Free essays now : October 2019

Wednesday, October 30, 2019

Assignment (Economics) Example | Topics and Well Written Essays - 250 words

(Economics) - Assignment Example The adverse impact of tax hike was phenomenal for casual drinkers as they massively reduced their consumption, thereby resulting in overall decrease in aggregate beer demand. Obviously, the producers were unable to increase prices substantially considering demand / consumption pattern and thus suffered stupendous financial losses. For instance, the producers adopted downsizing strategy, which in turn resulted in 50,000 job losses. The revenues to government also declined in general as the beer industry did not record significant market expansion and growth. The demand from hardcore drinkers also reduced as they switched to other cheap drinks to ensure their balance of their financial budgets. All in all, the rollback of levies / taxes would not lead to mammoth rise in consumption; rather will reduce financial burden on producers as well as consumers. Next, consumers would not change their drinking habit and start consuming irresponsibly; therefore, this is just a myth that rollback o f beer taxes may cause grave healthcare issues. Reference Beer Tax Website Ã¢â‚¬Å"Just the FactsÃ¢â‚¬ Roll Back the Beer Tax http://www.rollbackthebeertax.com/

Sunday, October 27, 2019

Principles and Characteristics of Good Governance

Principles and Characteristics of Good Governance Introduction In general, good governance is perceived as a normative principle of administrative law, which obliges the State to perform its functions in a manner that promotes the values of efficiency, no corruptibility, and responsiveness to civil society. It is therefore a principle that is largely associated with statecraft. While the government is not obliged to substantively deliver any public goods, it must ensure that the processes for the identification and delivery of such goods are concrete in terms of i) being responsive to public demands; ii) being transparent in the allocation of resources and; iii) being equitable in the distribution of goods. The principle of good governance has also been espoused in the context of the internal operations of private sector organizations. In this way, corporate decision-making strategies integrate the principle of good governance and ensure that shareholder interests (i.e. public limited companies) and employees are taken into account. The legal meaning of the principle of good governance The concept of good governance as developed by the World Bank is essentially a touchstone upon which the prevailing administrative structure of a given country can be measured. Consequently, it provides ample evidence of the robustness of the structural suitability of donors as efficient vehicles of multilateral aid investment to developing countries. Good governance is therefore chiefly envisaged as a set of procedural tools to guarantee the efficacious improvement of the donor identified subject. Politically, however, the principle of good governance has not been very well received. For instance, governments may be reluctant to be held accountable to donor agencies, and they may sometimes display widespread hostility against such agencies (or other bodies) that is construed to be interfering in their (sovereign) domestic affairs. The real or imagined fears have stemmed mainly from the fact that the term good governance has largely been identified with liberalism and laissez-faire p olicies common in most developed countries. Further, the usage of the term good derives primarily from subjective interpretations especially in the context of large multicultural and diverse economies that characterize the developing world. The characteristics of good governance Good governance has 8 major characteristics. It is participatory, consensus oriented, accountable, transparent, responsive, effective and efficient, equitable and inclusive and follows the rule of law. It assures that corruption is minimized, the views of minorities are taken into account and that the voices of the most vulnerable in society are heard in decision-making. It is also responsive to the present and future needs of society. 1. Participation Participation by both men and women is a key cornerstone of good governance. Participation could be either direct or through legitimate intermediate institutions or representatives. It is important to point out that representative democracy does not necessarily mean that the concerns of the most vulnerable in society would be taken into consideration in decision making. Participation needs to be informed and organized. This means freedom of association and expression on the one hand and an organized civil society on the other hand. 2. Rule of law Good governance requires fair legal frameworks that are enforced impartially. It also requires full protection of human rights, particularly those of minorities. Impartial enforcement of laws requires an independent judiciary and an impartial and incorruptible police force. 3. Transparency Transparency means that decisions taken and their enforcement are done in a manner that follows rules and regulations. It also means that information is freely available and directly accessible to those who will be affected by such decisions and their enforcement. It also means that enough information is provided and that it is provided in easily understandable forms and media. 4. Responsiveness Good governance requires that institutions and processes try to serve all stakeholders within a reasonable timeframe. 5. Consensus oriented There are several actors and as many view points in a given society. Good governance requires mediation of the different interests in society to reach a broad consensus in society on what is in the best interest of the whole community and how this can be achieved. It also requires a broad and long-term perspective on what is needed for sustainable human development and how to achieve the goals of such development. This can only result from an understanding of the historical, cultural and social contexts of a given society or community. 6. Equity and inclusiveness A societys well being depends on ensuring that all its members feel that they have a stake in it and do not feel excluded from the mainstream of society. This requires all groups, but particularly the most vulnerable, have opportunities to improve or maintain their well being. 7. Effectiveness and efficiency Good governance means that processes and institutions produce results that meet the needs of society while making the best use of resources at their disposal. The concept of efficiency in the context of good governance also covers the sustainable use of natural resources and the protection of the environment. 8. Accountability Accountability is a key requirement of good governance. Not only governmental institutions but also the private sector and civil society organizations must be accountable to the public and to their institutional stakeholders. Who is accountable to whom varies depending on whether decisions or actions taken are internal or external to an organization or institution. In general an organization or an institution is accountable to those who will be affected by its decisions or actions. Accountability cannot be enforced without transparency and the rule of law. How to achieve good governance Good governance, to be effective and sustainable, must be anchored in a vigorous working democracy which respects the rule of law, a free press, energetic civil society organizations and effective and independent public bodies such as the Commission for Human Rights and Good Governance, Prevention of Corruption Bureau and the Fair Trade Commission. The Commission is important in ensuring the promotion and protection of human rights, but also in ensuring both transparency and accountability on the part of the government. Good governance requires transparency and efficiency also in different government agencies. At the political level democratic practices, including transparency in policy making and administration, are important aspects of good governance. This is signified by a pluralistic political system that allows the existence of diversity in political and ideological opinions. No wonder that good governance is said to be more easily achieved and guaranteed in a multi-party system than in a mono-party system. It also means the holding of regular elections applying the principle of universal franchise. In order to qualify as democratic, elections must be free and fair. Good governance deals with the nature and limits of state power. The doctrine of the separation of powers is therefore relevant in the establishment of whether or not a country has a political system that is responsive to good governance. The doctrine of the separation of powers is based on the acceptance that there are three main categories of government functions: legislative, executive, and judicial. Corresponding to these are the three main organs of government in a state the Legislature, the Executive and the Judiciary. The doctrine insists that these three powers and functions of government in a free democracy must be kept separate and exercised by separate organs of the state. Conclusion From the above discussion it should be clear that good governance is an ideal which is difficult to achieve in its totality. Very few countries and societies have come close to achieving good governance in its totality. However, to ensure sustainable human development, actions must be taken to work towards this ideal with the aim of making it a reality. References Macdonald, B. (1998), Good governance and Pacific island states, in Larmour, P. (Ed.), Governance and Reform in the South Pacific, National Centre for Development Studies Australian National University, Canberra, pp. 21-53. Woods, N. (1999) Good Governance in International Organizations, Global Governance 5, 39-61. Burnell, Peter. Good Government and Democratization: A Sideways Look at Aid and Political Conditionality, Democratization, vol.1, no.3, pp.485-503.

