This document contains the answers to 10 short questions related to cloud computing topics. It defines computer viruses, worms, and Trojan horses. It discusses network protocols like FTP, HTTPS, and others used in cloud computing. It explains denial of service (DoS) attacks, resource management in cloud computing, differences between HTTP and HTTPS, scheduling in cloud computing, differences between authentication and authorization, data encryption techniques, what SSL is, and what an identity management system is and how it is helpful in cloud computing.
On demand delivery of IT resources through the internet with payment depending on the use of the service is known as cloud computing.
The term cloud refers to a network or the internet.
It gives a solution for infrastructure at low cost.
Cloud computing refers to manipulating, configuring, and accessing the applications online. It offers online data storage, infrastructure and application.
Cloud computing is both a combination of software and hardware based computing resources delivered as a network service.
On demand delivery of IT resources through the internet with payment depending on the use of the service is known as cloud computing.
The term cloud refers to a network or the internet.
It gives a solution for infrastructure at low cost.
Cloud computing refers to manipulating, configuring, and accessing the applications online. It offers online data storage, infrastructure and application.
Cloud computing is both a combination of software and hardware based computing resources delivered as a network service.
A summary of the major events that brought about cloud computing, starting in the 1950s. You can find this information and much more in Oneserve's 'Ultimate Guide to the Cloud'.
Cloud computing Definition, Types of cloud, Cloud services: Benefits and challenges of cloud computing, Evolution of Cloud Computing, Applications cloud computing, Business models around Cloud, Major Players in Cloud Computing, Issues in Cloud - Eucalyptus - Nimbus - Open Nebula, CloudSim.
A quick overview of the possible business models of the cloud computing companies. Done for Tampere University of Technology seminar course about cloud computing ( http://www.cs.tut.fi/~tsysta/Pilvilaskenta.html ).
This PPT presentation gives you detail introduction to cloud computing. In this ppt we have covered different types of cloud computing and different services cloud computing provides, benefits of it and challenges it faces.
The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.
Learn about the key cloud computing trends to watch in 2023. The future is cloud computing, and businesses are transforming their IT infrastructure with cloud computing services.
A summary of the major events that brought about cloud computing, starting in the 1950s. You can find this information and much more in Oneserve's 'Ultimate Guide to the Cloud'.
Cloud computing Definition, Types of cloud, Cloud services: Benefits and challenges of cloud computing, Evolution of Cloud Computing, Applications cloud computing, Business models around Cloud, Major Players in Cloud Computing, Issues in Cloud - Eucalyptus - Nimbus - Open Nebula, CloudSim.
A quick overview of the possible business models of the cloud computing companies. Done for Tampere University of Technology seminar course about cloud computing ( http://www.cs.tut.fi/~tsysta/Pilvilaskenta.html ).
This PPT presentation gives you detail introduction to cloud computing. In this ppt we have covered different types of cloud computing and different services cloud computing provides, benefits of it and challenges it faces.
The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.
Learn about the key cloud computing trends to watch in 2023. The future is cloud computing, and businesses are transforming their IT infrastructure with cloud computing services.
Introduction to Artificial Intelligence, Views of AI, Categories of AI, Turing Test, Characteristics of AI, Foundation of AI, Histrory of AI, Applications
A business group is the highest level of organization and the largest grouping of employees across which you may report. A Business Group holds a complete, self-contained set of information on work structures, remuneration policies and employees. Each Business Group can have just one particular set of segments defined for its Job, Position, Grade, Employee Group and Cost Allocation key flex fields.
A business group is a basically Human Resources organization to which you assign employees. You assign each operating unit to a business group in the financial options setup. You can assign the same business group to different operating units including to operating units in different financial sets of books. You can setup a separate business group for each operating unit if you want to segregate and maintain each group of employees separately. Oracle provides one setup business group you can use.
It is for the new users those don't have much knowledge regarding IT Security. Here i focus on Windows In built firewall, Comodo, Zone Alarm and Out Post pro configuration basics.
Important Terminology for the Users of Web-based ServicesHTS Hosting
The rapid growth of the World Wide Web and the increased use of web-based services make it essential for the users of such services to be aware of the most important and frequently used terms with regard to web-based services.
