My Stock Analysis Tool Network Architecture - Report Example

MSAT architecture Name: Number: Course: Lecturer: Date: Introduction From the initial report on the tiers that are available, the most useful tier that will be adopted is that of 3-tier. It has advantages to the other tiers that have been proposed. The application that will be installed is that of My Stock Analysis Tool. This application will be used in three application tier. Diagram 1 shows how the application will be installed and configured. Figure 1: Three-tier architecture Figure 2: Detailed 3-tier architecture Assumptions made The assumptions I made when I was suggesting the network is that all browsers will get access to the application layer. There will be no requirement or any specific browser which will be required in order to access the business logic layer. All browsers will have the privilege of accessing the application (Maple, Williams, & Yong, 2007). Another assumption I considered is that there will be no specific platform for the application. This means that there will be no operating system which will have added advantages over the other operating systems. I am, therefore, assuming that users will use any platform to access the system. This is an important assumption given the fact users will use any platform to access the system (Kumar, & Manjunath, 2007). Another assumption is that there will not be any preference for any device in accessing and using the system. I am assuming that the use of mobile devices and PCs will be supported. With the emergence of mobile computing, this becomes a very important assumption that should be considered when deploying the system. More and more users will want to use their mobile devices to access the system. Technology standards used in each tier Persistence layer - XML The persistence layer is used to store data that will be used by the application. It is important to have efficient data management and retrieval system. One way in which thus can be done is through the use of XML standard. This is an emerging standard that is gaining popularity. XML is used to store and transport data. XML files are meant to hold data and the data held in XML file is well defined. You can apply styles and use different layouts to display the data in an HTML file. This data in an HTML file could come from an XML file. Instead of XML replacing HTML, it provides another way for programmers to define their own set of mark-up elements. It is expected that HTML will remain in use for years to come. The current version of HTML is XML syntax. XML main reason of existence is to make the writing of Document Type Definition (DTD) much easier than using full Standard Generalized Markup Language (SGML). SGML is the language used for defining markup languages (Williams, & Lane, 2004). XSL can be used to improve the execution of code on the client side. XSL can be used to separate data representation from the data itself (Rusty, & Means, 2004). An example is that you can separate the user interface in a XSL file and later transform the XML file. XSL can then be used to build HTML that is understood by browsers. After this separation, a single page can be able to access many of these separate data which include XML file, and database source that each require different XSL file. The advantage of this is that if one wants to change any aspect of the data representation, you change a specific XSL file. This approach has many advantages which include the fact that it supports multiple data sources which are integrated into one page using the same or different presentation code. Another advantage is that data and its representation are separated. This provides flexibility. Server requests are also reduced especially when a user makes a change. The last advantage is that the server processes only changed data. This improves the performance of the server. Application layer – PHP In the application layer, there will be the use of PHP, which is a scripting language. PHP is used to allow access to the database to be a reliable experience. PHP is used when there are databases involved in the system. Since MSAT has some data that will need to be interacted with, there will be the use of PHP as a scripting language. Other scripting languages that are available in case the company might want to opt for other scripting languages include ASP and Jscript. They are used in the application layer (tier) of the 3-tier architecture (Williams, & Lane, 2004). User layer – Http The user layer is used to have a connection with the application layer. The application that is used in this layer is browsers. The browser will use http to connect to the middle layer. Hypertext transfer protocol is a stateless protocol which implies that it has no ability to remember the facts and figures from a single interaction to another. It is used to move data from the client to the server and back or vice versa. There are mechanisms through which states can be preserved between two hypertext transfer protocols. One way is through the sending of a page that describes the items to the user as per the requirements of the user the reason being to avoid checking for the amount of charges to be exacted on the commodity prior to the acquisition by the user. When this type of protocol works, it is a session of both the response and the request that exists between the client and the server in trying to access a particular internet resource like a web page or some other forms of graphics which are kept safe in the server machine as a document or file. There are very many ways in which http states can be preserved like in a stateful situation, every interaction between the individual user and the application is taken into consideration with other current interactions like the calls of the mobile phones. If the communication interface is on between the system application and the user, the state is the variable factor of the transaction. The interactions with the browser will have the application assuming full responsibility of managing the previous state and converting it when it wishes. For there to be preservations between two http calls, there must be an open transaction which is or will remain intact or untempered with during the time of transaction. The client machines are expected to return the request when they have not been altered or tampered with. This initiates a state which is a memory location for the current activities and is always not in line with all the other contents of the same source page. Asset security control sheet With the system that has been proposed, there are security risks that are associated. Table 1 shows the security issues that come with this system. Asset