dis revision week 13. please complete the course survey
Post on 21-Dec-2015
221 views
TRANSCRIPT
DIS RevisionDIS Revision
Week 13
Please complete the course Please complete the course surveysurvey
What are Distributed What are Distributed Information Systems? Information Systems?
“Systems where the processing and/or data storage are distributed across two or more autonomous networked computers”
Almost all information systems in current use are, by this definition, distributed
The most common experience for most people of a distributed system is from the use of the web.
DIS are complexDIS are complex
1000s of component100s of supplierSheer size in database and usersGeographic spreadFrequent change
We are approaching DIS as We are approaching DIS as an architect wouldan architect would
Carry out the broad designArchitects use structural and mechanical
engineers and the various tradesSystem architects use use network
specialists, programmers, analysts, DBAs and the like
But are responsible overallSo we need to know enough to specify and
supervise
What are standards & What are standards & protocols?protocols?
These terms are used fairly interchangeably in the computer world. It can be argued that a protocol is a type of standard peculiar to computer systems, usually with a time element.
A protocol defines the format and order of messages exchanged between two communicating entities, and the actions taken on receipt or transmission of a message.
Some examples of standards Some examples of standards & Protocols& Protocols
De facto (by fact – by general acceptance) TCP/IP – managed by the Internet Engineering Task Force
(IETF) HTTP, HTML & XML managed by the IEFT & W3 Consortium IBM PC platform – established by IBM, Intel & Microsoft
De jure (by law – set by an officially recognised body)
LAN standards – 802.x set by IEEE V series (V.32, V.33) X series (X.25, X.500) ISDN set by ITU.T
used to be called CCITT set up by the United Nations
But the boundaries are blurred
Business rulesBusiness rulesThey are the rules, definitions and
policies that are necessary for any organisation to function
Examples are: Course pre-requisites – INFO2000 or INFO2006 for this course Parking fines must be paid within 30 days Employees who work less than 30 hours per week are judged as
part-time etc
Many are very complex The DIS automates many of those rules But often not precisely defined until then And very difficult to do – but necessary!
There are many different There are many different types of applications in a DIStypes of applications in a DIS
CommunicationsInformationCommercialEducation, Health etcGovernmentMulti-mediaE-Commerce
Structural change has been Structural change has been underway in business for some yearsunderway in business for some years
Integration of the world’s capital marketsReduction in trade and capital barriersPrivatisation of government servicesBusiness Process Re-engineering (BPR)Enterprise Resource Planning systems (ERP)Technology fitting Moore’s LawFocus on core business & outsourcing
Characteristics of the Characteristics of the traditional modeltraditional model
High fixed capitalOwned production capacitySell what you makeReduce cost of production by
– Large scale plant– Increased throughput
Characteristics of the new modelCharacteristics of the new model
Very few capital assetsOften no production capacityConcentrates on customers (CRM) and
brandSpeed of response is the driverManages a network of suppliersSuppliers bid via an electronic marketDesign is collaborative – via internet
Characteristics of the new Characteristics of the new model (cont.)model (cont.)
Customer orders placed via Internet Orders are routed automatically to the appropriate
suppliers and component manufacturers Goods are routed directly from supplier to
customer Customers and suppliers have full access to
computer systems showing status of orders Administration systems are also outsourced
Corporate Business StrategiesCorporate Business Strategies
Increasingly, businesses have 3-5 year business strategies. These seek to define the business they are in and their plans for the next 3-5 years
IT is an enabler and a critical success factor is achieving those plans
Thus a corporate IT strategy is an underlying requirement
We start with a Business We start with a Business StrategyStrategy
In most cases an organisation will start with a business strategy. This is increasingly necessary because:– Business conditions change rapidly– Competition is actively encouraged– Management teams change more frequently– Business is more complex– Organisations have to be focused– Organisations seek to re-invent themselves rapidly
Many objectives will affect ITMany objectives will affect IT
Some of these will directly require IT services IT can also feed into the process and facilitate new
strategies and objectives IT must brief Senior management on emerging
technologies Differentiate between technologies that are there and
those which maybe offer more potential but not yet certain
IT may also prevent strategies from being followed It is an Iterative process
Where do we start in the Where do we start in the design process?design process?
