The acquisition of People soft company by Oracle.

From an individual point of view, the largely publicized dispute between People soft and Oracle; companies in the business of developing and installing software for business entities, which took centre stage in 2003 still triggers varied reactions from major players in the enterprise resource planning industry.Advertising We will write a custom coursework sample on The acquisition of People soft company by Oracle. specifically for you for only $16.05 $11/page Learn More A highly emotive debate has been evoked among academic and technical circles to try and put the tale of Oracle’s move to acquire People soft into perspective. Oracle on its part had considered to acquire people soft a year before it came up with the widely disputed antic of taking over the company, a move largely viewed by critics as being malicious and of bad intent. The board at People soft took a rigid stand against Oracle’s intension to acquire the company it had come up with an insulting and rather unusual bid of $ 16 which represented a mere six percent premium. This preposition was quite unacceptable since the norm in serious bidding activities held the threshold at a whopping twenty percent or more. The company’s chief executive Craig Conway supposedly sensed bad faith on Oracle’s part which also played a major role in the company’s unanimous decision to reject the deal since it viewed the move as a ploy to prevent them from taking over another major player by the name J.D. Edwards. The move would also destabilize their stake at the stock market. The bid brought to light by Oracle Company also came out to be a unique one with respect to the fact that it would prevent customers from continuing to seek services from People soft as a result of the fear of what a takeover by another company would imply. Under these circumstances, if Oracle would have been willing to pay a higher price for the competitor’s shares to induc e its shareholders into selling their shares, then the board would have been rendered helpless and unable to stop the former from taking over the company’s ownership. A litany of scandals also worked against Oracle’s bid to acquire its competitor firm with critics terming the move as having been actuated by malice and being utterly insensitive, allegations which necessitated the management’s introduction of stringent measures to counter. This state of affairs held no grounds to victimize Oracle since not even a saintlier of evidence could be tabled to attest to that fact.Advertising Looking for coursework on business economics? Let's see if we can help you! Get your first paper with 15% OFF Learn More In spite of all the odds that surrounded the Oracle acquisition of People soft, certain measures had been put in place by the board of directors to ensure that in the event of an imminent takeover, a reasonable criteria would be observed to ensure th at everybody’s best interests be taken into account. Among those conditions to be considered included the introduction of a customer assurance plan which would ensure the protection of customer interests so as to build customer confidence. The board also put a lot of emphasis on the acquisition of J.D. Edwards so as to secure the company’s stability. The rejection of the 16% share bid on the grounds of being too low also came up to be a determining condition for consideration by the board before making the all important decision of selling the company’s shares. At the inception of People soft, foresight is quite evident since measures were put in place to ensure that in the event of a hostile and non-friendly acquisition of the company, formidable opposition would be rolled out to counter them. Popularly known as the poison pill, it basically stipulated conditions which failure to adhere to would deter one from assuming ownership of the company. It stipulated co nditions which included a minimum share purchase of not less than twenty percent which would increase every time an acquirer increased their net worth above that minimum. The objective of this move was to maintain an acquirer’s stakes at less than twenty percent. Despite the well placed objective of seeing to it that a rogue takeover would not occur, the poison pill was not a complete barricade that would keep wealthy skimmers at bay since they could still take their time and wedge a proxy battle which would eventually see them install their own board members who would subsequently discard the poison pill. These concerns hence formed the basis for the protracted court battles between the two companies which resulted in Oracle’s unprecedented increase of their bidding price resoundingly by five times. This move eventually brokered the deal which saw Oracle part with 10.3 billion dollars and eventually putting a stop to the unending court battles.Advertising We will write a custom coursework sample on The acquisition of People soft company by Oracle. specifically for you for only $16.05 $11/page Learn More In conclusion, it is imperative to appreciate the fact that despite Oracle’s intensions which fueled the urge to acquire People soft company which were rather harsh and unethical, what is quite eminent is the fact that a more respectful and liberal approach towards acquiring the company by Oracle would have saved both companies time, money and the agony of going through the tedious court and settlement procedures. References Chaturvedi, R. (2005). Oracle’s Acquisition of PeopleSoft. ICFAI center for Management research. European Case Clearing House , Case no.305-169-1. Madpati, R. (2005). Oracle’s PeopleSoft Bid (Part D). ICFAI Knowledge Center.  European Case Clearing House , Case no. 305-072-01. Watson, R. (2012). Ethics in finance. ethics and conduct of business, sixth edition , 341- 344. This coursework on The acquisition of People soft company by Oracle. was written and submitted by user Asher Sheppard to help you with your own studies. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly. You can donate your paper here.

Malcom X and Martin Luther King essays

Malcom X and Martin Luther King essays During the twentieth century Black people faced a lot of discrimination from the whites and found it very difficult to achieve civil rights. Black people were at one point denied of voting. In order for blacks to achieve civil rights they needed a leader to follow. Many black leaders did rise for the fight for civil rights, some had some ways of thinking some had others. Two of the most powerful and influential leaders of the twentieth century had to Malcolm X and Martin Luther King. These two leaders had different approaches, and different views towards white people, but fought for the same thing. Malcolm X was Born Malcolm Little in 1925 in Omaha, Malcolm was six years old, when his father was murdered by the Black Legion, a group of white racists belonging to the KKK. He changed his name to Malcolm X while in prison. He was serving ten years because of a robbery. Also while in prison he became a follower of Elijah Muhammad. Muhammad was the leader of an group called the Nation of Islam. During the 1950's, Malcolm became the spokesman for the Nation. Malcolm became a powerful speaker in the movement. As King captured the spirit of the Southern Black, Malcolm became the messiah of the ghettos of Harlem, Chicago, Detroit, and Los Angeles. Originally a small group, the Nation grew rapidly under Malcolm's leadership. He not only spoke the words of the Koran and his spiritual adviser, Elijah Muhammad, but he also lived it to its fullest. As the crowds grew to hear him speak, so did the disapproval to his rising popularity. Malcolm taught a message of self help and personal responsibility. This is the message from the Nation of Islam. Like the Nation, he also spoke of a separate nation for Blacks only, which was also the view of Marcus Garvey, a leader that Malcolm followed, and also the view that Black is beautiful. .The beginning of Malcolm's problems with the Nation of Islam was whether or not to participate in the civil rights march on...

Human Resource Management Essay Example | Topics and Well Written Essays - 2500 words - 2

Human Resource Management - Essay Example strategic way. It is focused on the management of the workforce in an organization and the provision of direction to them. The aim of the HRM is to deal with and solve all the problems, within the organization, that are related to the workforce. These include hiring and recruitment, performance management, appraisals, compensation and benefits, organizational development, communication, training, safety and well-being, employee motivation, administration and conflict resolution. HRM also deals with all the issues pertaining to corporate social responsibility. In addition to this, HRM serves as the only association that a company usually has with the trade union. More than anything else, Human Resource Management is a comprehensive as well as strategic approach of managing not only the employees but the entire workplace culture (Budhwar, 2000). Effective HRM is needed in order to ensure that employees contribute positively and effectively to the goals and objectives of the company. Th us HRM is extremely important if the organization wants to ensure that the employees do not go astray. It provides a policing arm to the organization. SIGNIFICANCE OF HRM It is a very important part of the organization and its significance can be judged from the fact that most organizations now have a separate Human Resource Management department, given that the organization is big enough to afford it. From being a low scale and low scope department, Human Resource Management has now become a strategic business partner of the organization since its function is to provide constant support to the vision and mission of the organization. This also because HRM aims to implement the business strategies and ensuring that they work. HRM is now believed to be the management of people in the organization, not employees. It is responsible for ensuring that the organization complies with the labor as well as employment laws. According to Cheddie (2001) the aim is to gain competitive advantage b y using a wide range of structural, personnel and cultural techniques. THEORIES AND PRACTICES As the discipline of HRM continues to grow and gain momentum across the globe, more theories and studies are being devoted to it. Most HRM theories and practices are directly drawn from the field of behavioral sciences as well as from theories related to strategic management (Som, 2008). For HRM to work effectively there are certain practices that the organization must adopt. Among the first theories on the HRM concept was proposed by the Michigan school. According to this theory, the HR system must be managed in a way so that it is in line with the organizational goals and strategies. This concept became very popular as the ‘matching model’. It was further developed that there is human resource cycle which comprises four functions. These are selection, performance appraisal, rewards and compensation and training and development. Delegation to Line Managers Budhwar and Khatri ( 2001) argue that in

