11 Security and Ethical Challenges

 

 

                         I.  CHAPTER OVERVIEW

 

Foundation Concepts:  Security and Ethical Challenges, discusses the threats against, and defenses needed for, the performance and security of e-business systems, as well as the ethical implications and societal impacts of information technology.

 

Ethical and Societal Dimensions – The vital role of information technologies and systems in society raises serious ethical and societal issues in terms of their impact on employment, individuality, working conditions, privacy, health, and computer crime.  Managers, business professionals, and IS specialists can help solve the problems of improper use of IT by assuming their ethical responsibilities for the ergonomic design, beneficial use, and enlightened management of e-business technologies in our society.  See Figure 11.2

 

Ethical Responsibilities in Business – Business and IT activities involve many ethical considerations.  Basic principles of technology and business ethics can serve as guidelines for business professionals when dealing with ethical business issues that may arise in e-business, e-commerce, and other uses of information technology in society.

 

Security Management – One of the most important responsibilities of the management of a company is to assure the security and quality of its e-business activities.  Security management tools and policies can ensure the accuracy, integrity, and safety of the e-business systems and resources of a company, and thus minimize errors, fraud, and security losses in their e-commerce activities.

 

 

                        II. LEARNING OBJECTIVES

 

Learning Objective

·         Identify several ethical issues in how the use of information technologies in business affects employment, individuality, working conditions, privacy crime, health, and solutions to societal problems.

·         Identify several types of security management strategies and defenses, and explain how they can be used to ensure the security of e-business applications.

·         Propose several ways that business managers and professionals can help to lessen the harmful effects and increase the beneficial effects of the use of information technology.

 

 

                      III. TEACHING SUGGESTIONS

 

Figure 11.2 outlines major aspects of the ethical and societal dimensions of IT.  It should be stressed to students that IT can have both positive and negative effects on society.  Instructors should spend some time discussing the different types of computer crimes, and why they are considered crimes at all.  A slide has been created with the following elements:  hacking, cyber theft, unauthorized use at work, piracy, and computer viruses.  Instructors should spend time discussing with students some of the other challenges outlined in the test that arise from the use of information technologies in e-business systems.  A slide has been created showing the following:  lost job opportunities, lost individuality, working conditions, computer monitoring, and health issues.  As a business end user, you have a responsibility to promote ethical uses of information technology in the workplace.  Current lawsuits have heightened the importance of these issues.  A slide has been created which instructors can use to promote discussion with students as to the importance of these considerations. 

 

The necessity of controls for information systems should be emphasized.  The goal of security management is the accuracy, integrity, and safety of all e-business processes and resources.  Stress to students that conducting security management is a complex task in all organizations.  A slide depicting the following points has been created:  encryption, firewalls, virus defenses, denial of service defenses, and monitoring e-mail.  Another slide outlines security codes, backup files, security monitors, and biometric security controls.  News accounts of computer errors and computer related crimes could be used to convince students of the importance of this topic.  Examples of procedural and physical facility controls should also be discussed, especially the importance of disaster recovery planning (a slide has been created for this topic).  Figure 11.21 can serve to provide an example of e-business system controls and audits.  Note that they are designed to monitor and maintain the quality and security of the input, processing, output, and storage activities of an information system.  Finally, Figure 11.22 is a good slide to use to discuss information systems controls as methods and devices that attempt to ensure the accuracy, validity, and propriety of information system activities.

 

 

                      IV. LECTURE NOTES

 

Section I: Security, Ethical, and Societal Challenges

 

 

INTRODUCTION

 

There is no question that the use of information technology in e-business operations presents major security challenges, poses serious ethical questions, and affects society in significant ways.

 

Analyzing MTV Networks and First Citizens Bank

We can learn a lot from this case about the ethical security issues and the challenges that surround the business use of Internet technologies.  Take a few minutes to read it, and we will discuss it (see MTV Networks and First Citizens Bank in Section IX).

 

e-Business, Security, Ethics, and Society [Figure 11.2]

The use of IT in e-business has major impacts on society, and thus raises serious ethical issues in the areas such as:

·         Crime

·         Privacy

·         Individuality

·         Employment

·         Health

·         Working Conditions

 

Note:       Students should realize that information technology can have a beneficial effect as well as a negative effect in each of the areas listed above.

 

 

ETHICAL RESPONSIBILITY

 

As a business end user, you have a responsibility to do something about some of the abuses of information technology in the workplace.  These responsibilities include properly performing your role as a vital human resource in the e-business systems you help develop and use in your organizations.

 

The AITP code provides guidelines for ethical conduct in the development and use of information technology.  End-users and IS professionals would live up to their ethical responsibilities by voluntarily following such guidelines.  For example, you can be a responsible end user by:

·         Acting with integrity

·         Increasing your professional competence

·         Setting high standards of personal performance

·         Accepting responsibility for your work

·         Advancing the health, privacy, and general welfare of the public

 

 

Business Ethics:

Business ethics is concerned with the numerous ethical questions that managers must confront as part of their daily business decision-making. 

Managers use several important alternatives when confronted with making ethical decisions on business issues.  These include:

·         Stockholder Theory – Holds that managers are agents of the stockholders, and their only ethical responsibility is to increase the profits of the business, without violating the law or engaging in fraudulent practices.

·         Social Contract Theory - States that companies have ethical responsibility to all members of society, which allow corporations to exist based on a social contract. 

·         Stakeholder Theory - Maintains that managers have an ethical responsibility to manage a firm for the benefit of all of its stakeholders, which are all individuals and groups that have a stake in or claim on a company. 

 

 

Technology Ethics:

Four principles of technology ethics that can serve as the basic ethical requirements that companies should meet to help ensure the ethical implication of new information technologies and information systems in business include:

·         Proportionality – the good achieved by the technology must outweigh the harm or risk.  Moreover, there must be no alternative that achieves the same or comparable benefits with less harm or risk.

·         Informed consent – those affected by the technology should understand and accept the risks.

·         Justice – the benefits and burdens of the technology should be distributed fairly.  Those who benefit should bear their fair share of the risks, and those who do not benefit should not suffer a significant increase in risk.

·         Minimized risk – even if judged acceptable by the other three guidelines, the technology must be implemented so as to avoid all unnecessary risk.

 

Ethical Guidelines:

The Association of Information Technology Professionals (AITP) is an organization of professionals in the computing field.  Its code of conduct outlines the ethical considerations inherent in the major responsibilities of an IS professional. 

 

Business and end users and IS professionals would live up to their ethical responsibilities by voluntarily following such guidelines as those outlined in the AITP standard.  You can be a responsible end user by:

·         Acting with integrity

·         Increasing your professional competence

·         Setting high standards of personal performance

·         Accepting responsibility for your work

·         Advancing the health, privacy, and general welfare of the public

 

 

COMPUTER CRIME

 

Computer crime is a growing threat to society by the criminal or irresponsible actions of computer individuals who are taking advantage of the widespread use of vulnerability of computers and the Internet and other networks.  It thus presents a major challenge to the ethical use of information technologies.  e-computer crime poses serious threats to the integrity, safety, and survival of most e-business systems, and thus makes the development of effective security methods a top priority.

 

Computer crime is defined by The Association of Information Technology professionals (ATIP) as including:

·         The unauthorized use, access, modification, and destruction of hardware, software, data, or network resources.

·         The unauthorized release of information

·         The unauthorized copying of software

·         Denying an end user access to his or her own hardware, software, data, or network resources

·         Using or conspiring to use computer or network resources to illegally obtain information or tangible property.

Penalties for violation of the U.S. Computer Fraud and Abuse Act include:

·         1 to 5 years in prison for a first offence

·         10 years for a second offence

·         20 years for three or more offences

·         Fines ranging up to $250,000 or twice the value of stolen data

 

Hacking:

Hacking is the obsessive use of computers, or the unauthorized access and use of networked computer systems.  Illegal hackers (also called crackers) frequently assault the Internet and other networks to steal or damage data and programs.   Hackers can:

·         Monitor e-mail, web server access, or file transfers to extract passwords or steal network files, or to plant data that will cause a system to welcome intruders.

·         Use remote services that allow one computer on a network to execute programs on another computer to gain privileged access within a network.

 

Hackers can:

·         Monitor e-mail, web server access, or file transfers to extract passwords or steal network files, or to plant data that will cause a system to welcome intruders.

·         May use remote services that allow one computer on a network to execute programs on another computer to gain privileged access within a network

·         Use Telnet, an Internet tool for interactive use of remote computers, to discover information to plan other attacks.

 

Cyber-Theft

Many computer crimes involve the theft of money.  In the majority of cases, they are “inside jobs” that involve unauthorized network entry and fraudulent alternation of computer databases to cover the tracks of the employees involved.

 

Unauthorized Use at Work:

The unauthorized use of a computer system is called time and resource theft.  A common example is unauthorized use of company-owned computer networks by employees.  This may range from doing private consulting or personal finances, or playing video games to unauthorized use of the Internet on company networks.  Network monitoring software called sniffers is frequently used to monitor network traffic to evaluate network capacity, as well as reveal evidence of improper use.

 

Software Piracy:

Computer programs are valuable property and thus are the subject of theft from computer systems.  Unauthorized copying of software or software piracy is a major form of software theft because software is intellectual property, which is protected by copyright law and user licensing agreements.

 

Piracy of Intellectual Property:

Software is not the only intellectual property subject to computer-based piracy.  Other forms of copyrighted material, such as music, videos, images, articles, books, and other written works are especially vulnerable to copyright infringement, which most courts have deemed illegal.  Digitised versions can easily be captured by computer systems and made available for people to access or download at Internet websites, or can be readily disseminated by e-mail as file attachments.  The development of peer-to-peer (P2P) networking has made digital versions of copyrighted material even more vulnerable to unauthorized use. 

 

Computer Viruses and Worms:

One of the most destructive examples of computer crime involves the creation of computer viruses or worms.  They typically enter a computer system through illegal or borrowed copies of software or through network links to other computer systems.  A virus usually copies itself into the operating systems programs, and from there to the hard disk and any inserted floppy disks.  Vaccine programs and virus prevention and detection programs are available, but may not work for new types of viruses.

Virus - is a program code that cannot work without being inserted into another program.

Worm - is a distinct program that can run unaided.  

 

 

PRIVACY ISSUES

 

The power of information technology to store and retrieve information can have a negative effect on the right to privacy of every individual.  For example:

·         Confidential e-mail messages by employees are monitored by many companies

·         Personal information is being collected about individuals every time they visit a site on the World Wide Web

·         Confidential information on individuals contained in centralized computer databases by credit bureaus, government agencies, and private business firms has been stolen or misused, resulting in the invasion of privacy, fraud, and other injustices.

·         Unauthorized use of information can seriously damage the privacy of individuals.

·         Errors in databases can seriously hurt the credit standing or reputation of individuals.

 

Some important privacy issues being debated in business and government include the following:

·         Accessing individuals’ private e-mail conversations and computer records, and collecting and sharing information about individuals gained from their visits to Internet Web sites and newsgroups (violation of privacy).

·         Always “knowing” where a person is, especially as mobile and paging services become more closely associated with people rather than places (computer monitoring)

·         Using customer information to market additional business services (computer matching).

·         Collecting telephone numbers and other personal information to build individual customer profiles (unauthorized personal files).

·         Using automated equipment either to originate calls or to collect caller information (caller identification).

 

Privacy on the Internet:

The Internet is notorious for giving its users a feeling of anonymity, when in actuality; they are highly visible and open to violations of their privacy.  Most of the Internet and its World Wide Web and newsgroups are still a wide open, unsecured, electronic frontier, with no tough rules on what information is personal and private.  You can protect your privacy in several ways:

·         Use encryption to send e-mail (both sender and receiver must have encryption software).

·         Anonymous remailers to protect your identify when you add comments in newsgroup postings.

·         Ask Internet service provider not to sell your name and personal information to mailing list providers, and other marketers.

·         Decline to reveal personal data and interest on online service and web sites user profiles.

 

Computer Matching:

Computer matching is the use of computers to screen and match data about individual characteristics provided by a variety of computer-based information systems and databases in order to identify individuals for business, government, or other purposes.  Unauthorized use or mistakes in the computer matching of personal data can be a threat to privacy.  For example, an individual’s personal profile may be incorrectly matched with someone else. 

 

Privacy Laws:

In the US, the Federal Privacy Act strictly regulates the collection and use of personal data by governmental agencies.  The law specifies that individuals have the right to inspect their personal records, make copies, and correct or remove erroneous or misleading information.

 

Federal Privacy Act specifies that federal agencies:

·         Must annually disclose the types of personal data files they maintain.

·         Cannot disclose personal information on an individual to any other individual or agency except under certain strict conditions.

·         Must inform individuals of the reasons for requesting personal information from them.

·         Must retain personal data records only if it is “relevant and necessary to accomplish” an agency’s legal purpose.

·         Must establish appropriate administrative, technical, and physical safeguards to ensure the security and confidentiality of records.

 

The U.S. Congress enacted the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act in 1986.  These federal privacy laws are a major attempt to enforce the privacy of computer-based files and communications.  These laws prohibit intercepting data communications messages, stealing or destroying data, or trespassing in federal-related computer systems. 

 

Computer Libel and Censorship

The opposite side of the privacy debate is the right of people to know about matters others may want to keep private (freedom of information), the right of people to express their opinions about such matters (freedom of speech), and the right of people to publish those opinions (freedom of the press).  Some of the biggest battlegrounds in the debate are the bulletin boards, e-mail boxes, and online files of the Internet and public information networks, such as America Online and the Microsoft Network.  The weapons being used in this battle include spamming, flame mail, libel laws, and censorship.

 

·         Spamming - is the indiscriminate sending of unsolicited e-mail messages (spam) to many Internet users.  Spamming is the favorite tactic of mass-mailers of unsolicited advertisements, or junk e-mail.  Spamming has also been used by cyber criminals to spread computer viruses or infiltrate many computer systems.

 

·         Flaming - is the practice of sending extremely critical, derogatory, and often vulgar e-mail messages (flame mail), or newsgroup postings to other users on the Internet or online services.  Flaming is especially prevalent on some of the Internet’s special interest newsgroups.  The Internet is very vulnerable to abuse, as it currently lacks formal policing, and lack of security.

 

 

OTHER CHALLENGES

 

The uses of information technologies in e-business systems include ethical and societal impacts of e-business in the areas of employment, individuality, working conditions, and health.

 

Employment Challenges:

The impact of IT on employment is a major ethical concern and is directly related to the use of computers to achieve automation of work activities.  The use of e-business technologies has created new jobs and increased productivity.  However, it has also caused a significant reduction in some types of job opportunities. 

 

Computer Monitoring:

One of the most explosive ethical issues concerning the quality of working conditions in e-business is computer monitoring.  Computers are being used to monitor the productivity and behavior of employees while they work.  Supposedly, computer monitoring is done so employers can collect productivity data about their employees to increase the efficiency and quality of service.  Computer monitoring has been criticized as unethical because:

·         It is used to monitor individuals, not just work, and is done continually, thus violating workers’ privacy and personal freedom.

·         Is considered an invasion of the privacy of employees, because in many cases, they do not know that they are being monitored, or don’t know how the information is being used.

·         Employee’s right of due process may be harmed by the improper use of collected data to make personnel decisions.

·         It increases the stress on employees who must work under constant electronic surveillance.

·         It has been blamed for causing health problems among monitored workers.

·         Blamed for robbing workers of the dignity of their work. 

 

Challenges in Working Conditions:

Information technology has eliminated some monotonous or obnoxious tasks in the office and the factory that formerly had to be performed by people.  Thus, IT can be said to upgrade the quality of work.  Though, many automated operations are also criticized for relegating people to a “do-nothing” standby role.

 

Challenges to Individuality:

A frequent criticism of e-business systems concerns their negative effect on the individuality of people.  Computer-based systems are criticized as:

·         Being impersonal systems that dehumanize and depersonalize activities, since they eliminate the human relationships present in noncomputer systems.  Humans feel a loss of identity.

·         Humans feel a loss of individuality as some systems require a regimentation of the individual, and demanding strict adherence to detailed procedures.

 

Computer-based systems can be ergonomically engineered to accommodate human factors that:

·         Minimize depersonalization and regimentation. 

·         Design software that is “people-oriented” and “user-friendly.”

 

 

HEALTH ISSUES

 

The use of IT in the workplace raises a variety of health issues.  Heavy use of computers is reportedly causing health problems such as:

·         Job stress

·         Damaged arm and neck muscles

·         Eye strain

·         Radiation exposure

·         Death by computer-caused accidents

 

Ergonomics:

Solutions to some health problems are based on the science of ergonomics, sometimes called human factors engineering.  The goal of ergonomics is to design healthy work environments that are safe, comfortable, and pleasant for people to work in, thus increasing employee morale and productivity. 

 

Ergonomics stresses the healthy design of the workplace, workstations, computers and other machines, and even software packages.  Other health issues may require ergonomic solutions emphasizing job design, rather than workplace design. 

 

 

SOCIETAL SOLUTIONS

 

Computers and networks like the Internet, and other information technology can have many beneficial effects on society.  IT can be used to solve human and societal problems through societal solutions such as:

·         Medical diagnosis

·         Computer-assisted instruction

·         Governmental program planning

·         Environmental quality control

·         Law enforcement

 

 

Section II:   Security Management

 

INTRODUCTION

 

There are many significant threats to the security of e-business and e-commerce.  Business managers and professionals alike are responsible for the security, quality, and performance of the e-business systems in their business units. 

 

Analyzing Oppenheimer Funds, Cardinal Health, and Exodus

We can learn a lot from this case about security challenges and security measures needed to protect corporate and financial websites.  Take a few minutes to read it, and we will discuss it (See Oppenheimer Funds, Cardinal Health, and Exodus in Section IX). 

 

 

TOOLS OF SECURITY MANAGEMENT

 

The goal of security management is the accuracy, integrity, and safety of all e-business processes and resources.  Effective security management can minimize errors, fraud, and losses in the internetworked computer-based systems that interconnect today’s e-business enterprises. 

 

 

INTERNETWORKED SECURITY DEFENSE

 

Security of today’s internetworked e-business enterprises is a major management challenge.  Vital network links and business flows need to be protected from external attack by cyber criminals or subversion by the criminal or irresponsible acts of insiders.  This requires a variety of security tools and defensive measures and a coordinated security management program.

