Telecommunications and Networking MIS 503 - Management Information Systems MBA Program

Telecommunications and
Networking
MIS 503 - Management Information Systems
MBA Program
A Significant Underestimation
“This ‘telephone’ has too many shortcomings to be
seriously considered as a means of communication.
the device is inherently of no value to us.”
Western Union internal memo, 1876.
Telecommunications:
The Technology
AN OVERVIEW OF
TELECOMMUNICATIONS
AND NETWORKING
Networking –
the electronic linking of geographically dispersed devices
Telecommunications –
communications (voice and data) at a distance
Page 97-98
What is communication?
• The Romans used the Latin word communicare
when they meant "to make common, to share,
or to impart.”
• Communication is the sharing of information
or messages between two or more entities.
Elements of a Communication System
• Source - the originator of the message, whether it is a
person or machine.
• Transmitter - the equipment that modifies the message
(either data or voice) into the form required for
transmission.
• Communications channel - the means of carrying the
signal from the source to the destination.
Elements of a Communication System
• Transmission media - may be physical, like a
copper wire or fiber optic cable, or atmospheric,
like radio waves.
• Receiver - is the device that captures the
message from the communications channel and
converts it into a form that the person or machine
at the destination can understand.
• Destination - the person or machine to whom the
message is directed
Elements of a Communication System
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Analog and Digital Signals
Figure 4.1 Use of Modem in Analog Network
Page 99
Types of Signals
• Analog signal - a continuous fluctuation
over time between high and low voltage.
• Digital signal - discrete voltage state either high or low.
Transmission Modes
• Data can flow between telecommunication
devices in three ways:
– Simplex - the data can flow only in one
direction.
– Half-Duplex - the data can flow in both
directions, but it can only flow in one direction
at any point in time.
– Full-Duplex - data can flow in both directions
at the same time.
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Transmission Media
Typical Speeds
Table 4.2 Telecommunications Transmission Speeds
Data Transmission
• Asynchronous transmission - the data is sent in
packages of characters, one character at a time.
– Each character set includes a parity bit
surrounded by start and stop bits. The parity bit
is used for error checking.
• Synchronous transmission - data is sent in
packages of more than one character at a time with
each block sandwiched between a header byte and a
trailer byte, called flags.
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Topology of Networks
Figure 4.5 Network Topologies
More Complex Networks
Figure 4.6 vBNS+ Network Map
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Local Area Networks
•
LAN Topologies and Standards
– Contention bus design … IEEE 802.3
– Token bus design … IEEE 802.4
– Token ring design … IEEE 802.5
– Wireless design … IEEE 802.11
Mesh Topologies
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Types of Networks
•
Backbone network terminology:
– Bridge – connects two LANs using same protocol
– Router (gateway) – connects two or more LANs that
may use different protocols
– Switch – connects more than two LANs using the
same protocols
Figure 4.11 Sample Backbone Network
Microwave and Satellite
Transmission
• A communications satellite is a
microwave station placed in outer
space.
– Satellites don’t “bounce” the
microwave signal; rather, the signal is
received and then rebroadcast at a
different frequency.
– Satellites can broadcast over long
distances.
A Classic Case of Miscalculation
Iridium
• Iridium communications
– Launched November 1, 1998
– Went into Chapter 11 bankruptcy on August 13, 1999
– Why?
•
•
•
•
•
Miscalculated competition from cellular
Development costs were high
Prices were too high
Technology was awkward and limited
The project was mismanaged
– Visit http://en.wikipedia.org/wiki/Iridium_%28satellite%29#Quotes for
more informaiton
Other Transmission Options
• Cellular transmission – Well, you know
about this one…
Mobile Phone Infrastructure
Mobile Phone Generations
• 1G: The first generation of wireless technology
– used analog communication
– designed for voice communication
• 2G: The second generation of digital wireless technology
– Uses digital circuit switched transmission protocols
– Capable of providing voice/data/fax transfers, albeit at low data
rates
– SMS was introduced in 1994 and became a popular tool
associated with GSM (Global System for Mobile
communications)
Mobile Phone
Generations (cont.)
