Saturday, August 31, 2019
Psychological Effects of Technology Addiction Essay
Technology is taking over all aspects of life. Education, work and leisure are all becoming increasingly dependent on being able to interact with technology. But what of the academic or career prospects of those who do not want to interact with this technology? Before taking this English 305 class, I tried to avoid computers as much as possible. I didnt have any interest in cyberspace such as chatting, email, and gender swapping. Through this class, I had a chance to contact others through cyberspace. However, I still have a fear of computers. I decided that I want to know more about computers and cyberspace. I will first discuss cyberspace, then I will discuss about technophobia. Its well known that people say and do things in cyberspace that they wouldnt ordinarily say or do in the face-to-face world. The virtual world is quite different from the real world. People cant see a person in cyberspace. People cant see a persons facial expressions and body language. The sensory experience of encountering others in cyberspace-seeing, hearing, and combining seeing and hearing is limited. For the most part, people communicate through typed language. In cyberspace, people will probably never be able to physically interact with each other. There are no handshakes, pats on the back, hugs, or kisses. The limited sensory experiences of cyberspace have some significant disadvantages- as well as some unique advantages ââ¬â as compared to in-person encounters. Since communicating only with typed text, people have the option of being themselves, expressing only parts of their identity, assuming imaginative identities, or remaining completely anonymous. Anonymity has a disinhibiting effect that cuts two ways. Sometimes people use it to act out some unpleasant need or emotion, often by abusing other people. Anonymity also allows them to be honest and open about some personal issue that they could not discuss in a face-to-face encounter. Sitting quiet and staring at the computer monitor can bring a person to an altered state of consciousness. Some people experience a blending of their mind with that of the other person. Some people experience a state of consciousness that resembles dreams. These altered and dream-like states of consciousness in cyberspace may account for why the Internet is so attractive for some people. It might also help explain some forms of computer and cyberspace addiction. In cyberspace, birds of a feather easily can flock together. Support groupsà devoted to helping people with their problems can be a very beneficial feature of cyberspace. For people with antisocial motivations, thats a very negative feature of cyberspace. In most cases, everyone in cyberspace has an equal opportunity to voice his or her opinion. Everyone, regardless of status, wealth, race, gender, etc. starts off on a level playing field. Some people call this the net democracy. Although ones status in the outside world ultimately will have some impact on ones life in cyberspace, there is some truth to this net democracy ideal. Now, I want to write about technophobia, which is a resistance to talking about computers or even thinking about computers. Although technology is taking over all aspects of life, there are up to half of the population is technophobic, possessing negative opinions about, or having anxiety towards, information technology such as personal computers. I found a study the book, Technophobia (Mark J. Brosnan). Thirty-seven per cent of the general public report regularly using a personal computer, a far higher percentage than mobile phones, electronic organizers, pagers, modems, etc. (MORI, 1996). When the factors of anxiety and attitude, or, more specially, of computer anxiety and computer attitude, are combined, the concept of computer phobia indeed begins to emerge. Since I was a technophobic person, I want to know how this psychologically impact peoples life. There was an original assumption that technophobia would be a transitory phenomenon, common amongst older adults who had missed out upon technology in their education. Raubs (1981) early study reported that older people were more anxious than younger people. Other research indicates that the over fifties are less anxious than the under thirties, suggesting that far from reducing anxiety, computer experience can increase anxiety levels (Brosnan pg. 11). However, Anderson (1981), Elder et al. (1987) and Igbaria and Parasuraman (1989) have all found that age has a positive effect upon computer anxiety. As the diffusion of technology throughout many aspects of life has exposed virtually everyone to computerization, the relationship between anxiety, age and experience has become less clear. The only clear relationship between age and computer anxiety would therefore appear to be with respect to ones age when first interacting with a computer. I found a very interesting study, which shows the difference of psychological impact between male and female. Just as technophobia has been reported as affecting more females than males, computer addiction has been à found to be almost exclusively a male phenomenon (Shotton, 1989). Brosnan (1995) identified that in a student population, male students first interaction with computers occurred significantly earlier than female students first interaction with computers. This is significant as Todman and Monaghan (1994) report that early use of computers is associated with more favourable quality of initial experience, which leads to lower anxiety and greater readiness to use computers. A large number of studies found that females report higher levels of computer anxiety than males (it is maybe not true because of my English teacher!). A smaller number of studies report no sex differences in computer anxiety. For example, Anderson (1981) found that males and females did not differ in their levels of anxiety, either before or after a computer literacy course. Temple and Lips (1989) found male students to have taken more computer science course and to be more likely to want to choose it as their major than female students. In conclusion, the findings regarding gender differences in technophobia have not been consistent. Conclusion Whether we refer to the second industrial revolution or the digital revolution there can be little doubt that computer tech nology will play an ever-increasing role within our domestic, leisure and work environments. For the technophobe, this can only mean an increase in the potential sources of anxiety. Through this research, I could find a few things. First, by studying technophobia the full extent of the phenomenon has become apparent. With surveys revealing technophobia in up to 50 per cent of many populations, feelings of computer-related anxiety cannot be dismissed or marginalized. Indeed the sheer numbers of technophobes provide the commercial motivation for continued user-friendliness in hardware and software design. The huge preponderance of technophobia can in itself be empowering, such that an individual does not have to internalize feelings to personal inadequacies. Second, I found that much research has highlighted that feelings are transitory and that sex differences in computer-related attainment can be eradicated when recasting the computer-based task as appropriate for females. The literature on sex differences has been used to emphasize the role of these influences. Technophobia is a legitimate response to technology. Technology is taking over all aspects of life. Education, work and leisure are all becoming increasingly dependent on being able to interact with technology. But whatà of the academic or career prospects of those who do not want to interact with this technology? Before taking this English 305 class, I tried to avoid computers as much as possible. I didnt have any interest in cyberspace such as chatting, email, and gender swapping. Through this class, I had a chance to contact others through cyberspace. However, I still have a fear of computers. I decided that I want to know more about computers and cyberspace. I will first discuss cyberspace, then I will discuss about technophobia. Its well known that people say and do things in cyberspace that they wouldnt ordinarily say or do in the face-to-face world. The virtual world is quite different from the real world. People cant see a person in cyberspace. People cant see a persons facial expressions and body language. The sensory experi ence of encountering others in cyberspace-seeing, hearing, and combining seeing and hearing is limited. For the most part, people communicate through typed language. In cyberspace, people will probably never be able to physically interact with each other. There are no handshakes, pats on the back, hugs, or kisses. The limited sensory experiences of cyberspace have some significant disadvantages- as well as some unique advantages ââ¬â as compared to in-person encounters. Since communicating only with typed text, people have the option of being themselves, expressing only parts of their identity, assuming imaginative identities, or remaining completely anonymous. Anonymity has a disinhibiting effect that cuts two ways. Sometimes people use it to act out some unpleasant need or emotion, often by abusing other people. Anonymity also allows them to be honest and open about some personal issue that they could not discuss in a face-to-face encounter. Sitting quiet and staring at the computer monitor can bring a person to an altered state of consciousness. Some people experience a blending of their mind with that of the other person. Some people experience a state of consciousness that resembles dreams. These altered and dream-like states of consciousness in cyberspace may account for why the Internet is so attractive for some people. It might also help explain some forms of computer and cyberspace addiction. In cyberspace, birds of a feather easily can flock together. Support groups devoted to helping people with their problems can be a very beneficial feature of cyberspace. For people with antisocial motivations, thats a very negative feature of cyberspace. In most cases, everyone in cyberspace hasà an equal opportunity to voice his or her opinion. Everyone, regardless of status, wealth, race, gender, etc. starts off on a level playing field. Some people call this the net democracy. Although ones status in the outside world ultimately will have some impact on ones life in cyberspace, there is some truth to this net democracy ideal. Now, I want to write about technophobia, which is a resistance to talking about computers or even thinking about computers. Although technology is taking over all aspects of life, there are up to half of the population is technophobic, possessing negative opinions about, or having anxiety towards, information technology such as personal computers. I found a study the book, Technophobia (Mark J. Brosnan). Thirty-seven per cent of the general public report regularly using a personal computer, a far higher percentage than mobile phones, electronic organizers, pagers, modems, etc. (MORI, 1996). When the factors of anxiety and attitude, or, more specially, of computer anxiety and computer attitude, are combined, the concept of computer phobia indeed begins to emerge. Since I was a technophobic person, I want to know how this psychologically impact peoples life. There was an original assumption that technophobia would be a transitory phenomenon, common amongst older adults who had missed out upon technology in their education. Raubs (1981) early study reported that older people were more anxious than younger people. Other research indicates that the over fifties are less anxious than the under thirties, suggesting that far from reducing anxiety, computer experience can increase anxiety levels (Brosnan pg. 11). However, Anderson (1981), Elder et al. (1987) and Igbaria and Parasuraman (1989) have all found that age has a positive effect upon computer anxiety. As the diffusion of technology throughout many aspects of life has exposed virtually everyone to computerization, the relationship between anxiety, age and experience has become less clear. The only clear relationship between age and computer anxiety would therefore appear to be with respect to ones age when first interacting with a computer. I found a very interesting study, which shows the difference of psychological impact between male and female. Just as technophobia has been reported as affecting more females than males, computer addiction has been found to be almost exclusively a male phenomenon (Shotton, 1989). Brosnan (1995) identified that in a student population, male students first interaction with computers occurred significantly earlier than femaleà students first interaction with computers. This is significant as Todman and Monaghan (1994) report that early use of computers is associated with more favourable quality of initial experience, which leads to lower anxiety and greater readiness to use computers. A large number of studies found that females report higher levels of computer anxiety than males (it is maybe not true because of my English teacher!). A smaller number of studies report no sex differences in computer anxiety. For example, Anderson (1981) found that males and females did not differ in their levels of anxiety, either before or after a computer literacy course. Temple and Lips (1989) found male students to have taken more computer science course and to be more likely to want to choose it as their major than female students. In conclusion, the findings regarding gender differences in technophobia have not been consistent. Conclusion Whether we refer to the second industrial revolution or the digital revolution there can be little doubt that computer technology will play an ever-increasing role within our domestic, leisure and work environments. For the technophobe, this can only mean an increase in the potential sources of anxiety. Through this research, I could find a few things. First, by studying technophobia the full extent of the phenomenon has become apparent. With surveys revealing technophobia in up to 50 per cent of many populations, feelings of computer-related anxiety cannot be dismissed or marginalized. Indeed the sheer numbers of technophobes provide the commercial motivation for continued user-friendliness in hardware and software design. The huge preponderance of technophobia can in itself be empowering, such that an individual does not have to internalize feelings to personal inadequacies. Second, I found that much research has highlighted that feelings are transitory and that sex differences in computer-related attainment can be eradicated when recasting the computer-based task as appropriate for females. The literature on sex differences has been used to emphasize the role of these influences. Technophobia is a legitimate response to technology.
Friday, August 30, 2019
We Are Young
What percentage of new Jobs requires postsecondary education? Nearly two-thirds of Jobs require postsecondary education. 7. Are communication skills acquired by nature or by nurture? Explain. Nurture. No one is born with perfect communication skills It's something that can be perfected with effort such as effective listening skills, and the process of bettering these skills Is ongoing and can only Improve. 8. List seven trends In the workplace that affect business communicators. Be prepared to discuss how they might affect you in your true career.Flattened management hierarchy, more participatory management, increased emphasis on self-directed work groups and virtual teams, heightened global competition, Innovative communication technologies, new work environments and Focus on Information and knowledge as corporate assets.. 9. Give a brief definition of the following words: A. Encode- put message into coded form B. Channel- directs towards a particular end or object C. Decode- to co nvert from code or plain text 10. List 11 techniques for improving your listening skills. Be prepared to discuss each.Stop talking, Control your surroundings, Establish a receptive mind-set, Keep an open mind, Listen for mall points, Capitalize on lag time, Listen between the lines, Judge Ideas. Not appearances. Hold your fire, Take selective notes, Provide feedback. 1 1 . When verbal and nonverbal messages conflict, which are receivers more likely to believe? Give an Original example. Well it depends on the message being relayed. If so-in-so said something like ââ¬Å"l found a thousand dollars on the groundâ⬠and you look at his friend who rolls his eyes and shakes his head meaning that he's lien or exaggerating I'm more like to believe that person.But this could also work both ways. I think It depends on what's being said. 12. Would your culture be classified as high- or low-context? Why? Low because Americans rely on facts, data and logic. We also value independence, Imitat ive and self-assertion. 13. What is ethnocentrism, and how can it be reduced? The belief in the superiority of one's own culture is known as ethnocentrism. This natural attitude is found in all cultures. Ethnocentrism causes us to Judge others by our own values.In these cultures, however, personal relationships must be established and nurtured before earnest talks may proceed. 14. List seven or more suggestions for enhancing comprehension when you are talking with nonnative Speakers of English. Be prepared to discuss each. Use simple English, Speak slowly and enunciate clearly, Encourage accurate feedback, Check frequently for comprehension, Observe eye messages, Accept blame, Listen without interrupting. 15. List five suggestions for Improving communication among diverse workplace audiences. Be prepared To discuss each. Understand the value I similarity.
