11
Security
and Ethical Challenges
I. CHAPTER OVERVIEW
Foundation Concepts: Security
and Ethical Challenges, discusses the
threats against, and defenses needed for, the performance and security of
e-business systems, as well as the ethical implications and societal impacts of
information technology.
Ethical
and Societal Dimensions – The vital role of information technologies and
systems in society raises serious ethical and societal issues in terms of their
impact on employment, individuality, working conditions, privacy, health, and
computer crime. Managers, business
professionals, and IS specialists can help solve the problems of improper use of
IT by assuming their ethical responsibilities for the ergonomic design,
beneficial use, and enlightened management of e-business technologies in our
society. See Figure 11.2
Ethical Responsibilities in
Business – Business and IT activities involve many ethical considerations.
Basic principles of technology and business ethics can serve as
guidelines for business professionals when dealing with ethical business issues
that may arise in e-business, e-commerce, and other uses of information
technology in society.
Security Management – One of the most important responsibilities of the management of a
company is to assure the security and quality of its e-business activities.
Security management tools and policies can ensure the accuracy,
integrity, and safety of the e-business systems and resources of a company, and
thus minimize errors, fraud, and security losses in their e-commerce activities.
II. LEARNING OBJECTIVES
Learning Objective
·
Identify several ethical
issues in how the use of information technologies in business affects
employment, individuality, working conditions, privacy crime, health, and
solutions to societal problems.
·
Identify several types of
security management strategies and defenses, and explain how they can be used to
ensure the security of e-business applications.
·
Propose several ways that
business managers and professionals can help to lessen the harmful effects and
increase the beneficial effects of the use of information technology.
III. TEACHING SUGGESTIONS
Figure 11.2 outlines major
aspects of the ethical and societal dimensions of IT.
It should be stressed to students that IT can have both positive and
negative effects on society. Instructors
should spend some time discussing the different types of computer crimes, and
why they are considered crimes at all. A
slide has been created with the following elements:
hacking, cyber theft, unauthorized use at work, piracy, and computer
viruses. Instructors should spend
time discussing with students some of the other challenges outlined in the test
that arise from the use of information technologies in e-business systems.
A slide has been created showing the following:
lost job opportunities, lost individuality, working conditions, computer
monitoring, and health issues. As a
business end user, you have a responsibility to promote ethical uses of
information technology in the workplace. Current
lawsuits have heightened the importance of these issues.
A slide has been created which instructors can use to promote discussion
with students as to the importance of these considerations.
The necessity of controls for information systems should be emphasized.
The goal of security management is the accuracy, integrity, and safety of
all e-business processes and resources. Stress
to students that conducting security management is a complex task in all
organizations. A slide depicting
the following points has been created: encryption,
firewalls, virus defenses, denial of service defenses, and monitoring e-mail.
Another slide outlines security codes, backup files, security monitors,
and biometric security controls. News
accounts of computer errors and computer related crimes could be used to
convince students of the importance of this topic.
Examples of procedural and physical facility controls should also be
discussed, especially the importance of disaster recovery planning (a slide has
been created for this topic). Figure
11.21 can serve to provide an example of e-business system controls and
audits. Note that they are designed to monitor and maintain the
quality and security of the input, processing, output, and storage activities of
an information system. Finally, Figure
11.22 is a good slide to use to discuss information systems controls as
methods and devices that attempt to ensure the accuracy, validity, and propriety
of information system activities.
IV. LECTURE NOTES
INTRODUCTION
There
is no question that the use of information technology in e-business operations
presents major security challenges, poses serious ethical questions, and affects
society in significant ways.
We can learn a lot from this case about the ethical security issues and
the challenges that surround the business use of Internet technologies.
Take a few minutes to read it, and we will discuss it (see MTV Networks
and First Citizens Bank in Section IX).
e-Business, Security, Ethics, and Society [Figure 11.2]
The use of IT in e-business has major impacts on society, and thus raises
serious ethical issues in the areas such as:
·
Crime
·
Privacy
·
Individuality
·
Employment
·
Health
·
Working Conditions
Note:
Students should realize that information technology can have a beneficial
effect as well as a negative effect in each of the areas listed above.
ETHICAL RESPONSIBILITY
As a business end user, you have a responsibility to do something about
some of the abuses of information technology in the workplace.
These responsibilities include properly performing your role as a vital
human resource in the e-business systems you help develop and use in your
organizations.
The AITP code provides guidelines for ethical conduct in the development
and use of information technology. End-users
and IS professionals would live up to their ethical responsibilities by
voluntarily following such guidelines. For
example, you can be a responsible end user by:
·
Acting with integrity
·
Increasing your
professional competence
·
Setting high standards of
personal performance
·
Accepting responsibility
for your work
·
Advancing the health,
privacy, and general welfare of the public
Business Ethics:
Business ethics is concerned
with the numerous ethical questions that managers must confront as part of their
daily business decision-making.
Managers use several important alternatives when confronted with making
ethical decisions on business issues. These
include:
·
Stockholder Theory – Holds that managers are agents of the stockholders, and their only
ethical responsibility is to increase the profits of the business, without
violating the law or engaging in fraudulent practices.
·
Social Contract Theory - States that companies have ethical responsibility to all members of
society, which allow corporations to exist based on a social contract.
·
Stakeholder Theory - Maintains that managers have an ethical responsibility to manage a firm
for the benefit of all of its stakeholders, which are all individuals and groups
that have a stake in or claim on a company.
Technology Ethics:
Four principles of technology ethics that can serve as the basic ethical
requirements that companies should meet to help ensure the ethical implication
of new information technologies and information systems in business include:
·
Proportionality – the good achieved by the technology must outweigh the harm or risk.
Moreover, there must be no alternative that achieves the same or
comparable benefits with less harm or risk.
·
Informed
consent – those affected by the technology should understand and accept the
risks.
·
Justice – the benefits and burdens of the technology should be distributed
fairly. Those who benefit should
bear their fair share of the risks, and those who do not benefit should not
suffer a significant increase in risk.
·
Minimized risk – even if judged acceptable by the other three guidelines, the
technology must be implemented so as to avoid all unnecessary risk.
Ethical Guidelines:
The Association of Information Technology Professionals (AITP) is an
organization of professionals in the computing field. Its code of conduct outlines the ethical considerations
inherent in the major responsibilities of an IS professional.
Business and end users and IS professionals would live up to their
ethical responsibilities by voluntarily following such guidelines as those
outlined in the AITP standard. You
can be a responsible end user by:
·
Acting with integrity
·
Increasing your
professional competence
·
Setting high standards of
personal performance
·
Accepting responsibility
for your work
·
Advancing the health,
privacy, and general welfare of the public
COMPUTER CRIME
Computer crime is a growing
threat to society by the criminal or irresponsible actions of computer
individuals who are taking advantage of the widespread use of vulnerability of
computers and the Internet and other networks.
It thus presents a major challenge to the ethical use of information
technologies. e-computer crime
poses serious threats to the integrity, safety, and survival of most e-business
systems, and thus makes the development of effective security methods a top
priority.
Computer crime is defined by The Association of Information Technology
professionals (ATIP) as including:
·
The unauthorized use,
access, modification, and destruction of hardware, software, data, or network
resources.
·
The unauthorized release of
information
·
The unauthorized copying of
software
·
Denying an end user access
to his or her own hardware, software, data, or network resources
·
Using or conspiring to use
computer or network resources to illegally obtain information or tangible
property.
Penalties for violation of the U.S. Computer Fraud and Abuse Act include:
·
1 to 5 years in prison for
a first offence
·
10 years for a second
offence
·
20 years for three or more
offences
·
Fines ranging up to
$250,000 or twice the value of stolen data
Hacking:
Hacking is the
obsessive use of computers, or the unauthorized access and use of networked
computer systems. Illegal hackers
(also called crackers) frequently assault the Internet and other networks
to steal or damage data and programs.
Hackers can:
·
Monitor e-mail, web server
access, or file transfers to extract passwords or steal network files, or to
plant data that will cause a system to welcome intruders.
·
Use remote services that
allow one computer on a network to execute programs on another computer to gain
privileged access within a network.
Hackers can:
·
Monitor e-mail, web server
access, or file transfers to extract passwords or steal network files, or to
plant data that will cause a system to welcome intruders.
·
May use remote services
that allow one computer on a network to execute programs on another computer to
gain privileged access within a network
·
Use Telnet, an Internet
tool for interactive use of remote computers, to discover information to plan
other attacks.
Cyber-Theft
Many computer crimes involve the theft of money.
In the majority of cases, they are “inside jobs” that involve
unauthorized network entry and fraudulent alternation of computer databases to
cover the tracks of the employees involved.
Unauthorized Use at Work:
The unauthorized use of a computer system is called time and
resource theft. A common
example is unauthorized use of company-owned computer networks by employees.
This may range from doing private consulting or personal finances, or
playing video games to unauthorized use of the Internet on company networks.
Network monitoring software called sniffers is frequently used to
monitor network traffic to evaluate network capacity, as well as reveal evidence
of improper use.
Software Piracy:
Computer programs are valuable property and thus are the subject of theft
from computer systems. Unauthorized
copying of software or software piracy is a major form of software
theft because software is intellectual property, which is protected by copyright
law and user licensing agreements.
Piracy of Intellectual Property:
Software is not the only intellectual property subject to computer-based
piracy. Other forms of copyrighted
material, such as music, videos, images, articles, books, and other written
works are especially vulnerable to copyright infringement, which most courts
have deemed illegal. Digitised
versions can easily be captured by computer systems and made available for
people to access or download at Internet websites, or can be readily
disseminated by e-mail as file attachments.
The development of peer-to-peer (P2P) networking has made digital
versions of copyrighted material even more vulnerable to unauthorized use.
Computer Viruses and Worms:
One of the most destructive examples of computer crime involves the
creation of computer viruses or worms.
They typically enter a computer system through illegal or borrowed copies
of software or through network links to other computer systems.
A virus usually copies itself into the operating systems programs, and
from there to the hard disk and any inserted floppy disks.
Vaccine programs and virus prevention and detection programs are
available, but may not work for new types of viruses.
Virus - is a program code that
cannot work without being inserted into another program.
Worm - is a distinct program
that can run unaided.
PRIVACY ISSUES
The power of information technology to store and retrieve information can
have a negative effect on the right to privacy of every
individual. For example:
·
Confidential e-mail
messages by employees are monitored by many companies
·
Personal information is
being collected about individuals every time they visit a site on the World Wide
Web
·
Confidential information on
individuals contained in centralized computer databases by credit bureaus,
government agencies, and private business firms has been stolen or misused,
resulting in the invasion of privacy, fraud, and other injustices.
·
Unauthorized use of
information can seriously damage the privacy of individuals.
·
Errors in databases can
seriously hurt the credit standing or reputation of individuals.
Some important privacy issues being debated in business and government
include the following:
·
Accessing individuals’
private e-mail conversations and computer records, and collecting and sharing
information about individuals gained from their visits to Internet Web sites and
newsgroups (violation of privacy).
·
Always “knowing” where
a person is, especially as mobile and paging services become more closely
associated with people rather than places (computer monitoring)
·
Using customer information
to market additional business services (computer matching).
·
Collecting telephone
numbers and other personal information to build individual customer profiles
(unauthorized personal files).
·
Using automated equipment
either to originate calls or to collect caller information (caller
identification).
Privacy on the Internet:
The Internet is notorious for giving its users a feeling of anonymity,
when in actuality; they are highly visible and open to violations of their
privacy. Most of the Internet and
its World Wide Web and newsgroups are still a wide open, unsecured, electronic
frontier, with no tough rules on what information is personal and private.
You can protect your privacy in several ways:
·
Use encryption to send
e-mail (both sender and receiver must have encryption software).
·
Anonymous remailers to
protect your identify when you add comments in newsgroup postings.
·
Ask Internet service
provider not to sell your name and personal information to mailing list
providers, and other marketers.
·
Decline to reveal personal
data and interest on online service and web sites user profiles.
Computer Matching:
Computer matching is the use of
computers to screen and match data about individual characteristics provided by
a variety of computer-based information systems and databases in order to
identify individuals for business, government, or other purposes.
Unauthorized use or mistakes in the computer matching of personal data
can be a threat to privacy. For example, an individual’s personal profile may be
incorrectly matched with someone else.
Privacy Laws:
In the US, the Federal Privacy Act strictly regulates the collection and
use of personal data by governmental agencies.
The law specifies that individuals have the right to inspect their
personal records, make copies, and correct or remove erroneous or misleading
information.
Federal Privacy Act specifies that federal agencies:
·
Must annually disclose the
types of personal data files they maintain.
·
Cannot disclose personal
information on an individual to any other individual or agency except under
certain strict conditions.
·
Must inform individuals of
the reasons for requesting personal information from them.
·
Must retain personal data
records only if it is “relevant and necessary to accomplish” an agency’s
legal purpose.
·
Must establish appropriate
administrative, technical, and physical safeguards to ensure the security and
confidentiality of records.
The U.S. Congress enacted the Electronic Communications Privacy Act and
the Computer Fraud and Abuse Act in 1986. These
federal privacy laws are a major attempt to enforce the privacy of
computer-based files and communications. These
laws prohibit intercepting data communications messages, stealing or destroying
data, or trespassing in federal-related computer systems.
Computer Libel and Censorship
The opposite side of the privacy debate is the right of people to know
about matters others may want to keep private (freedom of information), the
right of people to express their opinions about such matters (freedom of
speech), and the right of people to publish those opinions (freedom of the
press). Some of the biggest
battlegrounds in the debate are the bulletin boards, e-mail boxes, and online
files of the Internet and public information networks, such as America Online
and the Microsoft Network. The
weapons being used in this battle include spamming, flame mail,
libel laws, and censorship.
·
Spamming - is the indiscriminate sending of unsolicited e-mail
messages (spam) to many Internet users. Spamming
is the favorite tactic of mass-mailers of unsolicited advertisements, or junk
e-mail. Spamming has also been
used by cyber criminals to spread computer viruses or infiltrate many computer
systems.
·
Flaming - is the practice of sending extremely critical, derogatory, and often
vulgar e-mail messages (flame mail), or newsgroup postings to other users on the
Internet or online services. Flaming
is especially prevalent on some of the Internet’s special interest newsgroups.
The Internet is very vulnerable to abuse, as it currently lacks formal
policing, and lack of security.
OTHER CHALLENGES
The uses of information technologies in e-business systems include
ethical and societal impacts of e-business in the areas of employment,
individuality, working conditions, and health.
Employment Challenges:
The impact of IT on employment is a major ethical concern
and is directly related to the use of computers to achieve automation of work
activities. The use of e-business
technologies has created new jobs and increased productivity.
However, it has also caused a significant reduction in some types of job
opportunities.
Computer Monitoring:
One of the most explosive ethical issues concerning the quality of
working conditions in e-business is computer monitoring.
Computers are being used to monitor the productivity and behavior of
employees while they work. Supposedly,
computer monitoring is done so employers can collect productivity data about
their employees to increase the efficiency and quality of service.
Computer monitoring has been criticized as unethical because:
·
It is used to monitor
individuals, not just work, and is done continually, thus violating workers’
privacy and personal freedom.
·
Is considered an invasion
of the privacy of employees, because in many cases, they do not know that they
are being monitored, or don’t know how the information is being used.
·
Employee’s right of due
process may be harmed by the improper use of collected data to make personnel
decisions.
·
It increases the stress on
employees who must work under constant electronic surveillance.
·
It has been blamed for
causing health problems among monitored workers.
·
Blamed for robbing workers
of the dignity of their work.
Challenges in Working Conditions:
Information technology has eliminated some monotonous or obnoxious tasks
in the office and the factory that formerly had to be performed by people.
Thus, IT can be said to upgrade the quality of work.
Though, many automated operations are also criticized for relegating
people to a “do-nothing” standby role.
Challenges to Individuality:
A frequent criticism of e-business systems concerns their negative effect
on the individuality of people. Computer-based systems are criticized as:
·
Being impersonal systems
that dehumanize and depersonalize activities, since they eliminate the human
relationships present in noncomputer systems.
Humans feel a loss of identity.
·
Humans feel a loss of
individuality as some systems require a regimentation of the individual, and
demanding strict adherence to detailed procedures.
Computer-based systems can be ergonomically engineered to accommodate human
factors that:
·
Minimize depersonalization
and regimentation.
·
Design software that is
“people-oriented” and “user-friendly.”
HEALTH ISSUES
The use of IT in the workplace raises a variety of health issues.
Heavy use of computers is reportedly causing health problems such as:
·
Job stress
·
Damaged arm and neck
muscles
·
Eye strain
·
Radiation exposure
·
Death by computer-caused
accidents
Ergonomics:
Solutions to some health problems are based on the science of ergonomics,
sometimes called human factors engineering. The goal of ergonomics is to design healthy work environments
that are safe, comfortable, and pleasant for people to work in, thus increasing
employee morale and productivity.
Ergonomics stresses the healthy design of the workplace, workstations,
computers and other machines, and even software packages.
Other health issues may require ergonomic solutions emphasizing job
design, rather than workplace design.
SOCIETAL SOLUTIONS
Computers and networks like the Internet, and other information
technology can have many beneficial effects on society.
IT can be used to solve human and societal problems through societal
solutions such as:
·
Medical diagnosis
·
Computer-assisted
instruction
·
Governmental program
planning
·
Environmental quality
control
·
Law enforcement
There are many significant threats to the security of e-business and
e-commerce. Business managers and
professionals alike are responsible for the security, quality, and performance
of the e-business systems in their business units.
Analyzing Oppenheimer Funds, Cardinal Health, and Exodus
We can learn a lot from this case about security challenges and security
measures needed to protect corporate and financial websites.
Take a few minutes to read it, and we will discuss it (See Oppenheimer
Funds, Cardinal Health, and Exodus in Section IX).
The goal of security management is the accuracy, integrity,
and safety of all e-business processes and resources.
Effective security management can minimize errors, fraud, and losses in
the internetworked computer-based systems that interconnect today’s e-business
enterprises.
INTERNETWORKED SECURITY DEFENSE
Security of today’s internetworked e-business enterprises is a major
management challenge. Vital network
links and business flows need to be protected from external attack by cyber
criminals or subversion by the criminal or irresponsible acts of insiders.
This requires a variety of security tools and defensive measures and a
coordinated security management program.
