How to write a paper introduction: October 2019

Thursday, October 31, 2019

Leaders of Contemporary Public Health Promotion Services Essay

Leaders of Contemporary Public Health Promotion Services - Essay Example The issue with obesity is already in the public consciousness. Yet, despite of the multitude of proposed solution on how to curb obesity, its incidence still continue to rise at an alarming rate. Clearly, the present approach proves to be ineffective because the epidemic still pervades and this poses a challenge to public health sector leadership in years ahead on how to effectively respond to this epidemic that poses serious health risk. Narcissism can be said as a silent epidemic because its symptoms are not obvious unlike obesity where we can readily see that a person is overweight. We can feel its ill effects such as overconfidence that leads to self-destruction but having difficulty on determining if such personality trait is already a disorder. Only until recently in a study made by Twenge and Campbell that they found out that the prevalence of Narcissistic Personality Disorder (NPD) is already as pervasive as obesity. This is a unique epidemic among the younger and present generation because this is not pervasive among the older generation. People over the age of 65 had only three percent incidence of narcissm while it is 10 percent among people who are in their twenties (2009). What is more alarming with this epidemic is that it has not yet entered into the consciousness of the public mind and maybe even among health care practitioners. This poses as a greater problem because it is not recognized as an issue when it is already as pervasive as obesity. When NPD is not yet recognized as a problem, we would not know how to address the disorder that it will continue to affect unnoticed. This combined issues poses a challenge for the leaders and managers of the public health care sector over the next few years considering that they also have to address another type of epidemic that is as pervasive as obesity which is narcissism. Ã‚

Tuesday, October 29, 2019

Written Response to a poem (English Literature class) Essay

Written Response to a poem (English Literature class) - Essay Example are associated with images, the poet attempts to capture a sense of deep connection between himself and his audience that manages to transcend normal cultural or social bounds. While not all poetry is able to reach this level, Langston HughesÃ¢â‚¬â„¢ poem Ã¢â‚¬Å"Dream DeferredÃ¢â‚¬ does. In this poem, Hughes uses simile and imagery to illustrate what happens to a human soul when it is blocked from being able to fulfill its dreams. In this poem, Hughes asks a series of questions that are heavy with simile and imagery as a means of answering his opening question, Ã¢â‚¬Å"what happens to a dream deferred?Ã¢â‚¬ Each question explores a different possible answer to this question by using similes to suggest what the results of these possibilities might be. The most basic definition of a simile is that it is a comparison between two things Ã¢â‚¬â€œ objects or ideas Ã¢â‚¬â€œ that uses the words Ã¢â‚¬ËœlikeÃ¢â‚¬â„¢ or Ã¢â‚¬Ëœas.Ã¢â‚¬â„¢ The first possible response to having to defer oneÃ¢â‚¬â„¢s dreams is having the dream Ã¢â‚¬Å"dry up / like a raisin in the sunÃ¢â‚¬ (3-4). Since raisins are already dried and shriveled, a raisin in the sun is instantly understood to be something so dry and shriveled that it is no longer edible, making this an effective simile. Next, Hughes suggests that a dream deferred might Ã¢â‚¬Å"fester like a sore Ã¢â‚¬â€œ / and then runÃ¢â‚¬ (4-5). This is a particularly unpleasant compariso n as it refers to first a wound and then a deep infection that goes untreated long enough to ooze. The third possibility suggests that the deferred dream might Ã¢â‚¬Å"stink like rotten meat / or crust and sugar overÃ¢â‚¬ (6-7). Like the raisin, this possibility suggests something that has lost all of its usefulness but it goes further because it also suggests that in becoming useless for positive benefits, it has also become actively negative as it rots and putrefies. A less visible but still tangible simile is suggested through the fourth possible reaction to a dream deferred as Hughes indicates it can be like a heavy load

