Numerous poems Essay

Numerous poems tackle the theme of loneliness using invented or any of the variety of available poetic forms. Most often, the feeling is expressed through either a single and extended metaphor or through a number of interconnected imageries with the purpose of creating a tight and unified construction that would arouse the reader’s empathy towards the poem’s meaning. In poems like these, the focus is the metaphors used to put the theme across. The form is also important, but secondary to content. However, for other poets meaning can be conveyed equally by both content and form. For e. e. cumming, the form can even dictate the metaphor. His post-modernist poem â€Å"leaf falls on loneliness† illustrates how structure can be used to communicate the meaning of a poem even more that its metaphor, thus evoking varied and more vast experiences with the reading. The nine-line poem consists of one to five letters per line. Seven lines are made up of two letters each, one line has three letters, while the longest final line has five. The entire poem spells out the word â€Å"loneliness†. The word is interrupted, however, by a phrase written inside a parenthesis: â€Å"a leaf falls†. The interruption occurs after the first letter, cutting off the letter â€Å"l† from the rest of the word. The irregularity in the grouping of letters is not arbitrary. The form of the poem obviously seeks to approximate the fall of a leaf. One could imagine the leaf as it sways from side to side, then twirls in space looking like a narrow spinning band, until it eventually rests flat on the ground during the poem’s longest final line. The visual fall makes the reader understand the poem’s metaphor: loneliness, like a falling leaf, is a sinking feeling. The image of a falling leaf is a cliche but e. e. cummings makes his poem different not only by employing a unique structure scheme but also by putting both the metaphorical image and the theme stated plainly together in the poem. A greeting card or an amateur exposition would attempt to define the word â€Å"loneliness†. An inferior poet would only focus on the â€Å"falling leaf† metaphor and wax poetic about the possible meanings behind the image. Cummings put both together and in the process does not only call the reader’s attention to the connection of the words with the image but, because of the placement of the letters, raises other points of discussion. For instance, the detachment of the letter â€Å"l† from the word â€Å"loneliness† only means that to be lonely means to be detached from the rest of humanity as much as a falling leaf gets detached from the rest of the leaves in a branch. This is further emphasized with the parenthesis, another symbol of breaking-off one part from the whole where it came from. Still another interpretation for the interruption may be that the feeling of loneliness occurs when one’s life is interrupted by the sight of a falling leaf, which is a metaphor for many sad things in life. Also, the letter â€Å"l† in the first line, which reappears on the eighth line, may also be read as the number one, a solitary figure. A lonely person feels alone. Finally, the poem’s form and metaphors bring upon the reader’s mind other images of loneliness. The metaphor of the falling leaf recalls autumn with its falling leaves, people at the brink of death or snow on a bleak winter’s night falling on a desolate landscape. All these pictures are used in many poems expounding on the same theme and all these associations will be awakened within the reader because while the poem is sparse, it has the ability to involve the reader to deep thought. Meanwhile, the slimness of the poem evokes the briefness of life. At the same time, it could mean the fluid downward movement of life, after one has passed the prime of life, the individual slows down to old age until he dies, and nothing would remain eventually. At first glance, the disinterested reader may think that e. e. cummings has employed gimmickry with â€Å"leaf falls on loneliness. † Closer inspection and repeated readings would prove, however, that unlike most poems whose beauty rests on the metaphors used in the lines, the form of a poem can also be exploited to be the metaphor itself. It can elicit so many associations, making the reading more profound as when one tries to make meanings out of words in another poem. Cumming’s poem is a great example of how form can also dictate the beauty of a poem.

Cypop 5 Task 6

Task 6 Maintaining a good relationship needs a lot of information for it to work, it is essential for the parents to be involved as they are the MOST important person in the child’s life. Without communication and information a small problem can quickly turn into a large problem which will be more difficult to solve. The parents are the ones that know their child the best and also hold the key to all their little ways. We as childminders help the children to develop to their best potential, by involving the parents we can all work together on the same page to give the child the consistency they need to develop.Good communication is a vital part of the relationship between parents, children and childminders; this will make sure that the child and parents know how they are getting on and what has been happening whilst the child is in your setting. This can be maintained by regular meetings to discuss the child’s progress and also any problems that may be occurring. These discussions may reveal changes in the child’s home/social life so will have to be handled sensitively.When the parents have decided to use my service I will give them a copy of my contract and ask them to take it away to read and to sign it. In the first meeting the parents will be given all the information needed to make a decision whether or not to send their child to me. This information could include availability and costing, I will also give a tour of my facilities and an explanation of the activities that I will provide. Routines are important in a child’s life, where possible I will endeavour to work with them. Every child’s needs are different, from nap times to special diets etc.From the first session with the child/parents I will work with them both to find out their needs and have them planned into the days activities. An agreement will be made between myself and the parents to provide what the child needs to develop and anything that the child is or is not allowed, e. g. sweets, TV, toys etc. Where possible the children will be involved in decision making, for example what activities they would like to do, what to eat for lunch etc providing these decisions are practicable and fall within the agreed guidelines.It is important to let the children take part in the day to day running of the setting wherever it is safe to do so, this will give them a sense of responsibility and achievement. Routines change and differ from child to child; a child of 12 months would have a different routine to a child of 5 years. As a child grows I will make sure that the routine is changed to suit the needs of the child. For example they may need a shorter nap time or if they are an older child then make sure their homework is done. Dinner times etc may need to be changed to reflect the changing routines.As a child grows the need for things like nappy changing, 1:1 feeding and nap time decrease and the time for playing and interacting increases. Onc e the child reaches school they may need to have increased relaxation time so that they can adjust to a school routine, and more quiet time so that any homework can be completed. The way in which I will welcome a new child to my setting would be to introduce myself and the others in My household to the child and maybe â€Å"buddy† them up with another child-if possible of a similar age to themselves.The new child will then have someone they can turn to for any help if they do not want to come to me. I will make sure that any special comforters are identified before hand and brought with the child on the first day so that there is something familiar they can be comfortable with. From the outset the child will be involved in some of the decision making, and I will be there if they have any problems or if they just need a cuddle. I could help them settle in by knowing any information that might help, i. . any siblings, pets, favourite family members/toys etc. I could use this in formation to help them in the transition from home to childminder; this may be the first time they have been away from their parents. All the children in my care will be treated equally and with respect, but I will also take into account different cultural differences. The children in my care will be encouraged to learn about other people’s cultures, history and backgrounds, this could include food, religious festivals, music etc.

