Showing posts with label IT. Show all posts
Showing posts with label IT. Show all posts

16 December 2019

💻IT: Technology (Just the Quotes)

"Systems engineering embraces every scientific and technical concept known, including economics, management, operations, maintenance, etc. It is the job of integrating an entire problem or problem to arrive at one overall answer, and the breaking down of this answer into defined units which are selected to function compatibly to achieve the specified objectives. [...] Instrument and control engineering is but one aspect of systems engineering - a vitally important and highly publicized aspect, because the ability to create automatic controls within overall systems has made it possible to achieve objectives never before attainable, While automatic controls are vital to systems which are to be controlled, every aspect of a system is essential. Systems engineering is unbiased, it demands only what is logically required. Control engineers have been the leaders in pulling together a systems approach in the various technologies." (Instrumentation Technology, 1957)

"Doing engineering is practicing the art of the organized forcing of technological change." (George Spencer-Brown, Electronics, Vol. 32 (47),  1959)

"The decision which achieves organization objectives must be both (1) technologically sound and (2) carried out by people. If we lose sight of the second requirement or if we assume naively that people can be made to carry out whatever decisions are technically soundwe run the risk of decreasing rather than increasing the effectiveness of the organization." (Douglas McGregor, "The Human Side of Enterprise", 1960)

"Any sufficiently advanced technology is indistinguishable from magic." (Arthur C Clarke, "Profiles of the Future: An Inquiry into the Limits of the Possible", 1962)

"Science is the reduction of the bewildering diversity of unique events to manageable uniformity within one of a number of symbol systems, and technology is the art of using these symbol systems so as to control and organize unique events. Scientific observation is always a viewing of things through the refracting medium of a symbol system, and technological praxis is always handling of things in ways that some symbol system has dictated. Education in science and technology is essentially education on the symbol level." (Aldous L Huxley, "Essay", Daedalus, 1962)

"Engineering is the art of skillful approximation; the practice of gamesmanship in the highest form. In the end it is a method broad enough to tame the unknown, a means of combing disciplined judgment with intuition, courage with responsibility, and scientific competence within the practical aspects of time, of cost, and of talent. This is the exciting view of modern-day engineering that a vigorous profession can insist be the theme for education and training of its youth. It is an outlook that generates its strength and its grandeur not in the discovery of facts but in their application; not in receiving, but in giving. It is an outlook that requires many tools of science and the ability to manipulate them intelligently In the end, it is a welding of theory and practice to build an early, strong, and useful result. Except as a valuable discipline of the mind, a formal education in technology is sterile until it is applied." (Ronald B Smith, "Professional Responsibility of Engineering", Mechanical Engineering Vol. 86 (1), 1964)

"It is a commonplace of modern technology that there is a high measure of certainty that problems have solutions before there is knowledge of how they are to be solved." (John K Galbraith, "The New Industrial State", 1967)

"In many ways, project management is similar to functional or traditional management. The project manager, however, may have to accomplish his ends through the efforts of individuals who are paid and promoted by someone else in the chain of command. The pacing factor in acquiring a new plant, in building a bridge, or in developing a new product is often not technology, but management. The technology to accomplish an ad hoc project may be in hand but cannot be put to proper use because the approach to the management is inadequate and unrealistic. Too often this failure can be attributed to an attempt to fit the project to an existing management organization, rather than molding the management to fit the needs of the project. The project manager, therefore, is somewhat of a maverick in the business world. No set pattern exists by which he can operate. His philosophy of management may depart radically from traditional theory." (David I Cleland & William R King, "Systems Analysis and Project Management", 1968)

"Technological invention and innovation are the business of engineering. They are embodied in engineering change." (Daniel V DeSimone & Hardy Cross, "Education for Innovation", 1968)

"Advanced technology required the collaboration of diverse professions and organizations, often with ambiguous or highly interdependent jurisdictions. In such situations, many of our highly touted rational management techniques break down; and new non-engineering approaches are necessary for the solution of these 'systems' problems." (Leonard R Sayles &Margaret K Chandler, "Managing Large Systems: The Large-Scale Approach", 1971)

"It follows from this that man's most urgent and pre-emptive need is maximally to utilize cybernetic science and computer technology within a general systems framework, to build a meta-systemic reality which is now only dimly envisaged. Intelligent and purposeful application of rapidly developing telecommunications and teleprocessing technology should make possible a degree of worldwide value consensus heretofore unrealizable." (Richard F Ericson, "Visions of Cybernetic Organizations", 1972)

"Technology can relieve the symptoms of a problem without affecting the underlying causes. Faith in technology as the ultimate solution to all problems can thus divert our attention from the most fundamental problem - the problem of growth in a finite system." (Donella A Meadows, "The Limits to Growth", 1972)

"Modern scientific principle has been drawn from the investigation of natural laws, technology has developed from the experience of doing, and the two have been combined by means of mathematical system to form what we call engineering." (George S Emmerson, "Engineering Education: A Social History", 1973)

"The system of nature, of which man is a part, tends to be self-balancing, self-adjusting, self-cleansing. Not so with technology." (Ernst F Schumacher, "Small is Beautiful", 1973)

"Above all, innovation is not invention. It is a term of economics rather than of technology. [...] The measure of innovation is the impact on the environment. [...] To manage innovation, a manager has to be at least literate with respect to the dynamics of innovation." (Peter F Drucker, "People and Performance", 1977)

"Numeracy has two facets-reading and writing, or extracting numerical information and presenting it. The skills of data presentation may at first seem ad hoc and judgmental, a matter of style rather than of technology, but certain aspects can be formalized into explicit rules, the equivalent of elementary syntax." (Andrew Ehrenberg, "Rudiments of Numeracy", Journal of Royal Statistical Society, 1977)

"Engineering or Technology is the making of things that did not previously exist, whereas science is the discovering of things that have long existed." (David Billington, "The Tower and the Bridge: The New Art of Structural Engineering", 1983)

"No matter how high or how excellent technology may be and how much capital may be accumulated, unless the group of human beings which comprise the enterprise works together toward one unified goal, the enterprise is sure to go down the path of decline." (Takashi Ishihara, Cherry Blossoms and Robotics, 1983)

"People’s views of the world, of themselves, of their own capabilities, and of the tasks that they are asked to perform, or topics they are asked to learn, depend heavily on the conceptualizations that they bring to the task. In interacting with the environment, with others, and with the artifacts of technology, people form internal, mental models of themselves and of the things with which they are interacting. These models provide predictive and explanatory power for understanding the interaction." (Donald A Norman, "Some observations on Mental Models", 1983)

"With the changes in technological complexity, especially in information technology, the leadership task has changed. Leadership in a networked organization is a fundamentally different thing from leadership in a traditional hierarchy." (Edgar Schein, "Organizational Culture and Leadership", 1985)

"[Computer and other technical managers] must become business managers or risk landing on the technological rubbish heap." (Jim Leeke, PC Week, 1987)

"Most managers are not capable of making decisions involving complex technological matters without help - lots of it. [...] The finest technical people on the job should have a dual role: doing technical work and advising management." (Philip W Metzger, "Managing Programming People", 1987)

"People don't want to understand all the components; they just want to make it [the technology] happen." (Bernadine Nicodemus, PC Week, 1987)

"The major problems of our work are not so much technological as sociological in nature. Most managers are willing to concede the idea that they’​​​​​​ve got more people worries than technical worries. But they seldom manage that way. They manage as though technology were their principal concern. They spend their time puzzling over the most convoluted and most interesting puzzles that their people will have to solve, almost as though they themselves were going to do the work rather than manage it. […] The main reason we tend to focus on the technical rather than the human side of the work is not because it’​​​​​​s more crucial, but because it’​​​​​​s easier to do." (Tom DeMarco & Timothy Lister, "Peopleware: Productive Projects and Teams", 1987)

