C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY .docx
•Download as DOCX, PDF•
0 likes•5 views
This document discusses security issues and concerns regarding cloud computing. It outlines how cloud computing allows businesses to access applications and infrastructure over the internet as utility services. However, migrating systems to the cloud raises security risks around unauthorized access, data loss, and availability. The document recommends that businesses research cloud providers' security mechanisms like encryption, authentication, and virtualization to protect data before moving critical systems to the cloud. National Institute of Standards and Technology (NIST) guidelines also provide best practices for selecting cloud providers that can adequately address security risks.
Report
Share
Report
Share
Recommended
C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY .docx
C11-1
CASE STUDY 11
CLOUD COMPUTING (IN)SECURITY
Cloud computing is reshaping enterprise network architectures and
infrastructures. It refers to applications delivered as services over the
Internet as well as the hardware and systems software in data centers that
provide those services. The services themselves have long been referred to
as Software as a Service (SaaS) which had its roots in Software-Oriented
Architecture (SOA) concepts that began shaping enterprise network
roadmaps in the early 2000s. IaaS (Infrastructure as a Service) and PaaS
(Platform as a Service) are other types of cloud computing services that are
available to business customers.
Cloud computing fosters the notion of computing as a utility that can be
consumed by businesses on demand in a manner that is similar to other
services (e.g. electricity, municipal water) from traditional utilities. It has the
potential to reshape much of the IT industry by giving businesses the option
of running business software applications fully on-premises, fully in “the
cloud” or some combination of these two extremes. These are choices that
businesses have not had until recently and many companies are still coming
to grips with this new computing landscape.
Security is important to any computing infrastructure. Companies go to
great lengths to secure on-premises computing systems, so it is not
surprising that security looms as a major consideration when augmenting or
replacing on-premises systems with cloud services. Allaying security
C11-2
concerns is frequently a prerequisite for further discussions about migrating
part or all of an organization’s computing architecture to the cloud.
Availability is another major concern: “How will we operate if we can’t access
the Internet? What if our customers can’t access the cloud to place orders?”
are common questions [AMBR10].
Generally speaking, such questions only arise when businesses
contemplating moving core transaction processing, such as ERP systems,
and other mission critical applications to the cloud. Companies have
traditionally demonstrated less concern about migrating high maintenance
applications such as e-mail and payroll to cloud service providers even
though such applications hold sensitive information.
Security Issues and Concerns
Auditability is a concern for many organizations, especially those who must
comply with Sarbanes-Oxley and/or Health and Human Services Health
Insurance Portability and Accountability Act (HIPAA) regulations [IBM11].
The auditability of their data must be ensured whether it is stored on-
premises or moved to the cloud.
Before moving critical infrastructure to the cloud, businesses should do
diligence on security threats both from outside and inside the cloud
[BADG11]. Many of the security issues associated with protecting clouds
from outside threats are similar to those that have traditionally faced
...
Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud Computing has emerged as the premier infrastructure for creating affordable, scalable and reliable IT solutions for companies of all sizes. However, as with all new technologies, Cloud Computing poses many demanding security considerations, and each must be addressed to ensure the confidentiality, integrity, availability, authenticity, and privacy of a developer’s product.
J3602068071
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A Comparative Review on Data Security Challenges in Cloud Computing
https://www.irjet.net/archives/V3/i1/IRJET-V3I157.pdf
SECURITY ISSUES IN CLOUD COMPUTING
Cloud computing is architecture for providing
computing service via the internet on demand and pay per use
access to a pool of shared resources namely networks, storage,
servers, services and applications, without physically acquiring
them. So it saves managing cost and time for organizations. The
market size the cloud computing shared is still far behind the one
expected. From the consumers’ perspective, cloud computing
security concerns, especially data security and privacy protection
issues, remain the primary inhibitor for adoption of cloud
computing services. The security for Cloud Computing is
emerging area for study and this paper provide security topic in
terms of cloud computing based on analysis of Cloud Security
treats and Technical Components of Cloud Computing
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication Volume 5 written by Shah Sheikh - published in Q4 2013. Based on the Cloud Security Alliance Framework whitepaper titled "Does your Cloud have a Secure Lining?"
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
Recommended
C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY .docx
C11-1
CASE STUDY 11
CLOUD COMPUTING (IN)SECURITY
Cloud computing is reshaping enterprise network architectures and
infrastructures. It refers to applications delivered as services over the
Internet as well as the hardware and systems software in data centers that
provide those services. The services themselves have long been referred to
as Software as a Service (SaaS) which had its roots in Software-Oriented
Architecture (SOA) concepts that began shaping enterprise network
roadmaps in the early 2000s. IaaS (Infrastructure as a Service) and PaaS
(Platform as a Service) are other types of cloud computing services that are
available to business customers.
Cloud computing fosters the notion of computing as a utility that can be
consumed by businesses on demand in a manner that is similar to other
services (e.g. electricity, municipal water) from traditional utilities. It has the
potential to reshape much of the IT industry by giving businesses the option
of running business software applications fully on-premises, fully in “the
cloud” or some combination of these two extremes. These are choices that
businesses have not had until recently and many companies are still coming
to grips with this new computing landscape.
Security is important to any computing infrastructure. Companies go to
great lengths to secure on-premises computing systems, so it is not
surprising that security looms as a major consideration when augmenting or
replacing on-premises systems with cloud services. Allaying security
C11-2
concerns is frequently a prerequisite for further discussions about migrating
part or all of an organization’s computing architecture to the cloud.
Availability is another major concern: “How will we operate if we can’t access
the Internet? What if our customers can’t access the cloud to place orders?”
are common questions [AMBR10].
Generally speaking, such questions only arise when businesses
contemplating moving core transaction processing, such as ERP systems,
and other mission critical applications to the cloud. Companies have
traditionally demonstrated less concern about migrating high maintenance
applications such as e-mail and payroll to cloud service providers even
though such applications hold sensitive information.
Security Issues and Concerns
Auditability is a concern for many organizations, especially those who must
comply with Sarbanes-Oxley and/or Health and Human Services Health
Insurance Portability and Accountability Act (HIPAA) regulations [IBM11].
The auditability of their data must be ensured whether it is stored on-
premises or moved to the cloud.
Before moving critical infrastructure to the cloud, businesses should do
diligence on security threats both from outside and inside the cloud
[BADG11]. Many of the security issues associated with protecting clouds
from outside threats are similar to those that have traditionally faced
...
Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud Computing has emerged as the premier infrastructure for creating affordable, scalable and reliable IT solutions for companies of all sizes. However, as with all new technologies, Cloud Computing poses many demanding security considerations, and each must be addressed to ensure the confidentiality, integrity, availability, authenticity, and privacy of a developer’s product.
J3602068071
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A Comparative Review on Data Security Challenges in Cloud Computing
https://www.irjet.net/archives/V3/i1/IRJET-V3I157.pdf
SECURITY ISSUES IN CLOUD COMPUTING
Cloud computing is architecture for providing
computing service via the internet on demand and pay per use
access to a pool of shared resources namely networks, storage,
servers, services and applications, without physically acquiring
them. So it saves managing cost and time for organizations. The
market size the cloud computing shared is still far behind the one
expected. From the consumers’ perspective, cloud computing
security concerns, especially data security and privacy protection
issues, remain the primary inhibitor for adoption of cloud
computing services. The security for Cloud Computing is
emerging area for study and this paper provide security topic in
terms of cloud computing based on analysis of Cloud Security
treats and Technical Components of Cloud Computing
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication Volume 5 written by Shah Sheikh - published in Q4 2013. Based on the Cloud Security Alliance Framework whitepaper titled "Does your Cloud have a Secure Lining?"
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
SECURE CLOUD ARCHITECTURE
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Ad4502189193
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing
Ramgovind S, Eloff MM, Smith E
School of Computing, University of South Africa, Pretoria, South Africa
[email protected]; {eloff, smithe}@unisa.ac.za
Abstract—Cloud computing has elevated IT to newer limits
by offering the market environment data storage and capacity
with flexible scalable computing processing power to match
elastic demand and supply, whilst reducing capital expenditure.
However the opportunity cost of the successful implementation of
Cloud computing is to effectively manage the security in the
cloud applications. Security consciousness and concerns arise as
soon as one begins to run applications beyond the designated
firewall and move closer towards the public domain. The purpose
of the paper is to provide an overall security perspective of Cloud
computing with the aim to highlight the security concerns that
should be properly addressed and managed to realize the full
potential of Cloud computing. Gartner’s list on cloud security
issues, as well the findings from the International Data
Corporation enterprise panel survey based on cloud threats, will
be discussed in this paper.
Keywords- Cloud computing; Security; Public cloud, Private
cloud, Hybrid Cloud, policies, cloud transparency
I. INTRODUCTION
The success of modern day technologies highly depends on
its effectiveness of the world’s norms, its ease of use by end
users and most importantly its degree of information security
and control. Cloud computing is a new and emerging
information technology that changes the way IT architectural
solutions are put forward by means of moving towards the
theme of virtualisation: of data storage, of local networks
(infrastructure) as well as software [1-2].
In a survey undertaken by the International Data
Corporation (IDC) group between 2008 and 2009, the majority
of results point to employing Cloud computing as a low-cost
viable option to users [3]. The results also show that Cloud
computing is best suited for individuals who are seeking a
quick solution for startups, such as developers or research
projects and even e-commerce entrepreneurs. Using Cloud
computing can help in keeping one’s IT budget to a bare
minimum. It is also ideally suited for development and testing
scenarios. It is the easiest solution to test potential proof of
concepts without investing too much capital. Cloud computing
can deliver a vast array of IT capabilities in real time using
many different types of resources such as hardware, software,
virtual storage once logged onto a cloud. Cloud computing can
also be part of a broader business solution whereby prioritised
applications utilise Cloud computing functionality whilst other
critical applications maintain organisational resources as per
normal. This allows for cost saving whilst maintaining a secure
degree of control within an orgainsation.
Cloud computing can be seen as a service-oriented ...