Creating ESS Jobs for Oracle Fusion BIP ReportsGurpreet singh
Topics:
1. Introduction to ESS Jobs
2. Creating ESS Jobs for Fusion BIP Reports
3. Running the ESS Job
In Oracle Fusion Cloud, an Enterprise Scheduler Service (ESS) job is a scheduled process that automates the execution of various business processes and tasks. ESS jobs enable users to manage, schedule, and monitor the execution of these processes without manual intervention, ensuring that tasks are performed consistently and on time.
Types of ESS Jobs: Predefined & Custom ESS Jobs
This will show all the steps to create Data Model and ESS Job for the BIP Report in Oracle Fusion Cloud
It covers:
Why Messaging System? – Problems without Messaging system
What is a Messaging System?
Types of Messaging Systems
Examples of Messaging Systems
Understanding Flex Fields with Accounting Flexfields(Chart of Accounts) in O...Gurpreet singh
A flexfield is a flexible data field that your organization can customize to your business needs without programming.
A flexfield is a field which is made up of subfields or segments.
A flexfield appears on your form as a popup window that contains a prompt for each segment. Each segment has a name and a set of valid values.
Also covers how to create custom Key Flexfield
***First Half***
Introduction to Oracle Fusion Middleware and Oracle ADF
Getting started with JDeveloper
Building a Business Model with ADF Business Components
Querying and persisting data
Exposing Data
Declaratively Customizing Data Services
Programmatically Customizing Data Services
Validating User Inputs
***Second Half***
Understanding UI Technology
Binding UI Components to Data
Planning the User Interface
Passing values between UI Elements
Responding to Application Events
Implementing Transactional Capabilities
When Web-based business applications communicate with each other, producer applications ENQUEUE messages and consumer applications DEQUEUE messages. Advanced Queuing provides database-integrated message queuing functionality. Advanced Queuing leverages the functions of the Oracle database so that messages can be stored persistently, propagated between queues on different machines and databases, and transmitted using Oracle Net Services, HTTP(S), and SMTP.
An SQL JOIN clause combines columns from one or more tables in a relational database. It creates a set that can be saved as a table or used as it is. A JOIN is a means for combining columns from one (self-table) or more tables by using values common to each.
Constraints are the rules enforced on the data columns of a table. These are used to limit the type of data that can go into a table. This ensures the accuracy and reliability of the data in the database.
Constraints can be divided into following two types:
Column level constraints : limits only column data
Table level constraints : limits whole table data
Aggregate Functions
Generic programming is a style of computer programming in which algorithms are written in terms of types to-be-specified-later that are then instantiated when needed for specific types provided as parameters.
Generics are a facility of generic programming that were added to the Java programming language in 2004 within version J2SE 5.0. They were designed to extend Java's type system to allow “a type or method to operate on objects of various types while providing compile-time type safety”
The Java collections framework supports generics to specify the type of objects stored in a collection instance.
In computer science, a stream is a sequence of data elements made available over time. A stream can be thought of as items on a conveyor belt being processed one at a time rather than in large batches.
Streams are processed differently from batch data :
*Normal functions cannot operate on streams as a whole, as they have potentially unlimited data, and formally
*Streams are codata (potentially unlimited), not data (which is finite).
This contains:
*Getting started with New Dynamic Web Project
*Starting the tomcat server
*Running your project
*Changing the context root
*Changing welcome pages of your website
Locations are shared across Business Groups in HRMS and with two other Oracle applications: Inventory and Purchasing. HRMS does not use some of the fields in the Location window. These fields are disabled for HRMS users. For example, the Legal Address check box is read-only and supports future functionality in Oracle Financials.
By default, the “Approvals Management Administrator” and “Approvals Management Business Analyst” responsibilities do not have any functions associated with them, because their access is restricted by Role Based Access Control (RBAC).
So we need to assign role AME_BUS_ANALYST to user
An operator is a symbol that tells the compiler to perform specific mathematical or logical manipulation. PL/SQL language is rich in built-in operators
What is PL/SQL?
PL/SQL (Procedural Language/Structured Query Language) is Oracle Corporation's procedural extension for SQL and the Oracle relational database. PL/SQL is available in Oracle Database (since version 7).
PL/SQL (Procedural Language extensions to SQL) is designed specifically for the seamless processing of SQL commands. PL/SQL stored and compiled in the database, runs within the Oracle executable and inherits the robustness, security, and portability of the Oracle Database.