No Child Left Behind standardized testing Research Paper

No Child Left Behind standardized testing - Research Paper Example Every school-child has to undergo high-test standardized testing so as to move from different levels of education and to be compared to others from different regions. In this chapter, we are going to look at differences between high standard test and regular tests and the effects they impose on both the teachers and the students. The author, Smith M.L, of the book ‘The Effects of External Testing on Teachers’, conducted an educational research, on the implications of conducting standardized tests in the school, for teachers. The main aim of the study was to find out if there exists some difference in the teacher’s psychological and emotional response when the regular classroom exams are conducted and the standardized tests (Smith, 1991). After the research, he found that there were some significant changes in both the teachers’ anxiety and psychological states, due to some effects impacted on them by these tests. In the journal, ‘Psychology in the Schools’, the author talks of the anxious responses that students undergo due to high-stakes testing (Natasha, 2013). The authors’ talk of the anxious responses that students undergo during the time they face the standardized tests and the number of preparations they undergo so as to face these tests. In this journal, the authors say that students are more used to the normal tests than the standardized ones, hence the change in the responses towards these different tests. In the book ‘Academy of Management Learning & Education’, the authors talk of the different preparation students can be given when facing the standardized tests (Dean & Joly, 2012). In the book, the author says that at times students become disengaged, lose their identity and have lowered morale towards learning. They address they way of handling the different situations created by standardized tests and different methods in managing learning and education. The informal measures of text anxiety

Extream leader Essay Example | Topics and Well Written Essays - 250 words - 1

Extream leader - Essay Example Their main traits are their tenacity, positive attitude and humility. They welcome other people’s opinion and views. They are capable of turnaround strategy through sheer force of will, flexibility and desire to find the solution. McDonald’s, Apple, Citibank, Amazon etc. have extreme leaders at the helm. These companies not only have leadership position in the industry but their innovative ideas and subsequent high growth have made indelible mark in the corporate world. Leaders like, Ray Croc of McDonald’s, Steve Job of Apple, Charles Prince of Citibank and Jeffery Bezos of Amazon, have all been extraordinary in their vision which they had the guts to transform into success. They were all dynamic leaders who accepted challenges and saw opportunities in adversity. They relentlessly pursued and brought their company to the pinnacle of success despite adverse circumstances. Moreover, they were leaders who shared their vision with the workers and appreciated their input. Indeed, these traits are rare and therefore make them the most sought after leaders for companies who want to make a distinct place in the highly volatile

