Search Results

Search found 28534 results on 1142 pages for 'software business'.

Page 100/1142 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >

  • Security in Software

    The term security has many meanings based on the context and perspective in which it is used. Security from the perspective of software/system development is the continuous process of maintaining confidentiality, integrity, and availability of a system, sub-system, and system data. This definition at a very high level can be restated as the following: Computer security is a continuous process dealing with confidentiality, integrity, and availability on multiple layers of a system. Key Aspects of Software Security Integrity Confidentiality Availability Integrity within a system is the concept of ensuring only authorized users can only manipulate information through authorized methods and procedures. An example of this can be seen in a simple lead management application.  If the business decided to allow each sales member to only update their own leads in the system and sales managers can update all leads in the system then an integrity violation would occur if a sales member attempted to update someone else’s leads. An integrity violation occurs when a team member attempts to update someone else’s lead because it was not entered by the sales member.  This violates the business rule that leads can only be update by the originating sales member. Confidentiality within a system is the concept of preventing unauthorized access to specific information or tools.  In a perfect world the knowledge of the existence of confidential information/tools would be unknown to all those who do not have access. When this this concept is applied within the context of an application only the authorized information/tools will be available. If we look at the sales lead management system again, leads can only be updated by originating sales members. If we look at this rule then we can say that all sales leads are confidential between the system and the sales person who entered the lead in to the system. The other sales team members would not need to know about the leads let alone need to access it. Availability within a system is the concept of authorized users being able to access the system. A real world example can be seen again from the lead management system. If that system was hosted on a web server then IP restriction can be put in place to limit access to the system based on the requesting IP address. If in this example all of the sales members where accessing the system from the 192.168.1.23 IP address then removing access from all other IPs would be need to ensure that improper access to the system is prevented while approved users can access the system from an authorized location. In essence if the requesting user is not coming from an authorized IP address then the system will appear unavailable to them. This is one way of controlling where a system is accessed. Through the years several design principles have been identified as being beneficial when integrating security aspects into a system. These principles in various combinations allow for a system to achieve the previously defined aspects of security based on generic architectural models. Security Design Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation Privilege Least Common Mechanism Psychological Acceptability Defense in Depth Least Privilege Design PrincipleThe Least Privilege design principle requires a minimalistic approach to granting user access rights to specific information and tools. Additionally, access rights should be time based as to limit resources access bound to the time needed to complete necessary tasks. The implications of granting access beyond this scope will allow for unnecessary access and the potential for data to be updated out of the approved context. The assigning of access rights will limit system damaging attacks from users whether they are intentional or not. This principle attempts to limit data changes and prevents potential damage from occurring by accident or error by reducing the amount of potential interactions with a resource. Fail-Safe Defaults Design PrincipleThe Fail-Safe Defaults design principle pertains to allowing access to resources based on granted access over access exclusion. This principle is a methodology for allowing resources to be accessed only if explicit access is granted to a user. By default users do not have access to any resources until access has been granted. This approach prevents unauthorized users from gaining access to resource until access is given. Economy of Mechanism Design PrincipleThe Economy of mechanism design principle requires that systems should be designed as simple and small as possible. Design and implementation errors result in unauthorized access to resources that would not be noticed during normal use. Complete Mediation Design PrincipleThe Complete Mediation design principle states that every access to every resource must be validated for authorization. Open Design Design PrincipleThe Open Design Design Principle is a concept that the security of a system and its algorithms should not be dependent on secrecy of its design or implementation Separation Privilege Design PrincipleThe separation privilege design principle requires that all resource approved resource access attempts be granted based on more than a single condition. For example a user should be validated for active status and has access to the specific resource. Least Common Mechanism Design PrincipleThe Least Common Mechanism design principle declares that mechanisms used to access resources should not be shared. Psychological Acceptability Design PrincipleThe Psychological Acceptability design principle refers to security mechanisms not make resources more difficult to access than if the security mechanisms were not present Defense in Depth Design PrincipleThe Defense in Depth design principle is a concept of layering resource access authorization verification in a system reduces the chance of a successful attack. This layered approach to resource authorization requires unauthorized users to circumvent each authorization attempt to gain access to a resource. When designing a system that requires meeting a security quality attribute architects need consider the scope of security needs and the minimum required security qualities. Not every system will need to use all of the basic security design principles but will use one or more in combination based on a company’s and architect’s threshold for system security because the existence of security in an application adds an additional layer to the overall system and can affect performance. That is why the definition of minimum security acceptably is need when a system is design because this quality attributes needs to be factored in with the other system quality attributes so that the system in question adheres to all qualities based on the priorities of the qualities. Resources: Barnum, Sean. Gegick, Michael. (2005). Least Privilege. Retrieved on August 28, 2011 from https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/351-BSI.html Saltzer, Jerry. (2011). BASIC PRINCIPLES OF INFORMATION PROTECTION. Retrieved on August 28, 2011 from  http://web.mit.edu/Saltzer/www/publications/protection/Basic.html Barnum, Sean. Gegick, Michael. (2005). Defense in Depth. Retrieved on August 28, 2011 from  https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/347-BSI.html Bertino, Elisa. (2005). Design Principles for Security. Retrieved on August 28, 2011 from  http://homes.cerias.purdue.edu/~bhargav/cs526/security-9.pdf

