Information Technology for Business Value

BUS7103

Final Assignment
On
“Key points of Cloud Computing, Storage Devices, Securing Information
Resources, Block Chain, Machine Learning, and E-commerce.”

Submitted to:

Prof. Dr. Helal Uddin Ahmed

Faculty of Business Studies
Bangladesh University of Professionals

Submitted by:

Md. Harun Ar Rashid

ID: 2023032043
Sec: A
MBA (Professional), Batch-24

Date of Submission: 11 September 2020

0
 Storage Devices & Cloud Computing
A storage device is any computing hardware that is used for storing, porting and extracting
data files and objects. Now a day high capacity storage devices are available.

Type of storage devices:

 Primary Storage: Directly connected to CPU (RAM, ROM and Cache)

 Secondary storage: Not directly connected to CPU (main - Hard Disk)
 Magnetic Storage: Hard drive, floppy, tape
 Optical Storage Device: CD ROM, DVD ROM, CD-R, CDRW

Data storage and retrieval:

 Media is covered with iron oxide

 Read/write head is a magnet
 Magnet writes charges on the media
 Positive charge is a 1
 Negative charge is a 0
 Magnet reads charges
 Drive converts charges into binary

Data organization:

 Disks must be formatted before use

 Format draws tracks on the disk
 Tracks is divided into sectors
 Amount of data a drive can read

Tracks and Sectors:

A track is a circular path on the surface of a disk on which information is magnetically

recorded and from which recorded information is read.

In computer disk storage, a sector is a subdivision of a track on a magnetic disk or optical

disc. Each sector stores a fixed amount of user-accessible data, traditionally 512 bytes for
hard disk drives (HDDs) and 2048 bytes for CD-ROMs and DVD-ROMs.

1
Finding data on disk

Each track and sector is labeled

 Some are reserved

Listing of where files are stored

 File Allocation Table (FAT)

 FAT32
 NTFS

Data is organized in clusters

 Size of data the OS handles

Hard disks:

A hard disk drive, hard disk, hard drive or fixed disk is an electro-mechanical data storage
device that uses magnetic storage to store and retrieve digital data using one or more rigid
rapidly rotating platters coated with magnetic material.

 Primary storage device in a computer

 2 or more aluminum platters
 Each platter has 2 sides
 Spin between 5,400 to 15,000 RPM

2
Optical Storage Devices:

CD-ROM

 Reading and writing is done optically

 Read using a laser
 Lands, binary 1, reflect data
 Pits scatter data

DVD-ROM

 Digital Video/versatile Disk

 Use more than one layer on the disk

CD Recordable (CD-R)

 Create a data or audio CD

 Once written data cannot be changed

Recordable Optical Technologies:

CD Rewritable (CD-RW)

The recording layer of the CD-RW disc is polycrystalline. During recording, a laser
selectively heats areas of the recording track and melted. During rewrite the CD, the
amorphous position is heated above certain temperature. The CD is ready to rewrite.

3
Blu-ray (not Blue-ray) also known as Blu-ray Disc (BD), is the name of a new optical disc
enable recording, rewriting and storing large amounts of data. This offers more than five
times the storage capacity of traditional DVDs and can hold up to 25GB on a single-layer
disc and 50GB on a dual-layer disc or much more.

The benefits

 blue-violet laser using 405nm

 red laser using 650nm

So it’s possible to focus the laser on more tiny spot with even greater precision. Thus, it is
providing higher capacity.

Solid State Devices:

In Solid-state drives data is saved to a pool of NAND flash. NAND itself is made up of what
are called floating gate transistors. Electrons are stored in the floating gate, which then reads
as charged means “0” or not-charged means “1”. Common page sizes are 2K, 4K, 8K, or
16K, with 128 to 256 pages per block.

RAM:

Random access memory is a form of computer memory that can be read and changed in any
order, typically used to store working data and machine code.

