java json xpath jsonpath



google 既然搜不到,你猜我是怎么找到的?


the root object/element

the current object/element

. or []
child operator

parent operator

recursive descent. JSONPath borrows this syntax from E4X.

wildcard. All objects/elements regardless their names.

attribute access. JSON structures don't have attributes.

subscript operator. XPath uses it to iterate over element collections and for predicates. In Javascript and JSON it is the native array operator.

Union operator in XPath results in a combination of node sets. JSONPath allows alternate names or array indices as a set.

array slice operator borrowed from ES4.

applies a filter (script) expression.

script expression, using the underlying script engine.

grouping in Xpath

XPath has a lot more to offer (Location pathes in not abbreviated syntax, operators and functions) than listed here. Moreover there is a remarkable difference how the subscript operator works in Xpath and JSONPath.

Square brackets in XPath expressions always operate on the node set resulting from the previous path fragment. Indices always start by 1.With JSONPath square brackets operate on the object or array addressed by the previous path fragment. Indices always start by 0. |2007-08-18| e3#JSONPath examples

Let's practice JSONPath expressions by some more examples. We start with a simple JSON structure built after an XML example representing a bookstore (original XML file).

{ "store": { "book": [ { "category": "reference", "author": "Nigel Rees", "title": "Sayings of the Century", "price": 8.95 }, { "category": "fiction", "author": "Evelyn Waugh", "title": "Sword of Honour", "price": 12.99 }, { "category": "fiction", "author": "Herman Melville", "title": "Moby Dick", "isbn": "0-553-21311-3", "price": 8.99 }, { "category": "fiction", "author": "J. R. R. Tolkien", "title": "The Lord of the Rings", "isbn": "0-395-19395-8", "price": 22.99 } ], "bicycle": { "color": "red", "price": 19.95 } } }


the authors of all books in the store

all authors

all things in store, which are some books and a red bicycle.

the price of everything in the store.

the third book

the last book in order.

the first two books

filter all books with isbn number

filter all books cheapier than 10

all Elements in XML document. All members of JSON structure

Continue reading java json xpath jsonpath

it-e-11 Introduction to computer network

Computer network is a system connecting two or more computers. A computer network allows
user to exchange data quickly, access and share resources including equipments, application software,
and information.
Data communications systems are the electronic systems that transmit data over communications
lines from one location to another. You might use data communications through your microcomputer
to send information to a friend using another computer. You might work for an organization whose
computer system is spread throughout a building, or even throughout the country or world. That is, all
the parts—input and output units, processor, and storage devices—are in different places and linked
by communications. Or you might use telecommunications lines—telephone lines—to tap into
information located in an outside data bank. You could then transmit it to your microcomputer for
your own reworking and analysis.
To attach to a network, a special-purpose hardware component is used to handle all the
transmission. The hardware is called a network adapter card or network interface card (NIC), it is
a printed circuit board plugged into a computer's bus, and a cable connects it to a network
Communications networks differ in geographical size. There are three important types:
LANs, MANs, and WANs.
Local Area Networks

Networks with computers and peripheral devices in close physical
proximity—within the same building, for instance—are called local area networks (LANs).
Linked by cable-telephone, coaxial, or fiber optic. LANs often use a bus form organization. In a
LAN, people can share different equipments, which lower the cost of equipments. LAN may be
linked to other LANs or to larger networks by using a network gateway. With the gateway, one
LAN may be connected to the LAN of another LAN of another office group. It may also be
connected to others in the wide world, even if their configurations are different. Alternatively, a
network bridge would be used to connect networks with the same configurations.
There is a newly development for LANs: WLAN. A wireless LAN (WLAN) is a flexible
data communication system implemented as an extension to, or as an alternative for, a wired
LAN within a building or campus. Using electromagnetic waves, WLANs transmit and receive
data over the air, minimizing the need for wired connections. Thus, WLANs combine data
connectivity with user mobility, and, through simplified configuration, enable movable LANs.
Over the recent several years, WLANs have gained strong popularity in a number of vertical
markets, including the health-care, retail, manufacturing, warehousing, and academic arenas.
[1]These industries have profited from the productivity gains of using hand-held terminals and
notebook computers to transmit real-time information to centralized hosts for processing. Today

WLANs are becoming more widely recognized as a general-purpose connectivity alternative for
a broad range of business customers.
Applications for Wireless LANs [2]Wireless LANs frequently augment rather than replace
wired LAN networks—often providing the final few meters of connectivity between a backbone
network and the mobile user. The following list describes some of the many applications made
possible through the power and flexibility of wireless LANs:
Doctors and nurses in hospitals are more productive because hand-held or notebook
computers with wireless LAN capability deliver patient information instantly.
Consulting or accounting audit engagement teams or small workgroups increase productivity
with quick network setup.
Network managers in dynamic environments minimize the overhead of moves, adds,
and changes with wireless LANs, thereby reducing the cost of LAN ownership.
Training sites at corporations and students at universities use wireless connectivity to
facilitate access to information, information exchanges, and learning.
Network managers installing networked computers in older buildings find that wireless
LANs are a cost-effective network infrastructure solution.
Retail store owners use wireless networks to simply frequent network reconfiguration.
Trade show and branch office workers minimize setup requirements by installing preconfigured
wireless LANs needing no local MIS support.
Warehouse workers use wireless LANs to exchange information with central databases and
increase their productivity.
Network managers implement wireless LANs to provide backup for mission-critical
applications running on wired networks.
Senior executives in conference rooms make quicker decisions because they have real-time
information at their fingertips.
The increasingly mobile user also becomes a clear candidate for a wireless LAN. Portable
access to wireless networks can be achieved using laptop computers and wireless NICs. This
enables the user to travel to various locations–meeting rooms, hallways, lobbies, cafeterias,
classrooms, etc.–and still have access to their networked data. Without wireless access, the user
would have to carry clumsy cabling and find a network tap to plug into.
Metropolitan Area Networks

