Tuesday, January 28, 2020
Importance of Database Security
Importance of Database Security To be able to manage a huge amount of data effectively and fast, a well organized system is needed to build. It will also need to store and retrieve data easily. Generally, a database system is designed to be used by many users simultaneously for the specific collections of data. Databases are classified based on their types of collections, such as images, numeric, bibliographic or full-text. Digitized databases are created by using management system to make, store, maintain or search the data. Oracle, MS SQL and Sybase servers are mostly used in companies, agencies and institutions for their different purposes of the assets. On the one hand, internetworking technology provides the assets efficiently and effectively among cooperation but it also gives opportunities to hackers or lawbreakers to make profits. So, database security becomes the most important issue and all related agencies have to focus on the availability of their data to the authorized users only. The protection of data from unauthorized disclosure, alteration or destruction is the main purpose of the database security process. Database security is the system, processes, and procedures that protect database from unintended activity that can be categorized as authenticated misuse, malicious attacks made by authorized individuals or processes. Databases have been protected from external connections by firewalls or routers on the network perimeter with the database environment. Database security can begin with the process of creation and publishing of appropriate security standards for the database environment. Particularly database systems in E-commerce, can access the database for exchange and retrieval of information from web applications. As many layers consisted for web application access, it is needed to make sure the security of each layer. In this paper, we are making an attempt to present how to make secure database in each layer of database system of ecommerce in details. Importance of Database Security In this information technology age, it is compulsory for all types of institutions or companies to make avail their information assets online always through databases. However, they must have a policy to divide the levels of users with to which extent they can asset the information. It is vital not to give opportunities to mischievous intruders. Databases are used to provide personnel information, customer information, credit card numbers, financial data and business transactions, etc. The information is very sensitive and highly confidential and must be prevented from disclosure by other competitors and unauthorized persons. The security of data is crucial not only in business but also in even home computers as personal files, details of bank accounts are difficult to replace and potentially unsafe if they will be in wrong hands. Data destroyed by hazards like floods or fire is just lost but handing it in unethical person will have severe consequences. Other threats will be included human errors and espionage. Therefore, the data security starts with strategies of identifying the area of exposure which will be affected. It is important to define who can access what data, who is allowed and who is restricted, whether passwords are used and how to maintain it, what sort of firewalls and anti-malware solutions to use, how to train the staff and to enforce data security. Furthermore, the backup continuity plan should be laid out so that even though the systems fail, the business can be carried out without delay. While constructing the infrastructure security of a company, database security should be well considered. Database is very crucial to most enterprises at present days; the damage of database will have tragic impact on it. Unsecured systems will make hurt both the company itself and its clients. Based on the research done by American National Infrastructure Protection Center (NIPC) in 2000, the continuous attacks on U.S. e-commerce system are increasing. The most interrupted system is Microsoft Windows NT systems, but UNIX based operating systems have also been maltreated. The hackers are utilizing at least three identified system weaknesses to be able to achieve illegal access and download information. Even though these vulnerabilities are not freshly innovated and the mischievous activities of hackers had been in progress for quite long before the sufferer became noticed of the intrusion. The insecurity of the database can affect not only the database itself, but also the other running systems which have the relationship with that database. The process of an intruder can be first to get access to the poorly safe database, then use strong built-in database characters to get admission to the local operating system. In this way, other trusted systems connecting with that database will be easily attacked by the intruder. Database Security in E-commerce database Database system cannot stand alone and it needs to depend on many other systems. Hence, database security is a combination of many other associated and correlated systems are included as well. The following figure is a normal schema of E-commerce Company. In figure 1, the four basic layers are existed in order to defend a database system. These systems are the functioning system on which the database system runs. Firewall is a commonly applied mechanism to obstruct the interruption