Sunday, October 27, 2019

Network System for Secure Communication

Network System for Secure Communication Methodology: The main methodology involved behind this research project is to provide the importance of such technology from professionals and well referred articles. Some of the general interviews will be added to the project with details showing their interest towards the current technology and also the change they see in communicating with the new technology. It on the hands of the components of IP Security that contribute to this level of secure communication: The IP Security (IPSec) Driver is used to monitor, filter, and secures the traffic throughout the system. The (ISAKMP/Oakley) abbreviated as Internet Security Association Key Management Protocol performs key exchange and management functions that oversee security issues between hosts, and provide keys which can be used with security algorithms. The IP Security Policy and the Security Associations are derived from those policies that define the security environment where two hosts can communicate. The function of Security Association API is to provide the interface between the IPSec driver, the Policy Agent and the ISAKMP. The function of the management tools is to create policies, monitor IP Security statistics, and log IP Security events. The main methodologies which are under consideration for this project are Classical encryption technologies, IP sec Tunnel, IP sec VPN, Internet Key Exchange methods, Block Cipher Data Encryption, Advanced Encryption, Symmetric ciphers, Public private key functions, Digital signature etc, which have suggested me to design a better system. Implementation: The main reason behind selecting IPSec is that it so powerful that it provides security to IP layer, and also forms the basis for all the other TCP/IP protocols. This is generally composed of two protocols: Authentication Header (AH); Encapsulating Security Payload (ESP); IPSec Implementation Methods: IPSec is comprised of several implementations architectures which are defined in RFC 2401. The IPSec implementation also depends on various factors including the version of IP used (v4 versus v6), the basic requirements of the application and other factors. End Host Implementation: Implementing IPSec in all host devices provides the most flexibility and security. It enables Ã¢â‚¬Å"end-to-endÃ¢â‚¬ security between any two devices on the network. Router Implementation: Router implementation however is a much simpler task since we only make changes to a few routers instead of hundreds or thousands of clients. It only provides protection between pairs of routers that implement IPSec, but this may be sufficient for certain applications such as virtual private networks (VPNs). The idea will be implemented after proper testing of various available methodologies. The current strategy for implementation is as follows:. We use certain open source softwares which provide encryption and decryption methods and authentication. In the actual system, the user is asked to enter details of files to be sent and also some other details about the password and the public keys if included. The required software are used in a way which helps to run a smooth process and secure operation. CONTENTS Acknowledgement I owe many thanks to people who helped supported me in doing my dissertation. Firstly, I would like to express my immense gratitude to my respected professor Mr. Dr. XXX, YYYY University, London for his support and motivation that has helped me to come up with this project. He supported me when its needed and suggested me in understanding various methodologies in my project. He also took care of my project with attention to achieve my goal. I thank to my Institution and faculty members for giving me an opportunity to do my dissertation and also for library, computer lab facilities for doing my dissertation to achieve practical results which can resolve my project related issues. I also extend my Heart full thanks to my family friends. I owe my special thanks to my Dad and his colleagues who gave me suggestions on doing my Dissertation. Abstract In the present system the network helps a particular organization to share the data by using external devices. The external devices are used to carry the data. The existing system cannot provide security, which allows an unauthorized user to access the secret files. It also cannot share a single costly printer. Many interrupts may occur within the system. Though it is advantageous we have numerous disadvantageous, somebody writes a program and can make the costly printer to misprint the data. Similarly some unauthorized user may get access over the network and may perform any illegal functions like deleting some of the sensitive information Security is the term that comes into picture when some important or sensitive information must be protected from an unauthorized access. Hence there must be some way to protect the data from them and even if he hacks the information because he should not be able to understand whats the actual information in the file, which is the main intention of the project. The project is designed to protect the sensitive information while it is in transaction in the network. There are many chances that an unauthorized person can have an access over the network in some way and can access this sensitive information. My main topic focuses on IPSec (Internet Protocol Security) is an extension to the IP protocol specified by IETF which provides security to the IP and the upper-layer protocols and cryptography in a network sharing system. It was first developed for the new IPv6 standard and then Ã¢â‚¬Å"back portedÃ¢â‚¬ to IPv4. The IPSec architecture is described in the IPSec uses two different protocols AH (Authentication Header) and ESP (Encapsulating security payload) to ensure the authentication, integrity and confidentiality of the communication. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. [2] Cryptography is the technique used to secure the data while they are in transactions. Encryption and Decryption are two techniques used under cryptography technology. Data cryptography is the art of securing the resource that is shared among the applications. The main idea behind the design is to provide a secured communication between the networks showing network level performance practically by differentiating different operating system which can ensure the security, authenticity by considering, analyzing and testing any best available methodologies. 1. Introduction: Businesses today are focused on the importance of securing customer and business data. Increasing regulatory requirements are driving need for security of data. There have been many methods which have evolved over the years to address the need for security. Many of the methods are focused at the higher layers of the OSI protocol stack, thus compensating the IPs lack in resolving security issues. These solutions can be implemented in certain situations, but they cannot be generalized because they are particularly too many applications. For example, Secure Sockets Layer (SSL) can be used for certain applications like World Wide Web access or FTP, but there are many other applications which cannot be resolved with this type of security. A solution is required to allow security at the IP level was very necessary so that all higher-layer protocols in TCP/IP could take advantage of it. When the decision was made to develop a new version of IP (IPv6), this was the golden opportunity to resolve not just the addressing problems in the older IPv4, but also resolve lack of security issues as well. Later a new security technology was developed with IPv6 in mind, but since IPv6 has taken long time to develop, and thus a solution was designed to be usable for both IPv4 and IPv6. The technology which brings a secure communications to the Internet Protocol is known as IP Security, commonly abbreviated as IPSec. IPSec services allow users to build secure tunnels through certain networks. All the data that passes through the entrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result obtained is a Virtual Private Network or VPN. This network is effectively private even though it includes machines at several different sites which are connected by the insecure Internet. Cryptography technique is used to secure the data while they are in transactions. Encryption and Decryption are two techniques which are used under cryptography technology. Data cryptography is the art of securing the resource that is shared among the applications. The Encryption and Decryption are termed as two powerful security technologies that are widely implemented to protect the data from loss and deliberate compromise. In this project the networking allows the company to share files or data without using certain external devices. Some unauthorized users may get access over the network and perform some illegal functions in certain cases like deleting files while the transaction is still on at that time encryption and then decryption techniques are implemented to secure the data. Many other attacks in cryptography are considered which lead me to research on different types of IPSec implementation methodologies in order to design the best model such that it may be suitable for the present trend of networking systems also form a platform to enable communication to the outside world. Thus in orders to implement IPSec, certain modifications are required to the systems communications routines and certain new systems processes conduct secret key negotiations. What is IPSec? An extension to the IP protocol is considered as IPSec which provides high level security to the IP and to the upper-layer protocols. This was initially developed for the new IPv6 standard and then was back ported to IPv4. IPSec provides the following security services: data origin authentication, connectionless integrity, replay protection, data confidentiality, limited traffic flow confidentiality, and key negotiation and management. It has been made mandatory by the IETF for the use of IPSec wherever feasible; the standards documents are close to completion, and there are numerous implementations. Overview of IPSec Architecture: The IPSec suite defined as a framework of open standards. The following protocols are used by IPSec to perform various functions. [2][3] IPSec provides three main facilities which are explained below: Internet key exchange(IKE and IKEv2) : This is used to set up a security association (SA) which can be done by handling negotiation of protocols and algorithms and generating the encryption and authentication keys which can be used by IPSec.[4][5] Authentication Header (AH): This is used to provide connectionless integrity and data origin authentication for IP datagrams and also provides protection against replay attacks.