Luxury Fashion Brand Essay
To be successful in India, it is both necessary to gauge the financial potential as well as the mindset of the Indian luxury consumer. This will help in bringing forth the right product offerings to the Indian consumer as well as targeting them better. There are conventional foundations for ensuring success of a brand and they are listed below in brief: * The brand must be ââ¬Å"expansiveâ⬠ââ¬â Which means it should be full of innovation opportunities for the marketer and in terms of satisfying the different needs of the luxury consumer. * The brand must tell a story ââ¬â One of the best ways for an organization to compete and distinguish yourself from the rest of the pack is to tell your brand story. The story should be so powerful that it should make customer act as the way you want. * The brand must be relevant to the consumersââ¬â¢ needs ââ¬â Depending upon the mindset of the luxury class, it is necessary for a brand to satisfy those needs, whether they be for recognition or functional use etc. * The brand must align with consumersââ¬â¢ values ââ¬â A brand that does not concur with the basic values of a consumerââ¬â¢s society has a small chance of succeeding because luxury items are identification for a luxury consumer. This makes it difficult for the consumer to adopt the brand in such cases. * The brand must perform ââ¬â Irrespective of which category the brand belongs to, a performance assurance is a must for the brand. Based on the inputs given above as well as an understanding of the decision making process of the luxury consumer, we recommend the following paths for luxury marketers based on what Indian consumers really desire from their luxury brands, i. e. product brand, dealer/store brand and price/value relationship : (The price / value relationship has been accorded less focus since the Indian Consumer is at a phase when cost of luxury is secondary to its appeal / benefits) 1. Brand Me Affluent! ââ¬â It is essential for marketers to ensure that the recognition value of their brands is always high so that it lends a sense of affluence to the consumer, which can only come if others around him / her perceive the brand to be a top-notch luxury brand. This can come from either being aligned with the most successful celebrities or being a part of elite events and promotions. 2. Nothing but the Best ââ¬â This is a golden opportunity for the marketer to earn greater margins by adding customized value to his line of luxury goods. These added-value customized goods will ensure that the customer feels he has something more than just the ordinary range of luxury goods available. 3. Luxury is having the world at my fingertips ââ¬â First! ââ¬â A luxury marketer will not only have to be faster than his competitors in reaching out to the consumer, to gain a share of wallet but also continuously offer innovative products that serve to differentiate between the consumers. 4. ââ¬Å"Ethnic Chicâ⬠ââ¬â The Fusion of Local & Global goods ââ¬â This point is connected to the strategy of a product being in line with the consumersââ¬â¢ values for it to be adopted. Apart from this, in the Indian context, ethnicity is also a fashion statement in many product categories. 5. You Think Iââ¬â¢m Demanding? Next! ââ¬â The marketerââ¬â¢s job should be a constant endeavor to offer newer luxury goods to the consumer, in sync with their needs. In addition to that, marketers will need to make sure that each and every single consumer has to be treated with a high-level of personalized attention, given the nature of the product and the consumer. Even minor Shortfalls in this case will have the consumer shifting their brand preferences to those marketers who can satisfy their needs better. 6. CANNIBALIZATION OF BRANDS ââ¬â It thus becomes essential to ensure that successful celebrities are partnered with at the right time, thereby both eliminating chances of Competition as well as delivering the right aspirational / appeal message to the intended audience. Conclusion The starting point for identifying successful luxury brand strategies in India has been established by identifying certain salient aspects of luxury brands that remain constant as well as identifying the stage of mindset of the Indian consumer towards these brands. The focus is now towards ââ¬Ëhow soonââ¬â¢ luxury brands will enter the market to gain a first mover advantage, which is of significant importance in India. Apart from how soon, we primarily focus on ââ¬Ëhow willââ¬â¢ luxury brands cater to the mainly aspirational needs of the Indian consumer. A word of caution that goes for luxury marketers, irrespective of their brands and Geographical presence ââ¬â The luxury consumer is always looking for newer ways to Satisfy his continuously changing needs. Hence, the need to keep a close tab through insightful research is of prime importance. As far as India is concerned, given the rapidly accelerating affluence of the Masses, the scenario is set to witness a boom. The ones who will be riding the Wave will be the ones whoââ¬â¢ve kept their ears open to each and every word of their Each and every customer. After all, in the luxury business, no marketer can afford the luxury of treating its consumers as a loosely bunched segment.
Thursday, August 29, 2019
Philiosophy journal Essay Example | Topics and Well Written Essays - 1000 words
Philiosophy journal - Essay Example God might have attached an immaterial thinking substance to certain material bodies, he is allowing that, as a result of divine intervention, material structures might think after all. That is, he has abandoned any claim to know at first hand that material structures simply could not be conscious. If some material structures could be conscious, how can we know a priori that material structures cannot of themselves give rise to consciousness. If, instead of supposing that material structures themselves sometimes think, we assumed that there are immaterial substances, minds, or souls, associated with our bodies, we should have to say that matter somehow acts upon these immaterial things (in perception) (Moreland and Nielssen 72). For most of believers, God is a unity, the main source that allows the construction and experience of religion. The concept of God can be explained as a static one evolving during centuries. It is important to note that God is the common feature of human's per sonality, so many philosophers identify the causes and events that push people to be ethical, especially if their actions will affect another person. In this case, the inner nature and morals of people is closely connected with their believes which prove the exultance of God (Moreland and Nielssen 82). . ... And this perfect cause of the universe is God. What is more, without God morality would be impossible (Moreland and Nielssen 32). There must be a Lawgiver (God) who originates and stands by moral law. A universal moral law cannot exist accidentally. There must be a basis behind it, which is God. According to this view, every person is born with an inherent understanding of right and wrong. Everyone, for example, understands that murdering an innocent person is wrong. Everyone realizes that helping a drowning person is right. Where did this internal understanding of right and wrong come from I'm convinced that this understanding comes from God. He was the one to put it into the hearts of every person (Moreland and Nielssen 87). There is no reason why a non-personal principle of creative value should be encumbered with omniscience. Nevertheless, Leslie is right to confront this problem. For if goodness, ethical equality is the sole creative principle and the only explanation why there is any world at all, we can indeed ask, Whence, then, is evil It would obviously be less satisfactory, because less simple, to admit that value is, even in principle, only a partial explanation of what there is, that there is also an element of the sheer unexplained brute fact, of things just happening to be there; for the recognition of such unexplained brute facts was the rejected alternative to the hypothesis that ethical norms are creative (Leslie 43). Leslie's answer to the problem of evil is, in effect, to argue that there may well be no unabsorbed evils, when we take account of the value of lives that involve real choices against a background of discoverable causal regularities--whether those choices are causally
Wednesday, August 28, 2019
Jurisprudence Law Essay Example | Topics and Well Written Essays - 2000 words
Jurisprudence Law - Essay Example The law concept has to offer an account of the most essential or important aspects of a legal system and also accounts for the laws normativity4. It is important to establish the indispensable aspects of law so that it is possible to differentiate the legal and non-legal and also the legal validity and the legal invalidity. The law is widely known as a social institution that influences the realistic reasoning of agents. Social facts are a matter of what is considered as law and what is not considered as law; as a result we can determine the validity of the law by referring to social sources as opposed to moral evaluation. Law is not essentially obligatory because of its morality validity. Judges and lawyers should not bother with the question if a law is just or not but if there is any law of a particular issue. The law has particular features, and it have them because of its very essence or nature as law wherever and whenever it is established5. The law is a normative social practi ce because it asserts to direct human actions, bringing about a reasons for taking action. There is need to comprehend the general circumstances that would render all types of accepted norm legally valid. Judges and lawyers should consider the source of the norm as well as the matter of the content of the norm(s). This entails the general question on the legal validity conditions. Second, the normative feature of the law should also interest the lawyers and judges. Each legal norm has to be composed of a threat supported by sanctions. This takes in two different claims. To begin with, a law should be normative and norms, which are supported by sanctions of the political autonomy. Second, the close interrelatedness between the law and... The law is a normative social practice because it asserts to direct human actions, bringing about a reasons for taking action. There is need to comprehend the general circumstances that would render all types of accepted norm legally valid. Judges and lawyers should consider the source of the norm as well as the matter of the content of the norm(s). This entails the general question on the legal validity conditions. Second, the normative feature of the law should also interest the lawyers and judges. Each legal norm has to be composed of a threat supported by sanctions. This takes in two different claims. To begin with, a law should be normative and norms, which are supported by sanctions of the political autonomy.à Second, the close interrelatedness between the law and threat of imposing sanctions is a thesis about the lawââ¬â¢s normativity. From the moral perspective, we cannot take the recognition rules in themselves as basis for requirement to follow the law. The law is an institutionalized normative system, which is upheld by an agreement among the officials (judges and lawyers) who apply the rules and who are in a manner differentiated from the normal workings of value and reason. Alternatively judges and lawyers legal principles acquire their authority from a combination of content-based or the source- based considerations. Laws are integrity law propositions, which are true if they follow if figure in from the principles of fairness, justice, and the due process of process.
Tuesday, August 27, 2019
Women behave ambitiously and aggressive Essay Example | Topics and Well Written Essays - 250 words
Women behave ambitiously and aggressive - Essay Example On the same note, Sandbergââ¬â¢s personal experience shows that women are equally competitive as their male counterparts (5). In this respect, women should capitalize on their ambitions and aggressive workplace behavior in ensuring that they run the world alongside men. Women are not viewed positively in the workplace because they have given in to the stereotype threats where they believe that they cannot be on equal levels with the men balancing family and work responsibilities and hence end up giving up. This is further reinforced by the fact that women who are ambitious to be leaders are discouraged, shamed and even called unfriendly names. All this contribute to crashing their ambitious dreams and they resign to working at the lower levels in any workplace and letting he men take the lead. Even though ambitious women are not viewed positively in every work environment, it is important for women not to give up. Fight for affirmative action and promotion of women rights has been vibrant over the last several decades, an observation that occasions women to remain positive over their ambitions (Fels 120). In todayââ¬â¢s society, there are many women CEOs than ever recorded in history. In addition, Shafer (72) contends that women have increasingly taken up political leadership positions around the world. This shows that being ambitious and aggressive is positive, and women should allow the world to transition to this contemporary reality. If women perceive their ambitions to be positive, the global population will follow the same
Monday, August 26, 2019
Should the Electoral College be abolished Research Paper
Should the Electoral College be abolished - Research Paper Example The topic represents one of the widely practiced political functions which create a considerable impact in the context of politics and elections. However, the greater emphasis will be laid upon the fact that whether the Electoral College be abolished or not? Analysis of this topic will provide an-in-depth insights to the present scenario of Electoral College and its related pros and cons. Nevertheless, the main concern lies upon the fact that whether the Electoral College should be abolished or not? This topic is considered to be one of the widely discussed topics, especially in the US context and in the recent times, it has also raised numerous debates that have cornered the political system to a large extent. This system has taken the overall political arrangement in a one-dimensional manner and it is giving rise to lot of political interventions that is not favored by most of the citizens (Veldman, ââ¬Å"Abolish the Electoral Collegeâ⬠; International Debate Education Associa tion, ââ¬Å"Debatesâ⬠). However, one of the major arguments for the Electoral College is that it magnifies the margin of victory and produces clear winners. The Electoral College is also supported on the ground that it is equated with federalism while the direct popular election does not promote federalism. In addition, the Electoral College system is viewed to eliminate the fraud associated with direct popular voting system. It can be argued that the system of Electoral College is ideal with respect to the interest of nation as well as its citizen. (Heyrman, ââ¬Å"The Electoral College: A Critical Analysisâ⬠). Correspondingly, it can be argued that this system discourages the emergence of small and dangerous third parties. It has been viewed that this system promotes political stability and reduces political conflicts to a great extent. Furthermore, it can be stated that the proper utilization of this system, facilitate in overall welfare of the nationââ¬â¢s political system while its abolition ca n be viewed as threat to federalism. Besides, it has been observed that this system promotes benefit of having clear results and legitimate government (Williams, ââ¬Å"Reforming the Electoral College: Federalism, Majoritarianism, and the Perils of Sub constitutional Changeâ⬠). It has been reported on number of occasion the Electoral College is an outdated system and has potentially less relevancy in terms of modern political system. Subsequently, it can be argued that Electoral College is considered to be anti-democratic in nature and has arbitrary effects on the political set-up. It can be stressed that selection of representatives by Electoral
Sunday, August 25, 2019
Aviation Safety Management Program Research Paper
Aviation Safety Management Program - Research Paper Example Management is crucial in any establishment, especially in a bid to guarantee a workplace that is devoid of injury, illness, and death, hence ensuring optimal health and safety of all stakeholders. Blue Coral Copters is an exemplary organizational model in dire need of a comprehensive safety program. Analysis of the helicopter tour company reveals significant flaws in its safety management approach and non-conformity to various Federal Aviation Administration (FAA) safety management principles. Even though the company has an exceptional safety record compared to the general aviation sector, it has lax guidelines on the same (Hudson et al., 1994). Like most helicopter tour companies, Blue Coral Copters seems to advocate for the thrill of rides around the Hawaiian island at the expense of guaranteeing safety for the pilots and tourists. Safe, effective and profitable operation of the tour company should be the principal aggregate goal of Blue Coral Copters. Every stakeholder, from the o wner and proprietor to pilots and maintenance crews, should strictly adhere to the safety principles recommended and contribute toward hazard reporting, risk management, and other safety agenda. Information on these aspects will be shared through safety management meetings and notice boards. Pilots in this organization are known for their electric performance. Additionally, they are people with a lot of experience ranging from military aviators as well as police pilots. However, they are only evaluated by Nick regardless of the fact that they fly using dissimilar perspectives and styles.