Friday, October 25, 2019

Radio Frequency Weapons and the Next Phase of Terrorism :: September 11 Terrorism Essays

Radio Frequency Weapons and the Next Phase of Terrorism Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Abstract: Ã‚ This paper examines different types of radio frequency ("RF") weapons that are currently being developed.Ã‚ It discusses the different types of weapons that currently exist, explains why they would be useful to terrorists, and explores different ways to defend against them.Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Recent media articles have put forth the idea of the "RF weapon," something that has been described as if it were a magical gun that can bring the United States to its knees.Ã‚ While these weapons do exist, the threat they pose is far less widespread and dangerous than articles such as "RF Weapons Attacking Our Freedom?" propose.Ã‚ Having said that, however, the threat is real, and steps need to be taken to defend against RF weaponry. Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ One of the first distinctions that should be drawn in this discussion is that between RF weapons and EMP weapons.Ã‚ An EMP (electromagnetic pulse) is usually employed by detonating a thermonuclear devices at high altitudes (500 miles or more) above the Earth.Ã‚ The resulting electromagnetic pulse cripples any electronic equipment within its path.Ã‚ Thus, one nuclear device can be used to cripple the modern infrastructure of an entire nation [1].Ã‚ An RF device is effective over a much smaller range, but it can cause just as much damage [2]. Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ According to David Shriner, a former military engineer and expert on RF technology, there are a number of different types of RF weapons, which are also referred to as High Powered Microwave (HPM) weapons.Ã‚ The first type is the conventional RF weapon, which sends out a concentrated band of radio waves toward a target.Ã‚ These radio waves act in a way similar to the waves inside a normal microwave oven; given a sufficient amount of power, they can be used to heat and damage electronic equipment operating at the same frequency.Ã‚ Because of this need to match frequency with the target, conventional RF weapons require prior research and intelligence before they can be deployed effectively by terrorists [3]. Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ Ã‚ A second, more insidious type of HPM weapon is what Shriner calls the Transient Electromagnetic Device (TED).Ã‚ Instead of producing a sine wave at a particular frequency (as conventional RF devices do), the TED creates a sudden spike of energy that can last as little as 100 picoseconds (the amount of time it takes light to travel about 1.