"Information technology can capture and process data, and expert systems can to some extent supply knowledge, enabling people to make their own decisions. As the doers become self-managing and self-controlling, hierarchy - and the slowness and bureaucracy associated with it - disappears." (Michael M Hammer, "Reengineering Work: Don't Automate, Obliterate", Magazine, 1990) [source]

"The new information technologies can be seen to drive societies toward increasingly dynamic high-energy regions further and further from thermodynamical equilibrium, characterized by decreasing specific entropy and increasingly dense free-energy flows, accessed and processed by more and more complex social, economic, and political structures." (Ervin László, "Information Technology and Social Change: An Evolutionary Systems Analysis", Behavioral Science 37, 1992)

"Ignorance of science and technology is becoming the ultimate self-indulgent luxury." (Jeremy Bernstein, "Cranks, Quarks, and the Cosmos: Writings on Science", 1993)

"Technology is nothing. What’s important is that you have a faith in people, that they’re basically good and smart, and if you give them tools, they’ll do wonderful things with them." (Steve Jobs, Rolling Stone, 1994)

"Now that knowledge is taking the place of capital as the driving force in organizations worldwide, it is all too easy to confuse data with knowledge and information technology with information." (Peter Drucker, "Managing in a Time of Great Change", 1995)

"Commonly, the threats to strategy are seen to emanate from outside a company because of changes in technology or the behavior of competitors. Although external changes can be the problem, the greater threat to strategy often comes from within. A sound strategy is undermined by a misguided view of competition, by organizational failures, and, especially, by the desire to grow." (Michael E Porter, "What is Strategy?", Harvard Business Review, 1996)

"Management is a set of processes that can keep a complicated system of people and technology running smoothly. The most important aspects of management include planning, budgeting, organizing, staffing, controlling, and problem solving. Leadership is a set of processes that creates organizations in the first place or adapts them to significantly changing circumstances. Leadership defines what the future should look like, aligns people with that vision, and inspires them to make it happen despite the obstacles." (John P Kotter, "Leading Change", 1996)

"Networks constitute the new social morphology of our societies, and the diffusion of networking logic substantially modifies the operation and outcomes in processes of production, experience, power, and culture. While the networking form of social organization has existed in other times and spaces, the new information technology paradigm provides the material basis for its pervasive expansion throughout the entire social structure." (Manuel Castells, "The Rise of the Network Society", 1996)

"Issues of quality, timeliness and change are the conditions that are forcing us to face up to the issues of enterprise architecture. The precedent of all the older disciplines known today establishes the concept of architecture as central to the ability to produce quality and timely results and to manage change in complex products. Architecture is the cornerstone for containing enterprise frustration and leveraging technology innovations to fulfill the expectations of a viable and dynamic Information Age enterprise." (John Zachman, "Enterprise Architecture: The Issue of The Century", 1997)

"The Enterprise Architecture is the explicit description of the current and desired relationships among business and management process and information technology. It describes the 'target' situation which the agency wishes to create and maintain by managing its IT portfolio." (Franklin D Raines, 1997)

"All things being equal, choose technology that connects. […] This aspect of technology has increasing importance, at times overshadowing such standbys as speed and price. If you are in doubt about what technology to purchase, get the stuff that will connect the most widely, the most often, and in the most ways. Avoid anything that resembles an island, no matter how well endowed that island is." (Kevin Kelly, "New Rules for the New Economy: 10 radical strategies for a connected world", 1998)

"Beauty is more important in computing than anywhere else in technology because software is so complicated. Beauty is the ultimate defense against complexity." (David Gelernter, "Machine Beauty: Elegance And The Heart Of Technolog", 1998)

"Modelling techniques on powerful computers allow us to simulate the behaviour of complex systems without having to understand them.  We can do with technology what we cannot do with science.  […] The rise of powerful technology is not an unconditional blessing.  We have  to deal with what we do not understand, and that demands new  ways of thinking." (Paul Cilliers,"Complexity and Postmodernism: Understanding Complex Systems", 1998)

"Technology is no panacea. It will never solve the ills or injustices of society. Technology can do only one thing for us - but it is an astonishing thing: Technology brings us an increase in opportunities." (Kevin Kelly, "New Rules for the New Economy: 10 radical strategies for a connected world", 1998)

"A primary reason that evolution - of life-forms or technology - speeds up is that it builds on its own increasing order." (Ray Kurzweil, "The Age of Spiritual Machines: When Computers Exceed Human Intelligence", 1999) 

"As systems became more varied and more complex, we find that no single methodology suffices to deal with them. This is particularly true of what may be called information intelligent systems - systems which form the core of modern technology. To conceive, design, analyze and use such systems we frequently have to employ the totality of tools that are available. Among such tools are the techniques centered on fuzzy logic, neurocomputing, evolutionary computing, probabilistic computing and related methodologies. It is this conclusion that formed the genesis of the concept of soft computing." (Lotfi A Zadeh, "The Birth and Evolution of Fuzzy Logic: A personal perspective", 1999)

"Enterprise architecture is a family of related architecture components. This include information architecture, organization and business process architecture, and information technology architecture. Each consists of architectural representations, definitions of architecture entities, their relationships, and specification of function and purpose. Enterprise architecture guides the construction and development of business organizations and business processes, and the construction and development of supporting information systems." (Gordon B Davis, "The Blackwell encyclopedic dictionary of management information systems"‎, 1999)

"Enterprise architecture is a holistic representation of all the components of the enterprise and the use of graphics and schemes are used to emphasize all parts of the enterprise, and how they are interrelated. [...] Enterprise architectures are used to deal with intra-organizational processes, interorganizational cooperation and coordination, and their shared use of information and information technologies. Business developments, such as outsourcing, partnership, alliances and Electronic Data Interchange, extend the need for architecture across company boundaries." (Gordon B Davis," The Blackwell encyclopedic dictionary of management information systems"‎, 1999)

"We do not learn much from looking at a model - we learn more from building the model and manipulating it. Just as one needs to use or observe the use of a hammer in order to really understand its function, similarly, models have to be used before they will give up their secrets. In this sense, they have the quality of a technology - the power of the model only becomes apparent in the context of its use." (Margaret Morrison & Mary S Morgan, "Models as mediating instruments", 1999)

"Periods of rapid change and high exponential growth do not, typically, last long. A new equilibrium with a new dominant technology and/or competitor is likely to be established before long. Periods of punctuation are therefore exciting and exhibit unusual uncertainty. The payoff from establishing a dominant position in this short time is therefore extraordinarily high. Dominance is more likely to come from skill in marketing and positioning than from superior technology itself." (Richar Koch, "The Power Laws", 2000)

"The business changes. The technology changes. The team changes. The team members change. The problem isn't change, per se, because change is going to happen; the problem, rather, is the inability to cope with change when it comes." (Kent Beck, "Extreme Programming Explained", 2000)

"A well-functioning team of adequate people will complete a project almost regardless of the process or technology they are asked to use (although the process and technology may help or hinder them along the way)." (Alistair Cockburn, "Agile Software Development", 2001)

"An Enterprise Architecture is a dynamic and powerful tool that helps organisations understand their own structure and the way they work. It provides a ‘map’ of the enterprise and a ‘route planner’ for business and technology change. A well-constructed Enterprise Architecture provides a foundation for the ‘Agile’ business." (Bob Jarvis, "Enterprise Architecture: Understanding the Bigger Picture - A Best Practice Guide for Decision Makers in IT", 2003)

"Normally an EA takes the form of a comprehensive set of cohesive models that describe the structure and functions of an enterprise. An important use is in systematic IT planning and architecting, and in enhanced decision-making. The EA can be regarded as the ‘master architecture’ that contains all the subarchitectures for an enterprise. The individual models in an EA are arranged in a logical manner that provides an ever-increasing level of detail about the enterprise: its objectives and goals; its processes and organisation; its systems and data; the technology used and any other relevant spheres of interest." (Bob Jarvis, "Enterprise Architecture: Understanding the Bigger Picture - A Best Practice Guide for Decision Makers in IT", 2003)