Like a building architect, by assembling a brief
The Corporate IT strategy defines many of the components
The problem definition set the functional boundaries Existing systems pose some constraints Volumes of data, transactions and users establish the
size The location of users sets parameters on security,
internationalisation and controls User community agrees performance criteria
Design is an iterative processDesign is an iterative process
It starts in the feasibility study. Often a number of preliminary designs are
looked at this stage, costed and discussedAs the stages of development proceed, so
the design is reworked and refinedOften the final design bears little similarity
to the one opted for in the feasibility study
The feasibility study willThe feasibility study will
Define the key processes Define the initial data model Specify interface requirements to other systems Identify and review the relevant corporate IT
strategies and standards Collect the volumes Review solutions to the same problem in other
organisations Identify and review possible application packages
As the process continuesAs the process continues
Make or buy decisions will be made Development tools and methodologies will be put in
place DBMS will be selected Development and implementation plans will be
developed Capital and operating costs will be estimated Configuration and location of servers and data storage
will be determined Networks will be designed, upgraded and sized
And continuesAnd continues
Risks will be identified and minimisation strategies developed
Performance criteria agreed Security requirements established Implementation steps identified The client server model selected Infrastructure components identified in detail The data model is developed Processes are analysed and designed
Network – LAN and WAN
Centralised PC LAN
2 Tier 3 Tier 4 Tier
Client server
Presentation Presentation Presentation
Presentation Presentation
Presentation Presentation
Presentation
Presentation
ApplicationApplication
Application Application
Application
Presentation
Database
Database
Database
Database Database
File system File system File system File system File system
The main clients server models
Database tierDatabase tier
This is the most easily definedIt parses and executes SQL to:
– Update the database, or – Make the query and pass back the requested
data setMaintains transaction integrity (ACID) for a
single database – moves back to application tier for multiple databases
Application tierApplication tier Executes the code that process the application Sometime the interface between Presentation and
Application is blurred Varies between implementation An example might help: In an enrolment system;
– Presentation tier would gather the details of the course and establish that they were valid.
– Application tier would Process the rules to ensure you were eligible to take those
courses, update your records via SQL to the Database tier, and draft a course schedule for the Presentation layer to show you.
3&4 Tier Presentation3&4 Tier Presentation
In a three tier, the Presentation layer code is held remotely on the client or a local server. It presents forms etc for viewing or for data entry. It still has application specific material that must be updated if an application changes
Four tier usually means a WEB based system The presentation layer is then split – the
application specific stuff stays in the web server so that the only part that is required to be resident in the client is the Browser
As DIS architects, we want a As DIS architects, we want a network service that:network service that:
Provides a reliable message transportGives acceptable & predictable
transmission timesAllows a host at any location to be part of
the systemDoes not require our application to adapt to
any specific network characteristics.
