Skateserbia.com

In the design of secure software, several key state of the art design features must be incorporated to address typical system vulnerabilities, security protocol design, password management design, fault tolerance and fault recovery. Recognizing that software assurance is vital defense in today’s increasingly dynamic and complex threat environment, leading software vendors have undertaken significant efforts to reduce vulnerabilities, improve resistance to attack and protect the integrity of the software.

Through a wide analysis of development of secure software efforts, we need to develop a core set of secure development practices that can be applied across a variety of environments to improve security in software. By bringing these methods together and acquiring the best practice sets of software engineering disciplines, we can encourage the adoption of effective implementation of security policies.

Users may not be totally aware of the security risks and vulnerabilities associated with their system. It is the responsibility of the software developer to ensure product assurance and security. There exist several different secure software development methodologies in use today. However, they all share a lot of common elements from which we can build a universal framework for secure software development. The examination of these vendor practices reinforces the assertion that security assurance should be addressed throughout the lifecycle of the software development and not treated as a one-time event.

Since it is necessary to involve security measures throughout the development process, we must begin considering the security activities right from the point of commencement. This development technique starts at the requirement stage and continues till the last stage. There is a need to have a detailed knowledge about promotional products of the company policy and implement them at the requirement stage, design stage and implementation stage.

Software are always made target of malicious attacks by some coding experts who are primarily motivated by financial gain. Many threats have been identified whose intentions are to vandalize some ones or to use them in an unauthorized way. When software operates in a networked environment then every fault becomes potential security vulnerability. Attacks targeting or exploiting software bugs have increased exponentially with the concurrent proliferation of software-intensive systems, services, applications, and portals connected to the Internet and wireless-addressable embedded devices, such as cell phones, global positioning systems, and even medical devices.  Some of the common threats to a software system are as follows:

• viruses
• logic bombs
• spyware
• Trojan malware
• Hacking
• Denial of service attacks

These are the commonly used methods of attacking a system. A detailed study and research on these will help us accumulate information to develop the techniques to mitigate the effects of such attacks.

Trusted software is the one that promises to deliver the software that would be free from the threats posed by security flaws in applications. Trusted software should attempt to incorporate all of the software assurance definitions. The software assurance must provide a reasonable level of justifiable confidence that the software will function correctly and predictably in a manner consistent with its documented requirements. Additionally, the function of software cannot be compromised either through direct attack or through sabotage by maliciously implanted code to be considered assured. The application developers of such software are proactive in improving their knowledge and skills related to information security and removing security related vulnerabilities. They are trusted by the users as they promise to deliver the same value proposition of improving the software capabilities.

The basis for gaining justifiable confidence that software will consistently exhibit all properties required to ensure that the software, in operation, will continue to operate in a reliable manner despite the presence of intentional faults. The trusted software is developed ensuring that various industry accepted standards for managing security risks have been applied. The development of such software is done with the diligent attention in an effort to eliminate any chances of bugs and errors that may make the software vulnerable.

In addition to trustworthiness, predictable execution, and conformance, the trusted software must be attack-resistant or attack-tolerant, and at the whole system level it must be attack-resilient. It must be able to recover from any failures that result from successful attacks on the software by resuming operation at or above some predefined minimum acceptable level of service in the short term. The system must eventually recover full service at the specified level of performance.

The trusted software is developed such that the exploitable faults and other weaknesses are avoided by the developers. They take special care such that the likelihood of intentionally implanted exploitable fault or malicious logic is eliminated from the software. The software should be developed such that the interactions among the components within the software intensive system, and between the system and external entities do not contain exploitable weaknesses.

Trusted software maintains the following three goals

• Confidentiality: This ensures that the user’s data and other software resources are not disclosed to an unauthorized person. This need of keeping the information confidential arises from the use of computers in sensitive fields such as government and banking.
• Integrity: Integrity refers to the trustworthiness of the data. It is safeguarding the accuracy and completeness of information and processing methods from intentional, unauthorized, or accidental changes.
• Availability: Availability is ensuring that authorized users have access to information and associated assets when required. The aspect of availability is relevant to security because someone may deliberately arrange to deny access or data to a service by making it unavailable.

IT technologies if properly utilized can contribute greatly towards reducing the carbon footprint of various business functions. These technologies can monitor various processes such as day to day office activities or different business functions and manage the consumption of power for these functions to increase their energy efficiency.

