SY BMS SEM III – Information Technology in Business Management

Chapter 4 – E-Security Systems

Internet is always prone to various threats which makes day to day like difficult for
businesses & individuals. It’s a never-ending fight.
Types of Threats –
1. Viruses – A computer virus is a small piece of software that can spread from one infected
computer to another. The virus could corrupt, steal, or delete data on your computer—
even erasing everything on your hard drive. A virus could also use other programs like
your email program to spread itself to other computers.
Disadvantages –
i. It slowdowns the computer.
ii. It may damage computer software & hardware.
iii. It may steal important and sensitive data.
iv. It may use computer for cyber-crime without knowledge of the owner of it.
v. It can install unwanted malicious software on computer.
vi. It can further infect all computers connected to it in network or via email.
Solutions –
i. Start the computer in safe mode and run an anti-virus scan of entire computer.
ii. Refer to computer software supplier’s customer support team to see if they offer
any tools or resources to extract the virus from your computer.
iii. Be sure to delete all of temporary files in safe mode.
iv. Use Malware software to scan for additional threats to your computer and security.
v. Install “Firewall” (Hardware and / or Software) for preventive protection.

2. Worms – A computer worm is a software program that can copy itself from one computer
to another, without human interaction. Worms can replicate in great volume and with
great speed. For example, a worm can send copies of itself to every contact in your email
address book and then send itself to all the contacts in your contacts’ address books.
Because of their speed of infection, worms often gain notoriety overnight infecting
computers across the globe as quickly as victims around the world switch them on and
open their email.
Disadvantages –
i. Worms causes a tremendous amount of damage by shutting down parts of the
Internet.
 ii. It creates havoc on an internal network and costing companies enormous amounts
of lost revenue.
Solutions –
i. Check that all antivirus signatures are up-to-date.
ii. Scan the computer with antivirus software.
iii. If the scan detects a computer worm or other malware, use the software to remove
malware and clean or delete infected files. A scan that detects no malware is
usually indicative that symptoms are being caused by hardware or software
problems.
iv. Check that the computer’s operating system is up-to-date and all software and
applications have current patches installed.

3. Trojan horse – Users can infect their computers with Trojan horse software simply by
downloading an application they thought was legitimate but was in fact malicious. Once
inside your computer, a Trojan horse can do anything from record your passwords by
logging keystrokes (known as a keystroke logger) to hijacking your webcam to watch and
record your every move.

Disadvantages –
Trojan can -
i. Delete your files.
ii. Use your computer to hack other computers.
iii. Watch you through your web cam.
iv. Log your keystrokes (such as a credit card number you entered in an online
purchase).
v. Record usernames, passwords and other personal information.
Solutions –
i. Install anti-malware software & scan computer in safe-mode.
ii. Uninstall any unfamiliar programs.
iii. Firewall also can be install for better protection.

4. Spam – Spam in the security context is primarily used to describe email spam —
unwanted messages in your email inbox. Spam, or electronic junk mail, is a nuisance as it
can clutter your mailbox as well as potentially take up space on your mail server.
Unwanted junk mail advertising items you don’t care for is harmless, relatively speaking.
However, spam messages can contain links that when clicked on could go to a website
that installs malicious software onto your computer.
 Disadvantages –
i. Spam can infect the computer with malicious attachments.
ii. It can create backdoor entry for viruses.
iii. It can use valuable high-speed data.
iv. It can help in web-jacking and other frauds.
Solutions –
i. Never give email ID to any unknown person / websites.
ii. Reject / delete mails from unknown persons / organisations / senders.
iii. Never click on any attachment from unknown senders.
iv. Use spam filter facility provided by email service providers.

5. IP Spoofing – A website or email address that is created to look like it comes from a
legitimate source. An email address may even include your own name, or the name of
someone you know, making it difficult to discern whether or not the sender is real. It
sends spam using your email address, or a variation of your email address, to your
contact list. it also recreates duplicate websites that closely resemble the authentic site.
This is used for financial frauds.

Disadvantages –
i. IP spoofing can lead to all problems like spread of virus, web-jacking, financial
frauds, data theft etc.

Solutions –
i. Disable commands like ping in computer
ii. Use encryption for communication
iii. Strengthen TCP/IP protocol
iv. Use of Firewall
v. IP trace back to confirm IP address

6. Phishing: Phishing scams are fraudulent attempts by cybercriminals to obtain private

information. Phishing scams often appear in the guise of email messages designed to
appear as though they are from legitimate sources. For example, the message would try
to lure you into giving your personal information by pretending that your bank or email
service provider is updating its website and that you must click on the link in the email to
verify your account information and password details.

