Csc405 Net
Csc405 Net
Csc405 Net
FACULTY OF SCIENCES
DEPARTMENT OF COMPUTER SCIENCE
i
CSC405 COURSE GUIDE
Course Aim
The aim of the course is to furnish you with full knowledge on inter-networking. It teaches how systems
connect one with the other, communication modes, two or more systems processing, a single but
divided large tasks, together simultaneously, transmission technologies and much more.
Course Objectives
To achieve the aims set out, the course has a set of objectives. Each unit has specific objectives which
are included at the beginning of the unit.
You may wish to refer to them during your study to check on your progress. You should always look at
the unit objectives after completion of each unit. By doing so, you would know whether you have
followed the instruction in the unit.
Below are the comprehensive objectives of the course as a whole. By meeting these objectives, you
should have achieved the aims of the course as a whole. In addition to the aims earlier stated, this
course sets to achieve some objectives. Thus, after going through the course, you should be able to:
i
CSC405 COURSE GUIDE
Course Summary:
Overview of Net-centric computing:
Net-centric computing is the concept of using interconnected computer networks to
deliver computing services to clients or end-users. It involves a distributed computing
environment where applications and data are hosted on multiple servers across the
network.
Some of the key components of net-centric computing include network protocols,
network security, cloud computing, and web services.
The benefits of net-centric computing are numerous, including better scalability, easier
maintenance, and improved flexibility. With net-centric computing, organizations can
deliver services to a wider audience, regardless of location.
In conclusion, net-centric computing is an essential aspect of modern computing, as it
allows organizations to leverage the power of the internet and interconnected networks
to provide better services to their clients. Understanding the principles and technologies
involved in net-centric computing is crucial for any aspiring computer science
professional.
Introduction to Net-centric computing:
Net-centric computing refers to a computing architecture that supports the exchange of
data and applications between computers connected to the internet. In a net-centric
computing environment, computers can communicate with each other and share
resources such as hardware, software, and data. This technology enables users to
access data and applications from any location and from any device with an internet
connection. Net-centric computing has contributed to the development of cloud
computing, which relies on the internet as a means of delivering services to end-users.
This technology has revolutionized the way we work, communicate, and access
information, making it an essential component of modern-day computing.
Types of Coding:
Machine coding: Machine coding is the process of writing computer code directly in the
machine language of the computer's processor. It is the lowest-level programming
language, and the code is written in binary form consisting of 0s and 1s.
Front-end coding: Front-end coding is the process of creating the user-facing interface of
a website or web application using HTML, CSS, and JavaScript. It is focused on the
visual presentation and user experience of a website.
Back-end coding: Back-end coding is the process of building the server-side logic of a
website or web application. It involves programming languages like PHP, Ruby, Python,
and Java, and is focused on database management, data processing, and server-side
tools.
ii
CSC405 COURSE GUIDE
Full-stack coding: Full-stack coding is the process of designing, developing, and
maintaining both the front-end and back-end aspects of a website or web application. It
requires the knowledge of multiple programming languages and helps developers build
scalable and efficient digital products.
System Binary:
In computer science, a system binary refers to an executable file that is part of the
operating system. These files are essential for the functioning of the operating system
and perform various system-level functions. They are usually located in predefined
directories on the system, such as /bin, /usr/bin, or /sbin.
Examples of system binaries include utilities for managing files and directories (such as
ls and mkdir), systems daemons (such as init and systemd), and low-level tools for
managing hardware (such as fdisk and lspci).
System binaries are often written in low-level programming languages such as C, which
allows them to interact with the operating system and hardware at a low level. They are
typically owned by the root user and have restricted permissions to ensure the security
and integrity of the operating system.
If-else statement:
An if-else statement allows your program to make decisions based on certain conditions.
Here's an example in Python:
For Loop:
A for loop is used to repeatedly execute a block of code. Here's an example of a Python
for loop:
While Loop:
A while loop is similar to a for loop, but it continues to execute a block of code as long as
a certain condition is true. Here's an example of a Python while loop:
Information measure:
Information measure refers to the quantity of information conveyed by a message or
signal. It is a way to quantify the amount of uncertainty that is resolved when a message
is received. Typically, information measure is expressed in bits, which represent the
amount of information required to distinguish between two possible outcomes with equal
probability. The more bits required to distinguish between outcomes, the more
information is conveyed by the message. Information measure is used in a variety of
fields including information theory, communication systems, probabilistic modeling, and
machine learning.
C = ½ log(1 + P/σ^2)
where P is the transmit power and σ^2 is the noise power. This formula represents the
maximum rate at which information can be transmitted reliably over the channel,
measured in bits per second.
Matching the source to the channel means designing a source code that is efficient in
terms of compression and can be effectively transmitted over the channel. In the context
of continuous Gaussian channels, this involves choosing a source distribution that
maximizes the rate of information transmission (i.e., the entropy) subject to the
constraints of the channel capacity.
In practice, this can be achieved through techniques such as rate-distortion theory, which
seeks to minimize the distortion between the original source signal and the compressed
version transmitted over the channel, subject to the constraints of the channel capacity.
This allows for efficient communication of information over the channel while minimizing
errors and maximizing the quality of the received signal.
v
CSC405 COURSE GUIDE
CONTENTS PAGE
vi
CSC405 COURSE GUIDE
Characteristics of Service Oriented Architecture (Hadoop & Spark)……… 128
Unit 4
Unit 4 Overview of Wireless LAN, IEEE 802.11, Personal Area Network & Bluetooth
vii
CIT421 Net-Centric Computing
Introduction of Module
8
CSC405 Net-Centric Computing
Unit 1: Introduction to Distributed Computing
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 Distributed Computing
3.2 Web 2.0 Technologies
3.3 Service Orientation
3.4 Virtualization
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
9
CIT421 Net-Centric Computing
1.0 Introduction
A distributed system is a system whose components are located on different networked computers,
which communicate and coordinate their actions by passing messages to one another from any
system in order to appear as a single system to the end-user. The computers that are in a
distributed system can be physically together and connected by a local network, or they can be
geographically distant and connected by a wide area network. A distributed system can consist of
any number of possible components, such as mainframes, personal computers, workstations,
minicomputers, and so on. Common use cases of a distributed systems are electronic banking
systems, massive multiplayer online games, and sensor networks.
1.1 Functionality
There are two general ways that distributed systems function:
a. Each component of the system works to achieve a common goal and the enduser
views results as one combined unit.
b. Each component has its own end-user and the distributed system facilitates
sharing resources or communication services.
1.2 Architectural models
Distributed systems generally consist of four different basic architectural models:
a. Client-server — Clients contact the server for data, then format it and display it to
the end-user.
b. Three-tier — Information about the client is stored in a middle tier rather than on
the client, to simplify application deployment.
c. n-tier — Generally used when the server needs to forward requests to additional
enterprise services on the network.
d. Peer-to-peer — There are no additional nodes used to provide services or
manage resources. Responsibilities are uniformly distributed among components
in the system, known as peers, which can serve as either client or server.
10
CSC405 Net-Centric Computing
from parallel computing systems or shared-memory systems, where multiple computers share a
common memory pool that is used for communication between the processors. Distributed memory
systems use multiple computers to solve a common problem, with computation distributed among
the connected computers (nodes) and using messagepassing to communicate between the nodes.
Example of distributed computing is the grid computing where the nodes may belong to different
administrative domains. Another example is the network-based storage virtualization solution which
used distributed computing between data and metadata servers.
11
CIT421 Net-Centric Computing
Service orientation is the underlying paradigm that defines the architecture of a cloud computing
system. Cloud computing is often summarized with the acronym XaaS meaning, Everything-as-a-
Service—that clearly underlines the central role of service orientation Infrastructure-as-a-Service
solutions provide the capabilities to add and remove resources, but it is up to those who deploy
systems on this scalable infrastructure to make use of such opportunities with wisdom and
effectiveness.
Platform-as-a-Service solutions embed into their core offering algorithms and rules that control the
provisioning process and the lease of resources. These can be either completely transparent to
developers or subject to fine control. Integration between cloud resources and existing system
deployment is another element of concern.
3.4 Virtualization
Virtualization is another element that plays a fundamental role in cloud computing. This technology
is a core feature of the infrastructure used by cloud providers. Virtualization concept is more than
40 years old, but cloud computing introduces new challenges, especially in the management of
virtual environments, whether they are abstractions of virtual hardware or a runtime environment
Discussion
Which of the security infrastructure is most critical and why?
Answer
Infrastructure-as-a-Service solutions provide the capabilities to add and remove resources, but it is
up to those who deploy systems on this scalable infrastructure to make use of such opportunities
with wisdom and effectiveness.
Platform-as-a-Service solutions embed into their core offering algorithms and rules that control the
provisioning process and the lease of resources. These can be either completely transparent to
developers or subject to fine control. Integration between cloud resources and existing system
deployment is another element of concern.
5.0 Conclusion
Distributed computing is computing over distributed autonomous computers that communicate only
over a network. Distributed computing systems are usually treated differently from parallel
12
CSC405 Net-Centric Computing
computing systems or shared-memory systems, where multiple computers share a common
memory pool that is used for communication between the processors
6.0 Summary
Virtualization is another element that plays a fundamental role in cloud computing. Platform as-a-
Service solutions embed into their core offering algorithms and rules that control the provisioning
process and the lease of resources. Infrastructure-as-a-Service solutions provide the capabilities to
add and remove resources, but it is up to those who deploy systems on this scalable infrastructure
to make use of such opportunities with wisdom and effectiveness.
1.0 Introduction
13
CIT421 Net-Centric Computing
2.0 Intended Learning Outcomes (ILOs)
14
CSC405 Net-Centric Computing
• The data format is also defined at this stage
• This ensures that there is no collision with other existing systems which offer the
same service.
• the media is unguided/unbounded, the overlaying infrastructure is basically radio
wave-oriented
That is, the signals are carried over the air to intended devices that are capable of receiving and
sending similar kinds of signals.
3.3 Mobile hardware
• mobile devices or device components that receive or access the service of mobility
• They would range from portable laptops, smartphones, tablet Pc's, Personal Digital
Assistants
•
15
CIT421 Net-Centric Computing
• Since portability is the main factor, this type of computing ensures that users are
not tied or pinned to a single physical location, but are able to operate from
anywhere. It incorporates all aspects of wireless communications
3.5 Mobile Classification
• Mobile computing is not only limited to mobile phones, but there are various gadgets
available in the market that are built on a platform to support mobile computing
• They are usually classified in the following categories:
Personal Digital Assistant (PDA)
• The main purpose of this device is to act as an
electronic organizer or day planner that is
portable, easy to use and capable of sharing
information with your computer systems.
• PDA is an extension of the PC, not a
replacement
• These systems are capable of sharing
information with a computer system through a
process or service known as synchronization
• Both devices will access each other to check for
changes or updates in the individual devices
• The use of infrared and Bluetooth connections
enables these devices to always be synchronized.
Figure 5: Personal Data Assistant
• With PDA devices, a user can browse the internet, listen to audio clips, watch
video clips, edit and modify office documents, and many more services
• The device has a stylus and a touch sensitive screen for input and output
purposes
Smartphones
• It combines the features of a PDA with that of a mobile phone or camera
phone
• It has a superior edge over other kinds of mobile phones.
16
CSC405 Net-Centric Computing
• Smartphones have the capability to run multiple programs concurrently
• These phones include high-resolution touch screens, web browsers that can:
• access and properly display standard web pages rather than just
mobileoptimized sites
• high-speed data access via Wi-Fi and high speed cellular broadband.
• The most common mobile Operating Systems (OS) used by modern
smartphones include:
a. Google's Android
b. Apple's iOS
c. Nokia's Symbian
d. RIM's BlackBerry OS
e. Samsung's Bada
f. Microsoft's Windows Phone, and embedded Linux distributions such as Maemo
and MeeGo. Such operating systems can be installed on different phone models,
and typically each device can receive multiple OS software updates over its
lifetime.
17
CIT421 Net-Centric Computing
lectures and presentations among its very many other functions •
They have excellent screen resolution and clarity
3.6 Advantages
• Location Flexibility
• This has enabled users to work from anywhere as long as there is a connection
established
• A user can work without being in a fixed position
• Their mobility ensures that they are able to carry out numerous tasks at the same
time and perform their stated jobs.
• Saves Time
• The time consumed or wasted while travelling from different locations or to the
office and back, has been slashed
• One can now access all the important documents and files over a secure channel
or portal and work as if they were on their computer
• It has enhanced telecommuting in many companies
• It has also reduced unnecessary incurred expenses
• Enhanced Productivity
• Users can work efficiently and effectively from whichever location they find
comfortable
• This in turn enhances their productivity level
• Ease of Research
• Research has been made easier, since users earlier were required to go to the
field and search for facts and feed them back into the system
18
CSC405 Net-Centric Computing
• It has also made it easier for field officers and researchers to collect and feed data
from wherever they are without making unnecessary trips to and from the office to
the field
• Entertainment
• Video and audio recordings can now be streamed on-the-go using mobile
computing
• It's easy to access a wide variety of movies, educational and informative material
• With the improvement and availability of high speed data connections at
considerable cost, one is able to get all the entertainment they want as they
browse the internet for streamed data
• One is able to watch news, movies, and documentaries among other
entertainment offers over the internet
• This was not possible before mobile computing dawned on the computing world.
• Streamlining of Business Processes
• Business processes are now easily available through secured connections
• Looking into security issues, adequate measures have been put in place to ensure
authentication and authorization of the user accessing the services
• Some business functions can be run over secure links and sharing of information
between business partners can also take place
• Meetings, seminars and other informative services can be conducted using video
and voice conferencing
• Travel time and expenditure is also considerably reduced
3.7 Security Issues
• Mobile computing has its fair share of security concerns as any other technology
• Due to its nomadic nature, it's not easy to monitor the proper usage
• Users might have different intentions on how to utilize this privilege
• Improper and unethical practices such as hacking, industrial espionage, pirating, online
fraud and malicious destruction are some but few of the problems experienced by mobile
computing
• Another big problem plaguing mobile computing is credential verification
• As other users share username and passwords, it poses as a major threat to security
• This being a very sensitive issue, most companies are very reluctant to implement mobile
computing to the dangers of misrepresentation
• The problem of identity theft is very difficult to contain or eradicate
• Issues with unauthorized access to data and information by hackers, is also an enormous
problem
19
CIT421 Net-Centric Computing
• Outsiders gain access to steal vital data from companies, which is a major hindrance in
rolling out mobile computing services.
• No company wants to lay open their secrets to hackers and other intruders, who will in turn
sell the valuable information to their competitors
• It's also important to take the necessary precautions to minimize these threats from taking
place
• Some of those measures include:
• Hiring qualified personnel.
• Installing security hardware and software
• Educating the users on proper mobile computing ethics
• Auditing and developing sound, effective policies to govern mobile computing
• Enforcing proper access rights and permissions
• In the absence of such measures, it's possible for exploits and other unknown threats to
infiltrate and cause irrefutable harm
• These may be in terms of reputation or financial penalties
• In such cases, it's very easy to be misused in different unethical practices.
• If these factors aren’t properly worked on, it might be an avenue for constant threat
• Various threats still exist in implementing this kind of technology
3.8 Current Trends
• These are the list of the current mobile technologies starting from 5G technologies which is
the hottest mobile technology available in the market.
• 5G
• In telecommunications, 5G is the fifth generation technology standard for broadband
cellular networks, which cellular phone companies began deploying worldwide in
2019, and is the planned successor to the 4G networks which provide connectivity
to most current cellphones. 5G networks are predicted to have more than 1.7
billion subscribers worldwide by 2025, according to the GSM Association.[1] Like its
predecessors, 5G networks are cellular networks, in which the service area is
divided into small geographical areas called cells. All 5G wireless devices in a cell
are connected to the Internet and telephone network by radio waves through a
local antenna in the cell. The main advantage of the new networks is that they will
have greater bandwidth, giving higher download speeds, eventually up to 10
gigabits per second (Gbit/s).[2] In addition to 5G being faster than existing
networks, 5G can connect more different devices, and even if people are in
crowded areas, the servers will be more unified, improving the quality of Internet
services.[3] Due
20
CSC405 Net-Centric Computing
to the increased bandwidth, it is expected the networks will increasingly be used
as general internet service providers (ISPs) for laptops and desktop computers,
competing with existing ISPs such as cable internet, and also will make possible
new applications in internet-of-things (IoT) and machine-to-machine areas
• 4G
• 4G is the fourth generation of broadband cellular network technology, succeeding
3G, and preceding 5G. A 4G system must provide capabilities defined by ITU in
IMT Advanced. Potential and current applications include amended mobile web
access, IP telephony, gaming services, highdefinition mobile TV, video
conferencing, and 3D television.
• The first-release WIMAX standard was commercially deployed in South Korea in
2006 and has since been deployed in most parts of the world.
• The first-release Long Term Evolution (LTE) standard was commercially deployed
in Oslo, Norway, and Stockholm, Sweden in 2009, and has since been deployed
throughout most parts of the world. It has, however, been debated whether first-
release versions should be considered 4G LTE. The 4G wireless cellular standard
was defined by the International Telecommunication Union (ITU) and specifies the
key characteristics of the standard, including transmission technology and data
speeds.
• 3G or third generation
• 3G mobile telecommunications is a generation of standards for mobile phones and
mobile telecommunication services fulfilling the International Mobile
Telecommunications-2000 (IMT-2000) specifications by the International
Telecommunication Union. Application services include wide-area wireless voice
telephone, mobile Internet access, video calls and mobile TV, all in a mobile
environment.
• Global Positioning System (GPS)
• The Global Positioning System (GPS) is a space-based satellite navigation system
that provides location and time information in all weather, anywhere on or near the
Earth, where there is an unobstructed line of sight to four or more GPS satellites
• The GPS program provides critical capabilities to military, civil and commercial
users around the world
• In addition, GPS is the backbone for modernizing the global air traffic system,
weather, and location services.
• Long Term Evolution (LTE)
• LTE is a standard for wireless communication of high-speed data for mobile
phones and data terminals
• It is based on the GSM/EDGE and UMTS/HSPA network technologies, increasing
the capacity and speed using new modulation techniques
• It is related with the implementation of fourth Generation (4G) technology
21
CIT421 Net-Centric Computing
• WiMAX
• WiMAX (Worldwide Interoperability for Microwave Access) is a wireless
communications standard designed to provide 30 to 40 megabit-per-second data
rates, with the latest update providing up to 1 Gbit/s for fixed stations
• It is a part of a fourth generation or 4G wireless-communication technology
• WiMAX far surpasses the 30-metre wireless range of a conventional Wi-Fi Local
Area Network (LAN), offering a metropolitan area network with a signal radius of
about 50 km
• WiMAX offers data transfer rates that can be superior to conventional cablemodem
and DSL connections, however, the bandwidth must be shared among multiple
users and thus yields lower speed in practice
• Near Field Communication
• Near Field Communication (NFC) is a set of standards for smartphones and
similar devices to establish radio communication with each other by touching them
together or bringing them into close proximity, usually no more than a few
centimeters
• Present and anticipated applications include contactless transactions, data
exchange, and simplified setup of more complex communications such as Wi-
Fi. Communication is also possible between an NFC device and an unpowered
NFC chip, called a "tag"
3.9 Conclusion
• Today's computing has rapidly grown from being confined to a single location
• With mobile computing, people can work from the comfort of any location they wish to as
long as the connection and the security concerns are properly factored
• In the same light, the presence of high speed connections has also promoted the use of
mobile computing
• Being an ever growing and emerging technology, mobile computing will continue to be a
core service in computing, and Information and Communications Technology
Discussion
22
CSC405 Net-Centric Computing
Answer
Mobile computing is human–computer interaction by which a computer is expected to be
transported during normal usage.