 

Encryption

Encryption of data has become an important way to protect data and other computer network resources especially on the Internet, intranets, and extranets.   Encryption characteristics include:

·         Passwords, messages, files, and other data can be transmitted in scrambled form and unscrambled by computer systems for authorized users only.

·         Encryption involves using special mathematical algorithms, or keys, to transform digital data into a scrambled code before they are transmitted, and to decode the data when they are received.

·         The most widely used encryption method uses a pair of public and private keys unique to each individual.  For example: e-mail could be scrambled and encoded using a unique public key for the recipient that is known to the sender.  After the e-mail is transmitted, only the recipient’s secret private key could unscramble the message.

·         Encryption programs are sold as separate products or built into other software used for the encryption process.

·         There are several competing software encryption standards, but the top two are RSA and PGP. 

 

Firewalls

Firewall computers and software is another important method for control and security on the Internet and other networks.  A network firewall can be a communications processor, typically a router, or a dedicated server, along with firewall software.  Firewall computers and software characteristics include:

·         A firewall serves as a “gatekeeper” computer system that protects a company’s intranets and other computer networks from intrusion by serving as a filter and safe transfer point for access to and from the Internet and other networks.

·         A firewall computer screens all network traffic for proper passwords and other security codes, and only allows authorized transmissions in and out of the network.

·         Firewalls have become an essential component of organizations connecting to the Internet, because of its vulnerability and lack of security.

·         Firewalls can deter, but not completely prevent, unauthorized access (hacking) into computer networks.  In some cases, a firewall may allow access only from trusted locations on the Internet to particular computers inside the firewall.  Or it may allow only “safe” information to pass. 

·         In some cases, it is impossible to distinguish safe use of a particular network service from unsafe use and so all requests must be blocked.  The firewall may then provide substitutes for some network services that perform most of the same functions but are not as vulnerable to penetration.

 

Denial of Service Defenses

The Internet is extremely vulnerable to a variety of assaults by criminal hackers, especially denial of service (DOS) attacks.  Denial of service assaults via the Internet depend on three layers of networked computer systems, and these are the basic steps e-business companies and other organizations can take to protect their websites form denial of service and other hacking attacks. 

·         The victim’s website

·         The victim’s Internet service provider (ISP)

·         The sites of “zombie” or slave computers that were commandeered by the cyber criminals.

 

e-Mail Monitoring

Internet and other online e-mail systems are one of the favorite avenues of attack by hackers for spreading computer viruses or breaking into networked computers.  e-mail is also the battleground for attempts by companies to enforce policies against illegal, personal, or damaging messages by employees, and the demands of some employees and others, who see such policies as violations of privacy rights. 

 

Virus Defenses

Many companies are building defenses against the spread of viruses by centralizing the distribution and updating of antivirus software, as a responsibility of there IS departments.  Other companies are outsourcing the virus protection responsibility to their Internet service providers or to telecommunications or security management companies.

 

 

OTHER SECURITY MEASURES

 

A variety of security measures are commonly used to protect e-business systems and networks.  These include both hardware and software tools like fault-tolerant computers and security monitors, and security policies and procedures like passwords and backup files. 

 

Security Codes:

Typically, a multilevel password system is used for security management. 

·         First, an end user logs on to the computer system by entering his or her unique identification code, or user ID.    The end user is then asked to enter a password in order to gain access into the system.

·         Next, to access an individual file, a unique file name must be entered.

 

Backup Files

Backup files, which are duplicate files of data or programs, are another important security measure.

·         Files can be protected by file retention measures that involve storing copies of files from previous periods. 

·         Several generations of files can be kept for control purposes. 

 

Security Monitors

System security monitors are programs that monitor the use of computer systems and networks and protect them from unauthorized use, fraud, and destruction. 

·         Security monitor programs provide the security measures needed to allow only authorized users to access the networks.

·         Security monitors also control the use of the hardware, software, and data resources of a computer system.

·         Security monitors can be used to monitor the use of computer networks and collect statistics on any attempts at improper use.

 

Biometric Controls:

Biometric controls are security measures provided by computer devices, which measure physical traits that make each individual unique.  This includes:

·         Voice verification   

·         Fingerprints

·         Hand geometry

·         Signature dynamics

·         Keystroke analysis

·         Retina scanning

·         Face recognition

·         Genetic pattern analysis

 

 

Computer Failure Controls:

A variety of controls are needed to prevent computer failure or to minimize its effects.  Computer systems may fail due to:

·         Power failure

·         Electronic circuitry malfunctions

·         Telecommunications network problems

·         Hidden programming errors

·         Computer operator errors

·         Electronic vandalism

 

The information services department typically takes steps to prevent equipment failure and to minimize its detrimental effects.  For example:

·         Programs of preventative maintenance of hardware and management of software updates are commonplace

·         Using computers equipped with automatic and remote maintenance capabilities

·         Establishing standards for electrical supply, air conditioning, humidity control, and fire prevention standards

·         Arrange for a backup computer system capability with disaster recovery organizations.

·         Scheduling and implementing major hardware or software changes to avoid problems.

·         Training and supervision of computer operators.

·         Using fault tolerant computer systems (fail-safe and fail-soft capabilities)

 

 

Fault Tolerant Systems [Figure 11.21]

Many firms use fault tolerant computer systems that have redundant processors, peripherals, and software that provide a fail-over capability to back up components in the event of system failure.

·         Fail-Safe - Fail-Safe refers to computer systems that continue to operate at the same level of performance after a major failure.

·         Fail-Soft - Fail-soft refers to computer systems that continue to operate at a reduced but acceptable level after a system failure.

 

Disaster Recovery

Hurricanes, earthquakes, fires, floods, criminal and terrorist acts, and human error can all severely damage an organization's computing resources.  Many organizations, like airlines and banks can be crippled by losing even a few hours of computing power.  That is why it is important for organizations to develop disaster recovery procedures and formalize them in a disaster recovery plan.  It specifies which employees will participate in disaster recovery, and what their duties will be; what hardware, software, and facilities will be used; and the priority of applications that will be processed.  Arrangements with other companies for use of alternative facilities as a disaster recovery site and off site storage of an organization's databases are also part of an effective recovery effort.

 

 

SYSTEM CONTROLS AND AUDITS - [Figure 11.22]

 

The development of information system controls and the accomplishment of e-business systems audits are two other types of security management.

 

Information Systems Controls

Information systems controls are methods and devices that attempt to ensure the accuracy, validity, and propriety of information system activities.  Information System (IS) controls must be developed to ensure proper data entry, processing techniques, storage methods, and information output.    IS controls are designed to monitor and maintain the quality and security of the input, processing, output, and storage activities of any information system.

 

Auditing Business Systems

Information systems Business systems should be periodically examined, or audited, by a company’s internal auditing staff or external auditors from professional accounting firms. Such audits should review and evaluate whether proper and adequate security measures and management policies have been developed and implemented.

 

An important objective of e-business system audits is testing the integrity of an application audit trail.  An audit trail can be defined as the presence of documentation that allows a transaction to be traced through all stages of its information processing.  The audit trail of manual information systems was quite visible and easy to trace, however, computer-based information systems have changed the form of the audit trail.

 

 

        V.  KEY TERMS AND CONCEPTS - DEFINED

 

Antivirus Software:

Is a software program that is designed to find and eliminate computer viruses.

 

Audit Trail:

Periodically examining the accuracy and integrity of information systems.

 

Auditing e-business Systems:

An information services department should be periodically examined (audited) by internal auditing personnel.  In addition, periodic audits by external auditors from professional accounting firms are a good business practice.

 

Backup Files:

Backup files are duplicate files of data or programs.  These files may be stored off-premises, that is, in a location away from the computer center, sometimes in special storage vaults in remote locations.

 

Biometric Security:

Computer-based security methods that measure physical traits and characteristics such as fingerprints, voice prints, retina scans, and so on.

 

Business Ethics:

An area of ethical philosophy concerned with developing ethical principles and promoting ethical behavior and practices in the accomplishment of business tasks and decision-making.

 

Computer Crime:

Criminal actions accomplished through the use of computer systems, especially with intent to defraud, destroy, or make unauthorized use of computer system resources.

 

Computer Matching:

Using computers to screen and match data about individual characteristics provided by a variety of computer-based information systems and databases in order to identify individuals for business, government, or other purposes.

 

Computer Monitoring:

Using computers to monitor the behavior and productivity of workers on the job and in the workplace.

 

Computer Virus:

Program code that copies its destructive program routines into the computer systems of anyone who accesses computer systems which have used the program, or anyone who uses copies of data or programs taken from such computers.  This spreads the destruction of data and programs among many computer users.  Technically, a virus will not run unaided, but must be inserted into another program, while a worm is a distinct program that can run unaided.

 

Denial of Service:

Is a process whereby hackers overwhelm a website with requests for service from captive computers. 

 

Disaster Recovery:

Methods for ensuring that an organization recovers from natural and human-caused disasters that affect its computer-based operations.

 

Encryption:

To scramble data or convert it, prior to transmission, to a secret code that masks the meaning of the data to unauthorized recipients.  Similar to enciphering.

 

Ergonomics:

The science and technology emphasizing the safety, comfort, and ease of use of human-operated machines such as computers.  The goal of ergonomics is to produce systems that are user friendly, that is, safe, comfortable, and easy to use.  Ergonomics is also called human factors engineering.

 

Ethical and Societal Impacts of e-Business:

These include (1) employment, (2) individuality, (3) health, (4) privacy, (5) societal solutions, and (6) working conditions.

 

Ethical and Societal Impacts of e-Business - Employment:

The impact of IT on employment is a major ethical concern and is directly related to the use of computers to achieve automation.  IT has created new jobs and increased productivity; however, it has also caused a significant reduction in some types of job opportunities.

 

Ethical and Societal Impacts of e-Business - Health:

IT in the workplace raises a variety of health issues including health problems such as job stress, damaged arm and neck muscles, eyestrain, radiation exposure, and even death by computer-caused accidents.

 

Ethical and Societal Impacts of e-Business - Individuality:

Computer-based systems are criticized as being impersonal systems that dehumanize and depersonalize activities, and eliminate the human relationships present in manual systems.  Humans feel a loss of individuality as some systems require a regimentation of the individual, and demand strict adherence to detailed procedures.

 

Ethical and Societal Impacts of e-Business - Societal Solutions:

IT can have many beneficial effects on society.  It is being used to solve human and societal problems through societal applications such as medical diagnosis, computer-assisted instruction, governmental program planning, environmental quality control, and law enforcement.

 

Ethical and Societal Impacts of e-Business - Working Conditions:

IT has eliminated some monotonous and obnoxious tasks formerly performed by people.  IT has upgraded the quality of work, but is also being criticized for relegating people to a “do-nothing” standby role.

 

Ethical Foundations:

Ethical choices may result from decision-making processes or behavioral stages. These include egoism, natural law, utilitarianism, and respect for persons.

 

Fault Tolerant:

Computers with multiple central processors, peripherals, and system software that is able to continue operations even if there is a major hardware or software failure.

 

Firewall:

A computer that protects computer networks from intrusion by screening all network traffic and serving as a safe transfer point for access to and from other networks.

 

Flaming:

Flaming is the practice of sending extremely critical, derogatory, and often-vulgar e-mail

messages (flame mail), or electronic bulletin board postings to other users on the Internet or

online services.   

 

Hacking:

(1) obsessive use of a computer, (2) the unauthorized access and use of computer systems.

 

Information System Controls:

Methods and devices that attempt to ensure the accuracy, validity, and propriety of information system activities.  Information system controls monitor and maintain the quality and security of the input, processing, output, and storage activities of any information system.

 

Intellectual Property Piracy:

Copyrighted material, such as software, music, videos, images, articles, books, and other written works are especially vulnerable to copyright infringement, which most courts have deemed illegal. 

 

Passwords:

A password is used as a security method, which enables computer systems to identify eligible users and determine which types of information they are authorized to receive.

 

Privacy Issues:

Laws that regulate the collection, access, and use of personal data.

 

Responsible End User:

End user that acts with integrity and competence in the use of IT.

 

Security Management:

Passwords, identification codes, account codes, and other codes that limit the access and use of computer-based system resources to authorized users.

 

Software Piracy:

Unauthorized copying of software.

 

Spamming:

Spamming is the indiscriminate sending of unsolicited e-mail to many Internet users.  Spamming is the favorite tactic of mass-mailers of unsolicited advertisements, or junk e-mail.

 

System Security Monitor:

Software that controls access and use of a computer system.

 

Unauthorized Use:

The unauthorized use of a computer system is called time and resource theft.  A common example is unauthorized use of company-owned computer networks by employees.

       

 

VI.            REVIEW QUIZ - Match one of the key terms and concepts

 

[See Review Quiz Answers found at the end of the text]

 

                    VII. ANSWERS TO DISCUSSION QUESTIONS

 

1.         What can be done to improve e-commerce security on the Internet?  Give several examples of security measures, and technologies you would use. 

 

Students’ answers will vary.  However, some issues can be more policing, standard protocols, encryption, secure network access, security monitors, fire walls, e-mail monitoring, virus defenses, security codes, backup files, etc.

 

2.         What potential security problems do you see in the increasing use of intranets and extranets in business?  What might be done to solve such problems?  Give several examples.

 

Students’ answers will vary.  However, with the increased business use of intranets and extranets there is no doubt that the number of potential security problems will also increase.  Issues such as hacking, data alteration, unauthorized data access, etc. will become prime security problems.  As companies forge ahead in e-commerce and e-business activities, the stakes get progressively higher, and the potential threat will also increase.

 

In order to solve such problems, businesses must continue to exercise caution in areas such as encryption, fire walls, secure Internet sites, security monitoring, disaster recovery plans, security awareness programs and policies must be implemented and monitored.

 

3.         What artificial intelligence techniques can businesses use to improve computer security and fight computer crime?

 

Students’ answers will vary, however they could mention the growth in biometric controls as a possible answer to this question.  These controls are used to measure the physical traits such as voice, eye retina, face, fingerprints, hand geometry, etc. 

 

4.              What are your major concerns about computer crime and privacy on the Internet?  What can you do about it?  Explain.

 

Students’ answers will vary, however many people are concerned about computer crime and privacy on the Internet.  Individuals must express their concern to governments so that proper action can be taken in this regard.  The Internet offers very little privacy to an individual.  Without your knowing it, cookies are being placed on your machine when you visit websites.  Information is continually being gathered about your activities and site visits, and this information is sold to other parties.  Individuals can take care when giving out information, they can ask their ISP providers to not give out information about them, they should exercise caution in giving out sensitive information such as charge card numbers, e-mail addresses, addresses, etc.  Personal data should be carefully guarded, and given out as little as possible if you have a concern about privacy and crime.

 

5.         What is disaster recovery?  How could it be implemented at your school or work?

 

Disaster recoveries are methods for ensuring that an organization recovers from natural and human caused disasters that affect its computer-based operations.

 

Students’ answers will vary.  However, a disaster recovery plan should be developed that specifies which employees will participate in disaster recovery, what their duties will be, what hardware, software, and facilities will be used, and the priority of applications that will be processed.  Arrangements with other companies for use of alternative facilities as a disaster recovery site and off site storage of an organization's databases are also part of an effective recovery effort.

 

5.              Refer to the Real World Case on MTV Networks and First Citizens Bank in the chapter.  What other network security threats besides denial of service, viruses, and hacker attacks should businesses protect themselves against?  Explain.

 

MTV Networks are using a new network security software tool to screen incoming traffic and filter out the hacker distributed denial of service (DDOS) traffic, while letting legitimate traffic into their websites.  First Citizens Bank uses a new intrusion detection and prevention software tool to protect its website from destructive computer viruses and hacker probes and attacks.

 

Certainly, methods must be developed in order to fight the destruction that hackers and virus attacks are creating for businesses and consumers.  Companies must use all avenues they can think of to protect themselves and their computer systems from destructive attacks.  Proper security measures must be implemented, publicized, and maintained in order to reduce these threats.  Education and diligence are both important keys to reducing much of this problem.   Students may also include examples from Figure 11.7 to illustrate how a company should protect itself from these common hacking tactics.

 

7.         Is there an ethical crisis in e-business today?  What role does information technology play in unethical business practices?

 

Information technology has made it easier to communicate, work cooperatively, share resources, and make decisions, all electronically.  However, IT has also made it possible to engage in ethical as well as unethical practices electronically anywhere in the world.  This possibility has resulted in a massive increase in unethical business practices.  Ethical crisis in e-business is certainly real in today’s e-business, and companies are scrambling to ensure that they are doing all they can to curb on this problem.

 

8.         What are several business decisions that you will have to make as a manager that have both an ethical and IT dimension?   Give several examples to illustrate your answer.

 

Managers will be required to face making decisions that will have both ethical and an IT dimension.  For example, they will make decisions to implement technology to modernize a manufacturing process will knowing at the same time that they will put hundreds of workers out of work.  They may also implement systems to monitor their employees while at the same time causing high levels of employee stress, or invade their privacy.

 

9.         Refer to the Real World Case on Oppenheimer Funds, Cardinal Health, and Exodus in the chapter.  How should businesses protect themselves from the spread of cyberterrorism in today’s internetworked world?

 

Realizing that no system is 100 percent protected from attack is the first step.  It important that businesses undertake all the necessary steps they can afford to protect their corporate data from this type of crime.  Businesses can protect themselves by using a combination of methods as listed in the chapter.  For example, they not only must protect the corporate data they must also protect the infrastructure itself. Students may suggest virus defenses, security codes, backup files, security monitors, biometric controls, computer failure controls, fault tolerant systems, disaster recovery plans, controls and audits, firewalls, good common sense. 

 

10.       What would be examples of one positive and one negative effect of the use of e-business technologies in each of the ethical and societal dimensions in Figure 11.2?  Explain several of your choices.

 

Employment: IT has created many new jobs and increased productivity.  IT has caused a significant reduction in some types of job opportunities.

 

Individuality: Computer-based systems can be ergonomically engineered to accommodate human factors.  Computer-based systems eliminate the human relationships present in manual systems.

 

Working Conditions: IT has eliminated some monotonous and obnoxious tasks in the office and the factory that formerly had to be performed by people.  Many automated operations relegate people to a “do-nothing” standby role.

 

Privacy: Caller identification may allow users to identify sales people or prank callers.  IT allows supervisors to monitor employees’ private conversations and records.

 

Computer Crime: IT may be used in law enforcement.  IT can be used as a tool in committing crimes.

 

Health Issues: IT can be used in medical diagnosis.  Heavy use of computers may cause health problems like job stress, damaged arm and neck muscles, and eye strain and radiation exposure.