from the external network. Web server and web application offer numerous services to the end user by accessing the database. Network layer is the medium in which the data is transmitted. Operating system layer Operating system security is a very important characteristic in database administration. Some dominant features of database systems will possibly be a crack for the underlying operating system. Thus, the responsible person should very thoroughly scan the relations between a feature of database and it is operating system. According to Gollmann, there are five layers in Information Technology system. These layers are application, services, operating system, os kernel and hardware. Each layer is constructed on top of other fundamental ones. As the database system is at the service and application layer, it is existed in above the operating system layer. If the weaknesses of the operating system platforms are identified, then those weaknesses may lead to illegal database access or manipulation. Database configuration files and scripts are at server level resources and they should be sheltered severely to ensure the reliability of the database environment. In many database environments, membership in Operating system group is authorized full power of controlling over the database. To keep away from mistreatment and exploitation of the membership, those users membership and access to the database should be warranted frequently. One of the responsibilities of Administrator is to organize the settings of the operating system or to adjust the size of the buffer and the timeout period, so as to avoid the rejection of service attack stated previously. Most operating system vendors supply system patches generously and fast if any vulnerability has been detected on the system. Another weakness which is often ignored by the administrator is to bring up to date the operating system with the latest patches to abolish the newest revealed holes of the system. Network layer Data has to be transmitted through the network including local LAN and Internet when web applications communicate with database or other distributed components. The two major network transmissions are from user to web server, and from the web application to web database server. All these communications must be completely protected. Although the administrator can secured the network in local domain, the global internet is unmanageable. Encryption is another influential technology. It is set aside not only the invader cannot interrupt but also the encrypted data is unreadable and tremendously hard to presume or decrypt. The matching key can only be to decrypt the cipher text. The two means to apply encryption in database system are of the one way to use the encryption options provided by database products and another way to obtain encryption products form trusted vendors. In addition, one more approach for a safety connection is practicing the secured protocols above TCP/IP, for example, the technology of Ipsec and VPN (Virtual Private Network). The personal traffic in the course of the public internet by means of encryption technology can be provided by VPN. In generally, SSL (secure sockets layer) can be used as another way for cryptography on top of TCP/IP. Safe and sound web sessions can be obtained by Netscape. SSL has newly developed into Transport Layer Security (TLS) that make certain no other invasion may snoop or interfere with any communication. Utilization of SSL can help to validate and protect web sessions, but the computer itself cannot be safe. Web servers There are dissimilarities in functions of Web programs and common programs in area of safety. The major reason is safety for Web application program as the flaw is not easy to perceive. Web server that keeps the external disturbances is located in the middle of the application server and firewall. It can be applied as intermediary to get the data that we approved to be available. For the time being, the software commonly used in web applications is CGI (Common Gateway Interface). The web server can do a different function in easier way as it is uncomplicated. It is user-friendly as a web page counter. Moreover, for example as reading the input from the remote user, it can be used as multifarious to access the input as uncertainty to a local database. CGI proceeds the outcome to the user after retrieving the database. On the other hand, it is also risky since CGI scripts permit software applications to be carried out inside the web server. The well-known language for CGI scripts is Perl since it is simple to build applications and parse the input from the user. Nevertheless, Perl can be exploited by wicked users as it grants some forceful system commands. The invader can simply demolish the system if CGI was weakly executed by web server. This may be a huge hazard to the system as someone can easily eliminate the classified files from Web server as effortless to contact. To get rid of the intimidations, there are several ways to prevent these. The CGI scripts should be prohibited by abuser to write, and the arrangement should be done to CGI program that can be performed as a single way of directory. It should also be cautious in writing the CGI script. No more longer usage of CGI applications such as sample applications should be disposed as these are approachable to Web server and major intentions for invaders since older CGI samples have safety gaps. Without comprehensive