IT Module Paper-2

Sr. No. Topics Page No.
1 ICT Security 2-8
2 Cyber Security 9-32

3 ERP 33-35
4 0racle Data Base 36-48
5 Cloud Computing 49-66
6 Computer Networking/LAN/WAN 67-79
7 World Wide Web 80-87

8 OSI Model 88-91
9 Ethernet 92-104
10 Multimedia Services 105-132

11 E-Governance/Commerce/Education/Medicine 133-142
JTO to SDE LDCE For Internal Circulation Only Page 1

ICT Security
Need for Information Security:
Human life today is highly dependent on information and communications technology (ICT).
This makes individuals, organizations and nations highly vulnerable to attacks on information
systems, such as cyber-intrusions, cyber-terrorism, cyber-crime, and the like. Few individuals
and organizations are equipped to cope with such attacks. Governments have an important role
to play in ensuring information security by expanding the information- communication
infrastructure and establishing systems to protect against information security threats.
This module focuses on Information Security which is part of Cyber Security. Issues on freedom
of expression online, human rights online, violence against women and girls (VAWG) online,
digital abuse and online sexual harassment, hate speech online, cyberbullying, and child online
protection (COP) initiatives have been excluded in this module, and they can form part of a
separate module on Internet/Online safety awareness.
Basic Concepts in ICT Security:
What is information?
Generally, information is defined as the result of mental activity; it is an intangible product that
is transmitted through media. In the field of ICT, information is the result of processing,
manipulating and organizing data, which is simply a collection of facts.
In the field of Information Security, information is defined as an “asset”; it is something that has
value and should therefore be protected. The definition of information and information security
in ISO/IEC 27001:2005 is used throughout this module.
The value assigned to information today reflects the shift from an agricultural society to an
industrial society and finally to an information-oriented society. In agricultural societies, land
was the most important asset and the country with the largest production of grain had a
competitive edge. In industrial societies, capital strength, such as having oil reserves, was a key
factor in competitiveness. In a knowledge and information-oriented society, information is the
most important asset and the ability to collect, analyze and use information is a competitive
advantage for any country.
As the perspective has shifted from net asset value to information asset value, there is a
growing consensus that information needs to be protected. Information itself is valued more
than the media holding information. Table 1 contrasts information assets with tangible assets.
As shown in Below, information assets are radically different from tangible assets. Thus,
information assets are vulnerable to different kinds of risks.

Characteristic Information assets Tangible assets
Have no physical form and can be Have physical form
Form – maintenance
flexible
Attain higher value when combined Total value is the sum of each
Value – variableness
and processed value
Unlimited reproduction of information Reproduction is impossible; with
assets is reproduction, the value of the
Sharing possible, and people can share the asset is reduced
value
Need to be delivered through media Can be delivered independently
Media – dependency
(due to their physical form)
Risks to information assets

As the value of information assets goes up, the desire to gain access to information and to
control it increases among people. Groups are formed to use information assets for various
objectives, and some exert effort to obtain information assets by whatever means. The latter
include unauthorized access (hacking), unauthorized use (piracy), destruction of information
systems through computer viruses, and others. These risks that are attendant on
informatization are discussed in section 2 of this module.
The negative aspects of information-oriented environments include the following:

Increase in unethical behavior arising from anonymity – ICT can be used to maintain anonymity,
which makes it easy for certain individuals to engage in unethical and criminal behavior,
including illegal acquisition of information.
Conflicts over ownership and control of information – Complications caused by ownership and
control of information have increased with the expansion of informatization. For example, as
governments seek to build a personal information database under the umbrella of e-
government, some sectors have expressed concern over the possibility of invasion of privacy
from the disclosure of personal information to other parties.
Information and wealth gaps between classes and countries – The size of information asset
holdings can be the barometer of wealth in knowledge/information-oriented societies.
Developed countries have the capacity to produce more information and to profit from selling
information as products. Information-poor countries, by contrast, need huge investments just
to be able to access information.

Growing information exposure caused by advanced networks – The knowledge/information-
oriented society is a network society. The whole world is connected like a single network, which
means that weaknesses in one part of the network can adversely impact the rest of the
network.
What is information security?

Information security is defined as the preservation of confidentiality, integrity and availability of
information. 1 It typically involves preventing or at least reducing the probability of
unauthorized/inappropriate access, use, disclosure, disruption, deletion/destruction,
corruption, modification, inspection, recording or devaluation, although it may also involve
reducing the adverse impacts of incidents. Information may take any form, e.g., electronic or
physical, tangible (e.g. paperwork) or intangible (e.g. knowledge).
Information security's primary focus is the balanced protection of the confidentiality, integrity
and availability of data (also known as the CIA triad) while maintaining a focus on efficient
policy implementation, all without hampering organization productivity.
Cyber Security, in contrast, includes not only information security, but also digital infrastructure
security, such as Supervisory Control and Data Acquisition (SCADA) systems and Internet-of-
Things (IoT) systems, which goes beyond the protection of valuable information.
4Rs of information security

The 4Rs of information security are Right Information, Right People, Right Time and Right Form.
Control over the 4Rs is the most efficient way to maintain and control the value of information.

“Right Information” refers to the accuracy and completeness of information, which guarantees
the integrity of information.
“Right People” means that information is available only to authorized individuals, which
guarantees confidentiality.
“Right Time” refers to the accessibility of information and its usability upon demand by an
authorized entity. This guarantees availability.
“Right Form” refers to providing information in the right format.
To safeguard information security, the 4Rs have to be applied properly. This means that
confidentiality, integrity and availability should be observed when handling information.
Figure: Correlation between risk and information assets
Information security also requires a clear understanding of the value of information assets, as
well as their vulnerabilities and corresponding threats. This is known as risk management.
Above Figure above shows the correlation between information assets and risk.
Risk is determined by the asset value, threats and vulnerabilities. The formula is as follows:
Risk = ∫(Asset Value, Threats, Vulnerabilities)
Risk is directly proportional to asset value, threats and vulnerabilities. Thus, the risk can be
increased or decreased by manipulating the size of the asset value, threats and vulnerabilities.
This can be done through risk management.

The methods of risk management are as follows:
Risk reduction (risk mitigation) – This is done when the likelihood of threats/vulnerabilities is
high, but their effect is low. It involves understanding what the threats and vulnerabilities are,
altering or reducing them, and implementing a countermeasure. However, risk reduction does
not reduce the value of risk to “0”.
Risk acceptance – This is done when the likelihood of threats/vulnerabilities is low and their
likely impact is minor or acceptable.
Risk transference – If the risk is excessively high or the organization is not able to prepare the
necessary controls, the risk can be transferred outside of the organization. An example is taking
out an insurance policy.
Risk avoidance – If the threats and vulnerabilities are highly likely to occur and the impact is
also extremely high, it is best to avoid the risk by outsourcing data processing equipment and
staff, for example.
Methods of Risk Management

Above Figure is a graphic representation of these four methods of risk management. In this
figure, the quadrant marked “1” is risk reduction, “2” is risk acceptance, “3” is risk transference
and “4” is risk avoidance.
A key consideration in choosing the appropriate risk management method is cost- effectiveness.
A cost-effectiveness analysis should be performed before the plan for risk reduction,
acceptance, transference, or avoidance is established.

Standards for Information Security Activities
Information security activities cannot be effectively performed without the mobilization of a
unified administrative, physical and technical plan.
Many organizations have recommended standards for information security activities. Examples
include the International Organization for Standardization and International Electro technical
Commission (ISO/IEC), International Telecommunication Union (ITU-U), information security
requirements and evaluation items of the Certified Information Systems Auditor (CISA) of the
Information Systems Audit and Control Association (ISACA), and Certified Information Systems
Security Professional (CISSP) of the International Information System Security Certification
Consortium (ISC) 2 . These standards recommend unified information security activities, such as
the formulation of an information security policy, the construction and operation of an
information security organization, human resources management, physical security
management, technical security management, security audit and business continuity
management.
Information security domains and related standard and certifications

Security domains ISO/IEC 27001 CISA CISSP
Security Architecture
Information Security Governance and
and
Policy Management of IT
Engineering
Organization of
Information Security
Protection of Security and Risk
Asset Management
Information Assets Management
Human Resources
Security
Incident Management
aspects of Business
Continuity
Administrative
Management
Supplier Relationships Information systems Security Assessment
Compliance (IS) Auditing Process and Testing
Physical and Environmental
Asset Security
Physical Security

Security Operations
Cryptography Information Systems
Communications
Communications Security Operations and
and Network
Operations Security Business Resilience
Security
Identity and Access
Technical Access Control
Management
ISO/IEC27001 focuses on administrative security. In particular, it emphasizes documentation

and operation audit as administrative behavior and the observance of policy/guideline and law.
Continuous confirmation and countermeasures by the administrator are required. Thus,
ISO/IEC27001 tries to address the weak points of security systems, equipment, and the like in
an administrative way.
In contrast, there is no mention of human resources or physical security in CISA, which
focuses on audit activities and controls on information systems. Accordingly, the role of
auditors and the performance of audit process are considered very important.
CISSP3 focuses mainly on technical security. It emphasizes the software development,
identity and access management, communications and network security and operations
security.

CYBER SECUIRTY
In a world where security has become an enormous factor and network administration
must cover everything from desktop support to business continuity planning, the scope of IT
duties has widened and budgets have narrowed.
This lesson covers several different aspects of security to help you find ways to keep
your network safe by spotting potential risks in the user environment before an incident
happens and showing you how to handle a security problem, should it occur. The lesson also
helps you evaluate your disaster recovery plan. It guides you through social engineering, safe
telecommuting, and the pitfalls of wireless LAN, and then takes you through incident response,
disaster recovery.
SOCIAL ENGINEERING
You see new articles about network security and vulnerabilities in software and hardware every
day. This visibility has caused security to become a priority in most companies. Efforts to make
sure the network is secure generally focus on how to implement hardware and software such as
intrusion detection, Web filtering, spam elimination, and patch installation.
One of the biggest threats of which we, as security professionals, are often unaware and cannot
control is social engineering. There's very attention paid to the person-machine interaction. This
lesson focuses on some of the methods of social engineering that are commonly used to obtain
information that can enable an intruder to penetrate the best hardware and software network
defenses.
Social engineering is a method of obtaining sensitive information about a office through
exploitation of human nature. It's an attempt to influence a person into revealing information
or acting in a manner that would disclose information that normally would not be provided. It's
based on the trusting side of human nature and people's desire to be helpful. Social engineering
is hard to detect because you have very little influence over lack of common sense or ignorance
on the part of employees. Business environments are fast paced and service oriented. Human
nature is trusting and often naive.
Before we get into the methods of social engineering, let's look at the planning of an attack. An
intruder seldom decides to infiltrate an office randomly. The attack is usually very methodical.
A social engineering attack is very similar to the way intelligence agencies penetrate their
targets:
 Gather intelligence.
 Select a specific vulnerable area as the entry point.
 Execute the attack.
In the intelligence-gathering phase, the attacker can find readily available information through
the following:
 Dumpster diving

 Web pages
 Ex-employees
 Vendors
 Contractors
 Strategic partners
This information is the foundation for the next phase, in which the intruder looks for
weaknesses in the organization's personnel. Some of the most common targets are people who
work the following:
 Help desk
 Tech support
 Reception
 Administrative support
These employees are most likely to be affected by an intimidation type of attack (discussed
later), simply because they handle a large volume of calls and they're trained to deliver good
customer service.
The last phase is the attack, also commonly known as the con. There are three broad categories
of attacks:
 Ego attacks
 Sympathy attacks
 Intimidation attacks
These attacks are discussed in further detail a little later in this lesson.
ATTACK ON THE PHYSICAL LEVEL

There are two levels at which social engineering occurs: the physical level and the psychological
level. Let's first look at the physical level, which is looking for information in ways other than
direct contact with the office or anyone in the office. We'll start with dumpster diving.
Dumpster diving
As humans, we naturally seek the path of least resistance. Instead of shredding documents or
walking them to the recycle bin, we often throw them in the nearest waste basket. Equipment
sometimes is put in the garbage. Intruders know this, so they often don't even have to contact
anyone in the office in order to extract sensitive information -- they can find it all in the office's
dumpsters. This is known as dumpster diving. Again, this is the path of least resistance -- no
phone calls, no visits, simply look through the garbage.
Anyone looking to extort money from the office or to steal identities could have easily made
hundreds of thousands of rupees from the information they could have gleaned in those
dumpsters. They would have had access to Social Security numbers, addresses, and a wealth of
personal and financial information. This incredible security breach not only jeopardized the

clients, but upon release of the story in news papers, the office stock plummeted and lawsuits
ensued.
In any office, the potential for this type of information access is huge. What happens when an
employee is leaving the office? He cleans out his desk. Depending on how long the employee
has been there, what ends up in the garbage could be a goldmine for an intruder. Other
potential sources of information that are commonly thrown in the garbage include
 Old office directories
 Old QA or testing analysis
 Employee manuals
 Training manuals
 Hard drives
 Floppy disks
 CDs
 Printed e-mails
TIP
All these items should be disposed of properly. You should formulate a policy on destruction of
data. The safest policy is to physically destroy the media and the information stored on it.
Destruction is the only safe method of completely removing all traces of information stored on
a removable media device. All paper-generated information should be shredded and/or taken
away by a bonded destruction office.
Web pages
The Web pages of an office are a great place to find out information and organizational
structure. Many companies also include the biographies of top executives. This information can
be used to impersonate that person or someone who is an associate of the executive.
For example, you could call an office and ask the receptionist for Manohar. She tells you that
Manohar is out of the office until Monday. You ask who is in charge until he returns. You are
told Mary. You leave a message for Mary, requesting information that she would have access
to, saying you're working with Manohar and he said she could fax or e-mail the information you
need while he's out of the office.
Additional methods of trickery

Another form of getting information is for an intruder to get employees to enter a contest. Say,
for example, that you got an old office directory through dumpster diving. You could then send
a contest letter to all employees asking them to register online at your Web site. Because many

users use the same password for various accounts, it's likely that you would get some network
passwords from the employees who register for the contest.
E-mail social engineering is done by tricking someone into believing that the e-mail is a
legitimate request. Social engineering involves knowing the target and this includes knowing
the e-mail addresses of your target. For instance the I LOVE YOU virus uses the social
engineering technique. This virus created so much damage because it used an emotion-
triggering subject, I LOVE YOU.
WARNING
E-mail social engineering is a much more direct means of gaining access to a system because
attachments can launch worms, viruses, and back doors.
Ex-employees are a great source of information on the inner workings of a office, especially if
they left the office under unhappy conditions. Vendors, contractors, and strategic partners are
another fantastic source of information. It's easier to impersonate someone from another office
than it is to impersonate an employee.
ATTACK ON THE PSYCHOLOGICAL LEVEL

These categories of attacks -- ego, sympathy, and intimidation -- are all on the psychological
level of social engineering. This means that the intruder appeals to the employee through the
use of emotion.
Let's examine each of these attacks.
Ego attacks
An ego attack is perhaps one of the favorite types of social engineering attacks simply because
you know that as network administrators, we all have big egos. The attacker appeals to the
vanity, or ego of the victim. The victim wants to prove how smart or knowledgeable he is and
unthinkingly provides sensitive information. We're all anxious to show how much more we
know than the next person or how much better our equipment is than theirs. The perfect
scenario for this type of engineering is a user group meeting held after work. You know of
several groups that meet once a month or so after work in some of the local clubs. Mix egos and
guess what happens?
It's amazing what employees will reveal without a whole lot of coaxing. How many of the
employees are unwitting revealing information in social settings without realizing who they are
talking to?
This can happen in any type of social setting. For example, suppose you attend a birthday party
for a friend. Some of the other attendees are also in the field and the topic of conversation
turns to servers. Everyone is comparing equipment. You'll know what operating systems are
running, what kind of equipment is running on each, and what issues each one is having.

Talking about our jobs and comparing problems are simply part of human nature, and ego
attack victims never realize what has happened, but the information extracted can be
extremely dangerous in the wrong hands.
Ego attackers also target those they sense are frustrated with their current job position.
Unhappy employees are very likely to reveal information with little prodding because they feel
mistreated.
Attackers also have been known to pretend to be law enforcement officials, and their victims
feel obliged and sometimes even honored to help them by providing information.
Sympathy or intimidation attacks

The following are all examples social engineering that either use intimidation or prey on
sympathy:
 You receive a call from someone saying he's a General Manager. He states that he's in
real trouble. He's attempting to do a presentation for Microsoft and has forgotten his
password; therefore he can't log into the Web site to do the presentation. He just
changed it yesterday and can't remember what it is. He needs to have it right away
because he has a room full of clients waiting and he's starting to look incompetent. This
is an extremely important client that could mean millions of dollars in revenue for the
office.
 Someone you have never seen before approaches you as you're entering a secured
building. She has her hands full carrying coffee and doughnuts. She smiles sweetly and
says she has her ID badge in her pocket, but just doesn't seem to have an extra hand to
swipe the card and still carry all she has. She asks that you please hold the door for her.
 You receive a call from the corporate office saying that a new mail server is being put
into place and there's an immediate need to verify current user accounts and
passwords. You are told that it's not safe to send this information via e-mail, and are
asked to please print it off and fax it directly to a number given to you. You're told that
the number is a direct line for the person putting the new server into place.
These attacks are very successful because our business needs change daily and we live in a fast-
paced world. This type of attack plays on the empathy and sympathy of the victim, and an
attacker can shop around until he finds someone who will help.
Here are some social-engineering approaches an intruder can use to get information:
 Pretends to be a fellow employee or a new hire, contractor, or a vendor.
 Insists there's some urgency to complete some task or obtain some information.
 Needs assistance or he will be in trouble or lose his job.

 Pretends to be someone influential, an authority figure, or, in some cases, a law
enforcement official, and uses that authority to coerce the victim into cooperation.
 If met with resistance, uses intimidation and threats such as job sanctions or criminal
charges.
 If pretending to be law enforcement officer, claims the investigation is hush-hush and
not to be discussed with anyone else.
WARNING
Employees can exploit social engineering just as well as outsiders. Keep in mind that more
damage is done to a network by disgruntled employees than by outsiders.
You'll learn how to recognize a social engineering situation shortly. Here's a scenario that
actually happened:
A user came to a network administrator with his laptop and requested that it be joined to the
domain. The administrator logged the user off the laptop, logged in as himself, and joined the
laptop to the domain. So, what's wrong with that? The user had keystroke logging software
installed on the laptop. He proceeded to go back to his work area, read the log file, log in as the
administrator, browse to the main server, and copy the SAM (Security Accounts Manager) to a
file. (For those of you unfamiliar with the SAM, it holds user account information that includes
usernames and passwords.) He took the file home and that evening ran L0phtCrack, which is
password-cracking software, on the file. The next day, he had the logins and passwords for
every user in the office. He periodically logged in as other users and accessed information he
should not have. As time went by, he got bolder, logging in as the administrator and shutting
down services, causing problems on the network. Eventually, his bragging got him into a bind
and he was dismissed for his actions. The best way to avoid this type of situation is to never join
a machine to the domain from a user's machine. The account should be created at the server
console instead.
Learn to recognize a social engineering situation

Well, now that you know about the methods of social engineering, it's time to look at how to
spot a potential situation. To keep from becoming a victim, you should know how to recognize
an intruder. You can be neither suspicious nor trusting of everyone, so where do you draw the
fine line?
Remember the Manohar scenario from earlier in this lesson? If the office had a policy requiring
employees to obtain contact information when a call comes in for an out-of-the-office
employee, one sign to look for would be refusal to leave contact information. In this example,
the receptionist simply states that Mr. Manohar is out of the office, and then asks for your
name and a number at which you can be reached, and what the call is in regard to, so that your
call may be properly returned. If you're an intruder, would you leave this information? Not

likely. If you're a persistent intruder, you may press the receptionist for information such as
when Mr. Brown will return and who is in charge in his absence, and act irate. This type of
behavior is also a concern. The caller is deliberately avoiding giving out information about him
while trying to push the receptionist into giving out more information about the employee.
What about someone who is rushing or is in a big hurry? We are all busy people; you're in as big
hurry as the next person. Look out for someone who tries to breeze by you as you're entering a
secure building. She may strike up a conversation, and then say she's late for a big meeting and
doesn't have time to be fishing for her ID badge, so she'll just come in with you. If you allow
this, you may be admitting an intruder into the building. A genuine employee understands the
security issue and finds her ID badge for admittance.
Name-dropping is often used to impress the people you are conversing with. Many folks like to
drop names -- it makes them feel more important. In social situations like the ones described
earlier, many a conversation begins with, "The other day I was talking to so-and-so." If the
speaker is talking about someone in your office, you get the feeling that he knows something
about what is going on in your office and that you might trust him. Instead of proceeding to
discuss the office, which is what the intruder wants, you may want to ask him questions such as
how do you know so-and-so to get a feel for whether the person is being truthful or not. Of
lesson, if he starts acting uneasy at the questions you're asking, you know that he's a potential
intruder.
Intimidation is one of the best ways to get information out of people, especially from people
who tend to be timid by nature. Employees should be able to address intimidation situations
without fear of punishment for not giving excellent customer service if they ask additional
questions or for more information.
Odd questions or asking for classified information can also be a dead giveaway that someone is
fishing for attack information. In the situation where the vice president needed a password, the
approach should be that this is a potential intruder and not a vice president.
Good practices can neutralize many of these social engineering situations. We'll discuss these
practices next.
Promote practices that prevent attacks

The impact of social engineering and the ease of an attack are usually high. Technical,
operational, and environmental controls individually will not prevent attacks. You need a
combination of all three along with user awareness training. Here's a list of items that can be
useful in preventing social engineering attacks:
 All employees should have a security mind-set and be able to question situations that do
not seem right.
 Cleaning crews should search the wastebaskets for sensitive information and turn it over
to management.

 Policies need to be in place for data destruction, including paper, hard drives, CDs, disks,
and so on.
 Implement self-service password management to address weaknesses with help desk
and password administration.
 Employees should have continued training in security awareness.
 Require all guests to sign in, wear a guest badge, and be escorted within the office.
 Have shredders located in convenient areas or hire a reputable office to pick up and
shred documents.
 Extra security training in the area of social engineering and office security policies should
be provided for security guards, receptionists, and help desk employees.
 Put policies in place for how to handle situations where an unknown person tries to slip
in with a legitimate employee (called tailgating). Be sure that all employees know the
policy and enforce it.
 Instruct employees on what can and cannot be discussed in social settings outside of
work.
 Encrypt information on desktops, laptops, and PDAs.
 Have polices regarding e-mail and voice mail notifications for employees on vacation or
out of the building for a period of time.
 Have incident response teams to lessen the damage if a breach occurs.
 Apply technology where possible such as biometrics or electronic security badges.
 Test your defenses periodically.
This by no means covers everything or all situations. The important factors to remember are
that there must be policies in place and that all employees must be aware of these policies.
Training must start as soon as the job begins. Employees should know they play a part in the
security of the office and that their jobs depend on their vigilance.
You're faced with customer service and courtesy issues everyday. Technology cannot control
these situations. We all must rely on each other to use our best judgment when revealing
information about our office and ourselves. Remember, the best defense is a good set of
policies, proper education, and continued awareness training.
SECURE COMPUTER AND NETWORK

We have seen the ways in which an intruder can use social engineering to attack a network.
Here, you'll see how an intruder can use a telecommuter's computer to attack your network
and how you can make that computer more secure.

Many IT professionals work from home at least part of the time. All of this makes for a flexible
work environment. That flexibility can also cause the IT professional a huge headache, because
you have no control over what goes on in the confines of an employee's home. There were
strange incidents happening on the network. A cracker had accessed the network and was
wreaking havoc. No matter what this administrator did to change and tighten security, the
cracker always got back in. Eventually it was discovered that the cracker was getting into the
network through the administrator's home machine, which was always left on and connected to
the Internet.
With information security, you cannot allow even the top leaders to sidestep or ignore policy.
An employee cannot be allowed to work at home until the home machine is secured. This
should part of the security policy and all employees should have signed a statement to that fact
when they were hired. Should you find yourself in this situation, it must be passed to the next
level of management or someone who manages security.
UNDERSTAND THE HOME ENVIRONMENT

What happens employees are allowed to work from home? They're given a office machine or
allowed to use their own, IT sets them up to access the network, and then we forget about
them.
Let's consider a few factors about telecommuting employees. After all, they're doing office
work. Most of them have children or spouses who use the same computer that they use to
access the work environment. Employees who have more that one computer usually set up a
home network. Those who care about their home aesthetics or don't want to pull wire set up
wireless networks at home.
Here are a few scenarios, each of which poses a threat to the work environment:
A office engineer has a daughter and a son who each have a laptop. The engineer purchases a
wireless router and hooks up all the machines -- including the work machine -- so that all the
machines can use the high-speed Internet connection.
One of the reasons that wireless is so popular with home users is that you can just plug it in and
have it start working. In this scenario, then, there's little probability that the engineer enabled
WEP (Wired Equivalent Privacy) on the laptops, so the computers are left vulnerable because
the information is sent in clear text.
An employee's home workstation is running Windows 98. (In all operating systems prior to
Windows NT, all passwords are stored in the .pwl file.) The Internet connection is always on,
because the children want Internet access on that computer, especially in the summer when
school's out. The virus software is disabled because it interferes with the children's favorite
game.
In this situation, the always-on connection leaves the machine open to. The .pwl file can easily
be accessed for a list of passwords, and disabling the virus software leaves the unguarded
against viruses.

You've installed keystroke-logging software to track where your children have been on the
Internet, because many times they use your computer unsupervised. This software runs
constantly.
You've made it extremely easy for a cracker to get your password to the network, because all he
has to do is read the log file. This is a giveaway -- he has no work to do because you've done it
for him. Keystroke logging software should not be used on a machine that has been supplied by
the employer unless the employer had installed it and is aware that it's on the machine.
You are constantly having issues with your computer because you let your children use it. What
do you think the chances are that someone has already penetrated the network where he
works and is slowly stealing information or planting maladies?
Establish effective policies

Every office should have policies in place to protect the network from attacks via home users.
These might include the following:
 Requiring the employee to notify IT immediately if he changes his home connection
from dial-up to high speed, so that policies and procedures can be addressed.
 Not permitting an office-owned PC to be used for other purposes or by unauthorized
individuals.
 Not allowing virus protection software to be disabled, and requiring that it be updated
regularly.
 Requiring immediate disconnection from the network and immediate support contact in
the event that the machine contracts a virus.
 Requiring the use of a firewall, and not permitting it to be disabled.
 Requiring that the machine be either disconnected from the network and the Internet or
turned off completely when the employee finishes working for the day.
 Mandating that a boot disk be handy in the event a virus renders the machine unusable.
 Requiring that data be backed up if the employee is storing office information on a
home computer.
 Requiring that the operating system and all applications on the machine be kept up to
date.
TIP
Post information about patches and updates, whether the IT department supplies them or the
employee is expected to acquire them on his own. Posting provides no excuse for an employee
failing to comply.
 Requiring strong passwords.