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession: Annotated BibliographyAdemola Adeleke
Trends in IT 3University of Maryland University College
Trends in the IT Profession – an Annotated Bibliography
As IT professionals we must understand a range of technical and not-so-technical topics, and subjects and applications, both at the industry level but as well in a way that can be explained to clients and professionals in other fields who may or may not be familiar with the technical aspects of marrying business functions with technology. When at all possible a company should assign an IT professional to a business that the IT professional already understands. The speed of innovation, change, and improvement in technology makes this an on-going task. Depending on the business and its needs for technical systems and support, the IT professional’s expertise must include understanding of network infrastructures, in-depth knowledge of applications like database creation and maintenance, web security, and maintaining system integrity including backup and recovery processes. Because business has become so dependent on technology and IT professionals, many of these topics are covered in the mainstream press while others are know-well only by trained and experienced professionals – and all degrees in-between. Due to recent security breaches both at private and government levels, many more people now are familiar with Cloud Computing Services, security breaches, methods of backup and recovery, and legal liabilities and insurance. This research combines all three into a single study that will aid in understanding and explaining these trends to clients as well as other professionals and rather than ordered alphabetically, are organized in order to tell a story and more easily explain these trends.
Annotated Bibliography
Knorr, E., & Gruman, G. (Apr 7, 2008). What Cloud computing really means. In Info World on Infoworld.com. http://www.infoworld.com/d/Cloud-computing/what-Cloud-computing-really-means-031
While this article is somewhat dated, it gives a good overview and informs IT professionals as to the level of understanding clients might have. Knorr and Gruman explain how everyone has his or her own definition and understanding of “the Cloud.” Cloud computing is a value proposition to IT professionals because it is a needed tool for businesses that operate across a wide geography with employees that all need access to the same information and data. Cloud computing is the early stages could be explained to non-professionals by pointing-out how their emails are not really contained on their computer but instead are kept and stored on the email providers “Cloud-based” servers. This is known simply as “Web services in a Cloud” by a “managed service providers” (MSP). Infoworld talks to and keeps current with many vendors who provides services such as Saas, Utility computing, Platform as a service (PAS), Service commerce platforms, and Internet integration, to get various opini ...
INFORMATION SECURITY IN CLOUD COMPUTING
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
Cloud Computing Security Issues and Challenges
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Ijaprr vol1-1-1-5dr tejinder
Cloud Computing: Unexampled firmness of purpose
of Java Technologies as for Security vulnerabilities
and Cloud user’s Interaction on the Web.
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...United International Journal for Research & Technology
Guddu Kumar. “A Review on Data Protection of Cloud Computing Security, Benefits, Risks and Suggestions” United International Journal for Research & Technology (UIJRT) 1.2 (2019): 26-34.Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with
almost no investment in new framework, training new staff, or authorizing new software. Though today
everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business
on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security
assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come
along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on
different cloud service models and a survey of the different security challenges and issues while providing
services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS,
IaaS and PaaS) of cloud environment. This paper also explores the various security solutions currently being
applied to protect cloud from various kinds of intruders.
Cloud Computing: Business Trends and the Challenges
The purpose of this paper is to provide information
to businesses interested in cloud computing. First we define
cloud computing and discuss the different service and
deployment models from a business standpoint. Then we move
into business cases for the cloud and the strengths of each
service and deployment model. We follow this up with business
attributes that tend to drive a cloud adaption and the effects of
cloud on business IT. The last section reveals the challenges
of cloud computing ranging from security concerns and legal
issues, to negotiation of an adequate service level agreement.
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
IOSR Journal of Computer Engineering (IOSRJCE)
Literature Review: Security on cloud computing
This is a literature survey about security issues and countermeasures on cloud computing. This paper discusses about an overview of cloud computing and security issues of cloud computing.
Security of Data in Cloud Environment Using DPaaS
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIJIR JOURNALS IJIRUSA
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.Calculus Quiz 2 (Derivatives)Covers Units 9-13. This is a 10 quest.docx
Calculus Quiz 2 (Derivatives)
Covers Units 9-13. This is a 10 question, 10 point quiz consisting of multiple choice and calculated numeric answers.
You should complete the homework over these units before beginning the quiz.
You should complete the by
Thursday, November 12.
YOU MAY ATTEMPT THE QUIZ up to 3 timesIF YOU WISH to improve your score.
.
Calculus IDirections (10 pts. each) Answer each of the followin.docx
Calculus I
Directions: (10 pts. each) Answer each of the following questions below. In order to receive ANY credit for a question, you must SHOW YOUR WORK using proper notation and clear and concise logic. You're graded on both the accuracy of your answers AND your explanations that sufficiently support your answers. Unless otherwise stated, you're to give the EXAXCT VALUES of answers instead of decimal approximations. In order to receive ANY credit for any applied/word problem (i.e. Problems #29 - ), you MUST declare a variable (unless the variable(s) have already been declared in the problem) and set up and solve an appropriate mathematical expression that can be used to answer the question. Proper units must also be included in answers to applied problems. NO CREDIT WILL BE GIVEN FOR EITHER GUESSING OR CHECKING POSSIBLE ANSWERS WITHOUT SOLVING THE PROBLEM. YOU CANNOT USE CALCULUS TO SOLVE THESE PROBLEMS.
Finally, write ONLY FINAL ANSWERS ON THESE PAGES; you must show your work both according to homework guidelines and on YOUR OWN PAPER.
SHORT ANSWER. Write the word or phrase that best completes each statement or answers the question.
Multiply or divide as indicated. Write your answer in factored form.
1) x22 - 9x + 14 · xx22 -- 1618x x ++ 4877 1)
2)
x
-
12
x
+
32
Simplify the complex rational expression.
4
x
2
-
4
x
-
32
-
1
x
-
8
2)
1 + 1 x + 4
Find the difference quotient for the function and simplify it.
3) g(x) = 6x2 + 14x - 1 3)
Find the domain and range of the function. Write your answers using interval notation.
4)
g(z)
=
16
-
z
2
4)
Find a formula for the function graphed.
5) 5)
Determine if the function is even, odd, or neither. You must use algebra to justify your answer; otherwise, no full credit will be given. NO CREDIT is given for an answer without a mathematical explanation.
6) f(x) = x -+7 9 6)
State the domain of the composition.
7)
(
g
H
h)(x) with g(x)
=
x
+
5
and h(x)
=
8
x
+
7
7)
Compute
f(x
+
h)
-
f(x)
h
(h
J
0) for the given function
.
8) f(x) = 4x - 8 8)
9)
f(x)
=
5
x
2
+
6
x
9)
10)
f(x)
=
1
9
x
10)
Solve the equation by multiplying both sides by the LCD.
11) 32x - x 3+ 1 = 1 11)
12)
Solve the equation.
x
+
6
+
2
-
x
=
4
12)
13)
(
4
x
-
2
)
/
3
2
+
6
=
15
13)
14)
3
x
+
4
=
x
-
1
14)
Find the real solutions of the equation by factoring.
15) x3 + 8x2 - x - 8 = 0 15)
Solve the equation by making an appropriate substitution.
16) (x2 - 2x)2 - 11(x2 - 2x) + 24 = 0 16)
Solve the logarithmic equation.
17) log2(x + 7) + log2(x - 7) = 2 17)
Solve the exponential equation. Express the solution set in terms of natural logarithms.
18) 4x + 4 = 52x + 5 18)
Solve the inequality and express the solution in interval notation.
19) 7Ax - 1A L 2 19)
Solve the inequality. Write your answer using interval notation.
20) x 18- 5 > x 15+ 1 20)
Write the equation as f(x) = a(x - h)2 + k. Identify the vertex, range, and axis of symmetry of the function.
21) f(x) = x2 + 5x + 2 21)
23) log
F.
More Related Content
Similar to C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY .docx
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
SECURE CLOUD ARCHITECTURE
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Ad4502189193
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing
Ramgovind S, Eloff MM, Smith E
School of Computing, University of South Africa, Pretoria, South Africa
[email protected]; {eloff, smithe}@unisa.ac.za
Abstract—Cloud computing has elevated IT to newer limits
by offering the market environment data storage and capacity
with flexible scalable computing processing power to match
elastic demand and supply, whilst reducing capital expenditure.
However the opportunity cost of the successful implementation of
Cloud computing is to effectively manage the security in the
cloud applications. Security consciousness and concerns arise as
soon as one begins to run applications beyond the designated
firewall and move closer towards the public domain. The purpose
of the paper is to provide an overall security perspective of Cloud
computing with the aim to highlight the security concerns that
should be properly addressed and managed to realize the full
potential of Cloud computing. Gartner’s list on cloud security
issues, as well the findings from the International Data
Corporation enterprise panel survey based on cloud threats, will
be discussed in this paper.
Keywords- Cloud computing; Security; Public cloud, Private
cloud, Hybrid Cloud, policies, cloud transparency
I. INTRODUCTION
The success of modern day technologies highly depends on
its effectiveness of the world’s norms, its ease of use by end
users and most importantly its degree of information security
and control. Cloud computing is a new and emerging
information technology that changes the way IT architectural
solutions are put forward by means of moving towards the
theme of virtualisation: of data storage, of local networks
(infrastructure) as well as software [1-2].
In a survey undertaken by the International Data
Corporation (IDC) group between 2008 and 2009, the majority
of results point to employing Cloud computing as a low-cost
viable option to users [3]. The results also show that Cloud
computing is best suited for individuals who are seeking a
quick solution for startups, such as developers or research
projects and even e-commerce entrepreneurs. Using Cloud
computing can help in keeping one’s IT budget to a bare
minimum. It is also ideally suited for development and testing
scenarios. It is the easiest solution to test potential proof of
concepts without investing too much capital. Cloud computing
can deliver a vast array of IT capabilities in real time using
many different types of resources such as hardware, software,
virtual storage once logged onto a cloud. Cloud computing can
also be part of a broader business solution whereby prioritised
applications utilise Cloud computing functionality whilst other
critical applications maintain organisational resources as per
normal. This allows for cost saving whilst maintaining a secure
degree of control within an orgainsation.
