processing tech malicioussoftware_ecommerce

Information System Architecture:Processing Technique

Presented ByEngr. Md. Fazlul Kader

Assistant Professor, Dept. of APECE

University of Chittagong, Bangladesh

Contents

Batch Processing

Distributed processing

Real Time processing

Timesharing

Multiprogramming

Multiprocessing

Engr. Md Fazlul Kader 2

Batch processing

A system that takes a set (a ―batch‖) of commands or jobs, executes them and

returns the result, all without human intervention.

Batch processing requires separate programs for input, process and output.

It is an efficient way of processing high volume of data

Advantages: Batch processing has the following benefits:

It allows sharing of computer resources among many users and programs.

It can shift the time of job processing to when the computing resources are

less busy.

It avoids idling the computing resources with minute-by-minute manual

intervention and supervision.

By keeping high overall rate of utilization, it amortizes the computer,

especially an expensive one.

Examples:

Printing

End of Day reporting(EOD)Engr. Md Fazlul Kader

3

Distributed Processing

A distributed system consists of multiple computers that communicate

through a computer network.

The computers interact with each other in order to achieve a common

goal.

Examples:

The world wide web – information, resource sharing

Distributed manufacturing system (e.g.,automated assembly line)

A computer program that runs in a distributed system is called

a distributed program, and distributed programming is the process

of writing such programs.

Distributed processing implies that processing will occur on more

than one processor in order for a transaction to be completed


Distributed ProcessingAdvantages

Attempts to capture the advantage of both a

centralized and a decentralized system

Greater flexibility

Facilitates quick and better access to data and

information

Higher performance than a centralized computer.

Better computer resources are easily available to the

end users


Distributed ProcessingDisadvantages

Lack of proper security control: The sharing of data

creates the problem of data security.

Lack of adequate computing/communication standard

Troubleshooting and diagnosing problems

The problems created by network infrastructure


Real time processing

In a real time processing, there is a continual input,

process and output of data.

Data has to be processed in a small stipulated time period

(real time), otherwise it will create problems for the

system.

For example: assembly line robots and radar system.

More examples of business real time processing: Air traffic control system

Reservation system used by hotel and car rental agencies

Process control systems as in nuclear reactor plants and steel mills

Systems that provide up to the minute information on stock prices.


Timesharing

Time sharing is a term used to describe a processing system with a number

of independent, relatively low speeds, online, simultaneously usable

stations.

Each station provides direct access to the CPU

In other words, timesharing refers to the allocation of computer resources

in a time dependent fashion to several programs simultaneously

Users who are using a timesharing system fall in one of the 3 status groups:

1. Active:

The user’s program has currently control the CPU.

One user active at a time

2. Ready:

The user’s program is ready to continue but is waiting for CPU.

More than one user can be in ready state at a time

3.Wait:

The user has no made up no request for execution of his job or the user’s program is

waiting for some I/O operation.

More than one user can be in waiting state at a time Engr. Md Fazlul Kader

8

Timesharing

Advantages

Reduces CPU idle time

Offers computing facility to small users

Provides advantage to quick response

Avoids duplication of the software

Disadvantages

Question of security

Problem of reliability

Problem of data communication

Question of overhead involved


Multiprogramming

Multiprogramming is the allocation of computing resources to more

than one concurrent application, job or user .

It is distinguishable from monoprogramming (or uniprogramming)

in which only a single program may be run at a time.

In Multiprogramming there are a number of programs available to

the CPU(Stored in main memory) and that a portion of one is

executed, then a segment of another and so on

Engr. Md Fazlul Kader

10

Multiprogramming

Advantages Increased throughput

Lowered response time

Ability to assign priorities of jobs

Requirements/Disadvantages

Large memory

Memory protection

Program status preservation

Proper job mix


Multiprocessing

Multiprocessing is the use of two or more central processing

units (CPUs) within a single computer system.

The term also refers to the ability of a system to support more than

one processor and/or the ability to allocate tasks between them

Advantages

1.Higher performance due to parallel processing.

2.It provides a built in backup. if one CPU get failed other CPU are

used to do that CPUs job.

3.In addition to the CPUs, also facilitates effective utilization of other

computer devices.

Disadvantages/Limitations

1.complex OS is required.

2.large main memory required.

