Project Description: Create an e-commerce server and a comprehensive security program to protect a web server for a simulated small business. This server will include security tools such as intrusion detection, firewall, and network monitoring. The installation and maintenance of this solution will be documented as part of the final documentation package. The server will be reviewed for exploitation from other teams while we attempt the exploitation of their server(s). Research/Motivation: How to research, install, configure, and integrate various open-source software packages for information security, e-commerce, web hosting, and database. Our motivation for this project was to create and secure an e-commerce website that allows the team to explore, learn, and gain knowledge to become better real world IT professionals. Materials/Methods Our team leveraged the use of their own virtual machines and online documentation to test various software packages on the Ubuntu operating system. We leveraged the NIST cybersecurity framework to integrate industry standards and best practices to create risk assessment and information security documents. Preliminary Results: We have created a secure Internet facing e-commerce solution with supporting documentation. We are currently awaiting other teams to begin penetration testing and results from of our server. Intellectual or business merits of our project: Our team gained real world knowledge and skills during the research and implementation of the server and security project. Our documentation details the steps taken throughout the implementation of the project and allows us to hand off the ongoing maintenance to an e-commerce business. Actions that we\u27ll take to enhance the potential of the project to benefit society: Our documentation of the project could be published to allow e-commerce businesses to create a low cost, secure e-commerce store.Advisors(s): Project Sponsor: Dr. Lei Li Professor: Dr. Ying XieTopic(s): SecurityIT 498