2. Explain Near Field Communication as one of the current trends in Mobile Computing
5.0 Conclusion
Mobile and Wireless Computing has come to stay in every of our life endeavors ranging from
homes, commerce, education as well as finance. I doubt if we can recover from it.
6.0 Summary
Being an ever growing and emerging technology, mobile computing will continue to be a core
service in computing, and Information and Communications Technology
23
CIT421 Net-Centric Computing
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Fundamentals of Network Security
3.1 Network Security
3.2 Data as the Life-Blood of Business
3.3 Three Keys Focuses of Network Security
3.4 Benefits of Network Security
3.5 Network Security Tools and Techniques
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
The transmission of data from one point, A on the network to the other point, B is a great concern
and therefore, there is the need to deploy measure that can secure the transmission of data away
from unauthorized individuals. Hence, the need for network security.
2.0 Intended Learning Outcomes (ILOs)
At the end of this unit, students will able to
• Explain the concept of network
• Understand the importance of network security
• Identify and explain the network security tools and techniques.
24
CSC405 Net-Centric Computing
Data is the lifeblood of any business. It supports business growth, carries vital resources and helps
the organization stay healthy. And if data is blood, then the network is the beating heart that pumps
it through the business system. But modern cyber threats are like vampires, doing everything
possible to get at the blood that keeps any business going.
In order to defend against these vampiric threats and save your business from potentially millions
of dollars in data loss, you need more than just a stake and some cloves of garlic; you need
effective, robust network security and network visibility.
3.3 The Three Key Focuses of Network Security
There are three key focuses that should serve as a foundation of any network security strategy:
protection, detection and response.
3.3.1 Protection entails any tools or policies designed to prevent network security intrusion.
3.3.2 Detection refers to the resources that allow you to analyze network traffic and quickly identify
problems before they can do harm.
3.3.3 Response is the ability to react to identified network security threats and resolve them as
quickly as possible.
25
CIT421 Net-Centric Computing
Here are 14 different network security tools and techniques designed to help you do just that:
1. Access control
If threat actors cannot access your network, the amount of damage they will be able to do
will be extremely limited. But in addition to preventing unauthorized access, be aware that
even authorized users can also be potential threats. Access control allows you to increase
your network security by limiting user access and resources to only the parts of the
network that directly apply to individual users’ responsibilities.
2. Anti-malware software
Malware, in the form of viruses, trojans, worms, keyloggers, spyware, etc. are designed to
spread through computer systems and infect networks. Anti-malware tools are a kind of
network security software designed to identify dangerous programs and prevent them from
spreading. Anti-malware and antivirus software may also be able to help resolve malware
infections, minimizing the damage to the network.
3. Anomaly detection
It can be difficult to identify anomalies in your network without a baseline understanding of
how that network should be operating. Network anomaly detection engines (ADE) allow
you to analyze your network, so that when breaches occur, you’ll be alerted to them
quickly enough to be able to respond.
4. Application security
For many attackers, applications are a defensive vulnerability that can be exploited.
Application security helps establish security parameters for any applications that may be
relevant to your network security.
5. Data loss prevention (DLP)
Often, the weakest link in network security is the human element. DLP technologies and
policies help protect staff and other users from misusing and possibly compromising
sensitive data or allowing said data out of the network.
6. Email security
As with DLP, email security is focused on shoring up human-related security weaknesses.
Via phishing strategies (which are often very complex and convincing), attackers persuade
email recipients to share sensitive information via desktop or mobile device, or
inadvertently download malware into the targeted network. Email security helps identify
dangerous emails and can also be used to block attacks and prevent the sharing of vital
data.
7. Endpoint security
The business world is becoming increasingly bring your own device (BYOD), to the point
where the distinction between personal and business computer devices is almost
nonexistent. Unfortunately, sometimes the personal devices become targets when users
rely on them to access business networks. Endpoint security adds a layer of defense
between remote devices and business networks.
8. Firewalls
Firewalls function much like gates that can be used to secure the borders between your
network and the internet. Firewalls are used to manage network traffic, allowing authorized
traffic through while blocking access to non-authorized traffic.
9. Intrusion prevention systems
26
CSC405 Net-Centric Computing
Intrusion prevention systems (also called intrusion detection) constantly scan and analyze
network traffic/packets, so that different types of attacks can be identified and responded to
quickly. These systems often keep a database of known attack methods, so as to be able
to recognize threats immediately.
10. Network segmentation
There are many kinds of network traffic, each associated with different security risks.
Network segmentation allows you to grant the right access to the right traffic, while
restricting traffic from suspicious sources.
11. Security information and event management (SIEM)
Sometimes simply pulling together the right information from so many different tools and
resources can be prohibitively difficult — particularly when time is an issue. SIEM tools and
software give responders the data they need to act quickly.
12. Virtual private network (VPN)
VPN tools are used to authenticate communication between secure networks and an
endpoint device. Remote-access VPNs generally use IPsec or Secure Sockets Layer
(SSL) for authentication, creating an encrypted line to block other parties from
eavesdropping.
13. Web security
Including tools, hardware, policies and more, web security is a blanket term to describe the
network security measures businesses take to ensure safe web use when connected to an
internal network. This helps prevent web-based threats from using browsers as access
points to get into the network.
14. Wireless security
Generally speaking, wireless networks are less secure than traditional networks. Thus,
strict wireless security measures are necessary to ensure that threat actors aren’t gaining
access.
Discussion
What tools can be used to secure the network? Discuss
4.0 Self-Assessment/Exercise
5.0 Conclusion
Network security tools and devices exist to help your organization protect not only its sensitive
information, but also its overall performance, reputation and even its ability to stay in business.
6.0 Summary
Protection entails any tools or policies designed to prevent network security intrusion.
27
CIT421 Net-Centric Computing
Detection refers to the resources that allow you to analyze network traffic and quickly identify
problems before they can do harm.
Response is the ability to react to identified network security threats and resolve them as quickly as
possible.
28
CSC405 Net-Centric Computing
UNIT 4 Client-Server Computing
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Fundamentals of Client Server Computing
3.1 Client Server Computing
3.2 Characteristics of Client Server Computing
3.3 Difference Between Client Server and Peer-to-Peer Computing
3.4 Advantages of Client Server Computing
3.5 Disadvantages of Client Server Computing
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
There are two configurations of networks: Client-Server and Peer-to-Peer networks. In client
server, the client requests resources while the server serves same. In Peer-to-peer configuration,
each node is free to communicate with others or not. The nodes under this configuration are not
over-seen by any node or the other, they relate in a workgroup
2.0 Intended Learning Outcomes (ILOs)
At the end of this unit, students will able to
• Explain the concept of Client Server category of networks.
• Describe a client
Identify the differences between the Client-Server and the Peer-to-peer configuration of
•
networks
3.0 Main Content
29
CIT421 Net-Centric Computing
30
CSC405 Net-Centric Computing
• The server need not be located physically close to the clients. Yet the data can be
accessed efficiently.
• It is easy to replace, upgrade or relocate the nodes in the client server model because all
the nodes are independent and request data only from the server.
• All the nodes i.e clients and server may not be build on similar platforms yet they can
easily facilitate the transfer of data.
3.5 Disadvantages of Client Server Computing
The different disadvantages of client server computing are −
• If all the clients simultaneously request data from the server, it may get overloaded.
This may lead to congestion in the network.
• If the server fails for any reason, then none of the requests of the clients can be fulfilled.
This leads of failure of the client server network.
• The cost of setting and maintaining a client server model are quite high.
Discussion
What makes the Client Server configuration peculiar from the Peer-to-peer ? Discuss
4.0 Self-Assessment/Exercise
1. Discuss the advantages of client Server computing
2. Identify the characteristics of client server computing?
5.0 Conclusion
Client server and peer-to-peer computing are unique one from the other and so, have their
advantages and disadvantages. The choice of either is dependent on the intention of creating your
network.
6.0 Summary
In client server computing the server is the one that communicates with the other nodes. In
peer to peer to computing, all the nodes are equal and share data with each other directly.
A server can only accommodate a limited number of client requests at a time.
So it uses a system based to priority to respond to the requests.
Andrew S., T., & David J., W. (2011). COMPUTER NETWORKS (M. Horton, H. Michael, D.
Tracy, & H. Melinda (eds.); fifth). Pearson Education.
Joseph, M. K. (2007). Computer Network Security and Cyber Ethics (review). In portal: Libraries
and the Academy (fourth, Vol. 7, Issue 2). McFarland & Company, Inc.
https://doi.org/10.1353/pla.2007.0017
Pande, J. (2017). Introduction to Cyber Security ( FCS ). http://uou.ac.in
31
CIT421 Net-Centric Computing
Stewart, J. M., Tittel, E., & Chapple, M. (2011). CISSP: Certified Information Systems Security
Professional Study Guide. Wiley.
32
CSC405 Net-Centric Computing
UNIT 5 Building Web Applications
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Fundamentals Building a Web Applications
3.1 Building a Web Application
3.1.1 A Web app
3.2 Prerequisites for Building a Web Application
3.3 Steps to Building a Web Application
3.3.1 Source an Idea
3.3.2. Do Market Research
3.3.3 Define your Web App Functionality
3.3.4 Sketch Your Web Application
3.3.5 Plan Your Web App Workflow
3.3.6 Wire-framing/ Prototyping Your Web Application
3.3.7 Seek Early Validation
3.3.8 Before Starting the Development Stage
3.3.9 Architect and Build Your Database
3.3.9.1 A Database
3.3.9.2 Database Types
3.3.10 Build the Front End
3.3.10.1 A Front End
3.3.11 Build Your Back-End
3.3.12 Host Your Web Application
3.3.13 Deploy Your Web Application
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
33
CIT421 Net-Centric Computing
A Web app
An interactive computer program, built with web technologies (HTML, CSS, JS), which stores
(Database, Files) and manipulates data (CRUD), and is used by a team or single user to perform
tasks over the internet. The HTML and the CSS serves as the front-end to receive data from the
user while the database, programming like Javascript and PHP serves as the back-end.
34
CSC405 Net-Centric Computing
• What apps do I enjoy using?
• What do I like about these apps?
• How much time/money will this app save or generate for me (as a user)? How much
will it improve my life
35
CIT421 Net-Centric Computing
3.3.3 Step 3 - Define your web apps functionality
You have got your idea, you have validated the market, it is now time to list everything you want
your app to do.
A common mistake here is to get carried away. The more functionality you add, the longer it will
take to build your web app. Quite often, the longer a web app takes to build, the more frustration
you will experience.
Only define functionality which solves your target markets problems. Remember, your web app is a
work in progress and the first goal is version 1. It will still have cool features and delight your users,
but you must keep things simple.
For direction, I have included a list of basic functions required for a simple CRM app.
• Users can create an account
• Users can retrieve lost passwords
• Users can change their passwords
• Users can create new contacts
• Users can upload new contacts
• Users can assign a value to contacts
• Users can write notes under contacts
• Users can label a contact as a lead, customer, or associate
• Users can filter contacts by lead, customer, or associate
• Users can view the total value of leads, customers and associates
The above list will help you define your features. Once you’re done, roll up your sleeves. It’s time
to get creative! Moving from the Ideation stage, to design stage.
• Branding
• Forms
• Buttons
• Any other interactive elements
Sketch different versions of your web app. Consider how your web app’s functionality will affect the
overall design. Annotate your sketch and outline how your app should work. Taking notes will help
you clarify and understand why you have designed certain elements at a later stage.
Overcomplicating the design at this stage will only lead to frustration.
36
CSC405 Net-Centric Computing
37
CIT421 Net-Centric Computing
3.3.7 Step 7 – Seek early validation
You have now got a beautiful wireframe/prototype which visually describes your web app.
It is time to show your beautiful wireframe to the world. At this stage we want constructive
feedback.
Simply asking your friends would they use your new web app is not enough. You should start with
a small number of representative users. Go to your target market’s forums, watering holes, their
places of work and verify the problem with them, and present your solution. Try to build a rapport
with these representatives as they could become your customers.
I like to use this stage to test my sales pitch - the ultimate tokens of validation are pre-launch sales.
Takes notes and document all feedback. The learning from these meetings will help direct the
development of your MEP (Minimal Excellent Product).
Ok, now you have got great feedback and product validation. It is time to start building your web
app.
3.3.8 Before Starting the development stage.
Before we make our web app, I would like to share the following tips:
1. Attempt to get a small section of your app fully working. What we would call a “Complete
Vertical”. o Building the smallest possible section will allow you to piece all the bits
together, and iron out those creases early.
o You will get great satisfaction early by having something working - great
motivation. o Create things that you know you will throw away later - if it gets you
something working now.
2. At the start - expect things to change a lot as you learn and discover what you have not
thought about.
o Have faith that your app will stabilise. o Do not be afraid to make big
changes.
3. Spend time learning your tools.
o You may feel like you are wasting your time, reading, or experimenting with
“hello world”. Learning the correct way to do things will have a huge positive,
cumulative effect on your productivity over time. o Where possible, “Go with the grain”
of your tools. Realise that as soon as you step out of the normal flow / usage of your
toolset, you are on your own and could be in a deep time sink. There are always
exceptions to this of course!
4. Do not avoid issues that need to be fixed.
o Face your issues head on - they will never go away and will only grow in stature.
o However, If things are still likely to change - its best to spend as little time as
possible on things… It’s a tricky balance!
38
CSC405 Net-Centric Computing
3.3.10.1 A Database
A database is simply a collection of data! Data can be stored to disk, or in memory on a server, or
both. You could create a folder on your hard drive, store a few documents, and call it a database.
A Database Management System (DBMS) is a system that provides you with consistent APIs to
(most commonly):
• Create databases, update and delete databases
39
CIT421 Net-Centric Computing
Physical separation
Every one of your clients has a separate database (although could share a database server with
others). This makes it much more difficult to make a mistake that leads to data leakage.
Pros:
• Most secure
• More scalable Cons:
• Managing, maintaining and upgrading is more complex
• Query all your clients’ data together is more difficult
For example, listing all Invoices in a database will only return Invoices for one of your clients.
In order to get another Client’s invoices, you need to connect to another database.
Since each of your client’s data is in its own database, you can easily spread them all across many
database servers, without the need for “sharding”. Your app will be much easier to scale this way.
The code you will need to write:
• When creating a new client, you need to create a new database and populate with any
seed data.
• You need to keep a record somewhere of all your clients, and how to connect to each
client’s database.
• If you need to upgrade your database (e.g. add a new table), you need to code to upgrade
each separately.
• If you need to query all your client’s data into one, you need to pull the data out of each
and aggregate it.
Logical separation
All of your clients are stored in one giant database.
Every time you need to get data for a single client, you must remember to include a filter for the
client. E.g. ‘select’ from customers where customerClientId = 1234” Pros:
• Easier to get started
40
CSC405 Net-Centric Computing
From the start, you should create a login with “Just Enough” access. If your app only reads and
writes data, then it should authenticate to your database using a login with only data reading and
writing access.
41
CIT421 Net-Centric Computing
paste the files in when you deploy, but you will want to set up some sort of script to
do this.
There is always a significant time required to set up your dev environment for a SPA. There are
plenty of boilerplate templates out there for your frameworks of choice. However, I have never
written an app that has not eventually needed some custom code on top of the boilerplate.
Still, I always choose a SPA.
• The end product for a web app is a much more usable application.
• When you are up and running with your dev environment, I find SPAs much more
productive to work with - which is more likely to do with the capabilities of modern
javascript frameworks than anything else.
• Writing a SPA is really the only way to make a Progressive Web Application. You should
now have a better idea of how to setup your frontend and define the look and feel of your
web app. In most cases I build the fontend and backend together.
• Try Budibase
42
CSC405 Net-Centric Computing
• Server Pages / SPA should inform your decision of framework choices within your chosen
language. For example, a SPA will only require an API only framework. Server pages need
their own framework.
o Django o Express o Flask
Login/User & Session Management
• How will users authenticate?
o Username and password?
o Open ID (i.e. sign in as Google, FB, etc)
• Be sure to read up on security best practices. I highly recommend: OWASP What user
levels will you create in the system?
Environments. You will usually need to create multiple environments. For example:
• Testing - for all the latest development features.
• Beta - to give early releases to clients.
• Production - Your live system.
43
CIT421 Net-Centric Computing
How does your application get from Source Control / Your computer to your cloud hosting
provider?
The following development tools provide continuous integration and will help you with deploying
your web app to your cloud hosting:
1. GitLab
2. Bitbucket
3. Jenkins
There are many of course.
To start with, you can just deploy directly from your machine of course.
And that’s it. You have made a web application. Well done. You should take some time to celebrate
this achievement. You’re the proud owner of a new web app.
Discussion
How can cybercrime be mitigated? Discuss
4.0 Self-Assessment/Exercise
1. Mention and explain the Database types.
6.0 Summary
The backend is typically what manages your data. This refers to databases, servers, and
everything the user can’t see within a web application.
Building your backend is one of the toughest parts of web app development. If you feel
overwhelmed, a tool like Budibase can take away many of the complexities - including the follow
tasks.
44
CSC405 Net-Centric Computing
7.0 References/Further Reading
The web framework for perfectionists with deadlines | Django (djangoproject.com) Studio |
InVision (invisionapp.com)
Introduction of Module
In network security, threat prevention refers to policies and tools that protect your corporate
network.
In the past, threat prevention primarily focused on the perimeter. With an increasing array of threats
such as malware and ransomware arriving via email spam and phishing attacks, advanced threat
prevention requires an integrated, multilayered approach to security. This may include tools for
intrusion threat detection and prevention, advanced malware protection, and additional endpoint
security threat prevention. This module will consist of four units are follows
Unit 1: Firewalls
Unit 2: Virtual Private Networks (VPN)
Unit 3: Security Control Management
Unit 4: Hardware and Software Prevention
45
CIT421 Net-Centric Computing
UNIT 1 – Introduction to Parallel Systems
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 What is firewall?
3.1.1 Characteristics of Firewall
3.1.2 Needs for Firewall
3.1.3 Limitation of Firewalls
3.2 Type of Firewalls
3.3 How firewall work
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
A firewall forms a barrier through which the traffic going in each direction must pass. A firewall
security policy dictates which traffic is authorized to pass in each direction. Firewall may be
designed to operate as a filter at the level of IP packets, or may operate at a higher protocol layer.
46
CSC405 Net-Centric Computing
2.0 Intended Learning Outcomes (ILOs)
At the end of this unit, students will able to
• Demonstrate the concept of firewall
• Explore the importance of firewalls
3.0 Main Content
Discussion
What is the difference of firewalls at Application security and internet security?
4.0 Self-Assessment/Exercises
1. What is Personal Firewall
Answer
A personal firewall controls the traffic between a personal computer or workstation on one side and
the Internet or enterprise network on the other side. Personal firewall functionality can be used in
the home environment and on corporate intranets. Typically, the personal firewall is a software
module on the personal computer. In a home environment with multiple computers connected to
the Internet, firewall functionality can also be housed in a router that connects all of the home
computers to a DSL, cable modem, or other Internet interface.
