Tech Dose of the Day VLAN, Folksonomy, Blu-ray Disc, Phishing, DYA (Dynamic Architecture), Semantic Web, LAMP, etc.
Contributed by M&E (Media & Entertainment Delivery) Group (MphasiS Software Services) VLAN What is VLAN? A Virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the same wire, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same LAN segment. Network reconfiguration can be done through software instead of physically relocating devices. Why are VLANs required? In a legacy network, users were assigned to networks based on geography and were limited by physical topologies and distances. By using VLAN, one can logically group networks and is no longer restricted by physical distance. This includes high-speed technologies such as: Asynchronous Transfer Mode (ATM), Fiber Distributed Data Interface (FDDI), Fast Ethernet, Gigabit Ethernet and 10-Gigabit Ethernet. By using VLAN, one can control traffic patterns and react quickly to relocations. VLANs provide the flexibility to adapt to changes in network requirements and allow for simplified administration. Additionally, VLANs provide an increased security measure and the ability to limit broadcasts. The protocol used in configuring virtual LANs is IEEE 802.1Q. Virtual LANs operate at Layer 2 (the data link layer) of the OSI model. VTP (VLAN Trunking Protocol) maintains VLAN configuration consistency across the entire network. VTP uses Layer 2 trunk frames to manage the addition, deletion, and renaming of VLANs on a network-wide basis from a centralized switch in the VTP server mode. VTP is responsible for synchronizing VLAN information within a VTP domain and reduces the need to configure the same VLAN information on each switch. VTP minimizes the possible configuration inconsistencies that arise when changes are made. These inconsistencies can result in security violations, because VLANs can crossconnect when duplicate names are used. They also could become internally disconnected when they are mapped from one LAN type to another, for example, Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping scheme that enables seamless trunking within a network employing mixed-media technologies. VTP provides the following benefits: VLAN configuration consistency across the network, Mapping scheme that allows a VLAN to be trunked over mixed media, Accurate tracking and monitoring of VLANs, Dynamic reporting of added VLANs across the network and Plug-and-play configuration when adding new VLANs. Further References Wikipedia - http://en.wikipedia.org/wiki/Virtual_LAN VLAN FAQ - http://www.cisco.com/application/pdf/en/us/guest/netsol/ns75/c685/ccmigration_09186a0080259047.pdf Some more info - http://www.techtutorials.info/vlan.html Folksonomy What is Folksonomy? Folksonomy is also known as collaborative tagging, social classification, social indexing and social tagging. Folksonomy is the practice and method of collaboratively creating and managing tags to annotate and categorize content. A folksonomy is a user-generated taxonomy used to categorize and retrieve web content such as web resources, online photographs and web links, using open-ended labels called tags. A folksonomy is most notably contrasted from a taxonomy in that the authors of the labeling system are often the main users (and sometimes originators) of the content to which the labels are applied. The labels are commonly known as tags and the labeling process is called tagging. Tags help to improve search engine effectiveness because content is categorized using a familiar, accessible, and shared vocabulary. Folksonomy allows users to tag their favorite web resources with their chosen words or phrases selected from natural language. These tags (also called concepts, categories, facets or entities) can be used to classify web resources and to express users' preferences. Folksonomy is a classification of the users, by the users and for the users. The most popular, widely used folksonomy-based systems are: 1. Del.icio.us: www.del.icio.us 2. CiteULike: www.citeulike.org 3. Connotea: www.connotea.org 4. Flickr: www.flickr.com Folksonomies became popular on the Web around 2004 with social software applications such as social bookmarking or annotating photographs. Websites that support tagging and the principle of folksonomy are referred to in the context of Web 2.0 because participation is very easy and tagging data is used in new ways to find information. For example, tag clouds are frequently used to visualize the most used tags of a folksonomy. The term folksonomy is also used to denote only the set of tags that are created in social tagging. Typically, folksonomies are Internet-based, although they are also used in other contexts. Folksonomic tagging is intended to make a body of information increasingly easy to search, discover, and navigate over time. A well-developed folksonomy is ideally accessible as a shared vocabulary that is both originated by, and familiar to, its primary users. Folksonomies arise in Web-based communities where provisions are made at the site level for creating and using tags. These communities are established to enable Web users to label and share user-generated content, such as photographs, or to collaboratively label existing content, such as Web sites, books, works in the scientific and scholarly literatures, and blog entries. What are its problems? Four main problems of folksonomy tagging are plurals, polysemy, synonymy, and depth (specificity) of tagging. Plurals: Plurals and parts of speech and spelling can undermine a tagging system. For example, if tags Cat and Cats are distinct, then a query for one will not retrieve