handlings, default settings of Web application server can be a huge imperfection of the system if the database system networks with CGI. There need to make sure the system for which extent of operation is unapproved to the clients when a use logs into the database. Web serve with verification methods built in CGI is the most valuable way which means to prepare a CGI script with login name and password to prevent the files. By doing this, the files are protected to the web server apart from readable only. The safety gaps should be checked firmly and regularly to all the scripts even though these are obtained by self-developed, downloaded or bought from vendors. Firewalls The major significant layer to slab the external interruption of the system is Firewalls. Packet filter and proxy server are the two types of firewall mechanism. The connected data between the application and database are divided into packets which consist of much information in its headers, for examples, sources, destination address and protocol being used. A number of them are cleaned as with which source addresses are unbelievable to access to the databases. The arrangement of firewall should be done to access only one or few protocols which is helpful for application queries such as TCP whereas the other packets are choked-up firmly. Accordingly, the smallest amount of risks is maintained for the vulnerable system. Moreover, the ping of fatal loss will be kept systematically if the firewall is constructed to abandon the approached ICMP demand. The potential invaders should be marked out by reserving log files at the firewall. There are two connections in Proxy server. The first one is the connection between cooperations database and proxy server. Another one is the connection between proxy servers also provided the log and audit files. On the other hand, there are very hard to build up strong firewalls, and also too huge and tough to investigate the audit tracks. Database server Database servers are the fundamentals and essentials of greatest values in each and every sector of Education, Health, Military, Manpower, Economics, Modern Arts and Sciences, Information Technology, Electronic Businesses, Financial Institutions, Enterprise Resource Planning (ERP) System, and even universally comprised of sensitive information for business firms, customers, marketers and all stakeholders. The functions and purposes of Database servers are highly depended on the users of their particular intentions for applying the services provided by the operating systems. Some good safety practices for Database servers are to: use multiple passwords to access multi-functions of a server such as using one password to access the single system for administration; apply a different password for another operation; be audited for each and every transaction of the database; utilize application specific user name and password and should never use a default user name or password; back up the system thoroughly for late recovery in case of accidentally break down Allowing to know the end-user for the name and location of database is very worthless. In addition, exposing physical location and name of every database can also be a huge danger to the system. To cover up these issues, we should better practice the service names and pseudonyms. The several copies should be done for the important files which control the accessibility to the database services. Each and every copy should be also connected to a meticulous user group. Moreover, the members of each group should be allowed to access only the relevant documents concerning them. Conclusion The institutions, organizations and business firms mainly stored their important information and valuable assets as digital formats in online related excellent databases. The safety and security issues of Databases become strongly an essential role in the modern world for enterprises. To save from harm of database is to prevent the companiesà ¢Ã¢â ¬Ã¢â ¢ untouchable information resources and digital belongings. Database is the multifarious system and very complicated to handle and difficult to prevent from invaders. Last, but not the least, database protection is also to be taken significantly to the confidentiality, availability and integrity of the organizations like other measures of the safety systems. It can be guarded as diverse natures to cover up. Although auditing is critical, but analysis is also very tough while potential analytical tools will be an enormous contribution to protect the online rationality of database system. There should be reinforced to the corporate safety and security issues. Means of verification and encryption will play the essential role in modern database precaution and safety system.
Sunday, January 19, 2020
Total Institutions Essay -- essays research papers
