1.Describe or define Virtual office?
Answer:
VO or Vitual Office is a term for shared office services, which normally includes business address, mail & courier services, phone services, fax services, answering services, web-hosting services, and meeting & conference facilities.
A term used to describe a working environment that has no fixed location. With the increased popularity of mobile solutions such as laptop computers and cell phones, a person can conduct business almost anywhere in the world without the need of a single fixed office location. Another example of a virtual office is a company that only exists on the Internet and all its employees and other workers communicate and collaborate through the Internet.
2. Distinguish Virtual from MIS?
Answer:
Virtual Office is an environment that enables a network of co-workers to run a business efficiently by using nothing other than online communication technologies. It is a shared office services. While MIS or Management Information System is is an information that is used in the business in decision making process that will help the manager to plan annd create a better idea or decision for the improvement of the organization.
3.Illustrate (give examples) how Virtual office can improve company's competitive advantage and organizational performance.
Answer:
Virtual Office allows you to be perceived to be a large, established organization that can do the business.
Like for example of a Virtual Office space uses include, using the mail forwarding, business address, for your companies Registered Office. It's also a great way to promote your business as being multinational, by using a number of Virtual Office mail forwarding, business addresses.
Reference:my own opinion
By:wilma Son
Wednesday, May 20, 2009
Monday, May 18, 2009
Finals Question #4
TOPIC: THE DECISION SUPPORT SYSTEMS (DSS)
1. Describe or define DSS.
Answer: Decision Support Systems (DSS) are a specific class of computerized information system that supports business and organizational decision-making activities. A properly designed DSS is an interactive software-based system intended to help decision makers compile useful information from raw data, documents, personal knowledge, and/or business models to identify and solve problems and make decisions.
Typical information that a decision support application might gather and present would be:
* Accessing all of your current information assets, including legacy and relational data sources, cubes, data warehouses, and data marts
* Comparative sales figures between one week and the next
* Projected revenue figures based on new product sales assumptions
* The consequences of different decision alternatives, given past experience in a context that is described.
2. Distinguish DSS from MIS.
Answer:
The DSS and MIS models are very similar. Both consist of a database, report writing software, and mathematical models. In the MIS model, the users are called organizational problem solvers, whereas in the DSS model there are two types of users- individual problem solvers and other group members. The DSS model also includes a third category of software- groupware, which establishes communications link among the problem solvers and between the problem solvers environmental settings a groupware.
Examples
1. The best example of decision support systems include high-level summary reports or charts and allow the user to drill down for more detailed information.
2. A specific example concerns the Canadian National Railway system, which tests its equipment on a regular basis using a decision support system. A problem faced by any railroad is worn-out or defective rails, which can result in hundreds of derailments per year. Under a DSS, CN managed to decrease the incidence of derailments at the same time other companies were experiencing an increase.
3. Illustrate (give examples) how DSS can improve company's competitive advantage and organizational performance.
Answer:As competition gets tougher and tougher, companies have to implement
new management systems to stay efficient. Along business performance monitoring
application, executive information systems, business intelligence systems and
decision support systems (DSS) help managers to lead their companies successfully
and survive into the future. They are interactive, flexible and adjustable systems
that offer support in solving unstructured or semistructured management problems,
meant to improve the decision process. They are developed to assist the tactical and
strategic level of management. The classic architecture of a DSS contains the
database management system, the model base management system and the
interface management system. The evolved DSS have also a knowledge component
that provides the information needed for solving certain aspects of the problems.
According to D. J. Power, at a conceptual level the DSS can be classified into the
following categories: data-driven systems, model-driven systems, knowledgedriven
systems, document-driven systems, communication-driven systems, intra
and inter organizational systems, specialized systems and Web-based systems. At
the end of the paper some opinions concerning the future of DSS are presented.
Keywords: Decision support system; Structured; semistructured and unstructured
problems; Database; Model base; Knowledge base; User interface.nizational performance.
Reference:
http://www.informationbuilders.com/decision-support-systems-dss.html
http://www.ceeol.com/aspx/issuedetails.aspx?issueid=a014b935-c681-4315-b894-476ae4aeb6e3&articleId=31059de5-6ed4-4b01-bbd7-b7f9a1d82e53
Power, D.J. A Brief History of Decision Support Systems DSSResources.COM, World Wide Web, version 2.8, May 31, 2003
by:wilma son
1. Describe or define DSS.
Answer: Decision Support Systems (DSS) are a specific class of computerized information system that supports business and organizational decision-making activities. A properly designed DSS is an interactive software-based system intended to help decision makers compile useful information from raw data, documents, personal knowledge, and/or business models to identify and solve problems and make decisions.
Typical information that a decision support application might gather and present would be:
* Accessing all of your current information assets, including legacy and relational data sources, cubes, data warehouses, and data marts
* Comparative sales figures between one week and the next
* Projected revenue figures based on new product sales assumptions
* The consequences of different decision alternatives, given past experience in a context that is described.
2. Distinguish DSS from MIS.
Answer:
The DSS and MIS models are very similar. Both consist of a database, report writing software, and mathematical models. In the MIS model, the users are called organizational problem solvers, whereas in the DSS model there are two types of users- individual problem solvers and other group members. The DSS model also includes a third category of software- groupware, which establishes communications link among the problem solvers and between the problem solvers environmental settings a groupware.
Examples
1. The best example of decision support systems include high-level summary reports or charts and allow the user to drill down for more detailed information.
2. A specific example concerns the Canadian National Railway system, which tests its equipment on a regular basis using a decision support system. A problem faced by any railroad is worn-out or defective rails, which can result in hundreds of derailments per year. Under a DSS, CN managed to decrease the incidence of derailments at the same time other companies were experiencing an increase.
3. Illustrate (give examples) how DSS can improve company's competitive advantage and organizational performance.
Answer:As competition gets tougher and tougher, companies have to implement
new management systems to stay efficient. Along business performance monitoring
application, executive information systems, business intelligence systems and
decision support systems (DSS) help managers to lead their companies successfully
and survive into the future. They are interactive, flexible and adjustable systems
that offer support in solving unstructured or semistructured management problems,
meant to improve the decision process. They are developed to assist the tactical and
strategic level of management. The classic architecture of a DSS contains the
database management system, the model base management system and the
interface management system. The evolved DSS have also a knowledge component
that provides the information needed for solving certain aspects of the problems.
According to D. J. Power, at a conceptual level the DSS can be classified into the
following categories: data-driven systems, model-driven systems, knowledgedriven
systems, document-driven systems, communication-driven systems, intra
and inter organizational systems, specialized systems and Web-based systems. At
the end of the paper some opinions concerning the future of DSS are presented.
Keywords: Decision support system; Structured; semistructured and unstructured
problems; Database; Model base; Knowledge base; User interface.nizational performance.
Reference:
http://www.informationbuilders.com/decision-support-systems-dss.html
http://www.ceeol.com/aspx/issuedetails.aspx?issueid=a014b935-c681-4315-b894-476ae4aeb6e3&articleId=31059de5-6ed4-4b01-bbd7-b7f9a1d82e53
Power, D.J. A Brief History of Decision Support Systems DSSResources.COM, World Wide Web, version 2.8, May 31, 2003
by:wilma son
Finals Question #3
Identify and describe one company that adopts an MIS. Include in your discussion, how MIS helps and supports the company, its managers and other employees, in their problem solving and decision-making.
Do this in two paragraphs at least. COPYING OF TEXTS IS DEFINITELY NOT ACCEPTABLE.
