Category Archives: Security

Importance of Cyber Security – Architecture and Measures

Cyber Security is called also as IT security or Computer security. This is information system’s protection from damage or theft to software, hardware and information on them. There is protection also to misdirection or disruption of those services which they would provide. It also includes controls of physical accessibility to hardware and protecting it against harms. This comes through networking accessibility, code and data injection and because of operator malpractices. This can whether be accidental, intentional or because of them becoming tricked to deviations from secured procedures. This realm or field is rapidly growing because of increasing reliability of (PC) or computer systems in present day world. Computer system includes very wide varieties of “smart” devices. This includes televisions, smartphones, and tiny devices as Internet of Things parts. It also has networks including not only private data networks and internet, but also Wi-Fi, different wireless networks and Bluetooth.

Security measures: Cyber Security state is conceptual ideal. This is attained by usages of 3 processes namely threat response, prevention and detection. The processes have been based on lots of system components and policies. This includes following: Cryptography and user accounts accessibility controls protects systems data and files respectively. Firewalls are prevention systems most commonly present. This is from perspectives of network security (in case of proper configuration) there is shielding of internal accessibility to network services. There are also blocking some attack kinds by means of packet filtering. Firewalls are software or hardware based. Intrusion Detection System (IDS) products have been designed for detecting network in-progress attacks. There are assistances in post-attack forensics whilst logs and audit trails serves same function for systems individually. “Response” is defined necessarily by security assessed requirements of systems individually. It covers ranges from simple protection upgrades to legal authorities’ notification and counter-attacks. In few cases, destruction completely of system compromised is favoured. It may become that nearly not all resources compromised are detected.

Security architecture: Organization of Open Security Architecture defines Cyber security architecture as design artefacts which describe how security controls (countermeasures of security) have been positioned. It relates to overall architecture of Information Technology. Security controls serves purposes of maintaining quality attributes of system like assurance, confidentiality, accountability, availability and integrity services. Technopedia defines Cyber security architecture as security design unified which addresses potential risks and necessities being involved in some environments or scenarios. It specifies also where and when there is application of security controls. Design processes are reproducible generally. Important attributes of Cyber security architecture are: Relationship of various components and their dependence on one another, control standardization and controls determination on basis of legal, risk assessment, finances and good practice matters. Secure coding: If environment of operation are not based on operating system security. Then there is capability of domain maintenance for own execution. Then there is capability of application protection codes from subversions malicious. Then there is capability of system protection from subverted codes. Then there are high security degrees understandable not possible. Secured operating system is possible. Most implemented commercial systems in turn fall in “low securities” categories. They have reliance on those features which are not supported by secured operating systems, like, portability. In operating low security environments there are applications relied on participation of own protection.

Since “best efforts” practices of secured coding follow there is application of very resistant subversion’s malicious. In environments commercially, software majority subversions vulnerabilities in turn results in some known kinds of defects of coding. Software common defects include command/code injection, buffer overflows, integer overflow, and vulnerabilities of format string. The defects are used for causing target systems execution to putative data. “Data” contains instructions executable.

Home based Wireless Work Monitoring System

Concerns of home owners regarding burglary and different threats towards home owner’s securities like rises of home security systems and fires is there. This has happened in USA. 1st home security systems are hard wired. This has been changed. Reason is that wireless system’s existence is hitting big and bigger in home securities. Presently, all top companies of security have been offering security wireless systems. Benefits and advantages to security systems being wireless is more. This factor is rather than becoming hard wired. 1 important benefit of Home based Wireless Work Monitoring System is that there is not lot of time consumption whilst installing this particular system. Whilst it takes quite long time for installing hardly wired system. Reason is that there is wire and different equipment absence which requires installation. There are no necessities of tearing by means of carpets or walls for installing wireless systems. Additional factor is that, wire absence is crucial factor in events of burglary. There is a better scenario that wires have no presence in scenes.