Double Data Rate (DDR) could run at a clock rate (100-200MHz), using energy (2.5 volts)
speeds (transfer rates of up to 400 MTps). DDR2 was about twice as fast as the original DDR
(200-533MHz, with transfer rates up to 1,066MTps), used power (1.8 volts). DDR3 was
appeared around 2007 its speed about twice that of DDR2 (400-1,066MHz, maximum
transfer rate of 2,133MTps), and power usage 1.5 volts. The DDR4 standard allows for
DIMMs of up to 64 GB in capacity, compared to DDR3's maximum of 16 GB per DIMM.
DDR4 runs at lower voltage (1.2V) than either DDR3.

Cloud Computing:

Cloud computing means storing and accessing the data and programs over the internet rather
than the computer’s hard disk. The speed of transfer depends on various factors such as
internet speed, the capacity of the server, and many more.

4
Types of Cloud Computing:

Three types of Cloud computing which are:

 Iaas
 PaaS
 SaaS

Iaas (Infrastructure as a Service)

With the help of IaaS, the user can use IT hardware and software just by paying the basic
price of it. It provides cloud-based services, pay-as-you-go for services such as storage,
networking, and virtualization.

Examples: IBM, Google, and Amazon.

PaaS (Platform as a Service)

This helps the user by providing the facility to make, publish, and customize the software in
the hosted environment.

Examples: AWS Elastic Beanstalk, Heroku, Windows Azure (mostly used as PaaS),
Force.com, OpenShift, Apache Stratos, Magento Commerce Cloud.

SaaS (Software as a Service)

It provides a facility to the user to use the software from anywhere. This software as a service
that’s available via a third-party over the internet. It is also known as software on demand.

Examples: Yahoo! Mail, Hotmail, and Gmail.

Deployment methods:

There are four cloud computing deployment methods

1. Private Cloud
2. Public Cloud
3. Community Cloud
4. Hybrid Cloud

Private Cloud: Cloud Company maintains the management, deployment, and operation of
the cloud.

5
Community Cloud: Companies having similar interest and work can share the same cloud
and it can be done with the help of Community Cloud.

Public Cloud: The Company serves the infrastructure to the customer on a commercial basis

Hybrid Cloud: Combination of Public and Private Cloud which supports the requirement to
handle data in an organization.

Economical:

Need to pay only for the basic services. Here 24 hours and 7 days Availability. The cloud
service is available every time.

Security:

As the data has been saved at multiple places, there is no loss of data. Cloud Computing
offers a high level of security as the data stored is important and should not be lost.

Cloud Computing Companies:

Some of the companies which use Cloud Computing are-

 Netflix
 Pinterest
 Xerox
 Instagram
 Apple
 Google
 Facebook and etc.

6
 Securing Information Resources
Security:

Policies, procedures and technical measures used to prevent unauthorized access, alteration,
theft, or physical damage to information systems.

Controls:

Methods, policies and organizational procedures that ensure safety of organization’s assets;
accuracy and reliability of its accounting records; and operational adherence to management
standards.

Systems are vulnerable:

Accessibility of networks. Hardware problems (breakdowns, configuration errors, damage

from improper use or crime).

Contemporary security challenges and vulnerabilities:

The architecture of a Web-based application typically includes a Web client, a server, and
corporate information systems linked to databases. Each of these components presents
security challenges and vulnerabilities.

7
Viruses

Rogue software program that attaches itself to other software programs or data files in order
to be executed

Worms

Independent computer programs that copy themselves from one computer to other computers
over a network.

Trojan horses

They may sit quietly in your computer, collecting information or setting up holes in your
security, or they may just take over your computer and lock you out.

Common actions: Creating backdoors spying, Turning your computer into a zombie

Malware

SQL injection attacks: user input directly in an SQL query. Eg. Itemed=999 OR 1=1 UNION
SELECT user-name, password FROM USERS

Spyware

Small programs install themselves surreptitiously on computers to monitor user Web surfing
activity and serve up advertising

Key loggers

Record every keystroke on computer to steal serial numbers, passwords, launch Internet
attacks.

