- JD Diary -

Tuesday, July 28, 2020

Test

Cloud computing is an information technology that develops to delivery of computing services such as storage, database, networking, software, analytics and much more over the internet. In other words cloud computing is a delivery of hosted services over the internet. We all are using cloud computing in everyday life activities such as Banking, Email, Media Streaming, and eCommerce all use the Cloud but without knowing it.

Clouds can divide as public cloud, private cloud and hybrid cloud based on cloud computing resources. Public cloud would be provided totally by outside vendor. Amazon, Microsoft companies are some examples for public cloud providers. A private cloud refers to cloud computing resources used by a single organization or business. Hybrid cloud combines both public and private clouds and it gives greater flexibility and more deployment options to the business. Most cloud computing services can categorized under three main categories. Identify differences of these three categories makes it easier to achieve our goals easily.

Monday, May 6, 2019

Domestic Preference in Procurement Management

In this article series I am going to explain some of the basic concepts which are used in procurement management process. Procurement management is a management method which is used in where goods and services are acquired from a different organization or firm. In this article I am expected to describe the “Domestic Preference” that regularly using with procurement management process.

The simple meaning of domestic preference can be described as giving a favor to goods manufactured in the purchaser’s country in the bid evaluation process. Domestic preference is the use of providing a real value added to local raw materials and domestic bidders, thereby promoting national industry and enterprise, when competing with foreign bidders. If the Bidding Data Sheet so specifies, the Purchaser will grant a margin of preference to goods manufactured in the Purchaser’s country for the purpose of bid comparison, the following procedures must be followed in the bid evaluation. First of all, the received bids will be classified into one of three groups, as described on follows:

1. Group A: Bids which offering goods manufactured in the purchaser’s country and,

Labor, raw materials and components are going to get from the purchaser’s country that account for more than 30% of the Ex. Factory (EXW) price.
The production facility in which they will be manufactured or assembled has been engaged in manufacturing or assembling such goods at least since the date of bid submission.

2. Group B: All other bids offering goods manufactured in the purchaser’s country but labor, raw materials and components are account for less than 30% of EXW price.

3. Group C: Bids offering goods manufactured outside the purchaser’s country that have been already imported or that will be imported.

After this classification, all evaluated bids in each group will then be compared to determine the lowest evaluated bid of each group and such lowest evaluated bids shall be compared with each other and if as a result of this comparison a bid from Group A or Group B is the lowest, it shall be selected for the award.

Ex 01:

In this situation, A3, B1 and C2 are the lowest evaluated bids of each group. From that A1 is the lowest value and it from the Group A. So that it is the selected party for the procurement.

If, as a result of the preceding comparison, the lowest evaluated bid is from Group C, the lowest evaluated bid from Group C bids will then be further compared with the lowest evaluated bid from Group A, after adding to the evaluated bid price of goods offered in the bid for Group C, for the purpose of further comparison only an amount equal to twenty (20) percent of the CIP (named place of destination) bid price. The lowest-evaluated bid determined from this last comparison shall be selected for the award.

Ex 02:

The lowest evaluated bid from Group C (C2). So that, 20% of the CIP (Cost & Insurance Pay) will be added to the C2 value. Since this value (60 + 20% = 72 ) is greater than A3 (Lowest price from Group A) , A3 is the selected party for the procurement.

Sunday, March 3, 2019

Cloud computing

Infrastructure-as-a-service (IaaS) : In IaaS, we can rent IT structure like servers and virtual machines, networks, operating systems from a cloud provider.

Platform as a service (PaaS): In PaaS, cloud providers supply an on-demand environment for developing, testing, delivering and managing software applications for developers. Heroku, Amazon’s AWS Elastic Beanstalk, and Microsoft Azure Cloud services are some examples of PaaS providers.

Software as a service (SaaS): SaaS is a method for delivering software applications over the Internet, on demand and typically on a subscription basis. Apple iCloud, Gmail, Webmail mail, Dropbox all are examples for SaaS.

Apart from day to day cloud computing using we use cloud computing for creating new apps and services, host websites and blogs, analyze data for patterns and make predictions, deliver software on demand etc. Some of the top benefits of cloud computing are flexed, disaster recovery, security, competitiveness, low cost, speed, high productivity, good performance.

References:

Azure.microsoft.com. (2018). What is cloud computing? A beginner’s guide | Microsoft Azure. [online] Available at: https://azure.microsoft.com/en-in/overview/what-is-cloud-computing/ [Accessed 3 Mar. 2019].

Saturday, March 2, 2019

Database Security

The database can described as a structured set of data. It’s a very important part in the business environment because database normally contains very sensitive data related to the organization. Hence, to protect the database against attacks and threats we should use a board range of security system. It is called as a database security.

There are various types of threats that can affect database security. The most common database threats are:

Database injection attacks - Injection attacks can give an attacker to unauthorized access to the database. It can divide as a two categories like SQL injections and NoSQL injection.

Excessive privileges - When database users are granted with privileges for their job requirements, these privileges can be abused. It can be done intentionally or unintentionally.
Legitimate privilege abuse - In some case database users may be able to abuse legitimate database for their private or unauthorized purpose.
Operating system vulnerabilities - Some operating systems and the service can cause to the unauthorized access and attacks.
Malware - Malware is a term used to refer virus, worms, ransomware, and other malware applications. It can steal sensitive data from database.

Threats to database can cause to degradation main security goals in databases such as integrity, availability and confidentiality. Database integrity means maintain accuracy and correctness data in the database. Making objects available to the legitimate users called database availability. Database confidentiality refers to the security system and protection of data from unauthorized users. Four main control measures are used to protect database against these threats and maintain to the security goals. Those are access control, inference control, flow control, data encryption. To prevent unauthorized users from accessing the database or obtain data from the database the restricting access security systems are used in database. This system called access control. Inference control is used to, published or access to users to data without revealing confidential information linked to the specific individuals among those to which the data correspond. Also known as statistical database security. Flow control is method to use preventing data from unauthorized users. It is managed data flowing to the unauthorized users. A final one is data encryption which is used to protect sensitive data that is transmitted via communication networks. It is a process that uses an algorithm to transform data stored in a database. Encryption techniques are very difficult to decode.

In an organization database administrator has the main responsibility to maintain a database security system of an organization. To ensure protection of data must consider some factors before deciding reveal the data. The main factors are data availability, access acceptability and authenticity assurance.

Data availability - If a user updating a field, then this field becomes inaccessible and other users should not able to view this data. This blocking is only temporary and only to ensure that no user sees any inaccurate data. This is typically handled by the concurrency control mechanism.
Access acceptability - Data should not reveal to unauthorized users. It should be only revealed to the authorized users. A data administrator should be careful before granting access to users. And a data administrator can deny access to a user request even if the request does not directly access a sensitive data.
Authenticity assurance - Before granting access, certain external characteristics about the user may also be considered. For example, a user may only be permitted access during working hours.

As I mentioned earlier database is the very important part of an organization. It’s like backbone of an organization. Transaction, employees, customer or supplier information, financial data, salary details are all held in databases. Hence database security is an essential part of an organization.

References:

Elmasri, N. and Navathe, E. (2002). Fundamentals of database systems. Reading, Mass.: Addison-Wesley.
Bright Hub. (2017). Types of Threats to Database Security. [online] Available at: http://www.brighthub.com/computing/smb-security/articles/61554.aspx [Accessed 2 Mar. 2019].
En.wikipedia.org. (2017). Database security. [online] Available at: https://en.wikipedia.org/wiki/Database_security [Accessed 2 Mar. 2019].