A host-based firewall is a software module used to secure an individual host. Such modules are
available in many operating systems or can be provided as an add-on package. Like conventional
stand-alone firewalls, host-resident firewalls filter and restrict the flow of packets.
A common location for such firewalls is a server.
There are several benefits to the use of a server-based or workstationbased firewall:
• Filtering rules can be tailored to the host environment. Specific corporate security
policies for servers can be implemented, with different filters for servers used for different
application.
• Protection is provided independent of topology. Thus both internal and external attacks
must pass through the firewall.
• Used in conjunction with stand-alone firewalls, the host-based firewall provides an
additional layer of protection.
A new type of server can be added to the network, with its own firewall, without the necessity of
altering the network firewall configuration.
5.0 Conclusion
Internet connectivity is no longer optional for organizations. The information and services available
are essential to the organization. Moreover, individual users within the organization want and need
Internet access, and if this is not provided via their LAN, they will use dial-up capability from their
PC to an Internet service provider (ISP). However, while Internet access provides benefits to the
organization, it enables the outside world to reach and interact with local network assets. This
creates a threat to the organization.
47
CIT421 Net-Centric Computing
6.0 Summary
Firewalls can be an effective means of protecting a local system or network of systems from
network-based security threats while at the same time affording access to the outside world via
wide area networks and the Internet.
Joseph, M. K. (2007). Computer Network Security and Cyber Ethics (review). In portal: Libraries
and the Academy (fourth, Vol. 7, Issue 2). McFarland & Company, Inc.
https://doi.org/10.1353/pla.2007.0017
Pande, J. (2017). Introduction to Cyber Security ( FCS ). http://uou.ac.in
Stewart, J. M., Tittel, E., & Chapple, M. (2011). CISSP: Certified Information Systems Security
Professional Study Guide. Wiley.
48
CSC405 Net-Centric Computing
UNIT 2 Parallel Programming Models
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Parallel Programming Models
3.2 MPI
3.3 OpenMP
3.4 MapReduce
3.5 OpenCL
3.6 CUDA
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
A parallel programming model is a set of program abstractions for fitting parallel activities from the
application to the underlying parallel hardware. It spans over different layers: applications,
programming languages, compilers, libraries, network communication, and I/O systems.
49
CIT421 Net-Centric Computing
2.0 Intended Learning Outcomes (ILOs)
Data-parallel programming model is also among the most important ones as it was revived again
with increasing popularity of MapReduce and GPGPU (General-Purpose computing on Graphics
Processing Units).
a. In the shared-memory programming model, tasks share a common address space, which
they read and write in an asynchronous manner. The communication between tasks is
implicit. If more than one task accesses the same variable, the semaphores or locks can
be used for synchronization. By keeping data local to the processor and making private
copies, expensive memory accesses are avoided, but some mechanism of coherence
maintenance is needed when multiple processors share the same data with the possibility
of writing.
b. In the message-passing programming model, tasks have private memories, and they
communicate explicitly via message exchange. To exchange a message, each sends
operation needs to have a corresponding receive operation. Tasks are not constrained to
exist on the same physical machine.
A suitable combination of two previous models is sometimes appropriate. Processors can directly
access memory on another processor. This is achieved via message passing, but what the
programmer actually sees is shared-memory model.
Mainstream parallel programming environments are based on augmenting traditional sequential
programming languages with low-level parallel constructs (library function calls and/or compiler
directives).
3.2 MPI
The MPI is a library of routines with the bindings in Fortran, C, and C++ and it is an example of an
explicitly parallel API that implements the message-passing model via library function calls. The set
of processes with separate address spaces coordinate the computation by explicitly sending and
receiving messages. Each process has a separate address space, its own program counter, and
its own call stack.
50
CSC405 Net-Centric Computing
However, high-level constructs such as synchronization, communication, and mapping data to
processes are left to a programmer to implement. MPI supports point-to-point communication
between any two processes. It also enables the collective communication operations where a
group of processes perform global/collective operations, such as gather, scatter, reduce, and scan.
3.3 OpenMP
On the other side, OpenMP is an example of mainly implicit parallel API intended for
sharedmemory multiprocessors. It exploits parallelism through compiler directives and the library
function calls. Unlike MPI, where all threads are spawned at the beginning of the execution and are
active until the program terminates, in OpenMP, a single master thread starts execution, and
additional threads are active only during the execution of a parallel region. To reduce the
overheads, these threads are spawned when the program enters a parallel region for the first time,
and they are blocked while the program is executing a nonparallel region.
Sections work-sharing construct breaks work into multiple distinct sections, such that each section
is entirely executed by a single thread. It is an example of task parallelism paradigm.
Its general form is presented in Table 5.4.
For work-sharing construct splits iterations of a loop among different threads, such that each
iteration is entirely executed by a single thread. It is an example of data-parallelism paradigm.
Its general form is shown in Table 5.5.
#pragma omp parallel for for(i=0; i<n; i++) a[i] = b[i] + c[i];
51
CIT421 Net-Centric Computing
Cilk is a language extension for C programming language with parallel constructs, resembling to
OpenMP. Both OpenMP and Cilk can automatically choose parallelism to achieve good
performance. Cilk++ brings the same for C++ language.
Nesting OpenMP is unfortunately not fully composable, which can be a serious limitation when
compared with the other abstract parallel programming models. Nesting of OpenMP can create
explosive numbers of threads in recursive situations, which rapidly exhaust system resources,
especially stack space, and require that the program be shut down. To prevent this, the maximum
number of levels of parallel nesting that will activated when using OpenMP is set to one by default.
While this is somewhat limiting (nested parallelism as supported by TBB and Cilk Plus is incredibly
useful), it avoids a generally intolerable condition. With the continued popularity of OpenMP being
so strong, we can expect additional proposals to refine OpenMP into a better ability to exploit
nested parallelism opportunities when they exist. Without such solutions, programs are best to
avoid relying on nesting of parallelism in order to get performance if using OpenMP.
3.4 MapReduce
One of the most widely used parallel programming models today is MapReduce. MapReduce is
easy both to learn and use, and is especially useful in analyzing large datasets. While it is not
suitable for several classes of scientific computing operations that are better served by message-
passing interface or OpenMP, such as numerical linear algebra or finite element and finite
difference computations, MapReduce's utility in workflows frequently called “big data” has made it a
mainstay in high performance computing. MapReduce programming model and the Hadoop open-
source framework supports it.
3.5 OpenCL
OpenCL has some advantages over other parallel programming models. First of all, it is the only
one of the “open” standards for which there actually are implementations by all major vendors—
unlike for OpenMP or OpenACC. The level of vendor support, however, is a different story.
OpenCL is a library that can be used with any C/C++ compiler, which makes it independent of
additional tools. The kernels are written separately in a C-like language and compiled at runtime for
the present hardware. The kernel compiler comes with the OpenCL implementation provided by
the hardware vendor. A kernel written in OpenCL will run everywhere, including conventional
CPUs, Intel Xeon Phi coprocessors, GPGPUs, some FPGAs, and even mobile devices.
OpenCL programs are divided into host and kernel code. Only the latter is executed on the
compute device. In the host program, kernels and memory movements are queued into command
queues associated with a device. The kernel language provides features like vector types and
additional memory qualifiers. A computation must be mapped to work-groups of work-items that
can be executed in parallel on the compute units (CUs) and processing elements (PEs) of a
compute device. A work-item is a single instance of a kernel function. For each kernel-call, an
NDRange (n-dimensional range) specifies the dimension, number, and shape of the work-groups.
Global synchronization during the execution of a kernel is unavailable. Work-items inside a work-
group can be synchronized. OpenCL provides a complex memory model with a relaxed
consistency.
52
CSC405 Net-Centric Computing
Discussion
Explain the peculiarities of the CUDA programming model.
4.0 Self-Assessment/Exercises
Mention and explain two widely known parallel programming models:
Answer
a. shared memory and
b. message passing
a. In the shared-memory programming model, tasks share a common address space, which they
read and write in an asynchronous manner. The communication between tasks is implicit. If more
than one task accesses the same variable, the semaphores or locks can be used for
synchronization. By keeping data local to the processor and making private copies, expensive
memory accesses are avoided, but some mechanism of coherence maintenance is needed when
multiple processors share the same data with the possibility of writing.
b. In the message-passing programming model, tasks have private memories, and they
communicate explicitly via message exchange. To exchange a message, each sends operation
needs to have a corresponding receive operation. Tasks are not constrained to exist on the same
physical machine.
53
CIT421 Net-Centric Computing
5.0 Conclusion
A suitable combination of two previous parallel programming models is sometimes appropriate.
Processors can directly access memory on another processor. This is achieved via message
passing, but what the programmer actually sees is shared-memory model
6.0 Summary
A parallel programming model is a set of program abstractions for fitting parallel activities from the
application to the underlying parallel hardware. It spans over different layers: applications,
programming languages, compilers, libraries, network communication, and I/O systems. Two
widely known parallel programming models are:
a. shared memory and
b. message passing
54
CSC405 Net-Centric Computing
UNIT 3 Message Passing Programming
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Message-Passing Programming
3.2 Messages
3.3 Message-Passing Programming Model
3.4 Single-Program-Multiple-Data (SPMD)
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
55
CIT421 Net-Centric Computing
1.0 Introduction
As long as you are carrying an access card or ID badge, it means that your office uses an access
system. How does it really work? It's difficult since most people have never seen an access
system. Most people believe it is just a card reader on the wall. Of course there is a little bit more to
it in reality. It’s not very difficult though, there are just a few parts behind the scenes that make the
magic of easily unlocking a door every time.
This unit will give you a full and comprehensive understanding how access control systems, how it
work, control list and AAA framework.
56
CSC405 Net-Centric Computing
can also take very different approaches. For the time being we are only interested in general
concepts rather than the details of particular implementations.
The message-passing paradigm is a development of this idea for the purposes of parallel
programming. Several instances of the sequential paradigm are considered together. That is, the
programmer imagines several processors, each with its own memory space, and writes a program
to run on each processor. So far, so good, but parallel programming by definition requires co-
operation between the processors to solve a task, which requires some means of communication.
The main point of the message-passing paradigm is that the processes communicate by sending
each other messages. Thus the message-passing model has no concept of a shared memory
space or of processors accessing each other's memory directly -- anything other than message-
passing is out with the scope of the paradigm. As far as the programs running on the individual
processors are concerned, the message passing operations are just subroutine calls.
Those with experience of using networks of workstations, client-server systems or even
objectoriented programs will recognise the message-passing paradigm as nothing novel.
57
CIT421 Net-Centric Computing
usually a problem to the programmer, who can incorporate all the different types of process he or
she requires into one overall executable. For example, here a controller process performs a
different task (e.g. reading, checking and distributing initial data) to a worker process:
main(int argc, char **argv)
if(process is to become a controller process)
Controller( /* Arguments */ );
else
Worker( /* Arguments */ ); or in
Fortran,
PROGRAM
IF (process is to become a controller process) THEN
CALL CONTROLLER( /* Arguments */ )
ELSE
CALL WORKER( /* Arguments */ )
ENDIF
END
Often, for related reasons of efficiency, some vendors do not allow time-sharing i.e. multiple
processes per processor (some authorities understand the term ``SPMD" to include this further
restriction). The programmer should bear in mind that in a SPMD environment in which multiple
processes per processor are not allowed, having special lightly-loaded one-off processes such as
"controllers" or name-servers may be inefficient because a whole processor will be taken up with
that process.
The message-passing paradigm has become increasingly popular in recent times. One reason for
this is the wide number of platforms which can support a message-passing model. Programs
written in a message-passing style can run on distributed or shared-memory multi-processors,
networks of workstations, or even uni-processor systems. The point of having the paradigm, just as
in the sequential case, is that the programmer knows that his or her algorithms should in principle
be portable to any architecture that supports a message-passing model. Messagepassing is
popular, not because it is particularly easy, but because it is so general.
58
CSC405 Net-Centric Computing
Discussion
Discuss Single Program multiple Data (SPMD).
4.0 Self-Assessment/Exercises
1. What actually is the interest of a Message-passing System?
Answer
The message passing system has no interest in the value of this data. It is only concerned with
moving it. In general the following information has to be provided to the message passing system
to specify the message transfer. Which processor is sending the message: o Where is the data on
the sending processor. o What kind of data is being sent. o How much data is there.
o Which processor(s) are receiving the message.
5.0 Conclusion
The message-passing paradigm is a development of this idea for the purposes of parallel
programming. Several instances of the sequential paradigm are considered together. That is, the
programmer imagines several processors, each with its own memory space, and writes a program
to run on each processor. So far, so good, but parallel programming by definition requires co-
operation between the processors to solve a task, which requires some means of communication
6.0 Summary
Message-passing paradigm involves a set of sequential programs, one for each processor. In
reality, it is rare for a parallel programmer to make full use of this generality and to write a different
executable for each processor. Indeed, for most problems this would be perverse -- usually a
problem can naturally be divided into sub-problems each of which is solved in broadly the same
way
59
CIT421 Net-Centric Computing
UNIT 4 Dependence Analysis
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Dependency Analysis
3.2 How Dependencies are Found
60
CSC405 Net-Centric Computing
1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This unit
will address measures on hardware and software based to prevent potential attack or damage of
organization data.
61
CIT421 Net-Centric Computing
Discussion
5.0 Conclusion
Computer systems face a number of security threats. One of the basic threats is data loss, which
means that parts of a database can no longer be retrieved. This could be the result of physical
damage to the storage medium (like fire or water damage), human error or hardware failures.
Another security threat is unauthorized access. Many computer systems contain sensitive
information, and it could be very harmful if it were to fall in the wrong hands. Imagine someone
getting a hold of your social security number, date of birth, address and bank information.
Getting unauthorized access to computer systems is known as cracking.
6.0 Summary
To undertake a typical dependency analysis, perform the following steps:
1. Identify the artefact with dependencies you want to analyze.
2. Trace through any relationships defined on that artefact and identify the targets of the
relationships. This impact analysis thus results in a list of "dependencies" that the selected
artefact depends on.
3. If these "dependencies" also depend on other artefacts, then the selected artefact will also
have an indirect dependency. The impact analysis must therefore act recursively looking
for relationships from any of the "dependencies".
62
CSC405 Net-Centric Computing
63
CIT421 Net-Centric Computing
UNIT 5 Open MP programming
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Introduction to Open Specification for Multi-Processing (OpenMP)
3.2 Brief History to OpenMP
3.3 A Thread
3.4 A Process
3.5 Differences between Threads and Processes
3.6 OpenMP Programming Model
3.6.1 Explicit Parallelism
3.6.2 Compiler Directive Based
3.6.3 Fork-Join Parallelism
3.6.4 Join
3.7 A Program
3.8 OpenMP/ Hello World
3.8.1 Steps to Create a Parallel Program
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
64
CSC405 Net-Centric Computing
1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This unit
will address measures on hardware and software based to prevent potential attack or damage of
organization data.
65
CIT421 Net-Centric Computing
66
CSC405 Net-Centric Computing
67
CIT421 Net-Centric Computing
3.8.1 Steps to Create a Parallel Program
1. Include the header file: We have to include the OpenMP header for our program along with the
standard header files.
//OpenMP header
#include <omp.h>
2. Specify the parallel region:
In OpenMP, we need to mention the region which we are going to make it as parallel using the
keyword pragma omp parallel. The pragma omp parallel is used to fork additional threads to carry
out the work enclosed in the parallel. The original thread will be denoted as the master thread with
thread ID 0. Code for creating a parallel region would be,
3. Set the number of threads: we can set the number of threads to execute the program using
the external variable.
export OMP_NUM_THREADS=5
68
CSC405 Net-Centric Computing
As per the above figure, once the compiler encounters the parallel regions code, the master thread
(thread which has thread id 0) will fork into the specified number of threads. Here it will get forked
into 5 threads because we will initialise the number of threads to be executed as 5, using the
command export OMP_NUM_THREADS=5. Entire code within the parallel region will be executed
by all threads concurrently.
Once the parallel region ended, all threads will get merged into the master thread.
./hello
Below is the complete program with the output of the above
approach:
Program: Since we specified the number of threads to be executed as 5, 5 threads will execute the
same print statement at the same point of time. Here we cannot assure the order of execution of
threads, i.e Order of statement execution in the parallel region would not be the same for all
executions. In the below picture, while executing the program for firsttime, thread-1 gets completed
first whereas, in the second run, thread-0 completed first. omp_get_thread_num() will return the
thread number associated with the thread.
69
CIT421 Net-Centric Computing
// OpenMP program to print Hello World
// using C language
// OpenMP header
#include <omp.h>
#include <stdio.h> #include
<stdlib.h>
int main(int argc, char* argv[])
{
// Beginning of parallel region
#pragma omp parallel
{ printf("Hello World... from thread = %d\n",
omp_get_thread_num());
}
// Ending of parallel region
}
Output:
When run for 1st time:
When run for multiple time: Order of execution of threads changes every time.
70
CSC405 Net-Centric Computing
Discussion
5.0 Conclusion
Computer systems face a number of security threats. One of the basic threats is data loss, which
means that parts of a database can no longer be retrieved. This could be the result of physical
damage to the storage medium (like fire or water damage), human error or hardware failures.
Another security threat is unauthorized access. Many computer systems contain sensitive
information, and it could be very harmful if it were to fall in the wrong hands. Imagine someone
getting a hold of your social security number, date of birth, address and bank information.
Getting unauthorized access to computer systems is known as cracking.
6.0 Summary
The objective of system security is the protection of information and property from theft, corruption
and other types of damage, while allowing the information and property to remain accessible and
productive. System security includes the development and implementation of security
countermeasures. There are a number of different approaches to computer system security,
including the use of a firewall, data encryption, passwords and biometrics.
71
CIT421 Net-Centric Computing
3. http://en.wikipedia.org/wiki/Process_(computing)
72
CSC405 Net-Centric Computing
UNIT 6 Evaluation of Programs
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Program Evaluation
3.2 Definition of Program Evaluation
3.2.1 Purposes for Program Evaluation
3.3 Barriers
3.3.1 Overcoming Barriers
3.4 Types of Evaluations
3.4.1 Current Evaluation
3.4.2 Formative Evaluation
3.4.3 Process Evaluation
3.4.4 Impact Evaluation
3.4.5 Outcome Evaluation
3.5 Performance or Program Monitoring
3.6 Evaluation Standards and Designs
3.7 Logic Models
3.8 Communicating Evaluation Findings
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
73
CIT421 Net-Centric Computing
1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This unit
will address measures on hardware and software based to prevent potential attack or damage of
organization data.
74
CSC405 Net-Centric Computing
3.3 Barriers
Program evaluations require funding, time and technical skills: requirements that are often
perceived as diverting limited program resources from clients. Program staff are often concerned
that evaluation activities will inhibit timely accessibility to services or compromise the safety of
clients. Evaluation can necessitate alliances between historically separate community groups (e.g.
academia, advocacy groups, service providers; Short, Hennessy, & Campbell, 1996). Mutual
misperceptions regarding the goals and process of evaluation can result in adverse attitudes (CDC,
1999; Chalk & King, 1998).
