The framework's Base Class Library provides a large range of features including user interface, data and data access, database connectivity, cryptography, web application development, numeric algorithms, and network communications. The class library is used by programmers, who combine it with their own code to produce applications.

Active Server Pages (ASP), also known as Classic ASP, was Microsoft's first server-side script engine for dynamically-generated web pages. Initially released as an add-on to Internet Information Services (IIS) via the Windows NT 4.0 Option Pack, it was subsequently included as a free component of Windows Server (since the initial release of Windows 2000 Server).

Developing rich functionality in ASP websites is enabled by the active scripting engine's support of the Component Object Model (COM), with each object providing a related group of frequently-used functions and data attributes. In ASP 2.0 there were six built-in objects: Application, ASPError, Request, Response, Server, and Session. Session, for example, is a cookie-based session object that maintains the state of variables from page to page. Functionality is further extended by objects which, when instantiated, provide access to the environment of the web server; as an example FileSystemObject (FSO) is used to create, read, update and delete files.

Microsoft Access

Microsoft Office Access, previously known as Microsoft Access, is a relational database management system from Microsoft that combines the relational Microsoft Jet Database Engine with a graphical user interface and software development tools. It is a member of the Microsoft Office suite of applications and is included in the Professional and higher versions for Windows and also sold separately. There is no version for MacOS or for Microsoft Office Mobile.

Access stores data in its own format based on the Access Jet Database Engine. It can also import or link directly to data stored in other Access databases, Excel, SharePoint lists, text, XML, Outlook, HTML, dBase, Paradox, Lotus 1-2-3, or any ODBC-compliant data container including Microsoft SQL Server, Oracle, MySQL and PostgreSQL. Software developers and data architects can use it to develop application software and non-programmer "power users" can use it to build simple applications. It supports some object-oriented techniques but falls short of being a fully object-oriented development tool.

Component access privileges define the actions you can perform on components. By default, you are granted the highest level of access, Manage, on any component you create. The Action column of the Oracle Portal Navigator indicates the actions you can perform on the component. To build a component, you must have Edit or higher privileges in a provider that will own the finished component. The component by default inherits privileges from the provider. For example, after a component is created in MY_APP, all Oracle Portal developers with Execute or higher access privileges on MY_APP can run the component. Component owners can override these privileges and set access on a user by user level rather than the provider level. Component access privileges and the actions you can perform with them are listed below.   Manage Edit View Source Customize Execute Grant component privileges to other users         Manage component locks       Edit any version of components       Delete components from the database       Rename components       Export components to another database         Copy components       Generate components     Monitor component usage     View the call interface, package spec, and body of components     Customize components   Run components Add components to the Favorites list

Authentication - is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. The weakness in this system for transactions that are significant (such as the exchange of money) is that passwords can often be stolen, accidentally revealed, or forgotten.

Data Administrator - a person who coordinates activities within the data administration department. Same as "database analyst."

 An active hyperlink - from the time a user presses and releases the mouse button when clicking on the hyperlink. When designing a Web page, you can choose a font color to represent active hyperlinks.

E-Government - (short for electronic government, also known as e-gov, digital government, online government or transformational government) is a diffused neologism used to refer to the use of information and communication technology to provide and improve government services, transactions and interactions with citizens, businesses, and other arms of government.

Encryption - is the process of changing data into a form that can be read only by the intended receiver. To decipher the message, the receiver of the encrypted data must have the proper decryption key (password).

 Information technology (IT) - as defined by the Information Technology Association of America (ITAA), is "the study, design, development, implementation, support or management of computer-based information systems, particularly software applications and computer hardware."^[1] IT deals with the use of electronic computers and computer software to convert, store, protect, process, transmit, and securely retrieve information.

ITR (Information Technology Resources) - is a Veteran owned Technical consulting and recruiting firm focused on the Information Technology Industry. ITR is headquartered in Knoxville Tennessee serving both small and large clients across the country.

 ISO - founded in 1947, is a worldwide federation of national standards bodies from some 100 countries, with one standards body representing each member country. The American National Standards Institute (ANSI), for example, represents the United States. Member organizations collaborate in the development and promotion of international standards. Among the standards the ISO fosters is Open Systems Interconnection (OSI), a universal reference model for communication protocols.

About ISO

ISO (International Organization for Standardization) is the world's largest developer and publisher of International Standards.

ISO is a network of the national standards institutes of 159 countries, one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system.

ISO is a non-governmental organization that forms a bridge between the public and private sectors. On the one hand, many of its member institutes are part of the governmental structure of their countries, or are mandated by their government. On the other hand, other members have their roots uniquely in the private sector, having been set up by national partnerships of industry associations.

Therefore, ISO enables a consensus to be reached on solutions that meet both the requirements of business and the broader needs of society.

Intellectual property

Intellectual property (IP) are legal property rights over creations of the mind, both artistic and commercial, and the corresponding fields of law. Under intellectual property law, owners are granted certain exclusive rights to a variety of intangible assets, such as musical, literary, and artistic works; ideas, discoveries and inventions; and words, phrases, symbols, and designs. Common types of intellectual property include copyrights, trademarks, patents, industrial design rights and trade secrets.

The majority of intellectual property rights provide creators of original works economic incentive to develop and share ideas through a form of temporary monopoly. While credited with significant contributions to modern economic growth, some have criticized the expansion in nature and scope of IP laws.