[6][7] Encapsulating Security Payload (ESP): This is used to provide confidentiality, data origin authentication, connectionless integrity, anti-replay service, and limited traffic flow confidentiality. [9] Both authentication and encryption are generally desired in this mechanism. Assure that unauthorized users do not penetrate the virtual private network Assure that eavesdroppers on the Internet cannot read messages sent over the virtual private network. Since both the above features are generally desirable, most implementations are likely to use ESP rather than AH. Security Association: The security Association mechanism is used for authentication (AH) and confidentiality (ESP) A one way relationship between a sender and a receiver that affords security services to the traffic carried on it. Security services are afforded to an SA for the use of AH or ESP but not both. SA identified by three parameters: Security Parameter Index (SPI) IP destination address Security protocol identifier Overview of IPSec Services and Functions: IPSec is not only assumed as a single protocol, but is rather considered as a set of services and protocols which provide a complete security solution to the IP network. These services and protocols are combined to provide various types of protection. Since IPSec usually works at the IP layer, it provides protection for any higher layer TCP/IP application or protocol without using any additional security methods, which is considered as a major strength for its implementation. General types of protection services offered by IPSec include: Encryption of user data to achieve privacy. Authentication and message integrity has to be achieved to ensure that it is not changed on route. Protection against certain types of security attacks, such as replay attacks. The ability of the devices to negotiate the security algorithms and keys required in order to meet their security needs. wo security modes called tunnel and transport are implemented to meet the various network needs. Features Benefits: IPSec is observed to be transparent by the end users. The users on the security mechanisms need not be trained. IPSec assures security measures for individuals. There is no requirement to change the software on a user or a server system. Strong security measures are applied to the entire traffic crossing the perimeter. 2. Objective: IPSec is mostly designed in order to encrypt the data between the two systems without any spoofing attacks. It is a key force of defence against internal and external attacks. However, other than these, there are many other security strategies which have prevented the security attacks. The main idea in my research is to provide a better approach to the implementation of IP Security by analyzing the present methodologies. In the implementation of this design, I am also considering different operating systems to provide a better approach towards security which can prove to be good in ideal ways. The design of such an approach is helpful in restricting any unauthorised access to the network and also helps in providing a secure and authenticated access. The main idea behind the design is to provide a secured communication between the networks independent of the operating system which can ensure the security, authenticity by considering, analyzing and testing any two best available methodologies. In my overview of RFCs available in the Internet such as Cryptography the receiver end of a particular communication channel is not aware of the sender unless the sender transmits some information with private and public keys with cipher text which can prove his authenticity. Now the receiver sends the same package with his signature and then the receiver is also authenticated mutually. Attacks may occur in different ways. There are also many ways where in such communications can be detected and using techniques like eavesdropping or sniffing or man in the middle attack. These are the three major problems for secure communications. In my research, I will attempt to design a procedure which can be easily followed in order to overcome such problems. There are many techniques available now which are better than normal communication. The major problem in such techniques is the implementation of man in the middle attack. There have been many advances to try and rectify the problems but there has always been a flaw in the design. My research is to design a system using the current technologies used to encrypt and authenticate. These techniques play a major role in the implementation of IP Security. The major interest would be in areas like encryption, decryption and authentication. Additions will be done to this research as it is implemented. The goal is to use research existing systems and to suggest a system which makes it even hard to break. It is not 100% immune to attacks but the attack may take longer to break the system than the present rate. This system will also be very safe and will be easy to use in daily life rather than something with a dozen processing steps to be followed. 2.2 SCOPE With the rapid development of Multimedia data management technologies over the internet there is need to concern about the internet there is need to concern about the security and privacy of information. In multimedia document, dissipation and sharing of data is becoming a common practice for internet based application and enterprises. As the internet forms the open source the present for all users security Forms the critical issue. Hence the transfer of information over the internet forms the critical issue. At the present situations the cryptographic techniques are used for providing Ã¢â‚¬ËœSECURITY. 2.3 PROJECT PERSPECTIVE The project Ã¢â‚¬Å"Network system for Secure CommunicationÃ¢â‚¬ is totally enhanced with the features that enable us to feel the real-time environment. Todays world is mostly employing the latest networking techniques instead of using stand-alone PCs. IPSec tunnelling or Encryption, information scrambling technology is an important security tool. By properly applying, it can provide a secure communication channel even when the underlying system and network infrastructure is not secure. This is particularly important when data passes through the shared systems or network segments where multiple people may have access to the information. In these situations, sensitive data and especially passwords should be encrypted in order to protect it from unintended disclosure or modification. 2.4 PROPOSED SYSTEM In this system Ã¢â‚¬Ëœsecurity is the term that comes into picture when some important or sensitive information must be protected from an unauthorized access. Hence there must be some way to protect the data from them and even if he hacks the information, The proposed system provides the Ã¢â‚¬Ëœsecurity and it does not allow unauthorized users to access the secret files. As per the ISO standards the security parameters are: Confidentiality Authentication Integrity Key distribution Access control CONFIDENTIALITY: Confidentiality is the protection of transmitted data from passive attacks. It can protect the data from unauthorized disclosure. AUTHENTICATION: A process used to verify the integrity of the transmitted data, especially a message. It is the process of proving ones identity to someone else. INTEGRITY: The sender and the receiver want to ensure that the content of their communication is not altered during transmission. KEY DISTRIBUTION: Key distribution can be defined as a term that refers to means of delivering a key to the communicating parties, without allowing others to see the key. ACCESS CONTROL: It is a ability to limit and control the access to host systems and applications via communication links. 3.Literature Review This project emphasis design and evaluates a computer-based system using appropriate process and tools. Most of the industry wide routers in the network implement their functionality in hardware and therefore we believe that hardware based routers are more efficient than a software-based router implementation besides that most of the work is in the research community which will be performed, using software-based routers utilizing off-the-shelf PCs. Various works have to be attempted which evaluates different protocol stack, however none of them use hardware-based routers, has such a wide range of metrics, and none investigated mechanisms. My research methodology emphasis surveys, forums from the internet and articles from IEEE (Institute of Electrical and Electronics EngineersorIEEE) a quantitative approach in advance technology. I also consider various other thesis and books which are best suitable for my project. Here following are the network related definitions, and few protocols from application layer, network and internet layer also discussed which actually gives clear idea of understanding the concepts. 3.1 IPSec Standards: IPSec is actually a collection of techniques and protocols; it is not defined in a single Internet standard. Instead, a collection of RFCs defines the architecture, services and specific protocols used in IPSec. Some of the most important of these are shown below: [RFC 2401] Security Architecture for the Internet Protocol (IPSec overview) The main IPSec document describes the architecture and general operation of the technology, and showing how the different components fit together. [RFC 2402] IP Authentication Header It defines the IPSec Authentication Header (AH) protocol used for ensuring data integrity and origin verification. [RFC 2403] The Use of HMAC-MD5-96 within ESP and AH Describes a particular encryption algorithm for use by AH and ESP called Message Digest 5 (MD5), HMAC variant. [RFC 2404] The Use of HMAC-SHA-1-96 within ESP and AH Describes a particular encryption algorithm for use by AH and ESP called Secure Hash Algorithm 1 (SHA-1), HMAC variant. [RFC 2406] IP Encapsulating and Security payload (ESP) It describes the IPSec Encapsulation Security Payload (ESP) protocol that provides data encryption for confidentiality. [RFC 2408] Internet Security Association and Key Management Protocol (ISAKMP) It defines methods for exchanging keys and negotiating security associations. [RFC 2409] The Internet Key Exchange (IKE) Describes the Internet Key Exchange (IKE) protocol used to negotiate security associations and exchange keys between devices for secure communications. It is based on ISAKMP and OAKLEY. [RFC 2412] The OAKLEY Key Determination Protocol It describes a generic protocol for key exchange. [RFC 2131] Dynamic Host Configuration Protocol (DHCP) DHCP allows a host to obtain an IP address automatically, as well as to learn additional information about subnet mask, the address of its first-hop router, and the address of its local DNS server. [RFC 2131; RFC 3022] Network Address Translation (NAT)- In an attempt to provide transparent routing to hosts, NAT devices are used to connect an isolated address realm with private unregistered addresses to an external realm with globally unique registered addresses. Domain Name System (DNS): It is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various other information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide. For example, www.example.com translates to 208.77.188.166. Windows Internet Name Service (WINS): It is Microsofts implementation of NetBIOS Name Service (NBNS), a