Encryption
Encryption of data has
become an important way to protect data and other computer network resources
especially on the Internet, intranets, and extranets.
Encryption characteristics include:
·
Passwords, messages, files,
and other data can be transmitted in scrambled form and unscrambled by computer
systems for authorized users only.
·
Encryption involves using
special mathematical algorithms, or keys, to transform digital data into
a scrambled code before they are transmitted, and to decode the data when they
are received.
·
The most widely used
encryption method uses a pair of public and private keys unique to
each individual. For example:
e-mail could be scrambled and encoded using a unique public key for the
recipient that is known to the sender. After
the e-mail is transmitted, only the recipient’s secret private key could
unscramble the message.
·
Encryption programs are
sold as separate products or built into other software used for the encryption
process.
·
There are several competing
software encryption standards, but the top two are RSA and PGP.
Firewalls
Firewall computers and
software is another important method for control and security on the Internet
and other networks. A network
firewall can be a communications processor, typically a router, or a
dedicated server, along with firewall software.
Firewall computers and software characteristics include:
·
A firewall serves as a
“gatekeeper” computer system that protects a company’s intranets and other
computer networks from intrusion by serving as a filter and safe transfer point
for access to and from the Internet and other networks.
·
A firewall computer screens
all network traffic for proper passwords and other security codes, and only
allows authorized transmissions in and out of the network.
·
Firewalls have become an
essential component of organizations connecting to the Internet, because of its
vulnerability and lack of security.
·
Firewalls can deter, but
not completely prevent, unauthorized access (hacking) into computer networks.
In some cases, a firewall may allow access only from trusted locations on
the Internet to particular computers inside the firewall.
Or it may allow only “safe” information to pass.
·
In some cases, it is
impossible to distinguish safe use of a particular network service from unsafe
use and so all requests must be blocked. The
firewall may then provide substitutes for some network services that perform
most of the same functions but are not as vulnerable to penetration.
The Internet is extremely vulnerable to a variety of assaults by criminal
hackers, especially denial of service (DOS) attacks.
Denial of service assaults via the Internet depend on three layers of
networked computer systems, and these are the basic steps e-business companies
and other organizations can take to protect their websites form denial of
service and other hacking attacks.
·
The victim’s website
·
The victim’s Internet
service provider (ISP)
·
The sites of “zombie”
or slave computers that were commandeered by the cyber criminals.
e-Mail Monitoring
Internet and other online e-mail systems are one of the favorite avenues
of attack by hackers for spreading computer viruses or breaking into networked
computers. e-mail is also the
battleground for attempts by companies to enforce policies against illegal,
personal, or damaging messages by employees, and the demands of some employees
and others, who see such policies as violations of privacy rights.
Virus Defenses
Many companies are building defenses against the spread of viruses by
centralizing the distribution and updating of antivirus software, as a
responsibility of there IS departments. Other
companies are outsourcing the virus protection responsibility to their Internet
service providers or to telecommunications or security management companies.
OTHER SECURITY MEASURES
A variety of security measures are commonly used to protect e-business
systems and networks. These include
both hardware and software tools like fault-tolerant computers and security
monitors, and security policies and procedures like passwords and backup files.
Security Codes:
Typically, a multilevel password system is used for
security management.
·
First, an end user logs on
to the computer system by entering his or her unique identification code, or
user ID. The end user
is then asked to enter a password in order to gain access into the system.
·
Next, to access an
individual file, a unique file name must be entered.
Backup Files
Backup files, which are
duplicate files of data or programs, are another important security measure.
·
Files can be protected by
file retention measures that involve storing copies of files from previous
periods.
·
Several generations of
files can be kept for control purposes.
Security Monitors
System security monitors are programs that monitor the use
of computer systems and networks and protect them from unauthorized use, fraud,
and destruction.
·
Security monitor programs
provide the security measures needed to allow only authorized users to access
the networks.
·
Security monitors also
control the use of the hardware, software, and data resources of a computer
system.
·
Security monitors can be
used to monitor the use of computer networks and collect statistics on any
attempts at improper use.
Biometric Controls:
Biometric controls are security
measures provided by computer devices, which measure physical traits that make
each individual unique. This
includes:
·
Voice verification
·
Fingerprints
·
Hand geometry
·
Signature dynamics
·
Keystroke analysis
·
Retina scanning
·
Face recognition
·
Genetic pattern analysis
Computer Failure Controls:
A variety of controls are needed to prevent computer failure or to
minimize its effects. Computer
systems may fail due to:
·
Power failure
·
Electronic circuitry
malfunctions
·
Telecommunications network
problems
·
Hidden programming errors
·
Computer operator errors
·
Electronic vandalism
The information services department typically takes steps to prevent
equipment failure and to minimize its detrimental effects.
For example:
·
Programs of preventative
maintenance of hardware and management of software updates are commonplace
·
Using computers equipped
with automatic and remote maintenance capabilities
·
Establishing standards for
electrical supply, air conditioning, humidity control, and fire prevention
standards
·
Arrange for a backup
computer system capability with disaster recovery organizations.
·
Scheduling and implementing
major hardware or software changes to avoid problems.
·
Training and supervision of
computer operators.
·
Using fault tolerant
computer systems (fail-safe and fail-soft capabilities)
Fault Tolerant Systems [Figure
11.21]
Many firms use fault tolerant computer systems that have redundant
processors, peripherals, and software that provide a fail-over capability
to back up components in the event of system failure.
·
Fail-Safe - Fail-Safe refers to computer systems that continue to operate at the same
level of performance after a major failure.
·
Fail-Soft - Fail-soft refers to computer systems that continue to operate at a
reduced but acceptable level after a system failure.
Hurricanes, earthquakes, fires, floods, criminal and terrorist acts, and
human error can all severely damage an organization's computing resources.
Many organizations, like airlines and banks can be crippled by losing
even a few hours of computing power. That
is why it is important for organizations to develop disaster recovery
procedures and formalize them in a disaster recovery plan.
It specifies which employees will participate in disaster recovery, and
what their duties will be; what hardware, software, and facilities will be used;
and the priority of applications that will be processed.
Arrangements with other companies for use of alternative facilities as a
disaster recovery site and off site storage of an organization's databases are
also part of an effective recovery effort.
SYSTEM
CONTROLS AND AUDITS - [Figure 11.22]
The development of information system controls and the accomplishment of
e-business systems audits are two other types of security management.
Information Systems Controls
Information
systems controls are methods and devices that attempt to ensure the accuracy,
validity, and propriety of information system activities.
Information System (IS) controls must be developed to ensure proper data
entry, processing techniques, storage methods, and information output.
IS controls are designed to monitor and maintain the quality and security
of the input, processing, output, and storage activities of any information
system.
Information systems Business systems should be periodically examined, or
audited, by a company’s internal auditing staff or external auditors from
professional accounting firms. Such audits should review and evaluate whether
proper and adequate security measures and management policies have been
developed and implemented.
An important objective of e-business system audits is testing the
integrity of an application audit trail. An
audit trail can be defined as the presence of documentation that allows a
transaction to be traced through all stages of its information processing.
The audit trail of manual information systems was quite visible and easy
to trace, however, computer-based information systems have changed the form of
the audit trail.
V.
KEY TERMS AND CONCEPTS - DEFINED
Antivirus Software:
Is a software program that is designed to find and eliminate computer
viruses.
Audit Trail:
Periodically examining the accuracy and integrity of information systems.
Auditing e-business Systems:
An information services department should be periodically examined
(audited) by internal auditing personnel. In
addition, periodic audits by external auditors from professional accounting
firms are a good business practice.
Backup Files:
Backup files are duplicate files of data or programs.
These files may be stored off-premises, that is, in a location away from
the computer center, sometimes in special storage vaults in remote locations.
Biometric Security:
Computer-based security methods that measure physical traits and
characteristics such as fingerprints, voice prints, retina scans, and so on.
Business Ethics:
An area of ethical philosophy concerned with developing ethical
principles and promoting ethical behavior and practices in the accomplishment of
business tasks and decision-making.
Computer Crime:
Criminal actions accomplished through the use of computer systems,
especially with intent to defraud, destroy, or make unauthorized use of computer
system resources.
Computer Matching:
Using computers to screen and match data about individual characteristics
provided by a variety of computer-based information systems and databases in
order to identify individuals for business, government, or other purposes.
Computer Monitoring:
Using computers to monitor the behavior and productivity of workers on
the job and in the workplace.
Computer Virus:
Program code that copies its destructive program routines into the
computer systems of anyone who accesses computer systems which have used the
program, or anyone who uses copies of data or programs taken from such
computers. This spreads the
destruction of data and programs among many computer users.
Technically, a virus will not run unaided, but must be inserted
into another program, while a worm is a distinct program that can run
unaided.
Denial of Service:
Is a process whereby hackers overwhelm a website with requests for
service from captive computers.
Disaster Recovery:
Methods for ensuring that an organization recovers from natural and
human-caused disasters that affect its computer-based operations.
Encryption:
To scramble data or convert it, prior to transmission, to a secret code
that masks the meaning of the data to unauthorized recipients.
Similar to enciphering.
Ergonomics:
The science and technology emphasizing the safety, comfort, and ease of
use of human-operated machines such as computers. The goal of ergonomics is to produce systems that are user
friendly, that is, safe, comfortable, and easy to use.
Ergonomics is also called human factors engineering.
Ethical and Societal Impacts of e-Business:
These include (1) employment, (2) individuality, (3) health, (4) privacy,
(5) societal solutions, and (6) working conditions.
Ethical and Societal Impacts of e-Business - Employment:
The impact of IT on employment is a major ethical concern and is directly
related to the use of computers to achieve automation.
IT has created new jobs and increased productivity; however, it has also
caused a significant reduction in some types of job opportunities.
Ethical and Societal Impacts of e-Business - Health:
IT in the workplace raises a variety of health issues including health
problems such as job stress, damaged arm and neck muscles, eyestrain, radiation
exposure, and even death by computer-caused accidents.
Ethical and Societal Impacts of e-Business - Individuality:
Computer-based systems are criticized as being impersonal systems that
dehumanize and depersonalize activities, and eliminate the human relationships
present in manual systems. Humans
feel a loss of individuality as some systems require a regimentation of the
individual, and demand strict adherence to detailed procedures.
Ethical and Societal Impacts of e-Business - Societal Solutions:
IT can have many beneficial effects on society.
It is being used to solve human and societal problems through societal
applications such as medical diagnosis, computer-assisted instruction,
governmental program planning, environmental quality control, and law
enforcement.
Ethical and Societal Impacts of e-Business - Working Conditions:
IT has eliminated some monotonous and obnoxious tasks formerly performed
by people. IT has upgraded the
quality of work, but is also being criticized for relegating people to a
“do-nothing” standby role.
Ethical Foundations:
Ethical choices may result from decision-making processes or behavioral
stages. These include egoism, natural law, utilitarianism, and respect for
persons.
Fault Tolerant:
Computers with multiple central processors, peripherals, and system
software that is able to continue operations even if there is a major hardware
or software failure.
Firewall:
A computer that protects computer networks from intrusion by screening
all network traffic and serving as a safe transfer point for access to and from
other networks.
Flaming:
Flaming
is the practice of sending extremely critical, derogatory, and often-vulgar
e-mail
messages
(flame mail), or electronic bulletin board postings to other users on the
Internet or
online
services.
Hacking:
(1) obsessive use of a computer, (2) the unauthorized access and use of
computer systems.
Information System Controls:
Methods and devices that attempt to ensure the accuracy, validity, and
propriety of information system activities.
Information system controls monitor and maintain the quality and security
of the input, processing, output, and storage activities of any information
system.
Intellectual Property Piracy:
Copyrighted material, such as software, music, videos, images, articles,
books, and other written works are especially vulnerable to copyright
infringement, which most courts have deemed illegal.
Passwords:
A password is used as a security method, which enables computer systems
to identify eligible users and determine which types of information they are
authorized to receive.
Privacy Issues:
Laws that regulate the collection, access, and use of personal data.
Responsible End User:
End user that acts with integrity and competence in the use of IT.
Security Management:
Passwords, identification codes, account codes, and other codes that
limit the access and use of computer-based system resources to authorized users.
Software Piracy:
Unauthorized copying of software.
Spamming:
Spamming is the indiscriminate sending of unsolicited e-mail to many
Internet users. Spamming is the
favorite tactic of mass-mailers of unsolicited advertisements, or junk
e-mail.
System Security Monitor:
Software that controls access and use of a computer system.
Unauthorized Use:
The unauthorized use of a computer system is called time and resource
theft. A common example is
unauthorized use of company-owned computer networks by employees.
VI.
REVIEW QUIZ - Match one of the key terms and concepts
[See
Review Quiz Answers found at the end of the text]
VII. ANSWERS TO DISCUSSION QUESTIONS
1.
What can be done to improve e-commerce security on the Internet?
Give several examples of security measures, and technologies you would
use.
Students’ answers will vary. However,
some issues can be more policing, standard protocols, encryption, secure network
access, security monitors, fire walls, e-mail monitoring, virus defenses,
security codes, backup files, etc.
2.
What potential security problems do you see in the increasing use of
intranets and extranets in business? What
might be done to solve such problems? Give
several examples.
Students’ answers will vary. However,
with the increased business use of intranets and extranets there is no doubt
that the number of potential security problems will also increase.
Issues such as hacking, data alteration, unauthorized data access, etc.
will become prime security problems. As
companies forge ahead in e-commerce and e-business activities, the stakes get
progressively higher, and the potential threat will also increase.
In order to solve such problems, businesses must continue to exercise
caution in areas such as encryption, fire walls, secure Internet sites, security
monitoring, disaster recovery plans, security awareness programs and policies
must be implemented and monitored.
3.
What artificial intelligence techniques can businesses use to improve
computer security and fight computer crime?
Students’ answers will vary, however they could mention the growth in
biometric controls as a possible answer to this question.
These controls are used to measure the physical traits such as voice, eye
retina, face, fingerprints, hand geometry, etc.
4.
What are your major
concerns about computer crime and privacy on the Internet?
What can you do about it? Explain.
Students’ answers will vary, however
many people are concerned about computer crime and privacy on the Internet.
Individuals must express their concern to governments so that proper
action can be taken in this regard. The
Internet offers very little privacy to an individual.
Without your knowing it, cookies are being placed on your machine when
you visit websites. Information is
continually being gathered about your activities and site visits, and this
information is sold to other parties. Individuals
can take care when giving out information, they can ask their ISP providers to
not give out information about them, they should exercise caution in giving out
sensitive information such as charge card numbers, e-mail addresses, addresses,
etc. Personal data should be
carefully guarded, and given out as little as possible if you have a concern
about privacy and crime.
5.
What is disaster recovery? How
could it be implemented at your school or work?
Disaster recoveries are methods for ensuring that an organization
recovers from natural and human caused disasters that affect its computer-based
operations.
Students’ answers will vary. However,
a disaster recovery plan should be developed that specifies which employees will
participate in disaster recovery, what their duties will be, what hardware,
software, and facilities will be used, and the priority of applications that
will be processed. Arrangements
with other companies for use of alternative facilities as a disaster recovery
site and off site storage of an organization's databases are also part of an
effective recovery effort.
5.
Refer to the Real World
Case on MTV Networks and First Citizens Bank in the chapter. What other network security threats besides denial of
service, viruses, and hacker attacks should businesses protect themselves
against? Explain.
MTV Networks are using a new network security software tool to screen
incoming traffic and filter out the hacker distributed denial of service (DDOS)
traffic, while letting legitimate traffic into their websites.
First Citizens Bank uses a new intrusion detection and prevention
software tool to protect its website from destructive computer viruses and
hacker probes and attacks.
Certainly, methods must be developed in order to fight the destruction
that hackers and virus attacks are creating for businesses and consumers.
Companies must use all avenues they can think of to protect themselves
and their computer systems from destructive attacks.
Proper security measures must be implemented, publicized, and maintained
in order to reduce these threats. Education
and diligence are both important keys to reducing much of this problem. Students may also include examples from Figure 11.7 to
illustrate how a company should protect itself from these common hacking
tactics.
7.
Is there an ethical crisis in e-business today?
What role does information technology play in unethical business
practices?
Information technology has made it easier to communicate, work
cooperatively, share resources, and make decisions, all electronically.
However, IT has also made it possible to engage in ethical as well as
unethical practices electronically anywhere in the world.
This possibility has resulted in a massive increase in unethical business
practices. Ethical crisis in e-business is certainly real in today’s
e-business, and companies are scrambling to ensure that they are doing all they
can to curb on this problem.
8.
What are several business decisions that you will have to make as a
manager that have both an ethical and IT dimension?
Give several examples to illustrate your answer.
Managers will be required to face making decisions that will have both
ethical and an IT dimension. For
example, they will make decisions to implement technology to modernize a
manufacturing process will knowing at the same time that they will put hundreds
of workers out of work. They may
also implement systems to monitor their employees while at the same time causing
high levels of employee stress, or invade their privacy.
9.
Refer to the Real World Case on Oppenheimer Funds, Cardinal Health, and
Exodus in the chapter. How should
businesses protect themselves from the spread of cyberterrorism in today’s
internetworked world?
Realizing that no system is 100 percent protected from attack is the
first step. It important that
businesses undertake all the necessary steps they can afford to protect their
corporate data from this type of crime. Businesses
can protect themselves by using a combination of methods as listed in the
chapter. For example, they not only
must protect the corporate data they must also protect the infrastructure
itself. Students
may suggest virus defenses, security codes, backup files, security monitors,
biometric controls, computer failure controls, fault tolerant systems, disaster
recovery plans, controls and audits, firewalls, good common sense.
10.
What would be examples of one positive and one negative effect of the use
of e-business technologies in each of the ethical and societal dimensions in
Figure 11.2? Explain several of your choices.
Employment:
IT has created many new jobs and increased productivity. IT has caused a significant reduction in some types of job
opportunities.
Individuality:
Computer-based systems can be ergonomically engineered to accommodate human
factors. Computer-based systems
eliminate the human relationships present in manual systems.
Working
Conditions: IT has eliminated some monotonous and obnoxious tasks in the office
and the factory that formerly had to be performed by people. Many automated operations relegate people to a
“do-nothing” standby role.
Privacy:
Caller identification may allow users to identify sales people or prank callers.
IT allows supervisors to monitor employees’ private conversations and
records.
