Abstract
This thesis investigates the use of a free, open source<br />
UNIX-based operating system in providing security features<br />
to a financially sensitive business function such as a <br />
treasury.<br />
<br />
We start by examining some of the main security features<br />
(such as the pf firewall and systrace policies) which are <br />
included with the operating system, how they work and how <br />
such features can be used within a financial environment. <br />
We then examine possible problems with each feature and <br />
the introduction of such a feature into the business <br />
environment. We also explore some of the criticism that<br />
OpenBSD has received and additional features which could<br />
be useful to business.<br />
<br />
We then look at some examples of statutory and regulatory<br />
requirements, and how OpenBSD's features may be mapped to<br />
address such requirements. As part of this we examine how<br />
open source software in general can be utilised and some<br />
of the advantages and disadvantages of it against similar<br />
commercial offerings.<br />
<br />
We then see a case study based on a real-world treasury,<br />
and some of the serious security concerns which are faced<br />
by security officers responsible for such departments. We<br />
explore how OpenBSD can be applied within an infrastructure<br />
to provide key security services and address some of the <br />
specific concerns raised in the treasury security <br />
assessment.<br />
<br />
Finally, we provide conclusions and suggestions for future<br />
work.
Original language | English |
---|---|
Publication status | Published - 18 Jan 2008 |