Some of the uses of IT include using motion sensors to automatically switch of lights in an unused room or after office hours. Similarly can be used to control heat and air conditioning in buildings by using sensors that detect if any or how many people are present in a room.

Make use of facilities such as video conferencing, audio conferencing and webcast for meetings, lectures and similar activities this reduces the carbon emission by reducing the travel required by eliminating the need for physical presence.

Using power management settings in PC’s to set the desktop monitors to go into power saving mode when not in use. This saves up to two third of the energy consumed by PC’s.

IT industry can also help reduce the amount of paper used in daily office activities. Deploying tracking systems that track air and water emissions of plants and reporting system that can send this tracking information to the authorities.

Some of these strategies are already adopted by several large organizations, but use of these technologies even at smaller level can have sizeable benefits. Adapting these technologies can also be expensive at first but its returns are in contrast more profitable in terms of power consumed.

According to Gartner report power consumption by IT department’s accounts for 2 % of global carbon dioxide emission which is almost equal to the carbon output of the airline industry. These factors contribute greatly towards affecting the environment adversely and are responsible for global problems such as global warming.

IT organizations consumes huge amount of energy generally through data centers, this energy is mainly generated by burning fast depleting natural resources as a result companies should focus more on consuming energy from alternate sources. The rising cost of electricity is also a major motivator for IT companies to invest in technologies that conserve less amount of energy and give more output i.e. are more energy efficient.

Another major concern for IT managers is the disposal of IT or electronic waste which is hazardous in nature and contains toxic substances like mercury, cadmium and lead. It is necessary that this toxic waste is disposed of only after proper processing. There are several programs available which collect electronic waste from the customers and recycle them.

IT can also be used intelligently by organizations to reduce their carbon foot print by implementing technologies such as teleconferencing which will reduce the need to travel by reducing carbon emission thus contributing towards cleaner environment.

Data centers need to be designed in a manner which reduces its negative impact on the environment. Factors other than the concern for environmental impact of data centers that is forcing IT organizations to think about energy conservation are that IT organizations have almost reached their power and cooling capacity of their datacenters because of which they cannot expand their existing capacity, Even if they have to satisfy the ever increasing demand for more storage, servers and networking infrastructure for the increasing business needs that is they cannot scale their existing datacenters for accommodating future demands of the customers. One of the reason for large amount of power consumption in data centers is improper utilization of server resources, implementing technologies such as virtualization will help reduce significant amount of power consumption and increase the utilization and hence capacity of servers in data center.

Other things that can be done to conserve energy in data centers include developing cooling technologies that consume less power, producing more energy efficient processors etc. Implementing all these techniques in a right way is also important as the resulting server configuration should result in energy conservation and not end up consuming more power than before. Also while choosing the servers right combination of performance and power and cooling requirements must be taken into consideration that will result in maximum utilization of server resources and minimum power consumption.

Selecting the right hardware for datacenters is also a major task and IT mangers performing this task are required to have in depth knowledge of how data centers work and should take into consideration the various metrics involved. Data centers should be designed by keeping sustainability as a goal in mind, although organizations cannot compromise on performance and reliability of the system.

Another approach, in which the software written can also affect the amount of energy consumed for performing each operation on the servers. More energy efficient programming or designing of these software’s that use less resources for performing operations can substantially reduce the amount of energy consumed by data centers for their operations.

What is a Thin client?

A thin client also know as lean client is a client computer which depend heavily on some other central server for its processing activities, only screen information, mouse clicks and keystrokes travel between the clients systems and central server whereas in fat clients major amount of processing is done on the clients system and only data travels through the network

i.e. thin client solutions work by simply providing the client with a connection to applications and data that is hosted on a central server. Thin client systems does not consist of hard drives and expansion slots and also no complex components are required which draws far less power as compared to the traditional fat client systems.

In situations where many users perform similar activities such as browsing web, using document editing tools or email clients etc. it becomes cost effective and energy efficient to have one central server and many inexpensive, less power consuming thin clients. But in situations which include computing intensive applications thin client architecture cannot be implemented as it may introduce a problem of insufficient bandwidth resulting in poor performance. While implementing thin client approach, IT managers should understand the requirement of both user and application.

Lower power consumption results lower CO2 emissions which helps an organization to reduce its carbon footprint on the environment.

Implementing thin client solutions on a scale with a centralized server can provide functionality similar to traditional desktop systems with local processing and with more power saving.