Computer
Crime: IT may be used in law enforcement. IT
can be used as a tool in committing crimes.
Health
Issues: IT can be used in medical diagnosis.
Heavy use of computers may cause health problems like job stress, damaged
arm and neck muscles, and eye strain and radiation exposure.
Societal
Solutions: IT can be used to solve human and social problems through societal
applications such as medical diagnosis, computer-assisted instruction,
governmental program planning, environmental quality control, and law
enforcement. Computer-based
information systems can violate antitrust or international laws and regulations.
VIII. ANSWERS TO APPLICATION EXERCISES
1.
Internet Privacy and Anonymity: An
Ethical Dilemma
a)
Do you share the ethical misgivings of the author on this issue?
Why or why not?
Student’s
answers will vary. However, there is no doubt that there are both pros and cons
to the use of software for Internet anonymity.
As pointed out in the case, use of such software can address societal
needs that benefit all of us. Other
uses of such software can be classified as those that result in adversely affect
society and its innocent bystanders.
b)
Should there be unrestricted use of software that provides anonymity on
the Internet? Why or why not?
Again,
this is a subjective question. Unrestricted
use of software that provides anonymity on the Internet can be used for both
illegal and unethical reasons as well as uses for legal and ethical reasons.
c)
If you were able to decide this issue now, how would you decide for
yourself? Your company? For Society? Explain
the reasons for your decisions.
Various
answers are possible. Deciding what is right for the good of all of society should
be what is important. Many people
will make decisions that fit in with their ethical beliefs and values systems.
If these beliefs are strong enough, they are carried over into how they
will conduct themselves within their personal life, company employment, and in
their society as a whole.
2.
Your Internet Job Rights: Three Ethical Scenarios
a)
Do you agree with the advice of attorney Mark Grossman in each of the
scenarios? Why or why not?
b)
What would your advice be? Explain
your positions.
c)
Identify any ethical philosophies, values or models you may be using in
explaining your position in each of the scenarios.
Students’
answers will vary. However, students would be well advised to ensure that they
fully versed on any Internet policies that exist in the workplace.
Certainly, when push comes to show the courts would favor the company
over the individual. Everyone who works knows that the computers and the networks
belong to the company they are working for.
They also should know that surfing the Internet is classified as
service/usage theft, and as such companies have their rights.
3.
American Family Insurance: Evaluating
Security Requirements
a)
Visit a popular business website such as Amazon.com or Yahoo.com, and
complete their registration process if you are not already a customer.
Surf the many parts of the website and evaluate several of its major
features, including search, customer service, purchasing, payment,
personalization, community, and privacy capabilities.
b)
Evaluate the effectiveness of the security at this website based on your
experience, using as many as you can of the ten security criteria developed by
American Family.
c)
Provide several recommendations for improving the security at websites.
Explain the reasons for your recommendation.
American Family Insurance uses a
template that outlines ten security criteria.
These include: Authentication,
authorization, confidentiality and reliability, monitoring and tracking, backup
and recover, physical security, change management, legal requirements, training
and awareness, and contingency planning.
Students’ answers will vary.
However, students should have no problem relating their experience to at
least some of these ten security criteria.
For example, at Amazon, authentication is easy to comment on as you must
identify yourself to their system. If
you shopped before, you have already given them a fair amount of information
which will identify who you are. The
site provides you with a statement of confidentiality and reliability.
While it is impossible to guarantee 100 percent security, companies
should make things as difficult as possible for outsiders or insiders to steal
or damage IT assets.
4.
Tracking Project Work at AAA Systems 2
a)
Build a database table to store the data shown below and enter the
records shown as a set of sample data. (Note
that this table has no natural unique identifier).
A combination of the project name, task name, employee Id and production
week is required to uniquely identify a row in this table.
b)
Create a query that will list the hours worked for all workers who worked
more than 40 hours during production week 20.
c)
Create a report grouped by project that will show the number of hours
devoted to each task on the project and the total number of hours devoted to
each project as well as a grand total of hours worked.
d)
Create a report grouped by employee that will show their hours worked on
each task and total hours worked. The user should be able to select a production
week and have data for just that week presented in the report. (Be sure to keep a copy of your work for this project because
it is used again in a later exercise).
[See Data Solutions Disk]
IX. ANSWERS TO REAL WORLD CASES
Real
World Case 1: MTV Networks and First Citizens Bank
Defending
against Hacker and Virus Attacks
1.
What are the business value and security benefits and limitations of
defense against DDOS attacks like those used by MTV Networks?
Denial
of service (DDOS) is becoming a common networking prank.
By hammering a website’s equipment with too many requests for
information, an attacker can effectively clog the system, slowing performance or
even crashing the site. This method
of overloading computers is sometimes used to cover up an attack.
At MTV are protecting their network servers with a network security
software tool known as Enforcer. This
software uses proprietary hardware to filter out DDOS attacks by building a
statistical model of website traffic when no attack is occurring.
During a DDOS attack, Enforcer identifies data packets associated with
the attack based on their statistical differences from the norm and recommends a
filter that typically blocks 80 percent of the attack packets and about 5
percent of nonattack packets.
The
limitation of course, is that no system can offer 100 percent protection.
For example, in midattack, some attackers switch the packet types, which
results in reducing Enforcer’s effectiveness until it can reanalyze the
situation and recommend a different filter.
The more varied the attack, the less effective the software is.
The
business value to the MTV Network was that it kept their website from being
disrupted during the heavy advertising period surrounding the Video Music
Awards. They estimated that they
actually recouped their $32,000 investment within about two months.
2.
What are the business benefits and limitations of an intrusion-detection
system like that installed at First Citizens?
First
Citizens Bank implemented a network security system to protect its website.
They also installed an intrusion-detection system from Entercept Security
Technologies on their customer-related Internet-facing servers.
The business benefits at First Citizens paid off within days as their
systems kept running smoothly when both a worm and a virus hit.
First Citizen had an immediate ROI on their investment in the new
security system. Entercept also
enabled First Citizens network administrator’s time to thoroughly test patches
and then apply them themselves. The
Entercept software provides intrusion-detection and prevention for host and
application servers and will soon expand the capability to database servers.
The software decides whether to permit a system request into a server
from an external network source based on the signature of the request or
behavior rules.
The
limitation is that no system can offer a company 100 percent protection from
attacks on their systems.
3.
What security defenses should small businesses have to
protect their websites and internal systems?
Explain your choices.
Companies
can attempt to do a number of things to protect themselves from hacker attacks.
Students may suggest some of the following:
·
Virus
defenses
·
Security
codes
·
Backup
files
·
Security
monitors
·
Biometric
controls
·
Computer
failure controls
·
Fault
tolerant systems
·
Disaster
recovery plans
·
Controls
and audits
·
Firewalls
·
Just
plain good old common sense.
Real
World Case 2: Oppenheimer Funds, Cardinal Health, and Exodus
IT Security
Management Qualifications
1.
Why mix of skills is most sought after for IT security specialists?
Why is this mix important in business?
Most
companies today are looking for individuals who can be a jack-of-all-trades –
someone who can administer any brand and version of firewall and intrusion
detection, is network-savvy, can code, and is versed in new technologies.
They are also looking for individuals who are knowledgeable in terms of
return on investment to sell projects to executives and who knows everything
about the client’s business, including its regulatory issues.
In today’s business environment, companies want employees who are more
generalists that specialists in one area. They
require a wide range of technical, business, and people skills to meet the major
IT security management challenges of the networked business world.
2.
Why must IT security executives in business have the mix of skills and
experience outlined in the case?
The
mix of technical, business, and people skills are crucial in today’s networked
environment. IT security executives
no longer work in a limited domain of expertise.
Today, these individuals must possess experience and expertise in dealing
with issues in areas like government liaison, international regulations, and
cyberterrorism in order to lead the IT security management function in large
companies. As stated in the case,
“security executives must be expert in government regulations, cyberterrorism
protection, private-/public-sector partnerships to support the critical IT
infrastructure, and homeland security, even physical security.
3.
What other skills do you think are important to have
for effective IT security management? Explain
your choices.
Students’
answers will vary in response to this question.
The case itself emphasizes technical, business and people skills.
Other things that students may suggest may include the ability and desire
to learn new skills, being a team player, buying into the company mission,
facilitators skills, change management leaders, mentors for others, liaison
abilities, and leadership skills. A
lot of the soft skills can go a long way towards winning turning a reluctant
customer over to your way of thinking.
Real
World Case 3: Brandon Internet Services and PayPal
The Business Value of Cyberforensics
1.
What are the business benefits and limitations of the cybercrime
investigative work done by firms like Brandon Internet Services?
Businesses
are protecting themselves by hiring firms like Brandon Internet Services to
detect cases of employee wrongdoing and electronic crimes. Brandon Internet Services can set up alarms and traps to
watch and catch intruders and criminals within their networks.
Criminal activity can be discovered quickly, in fact it takes them only
hours to do what had traditionally taken weeks or months to accomplish through
court and law enforcement channels. Investigative
firms like Brandon however do not impose sanctions on the criminals.
Their job is to discover, validate, and document the evidence then turn
it over to the client or sometimes to the authorities to deal with.
2.
When should a company use cyberforensic investigative services like those
offered by Predictive Systems? Check
out their website to help your answer.
Companies
are use cyberforensic and investigative services like those offered by
Predictive Systems Inc to protect their businesses and their online customers
from the cyberterrorism and criminal activity.
If a company feels under threat from these criminal activities there is
no real reason why they should not use these types of services.
In fact, using these systems may be the one thing that may protect some
companies from going bankrupt.
3.
What is the business value of their cyberforensic and investigative
capabilities to PayPal? Would you
trust PayPal for your online payment transactions?
Why or why not?
The business value of their
cyberforensic and investigative capabilities to PayPal was that they were
actually able to reduce PayPal fraud rates to 0.5 percent – well below the
average e-business fraud rate of 1.3 to 2.6 percent.
Whether or not a student would trust PayPal is a personal issue – there
is no yes or no answer.
Real
World Case 4: Providence Health Systems and Others
Challenges
of IT Security Management
1.
What is there a growing need for IT security defenses and management in
business? What challenges does this
pose to effective IT security management?
With
the increasing need to open internal networks to outside access, there is a
growing need for IT security defenses and management.
The challenge posed by this threat is to provide protection for network
and data center security on both the IT front and the physical structure.
The challenge is to add multiple layers of protection and redundancy
around the data center and its hardware, software, databases, and network links,
while still maintaining the levels of service demanded by the business.
The need for such protection is being driven by both the increasing
threat of cybercrimes and the growing use of the Internet to link companies with
partners and customers. The more
ports a company opens in their firewall the more vulnerable they become.
Coupled with this is the growing need to link business systems with
external partners and suppliers, and the growing number of remote workers and
the trend toward wireless applications. For
a company, this challenge means finding better ways of identifying and
authenticating users and controlling the access they have on the network.
2.
What are some of the IT security defenses companies are using to meet
these challenges? Use each of the
companies in this case as an example.
On
the physical side, companies are boosting their business continuity and disaster
recovery capabilities by buying and building redundant hardware and facilities
or paying for such services, and geographically separating their IT assets.
The technology effort is focused on supplementing traditional network
firewall protection with newer intrusion monitors, access control tools, and
tougher IT usage policies.
Providence
Health Systems – does not permit external Internet connections or wireless
access to terminate on any internal machine.
By doing this, they are able to end the connections outside the firewall
and then screen all external requests through secure network services.
Link
Staffing Services Inc. = uses antivirus and e-mail filtering tools which use new
measures aimed at reducing the risk of attach via e-mail.
The company prohibits attacks of certain types and sizes on its network.
All Internet-based chatting is banned, and users are not allowed to download and
install software. Scripting
functions are disabled to prevent unauthorized scripts from wreaking havoc.
Link Staffing uses a secure virtual private network (VPN) service to
connect its 45 remote sites. The
VPN provides firewall and encryption services, but Link placed an extra firewall
in front of the VPN.
3.
Do you agree with IT usage policies of Link Staffing?
The security audit policies of Cervalis?
Why or why not?
Link
Staffing: Link Staffing has a tough
IT usage policy that employees must abide by.
Failure to comply can result in termination.
To enforce the policy, the company uses monitoring and auditing tools to
inventory employee computer usage. Whether
or not students’ agree with the IT usage policies of Link Staffing or not is
debatable. Some students may feel
that the company has gone too far, and in effect may be stifling employees in
doing their jobs effectively. Other
students may feel that the company has no choice but to protect itself using
such stringent policies.
Cervalis
security begins at its ingress points – where the Internet meets its networks.
The company uses strict port control and management on all of its
Internet-facing routers to ensure that open ports don’t provide access for
malicious attackers. Redundant,
load-balanced firewalls that are sandwiched between two layers of content
switches filter all traffic coming in from the Internet.
Network-based intrusion-detection systems are sprinkled throughout the
network. Cervalis also audit IT
security by regularly going through a checklist of maintenance items.
Periodic reviews and external audits are also used to ensure that there
is adequate security. Again, whether students agree with their methodology or IT
security practices is debatable. Some
may feel that it is an invasion on employee privacy – others may feel that it
is absolutely necessary.
Real
World Case 5: The Doctor’s Co. and Rockland Trust
Outsourcing IT Security Management
1,
What are the benefits and limitations for a business of outsourcing IT
security management according to the companies in this case?
Benefits:
·
MSSP
enabled them to establish a reasonable intrusion-detection system without having
to have the required expertise in-house with the abilities and knowledge
required to integrate the systems and monitor them.
·
MSSP
reviews and correlates audit information from different sources, weeds out false
security threats, and alert the company to security events and how to respond.
·
Savings
are realized by outsourcing security event monitoring rather than a company
attempting to do it themselves.
Limitations:
·
Always
the chance that the MSSP may not stay in business.
·
Service
providers differ in terms of the devices they monitor and how they correlate and
analyze the information they collect. Vendor’s
profitability boils down to how well they automate security event correlation
and analysis, which can be very time-consuming and expensive if done manually.
·
Not
all providers offer equal monitoring coverage.
2.
What are the benefits and limitations to a business of using “pure
play” IT security management companies like Counterpane and Ubizen?
Visit their websites to help your answer.
Counterpane
and Ubizen are classified as “pure plays,” – meaning specialized IT
security providers that offer vendor-neutral coverage from a range of vendors.
These service providers offer more security services than some of the
other providers who may not offer a service that you want.
For example, Counterpane and Ubizen both provide monitoring, and provide
their clients with analyzed audit data from all their systems, networks, and
nonsecurity devices.
3.
What are the benefits and limitations of outsourcing IT security
management to vendors like Symantec and Network Associates.
Visit their websites to help your answer.
Benefits:
·
Symantec
and Network Associates offer security products but are expanding to offer add-on
security monitoring services.
Limitations:
·
Both
of these companies will service only their own antivirus and intrusion-detection
products.
·
They
monitor only third-party firewalls and VPN devices from vendors with which they
have strategic partnerships that may require some users to reinstall only
supported products.
Students
may also suggest some of the following benefits and limitations of these types
of services.
·
Security
experts are scarce and expensive to have on staff on a full time basis.
There is a high financial cost to hire and train security managers.
Outsourcing provides an affordable way to gain excess to this expertise.
·
Outsourcers
can configure and maintain equipment and buy in bulk, saving their customers
money.
·
Outsourcing
provides a good step to value-added monitoring services.
·
Outsourcers
can maintain firewalls and prevent attacks on corporate networks, and they can
also monitor the networks in real time and block attackers.
·
Outsourcing
enables the company to demonstrate and ensure their customers of website
security.
Limitations:
·
Outsourcers
may overlook vulnerable things such as open ports and misconfigured routers.
·
Outsourcing
firewalls and other security measures designed to resist attacks, stop hackers,
and police everything going in and out of the network.
·
Organizations
view security of their information a key component to their success and
survival. Any type of act that results in damaging the company in reputation or
financial picture can have devastating results. These could be simple acts such
as defacing their corporate website page, or actually damaging, stealing, or
selling vital data.
·
Outsourcer
may not have the same skill levels of the sophisticated hacker and no
outsourcing company can guarantee 100% security.
=================================
13
Computer
Hardware
I.
CHAPTER OVERVIEW
Foundation Concepts: Computer
Hardware, reviews trends and developments in microcomputer,
midrange, and mainframe computer systems; basic computer system concepts; and
the major types of technologies used in peripheral devices for computer input,
output, and storage.
Computer
Systems – Major types of computer systems are summarized in Figure 13.2.
A computer is a system of information processing components that perform
input, processing, output, storage, and control functions.
Its hardware components include input and output devices, a central
processing unit (CPU), and primary and secondary storage devices.
The major functions and hardware in a computer system are summarized in
Figure 13.9
Microcomputer Systems –
Microcomputers are used as personal computers, network computers, personal
digital assistants, technical workstations, and information appliances. Like most computer systems today, microcomputers are
interconnected in a variety of telecommunications networks.
This typically includes local area networks, client/server networks,
intranets and extranets, and the Internet.
Other Computer Systems – Midrange
computers are increasingly used as powerful network servers, and for many
multiuser business data processing and scientific applications. Mainframe computers are larger and more powerful than most
midsize computers. They are usually
faster, have more memory capacity, and can support more network users and
peripheral devices. They are
designed to handle the information processing needs of large organizations with
high volumes of transaction processing, or with complex computational problems.
Supercomputers are a special category of extremely powerful mainframe
computer systems designed for massive computational assignments.
II. LEARNING OBJECTIVES
Learning Objective
·
Identify the major types,
trends, and uses of microcomputer, midrange and mainframe computer systems.
·
Outline the major
technologies and uses of computer peripherals for input, output, and storage.
·
Identify and give examples
of the components and functions of a computer system.
·
Identify the computer
systems and peripherals you would acquire or recommend for a business of your
choice, and explain the reasons for your selections.
III. TEACHING SUGGESTIONS
This chapter introduces a great deal of basic terminology, which is
essential for the students to be computer literate. Unless the students taking this course are already familiar
with computer hardware terminology, this chapter should be covered thoroughly,
to provide technical background. Since
some students may feel overwhelmed with the amount of new terminology introduced
in this chapter, the material may require more time than other chapters.
In discussing this chapter, it is very effective if the instructor can
bring a number of the devices discussed in the chapter into the classroom.