Cloud computing can be seen as a service-oriented ...
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession: Annotated BibliographyAdemola Adeleke
Trends in IT 3University of Maryland University College
Trends in the IT Profession – an Annotated Bibliography
As IT professionals we must understand a range of technical and not-so-technical topics, and subjects and applications, both at the industry level but as well in a way that can be explained to clients and professionals in other fields who may or may not be familiar with the technical aspects of marrying business functions with technology. When at all possible a company should assign an IT professional to a business that the IT professional already understands. The speed of innovation, change, and improvement in technology makes this an on-going task. Depending on the business and its needs for technical systems and support, the IT professional’s expertise must include understanding of network infrastructures, in-depth knowledge of applications like database creation and maintenance, web security, and maintaining system integrity including backup and recovery processes. Because business has become so dependent on technology and IT professionals, many of these topics are covered in the mainstream press while others are know-well only by trained and experienced professionals – and all degrees in-between. Due to recent security breaches both at private and government levels, many more people now are familiar with Cloud Computing Services, security breaches, methods of backup and recovery, and legal liabilities and insurance. This research combines all three into a single study that will aid in understanding and explaining these trends to clients as well as other professionals and rather than ordered alphabetically, are organized in order to tell a story and more easily explain these trends.
Annotated Bibliography
Knorr, E., & Gruman, G. (Apr 7, 2008). What Cloud computing really means. In Info World on Infoworld.com. http://www.infoworld.com/d/Cloud-computing/what-Cloud-computing-really-means-031
While this article is somewhat dated, it gives a good overview and informs IT professionals as to the level of understanding clients might have. Knorr and Gruman explain how everyone has his or her own definition and understanding of “the Cloud.” Cloud computing is a value proposition to IT professionals because it is a needed tool for businesses that operate across a wide geography with employees that all need access to the same information and data. Cloud computing is the early stages could be explained to non-professionals by pointing-out how their emails are not really contained on their computer but instead are kept and stored on the email providers “Cloud-based” servers. This is known simply as “Web services in a Cloud” by a “managed service providers” (MSP). Infoworld talks to and keeps current with many vendors who provides services such as Saas, Utility computing, Platform as a service (PAS), Service commerce platforms, and Internet integration, to get various opini ...
INFORMATION SECURITY IN CLOUD COMPUTING
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
Cloud Computing Security Issues and Challenges
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.
Ijaprr vol1-1-1-5dr tejinder
Cloud Computing: Unexampled firmness of purpose
of Java Technologies as for Security vulnerabilities
and Cloud user’s Interaction on the Web.
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...United International Journal for Research & Technology
Guddu Kumar. “A Review on Data Protection of Cloud Computing Security, Benefits, Risks and Suggestions” United International Journal for Research & Technology (UIJRT) 1.2 (2019): 26-34.Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with
almost no investment in new framework, training new staff, or authorizing new software. Though today
everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business
on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security
assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come
along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on
different cloud service models and a survey of the different security challenges and issues while providing
services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS,
IaaS and PaaS) of cloud environment. This paper also explores the various security solutions currently being
applied to protect cloud from various kinds of intruders.
Cloud Computing: Business Trends and the Challenges
The purpose of this paper is to provide information
to businesses interested in cloud computing. First we define
cloud computing and discuss the different service and
deployment models from a business standpoint. Then we move
into business cases for the cloud and the strengths of each
service and deployment model. We follow this up with business
attributes that tend to drive a cloud adaption and the effects of
cloud on business IT. The last section reveals the challenges
of cloud computing ranging from security concerns and legal
issues, to negotiation of an adequate service level agreement.
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
IOSR Journal of Computer Engineering (IOSRJCE)
Literature Review: Security on cloud computing
This is a literature survey about security issues and countermeasures on cloud computing. This paper discusses about an overview of cloud computing and security issues of cloud computing.
Security of Data in Cloud Environment Using DPaaS
The rapid development of cloud computing is giving way to more cloud services, due to
which security of services of cloud especially data confidentiality protection, becomes more critical.
Cloud computing is an emerging computing style which provides dynamic services, scalable and payper-use.
Although cloud computing provides numerous advantages, a key challenge is how to ensure
and build confidence that the cloud can handle user data securely. This paper highlights some major
security issues that exist in current cloud computing environments. The status of the development of
cloud computing security, the data privacy analysis, security audit, information check and another
challenges that the cloud computing security faces have been explored. The recent researches on data
protection regarding security and privacy issues in cloud computing have partially addressed some
issues. The best option is to build data-protection solutions at the platform layer. The growing appeal
of data protection as a service is that it enables to access just the resources you need at minimal
upfront expense while providing the benefits of enterprise-class data protection capabilities. The
paper proposes a solution to make existing developed applications for simple cloud Systems
compatible with DPaaS. The various security challenges have been highlighted and the various
necessary metrics required for designing DPaaS have been investigated.
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIJIR JOURNALS IJIRUSA
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.Similar to C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY .docx (20)
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docx
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Cloud Computing: Business Trends and the Challenges
Cloud Computing: Business Trends and the Challenges
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
Cloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” report
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
More from clairbycraft
Calculus Quiz 2 (Derivatives)Covers Units 9-13. This is a 10 quest.docx
Calculus Quiz 2 (Derivatives)
Covers Units 9-13. This is a 10 question, 10 point quiz consisting of multiple choice and calculated numeric answers.
You should complete the homework over these units before beginning the quiz.
You should complete the by
Thursday, November 12.
YOU MAY ATTEMPT THE QUIZ up to 3 timesIF YOU WISH to improve your score.
.
Calculus IDirections (10 pts. each) Answer each of the followin.docx
Calculus I
Directions: (10 pts. each) Answer each of the following questions below. In order to receive ANY credit for a question, you must SHOW YOUR WORK using proper notation and clear and concise logic. You're graded on both the accuracy of your answers AND your explanations that sufficiently support your answers. Unless otherwise stated, you're to give the EXAXCT VALUES of answers instead of decimal approximations. In order to receive ANY credit for any applied/word problem (i.e. Problems #29 - ), you MUST declare a variable (unless the variable(s) have already been declared in the problem) and set up and solve an appropriate mathematical expression that can be used to answer the question. Proper units must also be included in answers to applied problems. NO CREDIT WILL BE GIVEN FOR EITHER GUESSING OR CHECKING POSSIBLE ANSWERS WITHOUT SOLVING THE PROBLEM. YOU CANNOT USE CALCULUS TO SOLVE THESE PROBLEMS.
Finally, write ONLY FINAL ANSWERS ON THESE PAGES; you must show your work both according to homework guidelines and on YOUR OWN PAPER.
SHORT ANSWER. Write the word or phrase that best completes each statement or answers the question.
Multiply or divide as indicated. Write your answer in factored form.
1) x22 - 9x + 14 · xx22 -- 1618x x ++ 4877 1)
2)
x
-
12
x
+
32
Simplify the complex rational expression.
4
x
2
-
4
x
-
32
-
1
x
-
8
2)
1 + 1 x + 4
Find the difference quotient for the function and simplify it.
3) g(x) = 6x2 + 14x - 1 3)
Find the domain and range of the function. Write your answers using interval notation.
4)
g(z)
=
16
-
z
2
4)
Find a formula for the function graphed.
5) 5)
Determine if the function is even, odd, or neither. You must use algebra to justify your answer; otherwise, no full credit will be given. NO CREDIT is given for an answer without a mathematical explanation.
6) f(x) = x -+7 9 6)
State the domain of the composition.
7)
(
g
H
h)(x) with g(x)
=
x
+
5
and h(x)
=
8
x
+
7
7)
Compute
f(x
+
h)
-
f(x)
h
(h
J
0) for the given function
.
8) f(x) = 4x - 8 8)
9)
f(x)
=
5
x
2
+
6
x
9)
10)
f(x)
=
1
9
x
10)
Solve the equation by multiplying both sides by the LCD.
11) 32x - x 3+ 1 = 1 11)
12)
Solve the equation.
x
+
6
+
2
-
x
=
4
12)
13)
(
4
x
-
2
)
/
3
2
+
6
=
15
13)
14)
3
x
+
4
=
x
-
1
14)
Find the real solutions of the equation by factoring.
15) x3 + 8x2 - x - 8 = 0 15)
Solve the equation by making an appropriate substitution.
16) (x2 - 2x)2 - 11(x2 - 2x) + 24 = 0 16)
Solve the logarithmic equation.
17) log2(x + 7) + log2(x - 7) = 2 17)
Solve the exponential equation. Express the solution set in terms of natural logarithms.
18) 4x + 4 = 52x + 5 18)
Solve the inequality and express the solution in interval notation.
19) 7Ax - 1A L 2 19)
Solve the inequality. Write your answer using interval notation.
20) x 18- 5 > x 15+ 1 20)
Write the equation as f(x) = a(x - h)2 + k. Identify the vertex, range, and axis of symmetry of the function.
21) f(x) = x2 + 5x + 2 21)
23) log
F.
Cadence Publishes Comprehensive Book onMixed-Signal Method.docx
Cadence Publishes Comprehensive Book on
Mixed-Signal Methodology; The "Mixed-Signal
Methodology Guide" Provides Expert Direction
on How to Address Design, Verification and
Implementation Challenges of Modern Mixed-
Signal Designs
Publication info: M2 Presswire ; Coventry [Coventry]14 Aug 2012.
ProQuest document link
ABSTRACT
SAN JOSE, Calif. -- Cadence Design Systems, Inc. (NASDAQ: CDNS), a leader in global electronic design innovation,
today announced availability of the critically acclaimed and much anticipated comprehensive design methodology
book for chip designers and CAD engineers that focuses on current and future advanced mixed-signal design
challenges and solutions. The "Mixed-Signal Methodology Guide" provides an overview of the design, verification
and implementation methodologies required for advanced mixed-signal designs. The book brings together top
mixed-signal design experts from across the industry -- including authors from Boeing, Cadence(R), ClioSoft and
Qualcomm -- to address the complex problems facing the mixed-signal design community.