Disadvantages –
i. It leads to financial frauds as password & other sensitive financial details are
leaked to fraudsters.

Solutions –
i. Never open emails from unknown senders.
 ii. Never click on links given in email to access your bank accounts, if it seems
serious matter, close email and log on to bank website separately and check
issue directly on bank website only.
iii. Beware of “Lottery / Fund winning” intimation emails.

7. Hacking - Hacking is a term used to describe actions taken by someone to gain

unauthorized access to a computer. The availability of information online on the tools,
techniques, and malware makes it easier for even non-technical people to undertake
malicious activities. It is the process by which cyber criminals gain access to your
computer. It can find weaknesses (or pre-existing bugs) in your security settings and
exploit them in order to access your information. Install a Trojan horse, providing a back
door for hackers to enter and search for your information.

Disadvantages –
Hacking can lead to-
i. Massive security breach.
ii. Unauthorized system access on private information.
iii. Hampering system operation.
iv. Denial of service attacks.
v. Malicious attack on the system.

Solutions –
i. Passwords used for login / authentication should be very tough.
ii. Passwords should be changed at very short intervals (like every week).
iii. There should be multi-level authentication.
iv. Maintain secrecy of passwords, do not let anybody know it.
v. Avoid using authentication mechanism from public or unknown computers.
vi. Install Firewall (Hardware & Software).

8. Cyberterrorism – The politically motivated use of computers and information technology

to cause severe disruption or widespread fear. Cyberterrorist attack is designed to cause
physical violence or extreme financial harm. According to the U.S. Commission of Critical
Infrastructure Protection, possible cyberterrorist targets include the banking industry,
military installations, power plants, air traffic control centers, and water systems.

9. Salami Attack – A salami attack is when small attacks add up to one major attack that can
go undetected due to the nature of this type of cyber-crime. It also known as salami
slicing/penny shaving where the attacker uses an online database to seize the information
of customers, that is bank/credit card details, deducting small amounts from every account
over a period of time. These amounts naturally add up to large sums of money that is
unnoticeably taken from the collective accounts. Most people do not report the deduction,
often letting it go because of the mini amount involved. This could be a fraction of a cent,
so as to avoid suspicion from the unsuspecting customer.
10. Spyware & Adware – Spyware and adware are often used by third parties to infiltrate your
computer. Spyware is the software that collects personal information about you without you
knowing. They often come in the form of a ‘free' download and are installed automatically
with or without your consent. These are difficult to remove and can infect your computer
with viruses. Adware keeps bombarding computer with tons of advertisement thus
consuming data and it also covers malicious infections to the computer. It can collect
information about you without you knowing about it and give it to third parties. It sends your
usernames, passwords, surfing habits, list of applications you've downloaded, settings, and
even the version of your operating system to third parties. It changes the way your computer
runs without your knowledge.

11. Web-jacking - This term is derived from the term hi jacking. In these kinds of offences, the
hacker gains access and control over the web site of another. He may even change the
information on the site. This may be done for fulfilling political objectives or for money. E.g.
recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani
hackers and some obscene matter was placed therein. Further the site of Bombay crime
branch was also web jacked.

12. Physical Threats - A physical threat is a potential cause of an incident that may result in loss or
physical damage to the computer systems. The following list classifies the physical threats into
three (3) main categories;
i. Internal: The threats include fire, unstable power supply, humidity in the rooms
housing the hardware, etc.
ii. External: These threats include Lightning, Floods, Earthquakes, etc.
iii. Human: These threats include data theft, vandalism of the infrastructure and/or
hardware, disruption, accidental or intentional errors.