These could include motherboards, different types of input devices, RAM
chips, CD-RW burners, and old worn out hard drives which have been taken out of
their sealed case, etc. By showing and demonstrating these products students are
better able to grasp the concepts of the chapter.
Figure 13.2 illustrates the
three major categories of computer systems with a variety of characteristics and
capabilities. Figure 13.9 illustrates that a computer is a system of
hardware components, which are organised according to the functions of input,
processing, output, storage, and control. Figure
13.20 illustrates how storage media cost, speed, and capacity tread-offs
have changed over time. The figure
illustrates how cost increases with faster access speeds, but decreases with the
increased capacity of storage media.
IV.
LECTURE NOTES
INTRODUCTION
All computers are systems of input, processing, output, storage, and
control components. Technology is
evolving at a rapid pace, and new forms of input, output, processing, and
storage devices continue to enter the market.
We can learn a lot about innovative business uses of PDAs from this case.
Take a few minutes to read it, and we will discuss it (See City of
Richmond and Tim Beaty Builders in Section IX).
There are several major categories of computer systems with a variety of
characteristics and capabilities. Thus,
computer systems are typically classified as:
·
Mainframe computers
·
Midrange computers
·
Microcomputers
These categories are attempts to describe the relative computing power
provided by different computing platforms or types of computers therefore, they
are not precise classifications.
Some experts predict the merging or disappearance of several computer
categories. They feel that many
midrange and mainframe systems have been made obsolete by the power and
versatility of client/server networks of microcomputers and servers.
Most recently, some industry experts have predicted that the emergence of
network computers and information appliances for applications on the
Internet and corporate intranets will replace many personal computers,
especially in large organisations and in the home computer market.
MICROCOMPUTER SYSTEMS
Microcomputers are the
smallest but most important categories of computers systems for business people
and consumers. They are also
referred to as personal computers (or PCs).
The computing power of current microcomputers exceeds that of the
mainframe computers of previous generations at a fraction of their cost.
They have become powerful-networked professional workstations
for use by end users in business.
Microcomputers
Microcomputers
Microcomputers
categorised by size
categorised by use
categorised by special purpose
1. Handheld
1. Home
1. Workstation Computers
2. Notebook
2. Personal
2. Network Servers
3. Laptop
3. Professional
3. Personal Digital Assistants
4. Portable
4. Workstation
5. Desktop
5. Multi-user Systems
6. Floor-standing
Workstation Computers - some
microcomputers are powerful workstation computers (technical work stations) that
support applications with heavy mathematical computing and graphics display
demands such as computer-aided design (CAD) in engineering, or investment and
portfolio analysis in the securities industry.
Network Servers - are usually
more powerful microcomputers that co-ordinate telecommunications and resource
sharing in small local area networks (LANs), and Internet and intranet websites.
This is the fastest growing microcomputer application category.
Network Computers:
·
Network
Computers (NCs) are a major new microcomputer category designed primarily for use
with the Internet and corporate intranets by clerical workers, operational
employees, and knowledge workers with specialised or limited computing
applications.
In-between NCs and full-featured PCs are stripped-down PCs known as NetPCs
or legacy-free PCs. NetPCs
are designed for the Internet and a limited range of applications within a
company. Examples are: Dell’s
Webpc, Compaq’s IPaq, HP’s e-PC, and eMachine’s eOne.
Network computers (also called thin clients) are low-cost, sealed,
networked microcomputers with no or minimal disk storage.
Users of network computers depend primarily on Internet and intranet
servers for their operating system and web browser, Java-enabled application
software, and data access and storage.
Main attractions of network computers over full-featured PCs are their
low cost to:
·
Purchase
·
Upgrade
·
Maintenance
·
Support
Other benefits to businesses include:
·
Ease of software
distribution and licensing
·
Computing platform
standardisation
·
Reduced end user support
requirements
·
Improved manageability
through centralised management and enterprisewide control of computer network
resources.
Information Appliances
The market is offering a number of gadgets and information appliances
that offer users the capability to perform enable host of basic computational
chores. Examples of some
information appliances include:
·
Personal
Digital Assistants - (PDAs) are designed for
convenient mobile communications and computing. PDAs use touch screens, pen-based handwriting
recognition, or keyboards to help mobile workers send and receive E-mail, access
the Web, and exchange information such as appointments, to-do lists, and sales
contacts with their desktop PCs or web servers.
·
Set-top boxes and
video-game consoles that connect to home TV sets.
These devices enable you to surf the Web or send and receive E-mail and
watch TV programs or play video games at the same time.
·
Wireless PDAs and cellular
and PCS phones and wired telephone-based appliances that can send and receive
E-mail and access the Web.
Computer Terminals
Computer terminals are undergoing
a major conversion to networked computer devices.
For example:
·
Dumb terminals are keyboard/video monitor devices with limited processing capabilities,
to intelligent terminals, which are modified networked PCs, network
computers or other microcomputer-powered network devices.
Intelligent terminals can perform data entry and some information
processing tasks independently.
·
Networked terminals which may be Windows terminals that are dependent on network servers for
Windows software, processing power, and storage, or Internet terminals, which
depend on Internet or intranet website servers for their operating systems and
application software.
·
Transaction
terminals are a form of intelligent terminal.
Uses can be found in banks retail stores, factories, and other work
sites. Examples are ATM’s,
factory production recorders, and POS terminals.
Midrange computers, including
minicomputers and high-end network servers, are multi-user systems that can
manage networks of PCs and terminals. Characteristics
of midrange computers include:
·
Generally, midrange
computers are general-purpose computers that are larger and more powerful than
most microcomputers but are smaller and less powerful than most large
mainframes.
·
Cost less to buy, operate,
and maintain than mainframe computers.
·
Have become popular as
powerful network servers to help manage large Internet websites, corporate
intranets and extranets, and client/server networks.
·
Electronic commerce and
other business uses of the Internet are popular high-end server applications, as
are integrated enterprisewide manufacturing, distribution, and financial
applications.
·
Data warehouse management,
data mining, and online analytical processing are contributing to the growth of
high-end servers and other midrange systems.
·
First became popular as minicomputers
for scientific research, instrumentation systems, engineering analysis, and
industrial process monitoring and control.
Minicomputers could easily handle such uses because these applications
are narrow in scope and do not demand the processing versatility of mainframe
systems.
·
Serve as industrial
process-control and manufacturing plant computers and they play a major role in
computer-aided manufacturing (CAM).
·
Take the form of powerful
technical workstations for computer-aided design (CAD) and other computation and
graphics-intensive applications.
·
Are used as front-end
computers to assist mainframe computers in telecommunications processing and
network management.
·
Can function in ordinary
operating environments (do not need air conditioning or electrical wiring).
·
Smaller models of
minicomputers do not need a staff of specialists to operate them.
MIDRANGE COMPUTER APPLICATIONS
·
Serve as industrial
process-control and manufacturing plant computers.
·
Play a major role in
computer-aided manufacturing (CAM).
·
Serve as powerful technical
workstations for computer-aided design (CAD) and other computation and
graphics-intensive applications
·
Serve as front-end
computers to assist mainframe computers in telecommunications processing and
network management.
Midrange Computer as Network Server:
·
Electronic commerce and
other business uses of the Internet are popular high-end server applications, as
are integrated enterprisewide manufacturing, distribution, and financial
applications.
·
Other applications, like
data warehouse management, data mining, and online analytical processing are
contributing to the growth of high-end servers and other midrange systems.
·
Serve as powerful network
servers to help manage large Internet web sites, corporate Intranets and
extranets, and client/server networks
Mainframe computers are
large, fast, and powerful computer systems.
Characteristics of mainframe computers include:
·
They are physically larger
and more powerful than micros and minis.
·
Can process hundreds of
millions of instructions per second (MIPS).
·
Have large primary storage
capacities. Main memory capacity
can range from hundreds of megabytes to many gigabytes of primary storage.
·
Mainframes have slimmed
down drastically in the last few years, dramatically reducing air-conditioning
needs, electronic power consumption, and floor space requirements, and thus
their acquisition and operating costs.
·
Sales of mainframes have
increased due to cost reductions and the increase in applications such as data
mining and warehousing, decision support, and electronic commerce.
Mainframe Computer Applications:
·
Handle the information
processing needs of major corporations and government agencies with many
employees and customers.
·
Handle enormous and complex
computational problems.
·
Used in organisations
processing great volumes of transactions.
·
Handle great volumes of
complex calculations involved in scientific and engineering analyses and
simulations of complex design projects.
·
Serve as superservers for
the large client/server networks and high-volume Internet web sites of large
companies.
·
Are becoming a popular
business-computing platform for data mining and warehousing, and electronic
commerce applications.
Supercomputer Systems:
The term supercomputer describes a category of extremely
powerful computer systems specifically designed for scientific, engineering, and
business applications requiring extremely high-speeds for massive numeric
computations.
Supercomputer Applications:
·
Used by government research
agencies, large universities, and major corporations.
·
Are used for applications
such as global weather forecasting, military defence systems, computational
cosmology and astronomy, microprocessor research and design, large scale data
mining, large time-sharing networks, and so on.
·
Use parallel processing
architectures of interconnected microprocessors (which can execute many
instructions at the same time in parallel).
·
Can perform arithmetic
calculations at speeds of billions of floating-point operations per second
(gigaflops). Teraflop (1 trillion
floating-point operations per second) supercomputers, which use advanced
massively parallel processing (MPP) designs of thousands of interconnected
microprocessors, are becoming available.
·
Purchase price for large
supercomputers are in the $5 million to $50 million range.
Mini-supercomputers:
The use of symmetric multiprocessing (SMP) and distributed shared memory
(DSM) designs of smaller numbers of interconnected microprocessors has spawned a
breed of mini-supercomputer with prices that start in the hundreds
of thousands of dollars.
As a business professional, you do not need a detailed technical
knowledge of computers. However,
you do need to understand some basic facts and concepts about computer systems.
This should help you be an informed and productive user of computer
system resources.
A computer is a system, an interrelated combination of components
that perform the basic system functions of input, processing, output, storage,
and control, thus providing end users with a powerful information-processing
tool. Understanding the computer as
a computer system is vital to the effective use and management of
computers.
A computer is a system of hardware devices organised according to the
following system functions:
·
Input.
Examples
of some input devices of a computer system include:
1. Keyboards
2. Touch Screens
3. Light Pens
4. Electronic Mice
4. Optical Scanners
5. Voice Input
They convert data into electronic machine-readable form for direct entry
or through a telecommunications network into a computer system.
·
Processing.
The
central processing unit (CPU) is the main processing component of a computer
system. (In microcomputers,
it is the main microprocessor). One
of the CPU’s major components is the arithmetic-logic unit (ALU)
that performs the arithmetic and logic functions required in computer
processing.
Components of the CPU include:
1. Control Unit
2. Arithmetic-Logic Unit
3. Primary Storage Unit
·
Output.
Convert
electronic information produced by the computer system into human-intelligible
form for presentation to end-users.
Examples of output devices include:
1. Video Display Units
2. Audio Response Units
3. Printers
·
Storage.
The
storage function of a computer system is used to store data and program
instructions needed for processing.
Storage devices include:
1. Primary Storage
Unit (main memory)
2. Secondary Storage
Devices (magnetic disk and tape units, optical disks)
·
Control.
The
control unit of a CPU interprets computer program instructions and
transmits directions to the other components of the computer system.
Computer Processing Speeds:
Operating speeds of computers are measured in a number of ways.
For example:
·
Milliseconds -
Thousands of a second.
·
Microseconds
– Millionths of a second.
·
Nanoseconds – Billionth of a second
·
Picosecond – Trillionth of a second
Other terminology used includes:
·
Teraflop – used by some supercomputers
·
MIPS – Million instructions per second
·
Megahertz (MHz)
– Millions of cycles per second
·
Gigahertz (GHz) – Billions of cycles per second
·
Clock Speed – used to rate microprocessors by the speed of their timing circuits
and internal clock.
INTRODUCTION
A computer is just a high-powered “processing box” without
peripherals. Your personal
computing needs will dictate the components you choose for our particular
computing needs.
We can learn a lot about the business value of consolidating computer
operations and systems from this case. Take
a few minutes to read it, and we will discuss it (See United Technologies and
Eastman Kodak in Section IX).
PERIPHERALS
Peripherals are the
generic name for all input, output, and secondary storage devices that are part
of a computer system. Peripherals
depend on direct connections or telecommunications links to the central
processing unit of a computer system. Thus,
all peripherals are online devices, that is, separate from, but
can be electronically connected to and controlled by, a CPU.
This is the opposite of off-line devices, which are
separate from and not under the control of the CPU.
There has been a major trend toward the increased use of input
technologies that provide a more natural user interface for
computer users. More and more data and commands are being entered directly and
easily into computer systems through pointing devices like electronic mice and
touch pads, and technologies like optical scanning, handwriting recognition, and
voice recognition.
POINTING DEVICES
Keyboards are still the most widely used devices for entering data and
text into computer systems. However,
pointing devices are a better alternative for issuing commands,
making choices, and responding to prompts displayed on your video screen.
They work with your operating system’s graphical user interface
(GUI), which presents you with icons, menus, windows, buttons, bars, and so on,
for your selection. Examples of
pointing devices include:
·
Electronic
Mouse - A device used to move the cursor on the screen, as well
as to issue commands and make icon and menu selections.
·
Trackball - A device used to move the cursor on the display screen.
·
Pointing Stick - A small buttonlike device, sometimes likened to the eraser head of a
pencil. The cursor moves in the
direction of the pressure you place on the track point.
·
Touchpad - A small rectangular touch-sensitive surface usually placed below the
keyboard. The cursor moves in the
direction your finger moves on the pad.
·
Touch Screens - A device that accepts data input by the placement of a finger on or
close to the CRT screen.
PEN-BASED COMPUTING
Pen-based computing
technologies are being used in many hand-held computers and personal digital
assistants. These small PCs and
PDAs contain fast processors and software that recognises and digitises
handwriting, hand printing, and hand drawing.
They have a pressure-sensitive layer like a graphics pad under their
slatelike liquid crystal display (LCD) screen.
A variety of penlike devices are available:
·
Digitizer Pen - A photoelectronic device that can be used as a pointing device, or used
to draw or write on a pressure-sensitive surface of a graphics tablet.
·
Graphics Tablet
- A device that allows an end user to draw or write on a
pressure-sensitive tablet and has their handwriting or graphics digitised by the
computer and accepted as input.
SPEECH RECOGNITION SYSTEMS
Speech recognition and voice
response (in their infancy) promise to be the easiest method of data entry, word
processing, and conversational computing, since speech is the easiest, most
natural means of human communication.
Speech recognition systems analyse and classify speech or vocal tract
patterns and convert them into digital codes for entry into a computer system.
Early voice recognition products used discrete speech recognition,
where you had to pause between each spoken word.
New continuous speech recognition (CSR) software recognises
controlled, conversationally paced speech.
Examples of continuous speech recognition software include:
·
NaturallySpeaking by Dragon
Systems
·
ViaVoice by IBM
·
VoiceXpress by Lernout
& Hauspie
·
FreeSpeech by Philips
Areas where speech recognition systems are used include:
·
Manufacturers use it for
inspection, inventory, and quality control
·
Airlines and parcel
delivery companies use it for voice-directed sorting of baggage and parcels
·
Voice activated GPS systems
are being used in advanced car design
·
Physicians use it to enter
and printout prescriptions
·
Gemmologists use it to free
up their hands when inspecting and grading precious stones
·
Handicapped individuals use
voice-enabled software to operate their computers, e-mail, and surf the World
Wide Web.
Speaker-independent voice
recognition systems allow a computer to understand a few words from a voice it
has never heard before. They enable
computers to respond to verbal and touch-tone input over the telephone.
Examples include:
·
Computerized telephone call
switching
·
Telemarketing surveys
·
Bank pay-by-phone
bill-paying services
·
Stock quotations services
·
University registration
systems
·
Customer credit and account
balance inquiries
OPTICAL SCANNING
Optical scanning devices read
text or graphics and convert them into digital input for a computer.
Optical scanning enables the direct entry of data from source documents
into a computer system. Popular uses of optical scanning include:
·
Scanning pages of text and
graphics into your computer for desktop publishing and web publishing
applications.
·
Scan documents into your
system and organize them into folders as part of a document management library
system for easy reference or retrieval.
There are many types of optical scanners, but they all employ
photoelectric devices to scan the characters being read. Reflected light
patterns of the data are converted into electronic impulses that are then
accepted as input into the computer system.
Optical scanning technology known as optical character recognition
(OCR) can read special-purpose characters and codes. OCR scanners are used to read characters and codes on:
·
Merchandise tags
·
Product labels
·
Credit card receipts
·
Utility bills
·
Insurance premiums
·
Airline tickets
·
Sort mail
·
Score tests
·
Process business and
government forms
Devices such as handheld optical scanning wands are used to
read OCR coding on merchandise tags and other media.
Many business applications involve reading bar code, a code that
utilises bars to represent characters. One
common example is the Universal Produce Code (UPC) bar coding that you see on
packages of food items and many other products.
·
Magnetic stripe technology is a familiar form of data entry that helps computers read
credit cards. The dark magnetic
stripe on the back of such cards is the same iron oxide coating as on magnetic
tape.
·
Smart cards that embed a microprocessor chip and several kilobytes of memory into
debit, credit, and other cards are popular in Europe, and becoming available in
the United States.
·
Digital cameras and digital video cameras enable you to shoot, store, and download still
photos or full motion video with audio into your PC.
·
Magnetic ink character
recognition (MICR) is machine recognition of characters printed with magnetic ink.
Primarily used for check processing by the banking industry.
Computers provide information in a variety of forms. Video displays and
printed documents have been, and still are, the most common forms of output from
computer systems. But other natural
and attractive output technologies such as voice response systems
and multimedia output are increasingly found along with video displays in
business applications.
VIDEO OUTPUT
Video displays are the most common type of computer output.
Most desktop computers rely on video monitors that use cathode
ray tube (CRT) technology. Usually,
the clarity of the video display depends on the type of video monitor you use
and the graphics circuit board installed in your computer.
A high-resolution, flicker-free monitor is especially important if you
spend a lot of time viewing multimedia on CDs or the Web, or complex graphical
displays of many software packages.
The biggest use of liquid crystal displays (LCDs) is to
provide a visual display capability for portable microcomputers and PDAs.
LCD displays need significantly less electric current and provide a thin,
flat display. Advances in
technology such as active matrix and dual scan capabilities have
improved the color and clarity of LCD displays.
