A risk assessment has been carried out on the Pre-payment electricity meter system Of Energy Nature Limited (ENL) Consortium. The information used for this assessment is based on the critical assets that ensure the proper functioning of the pre-payment system and how they work. This information was provided by the Network manager and Assistant Network manager through an interview. The following assets were regarded as the critical assets due to their high importance to the system: Customer Database, Servers, Ultima Management System (UMS) & Ultima Vending System (UVS) Application software. The assessment has been performed to ensure that the pre-payment system is secured and dependable, and to achieve this, the following security goals have to be achieved:
- Availability: all resources and services needed for the system to work are available at all times.
- Integrity: data is not tampered with or violated by any means.
- Confidentiality: data is protected from any kind of unauthorized usage.
- Accountability: non-repudiation by ensuring all acts carried out are traceable.
A risk model was used to assess the vulnerability and threats to the critical assets that have been identified. This was used to measure the impact of the risk on the system if they occur. Some of the risks that have been identified have high impact on the system while others have medium impact. However, recommendations have been made on how to prevent these risks. It is advised that the risks with high impact should be attended to first due to their effect on the system. In addition, suggestions have been made on, policies that should be reviewed, upgrades on the Operating Systems and the implementation of Session controls.
This risk assessment was performed in accordance with ENL Consortium who allowed a security assessment to be performed on its key assets to ensure Confidentiality, Integrity and Availability of resources required for the pre-payment system to work at all times. The purpose of this assessment is to identify vulnerabilities and threats that can occur to the key assets of the organization which include: Application software (UMS & UVS), Customer database, and Servers. This assessment will be used to identify the impact on the assets and, also recommendations on how to prevent or avoid the threats and vulnerabilities.
The following staff participated in the assessment:
- IT Manager
- Assistant IT Manager
The technique used for this risk assessment was by interviewing the participants based on how the Pre-payment system works and Policies they follow to ensure its security and dependability. The National Institute of Standard and Technology (NIST) Publication SP-800-30 (Stoneburner, Goguen & Feringa 2002) was used as a guideline for the Risk assessment (the interview questions can be found in the appendix). Other guidelines used include: (Vogel 2009, Bernard)
ENL Consortium is a company that manages Pre-payment electricity meter scheme in Abuja, Nigeria. This is in accordance with the government's decision to migrate from analog meter which used post payment billing to digital meters which is a pre-payment system. The main aim of this company is to ensure that, all customers are migrated to this scheme, have all customer information in a database, and provide means for customers to purchase their electricity by setting up various outlets in strategic locations around the state. The method of purchase is either buying directly from the outlet or purchase of a recharge card.
Since this is a digital system, there is use of Information Technology (IT) in every aspect of the system. There is a central location where application servers and database are located, all outlets connect to this location via the internet either through a Very Small Aperture Terminal (VSAT) and Radio using a Virtual Private Network (VPN). VPN uses tunnelling that ensures that packets sent across the wireless network is encrypted and encapsulated into a new packet that has a new source and destination address (gateway-to-gateway), when the data gets to the destination it is stripped off and the original data is transported to the destination address (Micheal 2007). These outlets only have workstations and applications installed in them for normal transaction and are all connected to the central location. Furthermore, customer information such as, Name, Address, type of meter (Residential of Commercial) are all stored in the database, and also, any outstanding bill from the previous analog meter in order to ensure customers pay their debt. All transactions made by customers are recorded in the database.
All the digital meters have a unique number and are configured with customer details so that customers can purchase electricity with their unique meter number. These meters are offline and cannot be accessed from the application server. In addition, they are secured from the configuration in the UMS application in a way that once a meter is configured for a particular area and tariff, it cannot be used in another area or tariff.
The Pre-payment system comprises of several components. One of the major component is the UMS Application which is client/server application developed by Conlog (www.conlog.co.za). It is used by, data entry staff to enter or edit customer information, generate reports such as customer's history, and management staffs use it to check sales reports and audits. The cashiers that sell electricity units to customers use Ultima Vending System (UVS) a client/server application also developed by conlog. The application servers are connected to the database server via an interface; this enables all information to be stored in the database. The scratch card used in purchasing electricity units is managed by a third party but also connected to the database to ensure proper record of customer transaction. Application and database servers are physically housed in the same location.
The scope of this assessment includes all the components described except the physical meters and the scratch card system which is managed by a third party. Other components included in the scope include: Operating systems, Work stations, Electricity.
The following components have been identified to be the critical assets of the pre-payment system:
- UMS & UVS SERVER APPLICATION: If the application crashes or is having problems the whole system will not work because staff will not be able to log in using the client software. Hence, all sales outlets will not be able to sell electricity units to customer and data entry staff will not be able to add or modify customer information.
- DATABASE: All information is stored in the database. If there is a problem with the application managing the database or the database becomes corrupt, there will be no access to all information. Therefore the applications will not have access to customer data and this will lead to loss of revenue and total system collapse.
- APPLICATION AND DATABASE SERVER: These servers have to be up and running at all times because they host the application software and database. Their Operating system and Hard disk are very crucial components. If any of the Servers fails, the application running will also fail and this will affect the entire system.
The figure 1below is a network diagram showing how the central location connects to one of the outlets.