Various types of evaluation can be used to assess different aspects or stages of program
development. As terminology and definitions of evaluation types are not uniform, an effort has been
made to briefly introduce a number of types here.
3.4.1 Context Evaluation
Investigating how the program operates or will operate in a particular social, political, physical and
economic environment. This type of evaluation could include a community needs or organizational
assessment (http://www.wkkf.org/Publications/evalhdbk/default.htm).
Sample question: What are the environmental barriers to accessing program services?
75
CIT421 Net-Centric Computing
Evaluation should be incorporated during the initial stages of program development. An initial step
of the evaluation process is to describe the program in detail. This collaborative activity can create
a mutual understanding of the program, the evaluation process, and program and evaluation
terminology. Developing a program description also helps ensure that program activities and
objectives are clearly defined and that the objectives can be measured. In general, the evaluation
should be feasible, useful, culturally competent, ethical and accurate (CDC, 1999). Data should be
collected over time using multiple instruments that are valid, meaning they measure what they are
supposed to measure, and reliable, meaning they produce similar results consistently (Rossi &
Freeman, 1993). The use of qualitative as well as quantitative data can provide a more
comprehensive picture of the program. Evaluations of programs aimed at violence prevention
should also be particularly sensitive to issues of safety and confidentiality. Experimental designs
are defined by the random assignment of individuals to a group participating in the program or to a
control group not receiving the program. These ideal experimental conditions are not always
practical or ethical in "real world" constraints of program delivery. A possible solution to blending
the need for a comparison group with feasibility is the quasi-experimental design in which an
equivalent group (i.e. individuals receiving standard services) is compared to the group
participating in the target program. However, the use of this design may introduce difficulties in
attributing the causation of effects to the target program. While non-experimental designs may be
easiest to implement in a program setting and provide a large quantity of data, drawing conclusions
of program effects are difficult.
76
CSC405 Net-Centric Computing
3.7 Logic Models
Logic models are flowcharts that depict program components. These models can include any
number of program elements, showing the development of a program from theory to activities and
outcomes. Infrastructure, inputs, processes, and outputs are often included. The process of
developing logic models can serve to clarify program elements and expectations for the
stakeholders. By depicting the sequence and logic of inputs, processes and outputs, logic models
can help ensure that the necessary data are collected to make credible statements of causality
(CDC, 1999).
Preparation, effective communication and timeliness in order to ensure the utility of evaluation
findings. Questions that should be answered at the evaluation's inception include: what will be
communicated? to whom? by whom? and how? The target audience must be identified and the
report written to address their needs including the use of non-technical language and a userfriendly
format (National Committee for Injury Prevention and Control, 1989). Policy makers, current and
potential funders, the media, current and potential clients, and members of the community at large
should be considered as possible audiences. Evaluation reports describe the process as well as
findings based on the data
Discussion
5.0 Conclusion
Computer systems face a number of security threats. One of the basic threats is data loss, which
means that parts of a database can no longer be retrieved. This could be the result of physical
damage to the storage medium (like fire or water damage), human error or hardware failures.
Another security threat is unauthorized access. Many computer systems contain sensitive
information, and it could be very harmful if it were to fall in the wrong hands. Imagine someone
getting a hold of your social security number, date of birth, address and bank information.
Getting unauthorized access to computer systems is known as cracking.
6.0 Summary
The objective of system security is the protection of information and property from theft, corruption
and other types of damage, while allowing the information and property to remain accessible and
productive. System security includes the development and implementation of security
countermeasures. There are a number of different approaches to computer system security,
including the use of a firewall, data encryption, passwords and biometrics.
77
CIT421 Net-Centric Computing
7.0 References/Further Reading
References
Burt, M. R., Harrell, A. V., Newmark, L. C., Aron, L. Y., & Jacobs, L. K. (1997). Evaluation
guidebook: Projects funded by S.T.O.P. formula grants under the Violence Against Women Act .
The Urban Institute. http://www.urban.org/crime/evalguide.html
Centers for Disease Control and Prevention. (1992). Handbook for evaluating HIV education.
Division of Adolescent and School Health, Atlanta.
CDC. Framework for program evaluation in public health. MMWR Recommendations and Reports
1999;48(RR11):1-40.
Chalk, R., & King, P. A. (Eds.). (1998). Violence in Families: Assessing prevention and treatment
programs. Washington DC: National Academy Press.
Coyle, S. L., Boruch, R. F., & Turner, C. F. (Eds.). (1991). Evaluating AIDS prevention programs:
Expanded edition. Washington DC: National Academy Press.
Green, L.W., & Kreuter, M. W. (1991). Health promotion planning: An educational and
environmental approach (2nd ed.). Mountain View, CA: Mayfield Publishing Company.
National Committee for Injury Prevention and Control. (1989). Injury prevention: Meeting the
challenge. American Journal of Preventive Medicine, 5(Suppl. 3).
Rossi, P. H., & Freeman, H. E. (1993). Evaluation: A systematic approach (5th ed.). Newbury Park,
CA: Sage Publications, Inc.
Short, L., Hennessy, M., & Campbell, J. (1996). Tracking the work. In Family violence: Building a
coordinated community response: A guide for communities.
(http://www.wkkf.org/Publications/evalhdbk/default.htm).
78
CSC405 Net-Centric Computing
UNIT 7 Optimization for Scalar Architectures
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Hardware Protection Mechanism
3.1.1 CPU Protection
3.1.2 Memory Protection
3.1.3 I/O Protection
3.2 Software and OS security
3.2.1 Authentication
3.2.2 One Time Password
3.2.3 Program Threat
3.2.4 System Threat
3.3 Case/Example
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
79
CIT421 Net-Centric Computing
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This unit
will address measures on hardware and software based to prevent potential attack or damage of
organization data.
80
CSC405 Net-Centric Computing
3.3 Barriers
Program evaluations require funding, time and technical skills: requirements that are often
perceived as diverting limited program resources from clients. Program staff are often concerned
that evaluation activities will inhibit timely accessibility to services or compromise the safety of
clients. Evaluation can necessitate alliances between historically separate community groups (e.g.
academia, advocacy groups, service providers; Short, Hennessy, & Campbell, 1996). Mutual
misperceptions regarding the goals and process of evaluation can result in adverse attitudes (CDC,
1999; Chalk & King, 1998).
Various types of evaluation can be used to assess different aspects or stages of program
development. As terminology and definitions of evaluation types are not uniform, an effort has been
made to briefly introduce a number of types here.
3.4.1 Context Evaluation
Investigating how the program operates or will operate in a particular social, political, physical and
economic environment. This type of evaluation could include a community needs or organizational
assessment (http://www.wkkf.org/Publications/evalhdbk/default.htm).
Sample question: What are the environmental barriers to accessing program services?
81
CIT421 Net-Centric Computing
3.4.3 Process Evaluation
Examining the implementation and operation of program components. Sample question: Was the
program administered as planned?
Evaluation should be incorporated during the initial stages of program development. An initial step
of the evaluation process is to describe the program in detail. This collaborative activity can create
a mutual understanding of the program, the evaluation process, and program and evaluation
terminology. Developing a program description also helps ensure that program activities and
objectives are clearly defined and that the objectives can be measured. In general, the evaluation
should be feasible, useful, culturally competent, ethical and accurate (CDC, 1999). Data should be
collected over time using multiple instruments that are valid, meaning they measure what they are
supposed to measure, and reliable, meaning they produce similar results consistently (Rossi &
Freeman, 1993). The use of qualitative as well as quantitative data can provide a more
comprehensive picture of the program. Evaluations of programs aimed at violence prevention
should also be particularly sensitive to issues of safety and confidentiality. Experimental designs
are defined by the random assignment of individuals to a group participating in the program or to a
control group not receiving the program. These ideal experimental conditions are not always
practical or ethical in "real world" constraints of program delivery. A possible solution to blending
the need for a comparison group with feasibility is the quasi-experimental design in which an
equivalent group (i.e. individuals receiving standard services) is compared to the group
participating in the target program. However, the use of this design may introduce difficulties in
attributing the causation of effects to the target program. While non-experimental designs may be
easiest to implement in a program setting and provide a large quantity of data, drawing conclusions
of program effects are difficult.
Logic models are flowcharts that depict program components. These models can include any
number of program elements, showing the development of a program from theory to activities and
outcomes. Infrastructure, inputs, processes, and outputs are often included. The process of
developing logic models can serve to clarify program elements and expectations for the
stakeholders. By depicting the sequence and logic of inputs, processes and outputs, logic models
82
CSC405 Net-Centric Computing
can help ensure that the necessary data are collected to make credible statements of causality
(CDC, 1999).
Preparation, effective communication and timeliness in order to ensure the utility of evaluation
findings. Questions that should be answered at the evaluation's inception include: what will be
communicated? to whom? by whom? and how? The target audience must be identified and the
report written to address their needs including the use of non-technical language and a userfriendly
format (National Committee for Injury Prevention and Control, 1989). Policy makers, current and
potential funders, the media, current and potential clients, and members of the community at large
should be considered as possible audiences. Evaluation reports describe the process as well as
findings based on the data
Discussion
5.0 Conclusion
Computer systems face a number of security threats. One of the basic threats is data loss, which
means that parts of a database can no longer be retrieved. This could be the result of physical
damage to the storage medium (like fire or water damage), human error or hardware failures.
Another security threat is unauthorized access. Many computer systems contain sensitive
information, and it could be very harmful if it were to fall in the wrong hands. Imagine someone
getting a hold of your social security number, date of birth, address and bank information.
Getting unauthorized access to computer systems is known as cracking.
6.0 Summary
The objective of system security is the protection of information and property from theft, corruption
and other types of damage, while allowing the information and property to remain accessible and
productive. System security includes the development and implementation of security
countermeasures. There are a number of different approaches to computer system security,
including the use of a firewall, data encryption, passwords and biometrics.
References
Burt, M. R., Harrell, A. V., Newmark, L. C., Aron, L. Y., & Jacobs, L. K. (1997). Evaluation
guidebook: Projects funded by S.T.O.P. formula grants under the Violence Against Women Act .
The Urban Institute. http://www.urban.org/crime/evalguide.html
83
CIT421 Net-Centric Computing
Centers for Disease Control and Prevention. (1992). Handbook for evaluating HIV education.
Division of Adolescent and School Health, Atlanta.
CDC. Framework for program evaluation in public health. MMWR Recommendations and Reports
1999;48(RR11):1-40.
Chalk, R., & King, P. A. (Eds.). (1998). Violence in Families: Assessing prevention and treatment
programs. Washington DC: National Academy Press.
Coyle, S. L., Boruch, R. F., & Turner, C. F. (Eds.). (1991). Evaluating AIDS prevention programs:
Expanded edition. Washington DC: National Academy Press.
Green, L.W., & Kreuter, M. W. (1991). Health promotion planning: An educational and
environmental approach (2nd ed.). Mountain View, CA: Mayfield Publishing Company.
National Committee for Injury Prevention and Control. (1989). Injury prevention: Meeting the
challenge. American Journal of Preventive Medicine, 5(Suppl. 3).
Rossi, P. H., & Freeman, H. E. (1993). Evaluation: A systematic approach (5th ed.). Newbury Park,
CA: Sage Publications, Inc.
Short, L., Hennessy, M., & Campbell, J. (1996). Tracking the work. In Family violence: Building a
coordinated community response: A guide for communities.
(http://www.wkkf.org/Publications/evalhdbk/default.htm).
84
CSC405 Net-Centric Computing
UNIT 8 Models for Parallel Computing
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Models for Parallel Computing
3.1.2 Shared Memory Model
3.1.3 Thread Model
3.1.4 Message Passing Model
3.1.5 Data Parallel Model
3.16 Hybrid Model
3.1.7 Single Program Multiple Data (SPMD)
3.18 Multiple Program Multiple Data (MPMD)
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
85
CIT421 Net-Centric Computing
1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This unit
will address measures on hardware and software based to prevent potential attack or damage of
organization data.
86
CSC405 Net-Centric Computing
completed. Threads are commonly associated with shared memory architectures and operating
systems.
3.1.4 Message Passing Model
In the message-passing model, there exists a set of tasks that use their own local memories
during computation. Multiple tasks can reside on the same physical machine as well across an
arbitrary number of machines. Tasks exchange data by sending and receiving messages. In this
model, data transfer usually requires cooperation among the operations that are performed by
each process. For example, a send operation must have a matching receive operation.
3.1.5 Data Parallel Model
In the data parallel model, most of the parallel work focuses on performing operations on a data
set. The data set is typically organised into a common structure, such as an array or a cube. A set
of tasks work collectively on the same data structure with each task working on a different
portion of the same data structure. Tasks perform the same operation on their partition of work, for
example, “add 3 to every array element” can be one task. In shared memory architectures, all
tasks may have access to the data structure through the global memory. In the distributed
memory architectures, the data structure is split up and data resides as “chunks” in the local
memory of each task.
87
CIT421 Net-Centric Computing
Discussion
5.0 Conclusion
Computer systems face a number of security threats. One of the basic threats is data loss, which
means that parts of a database can no longer be retrieved. This could be the result of physical
damage to the storage medium (like fire or water damage), human error or hardware failures.
Another security threat is unauthorized access. Many computer systems contain sensitive
information, and it could be very harmful if it were to fall in the wrong hands. Imagine someone
getting a hold of your social security number, date of birth, address and bank information.
Getting unauthorized access to computer systems is known as cracking.
6.0 Summary
The objective of system security is the protection of information and property from theft, corruption
and other types of damage, while allowing the information and property to remain accessible and
productive. System security includes the development and implementation of security
countermeasures. There are a number of different approaches to computer system security,
including the use of a firewall, data encryption, passwords and biometrics.
References
Burt, M. R., Harrell, A. V., Newmark, L. C., Aron, L. Y., & Jacobs, L. K. (1997). Evaluation
guidebook: Projects funded by S.T.O.P. formula grants under the Violence Against Women Act .
The Urban Institute. http://www.urban.org/crime/evalguide.html
Centers for Disease Control and Prevention. (1992). Handbook for evaluating HIV education.
Division of Adolescent and School Health, Atlanta.
CDC. Framework for program evaluation in public health. MMWR Recommendations and Reports
1999;48(RR11):1-40.
Chalk, R., & King, P. A. (Eds.). (1998). Violence in Families: Assessing prevention and treatment
programs. Washington DC: National Academy Press.
Coyle, S. L., Boruch, R. F., & Turner, C. F. (Eds.). (1991). Evaluating AIDS prevention programs:
Expanded edition. Washington DC: National Academy Press.
Green, L.W., & Kreuter, M. W. (1991). Health promotion planning: An educational and
environmental approach (2nd ed.). Mountain View, CA: Mayfield Publishing Company.
88
CSC405 Net-Centric Computing
National Committee for Injury Prevention and Control. (1989). Injury prevention: Meeting the
challenge. American Journal of Preventive Medicine, 5(Suppl. 3).
Rossi, P. H., & Freeman, H. E. (1993). Evaluation: A systematic approach (5th ed.). Newbury Park,
CA: Sage Publications, Inc.
Short, L., Hennessy, M., & Campbell, J. (1996). Tracking the work. In Family violence: Building a
coordinated community response: A guide for communities.
(http://www.wkkf.org/Publications/evalhdbk/default.htm).
89
CIT421 Net-Centric Computing
Introduction of Module
Digital devices such as cell phones, tablets, gaming consoles, laptop and desktop computershave
become indispensable part of the modern society. With the proliferation of these devices in our
everyday lives, there is the tendency to use information derived from them for criminal activities.
Crimes such as fraud, drug trafficking, homicide, hacking, forgery, and terrorismoften involve
computers. To fight computer crimes, digital forensics (DF) originated in law enforcement,
computer security, and national defense. Law enforcement agencies, financial institutions, and
investment firms are incorporating digital forensics into their infrastructure. Digital forensics is used
to help investigate cybercrime or identify direct evidence of a computer-assisted crime. The
concept of digital forensics dates back to late 1990s and early 2000s when it was considered as
computer forensics. The legal profession, law enforcement, policy makers, the business
community, education, and government all have a vested interestin DF. Digital forensics is often
used in both criminal law and private investigation. It has beentraditionally associated with criminal
law. It requires rigorous standards to stand up to crossexamination in court
90
CSC405 Net-Centric Computing
1.0 Introduction
Computer Forensics is a scientific method of investigation and analysis in order to gather evidence
from the digital devices or computer networks and components which is suitable for presentation in
a court of law or legal body. It involves performing a structured investigation while maintaining a
documented chain of evidence to find out exactly what happened on a computer and who was
responsible for it. Crimes committed within electronic or digital domains, particularly within
cyberspace, have become extremely common these days. Criminals are using technology to a
great extent in committing various digital offences and creating new challenges for law
enforcement agents, attorneys, judges, military, and security professionals. Digital forensics has
become an incredibly useful and invaluable tool in the detection of criminal activities, identifying
and solving computer-based and computer-assisted crimes.
91
CIT421 Net-Centric Computing
• A distributed system begins with a task, such as rendering a video to create a
finished product ready for release.
• The web application, or distributed applications, managing this task — like a video
editor on a client computer:
• splits the job into pieces
• An algorithm gives one frame of the video to each of a dozen different computers
(or nodes) to complete the rendering
• Once the frame is complete, the managing application gives the node a new frame
to work on
• This process continues until the video is finished and all the pieces are put back
together
Distributed Systems turns a task that might have taken days for a single computer to complete into
one that is finished in a matter of minutes.
2. Define Computer Forensics and what are the Characteristics of Digital Forensics Answer
Computer forensics is the process of extracting data and information from computer systems to
function as digital evidence for civic purposes, or in most cases to prove and legally impeach
cybercrime.
Characteristics of Digital Forensics
• Identification:
• Preservation
• Analysis
92
CSC405 Net-Centric Computing
• Documentation
• Presentation
5.0 Conclusion
Digital forensics involves the process of identifying, collecting, acquiring, preserving, analysing, and
presenting of digital evidence. Digital evidence must be authenticated to ensure its admissibility in
a court of law. Ultimately, the forensic artefacts and forensic methods used (e.g., static or live
acquisition) depend on the device, its operating system, and its security features.
6.0 Summary
In this unit, we have been able to outline computer forensics history, characteristics of digital
forensics, digital forensics procedure, advantages of computer forensics and disadvantages of
computer forensics
Easttom, C. (2021). Digital Forensics, Investigation, and Response. Jones & Bartlett Learning.
Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations,
2019. structure, 10, 26.
Dafoulas, G. A., & Neilson, D. (2019, October). An overview of digital forensics education. In 2019
2nd International Conference on new Trends in Computing Sciences (ICTCS) (pp. 17). IEEE.
Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd..
Lin, X., Lin, X., & Lagerstrom-Fife. (2018). Introductory Computer Forensics. Springer International
Publishing.
Whitman, M. E., & Mattord, H. J. (2021). Principles of information security. Cengage learning.