These networks are used as links between office buildings in
a city. Cellular phone systems expand the flexibility of MAN by allowing links to car phones and
portable phones.
Wide Area Networks

Wide area networks are countrywide and worldwide networks.
Among other kinds of channels, they use microwave relays and satellites to reach users over long
distances. One of the most widely used WANs is Internet, which allows users to connect to other
users and facilities worldwide.

Continue reading it-e-11 Introduction to computer network


Java 2企业版(J2EE)连接器架构(JCA)是对J2EE标准集的重要的补充. 它注重的是用于将Java程序连接到非Java程序和软件包的中间件的开发.JCA是由Sun公司领导的Java标准化组织开发的.JCA 目前还是在最后的草案阶段, 它定于2001年年底发布并且将成为J2EE 1.3 的一部分.JCA 提供了许多值得注意的好处, 但是直接的JCA编程并不是每个人都能学会.
JCA 资源适配器
通用客户介面(CCI Common Client Interface,目前还是可选内容)
JCA 是软件工业界在应用程序集成领域建立标准进行的第一步工作,而以前要做到这一点基本上是通过专有的中间件完成的.这是迈向正确方向的第一步, 因为应用程序的集成已经不仅成为了业界领袖面临的首要问题而且也让大多数主流软件商无法回避.
JCA 资源适配器是定制的Java程序用来实现对特定的外部程序的连接(无论它是一个以前遗留下来的程序,还是购买的程序).一个遵循JCA标准的资源适配器都必须支持JCA系统界面,以便通过连接缓冲进行性能优化并支持自动的安全签名.JCA还提供一组界面支持事务管理(虽然实际上在资源适配器中对分布式事务的支持是可选的).

要支持JCA的事务和安全功能需要目标程序通过资源适配器为程序的访问暴露足够的事务和安全界面.过时的应用程序或者是应用程序平台如果不经过加强则有可能只能部分的符合JCA标准. 许多的适配软件很可能只能支持最小的"无事务"选项而且可能只能拥有一个部分支持目标环境的安全结构的安全界面.
最小化的资源适配器也许只能改进那些在JCA出现以前由不同的销售商开发的非标准适配器.在目前的开发阶段,JCA与更现代的和更开放的目标应用程序或环境结合的时候最能体会它的威力.到2004年,在软件集成项目中少于百分之三十的软件包和遗留下来的适配软件将使用JCA, 而且拥有完全功能的将少于百分之十--包括对事务的支持,完全的安全性,以及CCI(0.7 的可能性).
JCA 通用客户界面是调用程序(用户程序或是集成中间件)使用的一套应用编程界面(API).JCA CCI被用做对资源适配器的标准访问过程,不管实际的目标程序或是环境是如何工作的.因为所有的资源适配器支持相同的一套AIP,所有的调用程序和外界程序间的交互过程就形成了标准.但是对CCI支持在JCA 1.0中是可迁的.许多的资源适配器会暴露非标准的但是满足特定目标或平台访问方式的客户界面.
CCI与企业版JavaBeans(EJB)的调用界面是不同的,而且JCA 资源适配器的封装方式也不尽相同;JCA的Java编译文件(JAR)与EJB JAR文件有不同的设计方式.所以CCI代表了J2EE范围内一个新的专门的编程模型;它是复杂的而且需要专门的技术知识.但是实际使用CCI的开发者的大部分很可能将是工具软件销售商(例如WebGain和IBM Visual Age)以及集成中间件生产商(例如WebMethods和TIBCO Software),而不是企业应用开发者.
要支持JCA, 集成中间件销售商一般不得不采用一整套J2EE平台,就象JCA设计需要的那样(也就是"managed"选项).但它们中的大多数还没有这样的能力,所以可能只是实现JCA标准的功能弱一些的"unmanaged"选项.这种情况很可能拖延集成中间件销售商对JCA全部标准的采用,因而也就会拖延对整个 JCA的采用.到2004年,所有主导的集成中间件销售商都将通过独立开发或是合作在它们的产品里捆绑进一个J2EE应用服务器(0.7的可能性).
JCA 对 Web服务(Web services)
JCA在功能上比Web服务要丰富,但是它发布起来更难而且限制了销售商只能从 Java环境访问它们.Web服务界面能够自动的包括对Java,微软,和其它结构的支持.一个可能的折衷是销售商同时提供对JCA和Web服务界面的支持,也许使用Web服务来打包JCA CCI.在未来的版本里,JCA很可能扩展它对XML和松偶合访问的支持.未来的JCA版本还可能提供对CCI和Web服务的标准化的支持.因此,JCA 将为对JCA资源适配器的紧耦合(JCA)和松耦合提供协议.
JCA标准没有解决一个资源适配器是应该总是代表整个目标环境(3270 CICS)还是代表一个或多个外部程序的功能(例如这样的功能,"从一个3270 CICS 应用程序获取客户信息").复合资源适配器--那些为几个外部环境(例如AS/400和R/3)--则连提都没有提到.当前的应用集成的实际显示一个适配器的功能范围可以是"瘦"或者含有很多的技术而在商业逻辑方面变得"胖"而笨重.对大多数集成项目来说关键性的异步集成方式也没有出现在JCA 1.0里. 当实际采用JCA的时候这些问题就会出现而且有可能需要在JCA未来的版本里做进一步的扩展和明确.制定JCA 2.0的工作已经开始.
JCA 的范围被限制在适配器技术里,这相对于整个应用集成平台来说是一个小部分.许多应用集成的需求和方案还没有包括在J2EE里.它不支持语义数据传输,业务进程管理,异步集成(JCA 的目标只有请求/应答 式的适配器风格),消息仓库和集成系统管理.JCA完全面向对同步复合应用的支持,支异步应用程序集成视而不见.要满足这些要求,到2004年附加的与集成有关的标准将被添加进J2EE(0.8的可能性).
JCA是对J2EE显著的扩展,但它没有能够适应所有应用集成项目的需求. 不管JCA如何,J2EE的用户在建立它们的集成内构的时候将继续部分的依赖专有解决方案