Hackers and computer crime:

Activities include

 System intrusion
 System damage
 Cyber vandalism

Spoofing

Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else.

8
Sniffer

Eavesdropping program that monitors information traveling over network

Denial-of-service attacks (DoS)

Flooding server with thousands of false requests to crash the network.

Distributed denial-of-service attacks (DDoS)

Use of numerous computers to launch a DoS

Botnets

Networks of “zombie” PCs infiltrated by bot malware

Computer crime

Defined as “any violations of criminal law that involve a knowledge of computer technology
for their perpetration, investigation, or prosecution”

Computer may be instrument of crime, e.g.:

 Theft of trade secrets

 Using e-mail for threats or harassment

Identity theft

Theft of personal Information (social security id, driver’s license or credit card numbers) to
impersonate someone else

Phishing

Setting up fake Web sites or sending e-mail messages that look like legitimate businesses to
ask users for confidential personal data.

Internal threats: employees

Security threats often originate inside an organization

Social engineering:

Tricking employees into revealing their passwords by pretending to be legitimate members of

the company in need of information.

9
When Antivirus Software cripples your computers:

Business Value of Security and Control

 Failed computer systems can lead to significant or total loss of business function.
Confidential personal and financial data, Trade secrets, new products, strategies
 A security breach may cut into firm’s market value almost immediately
 Inadequate security and controls also bring forth issues of liability

Legal and regulatory requirements for electronic records management and privacy
protection

HIPAA: Medical security and privacy rules and procedures

Gramm-Leach-Bliley Act: Requires financial institutions to ensure the security and

confidentiality of customer data

Sarbanes-Oxley Act: Imposes responsibility on companies and their management to

safeguard the accuracy and integrity of financial information that is used internally and
released externally.

Electronic evidence

Evidence for white collar crimes often in digital form

Data on computers, e-mail, instant messages, e-commerce transactions

Computer forensics:

Scientific collection, examination, authentication, preservation, and analysis of data from

computer storage media for use as evidence in court of law.

Information systems controls

Manual and automated controls

General and application controls

General controls

Govern design, security, and use of computer programs and security of data files in general
throughout organization’s information technology infrastructure.

10
Establishing a Framework for Security and Control:

Types of general controls

 Software controls
 Hardware controls
 Computer operations controls
 Data security controls
 Implementation controls
 Administrative controls

Security policy

Ranks information risks, identifies acceptable security goals, and identifies mechanisms for
achieving these goals

Drives other policies:

Acceptable use policy (AUP)

Defines acceptable uses of firm’s information resources and computing equipment

Authorization policies

Determine differing levels of user access to information assets

 Disaster recovery planning: Devises plans for restoration of disrupted services

 Business continuity planning: Focuses on restoring business operations after disaster

Both types of plans needed to identify firm’s most critical systems. Business impact analysis
to determine impact of an outage

MIS audit:

Examines firm’s overall security environment as well as controls governing individual

information systems

Reviews technologies, procedures, documentation, training, and personnel.

Identity management software

Automates keeping track of all users and privileges

11
Authenticates users, protecting identities, controlling access

Authentication

Password systems, Tokens etc.

Firewall:

Combination of hardware and software that prevents unauthorized users from accessing
private networks

Technologies include:

 Static packet filtering

 Network address translation (NAT)

Technologies and Tools for Protecting Information Resources

A CORPORATE FIREWALL

The firewall is placed between the firm’s private network and the public Internet or another
distrusted network to protect against unauthorized traffic.

