Thursday, September 5, 2019
Internet and Web Services
Internet and Web Services    The internet is a medium with which we can view information from anywhere in the world. Documents from the World Wide Web and various other services such as instant chat, email are available through the internet.  The internet has revolutionized communication and there by its contribution of information sharing. With access to computer and an appropriate connection, anyone can interact with others worldwide. However, the web is designed to exchange unstructured information, while people can read web pages and understand their maning, computers cannot. If corporations want to conduct business over the web, humans have to be involves unless there is a way for computers to communicate on their own.  Web services in Information System:     Web services play a complementary and dominate role in building global information system for todays dynamic usiness world.  Web services are self contained, modular applications that can be describe, published,located and invoked over a network.  Web services performs functions using ranging from simple requests to complicated business processes.  The idea of web services is to leavrage the advantage of the web as a platform to apply it to the services themselves, not just to the static information.  Services refer to components and the services offered that can be used to build larger application services.  Web services make it easier to bulid service based architectures without the applications being locked-in to a particular software vendors product.  Web services have been proven to give a strong return on investors(RIO) and make computer based information system more adaptable. They also help bring productivity, flexibility,and low maintence cost in the ddevelopement of information system by integring components from various third party vendors product.    Benefits of web services for developing information security of global nature are:-    Web services tools are available for most computer system, including mainframes and packaged applications. This means that not only the exisiting application can be retained, but also the exisinting knowledge of staff can be applied and extended using web services for business integration.  Web services are adaptable and can handle changes more readily than other integration solutions, because they use structured text as message format.  IT managers now have the ability to exchange data between most application, on most computers in a consistent and standard way.    Q:-2.How do distributed information systems help the global enterprises?  Solution:-  Distributed development of software and information systems (also named Global Software Development) becomes increasingly common, driven by the globalisation of companies and their business and enabled by new information and communication technologies. Distributed Information Systems Development (DISD) promotes realisation of IS in a collaborative way where several partners, generally situated in distant places, participate in the elaboration of a common solution. The DISD consists in decomposingà  the IS development process into more or les autonomous phases to be realised by these partners.  DISD aims at increasing enterprise productivity, reducing IS development cost, and enlarging the number of human competencies and skills, which allows not only to share experiences in different cultural environments but also to extend enterprise strategy to the global market. In fact, this kind of practice allows enterprises to deal with new economic globalisation constraints that they have to undergo but it is not devoid of problems. It is clear that the distribution of processes has an impact on the way the IS products will bespecified, designed, coded and delivered to the clients.  A sophisticated computer information system enables companies to monitor employees, to keep managers and employees informed, to coordinate activities among divisions, or even to sell their products to customers via the internet. Moreover, in the era of it like this, information has become valuable organizational asset just like human resources and inventories.  Furthermore, a good information system can facilitate direct communication between firm and suppliers, manufacturers, dealers, and marketers. Together, they can create a value chain as though they were in one organization.  In the meantime, the widespread use of information freeway is inviting unwelcome threats. Today, companies are plagued by hackers; competitors, thieves, spies, hired agents, or even from disgruntled employees. Therefore, firms have taken measures to safeguard their system such as installing complex computer firewalls to detect hackers or purchasing expensive and advance encryption software.  In conclusion, information system enables companies to react, respond, cater, store, retrieve, disseminate, and control their new valuable asset that is information. In the years to come, a good information system within a company will be no longer an option; it will become a compulsory in determining success.  Q:-3 Briefly describe about the information level threats versus Network level threats?  Solution:-  A threat is a possible event that can harm an information system.  Information level threats:-    Image SPAM ISLEVEL    Image-based SPAM has increased in the past year, and a higher percentage is making it past SPAM filters. The reason this happens is the images are varied each time a message is sent out. SPAM images are just slightly changed each time the message is sent. The difference may be a change in the border, or the variance of one pixel, but the change is enough to get past traditional content and signature-scanning filters. These SPAM messages are compared to snowflakes, because each one looks similar, but is different. Every image is in fact unique, but from a distance it will look identical.    Chat Clients ISLEVEL    Internet chat applications, such as instant messaging applications and Internet Relay Chat (IRC) networks, provide a mechanism for information to be transmitted bi-directionally between computers on the Internet. Chat clients provide groups of individuals with the means to exchange dialog, web URLs, and in many cases, files of any type.  Because many chat clients allow for the exchange of executable code, they present risks similar to those of email clients. As with e-mail clients, care should be taken to limit the chat clients ability to execute downloaded files. As always, you should be wary of exchanging files with unknown parties.  Network level threats:-    Denial of Service Attack (DOS Attack) NLEVEL    Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes your computer to crash or to become so busy processing data that you are unable to use it. In most cases, the latest patches will prevent the attack. It is important to note that in addition to being the target of a DoS attack, it is possible for your computer to be used as a participant in a denial-of-service attack on another system.    Trojan Horse Programs NLEVEL    Trojan horse programs are a common way for intruders to trick you (sometimes referred to as social engineering) into installing back door programs. These can allow intruders easy access to your computer without your knowledge, change your system configurations, or infect your computer with a computer virus.  Part B  Q:-4 How the security challenges presented by mobile devices and information systems access in wireless computing environments?  Solution:-  Today, incredible advances are being made for mobile devices, the trend is for smaller devices and more processing power. A few years ago,the choice was betweena wireless phone and a simple PDA. Now there is a long list of options ranging from high end PDAs with integrated wireless modems down to small phones with wireless web browser capibiliies. Even the simplest of handheld devices provide enough computing power to run small applications, play games, music and make voice calls. A key drier for the ggrowt of mibile solutions for business is the proliferation of handheld devices in the enterprise.  Since the term mobile device includes many products. Wireless refers to the metode of transferring information between a computing device, such as a PDA and the data source, such as an agency database server, without a physical connection. Not all wireless technologies are mobile. For example, lasers are used in wireless data transfer between buildings, but cannot be used in mobile communication at this time. Mobile simply decribes acomputing device that is not restricted to a desktop, that is not tethered.  Mobile computing does not necessary require wireless communicaton. In fact, it may not require communication between devices at all. Tus, while wireless is a subset of mobile, in most cases, an application can be mobile without being wireless. Smart handhelds are defined as handheld or pocket size devices that connect to a wireless or cellular network, and can have software installed on them. This includes networked PDAs and smart phones.  Q:-5 What is the role of Information Security Scenario in the financial sector?  Solution:-  In the financial sector, the Reserve Bank of India(RBI) has created a comprehensive document that lays down a number of security related guidelines and strategies for banks to follow in order to offer internet banking. the guidelines broadly talk about the types of risks associated with the internet banking, the technology and security standards, legal issues involved and regularity and supervisory concerns. Any bank that wants to offer internet banking must follow these guidelines.  Recent infosec surveys indicate that the banking and finance sector companies, most serious about security, are the major investors in security solutions, and regularly revise their ssecurity policies following periodic audits. The software service companies, business process outsourcing (BPO) firms and IT- enabled service companies. However, verticals such as manufacturing continue to lag, except the companies that have extensive enterprise resource planning (ERP) setups or those that drive their supply chain through the web. Aside from these three verticals, companies in other verticals have along way to go in establishing InfoSec.    
Subscribe to:
Post Comments (Atom)
 
 
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.