Computer Network Security within Organisations

Computer Network Security within Organisations Networking and Management Introduction A computer network is a connection of two or more computers in order to share resources and data. These shared resources can include devices like printers and other resources like electronic mail, internet access, and file sharing. A computer network can also be seen as a collection of Personal computers and other related devices which are connected together, either with cables or wirelessly, so that they can share information and communicate with one another. Computer networks vary in size. Some networks are needed for areas within a single office, while others are vast or even span the globe. Network management has grown as a career that requires specialized training, and comes with management of important responsibilities, thus creating future opportunities for employment. The resulting expected increase in opportunities should be a determining and persuasive factor for graduates to consider going into network management. Computer networking is a discipline of engineering that involves communication between various computer devices and systems. In computer networking, protocols, routers, routing, and networking across the public internet have specifications that are defined in RFC documents. Computer networking can be seen as a sub-category of computer science, telecommunications, IT and/or computer engineering. Computer networks also depend largely upon the practical and theoretical applications of these engineering and scientific disciplines. In the vastly technological environment of today, most organisations have some kind of network that is used every day. It is essential that the day-to-day operations in such a company or organisation are carried out on a network that runs smoothly. Most companies employ a network administrator or manager to oversee this very important aspect of the company’s business. This is a significant position, as it comes with great responsibilities because an organisation will experience significant operational losses if problems arise within its network. Computer networking also involves the setting up of any set of computers or computer devices and enabling them to exchange information and data. Some examples of computer networks include: Local area networks (LANs) that are made up of small networks which are constrained to a relatively small geographic area. Wide area networks (WANs) which are usually bigger than local area networks, and cover a large geographic area. Wireless LANs and WANs (WLAN WWAN). These represent the wireless equivalent of the Local Area Network and Wide Area Networks Networks involve interconnection to allow communication with a variety of different kinds of media, including twisted-pair copper wire cable, coaxial cable, optical fiber, and various wireless technologies. The devices can be separated by a few meters (e.g. via Bluetooth) or nearly unlimited distances (e.g. via the interconnections of the Internet. (http://en.wikipedia.org/wiki/Computer_networking) TASK 1 TCP connection congestion control Every application, whether it is a small or large application, should perform adaptive congestion control because applications that perform congestion control use a network more efficiently and are generally of better performance. Congestion control algorithms prevent the network from entering Congestive Collapse. Congestive Collapse is a situation where, although the network links are being heavily utilized, very little useful work is being done. The network will soon begin to require applications to perform congestion control, and those applications which do not perform congestion control will be harshly penalized by the network, probably in the form of preferentially dropping their packets during times of congestion (http://www.psc.edu/networking/projects/tcpfriendly/) Principles of Congestion Control Informally, congestion entails that too many sources are sending too much data, and sending them too fast for the network to handle. TCP Congestion Control is not the same as flow control, as there are several differences between TCP Congestion Control and flow control. Other principles of congestion control include Global versus point-2-point, and orthogonal issues. Congestion manifests itself by causing loss of packets (buffer overflow at routers), and long delays (queuing in router buffers). Also, during congestion, there is no explicit feedback from network routers, and there is congestion inferred from end-system observed loss. In network-assisted congestion control, routers provide feedback to end systems, and the explicit rate sender sends at –Choke Packet. Below are some other characteristics and principles of congestion control: When CongWin is below Threshold, sender in slow-start phase, window grows exponentially. When CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold. When timeout occurs, Threshold set to CongWin/2 and CongWin is set to 1 MSS. Avoidance of Congestion It is necessary for the TCP sender to use congestion avoidance and slow start algorithms in controlling the amount of outstanding data that is injected into a network. In order to implement these algorithms, two variables are added to the TCP per-connection state. The congestion window (cwnd) is a sender-side limit on the amount of data the sender can transmit into the network before receiving an acknowledgment (ACK), while the receivers advertised window (rwnd) is a receiver-side limit on the amount of outstanding data. The minimum of cwnd and rwnd governs data transmission. (Stevens, W. and Allman, M. 1998) TCP Flow Control In TCP flow control, the receiving side of the TCP connection possesses a receive buffer, and a speed-matching service which matches the send rate to the receiving application’s drain rate. During flow control, Rcvr advertises any spare room by including value of RcvWindow in segments, and the sender limits unACKed data to RcvWindow. TCP flow control also ensures that there is no overflow of the receive buffer. Round-trip Time Estimation and Timeout TCP Round Trip Time and Timeout are usually longer than RTT, but RTT varies, and has a slow reaction to segment loss. SampleRTT is measured time from segment transmission until ACK receipt, ignore retransmissions, and will vary, want estimated RTT â€Å"smoother† Round-trip time samples arrive with new ACKs. The RTT sample is computed as the difference between the current time and a time echo field in the ACK packet. When the first sample is taken, its value is used as the initial value for srtt. Half the first sample is used as the initial value for rttvar. (Round-Trip Time Estimation and RTO Timeout Selection) There are often problems due to timeouts, including the restriction of the sender that is compelled to wait until a timeout, and is able to do nothing during this period. Also, the first segment in the sliding window is often not acked, and retransmission becomes necessary, waiting again one RTT before the segment flow continues. It should be noted that on receiving the later segments, the receiver sends back ACKs. Estimated RTT EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT DevRTT DevRTT = (1 0.25) * DevRTT + | SampleRTT – EstimatedRTT Timeout interval TimeoutInterval = EstimatedRTT + 4 * DevRTT The integrated services (IntServ) and DiffServ (Differentiated Services) architecture are two architectures that have been proposed for the provision of and guaranteeing of quality of service (QoS) over the internet. Whereas the Intserv framework is developed within the IETF to provide individualized QoS guarantees to individual application sessions, Diffserv is geared towards enabling the handling of different classes of traffic in various ways on the internet. These two architectures represent the IETF’s current standards for provision of QoS guarantees, although neither Intserv nor Diffserv have taken off or found widespread acceptance on the web. (a) Integrated Service Architecture In computer networking, the integrated services (IntServ) architecture is an architecture that specifies the elements for the guaranteeing of quality of service (QoS) on the network. For instance, IntServ can be used to allow sound and video to be sent over a network to the receiver without getting interrupted. IntServ specifies a fine-grained Quality of service system, in contrast to DiffServs coarse-grained system of control. In the IntServ architecture, the idea is that each router inside a system implements IntServ, and applications which require various types of guarantees have to make individual reservations. Flow Specs are used to describe the purpose of the reservation, and the underlying mechanism that signals it across the network is called RSVP. TSPECs include token bucket algorithm parameters. The idea is that there is a token bucket which slowly fills up with tokens, arriving at a constant rate. Every packet which is sent requires a token, and if there are no tokens, then it cannot be sent. Thus, the rate at which tokens arrive dictates the average rate of traffic flow, while the depth of the bucket dictates how large the traffic is allowed to be. TSPECs typically just specify the token rate and the bucket depth. For example, a video with a refresh rate of 75 frames per second, with each frame taking 10 packets, might specify a token rate of 750Hz, and a bucket depth of only 10. The bucket depth would be sufficient to accommodate the burst associated with sending an entire frame all at once. On the other hand, a conversation would need a lower token rate, but a much higher bucket depth. This is because there are often pauses in conversations, so they can make do with fewer tokens by not sending the gaps between words and sentences. However, this means the bucket depth needs to be increased to compensate for the traffic being larger. (http://en.wikipedia.org/wiki/Integrated_services) (b) Differentiated Service Architecture The RFC 2475 (An Architecture for Differentiated Services) was published In 1998, by the IETF. Presently, DiffServ has widely replaced other Layer 3 Quality of Service mechanisms (such as IntServ), as the basic protocol that routers use to provide different service levels. DiffServ (Differentiated Services) architecture is a computer networking architecture which specifies a scalable, less complex, coarse-grained mechanism for the classification, management of network traffic and for provision of QoS (Quality of Service) guarantees on modern IP networks. For instance, DiffServ can be used for providing low-latency, guaranteed service (GS) to video, voice or other critical network traffic, while ensuring simple best-effort traffic guarantees to non-critical network services like file transfers and web traffic. Most of the proposed Quality of Service mechanisms which allowed these services to co-exist were complicated and did not adequately meet the demands Internet users because modern data networks carry various kinds of services like streaming music, video, voice, email and also web pages. It would probably be difficult to implement Intserv in the core of the internet because most of the communication between computers connected to the Internet is based on a client/server structural design. This Client/server describes a structure involving the connection of one computer to another for the purpose of giving work instructions or asking it questions. In an arrangement like this, the particular computer that questions and gives out instructions is the client, while the computer that provides answers to the asked questions and responds to the work instructions is the server. The same terms are used to describe the software programs that facilitate the asking and answering. A client application, for instance, presents an on-screen interface for the user to work with at the client computer; the server application welcomes the client and knows how to respond correctly to the clients commands. Any file server or PC can be adapted for use as an Internet server, however a dedicated computer should be chosen. Anyone with a computer and modem can join this network by using a standard phone. Dedicating the server that is, using a computer as a server only helps avoid some security and basic problems that result from sharing the functions of the server. To gain access to the Internet you will require an engineer to install the broadband modem. Then you will be able to use the server to network the Internet on all machines on a network. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) TASK 5 Network security These days, computers are used for everything from shopping and communication to banking and investment. Intruders into a network system (or hackers) do not care about the privacy or identity of network users. Their aim is to gain control of computers on the network so that they can use these systems to launch attacks on other computer systems. Therefore people who use the network for these purposes must be protected from unknown strangers who try to read their sensitive documents, or use their computer to attack other systems, and send forged email, or access their personal information (such as their bank or other financial statements) Security Clauses The International Organisation for Standardizations (ISOs) 17799: 2005 Standard is a code of practice for information security management which provides a broad, non-technical framework for establishing efficient IT controls. The ISO 17799 Standard consists of 11 clauses that are divided into one or more security categories for a total of 39 security categories The security clauses of the ISO standard 17799:2005- code of practice for Information Security Management include: The security Policy clause Organizing Information Security Asset Management. Human Resources Security. Physical and Environmental Security. Communications and Operations. Access Control. Information Systems Acquisition, Development, and Maintenance. Information Security Incident Management. Business Continuity Management. Compliance. (http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209) Here is a brief description of the more recent version of these security clauses: Security Policy: Security policies are the foundation of the security framework and provide direction and information on the companys security posture. This clause states that support for information security should be done in accordance with the companys security policy. Organizing Information Security: This clause addresses the establishment and organizational structure of the security program, including the appropriate management framework for security policy, how information assets should be secured from third parties, and how information security is maintained when processing is outsourced. Asset Management: This clause describes best practices for classifying and protecting assets, including data, software, hardware, and utilities. The clause also provides information on how to classify data, how data should be handled, and how to protect data assets adequately. Human Resources Security: This clause describes best practices for personnel management, including hiring practices, termination procedures, employee training on security controls, dissemination of security policies, and use of incident response procedures. Physical and Environmental Security: As the name implies, this clause addresses the different physical and environmental aspects of security, including best practices organizations can use to mitigate service interruptions, prevent unauthorized physical access, or minimize theft of corporate resources. Communications and Operations: This clause discusses the requirements pertaining to the management and operation of systems and electronic information. Examples of controls to audit in this area include system planning, network management, and e-mail and e-commerce security. Access Control: This security clause describes how access to corporate assets should be managed, including access to digital and nondigital information, as well as network resources. Information Systems Acquisitions, Development, and Maintenance: This section discusses the development of IT systems, including applications created by third-parties, and how security should be incorporated during the development phase. Information Security Incident Management: This clause identifies best practices for communicating information security issues and weaknesses, such as reporting and escalation procedures. Once established, auditors can review existing controls to determine if the company has adequate procedures in place to handle security incidents. Business Continuity Management: The 10th security clause provides information on disaster recovery and business continuity planning. Actions auditors should review include how plans are developed, maintained, tested, and validated, and whether or not the plans address critical business operation components. Compliance: The final clause provides valuable information auditors can use when identifying the compliance level of systems and controls with internal security policies, industry-specific regulations, and government legislation. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) The standard, which was updated in June 2005 to reflect changes in the field of information security, provides a high-level view of information security from different angles and a comprehensive set of information security best practices. More specifically, ISO 17799 is designed for companies that wish to develop effective information security management practices and enhance their IT security efforts. Control Objectives The ISO 17799 Standard contains 11 clauses which are split into security categories, with each category having a clear control objective. There are a total of 39 security categories in the standard. The control objectives in the clauses are designed to meet the risk assessment requirements and they can serve as a practical guideline or common basis for development of effective security management practices and organisational security standards. Therefore, if a company is compliant with the ISO/IEC 17799 Standard, it will most likely meet IT management requirements found in other laws and regulations. However, because different standards strive for different overall objectives, auditors should point out that compliance with 17799 alone will not meet all of the requirements needed for compliance with other laws and regulations. Establishing an ISO/IEC 17799 compliance program could enhance a companys information security controls and IT environment greatly. Conducting an audit evaluation of the standard provides organizations with a quick snapshot of the security infrastructure. Based on this snapshot, senior managers can obtain a high-level view of how well information security is being implemented across the IT environment. In fact, the evaluation can highlight gaps present in security controls and identify areas for improvement. In addition, organizations looking to enhance their IT and security controls could keep in mind other ISO standards, especially current and future standards from the 27000 series, which the ISO has set aside for guidance on security best practices. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) Tree Topology Tree topologies bind multiple star topologies together onto a bus. In its most simple form, only hub devices are directly connected to the tree bus and the hubs function as the root of the device tree. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub ports) alone. Topologies remain an important part of network design theory. It is very simple to build a home or small business network without understanding the difference between a bus design and a star design, but understanding the concepts behind these gives you a deeper understanding of important elements like hubs, broadcasts, ports, and routes. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Use of the ring topology should be considered for use in medium sized companies, and the ring topology would also be the best topology for small companies because it is ensures ease of data transfer. Ring Topology In a ring network, there are two neighbors for each device, so as to enable communication. Messages are passed in the same direction, through a ring which is effectively either counterclockwise or clockwise. If any cable or device fails, this will break the loop and could disable the entire network. Bus Topology Bus networks utilize a common backbone to connect various devices. This backbone, which is a single cable, functions as a shared medium of communication which the devices tap into or attach to, with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Star Topology The star topology is used in a lot of home networks. A star network consists of a central connection point or hub that can be in the form of an actual hub, or a switch. Usually, devices will connect to the switch or hub by an Unshielded Twisted Pair (UTP) Ethernet. Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computers network access and not the entire LAN. If the hub fails, however, the entire network also fails. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Relating the security clauses and control objectives to an organisation In an organisation like the Nurht’s Institute of Information Technology (NIIT), the above mentioned security clauses and control objectives provide a high-level view of information security from different angles and a comprehensive set of information best security practices. Also, the ISO 17799 is designed for companies like NIIT, which aim to enhance their IT security, and to develop effective information security management practices. At NIIT, the local network relies to a considerable degree, on the correct implementation of these security practices and other algorithms so as to avoid congestion collapse, and preserve network stability. An attacker or hacker on the network can cause TCP endpoints to react in a more aggressive way in the face of congestion, by the forging of excessive data acknowledgments, or excess duplicate acknowledgments. Such an attack could possibly cause a portion of the network to go into congestion collapse. The Security Policy clause states that â€Å"support for information security should be done in accordance with the companys security policy.† (Edmead, M. T. 2006). This provides a foundation of the security framework at NIIT, and also provides information and direction on the organisation’s security posture. For instance, this clause helps the company auditors to determine whether the security policy of the company is properly maintained, and also if indeed it is to be disseminated to every employee. The Organizing Information Security clause stipulates that there should be appropriate management framework for the organisation’s security policy. This takes care of the organizational structure of NIIT’s security program, including the right security policy management framework, the securing of information assets from third parties, and the maintenance of information security during outsourced processing. At NIIT, the Security clauses and control objectives define the company’s stand on security and also help to identify the vital areas considered when implementing IT controls. The ISO/IEC 17799s 11 security clauses enable NIIT to accomplish its security objectives by providing a comprehensive set of information security best practices for the company to utilize for enhancement of its IT infrastructure. Conclusion Different businesses require different computer networks, because the type of network utilized in an organisation must be suitable for the organisation. It is advisable for smaller businesses to use the LAN type of network because it is more reliable. The WAN and MAN would be ideal for larger companies, but if an organisation decides to expand, they can then change the type of network they have in use. If an organisation decides to go international, then a Wireless Area Network can be very useful Also, small companies should endeavor to set up their network by using a client/server approach. This would help the company to be more secure and enable them to keep in touch with the activities of others are doing. The client/server would be much better than a peer-to-peer network, it would be more cost-effective. On the average, most organisations have to spend a good amount of money and resources to procure and maintain a reliable and successful network that will be and easy to maintain in the long run. For TCP Congestion Control, when CongWin is below Threshold, sender in slow-start phase, window grows exponentially. If CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold, and threshold set to CongWin/2 and CongWin is set to 1 MSS when a timeout occurs. For a Small Office/Home Office (SOHO), networks such as wireless networks are very suitable. In such a network, there won’t be any need to run wires through walls and under carpets for connectivity. The SOHO user need not worry about plugging their laptop into docking stations every time they come into the office or fumble for clumsy and unattractive network cabling. Wireless networking provides connectivity without the hassle and cost of wiring and expensive docking stations. Also, as the business or home office grows or shrinks, the need for wiring new computers to the network is nonexistent. If the business moves, the network is ready for use as soon as the computers are moved. For the wired impossible networks such as those that might be found in warehouses, wireless will always be the only attractive alternative. As wireless speeds increase, these users have only brighter days in their future. (http://www.nextstep.ir/network.shtml) It is essential to note that the computer network installed in an organisation represents more than just a simple change in the method by which employees communicate. The impact of a particular computer network may dramatically affect the way employees in an organisation work and also affect the way they think. Bibliography Business Editors High-Tech Writers. (2003, July 22). International VoIP Council Launches Fax-Over-IP Working Group. Business Wire. Retrieved July 28, 2003 from ProQuest database. Career Directions (2001 October). Tech Directions, 61(3), 28 Retrieved July 21, 2003 from EBSCOhost database Edmead, M. T. (2006) Are You Familiar with the Most Recent ISO/IEC 17799 Changes? (Retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) FitzGerald, J. (1999), Business Data Communications And Networking Pub: John Wiley Sons Forouzan, B. (1998), Introduction To Data Communications And Networking Pub: Mc- Graw Hill http://www.theiia.org/itaudit http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209 http://www.psc.edu/networking/projects/tcpfriendly/ ISO/IEC 17799:2000 – Code of practice for information security management Published by ISO and the British Standards Institute [http://www.iso.org/] ISO/IEC 17799:2005, Information technology – Security techniques – Code of practice for information security management. Published by ISO [http://www.iso.org/iso/en/prods-services/popstds/informationsecurity.html] Kurose, J. F. Ross, K. W. 2002. Computer Networking A Top-Down Approach Featuring the Internet, 2nd Edition, ISBN: 0-321-17644-8 (the international edition), ISBN: 0-201-97699-4, published by Addison-Wesley, 2002 www.awl.com/cs Ming, D. R. Sudama (1992) NETWORK MONITORING EXPLAINED: DESIGN AND APPLICATION Pub: Ellis Horwood Rigney, S. (1995) NETWORK PLANNING AND MANAGMENT YOUR PERSONAL CONSALTANT Round-Trip Time Estimation and RTO Timeout Selection (retrieved from http://netlab.cse.yzu.edu.tw/ns2/html/doc/node368.html) Shafer, M. (2001, June 11). Careers not so secure? Network Computing, 12(12), 130- Retrieved July 22, 2003 from EBSCOhost database Stevens, W. and Allman, M. (1998) TCP Implementation Working Group (retrieved from http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-tcpimpl-cong-control-00.txt) Watson, S (2002). The Network Troubleshooters. Computerworld 36(38), 54. (Retrieved July 21, 2003 from EBSCOhost database) Wesley, A. (2000), Internet Users Guide to Network Resource Tools 1st Ed, Pub: Netskils www.microsoft.co.uk www.apple.com www.apple.co.uk www.bized.com http://www.nextstep.ir/network.shtml www.novell.com www.apple.com/business www.microsoft.com/networking/e-mails www.engin.umich.edu www.microsoft.com Computer Network Security within Organisations Computer Network Security within Organisations Networking and Management Introduction A computer network is a connection of two or more computers in order to share resources and data. These shared resources can include devices like printers and other resources like electronic mail, internet access, and file sharing. A computer network can also be seen as a collection of Personal computers and other related devices which are connected together, either with cables or wirelessly, so that they can share information and communicate with one another. Computer networks vary in size. Some networks are needed for areas within a single office, while others are vast or even span the globe. Network management has grown as a career that requires specialized training, and comes with management of important responsibilities, thus creating future opportunities for employment. The resulting expected increase in opportunities should be a determining and persuasive factor for graduates to consider going into network management. Computer networking is a discipline of engineering that involves communication between various computer devices and systems. In computer networking, protocols, routers, routing, and networking across the public internet have specifications that are defined in RFC documents. Computer networking can be seen as a sub-category of computer science, telecommunications, IT and/or computer engineering. Computer networks also depend largely upon the practical and theoretical applications of these engineering and scientific disciplines. In the vastly technological environment of today, most organisations have some kind of network that is used every day. It is essential that the day-to-day operations in such a company or organisation are carried out on a network that runs smoothly. Most companies employ a network administrator or manager to oversee this very important aspect of the company’s business. This is a significant position, as it comes with great responsibilities because an organisation will experience significant operational losses if problems arise within its network. Computer networking also involves the setting up of any set of computers or computer devices and enabling them to exchange information and data. Some examples of computer networks include: Local area networks (LANs) that are made up of small networks which are constrained to a relatively small geographic area. Wide area networks (WANs) which are usually bigger than local area networks, and cover a large geographic area. Wireless LANs and WANs (WLAN WWAN). These represent the wireless equivalent of the Local Area Network and Wide Area Networks Networks involve interconnection to allow communication with a variety of different kinds of media, including twisted-pair copper wire cable, coaxial cable, optical fiber, and various wireless technologies. The devices can be separated by a few meters (e.g. via Bluetooth) or nearly unlimited distances (e.g. via the interconnections of the Internet. (http://en.wikipedia.org/wiki/Computer_networking) TASK 1 TCP connection congestion control Every application, whether it is a small or large application, should perform adaptive congestion control because applications that perform congestion control use a network more efficiently and are generally of better performance. Congestion control algorithms prevent the network from entering Congestive Collapse. Congestive Collapse is a situation where, although the network links are being heavily utilized, very little useful work is being done. The network will soon begin to require applications to perform congestion control, and those applications which do not perform congestion control will be harshly penalized by the network, probably in the form of preferentially dropping their packets during times of congestion (http://www.psc.edu/networking/projects/tcpfriendly/) Principles of Congestion Control Informally, congestion entails that too many sources are sending too much data, and sending them too fast for the network to handle. TCP Congestion Control is not the same as flow control, as there are several differences between TCP Congestion Control and flow control. Other principles of congestion control include Global versus point-2-point, and orthogonal issues. Congestion manifests itself by causing loss of packets (buffer overflow at routers), and long delays (queuing in router buffers). Also, during congestion, there is no explicit feedback from network routers, and there is congestion inferred from end-system observed loss. In network-assisted congestion control, routers provide feedback to end systems, and the explicit rate sender sends at –Choke Packet. Below are some other characteristics and principles of congestion control: When CongWin is below Threshold, sender in slow-start phase, window grows exponentially. When CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold. When timeout occurs, Threshold set to CongWin/2 and CongWin is set to 1 MSS. Avoidance of Congestion It is necessary for the TCP sender to use congestion avoidance and slow start algorithms in controlling the amount of outstanding data that is injected into a network. In order to implement these algorithms, two variables are added to the TCP per-connection state. The congestion window (cwnd) is a sender-side limit on the amount of data the sender can transmit into the network before receiving an acknowledgment (ACK), while the receivers advertised window (rwnd) is a receiver-side limit on the amount of outstanding data. The minimum of cwnd and rwnd governs data transmission. (Stevens, W. and Allman, M. 1998) TCP Flow Control In TCP flow control, the receiving side of the TCP connection possesses a receive buffer, and a speed-matching service which matches the send rate to the receiving application’s drain rate. During flow control, Rcvr advertises any spare room by including value of RcvWindow in segments, and the sender limits unACKed data to RcvWindow. TCP flow control also ensures that there is no overflow of the receive buffer. Round-trip Time Estimation and Timeout TCP Round Trip Time and Timeout are usually longer than RTT, but RTT varies, and has a slow reaction to segment loss. SampleRTT is measured time from segment transmission until ACK receipt, ignore retransmissions, and will vary, want estimated RTT â€Å"smoother† Round-trip time samples arrive with new ACKs. The RTT sample is computed as the difference between the current time and a time echo field in the ACK packet. When the first sample is taken, its value is used as the initial value for srtt. Half the first sample is used as the initial value for rttvar. (Round-Trip Time Estimation and RTO Timeout Selection) There are often problems due to timeouts, including the restriction of the sender that is compelled to wait until a timeout, and is able to do nothing during this period. Also, the first segment in the sliding window is often not acked, and retransmission becomes necessary, waiting again one RTT before the segment flow continues. It should be noted that on receiving the later segments, the receiver sends back ACKs. Estimated RTT EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT DevRTT DevRTT = (1 0.25) * DevRTT + | SampleRTT – EstimatedRTT Timeout interval TimeoutInterval = EstimatedRTT + 4 * DevRTT The integrated services (IntServ) and DiffServ (Differentiated Services) architecture are two architectures that have been proposed for the provision of and guaranteeing of quality of service (QoS) over the internet. Whereas the Intserv framework is developed within the IETF to provide individualized QoS guarantees to individual application sessions, Diffserv is geared towards enabling the handling of different classes of traffic in various ways on the internet. These two architectures represent the IETF’s current standards for provision of QoS guarantees, although neither Intserv nor Diffserv have taken off or found widespread acceptance on the web. (a) Integrated Service Architecture In computer networking, the integrated services (IntServ) architecture is an architecture that specifies the elements for the guaranteeing of quality of service (QoS) on the network. For instance, IntServ can be used to allow sound and video to be sent over a network to the receiver without getting interrupted. IntServ specifies a fine-grained Quality of service system, in contrast to DiffServs coarse-grained system of control. In the IntServ architecture, the idea is that each router inside a system implements IntServ, and applications which require various types of guarantees have to make individual reservations. Flow Specs are used to describe the purpose of the reservation, and the underlying mechanism that signals it across the network is called RSVP. TSPECs include token bucket algorithm parameters. The idea is that there is a token bucket which slowly fills up with tokens, arriving at a constant rate. Every packet which is sent requires a token, and if there are no tokens, then it cannot be sent. Thus, the rate at which tokens arrive dictates the average rate of traffic flow, while the depth of the bucket dictates how large the traffic is allowed to be. TSPECs typically just specify the token rate and the bucket depth. For example, a video with a refresh rate of 75 frames per second, with each frame taking 10 packets, might specify a token rate of 750Hz, and a bucket depth of only 10. The bucket depth would be sufficient to accommodate the burst