Intrusion detection systems:

Monitor hot spots on corporate networks to detect and deter intruders

Antivirus and antispyware software:

Checks computers for presence of malware and can often eliminate it as well

Encryption:

Transforming text or data into cipher text that cannot be read by unintended recipients

12
Public key encryption

 Uses two, mathematically related keys: Public key and private key
 Sender encrypts message with recipient’s public key
 Recipient decrypts with private key

PUBLIC KEY ENCRYPTION

Digital certificate:

Data file used to establish the identity of users and electronic assets for protection of online
transactions. Uses a trusted third party, certification authority (CA), to validate a user’s
identity

Ensuring system availability

Online transaction processing requires 100% availability, no downtime

Fault-tolerant computer systems

For continuous availability, e.g. stock markets. Contain redundant hardware, software, and
power supply components that create an environment that provides continuous, uninterrupted
service.

Ensuring software quality

Software metrics: Objective assessments of system in form of quantified measurements

Number of transactions

13
 Block Chain
Cryptography:

The use of math and logical problem solving to encipher or decipher encoded messages.
Computer cryptography is heavily reliant upon mathematical proofs and the computational
difficulty of specific mathematical problems.

Cryptocurrency:

Digitally distributed and traded currencies for which proof of ownership is established via
cryptographic methods. For example, Ether cannot be transferred from an account without
having control of the private key that is associated with that account.

Available Cryptocurrencies:

 Bitcoin
 Litecoin (LTC)
 Ethereum (ETH)
 Zcash (ZEC)
 Bitcoin Cash
 Dash
 Ripple (XRP)
 Monero (XMR)

Bitcoin:

Bitcoin, often described as a cryptocurrency, a virtual currency or a digital currency is a type

of money that is completely virtual. It is a decentralized digital currency without is
independent of banks and can be sent from user to user on the peer-to-peer bitcoin block
chain network without the need for intermediaries.

Tools for payments:

One can accept both Bitcoin Cash and Bitcoin payments. Digital wallet app(cash), Bitcoin
payment gateway (online businesses) or a point-of-sale app (in-store businesses).

14
Block chain:

It is a type of diary or spreadsheet containing information about transactions. A system in

which a record of transactions made in bitcoin or another cryptocurrency are maintained
across several computers that are linked in a peer-to-peer network.

Mining:

It is the process by which transactions are verified and added to a blockchain. This process of
solving cryptographic problems using computing hardware also triggers the release of
cryptocurrencies.

Block:

Data is permanently recorded on the Bitcoin network through files called blocks. A block is a
record of some or all of the most recent Bitcoin transactions that have not yet been recorded
in any prior blocks.

Hash:
A hash code is created by a math function that takes digital information and generates a string
of letters and numbers from it. Performing a hash function on the output data in a blockchain
is termed as hash. Commonly used in sentences like “the hash of “geeksforgeeks file is
142c53v2v31vc1526v35v63v5v4”. Hashes are used to efficiently identify data. 

Hash Function:

A cryptographic function that maps inputs to specific, but seemingly arbitrary, outputs.
Hash rate:

Performance of a computer mining is measured in hashes per second or hash rate.

Cryptographic Hash Function:

A function that takes a variable-size input and output is a fixed-size unique value. SHA-256
algorithm is a cryptographic hash function example.

Nonce:

The nonce is the short form for Number Only Used Once is a number added to an encrypted
block in a block chain, which when rehashed, meets the difficulty level limitations.

15
Node:
A node is basically a small server that stores, updates and broadcasts a full copy of the block
chain. It is a computer that is participating in the global peer-to-peer Bitcoin network.

Wallet:
is a file that contains a collection of private keys and communicates with the corresponding
block chain. Wallets contain keys, not coins.

Peer-to-Peer (P2P): Interactions between actors without a central intermediary. P2P

payments transfer value directly between actors without a processor or bank intermediary.

Digital Signature:

Private keys are used for signing transactions. Each time a transaction is sent over the
blockchain it gets signed by the user’s private key.