 Requiring that non work-related shares be turned off.
 Mandating that auditing be turned on (if the operating system allows).
Although it may seem like a lot of work, it's worth your while to periodically send
questionnaires to all employees working from home who are using office computers. The main
information you want from the employees is:
 The operating system and version
 All applications installed and their versions
 The type of Internet connection
 The location of the emergency boot disk
 How many other machines are using the Internet connection
 Any hardware changes
Then compare the current responses with the condition in which the machine left the office. If
this is done on a regular basis, you will soon be able to tell who is using the computer strictly for
work purposes and who is not. Often, what you'll find is that children use the computer to play
games and download music files. These require the installation of additional programs. They
also take up disk space and may require better video cards as well as extra memory.
With policies in position, let's see how machines can be set up to securely connect to the work
environment from home.
SECURE HOME MACHINES

As you learned in the previous section, you really have very little control over the home user.
Even with good policies in place, there's no guarantee that telecommuters will follow them.
What you can control is how the telecommuters connect to your network, and that's what we'll
discuss now.
When you allow telecommuters to access your network, they usually do so by first connecting
to the Internet and then connecting to the network A VPN (Virtual Private Network) is a
network connection that permits access via a secure tunnel created through an Internet
connection. Using an Internet-based VPN connection is very popular for several reasons:
 Users in an organization can dial a local Internet access number and connect to the
corporate network for the cost of a local phone call.
 Administrative overhead is reduced with a VPN because the ISP (Internet Service
Provider) is responsible for maintaining the connectivity once the user is connected to
the Internet.
 There are various security advantages to using a VPN, including encryption,
encapsulation, and authentication.

For users who travel, a local access number usually is available. If possible, you should provide
this information to employees who travel -- it saves phone calls to the help desk and enables
them to test the numbers before they have to give presentations.
Figure 1 shows how a VPN works. Setting up the users' computers (clients) to connect to the
server is a two-step process:
Figure 1: VPN remote access over the Internet.
 Establish an Internet connection. This can be dial-up or broadband.

 Connect to the VPN server. This involves dialing another connection.
Once the client is setup, it can use the VPN. Here's how a client uses a VPN to access a
corporate LAN through the Internet:
 The remote user dials into his local ISP and logs into the ISP's network.
 The user initiates a tunnel request to the server on the corporate network. The server
authenticates the user and creates the other end of tunnel.
 The user then sends data through the tunnel, which is encrypted by the VPN software
before being sent over the ISP connection.
 The server receives the encrypted data, decrypts it, and forwards it to the destination on
the corporate network. Any information sent back to the remote user is encrypted
before being sent over the Internet.
VPNs provide great opportunities for employee productivity while reducing long-distance
charges, and a good VPN guarantees privacy and encryption. But it is authentication that
ensures the integrity of the data.
We've discussed the situations that home users get themselves into and how easily passwords
can be breached on unsecured machines. In order for a VPN to provide the level of security
that's intended, a solid means of authentication must be established. This brings us to two-
factor authentication.
In two-factor authentication, a user must supply two forms of ID before she can access a
resource: one is something she knows, such as a password, and the other is something she has
or is. For example, you may be required to type password and place your thumb on a
thumbprint scanner to properly identify yourself. Figure 2 illustrates this type of authentication.

Figure 2: Two-factor authentication.
The most common form of this type of authentication is a smart card. The security in this
authentication is that both are need for validation. If the card is stolen, or the PIN is discovered,
neither one of these alone can enable someone else to log on as the user.
Smart card readers are attached to a computer port and a digital certificate is downloaded to
activate the card. Smart card logon requires the user to insert the card and enter a PIN in order
to log on.
Understand tunneling
The purpose of a VPN is to secure your network communications. There are two broad
categories of tunneling:
 Voluntary
 Compulsory
In voluntary tunneling, the situation is as described earlier and shown in Figure 2-1. The cable
modem dials the ISP, and the user is then connected to the VPN server via the Internet.
In compulsory tunneling, the tunnel is set up between two VPN servers that act as routers for
network traffic. This type of tunnel is most useful for connecting a remote office with its own
network to a central office. Sometimes as an office is growing, it allows employees to run
offices out of their homes with those employees hiring several people to work for them, or it
may be in the situation where a contractor works out of an office that is shared by other
contractors. Figure 3 shows an example of this type of tunneling.
Figure 3: Compulsory tunneling.

This type of server would be placed in a larger office but remote users and traveling employees
could create a connection with a local or corporate VPN server instead of connecting to an ISP
first, thus eliminating the need to supply traveling employees with a list of local numbers for the
ISP.
WARNING
Tunneling should not be used as a substitute for encryption. The strongest level of encryption
possible needs to be used within the VPN.
Let's take a look at personal firewalls that can be installed to help detect intrusions in home
computers.
Examine personal firewalls

The potential for crackers to access data through the telecommuter's machine has grown
substantially, and threatens to infiltrate our networks. Cracker tools have become more
sophisticated and difficult to spot. Always-connected computers, typically with static IP
addresses, give attackers copious amounts of time to discover and exploit system
vulnerabilities. How can a user know when his system is being threatened?
You can help thwart attacks by making sure that all telecommuters have firewalls installed on
their systems. Firewalls come in two varieties: software and hardware. Like most other
solutions, each has strengths and weaknesses. By design, firewalls close off systems to scanning
and entry by blocking ports or non-trusted services and applications.
Software firewalls
Software firewalls are more flexible in that they enable the user to move from network to
network. Typically, the first time a program tries to access the Internet; a software firewall asks
whether it should permit the communication. You can opt to have the firewall ask the user each
time the program tries to get online. The prompts usually get so annoying that most users end
up making hasty decisions with little more information than they originally had. Another danger
is that firewall filtering can get too complicated for the average user to fix easily, which makes
users reluctant to deny permission to anything. There should be help available to
telecommuters to aid in configuring these types of firewalls. Its one thing to say that
telecommuters have firewalls, but quite another to ensure that those firewalls are correctly
configured.
Here's a list of the most commonly used software firewalls:
 McAfee.com Personal Firewall
 Norton Internet Security
 Sygate Personal Firewall

 ZoneAlarm
 BlackIce
 Tiny Personal Firewall
Hardware firewalls
Hardware firewalls provide an additional outer layer of defense that can more effectively hide
one or more connected PCs. There are inexpensive router appliances that move traffic between
the Internet and one or more machines on home networks, which simply hide the IP addresses
of PCs so that all outgoing traffic seems to come from the same address. Recently, router
manufacturers have been including actual firewalls that block inappropriate inbound and
outbound traffic making these a much better choice.
In general, the average user will like the nature of hardware solutions because they operate in
the background without generating as many queries and alerts as software firewalls. In
addition, the physical installation is easy, but the normal home user won't know how to
configure the firewall should the default settings not be strong enough.
Remember that even a good firewall cannot protect the user if he does not think before he
downloads or does not exercise a proper level of caution. No system is foolproof, but the right
combination of hardware, software, and good habits can make your telecommuters' computing
environment safer.
INTRUSION DETECTION
We will see what actually happens when your network is invaded or damaged. We develop and
deploy hardware and software in such an extremely quick fashion to meet the demand of
business and home consumers that we don't always take the time to be sure that these
technologies are properly tested and secured. This puts our networks at risk not only from the
professional cracker but also from curious or disgruntled employees.
Let's first look at intrusion detection and intrusion prevention systems that can help spot a
potential intrusion.
Examine intrusion detection systems

One of the best ways to catch an intruder before too much damage is done is through IDSs
(intrusion detection systems), which are designed to analyze data, identify attacks, and respond
to the intrusion. They're different from firewalls in that firewalls control the information that
gets in and out of the network, whereas IDSs can identify unauthorized activity.
Intrusion-detection systems are also designed to catch attacks in progress within the network,
not just on the boundary between private and public networks. The two basic types of IDSs are
network based and host based. As the names suggest, network-based IDSs look at the

information exchanged between machines, and host-based IDSs look at information that
originates on the individual machines. Here are some specifics:
 Network-based IDSs monitor the packet flow and try to locate packets that may have
gotten through the firewall and are not allowed for one reason or another. These
systems have a complete picture of the network segment they are configured to protect.
They see entire network packets, including the header information, so they're in a better
position to distinguish network-borne attacks than host-based IDS systems are. They are
best at detecting DoS (Denial of Service) attacks and unauthorized user access. Figure 4
details a network-based IDS monitoring traffic to the network from the firewall.
Figure 4: Network-based IDS.
 Host-based IDSs (sometimes called HIDSs) monitor communications on a host-by-host

basis and monitor traffic coming into a specific host for signatures that might indicate
malicious intention. They also monitor logs to find indications that intrusions or
intrusions attempts are going on, and some of the HIDSs also monitor system calls and
intercept them. These types of IDSs are good at detecting unauthorized file
modifications and user activity.
Network-based IDSs try to locate packets not allowed on the network that the firewall missed.
Host-based IDSs collect and analyze data that originates on the local machine or a computer
hosting a service. Network-based IDSs tend to be more distributed.
Host-based and network-based approaches are complementary to each other because they
have different strengths and weaknesses. Many successful intrusion detection systems are built
using mixes of both, and ultimately, this is what network administrators should consider for
their own environments.

When an IDS alerts a network administrator of a successful or ongoing attack attempt, it's
important to have documented plans for incident response already in place. There are several
forms of response, including the following:
 Redirecting or misdirecting an attacker to secured segmented areas, allowing him to
assume that he has been successful. This serves two purposes: it prevents access to
secured resources and gives you time to trace or track the intruder.
 ICE (Intrusion Countermeasure Equipment) can be used to provide automatic response
in the event of intrusion detection. ICE agents have the capability to automatically lock
down a network or to increase access security to critical resources in the event of an
alert.
 After identification of an attack, forensic analysis of infected systems can detect
information about the identity of the attacker. This information may then be used to
direct the attention of the proper authorities.
Later, analysis of successful intrusions should be used to harden systems against additional
attempts of the same nature. Planning should include access restrictions in addition to making
the network less desirable to potential attackers.
Explore intrusion prevention systems

IDSs alert IT system administrators to potential security breaches within the perimeter of a
network environment, which is a good start. The problem with them is that they're passive and
reactive. They scan for configuration weaknesses and detect attacks after they occur. When an
attack occurs, it's reported, and combinations of antivirus and intrusion detection vendors
develop a rapid solution to distribute, but by that time, the attack has delivered its payload and
paralyzed the network or several networks. In fact, the damage is often already done by the
time the IDS alerts you to the attack.
Intrusion prevention software differs from traditional intrusion detection products in that it can
actually prevent attacks rather than only detecting the occurrence of an attack. IPS
architectures serve as the next generation of network security software that is proactive. Host-
based IPS will become increasingly popular in the next few years, possibly pushing host-based
IDS out of the picture.
Intrusion prevention offers considerable advantages:
 It actually secures internal resources from attacks based inside the network by
restricting behavior of potentially malicious code, providing a record of attack, and
notifying enterprise security personnel when an attack is repelled.
 It defines appropriate behaviors and then enforces those behaviors on every end-user
desktop and network server across an enterprise. By looking at system and application
behavior and defining which actions are legitimate and which are suspect, an IPS can
stop an errant system action when it attempts to do something that is not in the realm
of expected behavior.

 Rules can be configured to control which type of actions applications can perform on
files and system resources. As an intelligent agent, these run by intercepting system
actions, checking rules, and then allowing or denying the action in question based on
those rules.
 Statistical logging data can be used to generate reports that indicate overall network
health. IT staff can monitor how current rule sets are working and adjust them, if
necessary.
For an intruder, the real value of your network lies in key machines such as database servers
and the information they contain. An intruder won't celebrate breaking through your firewall if
all it gets him is access to a couple of printers. The idea of intrusion prevention is to ensure
exactly that. By allowing only certain behaviors on critical hosts, the technology leaves an
intruder with little freedom to do anything malicious.
If you have a personal firewall such as Norton Personal Firewall or ZoneAlarm, you may've
already seen intrusion prevention in its simplest form. Recall from the above that this type of
software relies on rules and scanning to spot inappropriate activity. It uses predefined attack
signatures, and it also learns what behaviors you'll allow every time you click yes or no when an
application wants to do something.
WARNING
Sometimes the data that is collected by these systems is overwhelming. When you start trying
to do something with the intrusion detection data, you realize the magnitude of deciphering or
reading the data is well beyond the resources and time you want to put in to make it effective.
Often, incidents happen even though you have firewalls and intrusion detection. So, you've got
ten thousand alarms going off, five of them are probably valid, two of them you really need to
do something about, but you don't have the time or the resources to find what those five are
and what the two really are. You end up doing nothing because you don't know how to
respond. Please do not let this happen. Make the time and resource to use these tools
effectively.
Preventing actual damage to your company's business functionality is critical to protecting
today's open networks. Intrusion prevention technology serves as a strategy for those who
desire proactive and preventive security measures in the face of attacks.
FIREWALL
In its most basic terms, a firewall is a system designed to control access between two networks.
There are many different kinds of firewalls—packet filters, application gateways, or proxy
servers. These firewalls can be delivered in the form of software that runs on an operating
system, like Windows or Linux. Or, these firewalls could be dedicated hardware devices that
were designed solely as firewalls.

UNDERSTAND THE EVOLUTION OF FIREWALLS
Learn how firewalls have progressed from simple packet filtering to more sophisticated
application-level filtering.
Webopedia.com defines a firewall as “a system designed to prevent unauthorized access to or
from a private network.” Although technically accurate, this definition tells us only what a
firewall does and doesn’t address the more important question of how it does it. For
administrators who are continually focused on keeping their networks secure, it is helpful to
take a closer look at the way firewalls function and how they have evolved in recent years to
better protect our corporate networks.
First-generation firewalls: Packet filtering
Static packet filters

One of the simplest and least expensive forms of firewall protection is known as static packet
filtering. With static packet filtering, each packet entering or leaving the network is checked and
either passed or rejected depending on a set of user-defined rules. Dealing with each individual
packet, the firewall applies its rule set to determine which packet to allow or disallow. You can
compare this type of security to the Gate-keeper at a club who allows people over 21 to enter
and turns back those who do not meet the age rule requirements. The static packet filtering
firewall examines each packet based on the following criteria:
 Source IP address
 Destination IP address
 TCP/UDP source port
 TCP/UDP destination port
For example, to allow e-mail to and from an SMTP server, a rule would be inserted into the
firewall that allowed all network traffic with a TCP source and destination port of 25 (SMTP) and
the IP address of the mail server as either the source or destination IP address. If this were the
only filter applied, all non-SMTP network traffic originating outside of the firewall with a
destination IP address of the mail server would be blocked by the firewall.
Many people have asked the question, “Is a router with an access list a firewall?” The answer is
yes, a packet filter firewall can essentially be a router with packet filtering capabilities. (Almost
all routers can do this.) Packet filters are an attractive option where your budget is limited and
where security requirements are deemed rather low.
But there are drawbacks. Basic packet filtering firewalls are susceptible to IP spoofing, where an
intruder tries to gain unauthorized access to computers by sending messages to a computer
with an IP address indicating that the message is coming from a trusted host. Information
security experts believe that packet filtering firewalls offer the least security because they allow

a direct connection between endpoints through the firewall. This leaves the potential for a
vulnerability to be exploited. Another shortcoming is that this form of firewall rarely provides
sufficient logging or reporting capabilities.
STATEFUL PACKET INSPECTION

Within the same generation of static packet filtering firewalls are firewalls known as stateful
packet inspection firewalls. This approach examines the contents of packets rather than just
filtering them; that is, it considers their contents as well as their addresses. You can compare
this to the security screener at an airport. A ticket validates that you must be traveling from
your source to your destination; however, your carry-on contents must be checked to get to
your final destination.
These firewalls are called stateful because they can permit outgoing sessions while denying
incoming sessions. They take into account the state of the connections they handle so that, for
example, a legitimate incoming packet can be matched with the outbound request for that
packet and allowed in. Conversely, an incoming packet masquerading as a response to a
nonexistent outbound request can be blocked. By using something known as session or
intelligent filtering, most stateful inspection firewalls can effectively track information about the
beginning and end of network sessions to dynamically control filtering decisions. The filter uses
smart rules, thus enhancing the filtering process and controlling the network session rather
than controlling the individual packets.
Basic routers typically do not perform stateful packet inspections unless they have a special
module. A dedicated firewall device or server (with software) is usually required when the level
of security demands stateful inspection of data in and out of a network. Although stateful
packet inspection offers improved security and better logging of activities over static packet
filters, it has its drawbacks as well. Setting up stateful packet examination rules is more
complicated and, like static packet filtering, the approach allows a direct connection between
endpoints through the firewall.
SECOND-GENERATION FIREWALLS: PROXY SERVICES

The next generation of firewalls attempted to increase the level of security between trusted
and untrusted networks. Known as application proxy or gateway firewalls, this approach to
protection is significantly different from packet filters and stateful packet inspection. An
application gateway firewall uses software to intercept connections for each Internet protocol
and to perform security inspection. It involves what is commonly known as proxy services. The
proxy acts as an interface between the user on the internal trusted network and the Internet.
Each computer communicates with the other by passing all network traffic through the proxy
program. The proxy program evaluates data sent from the client and decides which to pass on
and which to drop. Communications between the client and server occur as though the proxy
weren't there, with the proxy acting like the client when talking with the server, and like the

server when talking with the client. This is analogous to a language translator who is the one
actually directing and sending the communication on behalf of the individuals.
Many information security experts believe proxy firewalls offer the highest degree of security
because the firewall does not let endpoints communicate directly with one another. Thus,
vulnerability in a protocol that could slip by a packet filter or stateful packet inspection firewall
could be caught by the proxy program. In addition, the proxy firewall can offer the best logging
and reporting of activities.
Of course, this security solution is far from perfect. For one thing, to utilize the proxy firewall, a
protocol must have a proxy associated with it. Failure to have a proxy may prevent a protocol
from being handled correctly by the firewall and potentially dropped. Also, there is usually a
performance penalty for using such a firewall due to the additional processing for application-
level protocols.
FIREWALLS EVOLVED: THE THIRD GENERATION

The newest generation of firewalls may be defined as state-of-the-art perimeter security
integrated within major network components. These systems alert administrators in real time
about suspicious activity that may be occurring on their systems. Although it's a lot to swallow,
this new generation of firewall has evolved to meet the major requirements demanded by
corporate networks of increased security while minimizing the impact on network performance.
The requirements of the third generation of firewalls will be even more demanding due to the
growing support for VPNs, wireless communication, and enhanced virus protection. The most
difficult element of this evolution is maintaining the firewall's simplicity (and hence its
maintainability and security) without compromising flexibility.
The most recent category of firewalls attempting to meet this demand performs what has been
termed stateful multilevel inspection, or SMLI. SMLI firewalls eliminate the redundancy and
CPU-intensive nature of proxy firewalls. SMLI's unique approach screens the entire packet, OSI
layers 2 through 7, and rapidly compares each packet to known bit patterns of friendly packets
before deciding whether to pass the traffic. Coupled with or integrated into an intrusion-
detection system (IDS), SMLI offers the first glimpse of this new definition of a firewall. Among
the products that use this new technology are Check Point’s FireWall-1, Elron Software’s
Internet Manager, and SonicWall’s line of access security products.
FREQUENTLY ASKED QUESTIONS
Why would you want a firewall?
Firewalls will protect your network from unwanted traffic. Many times, the unwanted traffic is
harmful traffic from hackers trying to exploit your network. You want a firewall to protect your
network, just as you want locks on your door and windows at your home.
Is a proxy server a firewall?

A proxy server is a form of a firewall. In legal terms, a proxy is someone who goes and performs
some action on your behalf. A proxy server performs network transactions on your behalf. The
most common use for this is a Web-proxy server. A Web-proxy will take requests from users’
Web browsers, get the Web pages from the Internet, and return them to the user’s browser.
Many times, a proxy server also performs authentication to see who is requesting the Web
pages and also logs the pages that are requested and the user they are from.
What is NAT?
NAT is Network Address Translation. NAT is usually used to translate from real/global/public
Internet addresses to inside/local/private addresses. These private addresses are usually IP
addresses: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.
NAT provides some security for your network as you do not have a real Internet IP address and
your network, usually, cannot be accessed from the Internet without some outbound
connection first being created from your private/inside network.
However, you still need a firewall to protect your network as NAT only hides your network but
doesn’t really stop any packets from entering your network.
Do firewalls stop Viruses, Trojans, Adware, and Spyware?
No, in general, firewalls do not stop Viruses, Trojans, Adware, or Spyware. Firewalls, usually,
only protect your network from inbound traffic from an outside (Internet) network. You still
need antivirus software, anti-adware and anti-spyware software applications to protect your
system when it does go out on the Internet.
How do I know that my firewall is really protecting my network?
Just like any security system, a firewall should, periodically, be tested. To test a firewall, you
could have a professional security-consulting company do a security vulnerability scan.
However, this is usually something you can do yourself. To do this, you could use a port-scanner
or a more advanced tool like a vulnerability assessment tool (such as Retina, Saint, or ISS).
What are the different types of firewalls?
The different types of firewalls are:
Packet filter – A packet filter looks at each packet entering the network and, based on its
policies, permits or denies these packets. A Cisco IOS Access Control List (ACL) is a basic firewall
that works in this way.
Stateful packet filter – A stateful packet filter also has rules; however, it keeps track of the TCP
connection state so it is able to monitor the “conversations” as they happen on the network. It
knows the normal flow of the conversations and knows when the conversations are over. Thus,
it more intelligently is able to permit and deny packets entering the network. Because of this, a
stateful packet filter (stateful firewall) is much more secure than a regular packet filter.
Application gateway – An application gateway is a system that works for certain applications
only. It knows the “language” that that application/protocol uses and it monitors all
communications. An example would be a SMTP gateway.
Proxy Server – A proxy server performs network transactions on your behalf. The most
common use for this is a Web-proxy server. A Web-proxy will take requests from users’ Web
browsers, get the Web pages from the Internet, and return them to the user’s browser.
What do VPNs have to do with firewalls?
Virtual Private Networks (VPN) are used to encrypt traffic from a private network and send it
over a public network. Typically, this is used to protect sensitive traffic as it goes over the
Internet. Many times, you will have a VPN encryption device combined with a firewall as the
private network traffic that is being encrypted also needs to be protected from hackers on the
public network.
If I have a firewall, do I have a DMZ?
No, you do not necessarily have a DMZ (De-Military Zone) if you have a firewall. A DMZ is a
network that is semi-protected (not on the public network but also not on the fully-protected
private network). Many hardware firewalls create a DMZ for public mail servers and Web
servers. Most small networks or homes do not have DMZ networks. Most medium-to-large
corporate networks would have a DMZ.
What are IDS and IPS? Also, what do they have to do with firewalls?
An Intrusion Detection System (IDS) monitors for harmful traffic and alerts you when it enters
your network. This is much like a burglar alarm.
An Intrusion Prevention System (IPS) goes farther and prevents the harmful traffic from
entering your network.
IDS/IPS systems recognize more that just Layer 3 or Layer 4 traffic. They fully understand how
hackers use traffic to exploit networks and detect or prevent that harmful traffic on your
network. Today, many IDS/IPS systems are integrated with firewalls and routers.
What is a DoS attack and will a firewall protect me from it?
A Denial of Service (DoS) attack is something that renders servers, routers, or networks
incapable of responding to network requests in a timely manner.
Firewalls can protect your network and its servers from being barraged by DoS traffic and allow
them to respond to legitimate requests, thus, allowing your company to continue its business
over the network.
How do you configure, monitor, and control a firewall?
As there are many different types of firewalls, there are also many different types of firewall
interfaces. You could have a command line interface (CLI), a Web-based interface, or some
other proprietary program that is used to configure the firewall.
For example, with Cisco PIX firewalls, you can configure them with the CLI interface (called
PixOs), or the PIX Device Manager (PDM), a Java-based interface that works with a Web
browser.
How do I know what firewall I should use?
The size of the firewall you choose is usually based on the volume of traffic your network links
receive or the bandwidth of your network links. You also must take into consideration other
things for which you might be using the firewall, such as VPN, IDS, and logging.
What are some new features to look for in firewalls?
Firewalls, today, are offering more and more features built into the firewall. Some of them are:
intrusion prevention, hardware-based acceleration, and greater recognition of applications
(moving up the OSI model towards layer 7).
How can I configure an inexpensive firewall?
There are a wide variety of firewalls available today. Perhaps the most basic firewall is the
personal PC firewall, such as that built into Windows XP. Next come more advanced PC
software firewalls, like ZoneAlarm Pro or BlackICE. There are midrange firewall solutions like
Microsoft ISA or hardware firewalls. Next on the scale are large Cisco PIX or Checkpoint firewalls
used for large businesses or Internet Service Providers.

ERP
Definition of ERP
Enterprise -Is an entity where Business Activities are conducted profitably
Resource-Various Resources available within an enterprise such as, Finance,

Materials, Manpower, Equipment, Facilities and infrastructure etc.
Planning-Activity to optimize the utilization of resources
ERP BASIC WHAT IS ERP?

 ERP stands for Enterprise Resource Planning.
 It is packaged software designed for client/server architecture.
 It integrates the majority of business process and transactions.
 It is based on a single, enterprise-wide database allowing access to data on a
real- time basis.
 It allows integration between process and planning and supports multiple
currencies, languages, etc.
 It can be customized without programming.
 It ensures discipline in working of entire organization by ensuring no data gets
posted without fulfilling all laid down business rules.
 ERP attempts to integrate all departments and functions of a company into a
single system that can serve all departments' needs.
 An extensive change management concept ensures the acceptance and
motivation of the end users.
 Enterprise Resource Planning (ERP) is a term usually used in conjunction with

ERP software or an ERP system which is intended to manage all the information and
functions of a business or company from shared data stores.
 An ERP system typically has modular hardware and software units and
"services" that communicate on a local area network or on Intranets .
 The modular design allows a business to add or reconfigure modules (perhaps
from different vendors) while preserving data integrity in one shared database that may
be centralized or distributed
 In its simplest form can be explained as an attempt of

Area of Computerization in an Organization
 Financial Activities
 Material Management and its procurement
 Sales and Marketing
 Quality Management and assurance
 Human Resource Development
 Payroll
 Training Management
 Business Intelligent Warehousing
 Project Planning and Monitoring
 System Maintenance
ERP Functional Scope – Modules
 Financial and controlling (FICO)

 Material Management (MM)
 Project Systems (PS)
 Plant Maintenance (PM)
 Sales and Distribution (S&D)
 Quality Management (human Resource and Payroll (HR)
 Business Intelligent Warehousing (BIW)
BSNL‟s Present Status of computerization activities Financial activities Present Status
 DotSOFT Package.
 In house developed packages for computation and preparation of
financial Statements.
 Other locally developed software.