Risk associated Risk control Data Data loss Having a secure network and identification mechanisms Have a security mechanism to control data access Information technology devices/gadgets Theft of gadgets Damage of gadgets Have the physical security of the hardware Have regular maintenance Information system (MSAT) Damage and corrupted information system Have regular maintenance and regular updates Discussion of the security issues With the security issues mentioned, this part will discuss the problems that are associated with the configuration. Information technology risks that can be seen in this case include loss of a system or networks. There is a risk that some automated systems may fail to carry out their functions as required and as needed. This would most likely and in no doubt affect the organization's ability to carry out its missions and meet the set objectives. The management therefore needs to be included in the overall management of the organizational strategies for managing risk (Williams, & Lane, 2004). Without the inclusion of the management and other stakeholders in the ICT departments, it becomes more difficult to identify the problems and risk related to ICT services and equipment especially in situations whereby a remedy need to be established immediately. ICT needs will always change as new technologies emerge. The proliferation of technology and the globalization of the economy not to forget the rate at which the company is expanding will surely mean to arise in divergent IT risks. Information technology gadgets Loss or damage of assets; this is a risk associated with system failing to do its functions such as network going down or loss of data such as financial or budgetary information. GDI has numerous employees depending on the network to carry out their respective functions in different branches as well as in within the specified branches, failure of the network to support such services will result in a setback in meeting organizational targets as well as satisfying customer and shareholders. Damage of assets can be as a result of fires, floods or even viruses. Viruses can damage data assets by either corrupting them rendering the integrity of the same question, or by deleting all the data thus leading to denial of service (Williams, & Lane, 2004). Theft and robbery; this is another risk associated with organizational assets. Assets that are prone to the risk of theft include computer equipment and data and informational resources. Since the company enjoys a vast number of clients as well as employs many employees, it is with no doubt that there is a risk of any of the aforementioned people stealing any of the assets in the company (Williams, & Lane, 2004). Information system (MSAT) The information system that is being installed has risked it. There is a risk that the technology implemented in an organization might not meet the required operational and functional needs of DRUB. Technology risks can be looked in terms of both the hardware and software components. Example of a case whereby such a scenario might occur is in cases where a new implemented network or a database or even a financial management system might not meet the organizational requirements. On the other hand, hardware devices might prove unreliable or slower than expected. These are some of the risks associated with technology itself that need to be considered when a risk mitigation plan is developed. In our case, if there is a change in the network, the tiers in the system will be affected and the operations of MSAT might be affected (Kozierok, 2005). Data There is need for securing data to ensure availability, integrity and confidentiality. However there is a risk that such might not be accessed especially in cases where there is a risk of unauthorized access. Unauthorized access is therefore one of the risks associated with organizational assets. There are many forms of unauthorized access. One of the ways through which this act can be perpetrated is by access to machines via unsupervised equipment or machines (Livshin, 2003). Authorization control mechanism, though implemented might not offer a reliable solution if the human resources using the same are not keen and do not adhere to the laid down policies and procedures. Hacking and cracking are other ways through which unauthorized access can be perpetrated in any computer or information system. Hackers enter the systems by hacking and breaking the network protocols in place. Some hackers are so sophisticated that hacking and breaking firewalls implemented in place is possible. The network structure of the organization therefore is prone to such attacks at all times. One can never predict the time at which a hacker might gain access to organizational resources at DRUB. There is need therefore to have in-house support group that monitors the network at all time to ensure that any slight attempt to hack into the system is immediately identified and the same counteracted with appropriate mechanisms and control measures. Telephony solution With the development in computer networks, and the expandability of computer networks, there is a need to have telephony solution. DRUB, in its quest to expand to Sydney, will need to have this solution so that they are able to communicate with the various staff in various locations. The solution I suggest for this purpose is the use of Polycom telephony service. With this solution, the employees and staff will be in a position to communicate and collaborate on the various tasks. Polycom has a content-sharing capabilities, video and audio features that make the experience of communication a better one and fun to have (Williams, & Lane, 2004). What is required in the teleconferencing solution is not about video alone but also the content sharing capabilities. This is something that should be considered when choosing a teleconference package. This package the best features there are with teleconference applications. References Kazman, R., Klein, M, Clements, P 2000, ATAM: Method for Architecture Evaluation. CMU/SEI-2000-TR-004, ESC-TR-2000-004. Kozierok, CM 2005, The TCP/IP guide: a comprehensive, illustrated Internet protocols reference. San Francisco, No Starch Press. Kumar, A, & Manjunath, D 2007, A tutorial survey of topics in wireless networking: Part I, Sadhana, 32, 6, pp. 619-643. Livshin, I 2003, WebSphere studio application developer 5.0: Practial J2EE development. Berkeley, Apress. Maple, C, Williams, G, & Yong, Y 2007, Reliability, Availability and Security of Wireless Networks in the Community, Informatics (03505596), 31, 2, p. 201. Williams, HE, & Lane, D 2004, Web database applications with PHP and MySQL. Sebastopol, O'Reilly. Read More