AMITY UNIVERSITY PROJECT REPORT SAMPLE ON IT/CS


TITLE OF THE PROJECT

“STUDY ON ISSUES & CHALLENGES OF INTERNET SECURITY AT ERICSSON GLOBAL”

 

 

 


CERTIFICATE

 

I, ………………… certify that the Project Report entitled “STUDY ON ISSUES & CHALLENGES OF INTERNET SECURITY AT ERICSSON GLOBAL” is an Original one and has not been submitted earlier either to AMITY UNIVERSITY, New Delhi or to any other institution for fulfillment of the requirement of a course of Management Programme (MBA).

 

ACKNOWLEDGEMENT

With Candor and Pleasure I take opportunity to express my sincere thanks and obligation to my esteemed guide ……………………….  It is because of his indispensable and mature guidance and co-operation without which it would not have been possible for me to complete my project.

 

Finally, I gratefully acknowledge the support, encouragement & patience of my family, and as always, nothing in my life would be possible without God, Thank You!

 

NAME:

ENROLLMENT NO.:

 

 

 

 

DECLARATION

 

I hereby declare that this project work titled “STUDY ON ISSUES & CHALLENGES OF INTERNET SECURITY AT ERICSSON GLOBAL”  is my original work and no part of it has been submitted for any other degree purpose or published in any other from till date.

 

NAME:

ENROLLMENT NO.:

 

TABLE OF CONTENTS

 

  1. NO. CONTENTS                                                   
  CERTIFICATE 2
  ACKNOWLEDGEMENTS 3
  DECLARATION 4
1 CHAPTER 7-37
  INTRODUCTION TO THE STUDY  
2 CHAPTER 38-61
  REVIEW OF LITERATURE  
3 CHAPTER 62
  OJECTIVE AND SCOPE OF THE STUDY  
4 CHAPTER 63-64
  RESEARCH METHODOLOGY  
5 CHAPTER-5 65-79
  DATA  ANALYSIS AND INTERPRETATION  
6 CHAPTER-6 80-81
  FINDING  
7 CHAPTER-7 82-85
  CONCLUSION AND LIMITATIONS  
9 REFERENCES 86

 

10 QUESTIONNAIRE 87-90

 


 TITLE OF THE PROJECT

“STUDY ON ISSUES & CHALLENGES OF INTERNET SECURITY AT ERICSSON GLOBAL”

 

CHAPTER – 1

 

INTRODUCTION TO  THE STUDY

Internet security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level as it applies to other applications or operating systems on a whole. Its objective is to establish rules and measures to use against attacks over the Internet.


 

COMPANY OVERVIEW:

Ericsson is a world-leading provider of telecommunications equipment and services to mobile and fixed network operators. Over 1,000 networks in more than 180 countries use our network equipment, and more than 40 percent of the world’s mobile traffic passes through Ericsson networks.

About the competition

The Ericsson Application Awards is a global app competition with two main categories: one for students and one for companies. A jury will select the best apps that address the theme of Apps for Working Life in each of the categories above.

Ericsson
Parent Company Ericsson Group
Category Telecommunications Equipment
Sector MobileProducts
Tagline/ Slogan A world of communication
USP A market, technology and operational leader with  economies of scale
STP
Segment Mobile systems, Multi -service networks, Enterprise services, Transmission technologies, Mobile telephony and other communication technology
Target Group Telecom Companies, IT firms, Construction companies, Internet service providers
Positioning LM Ericsson (Ericsson) is a supplier of mobile systems

providing total solutions for systems and applications

SWOT Analysis
Strength 1. Flexibility in providing and conducting business solutions

2. Mobile systems technology

3. Has been operating on economies of scale

4. Flexible and responsive organization

5. Global presence in over 180 countries

6. Strong R&D department

7. Has over 100,000 employees in the organisation

Weakness 1.Variability in operating results is a conern

2. Credit and other risk regarding customers

Opportunity 1.New emerging markets

2. Service application

3. Network management services

Threats 1.Fast market changing

2. Technically complicated

3. Telecommunications environment

4. Highly competitive telecommunications market

5. Limited protection of intellectual property rights

Competition
Competitors 1.Siemens
2.Nokia
3.Motorola

 

 

CHAPTER – 2

REVIEW OF LITERATURE

Network Security Issues – major threats and the means to fight them
Network security issues are the top priority of all who want to protect their data.
Usually, network security issues are of major concern for all businesses that want to keep the affirmation they are usually dealing with under strict confidentiality. These issues are not very recent, ever since information was transferred among senders and recipients, data transition has been prone to, so as to speak, attacks in order to undermine the protection and to reach out relevant or useful pieces of information.