Material Management and Procurement Present Status
 Inventory Management system

 MIS for IN Service Web package
 Sancharsoft package for Cellular Services
 Other locally developed softwares
Project System and Monitoring Present status
 DOTSOFT Package
 Other Local packages System Maintenance Present Status
 DOTSOFT FRS
● TVARIT
Human Resource Development Present Status
 HR Package
 HR Pay Roll
 HR Leave Module
 CTMS
ADVANTAGES OF ERP
 Integrate financial information
 Integrate customer order information
 Standardize and speed up manufacturing processes
 Reduce inventory
 Standardize HR information
 Some security features are included within an ERP system to protect against
both outsider crime and internal control
ERP Systems centralize the data in one place. Benefits of this include:
 Eliminates the problem of synchronizing changes between multiple systems
 Permits control of business processes that cross functional boundaries
 Provides top-down view of the enterprise (no "islands of information")

 Reduces the risk of loss of sensitive data by consolidating multiple permissions
and security models into a single structure.
BSNL‟S ERP SOFTWARE IMPLEMENTATION

The ERP have at 13 modules integrating BSNL‘s finance procurement & HR
functions as well as material & real estate management, QOS, Business intelligence etc.
The HCL info systems is selected to implement ―System Integration Project
―For BSNL. The prime objective of ERP system is to improve the information flow to
facilitate better decision making leading to overall improvement in the performance of
the organisation by way of improvements in the productivity, cycle time, financial
performance and information transparency.
The project entails installation, operations, maintenance, training and
customization by consolidating the different systems onto a single ERP platform As a part
of the BSNL‘s business transformation programme, HCL will migrate company‘s Finance,
Commissioning & operations functions onto a single ERP system.
The project rollout includes setting up of the main Data Centre at Hyderabad
and the Disaster Recovery Data Centre at Kolkata.
Installation and commissioning at these centres streamlined these business
processes, provide a single view of the business, aiding compliance to storage system,
security system, enterprise management system, network management systems, access
management system etc. of existing data centres.
The decision to cover the whole organization country wide by investing in ERP
licenses clearly communicates BSNL management intent to create a single seamless
platform all over the corporation.
To deliver on this project HCL is drawing from its deep experiences of
implementing many turnkey projects for BSNL including deploying prestigious contracts
such as National Internet Backbone (NIB), Implementation of Call Detail Record (CDR)
based customer care & convergent billing systems and the more recent WiMax Rural
project, that involves setting up of infrastructure for providing internet connectivity to
rural Community Service Centres through Wireless Access Network (WAN).
CONCLUSION
The software packages reduce the workload and automation of activities. It also
assists in elimination of human errors, as a result, improves effectiveness and consistency.
These are various types of business software commonly used in BSNL. These Software‘s
are responsible for accomplishing different tasks in no time, enhancing customer
satisfaction and improving efficiency.

Oracle Data Base
What is Oracle?
Oracle database is a relational database management system (RDBMS) from Oracle

Corporation. This article will explain a complete overview of the Oracle database, features,
history, and editions. Before discussing the oracle, we will first need to know about the
database.
What is a database?
A database refers to the organized collection of structured data stored electronically in a

device. It allows us to access, manage, and find relevant information frequently. The flat file
structure was extensively used to store data before the database system was invented. The
relational database approach becomes popular in comparison to the flat file model because it
eliminates redundant data. For example, suppose we have an employee and contact
information stored in the same file. In such a case, the employees with multiple contacts will
show up in many rows.
The RDBMS system manages the relational data. Oracle Database is the most famous relational
database system (RDBMS) because it shares the largest part of a market among other relational
databases. Some other popular relational databases are MySQL, DB2, SQL Server, PostgreSQL,
etc.
What is the Oracle database?
Oracle database is a relational database management system. It is also called OracleDB, or

simply Oracle. It is produced and marketed by Oracle Corporation. It was created
in 1977 by Lawrence Ellison and other engineers. It is one of the most popular relational
database engines in the IT market for storing, organizing, and retrieving data.
Oracle database was the first DB that designed for enterprise grid computing and data
warehousing. Enterprise grid computing provides the most flexible and cost-effective way to
manage information and applications. It uses SQL queries as a language for interacting with the
database.
Editions of Oracle database
Oracle database is compatible with a wide range of platforms such as Windows, UNIX, Linux,
and macOS. It supports several operating systems like IBM AIX, HP-UX, Linux, Microsoft
Windows Server, Solaris, SunOS, macOS, etc. In the late 1990s, Oracle began supporting open
platforms like GNU/Linux.

The following is a list of Oracle database editions in order of priority:
o Enterprise Edition: It is the most robust and secure edition. It offers all features,
including superior performance and security.
o Standard Edition: It provides the base functionality for users that do not require
Enterprise Edition's robust package.
o Express Edition (XE): It is the lightweight, free and limited Windows, and Linux edition.
o Oracle Lite: It is designed for mobile devices.
o Personal Edition: It's comparable to the Enterprise Edition but without the Oracle Real
Application Clusters feature.
The Oracle Corporation
Oracle Corporation is the largest software company to develop and markets computer software
applications for business. The company is best known for its Oracle database products and,
more recently, cloud products and services. Its relational database was the first to support SQL,
which has since become the industry standard.
Oracle database is one of the most trusted and widely used relational database engines. The
biggest rival of Oracle database is Microsoft's SQL Server.
History of Oracle
Oracle Corporation was founded by Lawrence Ellison (Larry Ellison), Bob Miner, Ed Oates, and
Bruce Scott in August 1977. They have a lot of experience in building database programs for
several companies and builds their first project (a special database program) for the CIA
(Central Intelligence Agency). Oracle was named after "Project Oracle," a project for one of
their clients named Central Intelligence Agency, and the company that created Oracle was
called Systems Development Labs (SDL). Systems Development Labs was renamed Relational
Software Inc. (RSI) in 1978 to expand their market for the new database. They had again
changed the name of the company from RSI to Oracle Systems Corporation in 1982.
The first commercially available RDBMS named Oracle V2 (Version 2) was built using PDP-11
assembler language (SQL-based RDBMS). Although they already developed a commercial
RDBMS in 1977, it wasn't available for purchase until 1979, when Oracle version 2 was released.
In 1983, Oracle database portable version named "Oracle version 3" was released. This version
was written in the C programming language. It was the first relational database that can run in
mainframes, minicomputers, PCs, or any hardware with a C compiler. It also supports SQL
queries and transactions execution.

Importance of Oracle
It is one of the oldest database management companies in the world. It has always focused on
enterprise needs and kept up with the newest technological developments. As a result, its
products are constantly updated with new features. For example, the most recent Oracle
database, 19C, is also available on Oracle Cloud. Oracle allows users to select from various
database editions to meet their specific demands with a cost-effective solution.
Oracle Database Features
Oracle database manages data with the help of an open, complete, and integrated approach.
The following are features that complete the demand for powerful database management:
Availability: It is never offline or out of service that means supported 24*7 availability of the
database. It provides high availability of databases because of the Oracle Data Guard
functionality. This functionality allows using of the secondary database as a copy of the primary
database during any failure. As a result, all normal processes such as backups and partial
failures do not interrupt the database from being used.
Security: Oracle has a mechanism for controlling and accessing the database to prevent
unauthorized access. It provides high security because of the Oracle Advanced Security
features. It offers two solutions to protect databases that are TDE (Transparent Data
Encryption) and Data Redaction. TDE supports data encryption both at the source and after
export. Redaction is performed at the application level. Oracle has some other security features
like Oracle Database Vault that regulates user privileges and Oracle Label Security.

Scalability: It provides features like RAC (Real Application Cluster) and Portability, which makes
an Oracle database scalable based on usage. In a clustered environment, it includes capabilities
such as rolling instance migrations, performing upgrades, maintaining application continuity,
quality of service management, etc.
Performance: Oracle provides performance optimization tools such as Oracle Advanced

Compression, Oracle Database In-Memory, Oracle Real Application Testing, and Oracle Times
Ten Application-Tier Database Cache. Their main objective is to improve system performance to
the highest possible level.
Analytics: Oracle has the following solutions in the field of analytics:
o OLAP (Oracle Analytic Processing): It is an implementation of Oracle for doing

complicated analytical calculations on business data.
o Oracle Advanced Analytics: It is a technical combination of Oracle R Enterprise and
Oracle Data Mining that assists customers in determining predictive business models
through data and text mining, as well as statistical data computation.
Management: Oracle Multitenant is a database management tool that combines a single

container database with many pluggable databases in a consolidated design.
Benefits of Oracle Database
The following are the main advantages of an Oracle database:
Performance: Oracle has procedures and principles that help us to get high levels of database
performance. We can increase query execution time and operations with the use of
performance optimization techniques in its database. This technique helps to retrieve and alter
data faster.
Portability: The Oracle database can be ported on all different platforms than any of its
competitors. We can use this database on around 20 networking protocols as well as over 100
hardware platforms. This database makes it simple to write an Oracle application by making
changes to the OS and hardware in a secure manner.
Backup and Recovery: It is always better to take a proper backup of your entire oracle online
backup and recovery. The Oracle database makes it easy to accomplish recovery quickly by
using the. RMAN (Recovery Manager) functionality. It can recover or restore database files
during downtime or outages. It can be used for online backups, archived backups, and
continuous archiving. We can also use SQL* PLUS for recovery, which is known as user-managed
recovery.

PL/SQL: One of the greatest benefits of using the Oracle database is to support PL/SQL
extension for procedural programming.
Multiple Database: Oracle database allows several database instances management on a single
server. It provides an instance caging approach for managing CPU allocations on a server
hosting database instances. The database resource management and instance caging can work
together to manage services across multiple instances.
Flashback Technology: This advantage comes with the recent Oracle version. It allows us to
recover those data that are incorrectly deleted or lost by human errors like accidental deletion
of valuable data, deleting the wrong data, or dropping the table.
Disadvantages of Oracle Database
The following are the disadvantages of the Oracle database:
Complexity: Oracle is not recommended to use when the users are not technically savvy and
have limited technical skills required to deal with the Oracle Database. It is also not advised to
use if the company is looking for a database with limited functionality and easy to use.
Cost: The price of Oracle products is very high in comparison to other databases. Therefore
users are more likely to choose other less expensive options such as MS SQL Server, MySQL, etc.
Difficult to manage: Oracle databases are often much more complex and difficult in terms of
the management of certain activities.
What is Primary key
A primary key is a single field or combination of fields that contains a unique record. It must be
filled. None of the field of primary key can contain a null value. A table can have only one
primary key.
Oracle Database Architecture

Oracle database software is designed to support the architecture of instances and databases.

The database consists of data files, control files, online redo log, archived redo log, flashback log
so these are database physical files. The instance consists of two things one is SGA and another
one is background processes. Components of SGA are shared pool, large pool, database buffer
cache, redo log buffer, java pool, streams pool. PMON, SMON, RECO, MMON, MMNL are the
background processes. PGA consists of SQL work areas, session memory, Private SQL area which
is consists of one server process. When the client sent a request from the client process it goes
to the server process and then the server process performs the activity that is requested by the
client. Like we request for a SELECT statement so the server process will perform its activity and
gives a SELECT statement.

Let us pick up a basic “Select” statement ran by a user and understand what exactly happens in
the database.
1. At 1, the User issues a SELECT statement which is carried over to the database
(only after connection established using listeners) by the user process.
2. At 2, as there will be a server process created for this user in DEDICATED server
architecture, SQL is passed into this PGA and in turn, creates a CURSOR in it. So,
every SQL statement will have the cursor in the memory until query execution is
completed.
3. At 3, after the cursor is created, the syntax check will let the query move to SGA.
4. At 4,5,6,7, now the system will verify if the query is already cached. If yes, picks
up the execution plan and if no, parsing happens and a new execution plan is
created by the optimizer.
5. At 8,9, now data is pulled into buffer cache with the help of a large pool to
perform I/O operations smoothly.
6. At 10,11, in the case of the ORDER BY clause, sorting takes place in the server
process that is PGA and data is sent back to the user process. Now that query
executed successfully, the cursor area is released on the database server.
Background Process in Oracle Database Architecture:
The background process is a mechanism in an operating system that can run a series of steps.

1. Client processes: These processes are created and maintained to run the
software code of an application program or an Oracle tool. Most environments
have separate computers for client processes.
2. Background Processes: Background processes asynchronously perform I/O and
monitor other Oracle Database processes to provide increased parallelism for
better performance and reliability.
3. Server Processes: These processes communicate with client processes and
interact with Oracle Database to fulfill requests. The processes that perform
activities on behalf of clients-that is the processes that actually executes the
user’s SQL statements-are referred to as server processes.
When a client program wants to execute a SQL, it relies on a server process and returns the
results.
 Dedicated servers- A dedicated server performs tasks on behalf of one client.
This sort of server is started when the clients connect and are destroyed when
the client disconnects. Dedicated servers are usually the default.
 Shared servers– Shared servers perform tasks on behalf of multiple clients.
 Parallel Query servers– Oracle can use multiple parallel processes to execute a
single SQL statement.
 Job and Scheduler servers– The job and scheduler servers execute commands in
the background and schedule as required.
The processes (or threads in the Windows OS) that perform tasks on behalf of all sessions or
that perform Oracle internal activities are called the background processes.
Physical and Logical Structure in Oracle:
Let us understand the Physical and Logical Structure in detail.
Physical Structure:
The architecture includes:
1. Physical components
2. Memory components
3. Processes
4. Logical structure
What is the Oracle server?
An oracle server consists of an oracle instance and an instance is basically something memory
plus some background process and an oracle database files. An oracle database includes several
different types of files: data files, control files, redo files, archive redo log files, parameter files,
and password files. An oracle instance has two different sets of components:
1. The set of background processes like PMON, SMON, RECO, etc.
2. The set includes the memory structures that consist of the Oracle instance.
What is Oracle Physical Structure?
An oracle physical structure consists of the following files: –
1. Data Files: These files store the database information that a firm or organization
needs in order to operate.

2. Control File: These files store database creation date and time, SCN information,
backup and recovery information, and others.
3. Redo log files: These files are used to recover the database in the event of any
failures.
4. Archived redo log files: These files are used to recover the database if there is
some failure in the disk.
5. Parameter files: These files used to specify parameters for configuring an Oracle
instance when it starts up.
6. Password files: Authenticates only to the special users of the database.
7. Alert and trace log files: These files store information about faults and steps
taken, that affect the configuration of the database.
Logical Structure:
An oracle logical structure consists of the following files: –
1. Table Space: A tablespace is a logical container for storing objects such as tables,
indexes, sequences, clusters, and database objects. Each tablespace has at least
one physical data file that actually stores the tablespace at the operating system
level. Large table space may have more than one data file allocated for storing
objects assigned to that tablespace.
2. Segment: When a logical storage object is created within a tablespace, for
example, an employee table, a segment is allocated to the object.
3. Extent: Every object has one segment which is a physical collection of extents.
Extents are collections of contiguous disk storage blocks. A logical storage object
like a table or index every time consists of at least one extent. Preferably, the
initial extent allocated to an object will be large enough to store all data that is
initially loaded.
Block: The oracle server manages data at the smallest unit which is called a block or data block.
Data are actually stored in the blocks.
Database Memory Structure Background Process:
The memory structure includes two areas of memory:
1. System Global Area (SGA): SGA allocates when an oracle instance starts up.
2. Program Global Area (PGA): PGA allocates when a server process starts up.

System Global Area (SGA):
System Global Area (SGA) is a memory area that stores information shared by database
processes and by users of the database. It is a read and writes memory area. It is allocated
when an oracle instance (database) is started up based on values specified in the initialization
parameter file (either PFILE and SPFILE).
Components of SGA:
The SGA has the following memory structures:
1. Database Buffer Cache.
2. Redo Log Buffer
3. Java Pool
4. Streams Pool
5. Shared Pool – includes two components
Library Cache
Data Dictionary Cache
Additional memory structures in the SGA include:
1. Large Pool
Program Global Area:
PGA is a non-shared memory region that contains data and control information exclusively for
use by an oracle process. It is created by the Oracle database when an oracle process is started,
only one PGA exists for each Server Process and each Background Process. It stores data and
control information for a single background process. This is not a shared part of memory, one
PGA to each process only. The total instance PGA is the collection of individual PGAs.
The architecture of PGA:
When we are talking about the individual PGA there under the PGA different components are
there one is session memory one is a persistent area a runtime area that is called a private SQL
area that is the small area size, hash area, bitmap merge area that all called as a SQL work area.
When the multiple PGAs are allocated that is called one instance PGA.
The content of the PGA includes the following:
Private SQL Area: Stores information for a parsed SQL statement – stores behind variable
values runtime memory allocations.
1. Dedicated Server Environment – It is the private SQL area is located in the
Program Global Area.
2. Shared Server Environment – It is the private SQL area is located in the System
Global Area.

Session Memory: Memory that holds session variables and other session information.
SQL Work Area: Memory area allocated for sort, hash-join, bitmap merge, and bitmap create
types of operations.
2 tier, 3 tier, and N tier Architecture:
Software Architecture consists of 1 Tier, 2 Tier, 3 Tier, and N Tier, this tires also can refer as a
layer. Three layers involved in the application are the Presentation layer, Business layer, and
Data layer.
Presentation Layer:
It is also known as the Client Layer. The topmost layer of an application is the layer we see when
we use software by using this layer, we can access the web pages. The main function of this
layer is to communicate with the application layer, this layer passes the information which is
given by the user in terms of keyboard actions, mouse clicks to the application layer.
Example: login page of Gmail where an end-user could see text boxes and buttons to enter user
id, password, and to click on sign-in. In simple words, it is to view the applications.
Application Layer:
It is also known as Business Layer which is also known as the logic layer. As per the Gmail login
page example, once the user clicks on the login button, the application layer interacts with the
Database layer and sends required information to the presentation layer. It controls an
application’s functionality by performing detailed processing. This layer acts as a mediator
between the presentation and the database layer. Complete busyness logic will be written in
this layer.
Data Layer:
The data is stored in the data layer. The application layer communicates with the database layer
to retrieve the data. It contains methods that connect the database and performs the required
action. In simple words, it is to share and retrieve the data.
Example: Insert, update, delete, etc.
Types of Software Architecture:
1 tier Architecture:
It is also known as stand-alone architecture, it has all the layers such as presentation layer,
application layer, and database layer in a single software package application which handles all
the 3 tires such as Mp3 player, MS Office comes under one-tier application, the data is stored in
a local system or in a drive.

It is also known as client-server architecture which is divided into two parts client application
and database application. The client system handles both the presentation and application layer
and the server system handle the database layer, the communication takes place between the
client and the serve. The client system sends the request to the server system, then the server
system process the request and sends back the data to the client system.
It is also known as a web-based application that is divided into 3 parts presentation layer,
application layer, and database layer. Client system handles presentation layer application
server handles application layer and server system handles database layer.
N tier Architecture:
It is also known as the distributed application it is similar to three tiers architecture but the
number of applications is increasingly represented in individual tiers in order to distribute the
business logic so that the logic will be distributed.

CLOUD COMPUTING
INTRODUCTION
Cloud computing is a recently developing paradigm of distributed computing. Though
it is not a new idea that emerged just recently. In 1969 L. Kleinrock anticipated, as of now,
computer networks are still in their infancy. But as they grow up and become more
sophisticated, we will probably see the spread of 'computer utilities' which, like present
electric and telephone utilities, will service individual homes and o ces across the country."
His vision was the true indication of today's utility based computing paradigm. One of the
giant steps towards this world was taken in mid 1990s when grid computing was rst coined
to allow consumers to obtain computing power on demand. The origin of cloud computing
can be seen as an evolution of grid computing technologies. The term Cloud computing was
given prominence rst by Google's CEO Eric Schmidt in late 2006 (may be he coined the term).
So the birth of cloud computing is very recent phenomena although its root belongs to some
old ideas with new business, technical and social perspectives. From the architectural point
of view cloud is naturally build on an existing grid based architecture and uses the grid
services and adds some technologies like virtualization and some business models.
In brief cloud is essentially a bunch of commodity computers networked together in
same or different geographical locations, operating together to serve a number of customers
with different need and workload on demand basis with the help of virtualization. Cloud
services are provided to the cloud users as utility ser-vices like water, electricity, telephone
using pay-as-you-use business model. These utility services are generally described as XaaS
(X as a Service) where X can be Software or Platform or Infrastructure etc. Cloud users use
these services provided by the cloud providers and build their applications in the internet
and thus deliver them to their end users. So the cloud users don't have to worry about
installing, maintaining hardware and software needed. And they also can a ord these
services as they have to pay as much they use. So the cloud users can reduce their
expenditure and e ort in the eld of IT using cloud services instead of establishing IT
infrastructure themselves.
Cloud is essentially provided by large distributed data centers. These data centers are
often organized as grid and the cloud is built on top of the grid services. Cloud users are
provided with virtual images of the physical machines in the data centers. This virtualization
is one of the key concept of cloud computing as it essentially builds the abstraction over the
physical system. Many cloud applications are gaining popularity day by day for their
availability, reliability, scalability and utility model. These applications made distributed
computing easy as the critical aspects are handled by the cloud provider itself.
Cloud computing is growing now-a-days in the interest of technical and busi-ness
organizations but this can also be bene cial for solving social issues. In the recent time E-
Governance is being implemented in developing countries to improve effectiveness &
Efficiency of governance. This approach can be improved much by using cloud computing
instead of traditional ICT. In India, economy is agriculture based and most of the citizens live
in rural areas. The standard of living, agricul-tural productivity etc can be enhanced by

utilizing cloud computing in a proper way. Both of these applications of cloud computing
have technological as well as social challenges to overcome.
In this report we would try to clarify some of the ideas Why is cloud computing a
buzzword today? i.e. what are the bene ts the provider and the users get using cloud?
Though its idea has come long back in 1990 but what situation made it indispensable today?
How is cloud built? What di erentiates it from similar terms like grid computing and utility
computing? What are the di erent services are provided by the cloud providers? Though
cloud computing now-a-days talks about business enterprises not the non-pro t
organizations; how can this new paradigm be used in the services like e-governance and in
social development issues of rural India?
CLOUD COMPUTING BASICS

Cloud computing is a paradigm of distributed computing to provide the customers
on-demand, utility based computing services. Cloud users can provide more reli-able,
available and updated services to their clients in turn. Cloud itself consists of physical
machines in the data centers of cloud providers. Virtualization is pro-vided on top of these
physical machines. These virtual machines are provided to the cloud users. Di erent cloud
provider provides cloud services of di erent abstraction level. E.g. Amazon EC2 enables the
users to handle very low level details where Google App-Engine provides a development
platform for the developers to develop their applications. So the cloud services are divided
into many types like Software as a Service, Platform as a Service or Infrastructure as a
Service. These services are available over the Internet in the whole world where the cloud
acts as the single point of access for serving all customers. Cloud computing architecture
addresses di culties of large scale data processing.
TYPES OF CLOUD
Cloud can be of three types .
 Private Cloud This type of cloud is maintained within an organization and
used solely for their internal purpose. So the utility model is not a big term in
this scenario. Many companies are moving towards this setting and experts
consider this is the 1st step for an organization to move into cloud. Security,
network bandwidth are not critical issues for private cloud.
 Public Cloud In this type an organization rents cloud services from cloud
providers on-demand basis. Services provided to the users using utility com-
puting model.
 Hybrid Cloud This type of cloud is composed of multiple internal or external
cloud. This is the scenario when an organization moves to public cloud
computing domain from its internal private cloud.


CLOUD STAKEHOLDERS
To know why cloud computing is used let's rst concentrate on who use it. And then
we would discuss what advantages they get using cloud. There are three types of
stakeholders cloud providers, cloud users and the end users [Figure 1]. Cloud providers
provide cloud services to the cloud users. These cloud services are of the form of utility
computing i.e. the cloud users uses these services pay-as-you-go model. The cloud users
develop their product using these services and deliver the product to the end users.
Figure 24: Interconnection between cloud stakeholders
ADVANTAGES OF USING CLOUD
The advantages for using cloud services can be of technical, architectural, business etc .
Cloud Providers' point of view
Most of the data centers today are under utilized. They are mostly 15% utilized.
These data centers need spare capacity just to cope with the huge spikes that sometimes get
in the server usage. Large companies having those data centers can easily rent those
computing power to other organizations and get pro t out of it and also make the resources
needed for running data center (like power) utilized properly.
Companies having large data centers have already deployed the resources and to
provide cloud services they would need very little investment and the cost would be
incremental.
Cloud Users' point of view

Cloud users need not to take care about the hardware and software they use and
also they don't have to be worried about maintenance. The users are no longer tied to
someone traditional system.
Virtualization technology gives the illusion to the users that they are having all the
resources available.
Cloud users can use the resources on demand basis and pay as much as they use. So

the users can plan well for reducing their usage to minimize their expenditure.
Scalability is one of the major advantages to cloud users. Scalability is provided
dynamically to the users. Users get as much resources as they need. Thus this model
perfectly fits in the management of rare spikes in the demand.
MOTIVATION TOWARDS CLOUD IN RECENT TIME

Cloud computing is not a new idea but it is an evolution of some old paradigm of
distributed computing. The advent of the enthusiasm about cloud computing in recent past
is due to some recent technology trend and business models .
High demand of interactive applications Applications with real time response and
with capability of providing information either by other users or by non-human sensors
gaining more and more popularity today. These are generally attracted to cloud not only
because of high availability but also because these services are generally data intensive and
require analyzing data across di erent sources. Parallel batch processing Cloud inherently
supports batch-processing and analyzing tera-bytes of data very efficiently.
Programming models like Google's map- reduce and Yahoo!'s open source counter part
Hadoop can be used to do these hiding operational complexity of parallel processing of
hundreds of cloud computing servers.
New trend in business world and scientific community In recent times the business
enterprises are interested in discovering customers needs, buying pat-terns, supply chains to
take top management decisions. These require analysis of very large amount of online data.
This can be done with the help of cloud very easily. Yahoo! Homepage is a very good
example of such thing. In the homepage they show the hottest news in the country. And
according to the users' interest they change the ads and other sections in the page. Other
than these many scienti c experiments need very time consuming data processing jobs like
LHC (Large Hadron Collider). Those can be done by cloud. Extensive desktop application
Some desktop applications like Matlab, Mathematic are becoming so compute intensive that
a single desktop machine is no longer enough to run them. So they are developed to be
capable of using cloud computing to perform extensive evaluations.
CLOUD ARCHITECTURE
The cloud providers actually have the physical data centers to provide virtualized
services to their users through Internet. The cloud providers often provide separa-tion
between application and data. This scenario is shown in the Figure 2. The underlying physical
machines are generally organized in grids and they are usu-ally geographically distributed.
Virtualization plays an important role in the cloud scenario. The data center hosts provide
the physical hardware on which virtual ma-chines resides. User potentially can use any OS
supported by the virtual machines used.

