Use our essay title generator to get ideas and recommendations instantly
The focus of this study is that of database security. Databases and database technology are such that play critical roles in the use of computers whether it be in business, electronic commerce, engineering, medicine, genetics, law, education or other such entities requiring the use of computer technology. A database is quite simply a collection of data that is related such as a database containing customer information, supplier information, employee information, project databases, and the sort. Some databases are small while others are of a great size and quite complex. A database management system is "a general purpose software system that facilitates the processes of defining, constructing, manipulating, and sharing databases among various users and applications." (Oracle Security, 1998, p.1) Defining a database is reported to involve "specifying the data types, structures and constraints of the data to be stored in the database." (Oracle Security, 1998, p.1)
Database Security Best Practices (2012) Applicure Technologies Ltd. Retrieved from: http://www.applicure.com/blog/database-security-best-practice
Developing a Database Security Plan (1998) Oracle Security. Chapter 7. Retrieved from: http://oreilly.com/catalog/orasec/chapter/ch07.html
Murray, MC (2010) Database Security: What Students Need to Know. Journal of Information Technology Education: Innovations In Practice. Vol. 8. Retrieved from: http://www.jite.org/documents/Vol9/JITEv9IIPp061-077Murray804.pdf
Yang, L. 2009. Teaching database security and auditing. Proceedings of the 40th ACM Technical Symposium on Computer Science Education, Chattanooga, TN, USA.
Database Security Plan and equirements Definition for a University Department
The database security plan and requirements definition were developed. The plan included, at the outset, the inclusion of major stakeholder at the University and described their roles in initiating, implementing, and maintaining the plan. Individuals responsible for daily and other periodic tasks were developed. A major consideration in planning the security was the policy that governs granting of access. The need-to-know, combined with the users' roles provided the guiding principles. Physical security, backing up of data and the periodic exercise of restoring data were not overlooked in the plan. Plans were set in place to ensure that attention was paid to the dynamic nature of the document since the security environment must continually change in order to discourage system attackers and to keep pace with the rapidly changing technology.
The Business Environment
We are an entrepreneurial business department in the…
Bond, Rebecca, Kevin Yeung-Kuen See, Carmen Ka Man Wong, and Yuk-Kuen Chan (2007). Understanding DB2 9 Security. Indianopolis: IBM Press.
Bustamante, M., (2008, January 10). Designing Role-based Security Models for .NET. Available: http://www.codeguru.com/csharp/.net/net_security/authentication/article.php/c19575/Designing-Role-Based-Security-Models-for-NET.htm [5 February 2012]
Ferrari, E. (2010). Access Control in Data Management Systems. Varese: Morgan & Claypool.
Haigh, J.T. (1987). Modeling Database Security Requirements. In C.E. Landweir (Ed.) Database Security: Status and Prospects (pp. 45-66). Amsterdam: Elsevier.
With optimistic concurrency control, the database checks resources to determine if any conflicts have occurred only when attempting to change data. If a conflict occurs, the application must read the data and attempt the change again. Pessimistic concurrency, on the other hand, control locks resources as they are required, for the duration of a transaction. Unless deadlocks occur, a transaction is assured of successful completion
5.5 Audit Tracking
Although auditing does not prevent system attacks, it is a vital aid in identifying intruders, attacks in progress, and to diagnose attack footprints (Meier, Mackman, Dunner, Vasireddy, Escamilla and Murukan). It is important to enable Windows operating system level auditing and SQL Server login auditing. SQL Server also offers an auditing capability that complies with the U.S. Government C2 certification. C2 level auditing provides substantially more audit information at the expense of increased disk storage requirements.
SQL Server 2005 will…
Ambler, S. (2004, April 1), "Concurrency Control," Available:
http://www.agiledata.org/essays/concurrencyControl.html#Collisions (Accessed 2005, January 5).
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/tsqlref/ts_ba-bz_35ww.asp (Accessed 2005, January 5).
Database designers and administrators can work concomitantly with it professionals and researchers to implement the security measures necessary to mitigate risks to data.
I have been a database user at my company for a number of years. As such, I am allowed access from only a limited number of locations; one static connection at home, one at work, and one laptop connection that I carry with me when traveling. Each connection has its own password, which is updated on a daily basis. I create the passwords myself, and nobody else has access to these. The it department has provided me with training in optimizing the strength and security of my passwords. ecurity at my company is extremely important, as data leak could for example lead to a compromise of our competitive edge.
Chapple, Mike. Database ecurity: A Fine Balance Between Roles and Rights. About.com http://databases.about.com/od/security/a/databaseroles.htm
Chapple, Mike. QL Injection…
Chapple, Mike. Database Security: A Fine Balance Between Roles and Rights. About.com http://databases.about.com/od/security/a/databaseroles.htm
Chapple, Mike. SQL Injection Attacks on Databases. About.com. http://databases.about.com/od/security/a/sqlinjection.htm
Strengths vs. Weaknesses
The article 2007 Survey on Database Security; highlights the most pressing issues that could be facing an organization (someone from within who could have access to the data). Where, this strength points out a situation that many it managers are overlooking. However, the weakness of the article is that it points out the problem, while at the same time saying there is no effective solution. In many ways this is the equivalent of point out a fire and then not having the tools to put it out. (Ponemon, 2010)
The article How to Secure Sensitive Data in a Cloud Environment; highlights how many businesses are turning to virtual networks to perform many functions. The biggest strengths of the article are: the overall dangers it points with this type of it protocol and how an organization can address these issues. The main weakness of the article is that…
Markovich, S. (2010). How to Secure Sensitive Data in a Cloud Environment. Retrieved May 14, 2010 from E. Week website: http://www.eweek.com/c/a/Cloud-Computing/How-to-Secure-Sensitive-Data-in-Cloud-Environments/
Ponemon, L (2007). 2007 Survey on Database Security. Retrieved May 14, 2010 from Appsec Inc. website: http://www.appsecinc.com/techdocs/whitepapers/2007-Ponemon-Database-Security-Study-Sponsored-by-Application-Security-Inc.pdf
Database Security Case Study
Database Security: Case Study
The objective of this study is to answer specific questions following have read the case study which is the focus of this work in writing including naming the concepts which are illustrated in the case study and why a customer database is useful for companies related in the case study under review. This work will additionally answer as to what would occur if the companies did not keep their customer data in databases. Secondly this study will determine the effectiveness of the SAS statistical modeling software that is described in the case study and will answer as to how better data management and analytics improve each company's business performance and provide two examples of improvement realized through mining customer databases. This study will additionally describe some of the weak points of predictive analytics and answer as to what management, organization, and technology…
Asking the Customer by Asking the Database: Case Study (nd) Chapter 6 -- Foundations of Business intelligence; Databases and Information Management.
Eckerson, WW (2007) Predictive Analytics: Extending the Value of Your Data Warehousing Investment. TDWI Best practices report. Retrieved from: http://www.sas.com/events/cm/174390/assets/102892_0107.pdf
Effective Response Modeling (2014) SAS.com. Retrieved from: http://www.sas.com/success/pdf/ing.pdf
Fule, P. (2004) Detecting Privacy and Ethical Sensitivity in Data Mining. Researchgate. Retrieved from: www.researchgate.net/...Ethical...Data_Mining.../3deec51f7...
Design citeia exist at the levels of the technical, system integation aspects of the database to othe systems though XML. This integation is citically impotant to ensue that the applications ceated can be effectively used ove time and not have any scalability issues. Thee is also the need fo designing the databases at the pesentation laye to povide fo scalability and flexibility of being able to ceate applications elatively quickly at the potal level. This is especially impotant fom a Business Pocess Management (BPM) standpoint as databases must be able to suppot the vaious pocess wokflows as defined as pat of business pocess e-engineeing effots ove time. Thee is also the need fom a design standpoint to have a continued development initiative going to captue use needs ove time and include them into the next geneation of database updates. The use of councils to ceate update plans and define the…
references and real-time workload in information services. Information Systems Research, 11(2), 177-196.
Pangalos, George (1994). A tutorial on secure database systems. Information and Software Technology, 36(12), 717.
Gerald Post & Albert Kagan (2001). Database management systems: Design considerations and attribute facilities. The Journal of Systems and Software, 56(2), 183-193.
Ji Ma, Mehmet A Orgun. (2008). Formalising theories of trust for authentication protocols. Information Systems Frontiers, 10(1), 19-32.
Reagan, J., & Rowlands, I.. (2007, January). Key Technologies Enabling a Seismic Shift in Enterprise Data Management. Business Intelligence Journal, 12(1), 17-25.
y grouping related database queries into transactions, DMS systems can guarantee that each transaction satisfies the ACID properties: Atomicity, Consistency, Isolation, and Durability. However, if a database application is decomposed into transactions in an incorrect manner, the application may fail when executed concurrently.
