Sec571 Weaknesses

Aircraft Solutions: Security Assessment & Recommendations

Submitted to: John Michalek

SE571 - Principles of Information Security and Privacy

Keller Graduate School of Management

Submitted: August 26, 2013

Table of Contents

Executive Summary….…………………….…………………………………………….1

Company Overview………………….……………………………………………….….1

Security Vulnerabilities………..………………...………………………………………2

A Hardware Example………………………………...……………………………………2

A Policy Example…………….……………………………………………………………3

References…………………...……………………………………………………………4

Executive Summary

As specified in the Course Project template, this section will be finished upon the project’s completion.

Company Overview

Aircraft Solutions (AS) is a global leader in the design, fabrication and delivery of products and services to many top American industries such as electronics, defense and aerospace. With headquarters in San Diego, California, it has locations that span both San Diego and Orange counties. Aircraft Solutions is comprised of a highly-skilled workforce of design engineers, computer programmers, machinists, and assembly line personnel in addition to its highly-automated production systems. Founded at the turn of the 20th Century, Aircraft Solutions is a company long on tradition with a sharp focus on the future.

Two Security Vulnerabilities

Hardware Vulnerability

The most glaring security vulnerability for Aircraft Solutions is the lack of a Firewall and Server between the Commercial Division located in Chula Vista and the Internet. The principal risk that this presents is that external attackers could enter the company’s network through the front door as opposed to having to clandestinely break through barriers to get in through the backdoor. In addition, this omission means that many of the benefits of the Access Control Systems protocols – Authentication, Authorization and Accounting (AAA) – cannot be...