93
CIT421 Net-Centric Computing
3.4.1 Security
94
CSC405 Net-Centric Computing
3.4.2 Risks of Network Failures
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
• Explain the concept of Disk Forensics Explain the process of Disk Forensics
Explain Network Forensics procedure
• Explain Network Forensics
• Explain Examinations of Network Forensics
• Explain Malware Forensics
95
CIT421 Net-Centric Computing
3.0 Main Content
3.1 Patterns in a Distributed System
A Software Design Pattern is a programming language defined as an ideal solution to a
contextualized programming problem. Patterns are reusable solutions to common problems that
represent the best practices available at the time. Patterns do not provide finished code, they
provide replication capabilities but offer guidance on how to solve a certain issue or implement a
needed feature. When thinking about the challenges of a distributed computing platform, the trick is
to:
• break it down into a series of interconnected patterns
• simplifying the system into smaller, more manageable and more easily understood
components which helps abstract a complicated architecture
Patterns are commonly used to describe distributed systems, such as:
• Command and Query Responsibility Segregation (CQRS) and
• two-phase commit (2PC)
Different combinations of patterns are used to design distributed systems, and each approach has
unique benefits and drawbacks.
96
CSC405 Net-Centric Computing
• It requires careful programming to ensure that processes are properly synchronized to avoid
transmission delays that result in errors and data corruption
• In a complex system — such as a multiplayer video game — synchronization can be
challenging, especially on a public network that carries data traffic
3.3.3 Imperfect scalability:
• Doubling the number of nodes in a distributed system does not necessarily double
performance
• Architecting an effective distributed system that maximizes scalability is a complex
undertaking that needs to take into account load balancing, bandwidth management and other
issues.
3.3.4 More complex security:
• Managing a large number of nodes in a heterogeneous or globally distributed environment
creates numerous security challenges
• A single weak link in a file system or larger distributed system network can expose the entire
system to attack.
3.3.5 Increased complexity:
• Distributed systems are more complex to design, manage and understand than traditional
computing environments.
97
CIT421 Net-Centric Computing
3.5 Access Control in Distributed Systems
Administrators use a variety of approaches to manage access control in distributed computing
environments, ranging from:
• traditional access control lists (ACLs) to
• role-based access control (RBAC)
• One of the most promising access control mechanisms for distributed systems is attribute-
based access control (ABAC), which controls access to objects and processes using rules
that include:
• information about the user
• the action requested and
• the environment of that request.
• Administrators can also refine these types of roles to restrict access to certain times of
day or certain locations.
98
CSC405 Net-Centric Computing
• In addition to their size and overall complexity, organizations can consider
deployments based on:
• the size and capacity of their computer network
• the amount of data they’ll consume
• how frequently they run processes
• whether they’ll be scheduled or ad hoc
• the number of users accessing the system
•capacity of their data center and the necessary data fidelity and availability
requirements.
Based on these considerations, distributed deployments are categorized as:
• Departmental, small enterprise
• Medium enterprise or large enterprise
• Distributed systems can also evolve over time, transitioning from departmental to
small enterprise as the enterprise grows and expands.
99
CIT421 Net-Centric Computing
5.0 Conclusion
The forensic examination of electronic systems has undoubtedly been a huge success in the
identification of cyber and computer-assisted crime. Organisations are placing an increasing
importance on the need to be equipped with appropriate incident management capabilities to
handle misuse of systems. Computer forensics is an invaluable tool in the process.The domain of
computer forensics has grown considerably in the last decade. Driven by industry, focus was
initially placed upon developing tools and techniques to assist in the practical application of the
technology
6.0 Summary
Digital forensic Science can be used for cases like 1) Intellectual Property theft, 2) Industrial
espionage 3) Employment disputes, 4) Fraud investigations
Easttom, C. (2021). Digital Forensics, Investigation, and Response. Jones & Bartlett Learning.
Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations,
2019. structure, 10, 26.
Dafoulas, G. A., & Neilson, D. (2019, October). An overview of digital forensics education. In 2019
2nd International Conference on new Trends in Computing Sciences (ICTCS) (pp. 17). IEEE.
Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd..
Lin, X., Lin, X., & Lagerstrom-Fife. (2018). Introductory Computer Forensics. Springer International
Publishing.
100
CSC405 Net-Centric Computing
Whitman, M. E., & Mattord, H. J. (2021). Principles of information security. Cengage learning.
101
CIT421 Net-Centric Computing
Unit 3 Systems Models
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 Models and Architectures of Distributed Systems
3.2 Characteristics of a Distributed Systems
3.3 Distributed tracing
102
CSC405 Net-Centric Computing
1.0 Introduction
The Internet is a very easy way to reach any system. If confidential data is not properly protected,
then it becomes opens to vulnerable access and misuse. Cyber-crime can cause varying degrees
of damage by hackers. So, detailed forensic analysis is required to come to a conclusion about an
incident and to prove or disprove someone’s guilt. Some criminal activities like child pornography,
hacking, and identity theft can be traced and the criminals can be punished if proper evidence is
found against them. Email communication is also on target. Because it is one of the most popular
and commonalty used means of online communication, for both prospects individuals and
businesses, emails are normally used by organizations to exchange most simple information, such
as meeting schedules, document distribution and some sensitive information
103
CIT421 Net-Centric Computing
• This is done with the help of a network.
The most common forms of distributed systems in the enterprise today are those that operate over
the web. They hand off workloads to dozens of cloud-based virtual server instances that are
created as needed, then terminated when the task is complete.
104
CSC405 Net-Centric Computing
Email forensics is the analysis of source and content of the email message, identification of sender
and receiver, date and time of email and the analysis of all the entities involved. Email forensics
also reforms to the forensics of client or server systems suspected in an email forgery. 2. What is
the purpose of email header analysis
Email header analysis helps in identifying most of the email related crimes like spear phishing,
spamming, email spoofing etc. Spoofing is a technique using which one can pretend to be
someone else, and a normal user would think for a moment that it’s his friend or some person he
already knows
5.0 Conclusion
Email evidence often plays a pivotal role in digital forensics investigations and eDiscovery. When
preserving emails from the cloud, forensics experts have to consider issues such as multifactor
authentication, running-in-place searches on the server before the acquisition, handling server
errors and throttling, privacy issues, and time constraints.
6.0 Summary
In this unit, we have been able to outline email forensics, email header analysis, mobile forensics
and mobile device forensics examination process.
Easttom, C. (2021). Digital Forensics, Investigation, and Response. Jones & Bartlett Learning.
Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations,
2019. structure, 10, 26.
105
CIT421 Net-Centric Computing
Dafoulas, G. A., & Neilson, D. (2019, October). An overview of digital forensics education. In 2019
2nd International Conference on new Trends in Computing Sciences (ICTCS) (pp. 17). IEEE.
Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd..
Lin, X., Lin, X., & Lagerstrom-Fife. (2018). Introductory Computer Forensics. Springer International
Publishing.
Whitman, M. E., & Mattord, H. J. (2021). Principles of information security. Cengage learning.
106
CSC405 Net-Centric Computing
Unit 4 Distributed Objects
Contents
1.0 Introduction
1.0 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 Distributed Objects Introduction
3.2 Local Objects Vs. Distributed Objects
3.3 The Distributed Objects Paradigm
3.4 Distributed Objects
3.5 Distributed Objects Systems/ Protocols
3.6 Remote procedure Call & Remote Method Invocation
3.6.1 Remote procedure Call
3.6.2 Remote Procedure Call Model
3.7 Local Procedure Call and Remote Procedure Call
3.7.1 Remote Procedure Calls (RPC)
107
CIT421 Net-Centric Computing
1.0 Introduction
We live in a very technologically advanced society. Technology and the use computers have
become a part of our everyday life. Because of the increased knowledge and abundance of
computer use, viruses have become a huge problem for users. Viruses are destructive programs
that attack the computer and interfere with the operations of the computer. A virus can easily
corrupt or delete data from your computer, which can become very costly to the owner of the
computer. It is important that we learn about how viruses work so that we can avoid them at all
cost.
Malware is any piece of software which is intended to cause harm to your system or network.
Malware is different from normal programs in a way that they most of them have the ability to
spread itself in the network, remain undetectable, cause changes/damage to the infected system or
network, persistence. They have the ability to bring down the machine’s performance to knees and
can cause a destruction of the network. Consider the case when the computer becomes infected
and is no longer usable, the data inside becomes unavailable – these are some of the malware
damage scenarios. Malware attacks can be traced back to the time, even before the internet
became widespread.
108
CSC405 Net-Centric Computing
• To request service from a network resource, a process invokes one of its operations or
methods, passing data as parameters to the method.
• The method is executed on the remote host, and the response is sent back to the
requesting process as a return value.
• Message-passing paradigm is data-oriented while Distributed objects paradigm is
action-oriented: the focus is on the invocation of the operations, while the data passed
takes on a secondary role.
• Although less intuitive to human-beings, the distributed-object paradigm is more
natural to object-oriented software development.
109
CIT421 Net-Centric Computing
1. the actions encoded in the procedure are executed
2. the caller is notified of the completion of the call and
3. a return value, if any, is transmitted from the callee to the caller
Malware analysis is the process of determining the purpose and functionality of a piece of malware.
This process will reveal what type of harmful program has infected your network, the damage it’s
capable of causing, and most importantly how to remove it.
• Virus: Viruses are pieces of malware that require human intervention to propagate to other
machines.
• Worm: Unlike Viruses, Worms do not need the help of humans to move to other machines.
They can spread easily and can infect a high number of machines in a short amount of
time.
• Trojan: These appear to be normal programs that have a legitimate function, like a game
or a utility program. But underneath the innocent looking user interface, a Trojan performs
malicious tasks without the user being aware.
• Spyware: Spyware is software that gathers personal or confidential information from user
systems without their knowledge.
• Keylogger: This is a special type of spyware. It is specialized in recording the keystrokes
made by the user.
• Ransomware: Ransomware is a form of malware that encrypts a victim's files. The attacker
then demands a ransom from the victim to restore access to the data upon payment.
110
CSC405 Net-Centric Computing
iii. Explain Static and Dynamic Analysis
Dynamic analysis also called malware behavior analysis runs the malware program to examine its
behavior, while Static analysis examines a malware file without actually running the program.
5.0 Conclusion
Viruses are very destructive programs that can be devastating to companies and individual.The
best defense against malware is a combination of vigilant and sensible behavior on the Internet,
proper computer usage, and anti-malware software. By erring on the side of caution when surfing
the web, not opening strange links or emails from unknown senders, and regularly updating and
running an anti-malware program, you'll be relatively safe from the manifold dangers of the
Internet.
6.0 Summary
In this unit, we have been able to outline malware analysis, types of malwares and malware
analysis
Easttom, C. (2021). Digital Forensics, Investigation, and Response. Jones & Bartlett Learning.
Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations,
2019. structure, 10, 26.
Dafoulas, G. A., & Neilson, D. (2019, October). An overview of digital forensics education. In 2019
2nd International Conference on new Trends in Computing Sciences (ICTCS) (pp. 17). IEEE.
Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd..
Lin, X., Lin, X., & Lagerstrom-Fife. (2018). Introductory Computer Forensics. Springer International
Publishing.
Whitman, M. E., & Mattord, H. J. (2021). Principles of information security. Cengage learning.
111
CIT421 Net-Centric Computing
112
CSC405 Net-Centric Computing
Unit 5 Remote Method Invocation
Contents
2.0 Introduction
1.1 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 Java Remote Method Invocation
3.1.1 Remote Method Invocation
3.2 The Java RMI Architecture
3.2.1 Object Registry
3.3 The Interaction between the Stub and the Skeleton
3.4 The Remote Interface
3.4.1 A Sample Remote Interface
3.5 The Server-Side Software
3.6 The Remote Interface Implementation
3.7 UML Diagram for the SomeImpl class
3.7.1 Stub and Skeleton Generations
3.7.2 The Stub File for the Object
3.8 The Object Server
3.9 The RMI Registry
3.10 The Client-Side Software
3.11 Looking up the Remote Object
3.12 Invoking the Remote Method
5.0 Conclusion
6.0 Summary
113
CIT421 Net-Centric Computing
1.0 Introduction
We live in a very technologically advanced society. Technology and the use computers have
become a part of our everyday life. Because of the increased knowledge and abundance of
computer use, viruses have become a huge problem for users. Viruses are destructive programs
that attack the computer and interfere with the operations of the computer. A virus can easily
corrupt or delete data from your computer, which can become very costly to the owner of the
computer. It is important that we learn about how viruses work so that we can avoid them at all
cost.
Malware is any piece of software which is intended to cause harm to your system or network.
Malware is different from normal programs in a way that they most of them have the ability to
spread itself in the network, remain undetectable, cause changes/damage to the infected system or
network, persistence. They have the ability to bring down the machine’s performance to knees and
can cause a destruction of the network. Consider the case when the computer becomes infected
and is no longer usable, the data inside becomes unavailable – these are some of the malware
damage scenarios. Malware attacks can be traced back to the time, even before the internet
became widespread.
114
CSC405 Net-Centric Computing
•A simple directory service called the RMI registry, rmiregistry, which is provided with the
Java Software Development Kit
• The RMI Registry is a service whose server, when active, runs on the object server’s host
machine, by convention and by default on the TCP port 1099.
3.3 The Interaction between the Stub and the Skeleton
A time-event diagram describing the interaction between the stub and the skeleton: The API
for the Java RMI
• The Remote Interface
• The Server-side Software
• The Remote Interface Implementation
• Stub and Skeleton Generations
• The Object Server
• The Client-side Software
// file: SomeInterface.java
// to be implemented by a Java RMI server class.
import java.rmi.*
public interface SomeInterface extends Remote {
// signature of first remote method public
String someMethod1( )
throws java.rmi.RemoteException; //
signature of second remote method
public int someMethod2( float ) throws java.rmi.RemoteException; // signature of
other remote methods may follow
// end interface
115
CIT421 Net-Centric Computing
A sample remote interface
The java.rmi.Remote Exception must be listed in the throw clause of each method signature.
• This exception is raised when errors occur during the processing of a remote method call,
and the exception is required to be caught in the method caller’s program.
• Causes of such exceptions include exceptions that may occur during interprocess
communications, such as access failures and connection failures, as well as problems
unique to remote method invocations, including errors resulting from the object, the stub,
or the skeleton not being found.
import
java.rmi.*;
import
java.rmi.server
.*;
/**
* This class implements the remote interface
SomeInterface.
*/
116
CSC405 Net-Centric Computing
3.7 UML diagram for the SomeImpl class
3.7.1 Stub and Skeleton Generations
• In RMI, each distributed object requires a proxy each for the object server and the object
client, known as the object’s skeleton and stub, respectively.
• These proxies are generated from the implementation of a remote interface using a tool
provided with the Java SDK:
• the RMI compiler rmic.
o rmic <class name of the remote interface implementation> For
example:
o rmic SomeImpl
As a result of the compilation, two proxy files will be generated, each prefixed with the
implementation class name:
SomeImpl_skel.class
SomeImpl_stub.class.
117
CIT421 Net-Centric Computing
import java.rmi.*;
……
public class SomeServer { public
static void main(String args[]) { try{
// code for port number value to be supplied
SomeImpl exportedObj = new SomeImpl();
startRegistry(RMIPortNum);
// register the object under the name “some”
registryURL = "rmi://localhost:" + portNum + "/some";
Naming.rebind(registryURL, exportedObj);
System.out.println("Some Server ready.");
}// end try
} // end main
118
CSC405 Net-Centric Computing
}
catch (RemoteException ex) {
// No valid registry at that port.
System.out.println(
"RMI registry cannot be located at port " + RMIPortNum);
Registry registry= LocateRegistry.createRegistry(RMIPortNum);
System.out.println(
"RMI registry created at port " + RMIPortNum);
}
} // end startRegistry
In our object server template, the code for exporting an object is as follows:
// register the object under the name “some”
registryURL = "rmi://localhost:" + portNum + "/some";
Naming.rebind(registryURL, exportedObj);
• The Naming class provides methods for storing and obtaining references from the registry.
o In particular, the rebind method allow an object reference to be stored in the registry
with a URL in the form of:
rmi://<host name>:<port number>/<reference name> o The rebind method will
overwrite any reference in the registry bound with the given reference name. o If the
overwriting is not desirable, there is also a bind method.
o The host name should be the name of the server, or simply “localhost”.
o The reference name is a name of your choice, and should be unique in the registry.
• When an object server is executed, the exporting of the distributed object causes the server
process to begin to listen and wait for clients to connect and request the service of the object.
An RMI object server is a concurrent server: each request from an object client is serviced
using a separate thread of the server.
• Note that if a client process invokes multiple remote method calls, these calls will be executed
concurrently unless provisions are made in the client process to synchronize the calls.
119
CIT421 Net-Centric Computing
3.9 The RMI Registry
• A server exports an object by registering it by a symbolic name with a server known as the RMI
registry.
Naming.rebind(“Server1”, obj);
• A server, called the RMI Registry, is required to run on the host of the server which exports
remote objects.
• The RMIRegistry is a server located at port 1099 by default It can be invoked dynamically in
the server class:
import java.rmi.registry.LocateRegistry;
…
LocateRegistry.createRegistry ( 1099 );…
Alternatively, an RMI registry can be activated by hand using the rmiregistry utility :
•
rmiregistry <port number> where the port
number is a TCP port number.
• If no port number is specified, port number 1099 is assumed.
120
CSC405 Net-Centric Computing
The registry will run continuously until it is shut down (via CTRL-C, for example)
import java.rmi.*;
….
public class SomeClient { public static void
main(String args[]) { try {
String registryURL =
"rmi://localhost:" + portNum + "/some";
SomeInterface h =
(SomeInterface)Naming.lookup(registryURL);
// invoke the remote method(s) String
message = h.method1();
System.out.println(message);
// method2 can be invoked similarly
} // end try
catch (Exception e) {
System.out.println("Exception in SomeClient: " + e);
}
} //end main
// Definition for other methods of the class, if any.
}//end class
121
CSC405 Net-Centric Computing
String registryURL =
"rmi://localhost:" + portNum + "/some"; SomeInterface h =
(SomeInterface)Naming.lookup(registryURL);
5.0 Conclusion
Viruses are very destructive programs that can be devastating to companies and individual.The best
defense against malware is a combination of vigilant and sensible behavior on the Internet, proper
computer usage, and anti-malware software. By erring on the side of caution when surfing the web, not
opening strange links or emails from unknown senders, and regularly updating and running an anti-
malware program, you'll be relatively safe from the manifold dangers of the Internet.
6.0 Summary
In this unit, we have been able to outline malware analysis, types of malwares and malware analysis
Easttom, C. (2021). Digital Forensics, Investigation, and Response. Jones & Bartlett Learning.
Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations, 2019.
structure, 10, 26.
Dafoulas, G. A., & Neilson, D. (2019, October). An overview of digital forensics education. In 2019 2nd
International Conference on new Trends in Computing Sciences (ICTCS) (pp. 17). IEEE.
122
CSC405 Net-Centric Computing
Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd..
Lin, X., Lin, X., & Lagerstrom-Fife. (2018). Introductory Computer Forensics. Springer International
Publishing.
Whitman, M. E., & Mattord, H. J. (2021). Principles of information security. Cengage learning.