Concurrency control deals with the issues involved with allowing multiple people simultaneous access to shared entities (Ambler, 2004). A collision occurs when two activities, which may or may not be full-fledged transactions, attempt to change entities within a system of record. A database administrator can either devise ways to avoid collisions or detect and then resolve them. Transactions are collections of actions that potentially modify two or more entities. The easiest way for an application to implement transactions is to use the features supplied by the database. Transactions can be started, attempted, then committed or aborted via SQL code. Also, database APIs such as Java Database Connectivity…
Ambler, S. (2004, April 1). Concurrency Control. Retrieved November 27, 2004 from Agile Data Web site: http://www.agiledata.org/essays/concurrencyControl.html#Collisions
Database Administrator. Retrieved November 27, 2004 from TechTarget Web site: http://searchdatabase.techtarget.com/sDefinition/0,sid13_gci214169,00.html
Database Management System. Retrieved November 27, 2004 from TechTarget Web site: http://searchdatabase.techtarget.com/sDefinition/0,sid13_gci213669,00.html
Database Security and Administration (2001). Retrieved November 27, 04 from Web site: http://www.urgrgcc.edu/shastri/.%5CDatabase%20Course%5Cdb1-2a.htm
Databases in the Work Place
We are in the information age and the effective management of data is paramount in almost all aspects of our life. All businesses today thrive on the availability of vast pool of data pertaining to their domain and thus databases constitute an indispensable aspect of all businesses. Having access to a huge database and the intelligent interpretation of the data therein holds the key to business success. I am working as a database engineer for "Intelligent Email Solutions," a company which specializes in offering email based intelligent customer relationship management solutions. Let us have a brief overview of the use and the importance of databases in our company.
Our clientele are big corporations like Nike, Citibank, ANZ Grindlays, Jc penny etc. We provide automated email-based customer relationship management using our novel 'semantic engine' which scans through thousands of customer emails and categorizes them and…
These laws also emphasize that obtaining such personal information and how it will be used should be made with the individual's knowledge and consent. Moreover, individuals also have the additional rights of viewing, correcting, and deleting the information pertaining to them. ut do we really have access to all information that is being taken from us? We can never tell and we might end waking up one day being accused by actions we haven't taken or worst waking up with a different identity.
II. Security of the Data Gathered
Database Systems are designed and programmed by no less than humans. Securing these databases involves the protection against unauthorized disclosures, alteration and destruction. Security that focuses on stopping people without database access from having any form of access at all and stopping people with access to perform any data manipulation that are not part of their duties or not included in…
ALR (Feb 06, 2006) Regulation of Data Brokerage Retrieved June 03, 2006 at http://courseblog.cs.princeton.edu/spring06/wws528f/?author=15
Computer Underground Digest #6.27 (Mar 27, 1994). Retrieved June 03, 2006 from "Ethical issues in hacking and piracy"
Data Protection Act 1998. Retrieved June 03, 2006 at http://www.opsi.gov.uk/ACTS/acts1998/19980029.htm
Right of self-decision, self-control on one's own personal information" Retrieved June 03, 2006 at http://rights.jinbo.net/english/privacy.html
Databases and their relational file structures have also progressed to the point of being open in architectural structure enough to allow for real-time updates via XML calls and integration points throughout individual and shared files (oth, Hernandez, Coulthard, Yan, et al., 2006). This open architecture-based approach to XML integration is also making databases ideally suited for transaction-intensive environments throughout e-commerce websites and throughout complex transactions involving multiple selling partners through a supply chain as well (Smyrlis, 2005). As a result, databases are the foundation of distributed order management, enterprise content management, enterprise resource planning (EP) and Customer elationship Management (CM) systems.
Databases and Security
Databases in organizations and governments often hold the most confidential data that exists and therefore need to be protected extremely well. The dominant standard for database security is ACID (atomicity, consistency, isolation, durability) compliance (Dolgicer, 1993). When an ACID test of compliance is completed on a…
Dolgicer, Max (1993, June). The ACID test for distributed transactions. Data Communications, 22(9), 25.
Araby Greene (2008). Managing subject guides with SQL Server and ASP.Net. Library Hi Tech, 26(2), 213-231.
Margo Hanna (2004). Data-mining algorithms in Oracle9i and Microsoft SQL Server. Campus - Wide Information Systems, 21(3), 132-138.
Ken Krizner. (2002, May). Turning inventory into profits. Frontline Solutions, 3(5), 16-20.
Database Administrator, Manager of IT, and the value of a college education
As a result of swift distribution of computers and information technology, a necessity for well trained workers to design and promote new hardware and software systems and to integrate new technologies. These workers comprises of computer systems analysts, database administrators, and computer scientists. Based on the choices and procedures of employers and on development of new areas of specialization or alterations in technology, the job responsibilities and professional titles relating these workers change quickly. An ever-increasing level of talent and education from the employees is demanded by the speedily shifting technology. Organization's expectation on professionals is broadening from wholesome technical knowledge to communication and other interpersonal skills. Hence, workers who can manage various tasks are in great need.
Though employers favor workers with technical degrees, persons with degrees in a range of majors also get employment in these…
Allen, Gemmy. (1998) "Managerial Roles" retrieved from http://ollie.dcccd.edu/mgmt1374/book_contents/1overview/managerial_roles/mgrl_roles.htm Accessed on 7 May 2005
"Career guide for Database Administrator" retrieved from http://jobs.state.va.us/careerguides/DataBaseAdmin.htm Accessed on 7 May 2005
"Computer Database Analysts & Administrators" (5 May, 2005) Retrieved from http://www3.ccps.virginia.edu/career_prospects/briefs/A-D/DatabaseAdmin.shtml Accessed on 7 May 2005
"Computer Systems Analysts, Database Administrators, and Computer Scientists" (May 18, 2004) U.S. Department of Labor: Bureau of Labor Statistics. Retrieved from http://www.bls.gov/oco/ocos042.htm Accessed on 7 May 2005
The authors have expertise with Oracle databases and use examples from the enterprise products this software vendor provides to make their point regarding security of highly distributed networks. One of the more valuable aspects of this specific paper is the focus on how to create a multilevel secure environment in an enterprise. The authors have done enterprise-level database security work in their careers and this article and research communicate their expertise clearly.
In the article Data Security: A Security Implementation for elational Database Management Systems (Nilakanta, 1989) the author contends that information architectures must rely on a stable database management system (DBMS) to scale securely and reliably across an enterprise. The author provides insights into several different security procedures and approaches to defining a secured operating environment for enterprise-wide DBMS implementations and use. There are also guidelines for defining security clearances and recommendations on hwo best to use encryptions for…
Feeney, T.R. (1986). Security issues and features of database management systems. Information Age, 8(3), 155-155.
Fulkerson, C.L., Gonsoulin, M.A., & Walz, D.B. (2002). Database security. Strategic Finance, 84(6), 48-53.
Harris, D., & Sidwell, D. (1994). Distributed database security. Computers & Security, 13(7), 547-547.
Nilakanta, S. (1989). Data security: A security implementation for relational database management systems. Computers & Industrial Engineering, 17(1-4), 415-415.
1. In a civil action, how can a claim of negligent hiring have a greater chance of succeeding?
Jurisdictions have been increasingly putting laws in place pertaining to what makes organizations a potential target for a lawsuit on negligent hiring. Though in most instances, claims of negligent hiring may be effectively fended off, it proves increasingly tricky in the following cases:
· If the individual harming or injuring another is an employee of the company.
· If the employee is found guilty of harming, injuring or doing any damage to the complainant.
· If the organization was aware of, or ought to have been aware of, the employee’s tendency to inflict harm or injury.
· If the organization was inattentive when hiring the individual and failed to carry out a proper background check which could have identified the individual’s tendency to cause harm to clients or colleagues (McCrie, 57-60).…
Databases and egulatory Compliance Challenges
The advent of technology has increased the popularity of database usage in firms, yet the legislation regulating the field has yet to be finalized. The changing nature of the IT sector, coupled with the legislative traits, creates several situations in which the companies find it difficult to comply with the regulations. This paper recognizes some of those difficulties, and also proposes some solutions.
egulatory challenges for databases
No sector in the modern day society evolves as rapidly as the technologic domain. And the innovations developed at this level come to impact all aspects of life, from the spending of the leisure time to the completion of the most challenging professional tasks.