Cyber Threat Management –

Cyber threat management is a combination of advanced threat research tactics and proactive
internal policies. Threat management programs are available for users of any scale, from an
entire corporate network or a single PC.
Following Security Tools can be used for cyber security-
1. Firewalls (Software and Hardware)
2. Encryption & Decryption (Data coding / decoding)
3. PKI (Public Key Infrastructure)
4. Digital Certificates & Signature
5. Biometrics Access systems (Thumb, Eyes, Palm Scanning)
6. Passwords – Text, Audio, Video (Face Scanning), Combinational Multiple Passwords
IT Risk –
IT risk is the business risk associated with the use, ownership, operation, involvement,
influence and adoption of IT within an enterprise or organization.
Organisations needs to protect-
1) Network & Devices from external attacks.
2) Data & Information.
3) User ID & Passwords and personal profiles.
4) Network information like IP Address, domain details etc.
IT Risk Management –
IT risk management is the application of the principles of risk management to an IT
organization in order to manage the risks associated with the field. IT risk management aims
to manage the risks that come with the ownership, involvement, operation, influence, adoption
and use of IT as part of a larger enterprise.
IT Risk = The asset value X The system's vulnerability to that risk X The threat it poses
for the organization.

IT Risk Mitigation –
IT risks are managed according to the following steps:
1. Assessment: Each risk is discovered and assessed for severity
2. Mitigation: Countermeasures are put in place to reduce the impact of particular risks
 3. Evaluation and Assessment: At the end of a project, the effectiveness of any
countermeasures (along with their cost-effectiveness) is evaluated. Based on the
results, actions will be taken to improve, change or keep up with the current plans.

Process of IT Risk Management

Information System (IS) Security –

Information systems security, more commonly referred to as INFOSEC, refers to the processes
and methodologies involved with keeping information confidential, available, and assuring its
integrity. It also refers to: Access controls, which prevent unauthorized personnel from entering
or accessing a system.
It deals with-
1) Security Program
The first action of a management program to implement information security is to
have a security program in place. Start with understanding where OS passwords are
stored within the code inside a file within a directory. Operating Systems should be
understood before even beginning to implement security program management and
objectives.
Security Program Objectives
i. Protect the company and its assets.
ii. Manage Risks by Identifying assets, discovering threats and estimating the
risk
iii. Provide direction for security activities by framing of information security
policies, procedures, standards, guidelines and baselines
 iv. Information Classification
v. Security Organization and
vi. Security Education

2) Security Controls
Security Controls can be classified into three categories
Administrative Controls which include
 Developing and publishing of policies, standards, procedures, and guidelines.
 Screening of personnel.
 Conducting security-awareness training and
 Implementing change control procedures.
Technical or Logical Controls which include
 Implementing and maintaining access control mechanisms.
 Password and resource management.
 Identification and authentication methods
 Security devices and
 Configuration of the infrastructure.
Physical Controls which include
 Controlling individual access into the facility and different departments
 Locking systems and removing unnecessary floppy or CD-ROM drives
 Protecting the perimeter of the facility
 Monitoring for intrusion and
 Environmental controls.
3) The Elements of Security –
Vulnerability
 It is a software, hardware, or procedural weakness that may provide an attacker
the open door he is looking for to enter a computer or network and have
unauthorized access to resources within the environment.
 Vulnerability characterizes the absence or weakness of a safeguard that could
be exploited.
 E.g.: a service running on a server, unpatched applications or operating system
software, unrestricted modem dial-in access, an open port on a firewall, lack of
physical security etc.
Threat
 Any potential danger to information or systems.
 A threat is a possibility that someone (person, s/w) would identify and exploit the
vulnerability.
 The entity that takes advantage of vulnerability is referred to as a threat agent.
E.g.: A threat agent could be an intruder accessing the network through a port
on the firewall
Risk
 Risk is the likelihood of a threat agent taking advantage of vulnerability and the
corresponding business impact.
 Reducing vulnerability and/or threat reduces the risk.
 E.g.: If a firewall has several ports open, there is a higher likelihood that an
intruder will use one to access the network in an unauthorized method.
Exposure
 An exposure is an instance of being exposed to losses from a threat agent.
 Vulnerability exposes an organization to possible damages.
 E.g.: If password management is weak and password rules are not enforced, the
company is exposed to the possibility of having users' passwords captured and
used in an unauthorized manner.
Countermeasure or Safeguard
 It is an application or a s/w configuration or h/w or a procedure that mitigates the
risk.
 E.g.: strong password management, a security guard, access control
mechanisms within an operating system, the implementation of basic
input/output system (BIOS) passwords, and security-awareness training.
The Relation Between the Security Elements
 Example: If a company has antivirus software but does not keep the virus
signatures up-to-date, this is vulnerability. The company is vulnerable to virus
attacks.
 The threat is that a virus will show up in the environment and disrupt productivity.
 The likelihood of a virus showing up in the environment and causing damage is
the risk.
 If a virus infiltrates the company's environment, then vulnerability has been
exploited and the company is exposed to loss.
  The countermeasures in this situation are to update the signatures and install the
antivirus software on all computers