Authenticity

In computing, e-Business, and information security, it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim to be.

Non-repudiation

In law, non-repudiation implies one’s intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.

Risk management

The Certified Information Systems Auditor (CISA) Review Manual 2006 provides the following definition of risk management: “Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization.

Security Controls

When management chooses to mitigate a risk, they was do so by implementing one or more of three different types of controls.

Administrative

Administrative controls (also called procedural controls) consist of approved written policies, procedures, standards and guidelines. Administrative controls form the framework for running the business and managing people. They inform people on how the business is to be run and how day to day operations are to be conducted. Laws and regulations created by government bodies are also a type of administrative control because they inform the business.

Logical

Logical controls (also called technical controls) use software and data to monitor and control access to information and computing systems.

Physical

Physical controls monitor and control the environment of the work place and computing facilities. They also monitor and control access to and from such facilities. For example: doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems, cameras, barricades, fencing, security guards, cable locks, etc. Separating the network and workplace into functional areas are also physical controls.

Defense in depth

Information security must protect information throughout the life span of the information, from the initial creation of the information on through to the final disposal of the information. The information must be protected while in motion and while at rest. During its lifetime, information may pass through many different information processing systems and through many different parts of information processing systems. There are many different ways the information and information systems can be threatened. To fully protect the information during its lifetime, each component of the information processing system must have its own protection mechanisms. The building up, layering on and overlapping of security measures is called defense in depth.

Security classification for information

An important aspect of information security and risk management is recognizing the value of information and defining appropriate procedures and protection requirements for the information. Not all information is equal and so not all information requires the same degree of protection. This requires information to be assigned a security classification.

Access control

Access to protected information must be restricted to people who are authorized to access the information. The computer programs, and in many cases the computers that process the information, must also be authorized. This requires that mechanisms be in place to control the access to protected information. The sophistication of the access control mechanisms should be in parity with the value of the information being protected – the more sensitive or valuable the information the stronger the control mechanisms need to be. The foundation on which access control mechanisms are built start with identification and authentication.

 

 

Cryptography

Information security uses cryptography to transform usable information into a form that renders it unusable by anyone other than an authorized user; this process is called encryption. Information that has been encrypted (rendered unusable) can be transformed back into its original usable form by an authorized user, who possesses the cryptographic key, through the process of decryption. Cryptography is used in information security to protect information from unauthorized or accidental disclosure while the information is in transit (either electronically or physically) and while information is in storage.

Process

The terms reasonable and prudent person, due care and due diligence have been used in the fields of Finance, Securities, and Law for many years. In recent years these terms have found their way into the fields of computing and information security. U.S.A. Federal Sentencing Guidelines now make it possible to hold corporate officers liable for failing to exercise due care and due diligence in the management of their information systems.

 

SECURITY GOVERNANCE

The Software Engineering Institute at Carnegie Mellon University, in a publication titled “Governing for Enterprise Security (GES)”, defines characteristics of effective security governance. These include:

  • An enterprise-wide issue
  • Leaders are accountable
  • Viewed as a business requirement
  • Risk-based
  • Roles, responsibilities, and segregation of duties defined
  • Addressed and enforced in policy
  • Adequate resources committed
  • Staff aware and trained
  • A development life cycle requirement
  • Planned, managed, measurable, and measured
  • Reviewed and audited

 

CHAPTER – 3

OBJECTIVES AND SCOPE OF THE STUDY

Fixing the objective is like identifying the star. The objective decides where we want to go, what we want to achieve and what is our goal or destination.

  1. To study about issues & challenges of internet security at Ericsson Global.
  2. To know various tools for monitor the security aspects of a website.
  3. To study about effectiveness of hardware firewall or software firewalls
  4. To study of hardware based security or the software based security?

 

Scope

My study was confined to investigate issues and challenges of internet security related issues at the Ericson global for the day to day challenges and problems of the internet securities. Study was try to find out the best possible solution for the covering the security breaches for the Ericson Global.

 


 

CHAPTER – 4

 

 RESEARCH METHODOLOGY

Research methodology in a way is a written game plan for conducting research. Research methodology has many dimensions.

 

METHODOLOGY ADOPTED:- This research is aimed at studying at issues & challenges of internet security.

RESEARCH DESIGN: – The research design was used in this study is both ‘Descriptive’ and ‘exploratory’.

 

DATA COLLECTION METHODS:

The data was collected using both by primary data collection methods as well as secondary sources.

