Aircraft Solution Se571 Course Project

Only available on StudyMode
  • Download(s) : 1191
  • Published : October 7, 2012
Open Document
Text Preview
AIRCRAFT SOLUTIONS

Sumanth Bobba
D03558118
SE571
TABLE OF CONTENTS
1. Introduction3
2. Company Overview3
3. Security Weakness3
a. Hardware Vulnerabilities3
b. Software Vulnerabilities5
4. Recommended Solutions7
a. Hardware7
i. Impact on business8
b. Software9
i. Impact on business10
5. Summary10
6. References11

Introduction
This report is prepared to assist the aircraft solutions (AS), a well-known company for equipment and component fabrication in Southern California, in identifying the most important security vulnerabilities. This report also discusses possible threats, the likelihood of the threats occurring and the threat if exposed in two remarkable areas. Aircraft Solutions maintains a large capacity plant, trained workforce, large variety of equipment, design modules and solution database provided to multiple industries. These companies include aerospace, electronics and defense sectors. In this report I will focus on the vulnerabilities present in the existing system of Aircraft Solutions and its operations. Company Overview

Aircraft Solutions, with its headquarters in San Diego, California develop and fabricate products and services for different companies. It has two divisions, commercial and the defense. The commercial division is in Chula Vista, CA and the defense division is in Santa Ana, CA. They offer designs at low cost and computer aided modeling packages. They also provide lifecycle of the product being manufactured. Security Weakness

In the two key areas targeted, I will discuss here about the vulnerabilities in hardware and the software. Hardware Vulnerabilities
In my security assessment on the hardware of AS, it has been identified that it’s hardware system could be a potential security weakness and cause a threat in the near future. Their system has; 1. Five individual servers

2. A switch
3. Two routers
4. A firewall
In this hardware design, there are two main problems.
1. Lack of adequate protection between its commercial division and the rest because of the absence of an extra firewall. 2. DD Santa Ana has direct access without firewall authentication to AS’s network. Firstly, lack of protection between its commercial business division and the rest leads to the exposure of the uncertainties of the internet. Lack of firewall in this case is leaving the clients confidential information, statistics, budgets, deadlines, contracts, employee information, strategies, deals open and exposed. This is an open exposure due to the uncertainties of the internet. Any automated attacks or personal attack or attack to exploit the company secrets/statistics/data is the biggest threat to occur without the firewall. If this threat becomes real, the company’s data is lost or hijacked, client orders are stolen, budget scheduling and their deposit sections are exposed, fund transfers get out of hands and creates devastation in the company and its clients. Its formulas, designs and methodologies are exposed and might be sold to the rivals, thereby the company losing its competitive edge. This might even lead to the closure of the company. To avoid this, firewalls should be established in such a way that, they support network address translation. Through this the internal internet uses private IP addresses to share information with public and the public can find the IP addresses static which avoids the tampering of data. Secondly, “An invisible security weakness is lurking in most corporate networks in the form of millions of lines of code that represent the configuration scripts for all the devices on the network.”(http://www.cio.com/article/494522/Hidden_Threat_on_Corporate_Nets_Misconfigured_Gear). In the network security diagram I find the main problem is that the firewall is established between the AS main router to router DD. This makes DD Santa Ana access AS...
tracking img