    Read the article

  • Routing static IP traffic on a Comcast Business Class IP Gateway (SMCD3G-CCR)

    - by Jakobud
    We are in the process of replacing our firewall, which is currently the only thing connected to our Comcast Business Class modem. Comcast gives us 5 static IP addresses. Currently, all traffic to all 5 static IPs goes directly to the existing firewall. Eventually, obviously all traffic will goto the new firewall, once the old firewall is removed from the network. But in the meantime, as we will have two firewalls plugged into the same Comcast modem, I need to route certain traffic to the new firewall instead of the old one. The firewall switchover is going to be slow and gradual as I am testing it, so I can't simply unplug the existing firewall and plug in the new one. So my question is, how do I tell the modem to route all traffic that goes to a specific IP to goto the new firewall instead of the old one? I've logged into the web interface for the modem, but the available options aren't very clear. There is a 1-to-1 NAT option (which I can't seem to get the interface for it to work properly) but I also see a "Static Routing" section. I always understood Static Routing to refer to routing data within the LAN though, so I'm not sure if that's what I'm looking for or not. Keep in mind, I'm not looking to do simple port forwarding. I'm wanting 100% of traffic to certain public static IPs to go to the specified connected firewall (I'll deal with service policies there). The modem is an SMC SMCD3G-CCR and is labeled as a Comcast Business Class Business IP Gateway. Any help or direction would be greatly appreciated.

    Read the article

  • Fastest way to document software architecture and design

    - by Karsten
    We are a small team of 5 developers and I'm looking for some great advices about how to document the software architecture and design. I'm going for the sweet spot, where the time invested pays off. I don't want to use more time documenting than necessary. I'll quickly give you my thoughts. What are the diagrams I should made? I'm thinking an overall diagram showing the various applications and services. And then some sequence diagrams showing the most important or complicated processes. About the code it self, I really don't see much value in describing or making diagrams for the code outside the .cs files them self. About text documents, I'm a bit uncertain about when to put down on paper. Most developers don't like to either write or read long documents.

    Read the article

  • Essential management tools for a small/medium software development shop

    - by mikera
    I've recently started work with an organisation that is rapidly expanding and is recruiting or growing several development teams (including two web-based products and a data warehouse/BI team). They are basically working to agile methodologies but haven't formalised a standard way of working yet. Despite the fact that it is early days, I've been surprised by the lack of tools being used to manage the development processes (e.g. no issue tracker, no tool to manage the product backlog etc.) Although it's not my primary responsibility, I'd like to help them out with some recommendations on the most important tools they should get in place. What are the 3-5 top priority tools to establish for management of a good development shop? Why are they necessary? How do they improve the software development process, and how do I justify them to my bosses?

