Tuesday, November 27, 2007
11/19/07 Class Notes
Mainframe:
systems are built around a single, monolithic computer that is shared by all users on the system
Client/Server: a central server is used to store information that is accessed and acted upon by any number of client machines connected to the server through a network
N-Tier: compartmentalizes different functions of a system into modules that interact with one another
Distributed: is a system of servers, loosely coupled across a dispersed network, that work together to deliver a website
Data Layer: provide fast, reliable access to data needed to run a system
the data layer is responsible for maintaining information about the relationships between data
systems are built around a single, monolithic computer that is shared by all users on the system
Client/Server: a central server is used to store information that is accessed and acted upon by any number of client machines connected to the server through a network
N-Tier: compartmentalizes different functions of a system into modules that interact with one another
Distributed: is a system of servers, loosely coupled across a dispersed network, that work together to deliver a website
Data Layer: provide fast, reliable access to data needed to run a system
the data layer is responsible for maintaining information about the relationships between data
11/5/07 Class Notes
EXAMPLES OF VIRUSES
Windows registry (regedit, cookies): e.g., spyware and adware (one type of spyware)
Boot Virus–Attacks boot sectors of the hard drive
"Trojan horses” –a botplanted in the systems being attacked, can be operated locally or remotely for malicious purposes
Windows registry (regedit, cookies): e.g., spyware and adware (one type of spyware)
Boot Virus–Attacks boot sectors of the hard drive
"Trojan horses” –a botplanted in the systems being attacked, can be operated locally or remotely for malicious purposes
Viruses-
Fast to attack–Easily invade and infect computer hard disk
Slow to defend–Less likely to detect and destroy
Hard to find (Stealth)–Memory resident (registry)Able to manipulate its execution to disguise its presence
Use Password, alphanumeric, mix with upper and lower cases, change frequently, no dictionary names
Use Encryption, coding of messages in traffic between the customer placing an order and the merchant’s network processing the order
Firewall: frequently used for Internet security
Enforces an access control policy between two networks
Detects intruders, blocks them from entry, keeps track what they did and notifies the system administratorSummary and Exercises
10/31/07
OBJECTIVES
What are security concerns (examples)?
What are two types of threats (client/server)
Virus – Computer Enemy #1 threat
How to prevent and protect?
SECURITY CONCERNS:
examples
Uncover confidentiality (bank account)
Leak Authentication and Access Control (user name, password of your Web, email)
Conduct ID theft (over 50% is credit card fraud)
Hack or Intrude Web sites
Happens to client computers examples
Deliberate Corruption of Files (e.g., rename files)
Delete Stored Information
Use Virus (bring down system)
SERVER SECURIY THREATS
Web server with active ports (e.g., 80, 8080) can be misused (scalability or deny of service attack)
Web server directories (folders) can be accessed and corrupted
Server Threats:
DENIAL OF SERVICE
Hackers …
Break into less-secured computers
Installs stealth program which duplicates itself (congest network traffic)
Target network from a remote location (RPC) and activates the planted program
Victim’s network is overwhelmed and other users are denied access to Web and Email
What are security concerns (examples)?
What are two types of threats (client/server)
Virus – Computer Enemy #1 threat
How to prevent and protect?
SECURITY CONCERNS:
examples
Uncover confidentiality (bank account)
Leak Authentication and Access Control (user name, password of your Web, email)
Conduct ID theft (over 50% is credit card fraud)
Hack or Intrude Web sites
Happens to client computers examples
Deliberate Corruption of Files (e.g., rename files)
Delete Stored Information
Use Virus (bring down system)
SERVER SECURIY THREATS
Web server with active ports (e.g., 80, 8080) can be misused (scalability or deny of service attack)
Web server directories (folders) can be accessed and corrupted
Server Threats:
DENIAL OF SERVICE
Hackers …
Break into less-secured computers
Installs stealth program which duplicates itself (congest network traffic)
Target network from a remote location (RPC) and activates the planted program
Victim’s network is overwhelmed and other users are denied access to Web and Email
10/17/07
In FrontPage: design, HTML (handles presentation layer), split, previewSDLC = Software Development Life Cycle --> Project ManagerSite Design (Chapter 8)Web site is a computer application.
Developing Computer Applications has a Life Cycle:
Plan the site: requirements, define audience
Design: function/technical design
Execution: building/testing internally
Release: make available to publicPlanning the Site
Define the site's goals, determine who will be involved, understand time and need constraints
Process and detailed planningDefine Audience:
Output: customized peer review form for presentation
Need analysis: customer expectations
Make list of intended audience
Identify what the prospective customers want or need
Competitive Analysis:
Helps to make site better as opposed to your competition
Evaluate criteria: personalization, consistency, and ease of navigation
Design Tips:
Keep it simple
Enhance response time
Focus on content
Ensure company's name is visible
Emphasize appearance
Allow easy return to homepageSite Design and Evaluation Criteria (ACSS)
Appearance: make sure site it aesthetically pleasing, use professional tools for help
Consistency: build one image, use style guide
Scalability: simultaneous scalable access, capable of expanding
Security: threats (ID theft, privacy), protect from hackers
Developing Computer Applications has a Life Cycle:
Plan the site: requirements, define audience
Design: function/technical design
Execution: building/testing internally
Release: make available to publicPlanning the Site
Define the site's goals, determine who will be involved, understand time and need constraints
Process and detailed planningDefine Audience:
Output: customized peer review form for presentation
Need analysis: customer expectations
Make list of intended audience
Identify what the prospective customers want or need
Competitive Analysis:
Helps to make site better as opposed to your competition
Evaluate criteria: personalization, consistency, and ease of navigation
Design Tips:
Keep it simple
Enhance response time
Focus on content
Ensure company's name is visible
Emphasize appearance
Allow easy return to homepageSite Design and Evaluation Criteria (ACSS)
Appearance: make sure site it aesthetically pleasing, use professional tools for help
Consistency: build one image, use style guide
Scalability: simultaneous scalable access, capable of expanding
Security: threats (ID theft, privacy), protect from hackers
Subscribe to:
Comments (Atom)