FREE ELECTRONIC LIBRARY - Theses, dissertations, documentation

Pages:     | 1 |   ...   | 30 | 31 || 33 | 34 |   ...   | 47 |

«Securing Information in the Digital Age Information Security Policies This document presents a suite of integrated solutions which, together, offer ...»

-- [ Page 32 ] --

Client A computer system or process that requests a service from another computer system or process, a ‘server’. A client is part of a client-server software architecture For example, a workstation requesting the contents of a file from a file server is a client of the file server.

‘Thin Client’: A simple client program or hardware device which relies on most of the function of the system being in the server. By the mid-1990s, the model of decentralised computing where each user has his own full-featured and independent microcomputer seemed to have displaced a centralised model in which multiple users use thin clients (e.g. dumb terminals) to work on a shared minicomputer or mainframe server. Networked PCs typically operate as ‘fat clients’, often providing everything except some file storage and printing locally.

By 1996, the reintroduction of thin clients was being proposed, especially for LANtype environments. The main expected benefit of this is ease of maintenance: with fat clients, especially those suffering from the poor networking support of some operating systems, installing a new application for everyone is likely to mean having to go physically to every user's workstation to install the application, or having to modify client-side configuration options; whereas with thin clients the maintenance tasks are centralised on the server and so need only be done once.

Also, by virtue of their simplicity, thin clients generally have fewer hardware demands, and are less open to being sabotaged by ‘ambitious’ Lusers.

Client-Server A common form of distributed system in which software is split between server tasks and client tasks. A client sends requests to a server, according to some protocol, asking for information or action, and the server responds.

This is analogous to a customer (client) who sends an order (request) on an order form to a supplier (server) who despatches the goods and an invoice (response).

The order form and invoice are part of the protocol used to communicate in this case.

There may be either one centralised server or several distributed ones. This model allows clients and servers to be placed independently on nodes in a network, possibly on different hardware and operating systems appropriate to their function, e.g. fast server/cheap client.

–  –  –

Command Line The command line refers to the blinking cursor which, prior to the use of Microsoft Windows®, is at the heart of all operating systems. In the world of mini computers and UNIX®, the command line is often called the ‘$’ prompt and signifies that the operating system is able to accept another command; e.g. to ‘mount’ a new diskpack or to format a disk.

People familiar with Microsoft DOS environment will always recall the ‘C’ prompt, being the command line familiar to all PC users as C:\ (with optional parameters to include the current path).

Commission The commissioning of a (computer) system is the point when it is put into live, operational, and active service.

Common Gateway Interface – CGI CGI is a programming method of passing information between a Web site and an applications programme and back again. CGI applications can be written using a variety of programming languages e.g. Perl (from UNIX), C, C++, Visual Basic and others.

There are significant security risks in implementing CGI scripts using scripting languages such as Perl, because, although extremely powerful for the manipulating and parsing of text (say from user input), they also permit an array of low level ‘system’ commands which could be exploited for malicious purposes.

Communications Equipment Hardware, with associated software, relating to the ability of computers to receive data from, and transmit data to, locations separated from the central processor.

Communications Line Within a communications network, the route by which data is conveyed from one point to another. Recently the term has started to be replaced by ‘Communications Link’ to reflect the fact that a growing number of small networks, even within the same building, are using radio (‘wireless’) communications rather than fixed cables.

Communications Network A system of communications equipment and communication links (by line, radio, satellite, etc.,), which enables computers to be separated geographically, while still ‘connected’ to each other.

Glossary 405 Compression A technique, using special software, to increase the storage capacity of computer media, either by artificially increasing the apparent size of a computer disk, or reducing the size a files stored thereon. Compression comes in two flavours; Disk Compression and File Compression.

Disk Compression dates from the mid-1980’s when hard drives were very much smaller and, relatively, much more expensive than today. A typical 1990 hard drive would store 80 Megabytes of programs and data, compared to the year 2000 ‘basic’ home user specification of 4.3 Gigabytes (4,300 Megabytes) - an impressive growth of 5,275%. As a result of vastly increased disk storage capacities, users’ enthusiasm for such techniques has, not surprisingly, waned somewhat. Overall, it is generally regarded as being cheaper and easier to install another hard drive than deal with the drive/file structures and performance degradation often associated with disk compression. Companies with computer archives dating back to 1995, and earlier, should review these archives to ensure that the files thereon can still be accessed by the systems and software now being used and, if necessary, give consideration to decompressing such disks and storing the information on new, larger capacity, disks.

