Author Archive Jayanthi

ByJayanthi

Object oriented programming

‘Object oriented programming’ is a type of programming which involves object oriented principles like encapsulation, polymorphism and inheritance. These principles are implemented by means of classes, methods, variables and other constructs in Java. We saw a sneak peek into object oriented programming in the Java 101 post. 

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

NIST publications

NIST stands for ‘National Institute of Standards and Technology’ and the NIST special (SP) publications act as a reference for organizations, academic institutions and government agencies that seek to form an information security plan and secure their perimeter. They are available free of charge. We will discuss some of the NIST special publications in this post:

  1. NIST SP 800-30: Guide for conducting Risk assessments:

Before we discuss NIST SP 800-30, we refresh the basic concepts related to risk. The security terms “threat”, “vulnerability” and “risk” play a key role in risk assessments.

Recall from an earlier post that “vulnerability” is a hole in the security posture that is waiting to be exploited (examples of vulnerability can be open port, unpatched software)

“Threat” is the tool that causes the damage to the organization (examples of threats can be floods, power failure, fire etc) 

And “risk” is the “threat agent” making use of the “vulnerability” and exploiting it and causing physical and monetary damages. Putting these concepts together, “Risk assessment is the process of identifying, estimating, and prioritizing information security risks” (Guide for Conducting Risk Assessments, 2012)

The NIST SP 800-30 publication guides users on how to conduct risk assessments. This publication first deals with the fundamentals of risk assessment followed by the different processes in risk assessment (preparing for risk assessment, conducting risk assessment and communicating risk assessment information) The NIST SP 800-30 publication is an extension to the NIST SP 800-39 publication which is a publication for managing ‘Information Security Risk’.

  1. NIST SP 800-45 version 2: Guidelines on Electronic Mail Security

E-mail or electronic mail is one of most prevalent forms of communication in today’s digitized world.  Considering this, electronic mail will be targeted for a host of attacks on the mail server, mail client or the entire infrastructure. Some of the different types of attacks may be DoS attacks, social engineering, or gaining access to unencrypted information in the email.

 The NIST SP 800-45 on electronic mail security guides users on configuring mail servers, mail clients on public and private networks and prevent it from being subjected to attacks. Encrypting email messages (using OpenPGP,S/MIME) ways to harden the mail server, ways to harden the mail client are some of issues discussed in this publication. The other key guidelines included in this publication are the different types of protocols (such as the SMTP, POP) along with planning and management of a mail server. (Guidelines on Electronic Mail Security, 2007)

We discussed a few of the NIST publications in this post today. The NIST publications seek to give guidance on many other security topics for organizations.  These are an effective means for different organizations who seek to improve their security posture.

Bibliography:

Guide for Conducting Risk Assessments. (2012, September). Retrieved from NIST.gov: http://www.nist.gov/customcf/get_pdf.cfm?pub_id=912091

Guidelines on Electronic Mail Security. (2007, Feb). Retrieved from NIST.gov: http://csrc.nist.gov/publications/nistpubs/800-45-version2/SP800-45v2.pdf

This post is for the alphabet ‘N’ for the Blogchatter challenge… read the previous post here

 

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

List of Information security certifications

‘Information security’ briefly is that branch of study that deals with securing data and identifying weaknesses in systems and sealing them. Anti-virus software, firewalls are simple aspects of ‘Information security’ that we use unknowingly. There are a number of Information security certifications and we will review some of them here:

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

‘Kulambu’

‘Kulambu’, ‘Kozhumbhu’ or ‘Kolambu’ is a delicious South Indian gravy with the correct amount of tanginess and spice.  While I never do a cooking post because of this reason – the alphabet ‘K’ for the Blogchatter challenge did kick me into writing about one!

My mother makes different types of ‘Kozhumbu’  like the ‘Vendakkai(ladies finger) kozhumbu’, ‘thakkali(tomato) kozhumbhu’, ‘brinjal kozhambhu’ and each one of them is lip smacking! 🙂 The non-vegetarian kulambhus like ‘chicken kozhmabu’ , ‘meen kozhumbhu’ are equally delicious but they might need slightly different cooking methods. 

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Java 101

‘Java’ the object oriented programming language was developed by James Gosling of Sun Microsystems(now a part of Oracle) in 1995. It is a platform independent programming language meaning that once a Java program is written and compiled – the compiled program can run on any architecture(Apple, Windows etc)It is this feature that makes it flexible. It is also much easier to work with Java than other programming languages like C++.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

India!

The pitter-patter of rain drops. Seeing water in liquid form throughout the year. The sight of frogs jumping around. Seeing a double rainbow in the sky. Hearing the birds chirping throughout the year. Seeing millions of pigeons and parrots outside my window. Seeing honeycombs hanging from my balcony. Seeing the blue sky everyday. Having the sun rise and set at the same time throughout the year.