Other important benefits of wireless systems are that it utilizes motion sensors. This is configured by means of using (IR) infrared light. Whilst legitimate motions are detected, alarms are set and there is triggering of controls. Home owners are notified together with various rescue personnel and police. Inclusion with the crucial and essential advantage is that there is existence of backups in events of power failures of neighbourhoods. Top security companies of homes offer protections for 24 hours a day, 7 days a week and 365 days a year. This protection is compromised in case there is system’s absence put in places of failure of power. Your home become in dangers at whatever time. So, systems of security are needed for being ready in all times. Systems being wireless includes all conveniences of present days’ home security systems. This includes 2 way voice mechanism and keypads. This is present such that you could talk to needed authorities in problem events. Keychain remotes let disarming and arming of your systems at any desired place in house. Interaction of keypad is there with control panels.

With home security wireless work monitoring system, all things are put under factors of surveillance. System watches your garage, anywhere, your lawn or your porch. In case alarms are triggered, top security company of home has plenty of command centres. Command centres confirm that alarm legitimate presence is there. Authorities could be on scenes in very short duration of time. Presently, you buy home wireless security systems right out of boxes for installation by oneself. This is not advisable. Home security wireless work monitoring system must be installed by professionals from top most security company of home. They are people who have knowledge about proper setting up of security home systems. Installation of home wireless security systems by professionals could be done every month with low costs. Top security companies of homes offer monitoring for 24 hours a day, 7 days a week and 365 days a year. This facility cannot be availed if you do self-installation of systems. Additional factor is that, having professionals conduct installation of security home systems means you need not do it. Important reasons for installation of security home system are feeling secure and safe. There is a good feeling by knowing that home is protected for 7 days in a week and 24 hours in a day. Nothing in turn offers you similar mind’s peace which is provided by security home systems. Whilst live monitoring is done, you acquire knowledge as to matter that wherever you are, there is still someone taking care of your house.

Web Based Remote Device Monitoring – An Overview

To check status of automation systems over web pages are convenient. This is necessary often in this always changing, always evolving and fast paced world. You have application existing which involves lots of things like Input-Output modules and PLCs. You could bring systems to local PC Based SCADA Control and Monitoring System. You could configure systems of SCADA for pulling data from data acquisition and controller modules. You could configure those controls which monitors lots of things like valves, temperature and conveyor status. You could use Web Server such as Web Publishing for KingView for making SCADA systems having web accessibility. In software of SCADA, drivers provide enabling communications with various Data Acquisition modules, PLCs and devices. Web Server installation allows serving systems of SCADA out such that web clients in remote machines have accessibility to data over web pages.

In case you have simplified projects which consist of Modbus RTU base device, you bring this to Internet for data collections with Modbus RTU to Modbus TCP gateways such as tGW-718 that has 1 RS-232/422/485 port. Then you create custom web servers on computers for showing data in fashion organised.  You could use preferred programming languages of web like PHP, JAVA, and ASP.net or C #. You could create accessibility to user logins to pages from whatever locations thereby limiting accessibility to personnel related. In case you have complexed projects you use customizable sophisticated web server controllers such as WP-5141-XW107. You could create programs running in controllers with any .NET languages like C++, C# or VB.NET. You could use also web servers inside for allowing web based SCADA systems for checking remote status or turning device lights off or on. SCADA systems web based offers convenience and flexibility. You could configure systems of SCADA for scheduling alarms being sent when unwanted conditions occurs. This could be when tank leaks, temperature is out of ranges, pump working out, refrigerator door is left opened or occurring of flood. Then you could log to PC and check system’s status over web pages. You click buttons or make changes for best protection of entire system. This results in overall great savings and preventing damages in future. Web based systems of SCADA allows collecting data from all around world. Then have it being displayed in straight forward, clear and organized way.

You could use we based systems of SCADA for controlling and monitoring complex or simple systems. Following factors must be considered before choosing as to which SCADA software is best: There should be monitoring of data of what kind. There should be utilization of what kind of equipment for capturing data. There should be usage of what kind of Human Machine Interface (HMI) for viewing data. From which place there has to be accessibility of data- over internet or on localized machines.  Knowing as to what is cost factor. Knowing as to how much manpower and time is invested in deploying and setting up solution of SCADA. There should be knowing of importance of supports and services. These are totally important aspects of choosing SCADA software. There is no 1 solution which is better clearly than others. To choose solutions of SCADA is that decision which shall affect entire organization. Therefore much heed must be paid to it. Important things being considered is that when question of SCADA arise you do not need always for what payment you have done. It is very amazing that Supervisory Control and Data Acquisition landscapes have changes in recent times. There were times in not too distant past when entrepreneurial bright software developers put SCADA products on markets and found themselves on equal footing basically with same product’s developers.