name server and service for NetBIOS computer names. Effectively WINS is to NetBIOS names, like DNS is to domain names in fact its a central mapping of host names to network addresses. Like DNS it is broken into two parts, a Server Service (that manages the encoded Jet Database, server to server replication, service requests, and conflicts) and a TCP/IP Client component which manages the clients registration and renewal of names, and takes care of queries. VPN (Virtual Private Network) : It is a virtual computer network that exists over the top of an existing network. The purpose of a VPN is to allow communications between systems connected to the VPN using an existing shared network infrastructure as the transport, without the VPN network being aware of the existence of the underlying network backbone or without the VPN interfering with other network traffic on the backbone. A VPN between two networks is often referred to as a VPN Tunnel. Most VPN technologies can be separated into two broad categories, Secure VPNs and Trusted VPNs. Internet Protocol version 6 (IPv6): It is the next-generation Internet Protocol version designated as the successor to IPv4. It is an Internet Layer protocol for packet-switched internetworks. The main driving force for the redesign of Internet Protocol was the foreseeable IPv4 address exhaustion. IPv6 was defined in December 1998 by the Internet Engineering Task Force (IETF) with the publication of an Internet standard specification, RFC 2460. IPv6 has a vastly larger address space than IPv4. This results from the use of a 128-bit address, whereas IPv4 uses only 32 bits. This expansion provides flexibility in allocating addresses and routing traffic and eliminates the primary need for network address translation (NAT), which gained widespread deployment as an effort to alleviate IPv4 address exhaustion. Due to its security and flexibility entire Internet will be deployed byIPv6 in 2012 as expected. Tunnelling: In computer networks tunnelling protocol (delivery protocol) encapsulates the different payload protocol i.e., It carries a payload over an incompatible delivery-network. It can also provide a secure path through an untrusted network without any data loss. Transport Layer Security (TLS): Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end. Encryption: In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as cipher text). In many contexts, the word encryption also implicitly refers to the reverse process, decryption. Internet Key Exchange: Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPSec protocol suite. IKE uses a Diffie-Hellman key exchange to set up a shared session secret, from which cryptographic keys are derived. Public key techniques or, alternatively, a pre-shared key, are used to mutually authenticate the communicating parties. 4.IPSec System Architecture Authentication Header and Encapsulating Security Payload are commonly called Ã¢â‚¬Å"protocolsÃ¢â‚¬ , though this is another case where the validity of this term is debatable. They are not really distinct protocols but are implemented as headers that are inserted into IP datagrams, as we will see. They thus do the Ã¢â‚¬Å"grunt workÃ¢â‚¬ of IPSec, and can be used together to provide both authentication and privacy. IPSec protocols: The IPSec protocol family consists of two protocols: Authentication Header (AH) and Encapsulated Security Payload (ESP). Both these protocols are independent IP. AH is the IP protocol 51 and ESP is the IP protocol 50 Authentication Header: This is a member of the IPSec protocol suite. Authentication Header provides connectionless data integrity and data origin authentication of IP packets. Further, it can also provide protection against the replay attacks by using the sliding window technique and by discarding the old packets. Authentication Header also gives protection for the IP payload and all the header fields of an IP datagram. AH generally operates on the stop of IP, by using the IP protocol number 51. An AH packet diagram is shown below which describes how an AH packet can be constructed and interpreted: Field meanings: Next header: This field is an 8-bit field that mainly identifies the type of the next payload obtained after the Authentication Header. The value of this field can be chosen from the set of defined IP Protocol Numbers. RESERVED These fields are usually reserved for the future use. Payload length This defines the size of Authentication Header packet. Sequence number This field represents a monotonically increasing number which is used to prevent certain replay attacks. Security parameters index (SPI) This field is used to identify the security parameters, in combination with the IP address, and then identify the security association techniques implemented with this packet. Authentication data This field contains the integrity check value (ICV) which is necessary to authenticate the packet. This field may also contain padding. Encapsulating Security Payload: ESP which can be expanded as Encapsulating Security Payload is a member belonging of the IPSec protocol suite. IPSec achieves integrity, origin authenticity, and confidentiality protection of packets. This protocol also supports encryption-only and authentication-only configurations. However usage of only encryption technique without authentication is not recommended because it is termed insecure. ESP does not protect the IP packet header like the Authentication Header (AH) does. The packet diagram below shows how an ESP packet is constructed and interpreted: Field meanings: Security paramete Network System for Secure Communication Network System for Secure Communication Methodology: The main methodology involved behind this research project is to provide the importance of such technology from professionals and well referred articles. Some of the general interviews will be added to the project with details showing their interest towards the current technology and also the change they see in communicating with the new technology. It on the hands of the components of IP Security that contribute to this level of secure communication: The IP Security (IPSec) Driver is used to monitor, filter, and secures the traffic throughout the system. The (ISAKMP/Oakley) abbreviated as Internet Security Association Key Management Protocol performs key exchange and management functions that oversee security issues between hosts, and provide keys which can be used with security algorithms. The IP Security Policy and the Security Associations are derived from those policies that define the security environment where two hosts can communicate. The function of Security Association API is to provide the interface between the IPSec driver, the Policy Agent and the ISAKMP. The function of the management tools is to create policies, monitor IP Security statistics, and log IP Security events. The main methodologies which are under consideration for this project are Classical encryption technologies, IP sec Tunnel, IP sec VPN, Internet Key Exchange methods, Block Cipher Data Encryption, Advanced Encryption, Symmetric ciphers, Public private key functions, Digital signature etc, which have suggested me to design a better system. Implementation: The main reason behind selecting IPSec is that it so powerful that it provides security to IP layer, and also forms the basis for all the other TCP/IP protocols. This is generally composed of two protocols: Authentication Header (AH); Encapsulating Security Payload (ESP); IPSec Implementation Methods: IPSec is comprised of several implementations architectures which are defined in RFC 2401. The IPSec implementation also depends on various factors including the version of IP used (v4 versus v6), the basic requirements of the application and other factors. End Host Implementation: Implementing IPSec in all host devices provides the most flexibility and security. It enables Ã¢â‚¬Å"end-to-endÃ¢â‚¬ security between any two devices on the network. Router Implementation: Router implementation however is a much simpler task since we only make changes to a few routers instead of hundreds or thousands of clients. It only provides protection between pairs of routers that implement IPSec, but this may be sufficient for certain applications such as virtual private networks (VPNs). The idea will be implemented after proper testing of various available methodologies. The current strategy for implementation is as follows:. We use certain open source softwares which provide encryption and decryption methods and authentication. In the actual system, the user is asked to enter details of files to be sent and also some other details about the password and the public keys if included. The required software are used in a way which helps to run a smooth process and secure operation. CONTENTS Acknowledgement I owe many thanks to people who helped supported me in doing my dissertation. Firstly, I would like to express my immense gratitude to my respected professor Mr. Dr. XXX, YYYY University, London for his support and motivation that has helped me to come up with this project. He supported me when its needed and suggested me in understanding various methodologies in my project. He also took care of my project with attention to achieve my goal. I thank to my Institution and faculty members for giving me an opportunity to do my dissertation and also for library, computer lab facilities for doing my dissertation to achieve practical results which can resolve my project related issues. I also extend my Heart full thanks to my family friends. I owe my special thanks to my Dad and his colleagues who gave me suggestions on doing my Dissertation. Abstract In the present system the network helps a particular organization to share the data by using external devices. The external devices are used to carry the data. The existing system cannot provide security, which allows an unauthorized user to access the secret files. It also cannot share a single costly printer. Many interrupts may occur within the system. Though it is advantageous we have numerous disadvantageous, somebody writes a program and can make the costly printer to misprint the data. Similarly some unauthorized user may get access over the network and may perform any illegal functions like deleting some of the sensitive information Security is the term that comes into picture when some important or sensitive information must be protected from an unauthorized access. Hence there must be some way to protect the data from them and even if he hacks the information because he should not be able to understand whats the actual information in the file, which is the main intention of the project. The project is designed to protect the sensitive information while it is in transaction in the network. There are many chances that an unauthorized person can have an access over the network in some way and can access this sensitive information. My main topic focuses on IPSec (Internet Protocol Security) is an extension to the IP protocol specified by IETF which provides security to the IP and the upper-layer protocols and cryptography in a network sharing system. It was first developed for the new IPv6 standard and then Ã¢â‚¬Å"back portedÃ¢â‚¬ to IPv4. The IPSec architecture is described in the IPSec uses two different protocols AH (Authentication Header) and ESP (Encapsulating security payload) to ensure the authentication, integrity and confidentiality of the communication. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. [2] Cryptography is the technique used to secure the data while they are in transactions. Encryption and Decryption are two techniques used under cryptography technology. Data cryptography is the art of securing the resource that is shared among the applications. The main idea behind the design is to provide a secured communication between the networks showing network level performance practically by differentiating different operating system which can ensure the security, authenticity by considering, analyzing and testing any best available methodologies. 1. Introduction: Businesses today are focused on the importance of securing customer and business data. Increasing regulatory requirements are driving need for security of data. There have been many methods which have evolved over the years to address the need for security. Many of the methods are focused at the higher layers of the OSI protocol stack, thus compensating the IPs lack in resolving security issues. These solutions can be implemented in certain situations, but they cannot be generalized because they are particularly too many applications. For example, Secure Sockets Layer (SSL) can be used for certain applications like World Wide Web access or FTP, but there are many other applications which cannot be resolved with this type of security. A solution is required to allow security at the IP level was very necessary so that all higher-layer protocols in TCP/IP could take advantage of it. When the decision was made to develop a new version of IP (IPv6), this was the golden opportunity to resolve not just the addressing problems in the older IPv4, but also resolve lack of security issues as well. Later a new security technology was developed with IPv6 in mind, but since IPv6 has taken long time to develop, and thus a solution was designed to be usable for both IPv4 and IPv6. The technology which brings a secure communications to the Internet Protocol is known as IP Security, commonly abbreviated as IPSec. IPSec services allow users to build secure tunnels through certain networks. All the data that passes through the entrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result obtained is a Virtual Private Network or VPN. This network is effectively private even though it includes machines at several different sites which are connected by the insecure Internet. Cryptography technique is used to secure the data while they are in transactions. Encryption and Decryption are two techniques which are used under cryptography technology. Data cryptography is the art of securing the resource that is shared among the applications. The Encryption and Decryption are termed as two powerful security technologies that are widely implemented to protect the data from loss and deliberate compromise. In this project the networking allows the company to share files or data without using certain external devices. Some unauthorized users may get access over the network and perform some illegal functions in certain cases like deleting files while the transaction is still on at that time encryption and then decryption techniques are implemented to secure the data. Many other attacks in cryptography are considered which lead me to research on different types of IPSec implementation methodologies in order to design the best model such that it may be suitable for the present trend of networking systems also form a platform to enable communication to the outside world. Thus in orders to implement IPSec, certain modifications are required to the systems communications routines and certain new systems processes conduct secret key negotiations. What is IPSec? An extension to the IP protocol is considered as IPSec which provides high level security to the IP and to the upper-layer protocols. This was initially developed for the new IPv6 standard and then was back ported to IPv4. IPSec provides the following security services: data origin authentication, connectionless integrity, replay protection, data confidentiality, limited traffic flow confidentiality, and key negotiation and management. It has been made mandatory by the IETF for the use of IPSec wherever feasible; the standards documents are close to completion, and there are numerous implementations. Overview of IPSec Architecture: The IPSec suite defined as a framework of open standards. The following protocols are used by IPSec to perform various functions. [2][3] IPSec provides three main facilities which are explained below: Internet key exchange(IKE and IKEv2) : This is used to set up a security association (SA) which can be done by handling negotiation of protocols and algorithms and generating the encryption and authentication keys which can be used by IPSec.[4][5] Authentication Header (AH): This is used to provide connectionless integrity and data origin authentication for IP datagrams and also provides protection against replay attacks.[6][7] Encapsulating Security Payload (ESP): This is used to provide confidentiality, data origin authentication, connectionless integrity, anti-replay service, and limited traffic flow confidentiality. [9] Both authentication and encryption are generally desired in this mechanism. Assure that unauthorized users do not penetrate the virtual private network Assure that eavesdroppers on the Internet cannot read messages sent over the virtual private network. Since both the above features are generally desirable, most implementations are likely to use ESP rather than AH. Security Association: The security Association mechanism is used for authentication (AH) and confidentiality (ESP) A one way relationship between a sender and a receiver that affords security services to the traffic carried on it. Security services are afforded to an SA for the use of AH or ESP but not both. SA identified by three parameters: Security Parameter Index (SPI) IP destination address Security protocol identifier Overview of IPSec Services and Functions: IPSec is not only assumed as a single protocol, but is rather considered as a set of services and protocols which provide a complete security solution to the IP network. These services and protocols are combined to provide various types of protection. Since IPSec usually works at the IP layer, it provides protection for any higher layer TCP/IP application or protocol without using any additional security methods, which is considered as a major strength for its implementation. General types of protection services offered by IPSec include: Encryption of user data to achieve privacy. Authentication and message integrity has to be achieved to ensure that it is not changed on route. Protection against certain types of security attacks, such as replay attacks. The ability of the devices to negotiate the security algorithms and keys required in order to meet their security needs. wo security modes called tunnel and transport are implemented to meet the various network needs. Features Benefits: IPSec is observed to be transparent by the end users. The users on the security mechanisms need not be trained. IPSec assures security measures for individuals. There is no requirement to change the software on a user or a server system. Strong security measures are applied to the entire traffic crossing the perimeter. 2. Objective: IPSec is mostly designed in order to encrypt the data between the two systems without any spoofing attacks. It is a key force of defence against internal and external attacks. However, other than these, there are many other security strategies which have prevented the security attacks. The main idea in my research is to provide a better approach to the implementation of IP Security by analyzing the present methodologies. In the implementation of this design, I am also considering different operating systems to provide a better approach towards security which can prove to be good in ideal ways. The design of such an approach is helpful in restricting any unauthorised access to the network and also helps in providing a secure and authenticated access. The main idea behind the design is to provide a secured communication between the networks independent of the operating system which can ensure the security, authenticity by considering, analyzing and testing any two best available methodologies. In my overview of RFCs available in the Internet such as Cryptography the receiver end of a particular communication channel is not aware of the sender unless the sender transmits some information with private and public keys with cipher text which can prove his authenticity. Now the receiver sends the same package with his signature and then the receiver is also authenticated mutually. Attacks may occur in different ways. There are also many ways where in such communications can be detected and using techniques like eavesdropping or sniffing or man in the middle attack. These are the three major problems for secure communications. In my research, I will attempt to design a procedure which can be easily followed in order to overcome such problems. There are many techniques available now which are better than normal communication. The major problem in such techniques is the implementation of man in the middle attack. There have been many advances to try and rectify the problems but there has always been a flaw in the design. My research is to design a system using the current technologies used to encrypt and authenticate. These techniques play a major role in the implementation of IP Security. The major interest would be in areas like encryption, decryption and authentication. Additions will be done to this research as it is implemented. The goal is to use research existing systems and to suggest a system which makes it even hard to break. It is not 100% immune to attacks but the attack may take longer to break the system than the present rate. This system will also be very safe and will be easy to use in daily life rather than something with a dozen processing steps to be followed. 2.2 SCOPE With the rapid development of Multimedia data management technologies over the internet there is need to concern about the internet there is need to concern about the security and privacy of information. In multimedia document, dissipation and sharing of data is becoming a common practice for internet based application and enterprises. As the internet forms the open source the present for all users security Forms the critical issue. Hence the transfer of information over the internet forms the critical issue. At the present situations the cryptographic techniques are used for providing Ã¢â‚¬ËœSECURITY. 