 

Societal Solutions: IT can be used to solve human and social problems through societal applications such as medical diagnosis, computer-assisted instruction, governmental program planning, environmental quality control, and law enforcement.  Computer-based information systems can violate antitrust or international laws and regulations.

 

                 VIII. ANSWERS TO APPLICATION EXERCISES

 

1.         Internet Privacy and Anonymity:  An Ethical Dilemma

 

a)              Do you share the ethical misgivings of the author on this issue?  Why or why not?

 

            Student’s answers will vary.  However, there is no doubt that there are both pros and cons to the use of software for Internet anonymity.  As pointed out in the case, use of such software can address societal needs that benefit all of us.  Other uses of such software can be classified as those that result in adversely affect society and its innocent bystanders.

 

b)              Should there be unrestricted use of software that provides anonymity on the Internet?  Why or why not?

 

            Again, this is a subjective question.  Unrestricted use of software that provides anonymity on the Internet can be used for both illegal and unethical reasons as well as uses for legal and ethical reasons.

 

c)              If you were able to decide this issue now, how would you decide for yourself?  Your company?  For Society?  Explain the reasons for your decisions.

 

             Various answers are possible.  Deciding what is right for the good of all of society should be what is important.  Many people will make decisions that fit in with their ethical beliefs and values systems.  If these beliefs are strong enough, they are carried over into how they will conduct themselves within their personal life, company employment, and in their society as a whole.    

 

2.         Your Internet Job Rights: Three Ethical Scenarios

 

a)              Do you agree with the advice of attorney Mark Grossman in each of the scenarios?  Why or why not? 

b)              What would your advice be?  Explain your positions.

c)              Identify any ethical philosophies, values or models you may be using in explaining your position in each of the scenarios.

 

             Students’ answers will vary.  However, students would be well advised to ensure that they fully versed on any Internet policies that exist in the workplace.  Certainly, when push comes to show the courts would favor the company over the individual.  Everyone who works knows that the computers and the networks belong to the company they are working for.  They also should know that surfing the Internet is classified as service/usage theft, and as such companies have their rights.

 

3.         American Family Insurance:  Evaluating Security Requirements

 

a)             Visit a popular business website such as Amazon.com or Yahoo.com, and complete their registration process if you are not already a customer.  Surf the many parts of the website and evaluate several of its major features, including search, customer service, purchasing, payment, personalization, community, and privacy capabilities.

b)             Evaluate the effectiveness of the security at this website based on your experience, using as many as you can of the ten security criteria developed by American Family.

c)             Provide several recommendations for improving the security at websites.  Explain the reasons for your recommendation.

 

American Family Insurance uses a template that outlines ten security criteria.  These include:  Authentication, authorization, confidentiality and reliability, monitoring and tracking, backup and recover, physical security, change management, legal requirements, training and awareness, and contingency planning.

 

Students’ answers will vary.  However, students should have no problem relating their experience to at least some of these ten security criteria.  For example, at Amazon, authentication is easy to comment on as you must identify yourself to their system.  If you shopped before, you have already given them a fair amount of information which will identify who you are.  The site provides you with a statement of confidentiality and reliability.  While it is impossible to guarantee 100 percent security, companies should make things as difficult as possible for outsiders or insiders to steal or damage IT assets.

 

4.         Tracking Project Work at AAA Systems 2

 

a)             Build a database table to store the data shown below and enter the records shown as a set of sample data.  (Note that this table has no natural unique identifier).  A combination of the project name, task name, employee Id and production week is required to uniquely identify a row in this table.

b)             Create a query that will list the hours worked for all workers who worked more than 40 hours during production week 20.

c)             Create a report grouped by project that will show the number of hours devoted to each task on the project and the total number of hours devoted to each project as well as a grand total of hours worked.

d)             Create a report grouped by employee that will show their hours worked on each task and total hours worked. The user should be able to select a production week and have data for just that week presented in the report.  (Be sure to keep a copy of your work for this project because it is used again in a later exercise).

 

[See Data Solutions Disk]

 

 

                      IX. ANSWERS TO REAL WORLD CASES

 

Real World Case 1: MTV Networks and First Citizens Bank

            Defending against Hacker and Virus Attacks

 

1.         What are the business value and security benefits and limitations of defense against DDOS attacks like those used by MTV Networks?

 

Denial of service (DDOS) is becoming a common networking prank.  By hammering a website’s equipment with too many requests for information, an attacker can effectively clog the system, slowing performance or even crashing the site.  This method of overloading computers is sometimes used to cover up an attack.   At MTV are protecting their network servers with a network security software tool known as Enforcer.  This software uses proprietary hardware to filter out DDOS attacks by building a statistical model of website traffic when no attack is occurring.  During a DDOS attack, Enforcer identifies data packets associated with the attack based on their statistical differences from the norm and recommends a filter that typically blocks 80 percent of the attack packets and about 5 percent of nonattack packets.

 

The limitation of course, is that no system can offer 100 percent protection.  For example, in midattack, some attackers switch the packet types, which results in reducing Enforcer’s effectiveness until it can reanalyze the situation and recommend a different filter.  The more varied the attack, the less effective the software is. 

 

The business value to the MTV Network was that it kept their website from being disrupted during the heavy advertising period surrounding the Video Music Awards.  They estimated that they actually recouped their $32,000 investment within about two months.

 

2.         What are the business benefits and limitations of an intrusion-detection system like that installed at First Citizens?

 

First Citizens Bank implemented a network security system to protect its website.  They also installed an intrusion-detection system from Entercept Security Technologies on their customer-related Internet-facing servers.  The business benefits at First Citizens paid off within days as their systems kept running smoothly when both a worm and a virus hit.  First Citizen had an immediate ROI on their investment in the new security system.  Entercept also enabled First Citizens network administrator’s time to thoroughly test patches and then apply them themselves.  The Entercept software provides intrusion-detection and prevention for host and application servers and will soon expand the capability to database servers.  The software decides whether to permit a system request into a server from an external network source based on the signature of the request or behavior rules. 

 

The limitation is that no system can offer a company 100 percent protection from attacks on their systems.

 

3.   What security defenses should small businesses have to protect their websites and internal systems?  Explain your choices.

 

Companies can attempt to do a number of things to protect themselves from hacker attacks.  Students may suggest some of the following:

·         Virus defenses

·         Security codes

·         Backup files

·         Security monitors

·         Biometric controls

·         Computer failure controls

·         Fault tolerant systems

·         Disaster recovery plans

·         Controls and audits

·         Firewalls

·         Just plain good old common sense.

 

 

Real World Case 2: Oppenheimer Funds, Cardinal Health, and Exodus

          IT Security Management Qualifications

 

1.              Why mix of skills is most sought after for IT security specialists?  Why is this mix important in business?  

 

Most companies today are looking for individuals who can be a jack-of-all-trades – someone who can administer any brand and version of firewall and intrusion detection, is network-savvy, can code, and is versed in new technologies.  They are also looking for individuals who are knowledgeable in terms of return on investment to sell projects to executives and who knows everything about the client’s business, including its regulatory issues.  In today’s business environment, companies want employees who are more generalists that specialists in one area.  They require a wide range of technical, business, and people skills to meet the major IT security management challenges of the networked business world.

 

 

2.         Why must IT security executives in business have the mix of skills and experience outlined in the case?

 

The mix of technical, business, and people skills are crucial in today’s networked environment.  IT security executives no longer work in a limited domain of expertise.  Today, these individuals must possess experience and expertise in dealing with issues in areas like government liaison, international regulations, and cyberterrorism in order to lead the IT security management function in large companies.  As stated in the case, “security executives must be expert in government regulations, cyberterrorism protection, private-/public-sector partnerships to support the critical IT infrastructure, and homeland security, even physical security.

 

3.   What other skills do you think are important to have for effective IT security management?  Explain your choices. 

 

Students’ answers will vary in response to this question.  The case itself emphasizes technical, business and people skills.  Other things that students may suggest may include the ability and desire to learn new skills, being a team player, buying into the company mission, facilitators skills, change management leaders, mentors for others, liaison abilities, and leadership skills.  A lot of the soft skills can go a long way towards winning turning a reluctant customer over to your way of thinking.

 

 

Real World Case 3: Brandon Internet Services and PayPal

      The Business Value of Cyberforensics

 

1.              What are the business benefits and limitations of the cybercrime investigative work done by firms like Brandon Internet Services?

 

Businesses are protecting themselves by hiring firms like Brandon Internet Services to detect cases of employee wrongdoing and electronic crimes.  Brandon Internet Services can set up alarms and traps to watch and catch intruders and criminals within their networks.  Criminal activity can be discovered quickly, in fact it takes them only hours to do what had traditionally taken weeks or months to accomplish through court and law enforcement channels.  Investigative firms like Brandon however do not impose sanctions on the criminals.  Their job is to discover, validate, and document the evidence then turn it over to the client or sometimes to the authorities to deal with.

 

2.         When should a company use cyberforensic investigative services like those offered by Predictive Systems?  Check out their website to help your answer.

 

Companies are use cyberforensic and investigative services like those offered by Predictive Systems Inc to protect their businesses and their online customers from the cyberterrorism and criminal activity.  If a company feels under threat from these criminal activities there is no real reason why they should not use these types of services.  In fact, using these systems may be the one thing that may protect some companies from going bankrupt.  

 

3.         What is the business value of their cyberforensic and investigative capabilities to PayPal?  Would you trust PayPal for your online payment transactions?  Why or why not?

 

            The business value of their cyberforensic and investigative capabilities to PayPal was that they were actually able to reduce PayPal fraud rates to 0.5 percent – well below the average e-business fraud rate of 1.3 to 2.6 percent.  Whether or not a student would trust PayPal is a personal issue – there is no yes or no answer. 

 

 

Real World Case 4: Providence Health Systems and Others

Challenges of IT Security Management

 

1.         What is there a growing need for IT security defenses and management in business?  What challenges does this pose to effective IT security management?

 

With the increasing need to open internal networks to outside access, there is a growing need for IT security defenses and management.  The challenge posed by this threat is to provide protection for network and data center security on both the IT front and the physical structure.  The challenge is to add multiple layers of protection and redundancy around the data center and its hardware, software, databases, and network links, while still maintaining the levels of service demanded by the business.  The need for such protection is being driven by both the increasing threat of cybercrimes and the growing use of the Internet to link companies with partners and customers.  The more ports a company opens in their firewall the more vulnerable they become.  Coupled with this is the growing need to link business systems with external partners and suppliers, and the growing number of remote workers and the trend toward wireless applications.  For a company, this challenge means finding better ways of identifying and authenticating users and controlling the access they have on the network.

 

2.         What are some of the IT security defenses companies are using to meet these challenges?  Use each of the companies in this case as an example.

 

On the physical side, companies are boosting their business continuity and disaster recovery capabilities by buying and building redundant hardware and facilities or paying for such services, and geographically separating their IT assets.  The technology effort is focused on supplementing traditional network firewall protection with newer intrusion monitors, access control tools, and tougher IT usage policies.

 

Providence Health Systems – does not permit external Internet connections or wireless access to terminate on any internal machine.  By doing this, they are able to end the connections outside the firewall and then screen all external requests through secure network services.

 

Link Staffing Services Inc. = uses antivirus and e-mail filtering tools which use new measures aimed at reducing the risk of attach via e-mail.  The company prohibits attacks of certain types and sizes on its network. All Internet-based chatting is banned, and users are not allowed to download and install software.  Scripting functions are disabled to prevent unauthorized scripts from wreaking havoc.  Link Staffing uses a secure virtual private network (VPN) service to connect its 45 remote sites.  The VPN provides firewall and encryption services, but Link placed an extra firewall in front of the VPN.

 

3.   Do you agree with IT usage policies of Link Staffing?  The security audit policies of Cervalis?  Why or why not?

 

            Link Staffing:  Link Staffing has a tough IT usage policy that employees must abide by.  Failure to comply can result in termination.  To enforce the policy, the company uses monitoring and auditing tools to inventory employee computer usage.  Whether or not students’ agree with the IT usage policies of Link Staffing or not is debatable.  Some students may feel that the company has gone too far, and in effect may be stifling employees in doing their jobs effectively.  Other students may feel that the company has no choice but to protect itself using such stringent policies. 

 

            Cervalis security begins at its ingress points – where the Internet meets its networks.  The company uses strict port control and management on all of its Internet-facing routers to ensure that open ports don’t provide access for malicious attackers.  Redundant, load-balanced firewalls that are sandwiched between two layers of content switches filter all traffic coming in from the Internet.  Network-based intrusion-detection systems are sprinkled throughout the network.  Cervalis also audit IT security by regularly going through a checklist of maintenance items.  Periodic reviews and external audits are also used to ensure that there is adequate security.  Again, whether students agree with their methodology or IT security practices is debatable.  Some may feel that it is an invasion on employee privacy – others may feel that it is absolutely necessary.

 

 

Real World Case 5: The Doctor’s Co. and Rockland Trust

   Outsourcing IT Security Management

 

1,         What are the benefits and limitations for a business of outsourcing IT security management according to the companies in this case?

 

Benefits:

·   MSSP enabled them to establish a reasonable intrusion-detection system without having to have the required expertise in-house with the abilities and knowledge required to integrate the systems and monitor them.

·   MSSP reviews and correlates audit information from different sources, weeds out false security threats, and alert the company to security events and how to respond.

·   Savings are realized by outsourcing security event monitoring rather than a company attempting to do it themselves.

 

Limitations:

·   Always the chance that the MSSP may not stay in business.

·   Service providers differ in terms of the devices they monitor and how they correlate and analyze the information they collect.  Vendor’s profitability boils down to how well they automate security event correlation and analysis, which can be very time-consuming and expensive if done manually.

·   Not all providers offer equal monitoring coverage.

 

2.         What are the benefits and limitations to a business of using “pure play” IT security management companies like Counterpane and Ubizen?  Visit their websites to help your answer.

 

Counterpane and Ubizen are classified as “pure plays,” – meaning specialized IT security providers that offer vendor-neutral coverage from a range of vendors.  These service providers offer more security services than some of the other providers who may not offer a service that you want.  For example, Counterpane and Ubizen both provide monitoring, and provide their clients with analyzed audit data from all their systems, networks, and nonsecurity devices. 

 

3.         What are the benefits and limitations of outsourcing IT security management to vendors like Symantec and Network Associates.  Visit their websites to help your answer.

 

            Benefits:

·  Symantec and Network Associates offer security products but are expanding to offer add-on security monitoring services.

 

Limitations:

·  Both of these companies will service only their own antivirus and intrusion-detection products. 

·  They monitor only third-party firewalls and VPN devices from vendors with which they have strategic partnerships that may require some users to reinstall only supported products. 

 

            Students may also suggest some of the following benefits and limitations of these types of services.

·   Security experts are scarce and expensive to have on staff on a full time basis.  There is a high financial cost to hire and train security managers.  Outsourcing provides an affordable way to gain excess to this expertise.

·  Outsourcers can configure and maintain equipment and buy in bulk, saving their customers money.

·  Outsourcing provides a good step to value-added monitoring services.

·  Outsourcers can maintain firewalls and prevent attacks on corporate networks, and they can also monitor the networks in real time and block attackers.

·  Outsourcing enables the company to demonstrate and ensure their customers of website security.

 

Limitations:

·  Outsourcers may overlook vulnerable things such as open ports and misconfigured routers.

·  Outsourcing firewalls and other security measures designed to resist attacks, stop hackers, and police everything going in and out of the network.

·  Organizations view security of their information a key component to their success and survival. Any type of act that results in damaging the company in reputation or financial picture can have devastating results. These could be simple acts such as defacing their corporate website page, or actually damaging, stealing, or selling vital data.

·  Outsourcer may not have the same skill levels of the sophisticated hacker and no outsourcing company can guarantee 100% security.

=================================

13 Computer Hardware

 

            I.  CHAPTER OVERVIEW

 

Foundation Concepts:  Computer Hardware, reviews trends and developments in microcomputer, midrange, and mainframe computer systems; basic computer system concepts; and the major types of technologies used in peripheral devices for computer input, output, and storage.

 

Computer Systems – Major types of computer systems are summarized in Figure 13.2.  A computer is a system of information processing components that perform input, processing, output, storage, and control functions.  Its hardware components include input and output devices, a central processing unit (CPU), and primary and secondary storage devices.  The major functions and hardware in a computer system are summarized in Figure 13.9

 

Microcomputer Systems – Microcomputers are used as personal computers, network computers, personal digital assistants, technical workstations, and information appliances.  Like most computer systems today, microcomputers are interconnected in a variety of telecommunications networks.  This typically includes local area networks, client/server networks, intranets and extranets, and the Internet.

 

Other Computer Systems – Midrange computers are increasingly used as powerful network servers, and for many multiuser business data processing and scientific applications.  Mainframe computers are larger and more powerful than most midsize computers.  They are usually faster, have more memory capacity, and can support more network users and peripheral devices.  They are designed to handle the information processing needs of large organizations with high volumes of transaction processing, or with complex computational problems.  Supercomputers are a special category of extremely powerful mainframe computer systems designed for massive computational assignments.

 

 

                        II. LEARNING OBJECTIVES

 

Learning Objective

·         Identify the major types, trends, and uses of microcomputer, midrange and mainframe computer systems.

·         Outline the major technologies and uses of computer peripherals for input, output, and storage.

·         Identify and give examples of the components and functions of a computer system.

·         Identify the computer systems and peripherals you would acquire or recommend for a business of your choice, and explain the reasons for your selections.

 

 

                      III. TEACHING SUGGESTIONS

 

This chapter introduces a great deal of basic terminology, which is essential for the students to be computer literate.  Unless the students taking this course are already familiar with computer hardware terminology, this chapter should be covered thoroughly, to provide technical background.  Since some students may feel overwhelmed with the amount of new terminology introduced in this chapter, the material may require more time than other chapters.

 

In discussing this chapter, it is very effective if the instructor can bring a number of the devices discussed in the chapter into the classroom.  These could include motherboards, different types of input devices, RAM chips, CD-RW burners, and old worn out hard drives which have been taken out of their sealed case, etc.  By showing and demonstrating these products students are better able to grasp the concepts of the chapter.

 

Figure 13.2 illustrates the three major categories of computer systems with a variety of characteristics and capabilities. Figure 13.9 illustrates that a computer is a system of hardware components, which are organised according to the functions of input, processing, output, storage, and control.  Figure 13.20 illustrates how storage media cost, speed, and capacity tread-offs have changed over time.  The figure illustrates how cost increases with faster access speeds, but decreases with the increased capacity of storage media.