Traffic trying to move in an totally unregulated manner.  Competition being real. Great history. Lots of festivals to celebrate in an authentic way. Lots of shopping places. Lots of ‘pattu saris’ 🙂 Lots of color. Lots of variety. Lots of people. Lots of family. Lots of family functions. And even more friends. And never a dull or lonely moment. Full of life and cheer and a simple life!

Where was I? India!! 🙂 

This post is for alphabet ‘I’ for the Blogchatter challenge… the previous post is here... come back tomorrow for  the next alphabet…:)

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Hyperledger Composer

Even as the Block chain technology is in its nascent stages and everybody is trying to understand it – there are organizations which have started collaborative efforts to harness the power of blockchain.  One such endeavor is the IBM Hyperledger open source project which is hosted by the Linux foundation to build blockchain applications efficiently and quickly. It is a “global collaboration” with entities from different sectors such as finance, retail, IoT, manufacturing included in it. 

IBM Hyperledger Composer playground:

The IBM Hyperledger Composer is a fast and efficient way of building block chain applications. While it normally takes a few months to build a blockchain for a business network, by means of the IBM Hyperledger Composer, the same can be achieved in a few weeks time.  It consists of a IBM Hyperledger Composer Playground to learn,build and test blockchains networks. 

The IBM Hyperledger Composer playground is available  from this link. This post will give a high level view of the Hyperledger Composer playground. The Hyperledger composer playground runs inside a Docker container and can be installed and worked with in any of the two modes:

a. a browser mode

b. Hyperledger Fabric peer network

There are three main actors in the Composer playground – Assets, Transactions and Participants.

Assets – As we already seen, asset is anything that has value. It is the main part of the trade. Examples of assets can be car, house, patent 

Transactions – Transactions are those events that we achieve with the ‘Assets’. For example, if ‘Car’ is an asset, ‘transferring’ car ownership might be a transaction.

Participants – are the major actors who take part in the block chain business network. For example, the buyer and seller are participants.

The Model(.cto file), script file(written in Javascript and holds the business logic) and access control(.acl file) files are appropriately configured. The business network is deployed. The network is tested by adding participants, assets and performing transactions. All transactions are recorded in the Block chain that we have created and can be viewed. 

This post involved the basics of working with Hyperledger Composer playground and is for the alphabet ‘H’ for the Blogchatter challenge… the previous post is here

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Go Green!!

Even as we grumble about the different types of pollution, is is quite ironic to note that “we” are the cause of the pollution! We are the cause of the different types of pollution – air pollution, water pollution, noise pollution. The ocean is our greatest dumping ground. Everything from garbage, cartons, plastic, to untreated sewage water lands in the ocean. Pollution has taken epic proportions and the different types of pollution like air pollution, water pollution, soil pollution are set to control(or already controlling) our life.  Pollution has led to global warming which in turn again affects us directly. Let us see a few ways to reduce pollution and keep our planet green!

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Four concepts of Blockchain

Blockchain, the technology disrupter and the decentralized shared ledger has four important points that essentially define it. They are: Consensus, Immutability, Finality, Provenance. This blog post will define these four important concepts.

Provenance:

Blockchain will be a game changer for the supply chain management system. The IBM business blog describes provenance as an “immutable audit trail of ownership & location as it changes over time” (Source: https://www.ibm.com/blogs/insights-on-business/government/proving-provenance-with-blockchain/) This audit trail promotes transparency that can never be achieved with traditional database systems.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Empowering women

I cannot think of a better word for the alphabet ‘E’ than “empowering women”. In a world, where girls play second fiddle to boys and boys are always the wanted “gender” – it is crucial to empower the girls. 

Growing up in conservative state(of course, most of India is conservative with the exception of the metros) of Tamil Nadu, studying Computer engineering(a long time ago! :)) was a big thing(that was empowering for those days)

What does empowering really mean? It seems that this word has been thrown around quite a bit. While empowering women and girls might mean different things to different people, my only thought is to “let women and girls do what they want in life” after teaching them good values. It is the thought of protecting girls(by the parents, husband) that leads to not empowering them adequately.

Because, I have always heard girls say

  1. That they were allowed to study – but only in some place close by
  2. That they were not allowed to study
  3. That they were allowed to study but not allowed to work(what if the man who married her sat and ate her earnings?! ;))
  4. That they “have” to work(this is the other extreme!!)
  5. That they are not allowed to drive
  6. And there are million other “don’t do this and don’t do that” rules for girls and women…. 

 

 So, how will we empower them?

  1. To start off, it is good to give them the best education in the college and in the field they would like to study. At least, the opportunity should be given. 
  2. The next step will be to make them financially independent. Having a career for themselves will make them mentally and physically strong.  Of course, once motherhood comes along, it is difficult to juggle between work and home and the decision to continue the career or not should be best left to the girl herself. 

So, what are the advantages of empowering the women?

  1. They are more confident 
  2. Can handle life in case, any calamity falls on the family
  3. With today’s soaring prices, it is always good to have two incomes instead of one…

Again, my thoughts on the subject!! 😉

This post is for the alphabet ‘E’ for Blogchatter challenge…the previous is here…

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