Thursday, October 24, 2019

End of Life Issues

After being diagnosed with debilitating diseases, such as one of the multiple forms of cancer or being in a Persistent Vegetative State, (PVS), many consider euthanasia to end the suffering of that individual. Euthanasia is defined as Ã¢â‚¬Å"the act of painlessly ending the lives of individuals who are suffering from an incurable disease or severe disabilityÃ¢â‚¬ (Santrock, 2012). The whole idea of euthanasia is to end the pain and suffering of a person instead of letting them go through the rest of their life awaiting a slow, painful, and oftentimes, undignified death.The act of euthanasia is separated into two main categories; passive and active, or Ã¢â‚¬Å"letting dieÃ¢â‚¬ and Ã¢â‚¬Å"killingÃ¢â‚¬ , respectively, according to Ansari, A. , Sambo, A. O. , & Abdulkadir, A. B. (2012). Passive euthanasia is when a person is allowed to die by withholding available treatment, such as an individual not performing CPR on a person who suffers from cardiac arrest or taking a person off th eir artificial life support system, like a feeding tube or breathing machine.Euthanasia can be considered active when a person actively or deliberately gives another person a lethal injection to end their life. Another way to differentiate between the two types of euthanasia would be to say that active euthanasia occurs when an something happens to cause death to a patient and passive euthanasia happens when an inaction causes the patient to die. Physician-assisted suicide is considered a type of active euthanasia, which takes place when a doctor gives a patient a prescription or other drugs to let them to commit suicide.To further classify the term, euthanasia, it can also be categorized as voluntary or involuntary. Voluntary is when a mentally competent person makes the decision to die on their own without being coerced and made fully aware of the pertinent facts of their health. Involuntary euthanasia, (or non-voluntary) is done without the consent of the patient, such as when th e patient is in a coma, and the wishes of that patient are unknown.To combat any moral or ethical issues about a persons' decision to partake in euthanasia, or not partake for that matter, that individual should discuss their advanced care planning, or planned preferences for end-of-life care (Santrock, 2012). By evaluating how a person wants to live out the rest of their life, they can establish an advanced directive, or living will, which would indicate whether or not they wanted life-sustaining procedures used to prolong their life if death were imminent.Any living will should only be signed by an individual that is in a coherent state of mind and able to think clearly (Santrock, 2012). The ethical issue raised by active euthanasia is that it could be considered used as a way to rid society of elderly or terminally ill patients whether they want to die or not. Patients may begin to fear that if they go to the hospital for even routine exams, they might not leave because a person on the medical staff might deem them unable to recuperate from whatever reason brought them to the hospital in the first place.Proponents however, say that people are autonomous, that they have the right to make their own decisions about important issues in their lives such as death. An ethical issue raised by passive euthanasia is that it causes a person die slowly and painfully, instead of giving them the opportunity to pass away comfortably and on their own terms. The laws in Arizona state that any contributor participating in euthanasia would be guilty of one of the subheadings of homicide, being manslaughter, a class 2 felony, or first or second degree murder, both being class 1 felonies.The state of Arizona believes that life is very important and nobody should be able to take that right away from any individual, barring any medical emergency procedure. I believe that euthanasia has its place in society. While I do not condone murder, I believe if a person is dying from an inc urable disease or is in a persistent vegetative state where there is no chance of recovery, allowing that person to die painlessly and with dignity is more moral than not doing so.Although human life is a precious gift from God, I feel that it would be the duty of the patients' family and doctors to take all the information about the health of the patient and make the best decision for their loved one, even if the end result means the death of that person. Euthanasia has many angles to evaluate before a person commits to such an ultimate and final act, whether for a loved one or their own ending. A person