Nagios – The Industry Standard In IT Infrastructure Monitoring

Review: Nagios is a hefty supervising as well as monitoring system, which is used by organizations to spot out and rectify infrastructure based problems in IT field, without affecting the important procedures in business process. This open source monitoring system software was initially released under the name Net saint.  Nagios provides monitoring services for applications, switches and also servers. The users of this software are alerted whenever the system finds a trouble in the server, and are also alerted after the resolving of the trouble.

This software is distributed under the license of GNU GPL V2. This software is mainly used for checking on network services, and host resources such as system logs, processor load and disk usages.  Nagios provides a complete monitoring, though which one can supervise on services, applications, network protocols, infrastructure components and also system metrics, all with one tool. The script API’s of the software helps in the effective monitoring custom as well as in house applications. The software provides the user with a centralized view of the monitored infrastructure. If the user wants the status information and the other details regarding the monitoring, it can be obtained from the web interface. The software can detect sudden and also unauthorized close downs of the IT infrastructure with a few seconds. The alert regarding the outages will be send to the technical staff, either via mail, or through SMS. The software makes use of the most advance technology and make sure that the alert message reach the right personnel. This software even enable s the automatic restart pf failed services and applications. Nagios make sure that your aging infrastructure is upgraded in the right time.  You can check on the availability reports and the history reports of the software at any time. The availability reports ensures you that the SLA’s are properly completed and the history reports show the records of all the outages, alerts and notifications. Another one of the unique features of the software is the multi access web interface, which enables the user for easy viewing of infrastructure status.

Compared to all other leading monitoring software, Nagios is affordable in pricing without any hidden charges. The software is designed in such a way that, it is simple to use and handle, and this is very rare in other similar soft wares available in the market.

For Downloading, Support, Contact and Help

Official Website
Download from Sourceforge
Help Documentation
Support Forum

An Introduction to Intrusion Tolerance

Intrusion Detection and Intrusion Prevention are the security work that is classical. Intrusion Tolerance is a new approach that has its emersion in the past decade. Intrusion Tolerance means fault that is operational intentional which leads to failure of component.

Vulnerability to a certain extent of system should be accepted and assumed. Attacking on subsystems can have a successful happening sometimes. This should be accepted and assumed. The whole system should remain operational and secure. This should be assured by tolerance paradigm in security.

Integrity, Authenticity and Confidentiality are the various security properties. Maintaining security properties despite allowing compromise of certain components must be done by intrusion-tolerant system. Intruder should be able to modify or read data. Assumptions that there can be happening of intrusions are possible. It is impossible to state that here are no vulnerabilities in a system.

Security and Reliability: Application of “tolerance” paradigm was first done in Reliability.

Computing that is fault tolerant and reliability: Continuing delivering of the right service even in fault presence is the work of a fault-tolerant system. Input-output relation gives system, service and what is intended by system.

Fault types:

  • Electrical damage is suffered by chip (motor)
  • Wrong button is pushed by operator
  • Software defect
  • Burning out of fans
  • Fault that is transient, physical and design

System and components: Components make system. Each component makes each system.

Defense-in-depth approach:

  • Redundancy: Different components and systems are included such that anyone can do wanted function in case others fail.
  • Diversity: Usage of different components which is based on different principles and designs from various vendors.
  • Independence: This factor is got by physical separation, communication independence and electrical isolation between systems.

Dependability:

  • System’s Availability: Measurement of difference between incorrect and correct delivery service.
  • System’s Safety: Measurement of catastrophic failure time.
  • System’s Security: Prevent unauthorized information handling.
  • Maintainability: Measurement of restoration time.

Failure, Fault and Error:

  • If system does not deliver required service, we name it a failure.
  • Fault is cause of failure.
  • Error causes failure of system.
  • Error processing:
  • Error recovery and detection: Backward recovery, Forward recovery


2013 Copyright techgo.org, All right reserved || Privacy Policies, Terms and Disclaimer

Website Administered by MISH IT SOLUTIONS