Total Institutions à à à à à In the year 1961, the author, Erving Goffman, published a book consisting of text and studies on mental patients and inmates, in what he has called ââ¬Å"total institutionsâ⬠. There is a large focus on the life of mental patients, due to his year long study in an American institution. However, the center of my reading was based on the institutions and the lifestyles that are reached when placed in such establishments. à à à à à When describing these institutions the author referred to them as segregated communities. This is exactly what they are. One is cut off from the outside society, with little or no contact at all until the inmates stay is over. The character of these institutions is one that is an intimidating barrier to the outside world. One whoââ¬â¢s barriers could be as simple as a fence or a locked door, but as distinct and scary as the high walls, thick bars and razor wire topped, electrically protected fences of todayââ¬â¢s top penitentiaries. Every institution provides a new world to its members, in most successful cases, changing the perception and reality of the inmate. à à à à à Through the years of research conducted by the author, Goffman concluded that the total institutions in our societies breakdown into five rough groupings. There is room to expand on each one of these groupings as these findings are not precise, interpretation is the key when classifying the establishments. His first conclusion was to classify all institutions that were established to care for people who were incapable and harmless to themselves and one another. One may relate to these institutions as the may be part of our lives on a daily basis. This may be the nursing home where the elderly, widow/widowed grandmother/father is living out his last fine days on this earth. It could be one of the less than desirable child rearing homes, such as an orphanage. Or this category may also include where the unfortunate, the wanderer, and the vagrant all congregate, our nations homeless shelters. Whatever the institution may be, it is defined by a place where one may go to receive treatment, nourishment and attention when there may be no other opportunity afforded them. à à à à à The second of these groupings, encompasses all of the institutions that care for people who are inca... ...s schedules are all imposed by the officials that run the institution. The goals of the institution are fulfilled by these schedules and the tasks that are completed by the inmates, whether it may be a work service crew maintaining the grounds or by a janitorial staff maintaining the interior. Even though these institutions are similar in many instances to others, the do however have more contact with the outside world and rely on that contact to enhance its abilities to rehabilitate. à à à à à Total institutions are ones that will take away and identity and not ask questions. One where inmates are moved as managed group and looked down upon as secretive and bitter. Treating one like they are inferior and, guilty and weak is no way to re-establish someoneââ¬â¢s life and return them to the world. Total institutions are incompatible with family , which is one of the strongest values that we need to maintain in this disintegrating world environment. We need to embrace family and do what we can to maintain our natural family values all throughout our travels and daily life. 1961 erving goffman asylums; essays on the social situation of mental patients and other inmates
Saturday, January 11, 2020
Problem of Good and Evil
How can a God who is both omnipotent and good allow evil in the world? 12/2/09 For Christians, evil can be a problem because non-believers can use it as a way to attack Christianity. The first thing they might say is if there is evil, then God must not be good or omnipotent because he is allowing it. Yes, God allows evil in the world, but evil does not come from God. Evil comes directly from Satan. We see this in the book of Matthew, vs. 1-11, where Satan tries to tempt Jesus.Another way an non-believer ay discredit Christianity is saying that because there is evil, God doesn't exist. This is definitely false. God does exist and we know because the Bible says so. We also can see the results of his power. Some examples of that are when Moses led the Israelites out of slavery in Egypt and God parted the waters of the red sea so they could get through, but he closed them over the Egyptians and they were wiped out. Another example is the woman who had been bleeding for twelve years, in M ark 5: 5-34, and with one touch of Jesus' robe, was healed.This is Just a little taste of God's power over evil. Finally, non-believers could say that God is no better than pagan gods, but he is real and here to save us. God hates evil, but Adam sinned which caused evil in mankind, and he had to bear the consequences of his disobedience against God. The Bible shows us that God is both omnipotent and good. God is omnipotent which means all-powerful. In Luke 1 :37, it says ââ¬Å"For nothing is impossible with God. There isn't anything that God can't do.Also in Rev. 19:6, it states ââ¬Å"Then I heard what sounded like a great multitude, like the roar of rushing waters and like loud peals of thunder, shouting: ââ¬ËHallelujah! For our Lord God Omnipotent reigns'. In that verse, we see God directly described using that word. Now on the other hand, God is good. How can we define good? That is difficult to do. My definition of good is: ââ¬Å"Having desirable or positive qualities. â⠬ God is good to his people, and everything he has created.Psalm 136:1, a passage about God's goodness, says, ââ¬Å"Give thanks to the Lord, for he is good. His love endures forever. â⬠Another passage is from Psalm 34:8, which says ââ¬Å"O taste and see that the Lord is good: blessed is the man that trusts in him. â⬠This verse is saying that if you let God in your life, you will see that he can provide only good things for you. He will not bring evil your way. God may cause trials in your life, but that is only because he wants to produce perseverance, as said in James.