Contents
3.0 Introduction
3.13 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 UML component Diagrams
3.2 Component Diagram at a Glance
3.3 Basic Concepts of Component Diagram
3.4 Interface
3.4.1 Provided Interface
3.4.2 Required Interface
3.5 Subsystems
3.6 Port
3.7 Relationships
3.8 Modelling Source Code
3.9 Modelling an Executable Release
3.10 Modelling a Physical Database
123
CSC405 Net-Centric Computing
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
We live in a very technologically advanced society. Technology and the use computers have become
a part of our everyday life. Because of the increased knowledge and abundance of computer use,
viruses have become a huge problem for users. Viruses are destructive programs that attack the
computer and interfere with the operations of the computer. A virus can easily corrupt or delete data
from your computer, which can become very costly to the owner of the computer. It is important that
we learn about how viruses work so that we can avoid them at all cost.
Malware is any piece of software which is intended to cause harm to your system or network. Malware
is different from normal programs in a way that they most of them have the ability to spread itself in the
network, remain undetectable, cause changes/damage to the infected system or network, persistence.
They have the ability to bring down the machine’s performance to knees and can cause a destruction
of the network. Consider the case when the computer becomes infected and is no longer usable, the
data inside becomes unavailable – these are some of the malware damage scenarios. Malware attacks
can be traced back to the time, even before the internet became widespread.
124
CSC405 Net-Centric Computing
126
CSC405 Net-Centric Computing
3.5 Subsystems
The subsystem classifier is a specialized version of a component classifier. Because of this, the
subsystem notation element inherits all the same rules as the component notation element. The only
difference is that a subsystem notation element has the keyword of subsystem instead of component.
3.6 Port
Ports are represented using a square along the edge of the system or a component. A port is often
used to help expose required and provided interfaces of a component.
3.7 Relationships
Graphically, a component diagram is a collection of vertices and arcs and commonly contain
components, interfaces and dependency, aggregation, constraint, generalization, association, and
realization relationships. It may also contain notes and constraints.
Relationships Notation
127
CSC405 Net-Centric Computing
Association:
• An association specifies a semantic relationship that can
occur between typed instances.
• It has at least two ends represented by properties, each of
which is connected to the type of the end. More than one
end of the association may have the same type.
Composition:
• Composite aggregation is a strong form of aggregation that
requires a part instance be included in at most one
composite at a time.
• If a composite is deleted, all of its parts are normally deleted
with it.
Aggregation
A kind of association that has one of its end marked shared
as kind of aggregation, meaning that it has a shared
aggregation.
Constraint
A condition or restriction expressed in natural language text
or in a machine readable language for the purpose of
declaring some of the semantics of an element.
Dependency
• A dependency is a relationship that signifies that a single or a
set of model elements requires other model elements for
their specification or implementation.
• This means that the complete semantics of the depending
elements is either semantically or structurally dependent on
the definition of the supplier element(s).
128
CSC405 Net-Centric Computing
Links:
• A generalization is a taxonomic relationship between a more
general classifier and a more specific classifier.
• Each instance of the specific classifier is also an indirect
instance of the general classifier.
• Thus, the specific classifier inherits the features of the more
general classifier.
3.9 Modelling an Executable Release Identify the set of components you'd like to model. Typically,
this will involve some or all the components that live on one node, or the distribution of these sets
of components across all the nodes in the system.
129
CSC405 Net-Centric Computing
• Consider the stereotype of each component in this set. For most systems, you'll find a small
number of different kinds of components (such as executables, libraries, tables, files, and
documents). You can use the UML's extensibility mechanisms to provide visual cues (clues) for
these stereotypes.
• For each component in this set, consider its relationship to its neighbors. Most often, this will
involve interfaces that are exported (realized) by certain components and then imported (used)
by others. If you want to expose the seams in your system, model these interfaces explicitly. If
you want your model at a higher level of abstraction, elide these relationships by showing only
dependencies among the components.
5.0 Conclusion
Viruses are very destructive programs that can be devastating to companies and individual.The best
defense against malware is a combination of vigilant and sensible behavior on the Internet, proper
computer usage, and anti-malware software. By erring on the side of caution when surfing the web, not
130
CSC405 Net-Centric Computing
opening strange links or emails from unknown senders, and regularly updating and running an anti-
malware program, you'll be relatively safe from the manifold dangers of the Internet.
6.0 Summary
In this unit, we have been able to outline malware analysis, types of malwares and malware analysis
Introduction to Module
As soon as cyberspace and e-commerce were created in the mid-1990s, cybercrime flourished on a
parallel track. Today, cybercrime has been doubling every single year in the number of incidents, as
well as monetary losses. It is impossible to truly quantify cybercrime because most victims only see
further losses in publicizing their inability to defend themselves from this modern day menace. The
interesting note is that, of the cybercriminals who have been caught, the vast majority have pleaded
guilty. The word ethics comes from the ancient Greek word eché, which means character. Every
human society practices ethics in some way because every society attaches a value on a continuum of
good to bad, right to wrong, to an individual’s actions according to where that individual’s actions fall
within the domain of that society’s rules and canons. In this module, Cyber crime Acts will be address
which provide legal backings to human data and privacy.
Unit 1: Concept of Cyber Law
131
CSC405 Net-Centric Computing
132
CSC405 Net-Centric Computing
UNIT 1 Distributed Transactions
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Distributed Transactions
3.2 Two Types of Permissible Operations in Distributed Transactions
3.2.1 DML and DDL Transactions
3.2.2 Transactions Control Statements
3.3 Session Trees for Distributed Transactions
3.4 Node Rules
3.4.1 Clients
3.4.2 Database Servers
3.4.3 Local Coordinators
3.4.4 Global Coordinators
3.4.5 Commit Point Site
3.5 How a Distributed Transactions Commits
3.6 Commit Point Strength
3.7 Two-Phase Commit Mechanism
3.7.1 Prepare Phase
3.7.2 Steps in the Prepare Phase
3.7.3 Commit Phase
3.7.3.1 Steps in the Commit Phase
3.8 Guaranteeing Global Database Consistency
3.9 Forget Phase
3.10 In-Doubt Transactions
3.10.1 Automatic Resolution of In-Doubt Transactions
3.11 Failure During the Prepare Phase
3.12 Failure During the Commit Phase
3.13 Manual Resolution of In-Doubt Transactions
3.14 Relevance of Systems Change Numbers for In-Doubt Transactions
133
CSC405 Net-Centric Computing
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
Technology has engendered new types of lawsuits or modified old ones. As, for example, the next
generation of offences arose within the field of computer crimes (e.g., identity thefts), technology
impacted on traditional rights such as copyright (1709) and privacy (1890), turning them into a matter of
access, control, and protection over information in digital environments. This unit we explain the
concepts of cyber law, the need of cyber law in the IT world and why is important to actually address
cyber crime issues.
134
CSC405 Net-Centric Computing
The following distributed transaction executed by scott updates the local sales database, the remote hq
database, and the remote maint database:
UPDATE [email protected]
UPDATE scott.emp
SET deptno = 11
UPDATE [email protected]
COMMIT;
Database server A node that receives a request for information from another node
136
CSC405 Net-Centric Computing
The role a node plays in a distributed transaction is determined by:
• Whether the transaction is local or remote
• The commit point strength of the node ("Commit Point Site")
• Whether all requested data is available at a node, or whether other nodes need to be
referenced to complete the transaction
• Whether the node is read-only
3.4.1 Clients
A node acts as a client when it references information from a database on another node. The
referenced node is a database server. In Figure 2, the node sales is a client of the nodes that host the
warehouse and finance databases.
Phase Description
Prepare phase The initiating node, called the global coordinator, asks participating nodes other
than the commit point site to promise to commit or roll back the transaction, even
if there is a failure. If any node cannot prepare, the transaction is rolled back.
Commit phase If all participants respond to the coordinator that they are prepared, then the
coordinator asks the commit point site to commit. After it commits, the coordinator
asks all other nodes to commit the transaction
Forget phase The global coordinator forgets about the transaction
When a node responds to the global coordinator that it is prepared to commit, the prepared node
promises to either commit or roll back the transaction later, but does not make a unilateral decision on
whether to commit or roll back the transaction. The promise means that if an instance failure occurs at
140
CSC405 Net-Centric Computing
this point, the node can use the redo records in the online log to recover the database back to the
prepare phase.
Note:
Queries that start after a node has prepared cannot access the associated locked data until all phases
complete. The time is insignificant unless a failure occurs
Prepared Response
When a node has successfully prepared, it issues a prepared message. The message indicates that
the node has records of the changes in the online log, so it is prepared either to commit or perform a
rollback. The message also guarantees that locks held for the transaction can survive a failure.
Read-Only Response
When a node is asked to prepare, and the SQL statements affecting the database do not change any
data on the node, the node responds with a read-only message. The message indicates that the node
will not participate in the commit phase
There are three cases in which all or part of a distributed transaction is read-only:
Case Condition Consequence
Partially read- Any of the following occurs: The read-only nodes recognize their
only • Only queries are issued at one status when asked to prepare. They
or more nodes. give their local coordinators a readonly
• No data is changed. response. Thus, the commit phase
Changes rolled back due to triggers completes faster because the
firing or constraint violations.
Completely All of following occur: All nodes recognize that they are read-
read-only with No data changes. only during prepare phase, so no
prepare Transaction is not started with SET commit phase is required. The global
phase TRANSACTION READ coordinator, not knowing whether all
ONLY statement nodes are read-only, must still perform
the prepare phase.
141
CSC405 Net-Centric Computing
Completely All of following occur: Only queries are allowed in the
read-only No data changes. transaction, so global coordinator does
without Transaction is started with SET not have to perform two-phase commit.
twophase TRANSACTION READ Changes by other transactions do not
commit ONLY statement. degrade global transaction-level read
consistency because of global SCN
coordination
Note that if a distributed transaction is set to read-only, then it does not use undo segments. If many
users connect to the database and their transactions are not set to READ ONLY, then they allocate
undo space even if they are only performing queries.
Abort Response
When a node cannot successfully prepare, it performs the following actions:
1. Releases resources currently held by the transaction and rolls back the local portion of the
transaction.
2. Responds to the node that referenced it in the distributed transaction with an abort message.
These actions then propagate to the other nodes involved in the distributed transaction so that they can
roll back the transaction and guarantee the integrity of the data in the global database. This response
enforces the primary rule of a distributed transaction: all nodes involved in the transaction either all
commit or all roll back the transaction at the same logical time.
Each committed transaction has an associated system change number (SCN) to uniquely identify the
changes made by the SQL statements within that transaction. The SCN functions as an internal
timestamp that uniquely identifies a committed version of the database.
In a distributed system, the SCNs of communicating nodes are coordinated when all of the following
actions occur:
• A connection occurs using the path described by one or more database links
• A distributed SQL statement executes
• A distributed transaction commits
Among other benefits, the coordination of SCNs among the nodes of a distributed system ensures
global read-consistency at both the statement and transaction level. If necessary, global time-based
recovery can also be completed.
During the prepare phase, the database determines the highest SCN at all nodes involved in the
transaction. The transaction then commits with the high SCN at the commit point site. The commit SCN
is then sent to all prepared nodes with the commit decision.
143
CSC405 Net-Centric Computing
Among other benefits, the coordination of SCNs among the nodes of a distributed system ensures
global read-consistency at both the statement and transaction level. If necessary, global time-based
recovery can also be completed.
During the prepare phase, the database determines the highest SCN at all nodes involved in the
transaction. The transaction then commits with the high SCN at the commit point site. The commit SCN
is then sent to all prepared nodes with the commit decision.
144
CSC405 Net-Centric Computing
Discussion
What is biggest crime ever committed in the cyber space?
4.0 Self-Assessment/Exercises
146
CSC405 Net-Centric Computing
Answer
a) Legislation: - It is the formal enactment of law by the legislature created or authorized by the
constitution. It stands in contrasted with judge made law. Legislation consists of written laws, as
contrasted with judge made law or common law. It also stans in contrasted to customary law.
b) Common Law: - It comprises the body of principle, which derive their authority solely from the
decisions of courts. It is a body of law that develops and derives through judicial decisions different
from legislative enactments. Its principals do not derive their validity from formal law making by
anybody, but from their enunciation through decisions of courts.
c) Custom: - Custom‟ denotes a usage or practice of the people (including a particular social group or
a group residing in a particular locality) which by common adoption and acquiescence and by long and
unvarying habit, has become compulsory and has acquired the force of law with respect to the place or
subject matter to which it relates.
5.0 Conclusion
Cyberlaw does concern you. As the nature of Internet is changing and this new medium is being seen
as the ultimate medium ever evolved in human history, every activity of yours in Cyberspace can and
will have a Cyber legal perspective. From the time you register your Domain Name, to the time you set
up your web site, to the time you promote your website, to the time when you send and receive emails,
to the time you conduct electronic commerce transactions on the said site, at every point of time, there
are various Cyberlaw issues involved.
6.0 Summary
Cyber law describes the legal issues related to use of communications technology, particularly
"cyberspace", i.e. the Internet. It is less a distinct field of law in the way that property or contract are as
it is an intersection of many legal fields. Cyber law is an attempt to integrate the challenges presented
by human activity on the Internet with legacy system of laws applicable to the physical world.
7.0 References/Further Reading
Dudley, A., Braman, J., & Vincenti, G. (2011). Investigating Cyber Law and Cyber Ethics: Issues,
Impacts and Practices: Issues, Impacts and Practices (Issue January).
https://books.google.com/books?hl=en&lr=&id=_-aeBQAAQBAJ&pgis=1
Isha Upadhyay (September, 2020). Cyber Law: A Comprehensive Guide For 2021.
https://www.jigsawacademy.com/blogs/cyber-security/what-is-cyber-law/. Last accessed:
December, 2021.
Joseph, M. K. (2007). Computer Network Security and Cyber Ethics (review). In portal: Libraries and
the Academy (fourth, Vol. 7, Issue 2). McFarland & Company, Inc.
https://doi.org/10.1353/pla.2007.0017
Pande, J. (2017). Introduction to Cyber Security ( FCS ). http://uou.ac.in\
147
CSC405 Net-Centric Computing
148
CSC405 Net-Centric Computing
UNIT 2 Flat and Nested Distributed Transactions
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Flat & Nested Distributed Transactions
3.2 Transactions Commands
3.3 Roles for Running a Transactions Successfully
3.4 Flat & Nested Distributed Transactions
3.4.1 Flat Transactions
3.4.1.1 Limitations of a Flat Transactions
3.4.2 Nested Transactions
3.4.2.1 Advantage
3.5 Role
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
The cyberspace is anticipated to become even more complex in the upcoming years, with the increase
in networks and devices connected to it. India as a nation has encountered several cyber-attacks which
forced the government to impose cyber law that regulates the code and conducts of the people of India
and international on the cyberspace. In this unit, we will discuss some of the regulations such as ITA
2000, IPC, National Cyber security policy and review some of the scenarios of cybercrime in India
2.0 Intended Learning Outcomes (ILOs)
At the end of this unit, the student will able to
• Understands laws binds to cyberspace
• Know their rights in data and privacy protection
149
CSC405 Net-Centric Computing
• Learn from existing scenarios of cybercrimes in India
A flat or nested transaction that accesses objects handled by different servers is referred to as a
distributed transaction. When a distributed transaction reaches its end, in order to maintain the atomicity
property of the transaction, it is mandatory that all of the servers involved in the transaction either
commit the transaction or abort it.
To do this, one of the servers takes on the job of coordinator, which entails ensuring that the same
outcome is achieved across all servers.
The method by which the coordinator accomplishes this is determined by the protocol selected.
The most widely used protocol is the ‘two-phase commit protocol.’ This protocol enables the servers to
communicate with one another in order to come to a joint decision on whether to commit or abort the
complete transaction.
A transaction that includes other transactions within its initiating point and a end point are known as
nested transactions. So the nesting of the transactions is done in a transaction. The nested transactions
here are called sub-transactions. The top-level transaction in a nested transaction can open sub-
transactions, and each sub-transaction can open more subtransactions down to any depth of nesting.
A client’s transaction T opens up two subtransactions, T1 and T2, which access objects on servers X
and Y, as shown in the diagram below. T1.1, T1.2, T2.1, and T2.2, which access the objects on the
servers M, N and P are opened by the sub-transactions T1 and T2.
151
CSC405 Net-Centric Computing
The transaction T involves four requests – 2 for deposits and 2 for withdrawals. Now they can be
treated as sub transactions (T1, T2, T3, T4) of the transaction T.
As shown in the figure below, transaction T is designed as a set of four nested transactions: T1, T2, T3
and T4.
152
CSC405 Net-Centric Computing
3.4.2.1 Advantage:
The performance is higher than a single transaction in which four operations are invoked one after the
other in sequence.
When the Distributed Transaction commits, the servers that are involved in the transaction execution,
for proper coordination, must be able to communicate with one another .
When a client initiates a transaction, an “openTransaction” request is sent to any coordinator server.
The contacted coordinator carries out the “openTransaction” and returns the transaction identifier to the
client. Distributed transaction identifiers must be unique within the distributed system. A simple way is to
generate a TID contains two parts – the ‘server identifier” (example :IP address) of the server that
created it and a number unique to the server.
The coordinator who initiated the transaction becomes the distributed transaction’s coordinator and has
the responsibility of either aborting it or committing it.
153
CSC405 Net-Centric Computing
Every server that manages an object accessed by a transaction is a participant in the transaction &
provides an object we call the participant. The participants are responsible for working together with the
coordinator to complete the commit process.
The coordinator every time, records the new participant in the participants list. Each participant knows
the coordinator & the coordinator knows all the participants. This enables them to collect the information
that will be needed at the time of commit and hence work in coordination.
Discussion
Discuss any two cybercrimes in your country.
4.0 Self-Assessment/Exercises
5.0 Conclusion
Cybercrimes are a new class of crimes which are increasing day by day due to extensive use of
internet these days.
154
CSC405 Net-Centric Computing
6.0 Summary
Technology Act, 2000 was enacted with prime objective to create an enabling environment for
commercial use of I.T. The IT Act specifies the acts which have been made punishable. The Indian
Penal Code, 1860 has also been amended to take into its purview cybercrimes.
UNIT 3 Concurrency
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Concurrency
3.2 Two Models for Concurrent Programming
3.2.1 Shared Memory
3.2.2 Message Passing
3.3 Processes, Threads & Time-Slicing
3.3.1 Process
3.3.2 Thread
3.3.3 Time Slicing
3.4 Shared Memory Example
3.4.1 Interleaving
3.4.2 Race Condition
3.4.3 Reordering
3.5 Message Passing Example
3.6 Concurrent is Hard to Test and Debug
155
CSC405 Net-Centric Computing
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
Cybercrime is "international" that there are ‘no cyber-borders between countries’ The complexity in
types and forms of cybercrime increases the difficulty to fight back, fighting cybercrime calls for
international cooperation . Various organizations and governments have already made joint efforts in
establishing global standards of legislation and law enforcement both on a regional and on an
international scale.
3.1 Concurrency
Concurrency means multiple computations are happening at the same time. Concurrency is everywhere
in modern programming, whether we like it or not:
• Multiple computers in a network
• Multiple applications running on one computer
• Multiple processors in a computer (today, often multiple processor cores on a single chip) In
fact, concurrency is essential in modern programming:
• Web sites must handle multiple simultaneous users.
• Mobile apps need to do some of their processing on servers (“in the cloud”).
• Graphical user interfaces almost always require background work that does not interrupt the
user. For example, Eclipse compiles your Java code while you’re still editing it.
Being able to program with concurrency will still be important in the future. Processor clock speeds are
no longer increasing. Instead, we are getting more cores with each new generation of chips. So in the
future, in order to get a computation to run faster, we’ll have to split up a computation into concurrent
pieces.