Answer:
Business enterprise information system
Carried on the contrast analysis to the traditional management information system structure and the business enterprise new management information system structure of the business enterprise, point out adopting the Intranet technique is the inevitable trend of the information system,the management information system, and points out the Intranet still needs the research the solution definitely of problem. The customer interface style is different, use complicated, the customer train work have great capacity, the disadvantage applies in the fast expansion; The system supports the inconvenience, the function expands the difficulty greatly, getting stripe the difficulty; Can't and permit already systematic, result in repeat the investment, The system does not open, only can carry out the data share in the system inner part,system development complications, develop the period long,invest greatly, living the life period short. , business enterprise management the system variety turn worse, in addition it account and calculate the machine software and hardware develop quickly, more play the brief situation of the system life cycle, the system that even have has not yet throw in application and then have already been eliminate.
What Intranet point is the internal network of the business enterprise or organization that adopts the Internet technique establishment, is according to the internal information management and switching infrastructure of the network communication agreement,the Web technique of the Internet and the business enterprise of the equipments structure, to provide 1 to open of, distribute of,the double of the dynamic state to the multi-media information exchanges environment. The Intranet not only only is a kind of net technique,s ands Intranets but also represents the information service method that it provide, it can provide with the WWW,E-mail,FTP,Telnet etc.
the business enterprise inner part and cooperate the colleague and the contact of of the market, the internal information that accelerates the business enterprise circulates with the exaltation work efficiency, is the problem that each one greatly wins the business enterprise and have to hard consider. Adopt the Intranet development IS or MIS has the 1 developments to compare easily, developping the period short, the expenses is low 2 the usages are simple, the easy to expansion is applied 4 support JIAN3 DAN, easy to expand and get stripe 5 have the ability of the cross-platform operation, can well make use of the existing equipments and system, protect to have already had already invest the 6 systemses to open, the benefit shares to integrate with system in the information. Positive because the Intranet has the above-mentioned characteristics, it necessarily will replace the traditional C/S structure, becoming for the information system and managing the information system to mainly set up the form.MIS adopts the necessariness of Intranet technology
The Intranet is the demand that the business enterprise internationalizes the development
Will soon enter to trade the globalization at present for ages, a success greatly wins the business enterprise necessarily the business enterprise group or multinational company that the development becomes to more internationalize, its employee usually scatters to be engaged in in the world-wide locations since independent and then related work, of the employee and business enterprise has to usually keep the closely direct contact, various relevant data that in time and accurately acquires the instruction and business enterprise inner part of business enterprise for the purpose of employee, the business enterprise also can completely and in time collect the information of the world-wide locations, managing and making policy with the assistance business enterprise.
Reference:http://bbs.tech.163.com/bbs/tech_0ik1/70390057.html
By:wilma Son
Do this in two paragraphs at least. COPYING OF TEXTS IS DEFINITELY NOT ACCEPTABLE.
Answer:
Business enterprise information system
Carried on the contrast analysis to the traditional management information system structure and the business enterprise new management information system structure of the business enterprise, point out adopting the Intranet technique is the inevitable trend of the information system,the management information system, and points out the Intranet still needs the research the solution definitely of problem. The customer interface style is different, use complicated, the customer train work have great capacity, the disadvantage applies in the fast expansion; The system supports the inconvenience, the function expands the difficulty greatly, getting stripe the difficulty; Can't and permit already systematic, result in repeat the investment, The system does not open, only can carry out the data share in the system inner part,system development complications, develop the period long,invest greatly, living the life period short. , business enterprise management the system variety turn worse, in addition it account and calculate the machine software and hardware develop quickly, more play the brief situation of the system life cycle, the system that even have has not yet throw in application and then have already been eliminate.
What Intranet point is the internal network of the business enterprise or organization that adopts the Internet technique establishment, is according to the internal information management and switching infrastructure of the network communication agreement,the Web technique of the Internet and the business enterprise of the equipments structure, to provide 1 to open of, distribute of,the double of the dynamic state to the multi-media information exchanges environment. The Intranet not only only is a kind of net technique,s ands Intranets but also represents the information service method that it provide, it can provide with the WWW,E-mail,FTP,Telnet etc.
the business enterprise inner part and cooperate the colleague and the contact of of the market, the internal information that accelerates the business enterprise circulates with the exaltation work efficiency, is the problem that each one greatly wins the business enterprise and have to hard consider. Adopt the Intranet development IS or MIS has the 1 developments to compare easily, developping the period short, the expenses is low 2 the usages are simple, the easy to expansion is applied 4 support JIAN3 DAN, easy to expand and get stripe 5 have the ability of the cross-platform operation, can well make use of the existing equipments and system, protect to have already had already invest the 6 systemses to open, the benefit shares to integrate with system in the information. Positive because the Intranet has the above-mentioned characteristics, it necessarily will replace the traditional C/S structure, becoming for the information system and managing the information system to mainly set up the form.MIS adopts the necessariness of Intranet technology
The Intranet is the demand that the business enterprise internationalizes the development
Will soon enter to trade the globalization at present for ages, a success greatly wins the business enterprise necessarily the business enterprise group or multinational company that the development becomes to more internationalize, its employee usually scatters to be engaged in in the world-wide locations since independent and then related work, of the employee and business enterprise has to usually keep the closely direct contact, various relevant data that in time and accurately acquires the instruction and business enterprise inner part of business enterprise for the purpose of employee, the business enterprise also can completely and in time collect the information of the world-wide locations, managing and making policy with the assistance business enterprise.
Reference:http://bbs.tech.163.com/bbs/tech_0ik1/70390057.html
By:wilma Son
Monday, May 11, 2009
final question # 2
>may adopt specific computerized database system according to their unique needs after thorough MIS planning. However, it has to be noted that MIS if properly planned, and implemented, benefits can be immeasurable on the other hand, if this is misused, then it may mean information or financial losses and opportunity and resources wasted.
From this, answer the following.
1.0.a Research one international company from the Internet and describe their MIS strategic plan in 1-2 paragraphs.
Answer:
Toyota Motor
Everyone agrees that having a management strategic plan for IT is a good thing but most ... companies throughout Europe, are already using the on-demand service.
Toyota Motor has standardized on Salesforce.com's multitenant on-demand service in less than three months to enable full integration of its sales environment.
The carmaker said its migration onto the service means it can now automate many day-to-day sales processes, allowing its sales territories to work together more efficiently and improve responsiveness to customers.
Account managers at Toyota Motor headquarters in Belgium, as well as Toyota National Sales and Marketing companies throughout Europe, are already using the on-demand service to target, acquire and manage day-to-day relationships with multinational fleet customers.
The firm said one of the main reasons for choosing the on-demand application lay in its ability to integrate with back office systems and external sources of information regarding vehicle data.
1.0.b Discuss too the impact of this strategic plan on the company's management,
competitors, customers and the company as a whole.
Answer:
Toyota is famous for lean manufacturing, but the No. 1 automaker applies the whole lean philosophy way beyond the production floor. Lean is a “knowledge environment,” says Nick Dieltsien, who’s responsible for strategic planning at Lexus Europe.
The information systems for the Toyota Motor Company (TMC) can clearly be evaluated by using SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats). The biggest strength of Toyota's information systems is their ability to integrate their company goals globally by using their systems effectively. For example, Toyota reaches its customers in different markets by using different online web systems for different world regions. Although, there are multiple websites and systems for each of the world regions, such as North America and Europe, the systems all link back to a worldwide website.