Continue reading [转]JCA--又一个半拉子架构的介绍

it-e-12 What is a Firewall

The term "firewall" illustrates a system that protects a network and the machines on them
from various types of attack. Firewalls are geared towards keeping the server up all the time and
protecting the entire network.
The primary goal of a firewall is to implement a desired security policy; controlling access
in both directions through the firewall, and to protect the firewall itself from compromise. It
wards off intrusionattempts, Trojans and other malicious attacks.
They are meant for the home user in a networked environment. They aim to block simple
attacks, unlike the enterprise level firewalls that the corporate world uses at the server or router end.
There are many ways to implement a firewall, each with specific advantages and disadvantages.
Nowadays organizations and professionals use Internet technology to establish their online
presence and showcase their products and services globally. Their endeavor is to leverage digital
technology to make their business work for them.
All the organizations and professionals are shifting from Dialup to broadband and getting a
fixed IP. It has led to an increase in security attacks, bugs in everyday working. This does not

mean that Dialup being anonymous dynamic link or the firewall of the ISP network make you
pretty safe.
Now if your machine was under attack, you must have wondered what went wrong making
your system crash suddenly. It is not necessary for anyone to actually know about you or your IP
address to gain access to your system.
If your system is infected or prone to intrusions, then beyond the anonymity of your Dialup
connection or a dynamic IP, your system can be hacked.

There are many ways to gain unauthorized access to a system. Operating system
vulnerabilities, cracked or guessed passwords are some of the more common. Once access is
attained, the intruder can send email, tamper with data, or use the system privileges to attack
another system.
Information Theft and Tampering

Data theft and tampering do not always require that the
system be compromised. There have been many bugs with FTP servers that allow attackers to
download password files or upload Trojan horses.
A Service Attacks

Any attack that keeps the intended user from being able to use the
services provided by their servers is considered a denial of service attack. There are many types
of denial of service attacks, and unfortunately are very difficult to defend against. "Mail bombs"
are one example in which an attacker repeatedly sends large mail files in the attempt at filling the
server's disk file system thus preventing legitimate mail from being received.

Not all attacks on computer systems are malicious. Joyriders are just looking for
fun. Your system may be broken into just because it was easy, or to use the machine as a
platform to attack others. It may be difficult to detect intrusion on a system that is used for this
purpose. If the log files are modified, and if everything appears to be working, you may never

A vandal is malicious. They break in to delete files or crash computer systems
either because they don't like you, or because they enjoy destroying things. If a vandal breaks
into your computer, you will know about it right away. Vandals may also steal secrets and target
your privacy.


Spies are out to get secret information. It may be difficult to detect break-ins by
spies since they will probably leave no trace if they get what they are looking for.
A personal firewall, therefore, is one of the methods you can use to deny such intrusions.

Continue reading it-e-12 What is a Firewall

it-e-13 How Firewalls Work

Firewalls basically work as a filter between your application and network connection. They
act as gatekeepers and as per your settings, show a port as open or closed for communication.
You can grant rights for different applications to gain access to the internet and also in a reverse
manner by blocking outside applications trying to use ports and protocols and preventing attacks.
Hence you can block ports that you don't use or even block common ports used by Trojans.
Using Firewalls you can also block protocols, so restricting access to NetBIOS will prevent
computers on the network from accessing your data. Firewalls often use a combination of ports,
protocols, and application level security to give you the desired security.
Firewalls are configured to discard packets with particular attributes such as:
Specific source or destination IP addresses.
Specific protocol types.
TCP flags set/clear in the packet header.
Choose the firewalls which have the ability to ward off all intrusion attempts, control
applications that can access the internet, preventing the malicious scripts or controls from
stealing information or uploading files and prevent Trojans and other backdoor agents from
running as servers.
The purpose of having a firewall cannot be diminished in order to gain speed. However,
secure, high-performance firewalls are required to remove the bottleneck when using high speed
Internet connections. The World-Wide-Web makes possible the generation of enormous amounts
of traffic at the click of a mouse.
Most of these firewalls are free for personal use or offer a free trial period. All the personal
firewalls available can't ensure 100% security for your machine. Regular maintenance of the
machine is needed for ensuring safety.

