It_Security

1. The power or authority of a court to hear and pass judgments on a particular case is known as jurisdiction. There are mainly three types of judicial jurisdiction: personal jurisdiction, subject-matter jurisdiction and territorial jurisdiction. The difference between personal jurisdiction and subject-matter jurisdiction is that the former gives the authority to a court to hear a case based on the defendant’s connection with the territory of the court while the later the subject of the case that is being heard. That is, personal jurisdiction gives the court the authority to hear a case against defendant only if a connection can be established between the defendant and the region or territory in which the court is located (Clark et al., 2010). In the absence of a connection, the court can legally bind the defendant to its decision. On the other hand, subject-matter jurisdiction gives the authority to a court to hear a case in reference to a specific subject matter. If the case does not come under the court’s subject matter, than it does not have the authority to hear the case. Subject matter jurisdiction has not received much attention in Australian law of jurisdiction. For a court to be competent to hear and pass judgment on a case it must posses both personal and subject-matter jurisdiction (Keyes, 2005) 2. Shared hosting and dedicated hosting are types of web hosting services. The main difference between the two is that in a shared hosting service the server is shared by other users (websites) while in a dedicated hosting service the server is dedicated to a single user (website). In shared hosting the server is shared by multiple users or websites. The service provider will be completely responsible for the proper running of the system which will include the hardware, security, backup, software, managing bandwidth, etc. The user is only responsible for the development of the content. On the other hand, in dedicated hosting the server is dedicated to a single user (website). The responsibility of ensuring the proper running of the system is mainly on the user and the service provider is partly responsible. Shared hosting is lot more economical than a dedicated hosting service (Borgermans et al., 2004). Both have their pros and cons. In shared hosting, IP address will be shared with the other websites on the server and as a result the performance of one website is dependent on other websites on the server. Also the response time of each websites is affected by the other websites on the server. It is vice versa on dedicated hosting as there is only one website on the server and this offers greater security and control to the user (Bidgoli, 2006). 3. Throughput and response time are both ways of measuring the productivity of a system. Throughput is the amount of work that a system does in a unit of time. That is, it is the measure of how much work that a system can do in a given amount of time. For example, for an operating system, throughput can be measured as the number of tasks or operation that can be performed per unit time. On the other hand, response time is the time that has elapsed between a request for an operation and the response of the system to the request. Reference time can also be defined as the time taken by a task to be completed from the moment it was initiated (Menasce et al., 2004). Therefore, throughput is the rate at which tasks are completed and response time is the time for each task to be completed. Throughput and response time are interrelated and not independent of each other. Response time is influenced by the load on the system and throughput is a true indicator of the performance of a system (Shapiro, J.R. & Boyce, 2006). 4. Static web page is a web page which is identical every time you load it. The webpage does not change irrespective of how many times you load it. It is an unchanged page which is retrieved from a server or a disk. Static web pages can be built in plain text. And they contribute to the performance of the website. That is a server delivering a static webpage performs better as there isn’t much computational demand while delivering it. An example of a static webpage is the Google home page which remains unchanged every time you load it (Schneider, 2008). A dynamic webpage is a webpage which changes every time it is downloaded based on the preferences of the user. A dynamic webpage demands more computing power than a static webpage. The content on a dynamic webpage is non-static information which is generated every time it is loaded based on the request of the user. The advantage of a dynamic webpage over a static web page is that it can be easily updated (Warner, 2010). 5. Date: To: From: Subject: Pro’s and Con’s of email marketing Before indulging in email marketing there are various aspects that need to be considered. One of the main aspects is that of unsolicited email. There are various issues related to unsolicited email. Following are a few of them: • Privacy: Invasion of privacy is a major issue raised against solicited email. In most cases companies indulging email marketing outsource the job or sending marketing mails to a third party company and they share the information of the customers with the third party. This is against the privacy policies and the customer’s information can be circulated without the permission of the customer. Therefore, security of the personal information collected by the company is compromised. This may in ways lead to increase in spam mails in the customer’s information (Plasencia, 1999). • Irritation: Critics of unsolicited mails argue that these mails are irritating and this has been proven by various surveys. This is because the number of unsolicited mails is high and this can cause problems to the recipients to differentiate between personal mails and unsolicited emails. Therefore unsolicited emails annoy the recipients (Salehnia, 2002). • Cost to the recipients: The cost of unsolicited emails is transferred to the recipient. That is because the recipients are required to pay their internet service providers as per the minute usage. There is a lot of time wasted in opening and deleting these unsolicited emails. Even though the cost per unsolicited emails would be minimal but when taken in bulk leads to a huge