3.very expensive.


http://en.wikipedia.org/wiki/CPU

http://en.wikipedia.org/wiki/CPU

Multiprocessing vs Multiprogramming

Multiprogramming Multiprocessing

1 Interleaved execution of two or more

processes by a computer system

having single CPU

Simultaneous execution of two

or more processes by a

computer system having more

than one CPU

2 Involves executing a portion of one

program, then a segment of another

etc.,in brief consecutive time periods.

Simultaneous execution of

several segments of one or

more programs


13

Information System Architecture:Security Control and E-commerce

Presented ByEngr. Md. Fazlul Kader

Assistant Professor, Dept. of APECE

University of Chittagong, Bangladesh

Contents

Security Control

Malicious software

Hackers and cyber-vandalism

Technologies and tools to provide security

E-Commerce


Security and Control

Security: Refers to the policies, procedures and technical

measures used to prevent unauthorized access,

alteration, theft or physical damage to information

systems.

Control

Consists of all the methods, policies and organizational

procedures that ensure the safety of the organization's

assets, the accuracy and reliability of its accounting

records and operational adherence to management

standards.


Malicious software

Malicious software, commonly known as malware

Malware is any software that brings harm to a computer

system.

Malware can be in the form of

worms,

viruses,

Trojans,

spyware,

adware etc.,

which steal protected data, delete documents or add software not

approved by a user.


Malicious software:Classification

Divided into two categories:1. those that need a host program

referred to as parasitic

Parasitic, are essentially fragments of programs that cannot

exist independently

Examples: Viruses, logic bombs, and backdoors

2. those that are independent.

Independent malware is a self-contained program

Can be scheduled and run by the operating system.

Examples: Worms, Zombie


Malicious software:Classification

Malicious Programs

Trojan

Horses

Independent

Logic

Bombs

Needs Host Program

WormsViruses ZombieTrapdoors

ReplicateEngr. Md Fazlul Kader

19

Malicious software:Backdoor or trapdoor

Is a secret entry point into a program

Allows someone who is aware of the backdoor to gain

access bypassing usual security access procedures.

Commonly used by programmers legitimately to debug and

test program

Backdoors become threats when unscrupulous

programmers use them to gain unauthorized access;

It is difficult to implement operating system controls for

backdoors.


Malicious software:Logic Bomb

One of the oldest types of Malicious software

It is code embedded in some legitimate program

Activated when certain conditions are met.

presence or absence of certain files,

a particular day of the week or date, or

a particular user running the application.

Once triggered, typically damage system

may alter or delete data or entire files,

cause a machine halt, or

do some other damage.


Malicious software:Trojan Horses

Useful, or apparently useful, program with hidden side-

effects(code)

When invoked, performs some unwanted or harmful

function.

When run perform some additional tasks Allows attacker to indirectly gain access they do not have directly

To gain access to the files of another user on a shared system

For example, a calculator program appears to be performing a

useful function but it may also be quietly deleting the user’s files.


Malicious software:Viruses

A piece of self-replicating code attached to some other

code

It is a piece of software that can ―infect‖ other programs by

modifying them;

Once a virus is executing, it can perform any function, such

as erasing files and programs.

The infection can be prevented by preventing virus from

gaining entry into the system

Examples:

Boot sector virus

E-mail virus


23

Malicious software:Worms

A program that can replicate itself and send copies from computer to

computer across network connections.

It is a standalone malware

Unlike a computer virus, it does not need to attach itself to an existing

program.

Worms almost always cause at least some harm to the network, even if

only by consuming bandwidth.

Example: The Morris worm or Internet worm of November 2, 1988 was

one of the first computer worms distributed via the Internet.

To replicate itself, a network worm uses some sort of network vehicle.

Examples include the following:

Electronic mail facility

Remote execution capability

Remote login capability


24

http://en.wikipedia.org/wiki/Bandwidth_(computing)

Malicious software:Zombie or Bot

A program which secretly takes over another networked

computer

Computers that are infected with a 'bot' are generally

referred to as 'zombies'.

Often used to launch Distributed Denial of service(DDoS)

attacks against target websites

Typically exploits known flaws in networked computer

systems A denial of service (DoS) attack floods a network with an overwhelming

amount of traffic, slowing its response time for legitimate traffic or grinding it to a

halt completely. The intent of these attacks is to deny the service to legitimate

users.