The applications of technology within the contemporaneous society are numerous and complex, one specific example in this sense being represented by superior capabilities for data management. The management of the information integrates the…
Rouse, M. (2006). Database. Search SQL Server. http://searchsqlserver.techtarget.com/definition/database accessed on October 23, 2012
Thomas, J. The advantages of using a database. Life123. http://www.life123.com/technology/computer-software/database-software/advantages-of-using-a-database.shtml accessed on October 25, 2012
(2006). Regulatory compliance and database management. Sandhill Consultants. http://www.sandhillconsultants.com/whitepapers/regulatory_compliance_and_database_management_whitepaper.pdf accessed on October 26, 2012
(2012). Database regulatory and compliance issues. Altius IT. http://www.altiusit.com/files/articles/articlewpdatabase.htm accessed on October 25, 2012
Security Plan: Pixel Inc.
About Pixel Inc.
We are a 100-person strong business dedicated to the production of media, most specifically short animations, for advertising clients worldwide. Our personnel include marketing specialists, visual designers, video editors, and other creative staff.
This security plan encompasses the general and pragmatic characteristics of the security risks expected for our business and the specific actions that aim to, first and foremost, minimize such risks, and, if that's not possible, mitigate any damage should a breach in security happen.
The measures to be taken and the assigned responsibilities stated in this document apply to all the departments that make up the company. Exemptions can be given but will be only under the prerogative of the CEO under the consultation of the Chief Security Officer that will be formally assigned after the finalization of this document. Otherwise, there will be no exception to the security…
Internet Securit Alliance. (2004). Common sense guide to cyber security for small businesses. Retrieved from: http://www.ready.gov/business/_downloads/CSG-small-business.pdf .
Microsoft. (2004). Step-by-step guide to securing Windows XP Professional in Small Businesses. Retrieved from: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9faba6ed-2e9c-44f9-bc50-d43d57e17078 .
Noriega, L. (24 May 2011). Seven Cyber Security Basics Every Small Business Needs. Retrieved from: http://www.openforum.com/articles/7-cyber-security-basics-every-small-business-needs .
Teixeira, R. (4 June 2007). Top Five Small Business Internet Securit Threats. Retrieved from: http://smallbiztrends.com/2007/06/top-five-small-business-internet-security-threats.html .
These personal productivity systems also tend to be islands of customer data that need to be integrated into larger customer information systems to be effective (Zahay, 2008). Enterprise-class DBMS are capable of integrating to broader process workflows due to their underlying technical design. In addition, these DBMS are often used for more advanced customer strategies including data mining, business analytics of customer bases, and the development of long-term loyalty campaigns. All of these types of analysis are not possible on the personal productivity class of databases. The limitations of enterprise DBMS however are the their cost for implementing in larger companies, and the need for training users how to use the many functions in these databases.
Daniel E. O'Leary (2008). Supporting decisions in real-time enterprises: autonomic supply chain systems. Information Systems and eBusiness Management, 6(3), 239-255. etrieved May 8, 2008, from ABI/INFOM Global database. (Document ID: 1475085461).
Daniel E. O'Leary (2008). Supporting decisions in real-time enterprises: autonomic supply chain systems. Information Systems and eBusiness Management, 6(3), 239-255. Retrieved May 8, 2008, from ABI/INFORM Global database. (Document ID: 1475085461).
Debra Zahay (2008). Successful B2B customer database management. The Journal of Business & Industrial Marketing, 23(4), 264-272. Retrieved May 8, 2008, from ABI/INFORM Global database. (Document ID: 1464150941).
Compare and contrast Microsoft Access, Microsoft SQL Server, DB2, and Oracle database programs
Providers: Microsoft Corporation provides Microsoft Access and SQL Server, Oracle by Oracle Corporation and DB2 is a product of IBM.
Brief about each:
MS Access: Microsoft Access is a database, which comes bundled in Microsoft Office Products. Access is fully compatible with Active Server Pages (ASP) scripting. Database programs such as Access (sometimes called Relational Database Management systems or RDBMS) are used to store information, often large amounts of information. It can be used as a flat-file database (using a single table) or a relational database (using more than one table linked together). Access database applications can be produced for a large number of database situations including financial and scientific data - with excellent results. Access comes equipped with Wizards, which help the novice to create tables, forms, queries and reports. A complicated relational database…
The longest SQL statement in Oracle is of 16,777,216 bytes, 65,536 bytes (Network packet size 4 KB, by default) in SQL Server, approximately 64,000 bytes in MS Access whereas in DB2 it is of 65535 bytes. Microsoft Access 2000 falls into the desktop category and works best for individuals and workgroups managing megabytes of data. In comparison with SQL Server 2000, Access uses file-server architecture, rather than client-server architecture. Access 2000 has many restrictions in comparison with SQL Server 2000 and cannot be used in the case you want to build stable and efficient system with many concurrent users
It is very difficult to compare all the four on a same platform. It is not true that Oracle 9i Database is better than DB2 Universal Database v8.1 or vice versa. Both products can be used to make stable and proficient systems and the stability and effectiveness of your applications and databases depend rather upon the experience of the database developers and database administrator than the database's provider. It all depends on the use and requirements. If the need is to make a scalability, security, and robustness system, you should use SQL Server instead of Access. Because Access 2000 does not support atomic transactions, it does not guarantee that all changes performed within a transaction boundary are committed or rolled back. SQL Server is integrated with Windows NT security, but Access is not. Access 2000 databases cannot be restored to the point of failure, when SQL Server databases can be. This makes administering Access 2000 databases more expensive than administering SQL Server 2000 databases. So, you should use Access 2000 database, only when you need to store a small amount of data in a single user (or few users) environment, or when you have very low resources, such as memory or disk. In other case, use MSDE or SQL Server. Similarly we can't compare SQL Server 2000 with DB2 Universal Database v8.1 or vice versa. Both products can be used to build stable and efficient system and the stability and effectiveness of your applications and databases depend rather from the experience of the database developers and database administrator than from the database's provider. But SQL Server 2000 has some advantages in comparison with DB2 Universal Database v8.1 and vice versa.
Database Data Warehouse Design
Our company, Data Analytic Limited, specializes in collecting and analyzing data for various organizations. Over the years, we have assisted various companies to turn raw data into valuable information that assists the companies in making effective decision profitable in the short and long run. Our research and data analytics are geared towards giving extra edge to various companies. Our services include processing and analyzing terabytes of data to provide customer meaningful information for business decision and enhance competitive market advantages. ecent growth of our company necessitates the needs to design and develop data warehouse that will accommodate large volume of customer data.
Objective of this project is to design and develop the data warehouse for our company.
Importance of Data Warehousing for our Organization
Comprehensive portfolios of our business include Business, Market, and Financial research, Data processing services and Domain based analytics. While the relational database…
Hillard, R. (2010). Information-Driven Business. UK. Wiley.
Microsoft (2012).Data Warehousing | Microsoft SQL Server 2012. Microsoft Corp.
Patil, P.S., Srikantha, R., Suryakant, B.P. (2011). Simplification in the Reporting and Analysis Optimization of the Data Warehousing System:, Foundation of Computer Science, 9 (6): 33 -- 37.
Rostek, K. (2010). Data Analytic Processing in Data Warehouses. Foundations of Management, 2(1), (2010), 99-116.
Finally, the company uses Microsoft applications for expanding its business opportunities by providing quick information about customer requests.
ight now, the company is growing and it finds itself overwhelmed with growing information needs from customers and their increasing transactions. The company is realizing that to meet the needs they will need to update their software to meet the future needs of the business. The company is also recognizing that presently the applications that the company is using are full of security holes. Anyone can browse and download confidential data about customers and their transactions (McFadden, Hoffer, and Prescott, 1999). The company is taking adequate steps to improve these security gaps. For example, the company has featured Microsoft Access on a LAN rather than the personal computers. By doing so, the company makes it sure that before anyone can look customer and their transaction data, they need to use a password…
Kroenke, D. (2003). Database Concepts. NJ: Prentice Hall.
McFadden, F., Hoffer, J., and Prescott, M (1999), Modern Database Management, NJ: Addison-Wesley.
The most appropriate products that could be used by MMC to achieve this objective would be: IP San and a Snap Lock. An IP San is a fiber optic channel that can provide secure real time data to each location. Where, software and security applications can be adapted to the current system that is being used. The Snap Lock is: a security software that can be used to provide an effective way for each location to retrieve, update and change information.