Wednesday, October 23, 2019

Process Design for Riordan

Process Design for Riordan Manufacturing OPS/571 February 18, 2013 Robin Hundley-Solomon Process Design for Riordan Manufacturing Riordan Manufacturing, and its parent company Riordan Industries, Inc. is a Fortune 1000 company (University of Phoenix, 2013). RiordanÃ¢â‚¬â„¢s future is focused on remaining profitable while ensuring that financial and human capital is available for continue growth (University of Phoenix, 2013). Remaining financially viable and competitive in the global environment requires the manufacturing plant in China to evaluate current processes and address multiple aspects of the companyÃ¢â‚¬â„¢s design process.Primary in the process redesign is the Manufacturing Resource Planning (MRP), the supply chain, accurate forecasting, and a viable implementation process with quality management components. Removing bottlenecks, incorporating Just-in-Time (JIT) inventories, minimizing waste, and including global opportunities will preposition Riordan Manufacturing for cont inued success. Manufacturing Resource Planning Manufacturing resource planning systems are a common resource in almost all manufacturing plants, large and small.MRP systems provide an easily understood approach to determining number of parts, materials, and schedules for ordering and production of these components (Chase, Jacobs, & Aquilano, 2006). Because Riordan produces parts in batches using the same equipment, an MRP system will provide an avenue to optimize RiordanÃ¢â‚¬â„¢s strategy for decreasing variance and waste in the supply and demand of their electric fans. The plant in China produces the plastic fan blades and fan housings.The electric fans are purchased from a local plant, shipped to Riordan and assembled to be sold as a finished product. The fan supplier has a 93% rate for on-time deliveries, delaying production if not available. Riordan keeps inventory and safety stock of easily obtained material, which incurs costs. Concern with scrap materials and a reduction in w aste is imperative for RiordanÃ¢â‚¬â„¢s China plant as it moves to implement new processes. Managing these inefficient processes by the use of an MRP system will reduce raw materials and finished goods inventory costs.The implementation of the MRP system will meet the goals of providing a master schedule for production, manage inventory levels, automate the ordering process to reduce waste, and reduce variability in supply and demand. These components must be managed effectively if Riordan is to remain competitive in the global market. Process Design The current process of Riordan Manufacturing is not optimal and must be significantly modified to remain a global leader. Because the delivery and supply of electric fans is inconsistent, bottlenecks can occur, delaying production.Stocking easily obtained polymer products increases inventory costs. Selecting alternative suppliers for fans will enable Riordan to ensure delivery of fans to meet production requirements and customer orders. The use of multiple sources reduces the need to have an inventory of fans. This implementation of a Just-in-time (JIT) inventory management system reduces inventory and storage costs, reduces waste products and improves the manufacturing process. This lean production and process is Ã¢â‚¬Å"based on the logic that nothing will be produced until it is neededÃ¢â‚¬ (Chase, Jacobs, & Aquilano, 2006, p. 71). Optimization of strategic capacity planning, inventory management, and the production and scheduling of the products in the right place, at the right time, in the right amount increases revenue and efficiencies for the company (Shields, 1999). The use of flow management, which combines JIT and the capabilities of MRP produces a mix of products based on orders, and using the stream of parts supplied just-in-time (Chase, Jacobs, & Aquilano, 2006). Supply Chain Companies can gain competitive and strategic advantage with an efficient, streamlined supply chain process.To be cost-efficien t companies eliminate non-value-added activities, create the best capacity utilization in production and distribution, and pursue economies of scale (Chase, Jacobs, & Aquilano, 2006). Supply chain management performs the core function of product flow through the process of receiving raw materials to shipment of the final product. The China plant process is currently disjointed, without a central system to oversee receipt, inventory, production numbers, orders, and shipment.The implementation of a lean process with Just-in-Time inventory, automated accounting of raw materials, orders, invoices, and shipping schedules will minimize paperwork logjams, waste, and bottlenecks. Outsourcing and seeking global opportunities, such as assembly and shipping of the final product, in a location with less costs allows Riordan to focus only on the production of parts. Global product sourcing can help in lowering costs by purchasing the required material from other countries where it is available a t low price.Multi-sourcing of electric fans allows for consistent delivery and competition among providers, also decreasing costs. Production Forecast The plantÃ¢â‚¬â„¢s production forecast is based on the theory of moving averages. ChinaÃ¢â‚¬â„¢s manufacturing unit takes care of plastic polymers and electric motors required for production of fans. To calculate demands for next year production Riordan averages sales for the last three years. This average is the projection for the coming year (Riordan, 2006). Riordan also produces custom fans based