Principles of Information Security, 4th Ed. – Michael E. Whitman Chap 01

Licensed to: CengageBrain User Licensed to: CengageBrain User Principles of Information Security, Fourth Edition Michael E. Whitman and Herbert J. Mattord Vice President Editorial, Career Education & Training Solutions: Dave Garza Director of Learning Solutions: Matthew Kane Executive Editor: Steve Helba Managing Editor: Marah Bellegarde Product Manager: Natalie Pashoukos Development Editor: Lynne Raughley Editorial Assistant: Jennifer Wheaton Vice President Marketing, Career Education & Training Solutions: Jennifer Ann Baker Marketing Director: Deborah S.Yarnell Senior Marketing Manager: Erin Coffin Associate Marketing Manager: Shanna Gibbs Production Manager: Andrew Crouth Content Project Manager: Brooke Greenhouse Senior Art Director: Jack Pendleton Manufacturing Coordinator: Amy Rogers Technical Edit/Quality Assurance: Green Pen Quality Assurance  © 2012 Course Technology, Cengage Learning For more information, contact or find us on the World Wide Web at: www. course. com ALL R IGHTS RESERVED.No part of this work covered by the copyright herein may be reproduced, transmitted, stored or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information networks, or information storage and retrieval systems, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without the prior written permission of the publisher.For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, 1-800-354-9706 For permission to use material from this text or product, submit all requests online at cengage. com/permissions Further permission questions can be emailed to [email  protected] comLibrary of Congress Control Number: 2010940654 ISBN-13: 978-1-111-13821-9 ISBN-10: 1-111-13821-4 Course Technology 20 Channel Center Boston, MA 02210 USA Cengage Learning is a leading provider of custo mized learning solutions with office locations around the globe, including Singapore, the United Kingdom, Australia, Mexico, Brazil, and Japan. Locate your local office at: international. cengage. com/region. Cengage Learning products are represented in Canada by Nelson Education, Ltd. For your lifelong learning solutions, visit course. cengage. com Purchase any of our products at your local college store or at our preferred online store www. engagebrain. com. Printed in the United States of America 1 2 3 4 5 6 7 8 9 14 13 12 11 10 Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it . Licensed to: CengageBrain User hapter 1 Introduction to Information Security Do not figure on opponents not attacking; worry about your own lack of preparation. BOOK OF THE FIVE RINGS For Amy, the day began like any other at the Sequential Label and Supply Company (SLS) help desk. Taking calls and helping office workers with computer problems was not glamorous, but she enjoyed the work; it was challenging and paid well. Some of her friends in the industry worked at bigger companies, some at cutting-edge tech companies, but they all agreed that jobs in information technology were a good way to pay the bills.The phone rang, as it did on average about four times an hour and about 28 times a day. The first call of the day, from a worried user hoping Amy could help him out of a jam, seemed typical. The call display on her monitor gave some of the facts: the user’s name, his phone number, the department in which he worked, where his office was on the company campus, and a list of all the calls he’d made in the past. â€Å"Hi, Bob,† she said. â€Å"Did you get that document formatting problem squared away? † â€Å"Sure did, Amy. Hope we can figure out what’s going on this time. † â€Å"We’ll try, Bob. Tell me about it. † â€Å"Well, my PC is acting weird,† Bob said. When I go to the screen that has my e-mail program running, it doesn’t respond to the mouse or the keyboard. † â€Å"Did you try a reboot yet? † 1 Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageB rain User Chapter 1 â€Å"Sure did. But the window wouldn’t close, and I had to turn it off. After it restarted, I opened the e-mail program, and it’s just like it was before—no response at all. The other stuff is working OK, but really, really slowly. Even my Internet browser is sluggish. † â€Å"OK, Bob. We’ve tried the usual stuff we can do over the phone. Let me open a case, and I’ll dispatch a tech over as soon as possible. † Amy looked up at the LED tally board on the wall at the end of the room. She saw that there were only two technicians dispatched to deskside support at the moment, and since it was the day shift, there were four available. Shouldn’t be long at all, Bob. † She hung up and typed her notes into ISIS, the company’s Information Status and Issues System. She assigned the newly generated case to the deskside dispatch queue, which would page the roving deskside team with the details in just a few minutes. A moment later, Amy looked up to see Charlie Moody, the senior manager of the server administration team, walking briskly down the hall. He was being trailed by three of his senior technicians as he made a beeline from his office to the door of the server room where the company servers were kept in a controlled environment. They all looked worried.Just then, Amy’s screen beeped to alert her of a new e-mail. She glanced down. It beeped again—and again. It started beeping constantly. She clicked on the envelope icon and, after a short delay, the mail window opened. She had 47 new e-mails in her inbox. She opened one from Davey Martinez, an acquaintance from the Accounting Department. The subject line said, â€Å"Wait till you see this. † The message body read, â€Å"Look what this has to say about our managers’ salaries†¦Ã¢â‚¬  Davey often sent her interesting and funny e-mails, and she failed to notice that the file attachment icon was unu sual before she clicked it.Her PC showed the hourglass pointer icon for a second and then the normal pointer reappeared. Nothing happened. She clicked the next e-mail message in the queue. Nothing happened. Her phone rang again. She clicked the ISIS icon on her computer desktop to activate the call management software and activated her headset. â€Å"Hello, Tech Support, how can I help you? † She couldn’t greet the caller by name because ISIS had not responded. â€Å"Hello, this is Erin Williams in receiving. † Amy glanced down at her screen. Still no ISIS.She glanced up to the tally board and was surprised to see the inbound-call-counter tallying up waiting calls like digits on a stopwatch. Amy had never seen so many calls come in at one time. â€Å"Hi, Erin,† Amy said. â€Å"What’s up? † â€Å"Nothing,† Erin answered. â€Å"That’s the problem. † The rest of the call was a replay of Bob’s, except that Amy had to jot notes down on a legal pad. She couldn’t dispatch the deskside support team either. She looked at the tally board. It had gone dark. No numbers at all. Then she saw Charlie running down the hall from the server room. He didn’t look worried anymore. He looked frantic. Amy picked up the phone again.She wanted to check with her supervisor about what to do now. There was no dial tone. Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 3LEARNING OBJECTIVES: Upon completion of this material, you should be able to: †¢ †¢ †¢ †¢ †¢ Define information security Recount the history of computer security, and explain how it evolved into information security Define key terms and critical concepts of information security Enumerate the phases of the security systems development life cycle Describe the information security roles of professionals within an organization 1 Introduction James Anderson, executive consultant at Emagined Security, Inc. , believes information security in an enterprise is a â€Å"well-informed sense of assurance that the information risks and controls are in balance. He is not alone in his perspective. Many information security practitioners recognize that aligning information security needs with business objectives must be the top priority. This chapter’s opening scenario illustrates that the information risks and controls are not in balance at Sequential Label and Supply. Though Amy works in a technical support role and her job is to solve technical problems, it does not occur to her that a malicious software program, like a worm or virus, might be the agent of the company’s current ills.Management also shows signs of confusion and seems to have no idea how to contain this kind of incident. If you were in Amy’s place and were faced with a similar situation, what would you do? How would you react? Would it occur to you that something far more insidious than a technical malfunction was happening at your company? As you explore the chapters of this book and learn more about information security, you will become better able to answer these questions. But before you can begin studying the details of the discipline of information security, you must first know the history and evolution of the field.The History of Information Security The history of information security begins with computer security. The need for computer security—that is, the need to secure physical locations, hardware, and softwa re from threats— arose during World War II when the first mainframes, developed to aid computations for communication code breaking (see Figure 1-1), were put to use. Multiple levels of security were implemented to protect these mainframes and maintain the integrity of their data.Access to sensitive military locations, for example, was controlled by means of badges, keys, and the facial recognition of authorized personnel by security guards. The growing need to maintain national security eventually led to more complex and more technologically sophisticated computer security safeguards. During these early years, information security was a straightforward process composed predominantly of physical security and simple document classification schemes. The primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage.One of the first documented security problems that fell outside these categories occurred in the early 196 0s, when a systems administrator was working on an MOTD Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.Licensed to: CengageBrain User 4 Chapter 1 Earlier versions of the German code machine Enigma were ? rst broken by the Poles in the 1930s. The British and Americans managed to break later, more complex versions during World War II. The increasingly complex versions of the Enigma, especially the submarine or Unterseeboot version of the Enigma, caused considerable anguish to Allied forces before ? nally being cracked. The information gained from decrypted transmissions was used to anticipate the actions of German armed forces. Some ask why, if we were reading the Enigma, we did not win the war earlier. One might ask, instead, when, if ever, we would have won the war if we hadn’t read it. †1 Figure 1-1 The Enigma Source: Courtesy of National Security Agency (message of the day) file, and another administrator was editing the password file. A software glitch mixed the two files, and the entire password file was printed on every output file. 2 The 1960s During the Cold War, many more mainframes were brought online to accomplish more complex and sophisticated tasks.It became necessary to enable these mainframes to communicate via a less cumbersome process than mailing magnetic tapes between computer centers. In response to this need, the Department of Defense’s Advanced Research Project Agency (ARPA) began examining the feasibility of a redundant, networked communications system to support the military’s exchange of information. Larr y Roberts, known as the founder of the Internet, developed the project—which was called ARPANET—from its inception. ARPANET is the predecessor to the Internet (see Figure 1-2 for an excerpt from the ARPANET Program Plan).The 1970s and 80s During the next decade, ARPANET became popular and more widely used, and the potential for its misuse grew. In December of 1973, Robert M. â€Å"Bob† Metcalfe, who is credited Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience.Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 5 1 Figure 1-2 Development of the ARPANET Program Plan3 Source: Courtesy of Dr. Lawrence Roberts with the development of Ethernet, one of the most popular networking protocols, identified fundamental problems with ARPANET security. Individual remote sites did not have sufficient controls and safeguards to protect data from unauthorized remote users.Other problems abounded: vulnerability of password structure and formats; lack of safety procedures for dial-up connections; and nonexistent user identification and authorization to the system. Phone numbers were widely distributed and openly publicized on the walls of phone booths, giving hackers easy access to ARPANET. Because of the range and frequency of computer security violations and the explosion in the numbers of hosts and users on ARPANET, network security was referred to as network insecurity. In 1978, a famous study entitled â€Å"Protection Analysis: Final Report† was published. It focused on a project undertaken by ARPA to discover the vulnerabilitie s of operating system security. For a timeline that includes this and other seminal studies of computer security, see Table 1-1. The movement toward security that went beyond protecting physical locations began with a single paper sponsored by the Department of Defense, the Rand Report R-609, which attempted to define the multiple controls and mechanisms necessary for the protection of a multilevel computer system.The document was classified for almost ten years, and is now considered to be the paper that started the study of computer security. The security—or lack thereof—of the systems sharing resources inside the Department of Defense was brought to the attention of researchers in the spring and summer of 1967. At that time, systems were being acquired at a rapid rate and securing them was a pressing concern for both the military and defense contractors. Copyright 2011 Cengage Learning. All Rights Reserved.May not be copied, scanned, or duplicated, in whole or in pa rt. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 6 Chapter 1 Date 1968 1973 1975 1978 Documents Maurice Wilkes discusses password security in Time-Sharing Computer Systems.Schell, Downey, and Popek examine the need for additional security in military systems in â€Å"Preliminary Notes on the Design of Secure Military Computer Systems. †5 The Federal Information Processing Standards (FIPS) examines Digital Encryption Standard (DES) in the Federal Register. Bisbey and Hollingworth publish their study â€Å"Protection Analysis: Final Report,† discussing the Protection Analysis project created by ARPA to better understand the vulnerabilities of opera ting system security and examine the possibility of automated vulnerability detection techniques in existing system software. Morris and Thompson author â€Å"Password Security: A Case History,† published in the Communications of the Association for Computing Machinery (ACM). The paper examines the history of a design for a password security scheme on a remotely accessed, time-sharing system. Dennis Ritchie publishes â€Å"On the Security of UNIX† and â€Å"Protection of Data File Contents,† discussing secure user IDs and secure group IDs, and the problems inherent in the systems. Grampp and Morris write â€Å"UNIX Operating System Security. In this report, the authors examine four â€Å"important handles to computer security†: physical control of premises and computer facilities, management commitment to security objectives, education of employees, and administrative procedures aimed at increased security. 7 Reeds and Weinberger publish â€Å"File Secu rity and the UNIX System Crypt Command. † Their premise was: â€Å"No technique can be secure against wiretapping or its equivalent on the computer. Therefore no technique can be secure against the systems administrator or other privileged users †¦ the naive user has no chance. 8 1979 1979 1984 1984 Table 1-1 Key Dates for Seminal Works in Early Computer Security In June of 1967, the Advanced Research Projects Agency formed a task force to study the process of securing classified information systems. The Task Force was assembled in October of 1967 and met regularly to formulate recommendations, which ultimately became the contents of the Rand Report R-609. 9 The Rand Report R-609 was the first widely recognized published document to identify the role of management and policy issues in computer security.It noted that the wide utilization of networking components in information systems in the military introduced security risks that could not be mitigated by the routine pra ctices then used to secure these systems. 10 This paper signaled a pivotal moment in computer security history—when the scope of computer security expanded significantly from the safety of physical locations and hardware to include the following: Securing the data Limiting random and unauthorized access to that data Involving personnel from multiple levels of the organization in matters pertaining to information securityMULTICS Much of the early research on computer security centered on a system called Multiplexed Information and Computing Service (MULTICS). Although it is now obsolete, MULTICS is noteworthy because it was the first operating system to integrate security into Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience.Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 7 its core functions. It was a mainframe, time-sharing operating system developed in the mid1960s by a consortium of General Electric (GE), Bell Labs, and the Massachusetts Institute of Technology (MIT). In mid-1969, not long after the restructuring of the MULTICS project, several of its developers (Ken Thompson, Dennis Ritchie, Rudd Canaday, and Doug McIlro) created a new operating system called UNIX.While the MULTICS system implemented multiple security levels and passwords, the UNIX system did not. Its primary function, text processing, did not require the same level of security as that of its predecessor. In fact, it was not until the early 1970s that even the simplest component of security, the password function, became a component of UNIX. In the late 1970s, the microprocessor brought the personal computer and a new age of computing. The PC became the workhorse of modern computing, thereby moving it out of the data center.This decentralization of data processing systems in the 1980s gave rise to networking—that is, the interconnecting of personal computers and mainframe computers, which enabled the entire computing community to make all their resources work together. 1 The 1990s At the close of the twentieth century, networks of computers became more common, as did the need to connect these networks to each other. This gave rise to the Internet, the first global network of networks. The Internet was made available to the general public in the 1990s, having previously been the domain of government, academia, and dedicated industry professionals.The Internet brought connectivity to virtually all computers that could reach a phone line or an Internet-connected local area network (LAN). After the Internet was commercialized, the tec hnology became pervasive, reaching almost every corner of the globe with an expanding array of uses. Since its inception as a tool for sharing Defense Department information, the Internet has become an interconnection of millions of networks. At first, these connections were based on de facto standards, because industry standards for interconnection of networks did not exist at that time.These de facto standards did little to ensure the security of information though as these precursor technologies were widely adopted and became industry standards, some degree of security was introduced. However, early Internet deployment treated security as a low priority. In fact, many of the problems that plague e-mail on the Internet today are the result of this early lack of security. At that time, when all Internet and e-mail users were (presumably trustworthy) computer scientists, mail server authentication and e-mail encryption did not seem necessary.Early computing approaches relied on secu rity that was built into the physical environment of the data center that housed the computers. As networked computers became the dominant style of computing, the ability to physically secure a networked computer was lost, and the stored information became more exposed to security threats. 2000 to Present Today, the Internet brings millions of unsecured computer networks into continuous communication with each other. The security of each computer’s stored information is now contingent on the level of security of every other computer to which it is connected.Recent years have seen a growing awareness of the need to improve information security, as well as a realization that information security is important to national defense. The growing threat of Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience.Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 8 Chapter 1 cyber attacks have made governments and companies more aware of the need to defend the computer-controlled control systems of utilities and other critical infrastructure. There is also growing concern about nation-states engaging in information warfare, and the possibility that business and personal information systems could become casualties if they are undefended.What Is Security? In general, security is â€Å"the quality or state of being secure—to be free from danger. †11 In other words, protection against adversaries—from those who would do harm, intentionally or otherwise—is the objective. National security, for example, is a multilayered system that protects the sovereignty of a st ate, its assets, its resources, and its people. Achieving the appropriate level of security for an organization also requires a multifaceted system.A successful organization should have the following multiple layers of security in place to protect its operations: Physical security, to protect physical items, objects, or areas from unauthorized access and misuse Personnel security, to protect the individual or group of individuals who are authorized to access the organization and its operations Operations security, to protect the details of a particular operation or series of activities Communications security, to protect communications media, technology, and content Network security, to protect networking components, connections, and contents Information security, to protect the confidentiality, integrity and availability of information assets, whether in storage, processing, or transmission. It is achieved via the application of policy, education, training and awareness, and techno logy.The Committee on National Security Systems (CNSS) defines information security as the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. 12 Figure 1-3 shows that information security includes the broad areas of information security management, computer and data security, and network security. The CNSS model of information security evolved from a concept developed by the computer security industry called the C. I. A. triangle. The C. I. A. triangle has been the industry standard for computer security since the development of the mainframe. It is based on the three characteristics of information that give it value to organizations: confidentiality, integrity, and availability.The security of these three characteristics of information is as important today as it has always been, but the C. I. A. triangle model no longer adequately addresses the constantly changing environment. The threats to the c onfidentiality, integrity, and availability of information have evolved into a vast collection of events, including accidental or intentional damage, destruction, theft, unintended or unauthorized modification, or other misuse from human or nonhuman threats. This new environment of many constantly evolving threats has prompted the development of a more robust model that addresses the complexities of the current information security environment.The expanded model consists of a list of critical characteristics of information, which are described in the next Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 9 1 Information security Figure 1-3 Components of Information SecuritySource: Course Technology/Cengage Learning section. C. I. A. triangle terminology is used in this chapter because of the breadth of material that is based on it. Key Information Security Concepts This book uses a number of terms and concepts that are essential to any discussion of information security. Some of these terms are illustrated in Figure 1-4; all are covered in greater detail in subsequent chapters. Access: A subject or object’s ability to use, manipulate, modify, or affect another subject or object. Authorized users have legal access to a system, whereas hackers have illegal access to a system. Access controls regulate this ability.Asset: The organizational resource that is being protected. An asset can be logical, such as a Web site, information, or data; or an asset can be physical, such as a person, c omputer system, or other tangible object. Assets, and particularly information assets, are the focus of security efforts; they are what those efforts are attempting to protect. Attack: An intentional or unintentional act that can cause damage to or otherwise compromise information and/or the systems that support it. Attacks can be active or passive, intentional or unintentional, and direct or indirect. Someone casually reading sensitive information not intended for his or her use is a passive attack.A hacker attempting to break into an information system is an intentional attack. A lightning strike that causes a fire in a building is an unintentional attack. A direct attack is a hacker using a personal computer to break into a system. An indirect attack is a hacker compromising a system and using it to attack other systems, for example, as part of a botnet (slang for robot network). This group of compromised computers, running software of the attacker’s choosing, can operate autonomously or under the attacker’s direct control to attack systems and steal user information or conduct distributed denial-of-service attacks. Direct attacks originate from the threat itself.Indirect attacks originate from a compromised system or resource that is malfunctioning or working under the control of a threat. Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 10 Chapter 1 Vulnerability: Buffer overflow in online database Web interfaceThreat: Theft Threat agent: Ima Hacker Exploit: Script from MadHackz Web site Attack: Ima Hacker downloads an exploit from MadHackz web site and then accesses buybay’s Web site. Ima then applies the script which runs and compromises buybay's security controls and steals customer data. These actions cause buybay to experience a loss. Asset: buybay’s customer database Figure 1-4 Information Security Terms Source: Course Technology/Cengage Learning Control, safeguard, or countermeasure: Security mechanisms, policies, or procedures that can successfully counter attacks, reduce risk, resolve vulnerabilities, and otherwise improve the security within an organization.The various levels and types of controls are discussed more fully in the following chapters. Exploit: A technique used to compromise a system. This term can be a verb or a noun. Threat agents may attempt to exploit a system or other information asset by using it illegally for their personal gain. Or, an exploit can be a documented process to take advantage of a vulnerability or exposure, usually in software, that is either inherent in the software or is created by the attacker. Exploits make use of existing software tools or custom-made software components. Exposure: A condition or state of being exposed. In information security, exposure exists when a vulnerability known to an attacker is present.Loss: A single instance of an information asset suffering damage or unintended or unauthorized modification or disclosure. When an organization’s information is stolen, it has suffered a loss. Protection profile or security posture: The entire set of controls and safeguards, including policy, education, training and awareness, and technology, that the Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience.Cen gage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 11 organization implements (or fails to implement) to protect the asset. The terms are sometimes used interchangeably with the term security program, although the security program often comprises managerial aspects of security, including planning, personnel, and subordinate programs. Risk: The probability that something unwanted will happen. Organizations must minimize risk to match their risk appetite—the quantity and nature of risk the organization is willing to accept.Subjects and objects: A computer can be either the subject of an attack—an agent entity used to conduct the attack—or the object of an attack—the target entity, as shown in Figure 1-5. A computer can be both the subject and object of an attack, when, for example, it is compromised by an attack (object), and is then used to attack other systems (subject). Threat: A category of objects, persons, or other entities that presents a danger to an asset. Threats are always present and can be purposeful or undirected. For example, hackers purposefully threaten unprotected information systems, while severe storms incidentally threaten buildings and their contents. Threat agent: The specific instance or a component of a threat.For example, all hackers in the world present a collective threat, while Kevin Mitnick, who was convicted for hacking into phone systems, is a specific threat agent. Likewise, a lightning strike, hailstorm, or tornado is a threat agent that is part of the threat of severe storms. Vulnerability: A weaknesses or fault in a system or protection mechanism that opens it to attack or damage. Some examples of vulnerabilities are a flaw in a software package, an unprotected system port, and an unlocked door. Some well-known vulnerabilities have been examined, documented, and pu blished; others remain latent (or undiscovered). 1 Critical Characteristics of InformationThe value of information comes from the characteristics it possesses. When a characteristic of information changes, the value of that information either increases, or, more commonly, decreases. Some characteristics affect information’s value to users more than others do. This can depend on circumstances; for example, timeliness of information can be a critical factor, because information loses much or all of its value when it is delivered too late. Though information security professionals and end users share an understanding of the characteristics of subject object Figure 1-5 Computer as the Subject and Object of an Attack Source: Course Technology/Cengage LearningCopyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Edit orial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 12 Chapter 1 information, tensions can arise when the need to secure the information from threats conflicts with the end users’ need for unhindered access to the information.For instance, end users may perceive a tenth-of-a-second delay in the computation of data to be an unnecessary annoyance. Information security professionals, however, may perceive that tenth of a second as a minor delay that enables an important task, like data encryption. Each critical characteristic of information—that is, the expanded C. I. A. triangle—is defined in the sections below. Availability Availability enables authorized users—persons or computer systems—to access information without interference or obstr uction and to receive it in the required format. Consider, for example, research libraries that require identification before entrance.Librarians protect the contents of the library so that they are available only to authorized patrons. The librarian must accept a patron’s identification before that patron has free access to the book stacks. Once authorized patrons have access to the contents of the stacks, they expect to find the information they need available in a useable format and familiar language, which in this case typically means bound in a book and written in English. Accuracy Information has accuracy when it is free from mistakes or errors and it has the value that the end user expects. If information has been intentionally or unintentionally modified, it is no longer accurate. Consider, for example, a checking account.You assume that the information contained in your checking account is an accurate representation of your finances. Incorrect information in your che cking account can result from external or internal errors. If a bank teller, for instance, mistakenly adds or subtracts too much from your account, the value of the information is changed. Or, you may accidentally enter an incorrect amount into your account register. Either way, an inaccurate bank balance could cause you to make mistakes, such as bouncing a check. Authenticity Authenticity of information is the quality or state of being genuine or original, rather than a reproduction or fabrication.Information is authentic when it is in the same state in which it was created, placed, stored, or transferred. Consider for a moment some common assumptions about e-mail. When you receive e-mail, you assume that a specific individual or group created and transmitted the e-mail—you assume you know the origin of the e-mail. This is not always the case. E-mail spoofing, the act of sending an e-mail message with a modified field, is a problem for many people today, because often the mo dified field is the address of the originator. Spoofing the sender’s address can fool e-mail recipients into thinking that messages are legitimate traffic, thus inducing them to open e-mail they otherwise might not have.Spoofing can also alter data being transmitted across a network, as in the case of user data protocol (UDP) packet spoofing, which can enable the attacker to get access to data stored on computing systems. Another variation on spoofing is phishing, when an attacker attempts to obtain personal or financial information using fraudulent means, most often by posing as another individual or organization. Pretending to be someone you are not is sometimes called pretexting when it is undertaken by law enforcement agents or private investigators. When used in a phishing attack, e-mail spoofing lures victims to a Web server that does not represent the organization it purports to, in an attempt to steal their private data such as account numbers and passwords.The most c ommon variants include posing as a bank or brokerage company, e-commerce organization, or Internet service provider. Even when authorized, pretexting does not always lead to a satisfactory outcome. In 2006, the CEO of Hewlett-Packard Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.Licensed to: CengageBrain User Introduction to Information Security 13 Corporation, Patricia Dunn, authorized contract investigators to use pretexting to â€Å"smokeout† a corporate director suspected of leaking confidential information. The resulting firestorm of negative publicity led to Ms. D unn’s eventual departure from the company. 