Saturday, August 24, 2019
From War to War, the world in the years 1918-1939 Essay
From War to War, the world in the years 1918-1939 - Essay Example The U.S., being the only Western country with an economy nearly unaffected by the war was in a position to assist the war-torn nations. It supplied loans to Germany and Austria, the losing parties in the Great War. Germany and Austria, on the other hand, were obliged to pay reparations to France and Great Britain. Both Great Britain and France, for their part, had to repay the U.S. which had provided them with loans in the duration of World War I. In such situation, the U.S. financial institutions saw that investments in Europe had become no longer viable and they were prompted to pull out their funds out of the continent, leaving Germany and Austria in serious economic turmoil. The U.S too suffered greatly in the economic sphere. For a time, its agricultural sector grew while there was virtually no competition from Europe, which has yet to recover from the war. However, when Europeââ¬â¢s farmers began to produce the same agricultural products as the Americans came up with, an ove rproduction occurred. The crisis of overproduction eventually led into the downfall of a great number of farms and agricultural enterprises. As the stock market crashed in 1929, industrial and commercial activities came to a slowdown, depriving hundreds of thousands of workers of their jobs. The market contracted further and resulted in more joblessness. This was because ââ¬Å"consumer demand no longer sufficed to purchase all the goods that businesses produced, and when business realized that could not sell their inventories, they responded with cutbacks in production and additional layoffsâ⬠(Bentley & Ziegler, 2011, p.986). As America suffered great setbacks in its economy, a chapter in history called the Great Depression, the countries in Europe also began to experience worse economic crisis. Among those that bore the brunt is Germany. As the Great Depression wreaked havoc on the U.S. and other countries of Western Europe, the Soviet Union managed to pursue more seriously its own socialist economic programs. The Great Depression was pointed out as a sign that capitalism is a bankrupt system and that socialism is the only path towards economic development. Both V.I. Lenin and Josef Stalin were able to initiate programs that aimed to industrialize the Soviet Union, less concerned this time with external threats coming from the weakened West. Lenin, however, was pragmatic as he considered certain aspects in the economy that should bear the hallmarks of capitalist system at least for a certain period of time. Through the New Economic Policy or NEP, ââ¬Å"large industries, banks, and transportation and communications facilities remained under state control, but the government returned small-scale industries (those with fewer than twenty workers) to private ownershipâ⬠(Bentley & Ziegler, 2011, p.992). When Lenin died, however, his successor Stalin, decided to hasten the construction of a purely socialist state. He did so by overturning the NEP and i nitiating the collectivization of agriculture. The objective was apparently to bolster the efforts in national industrialization. However, Stalinââ¬â¢s policy led to the alienation of many peasants, especially the kulaks who benefitted much from the NEP. Discontent grew and many began to oppose the Stalinââ¬â¢s government. In response to this, Stalin used the full force of the state and the Communist Party in running after individuals who are suspected of opposing the policies
Friday, August 23, 2019
Songo fipaza Article Example | Topics and Well Written Essays - 500 words
Songo fipaza - Article Example . Fipaza was an industrious individual and had the passion to make his childrenââ¬â¢s dreams possible. Saucer was on the lookout for a solid buddy for the 2008 Cape Epic. The rules and regulations were strict as race organizations allowed identical racers to form a team. In South Africa it was difficult to find a sportsperson in this category in Specialized gear for this race. Top racers at that level were hard to find who were free from contracts. As the problem defied solution, Saucer thought of a charity run by creating own charity. Some Specialized seconded the idea and they were willing to come forward and Saucer negotiated with a South African, the GT rider of the time, Burry Stander. With this arrangement both would run in special uniform, specifically designed for the charity. With the major problem solved, the next issue was organizing the event. Charity and its objectives need to be notified. Ruth Bird rendered help and with his support they were fairly confident that everything would be in proper place to enable them to utilize the Cape Epic event to collect funds in support of some local sports organizations. Saucer mentions ââ¬Å"At an ABSA Bank dinner, by sheer coincidence, we met Songo Fipaza and heard of the need for sport in the Kayamandi township of Stellenbosch. Songo mentioned the need for a BMX facility, and that was it ââ¬â our goals were aligned! Extraordinary!â⬠(Christophâ⬠¦) The project began to take shape. They christened the charity as ââ¬Å"Songo.â⬠The procedural aspects of establishing a charity were still there. The authorities of ââ¬Å"the JAG Foundationâ⬠came forward to help. They made available the leverage of their infrastructure. They had good reputation and they were associated with ââ¬Å"the Mighty Meters program already running in Kayamandiâ⬠and they were well known in South Africa. Their next focus was to collect funds to build a BMX track. Another renowned individual Erica
Thursday, August 22, 2019
Studies in entrepreneurship Research Paper Example | Topics and Well Written Essays - 2500 words
Studies in entrepreneurship - Research Paper Example He outlines the resources needed in fulfilling the need identified. The entrepreneur is often responsible for the success of the business identified and its failure as well; therefore, he has to plan on how to manage the business amidst all the problems and challenges in the immediate and external environment. The entrepreneur often operates in some kind of an entrepreneurship ecosystem whereby he has to plan and develop tools that he can use to obtain additional funding and other resources needed in the achievement of the identified goals and objectives. For instance, he has to prepare his business plan in order get assistance from the bank and other financial systems. Entrepreneuship has caused the gorwth and development of small business intiatives to become large international ventures (Stevenson, 1997). This has led to great success of these multinational corporations that has been aided by resourceful and able networking among the stakeholders involved and the investors (Stevenson & Jarillo, 1990). During the course, one of the areas that interested me was the development of the social capital. This is because, in long term, it helps in achieving great internationalization in many business activities across countries of the world. This paper summarizes all that I have learnt, showing the areas that have been of great interest to me. Stevenson & Zarillo (1990), have been effective in their research about the different ways in which people can start and manage business activities. According to this research, entrepreneurship is an important activity through which people can identify and exploit their diverse potential in solving various needs in the society and corporate world. In the same way, Stevenson (1997), outlines the six different dimensions on the subject of entrepreneurship. Entrepreneurship in itself is a process that requires careful
Concord - Massachusetts Essay Example for Free
Concord Massachusetts Essay Although the transcendentalism movement was an extremely long time ago the ideas are still pertinent today. When Henry David Thoreau said, ââ¬Å"Let him step to the music which he hears, however measured or far away. It is not important that he should mature as soon as an apple tree or an oakâ⬠(247), that he would be telling people to be themselves many generations later. The transcendentalism movement took place during the early 1800ââ¬â¢s when America was developing its own writing style. The authors of the time all thought in the same wavelength. Some of them, such as Thoreau and Ralph Waldo Emerson belonged to a transcendentalism club in which they shared their ideas. Thoreau had ideas that he firmly believed in and tried to act upon his ideas. He wanted to live in solitude and be one with nature, so he went to Walden Pond and was semi-secluded from society. Except for a couple of times when he went to the nearby town for things he needed he was on his own. He did well with it, but wanted to move on with his life so he left Walden. After his experience, he decided to write about it in his book, Walden Pond. Thoreau tried to live his life based on his ideas no matter how extreme they may have been. These transcendentalists had many ideas that seemed to others to be extremely impractical. The authors thought that they could transform the world through their ideas. One of their main ideas was that we are all true individuals and should not conform to whatever the ââ¬Å"normâ⬠is. Thoreau tells us to live our own life, whether it be good or bad, it is ours. ââ¬Å"However mean your life is, meet it and live it; do not shun it or call it hard namesâ⬠(247). Also, we should do the morally right thing. We should do what our heart says is right and not always listen to our heads. They also wrote in an optimistic view and their writings were very inspiring. All of their ideas are relevant today on some level. People are reading Emerson and Thoreau as though they were on the current best sellers list. Not everybody reads the material because they are assigned it, but rather they are using it as a tool to find out how to live their lives. All of our lives we are told to be ourselves and not to go along with the crowd, and that is the same thing Thoreau said over a century ago. Furthermore, we are told to do the right thing, however, today we use more our heads than our hearts to make decisions. As we read their writings weare inspired to change our lives, but most of us find it to hard to change. As a society we like to choose the easy way out, and in this case it is a lot easier to go along with the crowd than it is to stand out. We care so much about fitting in that we donââ¬â¢t want to be different because we fear that nobody will like our true personalities. Henry David Thoreau was trying to inspire his generation to lead their own lives, but he must have had a loud voice because we hear him loud and clear many years later. Unfortunately, we donââ¬â¢t have the courage that he had to act on his ideas. It is almost as if we are not born individually anymore, now societies are born as a whole and they do not contain any individuals. We need to spend more time stepping to the beat of our own drummer.
Wednesday, August 21, 2019
Child Labour (Prohibition and Regulation) Act 1986
Child Labour (Prohibition and Regulation) Act 1986 BANDARI RAMESH Introduction Many of the countries are believed children are big resources of their country in the context of well being and development. According to the eminent person Herbert Hoover, 31st president of United States said that ââ¬Å"children are our most valuable resourcesâ⬠. Therefore, government of the each country start many programs and laws for protecting children from various conditions. I would like to explore the topic about ââ¬Å"Child labour (prohibition and regulation) actâ⬠in the year of 1986. Along with why government look into this act and provisions, what are the significant impacts of child labour by this act? These would be explained in the following paragraphs. First and foremost, what are the reasons behind causes of child labour, Child labour is socio-economic phenomenon. This phenomenon is trapped in vicious circle by poverty, illiteracy, unemployment, demographic expansion, deep social prejudices and above all the government interest are commonly consider as the most prominent causative factors for large scale employment children. It has been officially started that ââ¬Å"child labour no longer of economic exploitation but it necessitated by economic necessity of the parents and many cases that of the chid himselfâ⬠. Moreover, there are several causes which have failed to check out child labour. Particularly in India the causes of failure are poverty, low wage of the adult, unemployment, migration to urban areas, large families, lack of subsistence income and children ignorance by parents these are incentives to the children comprises in the activities. In order to tackle this problem government has initiated some acts before enacted this act that are Merchant Shipping Act, 1951 Mines Act, 1952 Motor Transport Workers Act, 1961 Beedi and Cigar Workers Act, 1966 Due to improper implementation of existing acts and the lack media coverage these acts sufficiently not benefited to children. That is why; government has taken step to reduce child labour in the field of formal and informal sector. At that time act was come out that is child labour (prohibition and regulation) in the year 1986. In addition, Indian constitution provides many provisions to the child, prohibited child labour and it also mention the rights of the child. They are, Article 23: prohibition of employment children from factories Article 39: certain principles of policy to be followed by state that are referring to the secure of children that the health and strength of workers, men and women and the tender age of age children are not abused and that citizens are not forced by economic necessity to enter evacuation and unsuited their age and strength. Article 45: provision for early childhood care and education to the children below the age of six years. Article 21-A: right education the state shall provide free and compulsory education to all children age of six to 14 year. Even though, children were exploited by the factories and small scale industries. Therefore, the government of India enacted that was ââ¬Å"child labour (protection and prohibition)â⬠in the year 1986. This is an act prohibit the involvement of children in certain employments of hazardous places and to regulate the conditions of doing work for the children in certain other employments of non hazardous nature. Although there are little legislation which prohibit employment of children below 14 years and 15 years in certain specified employments but there is no specified procedure laid down in the legislation for deciding matters relating to employment, occupation are processes which necessities the prohibition children employment therein. At the same time there is no law for regulating the working condition of the children in the most of the employments where employment of children is not explicitly prohibited and the children are working exploitative conditions. Therefore the m ain intension of this act basically, which is ban the employment of the children below the age of 14 years in the specified occupation and processes to lay down for procedure introducing modification to the schedule of banned occupations or processes from time to time whenever need arises to regulate the condition of the children in employment where they are not prohibited works to prescribe the enhanced penalties employment for children if they are violation by the employers and management as per the child labour(prohibition and regulation) act 1986 the committee addressed that is ââ¬Å"childâ⬠means a person who has not completed 14 years old the act prohibit employment of children in engaging 18 occupations like, transport at passengers and goods or mails by railway, work relating to the at construction and railway works, foundries, handloom and power loom industry, mines and plastic factories, domestic houses and automobile workshops and garages. Similarly, 65 process works for example, beedi making, carpet weaving, manufacture of matches and explosive or fireworks as well different industries, factories, coal mines, manufacture industry above these placed in part A, part B areas. Regarding these works children are prohibited by this act under the act, ââ¬Å"the child labour technical advisory committeeâ⬠constituted to advice the central government for the purpose of additions of occupations and processes in the schedule parts the act regulates the condition of all employment in all occupations and processes The main provisions are, no child shall be permitted to work in any establishment in excess of such number of hours, as may be prescribed for such class of establishment. The period of work each day shall be fixed no time to exceed three hours and that no child should not work more than 3 hours. Moreover, every child employed in an establishment shall be allowed in each week, a holiday or whole day, which day shall be specified by the occupier In a notice, every occupier shall maintain, in respect of children employed or permitted work in any establishment, register should be available for inspection by n inspector at all times during working hours or when work is being carried on there is tendency first, should be noted nm end date of birth of the every child employed to work, hours and periods of work of any such child on the intervals of rest to which is entitled, the nature of work such child, like that related information should be prescribed. In addition, the government made ga zette form for chid basis on health and safety on the children employed as well addressed minimum amenities should be provided by the owner at the working places. When the children are working in hazardous places it is found by someone he has right to complaint to the near police station. In addition, consequences of child labour, it is impact children physical and mental growth development as well health disease like, respiratory problem, skin disease, they will become disabled, bone fractured. These are lead to ill development. Interventions Education is very important part of the development. Lack of schooling and engaging family needs daily then, studies have found low enrolment and high children employment, schools are the platforms for the early intervention against child labour. Child labour can be controlled by economic development increasing awareness and making education affordable across all levels, and enforcement of all anti child labour laws. The government of India has taken certain initiative to control child labour started a program in 9 district that is ââ¬Å" NATIONAL CHILD LABOUR PROJECT (NCLP)â⬠under the schemes funds given to the district collector for running special school for child labour as well under this scheme provides formal and non-formal education, vocational education and spends 100 rupees per month. In one hand, how this act impacts on children life, primarily, based on this act government has expended this act in 2008. As well as, two acts were came that are ââ¬Å"the juvenile justice (care and protection) in 2000, this act made prevent the bondage child labour as well if any one procure the children for domestic and industry works those persons punished by regarding this act. In the year of 2009, government has made act for education to the child that is ââ¬Å"Right to education (RTA)â⬠by this act free and compulsory education to all children between six to fourteen years. According to this act government has addressed that 25 percent of seats should be allocate for the disadvantages people. Moreover, between the 1981 to 1991 national sample survey organization conducted 43rd round of surveys itââ¬â¢s convey that the estimates the number of children was to the tune of 17.30 millions. As per the 1991 census, revealed that the number of working children in India was 1 1.28 million. This Number gradually decreasing in the following years. Because implementation of labour act by the legislation. The 1998 national census of India estimated the total number of child labour to be at 12.6 million out of total 250 million of child population. This count was reduced to 5 million in the year 2009. The 2011 national census of India found that the national number of child labour , aged five to fourteen to be 4.30 million out of the total 260 child population. By this enumerate we have observed child labour was gradually reducing due to child labour acts as well another government schemes. For example, in the ââ¬Å"domestic householdsâ⬠before implementation of act the children are working in restaurant and as a domestic labour more than 20 million than when the government of expanded the child labour prohibition and regulation act and banned the children from domestic works as result of, as per the 2011 census, less than 0.1 million children are engaged as a child l abours. In addition, effect of this child labour act 1986, influence on children education and health as well as human development these all are contributed to increasing Indian economy and human development index. This act has impacted on education of children as well it is lead to improve aggregate literacy rate by in the year 1981 total average literacy rate is around 44 percent. This was increased to 52.3percent in the year of 1991, as per the 2011 this literacy rate was increased to 74 percent we observed contribution of provision of act stop to children in work places and push them in to schooling as well according to the 2011 census, children are engaging a fewer in the factories and industry as a result, child death rates were gradually decreased. On the other hand, loopholes and weakness in the child labour (prohibition and regulation) act 1986, while prohibiting bonded child labours from hazardous industries also allow it to thrive in other forms. A child working in a factory consider hazardous and is not to allowed. But if the child is a part of family labour, he is allowed to work. Hence the act 1986 has a large scope of exploitation of children. If they could be brings under the family-child labour phenomena. Eventually, poverty is one of the important factors of raising child labour. Hence enforcement alone cannot help solve it. So the government has been laying lot of emphasis rehabilitation of these children and should be improving economic condition of their families. In India many NGOââ¬â¢s working for eradicate child labour like, CARE and CHILD ROGHT TO YOU, government need to boosting these NGOââ¬â¢s, similarly, government need to enforcing right to education in the tribal areas. Moreover, government has to be expanded NCLP schemes to maximized districts. Government should be takes a fore step to domestic child labour and extract laws from other countries and implement in India. As well, Supreme Court shall takes significant steps whether punishment or control for exploitation of articles 23, 24 and 21A. Individually who are educated they should be provide awareness to STââ¬â¢s, SCââ¬â¢s and below poverty level people about important of child for our country development . References Fuller, R.G., (1994), ââ¬Å"Child Labour and Constitutionâ⬠, Ashish Publishing House,à New Delhi, page no.283. Dewan, V.K.,(2009), ââ¬Å"Child labour A Socio-legal Perspectiveâ⬠, pentagon publication,à NewDelhi, p.582. Purushottam kumar,p., (2010,june 25), ââ¬Å"Need to look in to Child Labour act 1986â⬠, Lawersà Club India website., google.