associated with sending an entire frame all at once. On the other hand, a conversation would need a lower token rate, but a much higher bucket depth. This is because there are often pauses in conversations, so they can make do with fewer tokens by not sending the gaps between words and sentences. However, this means the bucket depth needs to be increased to compensate for the traffic being larger. (http://en.wikipedia.org/wiki/Integrated_services) (b) Differentiated Service Architecture The RFC 2475 (An Architecture for Differentiated Services) was published In 1998, by the IETF. Presently, DiffServ has widely replaced other Layer 3 Quality of Service mechanisms (such as IntServ), as the basic protocol that routers use to provide different service levels. DiffServ (Differentiated Services) architecture is a computer networking architecture which specifies a scalable, less complex, coarse-grained mechanism for the classification, management of network traffic and for provision of QoS (Quality of Service) guarantees on modern IP networks. For instance, DiffServ can be used for providing low-latency, guaranteed service (GS) to video, voice or other critical network traffic, while ensuring simple best-effort traffic guarantees to non-critical network services like file transfers and web traffic. Most of the proposed Quality of Service mechanisms which allowed these services to co-exist were complicated and did not adequately meet the demands Internet users because modern data networks carry various kinds of services like streaming music, video, voice, email and also web pages. It would probably be difficult to implement Intserv in the core of the internet because most of the communication between computers connected to the Internet is based on a client/server structural design. This Client/server describes a structure involving the connection of one computer to another for the purpose of giving work instructions or asking it questions. In an arrangement like this, the particular computer that questions and gives out instructions is the client, while the computer that provides answers to the asked questions and responds to the work instructions is the server. The same terms are used to describe the software programs that facilitate the asking and answering. A client application, for instance, presents an on-screen interface for the user to work with at the client computer; the server application welcomes the client and knows how to respond correctly to the clients commands. Any file server or PC can be adapted for use as an Internet server, however a dedicated computer should be chosen. Anyone with a computer and modem can join this network by using a standard phone. Dedicating the server that is, using a computer as a server only helps avoid some security and basic problems that result from sharing the functions of the server. To gain access to the Internet you will require an engineer to install the broadband modem. Then you will be able to use the server to network the Internet on all machines on a network. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) TASK 5 Network security These days, computers are used for everything from shopping and communication to banking and investment. Intruders into a network system (or hackers) do not care about the privacy or identity of network users. Their aim is to gain control of computers on the network so that they can use these systems to launch attacks on other computer systems. Therefore people who use the network for these purposes must be protected from unknown strangers who try to read their sensitive documents, or use their computer to attack other systems, and send forged email, or access their personal information (such as their bank or other financial statements) Security Clauses The International Organisation for Standardizations (ISOs) 17799: 2005 Standard is a code of practice for information security management which provides a broad, non-technical framework for establishing efficient IT controls. The ISO 17799 Standard consists of 11 clauses that are divided into one or more security categories for a total of 39 security categories The security clauses of the ISO standard 17799:2005- code of practice for Information Security Management include: The security Policy clause Organizing Information Security Asset Management. Human Resources Security. Physical and Environmental Security. Communications and Operations. Access Control. Information Systems Acquisition, Development, and Maintenance. Information Security Incident Management. Business Continuity Management. Compliance. (http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209) Here is a brief description of the more recent version of these security clauses: Security Policy: Security policies are the foundation of the security framework and provide direction and information on the companys security posture. This clause states that support for information security should be done in accordance with the companys security policy. Organizing Information Security: This clause addresses the establishment and organizational structure of the security program, including the appropriate management framework for security policy, how information assets should be secured from third parties, and how information security is maintained when processing is outsourced. Asset Management: This clause describes best practices for classifying and protecting assets, including data, software, hardware, and utilities. The clause also provides information on how to classify data, how data should be handled, and how to protect data assets adequately. Human Resources Security: This clause describes best practices for personnel management, including hiring practices, termination procedures, employee training on security controls, dissemination of security policies, and use of incident response procedures. Physical and Environmental Security: As the name implies, this clause addresses the different physical and environmental aspects of security, including best practices organizations can use to mitigate service interruptions, prevent unauthorized physical access, or minimize theft of corporate resources. Communications and Operations: This clause discusses the requirements pertaining to the management and operation of systems and electronic information. Examples of controls to audit in this area include system planning, network management, and e-mail and e-commerce security. Access Control: This security clause describes how access to corporate assets should be managed, including access to digital and nondigital information, as well as network resources. Information Systems Acquisitions, Development, and Maintenance: This section discusses the development of IT systems, including applications created by third-parties, and how security should be incorporated during the development phase. Information Security Incident Management: This clause identifies best practices for communicating information security issues and weaknesses, such as reporting and escalation procedures. Once established, auditors can review existing controls to determine if the company has adequate procedures in place to handle security incidents. Business Continuity Management: The 10th security clause provides information on disaster recovery and business continuity planning. Actions auditors should review include how plans are developed, maintained, tested, and validated, and whether or not the plans address critical business operation components. Compliance: The final clause provides valuable information auditors can use when identifying the compliance level of systems and controls with internal security policies, industry-specific regulations, and government legislation. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) The standard, which was updated in June 2005 to reflect changes in the field of information security, provides a high-level view of information security from different angles and a comprehensive set of information security best practices. More specifically, ISO 17799 is designed for companies that wish to develop effective information security management practices and enhance their IT security efforts. Control Objectives The ISO 17799 Standard contains 11 clauses which are split into security categories, with each category having a clear control objective. There are a total of 39 security categories in the standard. The control objectives in the clauses are designed to meet the risk assessment requirements and they can serve as a practical guideline or common basis for development of effective security management practices and organisational security standards. Therefore, if a company is compliant with the ISO/IEC 17799 Standard, it will most likely meet IT management requirements found in other laws and regulations. However, because different standards strive for different overall objectives, auditors should point out that compliance with 17799 alone will not meet all of the requirements needed for compliance with other laws and regulations. Establishing an ISO/IEC 17799 compliance program could enhance a companys information security controls and IT environment greatly. Conducting an audit evaluation of the standard provides organizations with a quick snapshot of the security infrastructure. Based on this snapshot, senior managers can obtain a high-level view of how well information security is being implemented across the IT environment. In fact, the evaluation can highlight gaps present in security controls and identify areas for improvement. In addition, organizations looking to enhance their IT and security controls could keep in mind other ISO standards, especially current and future standards from the 27000 series, which the ISO has set aside for guidance on security best practices. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) Tree Topology Tree topologies bind multiple star topologies together onto a bus. In its most simple form, only hub devices are directly connected to the tree bus and the hubs function as the root of the device tree. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub ports) alone. Topologies remain an important part of network design theory. It is very simple to build a home or small business network without understanding the difference between a bus design and a star design, but understanding the concepts behind these gives you a deeper understanding of important elements like hubs, broadcasts, ports, and routes. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Use of the ring topology should be considered for use in medium sized companies, and the ring topology would also be the best topology for small companies because it is ensures ease of data transfer. Ring Topology In a ring network, there are two neighbors for each device, so as to enable communication. Messages are passed in the same direction, through a ring which is effectively either counterclockwise or clockwise. If any cable or device fails, this will break the loop and could disable the entire network. Bus Topology Bus networks utilize a common backbone to connect various devices. This backbone, which is a single cable, functions as a shared medium of communication which the devices tap into or attach to, with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Star Topology The star topology is used in a lot of home networks. A star network consists of a central connection point or hub that can be in the form of an actual hub, or a switch. Usually, devices will connect to the switch or hub by an Unshielded Twisted Pair (UTP) Ethernet. Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computers network access and not the entire LAN. If the hub fails, however, the entire network also fails. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Relating the security clauses and control objectives to an organisation In an organisation like the Nurht’s Institute of Information Technology (NIIT), the above mentioned security clauses and control objectives provide a high-level view of information security from different angles and a comprehensive set of information best security practices. Also, the ISO 17799 is designed for companies like NIIT, which aim to enhance their IT security, and to develop effective information security management practices. At NIIT, the local network relies to a considerable degree, on the correct implementation of these security practices and other algorithms so as to avoid congestion collapse, and preserve network stability. An attacker or hacker on the network can cause TCP endpoints to react in a more aggressive way in the face of congestion, by the forging of excessive data acknowledgments, or excess duplicate acknowledgments. Such an attack could possibly cause a portion of the network to go into congestion collapse. The Security Policy clause states that â€Å"support for information security should be done in accordance with the companys security policy.† (Edmead, M. T. 2006). This provides a foundation of the security framework at NIIT, and also provides information and direction on the organisation’s security posture. For instance, this clause helps the company auditors to determine whether the security policy of the company is properly maintained, and also if indeed it is to be disseminated to every employee. The Organizing Information Security clause stipulates that there should be appropriate management framework for the organisation’s security policy. This takes care of the organizational structure of NIIT’s security program, including the right security policy management framework, the securing of information assets from third parties, and the maintenance of information security during outsourced processing. At NIIT, the Security clauses and control objectives define the company’s stand on security and also help to identify the vital areas considered when implementing IT controls. The ISO/IEC 17799s 11 security clauses enable NIIT to accomplish its security objectives by providing a comprehensive set of information security best practices for the company to utilize for enhancement of its IT infrastructure. Conclusion Different businesses require different computer networks, because the type of network utilized in an organisation must be suitable for the organisation. It is advisable for smaller businesses to use the LAN type of network because it is more reliable. The WAN and MAN would be ideal for larger companies, but if an organisation decides to expand, they can then change the type of network they have in use. If an organisation decides to go international, then a Wireless Area Network can be very useful Also, small companies should endeavor to set up their network by using a client/server approach. This would help the company to be more secure and enable them to keep in touch with the activities of others are doing. The client/server would be much better than a peer-to-peer network, it would be more cost-effective. On the average, most organisations have to spend a good amount of money and resources to procure and maintain a reliable and successful network that will be and easy to maintain in the long run. For TCP Congestion Control, when CongWin is below Threshold, sender in slow-start phase, window grows exponentially. If CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold, and threshold set to CongWin/2 and CongWin is set to 1 MSS when a timeout occurs. For a Small Office/Home Office (SOHO), networks such as wireless networks are very suitable. In such a network, there won’t be any need to run wires through walls and under carpets for connectivity. The SOHO user need not worry about plugging their laptop into docking stations every time they come into the office or fumble for clumsy and unattractive network cabling. Wireless networking provides connectivity without the hassle and cost of wiring and expensive docking stations. Also, as the business or home office grows or shrinks, the need for wiring new computers to the network is nonexistent. If the business moves, the network is ready for use as soon as the computers are moved. For the wired impossible networks such as those that might be found in warehouses, wireless will always be the only attractive alternative. As wireless speeds increase, these users have only brighter days in their future. (http://www.nextstep.ir/network.shtml) It is essential to note that the computer network installed in an organisation represents more than just a simple change in the method by which employees communicate. The impact of a particular computer network may dramatically affect the way employees in an organisation work and also affect the way they think. Bibliography Business Editors High-Tech Writers. (2003, July 22). International VoIP Council Launches Fax-Over-IP Working Group. Business Wire. Retrieved July 28, 2003 from ProQuest database. Career Directions (2001 October). Tech Directions, 61(3), 28 Retrieved July 21, 2003 from EBSCOhost database Edmead, M. T. (2006) Are You Familiar with the Most Recent ISO/IEC 17799 Changes? (Retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) FitzGerald, J. (1999), Business Data Communications And Networking Pub: John Wiley Sons Forouzan, B. (1998), Introduction To Data Communications And Networking Pub: Mc- Graw Hill http://www.theiia.org/itaudit http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209 http://www.psc.edu/networking/projects/tcpfriendly/ ISO/IEC 17799:2000 – Code of practice for information security management Published by ISO and the British Standards Institute [http://www.iso.org/] ISO/IEC 17799:2005, Information technology – Security techniques – Code of practice for information security management. Published by ISO [http://www.iso.org/iso/en/prods-services/popstds/informationsecurity.html] Kurose, J. F. Ross, K. W. 2002. Computer Networking A Top-Down Approach Featuring the Internet, 2nd Edition, ISBN: 0-321-17644-8 (the international edition), ISBN: 0-201-97699-4, published by Addison-Wesley, 2002 www.awl.com/cs Ming, D. R. Sudama (1992) NETWORK MONITORING EXPLAINED: DESIGN AND APPLICATION Pub: Ellis Horwood Rigney, S. (1995) NETWORK PLANNING AND MANAGMENT YOUR PERSONAL CONSALTANT Round-Trip Time Estimation and RTO Timeout Selection (retrieved from http://netlab.cse.yzu.edu.tw/ns2/html/doc/node368.html) Shafer, M. (2001, June 11). Careers not so secure? Network Computing, 12(12), 130- Retrieved July 22, 2003 from EBSCOhost database Stevens, W. and Allman, M. (1998) TCP Implementation Working Group (retrieved from http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-tcpimpl-cong-control-00.txt) Watson, S (2002). The Network Troubleshooters. Computerworld 36(38), 54. (Retrieved July 21, 2003 from EBSCOhost database) Wesley, A. (2000), Internet Users Guide to Network Resource Tools 1st Ed, Pub: Netskils www.microsoft.co.uk www.apple.com www.apple.co.uk www.bized.com http://www.nextstep.ir/network.shtml www.novell.com www.apple.com/business www.microsoft.com/networking/e-mails www.engin.umich.edu www.microsoft.com