Support for why these procedures and products are the optimal approach for this organization
The reason why these different procedures and products were selected was: to reduce the overall risk exposure of the company's external threats. The current system that is being used by MMC increases risks dramatically, by having a number of different systems, where financial information is stored. If any one of these systems is vulnerable, there…
IP San (2010). Retrieved May 27, 2010 from Net App website: http://www.netapp.com/us/products/protocols/ip-san/ip-san.html
Snap Lock Compliance and Snap Lock Enterprise Software. (2010). Retrieved May 27, 2010 from Net App website: http://www.netapp.com/us/products/protection-software/snaplock.html
Mason, J. (2010). How to Bullet Proof Your DR Plan. Retrieved May 27, 2010 from Net App website: http://www.netapp.com/us/communities/tech-ontap/tot-data-recovery-plan-0908.html
For example, a straightforward database of customer names for a company is searched with relative simplicity. The names may be retrieved according to beginning letters or other important data (such as item purchased). But for a database of full-text magazine articles, the user will need to search according to name, title, publication, and keywords, among other features. The database will not be able to perform adequately without such usability factors. Even if a database is 'fast' in terms of how it returns queries, the queries must be of use to the searcher.
When developing the infrastructure, a data management system is required to operate the databases, store the information, back up the data, and enforce security. If users are entering sensitive information, password protection and encryption is also essential. The hardware and software used must be adequate to support the needs of the system. And the ease of data entry…
Application performance factors. (2010). MSDN. Retrieved October 5, 2010 at http://msdn.microsoft.com/en-us/library/aa266496%28VS.60%29.aspx
Factors affecting performance. (2010). Dev2Dev. Retrieved October 5, 2010 at http://otndnld.oracle.co.jp/document/products/wlp/docs81/perftune/2pfactors.html
Lambert, Diana. (2010, September 23). California's ailing $34 million student database. The San
Francisco Chronicle. Retrieved October 5, 2010 at http://www.sacbee.com/2010/09/23/3050167/californias-ailing-34-million.html#ixzz11Vt57bmq
Database System in a Retail Environment
We are in a world of information boom and efficient management of data holds the key for success in this new business environment. The world of Internet has opened new vitas for corporations to take their business into a global level. Data management is at the center of all business applications and database systems are the very core of this new business perspective. Database systems have helped us take a huge stride in our ability to collect, interpret, and even assist in our decision making process. In short we can say that database management systems have bought a paradigm shift to our mode of business and have evolved from being simple store houses of data to more complex and highly efficient business decision making tools. Let us take Wall-Mart, the giant retailer as our case study and how the company profited from the implementation…
Author not available, "Wal-Mart Deploys Data Mining Software." Accessed on 4th March, 2003
Phillip Greenspun, "Data Warehousing," Accessed on 4th March 2003, http://philip.greenspun.com/sql/data-warehousing.html
Tom Chester, "Database Sizes," Accessed on 4th March 2003. http://sd.znet.com/~schester/facts/database_sizes.html
This researcher rejects the existence of online communities because computer mediated group discussions cannot possibly meet this definition. Weinreich's view is that anyone with even a basic knowledge of sociology understands that information exchange in no way constitutes a community.
For a cyber-place with an associated computer mediated group to be labeled as a virtual settlement it is necessary for it to meet a minimum set of conditions. These are: (1) a minimum level of interactivity; (2) a variety of communicators; (3) a minimum level of sustained membership; and (4) a virtual common-public-space where a significant portion of interactive computer mediated groups occur (Weinreich, 1997). The notion of interactivity will be shown to be central to virtual settlements. Further, it will be shown that virtual settlements can be defined as a cyber-place that is symbolically delineated by topic of interest and within which a significant proportion of interrelated interactive computer…
Al-Saggaf, Y. & Williamson, K. Online Communities in Saudi Arabia: Evaluating the Impact on Culture Through Online Semi-Structured Interviews. Volume 5,
No. 3, Art. 24 - September 2004
AnchorDesk Staff. (2000). Sign of Trouble: The Problem with E-Signatures.
Retrieved April 9, 2005, from ZDNet AnchorDesk Web site: http://reivews- zdnet.com.com/AnchorDesk/4630-6033_4204767.html?tag=print
Security on Commercial Flights
Describe two (2) lapses in pre-flight security that contributed to the ease of the hijacking operation on September 11, 2001
Following the terrorist attacks of September 11, 2001, the United States of America evaluated the security of the commercial Airline Industry. Major security lapses gave way for terrorists to board commercial flights, which finally led to the aircrafts' hijacking and demise.
The first lapse that contributed to terrorist attack is President Bill Clinton's ignorance. U.S. administration under the leadership of President Bill Clinton ignored warning signs that Osama bin Laden and al Qaida organization was planning a terrorist attack on United States. Osama Bin Laden claimed responsibility of various attacks on U.S. Militaries deployed in various countries, such as Sudan and Soviet Union aimed at fighting the rising terrorist groups (Oliver, 2006).
The failure of the Intelligence Community is another lapse that contributed to the attack.…
Oliver, W. (2006). Homeland security for policing (1st ed.). Upper Saddle River, NJ:
A system possesses authenticity when the information retrieved is what is expected by the user -- and that the user is correctly identified and cannot conceal his or her identity. Methods to ensure authenticity include having user names and secure passwords, and even digital certificates and keys that must be used to access the system and to prove that users 'are who they say they are.' Some highly secure workplaces may even use biological 'markings' like fingerprint readers (Introduction, 2011, IBM).
Accountability means that the source of the information is not anonymous and can be traced. A user should not be able to falsify his or her UL address or email address, given the requirements of the system. "Non-repudiation is a property achieved through cryptographic methods which prevents an individual or entity from denying having performed a particular action related to data... Through the use of security-related mechanisms, producers and…
Introduction to z/OS Security. (2011). IBM. PowerPoint. Retrieved September 27, 2011 at http://www-03.ibm.com/systems/resources/systems_z_advantages_charter_security_zSecurity_L1_Security_Concepts.ppt
Why is information security important? (2011). Security Extra. Retrieved September 27, 2011 at http://www.securityextra.com/why-is-information-security-important.html
(%) Cross Site Scripting (XSS) errors -- by far the most common strategy hackers use to gain access to the source code of websites and the databases supporting them is to use a technique called cross-site scripting (Brodkin, 2007). Actively monitoring the percentage of XSS errors over time can determine patterns of when hackers attempt to gain access to a website's source code, database links, pricing and e-commerce systems. This is one of the most often used metrics in security dashboards used for monitoring Web-based applications and multisite installations.
(%) Incidence and Trending of Buffer Overflow Injection Flaws -- This is most commonly associated with attempts to gain access to SQL databases supporting a website by forcing a buffer overflow condition (Brodkin, 2007). This is one of the most effective hacking strategies there are as it forces a system to fail and allow access.
(%) Authentication Soft and Hard Errors…
Brodkin, J.. (2007, October). The top 10 reasons Web sites get hacked. Network World, 24(39), 1,16-17,20.
Su, M., Yu, G., & Lin, C.. (2009). A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach. Computers & Security, 28(5), 301.
Xiong, K., & Perros, H. (2008). Trustworthy Web services provisioning for differentiated customer services. Telecommunication Systems, 39(3-4), 171-185.
Even though there is always some form of a risk involved in the coding technique together with the deployment methods of a website, some technologies such as PHP and MySQL form some of the worst aggravators of online website security. The loopholes that exists in the use of these technologies results in some of the worst hack attacks and security breaches ever experienced in the field of web design. The internet is bustling with a lot of activities. Some of the activities that are officiated over the internet are very sensitive due to both the nature of the information exchanged or even the information stored in the database.
It is paramount that websites be provided with secure and personalized databases. One inevitable fact however is that once a site is deployed on the internet, it becomes a resource to be accessed by everyone as postulated by Kabir
Secure website development…
Bloch, M (2004). "PHP/MySQL Tutorial - Introduction." ThinkHost. .
Friedl, J (2002). Mastering Regular Expressions, Second Edition. Sebastopol, CA: O'Reilly & Associates Inc., 2002.
Kabir, MJ (2003) Secure PHP Development: Building 50 Practical Applications.
Indianapolis, in: Wiley Publishing, Inc.
Security Audit for FX Hospital EH/EM Systems
The study carries out the security audits for the FX Hospital EH/EM information systems to identify the vulnerabilities in the systems. The study uses the BackTrack as an auditing tool to penetrate the website, and outcomes of the auditing reveal that the website is not secure and can be subject to different vulnerabilities. After carrying out the auditing, the study is able to collect as much patients' data as possible revealing the website can be subject to vulnerable attacks. One of the vulnerabilities identified is that the website UL starts from HTTP showing that an attacker can easily break into the website and collect sensitive information. Moreover, all the data in the website are not encrypted making them easy for an attacker to collect patients' data.
By consequence, the FX Hospital can face lawsuits for failing to protect patients' data because if patients'…
Abdel-Aziz, A. (2009). Intrusion Detection & Response - Leveraging Next Generation Firewall Technology. SANS Institute.