13 1 Confidentiality Information has confidentiality when it is protected from disclosure or exposure to unauthorized individuals or systems. Confidentiality ensures that only those with the rights and privileges to access information are able to do so. When unauthorized individuals or systems can view information, confidentiality is breached.To protect the confidentiality of information, you can use a number of measures, including the following: Information classification Secure document storage Application of general security policies Education of information custodians and end users Confidentiality, like most of the characteristics of information, is interdependent with other characteristics and is most closely related to the characteristic known as privacy. The relationship between these two characteristics is covered in more detail in Chapter 3, â€Å"Legal and Ethical Issues in Security. † The value of confidentiality of information is especially high when it is personal information about employees, customers, or patients. Individuals who transact with an organization expect that their personal information will remain confidential, whether the organization is a federal agency, such as the Internal Revenue Service, or a business. Problems arise when companies disclose confidential information.Sometimes this disclosure is intentional, but there are times when disclosure of confidential information happens by mistake—for example, when confidential information is mistakenly e-mailed to someone outside the organization rather than to someone inside the organization. Several cases of privacy violation are outlined in Offline: Unintentional Disclosures. Other examples of confidentiality breaches are an employee throwing away a document containing critical information without shredding it, or a hacker who successfully breaks into an internal database of a Web-based organization and steals sensitive information about the clients, such as names, addresses, and credit card numbers.As a consumer, you give up pieces of confidential information in exchange for convenience or value almost daily. By using a â€Å"members only† card at a grocery store, you disclose some of your spending habits. When you fill out an online survey, you exchange pieces of your personal history for access to online privileges. The bits and pieces of your information that you disclose are copied, sold, replicated, distributed, and eventually coalesced into profiles and even complete dossiers of yourself and your life. A similar technique is used in a criminal enterprise called salami theft. A deli worker knows he or she cannot steal an entire salami, but a few slices here or there can be taken home without notice.Eventually the deli worker has stolen a whole salami. In information security, salami theft occurs when an employee steals a few pieces of information at a time, knowing that taking more wou ld be noticed—but eventually the employee gets something complete or useable. Integrity Information has integrity when it is whole, complete, and uncorrupted. The integrity of information is threatened when the information is exposed to corruption, Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 14 Chapter 1 Offline Unintentional Disclosures In February 2005, the data aggregation and brokerage firm ChoicePoint revealed that it had been duped into releasing personal information about 145,000 people to identity thieves during 2004. The perpetr ators used stolen identities to create obstensibly legitimate business entities, which then subscribed to ChoicePoint to acquire the data fraudulently.The company reported that the criminals opened many accounts and recorded personal information on individuals, including names, addresses, and identification numbers. They did so without using any network or computer-based attacks; it was simple fraud. 14 While the the amount of damage has yet to be compiled, the fraud is feared to have allowed the perpetrators to arrange many hundreds of instances of identity theft. The giant pharmaceutical organization Eli Lilly and Co. released the e-mail addresses of 600 patients to one another in 2001. The American Civil Liberties Union (ACLU) denounced this breach of privacy, and information technology industry analysts noted that it was likely to influence the public debate on privacy legislation.The company claimed that the mishap was caused by a programming error that occurred when patients w ho used a specific drug produced by the company signed up for an e-mail service to access support materials provided by the company. About 600 patient addresses were exposed in the mass e-mail. 15 In another incident, the intellectual property of Jerome Stevens Pharmaceuticals, a small prescription drug manufacturer from New York, was compromised when the FDA released documents the company had filed with the agency. It remains unclear whether this was a deliberate act by the FDA or a simple error; but either way, the company’s secrets were posted to a public Web site for several months before being removed. 16 damage, destruction, or other disruption of its authentic state. Corruption can occur while information is being stored or transmitted.Many computer viruses and worms are designed with the explicit purpose of corrupting data. For this reason, a key method for detecting a virus or worm is to look for changes in file integrity as shown by the size of the file. Another key method of assuring information integrity is file hashing, in which a file is read by a special algorithm that uses the value of the bits in the file to compute a single large number called a hash value. The hash value for any combination of bits is unique. If a computer system performs the same hashing algorithm on a file and obtains a different number than the recorded hash value for that file, the file has been compromised and the integrity of the information is lost.Information integrity is the cornerstone of information systems, because information is of no value or use if users cannot verify its integrity. Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 15File corruption is not necessarily the result of external forces, such as hackers. Noise in the transmission media, for instance, can also cause data to lose its integrity. Transmitting data on a circuit with a low voltage level can alter and corrupt the data. Redundancy bits and check bits can compensate for internal and external threats to the integrity of information. During each transmission, algorithms, hash values, and the error-correcting codes ensure the integrity of the information. Data whose integrity has been compromised is retransmitted. 1 Utility The utility of information is the quality or state of having value for some purpose or end.Information has value when it can serve a purpose. If information is available, but is not in a format meaningful to the end user, it is not useful. For example, to a private citizen U. S. Census data can quickly become overwhelming and difficult to interpret; however, for a politician, U. S. Census data reveals information about the residents in a district, such as their race, gender, and age. This information can help form a politician’s next campaign strategy. Possession The possession of information is the quality or state of ownership or control. Information is said to be in one’s possession if one obtains it, independent of format or other characteristics.While a breach of confidentiality always results in a breach of possession, a breach of possession does not always result in a breach of confidentiality. For example, assume a company stores its critical customer data using an encrypted file system. An employee who has quit decides to take a copy of the tape backups to sell the customer records to the competition. The removal of the tapes from their secure environment is a breach of possession. But, because the data is encrypted, neither the e mployee nor anyone else can read it without the proper decryption methods; therefore, there is no breach of confidentiality. Today, people caught selling company secrets face increasingly stiff fines with the likelihood of jail time.Also, companies are growing more and more reluctant to hire individuals who have demonstrated dishonesty in their past. CNSS Security Model The definition of information security presented in this text is based in part on the CNSS document called the National Training Standard for Information Systems Security Professionals NSTISSI No. 4011. (See www. cnss. gov/Assets/pdf/nstissi_4011. pdf. Since this document was written, the NSTISSC was renamed the Committee on National Security Systems (CNSS)— see www. cnss. gov. The library of documents is being renamed as the documents are rewritten. ) This document presents a comprehensive information security model and has become a widely accepted evaluation standard for the security of information systems.T he model, created by John McCumber in 1991, provides a graphical representation of the architectural approach widely used in computer and information security; it is now known as the McCumber Cube. 17 The McCumber Cube in Figure 1-6, shows three dimensions. If extrapolated, the three dimensions of each axis become a 3 3 3 cube with 27 cells representing areas that must be addressed to secure today’s information systems. To ensure system security, each of the 27 areas must be properly addressed during the security process. For example, the intersection between technology, integrity, and storage requires a control or safeguard that addresses the need to use technology to protect the integrity of information while in storage.One such control might be a system for detecting host intrusion that protects the integrity of Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party co ntent may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 16 Chapter 1 Figure 1-6 The McCumber Cube18 Source: Course Technology/Cengage Learning information by alerting the security administrators to the potential modification of a critical file.What is commonly left out of such a model is the need for guidelines and policies that provide direction for the practices and implementations of technologies. The need for policy is discussed in subsequent chapters of this book. Components of an Information System As shown in Figure 1-7, an information system (IS) is much more than computer hardware; it is the entire set of software, hardware, data, people, procedures, and networks that make possible the use of information r esources in the organization. These six critical components enable information to be input, processed, output, and stored. Each of these IS components has its own strengths and weaknesses, as well as its own characteristics and uses.Each component of the information system also has its own security requirements. Software The software component of the IS comprises applications, operating systems, and assorted command utilities. Software is perhaps the most difficult IS component to secure. The exploitation of errors in software programming accounts for a substantial portion of the attacks on information. The information technology industry is rife with reports warning of holes, bugs, weaknesses, or other fundamental problems in software. In fact, many facets of daily life are affected by buggy software, from smartphones that crash to flawed automotive control computers that lead to recalls.Software carries the lifeblood of information through an organization. Unfortunately, software programs are often created under the constraints of project management, which limit time, cost, and manpower. Information security is all too often implemented as an afterthought, rather than developed as an integral component from the beginning. In this way, software programs become an easy target of accidental or intentional attacks. Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 17 1 Figure 1-7 Components of an Information System Source: Course Technology/Cengage Learning Hardware Hardware is the physical te chnology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system. Physical security policies deal with hardware as a physical asset and with the protection of physical assets from harm or theft.Applying the traditional tools of physical security, such as locks and keys, restricts access to and interaction with the hardware components of an information system. Securing the physical location of computers and the computers themselves is important because a breach of physical security can result in a loss of information. Unfortunately, most information systems are built on hardware platforms that cannot guarantee any level of information security if unrestricted access to the hardware is possible. Before September 11, 2001, laptop thefts in airports were common. A two-person team worked to steal a computer as its owner passed it through the conveyor scanning devices.The first perpetrator ente red the security area ahead of an unsuspecting target and quickly went through. Then, the second perpetrator waited behind the target until the target placed his/her computer on the baggage scanner. As the computer was whisked through, the second agent slipped ahead of the victim and entered the metal detector with a substantial collection of keys, coins, and the like, thereby slowing the detection process and allowing the first perpetrator to grab the computer and disappear in a crowded walkway. While the security response to September 11, 2001 did tighten the security process at airports, hardware can still be stolen in airports and other public places.Although laptops and notebook computers are worth a few thousand dollars, the information contained in them can be worth a great deal more to organizations and individuals. Data Data stored, processed, and transmitted by a computer system must be protected. Data is often the most valuable asset possessed by an organization and it is the main target of intentional attacks. Systems developed in recent years are likely to make use of database Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User 18 Chapter 1 management systems. When done properly, this should improve the security of the data and the application. Unfortunately, many system development projects do not make full use of the database management system’s security capabilities, and in some cases the database is implemented in ways that are less secure than traditional file systems. People Though often overlooked in co mputer security considerations, people have always been a threat to information security.Legend has it that around 200 B. C. a great army threatened the security and stability of the Chinese empire. So ferocious were the invaders that the Chinese emperor commanded the construction of a great wall that would defend against the Hun invaders. Around 1275 A. D. , Kublai Khan finally achieved what the Huns had been trying for thousands of years. Initially, the Khan’s army tried to climb over, dig under, and break through the wall. In the end, the Khan simply bribed the gatekeeper—and the rest is history. Whether this event actually occurred or not, the moral of the story is that people can be the weakest link in an organization’s information security program.And unless policy, education and training, awareness, and technology are properly employed to prevent people from accidentally or intentionally damaging or losing information, they will remain the weakest link. S ocial engineering can prey on the tendency to cut corners and the commonplace nature of human error. It can be used to manipulate the actions of people to obtain access information about a system. This topic is discussed in more detail in Chapter 2, â€Å"The Need for Security. † Procedures Another frequently overlooked component of an IS is procedures. Procedures are written instructions for accomplishing a specific task. When an unauthorized user obtains an organization’s procedures, this poses a threat to the integrity of the information.For example, a consultant to a bank learned how to wire funds by using the computer center’s procedures, which were readily available. By taking advantage of a security weakness (lack of authentication), this bank consultant ordered millions of dollars to be transferred by wire to his own account. Lax security procedures caused the loss of over ten million dollars before the situation was corrected. Most organizations distrib ute procedures to their legitimate employees so they can access the information system, but many of these companies often fail to provide proper education on the protection of the procedures. Educating employees about safeguarding procedures is as important as physically securing the information system.After all, procedures are information in their own right. Therefore, knowledge of procedures, as with all critical information, should be disseminated among members of the organization only on a need-to-know basis. Networks The IS component that created much of the need for increased computer and information security is networking. When information systems are connected to each other to form local area networks (LANs), and these LANs are connected to other networks such as the Internet, new security challenges rapidly emerge. The physical technology that enables network functions is becoming more and more accessible to organizations of every size.Applying the traditional tools of phys ical security, such as locks and keys, to restrict access to and interaction with the hardware components of an information system are still important; but when computer systems are networked, this approach is no longer enough. Steps to provide network Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Licensed to: CengageBrain User Introduction to Information Security 19 security are essential, as is the implementation of alarm and intrusion ystems to make system owners aware of ongoing compromises. 1 Balancing Information Security and Access Even with the best planning and imple mentation, it is impossible to obtain perfect information security. Recall James Anderson