Voice NetworksVoice Networks
Voice networks were:– Circuit switched– Analogue
Circuit switching requires all resources to be dedicated for the length of the connection
Voice is a reasonably consistent user of bandwidth for the length of the connection
Data on analogue circuits requires a modem
Data NetworksData Networks
Data does not use switched circuits efficiently as data is bursty – large quantities of data in bursts followed by quite periods
Packet switched gives better utilisation as many users can then share the channels
Digital signals allow greater bandwidth High capacity lines can be multiplexed into
multiple digital channels Voice can be digitised and packetised for
transmission on data networks – eventually all networks will be packet switched
Packet switched networksPacket switched networks
Messages are broken into packets usually variable in length but not of unlimited length
Packet of data is wrapped in an enveloped with an electronic address
Packets sent down the line like cars on a highway Routers act like road junctions, directing the
packet along the right road to get to the eventual destination
Packet switched networks can be virtual circuit or datagram
Effective end-to-end transfer Effective end-to-end transfer rates determined by:rates determined by:
The bandwidth of each linkThe Latency at each switch
– The Store & Forward process– The congestion or queuing at switches– Lost packets due to buffer overflow– Error detection and correction mechanism
The Layers of the Internet The Layers of the Internet architecturearchitecture
Application – HTTP, FTP etcTransport – TCP and UDPNetwork – IP – connectionless & unreliableData Link – FR, ATMPhysical
Domain Name ServiceDomain Name Service
Converts host names e.g. cs.usyd.edu.au to 32 bit IP addresses 192.154.32.9
IP addresses made up of two parts– Network address– Host or device address
IPv6 will introduce 128 bit addresses (maybe)
An Organisation’s network can An Organisation’s network can be:be:
Leased channels VPN Virtual Private NetworkVPN on Public networkPublic NetworkCombination of some or all or these
Leased circuitsLeased circuits
High initial fixed cost – may be cheaper if bandwidth well utilised
Fixed bandwidth – not easy to add bandwidth
Longer time frame to set-upCircuits may not be readily availableNot flexible for mobile users
Frame Relay VPNsFrame Relay VPNs
Easier to set-up Buy as much bandwidth (CIR) as needed and
increase with a phone call FR allow bursting above CIR if capacity available. FR may not be available in some remote locations Thus POP may not be available for local call
access from mobile users Network can be managed by supplier
VPNs on InternetVPNs on Internet
Cheap to set upVariable bandwidthWide availability is good for remote offices
and mobile usersNo guaranteed bandwidth although QoS is
comingSome concern about data security
Application
Transport
Network
Link
Physical
Link
Physical
Network
Link
Physical
Application
Transport
Network
Link
Physical
Host Bridge orSwitch
Router Host
Physical
Hub
Hubs, (Bridges) Switches & Routers
HubsHubs
Physical level devices They work at the bit level When a bit is received from one line, it propagates
down all the other lines Can carry out limited network management
functions – if an adaptor is faulty and floods the line with bits, the hub can internally disconnect that line
Extends the length of the LAN, because segment UTP lengths have discrete limits.
BridgesBridges Are Data link layer devices Work on frames and use adaptor addresses Store & forward devices They act as a switch and only send frames down the line
where the destination device is, thus if the frame address is not “over” the bridge the frame is not passed on.
Create limited area “collision zones” Usually support 2-4 links Can connect links of different bandwidths eg 10 & 100mbps
Ethernet They are plug & play devices – they learn where adaptors are Will disable duplicate paths in its internal tables.
SwitchesSwitches
Are newer Link layer Ethernet devices (but there are WAN switches as well e.g. ATM switches)
Tend to replace bridges but do similar things Larger number of links 12+ Higher performance design – required because of
larger number of links Facilitates connection of servers
RoutersRouters Network layers devices Transfer IP packets and use IP addresses Transfer packets down the best link to get to the
destination host Support redundant links While they are inherently slower than hubs and
switches, the more sophisticated technologies used compensate for that.
They are the “end device” of separate networks within the Internet
Can be used as simple firewalls by filtering out unwanted packets.
Routing algorithmsRouting algorithms
The network layer has to determine the route the message is to take
In a virtual circuit all packets for the connection will follow the same path
In a datagram service like IP, packets may take different routes
In both situations the routing algorithm within the Network layer will determine the routes
Quality of ServiceQuality of Service
One drawback with the Internet is that it is democratic, and all packets are treated as important as any other.
It provides “best effort” service IPv4 has no mechanism to provide priority This is needed for time critical applications such
as telephony, real time conferencing and high performance transaction processing
QoS aims for a predictable and specifiable bandwidth and latency
QoS the key to one networkQoS the key to one network
When packet switched networks can offer the QoS of switched circuits, that will be the day when all major users stop having two networks
Service providers are aware of thisThe network must be able to differentiate
between delay sensitive and delay insensitive applications
QoS requires:QoS requires:
The ability to request and receive resource reservation
Bandwidth Router buffers
Prioritisation where network traffic is classified and priority given according to bandwidth management policy
These services could be for: An individual data stream Aggregate flows of a particular type
The Web is an application!The Web is an application!