"Technology can relieve the symptoms of a problem without affecting the underlying causes. Faith in technology as the ultimate solution to all problems can thus divert our attention from the most fundamental problem - the problem of growth in a finite system - and prevent us from taking effective action to solve it." (Donella H Meadows & Dennis L Meadows, "The Limits to Growth: The 30 Year Update", 2004)

"To turn really interesting ideas and fledgling technologies into a company that can continue to innovate for years, it requires a lot of disciplines."  (Steve Jobs, BusinessWeek, 2004)

"You need a very product-oriented culture, even in a technology company. Lots of companies have tons of great engineers and smart people. But ultimately, there needs to be some gravitational force that pulls it all together. Otherwise, you can get great pieces of technology all floating around the universe." (Steve Jobs, Newsweek, 2004)

"Although the Singularity has many faces, its most important implication is this: our technology will match and then vastly exceed the refinement and suppleness of what we regard as the best of human traits." (Ray Kurzweil, "The Singularity is Near", 2005)

"The Singularity will represent the culmination of the merger of our biological thinking and existence with our technology, resulting in a world that is still human but that transcends our biological roots. There will be no distinction, post-Singularity, between human and machine or between physical and virtual reality. If you wonder what will remain unequivocally human in such a world, it’s simply this quality: ours is the species that inherently seeks to extend its physical and mental reach beyond current limitations." (Ray Kurzweil, "The Singularity is Near", 2005)

"Businesses are themselves a form of design. The design of a business encompasses its strategy, organizational structure, management processes, culture, and a host of other factors. Business designs evolve over time through a process of differentiation, selection, and amplification, with the market as the ultimate arbiter of fitness [...] the three-way coevolution of physical technologies, social technologies, and business designs [...] accounts for the patterns of change and growth we see in the economy." (Eric D Beinhocker, "The Origin of Wealth. Evolution, complexity, and the radical remaking of economics", 2006)

"Enterprise architecture is the organizing logic for business processes and IT infrastructure reflecting the integration and standardization requirements of a company's operation model. […] The key to effective enterprise architecture is to identify the processes, data, technology, and customer interfaces that take the operating model from vision to reality." (Jeanne W Ross et al, "Enterprise architecture as strategy: creating a foundation for business", 2006)

"Chance is just as real as causation; both are modes of becoming.  The way to model a random process is to enrich the mathematical theory of probability with a model of a random mechanism. In the sciences, probabilities are never made up or 'elicited' by observing the choices people make, or the bets they are willing to place.  The reason is that, in science and technology, interpreted probability exactifies objective chance, not gut feeling or intuition. No randomness, no probability." (Mario Bunge, "Chasing Reality: Strife over Realism", 2006)

"Most dashboards fail to communicate efficiently and effectively, not because of inadequate technology (at least not primarily), but because of poorly designed implementations. No matter how great the technology, a dashboard's success as a medium of communication is a product of design, a result of a display that speaks clearly and immediately. Dashboards can tap into the tremendous power of visual perception to communicate, but only if those who implement them understand visual perception and apply that understanding through design principles and practices that are aligned with the way people see and think." (Stephen Few, "Information Dashboard Design", 2006)

"The big part of the challenge is that data quality does not improve by itself or as a result of general IT advancements. Over the years, the onus of data quality improvement was placed on modern database technologies and better information systems. [...] In reality, most IT processes affect data quality negatively, Thus, if we do nothing, data quality will continuously deteriorate to the point where the data will become a huge liability." (Arkady Maydanchik, "Data Quality Assessment", 2007)

"The corporate data universe consists of numerous databases linked by countless real-time and batch data feeds. The data continuously move about and change. The databases are endlessly redesigned and upgraded, as are the programs responsible for data exchange. The typical result of this dynamic is that information systems get better, while data deteriorates. This is very unfortunate since it is the data quality that determines the intrinsic value of the data to the business and consumers. Information technology serves only as a magnifier for this intrinsic value. Thus, high quality data combined with effective technology is a great asset, but poor quality data combined with effective technology is an equally great liability." (Arkady Maydanchik, "Data Quality Assessment", 2007)

"Enterprise architecture is the process of translating business vision and strategy into effective enterprise change by creating, communicating and improving the key requirements, principles and models that describe the enterprise's future state and enable its evolution. The scope of the enterprise architecture includes the people, processes, information and technology of the enterprise, and their relationships to one another and to the external environment. Enterprise architects compose holistic solutions that address the business challenges of the enterprise and support the governance needed to implement them." (Anne Lapkin et al, "Gartner Clarifies the Definition of the Term 'Enterprise Architecture", 2008)

"Synergy occurs when organizational parts interact to produce a joint effect that is greater than the sum of the parts acting alone. As a result the organization may attain a special advantage with respect to cost, market power, technology, or employee." (Richard L Daft, "The Leadership Experience" 4th Ed., 2008)

"The butterfly effect demonstrates that complex dynamical systems are highly responsive and interconnected webs of feedback loops. It reminds us that we live in a highly interconnected world. Thus our actions within an organization can lead to a range of unpredicted responses and unexpected outcomes. This seriously calls into doubt the wisdom of believing that a major organizational change intervention will necessarily achieve its pre-planned and highly desired outcomes. Small changes in the social, technological, political, ecological or economic conditions can have major implications over time for organizations, communities, societies and even nations." (Elizabeth McMillan, "Complexity, Management and the Dynamics of Change: Challenges for practice", 2008)

"What’s next for technology and design? A lot less thinking about technology for technology’s sake, and a lot more thinking about design. Art humanizes technology and makes it understandable. Design is needed to make sense of information overload. It is why art and design will rise in importance during this century as we try to make sense of all the possibilities that digital technology now affords." (John Maeda, "Why Apple Leads the Way in Design", 2010) 

"Enterprise Architecture presently appears to be a grossly misunderstood concept among management. It is NOT an Information Technology issue. It is an ENTERPRISE issue. It is likely perceived to be an Information Technology issue as opposed to a Management issue for two reasons: (1) Awareness of it tends to surface in the Enterprise through the Information Systems community. (2) Information Technology people seem to have the skills to do Enterprise Architecture if any Enterprise Architecture is being or is to be done." (John A Zachman, 2011)

"Today, technology has lowered the barrier for others to share their opinion about what we should be focusing on. It is not just information overload; it is opinion overload." (Greg McKeown, "Essentialism: The Disciplined Pursuit of Less", 2014)

"We have let ourselves become enchanted by big data only because we exoticize technology. We’re impressed with small feats accomplished by computers alone, but we ignore big achievements from complementarity because the human contribution makes them less uncanny. Watson, Deep Blue, and ever-better machine learning algorithms are cool. But the most valuable companies in the future won’t ask what problems can be solved with computers alone. Instead, they’ll ask: how can computers help humans solve hard problems?" (Peter Thiel & Blake Masters, "Zero to One: Notes on Startups, or How to Build the Future", 2014)

"Technological change is discontinuous and difficult. It is a radical change in that it forces people to deal with the world in a different way, that is, it changes the world of experience." (William Byers, "Deep Thinking: What Mathematics Can Teach Us About the Mind", 2015)

"The problem with artificial intelligence and information technology is that they promise a methodology that would lead to a way of solving all problems - a self-generating technology that would apply to all situations without the need for new human insights and leaps of creativity." (William Byers, "Deep Thinking: What Mathematics Can Teach Us About the Mind", 2015)

"Technology systems are difficult to wrangle. Our systems grow in accidental complexity and complication over time. Sometimes we can succumb to thinking that other people really hold the cards, that they have the puppet strings we don’t." (Eben Hewitt, "Technology Strategy Patterns: Architecture as strategy" 2nd Ed., 2019)

"Technology is not a magic pill that can solve inadequacies in processes." (Jared Lane, "Why Companies Should Stop Making Digital Transformation A Science Project", 2021) [source]

