...and popular developments in preparation for this paper. The examiners would repeat the general comments made before in their report: “The subjects covered currently include XML, web programming, web 2.0 and other current technologies. The paper attempts to be contemporary in the topics it covers, and each year will introduce some new topics within the remit of the published syllabus. It is important for candidates to know that whilst on occasion questions may look similar to those in past papers, the context and approach is often significantly different, which means that previous answers cannot simply be restated; thus it is not appropriate to memorise and re-state past paper answers. Additionally, the answer pointers provided here give guidance and are only a guideline and should not be merely quoted by candidates, but applied to the topic of the question.” A1 a) i) Explain the role and structure of a DTD in relation to an xml document. ii) Explain the role and structure of an XML schema in relation to an xml document. iii) Explain how an xml document would call: an internal DTD an external DTD and; an XML schema. b) i) Compare and contrast the workings of a DTD and an xml schema. You should state the benefits of using each. [3 marks] ii) Generate an appropriate sample XML document based on the xml schema in figure 1.1 [2 marks] [2 marks] [3 marks] [2 marks]...
Words: 3199 - Pages: 13
...Nedgty: Web Services Firewall Ramy Bebawy, Hesham Sabry, Sherif El-Kassas, Youssef Hanna, Youssef Youssef Department of Computer Science American University in Cairo, Egypt {ramy1982,hesh84,sherif,youssefh,youssefy}@aucegypt.edu Abstract This paper describes the research conducted to develop Nedgty, the open source Web Services Firewall. Nedgty secures web services by applying business specific rules in a centralized manner. It has the ability to secure Web Services against Denial of Service, Buffer Overflow, and XML Denial of Service attacks; as well as having an authorization mechanism. 2. Overview of Related Work The concept of web services firewalls has been only recently developed, which accounts for the limited number of products available in the market [4]. Most of the available products are defined by a set of common features. One of those features is XML content inspection also known as deep packet inspection (DPI), which allows for the inspection of the XML content embedded in the SOAP requests coming to the web services. Another feature is webservices access control, either for a whole service or for specific operations. Moreover, some web services firewalls accept WSDL2 files or Schema for SOAPenvelope validation purposes. Two of the most successful products in the market are the ForumSystems XWALL [5] and the DataPower XS40 XML security gateway [6]. They both help the user to define his/her own policies either through a GUI as in XWALL, the definition of...
Words: 3572 - Pages: 15
...Define the following terms as they relate to XBRL. 1. Extensible: The XBRL language is able to be extended. Users can add new ideas and phrases to the basic XBRL without changing its fundamental purpose, structures, or existing terminology. This idea is critically important in any discussion of XBRL. The original creators of the language could not possibly have anticipated every term needed by every organization over the course of even a few years-let alone a longer time period. 2. Specification: XBRL is a part of a larger group of languages referred to as XML. One common feature of all XML specifications is their extensible nature; another is their use as markup languages. So, XML consists of a series of descriptors added to various kinds of information that help users make sense of the information. As a specification of XML, XBRL is focused on descriptors of business reporting information-most often, accounting information. 3. Taxonomy: XBL is made up of several taxonomies, which, for the most part, are focused on specific industry groups. For example, the terminology that describes financial information in a manufacturing firm has some significant differences from financial terminology in a government entity. 4. Namespace: A namespace is like an XBRL dictionary. Remember what the X stands for: extensible. So if someone invents a new XBRL term, he or she has to let others know what it means. The meaning of the new term would reside in a namespace. Namespaces...