on periodic orders from customers on a year to year basis.These forecast numbers are inaccurate and unpredictable and can lead to excess inventory and waste. The adoption of the lean process and Just-in-Time inventory is a best practice business strategy and concept to optimize capacity planning, inventory management, and production and scheduling of the products in the market at the optimal times and location. These processes plus the ana lysis of economic conditions will increase revenue for the company to meet corporate goals. Implementation Plan Adequate planning is necessary for success in the implementation of the new process.Evaluation at regular intervals with responsive and timely modifications enables Riordan to minimize resource utilization toward non-essential activities. Role definition and clear guidance are key in process design changes and Riordan must delineate carefully its implementation plan. For the JIT training project, it is best to divide the employees into two groups. Group one will start training with the education portion on Monday, February 18 through Wednesday, February 20. Group one can apply this learning in simulation training on the second half of the day on Wednesday, February 20 through Friday, February 22.The second week starting Monday, February 25 through Friday, March 1 Group one will apply learned knowledge and skills in an actual work setting. Supervisors will be on hand to hel p and employees can discuss any input, questions, and review any processes with the training supervisors. Group two will begin the education part of the training on Monday, February 25-Wednesday, February 27. Group two will apply this learning in simulation training on the second half of the day on Wednesday, February 27-Friday, March 1.The second week beginning Monday, March 4 through Friday, March 8, Group two will apply learned knowledge and skills in the actual work setting. Group two will do the same as Group one regarding the provision of input, questions, and review any processes as well. Automation has been added for the JIT process because this is a continuous process. The entirety of the first day is required to go through the receiving and molding processes. This links to the next process of trimming and assembly processes for the next two days. This allows more time to carefully put the products together.On the fourth day, it links the process to review and check for any product defects and count the excess waste. On the final day, it links with the previous process for packaging, cleanup, and recycle processes. Excess waste can be checked to determine what can be recycled into the raw materials inventory or given to the Chinese partners to dispose of the excess waste. Table one has been added for an illustration of the processes. Table One Cover Letter February 18, 2013 Riordan Manufacturing One Riordan Plaza San Jose, California 95112 Dear CEO:Team A is honored with the opportunity to introduce the proposal for implementation of Lean production and Total Quality Management (TQM) for improving the Process Design of Riordan Manufacturing. There are various options to track the current operational process in the firm. The selection of the right tools for Lean Production and Quality Management can provide insight regarding the material requirement planning and strategic needs to meet the demands of intermittent orders in addition to the current forec asting based on yearly demand.The proposal will identify the bottlenecks in the process of forecast demand and production plan, which will achieve the balance needed to satisfy the quantity of Riordan electric fans for the demand. TQM will determine the materials and personnel needed to produce the electric fans according to forecasted demand and assure that Riordan is producing quality products in an efficient manner. This implementation consisting of incorporating TQM, Just-in-Time inventories, minimizing waste, and including global opportunities, helps to extract the results of the project and provides the ability to forecast demand in an optimal way.Any kind of feedback will be greatly appreciated and any member of our team will readily be available to respond to any questions. Do not hesitate to contact us either by phone or e-mail. The team will readily make any changes you suggest. We look forward to continue working together in the future as Riordan positions itself for cont inued global success. Sincerely, Learning Team A Conclusion To achieve the objectives of Riordan Industries, it is essential to identify processes requiring modification correctly and successfully implement a new process design.Optimizing operations require identifying bottlenecks, streamlining the supply chain, implementing JIT inventory management, and maximizing profits while increasing customer satisfaction is imperative. Aggregate planning and total quality management assists in keeping Riordan Industries China plant on track and positions Riordan for continued success as a global leader. References Chase, R. B. , Jacobs, F. R. , & Aquilano, N. J. (2006). Operations management for competitive advantage (11th ed. . New York, NY: McGraw Hill/Irwin. Retrieved from the University of Phoenix ebook Collection database. Shields, T. (1999). Tutorials-lean production/lean manufacturing. Defense Acquisition University. Retrieved from http://www. dau. mil/educdept/mm_dept_resources/navbar /lean/ 01rdg-lean. asp. University of Phoenix (2009). Riordan manufacturing virtual organization. Retrieved from Apollo Group, Inc. , OPS571- Operations Management.