156
CSC405 Net-Centric Computing
3.2 Two Models for Concurrent Programming
There are two common models for concurrent programming:
Shared memory and Message passing.
157
CSC405 Net-Centric Computing
3.3 Processes, Threads, Time-slicing
• The message-passing and shared-memory models are about how concurrent modules
communicate. The concurrent modules themselves come in two different kinds:
processes and threads.
3.3.1 Process.
• A process is an instance of a running program that is isolated from other processes on the
same machine. In particular, it has its own private section of the machine’s memory.
• The process abstraction is a virtual computer. It makes the program feel like it has the entire
machine to itself – like a fresh computer has been created, with fresh memory, just to run that
program.
• Just like computers connected across a network, processes normally share no memory
between them. A process can’t access another process’s memory or objects at all. Sharing
memory between processes is possible on most operating system, but it needs special effort.
By contrast, a new process is automatically ready for message passing, because it is created
with standard input & output streams, which are the System.out and System.in streams you’ve
used in Java.
3.3.2 Thread
A thread is a locus of control inside a running program. Think of it as a place in the program that is being
run, plus the stack of method calls that led to that place to which it will be necessary to return through.
• Just as a process represents a virtual computer, the thread abstraction represents a virtual
processor. Making a new thread simulates making a fresh processor inside the virtual computer
represented by the process. This new virtual processor runs the same program and shares the
same memory as other threads in process.
• Threads are automatically ready for shared memory, because threads share all the memory in
the process. It needs special effort to get “thread-local” memory that’s private to a single thread.
It’s also necessary to set up message-passing explicitly, by creating and using queue data
structures. We will talk about how to do that in a future reading.
158
CSC405 Net-Centric Computing
T3. Thread T2 simply pauses, until its next time slice on the same processor or another
processor.
• On most systems, time slicing happens unpredictably and non-deterministically, meaning that a
thread may be paused or resumed at any time.
3.4 Shared Memory Example
Let’s look at an example of a shared memory system. The point of this example is to show that
concurrent programming is hard, because it can have subtle bugs.
Imagine that a bank has cash machines that use a shared memory model, so all the cash machines can
read and write the same account objects in memory. To illustrate what can go wrong, let’s simplify the
bank down to a single account, with a dollar balance stored in the balance variable, and two operations
deposit and withdraw that simply add or remove a dollar:
// suppose all the cash machines share a single bank account private
static int balance = 0;
159
CSC405 Net-Centric Computing
// each ATM does a bunch of transactions that // modify balance, but leave it unchanged afterward
private static void cashMachine() { for (int i = 0; i < TRANSACTIONS_PER_MACHINE; ++i)
{ deposit(); // put a dollar in withdraw(); // take it back out
}
}
160
CSC405 Net-Centric Computing
So at the end of the day, regardless of how many cash machines were running, or how many transactions we
processed, we should expect the account balance to still be 0.
But if we run this code, we discover frequently that the balance at the end of the day is not 0. If more than
one cashMachine() call is running at the same time – say, on separate processors in the same computer –
then balance may not be zero at the end of the day.
3.4.1 Interleaving
Here is one thing that can happen. Suppose two cash machines, A and B, are both working on a deposit at
the same time. Here is how the deposit() step typically breaks down into low-level processor instructions:
get balance (balance=0)
add 1
write back the result (balance=1)
When A and B are running concurrently, these low-level instructions interleave with each other
(some might even be simultaneous in some sense, but let’s just worry about interleaving for now):
A get balance (balance=0)
A add 1
A write back the result (balance=1)
B get balance (balance=1)
B add 1
B write back the result (balance=2)
A getbalance (balance=0)
190
The balance is now 1 – A’s dollar was lost! A and B both read the balance at the same time, computed
separate final balances, and then raced to store back the new balance – which failed to take the other’s
deposit into account.
161
CSC405 Net-Centric Computing
You cannot tell just from looking at Java code how the processor is going to execute it. You can’t tell what the
indivisible operations – the atomic operations – will be. It isn’t atomic just because it’s one line of Java. It
doesn’t touch balance only once just because the balance identifier occurs only once in the line. The Java
compiler, and in fact the processor itself, makes no commitments about what low-level operations it will
generate from your code. In fact, a typical modern Java compiler produces exactly the same code for all
three of these versions! The key lesson is that you cannot tell by looking at an expression whether it will be
safe from race conditions.
3.4.3 Reordering
The race condition on the bank account balance can be explained in terms of different interleavings of
sequential operations on different processors. But in fact, when you are using multiple variables and multiple
processors, you cannot even count on changes to those variables appearing in the same order.
Here’s an example:
162
CSC405 Net-Centric Computing
We
have two methods that are being run in different threads. computeAnswer does a long calculation, finally
coming up with the answer 42, which it puts in the answer variable. Then it sets the ready variable to true, in
order to signal to the method running in the other thread, useAnswer, that the answer is ready for it to use.
Looking at the code, answer is set before ready is set, so once useAnswer sees ready as true, then it seems
reasonable that it can assume that the answer will be 42 but quite not true.
The problem is that modern compilers and processors do a lot of things to make the code fast. One of those
things is making temporary copies of variables like answer and ready in faster storage (registers or caches
on a processor), and working with them temporarily before eventually storing them back to their official
location in memory. The storeback may occur in a different order than the variables were manipulated in your
code. Here is what might be going on under the covers (but expressed in Java syntax to make it clear). The
processor is effectively creating two temporary variables, tmpr and tmpa, to manipulate the fields ready and
answer:
163
CSC405 Net-Centric Computing
tmpa = 42;
tmpr = true;
ready = tmpr;
// <-- what happens if useAnswer() interleaves here?
// ready is set, but answer isn't.
answer = tmpa;
}
Now let us look at the message-passing approach to our bank account example.
Now not only are the cash machine modules, but the accounts are modules, too. Modules interact by
sending messages to each other. Incoming requests are placed in a queue to be handled one at a time.
The sender does not stop working while waiting for an answer to its request. It handles more requests
from its own queue. The reply to its request eventually comes back as another message.
Unfortunately, message passing does not eliminate the possibility of race conditions. Suppose each
account supports get-balance and withdraw operations, with corresponding messages. Two users, at
164
CSC405 Net-Centric Computing
cash machine A and B, are both trying to withdraw a dollar from the same account. They check the
balance first to make sure they never withdraw more than the account holds, because overdrafts trigger
big bank penalties:
get-balance
if balance >= 1 then withdraw 1
The problem is again interleaving, but this time interleaving of the messages sent to the bank account,
rather than the instructions executed by A and B. If the account starts with a dollar in it, then what
interleaving of messages will fool A and B into thinking they can both withdraw a dollar, thereby
overdrawing the account?
One lesson here is that you need to carefully choose the operations of a message-passing model.
withdraw-if-sufficient-funds would be a better operation than just withdraw.
If we have not persuaded you that concurrency is tricky, here is the worst of it. It is very hard to discover
race conditions using testing. And even once a test has found a bug, it may be very hard to localize it to
the part of the program causing it.
Concurrency bugs exhibit very poor reproducibility. It is hard to make them happen the same way twice.
Interleaving of instructions or messages depends on the relative timing of events that are strongly
influenced by the environment. Delays can be caused by other running programs, other network traffic,
operating system scheduling decisions, variations in processor clock speed, etc. Each time you run a
program containing a race condition, you may get different behavior.
These kinds of bugs are heisenbugs, which are nondeterministic and hard to reproduce, as opposed to
a “bohrbug”, which shows up repeatedly whenever you look at it. Almost all bugs in sequential
programming are bohrbugs.
A heisenbug may even disappear when you try to look at it with println or debugger! The reason is that
printing and debugging are so much slower than other operations, often 1001000x slower, that they
dramatically change the timing of operations, and the interleaving. So inserting a simple print statement
into the cashMachine():
private static void cashMachine() { for (int i = 0; i <
TRANSACTIONS_PER_MACHINE; ++i) {
deposit(); // put a dollar in
withdraw(); // take it back out
System.out.println(balance); // makes the bug disappear!
165
CSC405 Net-Centric Computing
…and suddenly the balance is always 0, as desired, and the bug appears to disappear. But it is only
masked, not truly fixed. A change in timing somewhere else in the program may suddenly make the bug
come back.
Concurrency is hard to get right. Part of the point of this reading is to scare you a bit. Over the next
several readings, we’ll see principled ways to design concurrent programs so that they are safer from
these kinds of bugs.
Discussion
What section of the Information Technology Act (ITA) that sanction internet fraudsters?
Explain the consequence according to the Act.
5.0 Conclusion
A country’s participation in a particular international agreement becomes effective only if domestic laws
are drafted and approved that legislate the intent of the signed international agreement.
6.0 Summary
Lawmakers and law enforcement agencies, around the world, advocate the need for cyber laws that
are written in the cyber language. That is, laws that explicitly define cyber offenses and fully support
the acceptance of cyber evidence. International bodies, responding to this call, have convened and
produced treaties and conventions that, unfortunately, have fallen short of receiving total acceptance
by the member countries.
166
CSC405 Net-Centric Computing
7.0 References/Further Reading
Concepts: Concurrency (uhcl.edu)
Processes and Threads (The Java™ Tutorials > Essential Java Classes > Concurrency) (oracle.com)
167
CSC405 Net-Centric Computing
UNIT 4 Characteristics of Service Oriented Architecture
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Service-Oriented Architecture (SOA)
3.1.1 A Service
3.2 An Example: SOA Apps Provide a Cohesive Platform for Overstock.com (a large Online
Retailer)
3.3 The 6 Defining Concepts of SOA
3.4 Understanding SOA: The Transportation Analogy
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
Ethics is, therefore, the study of right and wrong in human conduct. Ethics can also be defined as a
theoretical examination of morality or “theory of morals.” Other philosophers have defined ethics in a
168
CSC405 Net-Centric Computing
variety of ways. Robert C. Solomon, in Morality and the Good Life, defines ethics as a set of “theories
of value, virtue, or of right (valuable) action.” O.J. Johnson, on the other hand, defines ethics as a set of
theories “that provide general rules or principles to be used in making moral decisions and, unlike
ordinary intuitions, provides a justification for those rules.”The word ethicscomes from the ancient
Greek word eché, which means character. Every human society practices ethics in some way because
every society attaches a value on a continuum of good to bad, right to wrong, to an individual’s actions
according to where that individual’s actions fall within the domain of that society’s rules and canons.
3.1.1 A Service
Services represent building blocks that allow users to organize information in ways that are familiar to
them. These building blocks combine information about users and their behavior in a seamless fashion
to present a relatively simple interface.
A service is commonly characterized by these four properties:
1. It logically represents a business activity with a specified outcome.
2. It is self-contained
3. It is a black box for its consumers
4. It may consist of other underlying services
To further simplify this concept, an SOA service is the mechanism that satisfies a customer’s wants or
needs through a negotiated contract. Therefore, SOA is a collection of different services.
To better understand what service-oriented architecture is all about, consider this quote from industry
expert David Sprott:
169
CSC405 Net-Centric Computing
3.2 An Example: SOA Apps Provide a Cohesive Platform for Overstock.com (a large Online
Retailer)
Communication of services can involve something as simple as passing data, or it can involve a
coordination of an activity between two or more different SOA services.
One way to illustrate the SOA method is by taking a look at a large online retailer like Overstock.com.
In order for Overstock customers to make a transaction, different programs must work together
seamlessly. The various steps in the ordering process can involve various programs developed at
different times, each using their own unique platforms and technologies.
For instance, there might be one program that tracks inventory, which is different than the interface (i.e.
the Internet) the customer uses to shop. Then, there is likely an entirely different program for their
shopping cart and another for processing payment.
SOA services tie all of these various programs together so that an online shopper can quickly find out if
what they are looking for is in stock and get it shipped to their doorstep with just a few clicks of their
mouse.
170
CSC405 Net-Centric Computing
accomplish your goal of attending the conference, combining different units of software applications
(services) can help business achieve new milestones in the most efficient manner.
Discussion
Why is ethics relevant in the cyberspace?
4.0 Self-Assessment/Exercises
1. What are the ten commandments for computer ethics?
Answer
i. Thou shalt not use a computer to harm other people.
ii. Thou shalt not interfere with other people‟s computer work.
iii. Thou shalt not snoop around in other people‟s files. iv. Thou shalt not use a computer to
steal.
v. Thou shalt not use a computer to bear false witness. vi. Thou shalt not use of
copy software for which you have not paid. vii. Thou shalt not use other people‟s
computer resources without authorization. viii. Thou shalt not appropriate other
people‟s intellectual output. ix. Thou shalt think about the social consequences of the
program u write.
x. Thou shalt use a computer in ways to show consideration and respect.
5.0 Conclusion
The role of ethics is to help societies distinguish between right and wrong and to give each society a
basis for justifying the judgment of human actions. Ethics is, therefore, a field of inquiry whose subject
is human actions, collectively called human conduct, that are taken consciously, willfully, and for which
one can be held responsible. According to Fr. Austin Fagothey, such acts must have knowledge, which
171
CSC405 Net-Centric Computing
signifies the presence of a motive, be voluntary, and have freedom to signify the presence of free
choice to act or not to act.
6.0 Summary
The purpose of ethics is to interpret human conduct, acknowledging and distinguishing between right
and wrong. The interpretation is based on a system which uses a mixture of induction and deduction.
In most cases, these arguments are based on historical schools of thought called ethical theories.
There are many different kinds of ethical theories, and within each theory there may be different
versions of that theory. Let us discuss these next.
Baldini, Gianmarco, Botterman, Maarten, Neisse, Ricardo, and Tallacchini, Mariachiara (2016) “Ethical
Design in the Internet of Things,” Science and Engineering Ethics, 1-21.
Bustard, John D. (2017), “Improving Student Engagement in the Study of Professional Ethics:
Concepts and an Example in Cyber Security” Science and Engineering Ethics, 1-16.
Dipert, Randall R. (2010) “The Ethics of Cyberwarfare,” Journal of Military Ethics 9:4, 384410
ICSI (2016). Cybercrime Law and Practice. THE INSTITUTE OF COMPANY SCRETARIES OF INDIA.
ISBN : 978-93-82207795.
Joseph, M. K. (2007). Computer Network Security and Cyber Ethics (review). In portal: Libraries and
the Academy (fourth, Vol. 7, Issue 2). McFarland & Company, Inc.
https://doi.org/10.1353/pla.2007.0017
Manjikian, Mary (2017) Cybersecurity Ethics: An Introduction, Routledge; 240 pp. Taddeo,
Mariarosaria and Glorioso, Ludovica (2017) Ethics and Policies for Cyber Operations,
Springer. EC Council (2016) Ethical Hacking and Countermeasures (Book Series, 4 volumes),
Cengage Learning
172
CSC405 Net-Centric Computing
173
CSC405 Net-Centric Computing
Introduction to Module
As soon as cyberspace and e-commerce were created in the mid-1990s, cybercrime flourished on a
parallel track. Today, cybercrime has been doubling every single year in the number of incidents, as
well as monetary losses. It is impossible to truly quantify cybercrime because most victims only see
further losses in publicizing their inability to defend themselves from this modern day menace. The
interesting note is that, of the cybercriminals who have been caught, the vast majority have pleaded
guilty. The word ethics comes from the ancient Greek word eché, which means character. Every
human society practices ethics in some way because every society attaches a value on a continuum of
good to bad, right to wrong, to an individual’s actions according to where that individual’s actions fall
within the domain of that society’s rules and canons. In this module, Cyber crime Acts will be address
which provide legal backings to human data and privacy.
Unit 1: Concept of Cyber Law
174
CSC405 Net-Centric Computing
UNIT 1 Introduction to Mobile & Cloud Computing
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Mobile and Cloud Computing
3.2 Cloud Computing
3.3 Capabilities of Cloud Computing
3.4 Categories of Cloud Computing Models
3.4.1 Software as a Service (SaaS)
3.4.2 Platform as a Service (PaaS)
3.4.3 Infrastructure as a Service (IaaS)
3.5 Mobile Cloud Computing (MCC)
3.5.1 Advantage of Mobile & Cloud Computing
3.5.2 Disadvantages of Mobile & Cloud Computing
3.6 Mobile & Cloud Computing Security Concerns
3.7 The Top Threats in the Usage of Mobile & Cloud Computing
3.7.1 Data Loss
3.7.2 Untrusted Service Providers
3.7.3 Insecure API
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
175
CSC405 Net-Centric Computing
1.0 Introduction
Cloud Computing seems to be the most promising technology of the century we are living. It provides a
new manner of sharing distributed resources and services that may be part of different organizations,
geographycally located in different places and different time zones. Mobile Cloud Computing offers
partially the same functionality, with the only additional requirement that, at least, some of the devices
are mobile. In this paper, we will try to provide a detailed explanation of Mobile Cloud Computing
concept by providing different examples, figures, accessibility, pros and cons and comparison.
3.7 The Top Threats in the usage of Mobile and Cloud Computing.
3.7.1 Data Loss
Using Cloud Computing is more like outsourcing the data to the service provider.
178
CSC405 Net-Centric Computing
This means increasing the risk of exposing important data which were not issues in traditional
computing. Since more of the service providers provide shared resources, it is more likely for the
transactions to crash and data to be lost. Recently, there has been a lot of unintentional deletion of
data by the providers. Also, a bad line code can mess up access keys, and the data is lost.
The following solutions can lower the risk:
- Encryption of data while transmission;
- Using access control tools
- Time-to-time back up
3.7.2 Untrusted service providers
Known as malicious insiders, they are the people who have access and authorization to manage data
in the care of the service providers, offering cloud services. These people can either be working for
other companies or they do it for their personal intentions.
Discussion
What is biggest crime ever committed in the cyber space?
4.0 Self-Assessment/Exercises
179
CSC405 Net-Centric Computing
5.0 Conclusion
Nowadays, Cloud Computing is moving in big strides towards becoming the most popular and the used
technology, either in the organizational context, or personal domaina. Considering the fact that mobile
technology provides flexibility, compactness and portability, the big players in the IT industry are really
focused on generating, as optimal as possible, solutions that will drive mobile devices.
6.0 Summary
Cyber law describes the legal issues related to use of communications technology, particularly
"cyberspace", i.e. the Internet. It is less a distinct field of law in the way that property or contract are as
it is an intersection of many legal fields. Cyber law is an attempt to integrate the challenges presented
by human activity on the Internet with legacy system of laws applicable to the physical world.
180
CSC405 Net-Centric Computing
UNIT 2 Technologies for Wireless Communications
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Technologies for Wireless Communications
3.1.1 Radio
3.1.2 Cellular
3.1.3 Satellite
3.1.4 Wi-fi
3.2 Pros & Cons of Microwave Internet Service
3.2.1 Pros-Lower Initials Costs
3.2.2 Cons-Interference
3.2.3 Pro-mobility
3.2.4 Cons-Shared Bandwidth
3.3 Different Types of Roles
3.3.1 AM and FM
3.3.2 Shortwave Radio
3.3.3 Satellite Radio
3.3.4 Ham Radio
3.3.5 Walkie-Talkie
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
181
CSC405 Net-Centric Computing
1.0 Introduction
Wireless communication technology defines any method of communication possible without a direct
physical connection between the two parties, largely describing systems based on radio waves. The
first wireless communication systems came into use at the end of the 19th century, and the technology
has matured significantly over the intervening years. Today, many types of devices use wireless
communication technology, allowing users to remain in contact even in remote areas.