• 2.5G: Interim wireless technology that has
greater bandwidth
– CDMA2000 1x (Code Division Multiple
Access) and GPRS (general packet radio
service)
– Uses packet switching, which offers high data
transfer rates (e.g., up to 307 kbit/s)
compared to the circuit switching of GSM and
other 2G networks
Mobile Phone Generations (cont.)
• 3G: The third generation of digital wireless
technology
– For example, UMTS and CDMA2000 1xEVDO
– High data transfer rates (2.4Mbit/s)
– It has the potential to support rich media such
as video and graphics
Mobile Phone
Generations (cont.)
• 4G: The next generation of wireless
technology
– Very high data transfer rates (20 Mbps)
– In the context of mobile phones, it is expected
to be available by 2010
– 4G also refers to the integration of mobile
phones, Wi/Fi networks, and other
components of a pervasive network
WLAN Architecture
Wireless Networking Standards
• 802.11 - IEEE’s Radio Frequency Wireless networking
standard committee.
• 802.11b - uses direct sequence spread spectrum (DSSS)
signaling. Also used the 2.4 - 2.4835 GHz frequency range
and separates it into 14 overlapping 22-MHz channels.
• 802.11g - designed to be just as affordable as 802.11b while
increasing its maximum capacity from 11 Mbps through
different encoding techniques.
• 802.11a - uses multiple frequency bands in the 5 GHZ
range. Like 802.11g, 802.11a provides a maximum
throughput of 54 Mbps.
WIMAX
• WiMAX is an acronym for Worldwide
Interoperability for Microwave Access
– IEEE 802.16d
• WIMAX improves upon the limitations of Wi-Fi
by providing increased bandwidth and range and
stronger encryption
• Applications
– An alternative to cable and DSL for last mile
– Connecting Wi-Fi hotspots
– high-speed mobile data services
Bluetooth
• A mobile wireless networking standard that
uses direct sequence spread spectrum (DSS)
signaling in the 2.4 GHz band to achieve a
maximum throughput of less than 1 Mbps.
• Designed to be used on small networks
composed of personal communications
devices, also known as personal area networks.
Significant Quotes
“No sensible man would transact his affairs by a means of
communication such as Bell’s telephone.”
Western Union Board of Directors letter to shareholders - - October 1876.
The Americans have need of the telephone, but we do not. We
have plenty of messenger boys.
Sir William Preece, chief engineer of the British Post Office, 1876
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Types of Networks
•
The Internet
– Network of networks that use the TCP/IP protocol
– Contain gateways to computers that do not use
TCP/IP
– Provides four basic functions:
•
•
•
•
Electronic mail
Remote login
Discussion groups
Sharing of data resources
Page 117-118
Table 4.4 Internet Applications
Page 118
KEY ELEMENTS OF TELECOMMUNICATIONS AND
NETWORKING
DSL, Cable Modem, and Satellite
•
Internet access services:
–
–
–
Digital subscriber line (DSL) – service offered by
telephone companies using copper wire already installed
in homes … moving data over wires without disturbing
voice traffic
Cable modem – connection obtained from cable TV
company using existing home coaxial cable
Satellite – most expensive, but may be only option for
customers in rural areas
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Intranets
Intranet –
a network operating within an organization that uses
the TCP/IP protocol
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Internet2 –
not-for-profit consortium of over 200 universities,
working with over 60 technology companies and the
U.S. government, to develop and deploy advanced
network applications and technologies
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
•
Primary goals of Internet2:
–
–
–
Create a leading-edge network capability for the
national research community
Enable revolutionary Internet applications based on a
much higher-performance Internet that we have