Features of PL/SQL
Syntax of PL/SQL
Using comments
Variable Declaration
Printing messages
Sample Program
A data flow diagram (DFD) is a graphical representation of the "flow" of data through an information system, modeling its process aspects.
Why DFD technique is so Popular?
Symbols used in DFD
Constructing DFD Models
Data Dictionary
Developing the DFD model of System
Level O DFD or Context Diagram
Level 1 DFD
Strengths of DFD Model
Weaknesses of DFD Model
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...ssuser7dcef0
Power plants release a large amount of water vapor into the
atmosphere through the stack. The flue gas can be a potential
source for obtaining much needed cooling water for a power
plant. If a power plant could recover and reuse a portion of this
moisture, it could reduce its total cooling water intake
requirement. One of the most practical way to recover water
from flue gas is to use a condensing heat exchanger. The power
plant could also recover latent heat due to condensation as well
as sensible heat due to lowering the flue gas exit temperature.
Additionally, harmful acids released from the stack can be
reduced in a condensing heat exchanger by acid condensation. reduced in a condensing heat exchanger by acid condensation.
Condensation of vapors in flue gas is a complicated
phenomenon since heat and mass transfer of water vapor and
various acids simultaneously occur in the presence of noncondensable
gases such as nitrogen and oxygen. Design of a
condenser depends on the knowledge and understanding of the
heat and mass transfer processes. A computer program for
numerical simulations of water (H2O) and sulfuric acid (H2SO4)
condensation in a flue gas condensing heat exchanger was
developed using MATLAB. Governing equations based on
mass and energy balances for the system were derived to
predict variables such as flue gas exit temperature, cooling
water outlet temperature, mole fraction and condensation rates
of water and sulfuric acid vapors. The equations were solved
using an iterative solution technique with calculations of heat
and mass transfer coefficients and physical properties.
Forklift Classes Overview by Intella PartsIntella Parts
Discover the different forklift classes and their specific applications. Learn how to choose the right forklift for your needs to ensure safety, efficiency, and compliance in your operations.
For more technical information, visit our website https://intellaparts.com
Understanding Inductive Bias in Machine LearningSUTEJAS
This presentation explores the concept of inductive bias in machine learning. It explains how algorithms come with built-in assumptions and preferences that guide the learning process. You'll learn about the different types of inductive bias and how they can impact the performance and generalizability of machine learning models.
The presentation also covers the positive and negative aspects of inductive bias, along with strategies for mitigating potential drawbacks. We'll explore examples of how bias manifests in algorithms like neural networks and decision trees.
By understanding inductive bias, you can gain valuable insights into how machine learning models work and make informed decisions when building and deploying them.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Water billing management system project report.pdfKamal Acharya
Our project entitled “Water Billing Management System” aims is to generate Water bill with all the charges and penalty. Manual system that is employed is extremely laborious and quite inadequate. It only makes the process more difficult and hard.
The aim of our project is to develop a system that is meant to partially computerize the work performed in the Water Board like generating monthly Water bill, record of consuming unit of water, store record of the customer and previous unpaid record.
We used HTML/PHP as front end and MYSQL as back end for developing our project. HTML is primarily a visual design environment. We can create a android application by designing the form and that make up the user interface. Adding android application code to the form and the objects such as buttons and text boxes on them and adding any required support code in additional modular.
MySQL is free open source database that facilitates the effective management of the databases by connecting them to the software. It is a stable ,reliable and the powerful solution with the advanced features and advantages which are as follows: Data Security.MySQL is free open source database that facilitates the effective management of the databases by connecting them to the software.
Online aptitude test management system project report.pdfKamal Acharya
The purpose of on-line aptitude test system is to take online test in an efficient manner and no time wasting for checking the paper. The main objective of on-line aptitude test system is to efficiently evaluate the candidate thoroughly through a fully automated system that not only saves lot of time but also gives fast results. For students they give papers according to their convenience and time and there is no need of using extra thing like paper, pen etc. This can be used in educational institutions as well as in corporate world. Can be used anywhere any time as it is a web based application (user Location doesn’t matter). No restriction that examiner has to be present when the candidate takes the test.
Every time when lecturers/professors need to conduct examinations they have to sit down think about the questions and then create a whole new set of questions for each and every exam. In some cases the professor may want to give an open book online exam that is the student can take the exam any time anywhere, but the student might have to answer the questions in a limited time period. The professor may want to change the sequence of questions for every student. The problem that a student has is whenever a date for the exam is declared the student has to take it and there is no way he can take it at some other time. This project will create an interface for the examiner to create and store questions in a repository. It will also create an interface for the student to take examinations at his convenience and the questions and/or exams may be timed. Thereby creating an application which can be used by examiners and examinee’s simultaneously.