Burr, W. Ferraiolo, H. & Waltermire, D. (2014). IEEE Computer Society. NIST and Computer Security.
Chadwick, D. (2012). Network Firewall Technologies. IS Institute, University of Salford.
Mell, P.Bergeron, T. & Henning, D.(2005).Creating a Patch and Vulnerability Management Program. National Institute of Standards and Technology (NIST).
Security Failures and Preventive Measures
Summary of the Case
The Sequential Label and Supply company is a manufacturer and supplier of labels as well as distributor of other stationary items used along with labels. This company is shown to be growing fast and is becoming highly dependent on IT systems to maintain their high end inventory as well as the functioning of their department.
The case started with the inception of a troubled employee who called up the helpdesk agent to resolve the issue he is facing. Likewise, other employees start calling in to launch similar complaints. Later, the technical support help desk employee, while checking her daily emails, accidentally opened an untrusted source file sent from a known work colleague. This led to a number of immediate problems in her network computer which led to her being not able to access the information over the network and the call…
Baker, W. (2007). Is information security under control?: Investigating quality in information security management, Security & Privacy, retrieved October 14, 2011 from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4085592
Chapin, D. (2005). How can security be measured, information systems control journal, retrieved October 14, 2011 from http://naijaskill.com/cisa2006/articles/v2-05p43-47.pdf
McAdams, A. (2004). Security and risk management: a fundamental business issue: all organizations must focus on the management issues of security, including organizational structures, & #8230;, Information Management Journal, retrieved October 14, 2011 from http://www.freepatentsonline.com/article/Information-Management-Journal/119570070.html
There needs to be however more efficiency put into the process of validating just what is personal vs. professional mail, with a more insightful series of policies put in place to define acceptable use of e-mail and communications systems (Breaux, Anton, 2008).
Clearly, being able to guard against personal data of employees being accessed, sold or used in any way needs to have even more stringent rules associated with it (Breaux, Anton, 2008). The fact that so many companies today have their employee database compromised and then selectively sold off to telemarketers, it is clear that higher penalties need to be put into place for it professionals who either have lax security in place to allow this to happen, or unfortunately make the terrible mistake of thinking this is a way to make extra cash. As has been seen from the cases of overt theft of employee data, it has…
Breaux, T., & Anton, a.. (2008). Analyzing Regulatory Rules for Privacy and Security Requirements. IEEE Transactions on Software Engineering, 34(1), 5-20.
Doss, Erini, & Loui, Michael C. (1995). Ethics and the privacy of electronic mail. Information Society, 11(3), 223.
Lautsch, John C.. (1985). Information Privacy and the MIS Manager. The Journal of Information Systems Management, 2(2), 79.
Patel, M.. (2009). The Threat from Within. Risk Management, 56(5), 8-9.
A few of the most notable include: social networking / fake emails and cloud computing. The information from this source is useful, as it is illustrating the current challenges facing the database security of most organizations. (Kark, 2011)
Olzak, T. (2008). Five Steps to Protect Mobile Devices. Tech epublic. etrieved from: http://www.techrepublic.com/blog/security/five-steps-to-protect-mobile-devices-anywhere-anytime/529
The article that was written by Olzak (2008), is talking about specific tools for protecting mobile devices. These include: storing information that is absolutely necessary, protecting the database when it is accessed over public networks, configuring devices to block external spying and encrypting sensitive information. This information is useful, because it is showing how organizations must utilize specific steps to safeguard against new vulnerabilities. (Olzak, 2008)
Tanzy, B. (2011). Security Strategy. Silicon.com. etrieved from: http://www.silicon.com/technology/security/2011/05/12/security-strategy-staff-smartphones-ring-the-changes-39747388/
The article that was written by Tanzy (2011), is discussing the challenges associated with cloud computing and accessing information from databases remotely. This…
Anonymous Hackers Target U.S. Security Think Tank. (2011). Newsday. Retrieved from: http://www.newsday.com/business/technology/anonymous-hackers-target-us-security-think-tank-1.3411610
Department of Defense Strategy for Operating in Cyber Space. (2011). U.S. Department of Defense. Retrieved from: http://www.defense.gov/news/d20110714cyber.pdf
Targeted Cyber Attacks Rise. (2011). Fox News. Retrieved from: http://www.foxnews.com/scitech/2011/04/05/targeted-cyber-attacks-rise-2011-security-experts-say/
Coleman, K. (2011). Digital Conflict. Defense Systems. Retrieved from: http://defensesystems.com/blogs/cyber-report/2011/09/cyberattacks-on-mobile-devices.aspx
Hence, along with database security, it is important that the operating system is also secured from unauthorized access.
Data Security Policy
There are instances when not all information in a database is open for access to a user. Hence, there is the data security policy that controls the level of access a user has. According to Oracle Corporation Online,
Data security includes the mechanisms that control the access and use of the database at the object level. Your data security policy determines which users have access to a specific schema object, and the specific types of actions allowed for each user on the object.
Generally data security is based on how sensitive information is (Oracle Corp.). Important and confidential information is always necessary to be accessible only to a limited number of users.
User Security Policy
This policy defines how users will be allowed to access a database. The most…
Jucan, George. Database Security: Beyond the Password.
Retrieved on June 06, 2005, from Oracle Technology Network. http://www.oracle.com/technology/pub/articles/jucan_security.html
Establishing Security Policies.
Retrieved on June 05, 2005, from Oracle Corporation Online. http://www-rohan.sdsu.edu/doc/oracle/server803/A54641_01/ch19.htm
rich society, database management is an ever-expanding and increasingly important field. This paper discusses databases, database management systems (DBMSs), and their importance in today's society. Additional topics include the need for security, concurrency, and control within database management, as well as the role of the database administrator.
A database can be defined as "a structure that can house information about multiple types of entities, the attributes of these entities, and the relationships among the entities" (St. Edward's University). Databases can contain a wide variety of information. For example, a university database may include information about students, courses and classrooms. Further, this university database may contain significant amounts of information about the relationships between these entities, such as student course enrollment, and the use of classrooms for courses (amakrishnan).
A database management system (DBMS) is "a software product through which users interact with a database" (St. Edward's University). These systems allow…
Mattila, Sakari. 1999. Duties of the database administrator. 16 August 2004. http://www.canberra.edu.au/~sam/whp/dba.html
Ramakrishnan, R. And Gehrke, J. 2002. Database Management Systems 3rd ed. McGraw-Hill Science.
RSA Security, Inc. 2002. White Paper: Securing Data at Rest Developing a Database Encryption Strategy. 16 August 2004. http://wp.bitpipe.com/resource/org_1039183786_34/DDES_WP_0702_bpx.pdfor http://itresearch.forbes.com/detail/RES/1063392757_926.html
St. Edward's University. Access III Outline. 16 August 2004. ttp:/ / www.stedwards.edu/it_dept/computer/hardware_software/pdf/access_three.pdf
Director of Information Security
There is now a need evolving to create a better-sophisticated system of security that can prevent many financial disasters for companies and customers. This becomes necessary because of growing technology and the way the malicious elements have become better at using technology to further their nefarious purposes. Financial institutions also stand a good chance of being the target of the future cyber terrorist. Because of all these changes, the role of the security directors known as the CISCO -- Chief Information Security Officer has become very specialized to the extent that form the rudimentary service it began with, namely the basic IT security administration. It has now encompassed the role of addressing every threat and risk management especially in financial organizations that have large customer bases, ATMs and online banking. It was formerly a necessary periphery service that included just maintenance of firewalls, upgrading antivirus and…
Brenner, Bill. The New CISO: How the role has changed in 5 years. November 02, 2010.
Hoffman, Dennis; Tyminski, Ken. From Financial Services CISO to Chief Information
Management Office: Tackling 360 Degrees of Enterprise Protection. April 26, 2007.
A Brief Critique of Database Security Articles
The focus of both papers to be critiqued is the definition, status, and significance of database security. As many corporations such as Amazon and Google move toward using cloud computing, there is greater concern for the security of information contained within databases. Long before cloud computing (long in technology terms), database security was a primary concern in information technology. The paper will offer insight as to the validity of the arguments presented in each piece as well as significance of the topic in general.
Mashburn states that although companies utilize databases placed on the Internet, most companies are unaware of their databases' security. He claims that companies are prioritizing the convenience of using Internet databases over preventative security measures to keep the data safe. This lack of awareness will ultimately cost companies money. The data may be compromised in some way…
Fountain, Barry William. "Database Security." American Public University System.
Mashburn, Wayne E. "Database Security and Why is it Important?" American Public University System.
