The Role Of Internet And Web Service
The roll of internet The internet is a universal technology platform that allows any computer to communicate with any other computer in the world. Furthermore, one of the advantages of the internet is that nobody really ‘owns’ it. It is a global collection of networks, both big and small. These networks connect together in many different ways to form the single entity that we know as the internet.
2) The internet has revolutionized communication and thereby its contribution to information sharing. With access to a computer and an appropriate connection, anyone can interact with others worldwide; however the web is designed to exchange unstructured information: while people can read web pages and understand their meaning, computers cannot.
3) If corporations want to conduct business over the web, humans have to be involved unless there is a way for computers to communicate on their own.
Web services play a complementary and dominant role in building global IS for today’s dynamic business world. Web services are self-contained, modular applications that can be described, published, located and invoked over a network.
Web services perform functions ranging from simple requests to complicated business processes. Once a web service is developed, other applications and other web services can discover and invoke the deployed service through universal description, discovery and integration. The idea of web service is to leverage the advantages of the web as a platform to apply it to the application services. We use them, not just to the static information.
Services refer to components and the services offered that can be used to build larger application services.
Benefits of web services for developing IS of global natures are as follows:
Web services tools are available for most computer systems, including mainframes and packaged applications. This means that not only the existing applications can be retained, but also the existing knowledge of staff can be applied and extended using web services for business integration.
Web services are adaptable and can handle changes ore readily than other integration solutions, because they use structured text as their message format.
IT managers now have the ability to exchange data between most applications, on most computers in a consistent and standard way tools and further standards are therefore emerging to build composite applications that can model and manage business processes around these business-level components.
If necessary, an alternative application can be used to provide web services without changing the overall effect of the system.
Q:-2.How do distributed information systems help the global enterprises?
Ans) Distributed information systems help the global enterprises as follows:-
Success in the digital economy led by the rise of e-business. Business completion and pressures are on the rise like never before.
Business now has no geographical boundaries. With the rise of mobile commerce fuelled by mobile technologies. We are now witnessing the era of anywhere anytime computing. Naturally, information that has been one of the vital corporate resources assumes a higher dimension when it comes to data and information security.
There is an important point to be noted-while the industrial age witnessed great developments in terms of engineering, a significant dimension. Producers and consumers of goods all remained disparate and unconnected. They operated is islands of geographical pockets without knowing how the others were transacting their business.
Q:-3 briefly describe about the information level threats versus Network level threats?
Ans) information level threats versus network level threats:-
Information level threats
Network level threats
Information level threats are threats that involve the dissemination of information in such a way that organizations, their operations and their operations and their reputations may be affected.
1. Network level threats face any application that is connected to an IP network such as the Internet or includes campus and corporate networks. Servers and clients for Email and web applications have faced these threats for ten years or more, and the range of threats and the technologies used to exploit them is well understood.
Information level threats also make heavy use of network but at the primary level is the content of a message and not its form. Sending take inquires to service accounts to eat up resources would qualify as an information based attack as it is the content of the messages that would provide a basis for the attack.
The example of information based accusation. Such attacks can cause considerable damage to the goodwill of the organization against which they may be launched, and customer loyalty is too good to lose.
2. network based threats are hacking of computer systems and launching of DOS attacks as well as spreading malicious code such as viruses. Other security issues involved when data are transmitted over networks are confidentiality, authentication, integrity and non-repudiation.
A DOS attack that is based on flooding accounts with large quantities of e-mail is a network-based attack as it is the size and the quantity of the e-mail that matters and not the content of the e-mail.
Q:-4 how the security challenges presented by mobile devices and information systems access in wireless computing environments?
Ans) Mobile computing with real world significance has been expanding since the introduction of laptop computers into everyday use. During the last few years new classes of smaller wireless portable devices have come to the market place.