"Always remember what you originally wanted the system to accomplish. Having the latest, greatest system and a flashy data center to boot is not what data processing is supposed to be all about. It is supposed to help the bottom line, not hinder it." (Richard S Rubin)

"The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency." (Bill Gates)

26 August 2019

🛡️Information Security: Denial of Service [DoS] (Definitions)

"A type of attack on a computer system that ties up critical system resources, making the system temporarily unusable." (Tom Petrocelli, "Data Protection and Information Lifecycle Management", 2005)

"Any attack that affects the availability of a service. Reliability bugs that cause a service to crash or hang are usually potential denial-of-service problems." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"This is a technique for overloading an IT system with a malicious workload, effectively preventing its regular service use." (Martin Oberhofer et al, "The Art of Enterprise Information Architecture", 2010)

"Occurs when a server or Web site receives a flood of traffic - much more traffic or requests for service than it can handle, causing it to crash." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

"Causing an information resource to be partially or completely unable to process requests. This is usually accomplished by flooding the resource with more requests than it can handle, thereby rendering it incapable of providing normal levels of service." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"Attacks designed to disable a resource such as a server, network, or any other service provided by the company. If the attack is successful, the resource is no longer available to legitimate users." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"An attack from a single attacker designed to disrupt or disable the services provided by an IT system. Compare to distributed denial of service (DDoS)." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A coordinated attack in which the target website or service is flooded with requests for access, to the point that it is completely overwhelmed." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"An attack that can result in decreased availability of the targeted system." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"An attack that generally floods a network with traffic. A successful DoS attack renders the network unusable and effectively stops the victim organization’s ability to conduct business." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A type of cyberattack to degrade the availability of a target system." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Any action, or series of actions, that prevents a system, or its resources, from functioning in accordance with its intended purpose." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"The prevention of authorized access to resources or the delaying of time-critical operations." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"An attack shutting down running of a service or network in order to render it inaccessible to its users (whether human person or a processing device)." (Wissam Abbass et al, "Internet of Things Application for Intelligent Cities: Security Risk Assessment Challenges", 2021)

"Actions that prevent the NE from functioning in accordance with its intended purpose. A piece of equipment or entity may be rendered inoperable or forced to operate in a degraded state; operations that depend on timeliness may be delayed." (NIST SP 800-13)

"The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided)." (NIST SP 800-12 Rev. 1)

"The prevention of authorized access to a system resource or the delaying of system operations and functions." (NIST SP 800-82 Rev. 2)


30 July 2019

💻IT: Social Engineering (Definitions)

"Using trickery and charm to extract security information such as passwords from an individual." (Andy Walker, "Absolute Beginner’s Guide To: Security, Spam, Spyware & Viruses", 2005)

"A nontechnological method for gaining unauthorized access to a computer system by tricking people into revealing access information." (Jan L Harrington, "Relational Database Design and Implementation"3rd Ed., 2009)

"Collection of tactics used to manipulate people into performing actions or divulging confidential information." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

"Obtaining or attempting to obtain otherwise secure data with fraud and deceit by tricking an individual into revealing confidential information." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"The art of manipulating people into performing desired actions." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Gaining unauthorized access by tricking someone into divulging sensitive information." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"It describes a type of intrusion that relies heavily on human interaction rather than on specific technical methods. It often involves deceitful approaches to obtain, for example, sensitive information, and break into computer systems." (Hamid R Arabnia et al, "Application of Big Data for National Security", 2015)

"The act of manipulating people into divulging information." (Weiss, "Auditing IT Infrastructures for Compliance, 2nd Ed", 2015)

"The art of obtaining someone's password either by befriending her or tricking her into sharing it." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"The practice of obtaining confidential information by manipulating users in social communication." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web 2nd Ed.", 2015)

"The process of attempting to trick someone into revealing information (for example, a password) that can be used to attack an enterprise or into performing certain actions, such as downloading and executing files that appear to be benign but are actually malicious." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The psychological manipulation of people into unwittingly performing actions favorable to an attacker, such as divulging passwords or other confidential information." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

💻IT: Network (Definitions)

"Mathematically defined structure of a computing system where the operations are performed at specific locations (nodes) and the flow of information is represented by directed arcs." (Guido Deboeck & Teuvo Kohonen (Eds), "Visual Explorations in Finance with Self-Organizing Maps 2nd Ed.", 2000)

"A system of interconnected computing resources (computers, servers, printers, and so on)." (Sharon Allen & Evan Terry, "Beginning Relational Data Modeling 2nd Ed.", 2005)

"A system of connected computers. A local area network (LAN) is contained within a single company, in a single office. A wide area network (WAN) is generally distributed across a geographical area — even globally. The Internet is a very loosely connected network, meaning that it is usable by anyone and everyone." (Gavin Powell, "Beginning Database Design", 2006)

"A system of interconnected devices that provides a means for data to be transmitted from point to point." (Janice M Roehl-Anderson, "IT Best Practices for Financial Managers", 2010)

"1.Visually, a graph of nodes and connections where more than one entry point for each node is allowed. 2.In architecture, a topological arrangement of hardware and connections to allow communication between nodes and access to shared data and software." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"The connection of computer systems (nodes) by communications channels and appropriate software. |" (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"The means by which electronic communications occurs between two or more nodes" (Daniel Linstedt & W H Inmon, "Data Architecture: A Primer for the Data Scientist", 2014)

"Two or more computers connected to share data and resources." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"People working towards a common purpose or with common interests where there is no requirement for members of the network to have a work relationship with others, and there is no requirement for mutuality as there is with a team." (Catherine Burke et al, "Systems Leadership, 2nd Ed,", 2018)

💻IT: False Negative (Definitions)

"Spam that is mistaken for legitimate email." (Andy Walker, "Absolute Beginner’s Guide To: Security, Spam, Spyware & Viruses", 2005)

"Failing to report an event that should have been reported." (W Roy Schulte & K Chandy, "Event Processing: Designing IT Systems for Agile Companies", 2009)

"A subject who is identified as failing to have experienced the event of interest (e.g., exposure, disease) but has truly experienced the event is termed a false negative." (Herbert I Weisberg, "Bias and Causation: Models and Judgment for Valid Comparisons", 2010)

"An incorrect result, which fails to detect a condition or return a result that is actually present." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"An incorrect result as reported by a detective device, such as an IDS, an antivirus program, or a biometric security device. For example, an antivirus program may not “catch” a virus-infected file, or a fingerprint reader may incorrectly fail the fingerprint of the true user." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition, 2nd Ed.", 2013)

"A test result that incorrectly reports that a condition being tested for is absent, when, in fact, it is present (e.g., an intrusion detection subsystem falsely reports no attacks in the attack space of an enterprise system)." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A condition when using optimistic locking whereby a row that was not updated since it was selected cannot be updated without first being selected again. Optimistic locking support does not allow a false positive to happen, but a false negative might happen. See also false positive." (Sybase, "Open Server Server-Library/C Reference Manual", 2019)

[false-negative result:] "A test result which fails to identify the presence of a defect that is actually present in the test object." (Software Quality Assurance)

29 July 2019

💻IT: Software-as-a-Service [SaaS] (Definitions)

"A distribution method for software through a network interface." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"Applications that are licensed to customers for use as a service on demand." (Gina Abudi & Brandon Toropov, "The Complete Idiot's Guide to Best Practices for Small Business", 2011)

"a software deployment model where a provider licenses an application to customers for use over the Internet, without requiring purchase and installation of the licenses." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"The delivery of computer applications over the Internet." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A delivery mechanism in which an application and all of the associated resources are provided to organizations by a vendor, typically through a web browser. Commonly abbreviated as SaaS." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Abbreviation for software as a service. It is the capability provided to the consumer to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings." (James R Kalyvas & Michael R Overly, "Big Data: A Businessand Legal Guide", 2015)

"Software as a Service is the delivery of computer applications over the Internet on a per user per month charge basis." (Judith S Hurwitz, "Cognitive Computing and Big Data Analytics", 2015)