Security on the Internet (Internet Security) –

Internet security is a branch of computer security specifically related to the Internet, often
involving browser security but also network security on a more general level, as it applies to
other applications or operating systems as a whole. Its objective is to establish rules and
measures to use against attacks over the Internet. The Internet represents an insecure channel
for exchanging information leading to a high risk of intrusion or fraud, such as phishing, online
viruses, trojans, worms and more.
Various methods have been used to prevent online attacks and enhance internet security.
Among the newly emerging methods is high level tracking of incoming risks. Some of the cyber-
attacks arrive from sources already known to intelligence, e.g., from belligerent nations, dark
web servers, hackers, or arrive in conjunction with real terror threats.
Network Security –
 Network security consists of the policies and practices adopted to prevent and monitor
unauthorized access, misuse, modification, or denial of a computer network and
network-accessible resources.
 Network security involves the authorization of access to data in a network, which is
controlled by the network administrator.
 Users choose or are assigned an ID and password or other authenticating information
that allows them access to information and programs within their authority.
 Network security covers a variety of computer networks, both public and private, that
are used in everyday jobs; conducting transactions and communications among
businesses, government agencies and individuals.
Website Security –
 What are the different types of website security issues, risks and threats, and what
can make your business and website an attractive or susceptible target?
 Many small businesses feel they do not represent a worthwhile target to attackers.
 All online entities face a variety of security risks and threats that should be understood
and assessed.
Types of security threats -
Security threats develops as fast as the technology they seek to compromise.
While the techniques used to access data, and alter code vary greatly, a security breach
usually has one of the following four goals:
 Database access and the theft or corruption of personal or sensitive data
  Altering website code in order to change what users see
 Intercepting personal and sensitive data
 Denial of Service (DoS) attacks that render services unavailable
Website Hacking –
When technically expert person hacks a website, it may happen that-
1. The Hacker (attacker) gains access to the web server (the operating system or web
server application itself). This can be by guessing or stealing the various credentials
used by the server administrators (FTP, SSH, SQL, etc etc.)
2. The attacker manipulates the existing web page to make it do something unintended.
This could be via site vulnerabilities.
3. The web server is behaving normally, but the user(s) or administrators don't understand
what it is doing, and think it has been "hacked". It happens because hacker has gained
control over website administration.
4. All data gets stolen on that website.
Website Issues –
Websites get hacked because of three things:
 Access Control - Access control deals specifically to the process of authentication and
authorization. Here are a few points to think about when assessing access control:

o How do you log into your hosting panel?

o How do you log into your server?
o How do you log into your website?
o How do you log into your computer?
o How do you log into your social media forums?
 Software Vulnerabilities – A software vulnerability is a security flaw, glitch, or
weakness found in software or in an operating system (OS) that can lead to security
concerns. An example of a software flaw is a buffer overflow. 95% of website owners
are unable to address today’s software vulnerabilities; even everyday developers are
unable to account for the threats their own code introduces. Most of the people use
things as they are designed.
 Third-Party Integrations – Third-party integrations and services have become
commonplace in today’s website world, and are especially popular in the highly
extensible Content Management Systems (CMS) like WordPress, Joomla! and Drupal. The
problem with the exploitation of third-party integrations and services is that it is beyond
the website owner’s ability to control. It leads to threat to the security of website.
Security and Email –
Email security refers to the collective measures used to secure the access and content
of an email account or service. It allows an individual or organization to protect the
overall access to one or more email addresses/accounts.
An email service provider implements email security to secure subscriber email
accounts and data from hackers - at rest and in transit.
Email security is a broad term that encompasses multiple techniques used to secure an
email service. From an individual/end user standpoint, proactive email security
measures include:
 Strong passwords
 Password rotations
 Spam filters
 Desktop-based anti-virus/anti-spam applications
Similarly, a service provider ensures email security by using strong password and
access control mechanisms on an email server; encrypting and digitally signing email
messages when in the inbox or in transit to or from a subscriber email address. It also
implements firewall and software-based spam filtering applications to restrict
unsolicited, untrustworthy and malicious email messages from delivery to a user’s
inbox.
Need for Email security –
Email security is a priority for all businesses, with the growing threat of hackers, viruses
spam, phishing and identity theft, as well as the need to secure business information.
Email is one of the most preferred tool to spread viruses, malware, adware and various
other threats hence utmost care has to be taken to make email communication safe and
secure for the larger interest of the society.
E-Business Risk Management –
E-business is an electronic form of business conducted over the Internet. This business
model has increased in popularity as technology has advanced with smaller and better
forms of computer equipment. Many businesses started today conduct operations solely
via the Internet, and may never open a traditional brick and mortar storefront.
E-businesses face many different types of risks related to the security of their business
information and customer information. Computer viruses and hackers are constantly
trying to tap into online companies and steal customer identities and financial
information. These security risks force e-businesses to use software and encryption
 codes that limit an outsider’s ability to hack into their secure systems. It is very important
to safeguard E-business in order to keep digital economy strong.