 

 

 

                                                                                IV. LECTURE NOTES

 

Section 1: Computer Systems: End User and Enterprise Computing

 

INTRODUCTION

 

All computers are systems of input, processing, output, storage, and control components.  Technology is evolving at a rapid pace, and new forms of input, output, processing, and storage devices continue to enter the market.

 

Analyzing City of Richmond and Tim Beaty Builders

We can learn a lot about innovative business uses of PDAs from this case.  Take a few minutes to read it, and we will discuss it (See City of Richmond and Tim Beaty Builders in Section IX).

 

 

TYPES OF COMPUTER SYSTEMS -[Figure 13.2]

 

There are several major categories of computer systems with a variety of characteristics and capabilities.  Thus, computer systems are typically classified as:

·         Mainframe computers

·         Midrange computers

·         Microcomputers

 

These categories are attempts to describe the relative computing power provided by different computing platforms or types of computers therefore, they are not precise classifications.

 

Some experts predict the merging or disappearance of several computer categories.  They feel that many midrange and mainframe systems have been made obsolete by the power and versatility of client/server networks of microcomputers and servers.  Most recently, some industry experts have predicted that the emergence of network computers and information appliances for applications on the Internet and corporate intranets will replace many personal computers, especially in large organisations and in the home computer market. 

 

 

MICROCOMPUTER SYSTEMS

 

Microcomputers are the smallest but most important categories of computers systems for business people and consumers.  They are also referred to as personal computers (or PCs).  The computing power of current microcomputers exceeds that of the mainframe computers of previous generations at a fraction of their cost.  They have become powerful-networked professional workstations for use by end users in business.

 

Microcomputers                  Microcomputers                                Microcomputers

categorised by size                categorised by use                                categorised by special purpose

1.  Handheld                         1.  Home                                                        1.  Workstation Computers      

2.  Notebook                         2.  Personal                                                2.  Network Servers

3.  Laptop                              3.  Professional                                3.  Personal Digital Assistants

4.  Portable                            4.  Workstation

5.  Desktop                            5.  Multi-user Systems

6.  Floor-standing

 

Workstation Computers - some microcomputers are powerful workstation computers (technical work stations) that support applications with heavy mathematical computing and graphics display demands such as computer-aided design (CAD) in engineering, or investment and portfolio analysis in the securities industry.

 

Network Servers - are usually more powerful microcomputers that co-ordinate telecommunications and resource sharing in small local area networks (LANs), and Internet and intranet websites.  This is the fastest growing microcomputer application category.

 

Network Computers:

·         Network Computers (NCs) are a major new microcomputer category designed primarily for use with the Internet and corporate intranets by clerical workers, operational employees, and knowledge workers with specialised or limited computing applications. 

 

In-between NCs and full-featured PCs are stripped-down PCs known as NetPCs or legacy-free PCs.  NetPCs are designed for the Internet and a limited range of applications within a company. Examples are:  Dell’s Webpc, Compaq’s IPaq, HP’s e-PC, and eMachine’s eOne. 

 

Network computers (also called thin clients) are low-cost, sealed, networked microcomputers with no or minimal disk storage.  Users of network computers depend primarily on Internet and intranet servers for their operating system and web browser, Java-enabled application software, and data access and storage.

 

Main attractions of network computers over full-featured PCs are their low cost to:

·         Purchase

·         Upgrade

·         Maintenance

·         Support

 

Other benefits to businesses include:

·         Ease of software distribution and licensing

·         Computing platform standardisation

·         Reduced end user support requirements

·         Improved manageability through centralised management and enterprisewide control of computer network resources.

 

Information Appliances

The market is offering a number of gadgets and information appliances that offer users the capability to perform enable host of basic computational chores.  Examples of some information appliances include:

·         Personal Digital Assistants - (PDAs) are designed for convenient mobile communications and computing.  PDAs use touch screens, pen-based handwriting recognition, or keyboards to help mobile workers send and receive E-mail, access the Web, and exchange information such as appointments, to-do lists, and sales contacts with their desktop PCs or web servers.

·         Set-top boxes and video-game consoles that connect to home TV sets.  These devices enable you to surf the Web or send and receive E-mail and watch TV programs or play video games at the same time.

·         Wireless PDAs and cellular and PCS phones and wired telephone-based appliances that can send and receive E-mail and access the Web.

 

Computer Terminals

Computer terminals are undergoing a major conversion to networked computer devices.  For example: 

·         Dumb terminals are keyboard/video monitor devices with limited processing capabilities, to intelligent terminals, which are modified networked PCs, network computers or other microcomputer-powered network devices.  Intelligent terminals can perform data entry and some information processing tasks independently.

·         Networked terminals which may be Windows terminals that are dependent on network servers for Windows software, processing power, and storage, or Internet terminals, which depend on Internet or intranet website servers for their operating systems and application software.

·         Transaction terminals are a form of intelligent terminal.  Uses can be found in banks retail stores, factories, and other work sites.  Examples are ATM’s, factory production recorders, and POS terminals.   

 

 

MIDRANGE COMPUTER SYSTEMS

 

Midrange computers, including minicomputers and high-end network servers, are multi-user systems that can manage networks of PCs and terminals.  Characteristics of midrange computers include:

·         Generally, midrange computers are general-purpose computers that are larger and more powerful than most microcomputers but are smaller and less powerful than most large mainframes.

·         Cost less to buy, operate, and maintain than mainframe computers.

·         Have become popular as powerful network servers to help manage large Internet websites, corporate intranets and extranets, and client/server networks.

·         Electronic commerce and other business uses of the Internet are popular high-end server applications, as are integrated enterprisewide manufacturing, distribution, and financial applications. 

·         Data warehouse management, data mining, and online analytical processing are contributing to the growth of high-end servers and other midrange systems.

·         First became popular as minicomputers for scientific research, instrumentation systems, engineering analysis, and industrial process monitoring and control.  Minicomputers could easily handle such uses because these applications are narrow in scope and do not demand the processing versatility of mainframe systems.

·         Serve as industrial process-control and manufacturing plant computers and they play a major role in computer-aided manufacturing (CAM).

·         Take the form of powerful technical workstations for computer-aided design (CAD) and other computation and graphics-intensive applications.

·         Are used as front-end computers to assist mainframe computers in telecommunications processing and network management.

·         Can function in ordinary operating environments (do not need air conditioning or electrical wiring).

·         Smaller models of minicomputers do not need a staff of specialists to operate them.

 

 

MIDRANGE COMPUTER APPLICATIONS

 

·         Serve as industrial process-control and manufacturing plant computers.

·         Play a major role in computer-aided manufacturing (CAM). 

·         Serve as powerful technical workstations for computer-aided design (CAD) and other computation and graphics-intensive applications

·         Serve as front-end computers to assist mainframe computers in telecommunications processing and network management. 

 

Midrange Computer as Network Server:

·         Electronic commerce and other business uses of the Internet are popular high-end server applications, as are integrated enterprisewide manufacturing, distribution, and financial applications.

·         Other applications, like data warehouse management, data mining, and online analytical processing are contributing to the growth of high-end servers and other midrange systems.

·         Serve as powerful network servers to help manage large Internet web sites, corporate Intranets and extranets, and client/server networks

 

 

MAINFRAME COMPUTER SYSTEMS

 

Mainframe computers are large, fast, and powerful computer systems.  Characteristics of mainframe computers include:

·         They are physically larger and more powerful than micros and minis. 

·         Can process hundreds of millions of instructions per second (MIPS). 

·         Have large primary storage capacities.  Main memory capacity can range from hundreds of megabytes to many gigabytes of primary storage.

·         Mainframes have slimmed down drastically in the last few years, dramatically reducing air-conditioning needs, electronic power consumption, and floor space requirements, and thus their acquisition and operating costs.

·         Sales of mainframes have increased due to cost reductions and the increase in applications such as data mining and warehousing, decision support, and electronic commerce.

 

Mainframe Computer Applications:

·         Handle the information processing needs of major corporations and government agencies with many employees and customers.

·         Handle enormous and complex computational problems.

·         Used in organisations processing great volumes of transactions.

·         Handle great volumes of complex calculations involved in scientific and engineering analyses and simulations of complex design projects.

·         Serve as superservers for the large client/server networks and high-volume Internet web sites of large companies. 

·         Are becoming a popular business-computing platform for data mining and warehousing, and electronic commerce applications.

 

Supercomputer Systems:

The term supercomputer describes a category of extremely powerful computer systems specifically designed for scientific, engineering, and business applications requiring extremely high-speeds for massive numeric computations.

 

Supercomputer Applications:

·         Used by government research agencies, large universities, and major corporations.

·         Are used for applications such as global weather forecasting, military defence systems, computational cosmology and astronomy, microprocessor research and design, large scale data mining, large time-sharing networks, and so on.

·         Use parallel processing architectures of interconnected microprocessors (which can execute many instructions at the same time in parallel).

·         Can perform arithmetic calculations at speeds of billions of floating-point operations per second (gigaflops).  Teraflop (1 trillion floating-point operations per second) supercomputers, which use advanced massively parallel processing (MPP) designs of thousands of interconnected microprocessors, are becoming available.

·         Purchase price for large supercomputers are in the $5 million to $50 million range.

 

Mini-supercomputers:

The use of symmetric multiprocessing (SMP) and distributed shared memory (DSM) designs of smaller numbers of interconnected microprocessors has spawned a breed of mini-supercomputer with prices that start in the hundreds of thousands of dollars.

 

 

TECHNICAL NOTE: THE COMPUTER SYSTEM CONCEPTS - [Figure 13.9]

 

As a business professional, you do not need a detailed technical knowledge of computers.  However, you do need to understand some basic facts and concepts about computer systems.  This should help you be an informed and productive user of computer system resources.

 

A computer is a system, an interrelated combination of components that perform the basic system functions of input, processing, output, storage, and control, thus providing end users with a powerful information-processing tool.  Understanding the computer as a computer system is vital to the effective use and management of computers.

 

A computer is a system of hardware devices organised according to the following system functions:

·         Input.  Examples of some input devices of a computer system include:

1.  Keyboards                                                2.  Touch Screens                3.  Light Pens

4.  Electronic Mice                                4.  Optical Scanners                5.  Voice Input

 

They convert data into electronic machine-readable form for direct entry or through a telecommunications network into a computer system.

 

·         Processing.  The central processing unit (CPU) is the main processing component of a computer system.   (In microcomputers, it is the main microprocessor).  One of the CPU’s major components is the arithmetic-logic unit (ALU) that performs the arithmetic and logic functions required in computer processing.

 

Components of the CPU include:

1.  Control Unit                 2.  Arithmetic-Logic Unit                3.  Primary Storage Unit

 

·         Output.  Convert electronic information produced by the computer system into human-intelligible form for presentation to end-users.

 

Examples of output devices include:

1.  Video Display Units                2.  Audio Response Units                3.  Printers

 

·         Storage.  The storage function of a computer system is used to store data and program instructions needed for processing. 

 

Storage devices include:

1.  Primary Storage Unit (main memory)

2.  Secondary Storage Devices (magnetic disk and tape units, optical disks)

 

·         Control.  The control unit of a CPU interprets computer program instructions and transmits directions to the other components of the computer system.

 

 

Computer Processing Speeds:

Operating speeds of computers are measured in a number of ways.  For example:

·         Milliseconds - Thousands of a second.

·         Microseconds – Millionths of a second.

·         Nanoseconds – Billionth of a second

·         Picosecond – Trillionth of a second

 

Other terminology used includes:

·         Teraflop – used by some supercomputers

·         MIPS – Million instructions per second

·         Megahertz (MHz) – Millions of cycles per second

·         Gigahertz (GHz) – Billions of cycles per second

·         Clock Speed – used to rate microprocessors by the speed of their timing circuits and internal clock.

 

 

Section II:  Computer Peripherals: Input, Output, and Storage Technologies

 

INTRODUCTION

 

A computer is just a high-powered “processing box” without peripherals.  Your personal computing needs will dictate the components you choose for our particular computing needs.

 

Analyzing United Technologies and Eastman Kodak

We can learn a lot about the business value of consolidating computer operations and systems from this case.  Take a few minutes to read it, and we will discuss it (See United Technologies and Eastman Kodak in Section IX).

 

 

PERIPHERALS

 

Peripherals are the generic name for all input, output, and secondary storage devices that are part of a computer system.  Peripherals depend on direct connections or telecommunications links to the central processing unit of a computer system.  Thus, all peripherals are online devices, that is, separate from, but can be electronically connected to and controlled by, a CPU.  This is the opposite of off-line devices, which are separate from and not under the control of the CPU.

 

 

INPUT TECHNOLOGY

 

There has been a major trend toward the increased use of input technologies that provide a more natural user interface for computer users. More and more data and commands are being entered directly and easily into computer systems through pointing devices like electronic mice and touch pads, and technologies like optical scanning, handwriting recognition, and voice recognition.

 

 

POINTING DEVICES

 

Keyboards are still the most widely used devices for entering data and text into computer systems.  However, pointing devices are a better alternative for issuing commands, making choices, and responding to prompts displayed on your video screen.  They work with your operating system’s graphical user interface (GUI), which presents you with icons, menus, windows, buttons, bars, and so on, for your selection.  Examples of pointing devices include:

·         Electronic Mouse - A device used to move the cursor on the screen, as well as to issue commands and make icon and menu selections.

·         Trackball - A device used to move the cursor on the display screen.

·         Pointing Stick - A small buttonlike device, sometimes likened to the eraser head of a pencil.  The cursor moves in the direction of the pressure you place on the track point.

·         Touchpad - A small rectangular touch-sensitive surface usually placed below the keyboard.  The cursor moves in the direction your finger moves on the pad.

·         Touch Screens - A device that accepts data input by the placement of a finger on or close to the CRT screen.

 

 

PEN-BASED COMPUTING

 

Pen-based computing technologies are being used in many hand-held computers and personal digital assistants.  These small PCs and PDAs contain fast processors and software that recognises and digitises handwriting, hand printing, and hand drawing.  They have a pressure-sensitive layer like a graphics pad under their slatelike liquid crystal display (LCD) screen.

 

A variety of penlike devices are available:

·         Digitizer Pen - A photoelectronic device that can be used as a pointing device, or used to draw or write on a pressure-sensitive surface of a graphics tablet.

·         Graphics Tablet - A device that allows an end user to draw or write on a pressure-sensitive tablet and has their handwriting or graphics digitised by the computer and accepted as input.

 

 

SPEECH RECOGNITION SYSTEMS

 

Speech recognition and voice response (in their infancy) promise to be the easiest method of data entry, word processing, and conversational computing, since speech is the easiest, most natural means of human communication.  

Speech recognition systems analyse and classify speech or vocal tract patterns and convert them into digital codes for entry into a computer system.  Early voice recognition products used discrete speech recognition, where you had to pause between each spoken word.  New continuous speech recognition (CSR) software recognises controlled, conversationally paced speech.  Examples of continuous speech recognition software include:

·         NaturallySpeaking by Dragon Systems

·         ViaVoice by IBM

·         VoiceXpress by Lernout & Hauspie

·         FreeSpeech by Philips

 

Areas where speech recognition systems are used include:

·         Manufacturers use it for inspection, inventory, and quality control

·         Airlines and parcel delivery companies use it for voice-directed sorting of baggage and parcels

·         Voice activated GPS systems are being used in advanced car design

·         Physicians use it to enter and printout prescriptions

·         Gemmologists use it to free up their hands when inspecting and grading precious stones

·         Handicapped individuals use voice-enabled software to operate their computers, e-mail, and surf the World Wide Web.

 

Speaker-independent voice recognition systems allow a computer to understand a few words from a voice it has never heard before.  They enable computers to respond to verbal and touch-tone input over the telephone.  Examples include:

·         Computerized telephone call switching

·         Telemarketing surveys

·         Bank pay-by-phone bill-paying services

·         Stock quotations services

·         University registration systems

·         Customer credit and account balance inquiries

 

 

OPTICAL SCANNING

 

Optical scanning devices read text or graphics and convert them into digital input for a computer.  Optical scanning enables the direct entry of data from source documents into a computer system.  Popular uses of optical scanning include:

·         Scanning pages of text and graphics into your computer for desktop publishing and web publishing applications.

·         Scan documents into your system and organize them into folders as part of a document management library system for easy reference or retrieval.

 

There are many types of optical scanners, but they all employ photoelectric devices to scan the characters being read. Reflected light patterns of the data are converted into electronic impulses that are then accepted as input into the computer system.

 

Optical scanning technology known as optical character recognition (OCR) can read special-purpose characters and codes.  OCR scanners are used to read characters and codes on:

·         Merchandise tags

·         Product labels

·         Credit card receipts

·         Utility bills

·         Insurance premiums

·         Airline tickets

·         Sort mail

·         Score tests

·         Process business and government forms

 

Devices such as handheld optical scanning wands are used to read OCR coding on merchandise tags and other media.  Many business applications involve reading bar code, a code that utilises bars to represent characters.  One common example is the Universal Produce Code (UPC) bar coding that you see on packages of food items and many other products.

 

 

OTHER INPUT TECHNOLOGIES

 

·         Magnetic stripe technology is a familiar form of data entry that helps computers read credit cards.  The dark magnetic stripe on the back of such cards is the same iron oxide coating as on magnetic tape.

·         Smart cards that embed a microprocessor chip and several kilobytes of memory into debit, credit, and other cards are popular in Europe, and becoming available in the United States.

·         Digital cameras and digital video cameras enable you to shoot, store, and download still photos or full motion video with audio into your PC. 

·         Magnetic ink character recognition (MICR) is machine recognition of characters printed with magnetic ink. Primarily used for check processing by the banking industry. 

 

 

OUTPUT TECHNOLOGIES

 

Computers provide information in a variety of forms. Video displays and printed documents have been, and still are, the most common forms of output from computer systems.  But other natural and attractive output technologies such as voice response systems and multimedia output are increasingly found along with video displays in business applications.

 

 

VIDEO OUTPUT

 

Video displays are the most common type of computer output.  Most desktop computers rely on video monitors that use cathode ray tube (CRT) technology.  Usually, the clarity of the video display depends on the type of video monitor you use and the graphics circuit board installed in your computer.  A high-resolution, flicker-free monitor is especially important if you spend a lot of time viewing multimedia on CDs or the Web, or complex graphical displays of many software packages.