2.0.a Evaluate how can this strategic plan be applied to any local company in the Philippines.
Answer:
ASK an MBA which companies are the consummate long-term planners, and chances are he will plump for the international oil giants. That oil companies peer far ahead should not be surprising: theirs is a business in which a single project can easily take ten years from drawing board to production. But although oil companies have been churning out strategic plans and forecasts since the mid-1960s, they were badly wrong-footed each time the oil price hiccoughed in 1973-74, 1979 and 1986. Now they are changing both the way they create plans and the way they use them.
2.0.b Discuss too the possible effect on the company.
Answer:
the possible effect on the company in depends on the situation for example if the company has a problem in their financial or they has a problem with their employee, in addition the possible effect, one if your business have a potential to progress or your strategy are very effective to attract your customer or else your strategy are not effective that cause the failure of the operation of your business. How were the threats addressed? What were the damages?
Answer:
3.0.a What is an Accounting Information System?
Answer:
Being an information system, an accounting information system must have a target system. It should be obvious that the target system must be business operations in a narrow sense. Other non-accounting aspects of business operations are covered by information systems such as Human Resources Information System, Management Information System, Production Planning/Scheduling System, Strategic Planning System, and so on. The target system for an accounting system has to do with the aspects of business operations that have to do with accountability for the assets/liabilities of the enterprise, the determination of the results of operations that ultimately leads to the computation of comprehensive income, and the financial reporting aspects of business operations.
3.0.b Identify or list down different accounting information systems used.
Answer:
accounting software is a valuable tool to help keep the costs of balancing the books down. An accounting information system makes accounting a much simpler process and for small businesses can mean reducing the need of hiring an accountant. The software is very advanced today and is often used to help with business strategy. It can monitor sales and expenses in various patterns which can help determine your best selling periods and your weakest product lines. Tax calculation is made much easier and can help reduce those year end stresses when your tax returns have to be sent in. The most popular accounting information system used in UK business is Sage. This has been a market leader for several years and in it's time has seen numerous updates that improve its stability and functionality. Different business models need different packages however and it is important that you get the right package rather than just opt for the current market leader. There are many different business models out there that handle money differently and this has a significant impact on the software you choose to adopt. For instance, a business that deals mainly with cash transactions will log there sales differently to one that uses a digital sales system. Digital sales can utilize more advanced accounting software that can automate the tracking and logging of transactions across several department.
3.0.c What are the benefits by the management, users and customers derived from these AIS?
Answer:This can have huge logistical benefits and can also improve efficiency of cash flow which is important for modern business. The additional benefits from using accounting software is that the accounts department of your business will rely less on experienced accountants to handle the books which consequently can help to reduce the labor costs within that area. A good IT infrastructure is needed however to implement such software so it might not be feasible for everyone. While there are simpler packages that can be used in a basic IT setup, the advanced software such as Sage does require local area network functionality to all the departments that will use it.
3.0.d Cite any threat or misuse of these AIS by a specific company.How were the threats addressed? What were the damages?
Answer:Threats to accounting information systems come from a variety of sources. If ignored, they can destroy the relevance and reliability of financial information, leading to poor decisions by various stakeholders. (For specific examples, the Sidebar lists the top 10 concerns identified by a 2006 AICPA survey.)
At the point of data collection, it is important to establish security controls that ensure that transaction or event data are valid, complete, and free from material errors. Masquerading (pretending to be an authorized user) and piggybacking (tapping into telecommunications lines) are examples of hacker activities that can seriously impact valid data collection.
Reference:http://www.albany.edu/acc/courses/acc681.fall00/681book/node7.html#SECTION00223000000000000000
ttp://www.google.com.ph/search?hl=tl&q=Describe+their+MIS+strategic+plan+of+international+company%3F&btnG=Maghanap&meta=
From this, answer the following.
1.0.a Research one international company from the Internet and describe their MIS strategic plan in 1-2 paragraphs.
Answer:
Toyota Motor
Everyone agrees that having a management strategic plan for IT is a good thing but most ... companies throughout Europe, are already using the on-demand service.
Toyota Motor has standardized on Salesforce.com's multitenant on-demand service in less than three months to enable full integration of its sales environment.
The carmaker said its migration onto the service means it can now automate many day-to-day sales processes, allowing its sales territories to work together more efficiently and improve responsiveness to customers.
Account managers at Toyota Motor headquarters in Belgium, as well as Toyota National Sales and Marketing companies throughout Europe, are already using the on-demand service to target, acquire and manage day-to-day relationships with multinational fleet customers.
The firm said one of the main reasons for choosing the on-demand application lay in its ability to integrate with back office systems and external sources of information regarding vehicle data.
1.0.b Discuss too the impact of this strategic plan on the company's management,
competitors, customers and the company as a whole.
Answer:
Toyota is famous for lean manufacturing, but the No. 1 automaker applies the whole lean philosophy way beyond the production floor. Lean is a “knowledge environment,” says Nick Dieltsien, who’s responsible for strategic planning at Lexus Europe.
The information systems for the Toyota Motor Company (TMC) can clearly be evaluated by using SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats). The biggest strength of Toyota's information systems is their ability to integrate their company goals globally by using their systems effectively. For example, Toyota reaches its customers in different markets by using different online web systems for different world regions. Although, there are multiple websites and systems for each of the world regions, such as North America and Europe, the systems all link back to a worldwide website.
2.0.a Evaluate how can this strategic plan be applied to any local company in the Philippines.
Answer:
ASK an MBA which companies are the consummate long-term planners, and chances are he will plump for the international oil giants. That oil companies peer far ahead should not be surprising: theirs is a business in which a single project can easily take ten years from drawing board to production. But although oil companies have been churning out strategic plans and forecasts since the mid-1960s, they were badly wrong-footed each time the oil price hiccoughed in 1973-74, 1979 and 1986. Now they are changing both the way they create plans and the way they use them.
2.0.b Discuss too the possible effect on the company.
Answer:
the possible effect on the company in depends on the situation for example if the company has a problem in their financial or they has a problem with their employee, in addition the possible effect, one if your business have a potential to progress or your strategy are very effective to attract your customer or else your strategy are not effective that cause the failure of the operation of your business. How were the threats addressed? What were the damages?
Answer:
3.0.a What is an Accounting Information System?
Answer:
Being an information system, an accounting information system must have a target system. It should be obvious that the target system must be business operations in a narrow sense. Other non-accounting aspects of business operations are covered by information systems such as Human Resources Information System, Management Information System, Production Planning/Scheduling System, Strategic Planning System, and so on. The target system for an accounting system has to do with the aspects of business operations that have to do with accountability for the assets/liabilities of the enterprise, the determination of the results of operations that ultimately leads to the computation of comprehensive income, and the financial reporting aspects of business operations.
3.0.b Identify or list down different accounting information systems used.
Answer:
accounting software is a valuable tool to help keep the costs of balancing the books down. An accounting information system makes accounting a much simpler process and for small businesses can mean reducing the need of hiring an accountant. The software is very advanced today and is often used to help with business strategy. It can monitor sales and expenses in various patterns which can help determine your best selling periods and your weakest product lines. Tax calculation is made much easier and can help reduce those year end stresses when your tax returns have to be sent in. The most popular accounting information system used in UK business is Sage. This has been a market leader for several years and in it's time has seen numerous updates that improve its stability and functionality. Different business models need different packages however and it is important that you get the right package rather than just opt for the current market leader. There are many different business models out there that handle money differently and this has a significant impact on the software you choose to adopt. For instance, a business that deals mainly with cash transactions will log there sales differently to one that uses a digital sales system. Digital sales can utilize more advanced accounting software that can automate the tracking and logging of transactions across several department.