The possible and probable shift from wire-line terminals to relatively cheap, wireless, small, portable devices in huge numbers poses as such new challenges to the security in the network infrastructure. This holds not only for the air-interface, but also for the wire-line backbone network. It is foreseeable that, e.g. roaming between different types of networks becomes necessary and possible. Evidently, secure roaming between the networks is an issue, because otherwise a hostile terminal could take-over a session during hand-over from a network to another.
2) The scope of the security issues related with the terminals will be enhanced as compared to the current voice terminals on one hand and the fixed terminals on the other hand. This is because the internet-enabled terminals will be used as PTDs. to conduct diverse mobile electronic commerce transactions and possibly also transactions towards the authorities. They are also natural part of information systems of corporations.
Thus, such a terminal becomes a much more attractive object for ordinary thieve s or fir other people wanting to misuse the cyber-identity of the owner, than the current voice terminals. The information stored into such a device or the access to the corporate networks through stolen device may also be interesting for criminal elements, enemies, or for hard commercial competitors.
3) Location -based services are emerging as a brand-new service typical of the globally roaming PTDs. The possibility to track the person’s location at any time is evidently a threat to privacy. The location-based services also entail many security aspects; for instance, if a burglar could track a person’s position unnoticed, he/she would know when the owner is far enough so that the home could be robbed. And vice verso, if a person can show her trace on earth she can argue against claims raised against her in criminal cases.
Q:-5 what is the role of Information Security Scenario in the financial sector?
Ans) Parma Systems, Inc.Â allows financial organizations to protect their data communications against both internal and external security risks.
The last twelve to fifteen years have seen a fundamental transformation occur in the financial services sector – mergers and acquisitions, regulatory changes, the globalized economy, new requirements for anytime, anywhere access and the changing role of the technology have reshaped the industry and significantly altered the way financial organizations must manage their businesses. In response to these challenges, financial services organizations have implemented a number of new corporate strategies, remote management and access capabilities, and extended networking infrastructure. However, the infrastructure that supports these new processes is often managed by a myriad of legacy and inherently complex set of networking and security systems. This creates significant complexities with regards to network connectivity and security management.Â
Additional information security challenges arise from a series of legislative and regulatory initiatives – including the Sarbanes-Oxley Act (SOX), Graham-Leach-Bliley Financial Services Modernization Act (GLBA), and the European Data Privacy Directive (EDPP). These laws require enhanced security and privacy, and raise the legal and financial stakes for enterprises that fail to meet their standards. More legislation that further controls the protection of privacy data is also on the way.
Parma Systems, Inc.Â technologies are designed to help your organization to effectively manage security risks, and comply with external and internal security policies. The Parma product suite allows for your organization to customize and develop a robust, secure, and scalable product that can address the most stringent secure connectivity requirements – now and in the future.
Q:-6 explain the significance of authentication security service?
Ans) There are two components of security in mobile computing: security of devices and security in networks. A secure network access involves the mutual authentication between the device and the base stations or web servers. This is to ensure that only authenticated devices can be connected to the network for obtaining the requested services. No malicious node can impersonate the service provider to trick the device into doing something it does not mean to. Thus, the networks also play a crucial role in the security of mobile devices. Some eminent kinds of attacks to which mobile devices are subjected to be push attacks, pull attacks and crash attacks.
Authentications services security is important given the typical attacks on mobile devices though wireless networks: denial of services attacks, traffic analysis, eavesdropping, man-in-the-middle attacks and session hijacking.
Cryptographic security for mobile devices:-
Cryptographically generated addresses. CGA are internet protocol version 6 addresses where up to 64 address bits are generated by hashing the address owner’s public key. The address owner uses the corresponding private key to assert address ownership and to sign messages sent form the address without a public-key infrastructure of other security infrastructure.
For exp, the cryptographic provider manager in palm OS5 is a system-wider suite of cryptographic services for securing data and resources on a palm-powered device. The CPM extends encryption services to any application written to take advantage of these capabilities, allowing the encryption of only selected data or of all data and resources on the device.Order Now