Databases and Data Communications
Understanding whether or not the need for a database exist occurs within several types of businesses at all levels. Several professionals have taken time to determine this need in order to improve operations within their operations. These professionals include educational institutions and doctors, as well as insurance companies. Databases are becoming a part of everyday living. There are several things a database can bring to a company which includes, efficiency and the ability to manipulate, input and use information. These benefits provide organizations with powerful decision making tools that aid in onscreen delivery and printed reports. Possessing a database management system is an essential tool in the ability of an organization to retrieve and store mass amounts of data at command. Although the possibility of a database being nothing greater than a time consuming expense, when used properly, a database can be an asset to any…
Business Dictionary, (2012), Decision Support System (DSS), Retrieved from http://www.businessdictionary.com/definition/decision-support-system-DSS.html
Kroenke, D.M. (2012). MIS Essentials (2nd ed.). Upper Saddle River, NJ: Pearson/Prentice
Next, firewalls capable of blocking IP addresses need to be installed and used (Becker, Clement, 2006). The focus on these efforts is just the first phase; there needs to be a monthly audit of IP addresses in the departments where P2P file sharing has occurred to make sure it isn't happening again. This an be accomplished using a series of constraint-based configuration tools that will trap on P2P known client footprints or digital signatures and immediately block them (Hosein, Tsiavos, Whitley, 2003). This technology will also work to isolate any inside IP addresses which attempt to reach P2P client-based download sites and immediately log and block all IP activity for the address. This will make a given IP address inoperable and immediately delete it, which will make any subsequent hacking attempts of the system useless. This is precisely the strategy the U.S. Government is using today to ensure a very…
Bailes, J.E., & Templeton, G.F. (2004). Managing P2P security. Association for Computing Machinery.Communications of the ACM, 47(9), 95-98.
Becker, J.U., & Clement, M. (2006). Dynamics of illegal participation in peer-to-peer networks -- why do people illegally share media files? Journal of Media Economics, 19(1), 7-32.
Hosein, I., Tsiavos, P., & Whitley, E.A. (2003). Regulating architecture and architectures of regulation: Contributions from information systems. International Review of Law, Computers & Technology, 17(1), 85-85.
Controlling IM risks. (2003). Risk Management, 50(7), 6-6.
security and governance program is "a set of responsibilities and practices that is the responsibility of the Board and the senior executives." This is the procedures by which the company ensures information security in the organization. The program consists of desired outcomes, knowledge of the information assets, and process integration (ITGI, 2013). Security of information is important because of the value of information, especially proprietary, in today's business world. The biggest differentiator between governance and IT security is that the latter is about the physical constructs of the IT program but governance incorporates everything include spoken communication so any form of information creation or handling.
The first thing is the desired outcomes. The company has to know what it wants to accomplish with this program. Ideally there is alignment between the information security strategy and the organization's overall strategy. There should be risk management, so understanding the different risk and…
ITGI. (2013). Information security governance. IT Governance Institute. Retrieved November 29, 2013 from http://www.isaca.org/Knowledge-Center/Research/Documents/InfoSecGuidanceDirectorsExecMgt.pdf
Security in Healthcare
The recent advances in technology -- databases that store personal medical records and information -- are bringing tools to patients, doctors and other healthcare professionals that were simply not available just a few years ago. There is hope that eventually, a doctor in Hawaii that is treating a medical emergency for a tourist from Florida, will be able to access the digitally kept medical and healthcare records for that injured tourist. In other words, there will likely be in the foreseeable future a national database -- that perhaps links state databases with each other the way the FBI and local law enforcement agencies are linked -- that will be of enormous benefit to citizens and their healthcare providers.
But before that nationally linked database can become a reality, there are a number of potential problems that need to be ironed out. For example, legislation needs to be…
Dogac, Asuman, and Laleci, Gokce B. (2005). A Survey and Analysis of Electronic
Healthcare Record Standards. ACM Computing Surveys, 37(4), 277-315.
Glaser, John, and Aske, Jennings. (2010). Healthcare IT trends raise bar for information security.
Healthcare Financial Management, 64(7), 40-44.
" (Muntenu, 2004)
According to Muntenu (2004) "It is almost impossible for a security analyst with only technical background to quantify security risk for intangible assets. He can perform a quantitative or qualitative evaluation using dedicated software to improve the security of the information systems, but not a complete risk assessment for the whole information system. Qualitative assessment based on questionnaires use in fact statistical quantitative methods to obtain results. Statistical estimation represents the basis for quantitative models." Muntenu states conclusion that in each of these approaches the "moral hazard of the analyst has influence on the results because human nature is subjective. He must use a sliding window approach according to business and information systems features, balancing from qualitative to quantitative assessment." (2004) qualitative study of information systems security is reported in a study conducted in U.S. academic institutions in the work of Steffani a. urd, Principal Investigator for…
Burd, Steffani a. (2006) Impact of Information Security in Academic Institutions on Public Safety and Security: Assessing the Impact and Developing Solutions for Policy and Practice. Final Report." NCJ 215953, United States Department of Justice. National Institute of Justice, Oct 2006.
Muntenu, Adrian (2004) Managing Information in the Digital Economy: Issues & Solutions Information Security Risk Assessment: The Qualitative vs. Quantitative Dilemma
Full text PDF: http://www.ncjrs.gov/pdffiles1/nij/grants/215953.pdfMunteanu , Adrian (2004) the Information Security Risk Assessment: The Qualitative vs. Quantitative Dilemma. Managing Information in the Digital Economy: Issues & Solutions.
Analysis and Overview of Database ystems in the Enterprise
The pervasive adoption of databases for aggregating, analyzing, parsing, reporting and storing data continues to exponentially increase over time, as the information needs of companies continued to increase. The foundation fo nearly every enterprise-wide system and computing platform includes integration to databases of many types, from object-oriented to relational (Lungu, Velicanu, Botha, 2009). Every Enterprise Resource Planning (ERP) system today relies on databases for product, pricing, costing, production scheduling, service coordination and manufacturing execution task coordination as well (Bremer, Carey, 1987). Databases have become an essential component of every enterprise system in use today, from coordinating supply chains, sourcing, production and tracking customer activity and sales through Customer Relationship Management (CRM) systems (Madduri, hi, Baker, Ayachitula, 2007). Object-oriented databases are pervasively used in Computer-Aided Drawing (CAD) applications as well, given their speed and accuracy in managing geographic and graphic primitives…
Sarkar, S.S. (1989). Architecture and language for a layered relational database. The University of Texas at Dallas). ProQuest Dissertations and Theses,, 145
Toth, K.C. (1980). Distributed database architecture and query processing strategies. Carleton University (Canada)). ProQuest Dissertations and Theses,,
Worboys, M. (1989). Relational databases: A theoretical primer. Information and Software Technology, 31(3), 115-115.
Comparing Microsoft Access, SQL, IBM DB2 and Oracle databases is presented in this analysis, taking into account the key features of ACID Compliance, Data partitioning, interface options, referential integrity, operating systems supported, and support for transactions and Unicode. Each of these factors is initially defined followed by a table comparing them across the database types.
Definition of Comparison Factors
At their most fundamental level, all databases have support for relational data models and the ability to index data through the use of a wide variety of taxonomies or organizational structures (Basumallick, Wong, 1996). elational Database Management Systems (DBMS) however all have the ability to manage transactions with the greatest efficiency given the design of these systems to support multiple transactions at once, running concurrently from each other. The characteristic of an operating system being able to manage thousands of concurrent transactions at the same time is often referred…
Basumallick, Swagato, & Wong, Johnny SK. (1996). Design and implementation of a distributed database system. The Journal of Systems and Software, 34(1), 21.
Tony Politano. (2008). Structured and Unstructured: The What, Why and How of Convergence. DM Review, 18(6), 20.
Stonebraker, M.. (2010). In Search of Database Consistency. Association for Computing Machinery. Communications of the ACM, 53(10), 8.
Despite its clear benefits and advantages in terms of ease of use and cost effectiveness, there are certain risks associated with wireless networking. These risks are discussed further below.
Review of the Literature.
Security Risks Associated with IEEE WLAN 802.11. The applications for wireless communication technology continue to develop and expand; today, at least, the 802.11b is the standard of choice for wireless router communication used with network installation (Gonazles & Higby 2003). "The integrity of the transmitted data is a valid 2.4 GHz. At this wavelength medium, the propagation of wavelength maintains strong connectivity" (Gonzales & Higby 2003, p. 30). The technology of WLANs actually dates back to the mid-1980s; during this period, the Federal Communications Commission (FCC) freed up radio frequency (rf) to the industry. "Initially, this was viewed as a broadcast reception procedure and very little thought went to broadcast transmission" (Gonzales & Higby 2003, p. 30).…
Alexander, Steve. 2004. Computers and Information Systems. In Encyclopedia Britannica Book of the Year [premium service].