2.3 PROJECT PERSPECTIVE The project Ã¢â‚¬Å"Network system for Secure CommunicationÃ¢â‚¬ is totally enhanced with the features that enable us to feel the real-time environment. Todays world is mostly employing the latest networking techniques instead of using stand-alone PCs. IPSec tunnelling or Encryption, information scrambling technology is an important security tool. By properly applying, it can provide a secure communication channel even when the underlying system and network infrastructure is not secure. This is particularly important when data passes through the shared systems or network segments where multiple people may have access to the information. In these situations, sensitive data and especially passwords should be encrypted in order to protect it from unintended disclosure or modification. 2.4 PROPOSED SYSTEM In this system Ã¢â‚¬Ëœsecurity is the term that comes into picture when some important or sensitive information must be protected from an unauthorized access. Hence there must be some way to protect the data from them and even if he hacks the information, The proposed system provides the Ã¢â‚¬Ëœsecurity and it does not allow unauthorized users to access the secret files. As per the ISO standards the security parameters are: Confidentiality Authentication Integrity Key distribution Access control CONFIDENTIALITY: Confidentiality is the protection of transmitted data from passive attacks. It can protect the data from unauthorized disclosure. AUTHENTICATION: A process used to verify the integrity of the transmitted data, especially a message. It is the process of proving ones identity to someone else. INTEGRITY: The sender and the receiver want to ensure that the content of their communication is not altered during transmission. KEY DISTRIBUTION: Key distribution can be defined as a term that refers to means of delivering a key to the communicating parties, without allowing others to see the key. ACCESS CONTROL: It is a ability to limit and control the access to host systems and applications via communication links. 3.Literature Review This project emphasis design and evaluates a computer-based system using appropriate process and tools. Most of the industry wide routers in the network implement their functionality in hardware and therefore we believe that hardware based routers are more efficient than a software-based router implementation besides that most of the work is in the research community which will be performed, using software-based routers utilizing off-the-shelf PCs. Various works have to be attempted which evaluates different protocol stack, however none of them use hardware-based routers, has such a wide range of metrics, and none investigated mechanisms. My research methodology emphasis surveys, forums from the internet and articles from IEEE (Institute of Electrical and Electronics EngineersorIEEE) a quantitative approach in advance technology. I also consider various other thesis and books which are best suitable for my project. Here following are the network related definitions, and few protocols from application layer, network and internet layer also discussed which actually gives clear idea of understanding the concepts. 3.1 IPSec Standards: IPSec is actually a collection of techniques and protocols; it is not defined in a single Internet standard. Instead, a collection of RFCs defines the architecture, services and specific protocols used in IPSec. Some of the most important of these are shown below: [RFC 2401] Security Architecture for the Internet Protocol (IPSec overview) The main IPSec document describes the architecture and general operation of the technology, and showing how the different components fit together. [RFC 2402] IP Authentication Header It defines the IPSec Authentication Header (AH) protocol used for ensuring data integrity and origin verification. [RFC 2403] The Use of HMAC-MD5-96 within ESP and AH Describes a particular encryption algorithm for use by AH and ESP called Message Digest 5 (MD5), HMAC variant. [RFC 2404] The Use of HMAC-SHA-1-96 within ESP and AH Describes a particular encryption algorithm for use by AH and ESP called Secure Hash Algorithm 1 (SHA-1), HMAC variant. [RFC 2406] IP Encapsulating and Security payload (ESP) It describes the IPSec Encapsulation Security Payload (ESP) protocol that provides data encryption for confidentiality. [RFC 2408] Internet Security Association and Key Management Protocol (ISAKMP) It defines methods for exchanging keys and negotiating security associations. [RFC 2409] The Internet Key Exchange (IKE) Describes the Internet Key Exchange (IKE) protocol used to negotiate security associations and exchange keys between devices for secure communications. It is based on ISAKMP and OAKLEY. [RFC 2412] The OAKLEY Key Determination Protocol It describes a generic protocol for key exchange. [RFC 2131] Dynamic Host Configuration Protocol (DHCP) DHCP allows a host to obtain an IP address automatically, as well as to learn additional information about subnet mask, the address of its first-hop router, and the address of its local DNS server. [RFC 2131; RFC 3022] Network Address Translation (NAT)- In an attempt to provide transparent routing to hosts, NAT devices are used to connect an isolated address realm with private unregistered addresses to an external realm with globally unique registered addresses. Domain Name System (DNS): It is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various other information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide. For example, www.example.com translates to 208.77.188.166. Windows Internet Name Service (WINS): It is Microsofts implementation of NetBIOS Name Service (NBNS), a name server and service for NetBIOS computer names. Effectively WINS is to NetBIOS names, like DNS is to domain names in fact its a central mapping of host names to network addresses. Like DNS it is broken into two parts, a Server Service (that manages the encoded Jet Database, server to server replication, service requests, and conflicts) and a TCP/IP Client component which manages the clients registration and renewal of names, and takes care of queries. VPN (Virtual Private Network) : It is a virtual computer network that exists over the top of an existing network. The purpose of a VPN is to allow communications between systems connected to the VPN using an existing shared network infrastructure as the transport, without the VPN network being aware of the existence of the underlying network backbone or without the VPN interfering with other network traffic on the backbone. A VPN between two networks is often referred to as a VPN Tunnel. Most VPN technologies can be separated into two broad categories, Secure VPNs and Trusted VPNs. Internet Protocol version 6 (IPv6): It is the next-generation Internet Protocol version designated as the successor to IPv4. It is an Internet Layer protocol for packet-switched internetworks. The main driving force for the redesign of Internet Protocol was the foreseeable IPv4 address exhaustion. IPv6 was defined in December 1998 by the Internet Engineering Task Force (IETF) with the publication of an Internet standard specification, RFC 2460. IPv6 has a vastly larger address space than IPv4. This results from the use of a 128-bit address, whereas IPv4 uses only 32 bits. This expansion provides flexibility in allocating addresses and routing traffic and eliminates the primary need for network address translation (NAT), which gained widespread deployment as an effort to alleviate IPv4 address exhaustion. Due to its security and flexibility entire Internet will be deployed byIPv6 in 2012 as expected. Tunnelling: In computer networks tunnelling protocol (delivery protocol) encapsulates the different payload protocol i.e., It carries a payload over an incompatible delivery-network. It can also provide a secure path through an untrusted network without any data loss. Transport Layer Security (TLS): Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end. Encryption: In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as cipher text). In many contexts, the word encryption also implicitly refers to the reverse process, decryption. Internet Key Exchange: Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPSec protocol suite. IKE uses a Diffie-Hellman key exchange to set up a shared session secret, from which cryptographic keys are derived. Public key techniques or, alternatively, a pre-shared key, are used to mutually authenticate the communicating parties. 4.IPSec System Architecture Authentication Header and Encapsulating Security Payload are commonly called Ã¢â‚¬Å"protocolsÃ¢â‚¬ , though this is another case where the validity of this term is debatable. They are not really distinct protocols but are implemented as headers that are inserted into IP datagrams, as we will see. They thus do the Ã¢â‚¬Å"grunt workÃ¢â‚¬ of IPSec, and can be used together to provide both authentication and privacy. IPSec protocols: The IPSec protocol family consists of two protocols: Authentication Header (AH) and Encapsulated Security Payload (ESP). Both these protocols are independent IP. AH is the IP protocol 51 and ESP is the IP protocol 50 Authentication Header: This is a member of the IPSec protocol suite. Authentication Header provides connectionless data integrity and data origin authentication of IP packets. Further, it can also provide protection against the replay attacks by using the sliding window technique and by discarding the old packets. Authentication Header also gives protection for the IP payload and all the header fields of an IP datagram. AH generally operates on the stop of IP, by using the IP protocol number 51. An AH packet diagram is shown below which describes how an AH packet can be constructed and interpreted: Field meanings: Next header: This field is an 8-bit field that mainly identifies the type of the next payload obtained after the Authentication Header. The value of this field can be chosen from the set of defined IP Protocol Numbers. RESERVED These fields are usually reserved for the future use. Payload length This defines the size of Authentication Header packet. Sequence number This field represents a monotonically increasing number which is used to prevent certain replay attacks. Security parameters index (SPI) This field is used to identify the security parameters, in combination with the IP address, and then identify the security association techniques implemented with this packet. Authentication data This field contains the integrity check value (ICV) which is necessary to authenticate the packet. This field may also contain padding. Encapsulating Security Payload: ESP which can be expanded as Encapsulating Security Payload is a member belonging of the IPSec protocol suite. IPSec achieves integrity, origin authenticity, and confidentiality protection of packets. This protocol also supports encryption-only and authentication-only configurations. However usage of only encryption technique without authentication is not recommended because it is termed insecure. ESP does not protect the IP packet header like the Authentication Header (AH) does. The packet diagram below shows how an ESP packet is constructed and interpreted: Field meanings: Security paramete