3.0.c What are the benefits by the management, users and customers derived from these AIS?
Answer:This can have huge logistical benefits and can also improve efficiency of cash flow which is important for modern business. The additional benefits from using accounting software is that the accounts department of your business will rely less on experienced accountants to handle the books which consequently can help to reduce the labor costs within that area. A good IT infrastructure is needed however to implement such software so it might not be feasible for everyone. While there are simpler packages that can be used in a basic IT setup, the advanced software such as Sage does require local area network functionality to all the departments that will use it.
3.0.d Cite any threat or misuse of these AIS by a specific company.How were the threats addressed? What were the damages?
Answer:Threats to accounting information systems come from a variety of sources. If ignored, they can destroy the relevance and reliability of financial information, leading to poor decisions by various stakeholders. (For specific examples, the Sidebar lists the top 10 concerns identified by a 2006 AICPA survey.)
At the point of data collection, it is important to establish security controls that ensure that transaction or event data are valid, complete, and free from material errors. Masquerading (pretending to be an authorized user) and piggybacking (tapping into telecommunications lines) are examples of hacker activities that can seriously impact valid data collection.
Reference:http://www.albany.edu/acc/courses/acc681.fall00/681book/node7.html#SECTION00223000000000000000
ttp://www.google.com.ph/search?hl=tl&q=Describe+their+MIS+strategic+plan+of+international+company%3F&btnG=Maghanap&meta=
final question # 1
For those who are working, interview your IT in-charge and ask him/her to describe the computer database systems used in the company. Write your answer in 1-2 paragraphs. Further, ask also the benefits and/or disadvantages derived from these database systems.
For those who are not working, research one company in the net who is using computerized database systems. Describe the use and/or nature of these systems and describe too the benefits/disadvantages from these systems. Include your reference.
Answer:
Database Systems Corp.
Database Systems Corp. (DSC) has been providing data management products and services since 1978. Our customers span a wide range of industries and levels of our government. Our expertise is in computer telephony integration software, IVR applications, predictive dialers and advanced call center software. DSC is a privately held company but we have served quite a few major corporations as well as small businesses. Our customer loyalty and retention over the years by these clients is a source of great pride for our company. Our commitment to develop leading edge technologies will always be there. Our goal is to provide the best products and services for our customers.
DSC specializes in technology for today's contact centers as well as for call centers of the future (virtual call centers). A remote agent and telecommuting workforce is made possible by faster and more reliable internet access. Our products provide the controls and monitoring capability needed for these modern call centers. Our telecommuting software allows agents to work anywhere an internet connection exists. We provide both voice and data access to remote agents in this virtual call center environment. Our Virtual PBX office phone system can link office and home based employees together as a cohesive support team.
Database Approach
Database and database technology play an important role in most of social areas where computer are used, including business, education, medicine etc. To understand the fundamental of database system, we start from introducing the basic concepts in this area.
* Self-Describing Nature of a Database System : Database System contains not only the database itself but also the descriptions of data structure and constraints (meta-data). These information is used by the DBMS software or database users if needed. This separation makes database system totally different from traditional file-based system in which data definition is a part of application programs
* Insulation between Program and Data : In the filed base system, the structure of the data files is defined in the application programs so if user want to change the structure of a file, all the programs access to that files might need to be changed. On the other hand, in database approach, data structure is stored in the system catalog not in the programs so such changes might not occurs.
* Support multiple views of data: A view is a subset of the database which is defined and dedicated for particular users of the system. Multiple users in the system might have different views of the system. Each view might contains only the interested data of an user or a group of user.
* Sharing of data and Multi-user system: A multiuser database system must allow multiple users access the database at the same time. As the result, the multiuser DBMS must have concurrency control strategies to ensure that several user try to access the same data item at a time do so in the manner so that the data always be correct.
Benefits:
Disadvantages:
reference:http://www.databasesystemscorp.com/
By: Wilma Son
For those who are not working, research one company in the net who is using computerized database systems. Describe the use and/or nature of these systems and describe too the benefits/disadvantages from these systems. Include your reference.
Answer:
Database Systems Corp.
- Call Center Technology
Database Systems Corp. (DSC) has been providing data management products and services since 1978. Our customers span a wide range of industries and levels of our government. Our expertise is in computer telephony integration software, IVR applications, predictive dialers and advanced call center software. DSC is a privately held company but we have served quite a few major corporations as well as small businesses. Our customer loyalty and retention over the years by these clients is a source of great pride for our company. Our commitment to develop leading edge technologies will always be there. Our goal is to provide the best products and services for our customers.
DSC specializes in technology for today's contact centers as well as for call centers of the future (virtual call centers). A remote agent and telecommuting workforce is made possible by faster and more reliable internet access. Our products provide the controls and monitoring capability needed for these modern call centers. Our telecommuting software allows agents to work anywhere an internet connection exists. We provide both voice and data access to remote agents in this virtual call center environment. Our Virtual PBX office phone system can link office and home based employees together as a cohesive support team.
Database Approach
Database and database technology play an important role in most of social areas where computer are used, including business, education, medicine etc. To understand the fundamental of database system, we start from introducing the basic concepts in this area.
* Self-Describing Nature of a Database System : Database System contains not only the database itself but also the descriptions of data structure and constraints (meta-data). These information is used by the DBMS software or database users if needed. This separation makes database system totally different from traditional file-based system in which data definition is a part of application programs
* Insulation between Program and Data : In the filed base system, the structure of the data files is defined in the application programs so if user want to change the structure of a file, all the programs access to that files might need to be changed. On the other hand, in database approach, data structure is stored in the system catalog not in the programs so such changes might not occurs.
* Support multiple views of data: A view is a subset of the database which is defined and dedicated for particular users of the system. Multiple users in the system might have different views of the system. Each view might contains only the interested data of an user or a group of user.
* Sharing of data and Multi-user system: A multiuser database system must allow multiple users access the database at the same time. As the result, the multiuser DBMS must have concurrency control strategies to ensure that several user try to access the same data item at a time do so in the manner so that the data always be correct.
Benefits:
- Integration
- Efficiency
- Cost reduction
- Less personnel
- Accuracy
- Not redundancy
Disadvantages:
- Expensive -> Software, hardware, implementation, consultants, training
- Not very flexible -> Need re engineering
- Company culture, resistance to change
reference:http://www.databasesystemscorp.com/
By: Wilma Son
Wednesday, May 6, 2009
Midterm Question #3
Internet if properly maximized can be used as a medium to the advantage of the company. However, risks and threats are there. Thus, research the following:
1. Identify the possible risks and threats (eg. virus) that can potentially attack a company with internet connection.
Answer:
Internet Security
Most legal professionals know that the loss of a single critical computer file can mean the loss of hours of work and possibly the loss of future clients. Legal professionals spend their time becoming experts in their trade, but lawyers who depend on the Internet to create and distribute their work need to also be informed about security issues and the importance of protecting important data from unnecessary risk. Protecting computers from viruses, hackers, and other threats is
critical. Some people who think they are protected may actually still be at risk.