Words: 1436 - Pages: 6
...University of Phoenix WEB/238 May 29, 2012 Tanisha D. Jackson Web Development and the Use of Javascript Creating a Website and presenting it online to users across the world has become a regular occurrence over the past few decades. Web pages belong to companies with services to sell, and others, to individuals with information to share. The basic Web site is built with HTML, and then creatively enhanced with CSS. To create a visually expressive Web site that can attract thousands of visitors each day you need to use more than HTML and decide what the site contains. There are different languages that can be used to add a sense of style to your site, some of the possible devices are JavaScript, Java, DOM, and AJAX. In the following paper our team will discuss a few examples of how each can be used in Web development. Comparison of Java and JavaScript Java and JavaScript are both object-oriented languages (Burns, 2012). Knowing how to use one language often becomes confusing when attempting to learn the other. Some of the differences between the two are that Java applets can create stand-alone applications that work across platforms running as standalone programs. However, JavaScript cannot create these stand-alone applications and reside on an Internet browser. A programmer must compile Java code before the program can run. This requires an outside program just to compile the code. A compiler turns Java code into machine...
Words: 2442 - Pages: 10
...Abstract E-commerce has presented a new way of doing business all over the world using internet. Organizations have changed their way of doing business from a traditional approach to embrace ecommerce processes. As individuals and businesses increase information sharing, a concern regarding the exchange of money securely and conveniently over the internet increases. Therefore, security is a necessity in an e-commerce transaction. The purpose of this paper is to present a token based Secure E-commerce Protocol. The purpose of this paper is to present a paradigm that is capable of satisfying security objectives by using token based secure Keywords: Trusted Third Party (TTP), Pretty Good Privacy (PGP), Secure Socket layer (SSL), Secure Electronic Transaction (SET). 1. INTRODUCTION E-commerce refers to a wide range of online business activities for products and services. Security is the basic need to secure information on internet. It also pertains to any form of business transaction in which the parties interact electronically rather than by physical exchanges or direct physical contact. A security objective is the contribution to security that a system or a product is intended to achieve. E-commerce has become a dynamic force, changing all kinds of business operations world-wide. E-commerce is conducted on global network i.e. Internet which is un-trusted. So confidentiality is required during transmission and it must be kept secure against all type of threats The related...
Words: 2757 - Pages: 12
...Computer crime involves: Theft by computer (including identity theft and phis hing) Software piracy and intellectual property misuse Software sabotage (malw are- including worms, viruses, Trojan horses, e tc.) Hacking and electronic trespassing. The computer crime dossier Computer crime: any crime accomplished through knowledge or use of computer technology Businesses and government institutions lose billions of dollars every year to computer criminals The majority of crimes is committed by company insiders Typically covered up or not reported to authorities to avoid embarrassment According to a 2001 survey of over 500 companies and government agencies: 85% detected computer security breaches in the preceding 12 months Financial losses due to security breaches topped $377 million 70% reported that Internet connections were frequent points of attack Only 31% said that internal systems were frequent points of attack. Theft by computer Theft is the most common form of computer crime. Computers are used to steal Money Goods Information Computer resources One common type of computer theft today is the actual theft of computers, such as notebook and PDAs Notebook and PDAs are expensive Data stored on a computer can be more valuable Denial o f Service ( DOS) Attacks bombard servers and Web sites with so much bogus traffic that they are effectively shut down networks, denying service to legitimate customers and clients. Computer security Protecting computer systems...
Words: 7438 - Pages: 30
...Model–view–controller (MVC) is a software architectural pattern for implementing user interfaces. It divides a given software application into three interconnected parts, so as to separate internal representations of information from the ways that information is presented to or accepted from the user. The Model View ViewModel (MVVM) is an architectural pattern used in software engineering that originated from Microsoft as a specialization of the Presentation Model design pattern introduced by Martin Fowler.[1] Largely based on the model–view–controller pattern (MVC), MVVM is a specific implementation targeted at UI development platforms which support the event-driven programming in Windows Presentation Foundation (WPF) and Silverlight on the .NET platforms using XAML and .NET languages. Technically different, but similar, Presentation Model design patterns are available in HTML5 through AngularJS,[2][3] KnockoutJS, Ext JS,[4] Vue.js,[5] and for Java the ZK framework (Model-View-Binder). What is garbage collection? Garbage collection is a CLR feature which automatically manages memory. Programmers forget to release the objects while coding ..... Laziness (Remember in VB6 where one of the good practices is to set object to nothing). CLR automatically releases objects when they are no longer in use and refernced. CLR runs on non-deterministic to see the unused objects and cleans them. One side effect of this non-deterministic feature is that we cannot assume an object is destroyed...