Tuesday, August 20, 2019
Defining Health And Wellness Health And Social Care Essay
Defining Health And Wellness Health And Social Care Essay In my essay I will discuss how I will cater for my health and wellness ideologies, my definition of health and describe my beliefs about what health is. I will discuss three aspects of the dimensions of health and the factors which could affect my health, what determinants influence my health using the dimensions of health model and explain how I will use that model to assist in my goal towards achieving my optimal health wellness. Being healthy and maintaining wellness means having a body that is in good shape to allow my ideologies of my life suited to the development of an excellent well-being through relationships the community in which I live. My wellness involves giving good care to my physical self, using my mind constructively, expressing my emotions effectively, being creatively involved with those around you, and being concerned about your physical, psychological and spiritual environment. Wellness means more than not being sick; it means taking steps to prevent illness and to lead a richer, more balanced, and more satisfying life. The physical dimension of wellness deals with the functional operation of the body and involves health related components of physical fitness. The people that surround me and my situational environment in its entirety assist me in making sound decisions in relation to my health. My wellness on the other hand I define as my choice to be responsible for the quality and value of for my life. l make conscious decisions to achieve a healthy lifestyle. I choose to make these conscious decisions by a learned throughout my life for which I value today. My mind-set is that I have this powerful tool to use and a predisposition which is in place to lead a satisfying traditional health and wellness. A health wellness modelled today by others within my society. Health and wellness was once characterised as the absence of disability or any form of disease. This is a medical definition or a medical model. However this suggests and ultimately promotes that any person who has a disability cannot at all achieve wellness. However I believe I can achieve wellness if I would opt to function responsibly for improving myself. I am looking at me as the whole, for my health and wellness, refers to the interconnection my body, mind and soul. My engagement in the form of physical activity, exercise, recreation, physical health and wellness also considers ones possible involvement with drug abuse, tobacco usage, and alcohol addiction. Another dimension addresses good mental and emotional health in performing ones daily and specialized activities. This includes continually feeding my mental faculty to acquire more knowledge. Task two I believe health is a unified system of personal performance that is concerned with making the most of the potential to maintain a better health and wellness. This potential requires me to sustain a range of balances and a focused track of ideologies within my environment in which I need to function to maintain homeostasis. Here I will discuss using the dimensions of health model key factors that affect my health. I identify with Edlin and Golantrys health wellness model, holistic health. Using my surroundings, my environment that I live in to maintain my boundaries within my lifestyle and objects and people that surround me to help make me complete with a prospective health wellness. By involving a holistic approach with faith and hope I incorporate my moral beliefs, a moral grounding my learned from my upbringing. I use this as a guide to perform tasks on my mental stability, a feel good approach to wellness. I am emotional and sensitive towards others. My emotional approach I use to support my partner and everyone that crosses my path that are in need of help. Whereas my partner supports what I need to maintain in the practical sense of issues that surround my health and wellness, my physical support. The positive reasoning is that I feel good when those I care about feel good and I have made a difference in their lives. My partner is my rock, my soul mate a stable being in my life that I need to keep me grounded and on task for lifes events that may arise such as undue stressors. Thus maintaining stability mentally I can function on other areas where strength is needed to maintain health wellness within myself as a living soul physically. Without mental stability I feel it would hinder my ability to function on all other levels to maintain an overall stable health wellness. My social stance in the community I believe makes me a holistic being, using the holistic social approach I utilise people from other cultures and genders to meet a standard of need for care and understanding of myself. Understanding my needs and necessities in life leaves no one left out and felling isolated. I am active and expressive in my thoughts spiritually I make my feelings and thoughts obvious and where I dont understand I ask, therefore putting these feelings into thoughts and becoming spiritually aware of my beliefs helps me understand. Becoming more of a helper and trusting within a human care relationship. Encompassing my spirit for strength in times of guidance the same guidance I can use to help maintain my health wellness using expressive, positive and negative feelings within a supportive, protective, and counteractive mental, physical, societal, and spiritual environment. My faith helps me to identify my purpose in life; helps me to learn how to experience love, joy, peace and fulfillment. The ability to laugh, to enjoy life, to adjust to change, to cope with stress, and to maintain intimate relationships are examples of the emotional dimension of wellness. My family, my pets, my friends keeps me laughing and they bring so much joy to my life. I am maintaining the weight that I want to me, I am eating an even more balanced diet and I am abstaining from any and everything that is harmful to my body and I am definitely staying physically active. In my life I have always had ways to deal with the stress of this life with the help of God, my family, my church family, my friends and even when there is no one around just sitting there holding my cat seems to take away some of my anxiety. The environmental dimension of wellness deals with preservation of natural resources as well as protection of plant and animal wildlife. I am very satisfied with my current lifestyle choice. You have to laugh to keep from crying is so true. Every day you are bombard with so much from this world and if you do not have an outlet or a way to deal with stress, this world can literally drive you crazy. Well I have no problems in that area, being that I have to study everyday since I am in college. Spiritual dimension of wellness involves the development of onetms inner self and onetms soul. Much of my life will be spent at work when I do get out into my career field and I will have to maintain a balance between work time and leisure time. You know that saying A mind is a terrible thing to waste and if you dontmt use your mind it will atrophy. I am taking steps to increase my flexibility level but incorporating it into to my morning devotion and my evening devotion and before and after I do any work in my yard, before and after I go walking or jogging with my family and my dog. And this is where the physical, emotional, social, intellectual spiritual dimens ion of wellness will help me to deal with the stress of working in the health care field.
Monday, August 19, 2019
American Airlines Competitive Strategy Essay -- essays research papers
Evaluate Americanââ¬â¢s 1992 announcement of a new rate structure: a. What changes did American make? American Airlines (American) made four fundamental changes to its rates. First, it moved to a four-tier rate structure; American offered first-class rates and three tiers of coach: full-fare, 21-day advance purchase and 7-day advance purchase. Overall, it expected to reduce coach fares by 38% and first-class fares by 20% to 50%. Though full fare coach prices dropped by about 38%, advance-purchase fares dropped by 6% when compared to the advance purchase tickets already being offered. Through this fare structure, American also eliminated deep discount tickets. Second, American eliminated the negotiated discount contracts of many large companies. Though it intended to fulfill any outstanding contracts, it did not intend to renew any of these contracts. Third, American realigned its pricing with its costs. Under the new structure, American fares were more distance based (therefore cost-based) than they had been in the past. Finally, American changed its non-refundable policy. Advance pu rchase tickets could now be rescheduled for a $25 processing fee. b. Which customers benefited most from the move? Were any customers made worse off? There are five groups of customers that are affected by the rate changes. Travel agents are affected financially by reduced fares that will result in reduced commissions. On the other hand, Americanââ¬â¢s four-tier structure substantially reduced the numb...
Sunday, August 18, 2019
Free Hamlet Essays: Father and Son in Hamlet :: The Tragedy of Hamlet Essays
Father and Son in Hamlet Although they may exhibit some similar traits, all fathers and sons are individuals. They are, or will become, their own man. This development is based on life experience, which is never the same for any two people. In the case of King and Prince Hamlet, this also holds true. King Hamlet must have been a good father for his son to be so devoted and loyal to him. It almost seems that the Prince made an idol of his father. In Prince Hamlet's first soliloquy he described his father as an excellent king, a god-like figure and a loving husband. It is strange that the Prince did not convey information about being a loving father. It is left for us to infer that there must have been a special bond between father and son for the Prince to be so willing to carry out retribution against his father's murderer. Hamlet describes his father in this way: "See, what a grace was seated on his brow:/ Hyperions curls, the front of Jove himself,/ An eye like Mars, to threaten or command/ A station like the herald Mercury" (Act III,scene IV,55-59) Prince Hamlet feels a great obligation to carry out the direction of the ghost of his father to avenge his father's death. Here we see a bit of his conflict. Since there doesn't seem to be much description of interaction of King and Prince, it is left to us to decide if Hamlet loved his father or he has agreed to avenge the death of his father due to a sense of filial duty. After the Prince has killed Polonius, the spirit of King Hamlet reappears for the 2nd time to the Prince when he is condemning his mother for her misdeeds. It almost seems like the ghost is acting just like most fathers. He seems to be prodding a too slow child. The ghost reminds Hamlet that he has promised to get revenge for the King's death. Prince Hamlet does seem to feel conflict in carrying out the charge. When and how to act and how fast are questions that appear in his mind. What was Prince Hamlet like? In Act III scene 1 (158-162) Ophelia describes him, before his father's death, as an accomplished man. "O, what a noble mind is here o'erthrown!/ The courtier's, soldier's scholar's eye, tongue, sword;/ The expectancy and rose of the fair state,/ The glass of fashion and the mold of form,/ The observ'd of all observers, quite, quite down!
Saturday, August 17, 2019
A Conceptual Study on HR in Special Reference Essay
ABSTRACT In the present globalized era the environmental changes took place very frequently. So if an organization wants to compete in the cut throat competition they have to cope up with these changes. In the past several decades, technology has had a dramatic impact on human resource management (HRM) processes and practices. For example, technology, especially the World Wide Web, has helped modify many HR processes including human resource planning, recruitment, selection, performance management, work flow, and compensation. These new systems have enabled HR professionals to provide better service to all of their stakeholders (e.g. Customers, Shareholders, Suppliers, Government, Employees etc) and reduced the administrative burden in the field. Despite the widespread use of these systems, there has been a surprising dearth of theory and research on the topic. As a result, the purpose of this special issue is to (a) Human Resource Information System, (b) advance theory and research on human resource management systems (HRMS) and electronic human resource management (eHRM), and (c) Enhance the effectiveness of these systems in organizations. As a result, this article reviews the evolution of HRIS and provides a brief overview of the existing literature, and introduces the article in the special issue. ââ¬Å"HRIS is a management system designed specifically to provide managers with information to make HR decisions.â⬠In the present vast knowledge economy information is power. For efficient management of human assets, HR professional requires accurate and timely data on Recruitment & Selection, Training and Development, Human Resource Planning etc so the aim of paper is to present a conceptual knowledge of HRIS and to explore the impact of information system on HR performance. Key words:- HRM, HRIS, eHRM, HRMS, Stakeholders 1. INTRODUCTION Since the emergence of the internet throughout the world around 1995, many business functions have been transformed. After dealing with accounting, finance and marketing, many companies are shifted their attentions to find a better way of monitoring their Human Resource Management (HRM). Many companies are transforming their HRM functions from manual workflow to computerized workflow. Computers have made the tasks of analyzing the tremendous amount of human resource data into a simple task. Computer hardware, software and data base help organizations maintain and retrieve human resource better and simpler. According to Gara (2001) and Walker (1982), a Human Resource Information System (HRIS) will help organizations ââ¬Å"keep an accurate, complete, updated data base that can be retrieve when needed from reports and manuals.â⬠Then Tannenbaum (1990) defines an HRIS as a system that will acquire, store, manipulate, analyze, retrieve and distribute information about an organizationââ¬â¢s human resources. Kavanagh et al. (1990) defined HRIS as ââ¬Å"a system used to acquire, store, manipulate, analyze, retrieve and distribute information about an organizationââ¬â¢s human resources. An HRIS is not simply computer hardware and associated HR-related software. Although an HRIS includes hardware and software, it also includes people, forms, policies and procedures and dataâ⬠. HRIS is a key management tool which collects, maintain, analyses and reports information on people and jobs. It is a system because it integrates all the relevant data, which otherwise might have been lying in a fragmented and scattered way at various points ion the larger system; converts this data in to meaningful conclusions or information and makes it accessible to the persons, who need it for their decisions. It is a concept which utilizes the development of Information Technology for effective management of the HR functions and applications. HRIS helps organizations in managing all HR information. It helps in recoding and analyzing employees and organizational information and documents, such as employee handbook, emergency evacuation and safety procedures. The nature of HRIS varies among organizations in relation to their size. In small organizations, it tends to be informal whereas in large organizations, it is more formal and coordinated. Lengnick-Hall and Moritz prompt HRIS to be implemented at three different levels: â⬠¢ The publishing of information â⬠¢ The automation of transactions â⬠¢ Transformation of HR into a strategic partner with the line business 2. HRIS ââ¬â Why it is needed? â⬠¢ Storing information and data for each individual employee. â⬠¢ Providing a basis for planning, decision making, controlling and other human resource functions. â⬠¢ Meeting daily transactional requirements such as marking absent and present and granting leave. â⬠¢ Supplying data and submitting returns to government and other statutory agencies. â⬠¢ Building organizational capabilities. â⬠¢ Job design and organizational structure. â⬠¢ Increasing size of workforce. â⬠¢ Technological advances â⬠¢ Computerized information system â⬠¢ Changes in legal environment 3. COMPONENTS OF HRIS There are three major functional components of HRIS : â⬠¢ Input function ââ¬â It enters personnel information into the HRIS. Data entry in the past had been one way, but today, scanning technology permits scanning and storage of actual image of an original document, including signatures and handwritten notes. â⬠¢ Maintenance function ââ¬â It updates and adds new data to the database after data have been entered into the HRIS. â⬠¢ Output function ââ¬â It is the most visible function of HRIS. In order to generate valuable output for computer users, HRIS processes output, makes necessary calculations and formats the presentation. It should be noted that most important elements of HRIS are not the computers, rather, the information. So, the components of HRIS should support validity, reliability and utility of information. 4. HRIS APPLICATIONS AND UTILITIES Personnel administration ââ¬â It will encompass information about each employee, such as name address, personal details etc. Salary administration ââ¬â Salary review procedure are important function of HRM, a good HRIS system must be able to perform what if analysis and present the reports Of changes. Leave and absence recording ââ¬â Essentially be able to provide comprehensive method of controlling leave/absences. Skill inventory ââ¬â It is also used to store record of acquired skills and monitor the skill database both employee and organizational level. Performance appraisal ââ¬â The system should record individual employee performance, appraisal data, such as due date of appraisal, scores etc. Human resource planning ââ¬â HRIS should record details of the organizational requirements in terms of positions Recruitment ââ¬â Record details of recruitment activities such as cost and method of recruitment and time to fill the position etc. Career planning ââ¬â System must be able to provide with succession plans reports to identify which employee have been earmarked for which position. Collective bargaining ââ¬â A computer terminal can be positioned in the conference room linked to database. This will expedite negotiations by readily providing up to date data based on facts and figures and not feelings and fictions. THE HRIS MODEL [pic] 5. CONTRIBUTE VALUES TO HR THROUGH HRIS: HRIS serves two major purposes in organizations: HR ADMINISTRATIVE AND OPERATIONAL ROLE: The first purpose of an HRIS is to improve the efficiency with which data on employees and HR activities is compiled. Many HR activities can be performed more efficiently and with less paperwork if automated. HR STRATEGIC ROLE: The second purpose of an HRIS is more strategic and related to HR planning. Having accessible data enables HR planning and managerial decision making to be based to a greater degree on information rather than relying on managerial perception and intuition. 