Although many of the legal principles governing intellectual property have evolved over centuries, it was not until the late 20th century that the term intellectual property began to be used as a unifying concept.

Malicious Code

Viruses and worms are related classes of malicious code; as a result they are often confused. Both share the primary objective of replication. However, they are distinctly different with respect to the techniques they use and their host system requirements. This distinction is due to the disjoint sets of host systems they attack. Viruses have been almost exclusively restricted to personal computers, while worms have attacked only multi-user systems.

A careful examination of the histories of viruses and worms can highlight the differences and similarities between these classes of malicious code. The characteristics shown by these histories can be used to explain the differences between the environments in which they are found. Viruses and worms have very different functional requirements; currently no class of systems simultaneously meets the needs of both.

A review of the development of personal computers and multi-tasking workstations will show that the gap in functionality between these classes of systems is narrowing rapidly. In the future, a single system may meet all of the requirements necessary to support both worms and viruses. This implies that worms and viruses may begin to appear in new classes of systems. A knowledge of the histories of viruses and worms may make it possible to predict how malicious code will cause problems in the future.

Patch (Unix)

patch is a Unix program that updates text files according to instructions contained in a separate file, called a patch file. The patch file (also called a patch for short) is a text file that consists of a list of differences and is produced by running the related diff program with the original and updated file as arguments. Updating files with patch is often referred to as applying the patch or simply patching the files.

History

The original patch program was written by Larry Wall (who went on to create the Perl programming language) and posted to mod.sources (which later became comp.sources.unix) in May 1985. A newer version of the program is part of the GNU project and is maintained by the FSF.

Malicious Software Removal Tool

Published: January 11, 2005 | Updated: March 10, 2009

The Microsoft Windows Malicious Software Removal Tool checks computers running Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.

Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.

Note  The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. If you would like to run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.

Because computers can appear to function normally when infected, Microsoft advises you to run this tool even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.

Purge

In history and political science, a purge is the removal of people who are considered undesirable by those in power from a government, from another organisation, or from society as a whole. Purges can be peaceful or violent; many will end with the imprisonment or exile of those purged, but in some cases they will simply be removed from office. Restoring people who have been purged is known as rehabilitation. Historical use of the term

The earliest use of the term itself was the English Civil War's Pride's Purge. In 1648, the moderate members of the English Long Parliament were purged by the army. Parliament would suffer subsequent purges under the Commonwealth including the purge of the entire House of Lords. Counter-revolutionaries such as royalists were purged as well as more radical revolutionaries such as the Levellers. After the Restoration, obstinate republicans were purged while some fled to New England.

The term "purge" is often associated with the Stalinist and Maoist regimes. Those who were purged (among them artists, scientists, teachers, people in the military, but also many long-time communists who dared to disagree with the party leadership) were sent to labor camps or executed. The most notorious of CPSU purges was the Great Purge initiated by Joseph Stalin during the 1930s. Deng Xiaoping was known for having returned to power several times after having been purged.

After France's liberation by the Allies in 1944, purges were processed by the Free French and mostly the French Resistance against former collaborationnists, the so-called "vichystes". The legal term was known as épuration légale ("legal purge"). Similar processes in other countries and on other occasions were denazification and decommunization.

Personal IT Resources

Access to and use of information technology (IT) and telecommunications is vital to the mission of the University of Baltimore, a mission that includes teaching, lifelong learning, research, and service. IT offers increased opportunities for communication and collaboration, and is essential to achieve a level of excellence in its effective use by all faculty, staff and students.

The use of IT and related resources must be consistent with the University’s mission and its role as a public agency. Each member of the University community is expected to protect the integrity of these resources and to know and adhere to University rules, regulations, and guidelines for their appropriate use. Regulations that govern personal conduct and use of University facilities also apply to the use of IT resources.  

This Acceptable Use policy establishes standards for responsible and appropriate use of all University IT and network resources. Additional policies may also apply to specific computers, computer systems, or networks at the University of Baltimore, or to uses within specific departments.

 Remote access - is the ability to get access to a computer or a network from a remote distance. In corporations, people at branch offices, telecommuters, and people who are travelling may need access to the corporation's network. Home users get access to the Internet through remote access to an Internet service provider (ISP).

 In computer security - social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. A social engineer runs what used to be called a "con game".

Sfoofing - a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host.

User ID - the name you use to identify yourself when logging into a computer system or online service. Both a username (user ID) and a password are required.

SSL/TLS Strong Encryption: An Introduction

Available Languages:  en  |  ja 

The nice thing about standards is that there are so many to choose from. And if you really don't like all the standards you just have to wait another year until the one arises you are looking for.

-- A. Tanenbaum, "Introduction to Computer Networks"

As an introduction this chapter is aimed at readers who are familiar with the Web, HTTP, and Apache, but are not security experts. It is not intended to be a definitive guide to the SSL protocol, nor does it discuss specific techniques for managing certificates in an organization, or the important legal issues of patents and import and export restrictions. Rather, it is intended to provide a common background to mod_ssl users by pulling together various concepts, definitions, and examples as a starting point for further exploration.

The presented content is mainly derived, with permission by the author, from the article Introducing SSL and Certificates using SSLeay from Frederick J. Hirsch, of The Open Group Research Institute, which was published in Web Security: A Matter of Trust, World Wide Web Journal, Volume 2, Issue 3, Summer 1997. Please send any positive feedback to Frederick Hirsch (the original article author) and all negative feedback to Ralf S. Engelschall (the mod_ssl author).