Firewall –
A firewall is a network security system, either hardware- or software-based, that uses
rules to control incoming and outgoing network traffic. A firewall acts as a barrier
between a trusted network and an untrusted network. A firewall controls access to the
resources of a network through a positive control model. It is normally placed between
a protected network and an unprotected network and acts like a gate to protect assets
to ensure that nothing private goes out and nothing malicious comes in.

Firewall Components -
The primary components (or aspects) of a firewall are:
 Network policy – There are two levels of network policy that directly influence the
design, installation and use of a firewall system. The higher-level policy is an issue-
specific, network access policy that defines those services that will be allowed or
explicitly denied from the restricted network, how these services will be used, and the
conditions for exceptions to this policy. The lower-level policy describes how the firewall
will actually go about restricting the access and filtering the services that were defined
in the higher-level policy.
 Advanced authentication mechanisms – Advanced authentication measures such as
smartcards, authentication tokens, biometrics, and software-based mechanisms are
designed to counter the weaknesses of traditional passwords. While the authentication
techniques vary, they are similar in that the passwords generated by advanced
authentication devices cannot be reused by an attacker who has monitored a
connection.
Some of the more popular advanced authentication devices in use today are called one-
time password systems. A smartcard or authentication token, for example, generates a
response that the host system can use in place of a traditional password.
 Packet filtering and – IP packet filtering is done usually using a packet filtering router
designed for filtering packets as they pass between the router's interfaces. A packet
filtering router usually can filter IP packets based on information of IP address & ports.
Filtering can be used in a variety of ways to block connections from or to specific hosts
or networks, and to block connections to specific ports
 Application gateways – To counter some of the weaknesses associated with packet
filtering routers, firewalls need to use software applications to forward and filter
connections for services such as TELNET and FTP. Such an application is referred to
 as a proxy service, while the host running the proxy service is referred to as an
application gateway. Application gateways and packet filtering routers can be combined
to provide higher levels of security and flexibility than if either were used alone.
Benefits of Firewall –

1. Monitors Traffic
A firewall monitors all of the traffic entering your computer network and the traffic
exiting your network as well. It prevents all threat from passing through in both
directions.
2. Blocks Trojans
A firewall helps block Trojan horses and other threats.
3. Stops Hackers
Having a firewall keeps hackers out of your network.
4. Stops Keyloggers
Having firewall security will reduce the risk of keyloggers monitoring you. A
keylogger is spyware software that cybercriminals try to put on your computer so
they can target your keystrokes.
5. Enforcing Policies
Many networks have policies regarding which users can access data. For example,
a school would likely prevent all of its computers from accessing adult content, while
a home user might limit the amount of time that her children could use the Internet.

Few known Firewalls

Hardware Firewall Software Firewall
Nokia – Checkpoint McAfee
CISCO – Pix Trends Micro
Juniper – Net Screen Norton
Symantec – SGS Kaspersky
Microsoft

Enterprise-wide Security Framework

With the emergence of new technology strategies such as Intranets and Extranets,
protection of informational assets has become paramount. The first step is an
enterprise-wide Information Systems Security Policy.
Traditionally, organizations have relied on policies to communicate high-level directives
from the management. These documents, once issued, provide top down influence for
everyone in the company—from business units to departments to individual employees.
Furthermore, these policies typically were developed at one time in the organization's
evolution to capture the current environment. One of the major challenges for an
organization in this area is the continued growth and adaptation of the policies to mirror
the transformation within the organization. The fastest area of growth and change within
an organization is Information Systems. With the rapid development and push toward
 new technologies, organizations find themselves striving to maintain current technical
environments with outdated policies. Secondly, with the emergence of new technology
strategies such as Intranets and Extranets, security and the protection of informational
assets has become paramount.
The first step is an enterprise-wide Information Systems Security Policy that is
consistently enforced even as business needs change. Unfortunately, most companies
have only bits and pieces of security scattered throughout the organization. These may
make some departments or individuals feel safe, but they do little to protect the
enterprise as a whole.