Any computer user that uses a laptop or desktop computer and has Internet access is at risk for common threats that can be easily prevented. Antivirus software, personal firewalls and other tools are simple to deploy and well worth the small amount of money it costs to ensure protection and peace of mind. But it takes more than technology to secure important information assets. Protecting intellectual property should be a security priority for all legal professionals because the alternatives can be very costly – not to mention very damaging to corporate image. Technology tools combined with knowledge about security threats and computer user guidelines can eliminate worrying about computer security from the ‘to do’ list and allow more time to concentrate on client relationships and success.
Threats to organizations now come from a range of sources and employees need to understand all possible vulnerabilities to guard themselves against the increasing number of digital attacks. In 2001 the computing community was introduced to a new kind of threat—one that could pick and choose its point of entry based on the security roadblocks it faced. These new threats combine to create a modern type of advanced computer security threat that experts are calling “blended threats.” As the term blended threats suggest, these threats combine, or blend, a number of dangers together into one, multi-pronged and destructive force. Blended threats can have an unbelievable infection rate because many of them require no human interaction to spread. In addition, blended threats are usually very malicious once they gain access to and infect a computer.
Hackers are writing more complex codes that are difficult to protect against and they are striking more often and more quickly. While insiders may be aware of security policies and procedures, all too often they do not stop to consider how their actions would breach the rules. Their motivation is not to exploit, attack, or otherwise adversely affect your enterprise system, but their actions could have devastating repercussions, regardless of motive.
The key to combating Internet threats is educating computer users. Computers users who think they are protected or who are ignorant to possibilities of threats may not realize that they perform many actions each day that compromise computer security. Although threats such as worms, viruses, and Trojan horses have grown in complexity and ability to spread, there are many precautions users can take to help prevent virus infection.
E-mail
One of the biggest computer threats comes through e-mail attachments. User caution is very important when protecting against risks such as viruses and worms that propagate through e-mail programs. When opening any e-mail attachment, computer users should always scan for viruses. To make these scans effective, virus definitions, or digital files that help identify and deal with viruses, should be updated frequently to ensure protection against the latest threats. Without updated virus definitions, a new threat could potentially pass a virus scan undetected.
Some of the latest blended threats do not require human intervention to propagate and can be spread simply by opening or previewing an infected e-mail. For this reason, employees should turn off the preview pane in their e-mail program. Most importantly, employees should be instructed to not open unsolicited e-mails or e-mails from unrecognizable sources. When a suspicious e-mail is received,
permanently delete the e-mails by pressing shift+delete. This tip was extremely pertinent in the recent MyDoom outbreak in which technical subject headings tricked users into opening malicious e-mails.
The Internet
Viruses can be downloaded to any computer by simply visiting an infected Web site containing malicious code. Although Internet surfing is a popular pastime, it can increase chances of visiting a malicious site. Encryption of information sent via the Internet is a very important component in protecting information. Computer users should be careful with Web sites that claim encryption of financial or other sensitive information is not necessary.
Computers with constant Internet connection such as DSL or cable are particularly susceptible to hacker attempts.
This constant connection to large amounts of bandwidth allows for easier outside access to unprotected computers. The use of firewalls can block unauthorized access to a computer and prevent unauthorized information from leaving a computer. In addition, intrusion detection software can alert the computer user when an attempt is being made to gain access to the computer and its information. The
easiest way to protect yourself from Internet risks is to reserve Internet surfing for pertinent business applications and stick to large, popular Web sites that provide security protection for visitors.
Peer-to-Peer Networks and
File Sharing Programs
File sharing programs are not always secure and can open a computer to risks. Malicious threats can mask themselves as common music files that appear harmless until downloaded. Threats, such as the recent Netsky worm, try to use file-sharing programs like Kazaa to quickly spread to numerous computers and cause damage. In addition, peer-to-peer networks increase the risk of spyware that gives others direct access to a computer. These programs allow authors of the program and other network users to see employee computer activity, where they are visiting on the Internet, and even use the computer’s resources without the user’s knowledge. The best way to reduce risks is to avoid use of peer-to-peer networks and to not download files from unknown sources through file sharing programs.
Instant Messaging (IM)
Virtually all free IM systems have features to bypass
traditional corporate firewalls, making it difficult for administrators to control IM use inside an organization. Many of these systems lack encryption capabilities and can lead to unwelcome eavesdropping. Insecure password management also makes IM programs vulnerable to account spoofing where hackers can impersonate a familiar user.
Repeated file transfers through instant messaging can cause the rapid spread of traditional viruses, worms, and Trojan horses. Increased incidents of spim (spam sent through IM channels) are also on the rise and will most likely lead to increased IM threats in the future. The best protection against any threat spread through IM file transfers is to deploy up-to-date antivirus software on all desktop and
laptop computers—preferably with protection for IM applications.
Passwords
Choosing strong passwords takes minimal effort but can go a long way to protect a computer or network from security breaches. Passwords should be six to eight characters in length and contain letters, numbers, and symbols. Never use passwords with common words, names, or dates, as these are easy for hacker programs to crack. Employees should protect passwords like they would the Personal Identification Number (PIN) to their bankcards. Do not store passwords near your computer or on a desk where others might easily find them. Likewise, do not give out passwords to colleagues. An accepted practice of password sharing could allow passwords to slip into the wrong hands.
Additional Security Tips
1. Do not allow multiple employees to share a single logon account.
2. Turn computers off before leaving work each day.
3. Avoid personal e-mail use.
4. Routinely check for updated virus definitions and patches.
5. Change passwords regularly.
6. Install and use antivirus programs.
7. Install and use a firewall.
8. Make backups of important files or folders.
9. Do not download free software, music files, or screen savers from the Internet.
10. Keep IM use to business traffic only.
Consistently and constantly reinforcing personal responsibility and accountability for information security can go a long way. Leaving employees uninformed about security issues can expose a company to unnecessary risks that could have a direct impact on corporate revenue, workforce productivity, and the costs of doing business. With employees aware of best practices to safeguard information and other assets, there is less room for security lapses in areas security technology cannot protect.
Hackers are writing more complex codes and striking more often and more quickly, leaving little time for reactive security measures. However, computer viruses have been around for many years and there are effective measures that can minimize and prevent these threats. Employee training is a key proactive and necessary security measure to round out any computer security strategy. Where IT security solutions stop, education and awareness training must start to minimize gaps in security. The worst thing a company can do is have a false sense of security because it has taken steps to secure IT systems with technology.
Laura Garcia-Manrique is Director of Product Management for consumer
security products at Symantec Corp (www.symantec.com). Garcia works closely with the product development team to determine product strategy,
analyze industry trends and customer needs. She is also responsible for
competitive assessment, product positioning and pricing.
2. Case research and analysis:
Answer:
2.a Identify one company that had experienced an attacked from the internet.
Answer:
2.b Describe the attack.
Answer:
2.c Identify the damages done and the solutions adopted to reverse the damages and to protect the company from future threats.
Answer:
The attackers reportedly used servers located in the United States and Russia. According to the latest Symantec Internet Security Threat Report, the United States is the top country for malicious threat activity, accounting for 31% of the worldwide total, followed by China (10%), Germany (7%), France (4%), United Kingdom (4%), South Korea (4%), Canada (3%), Spain (3%), Taiwan (3%) and Italy (3%). Meanwhile, law enforcement authorities have detained a Russian teenager suspected of involvement in the Estonian cyber attacks. The youth reportedly called for massive cyber attacks against Estonian servers in Internet forums.