today
Ensure the rapid transfer of new network services
and applications to the broader Internet community
KEY ELEMENTS OF
TELECOMMUNICATIONS AND
NETWORKING
Network Protocols
Protocol –
agreed-upon set of rules governing communication
among layers or levels of a network
Major Telecommunications Laws
• Graham Act, 1921
– Exempted telephone companies from antitrust laws
• Communications Act of 1934
– legislation which created the Federal Communications Commission
• AT&T Consent Decree of 1956
– AT&T and the US Justice department agree on a consent decree to end an
antitrust suit against AT&T in 1949
• Carterfone Decision of 1968
– allowed other businesses to attach telephones, equipment and business
switchboards to the Bell network
• MCI Decision
– FCC decree in 1969 that granted MCI Communications Inc., as well as any
other company, the right to offer long distance service to customers and to
connect to AT&T's network
• Modified Final Judgment and Divestiture, 1984
– Split up the Bell Network
• The Telecommunications Act of 1996
The Telecommunications Act
of 1996
• The Telecommunications Act of 1996 was the first
major overhaul of United States telecom policy in
nearly 62 years. The focus of the Act was to
enhance competition
• The legislation regulates:
– Broadcasting by over-the-air television and radio
stations;
– cable television operators;
– satellite broadcasters;
– Wireline telephone companies (local and long
distance), wireless telephone companies, and others.
Technology
Convergence
Data
Voice
Video
Services
Voice Over IP (VoIP)
The use of packet-switched networks and the
TCP/IP protocol suite to transmit voice
conversations.
Reasons for implementing VoIP may include:
– To improve business efficiency and competitiveness
– To supply new or enhanced features and applications
– To centralize voice and data network management
– To improve employee productivity
– To save money
VoIP and IP Telephones
Popular features unique to IP telephones include:
– Screens on IP telephones can act as Web browsers, allowing a
user to open HTTP-encoded pages and, for example, click a
telephone number link to complete a call to that number.
– IP telephones may connect to a user’s personal digital assistant
(PDA) through an infrared port, enabling the user to, for example,
view his phone directory and touch a number on the IP telephone’s
LCD screen to call that number.
– If a line is busy, an IP telephone can offer the caller the option to
leave an instant message on the called party’s IP telephone screen.
VoIP and Softphones
Virtual Organizations
Technologies for Virtual Teams
Communication Technology
Audio Communication
Video Conferencing Synchronous Chat
Project Management
E-mail
Group Support
Systems
Spreadsheet Analysis
Tools
Decision Support Technology
Personal Information
Management
Data Warehouses
OLAP
Internet Search
Engines
Information Access Technology
Collaboration-Enabling Tools:
Groupware
• Groupware: Software products that
support collaboration, over networks,
among groups of people who share a
common task or goal
• Provide a way for groups to share
resources and opinions
Collaboration-Enabling Tools: Group
Decision Support Systems (GDSS)
• Virtual meetings: Online meetings whose
members are in different locations, frequently in
different countries
• Group decision support system (GDSS): An
interactive computer-based system that facilitates
the solution of semistructured and unstructured
problems by a group of decision makers
Collaboration-Enabling Tools:
GDSS (cont.)
• Major characteristics of a GDSS
– Its goal is to support the process of group
decision makers by providing automation of
subprocesses using information technology
tools
– It is a specially designed information system
– It encourages generation of ideas, resolution
of conflicts, and freedom of expression
Collaboration-Enabling Tools:
GDSS (cont.)