Enterprise Security Architecture System (ESAS)

ESAS is a Security Knowledge Management tool designed to bridge the gap between
business and technology. It provides organizations with a centralized repository of security
policies and technical control information. ESAS allows an organization to effectively
communicate security policies and controls throughout the enterprise, and provide the key
infrastructure for a successful Information Security program.
The major objectives of the ESAS are:
 Ensure consistency of organizational security objectives throughout operating units
 Allow business strategies and goals to drive Information Security
 Allow an organization to deal with the changes in both business initiatives and
technology and manage the risk associated with change
 Provide a comprehensive set of security policies for the organization
 Provide a method to look at information and technical systems from a Risk
perspective
 Provide the methods to implement security objectives effectively and efficiently at a
technical level

The PPT Model

PPT stands for People, Policy, & Technology. The security process is a mixture of
these three elements. Each element depends in some manner on the other elements.
 Also, issues receive greater coverage when the elements are combined. The controls
environment is greatly enhanced when these three elements work in concert.

People This core element is the most important. The people element comprises the
people and various roles and responsibilities within the organization. These are the
people that are put in place to execute and support the process. A few key roles
include senior management, security administrators, system and IT administrators,
end users, and auditors.

Policy This element comprises the security vision statement, security policy and
standards, and the control documentation. This is basically the written security
environment—the bible that the security process will refer to for direction and
guidance.

Technology This element includes tools, methods, and mechanisms in place to

support the process. These are core technologies—the operating systems, the
databases, the applications, the security tools—embraced by the organization. The
technology then is the enforcement, monitoring, and operational tool that will facilitate
the process.

Information Security Environment in India

 Indian companies have robust security practices comparable to those followed by

western companies.
 Indian companies primarily comply with ISO 27001 – a global standard that covers
all domains of security.
 Companies sign Service Level Agreements (SLA), which have very strict
confidentiality and security clauses built into them at the network and data level.
 Laws such as the IT Act 2000, Indian Copyright Act, Indian Penal Code Act and the
Indian Contract Act, 1972 provide adequate safeguards to companies offshoring
work to US and UK.
 Most of the BPO companies providing services to UK clients ensure compliance with
UK Data Protection Act 1998 (DPA) through contractual agreements
Types of Real Time Systems –
Real-time computing (RTC) describes hardware and software systems subject to a "Real-
time constraint", for example from event to system response. Real-time programs must
guarantee response within specified time constraints, often referred to as "deadlines". In
short real-time systems are those systems which responds immediately as the user takes
any action e.g. Online money transfer.
1. Hard Real-time System (also known as an immediate real-time system) is
hardware or software that must operate within the confines of a stringent deadline.
The application may be considered to have failed if it does not complete its function
within the allotted time span.
 2. Soft Real-time System where a critical real-time task gets priority over other tasks
and retains that priority until it completes.
3. Predictable Real-time System is one whose behavior is always within an
acceptable range. The behavior is specified on a system-wide basis such as "all
tasks will meet all deadlines". Generally, the period, deadline, and worst-case
execution time of each task need to be known to create a predictable system.
4. Deterministic Real-time System is a special case of a predictable system. Not only
is the timing behavior within a certain range, but that timing behavior can be pre-
determined.

Difference between Real Time, Online & Batch Processing Systems

Real-time processing Online Processing: Batch Processing:
It involves a continual An online system handles Data is processed in groups
input, process and output transactions when the occur or batches. Batch processing
of data. Data must be and provides output directly is typically used for large
processed in a small- to users. Because it is amounts of data that must be
time period (or near real interactive, online processing processed on a routine
time). Real-time avoids delays and allows a schedule, such as paychecks
processing is data constant dialog between the or credit card transactions. A
processing that occurs as user and the system. The batch processing system has
the user enters in the data system processes several main characteristics:
or a command. transactions completely collect, group, and process
when and where they occur. transactions periodically.
Users interact directly with Batch programs require no
the information system. user involvement and
Users can access data requires significantly fewer
randomly. The information network resources than
system must be available online systems.
whenever necessary to
support business functions.
Examples – Examples – Examples –
Radar systems, Google, Yahoo etc. Salary & Payroll processing,
Customer Services and Emails, Games Utility Bill / Invoice
Bank ATMs, Net-Chatting processing