Private Key:

It is a string of data that shows you have access to bitcoins in a specific wallet. Private keys
can be thought of as a password, private keys must never be revealed to anyone but you, as
they allow you to spend the bitcoins from your bitcoin wallet through a cryptographic
signature.

Public Key:

A cryptographic equation or set of parameters that corresponds to a paired private key. A

public key can be used to decrypt a message that is symmetrically encrypted using the
corresponding private key.

16
 Machine Learning (ML)
What is Machine Learning?

 Computer algorithms that improve automatically on their own

 No need of explicit coding by Programmer
 Learns from input data called ‘training data’.
 Closely related to data mining and Bayesian predictive modeling
 Gives future predictions or recommendation based on these data

How Machine Learning Works?

 The core objective of machine learning is the learning and inference.

 Deals with huge quantity of input data
 Discovers Patterns
 Uses Classifier Algorithms to form models
 Uses model to make future predictions

Types of Machine learning:

1. Association

2. Supervised Learning

 Classification
 Regression

3. Unsupervised Learning

4. Reinforcement Learning

1. Association: A typical example of association rule mining is market basket analysis. This
process analyzes customer buying habits.

2. Supervised Learning:

Supervision: The training data are accompanied by labels indicating the class of the
observations

Classification:

 predicts categorical class labels

17
  classifies data (constructs a model) based on the training set and the values (class
labels) in a classifying attribute and uses it in classifying new data

Typical applications:

 Credit/loan approval
 Medical diagnosis: if a tumor is cancerous or benign
 Fraud detection: if a transaction is fraudulent
 Web page categorization: which category it is

3. Unsupervised learning (clustering): The class label of training data is unknown. Given a
set of measurements, observations, etc. with the aim of establishing the existence of classes
or clusters in the data

Clustering: Grouping similar instances Example applications. Customer segmentation in

CRM-Image compression: Color quantization-Bioinformatics: Learning motifs

4. Reinforcement Learning: Reinforcement learning trains an actor or agent to respond to

an environment in a way that maximizes some value, usually by trial and error.

Applications:

 Game playing
 Robot in a maze

Uses of ML in Business:

 Customer Lifetime Value Prediction

 Personalizing product

 Product recommendation

 Predictive Maintenance

 Financial analysis

Future of Machine Learning:

 Better predictions with lesser training data

 Automation of Cyberattack Countermeasures

18
  Generative model

Ecommerce Based on Social Network

E-Commerce: Buying and selling a product through internet is called e-commerce.

Digital Firm: All the functional activities by means of computer, internet and technology is
called digital firm.

E-Business: If any firm perform their activities through internet, computer and technology is
called e-business. E-commerce is a part of e-business.

Mobile commerce: The e-commerce which is run through portable devices is called mobile
commerce.

Digital Marketing: refers to introduce any product or company to the people using digital
platform. This can be via sending email, sending sms etc.

Digital Goods: refers to any goods that are sold, delivered and transferred in digital form.

Example: Music file, video file, software etc.

Advantages:

 Cost of producing first unit almost entire cost of product. Marginal cost of 2nd unit is
about zero.
 Low cost
 Marketing costs remain the same; pricing highly variable.

8 unique features of e-commerce:

1. Ubiquity: It refers to the availability of the internet or web technology. For example:
home, work etc. people can access to the internet.
2. Global reach: the technology reaches across national boundaries, around earth.
3. Universal standards: It refers to One set of technology standards. Such as Internet
standards.
4. Richness: Supports of video, audio, and text messages.
5. Interactivity: The technology works through interaction with the user.

19
 6. Information density: The total amount and quality of information available to all
market participants.
7. Personalization or Customization: Technology permits modification of messages,
goods etc.
8. Social technology: The technology promotes user content generation and social
networking.