PRINTED OUTPUT
After video displays, printed output is the most common form of output
displays. Most personal computer
systems rely on inkjet or laser printers to produce permanent (hard copy) output
in high-quality printed form. Printed
output is still a common form of business communications, and is frequently
required for legal documentation.
·
Inkjet printers - Spray ink onto a page one line at a time. They are popular, low-cost printers for microcomputer
systems. They are quiet, produce
several pages per minute of high-quality output, and can print both
black-and-white and high-quality colour graphics.
·
Laser Printers - Use an electrostatic process similar to a photocopying machine to
produce many pages per minute of high-quality black-and-white output.
More expensive colour laser printers and multifunction inkjet and laser
models that print, fax, scan, and copy are other popular choices for business
offices.
STORAGE TRADE-OFFS
Data and information need to be stored after input, during processing,
and before output. Computer-based
information systems rely primarily on the memory circuits and secondary storage
devices of computer systems to accomplish the storage function.
Major trends in primary and secondary storage methods:
·
Progress in very-large
scale integration (VLSI), which packs millions of memory circuit elements on
tiny semiconductor memory chips, are responsible for continuing increases in the
main-memory capacity of computers.
·
Secondary storage
capacities are also expected to escalate into the billions and trillions of
characters, due primarily to the use of optical media.
Storage Trade-offs: Speed, capacity, and cost relationships.
·
Note the
cost/speed/capacity trade-offs as one moves from semiconductor memories to
magnetic media, such as magnetic disks and tapes, to optical disks.
·
High-speed storage media
cost more per byte and provide lower capacities.
·
Large capacity storage
media cost less per byte but are slower
·
Semiconductor memories are
used mainly for primary storage, though they are sometimes used as high-speed
secondary storage devices.
·
Magnetic disk and tape and
optical disk devices are used as secondary storage devices to greatly enlarge
the storage capacity of computer systems.
·
Most primary storage
circuits use RAM (random access memory) chips, which lose their contents when
electrical power is interrupted
·
Secondary storage devices
provide a more permanent type of storage media for storage of data and programs.
Computer Storage Fundamentals: [Figure
13.20]
Data is processed and stored in a computer system through the presence or
absence of electronic or magnetic signals in the computer’s circuitry in the
media it uses. This is called a
"two-state" or binary representation of data, since the
computer and media can exhibit only two possible states or conditions - ON (1)
or OFF (0).
Computer storage elements:
·
Bit - is
the smallest element of data, (binary digit) which can have a value of zero or
one. The capacity of memory chips
is usually expressed in terms of bits.
·
Byte - is
the basic grouping of bits that the computer operates as a single unit.
It typically consists of 8 bits and is used to represent one character of
data in most computer coding schemes (e.g. 8 bits = 1 byte).
The capacity of a computer’s memory and secondary storage devices is
usually expressed in terms of bytes.
ASCII
(American Standard Code for Information Interchange)
EBCDIC
(Extended Binary Coded Decimal Interchange Code) Pronounced:
EB SEE DICK
Storage capacities are frequently measured in:
·
Kilobyte =
1,000 bytes
·
Megabyte =
1,000,000 bytes
·
Gigabyte
= 1,000,000,000 bytes
·
Terabyte
= 1,000,000,000,000 bytes
·
Petabyte =
1,000,000,000,000,000 bytes
·
Exabyte
= 1,000,000,000,000,000,000 bytes
·
Zettabyte = 1,000,000,000,000,000,000,000
bytes
·
Yottabyte = 1,000,000,000,000,000,000,000,000
bytes
Direct and Sequential Access
·
Direct Access -
Primary storage media such as semiconductor memory chips are called
direct access or random access memories (RAM).
Magnetic disk devices are frequently called direct access storage devices
(DASDs).
The terms direct access and random access describe the same
concept. They mean that an element
of data or instructions can be directly stored and retrieved by selecting and
using any of the locations on the storage media. They also mean that each storage position (1) has a unique
address and (2) can be individually accessed in approximately the same length of
time without having to search through other storage positions.
·
Sequential
Access - sequential access storage media such as magnetic tape
do not have unique storage addresses that can be directly addressed.
Instead, data must be stored and retrieved using a sequential or serial
process. Data are recorded one
after another in a predetermined sequence on a storage medium.
Locating an individual item of data requires searching much of the
recorded data on the tape until the desired item is located.
SEMICONDUCTOR MEMORY
The primary storage (main memory) on most modern computers consists of
microelectronic semiconductor memory circuits.
Plug-in memory circuit boards containing 32 megabytes or more of memory
chips can be added to your PC to increase its memory capacity.
Specialized memory can help improve your computer’s performance.
Examples include:
·
External cache memory of
512 kilobytes to help your microprocessor work faster
·
Video graphics accelerator
cards with 16 megabytes of RAM are used for faster and clearer video performance
·
Removable credit-card-size
and smaller “flash memory” RAM cards provide several megabytes of erasable
direct access storage for PDAs or hand-held PCs.
Some of the major attractions of semiconductor memory are:
·
Small size
·
Fast speed
·
Shock and temperature
resistance
One major disadvantage of most semiconductor memory is:
·
Volatility - Uninterrupted electric power must be supplied or the contents of memory
will be lost (except with read only memory, which is permanent).
There are two basic types of semiconductor memory:
·
Random Access
Memory (RAM) - these memory chips are the most widely used primary storage
medium. Each memory position can be
both read and written, so it is also called read/write memory.
This is a volatile memory.
·
Read Only
Memory (ROM) - Non-volatile random access memory chips are used for permanent
storage. ROM can be read but not
erased or overwritten. Instructions
and programs in primary storage can be permanently "burned in" to the
storage cells during manufacturing. This
permanent software is also called firmware.
Variations include PROM (programmable read only memory) and EPROM
(erasable programmable read only memory), which can be permanently or
temporarily programmed after manufacture.
These are the most common forms of secondary storage for modern computer
systems. That’s because
they provide fast access and high storage capacities at a reasonable cost.
Characteristics of magnetic disks:
·
Disk drives contain metal
disks that are coated on both sides with an iron oxide recording material.
·
Several disks are mounted
together on a vertical shaft, which typically rotates the disks are speeds of
3,600 to 7,600 revolutions per minute (rpm)
·
Access arms between the
slightly separated disks to read and write data on concentric, circular tracks
position electromagnetic read/write heads.
·
Data are recorded on tracks
in the form of tiny magnetized spots to form the binary digits of common
computer codes.
·
Thousands of bytes can be
recorded on each track, and there are several hundred data tracks on each disk
surface, which provides you with billions of storage positions for software and
data.
Types of Magnetic Disks
There are several types of magnetic disk arrangements, including disk
cartridges as well as fixed disk units. Removable
disk devices are popular because they are transportable and can be used to store
backup copies of your data off-line for convenience and security.
Floppy Disks, or magnetic
disks, consist of polyester film disks covered with an iron oxide compound.
A single disk is mounted and rotates freely inside a protective flexible
or hard plastic jacket, which has access openings to accommodate the read/write
head of a disk drive unit. The
3-1/2-inch floppy disk, with capacities of 1.44 megabytes, is the most widely
used version, with a newer Superdisk technology offering 120 megabytes of
storage.
Hard Disk Drives combine
magnetic disks, access arms, and read/write heads into a sealed module.
This allows higher speeds, greater data-recording densities, and closer
tolerances within a sealed, more stable environment.
Fixed or removable disk cartridge versions are available.
Capacities of hard drives range from several hundred megabytes to many
gigabytes of storage.
RAID Storage
Disk arrays of interconnected microcomputer hard disk drives have
replaced large-capacity mainframe disk drives to provide many gigabytes of
online storage. Known as RAID
(redundant arrays of independent disks), they combine from 6 to more than 100
small hard disk drives and their control microprocessors into a single unit.
Advantages of RAID disks include:
·
Provide large capacities
with high access speeds since data is accessed in parallel over multiple paths
from many disks.
·
Provide fault tolerant
capability, since their redundant design offers multiple copies of data on
several disks. If one disk fails,
data can be recovered from backup copies automatically stored on other disks.
·
Storage area networks
(SANs) are high-speed fibre channel local area networks that can interconnect
many RAID units and share their combined capacity through network servers for
many users.
MAGNETIC TAPE STORAGE
Magnetic Tape is still being
used as a secondary storage medium in business applications. The read/write heads of magnetic tape drives record data in
the form of magnetised spots on the iron oxide coating of the plastic tape.
Magnetic tape devices include tape reels and cartridges in mainframes and
midrange systems, and small cassettes or cartridges for PCs.
These devices serve as slower, but lower cost, storage to supplement
magnetic disks to meet massive data warehouse and other business storage
requirements. Other major
applications for magnetic tape include long-term archival storage
and backup storage for PCs and other systems.
OPTICAL DISK STORAGE
Optical disk storage involves technology, which is based on using a laser
to read tiny spots on a plastic disk. The
disks are currently capable of storing billions of characters of information.
·
CD-ROM -
A common type of optical disk used on microcomputers.
They are used for read only storage.
Storage is over 600 megabytes per disk.
This is equivalent to over 400 1.44-megabyte floppy disks or 300,000
double-spaced pages of text. Data
are recorded as microscopic pits in a spiral track, and are read using a laser
device.
Limitation: Recorded data cannot be erased
·
CD-R - (Compact disk recordable) is another optical disk technology.
It enables computers with CD-R disk drive units to record their own data
once on a CD, and then be able to read the data indefinitely.
Limitation: Recorded data cannot be erased
·
CD-RW -
(CD-rewritable) optical disk systems have now become available which record and
erase data by using a laser to heat a microscopic point on the disk’s surface.
In CD-RW versions using magneto-optical technology, a magnetic coil
changes the spot’s reflective properties from one direction to another, thus
recording a binary one to zero. A
laser device can then read the binary codes on the disk by sensing the direction
of reflected light.
·
DVD -
(Digital Video Disk or Digital Versatile Disk) can hold from 3.0 to 8.5
gigabytes of multimedia data on each side of a compact disk.
The large capacities and high- quality images and sound of DVD technology
are expected to eventually replace CD-ROM and CD-RW technologies for data
storage, and promise to accelerate the use of DVD drives for multimedia products
that can be used in both computers and home entertainment systems.
·
DVD-ROM
is beginning to replace magnetic tape videocassettes for movies and other
multimedia products.
·
DVD –
RAM is being used for backup and archival storage data and multimedia files.
Business Applications
One of the major uses of optical disks in mainframe and midrange systems
is in image processing, where long-term archival
storage of historical files of document images must be maintained.
Mainframe and midrange computer versions of optical disks use 12-inch
plastic disks with capacities of several gigabytes, with up to 20 disks held in
jukebox drive units. WORM – (Write Once, Read Many)
versions of optical disks are used to store data on the disk.
Although data can only be stored once, it can be read an infinite number
of times.
One of the major business uses of CD-ROM disks for personal computers is
to provide a publishing medium for fast access to reference materials in a
convenient, compact form. These
include:
·
Catalogs
·
Directories
·
Manuals
·
Periodical abstracts
·
Part listings
·
Statistical databases of
business activity and economic activity
·
Interactive multimedia
applications in business, education, and entertainment using CD-ROM and DVD
disks.
Optical disks have become a popular storage medium for image processing
and multimedia business applications and they appear to be a promising
alternative to magnetic disks and tape for very large mass storage capabilities
for enterprise computing systems. However,
rewritable optical technologies are still being perfected.
Also, most optical disk devices are significantly slower and more
expensive (per byte of storage) than magnetic disk devices.
So optical disk systems are not expected to displace magnetic disk
technology in the near future for most business applications.
V.
KEY TERMS AND CONCEPTS - DEFINED
Binary Representation:
Pertaining to the presence or absence of electronic or magnetic
“signals” in the computer’s circuitry or in the media it uses.
There are only two possible states or conditions - presence or absence.
Central Processing Unit (CPU):
The unit of a computer system that includes the circuits that controls
the interpretation and execution of instructions. In many computer systems, the CPU includes the
arithmetic-logic unit, the control unit, and primary storage unit.
Computer System:
Computer hardware as a system of input, processing, output, storage, and
control components. Thus a computer
system consists of input and output devices, primary and secondary storage
devices, the central processing unit, the control unit within the CPU, and other
peripheral devices.
Computer Terminal:
Any input/output device connected by telecommunications links to a
computer.
Digital Cameras:
Digital still cameras and digital video cameras enable you to shoot,
store, and download still photos or full-motion video with audio in your PC.
Direct Access:
A method of storage where each storage position has a unique address and
can be individually accessed in approximately the same period of time without
having to search through other storage positions.
Information Appliance:
Devices for consumers to access the Internet.
Laptop Computer:
A small portable PC.
Liquid Crystal Displays (LCD):
Electronic visual displays that form characters by applying an electrical
charge to selected silicon
crystals.
Magnetic Disk Storage:
Data storage technology that uses magnetised spots on metal or plastic
disks.
Magnetic Disk Storage - Floppy Disk:
Small phonograph record enclosed in a protective envelope.
It is a widely used form of magnetic disk media that provides a direct
access storage capability for microcomputer systems.
Magnetic Disk Storage - Hard Disk
Secondary storage medium; generally nonremovable disks made out of metal
and covered with a magnetic recording surface.
It holds data in the form of magnetised spots.
Magnetic Disk Storage - RAID
Redundant array of independent disks.
Magnetic disk units that house many interconnected microcomputer hard
disk drives, thus providing large, fault tolerant storage capacities.
Magnetic Ink Character Recognition (MICR):
The machine recognition of characters printed with magnetic ink.
Primarily used for check processing by the banking industry.
Magnetic Stripe:
A magnetic stripe card is a plastic wallet-size card with a strip of
magnetic tape on one surface; widely used for credit/debit cards.
Magnetic Tape:
A plastic tape with a magnetic surface on which data can be stored by
selective magnetisation of portions of the surface.
Mainframe Computer:
A larger-size computer system, typically with a separate central
processing unit, as distinguished from microcomputer and minicomputer systems.
Microcomputer:
A very small computer, ranging in size from a “Computer on a chip” to
a small typewriter-size unit.
Microprocessor:
A semiconductor chip with circuitry for processing data.
Midrange Computer:
Larger and more powerful than most microcomputers but are smaller and
less powerful than most large mainframe computer systems.
Minicomputer:
A small electronic general-purpose computer.
Network Computer:
A new category of microcomputer designed mainly for use with the Internet
and Intranets on tasks requiring limited or specialised applications and no or
minimal disk storage.
Network Server:
A type of midrange computer used to co-ordinate telecommunications and
resource sharing and manages large web sites, Intranets, extranets, and
client/server networks.
Network Terminal:
A terminal that depends on network servers for its software and
processing power.
Off-line:
Pertaining to equipment or devices not under control of the central
processing unit.
Online:
Pertaining to equipment or devices under control of the central
processing unit.
Optical Character Recognition (OCR):
The machine identification of printed characters through the use of
light-sensitive devices.
Optical Disk Storage:
Technology based on using a laser to read tiny spots on a plastic disk.
The disks are currently capable of storing billions of characters of
information.
Optical Disk Storage - CD-ROM:
An optical disk technology for microcomputers featuring compact disks
with a storage capacity of over 500 megabytes.
Optical Disk Storage - CD-R:
Compact disk recordable (CD-R) enables computers with CD-R disk drive
units to record their own data once on a CD, than be able to read the data
indefinitely.
Optical Disk Storage - CD-RW:
Compact disk rewritable (CD-RW) enables computers with CD-RW disk drive
units to record and erase data by using a laser to heat a microscopic point on
the disk’s surface.
Optical Disk Storage - DVD:
Digital video disk or digital versatile disk (DVD) enables
computers with DVD disk drive units to hold from 3.0 to 8.5 gigabytes of
multimedia data on each side of a compact disk.
Optical Disk Storage - WORM Disk:
Optical disk that allows users to write once, read many times.
Optical Scanning:
Using a device (scanner) that scans characters or images and generates
their digital representations.
Pen-Based Computing:
Tablet-style microcomputers that recognise hand-writing and hand-drawing
done by a pen-shaped device on their pressure sensitive display screens.
Peripheral Devices:
In a computer system, any unit of equipment, distinct from the central
processing unit, that provides the system with input, output, or storage
capabilities.
Personal Digital Assistant:
Handheld microcomputer devices, which are designed for convenient mobile
communications and computing.
Pointing Devices:
Devices, which allow end users to issue commands or make choices by
moving a cursor on the display, screen.
Pointing Device - Electronic Mouse:
A small device that is electronically connected to a computer and is
moved by hand on a flat surface in order to move the cursor on a video screen in
the same direction. Buttons on the
mouse allow users to issue commands and make responses or selections.
Pointing Device - Pointing Stick:
A small buttonlike device sometimes likened to the eraser head of a
pencil. The cursor moves in the
direction of the pressure you place on the track point.
Pointing Device - Touchpad:
Is a small rectangular touch-sensitive surface usually placed below the
keyboard. The cursor moves in the
direction your finger moves on the pad.
Pointing Device - Trackball:
A roller device set in a case used to move the cursor on a computer’s
display screen.
Primary Storage:
The main (or internal) memory of a computer. Usually in the form of semiconductor storage.
Printers:
Devices that produce hard copy output such as paper documents or reports.
Secondary Storage:
External or auxiliary storage device that supplements the primary storage
of a computer.
Semiconductor Memory:
Microelectronic storage circuitry etched on tiny chips of silicon or
other semiconducting material.
Semiconductor Memory - RAM:
Also known as main memory or primary storage; type of memory that
temporarily holds data and instructions needed shortly by the CPU.
RAM is a volatile type of storage.
Semiconductor Memory - ROM:
Also known as firmware; a memory chip that permanently stores
instructions and data that are programmed during the chip’s manufacture.
Three variations on the ROM chip are PROM, EPROM, and EEPROM.
ROM is a non-volatile form of storage.
Sequential Access:
A sequential method of storing and retrieving data from a file.
Smart Cards:
Cards such as debit and credit cards, which have an embedded
microprocessor chip and several kilobytes of memory.
Speech Recognition:
Direct conversion of spoken data into electronic form suitable for entry
into a computer system. Promises
to be the easiest, most natural way to communicate with computers.