Tuesday, October 22, 2019

Chinese Art Art at Court

Chinese Art Art at Court The current exhibit at the Metropolitan Museum of Art, entitled Ã¢â‚¬Å"The Emperors Private Paradise: Treasures from the Forbidden CityÃ¢â‚¬ , reveals one individualÃ¢â‚¬â„¢s very personal stamp on their environment. The retreat, designed and built by the Qianlong Emperor in a corner of the Forbidden City, demonstrates luxury, appreciation for beauty, decided ideas about beauty, and devotion to a philosophical ideal. This kind of private indulgence is rare, but not unknown elsewhere[1].Advertising We will write a custom essay sample on Chinese Art: Art at Court specifically for you for only $16.05 $11/page Learn More Among the 90 or so objects and artifacts included in the exhibit, the Screen of Sixteen Double-Sided Panels, represents much of what is interesting about the royal owner, is preferences, and the intimate space from which the objects were taken. The screen in particular demonstrates how the interest and appreciation by one powerful person could affect iconography and fashions in decoration for many years after their lifetime The Qianlong Emperor built his Studio of Exhaustion from Diligent Service in the 18th Century, with the intention of using it for relaxation, entertainment[2], meditation, and reflection. The Emperor planned to enjoy it when he retired from active management of the Middle Kingdom. It is compactly built on a roughly two-acre plot in one corner of the palace grounds. He was able to choose whatever he liked in terms of design and decoration, and display gifts from his subjects as well. They are rare, one-of-a-kind, and expensive. Thus, the furnishing of the Studio of Exhaustion from Diligent Service reflects his own taste, rather than anything handed down from previous rulers. The screen, from the pavilion named The Building of Luminous Clouds, has a colorful and romantic story. It was a gift from a provincial governor. The Emperor liked the surface of it that featured human figures, and it was therefore displayed with that part facing outwards into the room. As a result, the other side was not seen or even known about for several hundred years. The reverse side has decorations that are just as lovely. The paintings on the surface that is best known are copies of works by an artist from the 9th century named Guanxiu. This Guanxiu was a monk in Hangzhou Province. He was inspired by a dream to paint images of the disciples of the Buddha, known as Arhats.Advertising Looking for essay on art and design? Let's see if we can help you! Get your first paper with 15% OFF Learn More These figures are known in Chinese as Luohans. They are described as beings that have attained some degree of enlightenment. They Ã¢â‚¬Å"protect the faithful BuddhistÃ¢â‚¬ [3], until the whole human race achieves some sort of enlightenment themselves The veneration of Arhats was at its height at exactly the time that the artist Guanxiu made his depictions[4]. There was no documentation of their actual appearance, and since Gautama Buddha was from India, not China, there were no local reports about them. However, Guanxiu claimed that he had been visited with a vision in a dream[5]. He created 15 of the images based on the dream but may have used himself as the model for the 16th. The Emperor saw the paintings while visiting the region in 1757, and liked them. He ordered his staff to make copies of them[6]. He also wrote eulogies, or brief, haiku-like descriptions of each LuohansÃ¢â‚¬â„¢ personality and spiritual characteristics. Accounts differ as to how the copying of the images proceeded, but sets were sent to all of the 18 provinces for display. There are stone relief copies of them remaining in situ today in several provinces of China[7]. The abbot of the temple in 1757 must have been delighted at this opportunity for publicizing the monastery and preserving its 800-plus year old treasure! With the paintings copied in stone, the images could be duplicated many tim es through stone rubbings. This seems like a remarkably innovative idea, but it apparently may have pre-dated printing in China. Stone rubbings had been used to preserve and disseminate all sorts of information and images, including Buddhist scriptures[8]. In the case of GuanxiuÃ¢â‚¬â„¢s Luohans, it seems reasonable to infer that the Emperor and the abbot wanted to ensure the exact duplication of each image. This was especially true since it was believed to have been divinely inspired. In general, since art played an important moral role in China, correct copying was important[9].Advertising We will write a custom essay sample on Chinese Art: Art at Court specifically for you for only $16.05 $11/page Learn More These stone rubbings were copied back into painting form by the previously mentioned provincial governor. The Luohans were drawn in white on black, which is the way