Basics of Information Security

Question: Describe about the The Basics of Information Security? Answer: Introduction There are various types of operating systems available for server or client side computing in any networked environment. Operating system at the server side is more important as the performance of the network depends on it more. Performance of the operating systems available for the server side depends on several factors. Security is an important factor among those. Security features of an operating system can be analyzed for selecting a suitable operating system. Information technology security is an important part of IT industry. One fundamental concept of IT security are unauthorized access. There should be enough measurements to prevent and monitor unauthorized access. An OS needs to have enough features that support this concept of preventing and monitoring unauthorized access and other security implementations. (Ciampa, 2011) Background Operating system security refers to ensuring security to the computing resources of a system. These computing resources are memory, CPU, applications, storage etc. along with data stored in a computer system. Any kind of unauthorized access to these resources may harm the computer system and the data stored into it. Thus, there should be enough protection for these resources. Other than unauthorized access, there may be other security considerations like virus, worms etc. Authentication, passwords etc. are some tools, techniques, procedures used for protecting a computer system from unauthorized access. Operating system is responsible to provide support for these tools and techniques or providing enough implementation of security measurements. (Jaeger, 2008) There are three information security principles, confidentiality, integrity and availability. Any information technology product or service needs to implement these three security principles. Thus server side operating systems also need to implement these features. There are various mechanisms by which the operating systems implement these security features. Authentication, password management, access control etc. are some common tools that are used to ensure the security standards. But different operating systems implement these features in different way. (Fay, 2010) In the research in this project, the different ways of implementation of the security principles in different operating systems will be discussed, compared and thoroughly analyzed. Aim The aim of this project is to discuss about the security implementations available in different server side operating systems and then carrying out a comparative analysis of those findings. Finally, it should recommend some suitable operating system based on the results of the analysis. Completion of this project will provide a detailed study of the security features available in different server side operating systems, comparison among the operating systems based on the available security measurements and implementations. Scope In this section, the in scopes and out scopes of the project have been discussed. In scope The project gives a huge scope of researching on security in operating systems. For successful completion of the project it needs significant amount of research on security in operating systems, comparison among the security features available in the operating systems, finding a suitable operating system for server side. Out scope This project will not develop any new operating system or any new security implantation for any operating system. It will not develop any policy, training materials etc. that will be used for implementing OS security at server side. Assumptions It is assumed that reader of this report is familiar with the terms, terminologies and concepts of network security, operating system etc. Thus, there will be no description of these concepts as a part of the project. There will be theoretical details of the security features, how operating systems are implementing the information security principles etc. are the key of discussions in this project. Thus there is almost no scope of simulating any server side operating systems or compare performance of the operating systems based on simulations or real life experience. If such information will be needed then that will be referenced from some previous works. The project is aimed for technical and non-technical readers both. The basic aim of this project is to provide some idea of the security features of the server side operating systems, how those are implemented etc. so that, while selecting some server side operating system, the user can take decision easily. Constraints The project has some constraints. Technologies are growing is a faster speed. Thus, new technology and updates on the security features of an operating system may be updates very soon. In that case it may make the recommendation from this project not suitable anymore. Other than security there are many other performance measurements for an OS, thus the outcome of this project may not fulfill all requirement of a common customer. There is no scope of any real life implementation of comparison of the performance measurements. The project will be based on theoretical information only. No simulation will be used. So, there are chances that there may be conflicting information or shortage of resources. Project timeline The timeline for the project will describe the activities in the project, how much time is needed for each of these activities etc. The whole lifetime has been broken down into weeks. The total duration for each activities has been counted in days. Deliverables are outcomes from each of the activity. Thus the project timeline shows details of the activities in the project, details of the project deliverables along with duration for each activity. Expected Completion Date Activity Deliverable Duration (Time Required Week 1 Selection of Project Topic Expression of interest on the selected topic. 