Words: 1735 - Pages: 7
...SOFTWARE REQUIREMENT SPECIFICATION NET VIGILANT NETWORK MONITOR V1.1 Printed On: 3rd Dec 2007 C:\Washington University\ProjectDocument2.doc Department Of Computer Science & Engineering Washington University in Saint Louis Submitted By Subharthi Paul Madhuri Kulkarni Table of Contents |1 |INTRODUCTION |3 | |1.1 |Abstract____________________________________________________________ |4 | |1.2 |Introduction_________________________________________________________ |5 | |1.3 |Product Overview____________________________________________________ |6 | | | | | |2 |SPECIFIC REQUIREMENTS |8 | |2.1 |External Interface Requirements_________________________________________ |9 | | |2.1.1 User Interfaces_________________________________________________ ...
Words: 1548 - Pages: 7
...WEB LEARNING OBJECTIVES In this chapter, you will learn about: ● The origin, growth, and current structure of the Internet ● How packet-switched networks are combined to form the Internet ● How Internet protocols and Internet addressing work ● The history and use of markup languages on the Web, including SGML, HTML, and XML ● How HTML tags and links work on the World Wide Web ● The differences among internets, intranets, and extranets ● Options for connecting to the Internet, including cost and bandwidth factors ● Internet2 and the Semantic Web INTRODUCTION Many business executives made the statement “the Internet changes everything” during the late 1990s. One of the first people to say those words publicly was John Chambers, CEO of Cisco Systems, in a speech at a computer industry trade show in 1996. For his company, the Internet did indeed change 36865_02 10/7/2005 16:35:28 Page 52 everything. Cisco, founded in 1984, grew rapidly to become one of the largest and most profitable 52 companies in the world by 2000. Cisco designs, manufactures, and sells computer networking devices. In this chapter, you will learn about these devices and how they make up the Internet. Cisco’s earnings grew as telecommunications companies purchased the company’s products to build the infrastructure of the Internet. Other companies also wanted to connect their business operations to the Internet; they became lucrative customers ...
Words: 24308 - Pages: 98
...INTRUSION DETECTION AND PREVENTION SYSTEM: CGI ATTACKS A Thesis Presented to The Faculty of the Department of Computer Science San José State University In Partial Fulfillment of the Requirements for the Degree Master of Science by Tejinder Aulakh December 2009 © 2009 Tejinder Aulakh ALL RIGHTS RESERVED ii SAN JOSÉ STATE UNIVERSITY The Undersigned Project Committee Approves the Project Titled INTRUSION DETECTION AND PREVENTION SYSTEM: CGI ATTACKS by Tejinder Aulakh APPROVED FOR THE DEPARTMENT OF COMPUTER SCIENCE Dr. Mark Stamp, Department of Computer Science Date Dr. Robert Chun, Department of Computer Science Date Ms. Sunitha Thummuri, Cisco Systems Date APPROVED FOR THE UNIVERSITY Associate Dean Office of Graduate Studies and Research Date iii ABSTRACT INTRUSION DETECTION AND PREVENTION SYSTEM: CGI ATTACKS by Tejinder Aulakh Over the past decade, the popularity of the Internet has been on the rise. The Internet is being used by its clients to access both static and dynamic data residing on remote servers. In the client-server interaction, the client asks the server to provide information, and, in addition, the server may also request that clients provide information such as in “web forms.” Therefore, the Internet is being used for many different purposes which also include the web servers collecting the information from the clients. Consequently, attacks on the web servers have been increasing over the years. Due to the fact that web servers are now...