6. HRIS IMPLEMENTATION: Implementing anything is part of project Management. Implementing HRIS in organization is a big activity which require support of many stakeholders such functional, HRIT S, IT Vendor and project manager. Implementation can be divided into given below parts. â⬠¢ Need Analysis. â⬠¢ Vendor Selection. â⬠¢ Process Mapping and complete data gathering. â⬠¢ Creation/Deployment of HRIS application in Test server. â⬠¢ Testing by sample users. â⬠¢ Pre-deployment training to users. â⬠¢ Deployment of HRIS in production. â⬠¢ Post Training and Support. â⬠¢ Feedback. 7. BENEFITS OF HRIS When the administrative tasks and processes of any human resources department become overwhelmed, the most appropriate solution would be to implement the human resources information system. Common administrative functions that involve filling reports and completing paperwork take up a lot of time of the human resource department and this is where the HRIS comes in. Many businesses nowadays are now realizing the importance of HRIS and using the software to increase the efficiency of the whole company. The following are some of the major benefits of HRIS. a. Improves productivity The HRIS systems assist in enhancing both the productivity and workflow of the human resource department. This is because, all the data is usually collected and placed in a central database. This is very beneficial since data is going to be very easily retrieved from the database. b. Saves time Through reducing the total amount of time spent on the administrative functions, human resource employees are able to focus on other essential duties. For example, they can carry out other productive functions like creating presentations, training staff members, succession planning and recruiting since they have enough time due to the HRIS system. c. Improves communication with the employees HRIS creates a database that each employee has access to and thus you will be able to communicate better with your employees through the network. It also has email scheduling capabilities that make it very efficient in terms of assigning jobs to various employees in a very short period of time. d. Creates self-service options Due to the fact that all the relevant information concerning the company or business is placed in large database, the employees can be able to access useful information without having to spend a lot of time going from one office to the next. At the same time, it is very easy to update the information in the database for proper administration. The only disadvantage is that important data concerning your company might be stolen particularly nowadays where there is a great increase in cyber crime. 8. THE CHALLENGES OF INDUCING HRIS SOFTWARE INCLUDES: Selecting right HRIS vendor: The selection of software vendor is the most critical of all the decisions. A successful ERP vendor is not always the best provider of an HR solution. A vendor with experience of developing most of the solutions related to human resource, whether in the personnel or talent management domains or other processes associated with HR offers a better choice, and if such a vendor has the strength of utilizing latest technology & a vision to perceive the future needs of HR fraternity, he may rate the highest on the scale. Mere branding of the products does not necessarily mean quality, though it does carry a higher price tag. Moreover, a vendor providing complex solutions, for which special skills may be needed for initial data entry, maintenance & creation of management reports, need not be rated high. If HRIS software can not configure the existing workflows in an organization and wants the user to adapt to the Vendor HR processes, it is likely to be heavy both on training time & costs and may also gather resistance to its usage at the grass root level. A dedicated and customer oriented vendor will move a mile extra to map all client processes on his solution and indicate well in advance the extent of customization required. He may even introduce a set of best practices provided by his solution but leave their adoption to the client. A good HRIS vendor is conscious of the cost but always sells quality. Onus of responsibility ââ¬â There is a misconception that introduction of HRIS can relieve HR Manager of all responsibilities. To large extent, HRIS can free up HR Manager from transactional tasks. However, it also brings with it a new set of responsibilities to ensure that the software is being used and implemented correctly. The onus of co-operating with the software vendor and ensuring successful deployment lies with the client HR manager. Over expectations ââ¬â Due to overstress on the benefits of HRIS software, partially by the media and partially by the marketing departments of software vendors, organizations have developed larger-than-life expectations from the software solutions. When the solutions are unable to deliver these over-expectations, the clients tend to lose confidence in the vendors. The only way out is either pre-sales discussions or a clear statement of user expectations in the form of a Request for Proposal (RFP) document, to which the vendor responds as per the strengths of his solution, including the additional effort required for customization, if the same is technically feasible. Resistance to change ââ¬â Employees at the client location are attitudinally inclined to use only the existing system. They enjoy the loopholes in the processes, moreso the inability of a manual system to track progress. Therefore, they offer great resistance to change, especially if the change calls for the acquisition of new skills by the employee. Their resistance to change leads to lack of enthusiasm and co-operation in successfully implementing software systems. The onus of responsibility for change management lies entirely with the client, but some vendors do offer HR consultancy as a supplement to their solutions. Training Requirements ââ¬â HRIS software may have a completely new interface, large number of functions and specially configured workflows. It may demand users to exhibit some level of expertise in understanding the technology solution. When faced with the new software, user experiences anxiety and may display discomfort in using the system. Such discomfort can result in remaining ignorant of various features, thereby denying to yourself the benefit of full exploitation of the software. A good software vendor can resolve this issue by providing on the system training to key personnel and prepare them as torch bearers. He would also provide sufficient on-line help features to all the users. Configuration and Data transformation ââ¬â Configuring software to an organizationââ¬â¢s need and transferring data from existing database to new HRIS is another issue that needs to be handled carefully. The existing data may be either on paper or excel files or in some other form of database. Due to ignorance by employees at client location, the data may not enter the new system in the desired manner, thus obstructing the smooth and efficient functioning of the system, besides creating an inventory of bugs. Best solution to this malady is for the Vendor to obtain data from the client as per a standard template, validate it with a program and consider initial data entry as a service provided to the customer. Software Errors and Bugs ââ¬â Bugs, error and opportunities for improvement are integral part of software. Expecting HR Software to be picture-perfect and without any errors/ omissions is unfair. These bugs need not scare people since these can be resolved through mutual co-operation between the vendor and client. Once settled, they do not reappear.However, if new bugs surface with higher levels of exploitation of the software, these should be taken as encouraging signals both by the client and the vendor. Work Flow Changes ââ¬â When you install HRIS software, you also install some innovative globally accepted HR practices and workflows. If you have these practices for the first time, some of the members in your organization may not feel comfortable with the changes, especially the change of work flow. Such changes should be handled very carefully as they can have significant emotional impact on the team members. HR should be ready to award benefit of doubt to the members who suffer a negative impact due to these changes and allow ample time for the new workflows to set in. You need preference and commitment to introduce systems. Remember this if you are keen to implement HR software solutions. 9. CONCLUSION: HRIS has a very wide scope in developing countries. It is applied in personnel administration, salary administration, leave/absence recording, skill inventory, medical history, performance appraisal, training and development, HR Planning, recruitment, career planning, negotiation etc. It is very important for an organization to clearly identify its system requirements before implementing HRIS. This would enable to decide the appropriate level of sophistication of HRIS and would lead to optimal utilization of scarce resource. HRIS database should be used as a single source of all information. This would lead to the development of an integrated HRIS platform for the whole organization. In todayââ¬â¢s corporate world human resources has come to play a very critical role. Whether it concerns the hiring and firing of employees or whether it concerns employee motivation, the Human Resources department of any organization now enjoys a very central role in not only formulating company policies. A complete HRIS links all human resources data from the time professionals enter pre- service training to when they leave the workforce. Continuous monitoring and evaluation is vital in determining what an HRIS is accomplishing, what needs to be improved and whether results are being achieved. In future, Human Resource Professionals will be more dependent on higher level and integrated HRIS approaches in order to support more complex as well as free forms of organizations. 10. REFERENCES: 1. Prof. Bhavsar C. Anil, ââ¬Å" A conceptual paper on HRIS â⬠vol.1,Issue.v/Nov.2011pp.1-4. 2. Gara,S.J.(2001). ââ¬Å"How an HRIS can impact HR: a complete paradigm shift for the 21st century. Society for Human Resource Management (SHRM) White Paper, Retrieved November 11, 2002, from http://www.shrm.org/whitepeper/documents/default.asp?page=63001.asp 3. Kovach, K.A., & Cathcart, C.E. (1999). ââ¬Å"Human resource information systems: providing business with rapid data access, information exchange and strategic advantage.â⬠Public Personnel Management, 28 (2), 275-282. 4. Tannenbaum, S. I. (1990). HRIS: user group implications. Journal of Systems Management, 41 (1), 27-32. 5. Walker, A. J. (1982). HRIS Development: A Project Team Guide to Building and Effective Personal Information System. New York: Van Nostrand Reinhold Company. 6. Lengnick-Hall, Mark L. and Moritz Steve (2003), ââ¬Å"The Impact of e-HR on the Human Resource Management Functionâ⬠, Journal of Labor Research. 24(3), pp. 365-379. BOOKS 1. Hilkka Poutanen, DEVELOPING THE ROLE OF HUMAN RESOURCE INFORMATION SYSTEMS FOR THE ACTIVITIES OF GOOD LEADERSHIP, Acta Univ. Oul. A 553, 2010, ISBN 978-951-42-6171-8 (Paperback). 2. Mohan Thite & Michael J. Kavanagh, Evolution of Human Resource Management and Human Resource Information Systemsâ⬠The Role of Information Technologyâ⬠, TMH. 3. Michael D. Bedell, Michael Canniff & Cheryl Wyrick, Systems Considerations in the Design of an HRIS ââ¬Å"Planning for Implementationâ⬠, TMH
Hybrid Network Security
ACCEPTED FROM OPEN CALL SECURITY ISSUES IN HYBRID NETWORKS WITH A SATELLITE COMPONENT AYAN ROY-CHOWDHURY, JOHN S. BARAS, MICHAEL HADJITHEODOSIOU, AND SPYRO PAPADEMETRIOU, UNIVERSITY OF MARYLAND AT COLLEGE PARK ABSTRACT Satellites are expected to play an increasingly important role in providing broadband Internet services over long distances in an efficient manner. Most future networks will be hybrid in nature ââ¬â having terrestrial nodes interconnected by satellite links. Security is an imporSSSL tant concern in such networks, since the session 2 Proxy satellite segment is susceptible to a host of attacks, including eavesdropping, session hijacking and data corruption. In this article we address the issue of securing communication in satellite networks. We discuss various security attacks that are possible in hybrid SSSL session 1 SSSL handshaking and satellite translation at client proxy (RPA) networks, and survey the different solutions proposed to secure data communications in these networks. We look at the perforMost future networks mance problems arising in hybrid networks due to security additions like Internet Security Prowill be hybrid in tocol (IPSec) or Secure Socket Layer (SSL), and suggest solutions to performance-related nature ââ¬â having problems. We also point out important drawbacks in the proposed solutions, and suggest a terrestrial nodes hierarchical key-management approach for interconnected by adding data security to group communication in hybrid networks. satellite links. Security is an important concern in such networks, since the satellite segment is susceptible to a host of attacks, including eavesdropping, session hijacking and data corruption. INTRODUCTION With the rapid growth of the Internet, satellite networks are increasingly being used to deliver Internet services to large numbers of geographically dispersed users. The primary advantage of satellite networks is their wide broadcast reach ââ¬â a satellite can reach users in remote areas where terrestrial connectivity is not available. Satellite networks are also easily and quickly deployed, and can be a more cost-effective solution in areas where laying ground fiber networks would be too expensive. Although satellite networks offer great potential, they also present significant challenges that need to be addressed. Security is becoming an increasingly important aspect of all network. In this article we focus on the challenges that need to be addressed in order to make satellite networks more secure while maintaining seamless interoperability with terrestrial networks. These security-related challenges include the following considerations: â⬠¢ Satellite channels are wireless broadcast media, which makes it possible for an unauthorized user to receive the signal and eavesdrop on the communication, if it is not encrypted. â⬠¢ Without proper security mechanisms, any sufficiently well-equipped adversary can send spurious commands to the satellite and jam or disrupt the communication. â⬠¢ Satellite channels can occasionally have high bursty errors (for example, during heavy rain) that result in packet loss. Satellite networks also suffer from long propagation delays (for example, 0. 5 seconds for geostationary satellites). Therefore, security systems should add minimal delays to the communication and have mechanisms to recover from loss in security information. Incorporating security solutions originally designed for terrestrial networks, such as Internet Security Protocol (IPSec) or Secure Socket Layer (SSL), into satellite networks can cause severe performance penalties. In this article we consider some of these issues. We focus on data security for IP-based commercial networks, and discuss the performance problems that arise due to the encryption of the Transmission Control Protocol (TCP) header and payload when popular unicast security protocols like IPSec or SSL, originally designed for terrestrial connections, are applied to satellite networks without incorporating changes necessitated by the unique characteristics of satellite networks. We also look at the protocols proposed for secure group communication in hybrid satellite networks, and describe a hierarchical approach to group key management that is robust, scalable, and suitable for the characteristic topology of hybrid networks. The rest of the article is organized as follows. We describe the hybrid satellite-network topology and features that make it different from terrestrial networks. We discuss security needs for the hybrid network. We discuss the current approach to provide end-to-end unicast security in hybrid networks, and describe the performance problems arising as a result. We survey 50 1536-1284/05/$20. 