Figure Basic Cloud Computing Architecture
Operating systems are designed for speci c hardware and software. It results in the
lack of portability of operating system and software from one machine to another machine
which uses di erent instruction set architecture. The concept of virtual machine solves this
problem by acting as an interface between the hardware and the operating system called as
system VMs. Another category of virtual machine is called process virtual machine which
acts as an abstract layer between the operating system and applications. Virtualization can
be very roughly said to be as software translating the hardware instructions generated by
conventional soft-ware to the understandable format for the physical hardware.
Virtualization also includes the mapping of virtual resources like registers and memory to
real hard-ware resources. The underlying platform in virtualization is generally referred to as
host and the software that runs in the VM environment is called as the guest. The Figure 3
shows very basics of virtualization. Here the virtualization layer cov-ers the physical
hardware. Operating System accesses physical hardware through virtualization layer.
Applications can issue instruction by using OS interface as well as directly using virtualizing
layer interface. This design enables the users to use applications not compatible with the
operating system.
Virtualization enables the migration of the virtual image from one physical machine
to another and this feature is useful for cloud as by data locality lots of optimization is
possible and also this feature is helpful for taking back up in di erent locations. This feature
also enables the provider to shut down some of the data center physical machines to reduce
power consumption.
Figure: Virtualization basic

COMPARISON BETWEEN CLOUD COMPUTING AND GRID COM-PUTING
Most of the cloud architectures are built on Grid architecture and utilizes its ser-
vice. Grid is also a form of distributed computing architecture where organizations owning
data centers collaborate with each other to have mutual bene t. Although if apparently
seen it seems that cloud computing is no di erent from its originator in the rst look but
there are substantial di erence between them in spite of so many similarities. The relation
between Grid and cloud computing is discussed in Table .
RELATION BETWEEN CLOUD COMPUTING AND UTILITY COM-PUTING

The cloud users enjoy utility computing model for interacting with cloud service
providers. This Utility computing is essentially not same as cloud computing. Utility
computing is the aggregation of computing resources, such as computation and storage, as a
metered service similar to a traditional public utility like electricity, water or telephone
network. This service might be provided by a dedicated computer cluster speci cally built for
the purpose of being rented out, or even an under-utilized supercomputer. And cloud is one
of such option of providing utility computing to the users.
TYPES OF UTILITY CLOUD SERVICES
Utility computing services provided by the cloud provider can be classi ed by the type
of the services. These services are typically represented as XaaS where we can replace X by
Infrastructure or Platform or Hardware or Software or Desktop or Data etc. There are three
main types of services most widely accepted - Software as a Service, Platform as a Service
and Infrastructure as a Service. These services provide different levels of abstraction and
flexibility to the cloud users. This is shown in the Figure
Figure: Cloud Service stack

Comparison between Grid & Cloud computing
SAAS (SOFTWARE AS A SERVICE)
Delivery through the web browser to thousands of customers using a multitenant

architecture. On the customer side, it means no upfront investment in servers or software
licens-ing; on the provider side, with just one application to maintain, cost is low compared
to conventional hosting. Under SaaS, the software publisher (seller) runs and maintains all
necessary hardware and software. The customer of SaaS accesses the applications through
Internet. For example Salesforce.com with yearly revenues of over $300M, o ers on- demand
Customer Relationship Management software solutions. This application runs on
Salesforce.com's own infrastructure and delivered directly to the users over the Internet.
Sales force does not sell perpetual licenses but it charges a monthly subscription fee start-
ing at $65/user/month . Google docs is also a very nice example of SaaS where the users can
create, edit, delete and share their documents, spread-sheets or presentations whereas
Google have the responsibility to maintain the software and hardware.
E.g. - Google Apps, Zoho O ce.
PAAS (PLATFORM AS A SERVICE)

Delivers development environment as a ser-vice. One can build his/her own
applications that run on the provider's infras-tructure that support transactions, uniform
authentication, robust scalability and availability. The applications built using PaaS are o ered
as SaaS and consumed directly from the end users' web browsers. This gives the ability to
integrate or consume third-party web-services from other service platforms.
E.g. - Google App Engine.
IAAS (INFRASTRUCTURE AS A SERVICE)

IaaS service provides the users of the cloud greater exibility to lower level than other
services. It gives even CPU clocks with OS level control to the developers.
E.g. - Amazon EC2 and S3.
Popular Cloud Applications: A Case study
Applications using cloud computing are gaining popularity day by day for their high
availability, reliability and utility service model. Today many cloud providers are in the IT
market. Of those Google App-Engine, Windows Azure and Amazon EC2, S3 are prominent
ones for their popularity and technical perspective.
Amazon EC2 and S3 Services
Amazon Elastic Computing (EC2) is one of the biggest organizations to pro-vide
Infrastructure as a Service. They provide the computer architecture with XEN virtual
machine. Amazon EC2 is one of the biggest deployments of XEN architecture to date. The
clients can install their suitable operating system on the virtual machine. EC2 uses Simple
Storage Service (S3) for storage of data. Users can hire suitable amount CPU power, storage,
JTO to SDE IT Module Internal Circulation Only Page 56
and memory without any upfront com-mitment. Users can control the entire software stack
from kernel upwards. The architecture has two components one is the EC2 for computing
purposes and S3 is for storage purposes.
Simple Storage Service: S3 can be thought as a globally available distributed hash
table with high-level access control. Data is stored in name/value pairs. Names are like UNIX
le names and the value can be object having size up-to 5 GB with up-to 4K of metadata for
each object. All objects in Amazon's S3 must t into the global namespace. This namespace
consists of a \bucket name" and an \object name". Bucket names are like user names in
traditional email account and provided by Amazon on rst come rst serve basis. An AWS
(Amazon Web Services) account can have maximum of 100 buckets.
Data to S3 can be sent by SOAP based API or with raw HTTP \PUT" com-mands. Data
can be retrieved using SOAP HTTP or BitTorrent. While using BitTorrent the S3 system
operates as both tracker and the initial seeder. There are also some tools available which
enables the users to view S3 as a remote le system. Upload download rate from and to S3 is
not that much exiting. One developer from Germany reported experiencing 10-100 KBps.
This rate can go up-to 1-2 MBps on the higher side depending on the time of the day.
Although the speed is not that much fascinating it is good enough for deliv-ering web objects
and for backup purposes although for doing computation it is not suitable.
Amazon S3 has a very impressive support for privacy, integrity and short term
availability. Long term availability is unknown as this depends on the internal commitment of
Amazon data centers. Data privacy can be obtained by encrypting the data to be stored. But
this encryption is to be done by the user before storing the data in S3. One can use SSL with
HTTPS to connect to S3 for more security but this usage of SSL increases upload/download
time also. Data integrity can be achieved by checking end to end MD5 checking. When an
object is stored into S3 then it returns MD5 of that object. One can easily check it with
previously computed hash value to guarantee data integrity. Short term availability depends
upon the Amazon's connectivity and load on its server at that instant. Once the data is
actually in the S3 then it is Amazon's responsibility to take care of it's availability. They claim
that the data is backed up on multiple hard drives in multiple data centers but doesn't
guarantee this by any Service Level Agreement. There is no backup or recovery mechanism if
the user accidentally deletes any data.
Amazon has a very impressive scheme of authentication in comparison to other
cloud services. Every AWS account has an Access Key ID and a Secret Key.
The ID is of 20 characters and the Key is a 41 character string. When signing HMAC is
rst computed for the sign request parameters using that Key. And in the Amazon server that
HMAC is again computed and compared with the value previously computed in the client
side. These requests also include timestamp to prevent replay attacks.
Elastic Compute Cloud: As the name implies EC2 rents cloud of computers to the
users with exibility of choosing the con guration of the virtual machine like RAM size, local
disk size, processor speeds etc.

Machines that deliver EC2 services are actually virtual machines running on top of
XEN platform. Users can store a disk image inside S3 and create a virtual machine in EC2
using tools provided by Amazon. This virtual machine can be easily instantiated using a java
program and can also be monitored. As EC2 is based on XEN it supports any linux
distribution as well as other OSs. Amazon does not promise about reliability of the EC2
computers. Any machine can crash at any moment and they are not backed up. Although
these machine generally don't crash according to the experience of the users but it is safe to
use S3 to store information which is more reliable and replicated service. EC2 security model
is similar to that of S3. The only di erence is that the commands are signed with an X 509
private key. But this key is downloaded from AWS account so the security depends
fundamentally on the AWS username and password.
GOOGLE APP-ENGINE
Google App-Engine is a platform for developing and deploying web applications in
Google's architecture. This provides Platform as a Service to the cloud users. In 2008 Google
App-Engine was rst released as beta version. Languages supported by Google App- Engine
are python, java and any extension of JVM languages. App-Engine requires developers to use
only languages which are supported by it and this is also applied with APIs and frameworks.
Now Google App-Engine allows storing and retrieving data from a BigTable non-relational
database.
AppEngine applications are expected to be request-reply based. Google App-engine
provides automatic scalability, persistent data storage service. Data store features a query
engine and transaction capabilities. These applications are easy to scale as tra c and data
storage need to grow so the cloud user doesn't have to worry about the spikes in the tra c or
data. These applications are generally suitable for social networking start-ups, event-based
websites catering to seasonal events or institutions (schools, colleges, universities,
government agencies) etc [
WINDOWS AZURE
Windows Azure is an intermediate in the spectrum of exibility vs programmer
convenience. These systems use .NET libraries to facilitate language independent managed
environment. This service falls under the category of Platform as a Ser-vice. Though it is
actually in between complete application framework like Google App-Engine and hardware
virtual machines like EC2. Azure applications run on machines in Microsoft data centers. By
using this service customers can use it to run applications and store data on internet
accessible machines owned by Microsoft. windows Azure platform provides three
fundamental components - compute com-ponent, storage component and fabric
component. Basic components of Windows Azure are shown in Figure.
The Compute Service: The primary goal of this platform is to support a large number
of simultaneous users. (Microsoft also said that they would use Azure to build their SaaS

applications which motivated many potential users.) To allow applications to scale out
Microsoft uses multiple instances of that appli-cations on virtual machines provided by
Hypervisor. Developers use Windows Azure portal through Web browser, and use Windows
live ID to sign in into his/her hosting account or storage account or both.
Two di erent types of Azure instance is available: Web role instance and Worker role
instances. Web role instance: As the name implies this type of instance can accept HTTP or
HTTPS requests. For this facility Microsoft uses IIS (Internet Information Services) as a web
server inside the VM provided. Developers can build applications using ASP.NET, Windows
Communication Foun-dation (WCF) or any other .NET technology or native codes also like
C++. PHP or java based technologies also supported in Azure. Azure scales applications by
running multiple instances without any a nity with a particular Web role instance. So it is
perfectly natural for an Azure application to serve multiple requests from a single user by
multiple in-stances. So this requires to write the client state in the Azure storage after each
client request.
Worker role instance: This type of instances are very similar to that of Web role
instances. But unlike the Web role instances these don't have
Figure: Windows Azure component architecture

IIS configured. They can be configured to run executable of users' right. Worker role
instance is more likely to function like a background job. Web role instances can be used to
accept request from the users and then they can be processed by Worker role instances in a
later point of time. For a compute intensive work many Worker role instances can run in
parallel.
Loging and monitoring of Azure applications is made easy by provision of ap-
plication wide log. a developer can collect performance related information like measure of
CPU usage, store crash dumps in the storage. Azure doesn't give the developer the freedom

to use his/her own VM image for Windows Azure. The platform maintains its own Windows.
Applications in Azure run only in user mode - no administrative access isn't allowed here. So
Windows Azure can update the operating system in each VM without any concern of a
ecting the applications running on it. This approach separates administrative work from the
user domain.
The Storage Service:
Applications running in Azure uses storage of di erent types:
Blobs: This is used for storing binary data in a simple hierarchy. Blobs can have
associated metadata with them. A user account can have one or more containers and these
containers have one or more blobs.
Storage tables: Blobs provide mechanisms for unstructured data but for more
structured purposes tables are more suitable. These tables are nothing like tables in a
traditional database. They are actually stored in a group of entities. These tables can be
accessed by using ADO.NET Data Services. SQL is not preferable for scale out issues.
Queue : This is not a structure like tables or blobs to store data but these queues are
used to store messages about tasks to be performed by Worker role instance. These tasks
are written by Web role instances on receiving request from clients. A Worker role instance
waiting on that queue can read the message and perform the task it speci es.
All data in the Windows Azure storage is replicated three times for providing fault
tolerance. Azure also keeps backups in geographically distributed data centers. Windows
Azure storage can be accessed by any Windows Azure ap-plication as well as any application
hosted at another cloud platform. All the blobs, tables, queues are named using URIs and
can be accessed by HTTP methods calls.
Some applications have inherent need for relational databases. This is provided in
the form of SQL Azure.
This bis build on Microsoft SQL Server. This data can be accessed via ADO.NET or by
other Windows data access interfaces.
The Fabric: All Windows Azure application and all of the data stored in Azure Storage
live are physically happen inside some of the data centers handled by Microsoft. In the data
centers the set of machines dedicated to Azure are organized into a fabric. These machines
are managed by fabric controller. These are replicated in ve to seven machines. These
controllers are aware of every Windows Azure application running in that fabric and also
owns all the resources like computers, switches, load balancers etc. Controllers monitors,
decides which resources to allocate to new applications looking at the configuration le with
the application. They also monitor the running applications.
CLOUD COMPUTING APPLICATION IN INDIAN CON-TEXT

Today most of the studies in cloud computing is related to commercial bene ts. But
this idea can also be successfully applied to non-pro t organizations and to the social bene t.

In the developing countries like India Cloud computing can bring about a revolution in the
eld of low cost computing with greater e ciency, availability and reliability. Recently in these
countries e-governance has started to ourish. Experts envisioned that utility based
computing has a great future in e-governance. Cloud computing can also be applied to the
development of rural life in India by building information hubs to help the concerned people
with greater access to required information and enable them to share their experiences to
build new knowledge bases.
E-Governance
E-Governance is an interface between Government and public or this can be an
interface between two governments or between government and business organiza-tions.
Objectives are generally to improve e ciency and e ectiveness to serve public demand and to
save costs for online services. This requires Government to have the will to decentralize the
responsibilities and processes and start to have faith on electronic and internet systems. E-
government is a form of e-business in gover-nance and refers to the processes and
structures needed to deliver electronic services to the public (citizens and businesses),
collaborate with business partners and to conduct electronic transactions within an
organizational entity. This E-Governance can be greatly improved by utility computing .
Impact of Technology In E-governance -
24/7 Service Model Systems and services require high availability. Get the citizens
feel that Government is always at their service.
Need for Content Web contents should be regularly updated and the infor-mation
provided to the public should be su cient. Respective departments should be responsible for
providing the information.
Human Resource Building these IT skilled resources would need properly trained
personals. This would make government to compete with other private organizations.
Security Sensitive Government data is to be highly secured. Policies are to be taken

seriously maintained and designed.
Privacy Personal data should be given su cient privacy. It can be a di cult issue if data
is stored across di erent departments and computer systems.
Recently Government of India have taken initiative and launched several projects to
facilitate people with better mechanism of governance using IT as a tool. They have
launched projects like Gyan Ganga, e-Gram to leverage the strength of connectivity. Gyan
Ganga is one of the initiatives of the Government of Gujrat to ensure wireless Internet
connectivity to 18000 villages in Gujrat. This project is based on corDECT a technology based
on Wireless Local Loop (WLL). Rural citizens are provided with facilities like browsing emails,
Internet, land records, rural job opportunities, status of various government projects,
information about local weather, soil and consult with experts to increase productivity in
agriculture, to have answer to their queries about veterinary and health care. Gyan Ganga

comes with other facilities with on-line registration of various applications, on-line public
grievance form, information on Government projects etc.
Another Government of India initiative is E-Gram computerization of local Gram
panchayats. This is also now implemented in the villages of Gujrat. This E-Gram provides the
rural people services like birth and death certi cation, property assessment, tax- collection,
accounts of gram panchayats etc.
Why traditional systems are not sufficient? For maintaining traditional sys-tems in e-
government there are many more disadvantages.
Application life cycle management Applications are generally developed in
evolutionary manner and changes should be consistent across all the depart-ments and up
gradation should be performed when the system is functioning.
Software licensing Software should be licensed for each and every depart-ment
terminal. This incurs a large amount of establishment cost.
Scalability Traditional centralized systems have inherent weakness towards the
aspect of scalability.
Security This is the most crucial aspect for e-governance. Government information is
highly sensitive. So they should be highly secured. For the traditional systems all the systems
across all the departments should have sufficient security.
Most of these disadvantages are addressed by cloud computing.
Scalability Cloud computing by design supports scalability. The data cen-ters have
enough computing and storage capacity to cope up with the spike demand.
Modifiable Applications hosted in cloud can be modi ed internally without too much
concern of the end users. Change in one place would re ect in all the places inherently and it
would be consistent.
Data logging This central facility can be very useful for locating any fault in the
system. Logging can also be used for detecting unauthorized usage checking or detecting
compromization.
Availability Cloud services are well known for high availability. If any data center is
down for any reason there is hot backup ready to work immediately. Virtual machine
migration is used to great extend in this situation to facilitate load balancing in case of failure
of some systems.
Reliability Replication and migration of instances across data centers make the
reliability of the system very high in the cloud scenario.
Physical disaster recovery Backup policies can be very useful for physical disaster
avoidance and this is inherent to the cloud system. Data is stored in di erent physical
location so that hot backup can be provided whenever needed.
Policy management Polices can be managed in a centralized fashion. This is helpful
for introducing Government policies readily unlike the present scenario.
Legacy software An already developed software can be moved to cloud with minor
changes some times. So the Government doesn't incur cost for develop-ing applications

which it already has.
Pay model Cloud providers' pay-as-you-use model enables the customer
(Government) to reduce cost of deployment and control the usage.
Reduce power consumption Adaptation of cloud reduces power consumption in
different offices and usage of power is concentrated in the data center only. But also that is
not the concern of the government as those data centers are to be handled by the third
party who provides cloud services.
Though it seems that cloud computing is indispensable for e-government but there
are many issues related to Cloud Computing application -
Security Concern Government works are highly security sensitive and the policies
sometimes must not be go into public. But in cloud computing scenario security is not
properly implemented today. So this is a big concern.
Policy Concern Government has certain policies but the third party cloud provider
may have contradicting policies.
Lack of faith in networks Many government departments don't have that much trust
in networks and internet. So they would not jump into accepting cloud computing.
RURAL DEVELOPMENT
In the context of rural development cloud computing can also be used to success for
its centralized storage and computing facility and utility based pay model. As per 72.2% of
total Indian population resides in rural areas. According to the survey conducted by \Hole in
the Wall project" computer literacy among boys and girls of age group 8-14 in rural area
varies across the regions of India. It is 40-50% in most of the regions. So the computer
literacy is not a concern in rural India and also in it shown that learning rate is pretty high for
computer literacy. Agriculture is India's biggest employment source, accounting for 52%
employment in India. And agricultural sector contributes to 20% of country's total GDP. So it
is very important to make a serious attempt to develop rural India.
Rural development can be in the form of education, agriculture, health, cul-ture or in
any other elds. Now a days most of the villages have some access to electricity and cellular
phone. So there is technical feasibility of establishing com-puter systems. But the mentality
of the people haven't been changed that much and that's why the spread of personal
computer is not that much signi cant in the villages. We think this growth rate can be
enhanced if the computing system is really cheap, easy to operate with minimum level of
knowledge, without upfront commitment and more essentially if the system is helpful to
enhance their life style. The main aim of the system is to make the people in rural areas to
have access to recent technology and with the help of the computing system enhance their
standard of living and also this would lead to a grater good of developing the nation.
Why not traditional web services?
Availability Many of the services should be available always like health etc. These
availability issues are not that well handled by the traditional web services as they are

handled typically by a single server and thus the server downtime is always there to happen.
The villagers have to own a PC To use traditional web services through in-ternet the
villagers need to own a PC which would increase their investment. Then the issues of need
for technical experts for software/hardware installa-tion and maintenance are needed. But
naturally the number of such experts is very less in number in the remote village.
Upgradation of software or hardware would be a problem both economically and
technically.
With the help of cloud computing this can be made possible. We'll now discuss the
technological and economic advantages for using cloud.
No upfront commitment The villagers need not to invest too much to buy computing
system and commit. But instead they can have very low cost terminals with basic
functionality of I/O and have a network access.
No maintenance issues The users need not to be an expert for maintenance. This
solves the unavailability of technical experts in the remote villages as the maintenance issues
are handled by the cloud provider explicitly.
Upgraded version of hardware and software The users always use the up-graded
version of software and hardware as maintained by the cloud provider. This reduces the cost
of up gradation.
On-demand resource allocation The virtual resources can be extended as needed. If
the user needs more resource then it is provided on demand basis.
Utility computing model the economic model used by the cloud is pay-as-you-use.
This enables the users handle the cost they have to pay.
By using cloud computing model some improvement of the current system is possible
to bring about social and as well as economic prospect in rural India.
Share knowledge and build knowledge base Most of the agriculture related issues are
generally local and they can't be solved by general expertise. So it happens many times that
the so called experts are not the right person to answer the problems but instead the local
farmers are better in understanding.
So in these situations better solution can be given by the local experts. If these local
experts access a common space to share their knowledge then others eventually come to
know about the solution. Thus a knowledge base can be build which would represent the
issues in that local scenario. It is like building Wikipedia.
Health and medical services In the developing countries like India one of the concern
of Rural health care is in spite of best intention from both the medical professionals and
patients a practical challenge is faced for difficulties of communications among interested
parties. This issue can be solved using cloud computing in an appropriate way. Consultation
among doctors around the world make sharing of knowledge possible and takes
telemedicine to the next level, creating a network that goes beyond the one-to- one,

patient-to-patient, patient-to-doctor or doctor-to-doctor interactions. In this way a patient
su ering from a particular disease can be better treated by consulting with doctors within
region and also outside who may have more experience with such a case.
Education in remote areas Education in rural areas can be enhanced with the help of
distance education. Education can be provided in different languages and with respect to
different curriculum with the aid of e-learning components. Students can be encouraged to
build their own multimedia pre-sensations. These can be hosted in the cloud. This type of
approach encourage the students to concentrate more on learning and representing the
material and also that would build the knowledge in the cloud for other students to refer.
This is possible with the aid of cloud computing with greater reliability and availability.
Government decision making Looking at the common knowledge base the

Government can have a fair knowledge of the local situation and take adoptive steps. Access
to Information hub Government can provide relevant information such as land revenue data,
weather data, soil information etc. through these cloud services to the people concerned.
All these things are possible with right initiative. These may need customizing the
original cloud services. Some generally unpopular services like Desktop as a Service may
make sense in these scenario which essentially tells about providing the users a virtual
desktop environment. But deployment of cloud services in rural areas has some issues
associated with it.
The first and foremost issue for the deployment of internet based services in rural
India is the availability of electricity and networks. Currently there are a number of initiatives
underway to explore alternative to wired Internet, in-cluding WiFi, WiMax, satellite-based
Internet connectivity. Such an e ort is made by Midas Communication technologies and
Indian Institute of Madras in the name of corDECT which is a wireless access system. It
provides simultaneously voice and 35-70kbps Internet access to wireless subscriber. Another
effort is where the authors modified traditional WiFi to make it efficiently work in long
distance suitable in the context of rural area.
Optimization due to data locality Store the data where it is mostly used is known as
the data locality. This is very helpful for optimization purpose. This can be done by
establishing data centers in rural India. But the cost of power and bandwidth may not be
cheap in many places. So for those places some e ciency and economic trade o should be
obeyed.
India is now world's 2nd fastest growing economy. As per World Bank survey, by this
year the growth rate of India's economy would be faster than currently fastest economy
China. In India there is very large scope of applying IT in domestic level and that encouraged
the cloud providers to establish cloud services in India. Today companies like Reliance, TATA,
Zenith Computers, Wipro Technologies, Netmagic Solutions, and Reliance are providing

cloud services in India successfully. These companies can grasp the huge market in the rural
India as well as making social development.
CONCLUSION
Cloud computing is a newly developing paradigm of distributed computing.
Virtualization in combination with utility computing model can make a difference in the IT
industry and as well as in social perspective. Though cloud computing is still in its infancy but
its clearly gaining momentum. Organizations like Google, Yahoo, Amazon are already
providing cloud services. The products like Google App-Engine, Amazon EC2, Windows Azure
are capturing the market with their ease of use, availability aspects and utility computing
model. Users don't have to be worried about the hinges of distributed programming as they
are taken care of by the cloud providers. They can devote more on their own domain work
rather than these administrative works. Business organizations are also showing increasing
interest to indulge themselves into using cloud services. There are many open research
issues in this domain like security aspect in the cloud, virtual machine migration, dealing
with large data for analysis purposes etc. In developing counties like India cloud computing
can be applied in the e-governance and rural development with great success. Although as
we have seen there are some crucial issues to be solved to successfully deploy cloud
computing for these social purposes. But they can be addressed by detailed study in the
subject.

Computer Networking/LAN/WAN
Introduction to Computer Networks
We are living in a connected world. Information is being produced, exchanged, and traced across the
globe in real time. It's possible as almost everyone and everything in the digital world is interconnected
through one way or the other.
A group of two or more similar things or people interconnected with each other is called network).
Some of the examples of network in our everyday life includes:
• Social network
• Mobile network
• Network of computers
• Airlines, railway, banks, hospitals networks
A computer network is an interconnection among two or more computers or computing devices. Such
interconnection allows computers to share data and resources among each other. A basic network may
connect a few computers placed in a room. The network size may vary from small to large depending on
the number of computers it connects. A computer network can include different types of hosts (also
called nodes) like server, desktop, laptop, cellular phones Apart from computers, networks include
networking devices like switch, router, modem, etc. Networking devices are used to connect multiple
computers in different settings. For communication, data in a network is divided into smaller chunks
called packets. These packets are then carried over a network. Devices in a network can be connected
either through wired media like cables or wireless media like air. In a communication network, each
device that is a part of a network and that can receive, create, store or send data to different network
routes is called a node. In the context of data communication, a node can be a device such as a modem,
hub, bridge, switch, router, digital telephone handset, a printer, a computer or a server.

Interconnectivity of computing devices in a network allows us to exchange information simultaneously
with many parties through email, websites, audio/video calls, etc. Network allows sharing of resources.
For example, a printer can be made available to multiple computers through a network; a networked
storage can be accessed by multiple computers. People often connect their devices through hotspot,
thus forming a small personal network.
Evolution of Networking
In the 1960s a research project was commissioned by Advanced Research Projects Agency Network
(ARPANET) in the U.S. Department of Defence to connect the academic and research institutions located
at different places for scientific collaborations. The first message was communicated between the
University of California, Los Angeles (UCLA) and Stanford Research Institute (SRI). Slowly but gradually,
more and more organisations joined the ARPANET, and many independent smaller networks were
formed. Few of the milestones in the magnificent journey of evolution of computer networks is depicted
in the timeline shown in Figure
Types of Networks There are various types of computer networks ranging from network of handheld
devices (like mobile phones or tablets) connected through Wi-Fi or Bluetooth within a single room to the
millions of computers spread across the globe. Some are connected wireless while others are connected
through wires. Based on the geographical area covered and data transfer rate, computer networks are
broadly categorised as:
• PAN (Personal Area Network)

• LAN (Local Area Network)
• MAN (Metropolitan Area Network)
• WAN (Wide Area Network)
Personal Area Network (PAN) It is a network formed by connecting a few personal devices like
computers, laptops, mobile phones, smart phones, printers etc., as shown in Figure 10.4. All these
devices lie within an approximate range of 10 metres. A personal area network may be wired or
wireless. For example, a mobile phone connected to the laptop through USB forms a wired PAN while
two smartphones communicating with each other through Bluetooth technology form a wireless PAN or
WPAN.
Local Area Network (LAN) It is a network that connects computers, mobile phones, tablet, mouse,
printer, etc., placed at a limited distance. The geographical area covered by a LAN can range from a
single room, a floor, an office having one or more buildings in the same premise, laboratory, a school,
college, or university campus. The connectivity is done by means of wires, Ethernet cables, fibre optics,
or Wi-Fi. A Local Area Network (LAN) is shown in Figure
LAN is comparatively secure as only authentic users in the network can access other computers or
shared resources. Users can print documents using a connected printer, upload/download documents
and software to and from the local server. Such LANs provide the short range communication with the
high speed data transfer rates. These types of networks can be extended up to 1 km. Data transfer in
LAN is quite high, and usually varies from 10 Mbps (called Ethernet) to 1000 Mbps (called Gigabit
Ethernet), where Mbps stands for Megabits per second. Ethernet is a set of rules that decides how
computers and other devices connect with each other through cables in a local area network or LAN.