"Modern mixed-signal design require new methodologies to improve productivity, reduce design time and achieve
silicon success," said Hao Fang, engineering director at LSI. "The Mixed-Signal Methodology Guide is a thorough
reference book on advanced verification and implementation methodologies. It will be particularly useful to mixed-
signal verification engineers for its coverage of analog behavioral modeling, and assertion and metric driven
verification methodology as applied to analog and mixed-signal design."
FULL TEXT
M2 PRESSWIRE-August 14, 2012-Cadence Publishes Comprehensive Book on Mixed-Signal Methodology; The
"Mixed-Signal Methodology Guide" Provides Expert Direction on How to Address Design, Verification and
Implementation Challenges of Modern Mixed-Signal Designs
(C)2012 M2 COMMUNICATIONS http://www.m2.com
August 13, 2012
SAN JOSE, Calif. -- Cadence Design Systems, Inc. (NASDAQ: CDNS), a leader in global electronic design innovation,
today announced availability of the critically acclaimed and much anticipated comprehensive design methodology
book for chip designers and CAD engineers that focuses on current and future advanced mixed-signal design
challenges and solutions. The "Mixed-Signal Methodology Guide" provides an overview of the design, verification
and implementation methodologies required for advanced mixed-signal designs. The book brings together top
mixed-signal design experts from across the industry -- including authors from Boeing, Cadence(R), ClioSoft and
Qualcomm -- to address the complex problems facing the mixed-signal design community.
The growing complexity of today's mixed-signal designs requires major changes in design methodology to both
increase productivity and deliver high quality products on time. This wide-ranging compendium examines in depth
such topics as AMS behavioral modeling, mixed-signal me.
Calculate the energy in the form of heat (in kJ) required to change .docx
Calculate the energy in the form of heat (in kJ) required to change 75.0 g of liquid water at 27.0 °C to ice at –20.0 °C. Assume that no energy in the form of heat is transferred to the environment. (Heat of fusion = 333 J/g; heat of vaporization = 2256 J/g; specific heat capacities: ice = 2.06 J/g×K, liquid water = 4.184 J/g×K)
.
CAHIIM Competencies Assessed Subdomain VI.D. Human Resources Ma.docx
CAHIIM Competencies Assessed:
Subdomain VI.D. Human Resources Management
Create and implement staff orientation and training programs (Blooms 6)
Instructions:
You are an HIM Supervisor at a hospital and you have been asked to create a new staff training on data compliance rules. Assume that the new staff has a wide variety of background, with some new staff knowing nothing about data compliance at all. The training should be basic and introductory.
Create an outline for your training.
Requirements:
Include an introduction and summary within your outline
Length of outline should be 3-4 pages
It should be an annotated outline. This means that it should include citations within the outline and a reference page.
Your training should include the topics of HIPAA and The Joint Commission and other data compliance topics that affect hospital staff
.
C8-1 CASE STUDY 8 CARLSON COMPANIES STORAGE SOLUT.docx
C8-1
CASE STUDY 8
CARLSON COMPANIES STORAGE SOLUTIONS
Carlson Companies (www.carlson.com) is one of the largest privately held
companies in the United States, with more than 171,000 employees in more
than 150 countries. Carlson enterprises include a presence in marketing,
business and leisure travel, and hospitality industries. Its Carlson Hotels
Worldwide division owns and operates approximately 1,075 hotels located in
more than 70 countries. Radisson, Park Plaza, and Country Inn & Suites by
Carlson are some of its hotel brands. The hotel loyalty program is named
Club Carlson. The Carlson Restaurants Worldwide includes T.G.I. Friday’s
and the Pick Up Stix chains. The company registered approximately $38
billion in sales in 2011.
Carlson’s Information Technology (IT) division, Carlson Shared Services,
acts as a service provider to its internal clients and consequently must
support a spectrum of user applications and services. The IT division uses a
centralized data processing model to meet business operational
requirements. The central computing environment has traditionally included
an IBM mainframe and over 50 networked Hewlett-Packard and Sun servers
[KRAN04, CLAR02, HIGG02]. The mainframe supports a wide range of
applications, including Oracle financial database, e-mail, Microsoft Exchange,
Web, PeopleSoft, and a data warehouse application.
C8-2
In 2002, the IT division established six goals for assuring that IT
services continued to meet the needs of a growing company with heavy
reliance on data and applications:
1. Implement an enterprise data warehouse.
2. Build a global network.
3. Move to enterprise-wide architecture.
4. Establish six-sigma quality for Carlson clients.
5. Facilitate outsourcing and exchange.
6. Leverage existing technology and resources.
The key to meeting these goals was to implement a storage area
network (SAN) with a consolidated, centralized database to support
mainframe and server applications. Carlson needed a SAN and data center
approach that provided a reliable, highly scalable facility to accommodate
the increasing demands of its users.
Storage Requirements
Prior to implementing the SAN and data center approach, the central DP
shop included separate disc storage for each server, plus that of the
mainframe. This dispersed data storage scheme had the advantage of
responsiveness; that is, the access time from a server to its data was
minimal. However, the data management cost was high. There had to be
backup procedures for the storage on each server, as well as management
controls to reconcile data distributed throughout the system. The mainframe
included an efficient disaster recovery plan to preserve data in the event of
major system crashes or other incidents and to get data back online with
little or no disruption to the users. No comparable plan existed for the many
servers.
C8-3
As Ca.
Caffeine intake in children in the United States and 10-ytre.docx
Caffeine intake in children in the United States and 10-y
trends: 2001–20101–4
Namanjeet Ahluwalia, Kirsten Herrick, Alanna Moshfegh, and Michael Rybak
ABSTRACT
Background: Because of the increasing concern of the potential
adverse effects of caffeine intake in children, recent estimates of
caffeine consumption in a representative sample of children are
needed.
Objectives: We provide estimates of caffeine intake in children in
absolute amounts (mg) and in relation to body weight (mg/kg) to
examine the association of caffeine consumption with sociodemo-
graphic factors and describe trends in caffeine intake in children in
the United States.
Design: We analyzed caffeine intake in 3280 children aged 2–19 y
who participated in a 24-h dietary recall as part of the NHANES,
which is a nationally representative survey of the US population
with a cross-sectional design, in 2009–2010. Trends over time be-
tween 2001 and 2010 were examined in 2–19-y-old children (n =
18,530). Analyses were conducted for all children and repeated for
caffeine consumers.
Results: In 2009–2010, 71% of US children consumed caffeine on
a given day. Median caffeine intakes for 2–5-, 6–11-, and 12–19-y
olds were 1.3, 4.5, and 13.6 mg, respectively, and 4.7, 9.1, and 40.6
mg, respectively, in caffeine consumers. Non-Hispanic black chil-
dren had lower caffeine intake than that of non-Hispanic white
counterparts. Caffeine intake correlated positively with age; this
association was independent of body weight. On a given day,
10% of 12–19-y-olds exceeded the suggested maximum caffeine
intake of 2.5 mg/kg by Health Canada. A significant linear trend
of decline in caffeine intake (in mg or mg/kg) was noted overall for
children aged 2–19 y during 2001–2010. Specifically, caffeine in-
take declined by 3.0 and 4.6 mg in 2–5- and 6–11-y-old caffeine
consumers, respectively; no change was noted in 12–19-y-olds.
Conclusion: A majority of US children including preschoolers con-
sumed caffeine. Caffeine intake was highest in 12–19-y-olds and
remained stable over the 10-y study period in this age group. Am J
Clin Nutr 2014;100:1124–32.
INTRODUCTION
Caffeine is a commonly consumed stimulant present naturally
in or added to foods and beverages. Caffeine consumption in
children has received considerable interest because of the con-
cern of adverse health effects. Caffeine intake of 100–400 mg has
been associated with nervousness, jitteriness, and fidgetiness
(1, 2). Because of the continued brain development involving
myelination and pruning processes, children may be particularly
sensitive to caffeine (3, 4). There has been some evidence that
has linked caffeine intake in children to sleep dysfunction, el-
evated blood pressure, impairments in mineral absorption and
bone health, and increased alcohol use or dependence (1, 5–7).
In addition, the routine use of caffeinated sugar-sweetened
beverages may contribute to weight gain and dental cavities (8).
Caffeine toxicity in children has also.
Cabbage patch hip dance move, The running man hip hop dance move, th.docx
Cabbage patch hip dance move, The running man hip hop dance move, the humpty dance hip hop move and the butterfly hip hop dance move. Describe each using the attachment in the assignment which provides certain words and descriptions. each style of dance ( cabbage patch, running man, the humpty dance, butterfly) has to have description or analysis using B.A.S.T.E See the attachment
use the attachment to describe each hip hop dance move
.
CA4Leading TeamsAre we a teamHi, my name is Jenny .docx
CA4:
Leading Teams
Are we a team?
Hi, my name is Jenny McConnell. I am the newly appointed CIO of a medium-sized technology company. Our company recruits top graduates from schools of business and engineering. Talent, intellect, creativity – it’s all there. If you lined up this crowd for a group photo, credentials in hand, the “wow” factor would be there.
Our company is spread over a dozen states, mostly in the Northwest. The talent pool is amazing across the board, both in IT and in the rest of the company. But when the CEO hired me, he said that we are performing nowhere near our potential. On the surface, the company is doing fine. But we should be a
Fortune 500
organization. With this much talent, we should be growing at a much faster rate. The CEO also said that I was inheriting “a super team with disappointing performance.” His task for me was to pull the IT stars into a cohesive team that would meet company needs for new IT systems and services much faster and more effectively.
Without making our superstars feel that they were being critiqued and second-guessed, or indicating “there’s a real problem here,” I wanted to gather as much information and feedback as possible from the 14 team members (regional CIOs and department heads) who report to me. I held one-on-one meetings in order to give a voice to each person, allowing each individual to provide an honest assessment of the team as well as areas for improvement and a vision for the future of team efforts.