To many people The Internet and The Web are synonymous
But we know that The Web is an application that sits at the application level of the Internet
But is is the biggest, and therefore the most important to most people
But theoretically it could use different protocols on a different network
Some definitionsSome definitions
HTML HyperText Mark-up Language describes how the document is to be presented with tags or meta-data imbedded in the document. The Browser then uses that meta-data to format the document
HTTP is the application level protocol or service, for establishing connections and transmitting messages, between the Browser client and the Web server
Statelessness in HTTPStatelessness in HTTP
HTTP is a stateless protocolWhen a resource has been sent, the server
keeps no record of the exchange, so that if a second request is made by the same client, it is as if this was first contact with that client
This is not satisfactory for many complex transactions, say completing a multi-page form
Techniques for improving Web Techniques for improving Web performanceperformance
CachingLoad balancingContent Distribution Networks
CachingCaching
Initially implemented near the client in a proxy server operated by the organisation – all requests are first directed at the proxy server. If it cannot supply then the request is passed on to the target server.
Works on the basis that similar users frequently access the same pages – between 20-70% of requests can be satisfied this way, reducing bandwidth on the WAN
Caching Cont.Caching Cont.
Dynamically created pages cannot be cached
The risk of out-of-date information is reduced by time stamping the page with an expiry time when it must be refreshed
Caching also provided close to the original site to take load off main server
Caching ServicesCaching Services Caching now provided by service providers that
maintain an array of cache servers Akamii has 2000 servers in 40 countries. The site owners
decide which pages to be cached NLANR is another with a hierachy of backbone and regional
caches
One cache can obtain an object from another cache using ICP (Internet Caching Protocol)
Large ISPs serving low bandwidth clients provide this service
Caches are being developed to handle streaming video and audio – eventually supplying on demand music, TV and movies over the Internet
Load BalancingLoad Balancing
This enables groups of servers to service incoming requests
Data is replicated to the servers The request is sent to the server with the lowest
load Cookies can be used to identify high priority
clients and route their request accordingly We saw earlier how DNS can be used to provide
simple load balancing
Content Distribution NetworksContent Distribution Networks
This takes load balancing one stage further by distributing the servers geographically closer to the users.
This Reduces network hops Increases overall resilience Increases scalability
End of Thursday revisionEnd of Thursday revision
Integration facilities are Integration facilities are necessary to link:necessary to link:
components (or objects) within an application distributed over multiple hosts
diverse applications within an organisationapplications across organisational boundaries
Because application developers do not have any agreed protocol
Two main integration Two main integration approachesapproaches
Passing data between two quite different systems
Data incompatibilities – content & structure Timing incompatibilities
Component linking between components in the one system, or between components in compatible systems
Finding the component Defining a common interface
Data incompatibilities in Data incompatibilities in Integration of disparate systemsIntegration of disparate systems
Primary keys in disparate systems are invariably different
Common attributes have different names and field lengths
Classifications appear the same but are different Classification codes or names are different Sometime differences are for good reason Some parts of an organisation need more attributes
than others
Timing incompatibilitiesTiming incompatibilities
Timing of the generation and acceptance of the data
Back-up and recovery differences result in risk of data loss or duplication
Progressive implementation programmes, the frequency of new releases etc all make interface change frequent and difficult to manage
Enterprise Application IntegrationEnterprise Application Integration
EAI originated in the MOM market The connector is often provided by the application supplier but may have to be coded for legacy systems The EAI provides
translation, rules engine that can process or trigger an event transport mechanism – usually IBM’s MQ Series, and is usually asynchronous transaction queue
vHR
ClientAccounting
Global Theatre Country
EAI Hub
Datawarehouse
A simple example of our case study
EAI is fast developingEAI is fast developing
Richer application servers (hub) Facilities for interface definition Business rules for converting data Fail over protection Database access Different transport models
Use of XML as a data definition standardCloser to real time integration with publish
and subscribe model
Component linkingComponent linking
Applications spread over multiple hosts Components written in multiple languages Components developed when the hardware &
operating system is not known Components developed by many independent persons
or organisations The Location of components is not known Load balancing and fail over with multiple servers of
the one type Databases of different types need to be updated by the
one transaction.