both, unless the intelligent search system has the capability to perform such replacements built into it. Polysemy: Polysemy refers to a word that has two or more similar meanings. "Poly" means 'many', and "semy" means 'meanings'. Synonymy: Synonymy, different words with similar or identical meanings, presents a greater problem for tagging systems because inconsistency among the terms used in tagging can make it very difficult for a searcher to be sure that all the relevant items have been found. Depth (specificity) of tagging: Specificity means how specific should the user (classifier) be in translating a concept into tag(s)? Web resources can be tagged to varying levels of specificity, from very broad subjects taken only from the title and abstract to the paragraph level. The depth of tags refers to how many tags there are, relative to a web resource in the system. Further References Wikipedia : http://en.wikipedia.org/wiki/Folksonomy Folksonomies - Tidying up tags : http://www.dlib.org/dlib/january06/guy/01guy.html http://www.webology.ir/2007/v4n2/editorial12.html Blu-ray Disc What is Blu-ray Disc? Blu-ray, also known as Blu-ray Disc (BD), is the name of a next-generation optical disc format jointly developed by the Blu-ray Disc Association (BDA), a group of the world's leading consumer electronics, personal computer and media manufacturers (including Apple, Dell, Hitachi, HP, JVC, LG, Mitsubishi, Panasonic, Pioneer, Philips, Samsung, Sharp, Sony, TDK and Thomson). The format was developed to enable recording, rewriting and playback of high-definition video (HD), as well as storing large amounts of data. The format offers more than five times the storage capacity of traditional DVDs and can hold up to 25GB on a single-layer disc and 50GB on a dual-layer disc. This extra capacity combined with the use of advanced video and audio codecs will offer consumers an unprecedented HD experience. While current optical disc technologies such as DVD, DVD±R, DVD±RW, and DVD-RAM rely on a red laser to read and write data, the new format uses a blue-violet laser instead, hence the name Blu-ray. Despite the different type of lasers used, Blu-ray products can easily be made backwards compatible with CDs and DVDs through the use of a BD/DVD/CD compatible optical pickup unit. The benefit of using a blue-violet laser (405nm) is that it has a shorter wavelength than a red laser (650nm), which makes it possible to focus the laser spot with even greater precision. This allows data to be packed more tightly and stored in less space, so it's possible to fit more data on the disc even though it's the same size as a CD/DVD. This together with the change of numerical aperture to 0.85 is what enables Blu-ray Discs to hold 25GB/50GB. Blu-ray is currently supported by more than 180 of the world's leading consumer electronics, personal computer, recording media, video game and music companies. The format also has broad support from the major movie studios as a successor to today's DVD format. In fact, seven of the eight major movie studios (Disney, Fox, Warner, Paramount, Sony, Lionsgate and MGM) have released movies in the Blu-ray format and five of them (Disney, Fox, Sony, Lionsgate and MGM) are releasing their movies exclusively in the Blu-ray format. Many studios have also announced that they will begin releasing new feature films on Blu-ray Disc day-and-date with DVD, as well as a continuous slate of catalog titles every month. What is its usefulness, advantages and disadvantages? Blu-ray Disc is a high-density optical disc format for the storage of digital information, including high-definition video. A single-layer Blu-ray disc, which is roughly the same size as a DVD, can hold up to 27 GB of data -- that's more than two hours of high-definition video or about 13 hours of standard video. A double-layer Blu-ray disc can store up to 50 GB, enough to hold about 4.5 hours of high-definition video or more than 20 hours of standard video. And there are even plans in the works to develop a disc with twice that amount of storage double-layer Blu-ray disc can store up to 50 GB, enough to hold about 4.5 hours of high-definition video or more than 20 hours of standard video. And there are even plans in the works to develop a disc with twice that amount of storage. Blu-ray is currently supported by more than 180 of the world's leading consumer electronics, personal computer, recording media, video game and music companies. One of the benefits of Blu-Ray technology is that because data is so close together, early types of Blu-Ray discs would be contaminated by slight scratches. However, a new coating has been developed that makes Blu-Ray discs extremely difficult to scratch. Some of the Advantages of Blu-ray Disc over HD-DVD :- The first is capacity. Because Blu-ray utilizes a lens with a greater numerical aperture (NA) than HD-DVD, the laser spot can be focused with greater precision to fit more data on the same size disc. This allows Blu-ray to hold 25GB per layer (50GB on a dual-layer disc), whereas HD-DVD can only hold 15GB per layer (30GB on a dual-layer disc). Blu-ray has also adopted a higher data transfer rate for video and audio (54Mbps vs 36.55Mbps). The greater capacity and data transfer rates for Blu-ray will allow the movie studios to release their movies with higher quality video and audio than the HD-DVD format. The second is content. The Blu-ray format has received broad support from the major movie studios as a successor to today's DVD format. Seven of the eight major movie studios (Warner, Paramount, Fox, Disney, Sony, MGM and Lionsgate) have released titles for Blu-ray, whereas HD-DVD only