Friday, January 3, 2020
Lord of the Flies Study Guide
William Goldings 1954 novel Lord of the Flies tells the story of a group of schoolchildren stranded on a deserted island. What initially seems to be a tale of heroic survival and adventure, however, soon takes a horrifying turn as the children descend into violence and chaos. The story, which serves as an allegory for human nature, remains as fresh and startling today as when it was first published. Fast Facts: Lord of the Flies Author: William GoldingPublisher: Faber and FaberYear Published: 1954Genre: AllegoryType of Work: NovelOriginal Language: EnglishThemes: Good vs. evil, reality vs. illusion, order vs. chaosCharacters: Ralph, Piggy, Jack, Simon, Roger, Sam, Eric Plot Summary After a plane crash, a group of British schoolboys find themselves on an abandoned island without any adult supervision. Two of the boys, Ralph and Piggy, meet on the beach and discover a conch shell, which they use to gather the other children. Ralph organizes the boys and is elected chief. Ralphââ¬â¢s election angers Jack, a fellow schoolboy who wants to be in charge. We also meet a third boy, Simonââ¬âa dreamy, almost spiritual character. The boys organize into separate tribes, choosing Ralph or Jack as their leader. Jack announces that he will organize a hunting party. He attracts more boys to his tribe as they hunt the wild pigs. A rumor begins of a beast in the forest. Jack and his second-in-command Roger announce they will kill the beast. Terror drives the other boys away from Ralphââ¬â¢s orderly tribe into Jacks group, which becomes increasingly savage. Simon has a vision of the Lord of the Flies, then discovers a pilotââ¬â¢s body in the trees, which he realizes the boys have mistaken for a beast. Simon races to the beach to tell the other boys that the beast was an illusion, but the boys mistake Simon for the beast and kill him. After almost all the boys defect to Jackââ¬â¢s tribe, Ralph and Piggy make one last stand. Piggy is killed by Roger. Ralph flees and arrives on the beach just as a ship has arrived on the island. The captain expresses horror at what the boys have become. The boys suddenly stop and burst into tears. Major Characters Ralph. Ralph is physically attractive, personally charming, and older than most of the other children, which makes him popular. He is a symbol of civilization and order, but as the other boys descend into chaos and brutality, he slowly loses control of the society hes created. Piggy. An overweight, bookish boy, Piggy has been abused and bullied by peers throughout his life. Piggy represents knowledge and science, but he is powerless without Ralphââ¬â¢s protection. Jack. Jack sees himself as a natural leader. He is confident, but unattractive and unpopular. Jack builds a power base with his tribe of hunters: the boys who quickly shed the constraints of civilization. Simon. Simon is a quiet, thoughtful boy who suffers from seizures. Representing religion and spiritual faith, Simon is the only boy to see the truth: the fact that the beast is an illusion. With his death, he becomes a Christ-like figure. Major Themes Good vs. Evil. The storys central question is whether humanity is fundamentally good or evil. The boys are initially inclined to establish an orderly society with rules and an appreciation for fairness, but as they become increasingly fearful and divided, their newly-established civilization descends into violence and chaos. Ultimately, the book suggests that morality is the result of artificial restraints imposed on our behavior by the society in which we live. Illusion vs. Reality. The Beast is imaginary, but the boys belief in it has real-life consequences. As their belief in the illusion growsââ¬âand, notably, when the illusion takes on a physical form through the body of the pilotââ¬âthe boys behavior grows increasingly savage. When Simon tries to shatter this illusion, he is killed. Indeed, much of the boys motivation for their behavior stems from irrational fears and imaginary monsters. When those imaginary elements change or disappear, the structure of their newly-formed society disappears, too. Order vs. Chaos. The tension between order and chaos is ever-present in Lord of the Flies. The characters of Ralph and Jack represent opposing sides of this spectrum, with Ralph establishing orderly authority and Jack encouraging chaotic violence. The boys behave in an orderly fashion at first, but when they lose faith in the possibility of being rescued, they quickly descend into chaos. The story suggests that the morality of the adult world is similarly tenuous: we are governed by a criminal justice system and spiritual codes, but if those factors were removed, our society would quickly collapse into chaos, too. Literary Style Lord of the Flies alternates between a straightforward style, employed when the boys converse with each other, and a lyrical style used to describe the island and surrounding nature. Golding also utilizes allegory: every character represents a concept or idea larger than himself. As a result, the characters actions cannot be viewed as entirely voluntary. Each boy behaves as Golding sees the larger world: Ralph attempts to exercise authority even when he has no clear plan, Piggy insists on rules and rationality, Jack follows his impulses and primitive urges, and Simon loses himself in thought and seeks enlightenment. About the Author William Golding, born in England in 1911, is considered one of the most important writers of the 20th century. In addition to fiction, Golding wrote poetry, plays, and non-fiction essays. He received the Nobel Prize in Literature in 1983. His first novel, Lord of the Flies, established him as a major literary voice. Lord of the Flies continues to be adapted and referenced by other writers to this day. His writing frequently raised questions about morality and human nature, of which he had a decidedly cynical view.
Subscribe to:
Posts (Atom)