Rules and Exceptions Essay -- Philosophy Philosophical Papers

Rules and Exceptions One of the factors which have led many philosophers to adopt a more or less sceptical attitude in moral philosophy has been the recognition that most rules have exceptions. This has commonly been regarded as a threat to the entire moral enterprise. How can a philosopher even attempt to find an account of the moral relations that obtain among things which will weave them into the unity of a stable system if every principle, every rule, every judgment has to be qualified by who knows how many exceptions? Plato was acutely aware of how devastating the admission of an exception might be. In the Republic Socrates completely invalidates Cephalus' thesis that justice is simply a matter of returning to others what is due to them by pointing out that if a friend deposited a weapon with us for safekeeping and then asked for it when he was not in his right mind, there would be justice in not returning it to him. Ordinarily we should return what does not belong to us, but this case would seem to be a legitimate exception. Socrates mentions another. It would be right in such circumstances he says to lie to a person who was out of his mind. On the other hand Plato also realised that by no means all alleged exceptions are justified. In the Euthyphro Socrates upon being informed that Euthyphro intends to prosecute his own father for murder suggests that perhaps it would be right to prosecute his father if he killed a relative but not if he murdered a stranger. Euthyphro rebukes Socrates for sugges ting such an exception. Socrates offers no defence except to express amazement at the certainty with which Euthyphro claims to know what is right. There are several ways to resolve the problem of uncertainty which the ex... ...speak both universally and correctly. That is to say rules inevitably fail to take account of all the relevant peculiarities of some cases and situations but in saying that rules are deficient by virtue of their universality. On the contrary many are perfectly good rules. It's just that rules are rules. Aristotle does not mean to suggest that all rules are bad or useless. Therefore unless we are to become rule worshippers and so fail to do the right thing in individual cases just to preserve the integrity and universal application of rules we must appeal in certain cases to another method in order to decide those cases. Fortunately there is such a method: the appeal to intuition. References Immanuel Kant Fundamental Principles and The Metaphysical Principles Of Virtue Kurt Baier Ethics and Society (1966) Kurt Baier The Moral Point Of View (1965)