"A model of software deployment or service where customers use applications on demand." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"An approach to software licensing and delivery in which software is hosted remotely in the cloud and accessed via an Internet browser." (Jonathan Ferrar et al, "The Power of People: Learn How Successful Organizations Use Workforce Analytics To Improve Business Performance", 2017)

"Cloud application services in which applications are delivered over the Internet by the software provider, typically for a monthly fixed fee. The applications are not installed, nor do they run on the client’s computers; instead, they are accessed by a Web browser. Two important characteristics of SaaS are as follows: Network and Web-based access to commercial software computing services in which the processing is done on a third party server, rather than at each customer’s location. A tenant-based pricing model for hardware, software, administration, and consulting services." (John H Higgins & Bryan L Smith, "10 Steps to a Digital Practice in the Cloud" 2nd Ed., 2017)

"Software as a service refers to the delivery of software-based business tools via the Internet as an alternative to traditional on-premise installations." (Informatica) [source]

"Software-as-a-service (SaaS) is a model of software distribution where customers pay a monthly subscription or licensing fee and a third-party, typically the software vendor, makes the application available over the internet. SaaS is one of the primary commercial applications of cloud computing, along with infrastructure-as-a-service (Iaas) and platform-as-a-service (PaaS)." (Sumo Logic) [source]

💻IT: Platform-as-a-Service [PaaS] (Definitions)

"PaaS is defined as a computing platform delivered as a service." (Martin Oberhofer et al, "The Art of Enterprise Information Architecture", 2010)

"Delivery of an application development platform (hardware and software) from a third party via the Internet without having to buy and manage these resources." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"A cloud service that abstracts the computing services, including the operating software and the development and deployment and management life cycle. It sits on top of Infrastructure as a Service." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A cloud service that abstracts the computing services, including the operating software and the development, deployment, and management life cycle. It sits on top of Infrastructure as a Service (IaaS)." (Judith S Hurwitz, "Cognitive Computing and Big Data Analytics", 2015)

"Delivery of a computing platform as a service." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"The capability provided to the customer to deploy onto the cloud infrastructure customer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations." (James R Kalyvas & Michael R Overly, "Big Data: A Businessand Legal Guide", 2015)

"A cloud-based service that typically provides a platform on which software can be developed and deployed." (H James Harrington & William S Ruggles, "Project Management for Performance Improvement Teams", 2018)

"A complete application platform for multitenant cloud environments that includes development tools, runtime, and administration and management tools and services, PaaS combines an application platform with managed cloud infrastructure services." (Forrester)

"A services providing all the necessary infrastructure for cloud computing solutions." (Analytics Insight)

💻IT: Standardization (Definitions)

"The imposition of standards which, in turn, are fixed ways of doing things that are widely recognized." (Roy Rada &  Heather Holden, "Online Education, Standardization, and Roles", 2009)

"Formulation, publication, and implementation of guidelines, rules, methods, procedures and specifications for common and repeated use, aimed at achieving optimum degree of order or uniformity in given context, discipline, or field; standards are most frequently developed on international level; there exist national standardization bodies cooperating with international bodies; standards can be either legally binding or de facto standards followed by informal convention or voluntary standards (recommendations)." (Lenka Lhotska et al,"Interoperability of Medical Devices and Information Systems", 2013)

"A framework of agreements to which all relevant parties in an industry or organization must adhere to ensure that all processes associated with the creation of a good or performance of a service are performed within set guideline." (Victor A Afonso & Maria de Lurdes Calisto, "Innovation in Experiential Services: Trends and Challenges", 2015)

"The development of uniform specifications for materials, products, processes, practices, measurement, or performance, usually via consultation with stakeholders and sanction by a recognized body, providing for improvements in productivity, interoperability, cooperation, and accountability." (Gregory A Smith, "Assessment in Academic Libraries", 2015)

"A process of developing and implementing technical standards based on consensus among various stakeholders in the field. Standardization can greatly assist with compatibility and interoperability of otherwise disparate software components, where consistent solutions enable mutual gains for all stakeholders." (Krzysztof Krawiec et al, "Metaheuristic Design Patterns: New Perspectives for Larger-Scale Search Architectures", 2018)

"The process through which a standard is developed." (Kai Jakobs, "ICT Standardization", 2018)

"Is a framework of agreements to which professionals in an organization must accept to ensure that all processes associated with the creation of a product or service are performed within set guidelines, achieving uniformity to certain practices or operations within the selected environment. It can be seen as a professional strategy to strengthen professional trust and provide a sense of certainty for professionals or it can be interpreted as a way to lose professionalization and as an adjustment to organizational demands." (Joana V Guerra, "Digital Professionalism: Challenges and Opportunities to Healthcare Professions", 2019)

"The process of making things of the same kind, including products and services, have the same basic features and the same requirements." (Julia Krause, "Through Harmonization of National Technical Regulations to More Sustainability in Engineering Business", 2019)

28 July 2019

💻IT: Change Management [CM] (Definitions)

"The disciplined use of a defined process to control project modifications, additions, and deletions." (Timothy J  Kloppenborg et al, "Project Leadership", 2003)

"The process allowing changes to applications to occur in a predictable fashion with minimal or no impact on the service. Change management applies to all phases of a lifecycle." (Allan Hirt et al, "Microsoft SQL Server 2000 High Availability", 2004)

"Process of enabling change in an organization as a result of a system implementation." (Janice M Roehl-Anderson, "IT Best Practices for Financial Managers", 2010)

"(1) A structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state. (2) Controlled way to effect a change, or a proposed change, to a product or service." (Requirements Engineering Qualifications Board, "Standard glossary of terms used in Requirements Engineering", 2011)

"A structured approach to transition individuals, teams, and organizations from a current state to a desired future state, which includes managing change as part of systems development to avoid user resistance to business and system changes." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed, 2011)

"Involves problem solving in a concerted effort to adapt to changing organizational needs." (Joan C Dessinger, "Fundamentals of Performance Improvement" 3rd Ed, 2012)

"The process of communicating and managing change throughout the organization." (Charles Cooper & Ann Rockley, "Managing Enterprise Content: A Unified Content Strategy, 2nd Ed.", 2012)

"The management of change in operational processes and applications. Change management is critical when IT organizations are managing software infrastructure in conjunction with new development processes. All software elements have to be synchronized so that they work as intended." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A program designed to prevent unintended outages from changes. Personnel submit change requests, and appropriate experts review them to identify unintended consequences. Personnel do not make changes until the change goes through the change management process." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"The organization's effort to control and manage the introduction of new changes to the current operating model to ensure gradual and successful adoption." (Jim Davis & Aiman Zeid, "Business Transformation: A Roadmap for Maximizing Organizational Insights", 2014)

"Methods and best practices to assist an organization and its employees in implementing changes to business processes, culture, and systems." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"The process, tools, and techniques to manage the people side of change to achieve a required business outcome." (Jonathan Ferrar et al, "The Power of People: Learn How Successful Organizations Use Workforce Analytics To Improve Business Performance", 2017)

"A business process aimed at deliberately regulating the changing nature of business activities such as projects." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide, 8th Ed", 2018)

"Process responsible for controlling the lifecycle of all changes" (ITIL)

 "The process, tools, coordination, and planning to manage the people side of change through sentiment awareness and change-management skills that together achieve a required state of business agility." (Forrester)

💻IT: Internet of Things [IoT] (Definitions)

"A term used to describe the community or collection of people and items that use the Internet to communicate with other." (Kenneth A Shaw, "Integrated Management of Processes and Information", 2013)

"The embedding of objects with sensors, coupled with the ability of objects to communicate, driving an explosion in the growth of big data." (Brenda L Dietrich et al, "Analytics Across the Enterprise", 2014)