Communiction Theories Essay Example | Topics and Well Written Essays - 250 words - 5

Communiction Theories - Essay Example Production of communication is on different levels with different kinds of individuals. When strangers meet for the first time, they do not know a lot about each other, they converse so that they can know each other better (Littlejohn & Foss 246). The individuals go through definite steps as well as checkpoints so that uncertainty can be diminished about one other and shape a thought of whether one individual likes or detests the other. Whatever one of the individuals says cannot ultimately be true and may leave the other individual with uncertainty. As individuals communicate they make plans to achieve their goals. These plans may include passive strategies by observing the individual, active strategies by asking other individuals about the personality or looking up information, and interactive strategies by making inquiries and self-disclosure. At extremely uncertain time’s individuals become more cautious and depend more on data presented in diverse circumstances, which they find truthful. When individuals do not have a lot of certainty they lose self-assurance, in their individual plans and put together contingency plans (Littlejohn & Foss 287). Elevated heights of uncertainty builds distance among individuals and non-verbal self-expression have a propensity to assist in the trim down of this uncertainty. Berger generates theorems by combining axioms to capitulate a predictable conclusion. For instance, if connection reduces uncertainty and diminished uncertainty elevates liking, then it is obvious that connection and liking are optimistically interconnected. This can be proved because this correlation exists in extensively reputable findings in studies on interpersonal