I was surprised by the consistency of remarks and opinions. For example, a picture emerged of the previous CIO, who was obviously awed by the talent level of the team members. Comments such as “Bob pretty much let us do what we wanted” and “Bob would start the meeting and then just fade into the background, as if he found us intimidating” were typical. The more disturbing comment, “Bob always agree with
me
,” was expressed by most of the team members at some point in our conversation. It was as if the regional heads believed that the CIO wanted them to succeed by doing as they thought best for themselves.
I queried members about the level of cooperation during meetings and uncovered areas of concern, including the complaint that others at the table were constantly checking their iPads and smartphones during meetings. One department head told me, “You could turn off the sound while watching one of our meetings, and just by the body language and level of attention, tell who is aligned with whom and who wishes the speaker would just shup up. It would be comical if it weren’t so distressing.”
Such remarks were indicative of a lack of trust and respect and a breakdown of genuine communication. One team member told me, “I recently encountered a problem that a department head from another region had successfully solved, but the information was never shared, so here I am reinventing the wheel and wasting valuable time.” It was apparent that these so-called high performers were .
C7-1 CASE STUDY 7 DATA CENTER CONSOLIDATION AT GUARDI.docx
C7-1
CASE STUDY 7
DATA CENTER CONSOLIDATION AT GUARDIAN
LIFE
As one of the largest mutual life insurance firms in the United States,
Guardian Life (www.guardianlife.com) has more than 5000 employees and
over 3000 financial representatives in 80 agencies. Guardian and its
subsidiaries provide almost three million people with life and disability
income insurance, retirement services, and investment products such as
mutual funds, securities, variable life insurance, and variable annuities. The
company also supplies employee benefits programs to six million
participants, including life, health, and dental insurance, as well as qualified
pension plans. In addition to regional home offices in New York City;
Bethlehem, Pennsylvania; Spokane, Washington; and Appleton, Wisconsin,
the company has 55 remote sales offices and 80 remote agency offices.
Like other insurance companies, Guardian Life is an information
intensive organization where data processing and communications network
infrastructure have consistently been important contributors to its success.
Guardian Life’s IT organization has earned numerous accolades including
multiple CIO100 awards from CIO magazine [PRNE11]. According to Dennis
Callahan, Executive Vice President and Chief Information Officer for,
Guardian Life, "A strong partnership between IT and the businesses enables
http://www.guardianlife.com/
C7-2
Guardian to deliver cost-effective technology services that facilitate world-
class customer service, product innovation, and operational efficiency.”
Ensuring alignment between business and IT is important to Guardian Life
and provides a consistent theme for many of the insurance companies IT
projects including its data center consolidation initiatives [CIOZ12].
Data center consolidation has been an ongoing concern at Guardian for
more than a decade. Guardian’s IT governance structure is team-oriented
and the company’s data center consolidation initiatives are overseen by it
Infrastructure team. The Infrastructure team is primarily co-located in New
York, and Bethlehem, Pennsylvania but it has key support teams in Spokane,
Washington, Appleton, Wisconsin, and Pittsfield, Massachusetts.
Guardian Life began taking a serious look at data center consolidation in
2000, but in the aftermath of the September 11, 2001 terrorist attack,
Guardian also became more concerned with business continuity issues.
Guardian had four significant data centers, at its four home offices, but the
primary data center was in New York City. After 9/11, Guardian wanted
make infrastructure changes to ensure business continuity across its existing
data centers and made plans to add two more data centers to the mix.
Guardian performed an assessment of its data centers to provide a basis
for planning on the location of data processing resources. One surprising
outcome of this assessment had to do with utilization. The.
C9-1 CASE STUDY 9 ST. LUKES HEALTH CARE SYSTEM Hospitals have been .docx
C9-1 CASE STUDY 9 ST. LUKE'S HEALTH CARE SYSTEM Hospitals have been some of the earliest adopters of wireless local area networks (WLANs). The clinician user population is typically mobile and spread out across a number of buildings, with a need to enter and access data in real time. St. Luke's Episcopal Health System in Houston, Texas (www.stlukestexas.com) is a good example of a hospital that has made effective use wireless technologies to streamline clinical work processes. Their wireless network is distributed throughout several hospital buildings and is used in many different applications. The majority of the St. Luke’s staff uses wireless devices to access data in real-time, 24 hours a day. Examples include the following: • Diagnosing patients and charting their progress: Doctors and nurses use wireless laptops and tablet PCs to track and chart patient care data. • Prescriptions: Medications are dispensed from a cart that is wheeled from room to room. Clinician uses a wireless scanner to scan the patient's ID bracelet. If a prescription order has been changed or cancelled, the clinician will know immediately because the mobile device displays current patient data. C9-2 • Critical care units: These areas use the WLAN because running hard wires would mean moving ceiling panels. The dust and microbes that such work stirs up would pose a threat to patients. • Case management: The case managers in the Utilization Management Department use the WLAN to document patient reviews, insurance calls/authorization information, and denial information. The wireless session enables real time access to information that ensures the correct level of care for a patient and/or timely discharge. • Blood management: Blood management is a complex process that involves monitoring both patients and blood products during all stages of a treatment process. To ensure that blood products and patients are matched correctly, St. Luke’s uses a wireless bar code scanning process that involves scanning both patient and blood product bar codes during the infusion process. This enables clinicians to confirm patient and blood product identification before proceeding with treatment. • Nutrition and diet: Dietary service representatives collect patient menus at each nursing unit and enter them as they go. This allows more menus to be submitted before the cutoff time, giving more patients more choice. The dietitian can also see current patient information, such as supplement or tube feeding data, and view what the patient actually received for a certain meal. • Mobile x-ray and neurologic units: St. Luke’s has implemented the wireless network infrastructure necessary to enable doctors and clinicians to use mobile x-ray and neurologic scanning units. This makes it possible to take x-rays or to perform neurological studies in patient rooms. This minimizes the need to schedule patients for neurology or radiology lab visits. The mobile units also enable equipment to be brought to t.
C9-1 CASE STUDY 9 ST. LUKES HEALTH CARE SYSTEM .docx
C9-1
CASE STUDY 9
ST. LUKE'S HEALTH CARE SYSTEM
Hospitals have been some of the earliest adopters of wireless local area
networks (WLANs). The clinician user population is typically mobile and
spread out across a number of buildings, with a need to enter and access
data in real time. St. Luke's Episcopal Health System in Houston, Texas
(www.stlukestexas.com) is a good example of a hospital that has made
effective use wireless technologies to streamline clinical work processes.
Their wireless network is distributed throughout several hospital buildings
and is used in many different applications. The majority of the St. Luke’s
staff uses wireless devices to access data in real-time, 24 hours a day.
Examples include the following:
• Diagnosing patients and charting their progress: Doctors and
nurses use wireless laptops and tablet PCs to track and chart patient
care data.
• Prescriptions: Medications are dispensed from a cart that is wheeled
from room to room. Clinician uses a wireless scanner to scan the
patient's ID bracelet. If a prescription order has been changed or
cancelled, the clinician will know immediately because the mobile device
displays current patient data.
http://www.stlukestexas.com/
C9-2
• Critical care units: These areas use the WLAN because running hard
wires would mean moving ceiling panels. The dust and microbes that
such work stirs up would pose a threat to patients.
• Case management: The case managers in the Utilization Management
Department use the WLAN to document patient reviews, insurance
calls/authorization information, and denial information. The wireless
session enables real time access to information that ensures the correct
level of care for a patient and/or timely discharge.
• Blood management: Blood management is a complex process that
involves monitoring both patients and blood products during all stages of
a treatment process. To ensure that blood products and patients are
matched correctly, St. Luke’s uses a wireless bar code scanning process
that involves scanning both patient and blood product bar codes during
the infusion process. This enables clinicians to confirm patient and blood
product identification before proceeding with treatment.
• Nutrition and diet: Dietary service representatives collect patient
menus at each nursing unit and enter them as they go. This allows more
menus to be submitted before the cutoff time, giving more patients
more choice. The dietitian can also see current patient information, such
as supplement or tube feeding data, and view what the patient actually
received for a certain meal.
• Mobile x-ray and neurologic units: St. Luke’s has implemented the
wireless network infrastructure necessary to enable doctors and
clinicians to use mobile x-ray and neurologic scanning units. This makes
it possible to take x-rays or to perform neurological studies in patient
rooms. This min.
C361 TASK 22C361 TASK 22C361 Task 2WGUEv.docx
C361 TASK 2 2
C361 TASK 2 2
C361 Task 2
WGU
Evidence-Based Practice and Applied Nursing Research
C361
Eve Butler
July 28, 2019
Running head: C361 TASK 2 2
C361 Task 2
A.1 Healthcare problem
Worldwide estimates have shown that greater than 1.4 million patients have acquired nosocomial infections. Adherence to hand hygiene policies are shown to be the most effective way to help prevent these healthcare-associated infections; sadly research shows that healthcare workers have suboptimal compliance with their facilities hand hygiene policies due to lack of education and compliance monitoring. Patients in our healthcare settings are under the assumption that we are doing our best to promote their healing when in fact 7% of them will be subjected to a nosocomial infection with that rate climbing to 10% in developing countries (Finco et al., 2018).
A.2 Significance of the problem
The cost of care that is associated with nosocomial infections is estimated to be over ten billion dollars putting a burden on both patients and health organizations alike. It is estimated that 38% of all infections are caused by cross-contamination due to noncompliance with hand hygiene policies. These infections lead to approximately 99,000 deaths a year in the United States alone (Sickbert-Bennett et al., 2016).
A.3 Current healthcare practices related to the problem
Most healthcare facilities have an educational program that simply teaches how to achieve proper hand hygiene and use the WHO five moments of hand hygiene as their standard. However, this does not educate the healthcare workers on why it is important, nor does it address the far-reaching consequences for noncompliance. Along with the lack of foundational education, most facilities do not monitor for compliance.