they would have appeared in a rubbing. This also gives them an almost cartoon-like ef fect. The eulogy written by the Emperor Qianlong appears in the upper right-hand corner. The images on the reverse are painted in gold. They look like jewelry hung on the screen. The forms of some of the plants depicted are variously contorted to fit into the space. This contortion also evokes for this viewer the action of nature and time on all living things. Others, like the bamboo in the first panel, are so realistic that they look as though one might touch them and find them living. These individual works of art were all installed together in a beautiful folding screen. It was lavishly crafted of Ã¢â‚¬Å"Purple sandalwood (zitan), lacquer, jade, and gold paintÃ¢â‚¬ [10]. This luxurious and flexible setting of the paintings would have allowed the Emperor to gaze at any combination of the images at once. The trees and shrubs on the reverse probably have symbolic meaning. Given the deep religious significance of the Luohans, this would be reasonable to infer. Information on their symbolism is not readily available, perhaps because their discovery is recent. However, there were traditional associations of plants noted elsewhere in the exhibit. Some sort of similar symbolism may be reflected in the screen paintings. For example, the Ã¢â‚¬Ëœthree friends of winterÃ¢â‚¬â„¢, depicted in the EmperorÃ¢â‚¬â„¢s heavily decorated window, are described as pine, bamboo, and blossoming plum[11]. It must be noted that within Chinese Buddhism, there were Luohan cults associated with a group of eighteen, and five hundred, as well as the sixteen. These, unlike the cult of the sixteen, are described as Ã¢â‚¬Å"not canonicalÃ¢â‚¬ [12]. This means that they lacked the backing of scripture or religious authority. Thus, the Emperor, by commissioning the copying of the sixteen Luohans, writing eulogies for each one, and choosing to display the gift screen in a specially constructed niche, was giving his personal support to the sixteen-Arhat cult. This is very much like Michelle Ob ama dressing her daughters in J. Crew for the Presidential inaugural events, or Madonna wearing Kabbalistic symbols. That fashion, or that religious practice, becomes more popular with the population as a whole, as a result of the adoption by an opinion leader. In this way, the Emperor had the power to affect artistic and decorative choices all over the country.Advertising Looking for essay on art and design? Let's see if we can help you! Get your first paper with 15% OFF Learn More Indeed, GuanxiuÃ¢â‚¬â„¢s images are said to have been reproduced all over China[13]. Was this entirely the result of the EmperorÃ¢â‚¬â„¢s interest? This is certainly the view of some Chinese commentators. Sets of these images were reproduced in jade, and other materials and given as highly desirable gifts[14]. The EmperorÃ¢â‚¬â„¢s interest certainly did not discourage the spread of these depictions. In fact, these depictions seem to continue to be reproduced in masss might include Monticello, Thomas JeffersonÃ¢â‚¬â„¢s home, and that of Frederick Church, called Olana, both designed in every detail by their owner. The Metropolitan Museum of Art. 2011. Ã¢â‚¬Å"The EmperorÃ¢â‚¬â„¢s Private ParadiseÃ¢â‚¬ . Joo, Bong Seok. 2007. Ã¢â‚¬Å"The Arhat Cult in China from the Seventh through thirteen centuries: Narrative, art, space, and ritualÃ¢â‚¬ . Joo. Much like the founder of the Shaker movement, creating religiously symbolic images from a dream. This is much like gravestone rubbings that h istory buffs make today in old cemeteries. ShanghaiCentral.com China ArtÃ¢â‚¬ . 2011. ShanghaiCentral. East Asian Library, University of California, Berkeley. 2004. Ã¢â‚¬Å"What is a Stone Rubbing?. Ã¢â‚¬ Kuiper, Katherine. Culture in China, 2010. Brittanica Educational Publishing. Metropolitan Museum of Art. 2011. Ã¢â‚¬Å"The Emperors Private Paradise: Treasures from the Forbidden CityÃ¢â‚¬ . Metropolitan Museum of Art. 2011. Ã¢â‚¬Å"The Emperors Private Paradise: Treasures from the Forbidden CityÃ¢â‚¬ . Joo. Watanabe. Masako. Ã¢â‚¬Å"Guanxiu and Exotic Imagery in Rakan PaintingsÃ¢â‚¬ . ShanghaiCentral.com. Ã¢â‚¬Å"China ArtÃ¢â‚¬ . Watanabe, Masako. Cook, Greg. Ã¢â‚¬Å"An EmperorÃ¢â‚¬â„¢s Heaven on EarthÃ¢â‚¬ . The Providence Phoenix. Wikipedia. Ã¢â‚¬Å"Eighteen LohansÃ¢â‚¬ . Wikipedia.org. 2011. Although Wikipedia is not usually considered a scholarly source, it was the most comprehensible description of the Luohan iconography readily available that could be cross-referenced aga inst the images on the screen itself. Metropolitan Museum of Art. Ã¢â‚¬Å"Ã¢â‚¬ Screen of Sixteen Double-Sided PanelsÃ¢â‚¬ . Kuiper, Katherine. The Culture of China. Kuiper Metropolitan Museum of Art. Ã¢â‚¬Å"Pair of ScreensÃ¢â‚¬ . Metropolitan Museum of Art. Ã¢â‚¬Å"Pair of CabinetsÃ¢â‚¬ . Metropolitan Museum of Art. Ã¢â‚¬Å"Root wood ChairÃ¢â‚¬ .