    Read the article

  • Software jobs after dropping out of masters degree

    - by Bampesh
    I am right now doing my masters in EE in the US, and have previously worked for a couple years in the telecom industry back home in India. I came here wanting to transfer to CS, but at my current university, with my GPA, that seems not very possible. I am not very interested in EE, so I am thinking of dropping out of the program. If I could demonstrate my abilities and experience, would software companies be willing to hire me in the US for my previous experience (with a half completed masters degree). Or would lack of the degree be a huge hindrance? Any suggestions? Thanks

    Read the article

  • Which software development methodologies can be seen as foundations

    - by Bas
    I'm writing a small research paper which involves software development methodologiess. I was looking into all the available methodology's and I was wondering, from all methodologies, are there any that have provided the foundations for the others? For an example, looking at the following methodologies: Agile, Prototyping, Cleanroom, Iterative, RAD, RUP, Spiral, Waterfall, XP, Lean, Scrum, V-Model, TDD. Can we say that: Prototyping, Iterative, Spiral and Waterfall are the "foundation" for the others? Or is there no such thing as "foundations" and does each methodology has it's own unique history? I would ofcourse like to describe all the methodology's in my research paper, but I simply don't have the time to do so and that is why I would like to know which methodologies can be seen as representatives.

    Read the article

  • Chess as a team building exercise for software developers

    - by maple_shaft
    The last place I worked wasn't a particularly great place and there were more than a few nights where we were working late into the evening trying to meet our sprints. The team while stressed out got pretty close and people started bringing in little mind teasers and puzzles, just something we would all play around with and try to solve while a build/deploy was running for the test environment, or while we were waiting for the integration test run to finish. Eventually it turned into people bringing chess boards in and setting them at their desks. We would play by email sending each other moves in chess notation, but at a very casual pace, with games lasting sometimes two or three days. Management tolerated this when we were putting in overtime, but as things were being managed better and people weren't working much more than 40/wk, they started cracking down on this and told us that we weren't allowed to have chess boards at our desks, although they were okay with the puzzle games. What are the pros and cons in your opinion of allowing chess during software development lull time?

    Read the article

  • What is your favorite Software Engineering methodology?

    - by bmdhacks
    I'm hoping the SO crowd can help me expand my definitions of methodology buzzwords such as SCRUM, Agile, XP, Waterfall, etc, and give some enlightenment as to which approach is the best. If there's some specific book or web page that really captures your philosophy on constructing software with teams of programmers, please indicate it. EDIT: Please don't say, "I use a little of everything." without any more detail. If you haven't read any books or websites that have been helpful, now's your chance to enlighten the world by describing your experience-learned methodology. I would encourage the moderators to up-vote more descriptive answers. It's OK if you haven't read any books and made up your own style from experience, but please describe that style so we can learn from you. Thanks for taking the time to answer my question.

    Read the article

  • The best choice of linux file system and software that can be accesed from Windows

    - by Florin
    I am curently having ubuntu and win 7 dual boot and I want to delete my windows 7 and format all my partitions to use a linux file system. But I want to leave a door open in case I have any problems with linux, to be able to acces my linux file system with windows. I know that there are programs that can give you read-write acces to a ext2/3/4 FS (I tested none). I need advice in choosing the right FS, what are the diferences between ext 2/3/4 and what is the best software to do that.

    Read the article

  • mp3 codecs cannot be installed no software is actually installing

    - by joseph michore
    My Rythm box player cannot play mp3 and iget this error "GStreamer extra plugins cannot be installed on your computer type (i386) Either the application requires special hardware features or the vendor decided to not support your computer type" if i go to software center i get this error The repository may no longer be available or could not be contacted because of network problems. If available an older version of the failed index will be used. Otherwise the repository will be ignored. Check your network connection and ensure the repository address in the preferences is correct. in shot i have tried to dowload deb softs i still get the error above .so i have downloaded tar.gz and i have installed using terminal but i get another error of gcc c++ insanity check failure! i ask my self what i am supposed to do nothing is working nothing at all yet i have to run my bussiness help urgently before i collapse and choose to die!