2 day Week 2 Development of draft project plan. Initial project plan document 3 days Week 3 Development of final project plan Detailed and complete project plan 5 days Week 4 Carry on research on the selected topic Draft research report 5 days Week 5 Search for resources N/A 3 days Week 6 Outline research report N/A 1 day Week 7 Submit draft report to the supervisor Feedback from the supervisor 3 days Week 8 Modify the draft research report according to the feedbacks. Modified research report 4 days Week 9 Submission of literature review Literature review 4 days Week 10 Meeting with supervisor Feedback 1 day Develop final project report Final project report 5 days Week 11 Prepare for presentation Presentation 2 days Week 12 Submission of Project Project report, presentation 2 days Resources For successful completion of the project, it will require following resources,Computer with Internet ConnectionSoftware like Office Suite, PDF reader etc.Membership to libraryCommunication with the supervisorOptionally, access to different types of server side operating systems. Stakeholders Stakeholders are the people who are involved in the project of will be affected from the outcomes of the project. The details of the stakeholders for this project are, Stakeholder Name Role Responsibilities Project Co-coordinator Will co-ordinate the project by monitoring progress according to the schedule of the project. Project Supervisor Will guide throughout the project development life cycle, will provide feedbacks also. Project Manager Will follow the instructions from project supervisor, manage the project to be completed successfully by utilizing the resources within the available time frame. Project worker Will carry-out the project, conduct research, prepare research report. Readers Will read the report and provide feedbacks. Risk Risks are certain for any project. Thus, this project is not beyond the scopes of risks. Some risks can be avoided if proper mitigation strategy is adopted. But there are residual risks in a project and it is hard to avoid residual risks as those will happen for sure. With proper risk mitigation policy, those can be optimized. The risks and mitigation strategies of those risks, related to this project, have been discussed as, (Hopkin, 2014) Risk Mitigation Strategy Updates of the Operating systems and the security features Focus on up to date information on the operating systems and related technologies. Lack of resources Ensure availability of resources. Schedule slippage Develop schedule with enough flexibility and consider all constraints. Communication gap with the supervisor Build a communication plan and follow up that. Loss of data Keep a backup of data collected from different sources. Quality and reliability of data Always collect data from reliable sources. Plagiarism Dont copy any kind of material. Use of proper citations and references will help to avoid such issues. Scope creep Clearly identify the scopes at the very beginning. Then keep monitoring the changes in scope (if there is any). If it is some significant change then incorporate it into project plan. Justifications Any networking environment use some kind of client server architecture. Servers are important part of any network and the performance of a network depends on the server side operating system. There are various types of operating systems available to be installed on server side, for example Windows Server 2012, LINUX, UNIX etc. there are various types of LINUX and UNIX based operating systems. Each of these operating systems has different sets of features. Windows Server 2012 and other variation of this operating systems comes from Microsoft thus the security features are developed by Microsoft only. On the other hand, LINUX and UNIX based operating systems are open source. Network security is also an important part of any network. One of the biggest concerns of network security is unauthorized access to resources. As resources are accessed from servers only, so servers and server side operating systems play crucial role in networking also. (Jaeger, 2008) Today, any business is dependent on some kind of network and operating systems. So, server side operating systems are important for any industry. As there are several options available for server side operating systems, so users may get confused to select the most suitable one for their business. With growing numbers of cybercrimes, data theft, unauthorized accesses the issue has become more complex. People are giving stress on security features of server side operating systems. This topic has been selected to give focus on comparison of security features on server side operating systems. As a part of this research, server side operating systems will be studied in details along with the security features. Thus it will help to understand how information security principles are applied and implemented in server side operating systems, how those can be utilized, what are being used in industries, how operating systems have updated the security features etc. (Jaeger, 2008) References Andress, J., 2014 . The Basics of Information Security. s.l.:Syngress. Binder, J. C., 2007. Global Project Management. s.l.:Gower Publishing, Ltd.. Carroll, J., 2012. Effective Project Management in Easy Steps. s.l.:In Easy Steps. Ciampa, M., 2011. Security+ Guide to Network Security Fundamentals. s.l.:Cengage Learning. Fay, J., 2010. Contemporary Security Management. s.l.:Elsevier. Hopkin, P., 2014. Fundamentals of Risk Management. s.l.:Kogan Page Publishers. Jaeger, T., 2008. Operating System Security. s.l.:Morgan Claypool Publishers. Kloppenborg, T., 2011. Contemporary Project Management. s.l.:Cengage Learning. Meredith, J. R. Samuel J. Mantel, J., 2011. Project Management: A Managerial Approach. s.l.:John Wiley Sons. PMBOK, 2013. A Guide to the Project Management Body of Knowledge. s.l.:Project Management Institute, Incorporated. Roeder, T., 2013. Managing Project Stakeholders. s.l.:John Wiley Sons. Schwalbe, K., 2004. Information Technology Project Management. s.l.:Thomson. Shenhar, A. J. Dvir, D., 2013. Reinventing Project Management. s.l.:Harvard Business Press. Young, T. L., 2013. Successful Project Management. s.l.:Kogan Page Publishers.