Cite your reference.http://www.debt3online.com/?page=article&article_id=7
http://www.research.ibm.com/antivirus/SciPapers/White/Problems/Problems.html
http://www.ibls.com/internet_law_news_portal_view.aspx?id=1782&s=latestnews
by:Wilma Son
1. Identify the possible risks and threats (eg. virus) that can potentially attack a company with internet connection.
Answer:
Internet Security
Most legal professionals know that the loss of a single critical computer file can mean the loss of hours of work and possibly the loss of future clients. Legal professionals spend their time becoming experts in their trade, but lawyers who depend on the Internet to create and distribute their work need to also be informed about security issues and the importance of protecting important data from unnecessary risk. Protecting computers from viruses, hackers, and other threats is
critical. Some people who think they are protected may actually still be at risk.
Any computer user that uses a laptop or desktop computer and has Internet access is at risk for common threats that can be easily prevented. Antivirus software, personal firewalls and other tools are simple to deploy and well worth the small amount of money it costs to ensure protection and peace of mind. But it takes more than technology to secure important information assets. Protecting intellectual property should be a security priority for all legal professionals because the alternatives can be very costly – not to mention very damaging to corporate image. Technology tools combined with knowledge about security threats and computer user guidelines can eliminate worrying about computer security from the ‘to do’ list and allow more time to concentrate on client relationships and success.
Threats to organizations now come from a range of sources and employees need to understand all possible vulnerabilities to guard themselves against the increasing number of digital attacks. In 2001 the computing community was introduced to a new kind of threat—one that could pick and choose its point of entry based on the security roadblocks it faced. These new threats combine to create a modern type of advanced computer security threat that experts are calling “blended threats.” As the term blended threats suggest, these threats combine, or blend, a number of dangers together into one, multi-pronged and destructive force. Blended threats can have an unbelievable infection rate because many of them require no human interaction to spread. In addition, blended threats are usually very malicious once they gain access to and infect a computer.
Hackers are writing more complex codes that are difficult to protect against and they are striking more often and more quickly. While insiders may be aware of security policies and procedures, all too often they do not stop to consider how their actions would breach the rules. Their motivation is not to exploit, attack, or otherwise adversely affect your enterprise system, but their actions could have devastating repercussions, regardless of motive.
The key to combating Internet threats is educating computer users. Computers users who think they are protected or who are ignorant to possibilities of threats may not realize that they perform many actions each day that compromise computer security. Although threats such as worms, viruses, and Trojan horses have grown in complexity and ability to spread, there are many precautions users can take to help prevent virus infection.
One of the biggest computer threats comes through e-mail attachments. User caution is very important when protecting against risks such as viruses and worms that propagate through e-mail programs. When opening any e-mail attachment, computer users should always scan for viruses. To make these scans effective, virus definitions, or digital files that help identify and deal with viruses, should be updated frequently to ensure protection against the latest threats. Without updated virus definitions, a new threat could potentially pass a virus scan undetected.
Some of the latest blended threats do not require human intervention to propagate and can be spread simply by opening or previewing an infected e-mail. For this reason, employees should turn off the preview pane in their e-mail program. Most importantly, employees should be instructed to not open unsolicited e-mails or e-mails from unrecognizable sources. When a suspicious e-mail is received,
permanently delete the e-mails by pressing shift+delete. This tip was extremely pertinent in the recent MyDoom outbreak in which technical subject headings tricked users into opening malicious e-mails.
The Internet
Viruses can be downloaded to any computer by simply visiting an infected Web site containing malicious code. Although Internet surfing is a popular pastime, it can increase chances of visiting a malicious site. Encryption of information sent via the Internet is a very important component in protecting information. Computer users should be careful with Web sites that claim encryption of financial or other sensitive information is not necessary.
Computers with constant Internet connection such as DSL or cable are particularly susceptible to hacker attempts.
This constant connection to large amounts of bandwidth allows for easier outside access to unprotected computers. The use of firewalls can block unauthorized access to a computer and prevent unauthorized information from leaving a computer. In addition, intrusion detection software can alert the computer user when an attempt is being made to gain access to the computer and its information. The
easiest way to protect yourself from Internet risks is to reserve Internet surfing for pertinent business applications and stick to large, popular Web sites that provide security protection for visitors.
Peer-to-Peer Networks and
File Sharing Programs
File sharing programs are not always secure and can open a computer to risks. Malicious threats can mask themselves as common music files that appear harmless until downloaded. Threats, such as the recent Netsky worm, try to use file-sharing programs like Kazaa to quickly spread to numerous computers and cause damage. In addition, peer-to-peer networks increase the risk of spyware that gives others direct access to a computer. These programs allow authors of the program and other network users to see employee computer activity, where they are visiting on the Internet, and even use the computer’s resources without the user’s knowledge. The best way to reduce risks is to avoid use of peer-to-peer networks and to not download files from unknown sources through file sharing programs.
Instant Messaging (IM)
Virtually all free IM systems have features to bypass
traditional corporate firewalls, making it difficult for administrators to control IM use inside an organization. Many of these systems lack encryption capabilities and can lead to unwelcome eavesdropping. Insecure password management also makes IM programs vulnerable to account spoofing where hackers can impersonate a familiar user.
Repeated file transfers through instant messaging can cause the rapid spread of traditional viruses, worms, and Trojan horses. Increased incidents of spim (spam sent through IM channels) are also on the rise and will most likely lead to increased IM threats in the future. The best protection against any threat spread through IM file transfers is to deploy up-to-date antivirus software on all desktop and
laptop computers—preferably with protection for IM applications.
Passwords
Choosing strong passwords takes minimal effort but can go a long way to protect a computer or network from security breaches. Passwords should be six to eight characters in length and contain letters, numbers, and symbols. Never use passwords with common words, names, or dates, as these are easy for hacker programs to crack. Employees should protect passwords like they would the Personal Identification Number (PIN) to their bankcards. Do not store passwords near your computer or on a desk where others might easily find them. Likewise, do not give out passwords to colleagues. An accepted practice of password sharing could allow passwords to slip into the wrong hands.
Additional Security Tips
1. Do not allow multiple employees to share a single logon account.
2. Turn computers off before leaving work each day.
3. Avoid personal e-mail use.
4. Routinely check for updated virus definitions and patches.
5. Change passwords regularly.
6. Install and use antivirus programs.
7. Install and use a firewall.
8. Make backups of important files or folders.
9. Do not download free software, music files, or screen savers from the Internet.
10. Keep IM use to business traffic only.
Consistently and constantly reinforcing personal responsibility and accountability for information security can go a long way. Leaving employees uninformed about security issues can expose a company to unnecessary risks that could have a direct impact on corporate revenue, workforce productivity, and the costs of doing business. With employees aware of best practices to safeguard information and other assets, there is less room for security lapses in areas security technology cannot protect.
Hackers are writing more complex codes and striking more often and more quickly, leaving little time for reactive security measures. However, computer viruses have been around for many years and there are effective measures that can minimize and prevent these threats. Employee training is a key proactive and necessary security measure to round out any computer security strategy. Where IT security solutions stop, education and awareness training must start to minimize gaps in security. The worst thing a company can do is have a false sense of security because it has taken steps to secure IT systems with technology.
Laura Garcia-Manrique is Director of Product Management for consumer
security products at Symantec Corp (www.symantec.com). Garcia works closely with the product development team to determine product strategy,
analyze industry trends and customer needs. She is also responsible for
competitive assessment, product positioning and pricing.