 

The biggest use of liquid crystal displays (LCDs) is to provide a visual display capability for portable microcomputers and PDAs.  LCD displays need significantly less electric current and provide a thin, flat display.  Advances in technology such as active matrix and dual scan capabilities have improved the color and clarity of LCD displays.

 

 

PRINTED OUTPUT

 

After video displays, printed output is the most common form of output displays.  Most personal computer systems rely on inkjet or laser printers to produce permanent (hard copy) output in high-quality printed form.  Printed output is still a common form of business communications, and is frequently required for legal documentation. 

·         Inkjet printers - Spray ink onto a page one line at a time.  They are popular, low-cost printers for microcomputer systems.  They are quiet, produce several pages per minute of high-quality output, and can print both black-and-white and high-quality colour graphics.

·         Laser Printers - Use an electrostatic process similar to a photocopying machine to produce many pages per minute of high-quality black-and-white output.  More expensive colour laser printers and multifunction inkjet and laser models that print, fax, scan, and copy are other popular choices for business offices.

 

 

STORAGE TRADE-OFFS

 

Data and information need to be stored after input, during processing, and before output.  Computer-based information systems rely primarily on the memory circuits and secondary storage devices of computer systems to accomplish the storage function. 

 

Major trends in primary and secondary storage methods:

·         Progress in very-large scale integration (VLSI), which packs millions of memory circuit elements on tiny semiconductor memory chips, are responsible for continuing increases in the main-memory capacity of computers.

·         Secondary storage capacities are also expected to escalate into the billions and trillions of characters, due primarily to the use of optical media.

 

Storage Trade-offs: Speed, capacity, and cost relationships. 

·         Note the cost/speed/capacity trade-offs as one moves from semiconductor memories to magnetic media, such as magnetic disks and tapes, to optical disks. 

·         High-speed storage media cost more per byte and provide lower capacities.

·         Large capacity storage media cost less per byte but are slower

·         Semiconductor memories are used mainly for primary storage, though they are sometimes used as high-speed secondary storage devices.

·         Magnetic disk and tape and optical disk devices are used as secondary storage devices to greatly enlarge the storage capacity of computer systems.

·         Most primary storage circuits use RAM (random access memory) chips, which lose their contents when electrical power is interrupted

·         Secondary storage devices provide a more permanent type of storage media for storage of data and programs.

 

 

Computer Storage Fundamentals: [Figure 13.20]

Data is processed and stored in a computer system through the presence or absence of electronic or magnetic signals in the computer’s circuitry in the media it uses.  This is called a "two-state" or binary representation of data, since the computer and media can exhibit only two possible states or conditions - ON (1) or OFF (0).

 

Computer storage elements:

·         Bit - is the smallest element of data, (binary digit) which can have a value of zero or one.  The capacity of memory chips is usually expressed in terms of bits.

·         Byte - is the basic grouping of bits that the computer operates as a single unit.  It typically consists of 8 bits and is used to represent one character of data in most computer coding schemes (e.g. 8 bits = 1 byte).  The capacity of a computer’s memory and secondary storage devices is usually expressed in terms of bytes. 

        ASCII (American Standard Code for Information Interchange)

        EBCDIC (Extended Binary Coded Decimal Interchange Code) Pronounced:  EB SEE DICK

 

Storage capacities are frequently measured in:

 

·         Kilobyte         = 1,000 bytes

·         Megabyte         = 1,000,000 bytes

·         Gigabyte        = 1,000,000,000 bytes

·         Terabyte        = 1,000,000,000,000 bytes

·         Petabyte         = 1,000,000,000,000,000 bytes

·         Exabyte         = 1,000,000,000,000,000,000 bytes

·         Zettabyte        = 1,000,000,000,000,000,000,000 bytes

·         Yottabyte        = 1,000,000,000,000,000,000,000,000 bytes

 

 

Direct and Sequential Access

·         Direct Access - Primary storage media such as semiconductor memory chips are called direct access or random access memories (RAM).  Magnetic disk devices are frequently called direct access storage devices (DASDs).

 

The terms direct access and random access describe the same concept.  They mean that an element of data or instructions can be directly stored and retrieved by selecting and using any of the locations on the storage media.  They also mean that each storage position (1) has a unique address and (2) can be individually accessed in approximately the same length of time without having to search through other storage positions.

 

·         Sequential Access - sequential access storage media such as magnetic tape do not have unique storage addresses that can be directly addressed.  Instead, data must be stored and retrieved using a sequential or serial process.  Data are recorded one after another in a predetermined sequence on a storage medium.  Locating an individual item of data requires searching much of the recorded data on the tape until the desired item is located.

 

 

SEMICONDUCTOR MEMORY

 

The primary storage (main memory) on most modern computers consists of microelectronic semiconductor memory circuits.  Plug-in memory circuit boards containing 32 megabytes or more of memory chips can be added to your PC to increase its memory capacity.  Specialized memory can help improve your computer’s performance.  Examples include:

·         External cache memory of 512 kilobytes to help your microprocessor work faster

·         Video graphics accelerator cards with 16 megabytes of RAM are used for faster and clearer video performance

·         Removable credit-card-size and smaller “flash memory” RAM cards provide several megabytes of erasable direct access storage for PDAs or hand-held PCs.

 

Some of the major attractions of semiconductor memory are:

·         Small size

·         Fast speed

·         Shock and temperature resistance

 

One major disadvantage of most semiconductor memory is:

·         Volatility - Uninterrupted electric power must be supplied or the contents of memory will be lost (except with read only memory, which is permanent).

 

There are two basic types of semiconductor memory:

·         Random Access Memory (RAM) - these memory chips are the most widely used primary storage medium.  Each memory position can be both read and written, so it is also called read/write memory.  This is a volatile memory.

 

·         Read Only Memory (ROM) - Non-volatile random access memory chips are used for permanent storage.  ROM can be read but not erased or overwritten.  Instructions and programs in primary storage can be permanently "burned in" to the storage cells during manufacturing.  This permanent software is also called firmware.  Variations include PROM (programmable read only memory) and EPROM (erasable programmable read only memory), which can be permanently or temporarily programmed after manufacture.

 

 

MAGNETIC DISK STORAGE

 

These are the most common forms of secondary storage for modern computer systems.   That’s because they provide fast access and high storage capacities at a reasonable cost.   Characteristics of magnetic disks:

·         Disk drives contain metal disks that are coated on both sides with an iron oxide recording material.

·         Several disks are mounted together on a vertical shaft, which typically rotates the disks are speeds of 3,600 to 7,600 revolutions per minute (rpm)

·         Access arms between the slightly separated disks to read and write data on concentric, circular tracks position electromagnetic read/write heads.

·         Data are recorded on tracks in the form of tiny magnetized spots to form the binary digits of common computer codes.

·         Thousands of bytes can be recorded on each track, and there are several hundred data tracks on each disk surface, which provides you with billions of storage positions for software and data.

 

Types of Magnetic Disks

There are several types of magnetic disk arrangements, including disk cartridges as well as fixed disk units.  Removable disk devices are popular because they are transportable and can be used to store backup copies of your data off-line for convenience and security.

 

Floppy Disks, or magnetic disks, consist of polyester film disks covered with an iron oxide compound.  A single disk is mounted and rotates freely inside a protective flexible or hard plastic jacket, which has access openings to accommodate the read/write head of a disk drive unit.  The 3-1/2-inch floppy disk, with capacities of 1.44 megabytes, is the most widely used version, with a newer Superdisk technology offering 120 megabytes of storage.

 

Hard Disk Drives combine magnetic disks, access arms, and read/write heads into a sealed module.  This allows higher speeds, greater data-recording densities, and closer tolerances within a sealed, more stable environment.  Fixed or removable disk cartridge versions are available.  Capacities of hard drives range from several hundred megabytes to many gigabytes of storage.

 

RAID Storage

Disk arrays of interconnected microcomputer hard disk drives have replaced large-capacity mainframe disk drives to provide many gigabytes of online storage.  Known as RAID (redundant arrays of independent disks), they combine from 6 to more than 100 small hard disk drives and their control microprocessors into a single unit.  Advantages of RAID disks include:

·         Provide large capacities with high access speeds since data is accessed in parallel over multiple paths from many disks.

·         Provide fault tolerant capability, since their redundant design offers multiple copies of data on several disks.  If one disk fails, data can be recovered from backup copies automatically stored on other disks.

·         Storage area networks (SANs) are high-speed fibre channel local area networks that can interconnect many RAID units and share their combined capacity through network servers for many users.

 

 

MAGNETIC TAPE STORAGE

 

Magnetic Tape is still being used as a secondary storage medium in business applications.  The read/write heads of magnetic tape drives record data in the form of magnetised spots on the iron oxide coating of the plastic tape.  Magnetic tape devices include tape reels and cartridges in mainframes and midrange systems, and small cassettes or cartridges for PCs.  

 

These devices serve as slower, but lower cost, storage to supplement magnetic disks to meet massive data warehouse and other business storage requirements.  Other major applications for magnetic tape include long-term archival storage and backup storage for PCs and other systems.

 

 

OPTICAL DISK STORAGE

 

Optical disk storage involves technology, which is based on using a laser to read tiny spots on a plastic disk.  The disks are currently capable of storing billions of characters of information.

 

·         CD-ROM        - A common type of optical disk used on microcomputers.  They are used for read only storage.  Storage is over 600 megabytes per disk.  This is equivalent to over 400 1.44-megabyte floppy disks or 300,000 double-spaced pages of text.  Data are recorded as microscopic pits in a spiral track, and are read using a laser device.

 

Limitation: Recorded data cannot be erased

 

·         CD-R - (Compact disk recordable) is another optical disk technology.  It enables computers with CD-R disk drive units to record their own data once on a CD, and then be able to read the data indefinitely.

 

Limitation: Recorded data cannot be erased

 

·         CD-RW - (CD-rewritable) optical disk systems have now become available which record and erase data by using a laser to heat a microscopic point on the disk’s surface.  In CD-RW versions using magneto-optical technology, a magnetic coil changes the spot’s reflective properties from one direction to another, thus recording a binary one to zero.  A laser device can then read the binary codes on the disk by sensing the direction of reflected light.

 

·         DVD - (Digital Video Disk or Digital Versatile Disk) can hold from 3.0 to 8.5 gigabytes of multimedia data on each side of a compact disk.  The large capacities and high- quality images and sound of DVD technology are expected to eventually replace CD-ROM and CD-RW technologies for data storage, and promise to accelerate the use of DVD drives for multimedia products that can be used in both computers and home entertainment systems.

·         DVD-ROM is beginning to replace magnetic tape videocassettes for movies and other multimedia products.

·         DVD – RAM is being used for backup and archival storage data and multimedia files.

 

 

Business Applications

One of the major uses of optical disks in mainframe and midrange systems is in image processing, where long-term archival storage of historical files of document images must be maintained. 

 

Mainframe and midrange computer versions of optical disks use 12-inch plastic disks with capacities of several gigabytes, with up to 20 disks held in jukebox drive units. WORM – (Write Once, Read Many) versions of optical disks are used to store data on the disk.  Although data can only be stored once, it can be read an infinite number of times.

 

One of the major business uses of CD-ROM disks for personal computers is to provide a publishing medium for fast access to reference materials in a convenient, compact form.    These include:

·         Catalogs

·         Directories

·         Manuals

·         Periodical abstracts

·         Part listings

·         Statistical databases of business activity and economic activity

·         Interactive multimedia applications in business, education, and entertainment using CD-ROM and DVD disks.

 

Optical disks have become a popular storage medium for image processing and multimedia business applications and they appear to be a promising alternative to magnetic disks and tape for very large mass storage capabilities for enterprise computing systems.  However, rewritable optical technologies are still being perfected.  Also, most optical disk devices are significantly slower and more expensive (per byte of storage) than magnetic disk devices.  So optical disk systems are not expected to displace magnetic disk technology in the near future for most business applications.

 

 

        V.  KEY TERMS AND CONCEPTS - DEFINED

 

Binary Representation:

Pertaining to the presence or absence of electronic or magnetic “signals” in the computer’s circuitry or in the media it uses.  There are only two possible states or conditions - presence or absence.

 

Central Processing Unit (CPU):

The unit of a computer system that includes the circuits that controls the interpretation and execution of instructions.  In many computer systems, the CPU includes the arithmetic-logic unit, the control unit, and primary storage unit.

 

Computer System:

Computer hardware as a system of input, processing, output, storage, and control components.  Thus a computer system consists of input and output devices, primary and secondary storage devices, the central processing unit, the control unit within the CPU, and other peripheral devices.

 

Computer Terminal:

Any input/output device connected by telecommunications links to a computer.

 

Digital Cameras:

Digital still cameras and digital video cameras enable you to shoot, store, and download still photos or full-motion video with audio in your PC.

 

Direct Access:

A method of storage where each storage position has a unique address and can be individually accessed in approximately the same period of time without having to search through other storage positions.

 

Information Appliance:

Devices for consumers to access the Internet.

 

Laptop Computer:

A small portable PC.

 

Liquid Crystal Displays (LCD):

Electronic visual displays that form characters by applying an electrical charge to selected silicon

crystals.                

 

Magnetic Disk Storage:

Data storage technology that uses magnetised spots on metal or plastic disks.

 

Magnetic Disk Storage - Floppy Disk:

Small phonograph record enclosed in a protective envelope.  It is a widely used form of magnetic disk media that provides a direct access storage capability for microcomputer systems.

 

Magnetic Disk Storage - Hard Disk

Secondary storage medium; generally nonremovable disks made out of metal and covered with a magnetic recording surface.  It holds data in the form of magnetised spots. 

 

Magnetic Disk Storage - RAID

Redundant array of independent disks.  Magnetic disk units that house many interconnected microcomputer hard disk drives, thus providing large, fault tolerant storage capacities.

 

Magnetic Ink Character Recognition (MICR):

The machine recognition of characters printed with magnetic ink.  Primarily used for check processing by the banking industry.

 

Magnetic Stripe:

A magnetic stripe card is a plastic wallet-size card with a strip of magnetic tape on one surface; widely used for credit/debit cards.

 

Magnetic Tape:

A plastic tape with a magnetic surface on which data can be stored by selective magnetisation of portions of the surface.

 

Mainframe Computer:

A larger-size computer system, typically with a separate central processing unit, as distinguished from microcomputer and minicomputer systems.

 

Microcomputer:

A very small computer, ranging in size from a “Computer on a chip” to a small typewriter-size unit.

 

Microprocessor:

A semiconductor chip with circuitry for processing data.

 

Midrange Computer:

Larger and more powerful than most microcomputers but are smaller and less powerful than most large mainframe computer systems.

 

Minicomputer:

A small electronic general-purpose computer.

 

Network Computer:

A new category of microcomputer designed mainly for use with the Internet and Intranets on tasks requiring limited or specialised applications and no or minimal disk storage.

 

Network Server:

A type of midrange computer used to co-ordinate telecommunications and resource sharing and manages large web sites, Intranets, extranets, and client/server networks.

 

Network Terminal:

A terminal that depends on network servers for its software and processing power.

 

Off-line:

Pertaining to equipment or devices not under control of the central processing unit.

 

Online:

Pertaining to equipment or devices under control of the central processing unit.

 

Optical Character Recognition (OCR):

The machine identification of printed characters through the use of light-sensitive devices.

 

Optical Disk Storage:

Technology based on using a laser to read tiny spots on a plastic disk.  The disks are currently capable of storing billions of characters of information.

 

Optical Disk Storage - CD-ROM:

An optical disk technology for microcomputers featuring compact disks with a storage capacity of over 500 megabytes.

 

Optical Disk Storage - CD-R:

Compact disk recordable (CD-R) enables computers with CD-R disk drive units to record their own data once on a CD, than be able to read the data indefinitely.

 

Optical Disk Storage - CD-RW:

Compact disk rewritable (CD-RW) enables computers with CD-RW disk drive units to record and erase data by using a laser to heat a microscopic point on the disk’s surface.

 

Optical Disk Storage - DVD:

Digital video disk or digital versatile disk (DVD) enables computers with DVD disk drive units to hold from 3.0 to 8.5 gigabytes of multimedia data on each side of a compact disk. 

 

Optical Disk Storage - WORM Disk:

Optical disk that allows users to write once, read many times.

Optical Scanning:

Using a device (scanner) that scans characters or images and generates their digital representations.

 

Pen-Based Computing:

Tablet-style microcomputers that recognise hand-writing and hand-drawing done by a pen-shaped device on their pressure sensitive display screens.

 

Peripheral Devices:

In a computer system, any unit of equipment, distinct from the central processing unit, that provides the system with input, output, or storage capabilities.

 

Personal Digital Assistant:

Handheld microcomputer devices, which are designed for convenient mobile communications and computing.

 

Pointing Devices:

Devices, which allow end users to issue commands or make choices by moving a cursor on the display, screen.

 

Pointing Device - Electronic Mouse:

A small device that is electronically connected to a computer and is moved by hand on a flat surface in order to move the cursor on a video screen in the same direction.  Buttons on the mouse allow users to issue commands and make responses or selections.

 

Pointing Device - Pointing Stick:

A small buttonlike device sometimes likened to the eraser head of a pencil.  The cursor moves in the direction of the pressure you place on the track point.

 

Pointing Device - Touchpad:

Is a small rectangular touch-sensitive surface usually placed below the keyboard.  The cursor moves in the direction your finger moves on the pad.

 

Pointing Device - Trackball:

A roller device set in a case used to move the cursor on a computer’s display screen.

 

Primary Storage:

The main (or internal) memory of a computer.  Usually in the form of semiconductor storage.

 

Printers:

Devices that produce hard copy output such as paper documents or reports.

 

Secondary Storage:

External or auxiliary storage device that supplements the primary storage of a computer.

 

Semiconductor Memory:

Microelectronic storage circuitry etched on tiny chips of silicon or other semiconducting material.

 

Semiconductor Memory - RAM:

Also known as main memory or primary storage; type of memory that temporarily holds data and instructions needed shortly by the CPU.  RAM is a volatile type of storage.  

 

Semiconductor Memory - ROM:

Also known as firmware; a memory chip that permanently stores instructions and data that are programmed during the chip’s manufacture.  Three variations on the ROM chip are PROM, EPROM, and EEPROM.  ROM is a non-volatile form of storage.

 

Sequential Access:

A sequential method of storing and retrieving data from a file.

 

Smart Cards:

Cards such as debit and credit cards, which have an embedded microprocessor chip and several kilobytes of memory.