Mandala: United States and Bright Colors Essay

My name is Meleea Giordano – Briggs. Athletic, friendly , and loving are the best three words that describe me. These three words that describe me in my own way and characteristics that make me the way I am now. The first symbol that represents me is colors. I love the bright colors in my room and wearing bright colors. Bright colors just make my day full of joy ! Me wearing bright colors represents myself as being kind. When I see bright colors , I think of Fall , Summer and Spring. Just seeing these bright pretty colors on the tree’s when the tree’s are turning colors because of fall and seeing the different color flowers blooming in the spring time and seeing the rainbow’s and flowers in the summer time make me happy. The second symbol represents , Live , Laugh and Love. I describe live as living your day to fullest and making anything you want come true. Laugh represents having a good time in life , school , family and friends. Last is love , love is the most important. You have to love yourself before you can love anyone else back. You should always love your family before anything or anyone else , because family helps and supports you anything you want or want to accomplish in life. Even though your friends will be there too support you , your family will always be there for you no matter what. My last symbol represents sports. This is volleyball and track. All my life I have been doing sports. Sports are my life , I never take a break from doing sports and couldn’t live a day without doing sports. Sports set a goal for me , it sets I can get a scholarship to any college or university in the United Sates , also sets you to maintain a good grade point average and to get all A’s and B’s. When I play sports I make sure my grades are excellent because if there not , I will not be able to do sports, and it doesn’t matter if you are the best athlete on the team they are not going to let you play because of grades, because school comes first! These are the symbols the most represents me and represents me and what I do in my daily life. Without these symbols I would be nothing , because these symbols put me together .

Chaac, the Ancient Mayan God of Rain

Chaac, the Ancient Mayan God of Rain Chaac (spelled variously Chac, Chaak, or Chaakh; and referred to in scholarly texts as God B) is the name of the rain god in the Maya religion. As with many Mesoamerican cultures that based their living on rain-dependent agriculture, the ancient Maya felt a particular devotion for the deities controlling rain. Rain gods or rain-related deities were worshiped beginning in very ancient times  and were known under many names among different Mesoamerican people. Identifying Chaac For example, the Mesoamerican rain god was known as Cocijo by the Late Formative period Zapotec of the Oaxaca Valley, as Tlaloc by the Late Postclassic Aztec people in Central Mexico; and of course as Chaac among the ancient Maya. Chaac was the Maya god of rain, lightning, and storms. He is often represented holding jade axes and snakes that he uses to throw at the clouds to produce rain. His actions assured the growth of maize and other crops in general as well as maintaining the natural cycles of life. Natural events of different intensities from the vivifying rain and wet season storms, to the more dangerous and destructive hailstorms and hurricanes, were considered manifestations of the god. Characteristics of the Mayan Rain God For the ancient Maya, the rain god had a particularly strong relationship with rulers, because- at least for the earlier periods of Maya history- rulers were considered rainmakers, and in later periods, were thought able to communicate and intercede with the gods. The alter-egos of Maya shamans and rulers roles often overlapped, especially in the Preclassic period. The pre-classic shaman-rulers were said to be able to reach the inaccessible places where the rain gods dwelled, and intercede with them for the people. These deities were believed to live on the tops of mountains and in high forests which were often hidden by clouds. These were the places where, in the rainy seasons, the clouds were hit by Chaac and his helpers and the rains were announced by thunder and lightning. Four Directions of the World According to Maya cosmology, Chaac was also linked to the four cardinal directions. Each world direction was connected with one aspect of Chaac and a specific color: Chaak Xib Chaac, was the Red Chaac of the EastSak Xib Chaac, the White Chaac of the NorthEx Xib Chaac, the Black Chaac of the West, andKan Xib Chaac, the Yellow Chaac of the South Collectively, these were called the Chaacs or Chaacob or Chaacs (plural for Chaac) and they were worshiped as deities themselves in many parts of the Maya area, especially in Yucatn. In a burner ritual reported in the Dresden and Madrid codexes and said to be conducted to ensure copious rains, the four Chaacs had different roles: one takes the fire, one begins the fire, one gives scope to the fire, and one puts out the fire. When the fire was lit, hearts of sacrificial animals were cast into it and the four Chaac priests poured jugs of water to put out the flames. This Chaac ritual was performed twice each year, once in the dry season, once in the wet. Chaac Iconography Even though Chaac is one of the most ancient of Maya deities, almost all of the known representations of the god are from the Classic and Postclassic periods (AD 200-1521). Most of the surviving images depicting the rain god are on Classic period painted vessels and Postclassic codexes. As with many Maya gods, Chaac is portrayed as a blend of human and animal characteristics. He has reptilian attributes and fish scales, a long curly nose, and a protruding lower lip. He holds the stone ax used to produce lightning and wears an elaborate headdress. Chaac masks are found protruding from Maya architecture at many Terminal Classic period Maya sites such as Mayapn and Chichen Itza. Mayapns ruins include the Hall of Chaac Masks (Building Q151), thought to have been commissioned by Chaac priests around AD 1300/1350. The earliest possible representation of a pre-classic Maya rain god Chaac recognized to date is carved into the face of Stela 1 at Izapa, and dated to the Terminal Preclassic Period about AD 200. Chaac Ceremonies Ceremonies in honor of the rain god were held in each Maya city and at different levels of society. Rituals to propitiate rain took place in the agricultural fields, as well as in more public settings such as plazas. Sacrifices of young boys and girls were carried out in especially dramatic periods, such as after a prolonged period of drought. In Yucatan, rituals asking for rains are documented for the Late Postclassic and Colonial periods. In the sacred cenote of Chichà ©n Itz, for example, people were thrown and left to drown there, accompanied by precious offerings of gold and jade. Evidence of other, less lavish ceremonies have also been documented by archaeologists in caves and karstic wells all over the Maya area. As part of the care of a cornfield, members of historic period Maya communities in the Yucatan peninsula today held rain ceremonies, in which all the local farmers participated. These ceremonies reference the chaacob, and the offerings included balche, or corn beer. Updated by K. Kris Hirst Sources Aveni AF. 2011. Maya Numerology. Cambridge Archaeological Journal 21(02):187-216.de Orellana M, Suderman M, Maldonado Mà ©ndez Ó, Galavitz R, Gonzlez Aktories S, Camacho Dà ­az G, Alegre Gonzlez L, Hadatty Mora Y, Maldonado Nà ºÃƒ ±ez P, Castelli C et al. 2006. Rituals of Corn. Artes de Mà ©xico(78):65-80.Estrada-Belli F. 2006. Lightning Sky, Rain, and the Maize God: The Ideology of Preclassic Maya Rulers at Ancient Mesoamerica 17:57-78.Cival, Peten, Guatemala.Milbrath S, and Lope CP. 2009. Survival and revival of Terminal Classic traditions at Postclassic Mayapn. Latin American Antiquity 20(4):581-606.Miller M and Taube KA. 1993. The Gods and Symbols of Ancient Mexico and the Maya: An Illustrated Dictionary of Mesoamerican Religion. Thames and Hudson: London.Pà ©rez de Heredia Puente EJ. 2008. Chen K’u: The Ceramic of the Sacred Cenote at Chichà ©n Itz. Foundation for the Advancement of Mesoamerican Studies, Inc. (FAMSI): Tulane, Louisiana.Sharer RJ and Traxler, LP . 2006. The Ancient Maya. Sixth Edition. Stanford University Press: Stanford, California.