• GDSSs improve the decision-making
process by:
– providing structure to the planning process
– support parallel processing of information and
idea generation
– make larger meetings possible
Collaboration-Enabling Tools:
Teleconferencing
• Teleconferencing: The use of electronic
communication that allows two or more people
at different locations to have a simultaneous
conference
• Video teleconference: Virtual meeting in which
participants in one location can see participants
at other locations on a large screen or a desktop
computer
Collaboration-Enabling Tools:
Teleconferencing
• Data conferencing: Virtual meeting in which
geographically dispersed groups work on documents
together and to exchange computer files during
videoconferences
• Web conferencing is conducted on the Internet
– few as two and as many as thousands of people
– allows users to simultaneously view something
– interaction takes place via messaging or a simultaneous phone
teleconference
– is much cheaper than videoconferencing because it runs on the
Internet
SharePoint
• An integrated portfolio of collaboration and
communication services designed to
connect people, information, processes,
and systems both within and beyond the
organizational firewall. (MS Website)
–
–
–
–
A virtual desktop
A collaboration space
Shared workspace
Communication portal for teams
Unique Opportunities
“That is the essence of virtualization: rather than
simply re-creating in digital form the physical
thing we know as a letter, e-mail reinvents and
vastly enhances letter-writing. Unbound by
barriers of time and space and endowed with new
powers, the electronic letter does something new
altogether. The same sort of thing happens when
business, the arts, or government are reborn in
digital form.”
John Verity, Business Week, 1994
Looking into the Future
“Computers are getting smaller and smaller. You can
expect to have on your wrist tomorrow what you have
on your desk today, what filled a room yesterday.”
Nicholas Negroponte , Being Digital
Today’s average consumers wear more computing
power on their wrists than existed in the entire world
before 1961.
Anonymous
Planning for Security and Control
• In today’s net-enabled environment, an
increasingly important part of IT planning
involves planning to control and secure the
IT resource
Control Systems
• The components of control systems are
– Standards for performance
– Sensory determination of actual conditions
– Comparison of standard with actual conditions
– Compensatory action if the deviation is too
great
When there are Failures of Control
• Examples of control breakdowns
– Worldcom
– Qwest
– Global Crossing
• What caused these? Probably, it was in part the reward systems for
senior managers that consisted of stock options. Managers were
rewarded for inflating the bottom line.
• IS has an important role to play in strengthening control
systems
–
–
–
–
Audits
Monitoring
Information dissemination
Reporting
Vulnerability of Systems:
Where Does Control Fail?
•
•
•
•
•
•
Errors in and intrusion of the operating system
Errors in application programs
Problems with database security
Lack of network reliability and security
Problems with adequate control of manual procedures
Failure of management to maintain proper organizational
control
• Open networks and connectivity
• Misuse or mistakes made by users
Control in the Organization:
Controls can be created through…
• The structure of the
organization
– Decentralized or
centralized
•
•
•
•
•
Rewards
Management committee
Budget
Direct supervision
Routine audits
• Establish and enforce
standards and
procedures
• Develop a plan and policy
for managing database
resources
– Data Backup/Recovery
– Data Concurrency
Management
– Data Security
Control in the Organization
A Key Requirement for Control is
Establishing IT Security
• Without security, the integrity of organizational IT
resources will be at risk – therefore, security is
everyone’s business
• Security is an increasingly important issue because of an
increasing number of threats
– According to the statistics reported to CERT/CC over the past
several years (CERT/CC 2003) the number of cyber attacks
grew from approximately 22,000 in 2000 to 137,529 2003
– According to the 2004 E-Crime Watch Survey, 43% of
respondents report an increase in e-crimes and intrusions versus
the previous year and 70% reported at least one e-crime or
intrusion was committed against their organization
Security Concepts
• Authentication: The process by which one entity verifies that another
entity is who they claim to be
• Authorization: The process that ensures that a person has the right to
access certain resources
• Confidentiality: Keeping private or sensitive information from being
disclosed to unauthorized individuals, entities, or processes
• Integrity: Being about to protect data from being altered or destroyed
in an unauthorized or accidental manner
• Confidentiality: Keeping private or sensitive information from being
disclosed to unauthorized individuals, entities, or processes
• Nonrepudiation: The ability to limit parties from refuting that a
legitimate transaction took place, usually by means of a signature
Types of Threats and Attacks
• Nontechnical attack: An attack that uses
chicanery to trick people into revealing
sensitive information or performing
actions that compromise the security of a
network
Types of
Threats and Attacks (cont.)