 

Speech Recognition:

Direct conversion of spoken data into electronic form suitable for entry into a computer system.   Promises to be the easiest, most natural way to communicate with computers. 

 

Storage Capacity Elements:

Units used for storage capacity and data: bits, bytes, kilobytes (KB), megabytes (MB), gigabytes (GB), terabytes (TB).

 

Storage Capacity Elements - Bit:

A contraction of “binary digit”.  It can have the value of either 0 or 1.

 

Storage Capacity Elements - Byte:

A sequence of adjacent binary digits operated on as a unit and usually shorter than a computer word.  In many computer systems, a byte is a grouping of eight bits that can represent one alphabetic or special character or can be “packed” with two decimal digits.

 

Storage Capacity Elements - Kilobyte (K or KB):

When referring to computer storage capacity it is equivalent to 2 to the 10th power, or 1,014 in decimal notation.

 

Storage Capacity Elements - Megabyte (MB):

One million bytes.  More accurately, 2 to the 20th power, 1,048,576 in decimal notation.

 

Storage Capacity Elements - Gigabyte (GB):

One billion bytes.  More accurately, 2 to the 30th power, or 1,073,741,824 in decimal notation.

 

Storage Capacity Elements - Terabyte (TB):

One trillion bytes.  More accurately, 2 to the 40th power, or 1,009,511,627,776 in decimal notation.

 

Storage Media Trade-offs:

The trade-offs in cost, speed, and capacity of various storage media.

 

Supercomputer:

A special category of large computer systems that are the most powerful available.  They are designed to solve massive computational problems.

 

Time Elements:

Units used for measuring processing speeds: milliseconds, microseconds, nanoseconds, and picoseconds.

 

Time Elements - Millisecond:

A thousandth of a second.

 

Time Elements - Microsecond:

A millionth of a second.

 

Time Elements - Nanosecond:

One billionth of a second.

 

Time Elements - Picosecond:

One trillionth of a second.

 

Touch-Sensitive Screen:

An input device that accepts data input by the placement of a finger on or close to the CRT screen.

 

Transaction Terminals:

Terminals used in banks, retail stores, factories, and other work sites that are used to capture transaction data at their point of origin.  Examples are point-of-sale (POS) terminals and automated teller machines (ATMs).

 

Video Output:

Video displays are the most common type of computer output. 

 

Volatility:

Memory (such as electronic semiconductor memory) that loses its contents when electrical power is interrupted.

 

Wand:

A handheld optical character recognition device used for data entry by many transaction terminals.

 

Workstation:

A computer terminal or micro- or minicomputer system designed to support the work of one person.  Also, a high-powered computer to support the work of professionals in engineering, science, and other areas that require extensive computing power and graphics capabilities.

 

 

VI.            REVIEW QUIZ - Match one of the key terms and concepts

 

[See Review Quiz Answers found at the end of the text]

 

 

           VII.  ANSWERS TO DISCUSSION QUESTIONS

 

1.         Do you agree with the statement: “The network is the computer”?  Why or why not?

 

Students’ answers will vary.  However, there appears to be no reason to think that the network is not the computer.  To the user, the network appears as a seamless environment where they have access to software, external data, and also internal corporate data.  In many companies, computer users are using machines that are designed to enable only this type of computing.

 

2.         What trends are occurring in the development and use of the major types of computer systems?

 

Computers are becoming physically smaller, faster, more memory, cheaper, more reliable and user friendly, and are increasingly being connected via telecommunications links through organizations.

 

3.         Refer to the Real World Case on the City of Richmond and Tim Beaty Builders in the chapter.  Will the convergence of PDAs, sub-notebook PCs, and cell phones produce an information appliance that will make all of those categories obsolete?  Why or why not?

 

There is probably no doubt that the convergence of PDAs, sub-notebook PCs, and cell phones will produce an information appliance that will make all of those categories obsolete.  As more powerful appliances capable of completing multiple tasks are developed, there will definitely be a trend toward converging of this technology into a single appliance.  Users do not want to carry around 4 or 5 different appliances when one would do the trick.  For example, it only stands to reason that an individual will not want to carry around a pager, cell phone, GPS, laptop, or a variety of other hardware devices if all of the features could be integrated into one small appliance such as the PDA. 

 

4.         Do you think that network computers (NCs) will replace personal computers (PCs) in many applications?  Explain.

 

The trend in business organizations is certainly towards the use of network computers.  Advancements in hardware and software technology have encouraged this growth.  In many cases, businesses are finding network computers more cost effective and efficient.  As well, the NC environment is easier and cheaper to implement and maintain. 

 

5.         Are networks of PCs and servers making mainframe computers obsolete?  Explain.

 

Networked microcomputers are often the better alternative to larger single computer systems, providing many of the same advantages, and easier access and more personal control.  However, there are still many tasks that require the memory capacity and number crunching power of modern mainframe computers, such as running mathematical models for weather forecasting.  Minicomputers are often more economical than multiple micros in business environments that have teams working together on projects and require control of access to databases and ongoing projects.  The distinction between micro- and minicomputers, however, is becoming increasingly fuzzy.

 

6.         Refer to the Real World Case on United Technologies and Eastman Kodak in the chapter.  Should a conglomerate like UTC with may diverse companies standardize its PC hardware and software, and lockout downloads of other software?  Why or why not?

 

Certainly, more and ore large conglomerates like UTC and even smaller companies are moving towards standardizing their PC hardware and software, and are increasingly instituting lockout downloads of other software.  The reason for this trend is relatively simple – it reduces resources for equipment and PC support. Some will students’ may argue that these policies are too restrictive and stifle imagination or processes for getting the job done with a hardware or software tool that a user knows how to use.  However, it can also be argued that these inconveniences are small in comparison to savings realized through standardization.

 

7.         What are several trends that are occurring in the development and use of peripheral devices?  Why are these trends occurring?

 

Trends in I/O devices are to more user friendliness.  This includes direct I/O wherever feasible, increased use of voice I/O, and better quality printed output.  Trends in secondary storage devices are to increase use of optical disks, higher capacity magnetic disks, and small but high-capacity magnetic tape cartridges for backup storage.

 

8.         When would you recommend the use of each of the following:  (1) network computers, (2) NetPCs, (3) network terminals, or (4) information appliances in business applications? 

 

            Network Computer: - 

            This category of microcomputer is designed mainly for use with the Internet and Intranets on tasks requiring limited or specialised applications and no or minimal disk storage.

 

            NetPC

            This category of microcomputer is considered a low-cost networked-enabled PCs with reduced features.  This is a good choice when the computer user does not require the additional processing power that would normally be found within a standalone computer.

 

            Network Terminal:

A terminal that depends on network servers for its software and processing power.  The users of these stations do not require standalone software packages or processing power to complete their jobs.

 

            Information Appliance:

Devices for consumers to access the Internet.  These include a number of gadgets such as cellular phones and pagers to handheld PCs.  These are excellent choices for the “Road Warrior” who requires portability and ease of use.  Many of these gadgets enable Internet access and the ability to perform basic computational chores.  

 

9.         What processor, memory, magnetic disk storage, and video display capabilities would you require for a personal computer that you would use for business purposes?  Explain your choices.

 

Students’ responses will vary.  However, when a machine is used for business purposes the answer should identify requirements such as the need for large capacity hard drives, Jaz or ZIP drives, peripherals such as a need for an ergonomic keyboard and mouse, DVD or CD devices, scanners, faster-state of the art high speed processors such as the Pentium III chips, memory capacity large enough to handle the demands of the software and the operating system.  Also, they should specify the requirements of a good video display with a high performance video card capable of handling the requirements of the software and the demands of the job.

 

10.       What other peripheral devices and capabilities would you want to have for your business PC?  Explain.

 

Students’ responses will vary.  There are so many peripherals available today that a complete answer to this question is impossible.  The wish list simply goes on and on and the possibilities are seemingly endless.

 

 

                 VIII. ANSWERS TO APPLICATION EXERCISES

 

1.    Purchasing Computer Systems for Your Workgroup

 

1.    Purchasing Computer Systems for Your Workgroup

 

a)              Prepare a spreadsheet summarizing this pricing information and showing the cost, from each supplier, of the following options:

a. 5 units with the basic configuration

b. 3 units with the basic configuration and 2 units with all of the upgrades

c. 3 units with the basic configuration plus the monitor upgrade and 2 units with all upgrades

d. All 5 units fully upgraded.

b)        Prepare a set of power point slides or similar presentation materials summarizing your results.  Include a discussion of the warranty and servicing contract options available from each supplier.

 

             [See Data Solutions Disk]

 

2.         Price and Performance Trends for Computer Hardware

 

a)              Create a spreadsheet based on the figures below and including a new column for each component showing the price per unit of capacity.  (Cost per megahertz of speed for microprocessors, and cost per megabyte of storage for RAM and hard disk devices).

b)             Create a set of graphs highlighting your results and illustrating trends in price per unit of performance (speed) or capacity.

c)         Write a short paper discussing the trends you found.  How long do you expect these trends to continue?  Why?

 

             [See Data Solutions Disk]

 

 

            IX. ANSWERS TO REAL WORLD CASES

 

Real World Case 1: City of Richmond and Tim Beaty:

      The Business Value of PDAs

 

1.         What are the business benefits of PDAs for business applications?  Use the City of Richmond and Tim Beaty Builders as examples.

 

City of Richmond: Business benefits of PDAs for business applications include:

·   PDAs can be used to solve a wide variety of business needs and do it cheaply.

·   Used to track heavy-duty equipment use and manage $2.3 million in inventory.

·   Saves hundreds of hours of otherwise lost time.

·   Time saved by using PDAs can be devoted to other projects.

·   PDA applications can be a part of Internet-based systems that connect to desktop PCs.

 

Tim Beaty: Business benefits of PDAs for business applications include:

·   Used to record work hours, equipment operations, and construction milestones

·   Realized a significant benefit in the payroll application and managers time.

·   Used as portable record-keeping and time-clock devises that can be linked to other data collection and corporate applications.

·   Quickly able to determine if a company is making money on a project.

·   Able to track and record individual project costs and helps in increasing the accuracy in terms of costs and revenues.

·   Helps track equipment use and sends alerts when it’s time for repairs and when equipment is being underused.

·   Managers know exactly which projects are making or losing money and by how much.

·   Company has a competitive advantage because the field staff is more informed, and more responsible to their customers’ needs.

 

2.         What are the limitations of PDAs for business use?  Compare PDAs to laptop PCs to help you answer.

 

PDAs have many benefits but they are also limited in what they can do.  They certainly do not have the processing capability and speed of a laptop, nor are they as versatile.  Software is currently being created for more applications for PDAs but this is still in its infancy.  Laptop PCs on the other hand, are more powerful and have the versatility of speed with a multitude of off-the-shelf software available.  They can also be purchased with a docking station, which enables them to serve a dual purpose - desktop, and portability.  Information can be quickly uploaded and downloaded in this configuration.

 

3.              The City of Richmond now wants to use tablet PCs for some applications.  What are the advantages of tablet PCs over PDAs and laptop PCs for business applications?  Check out websites like www.cnet.com or www.pcworld.com for the latest product reviews to help you answer.

 

Microsoft's Tablet PC is a design for a fully-equipped personal computer that allows a user to take notes using natural handwriting on a stylus or digital pen-sensitive touch screen instead of requiring the use of a keyboard. The Tablet PC is similar in size and thickness to a yellow paper notepad. It will run existing Windows-based applications and is intended to be the user's primary personal computer as well as a note-taking device. Microsoft's next operating system, Windows XP, (code-named Whisler) is designed to support the Tablet PC. The first Tablet PCs will be geared toward business users.

The Tablet PC uses what is called digital ink. Digital ink allows the user to write a note on the screen in freehand just as the user would write on a piece of paper. Writing can be natural rather than being required to match a pattern. The note can be edited and revised using the stylus and even indexed and searched. The note stays in "ink" or handwritten form until the user translates the note into a text document. Handwritten notes can be shared via e-mail. The recognition of handwritten notes and instructions is designed to be as reliable as input from a keyboard or mouse is today.

The idea of tablet computing is generally credited to Alan Kay of Xerox who sketched out the idea in 1971. The best-known and first widely-sold tablet computer was Apple Computer's Newton, which was not a commercial success. With today's extended battery life, better display resolution, handwriting recognition software, larger memory, and wireless Internet access, the tablet computers of the early 2000's are deemed to have a better chance of being accepted as a viable computing option. Microsoft's goal is to make its tablet computers available by 2002

 

PDA (personal digital assistant) is a term for any small mobile hand-held device that provides computing and information storage and retrieval capabilities for personal or business use, often for keeping schedule calendars and address book information handy. The term handheld is a synonym. Many people use the name of one of the popular PDA products as a generic term. These include Hewlett-Packard's Palmtop and 3Com's PalmPilot.  Most PDAs have a small keyboard. Some PDAs have an electronically sensitive pad on which handwriting can be received. Apple's Newton, which has been withdrawn from the market, was the first widely-sold PDA that accepted handwriting. Typical uses include schedule and address book storage and retrieval and note-entering. However, many applications have been written for PDAs. Increasingly, PDAs are combined with telephones and paging systems.  Some PDAs offer a variation of the Microsoft Windows operating system called Windows CE. Other products have their own or another operating system.

 

 

A laptop computer, usually called a notebook computer by manufacturers, is a battery- or AC-powered personal computer generally smaller than a briefcase that can easily be transported and conveniently used in temporary spaces such as on airplanes, in libraries, temporary offices, and at meetings. A laptop typically weighs less than 5 pounds and is 3 inches or less in thickness. Among the best-known makers of laptop computers are IBM, Apple, Compaq, Dell, and Toshiba.  Laptop computers generally cost more than desktop computers with the same capabilities because they are more difficult to design and manufacture. A laptop can effectively be turned into a desktop computer with a docking station, a hardware frame that supplies connections for peripheral input/output devices such as a printer or larger monitor. The less capable port replicator allows you to connect a laptop to a number of peripherals through a single plug. Laptops usually come with displays that use thin-screen technology. The thin film transistor or active matrix screen is brighter and views better at different angles than the STN or dual-scan screen. Laptops use several different approaches for integrating a mouse into the keyboard, including the touchpad, the trackball, and the pointing stick. A serial port also allows a regular mouse to be attached. The PC Card is insertable hardware for adding a modem or network interface card to a laptop. CD-ROM and digital versatile disc drives may be built-in or attachable.

 

Real World Case 2: United Technologies and Eastman Kodak

      The Business Case for Consolidating Computer Operations and Systems

 

1.         What are some of the business benefits that United Technologies will gain from the consolidation of its computer systems, data centers, software, and help centers?  What limitations might there be?

 

Business benefits include:

·   Save the company $1 billion through efficiencies over the next 15 years.

·   Standardization of a data backup software utility gives UTC autodiscovery features and centralized and remote management capabilities.  This will help protect their mission-critical data.

·   Every critical system has a disaster recovery plan.

·   Consolidation resulted in improvements in its computer systems, data centers, help centers, and other hardware and software resources.

·   Standardized on 45,000 new Dell PCs, reduced 20 U.S. data centers to three, reduction from eight mainframe systems to two, reduced 15 help desks to one help center.

·   Realized major gains in efficiency and security management.

·   Major reductions in the number of pieces of software being used throughout the organization.

·   Standardization within the business units was achieved.

 

Limitations:

·   Limitations appear to be a heavy reliance on a limited number of hardware and software providers.

·   Not every business unit is the same – a standardized policy is sometimes not effective.

.    

 

2.         What are the business benefits of standardizing on selected models from one manufacturer of desktop and laptop PCs as UTC did with Dell and Kodak did with IBM?  What limitations might there be?

 

Business benefits of standardizing on selected models from one manufacturer of desktop and laptop PC as these companies have done include:

·   Quantity discounts

·   Standardized equipment

·   Preloaded software standards

·   One stop customer service and support.

·   Savings in cost and time as the IT departments no longer have to install, setup, and maintain the systems.

 

Limitations

·   Major reliance on these providers to give you the support you want. 

  

3.              What are the business benefits of UTC’s policy of “locking down” its new Dell PCs so employees can’t download other software from the Internet?  Do you agree with this policy?  Why or why not?

 

It makes good business sense for a company to “lock down” their systems because it certainly does create a lot of inefficiencies, and creates headaches for the IT personnel who must maintain the systems.  However, it also creates a lot of frustration on the part of the users who are adapt at using the Internet to gain access to things such as hardware drivers, or utility programs that make their work easier. 

 

 

Real World Case 3: Boscov’s, Winnebago, and WPS Health

  Moving to Linux on the Mainframe

 

1.         How can a mainframe run the equivalent of hundreds of Linux server applications at the same time?    

 

A mainframe can run the equivalent of hundreds of Linux server applications at the same time because in this environment the databases can be stored and hosted on the mainframe while servers are used to run the applications.

 

2.         Why can the total cost of ownership of running Linux applications on the mainframe be less than on Intel-based servers?  What other IT and business benefits may be achieved?  

 

The total cost of ownership of running Linux applications on the mainframe can be less than on Intel-based servers for a number of reasons:

·   Running Linux applications on the mainframe overall is much cheaper, as applications from networked Intel-based servers can be shifted to “virtual server” partitions on the mainframe.

·   The Linux operating system used to run applications on the mainframe has a lower TCO than supporting applications on hundreds or thousands of distributed servers.

·   Hardware and software savings are realized by using Linux applications.

·   No need to purchase Intel servers when using the Linux applications on a mainframe.

·   Savings in software licensing fees.

·   Personnel costs are lower when running Linux on a mainframe because it takes fewer support staffers to manage a single mainframe than it does to manage multiple Intel servers.

·   Reduction in the actual size of infrastructure need to house equipment, and the electricity they consume.

·   Improve efficiency on the mainframe systems, which translates into lower transaction costs.

 

3.         What challenges or limitations can arise in moving business applications from servers to Linux on a mainframe?

 

            One of the major challenges or limitations is that few mainframe administrators are versed in Linux today, and fewer Linux experts know IBM’s z/OS mainframe operating system, which has created a skills shortage.  Other limitations include the current lack of a wealth of software created to support the Linux system.

 

 

Real World Case 4:  La-Z-Boy and Corporate Express

The Business Benefits of Server Consolidation

 

 

1.         What are the business and technical benefits of using multiple servers to run business applications for a company?

 

Business benefits of using multiple servers

·   Servers are relatively cheap compared to mainframe systems.

·   Free up space, reduce costs, and increase performance.