Internet
LAN
Web server
Transaction servers Database server(s)
ClientsComponents are spread over all of these hosts.
Some characteristics of Some characteristics of component linkingcomponent linking
Applications must access a registry at run-time to find out where components are located
There must be a uniform scheme for passing information between components and for accessing data from multiple heterogeneous sources
Components must be designed to interact with middleware and then it can locate resources and communicate with them
Middleware can present the illusion of a single underlying server
Approaches to component Approaches to component linkinglinking
In WEB based systems, HTTP is the main link between the client and the WEB server
The usual interface between the database server and the other hosts is SQL, usually with a DBMS supplier provided transport mechanism
This leaves the interface between the Web server and the transaction servers, and in three tier between the client and the transaction servers
The basic approachesThe basic approaches
Remote Procedure Call (RPC) middlewareMessage Oriented Middleware (MOM)Transaction Processing middlewareDistributed Object/component middleware
(DOM)
What is XML ?What is XML ?
Generalized Markup
Language
80’s 90’s60’s Today
86’ SGML
89’ HTML
98’ XML
ebXMLVoXMLxCBL
RosettaNetetc.
XML is a simplified markup language to facilitate the exchange of information: providing both format and content
• A group of standards (XML, XSL, XML Schema, XLL, etc)
• Is different to HTML which is a presentation language which provides no semantic information.
Promise of XML Promise of XML
XML is expected to:
• Revolutionise electronic publishing by allowing for a better indexing of data and the separation of content information from display information
• Improve business communication by facilitating the definition and sharing of common XML formats or vocabularies as well as the transformation of differing XML formats
• Help facilitate the adoption of e-Commerce and as content will be displayed not only on desktop web browsers, but also PDAs, cellular telephones, and whatever other devices the future may bring us
Bringing the Pieces Together Bringing the Pieces Together - Presentation- Presentation
A typical presentation scenario:
1. The XML document and an XSLT sheet is read by an XSLT engine. 2. The XSLT engine creates output as an XSL-FO document or some
display format such as HTML.3. HTML documents are sent to a browser. 4. XSL-FO may be processed into other document types such as PDF.
Traditional Responses Traditional Responses Across OrganisationsAcross Organisations
Interfaces EDI or Custom “standard” (e.g. integrion, SWIFT) Reinventing “interchange data structures” Validation of data passed built into each “receiving” application Data structure changes require massive rebuild & retest
Problems with today’s approach Difficulties to get people to agree Difficult to get participants to agree on technical platforms and
associated costs (e.g. MQ Series, other EAI tools, etc) Standards (e.g. EDIFACT) are inadequate for industry solutions
so require customisation Administration of change across organisations
XML Response to the XML Response to the ProblemProblemSolutions
Low cost mechanism which is easy to agree on Industry bodies to define industry schema (Accord, FiXML,CML, etc) Interchange data semantics & validation rules ubiquitously available Data can be validated by the schema before information is accepted, Ready availability of skills in the marketplace XML parsers & other tools available in most languages and on most platforms Ease of data transformation to adapt to needs of sending/receiving application
data structures Reduced need for “big bang” synchronisation of change associated with new
data structures
Challenges Performance concerns (verbose) Many XML standards (DirXML, UDDI, etc) Relatively young toolset
Components and CommunicationComponents and Communication
What is a component?– A “component” encapsulates business logic (e.g., a sales order,
customer information), which is packaged and distributed around the network.