Continue reading it-e-13 How Firewalls Work

it-e-14 Data Communications Channels

To get here to there, data must move through something. A telephone line, cable, or the
atmosphereare all transmission media, or channels. But before the data can be communicated, it
must be converted into a form suitable for communication.
Data communications lines can be connected in two types of configurations: point-to-point
and multidrop. A point-to-point line directly connects the sending and the receiving devices, and
a multidrop line connects many devices, not just one sending device and one receiving device.
The two ways of connecting microcomputers with each other and with other equipments are
through the cable and through the air. There are three basic forms into which data can be
converted for communication: electrical pulses or charges, electromagnetic waves, and pulses of
Specifically, five kinds of technology are used to transmit data. These are telephone lines
(twisted pair), coaxial cable, fiber-optic cable, microwave, and satellite.
Telephone Lines [1] Inexpensive, multiple-conductor cable comprised of one or more pairs
of 18 to 24 gauge copper strands. The strands are twisted to improve protection against
electromagnetic and radio frequency interference. The cable, which may be either shielded or
unshielded, is used in low-speed communications, as telephone cable. It is used only in baseband
networks because of its narrow bandwidth. Most telephone lines you see strung on poles consist
of cables made up of hundreds of copper wires are twisted pairs. Twisted pairs are susceptible to
a variety of types of electrical interference (noise), which limits the practical distance that data

can be transmitted without being garbled. Twisted pairs have been used for years for voice and
data transmission, however they are now being phased out by more technically advanced and
reliable media.
Coaxial Cable

Coaxial cable is a type of thickly insulated copper wire that can carry a
larger volume of data—about 100 million bits per second, the insulation is composed of a
nonconductive material covered by a layer of woven wire mesh and heavy-duty rubber or plastic.
In terms of number of telephone connections, a coaxial cable has 80 times the transmission
capacity of twisted pair. Coaxial cables are most often used as the primary communications
medium for local connected network in which all computer communication is within a limited
geographic area, such as in the same building.
Coaxial cable is also used for undersea telephone lines.
Fiber-Optic Cable [2]

A transmission medium composed of a central glass optical fiber
cable surrounded by cladding and an outer protective sheath. It transmits digital signals in the
form of modulated light from a laser or LED (light-emitting diode). In fiber-optic cable, data is
transmitted as pulses of light through tubes of glass. In terms of number of telephone connections,
fiber-optic cable has 20,000 times the transmission capacity of twisted pair. However, it is
significantly smaller. Indeed, a fiber-optic tube can be half the diameter of a human hair.
Although limited in the distance they can carry information, fiber-optic cables have several
advantages. Such cables are immune to electronic interference, which makes them more secure.
They are also lighter and less expensive than coaxial cable and are more reliable at transmitting
data. They transmit information using beams of light at light speeds instead of pulses of
electricity, making them far faster than copper cable. Fiber-optic cable is rapidly replacing
twisted-pair telephone lines.

Instead of using wire or cables, microwave systems can use the atmosphere as
the medium through which to transmit signals. Microwaves are high-frequency radio waves that
travel in straight lines through the air. Because the waves cannot bend with the curvature of the
earth, they can be transmitted only over short distances. Thus, microwave is a good medium for
sending data between buildings in a city or on a large college campus. For longer distances, the
waves must be relayed by means of "dishes", or antennas. These can be installed on towers, high
buildings, and mountaintops. Each tower facility receives incoming traffic, boosts the signal
strength, and sends the signal to the next station.
Satellites [3]

Satellite communications refers to the utilization of geostationary orbiting
satellites to relay the transmission received from one earth station to one or more earth stations.
They are the outcome of research in the area of communications whose objective is to achieve
ever-increasing ranges and capacities with the lowest possible costs. Orbiting about 22,000 miles
above the earth, satellites rotate at a precise point and speed above the earth. This makes them
appear stationary so they can amplify and relay microwave signals from one transmitter on the
ground to another. The primary advantage of satellite communication is the amount of area that can
be covered by a single satellite. It also has other features: long communication distance, and the

cost of station building is independent of the communication distance, operating in broadcasting
mode, easy for multiple access, sustaining heavy traffic, able to transport different types of service,
independent sending and receiving, and monitoring. Three satellites placed in particular orbits can
cover the entire surface of the earth, with some overlap. Their only drawback is that bad weather
can sometimes interrupt the flow of data.