A.4 How the problem affects the organization and patients’ cultural background
Inadequate hand hygiene leading to nosocomial infections can affect the organization's cultural background by leading to dissatisfaction in the workplace as staff becomes frustrated by their feelings of inadequacy and helplessness in dealing with patients getting sicker instead of better. The staff may also be feeling stress in the burden of caring for sicker patients. The patient's cultural background may be affected as they may be feeling despair or depression at their inability to get better, and some may feel it is punishment according to their cultural or religious beliefs.
B. Two research evidence sources and two non-research evidence sources considered
In searching for my research evidence sources, I start with the Western Governors University Library online. Once in the library, a boolean phrase was used, which allowed me to search for research articles that contain more than one topic in the same paper. Phrases I used in this search were “nosocomial infections,” “hand hygiene compliance,” and “ hand hygiene education.” With these phrases, thousands of articles were available to peruse.
One of the res.
C6-1 CASE STUDY 6 CHEVRON’S INFRASTRUCTURE EVOLUT.docx
C6-1
CASE STUDY 6
CHEVRON’S INFRASTRUCTURE
EVOLUTION
Chevron Corporation (www.chevron.com) is one of the world’s leading
energy companies. Chevron’s headquarters are in San Ramon, California.
The company has more than 62,000 employees and produces more than
700,000 barrels of oil per day. It has 19,500 retail sites in 84 countries. In
2012, Chevron was number three on the Fortune 500 list and had more than
$244 billion in revenue in 2011 [STAT12].
IT infrastructure is very important to Chevron and to better support all
facets of its global operations, the company is always focused on improving
its infrastructure [GALL12]. Chevron faces new challenges from increased
global demand for its traditional hydrocarbon products and the need to
develop IT support for new value chains for liquid natural gas (LNG) and the
extraction of gas and oil from shale. Huge investments are being made
around the world, particularly in Australia and Angola on massive projects of
unprecedented scale. Modeling and analytics are more important than ever
to help Chevron exploit deep water drilling and hydrocarbon extraction in
areas with challenging geographies. For example, advanced seismic imaging
tools are used by Chevron to reveal possible oil or natural gas reservoirs
beneath the earth’s surface. Chevron’s proprietary seismic imaging
http://www.chevron.com/
C6-2
technology contributed to it achieving a 69% discovery rate in
2011[CHEV12].
Supervisory Control and Data Acquisition (SCADA)
Systems
Chevron refineries are continually collecting data from sensors spread
throughout the facilities to maintain safe operations and to alert operators to
potential safety issues before they ever become safety issues. Data from the
sensors is also used to optimize the way the refineries work and to identify
opportunities of greater efficiency. IT controls 60,000 valves at Chevron’s
Pascagoula, Mississippi refinery; the efficiency and safety of its end-to-end
operations are dependent on advanced sensors, supervisory control and data
acquisition (SCADA) systems, and other digital industrial control systems
[GALL12].
SCADA systems are typically centralized systems that monitor and
control entire sites and/or complexes of systems that are spread out over
large areas such as an entire manufacturing, fabrication, power generation,
or refining facility. The key components of SCADA systems include:
Programmable logic units (PLCs) that and remote terminal units (RTUs)
connected to sensors that convert sensor signals to digital data and
send it to the supervisory system
A supervisory computer system that acquires data about the process
and sends control commands to the process
A human-machine interface (HMI) that presents process to the human
operators that monitor and control the process.
Process meters and process analysis instruments
Communication infrastructure connecting.
C125C126 FORMAL LAB REPORTFORMAL LAB REPORT, GeneralA f.docx
C125/C126 FORMAL LAB REPORT
FORMAL LAB REPORT, General
A formal lab report is required in conjunction with some of the experiments in each chemistry course. It is your chance to demonstrate to your professor or TA how well you understand the experiment and the chemical principles involved. A formal report is different than a term paper. It should be written in a scientific style, which is not the same style used for English or philosophy papers.
The keys to effective technical writing are organization, brevity, clarity, and an appreciation of the needs of the reader. You must write clearly and be thorough, but concise. Do not ramble. The best way to avoid rambling is to first prepare an outline of the report and stick to it. Always use complete sentences. Bulleted lists are okay in a lab notebook but are unacceptable in a formal report. Formal reports must be typed. Use 1.5 line spacing, 1-inch margins, 12 pt font and 8.5x11 inch paper. Only use third person, past tense. Also, proofread well.
The general structure of a formal lab report follows that of a scientific paper. It is:
Title and Author (s)
Introduction
Experimental Information
Data and Calculation
Results and Discussion
Conclusion
References
Results and discussion sections are combined into one single section. Different instructors may have specific formats that they want you to follow. You should always defer to the instructions given to you by your course. Presented here are general guidelines for writing formal lab reports and scientific papers.
Before writing your first report, visit the library and examine several journal articles. Pay close attention to the style of the prose and the contents of each particular section. Several common journals to investigate are:
The Journal of the American Chemical Society
The Journal of Physical Chemistry
Analytical Chemistry
Biochemistry
Initialed and dated laboratory notebook pages of the experiment must be submitted. While report sheets may be a joint effort, formal reports must be individually written. A schedule of reports and dates on which they are due is given in the course laboratory schedule. We highly recommend that reports be completed prior to the day of submission to allow time to proofread, and thus avoiding loss of points due to last minute problems. Lost data or the inability to print reports is not acceptable excuses for incomplete or missing reports. You will be informed when notebook pages will be collected before the report is due.
FORMAL LAB REPORT - Title and Author(s)
State the title of the experiment, your name, the date and your laboratory section number, if applicable. Also state the name of your lab partner(s). This information should be at the top of the first page.
FORMAL LAB REPORT – Introduction
The Introduction states the purpose of the study and introduces the reader with new ideas and topics. It also provides any background necessary to acquaint the read.
C10-1 CASE STUDY 10 CHOICE HOTELS INTERNATIONAL .docx
C10-1
CASE STUDY 10
CHOICE HOTELS INTERNATIONAL
Within the hospitality industry, there has traditionally been a division
between networks that serve guest functions and those that serve
operations and administration, both with respect to data transmission and
voice transmission. In recent years, most hotel and motel chains have
moved in the direction of consolidating multiple functions on networks that
used to be dedicated to one use. Tighter integration of voice and data and of
guest and operations/administration networking is a fast-growing trend.
Choice Hotels International (www.choice.com) is a good example of this
trend.
Choice Hotels International (NYSE: CHH) is one of the largest and most
successful lodging companies in the world. It franchises more than 6,100
hotels, representing more than 490,000 rooms, in the United States and
more than 30 countries and territories. The company's best known brands
include Comfort Inn, Comfort Suites, Quality, Sleep Inn, Clarion, Cambria
Suites, MainStay Suites, Suburban Extended Stay Hotel, Econo Lodge and
Rodeway Inn.
In-House Networking Functions
Choice supports two distinct networking functions. A central Web site
enables customers to reserve rooms at any Choice franchise
http://www.choice.com/
C10-2
accommodation. The central reservation system, known as Profit Manager,
automatically finds the most appropriate hotel based on location, price
range, or standard. Individual hotels also take bookings, so there needs to
be a way for hotels and the central system to remain synchronized.
Choice networks also support its franchisees. Choice is in fact a
relatively small company in terms of personnel (about 2000 employees) and
does not own or operate any hotels. All of the establishments under its brand
names are independently owned and pay Choice licensing fees and a royalty
on all sales. In return, they receive a variety of services, including
marketing, quality control, and inventory management. Many of these
services are offered via network, such as allowing managers to order
supplies online and check booking status. This support network is similar to a
corporate intranet but has a higher reliability requirement. The 6100 hotel
managers are, in effect, Choice's customers, not employees. Thus, the
standards for reliability and performance of the network are high.
In the late 1990s, Choice began to focus on providing a state-of-the-art
global reservation system. At this point, the synchronization of local and
online reservations was done manually. Each hotel provided Choice with a
fixed block of inventory to sell over the central reservation system, with an
average of 30% of capacity. Once that 30% was sold, Profit Manager listed
the hotel as fully booked, even though there might be plenty of rooms
available from the other 70%. The reverse problem also occurred: If the
local reservation system had so.
C1-1 CASE STUDY 1 UNIFIED COMMUNICATIONS AT BOEING .docx
C1-1
CASE STUDY 1
UNIFIED COMMUNICATIONS AT BOEING
The Boeing Company (http://www.boeing.com/), headquartered in Chicago,
Illinois, is the world’s largest manufacturer of military aircraft and
commercial jetliners. Boeing has more than 159,000 employees working in
70 different countries who require effective communication to develop and
build some of the world’s most complex products using components from
more than 22,000 global suppliers.
The company’s workforce is one of the most highly educated in the
world. Most employees hold a college degree and many hold advanced
degrees. Collectively Boeing employees have very broad and deep
knowledge that can be harnessed to solve problems and design next
generation products.
Like many major corporations, Boeing has experienced an uptick in the
number of employees who work remotely or travel the majority of each work
week. Boeing’s engineers number in the thousands and are purposely
scattered worldwide to support the company’s global operations.
Boeing organizes its employees into work and project teams. Given the
company’s size and geographic footprint, many of Boeing work’s teams
include globally dispersed members. Engineers on the same team may be
separated by multiple time zones and thousands of miles. Time zone
differences and distance frequently present teams with communication
challenges when they are faced with time sensitive issues that must be
resolved quickly.
http://www.boeing.com/
C1-2
Additional communication issues are associated with the sheer breadth
and depth of Boeing’s knowledge base. When faced with questions about a
particular part included in one of Boeing’s new airliners, an engineer can be
challenged to identify the right person in the company to contact for
answers.
Collaboration Technologies
Boeing knows that continual innovation is important to its long term success.
It also recognizes that effective communication among its employees,
customers, and suppliers is an important enabler of continual innovation.
Boeing has traditionally relied on a variety of systems to facilitate
collaboration among its employees and business partners. As illustrated in
Figure C1-1a, Web conferencing, audio conferencing, desktop sharing, and
mobile voice and data services have been used by Boeing employees to
facilitate communication among geographically dispersed team members.