The risk identification process consists of three phases:
- Vulnerability identification
- Threat identification
- Pair 1 and 2 to identify the risk
In determining risks associated with the pre-payment system, the following model for classifying risk was used.
The following factors are considered in determining the probability of a potential vulnerability to be exercised:
- The vulnerability nature.
- How capable and what motivates the threat.
- The efficiency of controls in existence.
SUMMARY AND RECOMMENDATION
The key assets of the Pre-payment system which include: UMS & UVS application software, Database and Servers has been assessed and their vulnerability and threats analysed thoroughly to avoid any form of compromise that will hinder the system from functioning. The Risk model was used to measure the impact of risk some of the vulnerability and threats can cause. From this assessment some risks have been found in the system. As a result, the following recommendations and changes are advised to be followed to ensure proper availability, confidentiality and integrity of resources needed for the Pre-payment system.
POLICIES TO ADOPT
The following policies are hereby recommended for adoption (Gregg, Kim 2005):
- System components should be examined routinely. This should be in the form of Network scans, analyses of router and switch settings, and penetration testing. These controls will help to monitor activities that are going on within the network and facilitate detection of any security violation.
- More training should be given to employees so that they can fulfil their security responsibilities.
- Servers and Workstations use screen lock system once they are not in use.
- Disable all Guest log in account for Server and Work stations.
- Ensure that security features of any component added to the network is tested, enabled and documented.
- Account Lockout: This will limit the number of failed attempts a user can make before an account is disabled temporarily. It will help control password guessing.
- Screen Saver Locks: They should be pre-configured to activate when a user is not actively using the Server or Work station
- System timeouts: A control that logs users out automatically after a certain period of inactivity. This is very useful for users who forget to log out while leaving their desk.
- Warning banners: A legal notification that helps to identify acceptable and unacceptable rules. This banner should come up while users are logging into the system.
In addition, the following Session controls should also be adopted (Gregg, Kim 2005):
The following upgrades have been recommended for the Operating system used on Servers, Workstations and the DBMS:
DBMS: the current one used is Microsoft SQL 2005. This should be upgraded to Microsoft SQL 2008 which offers the following (Microsoft ):
- Ability to encrypt the entire database using a transparent data encryption method.
- Encrypt backup to prevent tampering and ensure integrity of backed up data
- Better auditing that monitors data access
- Improved performance and data compression
- It has an improved memory management and better rendering of Server reporting services
SERVER OPERATING SYSTEM: The current OS on all servers is Window Server 2003. It should be upgraded to Window Server 2008 which offers the following (Microsoft):
- There is increase in efficiency of Server
- Reduction in power consumption with the support of Advance Configuration and Power Interface (ACPI), Processor Power management (PPM), and Power idle sleep states on multiprocessors.
- Each and every folder has a shadow copy
- Introduction of Hyper-V (V for Virtualization) on 64-bit version. This helps to reduce hardware cost by running several Virtual servers on only one physical machine
WORKSTATION OPERATING SYSTEM: The current OS on all workstation is Windows XP Service pack 2.This also, should be upgraded to Windows 7 which offers the following (Thurrott 2008):
- Bit-locker-To-Go which offers full drive encryption
- Power Configuration utility that provides reports on identified problems , settings and applications that reduce power efficiency
- Start up repair which appears automatically and fixes any problem when a workstation cannot boot properly
- A VPN reconnect feature that automatically re-establishes a lost VPN connection
- It does not have as many security exploits like Windows XP
- Bernard, R. , Ranking Critical Assets. Available at: http://www.thesecurityminute.com/ranking_critical_assets.html (Accessed: 4th April, 2010)
- Gregg, M. & Kim, D. 2005, Inside network security assessment: guarding your IT infrastructure, Sams.
- Micheal, D. 2007, "Virtual Private Networks: IPSec vs. SSL", Available at: http://www.hacker-soft.net/tools/Defense/VPN_MDaye.pdf (Accessed: 27th March, 2010)
- Microsoft a, , SQL Server 2008 Top New features. Available at: http://www.microsoft.com/sqlserver/2008/en/us/whats-new.aspx. (Accessed: 5th April, 2010)
- Microsoft b, , Why Upgrade to Windows Server 2008. Available at: http://www.microsoft.com/windowsserver2008/en/us/why-upgrade.aspx (Accessed: 5th April, 2010)
- OWASP 2009, April-last update, Password length & complexity. Available at: http://www.owasp.org/index.php/Password_length_&_complexity (Accessed: 3rd April, 2010)
- Stoneburner, G., Goguen, A. & Feringa, A. 2002, "Risk Management Guide for Information Technology Systems-NIST Special Publication 800-30", US Department of Commerce, National Institute of Standards and Technology, .[Online]. Available at: http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf (Accessed: 26th March, 2010)
- Thurrott, P. 2008, November 12-last update, Windows 7 Features Focus. Available at: http://www.winsupersite.com/win7/ff.asp (Accessed: 5th April, 2010)
- Vogel, V. 2009, July 07-last update, Risk Analysis of Critical Areas and Processes. Available at: https://wiki.internet2.edu/confluence/display/secguide/Risk+Analysis+of+Critical+Areas+and+Processes (Assessed: 26th March, 2010)