Anderson, Robert H., Tora K. Bikson, Richard O. Hundley & C. Richard Neu. 2003. The Global Course of the Information Revolution: Recurring Themes and Regional Variations. Santa Monica, CA: Rand.
Bliss, R. Marion. September 5, 2003. Homeowners Connect to Wireless Fidelity. The Washington Times, p. F29.
Brookshear, J.G. 2000. Computer Science: An Overview. Reading, Mass: Addison-Wesley.
security crisis that is plaguing e-commerce as it transforms into the epitome of global business. It attempts to analyze the possible repercussions of this problem and then put forward various possible solutions to rectify the biggest obstacle limiting the path of e-commerce progress. The ideas and references used in this proposal have been cited from five different sources.
E-commerce has changed the way the world do business, plain and simple. It has single-handedly brought more people, countries, enterprises and governments together to the same world market than all other forms of conducting methods, combined. This name, given to the electronic method of executing business, has made the task of buying every available merchandise exponentially easier and has therefore made all the more products accessible to the general population as well as businesses and industries. The boom in online trade is gaining alacrity and is destined to become the method of…
1) Ghosh, AK, 1st edition - January 21, 1998, E-Commerce Security: Weak Links, Best Defenses, John Wiley & Sons.
2) Raisinghani, M, (editor), January 7, 2002, Cases on Worldwide E-Commerce: Theory in Action (Cases on Information Technology Series, Vol 4, Part 3), Idea Group Publishing
3) Hills, R, 23 April 2003, Key risks to e-commerce security, "My IT Adviser," Retreived on 20th February, 2004, from:
Current Employment Trends and Certification Options for Database Professionals. Monaco Vs US
Current Job Markets and Future Trends Analysis
The current job trends for database professionals indicate that in both countries employment is projected to grow by about 11 percent in the coming 5 years (Kline). This is faster than the average in any other occupation. The driving factor is the ever-increasing data needs of companies within the economy. Data has been seen as the next currency and every company wants to invest heavily in the management and processing of data. According to the (U.S. Bureau of Labor Statistics), DBA professionals are ranked amongst the top 10 professions for the past several years. According to a survey carried out by (U.S. News & World Report), a majority of the current database professionals intend to retire in the next ten years since they are over 55 years. This means that there…
companies such as credit card systems have their backend offices (databases) in India. What are the benefits and risks?
The databasing industry in India is a growing and thriving IT market with credit care companies including Diners Club and Citibank storing their client and potential client information in Indian databases (Vandrevala 15). Clearly, there are extensive benefits from databasing this information offshore. The costs in India are much cheaper, to both develop and maintain complex databases, saving the company finances and labor. In addition, the copyright laws in India have been modified to protect the data, and maintaining ownership of the parent company, rather than the IT company providing services in India. This was a major hurdle to widespread databasing in India, and when the laws were changed, more companies such as credit card companies took advantage of the lower costs in India, and moved their databases offshore. Moreover, the…
Vandrevala, Phiroz. "A Study on the Impact of Protection of Unoriginal Databases on Developing Countries: Indian Experience." WIPO.org. 2002. 9 Feb. 2004. http://www.wipo.org/documents/en/meetings/2002/sccr/doc/sccr7_5.doc
Health-Care Data at Euclid Hospital Security and Control: A White Paper
Protecting Health-Care Data
The efficiency of the modern healthcare system is increasingly becoming reliant on a computerized infrastructure. Open distributed information systems have been initiated to bring professionals together on a common platform throughout the world. It needs to be understood that easy and flexible methods of processing and communication of images; sound and texts will help in visualizing and thereby cure illnesses and diseases effectively. Another aspect is that the easy access and usage can risk patient privacy, accountability, and secrecy associated with the healthcare profession. Therefore, Information Technology -- IT must be able to focus mainly on improving the health of the patient and should not put the patient's health in danger. (IO Press)
This implies that right data has to be made available to the right person at the right time. IT strongly affects the confidentiality…
A WWW implementation of National Recommendations for Protecting Electronic Health
Accessed 21 September, 2005
IO Press. Retrieved from http://www.iospress.nl/loadtop/load.php?isbn=9051992661
"Government representatives are responsive to and reliant upon feedback and suggestions from their constituents" and "the most direct way of impacting a legislator is through a letter-writing campaign. The more letters a legislator receives, the more important the issue becomes" (Keene State College Advocates, 2011).
One of the emerging threats that is now a more commonplace threat is that of cyber security. With technology advancing at a rapid rate, it seems that security is sometimes overlooked. Our society is well-versed in how hackers can hack into e-mail, social networking sites and bank accounts but it is absolutely something that the public needs to be more cautious of. A way to combat cyber threats would be to make sure that the computer is completely secure and use common sense when it comes to certain online transactions. People should band together and use one place to reveal the scams that they may…
Garcia, Mary Lynn. (1997). Emerging threats. Retrieved from http://engr.nmsu.edu/~etti/fall97/security/mlgarcia.html
Keene State College Advocates. (2011, March 09). Write to your legislator. Retrieved from http://kscadvocates.org/write-to-your-legislator/
It therefore assists in identifying network vulnerability and corrects them immediately.
Ferland (2009) noted that Secure Socket Layer (SSL) is a network protocol used in encrypting data so that the information send remains secure until it reaches its destination. It also used in the validation of the identity of the website which is using certificate. It informs the user the authentication of the website and that such a web site as been validated by the third party certificate authority. Both the source and destination of any send data has their own unique keys for encryption. However, the organization would install SSL certificate so that the customers has trust in our website
Digital certificate is describes as an electronic "tag" that shows the credentials of an organization when doing business or any other transaction online. The certificate contains the name of organization, serial number, and expiry date,…
Al-Slamy K., (2008) E-Commerce: Security Challenges and Solutions
Stawowski M., (2007). The Principles of Network Security Design
The Global Voice of Information Security; ISSA Journal | October 2007
Ferland M., (2009). WIPO Customer Certification Authority Information
wireless Web is truly' the next major wave of Internet computing
A its potential for bringing people together and expanding commerce is even greater than that of the wired Internet."
Edward Kozel, board member and former CTO of Cisco systems (AlterEgo, 2000, p. 12)
The integration of the Internet into our modern culture as a driving force behind business, convenience, services and merchandise acquisition has created a new set of desires for modern consumers. The trend started with the ease and availability of services and products being offer4ed through radio and television advertising, and then infomercials and shopping channels. The internet brought the availability to purchase products, goods, and information from our desks and kitchens. Now trough wireless hotspots and wireless devices, society is following their desires toward a marketing distribution channel which motivates them to pay for internet access, and mobile commerce (m-commerce) anytime, anywhere, and instantly. These sets…
AlterEgo (2000). Building the intelligent internet: Making the case for adaptive network services. [www.alterego.com].
Albright, B. (2000). Mobilize this!. Frontline Solutions, May, 28-32.
Bansal, P. (1.1.2001) Smart cards come of age. The Banker.
Barnett, N., Hodges, S. & Wilshire, M. (2000). M-commerce: An operator's manual. McKinsey Quarterly, 3,162-171.
Countermeasures After 911
Without a doubt, September 11th changed a tremendous amount about how we live and about how safe (and unsafe) we feel. These attacks caused enormous changes and countermeasures regarding the way we travel and the way we interact with one another and the way in which we use technology. However, ever since the ten-year anniversary of 9/11 has come and gone, it begs to determine just how much we've changed in the way that we live, examining specific areas of technology, commerce and communication. Consider the following: "In spite of a doubling of the intelligence budget since 2001 to $80 billion, the creation or reorganizing of some 263 government organizations, and the formation of the $50 billion Department of Homeland Security, the government has largely fallen short, the new report notes. The report states that while some progress has been made, 'some major September 11 Commission…
Aclu.org. (2003, August 25). The Five Problems With CAPPS II. Retrieved from Aclu.org: https://www.aclu.org/national-security/five-problems-capps-ii
Alpha.org. (2011, Fall). Aviation Security. Retrieved from alpa.org: http://www.alpa.org/portals/alpa/pressroom/inthecockpit/ALPAIssueAnalysis_10YearsAfter9-11Attacks.pdf
Browne, D. (2009). Flying without Fear: Effective Strategies to Get You Where You Need to Go. New York: New Harbinger Publications.
Elias, B. (2009). Airport and Aviation Security: U.S. Policy and Strategy in the Age of Global. New York: CRC Press.