Biography of Alice Paul, Womens Suffrage Activist

Biography of Alice Paul, Women's Suffrage Activist Alice Paul (January 11, 1885–July 9, 1977) was a leading figure responsible for the final push and success in winning passage of the 19th Amendment (womens suffrage) to the U.S. Constitution. She is identified with the more radical wing of the womens suffrage movement that later developed. Fast Facts: Alice Paul Known For: Alice Paul was one of the leaders of the womens suffrage movement and continued to work for womens rights throughout the first half of the 20th centuryBorn: January 11, 1885 in Mount Laurel, New JerseyParents: Tacie Parry and William PaulDied: July 9, 1977 in Moorestown, New JerseyEducation: Bachelors Degree from Swarthmore University; Masters Degree from Columbia University; Ph.D.  from the University of Pennsylvania; Law Degree from American UniversityPublished Works: Equal Rights AmendmentAwards and Honors:  Posthumously inducted into the National Womens Hall of Fame in and the New Jersey Hall of Fame; had stamps and coins created in her imageNotable Quote: There will never be a new world order until women are a part of it. Early Life Alice Paul was born in Moorestown, New Jersey, in 1885. Her parents raised her and her three younger siblings as Quakers. Her father, William M. Paul, was a successful businessman, and her mother, Tacie Parry Paul, was active in the Quaker (Society of Friends) movement.  Tacie Paul was a descendant of William Penn and William Paul was a descendant of the Winthrop family, both early leaders in Massachusetts.  William Paul died when Alice was 16 years old, and a more conservative male relative, asserting leadership in the family, caused some tensions with the familys more liberal and tolerant ideas. Alice Paul  attended Swarthmore College, the same institution her mother had attended as one of the first women educated there.  She majored in biology at first but developed an interest in social sciences.  Paul then went to work at the New York College Settlement, while attending the New York School of Social Work for a year after graduating from Swarthmore in 1905.   Alice Paul left for England in 1906 to work in the settlement house movement for three years. She studied first at a Quaker school and then at the University of Birmingham. While in England, Paul was exposed to the suffragist movement in progress, which had a profound impact on her direction in life. She  returned to America to get her Ph.D. from the University of Pennsylvania (1912).  Her dissertation was on womens legal status. Alice Paul and the National Womans Party In England, Alice Paul had taken part in more radical protests for womens suffrage, including participating in the hunger strikes. She worked with the Womens Social and Political Union. She brought back this sense of militancy, and back in the U.S. she organized protests and rallies and was imprisoned three times. Alice Paul joined and became chair of a major committee (congressional) of the National American Woman Suffrage Association (NAWSA) within a year, in her mid-20s. A year later in 1913, however, Alice Paul and others withdrew from the NAWSA to form the Congressional Union for Woman Suffrage. Paul and her supporters believed that the NAWSA was too conservative and that a more radical approach was needed to push forward the agenda of womens suffrage. Pauls new organization evolved into the National Womans Party (NWP), and Alice Pauls leadership was key to this organizations founding and future. Alice Paul and the National Womans Party emphasized working for a federal constitutional amendment for suffrage. Their position was at odds with the position of the NAWSA, headed by Carrie Chapman Catt, which was to work state-by-state as well as at the federal level. Despite the often intense acrimony between the National Womans Party and the National American Woman Suffrage Association, the two groups tactics complemented each other.  NAWSAs taking more deliberate action to win suffrage in elections meant that more politicians at the federal level had a stake in keeping women voters happy. The NWPs militant stance kept the issue of womens suffrage at the forefront of the political world. Winning Womens Suffrage Alice Paul, as the leader of the NWP, took her cause to the streets. Following the same approach as her English compatriots, she put together pickets, parades, and marches, including a very large event in Washington, DC, on March 3, 1913. Eight thousand women marched down Pennsylvania Avenue with banners and floats, cheered and jeered by tens of thousands of onlookers. Just two weeks later, Pauls group met with newly-elected President Woodrow Wilson, who told them that their time had not yet come. In response, the group embarked on an 18-month period of picketing, lobbying, and demonstrations. More than 1,000 women stood at the gates of the White House each day, displaying signs as the silent sentinels. The result was that many of the picketers were arrested and jailed for months. Paul arranged a hunger strike, which led to intense publicity for her cause. In 1928, Woodrow Wilson succumbed and announced his support for womens votes. Two years later, womens suffrage was the law. Equal Rights Amendment (ERA) After the 1920 victory for the federal amendment, Paul became involved in the struggle to introduce and pass an Equal Rights Amendment (ERA). The Equal Rights Amendment was finally passed by Congress in 1970 and sent to the states to ratify. However, the number of states necessary never ratified  the ERA within the specified time limit, and the amendment failed. Paul continued her work into her later years, earning a law degree in 1922 at Washington College, and then going on to earn a Ph.D. in law at American University. Death Alice Paul died in 1977 in New Jersey, after the heated battle for the Equal Rights Amendment brought her once more to the forefront of the American political scene. Legacy Alice Paul was one of the primary forces behind the passage of the 19th Amendment, a major and lasting achievement. Her influence continues today through the Alice Paul Institute, which states on its website: The Alice Paul Institute educates the public about the life and work of Alice Stokes Paul (1885-1977), and offers heritage and girls’ leadership development programs at Paulsdale, her home and a National Historic Landmark. Alice Paul led the final fight to get women the vote and wrote the Equal Rights Amendment. We honor her legacy as a role model of leadership in the continuing quest for equality. Sources Alicepaul.org, Alice Paul Institute. Butler, Amy E. Two Paths to Equality: Alice Paul and Ethel M. Smith in the ERA Debate, 1921-1929. State University of New York Press, 2002. Lunardini, Christine A. From Equal Suffrage to Equal Rights: Alice Paul and the National Womans Party, 1910-1928. American Social Experience, iUniverse, April 1, 2000.

Business start up Application form assesments Essay

Business start up Application form assesments - Essay Example Business Idea and the USP The key idea is to look for gifted amateur and professional actors (however, the preference will be given to amateurs and beginners). In fact, the industry is full of one-role actors and actresses, who are engaged in TV shows, advertisements and photo sessions. Therefore, the USP is based on the fact, that actors and photo models have to communicate with the audience through acting, and the key requirement for cooperation will be the ability to establish a dialogue with the spectator, creating the atmosphere of the close communication. Market Research and Test Trading In accordance with the brief web research, most dramatic artists, cooperating with talent agencies, position themselves as the universal actors for the on camera and voice over works mainly (45% and 32% correspondingly). The rest 23% are divided among commercial prints (13%), live corporate performances, including low quality stand-ups (8%), and performance management for private events (2%). T herefore, the business interest towards high quality acting is declining, while the demand for the high quality dramatic events is constant (in accordance with the live surveys). ... These are in need of talented actors, models, dancers, and design experts. 2. Spectators. While the agency is not dealing with the spectators directly, this audience assesses the quality of the actors’ work. In the light of such a division, the demographic categorization of the audience is not crucial, since the commercial and photo products are created for diverse categories. Skills, Experience and Qualifications Talent agency business is communications. The list of qualities and skills needed for running this business is as follows: 1. Organizational skills (including leadership and management) 2. Communicative and persuasive skills: for communicating with the actors, and the category-one target customers 3. Perfect face, name, and phone number memory 4. Ability to stay aware of the latest business events 5. Professional intuition and artistic flair, needed for finding the right actors and models among the others. 3 Months Action Plan Month one: Rent and equip the office Emp loy office manager, and one deputy agent to train Start promo campaign Set up contacts with administrations of the art and drama faculties, administrations of the amateur and professional theaters, and other talent agencies if possible. These contacts will be required for finding the necessary characters and dramatic types (with further creation of the database) Signing contracts with at least five studios Month two: Continue filling in the database Establish contacts with producers and agencies Sign another 5+ contracts Month three: Employ two more deputies and delegate them the task to look for actors and models in amateur theaters and among students Extend the promo campaign for increasing the search and cooperation geography Sign 8+ contracts Benefits

Effective Management in Construction Industry Essay

Effective Management in Construction Industry - Essay Example These materials are useful even to construction managers with general knowledge on management. This essay is geared towards putting together the essential components as far as construction manager's roles are concerned in ensuring the timeliness of a specific project. It tries to emphasize the traditional yet crucial management functions such as planning, organizing, staffing, budgeting, and coordinating and its contribution to the completion of the project within deadlines set. This also provides inputs or synthesis of studies related to construction industry that is contributory to improving implementation efficiency and completed projects' quality. Let us consider a project and its management in the general context in order to understand the process. Project management in the universal context is defined by most literatures as a process by which an idea or project is created, processed, and accepted, and from which resources, whether materials, financial and manpower, are allocated, directed, and carefully coordinated to achieve the goals with the optimum quality, cost, and timeliness (Hendrickson 1998, Jones 2003, FTA 2006:1-9). Based on the definition of the Federal Transit Administration, a project is "made up of a group of interrelated work activities constrained by a specific scope, budget, and schedule to deliver capital assets needed to achieve the strategic goals of an Agency" (2006: 1-3) or a corporate organization for that matter. These aspects hold specifically true for construction projects, over-all goals of which revolve around the idea of delivering the project on time, with quality, and ensuring optimum benefits to the company and the owner. The interrelated tasks inherent in a project, in most cases, require specialized workers to handle and deal with. The efficiency of the management teams in handling the works within a project dictates the pace by which it is done and is among the most crucial in completing the project within the time frame. Besides, it is the management that closely deals with the owner, users or sponsor of a construction project and "it will be wise for any owner to have a clear understanding of the acquisition process in order to maintain firm control of the quality, timeliness and cost of the completed facility."(Hendrickson 1998) There are a lot of approaches to project management that a project manager can use depending on the type of work to be done. Individual projects may vary in their scope of work and life cycle. Recent innovative approaches to project management as far as construction industry is concerned are a subject of many researches and studies in the field. These studies and recommendations from researches can be applied in the actual management of the project. FTA (2006:1-9) states that the project management process begins with identification of the user requirement, project constraints, resource needs, and establishment of realistic objectives to meet the strategic goals. The common life cycle is presented in Figure 1. It usually starts with user demand and ends up to the structures intended usable life. Figure 1 The Project Life Cycle of a Constructed Facility (Hendrickson 1998) The primary concern of the construction manager is