GIS Architectures, lecture 11 - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

GIS Architectures, lecture 11

Description:

Main cause for failures in implementing an IS is not a technical ... lack of commitment in ... and in extra work caused by disintegrated ways of working ... – PowerPoint PPT presentation

Number of Views:33
Avg rating:3.0/5.0
Slides: 23
Provided by: AriJ3
Category:

less

Transcript and Presenter's Notes

Title: GIS Architectures, lecture 11


1
GIS Architectures, lecture 11
  • Human resources
  • Training
  • Computing policies
  • Security

2
HS vieraskynä 13.10.2003Juha Koivisto Hyöty
irti tietojärjestelmistä
  • Main cause for failures in implementing an IS is
    not a technical one, but human/organisation
    related one
  • lack of commitment in the management
  • a lot of time is spent in solving problems and in
    extra work caused by disintegrated ways of working

3
Two different views
  • The vendor/consultant
  • thinks the problem is a technical one
  • has no or little interest in the future of the
    client
  • The organisation
  • (should) see the problem as one of learning and
    change

4
Possible solution
  • (still by Koivisto, Turun yliopiston
    tietojärjestelmälaboratorio)
  • Description, Training, Use
  • Two descriptions
  • How are things done now?
  • How things will be done with the new system?
  • Recap GIS Design

5
Training
  • Training has to be based on the task of the
    employee (not on the IS)
  • how things were done before
  • how things will be done with the new system
  • Implementation of the IS is not over till new
    institutions are in place
  • institutions how things are done
  • Have faith in the local knowledge
  • use local instructors
  • local employees are experts on their tasks
  • but to a limit

6
Organisation and GIS
  • Software hardware people
  • Organisational structures
  • task structure
  • specialization / generalization
  • support people, experts
  • Communication
  • Links to non-GIS and non-spatial

7
Organisations
  • Are often large, or have a large network
  • interoperability
  • institutions
  • things change slowly!
  • Costs vs. benefits
  • Customers, products

8
Human side of system development
  • Development
  • Implementation
  • Use
  • Developers (technical problem)
  • Implementors (organizational change and learning)
  • Users (individual learning process)

time
9
(No Transcript)
10
Implementation process
  • Description
  • how does the new system change existing work
    processes?
  • Training
  • training should be organised (customized)
    according to the job descriptions people have
  • Use
  • implementation continues until the use of the new
    system is routine
  • implementation has to be monitored

11
Capacity building
  • Common term used by development agencies in
    relation to resource management
  • Empowering individuals and organisations to
  • assess their own information needs
  • set their own priorities
  • build their own information systems
  • Not just provision of hardware, software, and
    training

12
Policies
  • General computing policy
  • General internet policy
  • Electronic mail policy
  • Software policy
  • Hardware policy
  • Support policy
  • Backup policy
  • Web development policy
  • ...

13
What is in the policies?
  • Mostly free / mostly forbidden
  • free anything not specifically forbidden is
    allowed
  • Who is responsible of what?
  • Who can/should do what?
  • Procedures when acquiring new hardware/software
  • General guidelines for new hardware/software
  • for example monitor resolution

14
Backup hardware
  • Against hardware failures / user mistakes
  • Backup vs. Archiving
  • Hardware
  • Tape drives (DAT, DLT, SDLT, ..)
  • largest DAT tape is 72 GB
  • Magneto-optical devices (archival)
  • optical disk is typically 9 GB but they can be
    used in large jukeboxes
  • CDR

15
Backup policies
  • What is stored and how often?
  • System software, local customizations, data, user
    files
  • Complete backup
  • once a month, twice per year
  • Incremental backup
  • daily
  • Note all versions of the files are stored
  • How long backups are stored?
  • reliability of the media

16
Security
  • The definition of secure computing?
  • See for example Trusted Computing
  • Integrity of systems and data against intruders
    and unauthorized access
  • Secure communications
  • Malicious code (viruses, worms, ...)

17
Dimensions of security
  • Levels of access rights
  • type of user
  • type of action
  • Strength of protection
  • security through obscurity
  • DO NOT TRUST
  • unencrypted passwords/communications
  • work against casual user
  • secure communications

18
Rights
  • Unix model
  • user, group, all users
  • read, write, execute
  • Windows
  • pre-NT all users can do everything, file
    permissions only suggestions, logins just for
    preferences
  • NT and XP two groups Administrators, Others

19
(No Transcript)
20
SQL rights model
  • GRANT SELECT INSERT UPDATE DELETE
    RULE REFERENCES TRIGGER
  • ,... ALL PRIVILEGES
  • ON TABLE tablename , ...
  • TO username GROUP groupname PUBLIC ,
    ...
  • GRANT CREATE TEMPORARY TEMP ,...
    ALL PRIVILEGES
  • ON DATABASE dbname , ...
  • TO username GROUP groupname PUBLIC ,
    ...
  • GRANT EXECUTE ALL PRIVILEGES
  • ON FUNCTION funcname (type, ...) , ...
  • TO username GROUP groupname PUBLIC ,
    ...
  • GRANT USAGE ALL PRIVILEGES
  • ON LANGUAGE langname , ...
  • TO username GROUP groupname PUBLIC ,
    ...
  • GRANT CREATE USAGE ,... ALL
    PRIVILEGES
  • ON SCHEMA schemaname , ...

This is PostgreSQL. To remove rights use the
command REVOKE.
21
Internet security
  • Firewalls
  • packet-filtering (source and dest IP ports)
  • stateful inspection (connection awareness)
  • application-level (content examination)
  • Daemons
  • accept connections only from selected addresses
  • no holes in the socket interface
  • do not allow remote execution of insecure code
  • Email attachments and downloads
  • need virus protection in client computers

22
Security compromise scenarios
  • Program is executed with specific rights
  • User who belongs to the Administrator group,
    opens a document which contains executable code
    (for example VBA), the code is set to be executed
    automatically when the document is opened...
  • A program which is marked to be executed with
    elevated rights contains a bug which makes it
    possible for normal users to execute code with
    elevated rights
  • There is no built-in restrictions in the internet
    for sending email or making connection attempts
  • somebody makes a simple program which sends
    zillion emails to one address or one email to
    zillion addresses
Write a Comment
User Comments (0)
About PowerShow.com