Wednesday, June 29, 2011

The meaning of open source software and free software

Open source software and free software are different terms for software which comes with certain rights, or freedoms, for the user. Both generally describe the same types of software but the terms serve to distinguish the philosophies of the developers. And it defines by the free software foundation. On the other hand open source is defined by open source initiative, highlights that the source code is viewable to all and that quality software is   developed as a result. Read More

Sunday, June 26, 2011

The Merits of EDI and EDI Standards

There are two types of merits we find during the analysis of EDI. These are as Direct merits and Indirect merits.

Direct Merits:
Shortened ordering time, cost cutting, elimination of errors, fast response, accurate invoicing, EDI payments.

Indirect Merits:
Reduced stock holdings, cash flow, business opportunities, customer lock-in

EDI Standards:
Accredited Standards committee, the American national standards institute served as a guiding body. This is the accepted standard in North America and known as ASCX2. Electronic data interchange for Administrators, commerce and transport. It is United Nations standard used by European community and rest of the world. Read More

Saturday, June 25, 2011

Next Generation Internet Technology


The next generation internet is more updated and faster then this generation internet. The data transferring data will be very quick and file size may be undefined. Currently they have three major initiatives underway- internet2, Abilene and the quilt. The primary goals of internet2 are to; create a leading edge network capability for the national research community, Enable revolutionary internet applications, ensure the rapid transfer of new network services and applications to the broader internet community. Read More

Thursday, June 23, 2011

Data Vulnerabilities for computer Security


Hardware Security is usually the concern of a relatively small staff of computing center professionals. Software security is a larger problem, extending to all programmers and analysts who create or modify programs. Computer programs are written in a dialect intelligible primarily to computer professionals, so a leaked source listing of a program might very well be meaningless to the general public. 


Printed data however can be readily interpreted by the general public. Because of its visible nature, a data attack is a more widespread and serious problem than either a hardware or software attack. Thus data items have greater public value than hardware and software, because more people know how to use or interpret data. 


Typically both hardware and software have a relatively long life. No matter how they are valued initially their value usually declines gradually over time. By contrast the value of data over time is far less predictable or consistent. Initially data may be valued highly. However some data items are of interest for only a short period of time, after which their value declines precipitously. Read More

Tuesday, June 21, 2011

Software Deletion


Software is surprisingly easy to delete. Each of us has, at some point in our carriers, accidentally erased a file or saved a bad copy of a program, destroying a good previous copy. Because of software’s high value to a commercial computing center, access to software is usually carefully controlled through a process called configuration management so that software is not deleted, destroyed, or replaced accidentally. Configuration management uses several techniques to ensure that each version or release retains its integrity.Read More

Monday, June 20, 2011

Briefly Discuss about Vulnerabilities


Hardware Vulnerabilities:

Hardware is more visible than software, largely because it is composed of physical objects. Because we can see what devices are hooked to the system, it is rather simple to attack by adding devices, changing them, removing them, intercepting the traffic to them or flooding them with traffic until they can go longer function. However, designers can usually put safeguards in place.


In particular deliberate attacks on equipment, intending to limit availability, usually involve theft or destruction. Managers of major computing centers long ago recognized these vulnerabilities and installed physical security systems to protect their machines.         

Software Vulnerabilities:

Computing equipment is of little use without the software that users expect. Software can be replaced, changed, or destroyed maliciously, or it can be modified, deleted, or misplaced accidentally. Whether intentional or not, these attacks exploit the software vulnerabilities.


Sometimes the attacks are obvious, as when the software no longer runs. More subtle are attacks in which the software has been altered but seems to run normally. Whereas physical equipment usually shows some mark of inflicted injury when its boundary has been breached the loss of a line of source or object code may not leave an obvious mark in a program.

Sunday, June 19, 2011

What is Confidentiality?


You may find the notion to be straightforward: only authorized people or system can access protected data. Confidentiality is the security property we understand best because its meaning is narrower than the other two. We also understand confidentiality well because we can relate computing examples to those of preserving confidentiality in the world. For example who determine which people or systems are authorized to access the current system? Read More      

Thursday, June 16, 2011

Threats, Vulnerabilities, and control


A computer based system has three separate but valuable components, hardware, software and data. Each of these assets offers value to different members of the community affected by the system. To analyze security we can brainstorm about the ways in which the system or its information can experience some kind of loss or harm. For example we can identify data whose format or contents should be protected in some way.


Vulnerability is a weakness in the security system, for example in procedures, design or implementation that might be exploited to cause loss or harm. For instance a particular system may be vulnerable to unauthorized data manipulation because the system does not verify a users identity before allowing data access.


 A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. To see the difference between a threat and vulnerability, consider the illustration. There are many threats to a computer system, including human initiated and computer-initiated ones.
 

A human who exploits vulnerability perpetrates an attack on the system. An attack can also be launched by another system as when one system sends an overwhelming set of message to another, virtually shutting down the second systems ability to function. How do we address these problems? We use a control as a protective measure.  That is a control is an action, device, procedure, or technique that removes or reduces vulnerability, threat is blocked by control of vulnerability.           

Tuesday, June 14, 2011

Characteristics of Computer Intrusion


Any part of a computing system can be the target of a crime. When we refer to a computing system we mean a collection of hardware, software, storage media, data, and people that an organization uses to perform computing tasks. Sometimes we assume that parts of a computing system are not valuable to an outsider but often we are mistaken. For instance we tend to think that the most valuable property in a bank is the cash, gold, or silver in the vault. But in fact the customer information in the banks computer may be far more valuable.     

Saturday, June 11, 2011

Interrupt Driven I/O


A disadvantage of conditional programmed I/O is the microcomputer needs to check the status bit by waiting in a loop. This type of I/O transfer is dependent on the speed of the external device. For a slow device this waiting may slow down the capability of the microprocessor to process other data. The polled I/O and interrupt I/O techniques are efficient in this type of situation.

Interrupt I/O is a device initiated I/O transfer. The external device is connected to a pin called the interrupt pin on the microprocessor chip, when the device needs an I/O transfer with the microcomputer, it activates the interrupt pin of the microprocessor chip. The microcomputer usually completes the current instructions and saves at least the contents of the current program counter on the stack.   

Tuesday, June 7, 2011

Briefly Discuss about Microprocessor Input/Output


There are three ways of transferring data between the microcomputer and physical I/O devices;

  1. Programming I/O
  2. Interrupt driven I/O
  3. Direct memory Access

The microcomputer executes a program to communicate with an external device via a register called the I/O port for programmed I/O. an external device requests the microcomputer to transfer data by activating a signal on the microcomputer interrupt line during interrupt I/O . in response the microcomputer executes a program called the interrupt service routine to carry out the function desired by the external device again by way of one or more I/O ports. Data transfer between the microcomputer memory and an external device occurs without microprocessor involvement with direct memory access. Read More

Saturday, June 4, 2011

Information about linear decoding method


This technique uses the unused address lines of the microprocessor as chip selects for the memory chips. This method is use for small systems.

The principal advantage of this method is that it does not require any decoding hardware. However this approach has some disadvantages; although with a 16 bit address bus we have 64k bytes of RAM space we are able to interface only 6k bytes of RAM. This means that this idea wastes address space. The address map is not contiguous; rather, it is sparsely distributed.