Metropolitan Area Network (MAN) Metropolitan Area Network (MAN) is an extended form of LAN
which covers a larger geographical area like a city or a town. Data transfer rate in MAN also ranges in
Mbps, but it is considerably less as compared to LAN. Cable TV network or cable based broadband
internet services are examples of MAN. This kind of network can be extended up to 30-40 km.
Sometimes, many LANs are connected together to form MAN, as shown in Figure
WAN
Wide Area Network connects computers and other LANs and MANs, which are spread across
different geographical locations of a country or in different countries or continents. A WAN could
be formed by connecting a LAN to other LANs via wired/wireless media. Large business, educational
and goveernmeen t organisations connect their different branches in different locations across the
world through WAN. The Internet is the largest WAN that connects billions of computers, smartphones
and millions of LANs from different continents.

Network Devices
To communicate data through different transmission media and to configure networks with different
functionality, we require different devices like Modem, Hub, Switch, Repeater, Router, Gateway, etc. Let
us explore them in detail.
Modem
Modem stands for ‘MOdulator DEModulator’. It refers to a device used for conversion between analog
signals and digital bits. We know computers store and process data in terms of 0s and 1s. However, to
transmit data from a sender to a receiver, or while browsing the internet, digital data are converted to
an analog signal and the medium (be it free-space or a physical media) carries the signal to the receiver.
There are modems connected to both the source and destination nodes. The modem at the sender’s
end acts as a modulator that converts the digital data into analog signals. The modem at the receiver’s
end acts as a demodulator that converts the analog signals into digital data for the destination node to
understand. Figure 10.8 shows connectivity using a modem.
Wide Area Network (WAN) Wide Area Network connects computers and other LANs and MANs, which
are spread across different geographical locations of a country or in different countries or continents. A
WAN could be formed by connecting a LAN to other LANs (Figure 10.7) via wired/wireless media. Large
business, educational and government organisations connect their different branches in different
locations across the world through WAN. The Internet is the largest WAN that connects billions of
computers, smartphones and millions of LANs from different continents.
Ethernet Card
Ethernet card, also known as Network Interface Card (NIC card in short) is a network adapter used to
set up a wired network. It acts as an interface between computer and the network. It is a circuit board
mounted on the motherboard of a computer as shown in Figure 10.9. The Ethernet cable connects the
computer to the network through NIC. Ethernet cards can support data transfer between 10 Mbps and 1
Gbps (1000 Mbps). Each NIC has a MAC address, which helps in uniquely identifying the computer on
the network.
RJ45
RJ 45 or Registered Jack-45 is an eight-pin connector (Figure 10.10) that is used exclusively with Ethernet
cables for networking. It is a standard networking interface that can be seen at the end of all network
cables. Basically, it is a small plastic plug that fits into RJ-45 jacks of the Ethernet cards present in various
computing devices
Repeater
Data are carried in the form of signals over the cable. These signals can travel a specified distance
(usually about 100 m). Signals lose their strength beyond this limit and become weak. In such conditions,
original signals need to be regenerated. A repeater is an analog device that works with signals on the
cables to which it is connected. The weakened signal appearing on the cable is regenerated and put back
on the cable by a repeaterRJ 45 or Registered Jack-45 is an eight-pin connector (Figure 10.10) that is
used exclusively with Ethernet cables for networking. It is a standard networking interface that can be
seen at the end of all network cables. Basically, it is a small plastic plug that fits into RJ-45 jacks of the
Ethernet cards present in various computing devices.
Hub
An Ethernet hub is a network device used to connect different devices through wires. Data arriving on
any of the lines are sent out on all the others. The limitation of Hub is that if data from two devices
come at the same time, they will collide.
Switch
A switch is a networking device (Figure 10.12) that plays a central role in a Local Area Network (LAN).
Like a hub, a network switch is used to connect multiple computers or communicating devices. When
data arrives, the switch extracts the destination address from the data packet and looks it up in a table
to see where to send the packet. Thus, it sends signals to only selected devices instead of sending to all.
It can forward multiple packets at the same time. A switch does not forward the signals which are noisy
or corrupted. It drops such signals and asks the sender to resend it. Ethernet switches are common in
homes/offices to connect multiple devices thus creating LANs or to access the Internet.

Router
A router (Figure 10.13) is a network device that can receive the data, analyse it and transmit it to other
networks. A router connects a local area network to the internet. Compared to a hub or a switch, a
router has advanced capabilities as it can analyse the data being carried over a network, decide/alter
how it is packaged, and send it to another network of a different type. For example, data has been
divided into packets of a certain size. Suppose these packets are to be carried over a different type of
network which cannot handle bigger packets. In such a case, the data is to be repackaged as smaller
packets and then sent over the network by a router.
A router can be wired or wireless. A wireless router can provide Wi-Fi access to smartphones and other
devices. Usually, such routers also contain some ports to provide wired Internet access. These days,
home Wi-Fi routers perform the dual task of a router and a modem/ switch. These routers connect to
incoming broadband lines, from ISP (Internet Service Provider), and convert them to digital data for
computing devices to process.
Gateway
As the term “Gateway” suggests, it is a key access point that acts as a “gate” between an organisation's
network and the outside world of the Internet (Figure 10.14). Gateway serves as the entry and exit point
of a network, as all data coming in or going out of a network must first pass through the gateway in
order to use routing paths. Besides routing data packets, gateways also maintain information about the
host network's internal connection paths and the identified paths of other remote networks. If a node
from one network wants to communicate with a node of a foreign network, it will pass the data packet
to the gateway, which then routes it to the destination using the best possible route.
For simple Internet connectivity at homes, the gateway is usually the Internet Service Provider that
provides access to the entire Internet. Generally, a router is configured to work as a gateway device in
computer networks. But a gateway can be implemented completely in software, hardware, or a
combination of both. Because a network gateway is placed at the edge of a network, the firewall is
usually integrated with it.

Networking Topologies
We have already discussed that a number of computing devices are connected together to form a Local
Area Network (LAN), and interconnections among millions of LANs forms the Internet. The arrangement
of computers and other peripherals in a network is called its topology. Common network topologies are
Mesh, Ring, Bus, Star and Tree.
Mesh Topology
In this networking topology, each communicating device is connected with every other device in the
network as shown in Figure 10.15. Such a network can handle large amounts of traffic since multiple
nodes can transmit data simultaneously. Also, such networks are more reliable in the sense that even if
a node gets down, it does not cause any break in the transmission of data between other nodes. This
topology is also more secure as compared to other topologies because each cable between two nodes
carries different data. However, wiring is complex and cabling cost is high in creating such networks and
there are many redundant or unutilised connections.

Ring Topology
In ring topology (Figure 10.16), each node is connected to two other devices, one each on either side, as
shown in Figure 10.16. The nodes connected with each other thus forms a ring. The link in a ring
topology is unidirectional. Thus, data can be transmitted in one direction only (clockwise or
counterclockwise).
Bus Topology
In bus topology (Figure 10.17), each communicating device connects to a transmission medium, known
as bus. Data sent from a node are passed on to the bus and hence are transmitted to the length of the
bus in both directions. That means, data can be received by any of the nodes connected to the bus.
Star Topology
In star topology (Figure 10.18), each communicating device is connected to a central node, which is a
networking device like a hub or a switch, as shown in Figure 10.18. Star topology is considered very
effective, efficient and fast as each device is directly connected with the central device. Although
disturbance in one device will not affect the rest of the network, any failure in a central networking
device may lead to the failure of complete network.
The central node can be either a broadcasting device means data will be transmitted to all the nodes in
the network, or a unicast device means the node can identify the destination and forward data to that
node only.
MAC Address
MAC stands for Media Access Control. The MAC address, also known as the physical or hardware
address, is a unique value associated with a network adapter called a NIC. The MAC address is engraved
on NIC at the time of manufacturing and thus it is a permanent address and cannot be changed under
any circumstances. The machine on which the NIC is attached, can be physically identified on the
network using its MAC address. Each MAC address is a 12-digit hexadecimal numbers (48 bits in length),
of which the first six digits (24 bits) contain the manufacturer’s ID called Organisational Unique Identifier
(OUI) and the later six digits (24 bits) represents the serial number assigned to the card by the
manufacturer. A sample MAC address looks like:
IP Address
IP address, also known as Internet Protocol address, is also a unique address that can be used to
uniquely identify each node in a network. The IP addresses are assigned to each node in a network that
uses the Internet Protocol for communication. Thus, if we know a computer’s IP address, we can
communicate with that computer from anywhere in the world. However, unlike MAC address, IP
address can change if a node is removed from one network and connected to another network. The
initial IP Address called version 4 (IPV4 in short), is a 32 bit numeric address, written as four numbers
separated by periods, where each number is the decimal (base-10) representation for an 8-bit binary
(base-2) number and each can take any value from 0 - 255. A sample IPV4 address looks like:
192:168:0:178
With more and more devices getting connected to the Internet, it was realised that the 32-bit IP address
will not be sufficient as it offers just under 4.3 billion unique addresses. Thus, a 128 bits IP address,
called IP version 6 (IPV6 in short) was proposed. An IPv6 address is represented by eight groups of
hexadecimal (base-16) numbers separated by colons. A sample IPV6 address looks like:
2001:CDBA:0000:0000:0000:0000:3257:9652
Internet, Web and the Internet of Things
The Internet is the global network of computing devices including desktop, laptop, servers, tablets,
mobile phones, other handheld devices, printers, scanners, routers, switches, gateways, etc. Moreover,
smart electronic appliances like TV, AC, refrigerator, fan, light, etc. can also communicate through a
network. The list of such smart devices is always increasing e.g., drones, vehicles, door lock, security
camera.
The Internet is evolving every day and it is difficult to visualise or describe each and every aspect of the
architecture of the Internet. Computers are either connected to a modem through a cable or wirelessly
(WiFi). That modem, be it wired or wireless, is connected to a local Internet Service Provider (ISP) who
then connects to a national network. Many such ISPs connect together forming a regional network and
regional networks connect together forming a national network, and such country-wise networks form
the Internet backbone.
The Internet today is a widespread network, and its influence is no longer limited to the technical fields
of computer communications. It is being used by everyone in the society as is evident from the
increasing use of online tools for education, creativity, entertainment, socialisation, and e-commerce.
The World Wide Web (WWW)

The World Wide Web (WWW) or web in short, is an ocean of information, stored in the form of trillions
of interlinked web pages and web resources. The resources on the web can be shared or accessed
through the Internet. Earlier, to access files residing in different computers, one had to login individually
to each computer through the Internet. Besides, files in different computers were sometimes in
different formats, and it was difficult to understand each other’s files and documents. Sir Tim Berners-
Lee — a British computer scientist invented the revolutionary World Wide Web in 1990 by defining
three fundamental technologies that lead to creation of web: • HTML – HyperText Markup Language. It
is a language which is used to design standardised Web Pages so that the Web contents can be read and
understood from any computer. Basic structure of every webpage is designed using HTML. • URI –
Uniform Resource Identifier. It is a unique address or path for each resource located on the web. It is
also known as Uniform Resource Locator (URL). Every page on the web has a unique URL. Examples are:
https://www.mhrd.gov.in,http:// www.ncert.nic.in,http://www.airindia.in, etc. URL is sometimes also
called web address. However, a URL is not only the domain name. It contains other information that
completes a web address, as depicted below:
HTTP – The HyperText Transfer Protocol is a set of rules which is used to retrieve linked web pages
across the web. The more secure and advanced version is HTTPS.
Domain Name System
The Internet is a vast ocean where information is available in the form of millions of websites. Each
website is stored on a server which is connected to the Internet, which means each server has an IP
address. Every device connected to the Internet has an IP address. To access a website, we need to
enter its IP address on our web browser. But it is very difficult to remember the IP addresses of different
websites as they are in terms of numbers or strings. However, it is easier to remember names, and
therefore, each computer server hosting a website or web resource is given a name against its IP
address. These names are called the Domain names or hostnames corresponding to unique IP addresses
assigned to each server. For easy understanding, it can be considered as the phonebook where instead
of remembering each person’s phone number, we assign names to their numbers. For example, IP
addresses and domain names of some websites are as follows :
Website Address IP address

ncert.nic.in 164.100.60.233
wikipedia.org 198.35.26.96
mhrd.gov.in 164.100.163.45
cbse.nic.in 164.100.107.32
DNS Server Instead of remembering IP addresses, we assign a domain name to each IP. But, to access a
web resource, a browser needs to find out the IP address corresponding to the domain name entered.
Conversion of the domain
DNS Server Instead of remembering IP addresses, we assign a domain name to each IP. But, to access a
web resource, a browser needs to find out the IP address corresponding to the domain name entered.
Conversion of the domain name of each web server to its corresponding IP address is called domain
name resolution. It is done through a server called DNS server. Thus, when we enter a URL on a web
browser, the HTTP protocol approaches a computer server called DNS server to obtain the IP address
corresponding to that domain name. After getting the IP address, the HTTP protocol retrieves the
information and loads it in our browser. In Figure an example is shown in which the HTTP requests a
DNS server for corresponding IP address, and the server sends back an IP address.
A DNS server maintains a database of domain names and their corresponding IP addresses. To
understand how the domain name resolution works, we have to understand how and where the DNS
servers are kept. The DNS servers are placed in hierarchical order. At the top level, there are 13 servers
called root servers. Then below the root servers there are other DNS servers at different levels. A DNS
server may contain the IP address corresponding to a domain or it will contain the IP address of other
DNS servers, where this domain entry can be searched.

World Wide Web
The internet is a globally connected network system that transmits data via various
types of media. The internet is a network of global exchanges – including private, public,
business, academic and government networks – connected by guided, wireless and fiber-
optic technologies.
The terms internet and World Wide Web are often used interchangeably, but they are
not exactly the same thing; the internet refers to the global communication system, including
hardware and infrastructure, while the web is one of the services communicated over the
internet. Billions of internet users rely on multiple application and networking technologies,
including:
Internet Protocol (IP): The internet’s primary component and communications backbone.
Because the internet is comprised of hardware and software layers, the IP communication
standard is used to address schemes and identify unique connected devices. Prominent IP
versions used for communications include Internet Protocol version 4 (IPv4) and Internet
Protocol version 6 (IPv6).
Communications: The internet is the most cost-effective communications method in the
world, in which the following services are instantly available:
 Email
 Web-enabled audio/video conferencing services
 Online movies and gaming
 Data transfer/file-sharing
 Instant messaging
 Social networking
 Online shopping
 Financial services
History of Internet
The first workable prototype of the Internet came in the late 1960s with the creation of
ARPANET, or the Advanced Research Projects Agency Network. Originally funded by the U.S.
Department of Defense, ARPANET used packet switching to allow multiple computers to
communicate on a single network. The technology continued to grow in the 1970s after
scientists Robert Kahn and Vinton Cerf developed Transmission Control Protocol and Internet
Protocol, or TCP/IP, a communications model that set standards for how data could be

transmitted between multiple networks. ARPANET adopted TCP/IP on January 1, 1983, and
from there researchers began to assemble the “network of networks” that became the
modern Internet. The online world then took on a more recognizable form in 1990, when
computer scientist Tim Berners-Lee invented the World Wide Web. While it’s often confused
with the Internet itself, the web is actually just the most common means of accessing data
online in the form of websites and hyperlinks. The web helped popularize the Internet among
the public, and served as a crucial step in developing the vast trove of information that most
of us now access on a daily basis.
World Wide Web

The World Wide Web (WWW), commonly known as the Web, is an information system
where documents and other web resources are identified by Uniform Resource Locators
(URLs, such as https://www.example.com/), which may be interlinked by hypertext, and are
accessible over the Internet. The resources of the WWW may be accessed by users by a
software application called a web browser. English scientist Tim Berners-Lee invented the
World Wide Web in 1989. He wrote the first web browser in 1990 while employed at The
European Organization for Nuclear Research (CERN) near Geneva, Switzerland. The browser
was released outside CERN in 1991, first to other research institutions starting in January
1991 and then to the general public in August 1991. The World Wide Web has been central to
the development of the Information Age and is the primary tool billions of people use to
interact on the Internet. Web resources may be any type of downloaded media, but web
pages are hypertext media that have been formatted in Hypertext Markup Language (HTML).
Such formatting allows for embedded hyperlinks that contain URLs and permit users to
navigate to other web resources. In addition to text, web pages may contain images, video,
audio, and software components that are rendered in the user's web browser as
coherent pages of multimedia content. The terms Internet and World Wide Web are
often used without much distinction. However, the two terms do not mean the same thing.
The Internet is a global system of interconnected computer networks. In contrast, the
World Wide Web is a global collection of documents and other resources, linked by
hyperlinks and URIs.
HTML
Hypertext Markup Language (HTML) is the standard markup language for documents
designed to be displayed in a web browser. It can be assisted by technologies such
as Cascading Style Sheets (CSS) and scripting languages such as JavaScript. Web

browsers receive HTML documents from a web server or from local storage and render the
documents into multimedia web pages. HTML describes the structure of a web
page semantically and originally included cues for the appearance of the document. In
1980, physicist Tim Berners-Lee, a contractor at CERN, proposed and prototyped ENQUIRE, a
system for CERN researchers to use and share documents. The first publicly available
description of HTML was a document called "HTML Tags", first mentioned on the Internet by
Tim Berners-Lee in late 1991.
IP address
An Internet Protocol address (IP address) is a numerical label assigned to each device
connected to a computer network that uses the Internet Protocol for communication. [1][2] An
IP address serves two main functions: host or network interface identification and
location addressing. Internet Protocol version 4 (IPv4) defines an IP address as a 32-
bit number.[2] However, because of the growth of the Internet and the depletion of available
IPv4 addresses, a new version of IP (IPv6), using 128 bits for the IP address, was developed in
1995,[3] and standardized in December 1998.[4] In July 2017, a final definition of the protocol
was published. IP addresses are usually written and displayed in human-readable notations,
such as 172.16.254.1 in IPv4, and 2001:db8:0:1234:0:567:8:1 in IPv6.
URL
• Uniform Resource Locator (URL) is a Uniform Resource Identifier (URI) that specifies
where an identified resource is available and the mechanism for retrieving it.
• An example of the use of URLs is the addresses of web pages on the World Wide Web,
such as http://www.example.com/.
• The format is based on Unix file path syntax, where forward slashes are used to
• Conventions already existed where server names could be prepended to complete file
paths, preceded by a double-
• Every URL consists of some of the following:
o The scheme name (commonly called protocol), followed by a colon. The scheme name
defines the namespace, purpose, and the syntax of the remaining part of the URL.
o Domain Name depending upon scheme(alternatively, IP address). The domain name or IP
address gives the destination location for the URL.
o An optional port number; if omitted, the default for the scheme is used

o Path of the resource to be fetched or the program to be run. The path is used to specify and
perhaps find the resource requested. It may be case-sensitive for non-window based servers.
Eg: http://www.mudlle.ac.in/news.html
o A query string for scripts The query string contains data to be passed to software running
on the server. It may contain name/value pairs separated by ampersands, for example ?
first_name=John&last_name=Doe.
o Optional fragment identifier that specifies a part or a position within the overall resource or
document. When used with HTTP, it usually specifies a section or location within the page,
and the browser may scroll to display that part of the page.
• When resources contain references to other resources, they can use relative links to
• Relative URLs are dependent on the original URL containing a hierarchical structure
against which the relative link is based.
• the ftp, http, and file URL schemes are examples of some that can be considered
• A URL is a URI that, "in addition to identifying a resource, provides a means of locating
BROWSERS
• A web browser or Internet browser is a software application for retrieving, presenting,
and traversing information resources on t
• Web browsers can also be used to access information provided by Web servers in
private networks or files in file systems. Some browsers can also be used to save
• Primary function of a browser is to identify the URI and brings the information
• This process begins when user inputs the URI in the browser. Prefix of the URI
describes how to interpret the URI. Most URIs have resource retrieved over Hypertext
Transfer Protocol.
• Once this is done, the HTML script is passed to the browser‘s layout engine. To make
the script interactive java script support is needed. With this, browser can interpret text,
images, video and intera
• All major browsers allow users to access multiple information resources at the same
time in different windows or in tabs. Major browsers include pop up blockers to prevent
windows to open without users consent.

• Most major web browsers
o Back and forward buttons to go back to the previous resource and forward again.
O A history list, showing resources (typically, the list is not visible summoned) previously
visited in a list all the time and has to be A refresh or reload button to reload the current
resource.
oA stop button to cancel loading the resource. In some browsers, the stop button is merged
with the reload button.
oA home button to return to the user's home page
oAn address bar to input the Uniform Resource Identifier (URI) of the desired resource and
display it.
oA search bar to input terms into a search engine
oA status bar to display progress in loading the resource and also the URI of links when the
cursor hovers over them, and page zooming capability.
• The usage share of web browsers is as shown below. (Source: Median values)
• Internet Explorer (43.55%)
• Mozilla Firefox (29.0%; Usage by version number)
•
• Safari (6.18%)
•
• Mobile browser
• Some special web browsers are listed below
INTERNET EXPLORER
• Windows Internet Explorer (formerly Microsoft Internet Explorer, commonly
abbreviated IE or MSIE) is a series of graphical web browsers developed by Microsoft and
included as part of the Microsoft Windows line of operating systems starting in 1995.
• It was first released as part of the add-on package Plus! for Windows 95 that year.
Later versions were available as free downloads, or in service packs. It was part of later
version
• The latest stable release is Internet Explorer 9, which is available as a free update for
• Internet Explorer uses a componentized architecture built on the Component Object
Model (COM) technology. It consists of several major components, each of which is
contained in a separate Dynamic-link library (DLL) and exposes a set of COM programming
interfaces hosted by the Internet Explorer main executable, ‗iexplore.exe‘
• Internet Explorer uses a zone-based security framework that groups sites based on
certain conditions, including whether it is an Internet- or intranet-based site as well as a user-
editable whitelist. Security restrictions are applied per zone; all the sites in a zone are subject
NETSCAPE NAVIGATOR
• Netscape Navigator is a proprietary web browser that was popular in the 1990s. It was
the most popular web browser till 2002, after which competitor browsers have taken over
the market of netscape.
• Netscape Navigator was based on the Mosaic web browser
• Netscape announced in its first press release (October 13, 1994) that it would make
Navigator available without charge to all non-commercial users, and Beta versions of version
1.0 and 1.1 were indeed freely downloadable in November 1994 and March 1995, with the
• The first few releases of the product were made available in "commercial" and
• During development, the Netscape browser was known by the code name Mozilla.
Mozilla is now a generic name for matters related to the open source successor to Netscape
Communicator.
OPERA
• Opera is a web browser and Internet suite developed by Opera Software. The browser
handles common Internet-related tasks such as displaying web sites, sending and receiving e-
mail messages, managing contacts, chatting on IRC, downloading files via BitTorrent, and
• Opera is offered free of charge for personal computers and mobile phones. This is the
most popular mobile phone browser and is

• Features include tabbed browsing, page zooming, mouse gestures, and an integrated
download manager. Its security features include built-in phishing and malware protection,
strong encryption when browsing secure websites, and the ability to easily delete private
data such as HTTP cookies.
• Opera runs on a variety of personal computer operating systems, including Microsoft

Windows, Mac OS X, Linux, and FreeBSD
• Opera includes built-in tabbed browsing, ad blocking, fraud protection, a download

manager and BitTorrent client, a search bar, and a web feed aggregator. Opera also comes
with an e-mail client called Opera Mail and an IRC chat client built in.
• Opera has several security features visible to the end user. One is the option to delete
private data, such as HTTP cookies, the browsing history, and the cache, with the click of a
• Opera Mobile is an edition of Opera designed for smartphones and personal digital
MOZILLA FIREFOX
• Mozilla Firefox is a free and open source web browser descended from the Mozilla
Application Suite and managed by Mozilla Corporation. As of February 2011[update], Firefox
is the second most widely used browser with approximately 30% of worldwide usage share of
web browsers.
• To display web pages, Firefox uses the Gecko layout engine, which implements most
current web standards.
• The latest Firefox features[15] include tabbed browsing, spell checking, incremental
find, live bookmarking, a download manager, private browsing, location-aware
browsing (also known as "geolocation") based exclusively on a Google service.
• Firefox runs on various operating systems including Microsoft Windows, Linux, Mac OS
X, FreeBSD, and many other platforms.
CHROME
• Chrome, the web browser by Google, is rapidly becoming popular due to following
features-
 SPEED: Chrome is designed to be fast in every possible way: It's quick in staring up
from the desktop, loading web pages and running complex web applications.
 SIMPLICITY: Chrome's browser window is streamlined, clean and simple. Chrome also
includes features that are designed for efficiency and ease of use. For example, you
can search and navigate from the same box, and arrange tabs however you wish.
 SECURITY: Chrome is designed to keep you safer and more secure on the web with
built-in malware and phishing protection, autoupdates to make sure the browser is
up-to-date with the latest security updates, and more. Learn more about Chrome's
security features.
• Chrome is the first browser to incorporate machine translation in the browser itself,
without requiring additional plugins or extensions.
SEARCH ENGINE
• A web search engine is designed to search for information on the World Wide Web and
FTP servers. The search results are generally presented in a list of results and are often called
hits. The information may consist of web pages, images, information and other types of files.
Some search engines
•
• The first web robot, the Perl-based World Wide Web Wanderer was built and used by
it to generate an index called 'Wandex'. The purpose of the Wanderer was to measure the
• Around 2000, Google's search engine rose to prominence. The company achieved
better results for many searches with an innovation called PageRank. This iterative algorithm
ranks web pages based on the number and PageRank of other web sites and pages that link
• Web search engines work by storing information about many web pages, which they
retrieve from the html itself. These pages are retrieved by a Web crawler (sometimes also
known as a spider) —
• This information is then analyzed and indexed The contents of each page are then
analyzed to determine how it should be indexed. The purpose of an index is to allow
information to be found as quickly as possible.

OSI Model
In 1979, the International Organization for Standardization (ISO) had developed a model with the aim to
structure and standardise the world of data communication and networks. The ISO is the committee
that has developed the Open Systems Interconnection (OSI) reference model. The ISO’s objective was to
develop a reference model whereby mutual communication between two systems, e.g. two computers,
could take place.
In accordance with the ISO

OSI model (also called the 7-layer model), system A can communicate with system B (2 sys-tems from 2
different suppliers). Between these systems, different networks can be present; public as well as private
networks.
A public network is a network that is accessble by everyone, provided that the conditions that apply to
this network are complied with. A private network is mostly company-specific.
The OSI model consists of seven functional layers. Every layer contains a number of defined functions. A
limited enumeration of the different layers is given below:
PHYSICAL LAYER (layer 1)

This layer ensures the connection with the medium via which the information is sent between two
points in the network: this means that this layer provides the mechanical, electrical or optical entities
that are required to realise, maintain and break off the physical connection.