 

Technical benefits of using multiple servers

·   Servers can free the mainframe to be used for core business applications.

·   Designating servers to single applications can be easily set up.

 

2.         What are the business and technical challenges facing companies who depend on many distributed server systems?    

 

Business challenges:

·   Management of a distributed server environment is very difficult

·   Proliferation of servers in some organizations has proven far more costly than previously predicted.

·   Space requirements for the large number of servers is expensive, more exposure to potential security breaches, and a greater management burden.

·   Planning is required to conduct successful server consolidation initiatives.

 

            Technical challenges:

·   Number of servers that IT personnel must manage.

·   Smaller scaled-out systems are less expensive than mainframes; IT departments need many more of them to support their companies’ business operations.

·   Difficulty of consolidating the large number of servers used to run a multitude of different applications.

 

3.         What are the business and technical benefits of server consolidation initiatives?  What are the limitations of such a strategy?

 

            Business benefits of server consolidation initiatives

·   Consolidation of distributed servers can be quickly accomplished through partitioning, and is enhanced by using Unisys tools.

·   Servers are inexpensive and carry low administrative and maintenance costs.

 

            Limitations of server consolidation initiatives:

·   Server consolidation model does not address all requirements in an organization.

·   Companies have no desire to ram everything onto one server.

·   Network capacity may limit the ability to consolidate Microsoft Exchange servers, and peak traffic load and application conflicts are also potential problems.

 

 

Real World Case 5:  Los Alamos National Laboratory and Others

The ROI of Blade Servers

 

1.         What are the business and technical benefits of using blade servers versus rack-mounted or traditional servers?

 

            Business benefits of using blade servers

·   Blades are faster to deploy and are easier to manage than traditional server clusters.

·   Price/performance benefits

·   Blade servers cost 30 to 50 percent less than traditional rack-mounted servers

·   Savings derived from smaller size, low power-consumption costs, and the reduced costs of cabling, power supply management, and integrated telecom switching, and do not need the environmental requirements of air conditioning or raised flooring.

 

2.         What limitations or challenges might there be in the use of blade servers? 

 

The primary caveat in trying to achieve quick ROI on blade servers largely rests on how well the processing, networking, and storage features are integrated.  Cost savings can quickly dissolve if maintaining blade servers becomes complex and time-consuming. 

 

3.         When should a company consider using blade servers?  Visit the website of RLX Technologies to help your answer.

 

There are a number of reasons for companies to consider using blade servers.  For example:

·      When the company is seeking to expand their operations, or have outgrown their current physical location.

·      When they are looking to reduce budgetary requirements in IT operations.  Savings can be realized in costs associated with power consumption, space, and environmental requirements).

·      Time constraints associated with deploying and code traditional server clusters.

·      Installing new systems that require faster processing speeds.

·      When demand on their current systems are not meeting operational requirements.

 

A blade server is a thin, modular electronic circuit board, containing one, two, or more microprocessors and memory, that is intended for a single, dedicated application (such as serving Web pages) and that can be easily inserted into a space-saving rack with many similar servers. One product offering, for example, makes it possible to install up to 280 blade server modules vertically in multiple racks or rows of a single floor-standing cabinet. Blade servers, which share a common high-speed bus, are designed to create less heat and thus save energy costs as well as space. Large data centers and Internet service providers (ISPs) that host Web sites are among companies most likely to buy blade servers.

A blade server is sometimes referred to as a high-density server and is typically used in a clustering of servers that are dedicated to a single task, such as:

·         File sharing

·         Web page serving and caching

·         SSL encrypting of Web communication

·         Transcoding of Web page content for smaller displays

·         Streaming audio and video content

Like most clustering applications, blade servers can also be managed to include load balancing and failover capabilities. A blade server usually comes with an operating system and the application program to which it is dedicated already on the board.  Individual blade servers are usually hot-pluggable and come in various heights, including 5.25 inches (the 3U model), 1.75 inches (1U), and possibly "sub-U" sizes. (A U is a standard measure of vertical height in an equipment cabinet and is equal to 1.75 inches.)

 

 

 

================================================

14 Computer Software

 

            I.  CHAPTER OVERVIEW

 

Foundation Concepts:  Computer software, reviews the basic features and trends in the major types of application software and system software used to support enterprise and end user computing.

 

Software – Computer software consists of two major types of programs: (1) applications software that directs the performance of a particular use, or application, of computers to meet the information processing needs of users, and (2) system software that controls and supports the operations of a computer system as it performs various information processing tasks.  Refer to Figure 14.2 for an overview of the major types of software.

 

Application Software – Application software includes a variety of programs that can be segregated into general-purpose and application-specific categories.  General-purpose application programs perform common information processing jobs for end users. Examples are word processing, electronic spreadsheet, database management, telecommunications, and presentation graphics programs.  Application-specific programs accomplish information processing tasks that support specific business functions or processes, scientific or engineering applications, and other computer applications in society.

 

System Software – System software can be subdivided into system management programs and system development programs.  System management programs manage the hardware, software, networks, and data resources of a computer system during its execution of information processing jobs.  Examples of system management programs are operating systems, network management programs, database management systems, system utilities, performance monitors, and security monitors.  Network management programs support and manage telecommunications networks.  Database management systems control the development, integration, and maintenance of databases.  Utilities are programs that perform routine computing functions, such as backing up data or copying files, as part of an operating system or as a separate package.  System development programs help IS specialists and end users develop computer programs and information system procedures.  Major development programs are language translators, programming editors, and other programming tools.

 

Operating Systems – An operating system is an integrated system of programs that supervises the operation of the CPU, controls the input/output storage functions of the computer system, and provides various support services.  An operating system performs five basic functions: (1) a user interface for system and network communications with users, (2) resource management for managing the hardware resources of a computer system, (3) file management for managing files of data and programs, (4) task management for managing the tasks a computer must accomplish, and (5) utilities and other functions that provide miscellaneous support services.

 

Programming Languages – Programming languages are a major category of system software.  They require the use of a variety of programming packages to help programmers develop computer programs, and language translator programs to convert programming language instructions into machine language instruction codes.  The five major levels of programming languages are machine languages, assembler languages, high-level languages, fourth-generation languages, and object-oriented languages.  Object-oriented languages like Java and special-purpose languages like HTML and XML are being widely used for Web-based business applications.

 

 

                        II. LEARNING OBJECTIVES

 

Learning Objective

·         Describe several important trends occurring in computer software.

·         Give examples of several major types of application and system software.

·         Explain the purpose of several popular microcomputer software packages for end user productivity and collaborative computing.

·         Outline the functions of an operating system.

·         Describe the main uses software programming languages and tools.

 

 

III. TEACHING SUGGESTIONS

 

This chapter introduces many concepts and terms essential for the understanding of computer systems and their functions.  Unless the students taking this course are already familiar with software terminology, this chapter should be thoroughly covered.

 

Figure 14.2 can be used to provide an overview of the major types of computer software, and to illustrate the difference between system software and application software.  Figure 14.3 can be used to describe the trends in computer software and to explain that the trend in software has been to move toward multipurpose, expert-assisted packages with natural languages and graphical user interfaces.

 

Figure 14.14 provides an insightful tool, which can be used to effectively explain and illustrate the system and application software interface between end users and computer hardware.  Figure 14.15 illustrates the basic functions of an operating system such as the user interface, resource management, task management, file management, and utilities and other functions.    As the majority of students taking this course are not MIS majors, they often have difficulty with the differences with understanding the differences in programming languages.  Instructors should use Figure 14.20 to make this process easier.

 

If students are not already familiar with the type of application packages covered in Section II, one or more lab sessions, providing hands-on experience could prove beneficial.

 

 

IV: LECTURE NOTES

 

Section I: Application Software - End User Applications

 

INTRODUCTION TO SOFTWARE

 

This chapter presents an overview of the major types of software you depend on as you work with computers and access computer networks.  It discusses their characteristics and purposes and gives examples of their uses.

 

Analyzing Intuit Inc.

We can learn a lot about the development and markets for consumer and small business software from this case.  Take a few minutes to read it, and we will discuss it.  (See Intuit Inc. in Section IX). 

 

Types of Software: [Figure 14.2]

This chapter presents an overview of the major types and functions of application software and system software that are available to computer users.  Information systems depend on software resources to help end users use computer hardware to transform data resources into a variety of information products.  Software is needed to accomplish the input, processing, output, storage, and control activities of information systems.

 

Computer software is typically classified into two major types of programs:

·         Application Software - Programs that direct the performance of a particular use, or application, of computers to meet the information processing needs of end users.

 

·         System Software - Programs that manage and support the resources and operations of a computer system as it performs various information processing tasks.

                             

Two major software trends are taking place:  [Figure 14.3]

·         Trend away from:      

(1)     Custom-designed programs developed by the professional programmers of an organization. 

(2)     Technical, machine-specific programming languages using binary-based or symbolic codes

        (3)        Procedural languages, which use brief statements and mathematical expressions to specify the sequence of instructions a computer must perform.

 

·         Trend towards:

(1)     Use of off-the-shelf software packages acquired by end users from software vendors.

        (2)   Use of a visual graphic-interface for object-oriented programming, or toward nonprocedural natural languages for programming that are closer to human conversation.

 

Reasons for these trends are:

·         Development of relatively inexpensive and easy-to-use application software packages and multipurpose software suites for microcomputers.

·         Software packages are designed with web-enabled networking capabilities and collaboration features that optimize their usefulness for end users and workgroups on the Internet and corporate intranets and extranets.

·         Many software packages can now be downloaded, updated, managed, and rented or leased from software companies or application service providers (ASP’s) over the Internet and corporate intranets.

·         Creation of easy-to-use, nonprocedural fourth-generation languages (4GLs).

·         Developments in object technology, graphics, and artificial intelligence produce natural language and graphical user interfaces (GUI) that make both programming tools and software packages easier to use.

·         Developments in a new generation of expert-assisted software packages that combine expert system modules and artificial intelligence features (wizards and intelligent agents)

 

Results of these trends:

·         Current trends are converging to produce a fifth generation of powerful, multipurpose, expert-assisted and network-enabled software packages with natural language and graphical interfaces to support the productivity and collaboration of both end users and IS professionals.

 

Application Software for End Users: [Figure 14.2]

Application software consists of a variety of programs that can be subdivided into general-purpose and application-specific categories.  These programs are called application packages because they direct the processing required for a particular use, or application, that end users want accomplished.  Examples include:

·         Business Applications - accounting, sales management, transaction processing, electronic commerce, etc.

·         Science and Engineering Applications – research and development

·         Personal Applications – finance and home management

·         Education and Entertainment Applications – schools, learning institutions, DVD movies

 

General-purpose application programs are programs that perform common information processing jobs for end users.  Examples include:

·         Word processing programs

·         Spreadsheet programs

·         Database management programs

·         Graphics programs

·         Web browsers

·         Electronic mail

·         Groupware

 

 

SOFTWARE SUITES AND INTEGRATED PACKAGES

 

Software suites are a combination of the most widely used productivity packages that come bundled together.  They include suites such as Microsoft Office, Lotus SmartSuite, and Corel WordPerfect Office, and Sun’s StarOffice.

 

Advantages of software suites:

These software tools can be used to increase your productivity, collaborate with your colleagues, and access intranets, extranets, and the Internet.

·         Suites integrate software packages for web browsing, word processing, spreadsheets, presentation graphics, database management, personal information management, and more.

·         Suites cost a lot less than the total cost of buying their individual packages separately.

·         All programs use a similar graphical user interface, which gives them the same look and feel, and make them easier to learn and use.

·         Suites also share common tools, such as spell checkers and help wizards to increase their efficiency.

·         Programs are designed to work together seamlessly and import each other’s files or transfer data between applications.

·         Costs vary between $100 for a competitive upgrade to over $700 for a full version.

 

Disadvantages of software suites:

·         Critics argue that most end users never use many software suite features.

·         Suites take up a lot of disk space and may require significant amounts of memory.

·         Suites may compromise on the speed, power, and flexibility of some of their functions to achieve integration.

 

Integrated packages - the disadvantages of using software suites is one of the reasons for the continued use of integrated packages like Microsoft Works, Lotus eSuite WorkPlace, AppleWorks, and so on.  Integrated packages combine some of the functions of several programs into one software package. 

 

Advantages of integrated packages:

·         Combine some of the functions of several programs into one software package.

·         They require a lot less disk space than software suites.

·         Can cost less than a hundred dollars.

·         Are frequently pre-installed on many low-end microcomputer systems.

·         Many integrated packages have enough functions and features for many computer users.

 

Disadvantages of integrated packages:

·         Leave out many features and functions that are in individual packages and software suites.  They cannot do as much as individual packages and software suites.

 

 

WEB BROWSERS AND MORE

 

The most important software component too many computer users today is the web browser.  A browser like Netscape Navigator or Microsoft Explorer is the key software interface you use to point and click your way through the hyperlinked resources of the World Wide Web and the rest of the Internet, as well as corporate intranets and extranets.

 

Web Browsers are used by end users as the universal software platform, which they use to:

·         Launch information searches

·         E-mail others

·         Perform multimedia file transfers

·         Participate in discussion groups and workgroup collaboration

·         Many other Internet, intranet, and extranet applications

·         Watch a video

·         Make a phone call

·         Download software

·         Hold a videoconference

 

 

ELECTRONIC MAIL AND INSTANT MESSAGING

 

Electronic mail has changed the way people work and communicate.  E-mail is used to send and receive electronic messages via the Internet or through organizational intranets or extranets.  E-mail is stored on network servers until you are ready.  Features of E-mail include:

·         Route messages to one or many individuals

·         Route messages to multiple end users based on predefined mailing lists

·         Provide password security

·         Automatic message forwarding

·         Remote user access

·         Allow users to store messages in folders with provisions for adding attachments to message files

·         Edit and send graphics and multimedia as well as text

·         Provide bulletin board and computer conferencing capabilities

·         Filter and sort incoming messages and route them to appropriate user mailboxes and folders

 

 

WORD PROCESSING AND DESKTOP PUBLISHING

 

Word processing packages computerize the creation, editing, revision, and printing of documents by electronically processing text data. Some of the features of these packages include:

·         Desktop publishing capabilities

·         Can be used to convert documents to HTML format for publication as web pages on corporate intranets or the World Wide Web.

·         Advanced features such as spell checker, thesaurus, grammar and punctuation capabilities. 

·         Suggest possible improvements in your writing style with grammar and style checker functions.

·         Idea processor or outliner functions, which help you, organize and outline your thoughts before preparing a document or developing a presentation.

·         Design and create pages from scratch for an Internet or intranet web site.

 

 

Desktop Publishing (DTP):

End users and organizations can use desktop publishing (DTP) software to produce their own printed materials such as newsletters, brochures, manuals, and books with several type styles, graphics, and colors on each page.  Typically text material and graphics can be generated by word processing and graphics packages and imported as text and graphics files.  Optical scanners may be used to input text and graphics from printed material.  You can also use files of clip art, which are predrawn graphic illustrations provided by the software package or available from other sources.

 

The heart of desktop publishing is a page design process called page markup or page composition.  The video screen becomes an electronic paste-up board with rulers, column guides, and other page design aids.  Text material and illustrations are then merged into the page format you design.  The software will automatically move excess text to another column or page and help size and place illustrations and headings.

 

 

ELECTRONIC SPREADSHEETS

 

Electronic spreadsheet packages are programs that are used for business analysis, planning, and modelling.  They provide electronic replacement for more traditional tools such as paper worksheets, pencils, and calculators.  They generate an electronic spreadsheet, which is a worksheet of rows and columns, which can be stored on your PC, a network server, or converted to HTML format and stored as a web page or websheet on the World Wide Web.   Data and formulas are entered into the worksheet via the keyboard.  The computer performs the calculations based on the formulas entered.   Most packages also have graphic capabilities.

 

A spreadsheet package can also be used as a decision support tool to perform what-if analysis.   For example: “What would happen - If you did something else”.

 

 

DATABASE MANAGEMENT

 

Database Management packages allow you to set up and manage databases on your PC, network server, or the World Wide Web.   Most DBMS packages can perform four primary tasks (discussed in Chapter 5):

·         Database Development - Define and organize the content, relationships, and structure of the data needed to build a database, including any hyperlinks to data on web pages.

·         Database Interrogation - Access the data in a database to display information in a variety of formats.  End users can selectively retrieve and display information and produce forms, reports, and other documents, including web pages.

·         Database Maintenance - Add, delete, update, and correct the data in a database, including hyperlinked data on web pages.

·         Application Development - Develop prototypes of web pages, queries, forms, reports, and labels for a proposed business application.  Or use a 4GL or application generator to program the application. 

 

 

PRESENTATION GRAPHICS

 

Presentation packages are used to convert numeric data into graphics displays such as line charts, bar graphs, pie charts, and many other types of graphics.  Most of the top packages also help you prepare multimedia presentations of graphics, photos, animation, and video clips, including publishing to the World Wide Web. 

 

Advantages of using graphics and multimedia:

·         They are easier to comprehend and communicate than numerical data.

·         Use of multiple-color and multiple-media displays can more easily emphasize key points, strategic differences, and important trends in the data.

·         Presentation graphics have proven to be much more effective than tabular presentations of numeric data for reporting and communicating in advertising media, management reports, or other business presentations.

·         Presentation graphics software packages give you many easy-to-use capabilities that encourage the use of graphics presentations (slide shows), which contain many integrated graphics and multimedia displays.  Examples:  PowerPoint, Freelance, or Presentations. 

·         Graphics and multimedia presentations can be transferred in HTML format to web sites on corporate intranets or the World Wide Web.

 

 

PERSONAL INFORMATION MANAGERS (PIMS)

 

The personal information manager is a popular software package for end user productivity and collaboration.  They are used to help end users store, organize, and retrieve information about customers, clients, and prospects, or schedule and management appointments, meetings, and tasks.  PIMs are being used for:

·         Electronic calendar or list of appointments, meetings, or other things to do.

·         Timetable for a project

·         Display of key facts and financial data about customers, clients, and sales prospects

·         Accessing the World Wide Web

·         Provide E-mail capability. 

·         Internet and E-mail features to support team collaboration by sharing information with other networked PIM users.

 

 

GROUPWARE

 

Groupware is collaboration software that helps workgroups and teams work together to accomplish group assignments.   Groupware is a fast growing category of general-purpose application software that combines a variety of software features and functions to facilitate collaboration.

