Professional Documents
Culture Documents
X-12 electronic envelope – contains the electronic address of the receiver, communications Access Control
protocols, and control information
To guard against unauthorized access, each company must establish valid vendor and
Functional group – a collection of transaction sets (electronic documents) for a particular customer files. Inquiries against databases can thus be validated, and unauthorized
business application, such as a group of sales invoice or POs attempts at access can be rejected.
Transaction set – composed of data segments and data elements EDI Audit Trail – one technique is to maintain a control log, which records the transaction’s
flow through each phase of the EDI system
Benefits of EDI
AUDITING PC-BASED ACCOUNTING SYSTEMS
Common EDI savings that justify the approach:
PC applications – tend to be general-purpose systems that serve a wide range of needs and
Data keying
allows software vendors to mass-produce low-cost and error-free standard products
Error reduction
Reduction of paper PC Systems Risks and Controls:
Postage
Automated procedures 1. Operating System Weakness – PCs provide only minimal security for data files and
Inventory reduction programs contained within them
2. Weak Access Control – a computer criminal attempting to circumvent the log-on
Financial EDI procedure may do so by forcing the computer to boot from CD-ROM, whereby an
uncontrolled operating system can be loaded into the computer’s memory
Electronic Funds Transfer – used for cash disbursement and cash receipts processing and is
3. Inadequate Segregation of Duties – employees in PC environments may have access
more complicated than using EDI for purchasing and selling activities
to multiple applications that constitute incompatible tasks
The buyer’s EDI system receives the purchase invoices and automatically approves 4. Multilevel Password – used to restrict employees who are sharing the same
them for payment. computers to specific directories, programs and data files
5. Risk of Theft – because of their size, PCs are objects of theft and the portability of Protocols – rules and standards governing the design of hardware and software that permit
laptops places them at the highest risk users of networks, which different vendors have manufactured, to communicate and share
6. Weak Backup Procedures – primary cause of data loss in PC environments data
7. Risk of Virus Infection – one of the most common threats to PC integrity and system
availability What Functions Do Protocols Perform?
1. They facilitate the physical connection between network devices.
APPENDIX 2. They synchronize the transfer of data between physical devices.
3. They provide a basis for error checking and measuring network performance.
Section A: Internet Technologies 4. They promote compatibility among network devices.
Internet – was developed for the U.S. military and later became used widely for academic and 5. They promote network designs that area flexible, expandable, and cost-effective.
government research whose growth is attributed to three factors: The Layered Approach to Network Protocol – its purpose is to create a modular
environment that reduces complexity and permits changes to one layer without
1. In 1995, national commercial telecommunications companies took control of the adversely affecting another
backbone elements of the Internet and have continued to enhance their o Open system interface (OSI) – layered set of protocols developed the data
infrastructures. Large Internet service providers (ISPs) can link into these backbones communication community through International Standards Organization
to connect their subscribers, and smaller ISPs can connect directly to the national
backbones or into one of their larger ISPs. Internet Protocols
2. Online services connect to the internet for e-mail, which enables users of different Transfer control protocol/Internet protocol (TCP/IP) – basic protocol that permits
services to communicate with each other. communication between Internet sites
3. The development of graphics-based Web browsers has made accessing the Internet a
simple task. - controls how individual packets of data are formatted, transmitted, and received
- ensures that the total number of data bytes transmitted was received
Components:
Common protocols that area used for specific tasks:
1. Packet Switching – basis for communications technologies
2. Virtual Private Networks – private network within a public network 1. File Transfer Protocols (FTP) – used to transfer text files, programs, spreadsheets,
3. Extranets – password-controlled network for private users rather than the general and databases across the internet
public TELNET – terminal emulation protocol used in TCP/IP-based networks, that
4. World Wide Web – an Internet facility that links user sites locally and around the allows to run programs and review data from a remote terminal or computer
world 2. Mail Protocols
5. Internet Addresses – uses three types of addresses for communications: Simple network mail protocol (SNMP) – the most popular protocol for
E-mail addresses – the format is USER NAME@DOMAIN NAME, from which transmitting e-mail messages
there are no spaces between any of the words Post office protocol (POP) and Internet message access protocol (IMAP) –
Web site URL addresses – the address that defines the path to a facility or file other e-mail protocols
of the Web 3. Security Protocols
Internet Protocol (IP) addresses of individual computers attached to a Security sockets layer (SSL) - low-level encryption scheme used to secure
network – currently represented by a 32-bit data packet transmissions in higher-level HTTP format