File compression, conversely, is being used more frequently. Commonly referred to as ‘Zipping’ after the most popular compression programs (PKZip, and WinZip) this increase in usage is due in no small part to the increasing use of electronic transmission systems to move files between remote parts of the organisation, and even around the world at large. A typical Word Processor document can be compressed by 90% or more and thus a file of 1 Megabyte can be reduced to 100 Kilobytes. Sending a zipped file not only reduces the cost of transmission, by taking less time to transmit, but also, by the same token, reduces the risk of transmission error. Companies should be aware, however, that unattractive elements such as viruses can be contained within compressed files, ready to activate themselves as soon as the file is decompressed. Consequently, any AntiVirus software selected by the organisation should be capable of detecting viruses within a compressed file before it is decompressed and brought into the system.

Compressors / Packers Compressors, or Packers are legitimate compression utilities which will compress (make smaller) Windows® program files -.EXE files. In a similar way to using a popular file compression utility such as WinZip before e-mailing, compressors do the same for executable files. However, unlike WinZiped files, which require to be decompressed before loading, compressed executables run in their new state.

Because of this, the executable will pass through any anti-virus scanning engine because the virus signature has been modified and the anti-virus software will not recognize it.

There are many free and available compression utilities and these have been responsible for many of the Trojan variant programs and worms which have caused so much damage. Here are a few examples of common compressors, ASpack, PECompact, Petite, PKLite, NeoLite, Shrinker and WWpack32.

With such compressed files being able to circumvent your anti-virus software, what options are available? According to one hackers site, “The only way to stop an executable from harming your PC is to run it in a proactive "sandbox" environment and monitor its behaviour for malicious activity in real-time.”

–  –  –

Computer Viruses Computer Viruses are pieces of programming code which have been purposely written to inflict an unexpected result upon an innocent victim. There are now approximately 50,000 viruses and their variants for which known cures of ‘vaccines’ are available.

Viruses are transmitted within other (seemingly) legitimate files or programs, the opening, or execution of which, causes the virus to run and to replicate itself within your computer system, as well as performing some sort of action. Such actions can be as harmless as causing characters to ‘fall off’ the screen (early DOS based Virus in the 1980s), to the most malicious viruses which destroy data files and replicate themselves to everyone in your e-mail directory.

It is essential to guard against virus attacks by a combination of cautious, guarded, awareness, together with a modern anti-virus package and regular updates – every two weeks is recommended.

There are many Internet sites providing updates on Viruses; here are some examples www.sophos.com or www.symantec/avcenter.

Confidentiality, Integrity and Availability A key aspect of Information Security is to preserve the confidentiality, integrity and availability of an organisation’s information. It is only with this information, that it can engage in commercial activities. Loss of one or more of these attributes, can threaten the continued existence of even the largest corporate entities.

Confidentiality. Assurance that information is shared only among authorised persons or organisations. Breaches of Confidentiality can occur when data is not handled in a manner adequate to safeguard the confidentiality of the information concerned. Such disclosure can take place by word of mouth, by printing, copying, e-mailing or creating documents and other data etc. The classification of the information should determine is confidentiality and hence the appropriate safeguards.

Integrity. Assurance that the information is authentic and complete. Ensuring that information can be relied upon to be sufficiently accurate for its purpose. The term Integrity is used frequently when considering Information Security as it is represents one of the primary indicators of security (or lack of it). The integrity of data is not only whether the data is ‘correct’, but whether it can be trusted and relied upon. For example, making copies (say by e-mailing a file) of a sensitive document, threatens both confidentiality and the integrity of the information. Why?

Because, by making one or more copies, the data is then at risk of change or modification.

Availability. Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them.

Console The console, is the screen and keyboard which allows access and control of the server / mainframe in a networked environment. The console will usually be within a secure area with access only granted to system’s administrators, with all actions being logged.

Users of the console will usually have highly privileged access such as Systems Operations, Super User or root.

–  –  –

Contention Contention manifests itself in a slowing or reduction in response from a system.