Ancident and Medieval Cities History Question 2 Essay

Ancident and Medieval Cities History Question 2 - Essay Example For example, figure 3.4 shows a boat being towed across a river which means river traffic is being controlled by the administrators on land. This certainly shows that the city had grown to a point where traffic on the river could cause confusion and even traffic jams which had to be avoided in order to keep Rome running efficiently. Just as the Romans had created pathways for clean water coming into the city and pathways for removing dirty water out of the city, their river transport systems allowed more to be done in less time. Of course the input of more goods coming from around the empire meant that the Romans needed specific ways and better methods for storing the goods that were coming to them. To handle this, they created granaries like the ones shown in figure 3.5 which allowed food and grain to remain fresh for longer periods of time than before. As reported by Dunn et. al. (2006), technological innovations allow cities to build more and grow at a faster rate than other cities and the expansion of Rome not only created the requirement for improved technology, it also answered the requirements with improvements in technology. In fact, such innovations are just a few of the total innovations which the Romans called on to help them in growing their city in a stable manner. For example, the presence of social services such as a city wide fire management system and the ability of their engineers to build multistory houses and apartment buildings only helped in expanding the city (Wikipedia, 2007). At the same time, their engineers and technologists also helped in expanding the overall size of the Roman Empire with the creation of empire wide systems of management that were greatly helped by the Roman development of paved roads and tracks. These roads allowed not only the fast movement of troops and legions but also of goods

Assignment #7 PKG 381 Example | Topics and Well Written Essays - 250 words

#7 PKG 381 - Assignment Example st part of sustainability is based on reducing the wastes that a company produces to the environment and at the same time changing the company to become completely sustainable in the future. Industries that would have the most positive environmental impact when they are engaged into sustainable practices include oil and gas industries, fertilizer, paper, motor vehicle and other industries that uses chemicals and release chemical wastes to the environment. These industries would have the most positive impact to the environment in case they engage on sustainable practices since through such practices, they will reduce lot of pollution they cause to the environment. At the same time, such industries are known for releasing some of the most harmful gases as well as minerals to the atmosphere. Such gases like carbon monoxide, sulphur dioxide and others are very harmful when inhaled by humans. At the same time, they form part of the ozone gases that cause the greenhouse effect to our environment, leading to global warming. Heavy metal such as Lead are also released by industries such as fertilizer industries, to the nearby drainages that empty their waters to the water stream s used by humans. Such metals are harmful to human lie as they cause cancerous conditions in

Liability for defective construction and design Essay

Liability for defective construction and design - Essay Example However, there are certain stipulations that must be met under different legal systems in order to ensure that the dispensation of justice is fair to all involved parties. The legal code in practice in the United Arab Emirates derives a number of different elements from English law but still has subtle differences when it comes to practice. This paper will look into the various kinds of protections offered under English law and UAE law for tortuous liability on grounds of defective construction and design. The discussion in this paper will be focused on the relationship between the developer (or contractor as applicable) and the end consumer who buys the constructed product or services in order to form a comparison of which legal system provides greater protection to the end buyer. Tortious Liability for Defective Construction and Design A number of legal systems provide for tortious liability for acts of omission and commission practiced by the contractor. It is possible to classify building defects using two clear classifications: patent defects and latent defects. While the former deals with defects that are visible to the contractor, consultant and other involved parties, the latter refers to defects that appear years after the building is complete. As far as patent defects are concerned, the involved parties can detect and deal with the defects as they appear unless the project owner is not satisfied. However, it is possible that latent defects remain and only appear after the building is taken into service. For example, it is typical to find leaking plumbing, easily broken floor tiles and the like once a property is taken into custody. The law does provide for remedies in these situations but such remedies are subject to certain stipulations such as time bars. English Law English law dictates that any defects observed after a takeover of constructed property must be evaluated through the Limitation Act of 1980. It is common practice for the parties involv ed i.e. the contractor and the project owner to agree to a period where any discovered defects would be rectified. It is typical to see contractual agreements between parties that stipulate periods of between one year and two years, after the completion of construction, to deal with any discovered defects1. This would apply solely to latent defects as common practice shows that patent defects are removed prior to building handover by the project owner or end consumer. Another set of circumstances would emerge if there are no such clauses available in the construction contract to deal with defects in the post construction completion scenario. In such circumstances, the aggrieved party has the option to go to a court of law in order to deal with any damages incurred due to the contractor’s actions. It must be taken to note that tort actions for such cases under English law are only possible if the tort claim is brought before the case no later than six years after the damage ha s been caused2. Technically the date that the damage is notice or secured is better known as â€Å"the date of action accrued†3. Here it must be taken to note that the involved parties may reduce or increase the period settled by the Limitation Act (1980) for tort claims to occur. It is common court practice not to interfere with the actions of

History of Architecture Essay Example | Topics and Well Written Essays - 1750 words - 1

History of Architecture - Essay Example It will also reveal innovative new building technologies and strategies that can help and restore the viability of a natural cycle (History of architecture, 12). This essay will also touch on the main functions of a shelter and how humans have continuously adapted to differing environments through an amazing diversity of structure. Humans are required to live harmoniously with each other for future growth of the environment. This essay will discuss the nature of dwelling (from the urban scale to the â€Å"home†) in the built environment from the 18th-21st centuries, putting into consideration the scale of the city and the individual or multi-family dwelling. In addition, this essay will describe the design global and the local-built environment from the 18th-21st century and what were happening during the age of reason or enlightenment period, the modern period, and the postmodern period. The traces that are found in caves makes us believe that early humans were living in cave s. The bones they gnawed, even their own bones, and the flints they used were creped around for ever in a cave but get scattered or demolished somewhere else. Caves were winter shelters, and none wished to remain inside on a summer day. This is similar to the response that our ancestors portrayed. The right to travel extensively for the goals of hunting as well as gathering called for the need for at least a short-term shelter. The demand for shelter brought about the beginning of architecture (Pryce, 19). The early human needed a shelter against rain and sun hence they would lean some protective shields, for example, they used leafy branches against the trunk of a tree. Traces of early dwellings that can be counted as reliable were found for as early as 30,000 years ago. The circular or oval ring of stones together with the local materials that was used to act as a tent-like roof was enough evidence that the early humans practiced architecture. An encampment from 25,000 years ago h as been at Dolni Vestonice in Eastern Europe. The evolution of architecture shifted form tents to round houses by around 8000 BC. By 6500 BC, human beings lived in houses with straight walls, which had windows. From the 5th to the 2nd millennium, the construction of Stone Age graves and temples was acquired, and it became common. Multi-family dwelling also known as a multi-dwelling unit or multi-family residential is a categorization of the housing element for the non-commercial populace is contained within one or several building within one complex (McIntyre et al, 15). One common form of a multi-family dwelling is an apartment building. In some cases, multi-family dwelling building is owned individually instead of leasing from a single apartment building owner. There are different types of multi-family dwelling. These include two flat, which is commonly built on a house lot. The second one is a three flat which is similar to two flat, but it contains three flats; they are most com mon. Another type of multi-family dwelling is a four flat apartment (Graff, 17). Duplex or semi-detached - one building, which consist of two houses, townhouse – this is a type of house that is attached to townhouses. There is also the apartment, mixed used building, and apartment community. A one-family dwelling might be referred to as a semi-detached housing. In this case, each unit is separate from another. This makes it easier to sell the

Total Quality Management Essay Example | Topics and Well Written Essays - 3500 words - 1