Continue reading it-e-14 Data Communications Channels

it-e-15 Simple Introduction to VSAT

What is VSAT ? VSAT stands for Very Small Aperture Terminal//it's a catchy acronym

and as such it's been adopted by all and sundry for every type of satellite product from small
components of a system to complete systems. Because the term really hinges around the small size
of the antenna it has been used to describe both one-way and interactive systems. Specifically, we
in the industry, isolate television broadcast receivers because counting these as well would simply
distort the numbers in the marketplace, but data, audio and, to some extent, voice systems are
included. Generally, these systems operate in the Ku-band and C-band frequencies. As a rule of
thumb C-band (which suffers less from rain attenuation, but requires larger antennas) is used in
Asia, Africa and Latin America whilst Ku-band (which can use smaller antennas, but suffers from
rain fade in a monsoon-like downpour) is used in Europe and North America. Typically, interactive
Ku-band antenna sizes range from 75 centimetres to 1.8 metres and C-band from 1.8 metres to 2.4
metres. One way systems can use antennas as small as 45 centimetres.
What does a network look like? VSAT networks come in various shapes and sizes ranging
from star data system users with one site connected to an operator's shared hub to many
thousands based on a dedicated facilitylocated at their own site. Mesh systems have traditionally
been somewhat smaller in size than star systems//5 to 30 sites used to be a good rule of thumb
- but the average size of orders has risen as prices have come down and some rural telephony
networks now comprise as many as several hundred or even thousands of sites.
What is One-way Satellite ? One way systems rely on a transmitting station which
transmits one or more carriers to the satellite which re-broadcasts the signal over its coverage
area. All receive-only VSATs under the satellite footprint can then receive the signal or the
user/operator is able to define groups of VSATs from one to all on the network. Broadcast
systems are used for data and audio. The most popular application for data is the transmission of
financial feeds//Reuters, Telerate and KnightRidder are good examples of companies with
large data broadcasting networks//however, there are many other uses, such as software
downloads, file transfers, transmission of press agency news items (with pictures) and the
broadcast of paging messages for terrestrial transmission to the pagers themselves.
Who uses VSAT ? You name it really, car dealerships, gas stations, lottery systems, banks,
insurance companies, drug stores, general stores, supermarkets, healthcare companies, manufacturers,
couriers, hotel chains, car rental businesses, food manufacturers, heavy industries, mines, electrical
utilities, oil and gas pipelines, energy production and exploration, timbercompanies, plantations,
various government departments and agencies ... any others you can think of, just add to the list.


aperture ['æpə,tjuə] 英汉翻译

n. 孔,穴;缝隙;(照相机,望远镜等的)光圈,孔径

catchy ['kætʃi] 英汉翻译

adj. 引人注意的;容易记住的;易使人上当的

acronym ['ækrəunim] 英汉翻译

n. 首字母缩略词

sundry ['sʌndri] 英汉翻译

adj. 杂的;各式各样的n. 杂货;杂项

1, hinges   
n. 铰链;合页(hinge的复数);小五金
v. 给…装上绞链;使以…为条件(hinge的第三人称单数形式)
2, antenna  [æn'tenə]
n. 天线;触角,触须
3, distort  [dis'tɔ:t]
vt. 扭曲;曲解;使失真
vi. 扭曲;变形
4, frequencies   
n. 频率(frequency的复数形式);频数分析;次数分配表
5, attenuation  [ə,tenju'eiʃən]
n. 衰减;变薄;稀释
6, hinge  [hindʒ]
n. 铰链;枢纽;关键
vt. 给…安装铰链
vi. 依…而转移
7, monsoon  [mɔn'su:n]
n. 季候风;(印度等地的)雨季;季风
8, downpour  ['daunpɔ:]
n. 倾盆大雨;注下
9, dedicated  ['dedikeitid]
adj. 专注的;献身的;专用的
v. 以…奉献;把…用于(dedicate的过去式和过去分词)
10, facility  [fə'siliti]
n. 设备;灵巧;容易;设施
11, mesh  [meʃ]
n. 网眼;网丝;圈套
vi. 相啮合
vt. 啮合;以网捕捉
12, terrestrial  [ti'restriəl, tə-]
adj. 陆地的,陆生的;地球的;人间的
n. 陆地生物;地球上的人
13, dealership  ['di:ləʃip]
n. 代理权;代理商;经销权
14, timber  ['timbə]
n. 木料;木材

Continue reading it-e-15 Simple Introduction to VSAT

it-e-16 Main Factors Affecting data Tansmission

There are several factors that affect data transmission. They include speed or bandwidth,
serial or parallel transmission, direction of data flow, modes of transmission data, and protocols.

The different communications channels have different data transmission speeds.
This bit-per-second transmission capability of a channel is called its bandwidth. Bandwidth may be
of three types: voiceband, medium band, and broadband. Voiceband is the bandwidth of a standard
telephone line and used often for microcomputer transmission, the bps is 300-9600. Medium band
is the bandwidth of special liased lines used mainly with minicomputers and mainframe computers,
the bps is 56,000/264 million. Broadband is the bandwidth that includes microwave, satellite,
coaxial cable, and fiber-optic channels. It is used for very high-speed computers whose processors
communicate directly with each other. It is in the range of 56,000/30 billion bps.
Serial or Parallel Transmission Data travels in two ways: serially and in parallel. In serial
data transmission, bits flow in a serial or continuous stream, like cars crossing a one-lane bridge. Each
bit travels on its own communications line. [1]Serial transmission is the way most data is sent over
telephones lines. Thus, the plug-in board making up the serial connector in a microcomputer's modem
is usually called a serial port. More technical names for the serial port are RS-232C connector and
asynchronous communications port. With parallel data transmission, bits flow through separate lines
simultaneously. In other words, they resemble cars moving together at the same speed on a multilane
freeway. Parallel transmission is typically limited to communications over short distances and is not
used over telephone lines. It is, however, a standard methods of sending data from a computer's CPU
to a printer.
Direction of Data Transmission