Historically, these capabilities have been provided by different third-party
providers who were selected on the basis of their ability to provide high-
quality communication services at competitive rates.
By the mid-2000s, Boeing had begun its migration toward unified
messaging and unified communications. At that time, instant messaging (IM)
was one of the more popular messaging services used Boeing employees. At
Boeing, IM has traditionally been supplemented by Web and audio
conferencing services as well as by de.
C09 07222011 101525 Page 88IT leader who had just been.docx
C09 07/22/2011 10:15:25 Page 88
IT leader who had just been hired and would be focused on developing a long-term IT
strategy for the company.
This chapter shows how to develop a strategy for your IT organization and avoid
getting overwhelmed with day-to-day issues. Many CIOs get caught up in tactical
issues and never take the time to establish a future strategy for the organization. The
process is not new or difficult, but many CIOs fail to devote the time to this area and
end up like Fred.
OVERVIEW
Developing an IT strategy is critical for IT leaders. Unless your organization has
developed an understanding of your future goals and objectives, you will not be
successful in leading it forward. In the same manner that you must first decide where
you want to live and build your dream house before engaging the architect and building
contractors, you need to develop a future strategy in order to successfully build your
IT organization.
This chapter is written for someone who has never developed an IT strategy in the
past or needs to revise an existing strategy to align with the company’s future direction.
We first review the methodology you can use to develop your strategy and then go
through the actual steps necessary to complete the strategy. It is important to note that
this is a collaborative process between the IT organization and its business partners. You
must actively engage them during the process and solicit their input during the
development of the strategy. The IT strategy should be considered a component of
an effective business strategy. Finally, we recommend that your strategy is a living
document that is updated on a regular basis to support the evolving nature of your
business. If you decide to enter a new market, offer new products or services, or change
your business model, the IT strategy must be revised to support the business.
IT STRATEGY METHODOLOGY
The methodology for creating your IT strategy consists of three steps, and development
of your improvement road map encompasses three critical elements, as shown in
Figure 9.1.
The first step is to understand the current state of the IT organization. Key questions
for determining current state include:
& Has the organization been successful in meeting the needs of the business?
& Are the relations between the IT organization and its business partners collaborative?
& Does the business feel that investments in the IT organization are providing the
desired benefits?
It is important to take an objective view of how the organization is operating today
and not assume that things are going great.
88 & Process
C
o
p
y
r
i
g
h
t
2
0
1
1
.
W
i
l
e
y
.
A
l
l
r
i
g
h
t
s
r
e
s
e
r
v
e
d
.
M
a
y
n
o
t
b
e
r
e
p
r
o
d
u
c
e
d
i
n
a
n
y
f
o
r
m
w
i
t
h
o
u
t
p
e
r
m
i
s
s
i
o
n
f
r
o
m
t
h
e
p
u
b
l
i
s
h
e
r
,
e
x
c
e
p
t
f
a
i
r
u
s
e
s
p
e
r
m
i
t
t
e
d
u
n
d
e
r
U
.
S
.
o
r
a
p
p
l
i
c
a
b
l
e
c
o
p
y
r.
C053GXML 10192012 214425 Page 131cC H A P T E R.docx
C053GXML 10/19/2012 21:44:25 Page 131
c
C H A P T E R
5
Privacy and Cyberspace
Of all the ethical issues associated with the use of cybertechnology, perhaps none has
received more media attention than concern about the loss of personal privacy. In this
chapter, we examine issues involving privacy and cybertechnology by asking the
following questions:
� How are privacy concerns generated by the use of cybertechnology different from
privacy issues raised by earlier technologies?
� What, exactly, is personal privacy, and why is it valued?
� How do computerized techniques used to gather and collect information, such as
Internet “cookies” and radio frequency identification (RFID) technology, raise
concerns for personal privacy?
� How do the transfer and exchange of personal information across and between
databases, carried out in computerized merging and matching operations,
threaten personal privacy?
� How do tools used to “mine” personal data exacerbate existing privacy concerns
involving cybertechnology?
� Can personal information we disclose to friends in social networking services
(SNS), such as Facebook and Twitter, be used in ways that threaten our privacy?
� How do the use of Internet search engines and the availability of online public
records contribute to the problem of protecting “privacy in public”?
� Do privacy-enhancing tools provide Internet users with adequate protection for
their online personal information?
� Are current privacy laws and data protection schemes adequate?
Concerns about privacy can affect many aspects of an individual’s life—from
commerce to healthcare to work to recreation. For example, we speak of consumer
privacy, medical and healthcare privacy, employee and workplace privacy, and so forth.
Unfortunately, we cannot examine all of these categories of privacy in a single chapter. So
we will have to postpone our analysis of certain kinds of privacy issues until later chapters
in the book. For example, we will examine some ways that medical/genetic privacy issues
are aggravated by cybertechnology in our discussion of bioinformatics in Chapter 12, and
131
C053GXML 10/19/2012 21:44:25 Page 132
we will examine some particular employee/workplace privacy issues affected by the use
of cybertechnology in our discussion of workplace surveillance and employee mon-
itoring in Chapter 10. Some cyber-related privacy concerns that conflict with cyberse-
curity issues and national security interests will be examined in Chapter 6, where
privacy-related concerns affecting “cloud computing” are also considered. In our
discussion of emerging and converging technologies in Chapter 12, we examine
some issues that affect a relatively new category of privacy called “location privacy,”
which arise because of the use of embedded chips, RFID technology, and global
positioning systems (GPS).
Although some cyber-related privacy concerns are specific to one or more spheres or
sectors—i.e., employment, healthcare, and so f.
c04.DS_Storec04comparison-operator.htmlBullseyec04com.docx
c04/.DS_Store
c04/comparison-operator.htmlBullseye
c04/comparison-operator-continued.htmlBullseye
c04/css/c04.css
@import url(http://fonts.googleapis.com/css?family=Wellfleet);
body {
background-color: #523620;
color: #fff;
font-family: 'Wellfleet', times, serif;
font-size: 150%;
margin: 0px 0px 0px 0px;}
h1 {
background-image: url('../images/bullseye-logo.png');
background-repeat: no-repeat;
text-indent: 100%;
white-space: nowrap;
overflow: hidden;
height: 109px;
width: 643px;
margin: 40px auto;}
#teacher {
float:right;
margin:0px 30px 0px 0px;}
#teacher2 {
float:right;
margin:135px 30px 0px 0px;}
#page1, #page2 {
background-color: #fecc6f;
height: 596px;
padding: 10px;
min-width: 779px;}
#page2 {
height: 730px;}
#answer {
border: 12px double #fff;
color: #523620;
text-align: left;
padding: 20px;
margin: 70px auto 10px auto;
width: 250px;
text-align: center;}
#blackboard {
background-color: #425a5a;
border: 25px solid #523620;
border-radius: 20px;
padding: 40px 20px;
margin: 0px auto;
height: 600px;
width: 600px;
text-align: center;}
c04/do-while-loop.htmlBullseye
c04/example.htmlBullseye
c04/for-loop.htmlBullseye
c04/if-else-statement.htmlBullseye
c04/if-statement.htmlBullseye
c04/if-statement-with-function.htmlBullseye
c04/images/bullseye-logo.png
c04/images/teacher.png
c04/index.htmlJavaScript & jQuery
Chapter 4: Decisions & Loops1Using Comparison Operatorscomparison-operator.htmlcomparison-operator.js2Using Comparison Operators Continuedcomparison-operator-continued.htmlcomparison-operator-continued.js3Using Logical Andlogical-and.htmllogical-and.js4Using Logical Or and Logical Notlogical-or-logical-not.htmllogical-or-logical-not.js5aUsing If Statementsif-statement.htmlif-statement.js5bIf Statement with Functionif-statement-with-function.htmlif-statement-with-function.js6Using If... Else Statementsif-else-statement.htmlif-else-statement.js7Using Switch Statementsswitch-statement.htmlswitch-statement.js8Using For Loopsfor-loop.htmlfor-loop.js9Using While Loopswhile-loop.htmlwhile-loop.js10Using Do While Loopsdo-while-loop.htmldo-while-loop.js11Exampleexample.htmlexample.js
c04/js/comparison-operator.js
var pass = 50; // Pass mark
var score = 90; // Score
// Check if the user has passed
var hasPassed = score >= pass;
// Write the message into the page
var el = document.getElementById('answer');
el.innerHTML = 'Level passed: ' + hasPassed;
c04/js/comparison-operator-continued.js
var score1 = 90; // Round 1 score
var score2 = 95; // Round 2 score
var highScore1 = 75; // Round 1 high score
var highScore2 = 95; // Round 2 high score
// Check if scores are higher than current high scores
var comparison = (score1 + score2) > (highScore1 + highScore2);
// Write the message into the page
var el = document.getElementById('answer');
el.innerHTML = 'New high score: ' + comparison;
c04/js/do-while-loop.js
var i = 1; // Set counter to 1
var msg = ''; // Message
// Store.
