Securing Financially Sensitive Environments with OpenBSD

Humphrey, Nicholas C. P.

(2008)

Humphrey, Nicholas C. P. (2008) Securing Financially Sensitive Environments with OpenBSD.

Our Full Text Deposits

Full text access: Open

Full Text - 2.23 MB

Links to Copies of this Item Held Elsewhere


Abstract

This thesis investigates the use of a free, open source
UNIX-based operating system in providing security features
to a financially sensitive business function such as a
treasury.

We start by examining some of the main security features
(such as the pf firewall and systrace policies) which are
included with the operating system, how they work and how
such features can be used within a financial environment.
We then examine possible problems with each feature and
the introduction of such a feature into the business
environment. We also explore some of the criticism that
OpenBSD has received and additional features which could
be useful to business.

We then look at some examples of statutory and regulatory
requirements, and how OpenBSD's features may be mapped to
address such requirements. As part of this we examine how
open source software in general can be utilised and some
of the advantages and disadvantages of it against similar
commercial offerings.

We then see a case study based on a real-world treasury,
and some of the serious security concerns which are faced
by security officers responsible for such departments. We
explore how OpenBSD can be applied within an infrastructure
to provide key security services and address some of the
specific concerns raised in the treasury security
assessment.

Finally, we provide conclusions and suggestions for future
work.

Information about this Version

This is a Published version
This version's date is: 18/01/2008
This item is not peer reviewed

Link to this Version

https://repository.royalholloway.ac.uk/items/74e8b1d6-fe82-6198-cd66-284e86220e79/1/

Item TypeThesis (Masters)
TitleSecuring Financially Sensitive Environments with OpenBSD
AuthorsHumphrey, Nicholas C. P.
DepartmentsResearch Groups and Centres\Information Security\ Information Security Group

Identifiers

Deposited by () on 23-Dec-2009 in Royal Holloway Research Online.Last modified on 23-Dec-2009


Details