 

PRIMARY DATA: Most of the information was gathered through primary sources.  The methods that were used to collect primary data are:

  1. Questionnaire
  2. Interview

 

SECONDARY DATA: The secondary data was collected through:

  • Text Books
  • Magazines
  • Journals
  • Websites

SAMPLING TECHNIQUE:

The technique was used for conducting the study is Convenience Sampling Technique as sample of respondents was chosen according to convenience.

 

STASTICAL TOOLS:

MS-EXCEL was used to prepare pie- charts and graphs and MS-WORD was used to prepare or write the whole project report.

 

SAMPLE SIZE: 100

Top Executives          :  05

Middle Management: 10

Manager (IT)             :  10

Engineers                   : 60

Administrative Staff: 15

METHOD USE TO PRESENT DATA:

 

 

CHAPTER – 5

 DATA ANALYSIS AND INTERPRETATION

Evaluation of the Study:-

 

 

 

Q1. How often do you use the internet?

TABLE – 1

 

Criteria Frequency Percentage
Frequently 41 41%
Occasionally 35 35%
Rarely 19 19%
I’ve only used the internet a few times 5 5%
I’ve never used internet 0 0%

 

Q2. How safe do you feel the internet is? Please rate on a scale from 1-5: (1 being not safe at ALL and 5 being completely safe)

 

TABLE – 2

Criteria Frequency Percentage
1 78 78%
2 15 15%
3 5 5%
4 2 2%
5 0 0%

 

Q3. What is your most used source of information about online security issues?

 

TABLE – 3

Criteria Frequency Percentage
The media, newspaper, radio, T.V 15 15%
Word of mouth (friends, relatives, etc) 31 31%
E-mail warnings 24 24%
Computer professionals 16 16%
Technical communication professional 9 9%
Own knowledge and experience 4 4%
Other, specify 1 1%

 

Q4. Rate your level of concern with online security and privacy:

 

TABLE – 4

Criteria Frequency Percentage
I’m very worried about security/privacy 44 44%
I’m fairly concerned about security/privacy 35 35%
I’m somewhat concerned about security/privacy 12 12%
I’m not worried about my security/privacy at all 9 9%

 

Q5. Do you think it is possible to get a computer virus from reading an e-mail?

 

TABLE – 5

Criteria Frequency Percentage
Yes 75 75%
No 17 17%
Not Sure 8 8%

 

Q6. Do you think it is possible to get a computer virus from browsing websites?

TABLE – 6

Criteria Frequency Percentage
Yes 85 85%
No 9 9%
Not Sure 6 6%

 

Q7. How “anonymous” do you feel you are while using the Internet (such as browsing the web)?

TABLE – 7

Criteria Frequency Percentage
Completely anonymous 30 30%
Mostly anonymous 15 15%
Somewhat anonymous 34 34%
Not anonymous at all 30 30%

 

Q8. What is your opinion of Internet “Cookies”?

TABLE – 8

Criteria Frequency Percentage
I don’t know anything about Cookies/never heard them 9 9%
I’ve heard the term, but don’t know enough about them 12 12%
Cookies do more harm than good 24 24%
Cookies do more good than harm 15 15%
Cookies can be good or bad, depending on the application 40 40%

 

Q9. What is your opinion of Internet “Cookies”?

TABLE – 9

Criteria Frequency Percentage
Yes 85 85%
No 15 15%
Other specify 0 0%


Q10.
Do you or your company have a website?

 

TABLE – 10

Criteria Frequency Percentage
Yes 85 85%
Perfectly safe/no danger 40 40%
Mostly safe 23 23%
Somewhat 15 15%
Not safe at all 5 5%
Not sure 2 2%
No 0 0%

 

Q11. Is encryption is the only means of security?

  

TABLE – 11

Criteria Frequency Percentage
Yes 5 5%
No 95 95%

 

Analysis: 95% of the respondents think that the encryption is not the only security means white 8 % thinks encryption.

 

Q12. Are there any tools to monitor the security aspects of a website?

TABLE – 12

Criteria Frequency Percentage
Yes 67 67%
No 33 33%

 

Q13. Are there any tools to monitor the security aspects of a website?

TABLE – 13

Criteria Frequency Percentage
Hardware 87 87%
Software 13 13%


Q14.
What do you think hardware based security or the software based security is more effective? 