Examination System is very useful for Teachers/Professors. As in the teaching profession, you are responsible for writing question papers. In the conventional method, you write the question paper on paper, keep question papers separate from answers and all this information you have to keep in a locker to avoid unauthorized access. Using the Examination System you can create a question paper and everything will be written to a single exam file in encrypted format. You can set the General and Administrator password to avoid unauthorized access to your question paper. Every time you start the examination, the program shuffles all the questions and selects them randomly from the database, which reduces the chances of memorizing the questions.
6th International Conference on Machine Learning & Applications (CMLA 2024)ClaraZara1
6th International Conference on Machine Learning & Applications (CMLA 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of on Machine Learning & Applications.
We have compiled the most important slides from each speaker's presentation. This year’s compilation, available for free, captures the key insights and contributions shared during the DfMAy 2024 conference.
1. 1 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
Cloud Computing (BTCS-912)
Assignment 3
2. 2 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
Short questions
Q1: What are computer VIRUS, WORM and Trojan horse?
A: Computer VIRUS
A computer virus is a malware program that, when executed, replicates by inserting copies of itself
(possibly modified) into other computer programs, data files, or the boot sector of the hard drive;
when this replication succeeds, the affected areas are then said to be "infected".
Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk
space or CPU time, accessing private information, corrupting data, displaying political or
humorous messages on the user's screen, spamming their contacts, or logging their keystrokes.
Computer WORM
A computer worm is a self-replicating computer program that penetrates an operating system with
the intent of spreading malicious code. Worms utilize networks to send copies of the original code
to other computers, causing harm by consuming bandwidth or possibly deleting files or sending
documents via email.
A computer worm is a standalone malware computer program that replicates itself in order to
spread to other computers. Often, it uses a computer network to spread itself, relying on security
failures on the target computer to access it. Unlike a computer virus, it does not need to attach
itself to an existing program.
Trojan Horse
A Trojan horse, or Trojan, in computing is a generally a non-self-replicating type of malware
program containing malicious code that, when executed, carries out actions determined by the
nature of the Trojan, typically causing loss or theft of data, and possible system harm.
Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One
of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses
but instead introduces viruses onto your computer.
Q2: What network protocols are used in Cloud Computing?
A: FTP
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to
another host over a TCP-based network, such as the Internet.
FTP is built on client server architecture and uses separate control and data connections between
the client and the server. FTP may run in active or passive mode, which determines how the data
connection is established
3. 3 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
Active mode: In active mode, the client creates a TCP control connection to the server and sends
the server the client's IP address and an arbitrary client port number, and then waits until the server
initiates the data connection over TCP to that client IP address and client port number.
Passive Mode: In passive mode, the client uses the control connection to send a PASV command
to the server and then receives a server IP address and server port number from the server, which
the client then uses to open a data connection from an arbitrary client port to the server IP address
and server port number received. Passive mode may be used in situations where the client is behind
a firewall and unable to accept incoming TCP connections.
HTTPS
HTTPS is a communications protocol for secure communication over a computer network, with
especially wide deployment on the Internet. Technically, it is not a protocol in and of itself; rather,
it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL or
TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP
communications. The main motivation for HTTPS is to provide authentication of the visited
website and prevent wiretapping and man-in-the-middle attacks.
Q3: What is DOS Attack?
A: denial-of-service attack, a type of attack on a network that is designed to bring the network to
its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and
Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are
software fixes that system administrators can install to limit the damage caused by the attacks. But,
like viruses, new DoS attacks are constantly being dreamed up by hackers.
A denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a
machine or network resource unavailable to its intended users. A denial of service (DoS) attack is
a malicious attempt to make a server or a network resource unavailable to users, usually by
temporarily interrupting or suspending the services of a host connected to the Internet.
A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend
services of a host connected to the Internet.
A denial-of-service attack is characterized by an explicit attempt by attackers to prevent legitimate
users of a service from using that service. There are two general forms of DoS attacks: those that
crash services and those that flood services.
Q4: What is resource management in cloud computing?
A: A cloud computing infrastructure is a complex system with a large number of shared resources.
