Requirements:
The project deals with providing Data Security to a standalone Computer with Windows 2003 and above.
Data Security here means putting control on the Outflow of the Data as discussed below:
1) USB Port:
? Any Data drive connected to the system thru the USB port should be mounted as Read Only.
i.e. No data from the PC should be allowed to be written to the USB drive.
Currently the requirement is fulfilled by modifying a Registry key at command line.
However a better solution for the same is needed.
Suggestion:
Windows API approach or some other way.
2) TCP/IP Protocols/Ports:
? Securing the data outflow via the wired/wireless Networks.
Currently IPSEC Policies are imported on Windows PC to disable all the Protocols & Ports.
This is done via Command Line.
Here also a Windows API approach is preferred which will disable all the Protocols/Ports thus avoiding the outflow of data for the Windows system.
Suggestion: using information posted in the below link IF applicable.
[login to view URL]%28v=vs.85%[login to view URL]
3) Securing Data Outflow via Firewire Ports.
4) Windows Service which checks if point 1 & point 2 are satisfied on the PC, every X seconds.
( The value of X can be suggested such that the System performance is not adversely affected down.)
i.e. The Windows service should check if the system is set to mount USB drives as Read Only & whether all the protocols/ports are disabled.
If not, enable it by invoking solutions to points 1 & 2.
5) Windows API's to perform the reverse functionalities for requirements in Points 1 & 2.
This is for admin use.
Assumption: Windows API's are used to fulfill requirements in points 1 & 2.