– Large-grained objects, not necessarily using object technology– Component technology provides packaging, distribution, and language
interoperability.
What is component-oriented middleware?– The set of technical components that allow business logic to be
encapsulated in the middle tier of a 3-tier application architecture.– Provides framework for security, location hiding, scalability, state and
transaction management
Typical ArchitectureTypical Architecture Model – View – Controller Construct
– Supports multiple presentation layers– Increases flexibility and adaptability– Enforces architecture and application
uniformity
Technical Infrastructure– Enforces common rules and simplifies
programming interfaces– provides platform and service location
transparency– provides adaptability and flexibility– Focuses developers on business logic,
not technical details
Presentation
Application
Database
TechnicalInfrastructure
The right architecture can solve…The right architecture can solve… Performance and Scalability
Persistence / Transaction Management
State Management
Interoperability
Security
Naming Services
• COM+
• EJB
• CORBA
Key characteristics: COM+ Key characteristics: COM+ and .NETand .NET
Language Independent– Common Language Runtime
Interface Development– VB Script and Active/X– Control/event model
COM+– Object Pooling & Security Services– Transaction Management: MTS– Queuing: MSMQ– Naming Services: ActiveDirectory
Platforms Supported– Windows OS– ODBC Compliant Database
XML Across Tiers Web Services
– Application Servers– Collaboration Services
Presentation TierASP.NET
Application TierCOM+
Database Tier
SQL Server/Oracle/DB2
Windows 2000, IIS,.Net Framework,.Net Enterprise Servers
HTTP HTML
ADO.NET
SOAP/XML
Key characteristics: EJB / Key characteristics: EJB / J2EEJ2EE
Single Language: Java– Java Virtual Machine
OO Development Platform/OS Independent
– JDBC compliant database EJB
– Object Pooling & Security Services– Transaction Management: JTA– Naming Services: JNDI– Queuing: JMS– State Management: Entity Bean
Vendor Products– Add Application Servers
Web Services– Sun’s ONE Framework
Presentation TierJava Servlets & Server Pages
Application TierEnterprise Java Beans
Database TierJDBC compatible DB
HTTP
HTML
JDBC
RMI/IIOP
Windows 2000/Unix,J2EE Platform,
International IssuesInternational Issues
Dates Calendar Field sizes Currency & Currency conversion Character sets & sorting sequences Language Cultural & commercial Legal issues – taxes, privacy etc
There are two general There are two general measures of performancemeasures of performance
The time an individual takes to complete a task – RESPONSE TIME
The number of transactions the system can process in a given time period - THROUGHPUT
But won’t one vary directly with the other?
Concurrency is the answerConcurrency is the answer
Throughput and scalabilityThroughput and scalability
As resources are added, more disk, more memory, faster processors, more bandwidth, then the system should increase throughput proportionally
But it depends on the architecture of the system as to whether it can use the resources at all, and whether you get a proportional increase
All areas of the system affect All areas of the system affect performanceperformance
User Interface Design System design Programming System architecture Database implementation Operating system, Middleware and Server
hardware Network
Platform evaluationPlatform evaluation
The platform consists of:– Operating systems– Middleware (MOM, TP Monitors, Distributed
Component services)– Server computers
Usually best evaluated as a unit Sometimes all or some of the suppliers of these
elements are organisation standards But the precise platform still needs to be specified
and evaluated for suitability for the application
Benchmarks are not easyBenchmarks are not easy
At the time the benchmark needs to be done, the application code is usually not written. So we can’t benchmark the actual application.
Setting up quantities of benchmark data, meeting the structure of the new database is a difficult and time consuming task
An alternative is to use TPC benchmarks
What are TPC benchmarks?What are TPC benchmarks? The Transaction Processing Council is an
independent organisation that prepares and audits benchmarks of combinations of Operating system, DBMS and Server and publishes those benchmarks in a comparative form.