The cause of the problem results from increased loading on a system or network, such that requests for information and / or processing, are queued within the internal buffers of the system. Where contention becomes extreme, the buffers can overload and the system can fail / crash.

To reduce contention, and hence reduce the risk of system overload, an analysis of the load will need to be performed. An example of contention leading to overload was in mid 2,000 in the UK, where a leading Bank launched its e-Banking service. Within hours of the opening, the service was down due to massive contention and overload; concurrent demand had exceeded capacity by an unexpected order of magnitude. See Capacity Planning.

Contingency Arrangements A set of formally approved, detailed plans and procedures specifying the actions to be taken if or when particular circumstances arise. Such plans should include all eventualities ranging from key staff absence, data corruption, loss of communications, virus infection, partial loss of system availability, etc., through to the complete disaster Boeing Syndrome.

The increased use of computers in the business world make such plans essential.

Contingency Planning In project management, a valuable lesson learnt early in one’s career is :A failure to plan, is a plan to fail’ Contingency planning, plans for the unexpected or, the possibility of circumstances changing. Contingency plans are individual plans associated with individual projects or programmes.

A contingency plan is never expected to be executed; as result, where attention to detail and the budget allocation are clearly inadequate, this can guarantee its failure in the event of it being executed.

As with any plan, it is essential to agree the ‘trigger(s)’ which will result in the plan coming into force and the subsequent ‘chain of command’ which will take over during that period.

See also Business Continuity Planning.

Control Total A value that can be compared against the sum of a batch of items to check against loss in transit. Similar to old-style test keys, the system can compare what the control total indicates was transmitted with the incoming records of what was actually received. If the control total is transmitted separately from the transactional message(s) to which it relates, it can provide some protection against fraudulent or mischievous manipulation of data in transit. The safest way of using

–  –  –

Cookie A small identifier file placed on a user’s computer by a Web site, which logs information about the user and their previous/current visits for the use of the site next time the user makes contact. The Web site owners claim that this is beneficial to the user, allowing faster access, and ‘personalisation’ of the site for that user.

Pages:     | 1 |   ...   | 30 | 31 || 33 | 34 |   ...   | 47 |

Similar works:

«Economía Internacional Crisis del Euro: Hacia el óptimo de una unión monetaria Federico Trebucq AI 016/2011 10 de agosto de 2011 Crisis del Euro: Hacia el óptimo de una unión monetaria Federico Trebucq1 Introducción Tres años después de la crisis económica mundial desatada en 2007, el euro quedó al borde del abismo y reveló las fallas de la moneda única inherentes a su nacimiento. El objetivo de este trabajo, es determinar si la zona del euro, es una unión monetaria óptima, a...»

«Sarah's Booking approach in order to get 100 names in a day!This is what I did: Materials : Take a vinyl bag with a look book, big stack of business cards with attachment, 2 pens, and make a sign and tape to inside of vinyl bag that says Win $100 of Free MaryKay I went to every business and did not discriminate of what kind of business it was, and kept my eyes open for women. (I live in South Beach miami and there are lots of tourists here this is why I focused on local businesses to get this...»

«ANALES | ASOCIACION ARGENTINA DE ECONOMIA POLITICA XLIV Reunión Anual Noviembre de 2009 ISSN 1852-0022 ISBN 978-987-99570-7-3 LA CURVA DE PHILLIPS DE PENDIENTE POSITIVA Y LA CRISIS DE 2008. Ravier, Adrián Osvaldo Asociación Argentina de Economía Política AAEP LA CURVA DE PHILLIPS DE PENDIENTE POSITIVA Y LA CRISIS DE 2008 Por Adrián Ravier 1 Resumen El paradigma dominante está en crisis. Tanto en la revolución keynesiana (que surge como respuesta a la crisis del enfoque clásico), como...»

«The Lean Concept – Implementation and Case Study Analysis Yacov Kedem Dept. of Industrial Engineering and Management Shenkar College of Engineering and Design, Ramat-Gan, ISRAEL Abstract Changing economic conditions, globally and locally, have caused an increasing interest in the lean concept, thereby developing new concepts such as Lean Management and the Lean Enterprise.The main changes that have caused a new sense of urgency are: Globalization and the rapid flow of products, information,...»