Storage Capacity Elements:
Units used for storage capacity and data: bits, bytes, kilobytes (KB),
megabytes (MB), gigabytes (GB), terabytes (TB).
Storage Capacity Elements - Bit:
A contraction of “binary digit”.
It can have the value of either 0 or 1.
Storage Capacity Elements - Byte:
A sequence of adjacent binary digits operated on as a unit and usually
shorter than a computer word. In
many computer systems, a byte is a grouping of eight bits that can represent one
alphabetic or special character or can be “packed” with two decimal digits.
Storage Capacity Elements - Kilobyte (K or KB):
When referring to computer storage capacity it is equivalent to 2 to the
10th power, or 1,014 in decimal notation.
Storage Capacity Elements - Megabyte (MB):
One million bytes. More
accurately, 2 to the 20th power, 1,048,576 in decimal notation.
Storage Capacity Elements - Gigabyte (GB):
One billion bytes. More
accurately, 2 to the 30th power, or 1,073,741,824 in decimal notation.
Storage Capacity Elements - Terabyte (TB):
One trillion bytes. More
accurately, 2 to the 40th power, or 1,009,511,627,776 in decimal notation.
Storage Media Trade-offs:
The trade-offs in cost, speed, and capacity of various storage media.
Supercomputer:
A special category of large computer systems that are the most powerful
available. They are designed to
solve massive computational problems.
Time Elements:
Units used for measuring processing speeds: milliseconds, microseconds,
nanoseconds, and picoseconds.
Time Elements - Millisecond:
A thousandth of a second.
Time Elements - Microsecond:
A millionth of a second.
Time Elements - Nanosecond:
One billionth of a second.
Time Elements - Picosecond:
One trillionth of a second.
Touch-Sensitive Screen:
An input device that accepts data input by the placement of a finger on
or close to the CRT screen.
Transaction Terminals:
Terminals used in banks, retail stores, factories, and other work sites
that are used to capture transaction data at their point of origin.
Examples are point-of-sale (POS) terminals and automated teller machines
(ATMs).
Video Output:
Video displays are the most common type of computer output.
Volatility:
Memory (such as electronic semiconductor memory) that loses its contents
when electrical power is interrupted.
Wand:
A handheld optical character recognition device used for data entry by
many transaction terminals.
Workstation:
A computer terminal or micro- or minicomputer system designed to support
the work of one person. Also, a
high-powered computer to support the work of professionals in engineering,
science, and other areas that require extensive computing power and graphics
capabilities.
VI.
REVIEW QUIZ - Match one of the key terms and concepts
[See
Review Quiz Answers found at the end of the text]
VII. ANSWERS TO
DISCUSSION QUESTIONS
1.
Do you agree with the statement: “The network is the computer”?
Why or why not?
Students’
answers will vary. However, there
appears to be no reason to think that the network is not the computer. To the user, the network appears as a seamless environment
where they have access to software, external data, and also internal corporate
data. In many companies, computer
users are using machines that are designed to enable only this type of
computing.
2.
What trends are occurring in the development and use of the major types
of computer systems?
Computers
are becoming physically smaller, faster, more memory, cheaper, more reliable and
user friendly, and are increasingly being connected via telecommunications links
through organizations.
3.
Refer to the Real World Case on the City of Richmond and Tim Beaty
Builders in the chapter. Will the
convergence of PDAs, sub-notebook PCs, and cell phones produce an information
appliance that will make all of those categories obsolete?
Why or why not?
There
is probably no doubt that the convergence of PDAs, sub-notebook PCs, and cell
phones will produce an information appliance that will make all of those
categories obsolete. As more
powerful appliances capable of completing multiple tasks are developed, there
will definitely be a trend toward converging of this technology into a single
appliance. Users do not want to
carry around 4 or 5 different appliances when one would do the trick. For example, it only stands to reason that an individual will
not want to carry around a pager, cell phone, GPS, laptop, or a variety of other
hardware devices if all of the features could be integrated into one small
appliance such as the PDA.
4.
Do you think that network computers (NCs) will replace personal computers
(PCs) in many applications? Explain.
The
trend in business organizations is certainly towards the use of network
computers. Advancements in hardware
and software technology have encouraged this growth.
In many cases, businesses are finding network computers more cost
effective and efficient. As well,
the NC environment is easier and cheaper to implement and maintain.
5.
Are networks of PCs and servers making mainframe computers obsolete?
Explain.
Networked
microcomputers are often the better alternative to larger single computer
systems, providing many of the same advantages, and easier access and more
personal control. However, there
are still many tasks that require the memory capacity and number crunching power
of modern mainframe computers, such as running mathematical models for weather
forecasting. Minicomputers are
often more economical than multiple micros in business environments that have
teams working together on projects and require control of access to databases
and ongoing projects. The
distinction between micro- and minicomputers, however, is becoming increasingly
fuzzy.
6.
Refer to the Real World Case on United Technologies and Eastman Kodak in
the chapter. Should a conglomerate
like UTC with may diverse companies standardize its PC hardware and software,
and lockout downloads of other software? Why
or why not?
Certainly,
more and ore large conglomerates like UTC and even smaller companies are moving
towards standardizing their PC hardware and software, and are increasingly
instituting lockout downloads of other software.
The reason for this trend is relatively simple – it reduces resources
for equipment and PC support. Some will students’ may argue that these
policies are too restrictive and stifle imagination or processes for getting the
job done with a hardware or software tool that a user knows how to use.
However, it can also be argued that these inconveniences are small in
comparison to savings realized through standardization.
7.
What are several trends that are occurring in the development and use of
peripheral devices? Why are these
trends occurring?
Trends
in I/O devices are to more user friendliness.
This includes direct I/O wherever feasible, increased use of voice I/O,
and better quality printed output. Trends
in secondary storage devices are to increase use of optical disks, higher
capacity magnetic disks, and small but high-capacity magnetic tape cartridges
for backup storage.
8.
When would you recommend the use of each of the following:
(1) network computers, (2) NetPCs, (3) network terminals, or (4)
information appliances in business applications?
Network Computer: -
This category of microcomputer is designed mainly for use with the
Internet and Intranets on tasks requiring limited or specialised applications
and no or minimal disk storage.
This category of microcomputer is considered a low-cost networked-enabled
PCs with reduced features. This is
a good choice when the computer user does not require the additional processing
power that would normally be found within a standalone computer.
Network Terminal:
A terminal that depends on network servers for its software and
processing power. The users of
these stations do not require standalone software packages or processing power
to complete their jobs.
Information Appliance:
Devices for consumers to access the Internet. These include a number of gadgets such as cellular phones and
pagers to handheld PCs. These are
excellent choices for the “Road Warrior” who requires portability and ease
of use. Many of these gadgets
enable Internet access and the ability to perform basic computational chores.
9.
What processor, memory, magnetic disk storage, and video display
capabilities would you require for a personal computer that you would use for
business purposes? Explain your choices.
Students’
responses will vary. However, when
a machine is used for business purposes the answer should identify requirements
such as the need for large capacity hard drives, Jaz or ZIP drives, peripherals
such as a need for an ergonomic keyboard and mouse, DVD or CD devices, scanners,
faster-state of the art high speed processors such as the Pentium III chips,
memory capacity large enough to handle the demands of the software and the
operating system. Also, they should
specify the requirements of a good video display with a high performance video
card capable of handling the requirements of the software and the demands of the
job.
10.
What other peripheral devices and capabilities would you want to have for
your business PC? Explain.
Students’
responses will vary. There are so
many peripherals available today that a complete answer to this question is
impossible. The wish list simply
goes on and on and the possibilities are seemingly endless.
VIII. ANSWERS TO APPLICATION EXERCISES
1.
Purchasing Computer Systems for Your Workgroup
1.
Purchasing Computer Systems for Your Workgroup
a)
Prepare a spreadsheet summarizing this pricing information and showing
the cost, from each supplier, of the following options:
a.
5 units with the basic configuration
b.
3 units with the basic configuration and 2 units with all of the upgrades
c.
3 units with the basic configuration plus the monitor upgrade and 2 units with
all upgrades
d.
All 5 units fully upgraded.
b)
Prepare a set of power point slides or similar presentation materials
summarizing your results. Include a
discussion of the warranty and servicing contract options available from each
supplier.
[See
Data Solutions Disk]
2.
Price and Performance Trends for Computer Hardware
a)
Create a spreadsheet based on the figures below and including a new
column for each component showing the price per unit of capacity. (Cost per megahertz of speed for microprocessors, and cost
per megabyte of storage for RAM and hard disk devices).
b)
Create a set of graphs highlighting your results and illustrating trends
in price per unit of performance (speed) or capacity.
c)
Write a short paper discussing the trends you found.
How long do you expect these trends to continue?
Why?
[See
Data Solutions Disk]
IX.
ANSWERS TO REAL WORLD CASES
Real
World Case 1: City of Richmond and Tim Beaty:
The Business Value of PDAs
1.
What are the business benefits of PDAs for business applications?
Use the City of Richmond and Tim Beaty Builders as examples.
City
of Richmond: Business benefits of PDAs for business applications include:
·
PDAs
can be used to solve a wide variety of business needs and do it cheaply.
·
Used
to track heavy-duty equipment use and manage $2.3 million in inventory.
·
Saves
hundreds of hours of otherwise lost time.
·
Time
saved by using PDAs can be devoted to other projects.
·
PDA
applications can be a part of Internet-based systems that connect to desktop
PCs.
Tim
Beaty: Business benefits of PDAs for business applications include:
·
Used
to record work hours, equipment operations, and construction milestones
·
Realized
a significant benefit in the payroll application and managers time.
·
Used
as portable record-keeping and time-clock devises that can be linked to other
data collection and corporate applications.
·
Quickly
able to determine if a company is making money on a project.
·
Able
to track and record individual project costs and helps in increasing the
accuracy in terms of costs and revenues.
·
Helps
track equipment use and sends alerts when it’s time for repairs and when
equipment is being underused.
·
Managers
know exactly which projects are making or losing money and by how much.
·
Company
has a competitive advantage because the field staff is more informed, and more
responsible to their customers’ needs.
2.
What are the limitations of PDAs for business use?
Compare PDAs to laptop PCs to help you answer.
PDAs
have many benefits but they are also limited in what they can do.
They certainly do not have the processing capability and speed of a
laptop, nor are they as versatile. Software
is currently being created for more applications for PDAs but this is still in
its infancy. Laptop PCs on the
other hand, are more powerful and have the versatility of speed with a multitude
of off-the-shelf software available. They
can also be purchased with a docking station, which enables them to serve a dual
purpose - desktop, and portability. Information
can be quickly uploaded and downloaded in this configuration.
3.
The City of Richmond now wants to use tablet PCs for some applications.
What are the advantages of tablet PCs over PDAs and laptop PCs for
business applications? Check out
websites like www.cnet.com or www.pcworld.com
for the latest product reviews to help you answer.
Microsoft's Tablet PC is a
design for a fully-equipped personal computer that allows a user to take notes
using natural handwriting on a stylus or digital pen-sensitive touch screen
instead of requiring the use of a keyboard. The Tablet PC is similar in size and
thickness to a yellow paper notepad. It will run existing Windows-based
applications and is intended to be the user's primary personal computer as well
as a note-taking device. Microsoft's next operating system, Windows XP,
(code-named Whisler) is designed to support the Tablet PC. The first Tablet PCs
will be geared toward business users.
The Tablet PC uses what is called digital ink. Digital ink allows
the user to write a note on the screen in freehand just as the user would write
on a piece of paper. Writing can be natural rather than being required to match
a pattern. The note can be edited and revised using the stylus and even indexed
and searched. The note stays in "ink" or handwritten form until the
user translates the note into a text document. Handwritten notes can be shared
via e-mail. The recognition of handwritten notes and instructions is designed to
be as reliable as input from a keyboard or mouse is today.
The idea of tablet computing is generally credited to Alan Kay of
Xerox who sketched out the idea in 1971. The best-known and first widely-sold
tablet computer was Apple Computer's Newton, which was not a commercial success.
With today's extended battery life, better display resolution, handwriting
recognition software, larger memory, and wireless Internet access, the tablet
computers of the early 2000's are deemed to have a better chance of being
accepted as a viable computing option. Microsoft's goal is to make its tablet
computers available by 2002
PDA (personal digital assistant) is a
term for any small mobile hand-held device that provides computing and
information storage and retrieval capabilities for personal or business use,
often for keeping schedule calendars and address book information handy. The
term handheld is a synonym. Many people use the name of one of the popular PDA
products as a generic term. These include Hewlett-Packard's Palmtop and 3Com's
PalmPilot. Most PDAs have a small
keyboard. Some PDAs have an electronically sensitive pad on which handwriting
can be received. Apple's Newton, which has been withdrawn from the market, was
the first widely-sold PDA that accepted handwriting. Typical uses include
schedule and address book storage and retrieval and note-entering. However, many
applications have been written for PDAs. Increasingly, PDAs are combined with
telephones and paging systems. Some
PDAs offer a variation of the Microsoft Windows operating system called Windows
CE. Other products have their own or another operating system.
A laptop computer, usually called a notebook
computer by manufacturers, is a battery- or AC-powered personal computer
generally smaller than a briefcase that can easily be transported and
conveniently used in temporary spaces such as on airplanes, in libraries,
temporary offices, and at meetings. A laptop typically weighs less than 5 pounds
and is 3 inches or less in thickness. Among the best-known makers of laptop
computers are IBM, Apple, Compaq, Dell, and Toshiba.
Laptop computers generally cost more than desktop computers with the same
capabilities because they are more difficult to design and manufacture. A laptop
can effectively be turned into a desktop computer with a docking station, a
hardware frame that supplies connections for peripheral input/output devices
such as a printer or larger monitor. The less capable port replicator allows you
to connect a laptop to a number of peripherals through a single plug.
Laptops usually come with displays that use thin-screen technology. The thin
film transistor or active matrix screen is brighter and views better at
different angles than the STN or dual-scan screen. Laptops use several different
approaches for integrating a mouse into the keyboard, including the touchpad,
the trackball, and the pointing stick. A serial port also allows a regular mouse
to be attached. The PC Card is insertable hardware for adding a modem or network
interface card to a laptop. CD-ROM and digital versatile disc drives may be
built-in or attachable.
Real
World Case 2: United Technologies and Eastman Kodak
The Business Case for Consolidating
Computer Operations and Systems
1.
What are some of the business benefits that United Technologies will gain
from the consolidation of its computer systems, data centers, software, and help
centers? What limitations might there be?
Business
benefits include:
·
Save
the company $1 billion through efficiencies over the next 15 years.
·
Standardization
of a data backup software utility gives UTC autodiscovery features and
centralized and remote management capabilities. This will help protect their mission-critical data.
·
Every
critical system has a disaster recovery plan.
·
Consolidation
resulted in improvements in its computer systems, data centers, help centers,
and other hardware and software resources.
·
Standardized
on 45,000 new Dell PCs, reduced 20 U.S. data centers to three, reduction from
eight mainframe systems to two, reduced 15 help desks to one help center.
·
Realized
major gains in efficiency and security management.
·
Major
reductions in the number of pieces of software being used throughout the
organization.
·
Standardization
within the business units was achieved.
Limitations:
·
Limitations
appear to be a heavy reliance on a limited number of hardware and software
providers.
·
Not
every business unit is the same – a standardized policy is sometimes not
effective.
.
2.
What are the business benefits of standardizing on selected models from
one manufacturer of desktop and laptop PCs as UTC did with Dell and Kodak did
with IBM? What limitations might there be?
Business
benefits of standardizing on selected models from one manufacturer of desktop
and laptop PC as these companies have done include:
·
Quantity
discounts
·
Standardized
equipment
·
Preloaded
software standards
·
One
stop customer service and support.
·
Savings
in cost and time as the IT departments no longer have to install, setup, and
maintain the systems.
Limitations
·
Major
reliance on these providers to give you the support you want.
3.
What are the business benefits of UTC’s policy of “locking down”
its new Dell PCs so employees can’t download other software from the Internet?
Do you agree with this policy? Why
or why not?
It
makes good business sense for a company to “lock down” their systems because
it certainly does create a lot of inefficiencies, and creates headaches for the
IT personnel who must maintain the systems.
However, it also creates a lot of frustration on the part of the users
who are adapt at using the Internet to gain access to things such as hardware
drivers, or utility programs that make their work easier.
Real
World Case 3: Boscov’s, Winnebago, and WPS Health
Moving to Linux on the Mainframe
1.
How
can a mainframe run the equivalent of hundreds of Linux server applications at
the same time?
A
mainframe can run the equivalent of hundreds of Linux server applications at the
same time because in this environment the databases can be stored and hosted on
the mainframe while servers are used to run the applications.
2.
Why can the total cost of ownership of running Linux applications on the
mainframe be less than on Intel-based servers?
What other IT and business benefits may be achieved?
The
total cost of ownership of running Linux applications on the mainframe can be
less than on Intel-based servers for a number of reasons:
·
Running
Linux applications on the mainframe overall is much cheaper, as applications
from networked Intel-based servers can be shifted to “virtual server”
partitions on the mainframe.
·
The
Linux operating system used to run applications on the mainframe has a lower TCO
than supporting applications on hundreds or thousands of distributed servers.
·
Hardware
and software savings are realized by using Linux applications.
·
No
need to purchase Intel servers when using the Linux applications on a mainframe.
·
Savings
in software licensing fees.
·
Personnel
costs are lower when running Linux on a mainframe because it takes fewer support
staffers to manage a single mainframe than it does to manage multiple Intel
servers.
·
Reduction
in the actual size of infrastructure need to house equipment, and the
electricity they consume.
·
Improve
efficiency on the mainframe systems, which translates into lower transaction
costs.
3.
What challenges or limitations can arise in moving business applications
from servers to Linux on a mainframe?
One
of the major challenges or limitations is that few mainframe administrators are
versed in Linux today, and fewer Linux experts know IBM’s z/OS mainframe
operating system, which has created a skills shortage.
Other limitations include the current lack of a wealth of software
created to support the Linux system.
Real
World Case 4: La-Z-Boy and
Corporate Express
The
Business Benefits of Server Consolidation
1.
What
are the business and technical benefits of using multiple servers to run
business applications for a company?
Business
benefits of using multiple servers
·
Servers
are relatively cheap compared to mainframe systems.
·
Free
up space, reduce costs, and increase performance.
Technical
benefits of using multiple servers
·
Servers
can free the mainframe to be used for core business applications.