"The Internet of Things entails the aim of all physical or uniquely identifiable objects being connected through wired and wireless networks. In this notion, every object would be virtually represented. Connecting objects in this way offers a whole new universe of possibilities. Real-time analysis of big data streams could enhance productivity and safety of systems (for example, roadways and cars being part of the Internet of Things could help to manage traffic flow). It can also make everyday life more convenient and sustainable (such as connecting all household devices to save electricity)." (Martin Hoegl et al, "Using Thematic Thinking to Achieve Business Success, Growth, and Innovation", 2014)

"IOT refers to a network of machines that have sensors and are interconnected enabling them to collect and exchange data. This interconnection enables devices to be controlled remotely resulting in process efficiencies and lower costs." (Saumya Chaki, "Enterprise Information Management in Practice", 2015)

"An interconnected network of physical devices, vehicles, buildings, and other items embedded with sensors that gather and share data." (Jonathan Ferrar et al, "The Power of People: Learn How Successful Organizations Use Workforce Analytics To Improve Business Performance", 2017)

"Ordinary devices that are connected to the Internet at any time, anywhere, via sensors." (Jason Williamson, "Getting a Big Data Job For Dummies", 2015)

"Also referred to as IoT. Term that describes the connectivity of objects to the Internet and the ability for these objects to send and receive data from each other." (Brittany Bullard, "Style and Statistics", 2016)

"computing or 'smart' devices often with ­sensor capability and the ability to collect, share, and transfer data using the Internet." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

"The wide-scale deployment of small, low-power computing devices into everyday devices, such as thermostats, refrigerators, clothing, and even into people themselves to continuously monitor health." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A network of physical objects that have, like cell phones and laptops, internet connectivity enabling automatic communication between them and any other machine connected to the internet without human intervention." (Sue Milton, "Data Privacy vs. Data Security", 2021)

"Integration of various processes such as identifying, sensing, networking, and computation." (Revathi Rajendran et al, "Convergence of AI, ML, and DL for Enabling Smart Intelligence: Artificial Intelligence, Machine Learning, Deep Learning, Internet of Things", 2021)

"It is an interdisciplinary field who is associated with the electronics and computer science. Electronics deals with the development of new sensors or hardware for IoT device and computer science deals with the development of software, protocols and cloud based solution to store the data generated form these IoT devices."  (Ajay Sharma, "Smart Agriculture Services Using Deep Learning, Big Data, and IoT", 2021)

"IoT is a network of real-world objects which consists of sensors, software, and other technologies to exchange data with the other systems over the internet." (Hari K Kondaveeti et al, "Deep Learning Applications in Agriculture: The Role of Deep Learning in Smart Agriculture", 2021)

"This refers to a system of inter-connected computing and smart devices, that are provided with unique identifiers and the ability to transfer data over a network without requiring human interaction." (Wissam Abbass et al, "Internet of Things Application for Intelligent Cities: Security Risk Assessment Challenges", 2021)

"describes the network where sensing elements such as sensors, cameras, and devices are increasingly linked together via the internet to connect, communicate and exchange information." (Accenture)

"ordinary devices that are connected to the internet at any time anywhere via sensors." (Analytics Insight)

"Technologies that enable objects and infrastructure to interact with monitoring, analytics, and control systems over internet-style networks." (Forrester)

26 July 2019

💻IT: Efficiency (Definitions)

"A measure of the degree to which a system or component performs designated functions with respect to the resources it consumes to perform those functions." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"a measure of the cost per time or cost per effort." (Bruce P Douglass, "Real-Time Agility: The Harmony/ESW Method for Real-Time and Embedded Systems Development", 2009)

"A quasimetric used throughout this book to describe how well memory and other resources of the processor and platform are utilized by a concurrent implementation." (Clay Breshears, "The Art of Concurrency", 2009)

"Efficiency measures the return on investment in using additional hardware to operate in parallel." (Michael McCool et al, "Structured Parallel Programming", 2012)

"A set of software characteristics (for example, execution speed, response time) relating to performance of the software and use of resources (for example, memory) under stated conditions (normally increasing load)." (Tilo Linz et al, "Software Testing Foundations" 4th Ed., 2014)

"In relation to performance/operational auditing, the use of financial, human, physical, and information resources such that output is maximized for any given set of resource inputs, or input is minimized for any given quantity and quality of output." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"Efficiency is the degree to which a resource is utilized for the intended task." (Hari K Kondaveeti et al, "Deep Learning Applications in Agriculture: The Role of Deep Learning in Smart Agriculture", 2021)

"a measure of whether the right amount of resources has been used à to deliver a process, service or activity" (ITIL)

"Resources expended in relation to the accuracy and completeness with which users achieve goals." (NISTIR 8040)

"The capability of the software product to provide appropriate performance, relative to the amount of resources used under stated conditions." (ISO 9126)

24 July 2019

💻IT: Virtualization (Definitions)

"Creation of a virtual, as opposed to a real, instance of an entity, such as an operating system, server, storage, or network." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"The process of partitioning a computer so that multiple operating system instances can run at the same time on a single physical computer." (John Goodson & Robert A Steward, "The Data Access Handbook", 2009)

"A concept that separates business applications and data from hardware resources, allowing companies to pool hardware resources, rather than dedicate servers to application and assign those resources to applications as needed." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed, 2011)

"A technique that creates logical representations of computing resources that are independent of the underlying physical computing resources." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed., 2011)

"A method for managing hardware assets used at the same time by different users or processes, or both, that makes the part assigned to each user or process appear to act as if it was running on a separate piece of equipment." (Kenneth A Shaw, "Integrated Management of Processes and Information", 2013)

"Virtual memory is the use of a disk to store active areas of memory to make the available memory appear larger. In a virtual environment, one computer runs software that allows it to emulate another machine. This kind of emulation is commonly known as virtualization." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A technique common in computing, consisting in the creation of virtual (rather than actual) instance of any element, so it can be managed and used independently. Virtualization has been one of the key tools for resource sharing and software development, and now it is beginning to be applied to the network disciplines." (Diego R López & Pedro A. Aranda, "Network Functions Virtualization: Going beyond the Carrier Cloud", 2015)

"Creation of a simulated environment (hardware platform, operating system, storage, etc.) that allows for central control and scalability." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK 4th Ed.", 2015)

"The creation of a virtual version of actual services, applications, or resources." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"The process of creating a virtual version of a resource, such as an operating system, hardware platform, or storage device." (Andrew Pham et al, "From Business Strategy to Information Technology Roadmap", 2016)

"A base component of the cloud that consists of software that emulates physical infrastructure." (Richard Ehrhardt, "Cloud Build Methodology", 2017)

"The process of presenting an abstraction of hardware resources to give the appearance of dedicated access and control to hardware resources, while, in reality, those resources are being shared." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

💻IT: Information Technology Information Library [ITIL] (Definitions)

"A series of documents used to aid the implementation of a framework for IT service management (ITSM). This framework defines how service management is applied in specific organizations. Being a framework, it is completely customizable for an application within any type of business or organization that has a reliance on IT infrastructure." (Tilak Mitra et al, "SOA Governance", 2008)

"A framework and set of standards for IT governance based on best practices." (Judith Hurwitz et al, "Service Oriented Architecture For Dummies" 2nd Ed., 2009)

"A framework of supplier independent best practice management procedures for delivery of high quality IT services." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"a set of guidelines for developing and managing IT operations and services." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"A framework and set of standards for IT governance based on best practices." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A group of books written and released by the United Kingdom’s Office of Government and Commerce (OGC). ITIL documents best practices organizations can implement to provide consistent IT services. The library includes five books." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A set of process-oriented best practices and guidance originally developed in the United Kingdom to standardize delivery of informational technology service management." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"Best practices for information technology services management processes developed by the United Kingdom’s Office of Government Commerce." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The IT Infrastructure Library; a set of best practice publications for IT service management." (by Brian Johnson & Leon-Paul de Rouw, "Collaborative Business Design", 2017)

"The Information Technology Infrastructure Library (ITIL) presents pre-defined processes for IT service management. The fourth edition of ITIL depicts two key elements ITIL Service-Value-System (SVS) and a four dimensions model." (Anna Wiedemann et al, "Transforming Disciplined IT Functions: Guidelines for DevOps Integration", 2021)

