The Scenario
An organization is planning to use Infrastructure as a Service (IaaS) from a cloud service provider to host their web site and e-commerce applications. This will consist of an appropriate number of suitably sized Linux Virtual Servers and Virtual Storage. These servers will support the various software components including: load balancer, web server, application and database server. The cloud service provider is responsible for securing the infrastructure that supports the virtual machines, storage and network. However the tenant (i.e. the organization using the service) is responsible for securing the Operating System, and the components of their application. The task for this assignment is to secure these virtual servers.
Assignment Task
Computer security aims to ensure the confidentiality, integrity and availability of systems and information. Due to the wide-ranging environments and platforms that are in use, and the lack of security awareness by many users, security is a complex task. This has resulted in a high level of data breaches and financial loss to businesses from threats ranging from insider fraud through to organized cyber-crime.
This assignment requires you to provide security functionality for an Ubuntu operating system (OS). First, you are required to discuss appropriate tools and techniques for the provision of security for this OS. The level of security required (ensuring confidentiality, integrity and availability) is appropriate for the non-ecommerce systems in the above scenario (i.e. the servers supporting the organization's informational website). Second, you are to demonstrate the implementation of the tools and techniques identified by your research and introduced in the lab sessions to the Ubuntu 2* virtual machine (VM). Third, you will demonstrate that the levels of security required have been achieved by using employing appropriate tools and techniques to test and demonstrate the security of the Ubuntu 2 OS. Finally, you are to provide a number of recommendations to raise the level of security of this OS to meet the needs of a more secure environment for example to support the e-commerce requirements.
Details of Tasks
Part 1. Discussion of tools and techniques for securing a Linux Server.
You are required to write a report with references to papers in journals, conference proceedings, Web sites or books on securing computer systems for an SME user. This should focus on the Linux operating system and in particular Ubuntu. The level of security required is deemed to be ‘medium', i.e. the system supports the business informational website and ensures that confidentiality, integrity and availability of the OS is maintained. As a guide, an approximate word count for this section is 800 words.
Part 2. Demonstrate Securing an Ubuntu System.
Using the VirtualBox VM image Ubuntu 2*, implement the level of security as detailed in part 1. To demonstrate the tools and techniques used to make this system more secure than an ‘out-of-the-box' installation, this section should include appropriate screenshots and supporting text. As a guide, an approximate word count for this section is 500 words.
Part 3. Demonstration of security achieved.
Using tools introduced during lab sessions in this module and other appropriate techniques, demonstrate that the OS has been made more secure by undertaking part 2 above. This section should include appropriate screenshots and supporting text to support your assertions of security. As a guide, an approximate word count for this section is 500 words.
Part 4. Recommendations for making the system ‘harder'.
Recommend what tools and techniques you would employ to ‘harden' the security of the Ubuntu 2 image so that it could be used where a more secure environment is needed (for example for e-commerce). As a guide, an approximate word count for this section is 200 words and may be in bullet point style.