    Read the article

  • My Right-to-Left Foot (T-SQL Tuesday #13)

    - by smisner
    As a business intelligence consultant, I often encounter the situation described in this month's T-SQL Tuesday, hosted by Steve Jones ( Blog | Twitter) – “What the Business Says Is Not What the  Business Wants.” Steve posed the question, “What issues have you had in interacting with the business to get your job done?” My profession requires me to have one foot firmly planted in the technology world and the other foot planted in the business world. I learned long ago that the business never says exactly what the business wants because the business doesn't have the words to describe what the business wants accurately enough for IT. Not only do technological-savvy barriers exist, but there are also linguistic barriers between the two worlds. So how do I cope? The adage "a picture is worth a thousand words" is particularly helpful when I'm called in to help design a new business intelligence solution. Many of my students in BI classes have heard me explain ("rant") about left-to-right versus right-to-left design. To understand what I mean about these two design options, let's start with a picture: When we design a business intelligence solution that includes some sort of traditional data warehouse or data mart design, we typically place the data sources on the left, the new solution in the middle, and the users on the right. When I've been called in to help course-correct a failing BI project, I often find that IT has taken a left-to-right approach. They look at the data sources, decide how to model the BI solution as a _______ (fill in the blank with data warehouse, data mart, cube, etc.), and then build the new data structures and supporting infrastructure. (Sometimes, they actually do this without ever having talked to the business first.) Then, when they show what they've built to the business, the business says that is not what we want. Uh-oh. I prefer to take a right-to-left approach. Preferably at the beginning of a project. But even if the project starts left-to-right, I'll do my best to swing it around so that we’re back to a right-to-left approach. (When circumstances are beyond my control, I carry on, but it’s a painful project for everyone – not because of me, but because the approach just doesn’t get to what the business wants in the most effective way.) By using a right to left approach, I try to understand what it is the business is trying to accomplish. I do this by having them explain reports to me, and explaining the decision-making process that relates to these reports. Sometimes I have them explain to me their business processes, or better yet show me their business processes in action because I need pictures, too. I (unofficially) call this part of the project "getting inside the business's head." This is starting at the right side of the diagram above. My next step is to start moving leftward. I do this by preparing some type of prototype. Depending on the nature of the project, this might mean that I simply mock up some data in a relational database and build a prototype report in Reporting Services. If I'm lucky, I might be able to use real data in a relational database. I'll either use a subset of the data in the prototype report by creating a prototype database to hold the sample data, or select data directly from the source. It all depends on how much data there is, how complex the queries are, and how fast I need to get the prototype completed. If the solution will include Analysis Services, then I'll build a prototype cube. Analysis Services makes it incredibly easy to prototype. You can sit down with the business, show them the prototype, and have a meaningful conversation about what the BI solution should look like. I know I've done a good job on the prototype when I get knocked out of my chair so that the business user can explore the solution further independently. (That's really happened to me!) We can talk about dimensions, hierarchies, levels, members, measures, and so on with something tangible to look at and without using those terms. It's not helpful to use sample data like Adventure Works or to use BI terms that they don't really understand. But when I show them their data using the BI technology and talk to them in their language, then they truly have a picture worth a thousand words. From that, we can fine tune the prototype to move it closer to what they want. They have a better idea of what they're getting, and I have a better idea of what to build. So right to left design is not truly moving from the right to the left. But it starts from the right and moves towards the middle, and once I know what the middle needs to look like, I can then build from the left to meet in the middle. And that’s how I get past what the business says to what the business wants.

    Read the article

  • The best linux file system and software to read write on it in Windows

    - by Florin
    I am curently having ubuntu and win 7 dual boot and I want to delete my windows 7 and format all my partitions to use a linux file system. But I want to leave a door open in case I have any problems with linux, to be able to acces my linux file system with windows. I know that there are programs that can give you read-write acces to a ext2/3/4 FS (I tested none). I need advice in choosing the right FS, what are the diferences between ext 2/3/4 and what is the best software to do that.

    Read the article

  • The Best Websites and Software for Brainstorming and Mind Mapping

    - by Lori Kaufman
    A mind map is a diagram that allows you to visually outline information, helping you organize, solve problems, and make decisions. Start with a single idea in the center of the diagram and add associated ideas, words, and concepts connected radially around the central idea. We’ve collected links to websites and software that can help you create mind maps, and collaborate on and share your maps with others. The programs and websites listed here are all either free or have a free option. How To Delete, Move, or Rename Locked Files in Windows HTG Explains: Why Screen Savers Are No Longer Necessary 6 Ways Windows 8 Is More Secure Than Windows 7

    Read the article

  • Fastest way to document software architecture and design

    - by Karsten
    We are a small team of 5 developers and I'm looking for some great advices about how to document the software architecture and design. I'm going for the sweet spot, where the time invested pays off. I don't want to use more time documenting than necessary. I'll quickly give you my thoughts. What are the diagrams I should made? I'm thinking an overall diagram showing the various applications and services. And then some sequence diagrams showing the most important or complicated processes. About the code it self, I really don't see much value in describing or making diagrams for the code outside the .cs files them self. About text documents, I'm a bit uncertain about when to put down on paper. Most developers don't like to either write or read long documents.

