I am currently working as a technical lead on a project at a financial institution and have a question about how to provide the same level of security expected by the business in an application we are preparing for them.
The legacy system today allows payment operators at a terminal window to interact with an AIX and mainframe system. The replacement system my team will provide will be a more modern "scale-out" distributed system to replace the mainframe. The software is mostly vendor supplied with ancillary and supporting software components being developed in house.
The operators have the ability to move large sums of money so there are a number of security constraints placed on them today. They are not allowed to VPN into the company network from outside, we can't guarantee the security of the workstation they tunneled into our network, and if they were on a public computer somebody could feasibly use low-tech methods to look over their should and jot down account numbers and such. Furthermore each of their workstations are assigned a static IP address within the internal network (Local or Router set, not sure which) so that they can only ever perform their job tasks on their secure provided workstations. I imagine there are firewall rules that whitelist their IP address to the legacy system.
It was brought up that they want a similar level of requirements for the new system which for the operators will be entirely web based (Locked down Browser -> Load Balancer -> Firewall -> Web Server Reverse Proxy -> Firewall -> Application server -> Firewall -> Database). They seem to believe that static IP addresses should give them identical security here but I am not so sure.
IP addresses can be spoofed rather easily and with the stateless nature of HTTP but then I imagine the firewall is looking at the IP protocol level to decide who it lets through. What I am unsure about is how easy it would be to spoof this, for instance if I happened to compromise the password of an operator and I was inside the intranet, is it possible for me forge my IP address to an accepted workstation IP address for that user id?
Even if this kind of IP spoofing is unlikely, are there viable alternatives that can be equally as secure and perhaps a little more easy for managers to maintain new and leaving members of the team?
Aucun commentaire:
Enregistrer un commentaire