Manchester stadium

1. INTRODUCTION:

The city of manchester stadium is located in Rowsley street, Manchester,England. The stadium is owned by Manchester football club.

1.1 STADIUM HISTORY:

The city of Manchester stadium was opened on 2nd Decemmber, 1999.The capacity of the stadium is 47,726. Hillsborough stadium is the home ground of the Manchester football club in rowsley street in manchester. It is the fourth largest stadium in FA Premier League. The stadium was initially constructed with the aim of conducting the common wealth games but it has been upgraded to football stadium.

2 STADIUM NETWORK SECURITY:

The stadium has 3 official websites and the stadium network system is maintained by 20 servers which are mainly Linux, Unix, AS400 and Windows based servers. There are 2 firewalls and VPN both SSL and IPSEC.

On going security:

2 ACCESS FOR SPECTATORS:

The tickets are sold online and through phone calls or in personal.

In any of the three ways for buying tickets the spectators should provide the required details and these details will be stored in the database of the PCI DSS of the stadium network system. The ticket consists of a bar code which will be useful to prevent entrance of outsiders and other anti social elements.

On the day of the match the spectators have to undergo through various security checkouts which includes the following:

2.1 TURNSTILES:

The design of the turnstile is to make a free entry flow rates.These are coupled with a smart card reader and tensors finger print biometric system. the designed turnstile is provided with a increased space to enter and a 120 degrees arm rotor .this is the best inflow method of traffic used as it can read the card in under ¼ of a second and doesn't need to remove the card from wallet or purse,with the addition of tensors finger print biometric system,it has a perfect barrier against illegal entry.

2.2 Metal and bomb detection systems: All the spectators and their belongings are required to pass through the metal and bomb detectors. Any of the items restricted by the checking staff cannot be taken inside.

2.3 The spectators cannot purchase restricted items like alcohol, cigarettes if they are below the age of 18.And they will be not served these items as the age details of the customer is stored in the system and he/she cannot get access to buy these restricted items if they are below the age of 18.

2.4 The spectators are restricted entry to other stands as they are directed to their respective stands which is mentioned on their tickets. For example:

If a spectator is allocated a seat in the north stand he/she are directed to their respective stands and are restricted entry to the south stand or the grand stand.

The different stands in the stadium are as shown the figure below [4]:

3 MONITORING SYSTEM :

3.1 CCTV SURVEILANCE

CCTV cameras are in use for protective security .the club has 59 cctv cameras in different sights of the ground, monitoring 24hours. Where the images can be received from every sector of the stadium

The club uses MOBITIX cameras which are controlled under assistance of video management .the network technology used by the MOBITIX Mx control centre are made it possible to easily access all camera images remotely through internet service which can also be accessed by police under request for the security check .this can be shown diagrammatically as below To increase the storage capacity , Manchester club renovated the old analogue multiplexers and video recording system to digital sprite2 which incorporates 6tb of hard disk capacity .

EXTERNAL THREATS LIKE HUMAN FACTOR

Threats because of human factor have an influencing effect on the security system. Humans are a serious threat to the security of the stadium. By employing well trained staff and by checking all the security systems on a regular basis the threats caused by humans can bed reduce.

Business continuity planning:

• Development of controls.
• Disaster recovery plan.
• Disaster recovery outsourcing.
• Specifics of the continuity plan.
• Disaster recovery plans (DRP):
• By locating the alternate facilities.
• Recovery procedure for data communications facilities, servers and application systems.
• The various actions to be taken under various contingencies.
• Updating and testing procedures.
• Safe storage of data, software and the disaster recovery plan itself.
• There are two types of DRP's:

1) Level 1: The level one consists of building enough capacity and having enough equipment.

2) Level 2: Relying on professional disaster recovery firms.

Prevention of destruction, disruption and disaster:

• Using the redundant hardware.
• Prevention of natural disaster.
• Prevention of viruses.
• Preventing threats.
• Preventing the denial of service.
• Using redundant hardware. It is key principle in preventing disaster, disruption and destruction. For example: Uninterrupted power supplies (UPS), Fault tolerant servers.
• Disk mirroring. It is a redundant second disk for each and every disk on server. Every data on primary disk is duplicated on the mirror.
• Disk duplexing. It can be applied to other network components as well. For example: Circuits, routers, client computers etc.

Preventing natural disasters:

• By decentralizing the network sources.
• Storing critical data in at least two or more locations.
• Having a completely redundant network that duplicates each and every network component but in a different location.

Security reuirement in a place:

Tripwire:

This is a software used to monitor the staff, where i can turn around to any user what he is doing in work time and can check that he is commited to any

Source fire:

Monitors internal lans

It shows where exactly something was patched or went wrong.

Proxy server:

Monitors server

Web root:

Is a system where every individual is provided with user name and password to login in to the system.

Aladdin:

It is used to check the details of contactless cards bar code for genuinity of the ticket.

Database security :

RULE 1- NETWORK ATTACHMENT:

The database server shares the data within the network and can be accessed by its own client and only the members in the group can attach it to other network.

RULE 2-CONNECTION PRIVILIGES

The data base can attain by the members of the network and it shouldnt be attached to any other accessible network as, control of the database can be easily gained by unauthorised person which leads to disaster.

The database network architecture is shown as below.

Back up:

If a server fails to work, then alternatively shifts every load to other server.

If all servers failed to work ,there is a back up provider to take up the action which is provided from near by stadium.