DATA LINK LAYER (layer 2)
The protocols of layer 2 specify how the frames eventually have to be sent over the network. Layer 2
maintains an error detection- and correction mechanism in order to be sure that transmission errors are
handled and that data are correctly received on the other side.
NETWERK LAYER (layer 3)

The addressing is configured on this level. This means that the network finds a route and avoids
congestion within the network. The network layer ensures the transport of messages from one node to
the other on the sender’s route to the final receiver.
TRANSPORT LAYER(layer 4)
The transport layer is responsible for a reliable transmission of data. The transport layer ensures a
logical connection between both end systems of the network (a logical point to point connection). This
means that a faultless data transport can be realised whereby the data is received in correct order by
the receiver.
SESSION LAYER (layer 5)

The control structure of the dialogue (session) between two applications over the network is provided
for here, as well as the setting up and termination of such a session.
PRESENTATION LAYER (layer 6)

The protocols in layer 6 determine how data is represented: this is necessary as different computer
systems represent numbers and characters in different ways. So, this layer ensures, amongst others, the
conversion of character codes, e.g. from ASCII to EBCDIC.
APPLICATION LAYER (layer 7)

This layer provides service to applications that run for the benefit of network system users. It has been
agreed for the reference model that the message to be sent by the sender will run through these seven
layers. Every layer of the model gives the message a header, starting from layer 7 and then descending
until layer 1, see figure ??. The header shows which data communication functions have to be carried
out.
For the functioning of the communication protocols, every layer exchanges information with the
corresponding layer on the other side of the connection, apart from the application data that the final
users of the connection send to each other. In the OSI model, every layer adds a piece of information
(header) to the user data on the sending side. The corresponding layer on the receiving side removes
this information again. The data link layer not only places additional information in front of the
transmitted data but often also behind it. This trailer contains a check code for the detection of possible
transport errors. Only the physical layer does not add anything.

LAN
A local network (Local Area Network (LAN)) has been developed to ensure communication between
computers, work stations and peripherals in an area of a very limited geographical size.
The connected stations in a LAN are autonomous, meaning that primary and secondary stations do not
exist. Every station can set up, maintain and break off a connection with another station. With regard to
public networks, the four bottom layers of the OSI model require a slightly different approach for a LAN.
The 802 committee of the Institute for Electrical and Electronic Engineers has established a number of
standards for LANs.
Figure shows the filling in of layers 1 and 2 in the OSI model by the IEEE802 standard. Standard
IEEE802.1 can be consulted for general concept on LANs. Currently, the following work groups
are active within the IEEE802 committee:
• IEEE802.1 Bridging (networking) and Network Management

IEEE802.2 Logical Link Control
• IEEE802.3 CSMA/CD (Ethernet)
• IEEE802.5 Token Ring
• IEEE802.11 Wireless LAN & Mesh (Wi-Fi certification)
• IEEE802.15 Wireless PAN
– IEEE802.15.1 (Bluetooth certification)
– IEEE802.15.4 (ZigBee certification)
• IEEE802.16 Broadband Wireless Access (WiMAX certification)
• IEEE802.16e (Mobile) Broadband Wireless Access
• IEEE802.16.1 Local Multipoint Distribution Service
• IEEE802.17 Resilient packet ring
• IEEE802.18 Radio Regulatory TAG
• IEEE802.19 Coexistence TAG
• IEEE802.20 Mobile Broadband Wireless Access
• IEEE802.21 Media Independent Handoff
• IEEE802.22 Wireless Regional Area Network

Ethernet
Introduction
Ethernet is the basis of LAN networks. The current LAN market is characterised by an, up to
now, unknown degree of standardisation on Ethernet. Due to its huge market share, Ethernet,
despite some disadvantages, scores over all alternative technologies.
A short historical overview:

• 1980: Digital Equipment Corporation, Intel and Xerox released the first Ethernet specification,
version 1.0, under the name Ethernet Blue Book or DIX standard. It defines Thick Ethernet in
case of 10Mbps CSMA/CD. The first Ethernet controllers, based on the DIX standard, were
available starting from 1982. The second and final version of the DIX standard, version 2.0, was
released in November 1982: Ethernet II.
• 1983: The Institute of Electrical and Electronic Engineers (IEEE) launches the first IEEE
standard for Ethernet technology. It was developed by the 802.3 group of the IEEE802
committee and this under the name IEEE802.3 Carrier Sense Multiple Access with Collision
Detection Access Method and Physical Layer Specifications. IEEE reworked some parts of the
DIX standard, especially with regard to the definition of the frame determination.
• 1985: IEEE802.3a; definition of thin Ethernet, cheapernet or 10Base2
• 1987: IEEE802.3d; Fiber Optic Inter Repeater Link (FOIRL). Use of two fibre optic cables to
extend the distance between 10 Mbps repeaters up to 1000m.
• 1987: IEEE802.3e; 1Mbps over twisted pair
• 1990: IEEE802.3i; release of the popular 10Base-T; 10Mbps over UTP category 3
• 1993: IEEE802.3j; 10Base-F: distances greater than 2 km over fibre optic
• 1995: IEEE802.3u; 100Base-T and 100Base-F
• 1997: IEEE802.3x: full-duplex Ethernet
• 1997: IEEE802.3y; 100Base-T2
• n1e9t98: IEEE802.3z; 1000Base-X standard; generally known by the name Gigabit Multimedia
Services E-Governance/Commerce/Education/Medicine
1999: IEEE802.3ab; Gigabit Ethernet over twisted pair
• 1999: IEEE802.3ac; 802.1Q: definition of the Q tag with VLAN and priority information.
• 2003: IEEE802.3af; Power over Ethernet
• 2006: IEEE802.3an; 10GBase-T
• 2006: IEEE802.3aq; 10GBase-LRM, Ethernet over multimode fiber Ethernet is only a
specification of layers 1 and 2 in the OSI model. It is not a complete network protocol but a
subnet on which other protocols such as the TCP/IP suite can work.
The most important functions of ETHERNET are:
• Filling in of the physical layer
– sending and receiving the serial bit streams over the medium.
– detecting collisions.
• Filling in of the data link layer
– MAC sublayer:
∗ access mechanism to the network (CSMA/CD).
∗ building of the data frames.
– LLC sublayer:
∗ data reliability.
∗ supply data channels for higher-level applications.
The physical implementations
The most important implementations over the years are:
• Thick Ethernet (10Base5)
• Thick Ethernet (10Base2)
• Broadband Ethernet (10Broad36)
• Ethernet over twisted pair (10Base-T)
• Ethernet over Fiber (10Base-F)
• Fast Ethernet (100Base-T / 100Base-F)
• Gigabit Ethernet (1000Base-T)
• Wireless Ethernet
Implementations based on coax

The original Ethernet was designed around the concept of a bus topology. The first
implementations of Ethernet were based on a thick yellow coax cable - thick Ethernet - also
named 10Base5.
Features of the original Ethernet:
• 10Mbps
• Baseband (basic band transmission)
• max. 5 x 100 = 500 meter
• max. 100 transceivers per segment
Thick Ethernet coax cables have a marking every 2.5 metres in order to ensure correct
positioning of the 10Base5 transceivers (or MAUs). These transceivers are used to connect
stations to the network. The transceivers can be positioned every 2.5 metres, this avoids
reflections of the signals, resulting in a poor transmission quality.

This type of implementation has been superseded. The thick, rigid yellow coax was rapidly
replaced by the black, more flexible coax which resulted in the implementation of thin Ethernet
(10Base2). The connection of the different stations is realized by T-shaped BNC connectors
whereby a maximum segment length of about 200 metres can be applied.
Important cabling detail that is required for most bus technologies: the terminating resistance
(terminator) - a small, cheap device that has to be mounted on all endings of the coax cables
that form an Ethernet. A terminating resistance consists of a resistance that connects the
central core of the cable with the shielding: when an electrical signal reaches the terminating
resistance, this is discarded. For the correct functioning of a network, the terminating
resistance is indispensable as the end of the non-terminated cable reflects electrical signals just
as a mirror reflects light. When a station tries to send a signal over a non-terminated cable,
then this signal will be reflected by the cable end. When the reflection reaches the sending
station, interference will occur.
Implementations based on twisted pair

The major problem with coax is that only half duplex communication can be applied. The
applied bus structure is also not ideal if certain problems occur. In order to break through the
bus topology, Ethernet has switched to a topology where twisted pair can also be used: all
stations are connected with one or more central hubs. This way, a star topology can be worked
out. The network can easily be extended and checked in this way and it facilitates error
detection. The maximum segment length between a participant and a hub is 100 metres.
The variants on the basis of twisted pair have evolved from 10Base-T (10Mbps) to 100Base-T
(100Mbps) to 1000Base-T (1000Mbps).
The MAU, developed for twisted pair, is equipped with 4 data pins: 2 for sending, 2 for
receiving. This is the basis for full duplex Ethernet.
In principle, any point to point communication is possible. Therefore, every host has to be
connected directly with a structure element: a hub or a switch.

Fast Ethernet
The UTP cable, e.g. CAT5 (Class 5) UTP (Unshielded Twisted Pair), supports speeds up to
100Mbps. The cable consists of 8 wires, arranged in 4 pairs. The 4 pairs can be identified as 1 is
always completely coloured and the other one has the same colour with white parts in
between. Only 2 of the 4 pairs are used in 10/100Base-T (pair 2: orange/white and orange and
pair 3: green/white and green).
The IEEE specification for Ethernet 10/100Base-T requires that the one used pair is connected
to pin 1 and pin 2 of the connector while the second pair is connected to pin 3 and pin 6. The
other two unused pairs will be connected to pin 4 and 5 and on pin 7 and 8.
Above Table shows the pin configuration for 10/100Base-T. TD stands for Transmitted Data, RD
stands for Received Data. The plus- and the minus signs indicate that the signal is sent mirrored
via two data lines, also see figure
The straight-through cable, also called patch cable, is the cable that we get when we connect
both sides of the cable pair 2 with pin 1 and pin 2, while pair 3 is connected with pin 3 and pin
6. This cable can be used for connections between the patch panel and the hub/switch, the PC

and the hub/switch or the PC and the wall. This cable is generally used for the connection of a
structure element and an end element.
A cross-over cable is required to set up the PC-PC connections (connection of two end
elements) and to secure connections between hub/switch and another hub/switch (connection
between two structure elements). In order to make a cross-over cable, we have to switch the
used pairs. Along one side, pair 2 has to be connected with pin 3 and pin 6 while pair 3 has to
be connected with pin 1 and pin 2.
Current Ethernet ports support auto crossing. This means that it can be detected automatically
which cable is used and the crossing will be corrected internally if necessary. The IEEE Fast
Ethernet has defined 100Base-T as extension on the 10Base-T. Fast Ethernet is characterized
by:
• Data transmission at a speed of 100Mbps
• Full Duplex communication
• Wireless Ethernet
In Fast Ethernet, a mechanism is provided for auto negotiation: this makes it possible to built
Ethernet interfaces that switch automatically between 10Mbps and 100Mbps. For the 10Base-T
standard, every data bit is coded in one physical bit. In other words, for a group of eight data
bits, eight signals are generated in the cable. The 10Mbps data rate means a clock rate of
10MHz. For every clock pulse, one single bit is sent.
100Base-T uses the so-called 4B/5B scheme whereby each group of four bits is coded in a 5 bit
signal. So, one single bit is not exactly converted into one single signal in the cable.
The applied clock rate is 125MHz (5/4 x 100). Cat5 cables are certified for a transmission speed
up to 125 MHz.
Gigabit Ethernet
Gigabit Ethernet targets a data rate of 1000Mbps. If the CAT5 Ethernet cables have to be used
for this, for example, then this causes a problem as they only support a clock rate up to
125MHz. In order to realise this, the technology has to be adapted.
First, 1000Base-T codes two bits per clock signal (00, 01, 10 and 11) and uses four voltage levels
for this. Furthermore, 1000Base-T uses all four data pairs of an Ethernet cable. The four data

pairs are applied here bi-directionally. Data are sent or received via all four data pairs. Gigabit
Ethernet therefore still uses the 100Base-T/Cat5 clock rate of 125MHz. A data rate of
1000Mbps is reached as 2 bits are being processed for every clock pulse and this is done via
four data pairs. This modulation technology is called 4D-PAM5 and currently uses five different
voltage levels. The fifth voltage level is used for the error mechanism. Table shows the Gigabit
Ethernet pin configuration. BI stands for bi-directional while DA, DB, DC and DD stands for data
A, data B, data C and data D.
Implementations based on fibre

In order to make longer segment distances possible, the glass fibre cable was integrated as a
suitable interface. The first fibre glass variants are known by the name 10Base-F and 100Base-F.
Separate fibres are used all the time for the sending and receiving of data.
Gigabit Ethernet over fibre has been developed for the full-duplex mode with a data rate of
1000Mbps. There are two different variants for Gigabit Ethernet. 1000Base-SX and 1000Base-
LX.
1000Base-SX uses light pulses with short wavelength over multimode fibre. 1000Base-LX uses
light pulses with long wavelength over multimode or single-mode fibre. Recently, 10Gigabit
Ethernet over fibre with different variants also has been added.
Wireless LAN
IEEE802.11
The IEEE defines different standards for wireless LAN in their IEEE802.11 description. The radio
connections for a Wireless LAN take place in the 2.4 GHz frequency band, the so-called ISM
band (Industrial, Scientific and Medical) or in the 5 GHz band. No licences are required for this.
A Wireless LAN uses the so-called spread spectrum technology. This technology is specifically
meant for fault-prone transmission channels. This is important as these frequency bands
(especially the 2.4 Ghz) are also used by many other devices, e.g. Bluetooth.
A wireless network is in general much less fast than a fixed wired network. A major advantage
is the flexibility.

With regard to physical implementation, the IEEE802.11 provides the infrastructure
configuration or the Ad Hoc configuration.
Infrastructure configuration is the configuration whereby a wireless access point is used to

connect a wireless LAN with a cabled LAN. The wireless access point functions as central point
for the routing of the all wireless data traffic. Wireless-enabled computers that are included in
an infrastructure mode form a group that is called a Basic Service Set (BSS). At a certain
moment, a maximum of 64 individual computers can be included in a BSS. This is because the
capacity of the wireless access point is limited to 64 clients. The complete wireless network has
a unique SSID (Service Set Identifier) and is also has a network name.
This name only applies to the wireless network.

Ad hoc or peer-to-peer relates to a wireless configuration in which every participant
communicates directly with the other. An actual organisation of the network is therefore not
possible here. An ad hoc wireless LAN consists of a group of apparatuses each equipped with a
wireless adaptor that is directly connected to each other and form an independent wireless LAN
in this way.
WLAN standards

Different standards are defined within the IEEE802.11. These standards use different
modulation technologies in order to obtain improved transmission speeds. Table displays an
overview of the different standards.
IEEE802.11b/g
IEEE802.11b/g uses the 72 MHz band part of the 2.4 GHz band. 11 channels of 22MHz band are
defined here, in accordance with the FCC rules. Theoretically this would mean that the
bandwidth for these 11 channels is 242 Mbps (11x22 Mbps). In reality, this has to be reviewed
as these channels overlap for a large part. Figure 2.5 shows that there are only three non-
overlapping channels: channel 1, channel 6 and channel 11.
The ETSI defines a slightly wider frequency band for Europe, including 13 channels of 22 MHz
band. This means, in principle, that we can use 4 barely overlapping channels in Europe. These
are channel 1,5,9 and 13.
The IEEE802.11b supports a maximum speed up to 11 Mbps. The IEEE802.11g supports a
maximum speed up to 54 Mbps. The speed is decreased dynamically in case of a bad
connection or great distance to the access point.
IEEE802.11a/h
IEEE802.11a uses the complete 5GHz band. With the application of OFDM (Orthogonal
Frequency Division Multiplexing), the maximum (theoretical) speeds of up to 54Mbps are
reached with IEEE802.11a. Figure 2.6 shows the different channels within the 5GHz band.
Within Europe, this means that 8 non-overlapping channels of 20MHz wide can be used over
the two lowest bands of the 5GHZ UNII band.

As opposed to the USA, the use of the 5GHz band in Europe has quite a few restrictions.
Therefore, the IEEE802.11a is converted into the IEEE802.11h. Two important protocols were
added in order to eventually comply with the European regulations:
• DCS (Dynamic Channel Selection):the AP will automatically look for another channel if it
appears that the channel is used by another application.
• TPC (Transmit Power Control): just the required capacity is transmitted, if two participants are
in close vicinity, then the AP will adapt the capacity to the required level.
IEEE802.11n
This recent standard uses MIMO (multiple input - multiple output), a technique to transmit data
wirelessly by means of several reception- and send antennas whereby a transmission speed of
maximum 600Mbps is obtained if 4 channels of 40MHz each are used.
Bluetooth
The basic technology (two bottom layers of the OSI model) is standardised in the IEEE802.15.1.
Moreover, the Bluetooth SIG (Special Interest Group) defines different application profiles, e.g.
serial communication and transmission of Ethernet data frames.
Bluetooth uses the 2.4 GHz licence-free ISM band. As opposed to WLAN, the data to be sent are
not spread out over a wider frequency band but FHSS (Frequency Hopping Spread Spectrum) is
applied. The 2.4 GHz band is divided over 79 channels of 1 MHz. Figure shows the functioning of
FHSS. 1600 hops per second can be carried out. Each time, every data frame is sent on another
frequency. This means that different logic channels can be active in parallel.

A great advantage of the use of Bluetooth in the industry is the perfect co-existence with
WLAN. If there is interference on a Bluetooth frequency as a WLAN channel is active on the
same frequency, then Bluetooth can avoid this/these frequency (ies). As this is a frequently
occurring issue, Bluetooth has integrated an automated co-existence mechanism: Adaptive
Frequency Hopping (AFH).
This mechanism enables Bluetooth to suspend certain ’bad’ frequencies temporarily from the
hopping list. Figure 2.8 shows how there is enough space in case of a full 2.4GHz band where
three separate WLAN channels are active. The WLAN channel uses a statistic frequency band.
Bluetooth can adapt and choose from adequate number of frequencies to avoid interference.

Structure elements for Ethernet
The hub
The maximum segment length of a LAN is determined by the used medium and the applied
access mechanism. In order to cancel the length restriction, methods are rapidly searched to
link several segments one after another. The first and most simple method is to use a repeater.
A repeater is a signal amplifier that transmits packets transparently, independent of the
package content. A repeater is used to connect two or more Ethernet segments together.
As can be seen on the slight , a repeater link takes place on the physical layer, in accordance
with the ISO-OSI definitions.
Both segments can have a different medium. A 10Base-T based segment, for example, can be
connected to a fibre glass segment by means of a repeater. Another important feature of a link
on the basis of a repeater is that not only the data bits are transmitted but also any collisions
and signal errors. Network segments that are connected mutually via a repeater are therefore
prone to fault situations; a problem on one segment multiplies over all other segments. In
modern local networks, based on Ethernet, repeaters are mainly used to connect segments of
different media with each other. The backbone segments from fibre Both segments can have a
different medium. A 10Base-T based segment, for example, can be connected to a fibre glass
segment by means of a repeater. Another important feature of a link on the basis of a repeater
is that not only the data bits are transmitted but also any collisions and signal errors. Network
segments that are connected mutually via a repeater are therefore prone to fault situations; a
problem on one segment multiplies over all other segments. In modern local networks, based
on Ethernet, repeaters are mainly used to connect segments of different media with each
other. The backbone segments from fibre A hub is actually a multiport repeater: it regenerates
incoming signals to all other ports as can be seen from figure. All segments that are connected
with each other via a hub are a collision domain.
A hub is actually a multiport repeater: it regenerates incoming signals to all other ports as can
be seen from figure 2.16. All segments that are connected with each other via a hub are a
collision domain.
A hub is available in several different versions. These versions differ in the number of ports, the
media types that are supported and the extensibility.

An important functionality of the modern hub is the option for network management. It is at
least possible to switch off the ports and to detect whether failures have taken place. In order
to make available this option, a modern hub is equipped with an SNMP agent that is controlled
from a management station.
The switch
One of the options to interlink LAN segments with more intelligence is to use a bridge. A bridge
is more than just a medium that transmits data like a repeater. Before a package is transmitted
from one segment to the other segment via a bridge, a bridge checks the MAC address and on
this basis the transport to the other segment takes place or not.
A bridge can be equipped with more than two network ports. In that case, the term switch is
used. A MAC address table is updated from a software point of view for every port. This table is
filled by listening on the relevant segment of the network and by copying all MAC addresses
that occur on that segment to the table. Every address is retained for a limited time and is
deleted again as soon as a certain time (the hold time) has lapsed. This technique avoids that
inactive stations are addressed or that stations are not recognised anymore.

Linking the segments of a local network via a switch has a number of advantages over the link
with a repeater or a hub. When using a switch, a segment is not loaded with the frames of the
other segment that do not belong there from an addressing point of view. The load per
segment is reduced by this bridge function. At the same time, fault situations are not
transmitted as the switch also checks the correct building of the frame. Finally, the bridge also
avoids that collisions between frames are transmitted from one segment to the other. Every
port of a switch closes a collision domain. If every participant connects directly to the port of a
switch, then many collision domains occur but each domain only contains one participant and
no collisions can occur. The switch is elaborated upon in another part of the document.

Multimedia
Introduction
Multimedia has become an inevitable part of any presentation. It has found a variety of
applications right from entertainment to education. The evolution of internet has also
increased the demand for multimedia content.
Definition
Multimedia is the media that uses multiple forms of information content and information
processing (e.g. text, audio, graphics, animation, video, interactivity) to inform or entertain the
user. Multimedia also refers to the use of electronic media to store and experience multimedia
content. Multimedia is similar to traditional mixed media in fine art, but with a broader scope.
The term "rich media" is synonymous for interactive multimedia.
Elements of Multimedia System

Multimedia means that computer information can be represented through audio, graphics,
image, video and animation in addition to traditional media(text and graphics). Hypermedia can
be considered as one type of particular multimedia application.
Categories of Multimedia
Multimedia may be broadly divided into linear and non-linear categories. Linear active content
progresses without any navigation control for the viewer such as a cinema presentation. Non-
linear content offers user interactivity to control progress as used with a computer game or
used in self-paced computer based training. Non-linear content is also known as hypermedia
content.
Multimedia presentations can be live or recorded. A recorded presentation may allow

interactivity via a navigation system. A live multimedia presentation may allow interactivity via
interaction with the presenter or performer.
Features of Multimedia
Multimedia presentations may be viewed in person on stage, projected, transmitted, or played
locally with a media player. A broadcast may be a live or recorded multimedia presentation.
Broadcasts and recordings can be either analog or digital electronic media technology. Digital

online multimedia may be downloaded or streamed. Streaming multimedia may be live or on-
demand.
Multimedia games and simulations may be used in a physical environment with special effects,
with multiple users in an online network, or locally with an offline computer, game system, or
simulator.
Enhanced levels of interactivity are made possible by combining multiple forms of media
content But depending on what multimedia content you have it may vary Online multimedia is
increasingly becoming object-oriented and data-driven, enabling applications with collaborative
end-user innovation and personalization on multiple forms of content over time. Examples of
these range from multiple forms of content on web sites like photo galleries with both images
(pictures) and title (text) user-updated, to simulations whose co-efficient, events, illustrations,
animations or videos are modifiable, allowing the multimedia "experience" to be altered
without reprogramming.
Applications of Multimedia
Multimedia finds its application in various areas including, but not limited to, advertisements,
art, education, entertainment, engineering, medicine, mathematics, business, scientific
research and spatial, temporal applications.
A few application areas of multimedia are listed below:
Creative industries
Creative industries use multimedia for a variety of purposes ranging from fine arts, to
entertainment, to commercial art, to journalism, to media and software services provided for
any of the industries listed below. An individual multimedia designer may cover the spectrum
throughout their career. Request for their skills range from technical, to analytical and to
creative.
Commercial
Much of the electronic old and new media utilized by commercial artists is multimedia. Exciting
presentations are used to grab and keep attention in advertising. Industrial, business to
business, and interoffice communications are often developed by creative services firms for
advanced multimedia presentations beyond simple slide shows to sell ideas or liven-up training.
Commercial multimedia developers may be hired to design for governmental services and
nonprofit services applications as well.

Entertainment and Fine Arts
In addition, multimedia is heavily used in the entertainment industry, especially to develop
special effects in movies and animations. Multimedia games are a popular pastime and are
software programs available either as CD-ROMs or online. Some video games also use
multimedia features.
Multimedia applications that allow users to actively participate instead of just sitting by as
passive recipients of information are called Interactive Multimedia.
Education
In Education, multimedia is used to produce computer-based training courses (popularly called
CBTs) and reference books like encyclopaedia and almanacs. A CBT lets the user go through a
series of presentations, text about a particular topic, and associated illustrations in various
information formats. Edutainment is an informal term used to describe combining education
with entertainment, especially multimedia entertainment.
Engineering
Software engineers may use multimedia in Computer Simulations for anything from
entertainment to training such as military or industrial training. Multimedia for software
interfaces are often done as collaboration between creative professionals and software
engineers.
Industry
In the Industrial sector, multimedia is used as a way to help present information to
shareholders, superiors and coworkers. Multimedia is also helpful for providing employee
training, advertising and selling products all over the world via virtually unlimited web-based
technologies.
Mathematical and Scientific Research

In Mathematical and Scientific Research, multimedia is mainly used for modeling and
simulation. For example, a scientist can look at a molecular model of a particular substance and
manipulate it to arrive at a new substance. Representative research can be found in journals
such as the Journal of Multimedia.

Medicine
In Medicine, doctors can get trained by looking at a virtual surgery or they can simulate how the
human body is affected by diseases spread by viruses and bacteria and then develop techniques
to prevent it.
Multimedia in Public Places

In hotels, railway stations, shopping malls, museums, and grocery stores, multimedia will
become available at stand-alone terminals or kiosks to provide information and help. Such
installation reduce demand on traditional information booths and personnel, add value, and
they can work around the clock, even in the middle of the night, when live help is off duty.
A menu screen from a supermarket kiosk that provide services ranging from meal planning to
coupons. Hotel kiosk list nearby restaurant, maps of the city, airline schedules, and provide
guest services such as automated checkout. Printers are often attached so users can walk away
with a printed copy of the information. Museum kiosk are not only used to guide patrons
through the exhibits, but when installed at each exhibit, provide great added depth, allowing
visitors to browser though richly detailed information specific to that display.
Convergence of Multimedia (Virtual Reality)

At the convergence of technology and creative invention in multimedia is virtual reality, or VR.
Goggles, helmets, special gloves, and bizarre human interfaces attempt to place you “inside” a
lifelike experience. Take a step forward, and the view gets closer, turn your head, and the view
rotates. Reach out and grab an object; your hand moves in front of you. Maybe the object
explodes in a 90-decibel crescendo as you wrap your fingers around it. Or it slips out from your
grip, falls to the floor, and hurriedly escapes through a mouse hole at the bottom of the wall.
VR requires terrific computing horsepower to be realistic. In VR, your cyberspace is made up of

many thousands of geometric objects plotted in three-dimensional space: the more objects and
the more points that describe the objects, the higher resolution and the more realistic your
view. As the user moves about, each motion or action requires the computer to recalculate the
position, angle size, and shape of all the objects that make up your view, and many thousands
of computations must occur as fast as 30 times per second to seem smooth.
On the World Wide Web, standards for transmitting virtual reality worlds or “scenes” in VRML
(Virtual Reality Modeling Language) documents (with the file name extension .wrl) have been
developed.