There are three directions or modes of data flow in a data
communications system: simplexcommunication, half-duplex communication, and full-duplex
communication. Simplex communication resembles the movement of cars on a one-way street.
Data travels in one direction only. It is not frequently used in data communication systems today.
One instance in which it is used may be in point-of sale (POS) terminals in which data is being
entered only. In half-duplex communication, data flows in both directions, but not simultaneously.
That is, data flows in only one direction at any one time. This resembles traffic on a one-lane

bridge. Half-duplex is very common and is frequently used for linking microcomputers by
telephone lines to other microcomputers, minicomputers, and mainframes. Thus, when you dial
into an electronic bulletin  board through your microcomputer, you may well be using half-duplex
communication. In full-duplex communication, data is transmitted back and forth at the same
time, like traffic on a two-way street. It is clearly the fastest and most efficient form of two-way
communication. However, it requires special equipment and is used primarily for mainframe
communications. An example is the weekly sales figures that a supermarket or regional office
sends to its corporate headquarters in another place.
Modes of Transmitting Data

Data may be sent by asynchronous or synchronous transmission.
In asynchronous transmission, the method frequently used with microcomputers, data is sent and
received one byte a time. Asynchronous transmission is often used for terminals with slow speeds. Its
advantage is that the data can be transmitted whenever convenient for the sender. Its disadvantage is a
relatively slow rate of data transfer. Synchronous transmission is used to transfer great quantities of
information by sending several bytes or a block at a time. For the data transmission to occur, the
sending and receiving of the blocks of bytes must occur at carefully timed intervals. Thus, the system
requires a synchronized clock. Its advantage is that data can be sent very quickly. Its disadvantage is
the cost of the required equipment.

For data transmission to be successful, sender and receiver must follows a set of
communication rules for the exchange of information. These rules for exchanging data between
computers are known as the line protocol. A communication software package like Crosstalk
helps define the protocol, such as speeds and modes, for connecting with another microcomputer.
TCP/IP ( Transmission Control Protocol and Internet Protocol) are the two standard protocols for
communications on the Internet.
TCP/IP is the "language" of the Internet. It is a networking technology developed by the
United States Government Defense Advanced Research Project Agency (DARPA) in the 1970s.
It is most commonly employed to provide access to the Internet but can be and is used by many
people to create a LAN that may or may not connect to the Internet. In many aspects TCP/IP is a
client/server-type LAN, but many manufacturers of TCP/IP software have applications that allow
the "clients" to serve files or even applications. TCP/IP is truly an open systems protocol. This
means that no one manufacturer creates the product—any computer running TCP/IP software can
connect to anyone else who has TCP/IP software (provided the user has an account and security
permissions), regardless of who made the particular version of software.
When different types of microcomputers are connected in a network, the protocols can
become very complex. Obviously, for the connections to work, these network protocols must
adhere to certain standards. The first commercially available set of standards was IBM's Systems
Network Architecture (SNA). This works for IBM's own equipment, but other machines won't
necessarily communicate with them. The International Standards Organization has defined a set of
communications protocols called the Open Systems Interconnection (OSI). The purpose of the OSI
model is to identify functions provided by any network. [2]It separates each network's functions into

seven "layers" of protocols, or communication rules. When two network systems communicate,
their corresponding layers may exchange data. [3]This assumes that the microcomputers and other
equipment on each network have implemented the same functions and interfaces.

1, resemble  [ri'zembl]
v. 相似,类似,像
2, simultaneously   
ad. 同时地(联立地)
3, simplex  ['simpleks]
4, duplex  ['dju:pleks]
[计算机] 双方的
5, bulletin  ['bulətin]
n. 公报
vt. 发表

Continue reading it-e-16 Main Factors Affecting data Tansmission

it-e-17 Computer System Security

Please notice that the term computer system here includes hardware, software, network
transmission paths, and people who interact with these components. By this definition,
everything from a desktop workstation to the Internet qualifies as a computer system.
An attacker is a person who tries to gain an advantage by exploiting a security hole.
Attackers are misfeasors, masqueraders, or clandestine users.

These authorized users gain additional but unauthorized access to resources on
a system or otherwise misuse their authorization. Examples include programmers who use their
accounts to exploit operating system (OS) vulnerabilities and gain administrative privileges, or
accountants who embezzlemoney by falsifying records in a database to which they have regular
access. A misfeasor is an "inside" person, someone within an organization who introduces a
security risk or poses a threat.

These people use authorized user access privileges to enter a system and
then, posing as that user, attack the system. Examples include hackers who obtain usernames and
passwords by cracking password files, and then use that information to gain entry to the system.
Masqueraders are usually persons outside the organization.
Clandestine Users

These individuals are insiders or outsiders who obtain their own, distinct
unauthorized access to a system. Examples include hackers who obtain administrative access to a
system long enough to create their own user accounts for subsequent access.
The concepts of access and authorization are not necessarily limited to user accounts within
an OS. Physical access to an equipment closet or authorization to place orders for new telephony
service are examples of other types of access and authorization. All persons who have any degree
of physical or logical interaction with a system, its components, or its processes are capable of
compromising system security.