Types of e-commerce:

1. Business-to-consumer (B2C): electronic commerce involves retailing products

and services to individual shoppers.
Example: BarnesandNoble.com, which sells books, software, and music to
individual consumers.
2. Business-to-business (B2B): electronic commerce involves sales of goods and
services among businesses.
Example: Chem Connects Web site for buying and selling chemicals and plastics.
3. Consumer-to-consumer (C2C): electronic commerce involves consumers selling
directly to consumers.
Example: eBay, the giant Web auction site.
Mobile commerce (m-commerce): The use of handheld wireless devices for
purchasing goods and services from any location is termed mobile commerce or
m-commerce.

E-commerce business models:

E-tailer:

Sells physical products directly to consumers or to individual businesses.

Example: Amazon, RedEnvelope.com etc.

Transaction broker:

Provides a digital environment where buyers and sellers can meet, search for products,
display products, and establish prices for those products.

Example: eBay, Priceline.com etc.

Content provider:

20
Creates revenue by providing digital content, such as news, music, photos, or video, over the
Web.

Example: iTunes.com, GettyImages.com, Games.com etc.

Community provider:

Provides an online meeting place where people with similar interests can communicate and
find useful information.

Example: Facebook, Google +, Twitter etc.

Service provider:

Provides Web 2.0 applications such as photo sharing, video sharing, and user-generated
content as services.

Example: Google Apps, Dropbox etc.

E-commerce revenue models:

 Advertising Revenue Model:

 In the advertising revenue model, a Web site generates revenue by attracting a
large audience of visitors who can then be exposed to advertisements.
 Sales Revenue Model:
 In the sales revenue model, companies derive revenue by selling goods,
information, or services to customers.
 Companies such as Amazon LLBean.com
 Subscription Revenue Model:
 In the subscription revenue model, a Web site offering content or services
charges a subscription fee for access to some or all of its offerings on an
ongoing basis.
 Free/Freemium Revenue Model:
 In the free/freemium revenue model, firms offer basic services or content for
free, while charging a premium for advanced or special features.
 Google offers free applications but charges for premium services.
 Transaction Fee Revenue Model:
 In the transaction fee revenue model, a company receives a fee for enabling or
executing a transaction.

21
  eBay provides an online auction marketplace and receives a small transaction
fee from a seller if the seller is successful in selling an item.
 Affiliate Revenue Model:
 In the affiliate revenue model, Web sites (called “affiliate Web sites”) send
visitors to other Web sites in return for a referral fee or percentage of the
revenue from any resulting sales.
 Amazon uses affiliates who steer business to the Amazon Web site by placing
the Amazon logo on their blogs.

Business-to-business e-commerce:

 Electronic data interchange (EDI)

 Computer-to-computer exchange of standard transactions such as invoices,
purchase orders
 Major industries have EDI standards that define structure and information
fields of electronic documents for that industry
 E.g. Procurement: Businesses can now use Internet to locate most low-cost
supplier, search online catalogs of supplier products, negotiate with suppliers,
place orders, etc.
 Web site budgets:
 Several thousand to millions / year
 50% of a budget is system maintenance and content creation.

ATM

ATM (Automated Teller Machine): A computerized telecommunications device that

provides the customers of a financial institution with access to financial transactions in a
public space without the need for a human clerk or bank teller.

Function of ATM:

 Cash Withdrawals
 Cash Deposits
 Balance Enquiry
 Mini Statement
 Fund Transfer
 Utility Bill, Tax Payment

22
  Cheque Processing Module
 Promotional Features

Technical Overview:

 Hardware
 CPU
 Magnetic Stripe and chip card reader
 Encrypted PIN Pad (EPP)
 Display
 Cash Handler
 Receipt and Journal Printer
 Vault
 Software
 RMX (Real-time Multitasking eXecutive) by Intel, OS/2, Microsoft OS.
 XFS Middleware (eXtensions for Financial Services) provides client-server
architecture for financial applications on the Microsoft Windows platform,
especially peripheral devices such as ATMs to the financial industry.)

23