These are subject to unpredictable requests and can be affected by external events beyond your
control. Cloud resource management requires complex policies and decisions for multi-objective
optimization. It is extremely challenging because of the complexity of the system, which makes it
4. 4 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
impossible to have accurate global state information. It is also subject to incessant and
unpredictable interactions with the environment.
The strategies for cloud resource management associated with the three cloud delivery models,
Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS),
differ from one another. In all cases, the cloud services providers are faced with large, fluctuating
loads that challenge the claim of cloud elasticity. In some cases, when they can predict a spike can
be predicted, they can provision resources in advance. For example, seasonal Web services may
be subject to spikes.
For an unplanned spike, the situation is slightly more complicated. You can use Auto Scaling for
unplanned spike loads, provided there’s a pool of resources you can release or allocate on demand
and a monitoring system that lets you decide in real time to reallocate resources. Auto Scaling is
supported by PaaS services such as Google App Engine. Auto Scaling for IaaS is complicated due
to the lack of standards.
Q5: What is difference between HTTP and HTTPs?
A:
HTTP
Hypertext Transfer Protocol (HTTP) is a protocol used in networking. When you type any web
address in your web browser, your browser acts as a client, and the computer having the requested
information acts as a server. When client requests for any information from the server, it uses
HTTP protocol to do so. The server responds back to the client after the request completes.
HTTPs
Hypertext Transfer Protocol Secure (HTTPS) is a combination of two different protocols. It is
more secure way to access the web. It is combination of Hypertext Transfer Protocol (HTTPS) and
SSL/TLS protocol. It is more secure way to sending request to server from a client, also the
communication is purely encrypted which means no one can know what you are looking for. This
kind of communication is used for accessing those websites where security is required. Banking
websites, payment gateway, emails (Gmail offers HTTPS by default in Chrome browser), and
corporate sector websites are some great examples where HTTPS protocols are used.
For HTTPS connection, public key trusted and signed certificate is required for the server. These
certificate comes either free or it costs few dollars depends on the signing authority. There is one
other method for distributing certificates. Site admin creates certificates and loads in the browser
of users. Now when user requests information to the web server, his identity can be verified easily.
Here are some major differences between HTTP and HTTPS:
5. 5 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
HTTP HTTPS
URL begins with “http://” URL begins with “https://”
It uses port 80 for
communication
It uses port 443 for
communication
Unsecured Secured
Operates at Application Layer Operates at Transport Layer
No encryption Encryption is present
No certificates required Certificates required
Q6: What is scheduling in Cloud?
A: Cloud service scheduling is categorized at user level and system level. At user level scheduling
deals with problems raised by service provision between providers and customers. The system
level scheduling handles resource management within datacenter.
Static and Dynamic Scheduling
Static scheduling allows for pre-fetching required data and pipelining different stages of task
execution. Static scheduling imposes less runtime overhead. In case of dynamic scheduling
information of the job components/task is not known beforehand. Thus execution time of the task
may not be known and the allocation of tasks is done on fly as the application executes.
Heuristic Scheduling
Optimization problems are in Class NP-hard. These problems can be solved by enumeration
method, heuristic method or approximation method. In enumeration method, an optimal solution
can be selected if all the possible solutions are enumerated and compared one by one. When
number of instances is large, exhaustive enumeration is not feasible for scheduling problems. In
that case heuristic is a suboptimal algorithm to find reasonably good solutions reasonably fast.
Approximation algorithms are used to find approximate solutions to optimized solution. These
algorithms are used for problems when exact polynomial time algorithms are known
Real Time Scheduling
The primary objectives of real time scheduling are to increase throughput and minimize average
response time instead of meeting deadlines
Q7: What is difference between authentication and authorization? Explain.
A: Authentication
6. 6 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
Authentication is the process of verifying the identity of a user using some credentials like
username and password. Authentication merely ensures that the individual is who he or she
claims to be, but says nothing about the access rights of the individual.
Authorization
The process of granting or denying access to a network resource. Authorization determines the
parts of the system to which a particular identity has access.
Authentication is required before Authorization.
For e.g. If an employee authenticates himself with his credentials on a system, authorization will
determine if he has the control over just publishing the content or also editing it
Q8: What is data encryption? Discuss some current techniques used for encryption.
