Oracle Financial System Project Team: Aseem Gupta Jeng Toa Lee Jun Lu Kevin Patrick Zhu Thomas Verghese Weicheng Wong Xuegong Wang ( Jeff ) Date : 26 th.

Slides:



Advertisements
Similar presentations
The System Center Family Microsoft. Mobile Device Manager 2008.
Advertisements

UT San Antonio PeopleSoft Project September 2010.
IT Governance Committee on Research Technology January 11, 2011.
Student Application System SNA Step 3 Attacker Profiles and Scenarios
1 Oracle Financial System Mary Ann Carr September 14, 2000.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
DEPARTMENT OBJECTIVES 1. To Identify and deploy information technology to meet business objective at CKPL. 2.To Provide support to users for systems usage.
Separate Domains of IT Infrastructure
MyFloridaMarketPlace Roundtable Technical/Networking Presentation March 19, :00 a.m. – noon.
Security+ Guide to Network Security Fundamentals
Chapter 12 Network Security.
IT PLANNING Enterprise Architecture (EA) & Updates to the Plan.
Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.
02/12/00 E-Business Architecture
Enterprise Architecture The Arkansas Approach. Key Areas What is enterprise architecture? Why is it important? How you can participate Current status.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
11/14 SNA Presentation 3 Survivable Network Analysis Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian.
Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3.
Extranet for Security Professionals (ESP)
Oracle Financial System Project Team: Xuegong Wang Jun Lu ZhengChun Mo Patrick Zhu Thomas Verghese Weicheng Wong Date : 14 th November, 2001 Step 3.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 12/12/2000 Physician Reminder System: Survivability Network Analysis Step 4.
SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song.
Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song.
VMware vCenter Server Module 4.
PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Web Development Process Description
1. Agenda Service Utilization Service Level Metrics Service Performance Review Incident Review Current / Future Service Plan Service Improvement Plan.

Concepts of Database Management Sixth Edition
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Republic of Albania Ministry of Finance, Treasury System AMoFTS.
Center for Planning and Information Technology T HE C ATHOLIC U NIVERSITY of A MERICA ERP Systems: Ongoing Support Challenges and Opportunities Copyright.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Chapter 6 of the Executive Guide manual Technology.
Module 11: Remote Access Fundamentals
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Information Assurance Policy Tim Shimeall
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
© 2004, The Trustees of Indiana University Kuali Project Development Methodology, Architecture, and Standards James Thomas, Kuali Project Manager Brian.
VolNet2 Bill White Network Services. September 20, 2004OIT Fall Staff Meeting Why Volnet2? Based on the Security Assessment findings Insecure protocols.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 10 Case Study: Conducting an Information Systems Audit.
EIS Progress Report Steering Committee Meeting December 3, /29/20151.
Module 1 Introduction to Designing a Microsoft® Exchange Server 2010 Deployment.
Module 10: Windows Firewall and Caching Fundamentals.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Library Online Resource Analysis (LORA) System Introduction Electronic information resources and databases have become an essential part of library collections.
Carnegie Mellon University Software Engineering Institute Lecture 3a The Survivable Network Analysis Method: Evaluating Survivability of Critical Systems.
Carnegie Mellon University Software Engineering Institute Lecture 4 The Survivable Network Analysis Method: Evaluating Survivability of Critical Systems.
SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.
1 Sean Aluoto Anthony Keeley Eric Werner. 2 Project Plan Overview Project Lifecycle model Time line Deliverables Organization plan Risk management Design.
Database Administration Advanced Database Dr. AlaaEddin Almabhouh.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Working at a Small-to-Medium Business or ISP – Chapter 8
Cisco Data Virtualization
MCSA VCE
Security Engineering.
PBA.
IS4680 Security Auditing for Compliance
Increase and Improve your PC management with Windows Intune
PLANNING A SECURE BASELINE INSTALLATION
Agenda The current Windows XP and Windows XP Desktop situation
Presentation transcript:

Oracle Financial System Project Team: Aseem Gupta Jeng Toa Lee Jun Lu Kevin Patrick Zhu Thomas Verghese Weicheng Wong Xuegong Wang ( Jeff ) Date : 26 th September, 2001

Sept 26, 2001Survivable Network Analysis2 AGENDA Project Objective Project Scope and Plan Team Charter Communication Plan System Understanding