Real Time Applications –

1. Indian Railways
Indian Railways has launched a new real-time train tracking application for passengers.
RailRadar has been jointly developed by Centre for Railway Information Service (CRIS), the
information technology arm of Indian Railways and RailYatri team (Stelling Technologies), a
start-up that has partnered with Railways to provide real-time train information.
The application is currently tracking 6,500 passenger trains out of the 10,000 trains operated
by Indian Railways. The app was launched at the digital conference organised by Delhi based
Medianama, a digital media publication.
Benefits –
i. Better tracking of live status of trains
ii. Better customer services
iii. Richer MIS for management
iv. Better forecasting of arrival & departure of trains & delays.
Real time system is also used for –
 Airways – Saber & Galileo are the best & biggest real-time airline booking &
management systems.
 Hotel Reservation – Almost all big hotels do have web presence and they use their
individual online booking system that are real-time ones.
 ATMs – Thousands of ATMs (Automated Teller Machines) are functioning 24 X 7 and
dispensing cash and renders other services to client and its all real-time services.
EDI – Electronic Data Interchange –
Electronic Data Interchange (EDI) is the computer-to-computer exchange of business
documents in a standard electronic format between business partners. EDI replaces postal
mail, fax and email. EDI has benefits such as reduced cost, increased processing speed,
reduced errors and improved relationships with business partners. An EDI message contains
a string of data elements, each of which represents a singular fact, such as a price, product
model number etc.

Advantages of EDI –
 1. EDI provides cost savings by reducing paper and eliminating paper processing.
2. Time savings and eliminating repetition are other benefits from the reduction in paper
processing.
3. Documents can be transferred more quickly and processing errors can be decreased
allowing business to be done more efficiently.
4. More efficient processing will likely lead to improved customer service which will
ultimately expand the customer base.
Examples of EDI – Shipping, Transport, Warehousing.
E-Cash -
'e-Cash' An Internet-based system that allows funds to be transferred anonymously. Cash has
to be accumulated in bank account for transaction.
Advantages of E-Cash –
i. Transfer of funds,
ii. Purchase of goods and variety of other services online.
iii. Safe to transact.
iv. Its time saving.
Disadvantages of E-Cash –
i. E-cash and E-Cash transaction security are the major concern.
ii. Hackers with good skill able to hack into bank accounts and illegally retrieve of
banking records
iii. E-Cash can be used by anti-social elements against society / national interest.
Requirements for safe e-payments −
Following are the essential requirements for safe e-payments/transactions −
 Confidential − Information should not be accessible to unauthorized person. It should
not be intercepted during transmission.
 Integrity − Information should not be altered during its transmission over the network.
 Availability − Information should be available wherever and whenever requirement
within time limit specified.
 Authenticity − There should be a mechanism to authenticate user before giving him/her
access to required information.
 Non-Repudiabiity − It is protection against denial of order or denial of payment. Once
a sender sends a message, the sender should not able to deny sending the message.
Similarly, the recipient of message should not be able to deny receipt.
 Encryption − Information should be encrypted and decrypted only by authorized user.
  Auditability − Data should be recorded in such a way that it can be audited for integrity
requirements.
Security measures in International & Cross-Border Financial Transactions –
An International Transaction or Cross Border Transaction can be defined as a transaction
in an international trade between two or more entities beyond the territorial limits of a
country in which at least one of the party is located outside the country of the transaction.
The points to be consider for security of transaction –
i. Check authenticity of person & firm at opposite end.
ii. Check for its transaction history is they are financial criminal.
iii. Deal only through well reputed international banks only.
iv. Insist for getting security details from that firm.
v. Use secure web media.
vi. Don’t share personal bank details.
Cyber threat hunting is "the process of proactively and iteratively searching through networks
to detect and isolate advanced threats that evade existing security solutions." This is in contrast
to traditional threat management measures, such as firewalls, intrusion detection systems
(IDS) which typically involve an investigation after there has been a warning of a potential
threat or an incident has occurred.
Famous threat hunting software and services include:

 Carbon Black
 Countercept (by MWR InfoSecurity)
 CrowdStrike
 Cybereason
 Sqrrl
 ExtraHop Networks
 Endgame, Inc.
 Cyberbit
 Haystax Technology

The End,,,Chapter 4_________________________________________________________