• Social engineering: A type of nontechnical
attack that uses social pressures to trick
computer users into compromising
computer networks to which those
individuals have access
Types of
Threats and Attacks (cont.)
•
Multiprong approach used to combat
social engineering:
1. Education and training
2. Policies and procedures
3. Penetration testing
Types of
Threats and Attacks (cont.)
• Technical attack: An attack perpetrated
using software and systems knowledge or
expertise
Types of
Threats and Attacks (cont.)
• Denial-of-service (DoS) attack: An attack
on a Web site in which an attacker uses
specialized software to send a flood of
data packets to the target computer with
the aim of overloading its resources
Types of
Threats and Attacks (cont.)
• Distributed denial-of-service (DDoS)
attack: A denial-of-service attack in which
the attacker gains illegal administrative
access to as many computers on the
Internet as possible and uses these
multiple computers to send a flood of data
packets to the target computer
Types of
Threats and Attacks (cont.)
• Malware: A generic term for malicious
software
– The severity of virus attacks are
increasing substantially, requiring much
more time and money to recover
– 85% of survey respondents said that their
organizations had been the victims of email viruses in 2002
Types of Threats and Attacks
– Malware takes a variety of forms - both pure and hybrid
• Virus: A piece of software code that inserts itself into a host,
including the operating systems, to propagate; it requires that
its host program be run to activate it
• Worm: A software program that runs independently,
consuming the resources of its host in order to maintain itself
and is capable of propagating a complete working version of
itself onto another machine
• Macro virus or macro worm: A virus or worm that is executed
when the application object that contains the macro is opened
or a particular procedure is executed
• Trojan horse: A program that appears to have a useful function
but that contains a hidden function that presents a security
risk
CERT: Recommendations for
Governing Organizational Security
• Questions to ask:
– What is at risk?
– How much security is enough
– How should an organization …
• Develop policies on security
• Achieve and sustain proper security
The CERT recommendations are derived from a report written by
Julia Allen entitled Governing for Enterprise Security, which may be
found at http://www.cert.org/archive/pdf/05tn023.pdf
CERT: Recommendations for
Governing Organizational Security
• What is at risk?
–
–
–
–
–
Trust that the public has in your organization
Reputation and brand
Shareholder value
Market confidence
Regulatory compliance
• Fines
• Jail time
–
–
–
–
Market share
Customer privacy
Ongoing, uninterrupted operations
Morale of organizational members
CERT: Recommendations for
Governing Organizational Security
• How Much Security is Enough?
– “Management’s perspective needs to shift
From
Scope:
Technical problem
Ownership: Enterprise
Funding:
Expense
Focus:
Intermittent
Driver:
External
Application: Platform/practice
Goal:
IT security
To
Enterprise problem
IT
Investment
Integrated
Enterprise
Process
Enterprise
CERT: Recommendations for
Governing Organizational Security
• Good Security Strategy Questions
– What needs to be protected?
• Why does it need to be protected?
• What happens if it is not protected?
– What potential adverse consequences need to be prevented?
• What will be the cost?
• How much of a disruption can we stand before we take action?
– How do we effectively manage the residual risk when protection
and prevention actions are not taken?
CERT: Recommendations for
Evolving the Security Approach
CERT: Recommendations for
Evolving the Security Approach
CERT: Recommendations for
Evolving the Security Approach
• What Does Effective Security Look Like at the
Enterprise Level?
– It’s no longer solely under IT’s control
– Achievable, measurable objectives are defined and
included in strategic and operational plans
– Functions across the organization view security as
part of their job (e.g., Audit) and are so measured
– Adequate and sustained funding is a given
– Senior executives visibly sponsor and measure this
work against defined performance parameters
– Considered a requirement of being in business