3.1.1 Radio
Open radio communication was one of the first wireless technologies to find widespread use, and it still
serves a purpose today. Portable multichannel radios allow users to communicate over short distances,
while citizen's band and maritime radios provide communication services for truckers and sailors. Ham
radio enthusiasts share information and serve as emergency communication aids during disasters with
their powerful amateur broadcasting equipment, and can even communicate digital data over the radio
spectrum.
3.1.2 Cellular
Cellular networks use encrypted radio links, modulated to allow many different users to communicate
across a single frequency band. Because individual handsets lack significant broadcasting power, the
system relies on a network of cellular towers, capable of triangulating the source of any signal and
handing reception duties off to the most suitable antenna. Data transmission over cellular networks is
possible, with at least, modern 3G systems capable of speeds approaching that of wired DSL or cable
connections. Cellular providers typically meter their service, charging customers by the minute for voice
and by the megabyte for data.
3.1.3 Satellite
Satellite communication is another wireless technology that has found widespread use in specialized
situations. These devices communicate directly with orbiting satellites via a radio signal, allowing users
to stay connected virtually anywhere on Earth. Portable satellite phones and modems feature more
powerful broadcast and reception hardware than cellular devices due to the increased range, and are
correspondingly more expensive. For semi-permanent or permanent installations, such as outfitting a
182
CSC405 Net-Centric Computing
ship for satellite communication, a more traditional communication system may link to a single satellite
uplink, allowing multiple users to share the same broadcast equipment.
3.1.4 Wi-Fi
Wi-Fi is a form of low-power wireless communication used by computers and hand-held electronic
devices. In a Wi-Fi setup, a wireless router serves as the communication hub, linking portable devices
to a wired internet connection. These networks are extremely limited in range due to the low power of
the transmissions, allowing users to connect only within close proximity to a router or signal repeater.
Wi-Fi is common in home networking applications, allowing users to link devices without running
lengths of cable, and in commercial applications where a business may provide wireless Internet
access to their customers. Wi-Fi networks may be free to use, or their owners may secure them with
passwords and access restrictions.
183
CSC405 Net-Centric Computing
All connections within range of a tower share the same bandwidth. WiMAX offers speeds up to 70Mbps,
but this is attainable only in ideal conditions and with a single user. Connection speeds are significantly
reduced as more and more users connect to the network. Slower speeds also result from being farther
from the tower.
Radio communication, first developed at the turn of the 20th century, remains a significant part of the
technology landscape despite decades of innovation and scientific breakthroughs. Radios work by
transmitting and receiving electromagnetic waves that move invisibly at the speed of light, carrying
music and speech in a coded form that depends on the type of radio used. Over the decades, radio has
evolved into many different types, each of which fulfills different needs.
3.3.1 AM and FM
Amplitude modulation, or AM radio, is one of the oldest forms of wireless broadcasting. With AM, an
audio signal rapidly modifies the strength of radio waves in a process called modulation; an AM receiver
decodes the modulation back into sound. With the introduction of the transistor in the 1960s, pocket-
sized AM radios became a reality for the first time. Although AM's coding scheme is simple, its sound
quality is only fair, and it is vulnerable to electrical noise. FM, which was developed in the 1930s, relies
on the modulation of the radio signal's frequency and not its strength. The higher radio frequencies
used for FM as well as the modulation scheme give it much better sound quality with less noise than
AM.
184
CSC405 Net-Centric Computing
3.3.5 Walkie-Talkie
A walkie-talkie is a portable, handheld device that sends and receives radio signals, usually within a
range of about a mile. Walkie-talkies are used by two or more people to communicate in situations
where cell phone service is poor or unavailable, such as in remote locations or in buildings. Because
walkie-talkies have low power and short range, you don't need a special license to operate them; they
interfere little with other radio signals
Discussion
Discuss any two cybercrimes in your country.
4.0 Self-Assessment/Exercises
5.0 Conclusion
Cybercrimes are a new class of crimes which are increasing day by day due to extensive use of
internet these days.
185
CSC405 Net-Centric Computing
6.0 Summary
Technology Act, 2000 was enacted with prime objective to create an enabling environment for
commercial use of I.T. The IT Act specifies the acts which have been made punishable. The Indian
Penal Code, 1860 has also been amended to take into its purview cybercrimes.
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Wireless Cellular Systems
3.1.1 Cellular Concepts
3.1.2 Frequency Reuse
3.1.2.1 Interference and Reuse
3.1.3 Multiple Access
3.1.3.1 FDMA
3.1.3.2 TDMA
3.1.3.3 CDMA
3.1.4 Systems Capacity
186
CSC405 Net-Centric Computing
3.1.4.1 Channel Capacity
3.1.4.2 Cellular Capacity
3.1.4.2.1 Cellular analog Capacity
3.1.4.2.2 TDMA/ EDMA Capacity
3.1.4.2.3 CDMA Capacity
3.1.5 Modulation and Coding
3.1.5.1 Modulations
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
Wireless communications are especially useful for mobile applications, so wireless systems are often
designed to cover large areas by splitting them into many smaller cells. This cellular approach
introduces many difficulties such as how to avoid interference, or how to hand-over from one cell to
another, while maintaining good service quality. Coverage, capacity, interference, and spectrum reuse
are important concerns of cellular systems; this chapter reviews these aspects as well as the
technologies, tools, and standards used to optimize them.
Providing wireless service over wide areas requires different schemes to efficiently use spectrum in
different locations while avoiding interference.
187
CSC405 Net-Centric Computing
3.1.2 Frequency Reuse
Covering a large geographic area with limited amount of spectrum leads to the reuse of the same
frequency in multiple locations; this leads to co-channel interference considerations, meaning
interference from different areas (or cells) that use the same frequency channel.
The reuse factor K is therefore an important parameter for capacity. The lowest reuse factor ( K = 1)
maximizes capacity; but this has to be balanced with interference considerations: indeed a higher reuse
factor (K = 3, 4, 7, or higher) provides more distance between cells using the same frequency, which
lowers interferences.
188
CSC405 Net-Centric Computing
where i0 is the number of co-channel cells nearest to the cell (called first tier or tier one); that number
increases with K. And Di is the distance to the tier-one cells reusing the same frequency (as shown in
figure 1). In the case of hexagonal cell approximation the expression simplifies to equation 1:
n values vary typically between 2 and 4 with the types of terrain. We will also see
that specific wireless technologies require a certain signal to noise and interference ratio (mostly based
on data rates); so equation (1) leads to a minimal acceptable value for K.
3.1.3 Multiple Access
A major requirement of cellular networks is to provide an efficient technique for multiple devices to
access the wireless system. These techniques include:
3.1.3.1 FDMA:
189
CSC405 Net-Centric Computing
Frequency Division Multiple Access, perhaps the most straightforward, in which every user device uses
its own frequency channel. This method was used in the first generation analog systems.
3.1.3.2 TDMA:
Time Division Multiple Access, in which a radio channel is divided in time slots, and use devices use
their allocated time slots. In fact TDMA systems are often hybrid FDMA as well as multiple channels
are used, most 2G systems were TDMA.
3.1.3.3 CDMA:
Code Division Multiple Access, in which orthogonal (or pseudo orthogonal) codes are used to
differentiate user devices. CDMA is very spectrum efficient, and was used by 3G standards. There are
several approaches to achieve CDMA, such as frequency hooping (FH-CDMA) or direct spreading
(DS-CDMA).
These are the main multiple access techniques, but subtle extensions and combinations can be
devised to obtain more efficient schemes.
3.1.4 System Capacity
Wireless communications deal with at least two main concerns: coverage and capacity.
3.1.4.1 Channel Capacity
One fundamental concept of information theory is one of channel capacity, or how much information
can be transmitted in a communication channel. In the 1940’s Claude Shannon invented formal
characterization of information theory and derived the well-known Shanon’s capacity theorem. That
theorem applies to wireless communications.
The Shannon capacity equation gives an upper bound for the capacity in a non-faded channel with
added white Gaussian noise:
where C= capacity (bits/s), W=bandwidth (Hz), S∕N= signal to noise (and interference) ratio.
That capacity equation assumes one transmitter and one receiver, though multiple antennas can
be used in diversity scheme on the receiving side. The equation singles out two fundamentally
important aspects: bandwidth and SNR.
Bandwidth reflects how much spectrum a wireless system uses, and explains why the spectrum
considerations are so important: they have a direct impact on system capacity. SNR of course reflects
the quality of the propagation channel, and will be dealt with in numerous ways: modulation, coding,
error correction, and important design choices such as cell sizes and reuse patterns.
3.1.4.2 Cellular Capacity
Practical capacity of many wireless systems are far from the Shannon’s limit (although recent
standards are coming close to it); and practical capacity is heavily dependent on implementation and
standard choices.
Digital standards deal in their own way with how to deploy and optimize capacity. Most systems are
limited by channel width, time slots, and voice coding characteristics. CDMA systems are interference
limited, and have tradeoffs between capacity, coverage, and other performance metrics (such as
dropped call rates or voice quality).
3.1.4.2.1 Cellular Analog Capacity:
190
CSC405 Net-Centric Computing
Fairly straight forward, every voice channel uses a 30 kHz frequency channel, these frequencies may
be reused according to a reuse pattern, the system is FDMA. The overall capacity simply comes from
the total amount of spectrum, the channel width and the reuse pattern.
3.1.4.2.2 TDMA/FDMA Capacity:
In digital FDMA systems, capacity improvements mainly come from the voice coding and elaborate
schemes (such as frequency hopping) to decrease reuse factor. The frequency reuse factor hides a lot
of complexity; its value depends greatly on the signal to interference levels acceptable to a given
cellular system. TDMA systems combine multiple time slots per channels.
3.1.4.2.3 CDMA Capacity:
A usual capacity equation for CDMA systems may be fairly easily derived as follows (for the reverse
link): first examine a base station with N mobiles, its noise and interference power spectral density
dues to all mobiles in that same cell is ISC = (N - 1)Sα, where S is the received power density for each
mobile, and α is the voice activity factor. Other cell interferences IOC are estimated by a reuse fraction β
of the same cell interference level, such that IOC = βISC; (usual values of β are around 1∕2). The total
noise and interference at the base is therefore Nt = ISC(1 + β). Next assume the mobile signal power
density received at the base station is S = REb∕W. Eliminating ISC, we derive:
…………… 2.5
where
• W is the channel bandwidth (in Hz),
• R is the user data bit rate (symbol rate in symbol per second),
• Eb∕Nt is the ratio of energy per bit by total noise (usually given in dB Eb∕Nt ≈ 7dB),
• α is the voice activity factor (for the reverse link), typically 0.5,
• and β is the interference reuse fraction, typically around 0.5, and represents the ratio of
interference level from the cell in consideration by interferences due to other cells. (The
number 1 + β is sometimes called reuse factor, and 1∕(1 + β) reuse efficiency)
This simple equation (2.5) gives us a number of voice channels in a CDMA frequency channel. We can
already see some hints of CDMA optimization and investigate certain possible improvement for a 3G
system. In particular: improving α can be achieved with dim and burst capabilities, β with interference
mitigation and antenna downtilt considerations, R with vocoder rate, W with wider band CDMA, Eb∕Nt
with better coding and interference mitigation techniques.
Some aspects however are omitted in this equation and are required to quantify other capacity
improvements mainly those due to power control, and softer/soft handoff algorithms. Of course other
limitations come into play for wireless systems, such as base station (and mobile) sensitivity, which
may be incorporated into similar formulas; and further considerations come into play such as: forward
power limitations, channel element blocking, backhaul capacity, mobility, and handoff.
191
CSC405 Net-Centric Computing
3.1.5.1 Modulation
A continuous wave signal (at a carrier frequency fc) in itself encodes and transmits no information. The
bits of information are encoded in the variations of that signal (in phase, amplitude, or a combination
thereof). These variations cause the occupied spectrum to increase, thus occupying a bandwidth
around fc; and the optimal use of that bandwidth is an important part of a wireless system. Various
modulation schemes and coding schemes are used to maximize the use of that spectrum for different
applications (voice or high speed data), and in various conditions of noise, interference, and RF
channel resources in general.
Classic modulation techniques are well covered in several texts, and we simply recall here a few
important aspects of digital modulations (that will be important in link budgets).
The main digital modulations used in modern wireless systems are outlined in table 1.
Discussion
What section of the Information Technology Act (ITA) that sanction internet fraudsters?
Explain the consequence according to the Act.
5.0 Conclusion
A country’s participation in a particular international agreement becomes effective only if domestic laws
are drafted and approved that legislate the intent of the signed international agreement.
6.0 Summary
Lawmakers and law enforcement agencies, around the world, advocate the need for cyber laws that
are written in the cyber language. That is, laws that explicitly define cyber offenses and fully support
the acceptance of cyber evidence. International bodies, responding to this call, have convened and
produced treaties and conventions that, unfortunately, have fallen short of receiving total acceptance
by the member countries.
192
CSC405 Net-Centric Computing
Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Service Oriented Architecture (SOA)
3.1.1 A Service
3.2 An Example: SOA Apps Provide a Cohesive Platform for Overstock.com (a large Online
Retailer)
3.3 The 6 Defining Concepts of SOA
3.4 Understanding SOA: The Transportation Analog
4.0 Self-Assessment Exercises
5.0 Conclusion
193
CSC405 Net-Centric Computing
6.0 Summary
7.0 References/Further Reading
1.0 Introduction
Ethics is, therefore, the study of right and wrong in human conduct. Ethics can also be defined as a
theoretical examination of morality or “theory of morals.” Other philosophers have defined ethics in a
variety of ways. Robert C. Solomon, in Morality and the Good Life, defines ethics as a set of “theories
of value, virtue, or of right (valuable) action.” O.J. Johnson, on the other hand, defines ethics as a set of
theories “that provide general rules or principles to be used in making moral decisions and, unlike
ordinary intuitions, provides a justification for those rules.”The word ethicscomes from the ancient
Greek word eché, which means character. Every human society practices ethics in some way because
every society attaches a value on a continuum of good to bad, right to wrong, to an individual’s actions
according to where that individual’s actions fall within the domain of that society’s rules and canons.
194
CSC405 Net-Centric Computing
3.1.1 A Service
Services represent building blocks that allow users to organize information in ways that are familiar to
them. These building blocks combine information about users and their behavior in a seamless fashion
to present a relatively simple interface.
A service is commonly characterized by these four properties:
5. It logically represents a business activity with a specified outcome.
6. It is self-contained
7. It is a black box for its consumers
8. It may consist of other underlying services
To further simplify this concept, an SOA service is the mechanism that satisfies a customer’s wants or
needs through a negotiated contract. Therefore, SOA is a collection of different services.
To better understand what service-oriented architecture is all about, consider this quote from industry
expert David Sprott:
3.2 An Example: SOA Apps Provide a Cohesive Platform for Overstock.com (a large Online
Retailer)
Communication of services can involve something as simple as passing data, or it can involve a
coordination of an activity between two or more different SOA services.
One way to illustrate the SOA method is by taking a look at a large online retailer like Overstock.com.
In order for Overstock customers to make a transaction, different programs must work together
seamlessly. The various steps in the ordering process can involve various programs developed at
different times, each using their own unique platforms and technologies.
For instance, there might be one program that tracks inventory, which is different than the interface (i.e.
the Internet) the customer uses to shop. Then, there is likely an entirely different program for their
shopping cart and another for processing payment.
SOA services tie all of these various programs together so that an online shopper can quickly find out if
what they are looking for is in stock and get it shipped to their doorstep with just a few clicks of their
mouse.
Discussion
Why is ethics relevant in the cyberspace?
4.0 Self-Assessment/Exercises
1. What are the ten commandments for computer ethics?
Answer xi. Thou shalt not use a computer to harm other
people.
xii. Thou shalt not interfere with other people‟s computer work.
xiii. Thou shalt not snoop around in other people‟s files. xiv. Thou shalt not use a
computer to steal. xv. Thou shalt not use a computer to bear false witness. xvi. Thou shalt
not use of copy software for which you have not paid. xvii. Thou shalt not use other people‟s
computer resources without authorization. xviii. Thou shalt not appropriate other people‟s
intellectual output. xix. Thou shalt think about the social consequences of the program u
write. xx. Thou shalt use a computer in ways to show consideration and respect.
196
CSC405 Net-Centric Computing
2. Explain the three levels of computer ethics. Answer
• First level: - It is the basic level where computer ethics tries to sensitize people to the fact that
computer technology has social and ethical consequences. Newspaper, TV news program,
and magazines have highlighted the topic of computer ethics by reporting on events relating to
computer viruses, software ownership law suits, computer aided bank robbery, computer
malfunction etc.
• Second level:- It consists of someone who takes interest in computer ethics cases, collects
examples, clarifies them, looks for similarities and differences reads related works, attends
relevant events to make preliminary assessments and after comparing them.
• Third level: - It referred to as „theoretical‟ computer ethics applies scholarly theories to
computer ethics cases and concepts in order to deepen the understanding of issues.
All three level of analysis are important to the goal of advancing and defending human values.
5.0 Conclusion
The role of ethics is to help societies distinguish between right and wrong and to give each society a
basis for justifying the judgment of human actions. Ethics is, therefore, a field of inquiry whose subject
is human actions, collectively called human conduct, that are taken consciously, willfully, and for which
one can be held responsible. According to Fr. Austin Fagothey, such acts must have knowledge, which
signifies the presence of a motive, be voluntary, and have freedom to signify the presence of free
choice to act or not to act.
6.0 Summary
The purpose of ethics is to interpret human conduct, acknowledging and distinguishing between right
and wrong. The interpretation is based on a system which uses a mixture of induction and deduction.
In most cases, these arguments are based on historical schools of thought called ethical theories.
There are many different kinds of ethical theories, and within each theory there may be different
versions of that theory. Let us discuss these next.
Baldini, Gianmarco, Botterman, Maarten, Neisse, Ricardo, and Tallacchini, Mariachiara (2016) “Ethical
Design in the Internet of Things,” Science and Engineering Ethics, 1-21.
Bustard, John D. (2017), “Improving Student Engagement in the Study of Professional Ethics:
Concepts and an Example in Cyber Security” Science and Engineering Ethics, 1-16.
197
CSC405 Net-Centric Computing
Dipert, Randall R. (2010) “The Ethics of Cyberwarfare,” Journal of Military Ethics 9:4, 384410
ICSI (2016). Cybercrime Law and Practice. THE INSTITUTE OF COMPANY SCRETARIES OF INDIA.
ISBN : 978-93-82207795.
Joseph, M. K. (2007). Computer Network Security and Cyber Ethics (review). In portal: Libraries and
the Academy (fourth, Vol. 7, Issue 2). McFarland & Company, Inc.
https://doi.org/10.1353/pla.2007.0017
Manjikian, Mary (2017) Cybersecurity Ethics: An Introduction, Routledge; 240 pp. Taddeo,
Mariarosaria and Glorioso, Ludovica (2017) Ethics and Policies for Cyber Operations,
Springer. EC Council (2016) Ethical Hacking and Countermeasures (Book Series, 4 volumes),
Cengage Learning
198