00 à © 2005 IEEE IEEE Wireless Communications â⬠¢ December 2005 NOC Internet Gateway Proxy Client Proxy NOC (a) Internet Web server Web server (b) n Figure 1. Commercial direct-to-home network topology: a) case 1; b) case 2. the proposals for key management for secure group communication in satellite networks. We describe a possible solution to secure unicast communication without sacrificing performance and highlight our key-management approach to security for group communication in satellite networks. We conclude the article by pointing to future research directions. highly susceptible to the delay-bandwidth product and exhibits very poor performance in satellite channels. Satellite TCP connections need large transmit windows to fully utilize the available bandwidth. However, due to the TCP slowstart algorithm and large propagation delay in the satellite channel, it takes much longer for satellite TCP connections to reach the target window size, in comparison to terrestrial TCP connections. Also, the window is very vulnerable to congestion due to the multiplicative decrease strategy of TCP. The problem is compounded by the fact that TCP misinterprets link-layer corruption (which is the prevalent source of loss in satellite links) as congestion (which is rare) and consequently reduces the window. The PEP provides an efficient solution to the above problem. In satellite networks, a PEP agent is installed at the satellite gateway between the satellite network and the Internet. The PEP agent inspects every TCP packet that flows through the network. For data packets, the PEP sends back premature acknowledgments to the TCP senders, without waiting for the TCP segments to be actually delivered to the receivers. These premature acknowledgments are specially formatted to be indistinguishable from real acknowledgments and they considerably shorten the perceived round-trip delay. Studies have shown that this technique is critical for the performance improvement of satellite networks [2ââ¬â4]. Hence, TCP PEPs have been widely deployed in satellite networks today. Commercial networks also employ HTTP proxy servers to improve the speed of responses to Web-browser requests. When a user browses through content on the Internet, the application layer protocol in use is HTTP. A typical HTTP exchange involves a request by the browser for a Web page (ââ¬Å"GETâ⬠), and a response from the Web server, which contains the hypertext markup language (HTML) text of the requested Web page. A typical HTML page would also contain multiple embedded ââ¬Å"objectsâ⬠such as images, embedded media or scripts, and so forth. Each embedded object has to be retrieved with a separate HTTP request-and-response exchange. Therefore, a Web page that contains n ââ¬â 1 embedded objects takes n * RTT time to load fully, where RTT is one round-trip time. This can be extremely costly in a satellite network, where the RTT is usually high. COMMERCIAL HYBRID SATELLITE NETWORK ARCHITECTURE The network topologies we consider are illustrated in Fig. 1. In both topologies, we assume that there is one geostationary satellite with multiple spot-beams covering a large geographical area. Each spot-beam covers a subset of the total user set. We assume that future satellites will have an IP stack, be capable of onboard processing, and switch the data between supported spotbeams. The satellite therefore acts as an IP router-in-thesky. The Network Operations/Control Center (commonly known as NOC or NCC) connects to the satellite through the hub satellite gateway. The NOC is also connected to the Internet through high-speed terrestrial links. Terrestrial users can be either standalone machines (Fig. 1a), or a cluster of machines at each location, such as a local area network (LAN) (Fig. 1b). Terrestrial LANs can be either wired or wireless. Each user or LAN is connected to a local satellite terminal. The users receive traffic from the satellite via the forward channel (satellite downlink). The users can also communicate with the satellite via the return channel (uplink). There is no terrestrial connectivity between the users or the LANs. Usually, in commercial satellite networks that transfer Internet traffic, a split-connection Transmission Control Protocol (TCP) Performance Enhancing Proxy (PEP) is implemented to reduce the negative effects of the satellite link on the Internet connection [1]. Satellite channels provide large bandwidth (which can be as high as 90 Mb/s in the downlink), but also suffer from long propagation delay in comparison to terrestrial links. The delay can be as high as 500 ms (round-trip) for a geostationary satellite link. The propagation delay can have a severe adverse impact on the delivery of Internet traffic. Most of the Internet traffic uses the TCP, which is IEEE Wireless Communications â⬠¢ December 2005 51 SSSL encryption New IP header ESP Original TCP header IP header header TCP payload (SSL record) IPSEC encryption ESP trailer proxy (user side). There is a hub proxy server located at the NOC with the hub satellite gateway ââ¬â this proxy server represents the gateway proxy for both TCP and HTTP performance enhancements. SECURITY THREATS Similar security attacks can be launched against different hybrid satellite network topologies, but the impact of attacks would differ depending on the type of network and the applications supported by the network scenario. In the following, we list some of the important security threats in the hybrid network described above, and highlight the importance of the threats for the different network scenarios. Confidentiality of information: For networks that require information privacy, a primary threat is unauthorized access to confidential data or eavesdropping. Since the satellite is a broadcast medium, any entity on the ground with the right equipment can receive the satellite transmission. If the data is broadcast in the clear, then adversaries can be privy to the information that is flowing in the network. Data confidentiality can be achieved by message encryption. This requires that the senders and receivers are concurrently aware of the correct cryptographic keys used in the encryption/ decryption operations. This is a twofold problem: the problem of selecting suitable cryptographic algorithms for doing encryption so that overall network performance is not affected, and the problem of coordinating keys between users, that is, key management. Sending spurious commands: An adversary with the right equipment can send spurious control and command messages to the spacecraft, thus making the spacecraft perform operations different from their intended use. This can disrupt legitimate operations and communication in the network. This attack can be prevented if the sources of the messages are properly authenticated by every receiver. This would require suitable mechanisms for authentication, such as digital signatures [5]. The level of security required would dictate the authentication policy, for example, whether only the end users should authenticate each other, or whether authentication should happen on a per-hop basis. The latter might be necessary for scenarios where the satellite should not broadcast spurious information. If the satellite authenticates the source of every message it receives, it will transmit only those messages for which source authentication occurs correctly. Message modification attack: When the traffic goes over open networks, an adversary who is listening on the path can intercept both control and data messages. The adversary can modify the messages and send them to the destination, which can be the spacecraft, the ground terminals, or the end users. When the message reaches the intended destination, it would think that the corrupt message is coming from the true source, but the message content might be different from that expected or required for normal network operation. Message modification can be prevented by SSL record HTML page n Figure 2. IPSec and SSL encryption on a packet. The HTTP proxy server (also known by various other names, depending on the vendor) is implemented in satellite networks to overcome this problem. In a typical implementation, this requires a local Web proxy server at each user location, and a remote proxy server at the central hub facility of the satellite network (i. e. , the NOC). The Web browser at the user location should be able to recognize the local proxy (which can be either software on the client machine, or a separate hardware connected inbetween the client machine and the local satellite terminal). When the browser makes a request for a Web page, the HTTP GET request is sent to the local Web proxy, which forwards the request to the destination Web server. The Web server responds with the requested base HTML page. This page is intercepted by the proxy server at the network hub facility. The hub proxy server reads the base HTML page and sends multiple GET requests to the destination Web server for all the embedded objects in the base HTML page. This exchange occurs over a high-speed terrestrial connection between the hub and the Internet, thereby saving the time each request would have needed for a round trip over the satellite link. As the objects of the Web page are retrieved by the hub, they are immediately forwarded to the proxy at the user location. As the user browser receives the base HTML documents, it generates appropriate GET requests to fetch the objects corresponding to the links embedded in the document. The browser GET requests are terminated at the Web proxy server, which forwards the prefetched documents to the user browser immediately. The net result is that only a single ââ¬Å"GETâ⬠request from the user browser traverses the satellite link, while a set of rapid responses quickly deliver the requested Web page and associated elements to the browser. The need for satellite capacity is also reduced, which is the most costly element of a satellite network. In terms of the userââ¬â¢s experience, the user sees a brief pause after the original Web-page request (corresponding to the round-trip time it takes for the request to the forwarded to the destination server, and the response to be received by the browser, over the satellite link), followed by near-instantaneous delivery of all content residing on the requested page. The trade-off is additional hardware at the user location and the central-hub facility. In Fig. 1a, the proxy server at the user represents both the PEP (user side) and the HTTP 2 IEEE Wireless Communications â⬠¢ December 2005 appending message-integrity check mechanisms to every message, for example, message authentication codes (MACs) [6] or digital signatures. Security requirements and policies can dictate whether message authentication should happen only at the communication end points, or whether interme diate nodes should also verify the integrity of every message. Denial-of-service attack: Some attacks on security can be facilitated if strong security mechanisms are put in place for performing message-integrity checks or authenticating users. Consider the case where the satellite does authentication and integrity checks on all messages before broadcasting. An adversary can send a large number of spurious messages to the satellite, thus making the satellite spend significant computational cycles processing the spurious messages, which could be better spent broadcasting legitimate messages. Since the satellite has limited processing power, such an attack can be very effective, especially if strong cryptographic mechanisms like digital signatures are used for authentication and message integrity. This is a denial-of-service (DOS) attack. Although this DOS attack can be launched against any node in a network, a satellite network can be particularly susceptible to such an attack, since the satellite is a single point of failure and can be easily overwhelmed if made to perform too much computation. New IP header ESP Original IP TCP header header header TCP payload ESP trailer Encryption with K1 Original IPSEC ESP tunnel mode encryption New IP header ESP Original IP TCP header header header TCP payload ESP trailer Encryption with K2 Encryption with K1 Layered IPSEC ESP tunnel mode incryption n Figure 3. IPSec and layered IPSec encryption. Key K1 is shared between endpoints only. Key K2 is shared between endpoints and TCP PEPs. 1 embedded objects takes n * RTT to be loaded, an increase in delay by a factor of n. IPSEC FOR SECURITY AT THE NETWORK LAYER Several proposals for data confidentiality and authentication in satellite networks call for use of IPSec, which has been widely adopted by the Internet Engineering Task Force (IETF) for security at the network layer. IPSec and SSL are used independently of each other. IPSec creates an end-to-end tunnel at the network layer for the secure transfer of traffic. The two end-points in the communication negotiate security parameters known as the security association (SA) before traffic can be encrypted. Once the SA has been established in the handshake phase, the IP packets are encrypted using the algorithms and the keys specified in the SA. This is done when the IP-encrypted security payload (IPSec ESP) [9] is used. The IPSec ESP provides for both data encryption and authentication. IPSec provides strong security for data confidentiality and authentication, but it has a heavy byte overhead ââ¬â in the ESP mode, IPSec adds 10 bytes of overhead to the header and trailer. In addition, if authentication is used, ESP adds 16 bytes or more for the integrity check value, and another 8 bytes or more of initialization vector (IV) if the encryption algorithm uses an IV. Also, IPSec has been designed primarily to secure point-to-point communication; it s not well suited for group communication, due to the lack of the dynamic key-establishment procedure necessary to for secure communication in groups where the membership changes with time. In addition, IPSec does not allow for authentication at intermediate nodes, but this might be useful in some security situations. A widely researched problem when using IPSec in satellite networks is its inability to coexist with PEPs. The keys used for encryption in the IPSec ESP are known only to the two endpoints and therefore any intermediate node in the network cannot decrypt the traffic. IPSec ESP has two modes of operation ââ¬â tunnel mode and transport mode. In tunnel mode, the entire IP packet is encrypted and a new IP header and ESP header are generated and attached to the encrypted packet (Fig. 3), which adds an extra SECURING END-TO-END UNICAST COMMUNICATION USING IPSEC OR SSL Research on satellite security has focused on using the existing standardized technology, originally designed for terrestrial networks, to fix well-known security holes in satellite networks. Two such protocols that are widely used for secure unicast communication are IPSec [7] and SSL [8]. Figure 2 illustrates the encryption regions of SSL and IPSec. SECURE SOCKET LAYER FOR SECURE WEB TRAFFIC The SSL protocol secures the Web-browsing connection on an as-needed basis. When the client requests a secure connection or the server demands one, SSL is activated to secure the HTTP connection. The resulting connection is popularly known as secure HTTP (or HTTPS) and it encrypts the application-layer HTTP data end-to-end between the client and the server. In the protocol stack, the SSL layer sits between the application and the transport layers. Therefore, SSL encryption hides the TCP payload from all nodes in the network, except the client and the server. SSL encryption does not allow the HTTP proxy to function correctly. The HTML Web page encrypted into the SSL records is readable only by the client and the server who have the decryption keys. The keys are not available to the proxy, and therefore the proxy cannot read the HTML Web page. Consequently, the hub proxy server cannot send requests to the Web server for the embedded objects in the page and, therefore, HTML object prefetching cannot take place. The net result is that a Web page with n ââ¬â IEEE Wireless Communications â⬠¢ December 2005 53 The HTTP proxy also cannot function when the IPSec ESP is used. Since the HTML page is encrypted end-toend, the HTTP proxy cannot read the Web page in order to prefetch the embedded objects. Therefore, use of IPSec leads to a severe degradation in performance for both the TCP PEP and HTTP proxy. SSSL translation at hub proxy (HPA) SSSL session 2 SSL session 3 Proxy Client Internet Gateway NOC SSSL session 1 SSSL handshaking and translation at client proxy (RPA) Proxy Web server Figure 4. The SSL Internet Page Accelerator concept for efficient HTTPS over satellite. 20 bytes of overhead in addition to the overhead mentioned above. Encrypting the original IP header provides very strong security by disabling attacks (such as traffic analysis, etc. ). In transport mode, the payload portion of the IP packet is encrypted and a new ESP header is attached to the packet after the original IP header, which is in the clear. In either mode, the IP packet payload, which includes the TCP header, is encrypted with keys known only to the end points. Therefore, a TCP PEP, which is an intermediate node in the communication path, cannot read or modify the TCP header, since the PEP does not know the keys. Consequently, the PEP cannot function, thus leading to degradation in the performance of the TCP protocol. The HTTP proxy also cannot function when the IPSec ESP is used. Since the HTML page is encrypted end-to-end, the HTTP proxy cannot read the Web page in order to prefetch the embedded objects. Therefore, use of IPSec leads to a severe degradation in performance for both the TCP PEP and HTTP proxy. It is important to note that the problems that arise from the use of the SSL protocol or the IPSec ESP are independent of one another. It is conceivable that both protocols are used simultaneously, for example, when a secure Web page is accessed via a secure VPN tunnel. However, in such cases the performance issues do not change and the effect would be equivalent to using the IPSec ESP alone. On the other hand, if SSL alone is used, then the performance would be better, since the TCP PEP can function correctly in this scenario. [10] and layered IPSec [11], the idea is to encrypt different regions of the IP packet using different keys (Fig. ). The TCP payload is encrypted with key K1, which is shared only between the endpoints. The original IP header and the TCP header are encrypted with key K2, which is shared between the end points and also with intermediate authorized nodes such as the TCP PEP. Therefore, the TCP PEP can decrypt the header portion of the ESP packet with K2 and read the TCP header to do its performance optimizations. But the PEP cannot read the TCP payload and thus cannot access the actual data, since it does not posses the key K1. The layered IPSec approach allows TCP PEPs to function effectively. However, the method does not solve the problem of HTTP proxy servers. The HTML page is encrypted with key K1 as part of the TCP payload, and K1 is not shared with any intermediate node. Therefore, the Web page is not accessible to the HTTP proxy and no object prefetching can be accomplished. Olechna et al. [12] have suggested two solutions to the IPSec problem. In the first approach, the paper proposes moving the TCP PEP gateways to the endpoints. The TCP optimizations are done on the traffic in the clear, and then the traffic is encrypted using IPSec. There is no TCP PEP at the satellite hub. This approach improves the performance, but when a packet is lost or received in error TCP goes into congestionavoidance phase and the transmission is reduced by half. The second proposed approach, which deals effectively with this problem, is to split the secure connection into two at the satellite gateway. One connection is between the client and the gateway, and the second connection is between the gateway and the Internet server. This allows the gateway to decrypt the IPSec packet and read the headers and thereby do performance optimizations. This requires trust in the satellite gateway, which can now read all the traffic. This might be unacceptable to users who require strong end-to-end security. Several modified TCP protocols have been proposed that perform better than the original specification in the event of channel errors or delay, or when IPSec is used. A discussion of PROPOSED SOLUTIONS TO MITIGATE PERFORMANCE PROBLEMS WITH SSL OR IPSEC Several proposals have been made in academia and industry to deal with performance problems that arise from using IPSec and SSL in satellite networks. The concept of breaking up IPSec encryption into multiple encryption regions or zones on a single packet has been proposed independently in [10, 11]. Although the finer details in the two approaches are different, the basic idea is the same. Known as multilayer IPSec (ML-IPSec) 54 IEEE Wireless Communications â⬠¢ December 2005 Group keys (TEK) K1,8 Internal keys (KEK) K1,4 K5,8 Path of keys for M8 K1,2 K3,4 K5,6 K7,8 Leaf keys Members Group key K2 K1,12 Group key K1 K1,8 K9,12 K1 K2 K3 K4 K5 K6 K7 K8 M1 M2 M3 M4 M5 M6 M7 M8 (a) K1K2 K3 K4K5 K6 K7K8 K9 K10K11K12 M1M2M3M4M5M6M7M8 G1 G2 G3 G4 Members Gateways (b) Figure 5. Logical key hierarchy and its extension to satellite networks: a) with eight members; b) ML-IPSec integrated LKH tree with users and gateways. these TCP enhancements can be found in [13]. The problem of HTTP proxy performance when SSL is used has been