expense to the recipient. • Personal and Social costs: Due to the fear of having their names added to a mailing list, many users do not participate or sign up for any surveys or any online communication. This has made an impact on what was supposed to be the most vibrant medium of communication on the net. Also many personal mails are lost during the sorting of unsolicited emails and this has reduced the effectiveness of use emails by users. • Negative image: Unsolicited emails can also result in the negative image of the company whose product is being promoted. The main purpose if marketing through mails is lost. Unlike unsolicited emails, solicited emails are sent only with consent of the recipient. That is, emails are sent to only those users who have requested for it. This has various advantages and presents numerous opportunities: • There is an opportunity for targeted marketing. As the customer interests can be understood by the buying behavior promotional mails can be designed to as per their interests. • This is a very effective way of marketing as return on the investment can be tracked. • Mails are sent only to those who have requested and hence there are no issues of privacy or ethics raised. • This is a great opportunity to reach targeted customers. The important principles for handling customer data that the music company should follow are (Schneider, 2008): • The collected data must be only used for the purpose if improving customer service. • Customers must be given the right to have any of their data deleted from the database. • Complete transparency in what data is being collected and the purpose for it. • Customer data must be strictly confidential and must not be shared with any third party (Schneider, 2008). 6. A general briefing about computer security and risk management: Computer security is a computer science filed which mainly deals with the risks related to computer security. Computer security is a vast field and is not just related viruses, identity theft, and loss of privacy but also takes into account the physical protection of hardware also. Hence computer security can be defined as “the protection of assets from unauthorized access use, alteration or destruction” (Perry, J.T. & Schneider, 2000). The main purpose of computer security is to ensure the safety of valuable resources of an organization such as software, hardware and information (Guttman & Roback, 1995). Computer security can be mainly divided into: • Physical Security: physical security deals with protection devices that are intangible such as guards, vaults, safes, security fences, fireproof doors, alarms, etc. • Logical Security: Logical security used non physical means to protect the assets of an organization. Following are the various elements of computer security one needs to be aware of while dealing with it: Threat: Any object or act that is capable of causing potential damage to a computer asset is known as a threat. Countermeasure: A procedure that is designed and carried out with the purpose of identifying, eliminating or reducing the threat is known as countermeasure. A countermeasure can be either logical or physical. The expense and extent of countermeasure is no6t constant and can change depending on the value of the asset at risk. Computer security can be classified into three categories: • Confidentiality: Confidentiality captures the security and secrecy aspects of computer security. That is it deals with protecting of the system against unauthorized use. The main objective is to ensure the authenticity of the source of the data and prevent unauthorized disclosure (Gollmann, 2011). • Integrity: Integrity is hard to give a specific definition to integrity. It simple terms integrity is to ensure that everything in the system remains as it is supposed to be. That is, it deals with preventing of modification of the system without authorization (Gollmann, 2011). • Necessity/ Availability: This deals with the property being accessible by an authorized entity on demand. That is it is related the prevention of denials or delays. That is to stop an attacker from an authorized user the access to the system (Gollmann, 2011). Risk Management: Risk management can be defined as “the ideas, models, abstractions, methods and techniques that are employed to control security risks” (Obaidat & Boudriga, 2007). Following is the risk management model that an organization must adopt or take in order manage the potential risk or threat. The action to be taken has to be decided based on the probability and the impact of the threat. Potential Threats to the company: 1. Physical security of the servers: Servers are vital top to the company’s operations and hence they need to be safeguarded. The current level of security is not sufficient. Also there is a need to maintain a copy of the servers in a remote location. Any damage as a result of a threat to the servers at the current locations can be critical and irreparable. The impact of would too high and hence this treat will be placed in the second quadrant. 2. Wireless Network Threats: As the company is planning to add access points, it becomes a potential threat. The reason for this is that WAPs provide network connections which can be accessed by other computers and devices within a given range. There are two other buildings of the same height surrounding the building the company is located in and hence, the connection becomes highly vulnerable. The impact again depends on what can be accessed. Therefore this threat will be placed in the first quadrant. 3. Web Server threats: All the web server is always to set to run on a high privilege status and affects the performance of the website. Hence, a threat to the web server must be considered seriously. This threat will be placed in the third quadrant as the expectancy is not high but the impact can be damaging. 4. Database Threats: The database contains vital information about the customers and hence need to be high priority. Disclosure or unauthorized use of the customer information or company’s confidential information can be make serious negative impact to the company and also affects the public image of the company, in turn the business. As the expectancy and the impact is high the threat is placed in the second quadrant.