Using high-speed dedicated computers, multi-million-dollar flight simulators built by singer,
RediFusion, and others have led the way in commercial application of VR.Pilots of F-16s, Boeing
777s, and Rockwell space shuttles have made many dry runs before doing the real thing. At the
California Maritime academy and other merchant marine officer training schools, computer-
controlled simulators teach the intricate loading and unloading of oil tankers and container
ships.
Specialized public game arcades have been built recently to offer VR combat and flying
experiences for a price. From virtual World Entertainment in walnut Greek, California, and
Chicago, for example, BattleTech is a ten-minute interactive video encounter with hostile
robots. You compete against others, perhaps your friends, who share coaches in the same
containment Bay. The computer keeps score in a fast and sweaty firefight. Similar “attractions”
will bring VR to the public, particularly a youthful public, with increasing presence during the
1990s.
The technology and methods for working with three-dimensional images and for animating
them are discussed. VR is an extension of multimedia-it uses the basic multimedia elements of
imagery, sound, and animation. Because it requires instrumented feedback from a wired-up
person, VR is perhaps interactive multimedia at its fullest extension.
Stages of Multimedia Application Development
A Multimedia application is developed in stages as all other software are being developed. In
multimedia application development a few stages have to complete before other stages being,
and some stages may be skipped or combined with other stages.
Following are the four basic stages of multimedia project development :
Planning and Costing : This stage of multimedia application is the first stage which begins with
an idea or need. This idea can be further refined by outlining its messages and objectives.
Before starting to develop the multimedia project, it is necessary to plan what writing skills,
graphic art, music, video and other multimedia expertise will be required.
It is also necessary to estimate the time needed to prepare all elements of multimedia and
prepare a
budget accordingly. After preparing a budget, a prototype or proof of concept can be
developed.

Designing and Producing : The next stage is to execute each of the planned tasks and create a
finished product.
Testing : Testing a project ensure the product to be free from bugs. Apart from bug elimination
another aspect of testing is to ensure that the multimedia application meets the objectives of
the project. It is also necessary to test whether the multimedia project works properly on the
intended deliver platforms and they meet the needs of the clients.
Delivering : The final stage of the multimedia application development is to pack the project
and deliver the completed project to the end user. This stage has several steps such as
implementation, maintenance, shipping and marketing the product.
Let us sum up
In this lesson we have discussed the following points
i) Multimedia is a woven combination of text, audio, video, images and animation.
ii) Multimedia systems finds a wide variety of applications in different areas such as
education, entertainment etc.
iii) The categories of multimedia are linear and non-linear.
iv) The stages for multimedia application development are Planning and costing, designing
and producing, testing and delivery.
Text
All multimedia content consists of texts in some form. Even a menu text is accompanied by a
single action such as mouse click, keystroke or finger pressed in the monitor (in case of a touch
screen). The text in the multimedia is used to communicate information to the user. Proper use
of text and words in multimedia presentation will help the content developer to communicate
the idea and message to the user.
Multimedia Building Blocks
Any multimedia application consists any or all of the following components:

1. Text : Text and symbols are very important for communication in any medium.
With the recent explosion of the Internet and World Wide Web, text has become

more the important than ever. Web is HTML (Hyper text Markup language) originally designed
to display simple text documents on computer screens, with occasional graphic images thrown
in as illustrations.
2. Audio: Sound is perhaps the most element of multimedia. It can provide the
listening pleasure of music, the startling accent of special effects or the ambience of a mood-
setting background.
3. Images: Images whether represented analog or digital plays a vital role in a
multimedia. It is expressed in the form of still picture, painting or a photograph taken through a
digital camera.
4. Animation: Animation is the rapid display of a sequence of images of 2-D artwork or
model positions in order to create an illusion of movement. It is an optical illusion of motion
due to the phenomenon of persistence of vision, and can be created and demonstrated in a
number of ways.
5. Video: Digital video has supplanted analog video as the method of choice for
making video for multimedia use. Video in multimedia are used to portray real time moving
pictures in a multimedia project.
Text in Multimedia
Words and symbols in any form, spoken or written, are the most common system of
communication. They deliver the most widely understood meaning to the greatest number of
people.Most academic related text such as journals, e-magazines are available in the Web
Browser readable form.
About Fonts and Faces

A typeface is family of graphic characters that usually includes many type sizes and styles. A
font is a collection of characters of a single size and style belonging to a particular typeface
family. Typical font styles are bold face and italic. Other style attributes such as underlining and
outlining of characters, may be added at the users choice.
The size of a text is usually measured in points. One point is approximately 1/72 of an inch
i.e. 0.0138. The size of a font does not exactly describe the height or width of its characters.
This is because the x-height (the height of lower case character x) of two fonts may differ.
Typefaces of fonts can be described in many ways, but the most common characterization of a
typeface is serif and sans serif. The serif is the little decoration at the end of a letter stroke.

Times, Times New Roman, Bookman are some fonts which comes under serif category. Arial,
Optima, Verdana are some examples of sans serif font. Serif fonts are generally used for body
of the text for better readability and sans serif fonts are generally used for headings. The
following fonts shows a few categories of serif and sans serif fonts.
F F
(Serif Font) (Sans serif font)
Selecting Text fonts

It is a very difficult process to choose the fonts to be used in a multimedia presentation.
Following are a few guidelines which help to choose a font in a multimedia presentation.
As many number of type faces can be used in a single presentation, this concept of using many
fonts in a single page is called ransom-note topography.
For small type, it is advisable to use the most legible font.
In large size headlines, the kerning (spacing between the letters) can be adjusted In text blocks,
the leading for the most pleasing line can be adjusted.
Drop caps and initial caps can be used to accent the words.
The different effects and colors of a font can be chosen in order to make the text look in a
distinct manner.
Anti-aliased can be used to make a text look gentle and blended.
For special attention to the text the words can be wrapped onto a sphere or bent like a wave.
Meaningful words and phrases can be used for links and menu items. In case of text links
(anchors) on web pages the messages can be accented.
The most important text in a web page such as menu can be put in the top 320 pixels.
Computers and text:
Fonts :
Postscript fonts are a method of describing an image in terms of mathematical constructs
(Bezier curves), so it is used not only to describe the individual characters of a font but also to
describe illustrations and whole pages of text. Since postscript makes use of mathematical
formula, it can be easily scaled bigger or smaller.

Apple and Microsoft announced a joint effort to develop a better and faster quadratic curves
outline font methodology, called truetype In addition to printing smooth characters on printers,
TrueType would draw characters to a low resolution (72 dpi or 96 dpi) monitor.
Character set and alphabets:

ASCII Character set
The American standard code for information interchange (SCII) is the 7 bit character coding
system most commonly used by computer systems in the United states and abroad. ASCII
assigns a number of value to 128 characters, including both lower and uppercase letters,
punctuation marks, Arabic numbers and math symbols. 32 control characters are also included.
These control characters are used for device control messages, such as carriage return, line
feed, tab and form feed.
The Extended Character set
A byte which consists of 8 bits, is the most commonly used building block for computer
processing. ASCII uses only 7 bits to code are 128 characters; the 8th bit of the byte is unused.
This extra bit allows another 128 characters to be encoded before the byte is used up,
and computer systems today use these extra 128 values for an extended character set. The
extended character set is commonly filled with ANSI (American National Standards Institute)
standard characters, including frequently used symbols.
Unicode
Unicode makes use of 16-bit architecture for multilingual text and character encoding.
Unicode uses about 65,000 characters from all known languages and alphabets in the world.
Several languages share a set of symbols that have a historically related derivation, the shared
symbols of each language are unified into collections of symbols (Called scripts). A single script
can work for tens or even hundreds of languages. Microsoft, Apple, Sun, Netscape, IBM, Xerox
and Novell are participating in the development of this standard and Microsoft and Apple have
incorporated Unicode into their operating system.
Font Editing and Design tools

There are several software that can be used to create customized font. These tools help an
multimedia developer to communicate his idea or the graphic feeling. Using these software
different typefaces can be created.
In some multimedia projects it may be required to create special characters. Using the font
editing tools it is possible to create a special symbols and use it in the entire text.

Following is the list of software that can be used for editing and creating fonts:
Fontographer Fontmonger Cool 3D text
Special font editing tools can be used to make your own type so you can communicate an idea
or graphic feeling exactly. With these tools professional typographers create distinct text and
display faces.
1. Fontographer:
It is macromedia product, it is a specialized graphics editor for both Macintosh and Windows
platforms. You can use it to create postscript, truetype and bitmapped fonts for Macintosh and
Windows.
2. Making Pretty Text:

To make your text look pretty you need a toolbox full of fonts and special graphics applications
that can stretch, shade, color and anti-alias your words into real artwork. Pretty text can be
found in bitmapped drawings where characters have been tweaked, manipulated and blended
into a graphic image.
3. Hypermedia and Hypertext:

Multimedia is the combination of text, graphic, and audio elements into a single collection or
presentation
– becomes interactive multimedia when you give the user some control over what information
is viewed and when it is viewed.
When a hypermedia project includes large amounts of text or symbolic content, this content
can be indexed and its element then linked together to afford rapid electronic retrieval of the
associated information.
When text is stored in a computer instead of on printed pages the computer’s powerful
processing capabilities can be applied to make the text more accessible and meaningful. This
text can be called as hypertext.
4. Hypermedia Structures:

Two Buzzwords used often in hypertext are link and node. Links are connections between the
conceptual elements, that is, the nodes that ma consists of text, graphics, sounds or related
information in the knowledge base.
5. Searching for words:

Following are typical methods for a word searching in hypermedia systems: Categories,
Word Relationships, Adjacency, Alternates, Association, Negation, Truncation, Intermediate
words, Frequency.
Let us sum up.

In this lesson we have learnt the following
i) The multimedia building blocks such as text, audio, video, images, animation
ii) The importance of text in multimedia
iii) The difference between fonts and typefaces
iv) Character sets used in computers and their significance
v) The font editing software which can be used for creating new fonts and the features of
such software.
Audio
Sound is perhaps the most important element of multimedia. It is meaningful “speech” in any
language, from a whisper to a scream. It can provide the listening pleasure of music, the
startling accent of special effects or the ambience of a mood- setting background. Sound is the
terminology used in the analog form, and the digitized form of sound is called as audio.
Power of Sound
When something vibrates in the air is moving back and forth it creates wave of pressure. These
waves spread like ripples from pebble tossed into a still pool and when it reaches the eardrums,
the change of pressure or vibration is experienced as sound.
Acoustics is the branch of physics that studies sound. Sound pressure levels are measured in
decibels (db); a decibel measurement is actually the ratio between a chosen reference point on
a logarithmic scale and the level that is actually experienced.
Multimedia Sound Systems

The multimedia application user can use sound right off the bat on both the Macintosh and on
a multimedia PC running Windows because beeps and warning sounds are available as soon as
the operating system is installed. On the Macintosh you can choose one of the several sounds
for the system alert. In Windows system sounds are WAV files and they reside in the
windows\Media subdirectory.
There are still more choices of audio if Microsoft Office is installed. Windows makes use of WAV
files as the default file format for audio and Macintosh systems use SND as default file format
for audio.
Digital Audio
Digital audio is created when a sound wave is converted into numbers – a process referred to as
digitizing. It is possible to digitize sound from a microphone, a synthesizer, existing tape
recordings, live radio and television broadcasts, and popular CDs. You can digitize sounds from
a natural source or prerecorded.
Digitized sound is sampled sound. Ever nth fraction of a second, a sample of sound is taken and
stored as digital information in bits and bytes. The quality of this digital recording depends
upon how often the samples are taken.
Preparing Digital Audio Files

Preparing digital audio files is fairly straight forward. If you have analog source materials –
music or sound effects that you have recorded on analog media such as cassette tapes.
The first step is to digitize the analog material and recording it onto a computer readable digital
media. It is necessary to focus on two crucial aspects of preparing digital audio files:
o Balancing the need for sound quality against your available RAM and Hard disk
resources.
o Setting proper recording levels to get a good, clean recording.
Remember that the sampling rate determines the frequency at which samples will be drawn
for the recording. Sampling at higher rates more accurately captures the high frequency
content of your sound. Audio resolution determines the accuracy with which a sound can be
digitized.

Formula for determining the size of the digital audio
Monophonic = Sampling rate * duration of recording in seconds * (bit resolution / 8) * 1
Stereo = Sampling rate * duration of recording in seconds * (bit resolution / 8) * 2 The sampling
rate is how often the samples are taken.
The sample size is the amount of information stored. This is called as bit resolution.
The number of channels is 2 for stereo and 1 for monophonic. The time span of the recording is
measured in seconds.
Editing Digital Recordings

Once a recording has been made, it will almost certainly need to be edited. The basic sound
editing operations that most multimedia procedures needed are described in the paragraphs
that follow
1. Multiple Tasks: Able to edit and combine multiple tracks and then merge the tracks and
export them in a final mix to a single audio file.
2. Trimming: Removing dead air or blank space from the front of a recording and an
unnecessary extra time off the end is your first sound editing task.
3. Splicing and Assembly: Using the same tools mentioned for trimming, you will probably
want to remove the extraneous noises that inevitably creep into recording.
4. Volume Adjustments: If you are trying to assemble ten different recordings into a single
track there is a little chance that all the segments have the same volume.
5. Format Conversion: In some cases your digital audio editing software might read a
format different from that read by your presentation or authoring program.
6. Resampling or downsampling: If you have recorded and edited your sounds at 16 bit
sampling rates but are using lower rates you must resample or downsample the file.
7. Equalization: Some programs offer digital equalization capabilities that allow you to
modify a recording frequency content so that it sounds brighter or darker.
8. Digital Signal Processing: Some programs allow you to process the signal with
reverberation, multitap delay, and other special effects using DSP routines.
9. Reversing Sounds: Another simple manipulation is to reverse all or a portion of a digital

audio recording. Sounds can produce a surreal, other wordly effect when played backward.

10. Time Stretching: Advanced programs let you alter the length of a sound file without
changing its pitch. This feature can be very useful but watch out: most time stretching
algorithms will severely degrade the audio quality.
Making MIDI Audio

MIDI (Musical Instrument Digital Interface) is a communication standard developed for
electronic musical instruments and computers. MIDI files allow music and sound synthesizers
from different manufacturers to communicate with each other by sending messages along
cables connected to the devices.
Creating your own original score can be one of the most creative and rewarding aspects of
building a multimedia project, and MIDI (Musical Instrument Digital Interface) is the quickest,
easiest and most flexible tool for this task.
The process of creating MIDI music is quite different from digitizing existing audio. To make
MIDI scores, however you will need sequencer software and a sound synthesizer.
The MIDI keyboard is also useful to simply the creation of musical scores. An advantage of
structured data such as MIDI is the ease with which the music director can edit the data.
A MIDI file format is used in the following circumstances :
Digital audio will not work due to memory constraints and more processing power
requirements When there is high quality of MIDI source
When there is no requirement for dialogue.
A digital audio file format is preferred in the following circumstances: When there is no control
over the playback hardware. When the computing resources and the bandwidth requirements
are high. When dialogue is required.
Audio File Formats
A file format determines the application that is to be used for opening a file. Following is the list
of different file formats and the software that can be used for opening a specific file.
1. *.AIF, *.SDII in Macintosh Systems

2. *.SND for Macintosh Systems
3. *.WAV for Windows Systems
4. MIDI files – used by north Macintosh and Windows
5. *.WMA –windows media player
6. *.MP3 – MP3 audio
7. *.RA – Real Player
8. *.VOC – VOC Sound
9. AIFF sound format for Macintosh sound files
10. *.OGG – Ogg Vorbis
Red Book Standard

The method for digitally encoding the high quality stereo of the consumer CD music market is
an instrument standard, ISO 10149. This is also called as RED BOOK standard.
The developers of this standard claim that the digital audio sample size and sample rate of red
book audio allow accurate reproduction of all sounds that humans can hear. The red book
standard recommends audio recorded at a sample size of 16 bits and sampling rate of 44.1 KHz.
Software used for Audio

Software such as Toast and CD-Creator from Adaptec can translate the digital files of red book
Audio format on consumer compact discs directly into a digital sound editing file, or
decompress MP3 files into CD-Audio. There are several tools available for recording audio.
Following is the list of different software that can be used for recording and editing audio ;
Soundrecorder from Microsoft Apple’s QuickTime Player pro Sonic Foundry’s Sound Forge for
Windows Soundedit16
Let us sum up
Following points have been discussed in this lesson:
Audio is an important component of multimedia which can be used to provide liveliness to a

multimedia presentation.
The red book standard recommends audio recorded at a sample size of 16 bits and sampling
rate of 44.1 KHz.
MIDI is Musical Instrument Digital Interface.

MIDI is a communication standard developed for electronic musical instruments and
computers. To make MIDI scores, however you will need sequencer software and a sound
synthesizer
Images
Still images are the important element of a multimedia project or a web site. In order to make a
multimedia presentation look elegant and complete, it is necessary to spend ample amount of
time to design the graphics and the layouts. Competent, computer literate skills in
graphic art and design are vital to the success of a multimedia project.
Digital Image
A digital image is represented by a matrix of numeric values each representing a quantized
intensity value. When I is a two-dimensional matrix, then I(r,c) is the intensity value at the
position corresponding to row r and column c of the matrix.
The points at which an image is sampled are known as picture elements, commonly
abbreviated as pixels. The pixel values of intensity images are called gray scale levels (we
encode here the “color” of the image). The intensity at each pixel is represented by an integer
and is determined from the continuous image by averaging over a small neighborhood around
the pixel location. If there are just two intensity values, for example, black, and white, they are
represented by the numbers 0 and 1; such images are called binary-valued images. If 8-bit
integers are used to store each pixel value, the gray levels range from 0 (black) to 255 (white).
Digital Image Format

There are different kinds of image formats in the literature. We shall consider the image format
that comes out of an image frame grabber, i.e., the captured image format, and the format
when images are stored, i.e., the stored image format.
Captured Image Format
The image format is specified by two main parameters: spatial resolution, which is specified as
pixelsxpixels (eg. 640x480 ) and color encoding, which is specified by bits per pixel. Both
parameter values depend on hardware and software for input/output of images.
Stored Image Format

When we store an image, we are storing a two-dimensional array of values, in which each value
represents the data associated with a pixel in the image. For a bitmap, this value is a binary
digit.
Bitmaps
A bitmap is a simple information matrix describing the individual dots that are the smallest
elements of resolution on a computer screen or other display or printing device. A one-
dimensional matrix is required for monochrome (black and white); greater depth (more bits of
information) is required to describe more than 16 million colors the picture elements may have,
as illustrated in following figure. The state of all the pixels on a computer screen make up the
image seen by the viewer, whether in combinations of black and white or colored pixels in a
line of text, a photograph-like picture, or a simple background pattern.
Where do bitmap come from? How are they made?
Make a bitmap from scratch with paint or drawing program.

Grab a bitmap from an active computer screen with a screen capture program, and then paste
into a paint program or your application. Capture a bitmap from a photo, artwork, or a
television image using a scanner or video capture device that digitizes the image. Once made, a
bitmap can be copied, altered, e-mailed, and otherwise used in many creative ways.
Clip Art
A clip art collection may contain a random assortment of images, or it may contain a series of
graphics, photographs, sound, and video related to a single topic. For example, Corel,
Micrografx, and Fractal Design bundle extensive clip art collection with their image-editing
software.
Multiple Monitors
When developing multimedia, it is helpful to have more than one monitor, or a single high-
resolution monitor with lots of screen real estate, hooked up to your computer. In this way, you
can display the full-screen working area of your project or presentation and still have space to
put your tools and other menus. This is particularly important in an authoring system such
as Macromedia Director, where the edits and changes you make in one window are
immediately visible in the presentation window-provided the presentation window is not
obscured by your editing tools.

Making Still Images
Still images may be small or large, or even full screen. Whatever their form, still images are
generated by the computer in two ways: as bitmap (or paint graphics) and as vector-drawn (or
just plain drawn) graphics.
Bitmaps are used for photo-realistic images and for complex drawing requiring fine detail.
Vector-drawn objects are used for lines, boxes, circles, polygons, and other graphic shapes that
can be mathematically expressed in angles, coordinates, and distances. A drawn object can
be filled with color and patterns, and you can select it as a single object. Typically, image files
are compressed to save memory and disk space; many image formats already use compression
within the file itself – for example, GIF, JPEG, and PNG. Still images may be the most important
element of your multimedia project. If you are designing multimedia by yourself, put yourself in
the role of graphic artist and layout designer.
Bitmap Software
The abilities and feature of image-editing programs for both the Macintosh and Windows range
from simple to complex. The Macintosh does not ship with a painting tool, and Windows
provides only the rudimentary Paint (see following figure), so you will need to acquire this very
important software separately – often bitmap editing or painting programs come as part of a
bundle when you purchase your computer, monitor, or scanner.
Figure: The Windows Paint accessory provides rudimentary bitmap editing

Capturing and Editing Images
The image that is seen on a computer monitor is digital bitmap stored in video memory,
updated about every 1/60 second or faster, depending upon monitor’s scan rate. When the
images are assembled for multimedia project, it may often be needed to capture and store an
image directly from screen. It is possible to use the Prt Scr key available in the keyboard to
capture a image.
Scanning Images
After scanning through countless clip art collections, if it is not possible to find the unusual
background you want for a screen about gardening. Sometimes when you search for something
too hard, you don’t realize that it’s right in front of your face. Open the scan in an image-editing
program and experiment with different filters, the contrast, and various special effects. Be
creative, and don’t be afraid to try strange combinations – sometimes mistakes yield the most
intriguing results.
Vector Drawing
Most multimedia authoring systems provide for use of vector-drawn objects such as lines,
rectangles, ovals, polygons, and text. Computer-aided design (CAD) programs have traditionally
used vector-drawn object systems for creating the highly complex and geometric rendering
needed by architects and engineers.
Graphic artists designing for print media use vector-drawn objects because the same
mathematics that put a rectangle on your screen can also place that rectangle on paper without
jaggies. This requires the higher resolution of the printer, using a page description language
such as PostScript.
Programs for 3-D animation also use vector-drawn graphics. For example, the various changes
of position, rotation, and shading of light required to spin the extruded.
How Vector Drawing Works

Vector-drawn objects are described and drawn to the computer screen using a fraction of the
memory space required to describe and store the same object in bitmap form. A vector is a line
that is described by the location of its two endpoints. A simple rectangle, for example, might
be defined as follows:
RECT 0, 0, 200, 200

Color
Color is a vital component of multimedia. Management of color is both a subjective and a
technical exercise. Picking the right colors and combinations of colors for your project can
involve many tries until you feel the result is right.Understanding Natural Light and Color
The letters of the mnemonic ROY G. BIV, learned by many of us to remember the colors of the
rainbow, are the ascending frequencies of the visible light spectrum: red, orange, yellow, green,
blue, indigo, and violet. Ultraviolet light, on the other hand, is beyond the higher end of the
visible spectrum and can be damaging to humans.
The color white is a noisy mixture of all the color frequencies in the visible spectrum. The
cornea of the eye acts as a lens to focus light rays onto the retina. The light rays stimulate many
thousands of specialized nerves called rods and cones that cover the surface of the retina. The
eye can differentiate among millions of colors, or hues, consisting of combination of red, green,
and blue.
Additive Color
In additive color model, a color is created by combining colored light sources in three primary
colors: red, green and blue (RGB). This is the process used for a TV or computer monitor
Subtractive Color
In subtractive color method, a new color is created by combining colored media such as paints
or ink that absorb (or subtract) some parts of the color spectrum of light and reflect the others
back to the eye. Subtractive color is the process used to create color in printing. The printed
page is made up of tiny halftone dots of three primary colors, cyan, magenta and yellow (CMY).
Image File Formats
There are many file formats used to store bitmaps and vectored drawing. Following is a list of
few image file formats.
Format Extension
Microsoft Windows DIB .bmp .dib .rle
Microsoft Palette .pal
Autocad format 2D .dxf

JPEG .jpg
Windows Meta file .wmf
Portable network graphic .png
Compuserve gif .gif
Apple Macintosh .pict .pic .pct
Animation and Video

Animation makes static presentations come alive. It is visual change over time and can add
great power to our multimedia projects. Carefully planned, well-executed video clips can make
a dramatic difference in a multimedia project. Animation is created from drawn pictures and
video is created using real time visuals.
Principles of Animation
Animation is the rapid display of a sequence of images of 2-D artwork or model positions in
order to create an illusion of movement. It is an optical illusion of motion due to the
phenomenon of persistence of vision, and can be created and demonstrated in a number of
ways. The most common method of presenting animation is as a motion picture or video
program, although several other forms of presenting animation also exist
Animation is possible because of a biological phenomenon known as persistence of vision and a

psychological phenomenon called phi. An object seen by the human eye remains chemically
mapped on the eye’s retina for a brief time after viewing. Combined with the human mind’s
need to conceptually complete a perceived action, this makes it possible for a series of images
that are changed very slightly and very rapidly, one after the other, to seemingly blend together
into a visual illusion of movement. The following shows a few cells or frames of a rotating logo.
When the images are progressively and rapidly changed, the arrow of the compass is
perceived to be spinning.
Television video builds entire frames or pictures every second; the speed with which each
frame is replaced by the next one makes the images appear to blend smoothly into movement.

To make an object travel across the screen while it changes its shape, just change the shape and
also move or translate it a few pixels for each frame.
Animation Techniques
When you create an animation, organize its execution into a series of logical steps. First, gather
up in your mind all the activities you wish to provide in the animation; if it is complicated, you
may wish to create a written script with a list of activities and required objects. Choose the
animation tool best suited for the job. Then build and tweak your sequences; experiment with
lighting effects. Allow plenty of time for this phase when you are experimenting and testing.
Finally, post-process your animation, doing any special rendering and adding sound effects.
Cel Animation
The term cel derives from the clear celluloid sheets that were used for drawing each frame,
which have been replaced today by acetate or plastic. Cels of famous animated cartoons have
become sought-after, suitable-for-framing collector’s items.
Cel animation artwork begins with keyframes (the first and last frame of an action). For
example, when an animated figure of a man walks across the screen, he balances the weight of
his entire body on one foot and then the other in a series of falls and recoveries, with the
opposite foot and leg catching up to support the body.
The animation techniques made famous by Disney use a series of progressively different
on each frame of movie film which plays at 24 frames per second.
A minute of animation may thus require as many as 1,440 separate frames. The term cel
derives from the clear celluloid sheets that were used for drawing each frame, which is been
replaced today by acetate or plastic. Cel animation artwork begins with keyframes.
Computer Animation
Computer animation programs typically employ the same logic and procedural concepts as cel
animation, using layer, keyframe, and tweening techniques, and even borrowing from the
vocabulary of classic animators. On the computer, paint is most often filled or drawn with
tools using features such as gradients and anti- aliasing. The word links, in computer animation
terminology, usually means special methods for computing RGB pixel values, providing edge
detection, and layering so that images can blend or otherwise mix their colors to produce
special transparencies, inversions, and effects.