2. Case research and analysis:
Answer:
Abstract
Over a decade of work on the computer virus problem has resulted in a number of useful scientific and technological achievements. The study of biological epidemiology has been extended to help us understand when and why computer viruses spread. Techniques have been developed to help us estimate the safety and effectiveness of anti-virus technology before it is deployed. Technology for dealing with known viruses has been very successful, and is being extended to deal with previously unknown viruses automatically. Yet there are still important research problems, the solution to any of which significantly improve our ability to deal with the virus problems of the near future. The goal of this paper is to encourage clever people to work on these problems. To this end, we examine several open research problems in the area of protection from computer viruses. For each problem, we review the work that has been done to date, and suggest possible approaches. There is clearly enough work, even in the near term, to keep researchers busy for quite a while. There is every reason to believe that, as software technology evolves over the next century or so, there will plenty of important and interesting new problems that must be solved in this field.
Introduction
Some people believe that there is no longer any interesting research to do in the field of protection from computer viruses - that all of the important technology has already been developed - that it is now a simple matter of programming to keep up with the problem. Others believe that "virus research" simply means "analyzing viruses." To dispel these misimpressions, we discuss several important research problems in the area, reviewing what is known on each problem and what remains open.
The purpose of this paper is not to give solutions to these problems. Rather it is to outline the problems, to suggest approaches, and to encourage those interested in research in this field to pursue them.
The problems we have selected have two characteristics. The first is that, if the problem were solved, it would significantly improve our ability to deal with the virus problem as it is likely to evolve in the near future. The second is that the problem constitutes an actual research problem, so that a definitive solution would be publishable in peer-reviewed computer science journals, and could form the basis for an M.S. thesis or, in some cases, a Ph.D. thesis.
We discuss five problems:
- As more viruses are written for new platforms, new heuristic detection techniques must be developed and deployed. But we often have no way of knowing, in advance, the extent to which these techniques will have problems with false positives and false negatives. That is, we don't know how well they will work or how many problems they will cause. We show that analytic techniques can be developed which estimate these characteristics and suggest how these might be developed for several classes of heuristics.
- We have a reasonable, qualitative understanding of the epidemiology of computer viruses, characterizing their spread in terms of birth rate, death rate, and the patterns of program transfer between computers. But a mystery remains. Evidence suggests that viruses are still relatively uncommon - that their prevalence has always been very low. But, according to our current theories, this can only happen if the birth rate of viruses is ever so slightly higher than their death rate, a coincidence too remarkable to believe. We discuss effects that might be responsible for this puzzling observation.
- We are in the process of deploying digital immune system technology that finds new viruses, transmits them to an analysis center, analyzes them, and distributes cures worldwide, automatically, and very quickly. The current architecture for this system uses a centralized analysis center for a variety of good reasons. But a more distributed approach, perhaps even a massively distributed approach, has advantages as well. We outline the system issues that must be considered, and what simulation results would be useful, in understanding the tradeoffs.
- There have been thankfully few instances of worms - freestanding virus-like programs that spread themselves and may never be present in the computer's file system at all. Yet virtually all of our anti-virus technology relies on detecting and removing viruses from a file system. We discuss the new problems that worms engender, and suggest some of the new technology that may be needed to deal with them.
- Current anti-virus technology is largely reactive, relying on finding a particular virus before being able to deal with it well. Modern programming environments can give rise to viruses that spread increasingly rapidly, and for which a reactive approach becomes ever more difficult. We review the history of pro-active approaches, showing why traditional access controls are basically useless here, and describe newer approaches that show promise.
Analyzing Heuristic Detection Methods
Over the past ten years, a single method of detecting computer viruses has nearly eclipsed all others: scanning for known viruses. Originally, a string of bytes was selected from some known virus, and the virus scanner looked for that string in files as a way of determining if that file was infected with that virus. Later, more complex techniques were developed which involved looking for various substrings in various parts of the file. But all of these techniques have one thing in common: they look for static characteristics of viruses that are already known.
In that same ten years, around twenty thousand different viruses were created. How could a method that only deals with already-know viruses be effective in an environment with so many new viruses? The reason is simple: over the past ten years, only a few hundred of these viruses have actually been seen in real customer incidents (these are the viruses that are "in the wild"). Even those spread rather slowly on a global scale, typically requiring months or years to become prevalent around the world. This provided the anti-virus industry plenty of time to discover a new virus, derive a cure, and make it available – all before very many PCs had been infected.
The anti-virus industry also developed methods for detecting previously unknown viruses. These methods are usually called "heuristic" methods because they are, by their nature, inexact. Heuristics are on the horns of the same dilemma as any other virus detection method: detecting as many viruses as possible while having as few false positives as possible. Authors of heuristics have dealt with these problems in two different ways. Some have conducted extensive beta tests of new heuristics, and tried to tune their heuristics to have acceptable false negative and false positive rates. Others have given up on selecting a single good trade-off and have let users try to make this trade-off themselves by adjusting parameters in the anti-virus program.
But the virus landscape is changing. No longer are we dealing with simple DOS file and boot viruses. Excel and Word macro viruses are currently the most prevalent kinds of viruses. Windows NT viruses are starting to be written. We have seen the first attempt at a Java application virus. And on the horizon are entirely new kinds of viruses that will take advantage of the Internet to spread themselves. Future kinds of viruses will arise and become widespread much more quickly than in the past. It is important that we have ways to find new instances of these viruses before they spread globally. We may not have the luxury of lengthy beta periods to help tune our heuristics to eliminate false positives. And we certainly can’t expect users to be sophisticated enough to tune dozens of different, complex heuristics if the authors of the heuristics are unable to do so.
The difficulty is that very little work has been done in this area. Apart from experience with individual heuristics as they are used in individual products, we don't know how well they will work or how many problems they will cause. In fact, since few heuristics have been described in the open literature, it is hard to know how good even current heuristics are. To further complicate matters, virtually all heuristics in use today have been developed without regard to the ability to estimate their false positive and false negative rates before they are in wide-scale use.
So the challenge is to develop classes of broadly useful heuristics that can be understood analytically before they are deployed and, preferably, updated as the threat evolves without requiring entirely new methods.
One possible starting point is a heuristic based on traditional signatures, but signatures that are common to large classes of already-known viruses. Combinations of these signatures can detect variants of viruses in these classes. Probabilities that individual string signatures will cause false positives in non-infected files can be estimated with techniques that have already been developed. Estimating false negative probabilities relies on characterizing new viruses in these classes as they appear over time.
A second possible starting point is to use neural networks to attempt to distinguish infected from uninfected files. This approach has already proved very successful for DOS boot viruses. Neural networks have been studied as general classifiers for many years. Techniques are available for estimating the false positive probabilities of neural networks trained on a given distribution of positive and negative examples. Most of these estimates, however, focus on giving worst-case bounds on the false positive probabilities. As such, these bounds are rather loose. An important part of this proposed analysis would be to establish expected-case estimates of false positive probabilities for the cases of interest.
2.a Identify one company that had experienced an attacked from the internet.
Answer:
suffered a series of cyber attacks in recent months, US official John Negroponte told the Financial Times: "We need to prepare ourselves because this is likely only to become more of an issue in the future." Well, the future is here. And the wave of cyber attacks has moved from Eastern to Western Europe. It has recently been disclosed that around the time Estonia was under cyber attack, an important Spanish domain-registration company was also waging a battle against unknown cyber pirates. The Cyber Terrorism Division of the Spanish Police is investigating the incident. If identified, the hackers involved could be prosecuted for blackmailing a company to prevent the disclosure of confidential information.