Securing the network perimeter:

• Physical security.
• Dial in security.
• Firewalls.
• Network address translation (NAT),proxy servers.

Physical security: It is mainly about securing the network cables, securing the network devices like Lan's, hubs, bridges, routers etc. Use of secured hubs.

Dial in security: Routinely changing modem numbers, using of call back modems and automatic number identification (ANI),only the users dialing in from authorized locations are granted access.

FIREWALL:

Firewall is a part of a computer network that is designed to block from unauthorised user. this id used to prevent from unauthorised internet users from accessing private networks.

A firewall is a term used for a ``barrier'' between a network of machines and users that operate under a common security policy and generally trust each other, and the outside world. In recent years, firewalls have become enormously popular on the Internet. In large part, this is due to the fact that most existing operating systems have essentially no security, and were designed under the assumption that machines and users would trust each other.

There are two basic reasons for using a firewall at present:

• To save money in concentrating your security on a small number of components
• To simplify the architecture of a system by restricting access only to machines that trust each other.

Firewalls are often regarded as some as an irritation because they are often regarded as an impediment to accessing resources. This is not a fundamental flaw of firewalls, but rather is the result of failing to keep up with demands to improve the firewall.

The firewall's role as a perimeter defender has given way to more of a gate-keeping role, however, as many enterprises begin to use the firewall as a central point of connectivity for mobile and remote workers.

If firewall technology and security techniques are adapted to route all that traffic through secured channels, however, security becomes a more manageable problem.

As the increasing business growth mostly dependent on web applications ,there arises difficulty to secure the data and network. Firewalls with secure sockets layer, network and host security cannot prevent some attacks on themselves . so, there is every need to understand and protect the data of the organisation to improve the web application security.

These are some preventive measures taken from the attacks:

Threats and countermeasure:

Different threats that effect the system software

• Viruses , Trojan horses and worms
• Footprinting
• Profling
• Password cracking
• Unauthorised access

Application threat and Countermeasures:

Authentication:

Depending on the requirement there are several authentication mechanism to chosen from Authentication mechanism defines the rules about the security information, such as whether the information is forwarded from one computer to other computer. If the authentication mechanism doesn't done perfectly it can expose to vulnerabilities that attackers can exploit and gain success to the information .using authentication mechanism can prevent from these threats

Vulnerabilities include :Network eavesdropping ,cookie replay attacks, credential theft.

Network eaves dropping:

If authentication credentials are passed in a plain text from user to end user the attacker may capture the data and obtains user name and password.

Cookie replay attacks:

The attacker captures the users authentication cookie by using the software.

Counter measure: using an encrypted channel for communication which is provided by ssl(vpn)

Credential thefts:

Accessing the others user name and password by some one is theft.

Counter measures:

using strong password

enforcing account lock out for limited number of attempts to access the account.

The simple example as how authentification is done.

Authorisation:

The authorisation is maintained by giving individual login id and password to the individual staff members of the organisation.

The threats that exploited by autherisation includes:

Elevation of privilege:

Counter measure:

Using least privilege process , services, end accounts,

Disclosure of confidential data

Can occur If sensitive viewed by the unauthorised user

Counter measures: using strong acls to secure windows resources.

Using standard encryption to store the sensitive data.;

Data tampering

Is unauthorised modification of data.

Countermeasures:

Use strong access controls to protect data in controlled stores and allowing only authorized users can access and modify the data.

Sensitive data:

Sensitive data can be subjected to variety of threats. If attacker attempts to view or modify sencitive data can target to data stores and networks.

Threats to sensitive data include:

Access to sensitive data in storage

Securing the data in storage and avoiding it to be used by unauthorised users

Counter measures:

Use restricted ACLs on the persistent data stores that contain sensitive data.

Store encrypted data.

Network eavesdropping

Counter measures :

• Encrypt the data.
• Use an encrypted communication channel, for example, SSL.

Data tampering

One countermeasure to prevent data tampering is to protect sensitive data passed across the network with tamper-resistant protocols such as hashed message authentication codes (HMACs).

Session management:

Session management for web application is an application layer responsibility.

Session security is important to overall security of the application.

Threats may include:

Session hacking ,session replay.

Cryptography:

Most of the application uses cryptography for protection of the data and to ensure it remains private and unchangeable.

The threats may include:

Poor key generation , weak encryption , check sum spoofing.

Counter measures:

Use strong random key generation functions and store the key in a restricted loctions.

Encrypt the encryption key using DPAPI for added security.

Expire keys regularly

Parameter manipulation:

Parameter manipulation attacks are a class of attacks that depends on the modification of the parameter data sent between the user and the web application.

Threats includes

Query string manipulation , form field manipulation , cookie manipulation.

Couner measures:

Avoid using query string parameters that contain sensitive data. Instead, use a session identifier to identify the client and store sensitive items in the session store on the server.

Choose HTTP POST instead of GET to submit forms.

To counter the threat of form field manipulation, instead of using hidden form fields, use session identifiers to reference state maintained in the state store on the server.

Auditing and logging:

These are used to detect the suspicious activity such as footprinting or password cracking attempts.

Threats include:

User denies performing operation , attackers cover their tracks.

Counter measures:

• Avoid using shared accounts since the original source cannot be determined.
• Use platform-level auditing to audit login and logout events, access to the file system, and failed object access attempts.
• Back up log files and regularly check for the suspicious files
• Secure log files by using restricted ACLs.
• Relocating the system log files away from the original locations.