has support from three major movie studios (Warner, Paramount and Universal). This is an important difference because some of the studios might only support one of the formats, so you won't be able to get your favourite movies in the other format. Choosing the format with the most content support minimizes this risk. The third is hardware support. The Blu-ray format has broad support from the world's leading consumer electronics, personal computer and media manufacturers, including Sony, Panasonic, Philips, Samsung, Pioneer, Sharp, JVC, Hitachi, Mitsubishi, TDK, Thomson, LG, Apple, HP and Dell. The Blu-ray format will also be supported in the next-generation PlayStation 3 (PS3) video game console. This means that you will have a lot of choice when it comes to players and hardware. The HD-DVD format has far fewer supporters, so the amount of players and hardware will be very limited. Some of the Disadvantages :- The disadvantages to Blu-Ray discs are that they are quite expensive. For instance, players are selling at about the $1,000 mark and DVD discs will be more expensive than their standard DVD counterparts. Another disadvantage is that since there are two standards, both Blu-Ray and HD, most people are sitting on the sidelines to see who the winner is. Because Blu-Ray has been developed in part with Sony, Sony has included DRM or digital rights management that will make it more difficult for people to place shift and time shift their content. Further References http://en.wikipedia.org/wiki/Blu-ray_Disc http://www.blu-ray.com/faq/#bluray_vs_hddvd Phishing What is Phishing? Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used. Phishing is an example of social engineering techniques used to fool users. Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crime ware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Phishing techniques: Link manipulation Most methods of phishing use some form of technical deception designed to make a link in an email (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of sub domains are common tricks used by phishers, such as this example URL, http://www.yourbank.com.example.com/ .. Another common trick is to make the anchor text for a link appear to be valid, when the link actually goes to the phishers' site. An old method of spoofing used links containing the '@' symbol, originally intended as a way to include a username and password (contrary to the standard). For example, the link http://[EMAIL PROTECTED]/ might deceive a casual observer into believing that it will open a page on www.google.com whereas it actually directs the browser to a page on members.tripod.com, using a username of www.google.com the page opens normally, regardless of the username supplied. Such URLs were disabled in Internet Explorer, while the Mozilla and Opera web browsers opted to present a warning message and give the option of continuing to the site or cancelling. A further problem with URLs has been found in the handling of Internationalized Domain Names (IDN) in web browsers, that might allow visually identical web addresses to lead to different, possibly malicious, websites. Despite the publicity surrounding the flaw, known as IDN spoofing or a homograph attack, no known phishing attacks have yet taken advantage of it. Phishers have taken advantage of a similar risk, using open URL redirectors on the websites of trusted organizations to disguise malicious URLs with a trusted domain. Filter evasion Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing emails. Website forgery: Once the victim visits the website the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL. An attacker can even use flaws in a trusted website's own scripts against the victim. These types of attacks (known as cross-site scripting) are particularly problematic, because they direct the user to sign in at their bank or service's own web page, where everything from the web address to the security certificates appears correct. In reality, the link to the website is crafted to carry out the attack, although it is very difficult to spot without specialist knowledge. Just such a flaw was used in 2006 against PayPal. A Universal Man-in-the-middle Phishing Kit, discovered by RSA Security, provides a simple-to-use interface that allows a phisher to convincingly reproduce websites and capture log-in details entered at the fake site. Phone phishing: Not all phishing attacks require a fake website. Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number (owned by the phisher, and provided by a Voice over IP service) was dialed, prompts told users to enter their account numbers and PIN. Voice phishing sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization. Phishing examples: PayPal phishing example An example of a phishing email targeted at PayPal users.In an example PayPal phish (right), spelling mistakes in the email and the presence of an IP address in the link (visible in the tooltip under the yellow box) are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. How can this be prevented? Anti-phishing: There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing. Social responses: One strategy for combating phishing is to train people to recognize phishing attempts, and to deal with them. Education can be promising, especially where training provides direct feedback. Technical responses: Anti-phishing measures have been implemented as features embedded in browsers, as extensions or toolbars for browsers, and as part of website login procedures. The following are some of the main approaches to the problem. Helping to identify legitimate sites Since phishing is based