TABLE – 14

Criteria Frequency Percentage
Hardware 55 55%
Software 45 45%

 

 

 

CHAPTER – 6

 

FINDINGS

  1. 41% of respondents use the internet frequently, while 35% occasionally, 19% rarely and 5% few times.
  2. 78% of the respondents think internet is not safe. If not taken care of your computer resources due to Hacking or viruses, while 15% are agreed that it is somewhat safe.
  3. Word of the month is the most used source of information about online security issue, while 24% people say that the E-mail warnings are the major concern other 16% think computer.
  4. 44% of respondents are worried about security privacy. Where 35% are fairly concerned about it where 12% are concerned about security 1privacy 9% are careless about the internet security.
  5. 75% respondents thinks that by reading the email having the exe files one can get the viruses problem in their computer where 17% say that they can’t get virus through email, where 8% are not sure about it.
  6. 85% respondents thinks that you can get virus by browsing websites where 9% does not thinks so, where 6% are not sure about it.

 

 

 

 

CHAPTER – 7

 

CONCLUSION AND LIMITATIONS

As the Internet has become an integral part of companies’ business operations, security on the Internet has also become an important issue for companies. It can seem at times that the balance of power is increasingly weighted towards those that have malicious intent. The volume of attacks has increased exponentially over the years – McAfee’s Anti-Virus and Vulnerability Emergency Response Team (AVERT) the group of researchers that receive and deal with viruses and vulnerabilities as they become known  on average around 300 NEW attacks every month. Virus writing kits and the anonymity of the Internet as well as a few other factors have resulted in both more sophisticated attacks and attacks that are much easier to launch. It is always dependent on severity of course but if one of these slips through the net into your business the potential downsides can include compromised application availability, data confidentiality and data integrity. Most importantly all of these can result in lost profits.

 

 

LIMITATION:

 

The report may be beneficial to company. But there are some limitations of the study:-


REFERENCES

  1. Gralla, Preston (2007). How the Internet Works. Que Pub, Indianapolis. ISBN 0-7897-2132-5.
  2.  Rhee, M. Y. (2003). Internet Security: Cryptographic Principles,Algorithms and Protocols. Chichester: Wiley. ISBN 0-470-85285-2.
  3.  http://itcd.hq.nasa.gov/networking-vpn.html Virtual Private Network
  4.  http://www.pvv.org/~asgaut/crypto/thesis/node6.html Network Virtual Terminal
  5.  http://www.w3.org/Protocols/
  6.  http://www.wisegeek.com/what-is-a-message-authentication-code.htm
  7.  Rebbapragada, Narasu. All-in-one Security. Retrieved 19 November 2010.
  8.  Larkin, Eric. Build Your Own Free Security Suite. Retrieved 19 November 2010.
  9. a b com. Browser Statistics. Retrieved 1 August 2011.
  10.  Bradly, Tony. “It’s Time to Finally Drop Internet Explorer 6” . Retrieved 19 November 2010.
  11.  Messmer, Ellen and NetworkWorld. “Google Chrome Tops ‘Dirty Dozen’ Vulnerable Apps List”. Retrieved 19 November 2010.
  12.  Keizer, Greg. Firefox 3.5 Vulnerability Confirmed. Retrieved 19 November 2010.
  13.  Skinner, Carrie-Ann. Opera Plugs “Severe” Browser Hole. Retrieved 19 November 2010.

 

 

 

QUESTIONNAIRE:

 

Dear respondents,

I am……………………..a student doing MBA. I am underlying a project named “STUDY ON ISSUES & CHALLENGES OF INTERNET SECURITY AT ERICSSON GLOBAL” So by filling this questionnaire please help me in completing my research project.

 

 

Name                            : ……………………………….

Age                               : ……………………………….

Address                        : ……………………………….

Contact No                  :  ……………………………….

Designation                  : ……………………………….

 

 

Q1. How often do you use the internet?

Q2. How safe do you feel the internet is? Please rate on a scale from 1-5: (1 being not safe at ALL and 5 being completely safe)?

Q3. What is your most used source of information about online security issues?

Q4. Rate your level of concern with online security and privacy:

Q5. Do you think it is possible to get a computer virus from reading an e-mail?

Q6. Do you think it is possible to get a computer virus from browsing websites?

Q7. How “anonymous” do you feel you are while using the Internet (such as browsing the web)?

Q8. What is your opinion of Internet “Cookies”?

Q9. What is your opinion of Internet “Cookies”?

Q10. Do you or your company have a website?

Q11. Is encryption is the only means of security?

Q12. Are there any tools to monitor the security aspects of a website?

Q13. Are there any tools to monitor the security aspects of a website?

Q14. What do you think hardware based security or the software based security is more effective?