«Waning Chances for Stability Navigating Bad Options in Iraq Carlos Pascual and Kenneth M. Pollack Summary Iraq is a failed state ensnared in a civil war. About 2.0 million refugees have fled Iraq, and another 2.2 million people have been displaced internally. The war has taken thousands of American lives and cost hundreds of billions of dollars. What started as a war with a clear enemy has spawned regional instability, transnational terrorism, risks to global oil supplies – and it has...»

«INFORMATION SYSTEMS OFFSHORE OUTSOURCING: AN EXPLORATORY STUDY OF MOTIVATIONS AND RISKS IN LARGE SPANISH FIRMS González, R.; Gascó, J.; Llopis, J. University of Alicante ABSTRACT Information systems offshore outsourcing is motivated by such factors as globalisation, technological development and the possibility to explore new markets. However, both the geographical and the cultural distance create more risks than in onshore outsourcing. The aim of this paper is to develop a typology of firms...»

«Policy dimensions of work: the jobs crisis and the goal of decent work Lecture in the UNESCO Forum on the nexus between social science research and policy, Buenos Aires, 21.2.06 Gerry Rodgers The jobs crisis 1. Today I am going to speak about a major challenge for both researchers and policy makers: the global jobs crisis and what might be done about it.2. I will talk about • The nature of the crisis • The treatment of employment and decent work on the international agenda; • And some of...»

«2015 SCORECARD PROGRESS REPORT March 2016 Division of Housing Mission and Goals Division of Conservatorship Page Footer Office of Minority and Women Inclusion 2015 Scorecard Progress Report Table of Contents Introduction Maintain I. Access to Mortgage Credit for Creditworthy Borrowers 3 II. Loss Mitigation and Foreclosure Prevention Activities 9 III. Multifamily Credit Guarantee Business 15 Reduce I. Credit Risk Transfers for Single-Family Credit Guarantee Business 16 II. Credit Risk Transfers...»

«FAIRFAX COUNTY COMPREHENSIVE PLAN, 2013 Edition AREA I Jefferson Planning District, Amended through 6-4-2013 Overview Page 1 JEFFERSON PLANNING DISTRICT OVERVIEW The Jefferson Planning District is located in the eastern section of the county, and encompasses approximately 6,300 acres, which is approximately two percent of the county. The planning district is bounded by the City of Falls Church on the northeast, Leesburg Pike (Route 7) on the north, the Capital Beltway/Interstate 495 (I-495),...»

«Valley Ag Software Newsletter Fourth Quarter 2012 – Number 31 Contents Overview Extended Support Hours World Ag Expo BREDSUM – Colors, Lines and Numbers Additional Options in Protocols (Alter\7) Parlor Summary Trends Now Internal to DC305 Using Types 127, 128, 129 to Reflect Energy-Corrected Milk (ECM) Projections. 7 User Management and Activity Logging Pocket Cowcard Development [From the Programmers’ Corner] Overview As I read over last year’s newsletter, I realize that this year is...»

«Nuevos campos para la innovación: Internet y el comercio electrónico de bienes y servicios Braulio Tamayo Octubre 1999 NUEVOS CAMPOS PARA LA INNOVACIÓN: INTERNET Y EL COMERCIO ELECTRÓNICO DE BIENES Y SERVICIOS ÍNDICE RESUMEN DEL ESTUDIO 7 AGRADECIMIENTOS 27 Capítulo 1. JUSTIFICACIÓN, OBJETIVOS Y METODOLOGÍA 29 1.1 Justificación 1.2 Orientación y objetivos del estudio 1.3 Metodología y resultados Capítulo 2. INTRODUCCIÓN AL COMERCIO ELECTRÓNICO 33 2.1 El concepto de comercio...»

«REVIEW OF THE ECONOMIC IMPACT OF THE RETAIL CAP Report prepared for the Departments of Enterprise, Jobs and Innovation and Environment, Community and Local Government APRIL 2011 Review of the Economic Impact of the Retail Cap Executive Summary i     1. Introduction 1  1.1  Objectives of the study 1  1.2  Structure of the report 2  2. Background 3  2.1  Policy and legislative framework for retail planning 3  2.2  Overview of the current retail caps 4  3. Overview of recent retail...»

<<  HOME   |    CONTACTS
2016 www.theses.xlibx.info - Theses, dissertations, documentation

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.