Words: 7097 - Pages: 29
...Hardening Windows Server 2008 is important because it improves the security of computer systems. The process of enhancing server security will effectively minimize various vulnerabilities and threats. Implementing hardening methods prior to using the server in normal operations will minimize malicious attacks and the chance of compromise. The Microsoft Baseline Security Analyzer (MBSA) is a tool that will provide an assessment of the Windows Server 2008 security configuration. It will scan for Windows administrative vulnerabilities, weak passwords, Internet Information Server (IIS) administrative vulnerabilities, and Structured Query Language (SQL) administrative vulnerabilities. A detailed report of the findings will be generated in the order...
Words: 481 - Pages: 2
...Web Services Version 1.00 A project submitted to the Faculty of Graduate School, University of Colorado at Colorado Springs in Partial Fulfillment of the Requirements for the Degree of Master of Engineering in Software Engineering Department of Computer Science Prepared by Hakan Evecek CS701 Dr. Chow Spring 2007 This project for the Masters of Engineering in Software Engineer degree by Hakan Evecek has been approved for the Department of Computer Science By _______________________________________________________ Dr. C. Edward Chow, Chair _______________________________________________________ Dr. Richard Weiner _______________________________________________________ Dr. Xiaobo Zhou Date Table of Contents Online E-Voting System Project Documentation 4 Abstract 6 1. Introduction 7 2. E-Voting System Related Literature 9 2.1. Public Key Cryptography 9 2.2. Homomorphic Encryption 10 2.3. Zero Knowledge Proofs 10 2.4. Threshold Cryptography 10 2.5. Cryptographic Voting Protocol 11 2.6. Issues in secure e-voting system 12 2.7. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) 13 2.8. Chinese Remainder Theorem (CRT) 14 3. Online E-Voting System Project Description 17 3.1. Paillier Threshold Crytosystem Web Services Architecture and Design 17 4. Online E-Voting Prototype System 22 4.1....
Words: 7163 - Pages: 29
...1. Introduction As the computers become an integral part of our business the information secure with softcopy. We share the relevant data amongst the users of system, but kept the confidential and proprietary data with protection. Today most of the computer users use the Internet. Everyone has secrets; some have more than others do. When it becomes necessary to transmit those secrets from one point to another, it is important to protect the information while it is in transit. In Internet user can access without the central control of a single computer system. The need to secure an application is essential for use in today’s world. With the explosive growth in online applications such as e-commerce, e-government and remote access, companies...
Words: 958 - Pages: 4
...Database administration is a set of activities performed by a database administrator to ensure that a database is available when needed. It’s an important process in any organization that is dependent on one or more databases. An advantage of a data administration department because it defines the process used to manage and maintain data in an organization. An advantage of having a database administration department is that it ensures maximum up time for a database so when needed its available providing periodic troubleshooting and monitoring. Metadata describes the process of a particular set of data being collected and how it is formatted. It’s for understanding information stored in data warehouses and how it become increasingly important in XML and web applications. A data dictionary is a collection of descriptions of data objects in a data model for...
Words: 466 - Pages: 2
...When it comes to productivity software, Microsoft Office is by far the most popular choice. Among its components, Word (for word processing) and Excel (for spreadsheets) are the de facto tools in the corporate world. However, in recent years, other office suites have emerged or re-emerged to challenge its dominance. Chief among these competitors is OpenOffice, which is a product of Sun Microsystems, a multibillion-dollar company that makes computers, software, and Java The Price Tag • The element that most clearly separates the two suites is that Open Office is free. You can download it directly from Sun, order it on a CD or obtain it from a peer-to-peer network such as Bit Torrent. If you have a Linux operating system such as Ubuntu or Fedora, you can download it using their software package managers (which will also keep Open Office up to date for you). Meanwhile, MS Office must be purchased on a CD or DVD, although you can buy it pre-installed when you buy a computer from a company like Dell or HP. Differing Components • OpenOffice has a set group of components, while MS Office has several versions, with the least expensive version including a word processor, spreadsheet software, presentation software and note-taking software. OpenOffice includes Writer (the word processor), Calc (for spreadsheets), Impress (for presentations), Draw (for creating images) and Base (for managing databases). OpenOffice does not include an email client or desktop publishing software. Users...
Words: 506 - Pages: 3