    Read the article

  • Will upgrading disrupt online backup software (Crashplan)?

    - by Rob
    Has anyone had any experience upgrading to Ubuntu 11.04, and how this might affect online backup software processes? Specifically, I'm currently running Ubuntu 10.10 and using Crashplan v3. Crashplan backup engine runs constantly in the background to monitor files for changes and back up accordingly. Will upgrading to Ubuntu 11.04 affect any of the Crashplan backup process? Has anyone done this successfully? I'd like to upgrade to the latest and greatest Ubuntu release, but not at the risk of affecting the backup, or worse, having to start from scratch again and upload the entire library!

    Read the article

  • Software Craftsman Pilgrimage Comes Together

    - by Liam McLennan
    Last week on Software Craftsman Pilgrimage I was trying to organise where I will be travelling, and the companies I will be pairing with. I now have a confirmed itinerary. 9 - 11th April Alt.NET Seattle 12th April Craftsman visit with Didit (Long Island) 13th April rest day :) 14th April Craftsman visit with Obtiva (Chicago) 15th – 16th April Craftsman visit with 8th Light (Chicago) 17th – 18th April Seattle Code Camp I am looking forward to all of my visits and talking to all the smart people who work there. I will be blogging my progress and hopefully shooting some video. If you are in Seattle, New York or Chicago and would like to meet up to chat about craftsmanship, programming, ruby or .NET please email me.

    Read the article

  • Ubuntu 13.10 software raid

    - by Piotr Belniak
    I had already Ubuntu OS installed on my desktop PC, where the software RAID 5 is configured ( 3 partitions /, swap and home ). This system was upgraded from the 11.04 till 13.04, it was quite messy, so I decided to install fresh system on existing partitions. 1st of all i found that there is no alternate version of the installer ( which i used to create previous installation ), so i stared with the regular image. I installed mdadm tools, assemble the partitions - fdisk are showing them properly - so i'm starting the installation - and everything i going fine until the GRUB instalation - this part fails - regardless of which partition i use as a target. From the other hand, neither OpenSUse and Ubuntu 12.04 alternate does not have any problems with installing the GRUB - on this configuration, unfortunatelly Ubuntu 12.04 - 12.10 upgrade is failing bacause of some Xorg issues ;(. Maybe someone has an experience with installation of ubuntu 13.10 GRUB on the RAID 5 partitions - and could give me a hint, how to solve my problem. Thanks in advance, Piotr

    Read the article

  • Software Management Tools for Agile Process Development

    - by Graviton
    We would like to implement the Agile/ Scrum process in our daily software management, so as to provide better progress visibility and feature managements, here are some of the activities that we want to do: Daily stand-up Release cycles of 6 weeks with 3 2-week iterations. Having a product back-log of tasks (integrate with bugzilla) and bugs estimated out. Printing a daily burn down to make velocity visible. When used as motivator, it's great. Easy feature development tracking and full blown visibility, especially for the sales and stake holders ( this means that it must be a web based tool). My team is distributed, so physical whiteboards aren't feasible. Is there such a web based tool that meets our needs? I heard icescrum may be one, but I've never used it so I don't know. There are a few more suggestions as here, but I've never heard of them, anyone cares to elaborate or suggest new tools?

    Read the article

  • what is the simplest 3d software for unity?

    - by kdavis8
    Ive heard a lot about Daz studio, Poser, Maya, K-3d, Anim8or, Blender, and all the rest. My question is which one is the best choice in terms of simplicity and quality. price is not an issue really. I'm programming games in java for android mobile devices at the moment but i will eventually move onto larger platforms. I would like to utilize unity3d for the game programming itself and utilize a 3d modeling software just to create the game objects. I just need to know the best one to get started with from scratch or should i use a combination of multiple ones? Any insight for this would be great, thanks!