addressed within the industry by breaking up the end-to-end single SSL connection between client and server into m ultiple SSL connections [14]. In this solution, the client browser creates a secure HTTP connection with the remote page accelerator (RPA) at the client satellite terminal, a second connection is created between the RPA and the hub page accelerator (HPA), and a third connection is between the HPA and the server (Fig. 4). The RPA performs all necessary handshaking with the client browser. The HPA can decrypt the SSL traffic from the server and perform the desired object prefetching. Taken together, this allows delivery of secure Web content with little performance degradation and with little change to the standard protocols. The major drawback to this scheme is that it requires a high level of trust in the intermediate nodes. The HPA, which is a third-party entity, can read all the sensitive Web traffic that passes between the client and the server. This might be unacceptable when absolute end-to-end security is desired. is O(logN) (where N is the number of members in the group), which is less than the O(N) keys required if the GC arranged the members in a flat topology. To allow PEPs to function correctly when network-layer security is used, [15] proposes the use of ML-IPSec. The paper proposes using a single LKH tree to manage the group key K2, used to encrypt the transport layer header (known to end users and trusted gateways), and the group key K1, known only to the end users and used for encrypting the transport layer data. As shown in Fig. b, users M 1 â⬠¦M 8 are leaf nodes in a subtree of degree three, and gateways G 1 â⬠¦G 4 are leaf nodes in a subtree of degree two. The root key of the member node subtree, K 1,8 , is used to encrypt the transport payload. The root of the overall key tree, K1,12, is used to encrypt the transport header. All member nodes know both K1,8 and K1,12, but the gateways know K 1,12 only (apart from the internal keys in the gateway subtree). How the LKH tree would be managed is not stated in [15]. This is important, since the users and the gateways might not be in the same administrative or security domain. The paper also considers all users and gateways as a ââ¬Å"flatâ⬠network for key distribution purposes, rather than taking into account the hierarchical nature of the network topology. The use of LKH for key management in satellite links has also been proposed in [18], which suggests algorithms for dynamically managing the LKH tree in case of member joins and leaves. Duquerroy et al. [19] proposed ââ¬Å"SatIPSec,â⬠for key distribution and secure communication for both unicast and multicast in a satellite network. The solution is based on IPSec, with the addition of flat multicast key exchange (FMKE) to support key management for secure group communication. Management of SAs for both unicast and multicast communication is integrated into the FMKE protocol. FMKE also incorporates reliability mechanisms so as to guarantee reliable key distribution in the lossy satellite setting. However, FMKE manages SAs between the satellite terminals or gateways only and does not extend to the end users. Therefore, end-to-end security is not provided when using SatIPSec. The RPA performs all necessary handshaking with the client browser. The HPA can decrypt the SSL traffic from the server and perform the desired object prefetching. Taken together, this allows delivery of secure Web content with little performance degradation and with little change to the standard protocols. KEY MANAGEMENT PROPOSALS FOR SECURE GROUP COMMUNICATION IN HYBRID NETWORKS Some research has been done with individual algorithms that serve as tools in building keymanagement protocols in order to facilitate secure group communication in hybrid satellite networks. Howarth et al. [15] have proposed the use of logical key hierarchy (LKH) [16, 17] for efficient key management for multicast groups in a satellite network. LKH makes use of a centralized key manager or group controller (GC), which constructs a logical key tree with the group members as the leaves of the tree (Fig. 5a). The internal nodes of the tree are the key encrypting keys (KEK), which are used to securely transport key updates to the group. The root of the tree is the session key or traffic-encrypting key (TEK), which is used to encrypt the session traffic. The number of keys that need to be updated when a member node joins or leaves the group IEEE Wireless Communications â⬠¢ December 2005 55 New IP header ESP Original TCP HTML header IP header header object links Base HTML page Encryption with K2 ESP trailer Encryption with K1 n Figure 6. Layered IPSec with modifications for HTTP optimization. Also, FMKE treats all the satellite terminals it services (which are called SatIPSec clients) in a ââ¬Å"flatâ⬠topology, and establishes separate secure channels to all SatIPSec clients. This will not scale when there are a large number of clients. Also, SatIPSec does not consider the dynamic joins and leaves of members in the group communication setting; a client needs to be preauthorized for all the groups it wants to take part in. The protocol also requires complete trust in the group controller and key server (GCKS), which is a third party that is responsible for managing the SAs between the clients. All clients need to have preshared secrets with the GCKS. IPSEC AND SSL IN HYBRID NETWORKS: OUR APPROACH We look at separate solutions to the performance problem arising out of using SSL and IPSec in hybrid networks, and also consider how the two approaches can be combined. HTTP OVER IPSEC TUNNEL One viable method is to break up the end-to-end IPSec tunnel into multiple connections. This is similar to the solution proposed in [12]. But while their approach looks at only the TCP enhancements, we add the use of the HTTP proxy as well. In our approach, the IPSec connection from the client is terminated at the client proxy. The proxy creates its own IPSec connection to the gateway TCP proxy. A third IPSec connection is created from the gateway TCP proxy to the Web server. Schematically, this is similar to Fig. , with IPSec connections replacing the SSL connections in the figure. The IPSec handshaking between the client and the server is spoofed by the client proxy on the client end, and by the TCP hub proxy on the server end. In this model, the Web traffic can be read completely by the client proxy and the hub proxy. The two proxies are able to perform the TCP enhancements because they can read the TCP header. In addition, the hub HTTP proxy can perform HTM L object prefetching from the server because it can read the base HTML page as it is returned to the client on a HTTP request. When the client browser generates staggered requests for the embedded objects upon receiving the base HTML page, the client proxy is responsible for returning local acknowledgments to the requests, and sending all the objects to the client browser at one time. The design is therefore fully able to maintain the functionality of the TCP and HTTP proxies. It also encrypts the traffic so that it can be seen only by the client, the server, and the two intermediate proxy servers. The design also makes minimal changes to existing standard protocols. However, the design also requires that there be full trust in the proxy servers. Also, there is additional overhead in setting up three IPSec connections, as opposed to one (as in the end-to-end case). The overhead in encryption/decryption also increases by a factor of three for every IP packet, since the intermediate proxies need to decrypt the TCP header and the HTML content. When the security requirement is that the traffic be unreadable to intermediate nodes, the above approach will not work. In this situation, we propose extending the layered IPSec approach in order to allow portions of the HTML content to be also accessible to the proxy servers. Assume for layered IPSec that the keys are K1 and K2. K1 is known only to the client and the server, while K2 is known to the client, the Web server, and the intermediate proxy servers at the client and the gateway. When the client makes HTTP requests, the requests are encrypted using K2, so that the client proxy server can read the requests and send local acknowledgments. Additional software at the Web server parses the requested HTML page so as to obtain all the embedded object links. These object links are collated into a new HTML page that contains only the object links, and this new page is encrypted with K2. The base HTML page that contains all the information and the object links is encrypted with K1. Both the encrypted base HTML page and the encrypted object links HTML page are sent in reply. Therefore, the encrypted ESP packet looks as it is depicted in Fig. 6. Upon receiving the IPSec packet from the Web server, the hub proxy is able to read the object links (since it has K2) and therefore do prefetching for the embedded links. In addition, the hub proxy can also read the TCP header and perform TCP enhancements. However, the HTML base-page data cannot be read by the hub proxy, since it does not have K1. The encrypted base HTML page can only be read by the client when the IPSec packet reaches the destination. This design allows the TCP and HTTP proxies to perform effectively while maintaining a high level of end-to-end security. However, the security is not as strong as in traditional IPSec, since the intermediate proxies do get some information insofar as they can read the links of the embedded objects, even though they cannot read the application data. This is the major trade-off necessary to achieve acceptable performance in this design. In addition, the model requires changes to be made to the IPSec protocol so that layered IPSec is supported with the HTTP performance additions. A major issue in the above model is the handshaking mechanism required to set up the layered IPSec connection. To maintain a high level of security, we propose that the connection be set up primarily between the client and the server, who negotiate both K1 and K2, apart from other parameters of the security association. The handshaking mechanism then provides K2 securely to both the client and the hub proxy servers. The client and the hub proxy servers are required to authenticate themselves correctly before they can receive the secondary key or access the IPSec traffic. 56 IEEE Wireless Communications â⬠¢ December 2005 DSSL main mode (K1) DSSL main mode (K2) Internet Gateway Proxy (K2) Client (K1, K2) NOC DSSL primary and secondary modes Original TCP IP header header Proxy SSL record Primary SSL record Proxy (K2) Web server (K1,K2) Encryption with K2 Encryption with K1 IP packet format for DSSL n Figure 7. Dual-mode SSL for HTTP optimization. HTTP OVER SSL When the HTTP traffic is secured using SSL only, and there is no IPSec tunnel in use, several approaches are possible to ensure acceptable performance. If the security requirement of the client and the Web server allow for trusted intermediate nodes, then the SSL accelerator concept of [14] can be a viable solution. This would require no change to the protocols at the expense of higher overhead in order to set up multiple SSL connections between the client, proxy, and Web server. When the security policy does not allow for trusted third parties, a different approach is needed. We propose the use of a modified SSL protocol, which we term dual-mode SSL (DSSL). As shown in Fig. 7, the secure connection in DSSL has two modes ââ¬â an end-to-end main mode connection between the client and the Web server, and a secondary mode connection that has the hub HTTP proxy as an intermediate node. When secure HTTP traffic is requested, the DSSL main mode connection is first negotiated between the client and the server. As part of the handshake for the main mode, the client and the Web server also negotiate the parameters for the secondary mode. Let K1 be the encryption key for the main mode, and K2 be the encryption key for the secondary mode. The client transfers the parameters of the secondary mode to the client and hub HTTP proxy servers only after the proxy servers authenticate themselves to the client. When the client makes an HTTP request, the client proxy sends local replies to the client browser, as discussed previously. The Web server, on receiving the request, parses the requested HTML page to obtain the embedded object links, which are collated into a new HTML page. The object links HTML page is then encrypted by DSSL using K2 to create the proxy SSL record. DSSL encrypts the base HTML page using K1 to create the primary SSL record. The two records are appended together and sent to the client in an IP packet (Fig. 7). The hub proxy intercepts the IP packet, extracts the object links from the proxy SSL record using K2, and prefetches the embedded objects. The Web server always encrypts the actual objects using K1, so that the hub proxy cannot read the base HTML page data. The hub proxy transfers all the embedded objects together to the client at one time. Therefore, the HTTP proxy functionality is preserved in DSSL while maintaining the end-to-end security of the HTML page contents. However, the security is less than in the end-to-end SSL connection case, since the HTTP proxy can read the object links. In standard SSL, the proxy servers can read no part of the base HTML page, not even the object links. We believe this slight reduction in security is acceptable, given the considerable improvement in performance using this method. The DSSL design is more complex in comparison to SSL since it requires the creation of an additional connection, and therefore involves a higher overhead. There is also the added overhead of multiple encryptions and decryptions with two different keys, and the complexity of parsing the HTML page for the object links. All these require changes to the base SSL protocol. The DSSL concept is similar to the multiplechannel SSL concept proposed in [20]. However, the authors do not differentiate encryption in primary and secondary SSL records but instead suggest that HTTP traffic with lower security requirements be encrypted entirely with keys known to intermediate nodes. For our security requirements, that approach would not be acceptable. Differential Encryption in Single SSL Record ââ¬â The use of a proxy SSL record is not necessary if various parts of the HTML page can be encrypted with The DSSL design is more complex in comparison to SSL since it requires the creation of an additional connection, and therefore involves a higher overhead. There is also the added overhead of multiple encryptions and decryptions with two different keys. IEEE Wireless Communications â⬠¢ December 2005 57 Secondary SSL encryption Primary SSL encryption New IP header ESP Original TCP Proxy SSL header IP header header record Secondary IPSec encryption Primary SSL record ESP trailer Primary IPSec encryption n Figure 8. Packet format for dual-mode SSL with IPSec. different keys. In that case, the Web server can encrypt the object links in the HTML page with key K2 and the rest of the HTML page contents with key K1, thus creating a single SSL record with different encryption. The hub proxy server can parse the SSL record and decrypt only the object links with key K2, before forwarding the IP packet to the client proxy. We assume that the primary and secondary encryption keys K1 and K2 have been set up and distributed as described in the previous sections, with K1 known to the client and the Web server only, while K2 is known to the client, the Web server, and the intermediate proxy servers. A similar technique can be applied when IPSec encryption is used instead of SSL encryption. The advantage here is that the size of the packet does not increase, although there is the overhead of distributing key K2 to the proxy servers to be considered. HTTPS OVER IPSEC For the sake of completeness, we consider the situation where a secure Web page is requested over an IPSec tunnel. This method involves redundancy of resources, since use of SSL when IPSec is being used does not provide any substantially added security. However, our approach can take care of the performance in this scenario as well. In this situation, we propose integrating DSSL with layered IPSec. Then the secondary keys for both the layered IPSec connection and the DSSL connection are shared with the proxy servers. The secondary key for layered IPSec is shared with both the TCP proxy and the HTTP proxy. When layered IPSec encrypts the packet, the secondary key encryption extends up to the proxy SSL record. The TCP proxy servers can therefore decrypt the TCP header of the ESP packet, and the HTTP proxy server can decrypt the proxy SSL record. Consequently, performance optimizations for both TCP and HTTP are allowed without letting the intermediate servers read the HTML page. A schematic of the IPSec packet in this setting is shown in Fig. 8. A HIERARCHICAL APPROACH TO KEY MANAGEMENT FOR DATA SECURITY IN HYBRID NETWORKS In [21], we have proposed a key-management framework for distributing cryptographic keys securely and in a scalable manner to users taking part in group communication in a hybrid satellite network. The objective is to ensure data confidentiality, by encrypting the data traffic with group keys known to all the group members. The key-management framework is built on top of the multicast routing architecture. We have considered the hybrid network topology shown in Fig. 1b and designed a multicast routing architecture to allow users to communicate seamlessly between multiple terrestrial LANs (also referred to as subnetworks) [22]. Our routing design makes specific use of asynchronous transfer mode (ATM) point-to-multipoint routing [23] over the satellite links, and Protocol-Independent Multicast Sparse-Mode (PIM-SM) multicast routing [24] in terrestrial LANs. We have extended PIM-SM to allow multiple rendezvous points (RPs) in each multicast group. The satellite gateway in each LAN acts as the local RP for the LAN and creates the local multicast trees for group members within the LAN. The local multicast trees are connected together over the satellite links by using the ATM point-to-multipoint virtual connection, thereby creating one end-to-end multicast tree for each group, encompassing all the LANs with group members in them. The multicast routing architecture is thus adapted closely to the hierarchical network topology, and allows for building efficient multicast trees with low control and data overhead. The design of the key-management protocol is independent of the routing algorithm, although it is based on the same underlying principle, that is, a hierarchical breakup of the network based on the topology. We divide the network into two levels ââ¬â the lower level, comprised of terrestrial LANs where the users are located, and a higher level consisting of the satellite, the NOC, and the satellite gateways or RPs in each LAN, which together form an overlay (Fig. 9a) interconnecting terrestrial LANs. The RPs act as the ââ¬Å"bridgeâ⬠between the