Also with no hard drives and less or no microprocessors on the thin client less hazardous material is manufactured which will result in less generation of economically hazardous waste material to be recycled.

With Growing pressure on IT spending and rising environmental concerns Implementing Thin client architecture in their organizations can be one of the profitable options for IT managers. IT managers who decide to implement thin client solution in their organization should have enough information and knowledge how thin client architecture can be used for the benefit of the organization and environment and it should not result in poor performance or consuming more power.

There are several other benefits of implementing thin clients that they are easier to secure than thick clients as no data is present on the client machine even if the thin clients suffers from a serious accident no data will be lost as the data is present on the central server, which also allows for centralized malware protection.

Using thin clients also result in more efficient utilization of computing resources, in case of thick clients  they are designed to handle the maximum computations that the user needs to perform which are wasted when there is not much load on the machines with thin clients they use only the required amount of computing resources for a particular operation.

Many of the users are using UNIX mainly because of its features. The features of UNIX are as follows

Portability: As Unix has been re-written in C, hence it can run on machines from microcomputers to mainframe computers.

Security: Unix operating system provides the best security for its users. No one will be able to access the data or work on the system if they don’t have a proper username and password.

Background Processing: Unix employs a technique of Background Processing, wherein jobs/tasks are executed in the background with the minimal interaction from the user.

Pipes: Using the concept of pipes, a Unix user/administrator can easily link and work with multiple commands at the same time.

Redirection Tools: These tools are used to re-direct the data between files as per the requirement of the user.

Software Development Tools: Unix provides supports for large variety of tools which enables the user to create and work on different programs like C Language on the Unix Operating system. Any language that has an interpreter or compiler is supported by UNIX.

Stable and Reliable: Unix Operating System is a very reliable and stable and it is less prone to crashes.

Communication: Unix enables its users to communicate with different users connected to the system.

Easy to write programs: The process of program writing in Unix is simplified as it hides the machine architecture from its users.

Hierarchical File System: This hierarchical file system used by UNIX is easy to implement and maintain.

Shells: The different types of shells that Unix has are Bourne, C, Korn, etc.

Microsoft Windows Vista is one of the most happening and excellent releases of microsoft operating system.This brought in a new sense of understanding and user dynamics to the world computer technology , being designed for both 32bit and 64bit technology.It is one of the most efficient users of the graphical user interface (GUI) option.

In this operating system AERO technology was introduced which brought in 3d technology into operating systems,this feature enhanced the user compatibility of operating systems and made it more easy for the users to understand their computers even if they weren’t techno savvy people or computer geeks.The reason behind this is the pure idea of microsoft to make computers reach every house in the world irrespective of their background.

Speaking more on this Enchanting operating system ,it has a number of features such as personalized gadgets,widgets which help for user applications,enhanced parental and monitoring controls.It also has a option of 3d option toggling between windows which makes it very useful for switching between various applications without getting disturbed.

Microsoft has released various versions based on the requirements of various indivijuals and corporations.Some of the versions of vista are

• Microsoft Windows Vista Ultimate
• Microsoft Windows Vista Basic
• Microsoft Windows Vista professional
• Microsoft Windows Vista Business

So all you people who would love to have a wonderful working experience on your computers opt for the ultimat operating system i.e Microsoft Windows Vista.

UNIX is one of the very popular operating systems that enabled the functions like multi-user, multitasking, time-sharing. UNIX has become the most suitable choice of operating system for various engineering and scientific applications. The need for UNIX can be determined by the different categories of applications that it suffices like programming, networking, high-performance computing, multimedia to name a few.

The chronology of events that led to the evolution of UNIX is as follows:
In 1965 AT&T, GE, IBM and Project MAC combined to develop a time-sharing system named MULTICS (Multiplexed Information and Computing Service). In 1969 AT&T Bell Labs quits from the MULTICS project. Ken Thompson writes first version of UNICS on a PDP-7 machine. UNICS is the acronym for Uniplexed Information and Computing Services which is pun on MULTICS. UNICS is then changed to UNIX.

In 1973 Unix was Re-written in high level language C, in order to make it machine-independent. In 1977-1981 Unix were available at large outlets in minimal cost and started to use UNIX for scientific applications. In 1982 Unix System III was released. In 1984-85 Unix System V was released. In 1992-93 4.4 BSD was released. In 1994 Linux 1.0 was released. In 2001 Linux 2.4 was released.