There seems to be a disagreement regarding the severity of the situation. While some reports claim that the private data of hundreds of thousands of Internet users is in the hands of criminals, the leading Spanish company in the domain registration and web hosting business, Arsys, has issued a statement denying this information. Executives concede the company has experienced what they describe as "a security incident, compromising some client data." However, they say, none of the data in question involves email, bank account or credit card passwords and therefore, they claim there's no risk of illegal access into bank or email accounts.
According to Arsys, hackers reportedly stole FTP codes, enabling them to insert a link to an external server containing malicious code, in the web pages of some clients. As soon as the company detected the incident, executives say it eliminated the link from the web pages, notified affected clients and boosted security measures across the board. To comply with legal requirements, executives add the company has reported the incident to the Cyber Terrorism Division of the Spanish Police. They confirm the incident is under investigation and may end up in court.
The attackers reportedly used servers located in the United States and Russia. According to the latest Symantec Internet Security Threat Report, the United States is the top country for malicious threat activity, accounting for 31% of the worldwide total, followed by China (10%), Germany (7%), France (4%), United Kingdom (4%), South Korea (4%), Canada (3%), Spain (3%), Taiwan (3%) and Italy (3%). Meanwhile, law enforcement authorities have detained a Russian teenager suspected of involvement in the Estonian cyber attacks. The youth reportedly called for massive cyber attacks against Estonian servers in Internet forums.
2.b Describe the attack.
Answer:
Executives concede the company has experienced what they describe as "a security incident, compromising some client data." However, they say, none of the data in question involves email, bank account or credit card passwords and therefore, they claim there's no risk of illegal access into bank or email accounts.
According to Arsys, hackers reportedly stole FTP codes, enabling them to insert a link to an external server containing malicious code, in the web pages of some clients. As soon as the company detected the incident, executives say it eliminated the link from the web pages, notified affected clients and boosted security measures across the board. To comply with legal
2.c Identify the damages done and the solutions adopted to reverse the damages and to protect the company from future threats.
Answer:
The attackers reportedly used servers located in the United States and Russia. According to the latest Symantec Internet Security Threat Report, the United States is the top country for malicious threat activity, accounting for 31% of the worldwide total, followed by China (10%), Germany (7%), France (4%), United Kingdom (4%), South Korea (4%), Canada (3%), Spain (3%), Taiwan (3%) and Italy (3%). Meanwhile, law enforcement authorities have detained a Russian teenager suspected of involvement in the Estonian cyber attacks. The youth reportedly called for massive cyber attacks against Estonian servers in Internet forums.
Cite your reference.http://www.debt3online.com/?page=article&article_id=7
http://www.research.ibm.com/antivirus/SciPapers/White/Problems/Problems.html
http://www.ibls.com/internet_law_news_portal_view.aspx?id=1782&s=latestnews
by:Wilma Son
Tuesday, May 5, 2009
Midterm Question #2
1.) Research one Philippine company and international company that have employee e- commerce?
Answer:
Philippines
International
About Digital River, Inc.
Digital River, Inc., a global leader in e-commerce outsourcing, builds and manages online businesses for more than 40,000 software publishers, manufacturers, distributors and online retailers. Its multi-channel e-commerce solution, which supports both direct and indirect sales, is designed to help companies of all sizes maximize online revenues as well as reduce the costs and risks of running an e-commerce operation. The company's comprehensive platform offers site development and hosting, order management, fraud prevention, site merchandising, advanced reporting and analytic s, product fulfillment, e-marketing and multi-lingual customer service.
2.) Describe his e-commerce operates in these companies?
Answer:NetSuite enables companies to manage all key business operations in a single, integrated system, which includes customer relationship management; order management and fulfillment; inventory management; finance; ecommerce and Web site management; and employee productivity. NetSuite is delivered as an on-demand service, so there is no hardware to procure, no large, up-front license fee, and no complex set-ups. Finally, NetSuite's patent-pending "real-time dashboard" technology provides an easy-to-use view into role-specific business information that is always up-to-date.
3.) Identify the benefits/constraints/desired by these companies from e-commerce.
Answer:
The purpose of this unit, on Benefits and Limitations of e-business / e-commerce, is to give you the tools to answer to people who question the value, or purpose, of having an online component of their marketing program. Most people appreciate the basic benefit that e-business may help them sell more, but beyond that they are not too clear - your job is to point out more benefits so it will become obvious that e-business is a great thing and that they need you to help them do it. ..
.
Reference:http://www.witiger.com/ecommerce/benefits-limitations.htm
Answer:
Philippines
The 2008 Philippine E-Commerce Forum
We finally pulled it through! For the first time we were able to gather in one place all the major industry players in the field of ecommerce.
Together with the Commission on Information and Communications Technology (CICT) and the Department of Trade and Industry (DTI), we were all able to bring in one place from Tel cos, Internet Service providers, Various government instituions, all the major banks including govt banks, payment gateways, online merchants, bloggers. online auctions and job sites, research companies and media to discuss and brainstorm the current ecommerce situation and how to move forward.
International
About Digital River, Inc.
Digital River, Inc., a global leader in e-commerce outsourcing, builds and manages online businesses for more than 40,000 software publishers, manufacturers, distributors and online retailers. Its multi-channel e-commerce solution, which supports both direct and indirect sales, is designed to help companies of all sizes maximize online revenues as well as reduce the costs and risks of running an e-commerce operation. The company's comprehensive platform offers site development and hosting, order management, fraud prevention, site merchandising, advanced reporting and analytic s, product fulfillment, e-marketing and multi-lingual customer service.
2.) Describe his e-commerce operates in these companies?
Answer:NetSuite enables companies to manage all key business operations in a single, integrated system, which includes customer relationship management; order management and fulfillment; inventory management; finance; ecommerce and Web site management; and employee productivity. NetSuite is delivered as an on-demand service, so there is no hardware to procure, no large, up-front license fee, and no complex set-ups. Finally, NetSuite's patent-pending "real-time dashboard" technology provides an easy-to-use view into role-specific business information that is always up-to-date.
3.) Identify the benefits/constraints/desired by these companies from e-commerce.
Answer:
The purpose of this unit, on Benefits and Limitations of e-business / e-commerce, is to give you the tools to answer to people who question the value, or purpose, of having an online component of their marketing program. Most people appreciate the basic benefit that e-business may help them sell more, but beyond that they are not too clear - your job is to point out more benefits so it will become obvious that e-business is a great thing and that they need you to help them do it. ..
| Basic Benefits of eBusiness eCommerce o increase sales - this is the first thing that people consider when dealing w e-commerce o decreasing costs o increase profits o understanding that profits is not the same as sales o Expands the size of the market from regional to national or national to international o Contract the market o reach a narrow market o target market segmentation allows you to focus on a more select group of customers o and therefore have a competitive advantages in satisfying them |
| Decreasing costs o costs of creating the product o marketing o of promotional material o costs of distribution
o lowers telecommunication costs |
Benefits to organizations that use e-Commerce with their business partners
- manufacturers and service companies
o minimizes Supply Chain inefficiencies
- reduces inventories
- reduces delivery delays
- enables efficient e-procurement
Reference:http://www.witiger.com/ecommerce/benefits-limitations.htm
The 2008 Philippine E-Commerce Forum
Subscribe to:
Posts (Atom)