"set of best practices guidance" (ITIL)

17 July 2019

💻IT: Configuration Management [CM] (Definitions)

 "A discipline applying technical and administrative direction and surveillance to: identify and document the functional and physical characteristics of a configuration item, control changes to those characteristics, record and report change processing and implementation status, and verify compliance with specified requirements. (IEEE 610, 1990)

"The process of identifying and defining the configuration items in a system, controlling the release and change of these items throughout the system life cycle, recording and reporting the status of configuration items and change requests, and verifying the completeness and correctness of configuration items." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"Process for the definition and management of configurations, allowing change control and change monitoring over a defined period. Configuration management allows access to individual configurations or configuration items (i.e., work products). Differences between individual configurations are readily identifiable. A configuration can be used to form a baseline; see also Baseline." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"A generic term that is often used to describe the whole of the activities concerned with the creation, maintenance, and control of databases and their environments." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"The management of configurations, normally involving holding configuration data in a database so that the data can be managed and changed where necessary." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"Managing the items produced by the project such as requirements documents, designs, and, of course, source code. This may include controlling changes to those items so that changes don’t happen willy-nilly." (Rod Stephens, "Beginning Software Engineering", 2015)

"The detailed recording, management, and updating of the details of an information system." (Weiss, "Auditing IT Infrastructures for Compliance, 2nd Ed", 2015)

"An operational process aimed at ensuring that systems and controls are configured correctly and are responsive to the current threat and operational environments." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)

"The process of controlling modifications to a system’s hardware, software, and documentation, which provides sufficient assurance that the system is protected against the introduction of improper modification before, doing, and after system implementation." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"The process of managing versions of configuration items and their coherent consistent sets, in order to control their modification and release, and to ensure their consistency, completeness, and accuracy." (Bruce P Douglass, "Real-Time Agility: The Harmony/ESW Method for Real-Time and Embedded Systems Development", 2009)

"Process responsible for maintaining information about CIs required to deliver an IT service, including their relationships" (ITIL)

16 July 2019

💻IT: Quality of Service [QoS] (Definitions)

"The guaranteed performance of a network connection." (Tom Petrocelli, "Data Protection and Information Lifecycle Management", 2005)

"QoS (Quality of Service) is a metric for quantifying desired or delivered degree of service reliability, priority, and other measures of interest for its quality." (Bo Leuf, "The Semantic Web: Crafting infrastructure for agency", 2006)

"a criterion of performance of a service or element, such as the worst-case execution time for an operation." (Bruce P Douglass, "Real-Time Agility: The Harmony/ESW Method for Real-Time and Embedded Systems Development", 2009)

"The QoS describes the non-functional aspects of a service such as performance." (Martin Oberhofer et al, "The Art of Enterprise Information Architecture", 2010)

"QoS (Quality of Service) Networking technology that enables network administrators to manage bandwidth and give priority to desired types of application traffic as it traverses the network." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"A negotiated contract between a user and a network provider that renders some degree of reliable capacity in the shared network." (Gartner)

"Quality of service (QoS) is the description or measurement of the overall performance of a service, especially in terms of the user’s experience. Typically it is used in reference to telephony or computer networks, or to online and cloud-hosted services." (Barracuda) [source]

"The measurable end-to-end performance properties of a network service, which can be guaranteed in advance by a Service Level Agreement between a user and a service provider, so as to satisfy specific customer application requirements. Note: These properties may include throughput (bandwidth), transit delay (latency), error rates, priority, security, packet loss, packet jitter, etc." (CNSSI 4009-2015)

15 July 2019

💻IT: Platform (Definitions)

"A specific software implementation technology and/or specific hardware that constitutes the execution environment of a system." (Anneke Kleppe et al, "MDA Explained: The Model Driven Architecture™: Practice and Promise", 2003)

"In the automotive industry, a platform describes a technical basis on which to build models that appear outwardly different. In electronic development, a platform is understood as a hardware, software, or system construction kit that allows the easy creation of derivates via modification, parameterization, or derivation. All essential features, however, are preserved." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"The underlying foundations, technology frameworks, base architectures, and interfaces upon which products are built." (Steven Haines, "The Product Manager's Desk Reference", 2008)

"A combination of technology infrastructure products and components on which various application programs can be designed to run." (David Lyle & John G Schmidt, "Lean Integration", 2010)

"A type of computer hardware that is compatible with certain operating systems." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"A product, technology, or system that provides a foundation for a number of complementary products (or applications). In business, platforms that form an interface between two‐sided markets (comprising application suppliers and final users) occupy an especially important role in several technology‐based sectors." (Robert M Grant, "Contemporary Strategy Analysis" 10th Ed., 2018)

💻IT: Authentication (Definitions)

"The process by which an entity proves to another entity that it is acting on behalf of a specific identity. The J2EE platform requires three types of authentication: basic, form-based, and mutual, and supports digest authentication." (Kim Haase et al, "The J2EE™ Tutorial", 2002)

"The process by which the identity of a user or process is verified." (Tom Petrocelli, "Data Protection and Information Lifecycle Management", 2005)

"A human or machine process that verifies that an individual, computer, or information object is who or what it purports to be." (J P Getty Trust, "Introduction to Metadata" 2nd Ed., 2008)

"A method of proving someone’s identity, especially if that someone is an authorized user of processes or resources." (Tomasz Ciszkowski & Zbigniew Kotulski, "Secure Routing with Reputation in MANET", 2008)

"Provides capabilities to authenticate users. These services may support multiple authentication mechanisms, such as user name/password, hardware token-based, biometric-based, and others." (Allen Dreibelbis et al, "Enterprise Master Data Management", 2008)

"(1) A legal evidentiary standard that, in the case of electronically stored information, ensures that the data and its associated metadata is accurate, complete, and has not been altered. Without authentication, data cannot be used as evidence. (2) A security function that defines the rules and responsibilities of individuals, applications, and devices for creating, reading, updating, and deleting data." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"The process by which the identity of a person or computer process is verified." (Judith Hurwitz et al, "Service Oriented Architecture For Dummies" 2nd Ed., 2009)

"A process designed to verify that an individual or a party are who they claim they are." (Alex Berson & Lawrence Dubov, "Master Data Management and Data Governance", 2010)

"The process of verifying the legitimate users of a resource. Often used synonymously with Identification and Authentication." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"(1) In data security, the process of verifying whether a person or software agent requesting a resource has the authority or permission to access that resource. (2) In data quality, the process of verifying data as complying with what the data represents." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"The process by which the identity of a person or computer process is verified." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"Verification of who a person or information resource claims to be that sufficiently convinces the authenticator that the identity claim is true. This is followed by an evaluation of whether that entity should be granted access to resources." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"the process that a user goes through to prove that he or she is the owner of the identity that is being used." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"The process of establishing the validity of a person’s identity." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"The process of providing additional credentials that match the user ID or user name." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"The process of verifying the credentials of a particular user of a computer or software system" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"Verification of the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system." (James R Kalyvas & Michael R Overly, "Big Data: A Businessand Legal Guide", 2015)

"A process by which an entity proves its identity to another party (e.g., authentication required by a user to log in or log on)." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Verification of the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Authentication is about validating the access request. When a user or a process tries to log into an application, system, or a database, it is important to verify its identity. One way to verify identity is through a username and password; a security token is another option. When the authentication takes place, all data exchange is typically encrypted to prevent theft during the authentication process." (Piethein Strengholt, "Data Management at Scale", 2020)

"A process that provides assurance of the source and integrity of information in communications sessions, messages, documents or stored data." (NIST SP 800-57 Part 1 Rev. 4)

"A process that provides assurance of the source and integrity of information in communications sessions, messages, documents or stored data or that provides assurance of the identity of an entity interacting with a system." (NIST SP 800-57 Part 2 Rev.1)