·
Designating
servers to single applications can be easily set up.
2.
What are the business and technical challenges facing companies who
depend on many distributed server systems?
Business
challenges:
·
Management
of a distributed server environment is very difficult
·
Proliferation
of servers in some organizations has proven far more costly than previously
predicted.
·
Space
requirements for the large number of servers is expensive, more exposure to
potential security breaches, and a greater management burden.
·
Planning
is required to conduct successful server consolidation initiatives.
Technical
challenges:
·
Number
of servers that IT personnel must manage.
·
Smaller
scaled-out systems are less expensive than mainframes; IT departments need many
more of them to support their companies’ business operations.
·
Difficulty
of consolidating the large number of servers used to run a multitude of
different applications.
3.
What are the business and technical benefits of server consolidation
initiatives? What are the
limitations of such a strategy?
Business
benefits of server consolidation initiatives
·
Consolidation
of distributed servers can be quickly accomplished through partitioning, and is
enhanced by using Unisys tools.
·
Servers
are inexpensive and carry low administrative and maintenance costs.
Limitations
of server consolidation initiatives:
·
Server
consolidation model does not address all requirements in an organization.
·
Companies
have no desire to ram everything onto one server.
·
Network
capacity may limit the ability to consolidate Microsoft Exchange servers, and
peak traffic load and application conflicts are also potential problems.
Real
World Case 5: Los Alamos National
Laboratory and Others
The
ROI of Blade Servers
1.
What
are the business and technical benefits of using blade servers versus
rack-mounted or traditional servers?
Business
benefits of using blade servers
·
Blades
are faster to deploy and are easier to manage than traditional server clusters.
·
Price/performance
benefits
·
Blade
servers cost 30 to 50 percent less than traditional rack-mounted servers
·
Savings
derived from smaller size, low power-consumption costs, and the reduced costs of
cabling, power supply management, and integrated telecom switching, and do not
need the environmental requirements of air conditioning or raised flooring.
2.
What limitations or challenges might there be in the use of blade
servers?
The
primary caveat in trying to achieve quick ROI on blade servers largely rests on
how well the processing, networking, and storage features are integrated.
Cost savings can quickly dissolve if maintaining blade servers becomes
complex and time-consuming.
3.
When should a company consider using blade servers?
Visit the website of RLX Technologies to help your answer.
There are a number of
reasons for companies to consider using blade servers.
For example:
·
When the company is seeking to expand their operations, or have
outgrown their current physical location.
·
When they are looking to reduce budgetary requirements in IT
operations. Savings can be realized
in costs associated with power consumption, space, and environmental
requirements).
·
Time constraints associated with deploying and code traditional
server clusters.
·
Installing new systems that require faster processing speeds.
·
When demand on their current systems are not meeting operational
requirements.
A blade server is a thin,
modular electronic circuit board, containing one, two, or more microprocessors
and memory, that is intended for a single, dedicated application (such as
serving Web pages) and that can be easily inserted into a space-saving rack with
many similar servers. One product offering, for example, makes it possible to
install up to 280 blade server modules vertically in multiple racks or rows of a
single floor-standing cabinet. Blade servers, which share a common high-speed
bus, are designed to create less heat and thus save energy costs as well as
space. Large data centers and Internet service providers (ISPs) that host Web
sites are among companies most likely to buy blade servers.
A blade server is sometimes referred to as a high-density server
and is typically used in a clustering of servers that are dedicated to a single
task, such as:
·
File sharing
·
Web page serving and caching
·
SSL encrypting of Web communication
·
Transcoding of Web page content for smaller displays
·
Streaming audio and video content
Like most clustering applications, blade servers can also be managed to include load balancing and failover capabilities. A blade server usually comes with an operating system and the application program to which it is dedicated already on the board. Individual blade servers are usually hot-pluggable and come in various heights, including 5.25 inches (the 3U model), 1.75 inches (1U), and possibly "sub-U" sizes. (A U is a standard measure of vertical height in an equipment cabinet and is equal to 1.75 inches.)
================================================
14 Computer Software
I.
CHAPTER OVERVIEW
Foundation Concepts: Computer
software, reviews the basic features and trends in the major
types of application software and system software used to support enterprise and
end user computing.
Software
– Computer software consists of two major types of
programs: (1) applications software that directs the performance of a particular
use, or application, of computers to meet the information processing needs of
users, and (2) system software that controls and supports the operations of a
computer system as it performs various information processing tasks.
Refer to Figure 14.2 for an overview of the major types of software.
Application Software – Application software includes a variety of programs that can be
segregated into general-purpose and application-specific categories.
General-purpose application programs perform common information
processing jobs for end users. Examples are word processing, electronic
spreadsheet, database management, telecommunications, and presentation graphics
programs. Application-specific
programs accomplish information processing tasks that support specific business
functions or processes, scientific or engineering applications, and other
computer applications in society.
System Software – System software can be subdivided
into system management programs and system development programs.
System management programs manage the hardware, software, networks, and
data resources of a computer system during its execution of information
processing jobs. Examples of system
management programs are operating systems, network management programs, database
management systems, system utilities, performance monitors, and security
monitors. Network management
programs support and manage telecommunications networks.
Database management systems control the development, integration, and
maintenance of databases. Utilities
are programs that perform routine computing functions, such as backing up data
or copying files, as part of an operating system or as a separate package.
System development programs help IS specialists and end users develop
computer programs and information system procedures. Major development programs are language translators,
programming editors, and other programming tools.
Operating Systems – An operating system is an
integrated system of programs that supervises the operation of the CPU, controls
the input/output storage functions of the computer system, and provides various
support services. An operating
system performs five basic functions: (1) a user interface for system and
network communications with users, (2) resource management for managing the
hardware resources of a computer system, (3) file management for managing files
of data and programs, (4) task management for managing the tasks a computer must
accomplish, and (5) utilities and other functions that provide miscellaneous
support services.
Programming Languages – Programming languages are a
major category of system software. They
require the use of a variety of programming packages to help programmers develop
computer programs, and language translator programs to convert programming
language instructions into machine language instruction codes.
The five major levels of programming languages are machine languages,
assembler languages, high-level languages, fourth-generation languages, and
object-oriented languages. Object-oriented
languages like Java and special-purpose languages like HTML and XML are being
widely used for Web-based business applications.
II. LEARNING OBJECTIVES
Learning Objective
·
Describe several important
trends occurring in computer software.
·
Give examples of several
major types of application and system software.
·
Explain the purpose of
several popular microcomputer software packages for end user productivity and
collaborative computing.
·
Outline the functions of an
operating system.
·
Describe the main uses
software programming languages and tools.
This chapter introduces many concepts and terms essential for the
understanding of computer systems and their functions.
Unless the students taking this course are already familiar with software
terminology, this chapter should be thoroughly covered.
Figure 14.2 can be used to
provide an overview of the major types of computer software, and to illustrate
the difference between system software and application software.
Figure 14.3 can be used to describe the trends in computer
software and to explain that the trend in software has been to move toward
multipurpose, expert-assisted packages with natural languages and graphical user
interfaces.
Figure 14.14 provides an
insightful tool, which can be used to effectively explain and illustrate the
system and application software interface between end users and computer
hardware. Figure 14.15 illustrates
the basic functions of an operating system such as the user interface, resource
management, task management, file management, and utilities and other functions.
As the majority of students taking this course are not MIS majors, they
often have difficulty with the differences with understanding the differences in
programming languages. Instructors
should use Figure 14.20 to make this process easier.
If students are not already familiar with the type of application
packages covered in Section II, one or more lab sessions, providing hands-on
experience could prove beneficial.
This chapter presents an overview of the major types of software you
depend on as you work with computers and access computer networks.
It discusses their characteristics and purposes and gives examples of
their uses.
We can learn a lot about the development and markets for consumer and
small business software from this case. Take
a few minutes to read it, and we will discuss it.
(See Intuit Inc. in Section IX).
Types of Software: [Figure
14.2]
This chapter presents an overview of the major types and functions of application
software and system software that are available to
computer users. Information systems
depend on software resources to help end users use computer hardware to
transform data resources into a variety of information products.
Software is needed to accomplish the input, processing, output, storage,
and control activities of information systems.
Computer software is typically classified into two major types of
programs:
·
Application Software - Programs that direct the performance of a particular use, or
application, of computers to meet the information processing needs of end users.
·
System Software - Programs that manage and support the resources and operations of a
computer system as it performs various information processing tasks.
Two major software trends are taking place: [Figure
14.3]
·
Trend away from:
(1)
Custom-designed programs developed by the professional programmers of an
organization.
(2)
Technical, machine-specific programming languages using binary-based or
symbolic codes
(3) Procedural languages,
which use brief statements and mathematical expressions to specify the sequence
of instructions a computer must perform.
·
Trend towards:
(1)
Use of off-the-shelf software packages acquired by end users from
software vendors.
(2) Use of a visual graphic-interface for object-oriented
programming, or toward nonprocedural natural languages for programming
that are closer to human conversation.
Reasons for these trends are:
·
Development of relatively
inexpensive and easy-to-use application software packages and multipurpose software
suites for microcomputers.
·
Software packages are
designed with web-enabled networking capabilities and collaboration features
that optimize their usefulness for end users and workgroups on the Internet and
corporate intranets and extranets.
·
Many software packages can
now be downloaded, updated, managed, and rented or leased from software
companies or application service providers (ASP’s) over the Internet
and corporate intranets.
·
Creation of easy-to-use,
nonprocedural fourth-generation languages (4GLs).
·
Developments in object
technology, graphics, and artificial intelligence produce natural language and
graphical user interfaces (GUI) that make both programming tools and software
packages easier to use.
·
Developments in a new
generation of expert-assisted software packages that combine expert
system modules and artificial intelligence features (wizards and intelligent
agents)
Results of these trends:
·
Current trends are
converging to produce a fifth generation of powerful, multipurpose,
expert-assisted and network-enabled software packages with natural language and
graphical interfaces to support the productivity and collaboration of both end
users and IS professionals.
Application Software for End Users:
[Figure 14.2]
Application software consists of a variety of programs that can be
subdivided into general-purpose and application-specific categories.
These programs are called application packages because they direct the
processing required for a particular use, or application, that end users want
accomplished. Examples include:
·
Business Applications -
accounting, sales management, transaction processing, electronic commerce, etc.
·
Science and Engineering
Applications – research and development
·
Personal Applications –
finance and home management
·
Education and Entertainment
Applications – schools, learning institutions, DVD movies
General-purpose application
programs are programs that perform common information processing jobs for end
users. Examples include:
·
Word processing programs
·
Spreadsheet programs
·
Database management
programs
·
Graphics programs
·
Web browsers
·
Electronic mail
·
Groupware
SOFTWARE SUITES AND INTEGRATED PACKAGES
Software suites are a
combination of the most widely used productivity packages that come bundled
together. They include suites such
as Microsoft Office, Lotus SmartSuite, and Corel WordPerfect Office, and Sun’s
StarOffice.
Advantages of software suites:
These software tools can be used to increase your productivity,
collaborate with your colleagues, and access intranets, extranets, and the
Internet.
·
Suites integrate software
packages for web browsing, word processing, spreadsheets, presentation graphics,
database management, personal information management, and more.
·
Suites cost a lot less than
the total cost of buying their individual packages separately.
·
All programs use a similar graphical
user interface, which gives them the same look and feel, and make them
easier to learn and use.
·
Suites also share common
tools, such as spell checkers and help wizards to increase their efficiency.
·
Programs are designed to
work together seamlessly and import each other’s files or transfer data
between applications.
·
Costs vary between $100 for
a competitive upgrade to over $700 for a full version.
Disadvantages of software suites:
·
Critics argue that most end
users never use many software suite features.
·
Suites take up a lot of
disk space and may require significant amounts of memory.
·
Suites may compromise on
the speed, power, and flexibility of some of their functions to achieve
integration.
Integrated packages - the
disadvantages of using software suites is one of the reasons for the continued
use of integrated packages like Microsoft Works, Lotus eSuite WorkPlace,
AppleWorks, and so on. Integrated
packages combine some of the functions of several programs into one software
package.
Advantages of integrated packages:
·
Combine some of the
functions of several programs into one software package.
·
They require a lot less
disk space than software suites.
·
Can cost less than a
hundred dollars.
·
Are frequently
pre-installed on many low-end microcomputer systems.
·
Many integrated packages
have enough functions and features for many computer users.
Disadvantages of integrated packages:
·
Leave out many features and
functions that are in individual packages and software suites.
They cannot do as much as individual packages and software suites.
WEB BROWSERS AND MORE
The most important software component too many computer users today is
the web browser. A
browser like Netscape Navigator or Microsoft Explorer is the key software
interface you use to point and click your way through the hyperlinked resources
of the World Wide Web and the rest of the Internet, as well as corporate
intranets and extranets.
Web Browsers are used by end users as the universal software platform,
which they use to:
·
Launch information searches
·
E-mail others
·
Perform multimedia file
transfers
·
Participate in discussion
groups and workgroup collaboration
·
Many other Internet,
intranet, and extranet applications
·
Watch a video
·
Make a phone call
·
Download software
·
Hold a videoconference
ELECTRONIC MAIL AND INSTANT MESSAGING
Electronic mail has changed
the way people work and communicate. E-mail
is used to send and receive electronic messages via the Internet or through
organizational intranets or extranets. E-mail
is stored on network servers until you are ready.
Features of E-mail include:
·
Route messages to one or
many individuals
·
Route messages to multiple
end users based on predefined mailing lists
·
Provide password security
·
Automatic message
forwarding
·
Remote user access
·
Allow users to store
messages in folders with provisions for adding attachments to message files
·
Edit and send graphics and
multimedia as well as text
·
Provide bulletin board and
computer conferencing capabilities
·
Filter and sort incoming
messages and route them to appropriate user mailboxes and folders
WORD PROCESSING AND DESKTOP PUBLISHING
Word processing packages
computerize the creation, editing, revision, and printing of documents by
electronically processing text data. Some of the features of these
packages include:
·
Desktop publishing
capabilities
·
Can be used to convert
documents to HTML format for publication as web pages on corporate intranets or
the World Wide Web.
·
Advanced features such as
spell checker, thesaurus, grammar and punctuation capabilities.
·
Suggest possible
improvements in your writing style with grammar and style checker functions.
·
Idea processor or outliner
functions, which help you, organize and outline your thoughts before preparing a
document or developing a presentation.
·
Design and create pages
from scratch for an Internet or intranet web site.
Desktop Publishing (DTP):
End users and organizations can use desktop publishing
(DTP) software to produce their own printed materials such as newsletters,
brochures, manuals, and books with several type styles, graphics, and colors on
each page. Typically text material
and graphics can be generated by word processing and graphics packages and
imported as text and graphics files. Optical
scanners may be used to input text and graphics from printed material.
You can also use files of clip art, which are predrawn graphic
illustrations provided by the software package or available from other sources.
The heart of desktop publishing is a page design process called page
markup or page composition. The
video screen becomes an electronic paste-up board with rulers, column guides,
and other page design aids. Text
material and illustrations are then merged into the page format you design.
The software will automatically move excess text to another column or
page and help size and place illustrations and headings.
ELECTRONIC SPREADSHEETS
Electronic spreadsheet packages are programs that are used for business
analysis, planning, and modelling. They
provide electronic replacement for more traditional tools such as paper
worksheets, pencils, and calculators. They
generate an electronic spreadsheet, which is a worksheet of rows and
columns, which can be stored on your PC, a network server, or converted to HTML
format and stored as a web page or websheet on the World Wide Web.
Data and formulas are entered into the worksheet via the keyboard.
The computer performs the calculations based on the formulas entered.
Most packages also have graphic capabilities.
A spreadsheet package can also be used as a decision support tool to
perform what-if analysis. For
example: “What would happen - If you did something else”.
DATABASE MANAGEMENT
Database Management packages allow you to set up and manage databases on
your PC, network server, or the World Wide Web. Most DBMS packages can perform four primary tasks
(discussed in Chapter 5):
·
Database Development - Define and organize the content, relationships, and structure of the data
needed to build a database, including any hyperlinks to data on web pages.
·
Database Interrogation - Access the data in a database to display information in a variety of
formats. End users can selectively
retrieve and display information and produce forms, reports, and other
documents, including web pages.
·
Database Maintenance - Add, delete, update, and correct the data in a database, including
hyperlinked data on web pages.
·
Application Development - Develop prototypes of web pages, queries, forms, reports, and labels for
a proposed business application. Or
use a 4GL or application generator to program the application.
PRESENTATION GRAPHICS
Presentation packages are
used to convert numeric data into graphics displays such as line charts, bar
graphs, pie charts, and many other types of graphics.
Most of the top packages also help you prepare multimedia
presentations of graphics, photos, animation, and video clips, including
publishing to the World Wide Web.
Advantages of using graphics and multimedia:
·
They are easier to
comprehend and communicate than numerical data.
·
Use of multiple-color and
multiple-media displays can more easily emphasize key points, strategic
differences, and important trends in the data.
·
Presentation graphics have
proven to be much more effective than tabular presentations of numeric data for
reporting and communicating in advertising media, management reports, or other
business presentations.
·
Presentation graphics
software packages give you many easy-to-use capabilities that encourage the use
of graphics presentations (slide shows), which contain many integrated
graphics and multimedia displays. Examples:
PowerPoint, Freelance, or Presentations.
·
Graphics and multimedia
presentations can be transferred in HTML format to web sites on corporate
intranets or the World Wide Web.
PERSONAL INFORMATION MANAGERS (PIMS)
The personal information manager is a popular software
package for end user productivity and collaboration. They are used to help end users store, organize, and retrieve
information about customers, clients, and prospects, or schedule and management
appointments, meetings, and tasks. PIMs
are being used for:
·
Electronic calendar or list
of appointments, meetings, or other things to do.
·
Timetable for a project
·
Display of key facts and
financial data about customers, clients, and sales prospects
·
Accessing the World Wide
Web
·
Provide E-mail capability.
·
Internet and E-mail
features to support team collaboration by sharing information with other
networked PIM users.
GROUPWARE
Groupware is collaboration
software that helps workgroups and teams work together to accomplish group
assignments. Groupware is a
fast growing category of general-purpose application software that combines a
variety of software features and functions to facilitate collaboration.