A: Data encryption is the act of changing electronic information into an unreadable state by
using algorithms or ciphers. Encryption does not of itself prevent interception, but denies the
message content to the interceptor. In an encryption scheme, the message or information,
referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that
can only be read if decrypted.
Encryption Techniques:
Hashing
The first encryption method, called hashing, creates a unique, fixed-length signature for a message or data
set. Hashes are created with an algorithm, or hash function, and people commonly use them to compare
sets of data. Since a hash is unique to a specific message, even minor changes to that message result in a
dramatically different hash, thereby alerting a user to potential tampering.
A key difference between hashing and the other two encryption methods is that once the data is
encrypted, the process cannot be reversed or deciphered. This means that even if a potential attacker
were able to obtain a hash, he or she would not be able to use a decryption method to discover the
contents of the original message. Some common hashing algorithms are Message Digest 5 (MD5) and
Secure Hashing Algorithm (SHA).
Symmetric Methods
Symmetric cryptography, also called private-key cryptography, is one of the oldest and most secure
encryption methods. The term "private key" comes from the fact that the key used to encrypt and decrypt
data must remain secure because anyone with access to it can read the coded messages. A sender
encodes a message into ciphertext using a key, and the receiver uses the same key to decode it.
7. 7 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
People can use this encryption method as either a "stream" cipher or a "block" cipher, depending on the
amount of data being encrypted or decrypted at a time. A stream cipher encrypts data one character at a
time as it is sent or received, while a block cipher processes fixed chunks of data. Common symmetric
encryption algorithms include Data Encryption Standard (DES), Advanced Encryption Standard (AES), and
International Data Encryption Algorithm (IDEA).
Asymmetric Methods
Asymmetric, or public key, cryptography is, potentially, more secure than symmetric methods of
encryption. This type of cryptography uses two keys, a "private" key and a "public key," to perform
encryption and decryption. The use of two keys overcomes a major weakness in symmetric key
cryptography, since a single key does not need to be securely managed among multiple users.
In asymmetric cryptography, a public key is freely available to everyone and used to encrypt messages
before sending them. A different, private key remains with the receiver of ciphertext messages, who uses
it to decrypt them. Algorithms that use public key encryption methods include RSA and Diffie-Hellman.
Q9: What is SSL?
A: SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted
link between a web server and a browser. This link ensures that all data passed between the web
server and browsers remain private and integral. SSL is an industry standard and is used by
millions of websites in the protection of their online transactions with their customers.
To be able to create an SSL connection a web server requires an SSL Certificate. When you
choose to activate SSL on your web server you will be prompted to complete a number of
questions about the identity of your website and your company. Your web server then creates
two cryptographic keys - a Private Key and a Public Key.
Typically an SSL Certificate will contain your domain name, your company name, your address,
your city, your state and your country. It will also contain the expiration date of the Certificate
and details of the Certification Authority responsible for the issuance of the Certificate. When a
browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has
not expired, it has been issued by a Certification Authority the browser trusts, and that it is being
used by the website for which it has been issued. If it fails on any one of these checks the
browser will display a warning to the end user letting them know that the site is not secured by
SSL.
Q10: What is Identity Management System? How it is helpful in Cloud Computing?
A: Identity management (IdM) describes the management of individual identities, their
authentication, authorization, roles and privileges within or across system and enterprise
boundaries with the goal of increasing security and productivity while decreasing cost, downtime,
8. 8 | P a g e B y G u r p r e e t S i n g h
http://gsbprogramming.blogspot.in/
and repetitive tasks. Identity management (ID management) is a broad administrative area that
deals with identifying individuals in a system (such as a country, a network, or an enterprise) and
controlling their access to resources within that system by associating user rights and restrictions
with the established identity.
In terms of security, identity management in cloud computing is one area that will require increased
attention if those benefits are to be fully realized. In order to grant safe access to sensitive
information and resources to all those who need it, organizations must carefully monitor which
users are accessing what resources to ensure that they are accessing the resources that they need
in an appropriate manner. Because of this, Gartner is predicting that identity and access
management in the cloud will be one of the top three most sought after services moving forward
for cloud-based models.
IMS provides several advantages:
The ability to have common identity validation for systems both inside and outside the
enterprise, such as those hosted on public clouds
The ability to centrally solve problems, such as identifying and neutralizing security
problems
The ability to spend less on enterprise security by relying on the centralized trust model
to deal with identity management across external and internal systems