on impersonation, preventing it depends on some reliable way to determine a website's real identity. For example, some anti-phishing toolbars display the domain name for the visited website. Browsers alerting users to fraudulent websites. Another popular approach to fighting phishing is to maintain a list of known phishing sites and to check websites against the list. Augmenting password logins: The Bank of America's website is one of several that ask users to select a personal image, and display this user-selected image with any forms that request a password. Eliminating phishing mail: Spam filters can reduce the number of phishing emails that reach their addressees' inboxes. Monitoring and takedown: Several companies offer banks and other organizations likely to suffer from phishing scams round-the-clock services to monitor, analyze and assist in shutting down phishing websites. Further References Wikipedia - http://en.wikipedia.org/wiki/Phishing Phishing FAQ - http://websearch.about.com/od/dailywebsearchtips/qt/dnt0810.htm http://www.phishtank.com/what_is_phishing.php?view=website http://www.antiphishing.org/ DYA (Dynamic Architecture) What is Dynamic Architecture? Three principles namely - Architecture facilitates change processes (Architecture is not a goal in itself, but should support the objectives of the business) Just-enough and just-intime architecture (Architecture can be developed incrementally) and Permissible deviations from the architecture (Non-compliance to the architecture is justifiable in certain circumstances) are the basis of the DYA concept, where DYA is an acronym for DYnamic Architecture. What is its usefulness? Developing architecture is a facilitating process which never stops, and as such is comparable with strategy and human resource policy. Moreover, it must not be an autonomous process with a set delivery date, and we have to forget architecture as a product which will be complete at a certain moment. Architecture development must be embedded in the organizational change processes and the real deliverable of architecture will then be not the final document, but the increased adaptability and flexibility of the organizational change processes. Architecture and business change processes will have a common goal, and the benefits of architecture will be greater if the context, purpose and use of the architecture are made obvious to everyone from the onset. In a nutshell, no more architecture for architecture's sake. It is quite feasible to develop enterprise architecture incrementally. There is no real necessity to produce a complete document in one go. Architecture consists of several levels, consisting of general principles, more specific rules and guidelines, and finally detailed models. Architecture can also influence several domains, for example: processes, organizational structure, information, applications and technical infrastructure. Using this multi-tiered approach, it becomes possible to assign priorities to the architecture development effort: developing those aspects which the organization really needs as a first priority, and the other aspects at a later date or perhaps developing them in a rough outline. Architecture development synchronized with organizational development. This is what we call the 'just-enough, just-in-time' principle, or 'need-driven architecture development'. The third principle of DYA architecture is the understanding that there may be occasions in which non-compliance to the architecture is justified. The architect's horizon is not only the needs and wants of today, but also those of the (near) future. He must also consider developments elsewhere in the organization. Sometimes the time available to produce a result is so short, that all that matters is 'here and now'. A solution is needed immediately, and the business accepts that it is a dispensable solution with a life span of 4 months. These situations have occurred in the past and will continue to occur in the future. Diverging from the architecture does not constitute a mortal sin. Architects should acknowledge that these deviations can occur and should be able to provide answers to this type of situation. The answer can be found in a mechanism to manage and control the deviations from the architecture and to minimize the negative consequences. This can be done by defining two separate development scenarios which can be used by a project: one within the architectural framework and one outside the architectural framework. In the latter case, the project plan should include measures for migrating to the architectural framework at a later stage. The DYA_ concept is built around a model which will facilitate organisations in designing and improving their architectural processes. The model contains four main processes which should be implemented in order to derive the full benefit of enterprise architecture: Strategic Dialogue, in which business objectives are established and elaborated as business cases; Development with Architecture, in which structural solutions are implemented; Development without Architecture, in which the throw-away solutions are implemented; Architectural Services, supporting the other three processes with principles, guidelines and models. Using the DYA_ model as a guideline and the DYA_ instruments to assist implementation, organisations are finally able to make their enterprise architecture work. Further References http://eng.dya.info/Home/ http://eng.dya.info/Home/dya/publications/index.jsp http://eng.dya.info/Images/Presentation%20IT%20Architecture%20Practitioners%20Conference%20Open%20Group%20Dublin-April%20%2026-2005_tcm14-23275.pdf (how to make DYA enterprise architecture work?) http://eng.dya.info/Images/Paper%20Dynamic%20Architecture%20March%202005_tcm14-23154.pdf (DYA towards a new perception of architecture) http://eng.dya.info/Images/Presentation%20Just%20enough%20just%20in%20time%20EA%20Conference%20Sogeti_tcm14-23276.pdf (Just Enough, Just Intime architecture) Semantic Web What is Semantic Web? The Semantic Web is an evolving extension of the World Wide Web in which web content can be expressed not only in natural language, but also in a format that can be read and used by software agents, thus permitting them to find, share and integrate information more easily. The Semantic Web is a mesh of information linked up in such a way as to be easily processable by machines, on a global scale. You can think of it as being an efficient way of representing data on the World Wide Web, or as a globally linked database. The Semantic Web is not about links between web pages. The Semantic Web describes the relationships between things (like A is a part of B and Y is a member of Z) and the properties of things (like size, weight, age, and price) The Semantic Web was thought up by Tim Berners-Lee, W3C director, inventor of the WWW, URIs, HTTP, and HTML. It derives from his vision of the Web as a universal medium for data, information, and knowledge exchange. The Semantic Web is about two things. It is about common formats for integration and combination of data drawn from diverse sources, where on the original Web mainly concentrated on the interchange of documents. It is also about language for recording how the data relates to real world objects. That allows a person, or a machine, to start off in one database, and then move through an unending set of databases which are connected not by wires but by being about the same thing. The main power of Semantic Web languages is that any one can create one, simply by publishing some RDF that describes a set of URIs, what they do, and how they should be used. Because we use URIs for each of the terms in our languages, we can publish the languages easily without fear that they might get misinterpreted or stolen, and with the knowledge that anyone in the world that has a generic RDF processor can use them. What is its usefulness? If information about music, cars, and tickets (and everything else) were stored in RDF files, intelligent web applications could collect information from many different sources, combine information, and present it to users in a meaningful way. Information like this: Car prices from different resellers Information about medicines Plane schedules Spare parts for the industry Information about books (price, pages, editor, year) Who is who Dates of events Computer updates Further References W3C Semantic Web Activity: http://www.w3.org/2001/sw/ Semantic Web : http://www.w3schools.com/semweb/default.asp The Semantic Web: An Introduction : http://infomesh.net/2001/swintro/ LAMP What is LAMP? LAMP refers to a set of tools (LINUX operating system, Apache Web server, MySql database and PHP programming language), that allow for rapid deployment and development of software applications. LAMP can be briefly defined as the open source web platform. Perl/Python are other languages used in place of PHP and called LAMP system as well. Linux- Is a free Unix-type operating system. Linux's functionality, adaptability and robustness, has made it the main alternative for proprietary UNIX and Microsoft operating systems. Linux has been adopted worldwide primarily as a server platform and can run on most common hardware platforms. The core of the system is the LINUX kernel which distinguishes itself from others. Apache- Apache HTTP Server is aimed at creating a robust, commercial-grade, featured, and freely-available source code implementation of an HTTP (Web) server. Features include compiled modules such as SSL support (mod_SSL), URL rewriter (mod_rewrite) etc. With the release of Apache 2.0 apache has become a robust well documented multi-threaded web server. MySql - It is multithreaded, multi-user RDBMS. The combination of MySQL's rock solid stability, high performance, low overhead and ease of use make it an ideal choice for online application. MySQL's pluggable storage engines make it easy to get the fastest performance. PHP - Known as HyperText Preprocessor, PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. PHP was written as a set of CGI binaries in the C programming language. It also has improved support for Object-Oriented programming, integrated SOAP support, etc. PHP includes a large number of free and open source libraries with the core build. What are its advantages/disadvantages? Advantages - With no or less licensing costs and using available open source libraries brings down the cost of development considerably. Very tight integration between PHP and Apache, for instance, eliminates the need for application server software and in many instances eliminates an entire physical server tier. Scalability in handling large amount of load and Flexibility during scale up. Disadvantages - Non-availability of skilled resources in LAMP. Less support for the application need to depend on the community or individual developers for solutions or patches for customization. Further References Wikipedia - http://en.wikipedia.org/wiki/LAMP_software_bundle Apache - http://httpd.apache.org MySql http://www.mysql.com PHP - http://www.php.net Unlimited freedom, unlimited storage. Get it now, on http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/ To unsubscribe send a message to [EMAIL PROTECTED] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