It has been functioning for 10+ years It specifies a number of benchmarks, related as far
as possible to real world situation It monitors and audits tests by manufacturers to
ensure all conditions are met and the results are comparative
Website is www.tpc.org
TPC-CTPC-C TPC-C simulates an order entry environment Involves a mix of five transaction types of different
complexity Multiple on-line terminal sessions Moderate system and application execution time Significant disk input/output Transaction integrity (ACID properties) Non-uniform distribution of data access through
primary and secondary keys Databases consisting of many tables with a wide
variety of sizes, attributes, and relationships Contention on data access and update
What do we mean by What do we mean by reliability?reliability?
Correct – do what the system say it will do correctly
Available – Be available within the agreed time frame
Consistent – do it the same way with much the same response time on each occasion
RAIDRAID
Redundant Arrays of Independent DisksGroups of drives are linked to a special
controllerThey appear as a single logical driveTake advantage of multiple physical drive
to store data redundantlySix different RAID approaches numbered 0
to 5
0 Data striping, block orientedNo redundancy – no protection from disk lossReads and writes for contiguous block overlap, giving improved performanceNo space overhead
1 Disk mirroring – all data written to two identical drivesFull data protectionIf one fails the system can continue using the otherImproved read accessDoubles disk space requiredEasy to implement, easy to recover
5 Data striping, block oriented, distributed parityFull error protection, but slower to recover than 1Slow write due to parity computation, Good read performance, same as for Raid 0 but not as good as 125% overhead in disk space
Why do we need security?Why do we need security?
Authenticate people wanting to use the system Prevent unauthorised persons from
accessing the system Stealing information Doing malicious damage
Prevent authorised persons from Doing things they ought not Seeing data they ought not
Identifying unauthorised access
Security risks are withinSecurity risks are within
Most books concentrate on network security, but most DIS are of little interest to people outside
Most security breaches are from within the organisation and by relatively technically illiterate people
They are by people who want something they ought not have – like your medical records, your pay details, your exam marks – perhaps next month’s DIS exam!
Security starts with policiesSecurity starts with policies
Hardware and software implement policiesThe police and the law courts would be of
little use without legislationThe policy statement will:
State that security is important to the organisation Define the principles of the policy Define what constitutes acceptable use Give notice that security is monitored State what the procedure is when security is breached
Risk areas where security Risk areas where security need to be enforcedneed to be enforced
Authenticating the person wanting access to the system
Limiting the activities the person can doLimiting the data the person can seeRestricting access to the corporate network
from outsideEnsuring communications are secure
Authenticating the userAuthenticating the user
The whole mechanism is dependent on a reliable identification of the person accessing the system
In most systems this is done by password But passwords can be easily misused KPMG auditor quoted as saying most passwords
can be broken within 30 seconds Canadian police reckon the key to a person’s
password is within 2 metres of his or her PC But we are asked to remember so many password
and then change them every three months
There are other means of There are other means of identificationidentification
Keyboards can accept swiped ID cardsTokens that generate random numbers in
synch with the operating systemModems generate password or require call
backPhysical access via electronic keyThumb, voice or retina scan
Limiting activitiesLimiting activities
The user is assigned to a group or class based on grade, position or responsibility
The group has rights to do certain thingsThe application restricts access to menus
and buttons that initiate functions based on that class
Limiting the data the user can Limiting the data the user can see or changesee or change
Can be in the application based on class, or attributes like ID, grade and department
The application can preset parameters on list and enquiry functions
Can use database functionality– ACLs restrict
Access to read or write Limit access to specific tables Limit access to views of tables (or joins) Restrict access to DBA functions
Firewalls protect the internal Firewalls protect the internal networknetwork
Routers act as packet filtersApplication level firewalls
InternalNetwork
Outside worldRouter
Application
Firewalls
Ensuring communications are Ensuring communications are securesecure
Secrecy – only the two parties (person or process) should understand the messages
Authentication – each party should know the messages are from the right person
Message integrity – the messages must not be able to be changed