"A process that establishes the origin of information, or determines an entity’s identity. In a general information security context: Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system." (NIST SP 800-57 Part 2)

"A process that establishes the source of information, provides assurance of an entity’s identity or provides assurance of the integrity of communications sessions, messages, documents or stored data." (NIST SP 800-57 Part 1 Rev. 3)

"An authentication service is a mechanism, analogous to the use of passwords on time-sharing systems, for the secure authentication of the identity of network clients by servers and vice versa, without presuming the operating system integrity of either (e.g., Kerberos)." (Gartner)

"A security measure designed to protect a communications system against acceptance of fraudulent transmission or simulation by establishing the validity of a transmission, message, originator, or a means of verifying an individual's eligibility to receive specific categories of information." (CNSSI 4009-2015)

"Authentication is the process of verifying the claimed identity of a session requestor." (NIST SP 800-13)

"Provides assurance of the authenticity and, therefore, the integrity of data." (NIST SP 800-67 Rev. 2)

"Security measures designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorization to receive specific categories of information." (NIST SP 800-59)

"The corroboration that a person is the one claimed." (NIST SP 800-66 Rev. 1)

"The process of establishing confidence in the claimed identity of a user or system." (NISTIR 7682)

"The process of proving the claimed identity of an individual user, machine, software component or any other entity.  Typical authentication mechanisms include conventional password schemes, biometrics devices, cryptographic methods, and onetime passwords (usually implemented with token based cards.)" (NISTIR 5153)

"The process of verifying the authorization of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system." (NIST SP 800-47)

"The process of verifying the integrity of data that has been stored, transmitted, or otherwise exposed to possible unauthorized access." (NISTIR 4734)

"Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system." (FIPS 200)

"Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in a system." (NIST SP 800-12 Rev. 1)

"Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to a system’s resources." (NIST SP 1800-17c)

💻IT: Virtual Machine [VM] (Definitions)

"An imaginary computer that runs compiled Java programs. Your computer or Web browser must emulate a virtual machine to run a Java applet or application." (Greg Perry, "Sams Teach Yourself Beginning Programming in 24 Hours" 2nd Ed., 2001)

"The combination of hardware and software (OS, DBMS, etc.) that provides the underlying environment that supports the operation of a software product." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"Everything under the control of a guest operating system that is managed by a Hypervisor." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"System that offers the expected functionality associated with a device, but is actually implemented on top of a lower level system. The typical example is the Java Virtual Machine, which specifies a mode of operation for a virtual processor that is subsequently emulated on a different processor architecture." (Max Domeika, "Software Development for Embedded Multi-core Systems", 2011)

"software that allows you to take a single physical device (e.g., one PC) and run multiple instances of operating systems on it." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"A computer operating system and associated storage and input/output resources that are completely provided by software. This is done by a hypervisor that allocates hardware resources by translating between the actual hardware and the software that attempts to access it. See also hypervisor." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"Software programs that look and run like a physical computer." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed, 2015)

"The illusion created by a timesharing system that each user has a dedicated machine" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

"This term is ambiguous. (a) It sometimes refers to the combination of the system hardware resources and the low-level operating system (called a hypervisor) that is responsible for creating the illusion to operating systems running on it that they have exclusive use of the system. (b) A virtual machine can also refer to a guest operating system running on top of a hypervisor." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"A virtual machine is a software representation of a computer." (Alex Thomas, "Natural Language Processing with Spark NLP", 2020)

"An IBM mainframe operating system that can host other IBM operating systems such as MVS or VSE, so that an application running under an operating system seems to have its own complete system of software and hardware resources." (Microfocus

"The software implementation of a physical computer that runs an operating system. Multiple virtual machines can run simultaneously on the same hardware. In Azure, virtual machines are available in a variety of sizes." (Microsoft, "Azure Glossary")

💻IT: Search Engine Optimization [SEO] (Definitions)

"The set of techniques and methodologies devoted to improving organic search rankings (not paid search) for a Web site." (Mike Moran & Bill Hunt , "Search Engine Marketing, Inc", 2005)

"The process and strategy of presenting a business on the web to improve the ability of potential customers finding it through natural searches on search engines such as Google, Yahoo!, and Bing." (Gina Abudi & Brandon Toropov, "The Complete Idiot's Guide to Best Practices for Small Business", 2011)

"The process of improving the volume or quality of traffic to a Web site from search engines via unpaid search results." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

"techniques to help ensure that a web site appears as close to the first position on a web search results page as possible." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"Search engine optimization, the set of techniques and methodologies devoted to improving organic search rankings (not paid search) for a Web site." (Mike Moran & Bill Hunt , "Search Engine Marketing, Inc", 2005)

"The process of writing web content so as to increase a page's ranking in online search results." (Faithe Wempen, "Computing Fundamentals: Introduction to Computers", 2015)

"its main function is to increase website visibility. The main search engines use algorithms to rank a website’s position and hence its overall position in the search results. In some instances it can be as simple as structuring the words on a website in a way the search engine operates. " (BCS Learning & Development Limited, "CEdMA Europe", 2019)

14 July 2019

💻IT: Asset (Definitions)

[process asset:] "Anything that the organization considers useful in attaining the goals of a process area." (Sandy Shrum et al, "CMMI: Guidelines for Process Integration and Product Improvement", 2003)

[organizational process assets:] "Artifacts that relate to describing, implementing, and improving processes (e.g., policies, measurements, process descriptions, and process implementation support tools). The term process assets is used to indicate that these artifacts are developed or acquired to meet the business objectives of the organization, and they represent investments by the organization that are expected to provide current and future business value." (Sandy Shrum et al, "CMMI: Guidelines for Process Integration and Product Improvement", 2003)

[process asset:] "Artifacts that relate to describing, implementing, and improving processes (e.g., policies, process descriptions, guidance, examples, aids, checklists, project closeout reports, metrics data, and training materials). The artifacts meet the organization’s business objectives, and represent investments expected to provide current and future business value." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

[organizational process assets:] "Any or all process-related assets, from any or all of the organizations involved in the project that are or can be used to influence the project's success. These process assets include formal and informal plans, policies, procedures, and guidelines. The process assets also include the organizations’ knowledge bases such as lessons learned and historical information." (Project Management Institute, "Practice Standard for Project Estimating", 2010)

[organizational process assets:] "Any or all process related assets, from any or all of the organizations involved in the project that are or can be used to influence the project's success. These process assets include formal and informal plans, policies, procedures, and guidelines. The process assets also include the organizations' knowledge bases such as lessons learned and historical information." (Cynthia Stackpole, "PMP Certification All-in-One For Dummies", 2011)

[IT assets:] "Tangible deliverables created during the course of an IT project that can be used in other similar projects. Examples include design, software code, or a testing scenario." (Janice M Roehl-Anderson, "IT Best Practices for Financial Managers", 2010)

[organizational process assets:] "Plans, processes, policies, procedures, and knowledge bases specific to and used by the performing organization. " (Project Management Institute, "The Standard for Portfolio Management" 3rd Ed., 2012)

[organizational process assets:] "Plans, processes, policies, procedures, and knowledge bases that are specific to and used by the performing organization." (For Dummies, "PMP Certification All-in-One For Dummie", 2nd Ed., 2013)

[Software assets:] "software tools needed to manipulate the organization's information to accomplish the organization's mission." ( Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Data contained in an information system; or a service provided by a system; or a system capability, such as processing power or communication bandwidth; or an item of system equipment (that is, a system component - hardware, firmware, software, or documentation); or a facility that houses system operations and equipment." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Any item that has value to the organisation." (ISO/IEC 27000:2012)

Related Posts Plugin for WordPress, Blogger...

About Me

My photo
Koeln, NRW, Germany
IT Professional with more than 24 years experience in IT in the area of full life-cycle of Web/Desktop/Database Applications Development, Software Engineering, Consultancy, Data Management, Data Quality, Data Migrations, Reporting, ERP implementations & support, Team/Project/IT Management, etc.