Total Quality Management - Essay Example Various ways of improvements that can lead to its success and development of the company in a more holistic way has also been discussed in this study. Total Quality Management (TQM) at Toyota Japanese organisations were the first to adopt quality management principles during the early 1950s (Ho, 2011, p. 12). The fundamental concepts behind TQM which include methods like Just-in-Time (JIT) and "jidoka" meaning in-station quality were not originally developed by Toyota. However the production followed by Toyota are widely studied and followed by many organisations operating their businesses worldwide. Kaizen or continuous quality forms the basis of Toyota Production System (TPS). Kaizen is found to be enforced at almost every levels of the company. It helps in increasing the commitment levels of the employees of the organization, thereby helping it to reduce its costs and increase in its performance levels. The total quality management system followed by Toyota is commonly known as To yota Production System (TPS). ... The organisation needs to have a top-down approach towards implementing TQM to have any kind of meaningful effects generating out of it. Hence the TQM strategy needs to be initiated by the top management of the organisation and from there it would percolate down to all the management levels of the organisation. 2) The Scope: The scope of TQM within an organisation is not limited to certain people or departments. To implement TQM in the organisational system it is necessary to involve each and every individual working for the company and it also needs to include all the business processes carried on within the organisation. There must be some pre-defined goals or objectives of the organisation and each of the departments of the company would be working together for the fulfilment of the goals of the organisation as a whole. 3) The Scale: Each and every person working for an organisation are meant to have some responsibilities at the personal levels for the improvement and maintenance of quality of the products or services offered by the company and ensuring the satisfaction of its customers. Along with the external customers associated with a business organisation, the internal customers who are mainly the employees of the organisation are also required to be satisfied with the working environment within the company. Proper communication levels and teamwork must be ensured through concerted efforts by all the internal customers of the organisation. 4) The Philosophy: The philosophy behind the concept of TQM is that it does not aim for detection of any kinds of defects or errors but is aimed at the prevention of occurrence of such defects or errors. Hence in

Transport Security Administration (TSA) Essay Example | Topics and Well Written Essays - 2500 words

Transport Security Administration (TSA) - Essay Example sm, the defense team could not afford to watch the devastating effects of such criminals taking destructive actions on innocent people and the American economy once again. The 2001 attack executed through hijacked aircrafts by the terrorists left over three thousand people dead, and thousands more with serious injuries, besides the destruction of billions of property in the crime event. The chain of events in the various states targeted such as New York, Pennsylvania and Washington DC, led to rethinking of the federal security. Working closely to the DHS, TSA was formed and has been controlling people’s movement into and out of the United States; more so, it has committed itself in strengthening the transport system and securing commerce activities for American’s safety for the last 13 years, and hopefully into the future (TSA, tsa.gov). Though it’s quite inclined on the aviation security, there has been increasing attention on the highways, subways and other ent ry and exit terminals used in transportation. Thesis: The appropriateness of the security measures and their effectiveness in ensuring security are debatable since the TSA began operation. Though the transportation system attacks and crimes have declined, issues of prejudice with respect to appearance, race, culture and other factors by TSA officers enforcing security at entry and exit points in the United States have been raised. This does not go unnoticed and would affect the United States movement to impact on tourism and its foreign relations. Since 2001, the USA federal government has invested heavily in security measures by the TSA, which has enabled oversight of security through its officers on the ground, their activities and supportive equipment, and the machinery they use. It is worth to appreciate the TSA operations for its adaptation to the rising security threats. While terrorists seek alternative ways to execute their operations, TSA has fastened its measures through deployed

PEM in Mexico Essay Example | Topics and Well Written Essays - 500 words

PEM in Mexico - Essay Example It can also affect nutrient conversion to the energy vital for healthy organ function and tissue development. This paper seeks to discuss PEM in Nigeria and how this country manages it. In Nigeria, there is still a high burden of protein-energy management. The severe characteristics of the illness are typically related to high mortality rates even in the health facilities. Several strategies have been set up to aid in reducing the severity and incidence of PEM. The government initiates a randomized distribution of zinc supplements to the prevalent areas (Garman & Royer, 2011). The locals have realized local products like honey help in reducing the severity of PEM. The Nigerian government has set up strategies to ensure sufficient food security in places prone to the disease. These programs are proving to be successful where the randomized distribution helps the vulnerable communities in Nigeria. The non-governmental organizations are also taking a huge part in countering the disease in Nigeria. They distribute high-energy packaged foods like F100 and F75 (Johnston & Stoskopof, 2010). UNICEF has played a major role in distribution to children admitted for severe PEM. Similar arrangements are developed at the several hospital surroundings in Nigeria are named as high-energy mixture (HERMIX), Kwash pap in Nigeria. For improvement, storage and preservation of the high energy food is an important step by both the government and locals. The government should find out different other ways to ensure food security all year-round. Presently, vitamin A is augmented through the repetitive vaccination and National Immunization Days (NID). The government can mandate companies manufacturing countless domestic food items such vegetable oils, sugar and salt to strengthen them with these vitamins and trace elements. Families with low socioeconomic status are the most vulnerable to

Regulation of Muscle Hypertrophy Essay Example for Free

Regulation of Muscle Hypertrophy Essay Our skeletal muscles make up 40-50% of our total mass and are essential for all humans to move, breath, and stand up straight. For the first 20 years of our lives and for those physically active after our muscles are continually growing. Satellite cells are responsible for this growth in our skeletal muscle and are referred to as muscle stem cells. When skeletal muscle cells are traumatized due to physical trauma or disease the regeneration process includes three general processes, destruction, regeneration and remodeling. What regulates these three processes? How are they signaled to initiate the cell cycle and what nutrients and systems do they require to carry out the processes of regeneration and growth†? Muscle regeneration is a daily occurrence for almost animals. The complex systems involved in regenerating the organ system that makes up over 40% of our bodies need to communicate properly, understanding how this is done can open doors for recreational and medical opportunities. Main Point: Understanding the regulation of muscle hypertrophy requires an understanding of satellite cells (SC), the environment they reside in (niche) and the growth factors that stimulate and inhibit their activation. Sub Point: Satellite Cells lie in a specific niche that allows them to remain inactive until needed, residing between the sarcolemma and basal membrane of muscle cells (myofibrils). One side of the cell is attached to the basal membrane by two factors. First, the satellite cell has a layer of integrin alpha7beta1 which lies on the side where growth factors and inhibitors from the vasculature, autocrine and motor neuron systems can be received to signal an active or inactive state. Anchoring the satellite cell and its layer of integrin to the basal membrane are laminin, creating a selectively permeable membrane. On the opposite side where the satellite cell resides in a small recess on the myofibril, the satellite cell is attached to the sarcolemma by M-cadherine. On the myofibril side the satellite cell receives signals from the immune system and the myocyte nucleus. The location of SCs allows signals to be sent from multiple systems, such as Hepatocyte growth factor (HGF), which is secreted from the Extracellular Matrix (ECM). (Kralaki, Fili, Philippou Koutserilieris. 2009). Satellite cell structure is somewhat unique because for the most part of their existence in a healthy body they are quiescent or inactive. Because of their mostly dormant stages they have few organelles and an abundance of cytoplasm (Kralaki, Fili, Philippou Koutserilieris. 2009). Also noted is the higher concentration of satellite cells near neuromuscular junctions (NMJ) as well as a higher concentration near slow twitch muscle fibers compared to fast twitch fibers. The reason for these concentrations is currently unknown. Lastly, muscle cell concentration dramatically decreases after birth and decreases further through age. In mice it was shown that after birth satellite cells accounted for 30% of sublaminar muscle nuclei and at the age of 2 months that number has shrunk to less than 5%, showing that satellite cells play in important role in early generation of muscles and limbs (Kuang, Gillespie Rudnicki, 2012). Sub Point: Satellite Cells are activated by growth factors (MGFs) when muscles are damaged. There are many systems known and suspected of influencing SC activation and deactivation. Some include the vascular system, the immune system, the neuromuscular system, the autocrine system, and finally the myocyte nucleus. Most of the activation is influenced by the immune system after a muscle cell has been damaged. Once traumatized, Necrophils and Macrophages of the immune system migrate to the site of damage and phagocyte the damaged muscle cell material while releasing growth factors to activate quiescent SCs. At the same time the growth factors stored in the extra cellular matrix, vascular systems, and myocyte nuclei are also released after muscle injury. Examples of the growth factors released by all of these systems are HGF, IGF-1, and IGF-2. These factors bind to satellite cells and initiate SC migration to the damaged cite and start the mitotic cell cycle. Research regarding migration of satellite cells to damaged sites is in its early stages of understanding, what seems to be agreed upon is that factors released from the ECM, immune system, and muscle cells affect the migration of SCs to damaged sites. One factor, TGF-beta, which is released by the immune system is thought to directly attract satellite cells to damaged areas as experiments with a TGF-beta antibody extract reduced SC migration (Griffin, 2009). Activated SCs express MyoD and Myf5 (Broek, Gregte Hoff, 2010). The up regulation of these two factors is evident in every initially activated SC. There are more than 20 different chemo reactants being studied that are known to somehow affect SC migration (Griffin, 2009). Sub Point: SCs proliferate and rebuild at the site of damaged myofibrils. a. SC enter the cell cycle when activated, creating both unspecified stem cells and myofiber specific cells which fuse with existing cells to bridge and fill the damaged area. (Ciciliot Schiaffino, 2010) b. M-cadherin attaches SCs to a myofiber, which is crucial for cell-to-cell fusion and proliferation c. 8 key growth factors are known to stimulate and inhibit the processes of muscle cell regeneration. (Broek, Gregte Hoff, 2010) Conclusion: Current research has yielded information about the regulatory proteins and hormones that trigger satellite cells and immune responses to either inhibit or activate muscle hypertrophy. The knowledge associated with what turns on and off specific systems of muscle cell activity advances medical solutions to muscle atrophy and recreational solutions to body building and general muscle health. Future research could yield treatments that alleviate various diseases associated with muscle failure and degeneration as well as advancements in sports medicine and injury rehabilitation.