Distributed denial of service (DDoS) attacks are DoS attacks that appear to

come from or come from a large number of IP addresses.Engr. Md Fazlul Kader

25

Hackers and Cyber-vandalism

Hacker:

A hacker is an individual who intends to gain unauthorized access to a computer

system

Cracker

The term cracker is typically used to denote a hacker with criminal intent

Spoofing

A type of deception where an intruder attempts to gain unauthorized access to a user’s

system or information via pretending to be the user

For example: In email spoofing (or phishing), the user receives an email that appears to

be from a legitimate source but actually it is sent by someone else.

Sniffer

A type of eavesdropping program that monitors information travelling over a network

A sniffer can used legitimately or illegitimately to capture data being transmitted on a

network.

When used legitimately, sniffers help identify potential network trouble spots or criminal

activity on networks

When used for illegitimately or criminal purposes, they can be damaging and difficult to

detectEngr. Md Fazlul Kader

26


1. Access Control Consists of all the policies and procedures a company uses to

prevent improper access to systems by unauthorized insiders and

outsiders.

To gain access a user must be authorized and authenticated.

Access control software is designed to allow only authorised users to

use systems or access data using some method of authentication

Examples: Biometric authentication

Authentication is the process of verifying who you are. Logging on to a PC with a

username and password is authentication.

Authorization is the process of verifying that you have access to something. Gaining

access to a resource (e.g. directory on a hard disk) because the permissions configured

on it allow you access is authorization.


27


2.Firewalls A firewall is a combination of hardware and software that controls the flow of

incoming and outgoing network traffic

Firewall is used to prevent unauthorized user from accessing private network

Acts like a gatekeeper


28


3.Intrusion Detection Systems

Features full time monitoring tools places at the most

vulnerable points of corporate networks to detect an deter

intruders continually.

The system generates an alarm if it finds a suspicious or

anomalous events.



4.Antivirus Software Antivirus or anti-virus software is software used to prevent, detect

and remove malware (of all descriptions), such as: computer viruses

No matter how useful antivirus software can be, it can sometimes

have drawbacks.

Because new viruses are unleashed almost every week, antivirus

software needs constant updating — at least once a week.

Examples:

oKaspersky

oNorton

oMcafee

oAvira


30

http://en.wikipedia.org/wiki/Malware

E-commerce

E-commerce, short for electronic commerce, is the process used to

distribute, buy or sell market goods and service, and the transfer of

funds online, through electronic communications or networks.

Commonly referred to as

Online commerce

Web Commerce

eBusiness

eRetail

eTailing

ecom or

EC


31

E-commerce Characteristics

Business oriented:

Essentially business-oriented

Expands market and brings more customers

Convenient Service:

Customers will no longer be confined by geographic constraint in receiving

services

System Extendable

Ensure guarantee of system stability

Online Safety

First priority

Proper protective measures must be ensured

Encryption

Digital signature

Firewalls etc

Coordination: coordination among employees, customers, manufacturers,

suppliers and business partnersEngr. Md Fazlul Kader

32

E-commerce processing:

Example


33

E-Commerce :Basic Benefits

Increase sales

Decreasing costs

costs of creating the product

marketing cost

costs of distribution

costs of processing (orders from the customers)

costs of storing information

lowers telecommunication costs

Provide price quotes :with a web site, you can have the prices listed, and change

them

Increase profits

Expands the size of the market from regional to national or national

to international

Reach a narrow market :focus on a more select group of customers


34

E-Commerce :Limitations

Technical Limitations costs of a technological solution

some protocols are not standardized around the world

reliability for certain processes

insufficient telecommunications bandwidth

software tools are not fixed but constantly evolving (ie. Netscape

3,4,4.7,4.75 etc.)

integrating digital and non-digital sales and production information

access limitations of dial-up, cable, ISDN, wireless

some vendors require certain software to show features on their pages,

which is not common in the standard browser used by the majority

Difficulty in integrating e-Commerce infrastructure with current

organizational IT systems


35

E-Commerce :Limitations

Non-Technical Limitations

customer fear of personal information being used wrongly

customer expectations unmet

rules and regulations

security and privacy: vulnerability to fraud and other crimes

lack of trust and user resistance: fear of payment information being

unsecure

tactile limitations

limitations of support services

financial cost

sourcing tech support in foreign languages

higher employee training required to be click and mortar

people's resistance to change

people may not be used to faceless / paperless / non-physical

transactions Engr. Md Fazlul Kader

36

37

THANK YOU


processing tech malicioussoftware_ecommerce

Education

processing system

distributed system

processing technique

time of job processing

md fazlul kader

radar system

distributed programming

timesharing time sharing