Terrorist attacks are an ever-growing concern within the United States. Some states have taken a more developed approach to handling potential terrorist threats. Ever since the 9/11 attacks, Florida was the first draft the United States' first comprehensive counterterrorism policies to assist in the protection of Florida's citizens and visitors. Florida's policy was drafted early within the new model of Homeland Security. The policy has various modifications performed over the years. However, a comprehensive evaluation and analysis has not been done since the start. Times change and so has the current list of potential terrorist threats. With new technologies available and the latest weaponries and tactics, Florida must update its Domestic Security Strategic Plan.
The latest strategic plan ran from 2012-2014 with a new one that will cover from 2015-2017. The plan provides important information on what Florida has done and planned on doing in recent times. As well, as…
Fdle.state.fl.us,. (2015). Retrieved 24 March 2015, from https://www.fdle.state.fl.us/Content/getdoc/13b174e9-e137-41b0-98fc-09b846bc8cdb/StrategicPlanandFundingStrategyOctober2001.aspx
Mail Online,. (2015). Florida police detain 3 after terror alert. Retrieved 20 March 2015, from http://www.dailymail.co.uk/news/article-138205/Florida-police-detain-3-terror-alert.html
hat It Takes To Be A Database Administrator
A database can be defined as an organized collection of data, most probably in digitized form. Data is organized within such databases primarily in such a way that it displays and supports the processing of the relevant aspects of the information as it is required by those who use the database. Databases are usually software management systems that are quite complex. The complexity is embedded in these databases to ensure the presence of security, and is also inherent due to the nature or quality of the information they carry, i.e., large amount of important data. [1: Microsoft. "Database Basics." Microsoft Office. March 2012 .]
Nowadays, the utilization of databases is so widespread amongst every sector of the business, that almost every other product, whether small or large, and technology, whether existing or latest, is dependent upon the usage of databases…
Work CitedSpeciss College. ."Database Administrator." 19 March 2010. .Microsoft. "Database Basics." Microsoft Office. March 2012 .Prakken Publications. "Database Administrator?" (n.d.).SFIAPlus. "Database Administrators." British Computer Society (Retrieved 2012-02-06).Staff, Yahoo! Education. "Telecommuting Careers." Yahoo! Education. March 2012 .]
Nevertheless, the role of a Database Administrator is a vital one for his or her employers, as most of the functions in these organizations heavily rely on the successful performance of the duties of a DBA. Although a tough job, this makes them one of the most sought after professionals by enterprises all over the economy, rewarding them accordingly with heavy pay checks for the nature of the work they perform.
Database Deliverables: Wild Wood Apartments
Wild Wood Apartments has relied on individual apartment managers tracking the maintenance, repairs, and renting of the respective units in their assigned buildings. Every quarter, managers are expected to fill out lengthy reports by hand to submit to the central headquarters in San Francisco. However, the process is tedious and often riddled with mistakes, making it clearly inefficient. Managers have been complaining about the inefficiencies of the system, asking the parent company to address their concerns with preparing a centralized database that makes it easier to track and record maintenance and leasing events in real time, thus making data available as events occur and avoiding the lengthy quarterly process of reporting multiple events in a single sitting.
The apartment database will manage maintenance and leasing events in real time. Apartment managers will be able to upload changes to leases, maintenance expenses and events, and…
Building a Database for Use in Scheduling Process
The scheduling of various activities can at the moment be with the help of computer programs that implement the methodology of the critical-path method (CPM) (Choo et al.,2008). The requirements for building a database for use in scheduling process are numerous. For instance, each scheduler must have a separate database for storing information persistently. The server administrator and the application scheduler have the choice as well as location of database to be used. The performance of a scheduler is largely affected by the performance of the chosen database. If more tasks per second are needed then the scheduler daemons can be run on larger and faster systems.
According to Johnson (2004), the requirements for building a database for use in scheduling process include ensuring the following;
The scheduler database and service must be configured have a high level of availability by…
Blaha, M (2005). Referential Integrity Is Important For Databases. Available online at http://www.odbms.org/download/007.02%20Blaha%20Referential%20Integrity%20Is%20Important%20For%20Databases%20November%202005.PDF
Choo, HJ and Tommelein, ID (2008). Requirements abd barriers to adoption of last planner computer tools. Available online at http://cic.vtt.fi/lean/singapore/chooandtommeleinfinal.pdf
Johnson, C (2004). IBM WebSphere Developer Technical Journal: WebSphere Enterprise Scheduler planning and administration guide. Available online at http://www.ibm.com/developerworks/websphere/techjournal/0404_johnson/0404_johnson.html
Design a data model that will conform to the following criteria:
• Propose an efficient data structure that may hold the tour operator's data using a normalization process. Describe each step of the process that will enable you to have a 2nd Normal Form data structure.
The database in question provides sufficient data for operational consistency but the redundancy of certain data impedes the general efficiency of the system in place. Therefore, normalization is a major priority for the tour operating company. Specifically, the database is overburdened by duplicate customer records, each of which is created at the time that a new tour is booked. This denotes that the system is decidedly inefficient in presenting data on the whole of our customer base.
First, we propose the use of framing as a data structure as a way of refining the representation of data. According to the text…
Chapple, M. (2009). Normalizing Your Database: First Normal Form (1NF). About Databases.
Minksy, M. (1974). A Framework for Representing Knowledge. MIT-AI Laboratory Memo 306.
Business Database Technology
The focus of this project is to design a database program for a company called Home Sweet Home that specializes in the management of properties on behalf of owners. The company offers a complete rental service for customers willing to rent furnished properties. The services delivered by the Home Sweet Home include advertising of properties in then local and national press. The company also carries out the interview and organize visit to prospective renters as well as negotiating the lease agreement. Once a customer rent a property, the company assumes the responsibilities of carrying out the regular property inspection.
Entities are the object used to track the database, and each entity is stored in the database. The entity assists in designing the ED (entity relation diagram). This paper identifies the entities that need to be used in the database design for the Home Sweet Home. The…
Hoffer, J.A. Ramesh, V. & Hiekki Topi, H.(2012). Modern Database Management (10th Edition) . Prentice Hall.USA.
Briefing on Security
Board Briefing on Security
Terrorism in Commercial Organizations
Terrorism in Airlines
Current Threats to Aviation
Automation Adds Efficiency
Improving Total Operations
Increased Threats from Advanced Explosives
Threat against Airline Services and Airports
Necessary Steps to Improve Aviation Security
Terrorism is the systematic use of terror. It does not have a legal binding or definition in criminal law. Commonly, it is referred to creation of fear through violence (Townshend, 2002). Terrorism is usually defined and assumed as a group phenomenon (Hofmann, 2012). Terrorism has spread across the globe with its many forms and indicators. The emotional and diplomatic use of the word terrorism has resulted in a difficulty to provide an appropriate definition of terroorism (aman, 2008). esearches have figured out more than hundred definitions of the word. The notion of terrorism is arguable due to two main reasons. Firstly, it is often used by government…
Dyson, W.E. (2012). Terrorism: An Investigator's Handbook. New York: Anderson Publishing.
Friedman, D.M., & Mitchell, C. (2009). Security Measures in the Commercial Trucking and Bus Industries. New York: John Wiley and Sons.
Jain, A. (2013, January 1). Addressing The Insider Threat. Retrieved from Security-today: http://security-today.com/Articles/2013/01/01/Addressing-The-Insider-Threat.aspx
Parr, A. (2009). Hijacking Sustainability. New York: MIT Press.
Mobile Device Security
Analysis of Routing Optimization Security for Mobile IPv6 Networks
Defining and Implementing Mobility Security Architectures
Approaches to defining, implementing and auditing security for mobility devices have become diverse in approach, spanning from protocol definition and development including IPv6 through the creation of secure mobile grid systems. The wide variation in approaches to defining security for mobility devices has also shown the critical need for algorithms and constraint-based technologies that can use constraint-based logic to isolate and thwart threats to the device and the network it is part of. The intent of this analysis is to evaluate the recent developments in constraint-based modeling and network logic as represented by mobile IPv6 protocols and the role trust management networks (Lin, Varadharajan, 2010). These networks are predicated on algorithms that are used authenticating the identity of specific account holders, in addition to defining a taxonomy of the factors that most…
Allen, M. (2006). An IT manager's insight into mobile security. The British Journal of Administrative Management,, 22-23.
Barber, R. (2000). Security in a mobile world - is Bluetooth the answer? Computers & Security, 19(4), 321-325.
Goode, A. (2010). Managing mobile security: How are we doing? Network Security, 2010(2), 12-15.
Komninos, N., Vergados, D., & Douligeris, C. (2006). Layered security design for mobile ad hoc networks. Computers & Security, 25(2), 121-130.