The Prologue To The Gospel Of John Religion Essay

The Prologue To The Gospel Of John Religion Essay The Gospel of John was writing by one of Jesus disciples by the name of John (thus the title of the book). It was written around A.D. 80-95 and the theme of the book is Jesus as the Son of God. We notice in the other Gospels, known as the Synoptics because of the close similarities in each account, that Jesus is portrayed in many different ways. In Matthew he is seen as the King of the Jews and was very much directed to a Jewish audience. In Mark he is seen as the Suffering Servant, which meant a lot to the Romans, to whom this text was directed to. In Luke he is the Perfect Man, an great achievement in the eyes of the Greeks and other Gentiles. Although all these facts are true and can be seen in all the Gospels, John, whose account was written long after the others, was drawn to write an account directed to all believers. John goes into the divinity of Christ and we see this from the very first chapter. In this book, Jesus is the Logos and he is the I AM. In this essay I will only look at the first chapter of John, in particular verses 1 through to 18 and we will first and foremost discuss Christ as the Logos, afterwhich we will look at the three main characteristics of the Logos in terms of his relation to the Father, his relation to the World and his relation to humanity. We will then conclude. The first thing we notice when we start reading the Gospel of John is its close similarity to Genesis chapter one verse one and that he introduces his book very differently to the other disciples turned apostles. All the writers begin with a different look to the story of Jesus. Matthew begins with the geneology of Jesus from Josephs line, Luke also uses a geneology starting point, but from Marys line, Mark goes straight into Jesus baptism. But John decided to start from the beginning. Note however that this is not the same beginning as mentioned in the Book of Genesis. Although Genesis starts with the beginning of creation, John goes beyond that. A.M. Hunter says no book ever opened more magnificently. [] John goes back to the very beginning of history, even beyond it, as to say There is only one true perspective in which to see this story you must see it in the light of eternity.  [1]  . Therefore, although the Gospel begins in the same way as Genesis, they speak of two differ ent creations. Genesis speaks of the old creation, whereas John speaks of the beginning of a new creation. For John to say in the beginning was the Word already starts proving Jesus immortality. One might think that he was then a part of Creation. John goes on to say and the Word was with God and the Word was God which not only proves his immortality but goes beyond that to prove his divinity. To go on to say that He was in the beginning with God seems to be a repetition of verse 1, but John actually reinforces what he is saying to show us that Jesus was not a part of creation, but he was a part of the creation process. He was actually the Word that spoke creation into existence. This is shown in two ways: Jesus is firstly referred to as the Word or in Greek, the Logos. What does this mean? A word can be defined as a means of communication, the expression of what is in ones mind  [2]  . Therefore the verse can be translated in the beginning God expressed himself. However, some s till find the translation of logos to word inadequate. One author explains that: To a Jew therefore the Word meant God showing himself in power, wisdom and love. On the other hand, to a Greek, especially if he had read the Stoic philosophers, the Logos meant the Rational Principle permeatting all reality.  [3]   Even so, in using the term Logos to describe Christ, John presents him as the very Word of God that God himself speaks. Jesus is then referred to as the person through whom all things were made. Jesus is therefore, as we have said before, the very word that brought creation into existence. God continue to speak to us through his Son, who is the Word as explained in Hebrews 1:1-3. The concept of the Logos is very deep however, which has brought much debate. In this passage, we see the main characteristics of Jesus operating as the Word. We see his relation to the Father first of all. One commentary says He was the person existing from eternity, distinct from but in eternal fellowship with the Father  [4]  . Next we go on to see Christs relation to the World in that through him the world was created. And then finally when we go on to read further down in verse 14, we see his relation to humanity. He became flesh and dwelt among us. For the rest of this essay, we will look into thes e three characteristics. Looking at the first few verses, in particular verses 1-5, we see the Words relation to God the Father. This is seen in the fact that the Word has always been in pre-existence with the Father. He was not only in pre-existence with God, but he is God himself. This is also seen in the fact that he possesses attributes of God such as being the Light. God is seen has the light in Old Testament scriptures such as Psalm 4:6 or Isaiah 2:5. Jesus is the Light of the World (Matt. 5:14). In his relation to the Father, Christ can therefore be seen as divine. Their relationship is so strong that through him all things were made; without him nothing was made that has been made (v.3). We therefore learn that God created through his agent the Word and there is nothing at all that was or could have been created without him. To deny his existence therefore is to deny that of God. John therefore affirms the pre-existence, the personality and the divinity of Christ in presenting him as the Word. The Word is not only seen as the light, but he is also Life itself. Hunter explains that the Divine Word was the source of life as well as the agent of creation  [5]  . He goes on to say that the word life can be referred to as a quickening power  [6]  and calls the light moral and spiritual illumination  [7]  . This brings us to the Words relation to the World, his very own creation. It was through Christ that God the Father created and now sustains, as seen in scriptures such as Colossians 1:16 and Hebrews 1:2. In verses 6-7, the author starts by introducing the one who had been called to prepare the way, or to be the witness for the Light that was to come into the world. The author is sure to emphasize that he is the not the light but has only come to testify about the light. As we look into verses 9-10, we see how they tell of the Incarnation of Christ and what happened: the Light was coming into the world. In verse 11, we notice that the world he came to did not reco gnize him. The word own here appears twice in this verse and could mean the following: the first own could refer to the world in general and the second to his own people in terms of the Israelite who did not receive him. However, when Jesus came to the earth, he came to the people of Israel, who were Gods chosen people. Jesus would only be taking to the World through the apostles work and throughout Church History. This is obviously debatable, but I believe Jesus came unto his own as in his own creation, but his own (as in the people) did not respond or accept. Bruce, who uses the English Standard Version in his commentary, backs this statement by explaining the Greek term for the word own: His own place translated the neuter plural ta idia; his own people translates the masculine plural hoi idioi. [à ¢Ã¢â€š ¬Ã‚ ¦] This is not a mere repetition of verse 10; it particularizes what was said more generally there. The Word of God, which came to the world of mankind in general, came in form of special revelation to the people of Israel [à ¢Ã¢â€š ¬Ã‚ ¦].  [8]   Therefore we see how he relates to the world in that he came into the world and was amongst the people of world, performing miracles, signs and wonders, showing his love, and yet the relationship between Creator and creation is so ruptured to the point where the Creator is put to death on a cross by his very own creation. However, there is hope for the ones who do want to choose to believe in him and he gave these ones the power to be reconciled with him and reborn spiritual. Let us now look at the word in relation to humanity on a whole. In becoming flesh (v.14) he became just like the creation. In Jesus, God became a human being, having the same nature as humanity, but without sin  [9]  . Through the gateway of human birth, the Incarnation is further explained in verse 14a. The rest of this verse indicates his dwelling among us. This dwelling is translated as Christ making his tabernacle among us. One author explained how the term tabernacle could suggest a temporary stay, as the tabernacle in the Old Testament was a tent that was pitched up to worship God. In this tent, the people would go to worship and experience the power of God. This same author comments that the Greek verb eskenosen means literally pitched his tent [à ¢Ã¢â€š ¬Ã‚ ¦]; the consonants s-k-n would remind the knowledgeable reader of the Hebrew Shekinah, the word the rabbis used for the Divine Presence among his people Israel  [10]  . This would explain the following the final p art of verse 14, when the author explains that we have seen his glory. The we here most likely refer to the Disciples who were with him, but denotes the idea of the Shekinah Glory concept mentioned earlier. The rest of the verses seem to carry on from where he left off, in the sense that verses 10-14 seems like a parenthesis between verses 9 and 15, since in verse 15 he goes on to speak about John the Baptist. The author ends this prologue well in saying: No one has ever seen God, but God the One and Only, who is at the Fathers side, has made him known (v.18). Here again, the author proves the deity of Jesus Christ by interchangeably referring to him as God and as the Sent One, showing signs of the Trinity concept, which we are not able to discuss in this essay. In this essay, we look at the divinity of Jesus Christ. He saw that He is God, he is Creator, He is omnipresent and that he is Light and Life. We then looked at his relation to his Father, to the world and to humanity in general. He was in every sense God but in order to save us he made himself human in every sense. The story of Jesus is now about to be unfolded in the rest of this book, keeping in mind who he really is.