Groupware products support collaboration through:
·
Electronic Mail
·
Discussion groups and
databases
·
Scheduling
·
Task management
·
Data, audio, and
videoconferencing
·
Internet, corporate
intranets and extranets to make collaboration possible on a global scale by virtual
teams located anywhere in the world.
·
Joint web page development
·
Publish project news and
progress reports
·
Working jointly on
documents stored on web servers
OTHER BUSINESS SOFTWARE
Application software packages support managerial and operational uses
such as:
·
Data warehousing and data
mining (Chapter 6 – 13)
·
Accounting, marketing,
manufacturing, human resource management, and financial management, customer
relationship management, enterprise resource planning, supply chain management,
and electronic commerce (Chapter 4)
·
Decision support and data
analysis applications (Chapter 6)
SYSTEM SOFTWARE OVERVIEW
System software consists of programs that manage and support a computer
system and its information processing activities. For example, operating systems and network management
programs serve as a vital software interface between computer system
hardware and the application programs of end users.
We can learn a lot about the business value of competitive developments
in system software from this case. Take
a few minutes to read it, and we will discuss it (Amazon, Orbitz, and Others in
Section IX).
Two major functional categories of system software include: [Figure
14.14]
·
System Management Programs
- Programs that manage the hardware, software, and data resources of the
computer system during its execution of the various information processing jobs
of users. They include:
·
Operating Systems
·
Network Management Programs
·
Database Management Systems
·
System Utilities
·
System Development Programs
- Programs that help users develop information system programs and prepare
user programs for processing. Major
development programs include:
·
Programming Language
Translators and Editors
·
Programming Tools
·
CASE (Computer-Aided
Software Engineering) Packages
OPERATING SYSTEMS
The most important system software package for any computer is its
operating system. An operating
system is an integrated system of programs that:
·
Manages the operations of
the CPU
·
Controls the input/output
and storage resources and activities of the computer system
·
Provides various support
services as the computer executes the application programs of users.
Primary purpose of the operating system is:
·
Maximize the productivity
of a computer system by operating it in the most efficient manner.
·
Minimize the amount of
human intervention required during processing.
·
Helps your application
programs perform common operations such as accessing a network, entering data,
saving and retrieving files and printing or displaying output.
Operating System Functions:
[Figure 14.15]
An operating system performs five basic functions in the operation of a
computer system. It provides:
·
User Interface
·
Resource Management
·
Task Management
·
File Management
·
Utilities and Support
Services
The User Interface:
The user interface is the part of the operating system that
allows the end user to communicate with the operating system so they can load
programs, access files, and accomplishes other tasks.
Three main types of user interfaces are:
·
Command Driven
·
Menu Driven
·
Graphical User Interface
(GUI)
Trend Away From: The entry of
brief end user commands, and choices from menus of options
Trend Towards: Easy-to-use graphical
user interface (GUI), which uses icons, bars, buttons, boxes, and other
images relying on pointing devices, like the electronic mouse or trackball to
make selections that help you get things done.
Resource Management:
An operating system uses a variety of resource management programs to
manage the hardware and networking resources of the computer system, including
its:
·
CPU
·
Memory
·
Secondary Storage Devices
·
Telecommunications
processors
·
Input/Output Peripherals
Memory management programs:
·
Keep track of where data
and programs are stored.
·
May also subdivide memory
into a number of sections and swap parts of programs and data between main
memory and magnetic disks or other secondary storage devices.
·
Provide a computer system
with a virtual memory capability, which is larger than the actual
main memory of its primary storage circuits.
File Management:
File management programs of an operating system:
·
Control the creation,
deletion, and access of files of data and programs.
·
Keep track of the physical
location of files on magnetic disks and other secondary storage devices.
Task Management:
Task management programs of an operating system:
·
Manage the accomplishment
of the computing tasks of end users.
·
Allocate CPU time to tasks
and interrupt tasks being executed to substitute other tasks.
·
May involve a multitasking
capability where tasks of several programs can process at the same time.
Multitasking may involve multiprogramming where the CPU can
process the tasks of several programs at the same time, or time-sharing,
where the computing tasks of several users can be processed at the same time.
·
In multitasking, a single
computer can act as if it were several computers, or virtual machines,
such that each application program is running independently at the same time.
Popular Operating Systems:
The most popular microcomputer operating systems are:
MS-DOS - for many years was the most widely used microcomputer operating system.
Characteristics:
-
A single user,
single-tasking operating system
-
Was given a graphical user
interface and limited multitasking capabilities by combining it with Microsoft
Windows.
Windows 95 - Microsoft began
replacing its DOS/Windows combination in 1995 with the Windows 95 operating
system.
Characteristics:
-
Advanced operating system
-
Graphical user interface
-
True multitasking
capabilities
-
Networking capabilities
-
Multimedia capabilities
Windows 98
- Microsoft introduced an enhanced version of Windows 95 in 1998.
Characteristics:
- Enhanced Internet
capabilities
Windows 2000 - Several
versions of this have been released.
Characteristics/versions available:
-
Professional:
a full-featured operating system for PC desktops and laptops.
-
Server: a multipurpose
operating system for network servers and web servers in smaller networks.
-
Advanced Server: a network
operating system to manage large networks and web-sites powered by server farms
of many servers.
-
Datacenter Server:
a high-performance network operating system for large-scale business
applications, such as online transaction processing and data warehousing.
Windows NT
- multitasking network operating system
Characteristics:
-
Powerful, multitasking,
multiuser network operating system
-
Installed on network
servers to manage client/server networks and on PCs with high performance
requirements.
-
Microsoft merged its
Windows 98 and Windows NT products into the Windows 2000 operating system during
the year 2000.
UNIX - a popular operating system
that is available for micros, minis, and mainframe computer systems.
Characteristics:
-
Originally developed by
AT&T, UNIX is now offered by other vendors, including Solaris by Sun
Microsystems and AIX by IBM.
-
Multitasking and multiuser
system, network-managed operating system whose portability allows it to run on
mainframes, midrange computers, and microcomputers.
LINUX - is a low-cost, powerful,
and reliable Unix-like operating system that is rapidly gaining market share as
a high-performance operating system for network servers and web servers in both
small and large networks.
Characteristics:
-
Linux Torvald of Finland and millions of
programmers around the world developed Linux as a free or low-cost shareware or
open-source software over the Internet in the 1990’s.
-
Linux is still being enhanced in this way, but is
sold with extra features and support services by software vendors such as Red
Hat, Caldera, and VA Linux.
-
PC versions of Linux are available which support
office software suites, web browsers, and other application software.
Mac OS X - is the latest
operating system from Apple for the iMac and other Macintosh microcomputers.
Characteristics:
Mac OS X has a new graphical user interface as was as advanced
multitasking and multimedia capabilities, along with a new suite of Internet
services called iTools.
Today’s information systems rely heavily on the Internet, intranets,
extranets, local area networks, and other telecommunications networks to
interconnect end user workstations, network servers, and other computer systems.
This requires a variety of system software for network management,
including:
·
Network operating systems
·
Network performance
monitors
·
Telecommunications monitors
Network management programs perform such functions as:
·
Automatically checking
client PCs and video terminals for input/output activity
·
Assigning priorities to
data communications requests from clients and terminals
·
Detecting and correcting
transmission errors and other network problems
·
Some network management
programs function as middleware to help diverse networks communicate with
each other.
DATABASE MANAGEMENT SYSTEMS
A database management system (DBMS) is a set of software
programs that control the development, use, and maintenance of the databases of
computer-using organizations. A database management system:
·
Helps organizations use
their integrated collection of data records and files known as databases.
·
Allows different user
application programs to easily access the same database.
·
Simplifies the process of
retrieving information from databases in the form of displays and reports.
·
Enables end users to get
information from a database using a query language.
·
Many DBMS packages provide
fourth-generation languages (4GLs) and other application development features.
OTHER SYSTEM MANAGEMENT PROGRAMS
System support programs are a category of software that performs routine
support functions for the end users of a computer system.
Examples are:
Utility programs - Programs that
perform miscellaneous housekeeping and file conversion functions.
Examples: Norton Utilities
Performance Monitors
- Programs that monitor the performance and usage of computer systems to
help their efficient use.
Security Monitors - Programs that
monitor and control the use of computer systems and provide warning messages and
record evidence of unauthorized use of computer resources.
PROGRAMMING LANGUAGES [Figure 14.20]
Programming languages are the languages in which computer programs are
written. A programming
language allows a programmer or end user to develop the sets of
instructions that constitute a computer program.
Many programming languages have been developed, each with its own unique
vocabulary, grammar, and uses:
·
Machine Languages
·
Assembler Languages
·
High-Level Languages
·
Fourth Generation Languages
·
Object-Oriented Languages
Machine Languages:
Machine languages are the most
basic level of programming languages. They
were the first generation of programming languages.
Disadvantages of machine languages:
·
Programs had to be written
using binary codes unique to each computer.
·
Programming involved the
difficult task of writing instructions in the form of strings of binary digits
(ones and zeros) or other number systems.
·
Programmers had to have a
detailed knowledge of the internal operations of the specific type of CPU they
were using.
·
Programmers had to write
long series of detailed instructions to accomplish even simple processing tasks.
·
Programming is difficult
and error-prone.
Assembler Languages:
Assembler languages are the
second generation of programming languages.
They were developed to reduce the difficulties in writing machine
language programs. Assembler
languages are frequently called symbolic languages because symbols are used to
represent operation codes and storage locations.
Advantages:
·
Uses symbolic coded
instructions, which are easier to remember.
·
Programming is simplified,
as a programmer does not need to know the exact storage location of data and
instructions.
·
Provides programmers
greater control and flexibility in designing a program for a particular
computer.
·
Programmers can produce
more efficient software that requires a minimum of instructions, storage, and
CPU time to perform a specific processing assignment.
Disadvantages:
·
Assembler languages are
unique to particular lines of computers.
High-Level Languages
High-level languages are the
third generation of programming languages.
They include COBOL (business application programs), BASIC (microcomputer
end users), and FORTRAN (scientific and engineering applications).
Advantages:
·
Easier to learn and
understand than an assembler language as instructions (statements)
resemble human language or the standard notation of mathematics.
·
Have less-rigid rules,
forms, and syntax’s, so the potential for error is reduced.
·
Are machine-independent
programs therefore programs written in a high-level language do not have to be
reprogrammed when a new computer is installed.
·
Programmers do not have to
learn a new language for each computer they program.
Disadvantages:
·
Less efficient than
assembler language programs and require a greater amount of computer time for
translation into machine instructions.
Fourth-Generation Languages:
(4GLs):
Fourth-generation languages
(4GLs) include a variety of programming languages that are more nonprocedural
and conversational than prior languages.
Advantages:
·
Simplified the programming
process.
·
Use nonprocedural
languages that encourage users and programmers to specify the results
they want, while the computer determines the sequence of instructions that will
accomplish those results.
·
Use natural languages
that impose no rigid grammatical rules.
Disadvantages:
·
Less flexible that other
languages.
·
Less efficient (in terms of
processing speeds and amount of storage capacity needed).
Object-Oriented Languages:
Object-oriented programming
(OOP) languages tie data elements and the procedures or actions that will be
performed on them together into objects.
Examples include Visual Basic, Turbo C++, C++, Object C++, and Java.
Advantages:
·
OOP languages are easier to
use and more efficient for programming the graphics-oriented user interface
required by many applications.
·
Programmed objects are
reusable.
HTML, XML and Java
HTML and Java are two relatively new programming languages, which have
become vital tools for building multimedia web pages, web sites, and web-based
applications.
Characteristics of HTML (Hypertext Markup Language)
include:
·
HTML is a page description
language that creates hypertext or hypermedia documents.
·
HTML inserts control codes
within a document at points you can specify that create links (hyperlinks) to
other parts of the document or to other documents anywhere on the Web.
·
HTML embeds control costs
in the ASCII text of a document, which designate titles, headings, graphics, and
multimedia components, as well as hyperlinks within the document.
Characteristics of XML (eXtensible Markup Language)
include:
·
XML is not a web page
format description language like HTML.
XML describes the contents of web pages by applying identifying tags or
contextual labels to the data in web documents. By classifying data in this way, XML makes website
information a lot more searchable, sortable, and easier to analyze.
XML promises to make electronic commerce a lot easier and efficient by
supporting the automatic electronic exchange of business data between companies
and their customers, suppliers, and other business partners.
Characteristics of Java include:
·
Java is an object-oriented
programming language created by Sun Microstations.
·
Java is revolutionizing the
programming of applications for the World Wide Web and corporate intranets and
extranets.
·
Java is related to the C++
and Objective C programming languages, but is much simpler and secure, and is
computing platform independent.
·
Java is specifically
designed for realtime, interactive, web-based network applications.
·
Java applications consist
of small application programs called applets, which can be
executed by any computer and any operating system anywhere in a network.
·
Applets can reside at web
sites on a network server until needed by client systems, and are easy to
distribute over the Internet or intranets and extranets.
·
Java applets are platform
independent – they can run on Windows, UNIX, and Macintosh systems without
modification.
·
Java is becoming the
programming language choice for many organizations intent on capitalizing on the
business potential of the Internet, as well as their own intranets and
extranets.
PROGRAMMING SOFTWARE
A variety of software packages are available to help programmers develop
computer programs. For example, programming
language translators are programs that translate other programs into machine
language instruction codes that computers can execute.
Other software packages such as programming language editors, called programming
tools, help programmers write programs by providing program creation and
editing capabilities.
Language Translator Programs
Computer programs consist of sets of instructions written in programming
languages that must be translated by a language translator into
the computer’s own machine language before they can be processed, or executed,
by the CPU. Programming language
translator programs are known by a variety of names.
·
Assembler - Translates the symbolic instruction codes of programs written in an
assembler language into machine language instructions.
·
Compiler - Translates (compiles) high-level language statements (source programs)
to machine language programs.
·
Interpreter - Translates and executes each program statement one at a time, instead of
first producing a complete machine language program, like compilers and
assemblers do.
Programming Tools:
A graphical programming interface and a variety of built-in capabilities
or add-on packages enhances many language translator programs.
Language translators provide editing and diagnostic capabilities to
identify programming errors or bugs. Many
language translator programs now include powerful graphics-oriented programming
editors and debuggers. These
programs help programmers identify and minimize errors while they are
programming. The goal of such
programs is to decrease the drudgery of programming while increasing the
efficiency and productivity of programmers.
Other programming tools include:
·
Diagramming packages
·
Code generators
·
Libraries of reusable
objects and program code
·
Prototyping tools
V. KEY TERMS AND CONCEPTS -
DEFINED
Application Server:
System software that provides a middleware interface between an operating
system and the application programs of users.
Application Software:
Programs that specify the information processing activities required for
the completion of specific tasks of computer users.
Examples are electronic spreadsheet and word processing programs or
inventory or payroll programs.
Application-Specific Programs:
Application software packages that support specific applications of end
users in business, science and engineering, and other areas.
Assembler Language:
A programming language that utilizes symbols to represent operation codes
and storage locations.
Database Management Software:
A computer program that facilitates the storage, maintenance, and
utilization of data in a database.
Desktop Publishing:
The use of microcomputers, laser printers, and page-makeup software to
produce a variety of printed materials, formerly done only by professional
printers.
Electronic Mail:
The transmission, storage, and distribution of text material in
electronic form over communications networks.
Electronic Spreadsheet Software:
An application program used as a computerized tool for analysis,
planning, and modelling that allows users to enter and manipulate data into an
electronic worksheet of rows and columns.
File Management:
Controlling the creation, deletion, access, and use of files of data and
programs.
Fourth-Generation Language (4GL): Programming
languages that are easier to use than high-
level languages like BASIC, COBOL, or FORTRAN. They are also known as nonprocedural,
natural, or very high-level languages.
General-Purpose Application Programs:
Programs that can perform information processing jobs for users from all
application areas. Individuals for
home, education, business, scientific, and many other purposes can use for
example, word processing programs, electronic spreadsheet programs, and graphics
programs.
Graphical User Interface:
A software interface that relies on icons, bars, buttons, boxes, and
other images to initiate computer-based tasks for users.
Groupware:
Software packages that support work activities by members of a work group
whose workstations are interconnected by a local area network.
High-Level Language:
A programming language that utilizes macro instructions and statements
that closely resembles human language or mathematical notation to describe the
problem to be solved or the procedure to be used. Also called a compiler language.
HTML:
Is a page description language that creates hypertext or hypermedia
documents.
Integrated Package:
Software that combines the ability to do several general-purpose
applications (such as word processing, electronic spreadsheet, and graphics)
into one program.
Java:
Is an object-oriented programming language created by Sun Microsystems.
Language Translator Program:
A program that converts the programming language instructions in a
computer program into machine language code.
Major types include assemblers, compilers, and interpreters.
Machine Language:
A programming language where instructions are expressed in the binary
code of the computer.
Multitasking:
The concurrent use of the same computer to accomplish several different
information processing tasks. Each
task may require the use of a different program, or the concurrent use of the
same copy of a program by several users.
Natural Language:
A programming language that is very close to human language.
Also called very high-level language.
Network Management Programs:
Network management programs perform such functions as automatically
checking client PCs and video terminals for input/output activity, assigning
priorities to data communications requests from clients and terminals, and
detecting and correcting transmission errors and other network problems.
Network Operating Systems:
Software that manages telecommunications in complex local area networks.
Nonprocedural Language:
Programming languages that allow users and professional programmers to
specify the results they want without specifying how to solve the problem.
Object-Oriented Language:
An object-oriented programming (OOP) language used to develop programs,
which create and use objects to perform information processing tasks.
Operating System:
The main control program of a computer system. It is a system of programs that controls the execution of
computer programs and may provide scheduling, debugging, input/output control,
system accounting, compilation, storage assignment, data management, and related
services.
Personal Information Manager:
A software package that helps end users store, organize, and retrieve
text and numerical data in the form of notes, lists, memos, and a variety of
other forms.
Presentation Graphics Package:
Using computer-generated graphics to enhance the information presented in
reports and other types of presentations.
Programming Tools:
Software packages or modules, which provide editing and diagnostic
capabilities and other support facilities to assist the programming process.
Resource Management:
An operating system function, which controls the use of computer system
resources such as primary storage, secondary storage, CPU processing time, and
input/output devices by other system software and application software packages.
Software Suites:
Are powerful software packages that combine several individual packages that share a common graphical interface and are designed to easily transfer data between th