypt over the millennia, but it was also a land full of fascinating history and culture. The Nubian kingdom of Kush was alternately centered at Napata or Meroe; both sites exhibit Nubian and Egyptian influences on their religious and funerary monuments. Just take a look at the pyramids of Meroe or the Temple of Amun at Gebel Barkal, and it was Amun who was the god of pharaohs. At a victory stele set up at Gebel Barkal, Piye portrays himself as an Egyptian pharaoh who justified his conquest by acting as a truly pious monarch whose rule was favored by the patron deity of Egypt. He slowly moved his military power northward over several decades, all while solidifying his reputation as a pious prince with the elite in the religious capital of Thebes. He encouraged his soldiers to pray to Amun on his behalf, according to the stele; Amun listened and allowed Piye to make Egypt his own by the late eighth century B.C. Unusually, once Piye conquered all of Egypt, he went home to Kush, where he died in 716 B.C. Taharqas Triumphs Piyeà was succeeded as pharaoh and king of Kush by his brother, Shabaka (ruled c. 716 to 697 B.C.). Shabaka continued his familys project of religious restoration, adding on to Amuns great temple at Karnak, as well as sanctuaries at Luxor and Medinet Habu. Perhaps his most famous legacy is the Shabaka Stone, an ancient religious text that the pious pharaoh claimed to have restored. Shabaka also re-established the ancient priesthood of Amun at Thebes, appointing his son to the position. After a brief, if unremarkable, reign by a relative named Shebitqo, Piyes son Taharqaà (ruled c. 690 to 664 B.C.)à took the throne. Taharqa embarked on a truly ambitious building program worthy of any of his New Kingdom predecessors. At Karnak, he built four majestic gatewaysà at the temples four cardinal points, along with many rows of columns and colonnades; he added to the already beautiful Gebel Barkal temple and built new sanctuaries across Kush to honor Amun. By becoming a builder-king like the great monarchs of yore (such as Amenhotep III), Taharqa both established his pharaonic credentials. Taharqa also pressed Egypts northern boundaries as his predecessors had done. He reached out to create friendly alliances with Levantine cities like Tyre and Sidon, which, in turn, provoked the rival Assyrians. In 674 B.C., the Assyrians attempted to invade Egypt, but Taharqa was able to repel them (this time); the Assyrians were successful in taking Egypt in 671 B.C. But, during this series of back-and-forth conquests and tossing out of the invaders, Taharqa died. His heir, Tanwetamani (ruled c. 664 to 656 B.C.), didnt hold out long against the Assyrians, who sacked the treasures of Amun when they captured Thebes. The Assyrians appointed puppet ruler named Psamtik I to reign over Egypt, and Tanwetamani ruled concurrently with him. The final Kushite pharaoh was at least nominally acknowledged as pharaoh until 656 B.C. when it became clear Psamtik (who later expelled his Assyrian patrons from Egypt) was in charge.
Thursday, November 21, 2019
The balance of payments is the main measure of import and exports in Essay
The balance of payments is the main measure of import and exports in the UK. For some years the balance of payment s has been in - Essay Example Additionally, an accurate balance of payment deficit must make provisions for errors and omissions to account for the missed out data. When there is a disequilibria in the balance of payments as a result of certain sections of the balance of payments being in deficit, then we can conclude that an economyââ¬â¢s balance of payments is deficit. This in most cases occurs with respect to deficits in a countries and to a smaller extent trade deficits. This is theoretically explained by the fact that for equilibrium to be reached, there must be a balance between capital/ current accounts values and the financial account. This therefore explains the UK situation is that if there is a deficit in current account then there must be a surplus on the capital/financial account (Nikolas 2010, p. 59). The ever persistent UK current account deficit can be traced to mid-1980s with a review of the current account revealing that the imports of goods and services exceed their exports. A critical revie w of the values of balance of payment account observed from the first quarter of the year 2000 to the last quarter of this year show a deteriorating current account. The study reveals a current deficit of over 12 billion pounds as at the last quarter of 2012 translating to a 3.2% of the GDP. ... This is majorly attributed to the process of de-industrialisation which accelerated in the early 1980s. A growth in consumer spending that UK been experiencing is majorly as a result of rapid increase in the imports leading to the worsening of the current account. Looking at the 1980s boom, it is evident that the fall in the rate of savings and the resulting rise in the consumer spending of the UK citizens led to the record deficit in current accounts. On the other hand, the recession experienced in 1991 which resulted to the consequent improvement in the current account improvement and subsequent falling in the spending on imports (Guillermo 1978). Another important reason that can be attributed to the deficit in balance of payments is the overvalued exchange rates. This, apart from, other countries like Spain, Greece and Portugal can be attributed to the large account deficits in the countries as it makes exports from the countries more expensive in the international markets while the imports becomes cheaper. This is a motivation to the local consumers to purchase of the imports which are relatively cheap while on the other hand making the market tougher for the exporters since it makes them uncompetitive in the market compared to exporters from other countries. With overvalued exchange rate, there are expectations of general competitiveness in amongst various firms. A decline in relative competitiveness coupled with rising costs, poor quality of goods and industrial unrests which results to difficulties in making exportations which causes deterioration of the current account of the UK (Stijn 1988). Various economists have attribute
Subscribe to:
Posts (Atom)