    Read the article

  • Visual programming for serious software

    - by Gerenuk
    Are visual program control flow diagrams and languages which support that used for larger serious programs? Why not? They seem like a nice overview of the code. In the thread What software programming languages were used by the Soviet Union's space program? a visual language is mentioned (Drakon) and I wondered why such approaches aren't used more often? Is there nothing a visual control flow representation (I don't mean class diagrams etc.) which are 1-to-1 with code can help compared to typing in letters in an editor?

    Read the article

  • Etymology of software project names [closed]

    - by Benoit
    I would like to have a reference community wiki here in order to know what etymology software name have or why they are named that way. I was wondering why Imagemagick's mogrify was named this way. Today I wondered the same for Apache Lucene. It would be handy to have a list here. Could we extend such a list? Let me start and let you edit it please. I will ask for this to be community wiki. For each entry please link to an external reference. GNU Emacs: stand for “Editor MACroS”. Apache Lucene: Armenian name Imagemagick mogrify: from “transmogrify”. Thanks.

    Read the article

  • Interviews by Software Companies

    - by Glenn Nelson
    I have been chosen as one of the 12 final people for a full out scholarship to the college of my choice and it is paid for by a software company so long as I major in Computer Science.I have already had to write an essay on what has most shaped my life (Programming being it) and that was the basis for the interview decision. I now have to go in for an interview with people from the company for the final decision in a week. I do believe I have a good foundation in computer science already. I have roughly 4 years of programming experience in Java, C++, ASM and your typical web stuff. I have done everything from making my own CMS for my site to an assembler to network file transfer applications. That said what types of questions should I expect in an interview of this sort? Do I seem reasonably knowledgeable?

    Read the article

  • What is a non commital approach to software analysis

    - by dsjbirch
    When I think about software analysis the first thing which comes to mind is SSADM and the UML. But, what I want is a high level view of the system before I commit to a programming paradigm. Where am I going wrong? How do I approach a problem in a high level and generic way before I commit to a paradigm? What are the diagrams/tools available to support me? Edit: Some examples of tools that appear to be what I'm after are... A block diagram - http://en.wikipedia.org/wiki/Block_diagram A data flow diagram - http://en.wikipedia.org/wiki/Data_flow_diagram

    Read the article

  • Where to find Information on Software/Technologies Supported by PSRM

    - by Paula Speranza-Hadley
    People often ask where they can find informatoin about software and technologies supported by PSRM and what versions are supported.  This information can be found in the following locations: For X Path - See Script Engine Version dropdown in script Display/maintenance portal  in PSRM for three different kinds of scripts we support. Reference Document: http://docs.oracle.com/cd/E50182_01/PDF/PSRM_Quick_Install_Guide_v2_4_0_0_0.pdf For HTML/Java script -  As supported by supported browsers mentioned in Installation Guides. For information related to supported platforms(OS, Browsers, App servers and Database Servers) -  See Certified and supported Platforms section. Reference Document: http://docs.oracle.com/cd/E50182_01/PDF/PSRM_Installation_Guide_v2_4_0_0_0.pdf For Information related to Oracle client, Java, Micro Focus, Web servers  -  See Installation Checklist section. For Third Party products, copy right and licensing notices (like Apache FWs/libraries) - See License and Copyright Notices section (Appendix B).

    Read the article

  • Calculating instantaneous speed and acceleration for a simple Car software model

    - by Dylan
    I am trying to model a speedometer and tachometer for a simple software model of a car dashboard. I want this to be relatively simple, so for my purposes I won't likely simulate variables such as drag (or, assume that drag is a constant). But I would like to know the general formulas for: 1) Calculating the RPM, depending on a position of a graphical slider representing the accelerator. 2) Using this information to find the instantaneous speed (or, magnitude of instantaneous velocity?). I am not sure, in the case of 2), what other independent variables I need to consider. Do I need to consider the frequency of rotation of the wheels (assuming a fixed radius), in addition to the RPM? If anyone can give me a rough explanation plus relevant formulas, or alternatively direct me to other trusted resources online (I have had a hard time sifting through info and determining the accuracy), it would be much appreciated.

    Read the article

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >