Robert Karlsson; Aron Rydquist MCS-2004:04, pp. 30. TEK/avd. för interaktion och systemdesign, 2004.
This thesis will address a problem concerning availability of information systems at an enterprise within the financial sector and its external suppliers, so called trusted third party. The information system resides on the internal network of the enterprise and must be available to both employees of the enterprise and the trusted third party simultaneously. This contradicts the company policy which
disallows third parties access to the internal network. The HAVECA-model introduced in this thesis provides a framework of methods, each solving a sub problem identified in the model. The identified methods are hardening, verification, control and assurance, together supplying a method for
continuously securing the internal network against a trusted third party. The HAVECA-model will be applied to a scenario, providing real-world examples of techniques of allowing the trusted third party to a restricted number of servers on the network.
Robert Karlsson e-mail: firstname.lastname@example.org
Aron Rydquist e-mail: email@example.com