 

Groupware products support collaboration through:

·         Electronic Mail       

·         Discussion groups and databases

·         Scheduling

·         Task management

·         Data, audio, and videoconferencing

·         Internet, corporate intranets and extranets to make collaboration possible on a global scale by virtual teams located anywhere in the world.

·         Joint web page development

·         Publish project news and progress reports

·         Working jointly on documents stored on web servers

 

 

OTHER BUSINESS SOFTWARE

 

Application software packages support managerial and operational uses such as:

·         Data warehousing and data mining  (Chapter 6 – 13)

·         Accounting, marketing, manufacturing, human resource management, and financial management, customer relationship management, enterprise resource planning, supply chain management, and electronic commerce (Chapter 4)

·         Decision support and data analysis applications (Chapter 6)

 

 

Section II:  System Software: Computer System Management

 

SYSTEM SOFTWARE OVERVIEW

 

System software consists of programs that manage and support a computer system and its information processing activities.  For example, operating systems and network management programs serve as a vital software interface between computer system hardware and the application programs of end users.

 

Analyzing Amazon, Orbitz, and Others

We can learn a lot about the business value of competitive developments in system software from this case.  Take a few minutes to read it, and we will discuss it (Amazon, Orbitz, and Others in Section IX).

 

Two major functional categories of system software include: [Figure 14.14]

·         System Management Programs - Programs that manage the hardware, software, and data resources of the computer system during its execution of the various information processing jobs of users.  They include:

·         Operating Systems

·         Network Management Programs

·         Database Management Systems

·         System Utilities

 

·         System Development Programs - Programs that help users develop information system programs and prepare user programs for processing.  Major development programs include:

·         Programming Language Translators and Editors

·         Programming Tools

·         CASE (Computer-Aided Software Engineering) Packages

 

 

OPERATING SYSTEMS

 

The most important system software package for any computer is its operating system.  An operating system is an integrated system of programs that:

·         Manages the operations of the CPU

·         Controls the input/output and storage resources and activities of the computer system

·         Provides various support services as the computer executes the application programs of users.

 

Primary purpose of the operating system is:

·         Maximize the productivity of a computer system by operating it in the most efficient manner.

·         Minimize the amount of human intervention required during processing.

·         Helps your application programs perform common operations such as accessing a network, entering data, saving and retrieving files and printing or displaying output.

 

Operating System Functions: [Figure 14.15]

An operating system performs five basic functions in the operation of a computer system.  It provides:

·         User Interface

·         Resource Management

·         Task Management

·         File Management

·         Utilities and Support Services

 

 

The User Interface:

The user interface is the part of the operating system that allows the end user to communicate with the operating system so they can load programs, access files, and accomplishes other tasks.  Three main types of user interfaces are:

·         Command Driven

·         Menu Driven

·         Graphical User Interface (GUI)

 

Trend Away From: The entry of brief end user commands, and choices from menus of options

 

Trend Towards: Easy-to-use graphical user interface (GUI), which uses icons, bars, buttons, boxes, and other images relying on pointing devices, like the electronic mouse or trackball to make selections that help you get things done.

 

Resource Management:

An operating system uses a variety of resource management programs to manage the hardware and networking resources of the computer system, including its:

·         CPU 

·         Memory

·         Secondary Storage Devices

·         Telecommunications processors

·         Input/Output Peripherals

 

Memory management programs:

·         Keep track of where data and programs are stored. 

·         May also subdivide memory into a number of sections and swap parts of programs and data between main memory and magnetic disks or other secondary storage devices.

·         Provide a computer system with a virtual memory capability, which is larger than the actual main memory of its primary storage circuits. 

 

File Management:

File management programs of an operating system:

·         Control the creation, deletion, and access of files of data and programs.

·         Keep track of the physical location of files on magnetic disks and other secondary storage devices.

 

Task Management:

Task management programs of an operating system:

·         Manage the accomplishment of the computing tasks of end users.

·         Allocate CPU time to tasks and interrupt tasks being executed to substitute other tasks.

·         May involve a multitasking capability where tasks of several programs can process at the same time.  Multitasking may involve multiprogramming where the CPU can process the tasks of several programs at the same time, or time-sharing, where the computing tasks of several users can be processed at the same time. 

·         In multitasking, a single computer can act as if it were several computers, or virtual machines, such that each application program is running independently at the same time.

 

Popular Operating Systems:

The most popular microcomputer operating systems are:

 

MS-DOS   - for many years was the most widely used microcomputer operating system. 

 

Characteristics:

-          A single user, single-tasking operating system

-          Was given a graphical user interface and limited multitasking capabilities by combining it with Microsoft Windows.

 

Windows 95 - Microsoft began replacing its DOS/Windows combination in 1995 with the Windows 95 operating system.

 

Characteristics:

-          Advanced operating system

-          Graphical user interface

-          True multitasking capabilities

-          Networking capabilities

-          Multimedia capabilities

 

Windows 98                - Microsoft introduced an enhanced version of Windows 95 in 1998.

 

Characteristics:

        -  Enhanced Internet capabilities

 

 

Windows 2000 - Several versions of this have been released. 

 

Characteristics/versions available:

-          Professional:  a full-featured operating system for PC desktops and laptops.

-          Server: a multipurpose operating system for network servers and web servers in smaller networks.

-          Advanced Server: a network operating system to manage large networks and web-sites powered by server farms of many servers.

-          Datacenter Server:  a high-performance network operating system for large-scale business applications, such as online transaction processing and data warehousing. 

 

Windows NT                - multitasking network operating system

 

Characteristics:

-          Powerful, multitasking, multiuser network operating system

-          Installed on network servers to manage client/server networks and on PCs with high performance requirements.

-          Microsoft merged its Windows 98 and Windows NT products into the Windows 2000 operating system during the year 2000.

 

UNIX - a popular operating system that is available for micros, minis, and mainframe computer systems.

 

Characteristics:

-          Originally developed by AT&T, UNIX is now offered by other vendors, including Solaris by Sun Microsystems and AIX by IBM.

-          Multitasking and multiuser system, network-managed operating system whose portability allows it to run on mainframes, midrange computers, and microcomputers.

 

LINUX - is a low-cost, powerful, and reliable Unix-like operating system that is rapidly gaining market share as a high-performance operating system for network servers and web servers in both small and large networks.

 

Characteristics:

-          Linux Torvald of Finland and millions of programmers around the world developed Linux as a free or low-cost shareware or open-source software over the Internet in the 1990’s.

-          Linux is still being enhanced in this way, but is sold with extra features and support services by software vendors such as Red Hat, Caldera, and VA Linux.

-          PC versions of Linux are available which support office software suites, web browsers, and other application software.

 

Mac OS X - is the latest operating system from Apple for the iMac and other Macintosh microcomputers.

 

Characteristics:

Mac OS X has a new graphical user interface as was as advanced multitasking and multimedia capabilities, along with a new suite of Internet services called iTools.

 

 

NETWORK MANAGEMENT PROGRAMS

 

Today’s information systems rely heavily on the Internet, intranets, extranets, local area networks, and other telecommunications networks to interconnect end user workstations, network servers, and other computer systems.  This requires a variety of system software for network management, including:

·         Network operating systems

·         Network performance monitors

·         Telecommunications monitors

 

Network management programs perform such functions as:

·         Automatically checking client PCs and video terminals for input/output activity

·         Assigning priorities to data communications requests from clients and terminals

·         Detecting and correcting transmission errors and other network problems

·         Some network management programs function as middleware to help diverse networks communicate with each other.

 

 

DATABASE MANAGEMENT SYSTEMS

 

A database management system (DBMS) is a set of software programs that control the development, use, and maintenance of the databases of computer-using organizations. A database management system:

·         Helps organizations use their integrated collection of data records and files known as databases.

·         Allows different user application programs to easily access the same database.

·         Simplifies the process of retrieving information from databases in the form of displays and reports.

·         Enables end users to get information from a database using a query language.

·         Many DBMS packages provide fourth-generation languages (4GLs) and other application development features.

 

 

OTHER SYSTEM MANAGEMENT PROGRAMS

 

System support programs are a category of software that performs routine support functions for the end users of a computer system.  Examples are:

 

Utility programs - Programs that perform miscellaneous housekeeping and file conversion functions.  Examples:  Norton Utilities

 

Performance Monitors        - Programs that monitor the performance and usage of computer systems to help their efficient use. 

 

Security Monitors - Programs that monitor and control the use of computer systems and provide warning messages and record evidence of unauthorized use of computer resources.

 

 

PROGRAMMING LANGUAGES [Figure 14.20]

 

Programming languages are the languages in which computer programs are written.  A programming language allows a programmer or end user to develop the sets of instructions that constitute a computer program.  Many programming languages have been developed, each with its own unique vocabulary, grammar, and uses:

·         Machine Languages

·         Assembler Languages

·         High-Level Languages

·         Fourth Generation Languages

·         Object-Oriented Languages

 

Machine Languages:

Machine languages are the most basic level of programming languages.  They were the first generation of programming languages.

Disadvantages of machine languages:

·         Programs had to be written using binary codes unique to each computer.

·         Programming involved the difficult task of writing instructions in the form of strings of binary digits (ones and zeros) or other number systems.

·         Programmers had to have a detailed knowledge of the internal operations of the specific type of CPU they were using. 

·         Programmers had to write long series of detailed instructions to accomplish even simple processing tasks.

·         Programming is difficult and error-prone.

 

Assembler Languages:

Assembler languages are the second generation of programming languages.  They were developed to reduce the difficulties in writing machine language programs.  Assembler languages are frequently called symbolic languages because symbols are used to represent operation codes and storage locations.

 

Advantages:

·         Uses symbolic coded instructions, which are easier to remember.

·         Programming is simplified, as a programmer does not need to know the exact storage location of data and instructions.

·         Provides programmers greater control and flexibility in designing a program for a particular computer. 

·         Programmers can produce more efficient software that requires a minimum of instructions, storage, and CPU time to perform a specific processing assignment.

 

Disadvantages:

·         Assembler languages are unique to particular lines of computers.

 

High-Level Languages

High-level languages are the third generation of programming languages.  They include COBOL (business application programs), BASIC (microcomputer end users), and FORTRAN (scientific and engineering applications).

 

Advantages:

·         Easier to learn and understand than an assembler language as instructions (statements) resemble human language or the standard notation of mathematics.

·         Have less-rigid rules, forms, and syntax’s, so the potential for error is reduced.

·         Are machine-independent programs therefore programs written in a high-level language do not have to be reprogrammed when a new computer is installed.

·         Programmers do not have to learn a new language for each computer they program.

 

Disadvantages:

·         Less efficient than assembler language programs and require a greater amount of computer time for translation into machine instructions.

 

Fourth-Generation Languages: (4GLs):

Fourth-generation languages (4GLs) include a variety of programming languages that are more nonprocedural and conversational than prior languages. 

 

Advantages:

·         Simplified the programming process.

·         Use nonprocedural languages that encourage users and programmers to specify the results they want, while the computer determines the sequence of instructions that will accomplish those results.

·         Use natural languages that impose no rigid grammatical rules.

 

Disadvantages:

·         Less flexible that other languages.

·         Less efficient (in terms of processing speeds and amount of storage capacity needed).

 

 

Object-Oriented Languages:

Object-oriented programming (OOP) languages tie data elements and the procedures or actions that will be performed on them together into objects.  Examples include Visual Basic, Turbo C++, C++, Object C++, and Java.

 

Advantages:

·         OOP languages are easier to use and more efficient for programming the graphics-oriented user interface required by many applications.

·         Programmed objects are reusable.

 

 

HTML, XML and Java

HTML and Java are two relatively new programming languages, which have become vital tools for building multimedia web pages, web sites, and web-based applications.

Characteristics of HTML (Hypertext Markup Language) include:

·         HTML is a page description language that creates hypertext or hypermedia documents.

·         HTML inserts control codes within a document at points you can specify that create links (hyperlinks) to other parts of the document or to other documents anywhere on the Web.

·         HTML embeds control costs in the ASCII text of a document, which designate titles, headings, graphics, and multimedia components, as well as hyperlinks within the document.

 

Characteristics of XML (eXtensible Markup Language) include:

·         XML is not a web page format description language like HTML.

XML describes the contents of web pages by applying identifying tags or contextual labels to the data in web documents.  By classifying data in this way, XML makes website information a lot more searchable, sortable, and easier to analyze.

 

XML promises to make electronic commerce a lot easier and efficient by supporting the automatic electronic exchange of business data between companies and their customers, suppliers, and other business partners.

 

Characteristics of Java include:

·         Java is an object-oriented programming language created by Sun Microstations.

·         Java is revolutionizing the programming of applications for the World Wide Web and corporate intranets and extranets.

·         Java is related to the C++ and Objective C programming languages, but is much simpler and secure, and is computing platform independent.

·         Java is specifically designed for realtime, interactive, web-based network applications.

·         Java applications consist of small application programs called applets, which can be executed by any computer and any operating system anywhere in a network.

·         Applets can reside at web sites on a network server until needed by client systems, and are easy to distribute over the Internet or intranets and extranets.

·         Java applets are platform independent – they can run on Windows, UNIX, and Macintosh systems without modification.

·         Java is becoming the programming language choice for many organizations intent on capitalizing on the business potential of the Internet, as well as their own intranets and extranets.

 

 

PROGRAMMING SOFTWARE

 

A variety of software packages are available to help programmers develop computer programs.  For example, programming language translators are programs that translate other programs into machine language instruction codes that computers can execute.  Other software packages such as programming language editors, called programming tools, help programmers write programs by providing program creation and editing capabilities.

 

Language Translator Programs

Computer programs consist of sets of instructions written in programming languages that must be translated by a language translator into the computer’s own machine language before they can be processed, or executed, by the CPU.  Programming language translator programs are known by a variety of names.

 

·         Assembler - Translates the symbolic instruction codes of programs written in an assembler language into machine language instructions.

·         Compiler - Translates (compiles) high-level language statements (source programs) to machine language programs.

·         Interpreter - Translates and executes each program statement one at a time, instead of first producing a complete machine language program, like compilers and assemblers do.

 

Programming Tools:

A graphical programming interface and a variety of built-in capabilities or add-on packages enhances many language translator programs.  Language translators provide editing and diagnostic capabilities to identify programming errors or bugs.  Many language translator programs now include powerful graphics-oriented programming editors and debuggers.  These programs help programmers identify and minimize errors while they are programming.  The goal of such programs is to decrease the drudgery of programming while increasing the efficiency and productivity of programmers.

 

Other programming tools include:

·         Diagramming packages

·         Code generators

·         Libraries of reusable objects and program code

·         Prototyping tools                                                              

                             

 

        V.  KEY TERMS AND CONCEPTS - DEFINED

 

Application Server:

System software that provides a middleware interface between an operating system and the application programs of users.

 

Application Software:

Programs that specify the information processing activities required for the completion of specific tasks of computer users.  Examples are electronic spreadsheet and word processing programs or inventory or payroll programs.

 

Application-Specific Programs:

Application software packages that support specific applications of end users in business, science and engineering, and other areas.

 

Assembler Language:

A programming language that utilizes symbols to represent operation codes and storage locations.

 

Database Management Software:

A computer program that facilitates the storage, maintenance, and utilization of data in a database.

 

Desktop Publishing:

The use of microcomputers, laser printers, and page-makeup software to produce a variety of printed materials, formerly done only by professional printers.

 

Electronic Mail:

The transmission, storage, and distribution of text material in electronic form over communications networks.

 

Electronic Spreadsheet Software:

An application program used as a computerized tool for analysis, planning, and modelling that allows users to enter and manipulate data into an electronic worksheet of rows and columns.

 

File Management:

Controlling the creation, deletion, access, and use of files of data and programs.

 

Fourth-Generation Language (4GL): Programming languages that are easier to use than high-

level languages like BASIC, COBOL, or FORTRAN.  They are also known as nonprocedural,

natural, or very high-level languages.

 

General-Purpose Application Programs:

Programs that can perform information processing jobs for users from all application areas.  Individuals for home, education, business, scientific, and many other purposes can use for example, word processing programs, electronic spreadsheet programs, and graphics programs.

 

Graphical User Interface:

A software interface that relies on icons, bars, buttons, boxes, and other images to initiate computer-based tasks for users.

 

Groupware:

Software packages that support work activities by members of a work group whose workstations are interconnected by a local area network.

 

High-Level Language:

A programming language that utilizes macro instructions and statements that closely resembles human language or mathematical notation to describe the problem to be solved or the procedure to be used.  Also called a compiler language.

 

HTML:

Is a page description language that creates hypertext or hypermedia documents.

 

Integrated Package:

Software that combines the ability to do several general-purpose applications (such as word processing, electronic spreadsheet, and graphics) into one program.

 

Java:

Is an object-oriented programming language created by Sun Microsystems.

 

Language Translator Program:

A program that converts the programming language instructions in a computer program into machine language code.  Major types include assemblers, compilers, and interpreters.

 

Machine Language:

A programming language where instructions are expressed in the binary code of the computer.

 

Multitasking:

The concurrent use of the same computer to accomplish several different information processing tasks.  Each task may require the use of a different program, or the concurrent use of the same copy of a program by several users.

 

Natural Language:

A programming language that is very close to human language.  Also called very high-level language.

 

Network Management Programs:

Network management programs perform such functions as automatically checking client PCs and video terminals for input/output activity, assigning priorities to data communications requests from clients and terminals, and detecting and correcting transmission errors and other network problems.

 

Network Operating Systems:

Software that manages telecommunications in complex local area networks.

 

Nonprocedural Language:

Programming languages that allow users and professional programmers to specify the results they want without specifying how to solve the problem.

 

Object-Oriented Language:

An object-oriented programming (OOP) language used to develop programs, which create and use objects to perform information processing tasks.

 

Operating System:

The main control program of a computer system.  It is a system of programs that controls the execution of computer programs and may provide scheduling, debugging, input/output control, system accounting, compilation, storage assignment, data management, and related services.

 

Personal Information Manager:

A software package that helps end users store, organize, and retrieve text and numerical data in the form of notes, lists, memos, and a variety of other forms.

 

Presentation Graphics Package:

Using computer-generated graphics to enhance the information presented in reports and other types of presentations.

 

Programming Tools:

Software packages or modules, which provide editing and diagnostic capabilities and other support facilities to assist the programming process.

 

Resource Management:

An operating system function, which controls the use of computer system resources such as primary storage, secondary storage, CPU processing time, and input/output devices by other system software and application software packages.

 

Software Suites:

Are powerful software packages that combine several individual packages that share a common graphical interface and are designed to easily transfer data between th