Computer Animation is same as that of the logic and procedural concepts as cel animation and
use the vocabulary of classic cel animation – terms such as layer, Keyframe, and tweening.
The primary difference between the animation software program is in how much must be
drawn by the animator and how much is automatically generated by the software In 2D
animation the animator creates an object and describes a path for the object to follow. The
software takes over, actually creating the animation on the fly as the program is being viewed
by your user. In 3D animation the animator puts his effort in creating the models of individual
and designing the characteristic of their shapes and surfaces.
Paint is most often filled or drawn with tools using features such as gradients and anti- aliasing.
Kinematics
It is the study of the movement and motion of structures that have joints, such as a walking
man.
Inverse Kinematics is in high-end 3D programs, it is the process by which you link objects such
as hands to arms and define their relationships and limits. Once those relationships are set you
can drag these parts around and let the computer calculate the result.
Morphing
Morphing is popular effect in which one image transforms into another.Morphing application
and other modeling tools that offer this effect can perform transition not only between still
images but often between moving images as well.
The morphed images were built at a rate of 8 frames per second, with each transition taking a
total of 4 seconds. Some product that uses the morphing features are as follows
o Black Belt’s Easy Morph and WinImages,
o Human Software’s Squizz
o Valis Group’s Flo , MetaFlo, and MovieFlo.
Animation File Formats
Some file formats are designed specifically to contain animations and the can be ported among
application and platforms with the proper translators.
Director *.dir, *.dcr

AnimationPro *.fli, *.flc
3D Studio Max *.max
SuperCard and Director *.pics CompuServe *.gif
Flash *.fla, *.swf

Video
Analog versus Digital

Digital video has supplanted analog video as the method of choice for making video for
multimedia use. While broadcast stations and professional production and post- production
houses remain greatly invested in analog video hardware (according to Sony, there are more
than 350,000 Betacam SP devices in use today), digital video gear produces excellent finished
products at a fraction of the cost of analog. A digital camcorder directly connected to a
computer workstation eliminates the image-degrading analog-to-digital conversion step
typically performed by expensive video capture cards, and brings the power of nonlinear video
editing and production to everyday users.
Broadcast Video Standards

Four broadcast and video standards and recording formats are commonly in use around the
world: NTSC, PAL, SECAM, and HDTV. Because these standards and formats are not easily
interchangeable, it is important to know where your multimedia project will be used.
NTSC
The United States, Japan, and many other countries use a system for broadcasting and
displaying video that is based upon the specifications set forth by the 1952
National Television Standards Committee. These standards define a method for
encoding information into the electronic signal that ultimately creates a television picture. As
specified by the NTSC standard, a single frame of video is made up of 525 horizontal scan lines
drawn onto the inside face of a phosphor-coated picture tube every 1/30th of a second by a
fast-moving electron beam.
PAL
The Phase Alternate Line (PAL) system is used in the United Kingdom, Europe, Australia, and
South Africa. PAL is an integrated method of adding color to a black-and-white television signal
that paints 625 lines at a frame rate 25 frames per second.
SECAM
The Sequential Color and Memory (SECAM) system is used in France, Russia, and few other
countries. Although SECAM is a 625-line, 50 Hz system, it differs greatly from both the NTSC and
the PAL color systems in its basic technology and broadcast method.

HDTV
High Definition Television (HDTV) provides high resolution in a 16:9 aspect ratio (see following
Figure). This aspect ratio allows the viewing of Cinemascope and Panavision movies. There is
contention between the broadcast and computer industries about whether to use interlacing or
progressive-scan technologies.
Shooting and Editing Video

To add full-screen, full-motion video to your multimedia project, you will need to invest in
specialized hardware and software or purchase the services of a professional video production
studio. In many cases, a professional studio will also provide editing tools and post-production
capabilities that you cannot duplicate with your Macintosh or PC.
Video Tips
A useful tool easily implemented in most digital video editing applications is “blue screen,”
“Ultimate,” or “chromo key” editing. Blue screen is a popular technique for making
multimedia titles because expensive sets are not required. Incredible backgrounds can
be generated using 3-D modeling and graphic software, and one or more actors, vehicles, or
other objects can be neatly layered onto that background. Applications such as VideoShop,
Premiere, Final Cut Pro, and iMovie provide this capability.
Recording Formats S-VHS video

In S-VHS video, color and luminance information are kept on two separate tracks. The result is a
definite improvement in picture quality. This standard is also used in Hi-8. still, if your ultimate
goal is to have your project accepted by broadcast stations, this would not be the best choice.
Component (YUV)
In the early 1980s, Sony began to experiment with a new portable professional video format
based on Betamax. Panasonic has developed their own standard based on a similar technology,
called “MII,” Betacam SP has become the industry standard for professional video field
recording. This format may soon be eclipsed by a new digital version called “Digital Betacam.”
Digital Video

Full integration of motion video on computers eliminates the analog television form of video
from the multimedia delivery platform. If a video clip is stored as data on a hard disk, CD-ROM,
or other mass-storage device, that clip can be played back on the computer’s monitor without
overlay boards, videodisk players, or second monitors. This playback of digital video is
accomplished using software architecture such as QuickTime or AVI, a multimedia producer or
developer; you may need to convert video source material from its still common analog form
(videotape) to a digital form manageable by the end user’s computer system. So an
understanding of analog video and some special hardware must remain in your multimedia
toolbox.
Analog to digital conversion of video can be accomplished using the video overlay hardware
described above, or it can be delivered direct to disk using FireWire cables. To repetitively
digitize a full-screen color video image every 1/30 second and store it to disk or RAM severely
taxes both Macintosh and PC processing capabilities–special hardware, compression firmware,
and massive amounts of digital storage space are required.
Video Compression
To digitize and store a 10-second clip of full-motion video in your computer requires transfer of
an enormous amount of data in a very short amount of time. Reproducing just one frame of
digital video component video at 24 bits requires almost 1MB of computer data; 30 seconds of
video will fill a gigabyte hard disk. Full-size, full-motion video requires that the computer deliver
data at about 30MB per second. This overwhelming technological bottleneck is overcome using
digital video compression schemes or codecs (coders/decoders). A codec is the algorithm used
to compress a video for delivery and then decode it in real-time for fast playback.
Real-time video compression algorithms such as MPEG, P*64, DVI/Indeo, JPEG, Cinepak,
Sorenson, ClearVideo, RealVideo, and VDOwave are available to compress digital video
information. Compression schemes use Discrete Cosine Transform (DCT), an encoding algorithm
that quantifies the human eye’s ability to detect color and image distortion. All of these codecs
employ lossy compression algorithms.
In addition to compressing video data, streaming technologies are being implemented to

provide reasonable quality low-bandwidth video on the Web. Microsoft, RealNetworks,
VXtreme, VDOnet, Xing, Precept, Cubic, Motorola, Viva, Vosaic, and Oracle are actively
pursuing the commercialization of streaming technology on the Web.

QuickTime, Apple’s software-based architecture for seamlessly integrating sound, animation,
text, and video (data that changes over time), is often thought of as a compression standard,
but it is really much more than that.
MPEG
The MPEG standard has been developed by the Moving Picture Experts Group, a working
group convened by the International Standards Organization (ISO) and the International
Electro-technical Commission (IEC) to create standards for digital representation of moving
pictures and associated audio and other data. MPEG1 and MPEG2 are the current standards.
Using MPEG1, you can deliver 1.2 Mbps of video and
250 Kbps of two-channel stereo audio using CD-ROM technology. MPEG2, a completely
different system from MPEG1, requires higher data rates (3 to 15 Mbps) but delivers higher
image resolution, picture quality, interlaced video formats, multiresolution scalability, and
multichannel audio features.
DVI/Indeo
DVI is a property, programmable compression/decompression technology based on the Intel
i750 chip set. This hardware consists of two VLSI (Very Large Scale Integrated) chips to separate
the image processing and display functions.
Two levels of compression and decompression are provided by DVI: Production Level Video
(PLV) and Real Time Video (RTV). PLV and RTV both use variable compression rates. DVI’s
algorithms can compress video images at ratios between 80:1 and 160:1. DVI will play back
video in full-frame size and in full color at 30 frames per second.
Optimizing Video Files for CD-ROM

CD-ROMs provide an excellent distribution medium for computer-based video: they are
inexpensive to mass produce, and they can store great quantities of information. CD- ROM
players offer slow data transfer rates, but adequate video transfer can be achieved by taking
care to properly prepare your digital video files.
Limit the amount of synchronization required between the video and audio. With Microsoft’s
AVI files, the audio and video data are already interleaved, so this is not a necessity, but with
QuickTime files, you should “flatten” your movie. Flattening means you interleave the audio
and video segments together.

Use regularly spaced key frames, 10 to 15 frames apart, and temporal compression can
correct for seek time delays. Seek time is how long it takes the CD-ROM player to locate specific
data on the CD-ROM disc. Even fast 56x drives must spin up, causing some delay (and
occasionally substantial noise).
The size of the video window and the frame rate you specify dramatically affect performance.
In QuickTime, 20 frames per second played in a 160X120-pixel window is equivalent to playing
10 frames per second in a 320X240 window. The more data that has to be decompressed and
transferred from the CD-ROM to the screen, the slower the playback.
Let us sum up
In this lesson we have learnt the use of animation and video in multimedia presentation.
Following points have been discussed in this lesson :
Animation is created from drawn pictures and video is created using real time visuals.
Animation is possible because of a biological phenomenon known as persistence of vision
The different techniques used in animation are cel animation, computer animation, kinematics
and morphing.
Four broadcast and video standards and recording formats are commonly in use around the
world: NTSC, PAL, SECAM, and HDTV.
Real-time video compression algorithms such as MPEG, P*64, DVI/Indeo, JPEG,Cinepak,
Sorenson, ClearVideo, RealVideo, and VDOwave are available to compress digital video
information.

E-Governance/Commerce/Education/Medicine
The last decade has seen a massive explosion of Information and Communications Technology
(ICT) all over the world. India is also gearing up towards to an era of digitalization. It intends to
nurture digital ecosystems across all the sectors including health, education, agriculture,
resources, financial services etc. The concept of e-governance is to involve IT in all the
government processes. “e-Governance or electronic Governance is understood as the use of
Information and Communications Technology (ICT) at all the level of Government in order to
provide services to the citizens, interaction with business enterprises and communication and
exchange of information between different agencies of the Government in a speedy,
convenient, efficient and transparent manner” (Ministry of Electronics & Information
Technology, Government of India). “e-Governance, in essence, is the application of Information
and Communications Technology to government functioning in order to create ‘Simple, Moral,
Accountable, Responsive and Transparent (SMART)’ governance”(Ministry of Electronics &
Information Technology, Government of India).
Pillars of e-Governance
E-Governance is a holistic initiative with four key pillars: people, technology, process and
resources.
Objectives of e-Governance
The objectives of the e-Governance are:

❖
To exchange information with citizens, businesses, or other government departments
❖
To provide efficient delivery of public services
❖
To enhance internal efficiency of the government system
❖
To reduce cost/increase the revenue
❖
To re-structure the administrative processes and improve quality of services
Types of interaction in e-Governance

There are four types of interaction in the e-Governance
G2G i.e. Government to Government: This type of interaction includes exchange of

information electronically between the government bodies i.e. between national (central),
state and local government and within the government entities at various levels. This type of
interface helps in smooth and transparent functioning of the government processes along with
saving time and being cost-effective as well. Examples of G2G services include inter-office
teleconferencing, Online Budget System, Electronic stamping of bills etc.
G2C i.e. Government to Citizen: This type of interaction includes exchange of information
electronically between the government bodies and the citizens. This type of interface helps
general public to access government services, information and provide feedback electronically.
The aim is to make government services citizen-friendly. Examples of G2C services include
passport/visa, property registration, birth and death certificate, marriage certificate,
municipality services, death certificate etc.
G2B i.e. Government to Business: This type of interaction includes exchange of information
electronically between the government bodies and business entities, Non-governmental
Organisations (NGOs) and civil societies. This type of interface helps cut down red-tapism and
establishing business environment which is transparent, cost-effective and saves time.
Examples of G2B services include e-Tender Box (ETB) system, e-Procurement Programme etc.
G2E i.e. Government to Employees: This type of interaction includes exchange of information
electronically between the government bodies and employees. This type of interface aims to
make interaction between employees and government fast, efficient and employee-
satisfactory. Examples of G2E services include E-payroll, E-training etc.
Guiding Principles for e-Governance

There are four guiding principles for reforming Government through technology(Ministry of
Electronics & Information Technology, Government of India 2017).
Form simplification and field reduction: The forms used should be simplified and should be
structured in a way to capture minimum essential information.
Online applications and tracking: Online applications with proper tracking mechanism should
be developed.
Online repositories: Online repositories e.g. for educational certificates, employment
documents etc. should be used for improving convenience to the citizens.
Integration of services and platform: Integrated and interoperable services should be provided
to the citizens and businesses by mandating sharing of data between the online services and
platforms like Unique Identity Authority of India (UIDAI), Mobile Seva platform etc.
Benefits of e-Governance
The benefits of e-Governance are manifold. Some of them are enlisted below:
• Increase in transparency and accountability of the government administration

• Cost reduction and growth in the revenue
• Improved convenience to the citizens and businesses
• Expansion in government outreach
• Reduce red-tapism

• Improved coordination between the government bodies at various levels
• Enhanced efficiency of the government system
• Improvement in satisfaction level of the general public with the government services
• Empowerment of citizens through information access
• Improved interaction with the business entities
• Improved quality of citizen services
• Better enforcement of law
• Reducing digital divide and providing equal access to information
• Creation and linkage of local and global online communities
• Encourage innovative leadership styles
• Promotes economic development by creating an enabling environment
Evolution of e-Governance in India
The origin of e-Governance in India dates back in 1970’s with the initiation of in-house e-
applications in the government areas like elections, census, defence and monitoring of
economic situation of the country (Drishti The Vision Foundation 2019). One of the early steps
towards e-Governance in India was the establishment of the Department of Electronics in the
year 1970(Drishti The Vision Foundation 2019). Following this, the National Informatics Centre
was established in the year 1977(Drishti the Vision Foundation 2019). By 1980 most of the
Indian government offices were equipped with computers (Kumar, Kumar, and Kumar 2014). In
the year 1987, Government of India took the first remarkable step towards e-Governance by
launching the National Satellite-based computer network NICNET(Drishti The Vision Foundation
2019). Following this, District Information System program was launched by the National
Informatics Centre. Railways office automation also began prior to 1990(International
Telecommunication Union (ITU) 2018). By 1990, the extent of NICNET expanded from state
headquarters to district headquarters (Kumar, Kumar, and Kumar 2014). Between 1990-2006,
various state and individual department level e-initiatives were taken (International
Telecommunication Union (ITU) 2018). In 1998, National task Force on IT was constituted(Suri
and Sushil 2017). In the year 2000, Ministry of Information Technology was established under
the GoI(Kumar, Kumar, and Kumar 2014). In Feb 2002, subsequent to the consitution of High
Power committee related to promotion of IT, the Department of Administrative Reforms and
Public Grievances (DARPG) put forward 12 point ‘Minimum Agenda for e-Governance’ to be
implemented by all government departments(Suri and Sushil 2017).
Finally in the year 2006, Government of India (GoI) approved National e-Governance Plan
(NeGP)(Ministry of Electronics & Information Technology, Government of India 2018). The
vision of NeGP is to “make all Government services accessible to the common man in his
locality, through Common Service Delivery Outlets and ensure efficiency, transparency &
reliability of such services at affordable costs to realise the basic needs of the common
man”(Ministry of Electronics & Information Technology, Government of India 2018). National e-

Governance Plan comprises of 31 Mission Mode Projects (MMPs), each of which focus on
specific area like agriculture, health, education etc. Annexure 1 outlines the Mission Mode
Projects (MMPs) under NeGP. The National Portal of India, one of the MMPs under NeGP,
provides single window access to information and services provided by the government
organisations(Ministry of Electronics & Information Technology, Government of India 2020b).
Under National e-Governance Plan, National e-Governance Services Delivery Gateway (NSDG)
was made operational in April, 2008(Ministry of Electronics & Information Technology,
Government of India 2015).
In July 2011, Government of India started using mobile platform for the delivery of public
services (Ministry of Communications, Government of India 2015). National Policy on
Information Technology (IT) was approved by the GoI in the year 2012(Ministry of
Communications, Government of India 2012). In the year 2015, Prime Minister Shri Narendra
Modi launched Digital India Programme (Ministry of Electronics & Information Technology,
Government of India 2020a). “Digital India is a flagship programme of the Government of India
with a vision to transform India into a digitally empowered society and knowledge
economy”(Ministry of Electronics & Information Technology, Government of India 2020a)“e-
Governance: Reforming Government through Technology” is one of the nine pillars of Digital
India Programme(Ministry of Electronics & Information Technology, Government of India
2020a). e-Kranti is another pillar under Digital India initiative with a vision of “Transforming e-
Governance for Transforming Governance”(Ministry of Electronics & Information Technology,
Government of India 2020a). Annexure 2 outlines the 9 pillars of the Digital India Porgramme.
Following Table shown some of the e-Governance initiatives taken under Digital India
programme. Annexure 3 outlines some of the policies related to e-Governance in India.
Table:
S.No e-Governance Initiative

1 MyGov: A platform for citizen Engagement towards Good Governance
2 Aadhaar Authentication Services for E-governance Applications
3 Common Services Centres (CSCs)
4 e-Gov App Store
5 Unified Mobile Application for New-Age Governance (UMANG)
6 National Scholarships Portal
Open Government Data (OGD) platform for National Data Sharing and Accessibility
7 Policy
(NDSAP)
8 PRAGATI (Pro-Active Governance And Timely Implementation)
9 Digitize India Platform (DIP)
10 Collaborative Digital Diagnosis System
11 DARPAN (Dashboard for Analytical Review of Projects Across Nation)

12 e-Office
13 eProcurement Project
14 Digital Locker System
15 India Portal
16 National Data Centre
17 Public Finance Management System (PFMS)
18 DigiDhan - Digital Payments
19 eCourts
20 e-Way Bill
21 Aadhaar Enabled Biometric Attendance System (AEBAS)
22 Rapid Assessment System (RAS)
23 Digital Government Research Centre (DGRC)
24 Pradhan Mantri Awas Yojana (Urban)- PMAY(U) portal
25 NREGASoft: Portal for Mahatma Gandhi National Rural Employment Guarantee Act
(MGNREGA)
26 National Rurban Mission (NRuM) portal
27 Swachh Bharat Mission (Urban)-SBM(U) portal
Ref: (Ministry of Electronics & Information Technology, Government of India 2019)
Union Budget 2020-2021 aims “to achieve seamless delivery of services through Digital
governance”(Ministry of Finance, Government of India 2020). Union Budget 2020-2021
proposed various new e-Governance initiatives. These include Government e-Marketplace
(GeM) for procurement of goods, services and works, single window e-logistics market, policy
for data centre parks throughout the country etc. The vision of Union Budget 2020-2021 is that
“all “public institutions" at Gram Panchayat level such as Anganwadis, health and wellness
centres, government schools, PDS outlets, post offices and police stations will be provided with
digital connectivity”(Ministry of Finance, Government of India 2020).
E-Governance Initiatives in healthcare

National level Initiatives
The idea of introduction of electronic communication in the health sector was first supported
by the National Health Policy, which was approved by the Parliament of India in the year 1983
and later updated in the year 2002. The National Health Policy 2017 further emphasized the
role of digital technology in the delivery of healthcare services (MInistry of Health and Family
Welfare, Government of India 2017). The policy recommended the use of “Aadhaar” as a
unique identification number for the beneficiaries, use of smartphones and National Optical
fibre network for building the National health Information Architecture.

In the year 2015, the MoHFW, GoI proposed setting up of the National E-Health Authority
(NeHA) with the vision to make use of information and communication technologies (ICT) in
the delivery of high quality health care services to the citizens of India(Ministry of Health &
Family Welfare, Government of India 2017a). MoHFW has started numerous e-Governance
initiatives in health care sector in India under the division called eHealth division. Table 2
outlines some of the National-level e-Governance Initiatives in healthcare in India.
Table; National level e-Governance Initiatives in Healthcare
Initiative Description
Office Automation
e-Office MoHFW,GoI has started implementation of e-Office which includes
creation of e-files, e-sign etc. to improve the efficiency of the
government processes(Ministry of Health & Family Welfare 2018)
Video Conference facility MoHFW,GoI has started video conferencing facility in the offices(Ministry
of Health & Family Welfare 2018)
Digital Payments Under Digital India Programme, digitization of payments has been
initiated in the health sector(Ministry of Health & Family Welfare 2018)
Online Services
Government Services Single window access to 40 Health services provided by GoI(Ministry of
Portal of India Electronics & Information Technology, Government of India 2005)
National Health Portal Web based portal that acts as a single point of access to authentic health
related information for citizens of India(Ministry of Health and Family
Welfare, Government of India 2016d)
e-Hospital Hospital Management System for delivery of services like patient care,
diagnostics etc. in Government Hospitals in India(Ministry of Health and
Family Welfare, Government of India 2019b)
Online registration Aadhaar based online registeration system for booking an OPD

system appointment, availing services like online diagnostic reports, enquire
availability of blood in any government hospital in India(Ministry of
Electronics & Information Technology, Government of India 2015d)
Central Government Web application implemented in all the wellness centres across the
Health Services (CGHS) nation since 2007 for the delivery of Central Government Health Services
portal (CGHS)(Ministry of Health and Family Welfare, Government of India
2015c)
Food Safety and GoI website for providing services like issuance of licence, product
Standards Authority of approval etc. to food business operators(Ministry of Health and Family
India Welfare, Government of India 2020a)
National Organ & Tissue GoI web portal for registration and retrieval for organ/ tissue
Transplant Organisation transplantation (Ministry of Health and Family Welfare, Government of
India 2019b)
Central Drugs Standards Single window access to various stakeholders like Pharmaceutical
Control Organisation, Industry, Citizens, Regulators etc. for applications and approvals of drugs,
“SUGAM” vaccines, cosmetic products, medical devices, clinical trials an
committee(Ministry of Health and Family Welfare, Government of India
2019b)
Mera Aspataal GoI initiative to capture patient feedback for the services received at the
hospital(Ministry of Health and Family Welfare, Government of India
2020b)
‘Hum Do’ Website GoI website providing information related to family planning and
guidance on family planning methods(Ministry of Health and Family
Welfare, Government of India 2017)
PMSMA portal Web and android based system with help desk to facilitate Pradhan

Mantri Surakshit Matritva Abhiyan (PMSMA) programme by (MoHFW),
Government of India under which free of cost ANC care is given to

th
preganant women on 9 of each month (Ministry of Health and Family
Welfare, Government of India 2018)
Online Medical Online Counselling service by GoI for admission into Under Graduate and
Counseling & Admission Post Graduate Medical colleges(Ministry of Health and Family Welfare,
Project Government of India 2015c)
Ayushman Bharat- GoI portal providing information and services related to Pradhan Mantri
Pradhan Mantri Jan Jan Arogya Yojna(National Health Authority, Government of India 2018)
Arogya Yojna Portal
Mobile Applications and Services
Swasth Bharat (Disease, Android based mobile application that provide reliable information
Lifestyle, First Aid) related to disease conditions, symtptoms, available treatment options,
public health alerts, healthy lifestyle, first aid etc. (Ministry of Health and
Family Welfare, Government of India 2016h)
NHP Indradhanush : GoI android based mobile application to help parents register and track
Vaccine Tracker immunisations of their children under 16 years of age(Ministry of Health
and Family Welfare, Government of India 2016g)
National Health Portal Mobile application providing information related to hospitals and blood
Directory Services banks across India(Ministry of Health and Family Welfare, Government of
Challenges to e-Governance
Implementation of e-Governance is quite challenging in India because of the various social,

political, operational and technological issues. Some of the key challenges are outlined below:
• Huge population of India with majority residing in rural areas

• Use of local language: India is a multi-lingual nation with 22 official languages

• Lack of Infrastructure facilities like electricity, internet etc. especially in the rural areas
• High cost of e-Governance initiatives
• Digital Divide: between urban-rural, rich-poor, male-female, users and non-users of e-
govt. services
• Multi-party and Multi-tiered Government
• Issues related to privacy and security of data
• Issues related to awareness of e-Governance
• Issues related to accessibility and affordability of e-Governance
“e-Governance has to be citizen-friendly. Delivery of services to citizens is considered a primary

function of the government. In a democratic nation of over one billion people like India, e-
Governance should enable seamless access to information and seamless flow of information
across the state and central government in the federal set up. No country has so far
implemented an e-Governance system for one billion people. It is a big challenge before us”
Dr APJ Abdul Kalam, Former President of India
_______________________________________End____________________________________

IT Module Paper-2

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IT Module Paper-2

Uploaded by

Copyright:

Available Formats

Sr. No. Topics Page No.

1 ICT Security 2-8

2 Cyber Security 9-32

4 0racle Data Base 36-48

5 Cloud Computing 49-66

6 Computer Networking/LAN/WAN 67-79

7 World Wide Web 80-87

10 Multimedia Services 105-132

JTO to SDE LDCE For Internal Circulation Only Page 1

JTO to SDE LDCE For Internal Circulation Only Page 2

Risks to information assets

The negative aspects of information-oriented environments include the following:

JTO to SDE LDCE For Internal Circulation Only Page 3

What is information security?

4Rs of information security

JTO to SDE LDCE For Internal Circulation Only Page 4

Figure: Correlation between risk and information assets

JTO to SDE LDCE For Internal Circulation Only Page 5

Methods of Risk Management

JTO to SDE LDCE For Internal Circulation Only Page 6

Information security domains and related standard and certifications

JTO to SDE LDCE For Internal Circulation Only Page 7

ISO/IEC27001 focuses on administrative security. In particular, it emphasizes documentation

JTO to SDE LDCE For Internal Circulation Only Page 8

JTO to SDE LDCE For Internal Circulation Only Page 9

ATTACK ON THE PHYSICAL LEVEL

JTO to SDE LDCE For Internal Circulation Only Page 10

Additional methods of trickery

JTO to SDE LDCE For Internal Circulation Only Page 11

ATTACK ON THE PSYCHOLOGICAL LEVEL

JTO to SDE LDCE For Internal Circulation Only Page 12

Sympathy or intimidation attacks

JTO to SDE LDCE For Internal Circulation Only Page 13

Learn to recognize a social engineering situation

JTO to SDE LDCE For Internal Circulation Only Page 14

Promote practices that prevent attacks

JTO to SDE LDCE For Internal Circulation Only Page 15

SECURE COMPUTER AND NETWORK

JTO to SDE LDCE For Internal Circulation Only Page 16

UNDERSTAND THE HOME ENVIRONMENT

JTO to SDE LDCE For Internal Circulation Only Page 17

Establish effective policies

JTO to SDE LDCE For Internal Circulation Only Page 18

SECURE HOME MACHINES

JTO to SDE LDCE For Internal Circulation Only Page 19

Figure 1: VPN remote access over the Internet.

 Establish an Internet connection. This can be dial-up or broadband.

JTO to SDE LDCE For Internal Circulation Only Page 20

Figure 3: Compulsory tunneling.

JTO to SDE LDCE For Internal Circulation Only Page 21

Examine personal firewalls

JTO to SDE LDCE For Internal Circulation Only Page 22

Examine intrusion detection systems

JTO to SDE LDCE For Internal Circulation Only Page 23

Figure 4: Network-based IDS.

 Host-based IDSs (sometimes called HIDSs) monitor communications on a host-by-host

JTO to SDE LDCE For Internal Circulation Only Page 24

Explore intrusion prevention systems

JTO to SDE LDCE For Internal Circulation Only Page 25

JTO to SDE LDCE For Internal Circulation Only Page 26

Static packet filters

JTO to SDE LDCE For Internal Circulation Only Page 27

STATEFUL PACKET INSPECTION