- the general format is four sets of number separated by periods Private communications technology (PCT) – a security protocol that provides
- the decomposition of the code into its component varies depending on secure transactions over the Web
the class to which it is assigned Secure electronic transmission (SET) – an encryption scheme developed by a
consortium of technology firms and banks to ensure credit card transactions
Privacy enhanced mail (PEM) – standard for secure e-mail on the Internet that 4. Bus Topology – most popular LAN topology and is named because the nodes are all
supports encryption, digital signatures, and digital certificates, as well as both connected to a common cable – the bus, wherein one or more servers centrally
private and public key methods control communications and file transfers between workstations
4. Network News Transfer Protocol (NNTP) – used to connect to Usenet groups on the 5. Client-Server Topology – distributes the processing between client’s computer and
Internet the central file server
5. HTTP and HTTP-NG
HTTP – controls Web browsers that access the Web NETWORK CONTROL – majority resides with software in the host computer, but control
- when the user clicks on a link to a Web page, a connection is established resides in servers and terminals at the nodes and in the switches located throughout the
and the Web page is displayed, then the connection is broken network
HTTP-NG – stands for Hypertext transport protocol-next generation Purpose is to perform the following tasks:
- an enhanced version of HTTP protocol that maintains the simplicity of
HTTP while adding important features such as security and authentication 1. Establish communications sessions between the sender and receiver.
6. HTML – stands for Hypertext markup language 2. Manage the flow of data across the network.
- a document format used to produce Web pages and is used to lay out 3. Detect and resolve data collisions between competing nodes.
information for display in an appealing manner 4. Detect errors in data that line failure or signal degeneration cause.
Section B: Intranet Technologies Data Collision – two or more signals transmitted simultaneously that destroy both manages
NETWORK TOPOLOGIES – the physical arrangement of the components of the network Three basic methods of controlling data collusion
Local Area Networks and Wide Area Networks 1. Polling – one site, designated the master, polls the other slave sites to determine if
they have data to transmit
LANs – often confined to a single room in a building, or they may link several - if a slave responds in the affirmative, the master site locks the network while the
buildings within close geographic, but can cover distances of several miles and data are transmitted and the remaining sites must wait until they are polled
connect hundreds of users before they can transmit
o Nodes – components connected to LAN
WANs – when networks exceed the geographic limitations of the LAN, and are Advantages:
often commercial networks that the organization leases because of the distances
Polling is noncontentious, meaning, because nodes can send data only when
involved and high cost of telecommunication infrastructure
the master nodes request, two nodes can never access the network at the
Network Interface Cards (NIC) – achieves the physical connection of workstations to the LAN, same time.
which fits into one of the expansion slots in the microcomputer An organization can set priorities for data communications across the
network
Servers – special-purpose computers that manage common resources shared by LAN modes 2. Token Passing – involves transmitting a special signal – the token – around the
Five Basic Network Topologies: network from node to node in a specific sequence
- each node on the network receives the token, regenerates it, and passes it to the
1. Star Topology – describes a network of computers with a large central computer (the next node from which only the node processing the token is allowed to transmit
host) at the hub that has direct connections to a periphery of smaller computers data
2. Hierarchical Topology – one in which a host computer is connected to several levels Advantage: its deterministic access method, which avoids data collisions
of subordinate, smaller computers in a master-slave relationship 3. Carrier Sensing – a random access technique that detects collisions when they occur
3. Ring Topology – a peer-to-peer arrangement in which all nodes are of equal status; - formally labelled carrier-sensed multiple access with collision detection
thus, responsibility for managing communications is distributed among nodes (CSMA/CD) and is used with bus topology
- the node wishing to transmit, listens to the bus to determine if it is in use, and
transmits its message if it senses no transmission
Ethernet – best-known LAN software that uses CSMA/CD
Advantages over token ring:
1. The technology, being relatively simple, is well suited to the less costly
twisted-pair cabling.
2. The network interface cards that Ethernet uses are much less
expensive.
3. Ethernet uses a bus topology, which is easier to expand.
VIRUS – a program that attaches itself to legitimate program to penetrate the operating
system and destroy application programs, data files, and the operating system itself. I
WORM – a software program that virtually burrows into the computer’s memory and
replicates itself into areas of idle memory
BACK DOOR – a software program that allows unauthorized access to a system without going
through the normal log-on procedure
TROJAN HORSE – a program whose purpose is to capture IDs and passwords from
unsuspecting users