Friday, October 25, 2019

The Guggenheim Museum Essay -- Personal Narrative Art Essays

The Guggenheim Museum I first visited the Guggenheim Museum two weeks ago with Claus, my friend from Germany. We had the MOMA in mind but I guess talking, talking we must have passed it by. Half an hour from the MOMA we found ourselves in front of the Guggenheim, the astonishing white building that was Frank Lloyd Wright's last project. Why not? We said to ourselves. And so we walked right in. According to the pamphlet: "The Guggenheim Museum is an embodiment of Wright's attempts to render the inherent plasticity of organic forms in architecture. His inverted ziggurat (a stepped or winding pyramidal temple of Babylonian origin) dispenses with the conventional approach to museum design, leading visitors through a series of interconnected rooms and forcing them to retrace their steps when exiting. The galleries are divided like the membranes in citrus fruit, with self-contained yet interdependent sections. The open rotunda affords viewers the unique possibility of seeing several bays of work on different levels simultaneously. The spiral design recalls a nautilus shell, with continuous spaces flowing freely one into another." At the coat check, I suddenly remembered my pen. (Afterwards, Claus because old school would jump ship, for the Guggenheim mostly contained non-objective, therefore abstract art. This thing called art, this thing called art. Is this thing called art because it resists apprehension? Only what is at stake, Claus? If art forsakes literal representation, it is merely to get at the subconscious, at things that cannot otherwise be expressed - surely there is something to be said for that! Still, he said and we let it go.) Shoulder rub, ticket stub: we were in! Avant-Garde Art is Borne .. ...r je veux pas le juger, I write on the napkin. This time I want a goodbye. At least a goodbye. I am thinking back to the day before. I am thinking back to a conversation both of us had right after our visit to the Guggenheim. In this conversation, we are parting ways because I am meeting someone for an appointment I am too civil to turn down. In this conversation Claus is saying he'll go back and rest, maybe talk to Yoshi. He's like me, I'm thinking, so goddamn civil. Everyone's going to end up doing things he doesn't want to do. Everyone's going to have his hands full of social acquaintances he doesn't care for. So I say, "You don't have to talk to Yoshi if you don't want to, you know?" I don't remember how or where we are standing anymore. The only thing I remember: his gaze towards me is oblique. "I'm just making conversation." He is saying.

Thursday, October 24, 2019

Masque of the Red Death

While Most are familiar with the gruesome nature of PoeÃ¢â‚¬â„¢s classic short story horror yarn Ã¢â‚¬Å"Masque of the Red Death,Ã¢â‚¬ most have a tendency to fixate on the action of the story and the grim proceedings that occur and do not carefully examine the role that nature plays in the short story and how the short story presents a cautionary morality tale warning people that no matter how they try, they can never escape the wrath of the natural world when it decides to wreck havoc. Poe and his contemporary authors of the 19th century presented a recurring theme in their work. This theme centers on the notion that society is inherently corrupt and that finding oneness with nature is a preferred choice. Of course, this does not mean that it was suggested that people abandon their homes in urban areas and head out to live in the forest, but it was a call to look skeptically towards the structure that society provides to them as it is not as flawless as they assume. This is seen in symbolic terms in the Ã¢â‚¬Å"Masque of the Red DeathÃ¢â‚¬ and the environment in which the masque actually occurs. In the short story, Prince Prospero and his cronies lock themselves up in ProsperoÃ¢â‚¬â„¢s mansion so as to hide from the ravages of the Red Death that has destroyed much of the population. In order to entertain themselves and hide their paranoia of death, they turn the event into a grand masque. In a way, this is a strange attempt at distract and distance themselves from the ravages of the world outside. Eventually, Prince Prospero notices a hooded individual who has snuck into ProsperoÃ¢â‚¬â„¢s home. (He is noticeable in the manner that his masque guise stands greatly out) When confronted, the stranger reveals himself to be the human embodiment of the Red Death and Prospero and his minions are doomed to succumb to the same fate as the common people they had mocked. There is great symbolism in this tale as Prospero represents the privileged upper class and the masque that he promotes within a sequestered location represents the great cities that have seemingly insulated themselves from the ravages of nature. The use of the masques can even hint that the people are hiding their true nature of paranoia and fear of what lies beyond the wall of the castle. The insolence of Prospero and his minions is seen in the following excerpt: But the Prince Prospero was happy and dauntless and sagacious. When his dominions were half depopulated, he summoned to his presence a thousand hale and light-hearted friends from among the knights and dames of his court, and with these retired to the deep seclusion of one of his castellated abbeys. This was an extensive and magnificent structure, the creation of the prince's own eccentric yet august taste. A strong and lofty wall girdled it in. This wall had gates of iron. The courtiers, having entered, brought furnaces and massy hammers and welded the bolts. In this situation, it appears that Prospero holds a bizarre arrogance that if he re-enforces his castle, then he can keep out the brutality of the Red Death. This is a small scale version of the use of society and urbanized areas to control, curb and detain the natural world. Of course, there are limits to societyÃ¢â‚¬â„¢s value in this regard as nature wields force that can easily overwhelm any city. The Red Death, while a disease, is a being of natural selection. Pestilence has one primary purpose: to thin the heard when the population of the heard grows to a dangerous extreme. When nature has decided on its course of action, often, it is unidirectional in its approach and next to impossible to deter. And now was acknowledged the presence of the Red Death. He had come like a thief in the night. And one by one dropped the revelers in the blood-bedewed halls of their revel, and died each in the despairing posture of his fall. And the life of the ebony clock went out with that of the last of the gay. And the flames of the tripods expired. And Darkness and Decay and the Red Death held illimitable dominion over all. In other words, nature, taking the form of pestilence, will not be stopped nor will it be denied its primary purpose. To this end, Prospero is doomed as will anyone who believes they can curb or dominate or escape nature.