two levels. Key management is done separately in the two levels. In each LAN we introduce a local group controller (called the ââ¬Å"subnetwork key controllerâ⬠or SKC) to manage the keys for all groups active in the LAN. The SKC is responsible for access control of all members of all groups that are active in its LAN, generating the group keys for all local groups, and updating the keys on group-member joins and leaves when a group is active. The keys managed by an SKC are entirely local to its LAN, and do not affect the key management in any other LAN in the network. The SKC uses the LKH algorithm to manage keys in its LAN, creating a logical key tree that we term the SN Tree. Each group active in a LAN has its own SN Tree. The leaves of the SN Tree for a group correspond to the longterm shared secrets between the SKC and the local users in the LAN who are active as sources and/or receivers in the group. The root of the SN Tree corresponds to the session key that is used for encrypting the group traffic within the LAN at any particular instant. On member joins and leaves, the session key, and all the keys on the path from the root to the leaf node corresponding to the member joining/leaving, are updated, while all other keys in the SN Tree remain unchanged. The overlay has its own key management, 58 IEEE Wireless Communications â⬠¢ December 2005 Overlay RP tree root key Level-1 Satellite Overlay network NOC Gateway Gateway Gateway SN tree SKC RP (root) RP (leaf) SKC RP tree RP (leaf) Gateway Level-0 SKC Subnet n Subnet 1 Subnet 2 (a) Subnet 3 Subnetwork Subnetwork (b) Subnetwork n Figure 9. A hierarchical approach to key management in hybrid networks: a) hierarchy in the hybrid network; b) tiered tree key management. also based on the LKH algorithm. At the overlay level, the key management for a particular group is controlled by the satellite gateway/RP (known as the root RP for that group) of the LAN that has group sources active for the longest continuous period in the group. The logical key tree for any group thus formed at the overlay is termed the RP Tree. The root RP is responsible for generating keys for the RPs of the LANs who subscribe to the particular group, that is, have sources and/or receivers active in the LAN. Each group has its own RP Tree. The design ensures that the NOC cannot receive/transmit data to any active group, unless it explicitly subscribes to the group as a member node. However, LANs joining any particular group initially register with the NOC, which maintains a group membership table for all active groups, so that at all times the NOC is aware of the LANs which are participating in all active groups. The NOC is also responsible for selecting the root RP of the RP Tree for each group, which it does based on the earliest-to-join policy. The root RP also might be different for different groups, since the LAN with the longest continuously active sources might be different for different groups. Our algorithm has the provision to allow the root RP for any group to change ââ¬â this happens if the currently active root RP leaves the group, when all sources/receivers within its local LAN cease to participate in the group. Our algorithm therefore builds a hierarchy of logical key trees that closely follow the hierarchy in the network topology, as shown in Fig. 9b. We term this framework Tiered Tree-based Key Management. In this hierarchy of key trees, the gateway RPs are responsible for performing key translation on all the multicast group traffic as it transmits the data from local sources to receivers in remote LANs, or when it receives group traffic from remote sources for local receivers. This translation is necessary since the data traffic is encrypted with the RP Tree session key in the overlay, and with the SN Tree session ey within the local LAN, with the two session keys being independent of one another. The detailed design of Tiered Tree-based Key Management, analysis of its security, and experimental results can be found in [25]. The primary objective in our design is to minimize the amount of key-management control traffic n Figure 10. Tiered tree framework: total key management traffic vs. RP tree traffic for three groups (Y-axis shows the traffic in bytes per second; X-axis is the simulation duration in minutes). hat flows over the satellite links, due to the long delay involved as well as susceptibility to channel errors. We have attempted to ensure that the security of the data traffic does not add any overhead in terms of delay other than that absolutely unavoidable, and that the security protocol does not contribute to deadlocks in group-data dissemination where some group members in certain LANs cannot read the data due to having wrong keys. From the simulation results, Fig. 10 shows the reduction in key-control traffic over the satellite links using our tiered-tree approach. The graph compares the total key-management IEEE Wireless Communications â⬠¢ December 2005 59 Our solution is a generic solution aimed specifically at multicast key management and does not deal with an end-to-end security solution for secure communication or give any implementation specifics. information sent in the network for three simultaneous groups (i. e. , sent over the RP trees, sent over the satellite links, and all SN trees limited to local LANs), to the total key information sent on the RP trees (satellite links) only. As the graph shows, the resource savings on the satellite links is substantial when the tiered-tree scheme is used. Even though the group dynamics are high, the amount of message exchanges are very few in the RP tree, that is, over the satellite links. If a flat key-management hierarchy had been used instead, the total key-management traffic would have been sent over the satellite links, thus leading to increased delay and increasing the possibility that the correct keys do not reach all the members at the same time. Our solution is therefore very scalable. It also acknowledges the fact that the group members might be located in different security domains and, therefore, a single network-wide security management might not be possible. This is a more realistic scenario, since terrestrial LANs might be individual company domains, while the satellite overlay infrastructure is usually owned by a separate entity that provides network connectivity to the LANs, and is not responsible for generating the network traffic. This framework addresses the problem that all users might not be visible to a single, centralized security authority, and the dynamics of user joins or leaves in one LAN should not create an overhead to users in other LANs. Also, in widearea satellite networks we consider that the satellite channel conditions at a given point in time might be different in different sections of the network. There might be loss in information due to bad channel conditions in some network segments; however, this should not disrupt communication in network segments where the channel conditions are better. Solutions which treat all users in a single tree will not be able to perform as robustly under such conditions. Our solution is also similar to the ML-IPSec concept in that the satellite terminals are only partially trusted; they are allowed to do partial decryption/encryption of the IP packets for efficient routing. However, it is a generic solution aimed specifically at multicast key management and does not deal with an end-to-end security solution for secure communication or give any implementation specifics. approaches for typical topologies and validating the proposed designs by simulation. Lastly, we have described our hierarchical approach of key management for providing data security in hybrid networks. We are continuing our research in this area and examining designs to integrate our keymanagement protocol with the unicast case. A considerable amount of work needs to be done with regard to secure protocols for hybrid networks, specifically for the case where users are mobile. Here we have touched upon only a small subset of the problems. None of the proposed solutions, including our own, address the question of user authentication or message integrity for group communication. However, we believe the security problems discussed here will receive further treatment from the research community, and this work will be a useful contribution to the field. ACKNOWLEDGMENT The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. The research reported here is supported by the National Aeronautics and Space Administration (NASA) Marshall Space Flight Center under award no. NCC8-235. The views expressed in this article are solely the responsibility of the authors and do not reflect the views or position of NASA or any of its components. REFERENCES [1] J. Border et al. , ââ¬Å"Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations,â⬠IETF RFC 3135, June 2001. [2] V. Arora et al. , ââ¬Å"Effective Extensions of Internet in Hybrid Satellite-Terrestrial Networks,â⬠University of Maryland, College Park, Tech. Rep. CSHCN TR 96-2, 1996. [3] V. Bharadwaj, ââ¬Å"Improving TCP Performance over HighBandwidth Geostationary Satellite Links,â⬠University of Maryland, College Park, Tech. Rep. ISR TR MS-99-12, 1999. [4] N. Ehsan, M. Liu, and R. Ragland, ââ¬Å"Evaluation of Performance Enhancing Proxies in Internet over Satellite,â⬠Wiley Intââ¬â¢l. J. Commun. Sys. , vol. 16, Aug. 2003, pp. 513ââ¬â34. [5] NIST, ââ¬Å"Digital Signature Standard (DSS),â⬠May 19, 1994. [6] H. Krawczyk, M. Bellare, and R. Canetti, ââ¬Å"HMAC: KeyedHashing for Message Authentication,â⬠IETF RFC 2104, Feb. 1997. [7] R. Atkinson and S. Kent, ââ¬Å"Security Architecture for the Internet Protocol,â⬠IETF RFC 2401, Nov. 1998. [8] IETF Transport Layer Security Working Group, ââ¬Å"The SSL Protocol Version 3. 0,â⬠Nov. 1996, available at http://wp. netscape. com/eng/ssl3/draft302. txt [9] R. Atkinson and S. Kent, ââ¬Å"IP Encapsulating Security Payload (ESP),â⬠IETF RFC 2406, Nov. 998. [10] Y. Zhang, ââ¬Å"A Multilayer IP Security Protocol for TCP Performance Enhancement in Wireless Networks,â⬠IEEE JSAC, vol. 22, no. 4, 2004, pp. 767ââ¬â76. [11] M. Karir and J. Baras, ââ¬Å"LES: Layered Encryption Security,â⬠Proc. ICNââ¬â¢04, Guadeloupe (French Caribbean), Mar. 2004. [12] E. Olechna, P. Feighery, and S. Hryckiewicz, ââ¬Å"Virtual Private Network Issues Using Satellite Based Networks,â⬠MILCOM 2001, vol. 2, 2001, pp. 785ââ¬â89. [13] P. Chitre, M. Karir, and M. Hadjitheodosiou, ââ¬Å"TCP in the IPSec Environment,â⬠AIAA ICSSC 2004, Monterey, CA, May 2004. 14] SSL Accelerator, Spacenet Inc. , available at http://www. spacenet. com/technology/advantages/ssl. ht ml [15] M. P. Howarth et al. , ââ¬Å"Dynamics of Key Management in Secure Satellite Multicast,â⬠IEEE JSAC, vol. 22, no. 2, 2004, pp. 308ââ¬â19. [16] C. Wong, M. Gouda, and S. S. Lam, ââ¬Å"Secure Group Communications Using Key Graphs,â⬠IEEE/ACM Trans. Net. , vol. 8, 2000, pp. 16ââ¬â30. CONCLUSION Security is a critical component in hybrid IPbased satellite networks. In this article we have focused on some of the challenges that lie ahead. We have discussed the unique characteristics of hybrid satellite networks that make the problem of ensuring secure communication different from that of purely terrestrial networks. We have presented a survey of the various security solutions that have been proposed, and discussed their advantages and disadvantages. We have proposed several approaches to solve the performance problems of TCP and HTTP in satellite networks arising from secure communication. However, a lot of further work needs to be done to validate our approaches, and we are in the process of developing specific detailed security 0 IEEE Wireless Communications â⬠¢ December 2005 [17] D. Wallner, E. Harder, and R. Agee, ââ¬Å"Key Management for Multicast: Issues and Architectures,â⬠IETF RFC 2627, June 1999, available at http://www. apps. ietf. org/rfc/ rfc2627. html [18] G. Noubir and L. von Allmen, ââ¬Å"Security Issues in Internet Protocols over Satellite Links,â⬠Proc. IEEE VTC ââ¬Ë99, Amsterdam, The Netherlands, 1999. [19] L. Duquerroy et al. , ââ¬Å"SatIPSec: An Optimized Solution for Securing Multicast and Unicast Satellite Transmissions,â⬠22nd AIAA Intââ¬â¢l. Commun. Sat. Sys. Conf. and Exhibit, Monterey, CA, May 2004. [20] Y. Song, V. Leung, and K. Beznosov, ââ¬Å"Supporting Endto-End Security across Proxies with Multiple-Channel SSL,â⬠Proc. 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004, pp. 323ââ¬â37. [21] A. Roy-Chowdhury and J. Baras, ââ¬Å"Key Management for Secure Multicast in Hybrid Satellite Networks,â⬠19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004. [22] A. Roy-Chowdhury and J. Baras, ââ¬Å"Framework for IP Multicast in Satellite ATM Networks,â⬠AIAA ICSSC 2004, Monterey, CA, May 2004. [23] G. Armitage, ââ¬Å"Support for Multicast over UNI 3. 0/3. 1 Based ATM Networks,â⬠Internet RFC 2022, Nov. 1996. [24] S. Deering et al. , ââ¬Å"The PIM Architecture for Wide-Area Multicast Routing,â⬠IEEE/ACM Trans. Net. , vol. 4, no. 2, 1996, pp. 153ââ¬â62. [25] A. Roy-Chowdhury, ââ¬Å"IP Routing and Key Management for Secure Multicast in Satellite ATM Networks,â⬠Masterââ¬â¢s thesis, University of Maryland, College Park, 2003, available at http://techreports. isr. umd. edu/reports/2004/ MS2004-1. pdf Paper Award, 2004 WiSe Conference. He holds three patents. His research interests include wireless networks and MANET, wireless network security and information assurance, integration of logic programming and nonlinear programming for trade-off analysis, multicriteria optimization, noncooperative and cooperative dynamic games, robust control of nonlinear systems and hybrid automata, mathematical and statistical physics algorithms for control and communication systems, distributed asynchronous control and communication systems, object-oriented modeling of complex engineering systems, satellite and hybrid communication networks, network management, fast Internet services over hybrid wireless networks, stochastic systems, planning and optimization, intelligent control and learning, biologically inspired algorithms for signal processing, and sensor networks. MICHAEL HADJITHEODOSIOU [M] received an M. A. (honours) in electrical and information sciences from the University of Cambridge, United Kingdom, in 1989, an M. S. in electrical and computer engineering from the University of California, Irvine in 1992, and a Ph. D. n engineering (specializing in satellite communications) from the Centre for Satellite Engineering Research (CSER) at the University of Surrey, United Kingdom, in 1995. Among his awards are a scholarship award for studies at the University of Cambridge from the Cambridge Commonwealth Trust (1984ââ¬â1986); a Fulbright Scholarship for post-graduate work in the United States (1989ââ¬â1991); a Research Fellowship from the U. K. Engineering and Physical Sciences Research Council (EPSRC) (1992); and the Canadian National Science and Engineering Research Council (NSERC) post-doctoral fellowship award (1995). He worked as a research fellow in the Communication Systems group of CSER (1991ââ¬â1995) and spent a year as a visiting fellow at the Canadian Government Communications Research Center (CRC) (1995ââ¬â1996). In November 1996 he joined the Center for Satellite and Hybrid Communication Networks (CSHCN) at the Institute for Systems Research, University of Maryland, College Park, where he is currently an assistant research scientist. He is an expert on space communications and satellite networks. His research interests include performance optimization of wireless and hybrid networks, security and protocol support issues for satellite systems, and design optimization of next-generation broadband satellite networks and applications. He is currently working on supporting the communication needs of NASA enterprises and the communication architecture enabling space exploration. He is currently serving as secretary of the IEEE Satellite and Space Communications Technical Committee. SPYRO PAPADEMETRIOU received his B. S. in computer science from George Mason University, Fairfax, Virginia. Since then he has been actively involved in Internet research and development within both industry and academia. He was the principal Internet researcher at Synectics Corp. , where he developed network and database software. He worked as a researcher at the University of Marylandââ¬â¢s Institute for Systems Research, where he designed and developed their first networking laboratory, which is part of the CSHCN. At Inktomi Corp. he spearheaded client acceleration research and was a member the content-distribution network design team. These resulted in several patent filings, of which he holds one. The latter also resulted in American Onlineââ¬â¢s Web client accelerator product. Currently he is with Orbital Data Corp. working on network and application optimization. His research interests include network optimization, application optimization, satellite and terrestrial wireless networking, delay-tolerant networks, sensor networks, distributed systems, and network software architecture. We have touched upon only a small subset of the problems. None of the proposed solutions, including our own, address the question of user authentication or message integrity for group communication. BIOGRAPHIES AYAN ROY-CHOWDHURY ([emailà protected] umd. edu) received his B. E. in electronics and telecommunications engineering in 1998 from Jadavapur University, India, and his M. S. in electrical engineering in 2003 from the University of Maryland, College Park, where he is currently a Ph. D. student. Between 1998 and 2000 he worked as a senior software engineer at Wipro Technologies, India. His research focuses on the design of protocols and frameworks for secure communication in hybrid networks. He is working on secure protocols for unicast and multicast routing in networks that have wired and wireless terrestrial components interconnected by satellite links. He is also looking into key management techniques for secure data transmission for these network architectures, and efficient user-authentication mechanisms for the same. As part of these topics, he is also investigating performance problems for network communication in satellite networks when security is involved. J OHN S. B ARAS [F] received a B. S. in electrical engineering from National Technical University of Athens, Greece, in 1970, and M. S. and Ph. D. degrees in applied mathematics from Harvard University in 1971 and 1973, respectively. He was founding director of the Institute for Systems Research (one of the first six NSF Engineering Research Centers) from 1985 to 1991. Since August 1973 he has been with the Electrical and Computer Engineering Department and Applied Mathematics Faculty at the University of Maryland, College Park. In 1990 he was appointed to the Lockheed Martin Chair in Systems Engineering. Since 1991 he has been director of the Center for Hybrid and Satellite Communication Networks (a NASA Research Partnership Center). Among his awards are the 1980 Outstanding Paper A
Subscribe to:
Posts (Atom)