Sept 26, 2001Survivable Network Analysis3 Project Objective Understand Survivability Risks and Strategies to improve survivability  A university-wide accounting and financial system  Services  Financial service modules  Self-service applications  Application desktop integrator (ADI)  Budget spreadsheet  Integrate feeder systems  Billing, reporting, reconciliation

Sept 26, 2001Survivable Network Analysis4 D 2.1 Developing Usage scenarios D2.2 Identifying Essential Services and Assets D2.3 Identifying essential service/ assets usage scenarios D2.4 Identifying Essential Components Identify required architecture parts Tracing Scenarios D2.5 Customer Review D 4.1 Identify Strategies for Survivability Resistance Recognition Recovery D 4.2 Develop Criteria for choice of strategy to the architecture D 4.3 Make Recommendations D4.4 Identify Next Steps D4.5 Customer Review System Understanding Define Essential Services Survivability Analysis D 1.1 Project Team Created, Team Charter D 1.2 Communication Plan D1.3 Understanding Existing System Network Topology Hardware and Software Components User Functions and Workflows Critical Services and Assets Administrative Control Domains Vendor Dependencies Connectivity with other Systems Security Components and Policies Attack and Intrusion Experience D 1.4 Project Plan Created Define Intrusion Scenarios D 3.1 Create Attacker Profiles Identify resources, time, tools, risk,access and objectives of the attackers D3.2 Develop Intrusion Scenarios Determine usage scenarios Identify compromisable components D3.3 Customer review Milestone 1 Milestone 2 Milestone 3 Milestone 4 Satyajeet Grover for any queries Milestone Chart

Sept 26, 2001Survivable Network Analysis5 Project Plan

Sept 26, 2001Survivable Network Analysis6 Team Charter

Sept 26, 2001Survivable Network Analysis7 Communication Plan

Sept 26, 2001Survivable Network Analysis8 System Understanding

Sept 26, 2001Survivable Network Analysis9 System Architecture

Sept 26, 2001Survivable Network Analysis10 System Topology Wind, ES450 2 CPUs, 1GB RAM Wind, ES450 2 CPUs, 1GB RAM Mistral, Sun E CPUs, 8GB RAM Chinook, SUN E3500 8CPUs, 8GB RAM Chinook, SUN E3500 8CPUs, 8GB RAM Ethernet Outside Firewall Testing Production Disaster Recovery

Sept 26, 2001Survivable Network Analysis11 System Transactions Transaction volume – Database grows at 2GB/month Traffic – Self-services users: around 4,000 people – Every day users: around 100 people System developer – 1 project leader – 2.5 DBAs

Sept 26, 2001Survivable Network Analysis12 All Stakeholders Module users – Super user who own a module and is responsible for it Purchasing module Accounts payable module Accounts receivable module Grants module General ledger Labor distribution module Power users – Business administrator, Government fund manager System developers – Project manager, DBAs Individual users

Sept 26, 2001Survivable Network Analysis13 System Requirements Support all major campus desktop platforms Achieve excellent performance on all platforms Implement a “thin client” Minimize software installation, distribution and maintenance Leverage existing infrastructure Mitigate any/all security risks

Sept 26, 2001Survivable Network Analysis14 Security/Survivability Strategies Signed Java Applet RSA RC4 40-bit standard from of encryption Secure Socket Layer Kerberos-based authentication IP filtering Firewall Disaster Recovery

Sept 26, 2001Survivable Network Analysis15 Disaster Recovery Backup - The production system shut down at 4am for hours - Flush over to the Recovery system every minutes - The disaster recovery system also keeps 1 day and 5 minute transactions Survivability risks – If the production system is down, it takes 2 hours to fill over – Minor system upgrade takes 6 months Ever attacked? – Nobody intruded or found intruded. – The system was down twice due to the hardware failure. The longest was half a day.

Sept 26, 2001Survivable Network Analysis16 Security Policies Badge: to access the system machines Andrew ID: to log into the first system Application Password: to launch the applications IP address filtering Module owners have different access right based on the properties of their modules DBAs have limited access right to the production system

Sept 26, 2001Survivable Network Analysis17 Next Steps Identify Intruder Profiles Identify Intrusion Scenarios

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.