The goals of an attacker range from innocuous to severely damaging:
Trophy Grabbing

Most thrill-seeking attackers are trophy grabbing. Their intent is not to
disrupt or damage a system, but to prove that they can enter the system. Such accomplishments
are badges of achievement in the hacker community.
Information Theft

The most common goal of a security attack is information theft. Intruders
seek sensitive information such as credit card numbers, usernames, passwords, and medical records.
Service Theft

This type of attack involves attackers who use computer resources without
paying for them. Software pirates who crack systems to host stolen software, or warez, for others
to download are guilty of service theft. Clandestine users also commit service theft by having
unauthorized accounts on a server.
Identity Theft

This is the act of illegally assuming the identity of another person, or
masquerading, to gain control of that person's resources (usually computer and economic
privileges). An example of this is an attacker who uses stolen social security numbers and credit
histories to establish and exercise unauthorized lines of credit. Identity theft does not necessarily
involve information theft. For example, an attacker can commit e-mail forgerywithout stealing
sensitive information about the e-mail address owner.

This attack is more serious than information theft because the attacker alters
data rather than simply copying it. A student who changes a grade in a university registrar's
database is tampering. This example is stealthy tampering/the attack is not intended to draw
attention. A more extreme form of tampering is defacement, in which a hacker alters a system in
a very noticeable way, usually to make a personal or political statement. The disgruntled
computer operator who, upon dismissal, embeds nasty messages about management in a login
script, or the activist group that hacks into a corporate Web site are typical examples.
Denial of Service (DoS)

DoS can be the most damaging type of security attack. It
diminishes server capacity for authorized clients and temporarily disrupts access to the system. In
the worst cases, DoS attacks render a system unusable for a protracted period by destroying not
only its ability to communicate, but also any data that has been entrusted to it. DoS also can
occur as an unintentional side effect of service theft. For example, hosting pirated warez can
bring down a system because of the excessive download activity.

Although attackers continue to create new methods for violating computer system security,
the vulnerabilities they exploit remain the same. These vulnerabilities can be divided into five
Implicit Trust

The unquestioning, unchecked acceptance of a person or agent. Attacks that
exploit this vulnerability include: compromised system utilities, e-mail forgery, IP spoofing,
keystroke monitoring, logic bomb, masquerading, shoulder surfing, social engineering, Trojan
horse, trapdoor.

A defense is a countermeasurefor dealing with security attacks. Administrators can employ
five types of defenses:
ObfuscationConfusing the attacker by obscuring publicly available information that exposes
vulnerability. Examples include: anonymity, encryption, packet stuffing, public key cryptography,
shielding, steganography, trash disposal.
Authentication and Authorization Ensuring that a person or system claiming an identity is
the real owner of the identity, and granting access on a "must have" basis. Examples include:
badges and cards, biometrics, password, shared secret, signature, watermark.
Monitoring and Auditing Observing system vulnerabilities, either in real time or through
audit tools, to detect attacks. Examples include: filtering, firewall, integrity check, intrusion
detection, misuse detection, password checker, peer review, process review, security audit tools,
virus detection.
Currency Consistently using tested software updates and periodically reviewing human
processes and procedures. Examples include: patching, process review, upgrading.
Education and Enforcement Effectively equipping system designers and users with
knowledge of security risks, and then enforcing application of this knowledge. Examples include:
reminders, tip of the day, training.
The key to preventing security attacks from diminishing system performance is knowledge.
IT administrators can develop their security strategies by studying historical and contemporary
attacks, appropriate defenses, and the evolving trends in the computer security industry.

1, misfeasor  [,mis'fi:zə]
n. 违法行为者;滥用职权者
2, masquerader  [,mæskə'reidə]
n. 冒充者;戴假面具者;参加假面舞会的人
3, clandestine  [klæn'destin]
a. 秘密的
4, embezzle  [im'bezl]
v. 盗用,挪用
5, falsify  [fɔ:lsifai]
vt. 伪造;篡改;歪曲;证明...虚假
vi. 撒谎
6, compromising  
7, innocuous  [i'nɔkjuəs]
a. 无害的,无毒的
8, trophy  ['trəufi]
n. 奖品,战利品
9, intruders  
n. 入侵者;闯入者(intruder的复数形式);爱管闲事的人
10, forgery  ['fɔ:dʒəri]
n. 伪造,伪造罪,伪造物
11, tampering  ['tæmpəriŋ]
a. 干预的,干涉的
12, defacement  [di'feismənt]
n. 损坏外表;乱涂;损毁物
13, dismissal  [dis'misəl]
n. 免职,解雇
14, nasty  ['næsti]
a. 污秽的,下流的,险恶的,(气味等)另人作呕的,脾气不好的,恶意的,
15, exploit  [iks'plɔit]
n. 功绩,勋绩
v. 开发,利用,开拓
16, countermeasure  ['kauntə,meʒə]
n. 对策
17, obfuscation  [,ɔbfʌ'skeiʃən]
n. 困惑;模糊;昏迷
18, obscuring  
n. 模糊
v. 使…含糊;隐藏(obscure的ing形式)