Wednesday, October 23, 2019

Bolman and Deal

Nur Aiysha Ghazali ENGM 264 Paper #1-Bolman & Deal Bolman and Deal discuss about for frames; structural, human resource, political and symbolic. Each frame has its own characteristics, where and how the situation is applied in organization. A leader or authority of companies sometimes would apply these frames in their organization in order to tackle their employees. However, I will only discuss about 3 frames that most gave the impact to me when I read this book. The first frame that is valuable is human resources. The human resource frame talks about how organizations and people do to and for one another.Family is the suitable metaphor for organization to describe the situation. The example given in the book was about three Nucor Corp electricians who flew and drove to Arkansas and spent 24 hours to fix the failed electric grid. This example shows that they do not need their boss to tell them to go and fix it. As soon as they heard the bad news, they promptly caught a flight and arr ived there even though it was already past midnight. That action deserves some compliments-; if it happened to me, I would rather have a good sleep first and then we will see tomorrow how we are going to deal with that.The weird thing is, on what basis they made such a sacrifice for their company? This is how the human resource frame applies. Their company invests in their employeesÃ¢â‚¬â„¢ workforce in order to maintain their success. The Nucor Corp pays big bonuses to their employees based on their output and companyÃ¢â‚¬â„¢s success, thus to catch a flight to Arkansas is just a piece of cake, considering the big gain they would get. Pareto Principle stated that 80% of the profit is made by 20% of the effective employees of an organization.What Nucor Corp did was to make the 20% effective employees stay to work for them and they will only stay if the work they did worth the money they will get. However, not all companies behave just like Nucor does. Ã¢â‚¬Å"The Company MenÃ¢â‚¬ m ovie is a good example of how opposite they are from Nucor. The GTX authority chose to spend the money on new building and new executive offices instead of their employees. They fired their employees, including Bobby (Ben Affleck) who has quite a position in the company. Business still is all that matters to them, not charity. The human resource frame was not applied in this movie.The human resource frame in a company applies when the authority shows appreciation towards their employee, not just giving them paycheck, but keeping their job also shows gratitude from the company. The fired employees only have one of these skills: business, administration or secretariat. Just imagine how they could survive in the real world competition and whatÃ¢â‚¬â„¢s worse their age usually makes it harder to apply for jobs where thousands of fresh graduates can do the same thing. Watching this movie, I have realized that my decision to take Engineering Management as a minor is a good decision.I may graduate with Mechanical Engineering degree, but who knows there might be conflict later in my life, and the minor would actually help me get a job again. If the company that I work with does not apply human resource frame, just like the GTX, it is not a bad idea to have few different skills to survive in this concrete jungle. If I get fired in my forties, by then it should be okay to start doing consulting job, as I have gained many experiences from my previous work before. Backup plan is essential to avoid being a jobless.If someday I have the chance to have my own company, I would try my best to apply human resource in the management, such as scholarship for the employeesÃ¢â‚¬â„¢ children in order to improve the mutual relationship between the authority and employees. The second frame is political frame. The political frame sees an organization as a jungle Ã¢â‚¬â€ an arena of enduring differences, scarce resources, power negotiations and conflict. For example, theory in Cyert an d March book stated that small firms operate with the guide of theÃ‚ entrepreneur, but larger corporation has bigger responsibilities, hence they operate in another way.These larger firms are coalitions of individuals or groups, which may include managers, stockholders, workers, suppliers and so on. It is crucial to realize that the political frame does not attribute politics to individual selfishness or incompetence. But it attributes it to the fundamental organizational properties of interdependence, enduring differences and scarcity. Bolman and Deal claimed that US space shuttles: Columbia and Challenger were brought down by politics.A day before the launch, NASA and the Morton Thiokol Corporation, the contractor for the shuttleÃ¢â‚¬â„¢s solid- fuel rocket motor made emergency conference and Thiokol engineers requested to superiors and NASA to delay the launch. However, ThiokolÃ¢â‚¬â„¢s monopoly was under attack, and the corporationÃ¢â‚¬â„¢s executives were not confident to risk their billion-dollar contract by cancelling shuttle flight operations long enough just to correct insignificant flaws in the booster joint design. NASAÃ¢â‚¬â„¢s schedule also was falling behind, and they needed money from the Congress if the shuttle was delayed again.Hence, to avoid all the consequences, they still launched the shuttle and it exploded right a few minutes after the take-off. The example that I can see is when we watched the downfall of Enron interview video, where one of the possible reasons of the bankruptcy point to former president, George Bush. The Enron scandal, which has laid waste to thousands of employees' life savings and revealed questionable ties to the Bush White House and members of Congress, spotlights a conflict of interest in government and shouts the need for campaign finance reform.While Congress battles over campaign finance reform, the political parties are actually raising more soft money contributions than ever before. Soft money allows unlimit ed contributions to political parties from corporations, labor unions and rich individuals to national, state and local political parties. As we can see here is that the political frame applies where some bargaining must have been done between Enron and political party in order to obtain power, if the accusation is true though. If not, the greedy Enron executives must have formed coalition and made some high-risk deals and manipulation to achieve their goals.On the surface, the downfall of Enroll in one night is due to the motives and greed attitudes behind decisions made by the executives. The company failed to report its financial affairs fully, followed by financial restatements disclosing billions of dollars of omitted liabilities and losses, leading to its collapse. It was the first time in history where a huge company like Enron can go down just in a blink of eyes, which people could have never imagined that could happen. Furthermore, strategic leaders can form coalitions with others, network informally, and negotiate and bargain to achieve agreement on certain plans of action.Someday, if I will be a leader in an oil and gas company, even with a structure of advisors and officers, a budget and other resources, I may not be able to achieve as much success as I wish, despite having the legal power. Others are able to utilize other forms of power, including public opinion and political influence to achieve what they might want, which could be contrary to what I desire. For example, if I decide to build new factory to expand the company, the public would go mad saying how it would create air and noise pollution in their residences.But, the thing is the land does not belong to the public. If the coalition can be made between the land owners and the authorities, then the project is possible despite the conflict arises from the public. Conflict would always arise if it is about political frame. If the conflict does not disturb the main goal of the coalition, th en just let it be. The third concept is about symbolic frame. Stories and fairy tales are one of the organization symbols, for example how the leader of the company worked hard during his youth to be who he is today.Stories carry values and serve as powerful modes of communication and instruction. Furthermore, the stories got passed down from one generation to next one, and that distinguishes the company from other companies. There can be various stories though, where it can be about the employeesÃ¢â‚¬â„¢ loyalty or other values related to the company. Bolman and Deal uses the example of ex-chancellor of Vanderbilt University, which John Wyatt told a very simple story that gave emphasis to the sacred side of teaching, one of the universityÃ¢â‚¬â„¢s core values, in an unusually dramatic way.Also from what I have observed, Prof Jordan uses a lot of his own experience to tell stories in class. One of the stories that he told in our class last year was about one of his friendÃ¢â‚¬â„¢s f riend, who was a billionaire, got bankrupt and he was already old that time, what was worse, his wife left him. He quoted Ã¢â‚¬Å"There are three things you do not want to happen to you at the same time; old, broke and alone. Ã¢â‚¬ I still remember it until now because it happens to society nowadays and it is indeed very true. His stories are not comforting, but the reality really hits you big time if they are based on true stories.Just like what he did, effective organizations are full of good stories, and good stories stuck in your brain forever. Another real life example I found in a movie is where it often happens in a divorced family. The mother would usually talk about how the jobless father always gets drunk every night to the children, and eventually that leads to their divorce. The main point is not about how she bad-mouths her ex-husband, but it is more likely she is giving advice to his son to not be like that, or for the girl to not choose guys like that when she grows up.I can see the symbolic assumption in here; what is most important is not what happens but what it means. This will be useful in my future because even though you have died, good stories about you stay. For instance, if I invent some technology to help people, the stories about how workaholic I was to serve the community, or how modest I was would go around for ages. Just imagine how many people would be inspired by those stories and more updated and advanced technology would be continued by these people. The stories would be continued generation to generation, and that is one of the ways for long-term company development.The real life example for the statements would be the late Steve Jobs. As discussed above, all these frames are important in every aspects of life. Everyone would have to deal with these things since we all need to work in an organization after graduating. We have to know the skills to reframe the organizations where it fits in order to be an effective leader or manager. I think most successful companies applied these frames in their management to develop their company. It may seem insignificant, but Enron had its lesson, so it is not possible to happen to other organization.