More from clairbycraft (20)
Calculus Quiz 2 (Derivatives)Covers Units 9-13. This is a 10 quest.docx
Calculus Quiz 2 (Derivatives)Covers Units 9-13. This is a 10 quest.docx
Calculus IDirections (10 pts. each) Answer each of the followin.docx
Calculus IDirections (10 pts. each) Answer each of the followin.docx
Cadence Publishes Comprehensive Book onMixed-Signal Method.docx
Cadence Publishes Comprehensive Book onMixed-Signal Method.docx
Calculate the energy in the form of heat (in kJ) required to change .docx
Calculate the energy in the form of heat (in kJ) required to change .docx
CAHIIM Competencies Assessed Subdomain VI.D. Human Resources Ma.docx
CAHIIM Competencies Assessed Subdomain VI.D. Human Resources Ma.docx
C8-1 CASE STUDY 8 CARLSON COMPANIES STORAGE SOLUT.docx
C8-1 CASE STUDY 8 CARLSON COMPANIES STORAGE SOLUT.docx
Caffeine intake in children in the United States and 10-ytre.docx
Caffeine intake in children in the United States and 10-ytre.docx
Cabbage patch hip dance move, The running man hip hop dance move, th.docx
Cabbage patch hip dance move, The running man hip hop dance move, th.docx
CA4Leading TeamsAre we a teamHi, my name is Jenny .docx
CA4Leading TeamsAre we a teamHi, my name is Jenny .docx
C7-1 CASE STUDY 7 DATA CENTER CONSOLIDATION AT GUARDI.docx
C7-1 CASE STUDY 7 DATA CENTER CONSOLIDATION AT GUARDI.docx
C9-1 CASE STUDY 9 ST. LUKES HEALTH CARE SYSTEM Hospitals have been .docx
C9-1 CASE STUDY 9 ST. LUKES HEALTH CARE SYSTEM Hospitals have been .docx
C9-1 CASE STUDY 9 ST. LUKES HEALTH CARE SYSTEM .docx
C9-1 CASE STUDY 9 ST. LUKES HEALTH CARE SYSTEM .docx
C6-1 CASE STUDY 6 CHEVRON’S INFRASTRUCTURE EVOLUT.docx
C6-1 CASE STUDY 6 CHEVRON’S INFRASTRUCTURE EVOLUT.docx
C125C126 FORMAL LAB REPORTFORMAL LAB REPORT, GeneralA f.docx
C125C126 FORMAL LAB REPORTFORMAL LAB REPORT, GeneralA f.docx
C10-1 CASE STUDY 10 CHOICE HOTELS INTERNATIONAL .docx
C10-1 CASE STUDY 10 CHOICE HOTELS INTERNATIONAL .docx
C1-1 CASE STUDY 1 UNIFIED COMMUNICATIONS AT BOEING .docx
C1-1 CASE STUDY 1 UNIFIED COMMUNICATIONS AT BOEING .docx
C09 07222011 101525 Page 88IT leader who had just been.docx
C09 07222011 101525 Page 88IT leader who had just been.docx
C053GXML 10192012 214425 Page 131cC H A P T E R.docx
C053GXML 10192012 214425 Page 131cC H A P T E R.docx
c04.DS_Storec04comparison-operator.htmlBullseyec04com.docx
c04.DS_Storec04comparison-operator.htmlBullseyec04com.docx
Recently uploaded
Home assignment II on Spectroscopy 2024 Answers.pdf
Answers to Home assignment on UV-Visible spectroscopy: Calculation of wavelength of UV-Visible absorption
1.4 modern child centered education - mahatma gandhi-2.pptx
Child centred education is an educational approach that priorities the interest, needs and abilities of the child in the learning process.
How to Make a Field invisible in Odoo 17
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Synthetic Fiber Construction in lab .pptx
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Model Attribute Check Company Auto Property
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Operation Blue Star - Saka Neela Tara
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
Class 11 CBSE Business Studies Project ( AIDS TO TRADE - INSURANCE)
2024.06.01 Introducing a competency framework for languag learning materials ...
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxMohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
This slide is prepared for master's students (MIFB & MIBS) UUM. May it be useful to all.Embracing GenAI - A Strategic Imperative
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Palestine last event orientationfvgnh .pptx
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Overview on Edible Vaccine: Pros & Cons with Mechanism
This ppt include the description of the edible vaccine i.e. a new concept over the traditional vaccine administered by injection.
Recently uploaded (20)
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY .docx
- 1. C11-1 CASE STUDY 11 CLOUD COMPUTING (IN)SECURITY Cloud computing is reshaping enterprise network architectures and infrastructures. It refers to applications delivered as services over the Internet as well as the hardware and systems software in data centers that provide those services. The services themselves have long been referred to as Software as a Service (SaaS) which had its roots in Software- Oriented Architecture (SOA) concepts that began shaping enterprise network roadmaps in the early 2000s. IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) are other types of cloud computing services that are
- 2. available to business customers. Cloud computing fosters the notion of computing as a utility that can be consumed by businesses on demand in a manner that is similar to other services (e.g. electricity, municipal water) from traditional utilities. It has the potential to reshape much of the IT industry by giving businesses the option of running business software applications fully on-premises, fully in “the cloud” or some combination of these two extremes. These are choices that businesses have not had until recently and many companies are still coming to grips with this new computing landscape. Security is important to any computing infrastructure. Companies go to great lengths to secure on-premises computing systems, so it is not surprising that security looms as a major consideration when augmenting or replacing on-premises systems with cloud services. Allaying security
- 3. C11-2 concerns is frequently a prerequisite for further discussions about migrating part or all of an organization’s computing architecture to the cloud. Availability is another major concern: “How will we operate if we can’t access the Internet? What if our customers can’t access the cloud to place orders?” are common questions [AMBR10]. Generally speaking, such questions only arise when businesses contemplating moving core transaction processing, such as ERP systems, and other mission critical applications to the cloud. Companies have traditionally demonstrated less concern about migrating high maintenance applications such as e-mail and payroll to cloud service providers even though such applications hold sensitive information.
- 4. Security Issues and Concerns Auditability is a concern for many organizations, especially those who must comply with Sarbanes-Oxley and/or Health and Human Services Health Insurance Portability and Accountability Act (HIPAA) regulations [IBM11]. The auditability of their data must be ensured whether it is stored on- premises or moved to the cloud. Before moving critical infrastructure to the cloud, businesses should do diligence on security threats both from outside and inside the cloud [BADG11]. Many of the security issues associated with protecting clouds from outside threats are similar to those that have traditionally faced centralized data centers. In the cloud, however, responsibility for assuring adequate security is frequently shared among users, vendors, and any third- party firms that users rely on for security-sensitive software or configurations. Cloud users are responsible for application-level
- 5. security. Cloud vendors are responsible for physical security and some software security such as enforcing external firewall policies. Security for intermediate layers of the software stack is shared between users and vendors. C11-3 A security risk that can be overlooked by companies considering a migration to the cloud is that posed by sharing vendor resources with other cloud users. Cloud providers must guard against theft or denial- of-service attacks by their users and users need to be protected from one another. Virtualization can be a powerful mechanism for addressing these potential risks because it protects against most attempts by users to attack one another or the provider’s infrastructure. However, not all resources are
- 6. virtualized and not all virtualization environments are bug-free. Incorrect virtualization may allow user code to access to sensitive portions of the provider’s infrastructure or the resources of other users. Once again, these security issues are not unique to the cloud and are similar to those involved in managing non-cloud data centers, where different applications need to be protected from one another. Another security concern that businesses should consider is the extent to which subscribers are protected against the provider, especially in the area of inadvertent data loss. For example, in the event of provider infrastructure improvements, what happens to hardware that is retired or replaced? It is easy to imagine a hard disk being disposed of without being properly wiped clean of subscriber data. It is also easy to imagine permissions bugs or errors that make subscriber data visible to
- 7. unauthorized users. User-level encryption may be an important self-help mechanism for subscribers, but businesses should ensure that other protections are in place to avoid inadvertent data loss. Addressing Cloud Computer Security Concerns Numerous documents have been developed to guide business thinking about the security issues associated with cloud computing. Even NIST has weighed in on these issues [BADG11]. NIST’s recommendations systematically consider each of the major types of cloud services consumed C11-4 by businesses including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). While security issues vary somewhat depending on the type of cloud service, there are multiple NIST
- 8. recommendations that are independent of service type. Several of these are summarized in Table C11.1. Not surprisingly, NIST recommends selecting cloud providers that support strong encryption, have appropriate redundancy mechanisms in place, employ authentication mechanisms, and offer subscribers sufficient visibility about mechanisms used to protect subscribers from other subscribers and the provider. As more businesses incorporate cloud services into their enterprise network infrastructures, cloud computing security will persist as an important issue. Examples of cloud computing security failures have to potential to have a chilling effect on business interest in cloud services and this is inspiring service providers to be serious about incorporating security mechanisms that will allay concerns of potential subscribers. Some service
- 9. providers have moved their operations to Tier 4 data centers to address user concerns about availability and redundancy. Because so many businesses remain reluctant to embrace cloud computing in a big way, cloud service providers will have to continue to work hard to convince potential customers that computing support for core business processes and mission critical applications can be moved safely and securely to the cloud [HEAV11]. Discussion Points 1. Do some Internet research to identify businesses who have suffered because of cloud security weaknesses or failures. What can companies who are contemplating cloud computing services learn from the negative experiences of these businesses? 2. Do some Internet research on security mechanisms associated with virtualization. How can virtualization be used by cloud service providers to protect subscriber data?
- 10. C11-5 3. Choose one of the following cloud services categories: SaaS, IaaS, PaaS. Do some Internet research that focuses the security issues associated with the selected cloud service category. Summarize the major security risks associated with the cloud service category and identify mechanisms that can be used to address these risks. Sources [ARMB10] Armbrust, M., Fox, A., Griffith, R, Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., and Zaharia, M. “A View of Cloud Computing.” Communications of the ACM, Vol. 53, No. 4, April 2010, pp. 50-58. [BADG11] Badger, L., Grance, T., Patt-Comer, R., and Voas, J. Draft Cloud Computing Synopsis and Recommendations: Recommendations of the National Institute of Standards and Technology, Special Publication 800-146, May 2011. [HEAV11] Heavey, J. “Cloud Computing: Secure or Security Risk?” Technorati.com, November 28, 2011. Retrieved online from:
- 11. http://technorati.com/technology/cloud-computing/article/cloud- computing- secure-or-a-security1/. [IBM11] IBM Global Technology Services. Security and Availability in Cloud Computing Environments, Technical White Paper, June 2011. http://technorati.com/technology/cloud-computing/article/cloud- computing-secure-or-a-security1/ http://technorati.com/technology/cloud-computing/article/cloud- computing-secure-or-a-security1/ C11-6 CASE STUDY 11Security Issues and ConcernsAddressing Cloud Computer Security ConcernsDiscussion PointsSources