Continue reading it-e-17 Computer System Security

it-e-18 Network Architecture

Network architecture describes how computer network is arranged and how computer
resources are shared.
There are a number of specialized terms that describes computer network. Some terms often
used with networks are: node, client, server, network operating system, distributed processing
and host computer.
A node is any device that is connected to a network. It could be a computer, printer, or
communication or data storage device.
A client is a node that requests and uses resources available from other nodes. Typically, a

client is a user's microcomputer.
A server is a node that shares resources with other nodes. Depending on the resources
shared, it may be called a file server, printer server, communication server, or database server.
Network operating system likes Windows, it controls and coordinate the activities between
computers on a network. These activities include electronic communication, information, and
resource sharing.
In a distributed processing system, computing power is located and shared at different
locations. [1]This type of system is common in decentralized organizations where divisional
offices have their own computer systems. The computer systems in the divisional offices are
networked to the organization's main or centralized computer.
Host computer is a large centralized computer, usually a minicomputer or a mainframe.
A network may consist only of microcomputers, or it may integrate microcomputers or
other devices with large computers. [2]Networks can be controlled by all nodes working together
equally or by specialized nodes coordinating and supplying all resources. Networks may be
simple or complex, self-contained or dispersed over a large geographical area.
Configuration A network can be arranged or configured in several different ways. The
four principal configurations are star, bus, ring, and hierarchical.
In a star network, a number of small computers or peripheral devices are linked to a central
unit. This central unit may be a host computer or a file server. All communications pass through
this central unit. Control is maintained by polling. That is, each connecting device is asked
whether it has a message to send. Each device is then in turn allowed to send its message. One
particular advantage of the star form of network is that it can be used to provide a time-sharing
system. That is, several users can share resources ("time") on a central computer. The star is a
common arrangement for linking several microcomputers to a mainframe that allows access to an
organization’s database.
In a bus network, each device in the network handles its own communications control. There
is no host computer. All communications travel along a common connecting cable called a bus. As
the information passes along the bus, it's examined by each device to see if the information is
intended for it. The bus network is typically used when only a few microcomputers are to be linked
together. This arrangement is common in systems for electronic mail or for sharing data stored on
different microcomputers. The bus network is not as efficient as the star network for sharing
common resources. (This is because the bus network is not a direct link to the resource.) However,
a bus network is less expensive and is in very common use.
In a ring network, each device is connected to two other devices, forming a ring. There is no
central file server or computer. Message are passed around the ring until they reach the correct
destination. With microcomputers, the ring arrangement is the least frequently used of the four
networks. However, it often is used to link mainframes, especially over wide geographical areas.
These mainframes tend to operate fairly autonomously. They perform most or all of their own
processing and only occasionally share data and programs with other mainframes. A ring

network is useful in a decentralized organization because it makes possible a distributed data
processing system. That is, computers can perform processing tasks at their own dispersed
locations. However, they can also share programs, data and other resources with each other.
The hierarchical network consists of several computers linked to a central host computer,
just like a star network. However, these other computers are also hosts to other, smaller
computers or to peripheral devices. Thus, the host at the top of the hierarchy could be a
mainframe. The computers below the mainframe could be minicomputers, and those below,
microcomputers. The hierarchical network—also called a hybrid network—allows various
computers to share databases, processing power, and different output devices. A hierarchical
network is useful in centralized organizations. For example, different departments within an
organization may have individual microcomputers connected to departmental minicomputers.
The minicomputers in turn may be connected to the corporation’s mainframe, which contains
data and programs accessible to all.

Every network has a strategy or way of coordinating the sharing of information
and resources. The most common network strategies are peer-to-peer and client/server systems.
In a peer-to-peer network system nodes can act as both servers and clients. For example, one
microcomputer can obtain files located on another microcomputer and can also provide files to
other microcomputers. A typical configuration for a peer-to-peer system is the bus network.
Commonly used net operating systems are Apple's Macintosh Peer-to-Peer LANs, Novell’s
Netware Lite, and Microsoft's Windows for Workgroups. There are several advantages to using this
type of strategy. The networks are inexpensive and easy to install, and they usually work well for
smaller systems with less than ten nodes. As the number of nodes increases, however, the
performance of the network declines. Another disadvantage is the lack of powerful management
software to effectively monitor a large network's activities. For these reasons, peer-to-peer network
are typically used by small networks.
Client/server network systems use one powerful computer to coordinate and supply services to
all other nodes on the network. This strategy is based on specialization. Server nodes coordinate
and supply specialized services, and client nodes request the services. Commonly used net
operating systems are Novell's Netware, Microsoft's LAN and Windows NT. One advantage of
client/server network systems is their ability to handle very large networks efficiently. Another
advantage is the powerful network management software that monitors and controls the network's
activities. The major disadvantages are the cost of installation and maintenance.

1, term  [tə:m]
n. 学期,术语,名词,期限
v. 称,呼
2, peripheral  [pə'rifərəl]
a. 不重要的,外围的
3, hybrid  ['haibrid]
n. 杂种,混血儿;混合物
adj. 混合的;杂种的
4, dispersed  [di'spə:st]
adj. 散布的;被分散的;被驱散的
v. 分散;传播(disperse的过去分词)

Continue reading it-e-18 Network Architecture


Total views.

© 2013 - 2022. All rights reserved.

Powered by Hydejack v6.6.1