Monday, October 21, 2019

Mentally Ill in Jail essays

Mentally Ill in Jail essays The articles inform that more mentally ill people are in jail than in hospitals. According to statistics 159,000 of mentally ill are presently incarcerated in jails and prisons, mostly of crimes committed because they were not being treated. Some of them become violent and may terrorize their families and neighborhoods. Tragically, most of those instances of incarceration are unnecessary. We know what to do, but for economic, legal and ideological reasons, we fail to do it. The deinstitutionalisation of the severely mentally ill in the 60ties qualifies a as one of the largest social experiments in American history. In 1995, there were 558,239 severely mentally ill patients in the nations public psychiatric hospitals. In 1995, the number has been reduced to 71,619. The deinstitutionalization created an mental illness crisis by discharging people from hospitals without ensuring that they receive medication and rehabilitation services in the community. Consequently, 2.2million severely mentally ill do not receive any psychiatric treatment. Mental patients were released from psychiatric hospital in the belief that permitting them to live in a freer environment was more humane and would improve their well-being. Instead, they turned up in prisons where they are virtually devoid of dignity and lack adequate treatment and understanding. Besides, even if they take medications and might get better in jail, there is no guarantee that they will continue with the treatment after they are released into the communities. And so the vicious circle goes on. The solution to the problem is to provide sufficient funding to the community-based mental health system so people could be helped before they become part of the prison system. Services like medication therapy and monitoring, residential services, rehabilitation services and support services are successful in bringing the severely mentally ill back ...

Sunday, October 20, 2019

12 Quotations on Learning to Write by Reading

12 Quotations on Learning to Write by Reading Read! Read! Read! And then read some more. When you find something that thrills you, take it apart paragraph by paragraph, line by line, word by word, to see what made it so wonderful. Then use those tricks the next time you write. That charge to young writers happens to come from novelist W.P. Kinsella, but in fact hes echoing centuries of good advice. Heres how 12 other authors, past and present, have stressed the importance of reading to a writers development. Read, Observe, and PracticeFor a man to write well, there are required three necessaries: to read the best authors, observe the best speakers, and much exercise of his own style.(Ben Jonson, Timber, or Discoveries, 1640)Exercise the MindReading is to the mind what exercise is to the body.(Richard Steele, The Tatler, 1710)Read the BestRead the best books first, or you may not have a chance to read them at all.(Henry David Thoreau, A Week on the Concord and Merrimack Rivers, 1849)Imitate, Then DestroyWriting is a difficult trade which must be learned slowly by reading great authors; by trying at the outset to imitate them; by daring then to be original and by destroying ones first productions.(Attributed to AndrÃƒ © Maurois, 1885-1967)Read CriticallyWhen I was teaching writing - Ã‚ and I still say it - Ã‚ I taught that the best way to learn to write is by reading. Reading critically, noticing paragraphs that get the job done, how your favorite writers use verbs, all the useful techni ques. A scene catches you? Go back and study it. Find out how it works.(Tony Hillerman, quoted by G. Miki Hayden in Writing the Mystery: A Start-to-Finish Guide for Both Novice and Professional, 2nd ed. Intrigue Press, 2004) Read EverythingRead everything - Ã‚ trash, classics, good and bad, and see how they do it. Just like a carpenter who works as an apprentice and studies the master. Read! Youll absorb it. Then write. If it is good, youll find out.(William Faulkner, interviewed by Lavon Rascoe for The Western Review, Summer 1951)Read Bad Stuff, TooIf you are going to learn from other writers dont only read the great ones, because if you do that youll get so filled with despair and the fear that youll never be able to do anywhere near as well as they did that youll stop writing. I recommend that you read a lot of bad stuff, too. Its very encouraging. Hey, I can do so much better than this. Read the greatest stuff but read the stuff that isnt so great, too. Great stuff is very discouraging.(Edward Albee, quoted by Jon Winokur in Advice to Writers, 1999)Be a Voracious, Loving ReaderWhen you start reading in a certain way, thats already the beginning of your writing. Youre learning what you admire and you re learning to love other writers. The love of other writers is an important first step. To be a voracious, loving reader.(Tess Gallagher, quoted by Nicholas OConnell in At the Fields End: Interviews With 22 Pacific Northwest Writers, rev. ed., 1998) Tap Into the World ConsciousnessToo many writers are trying to write with too shallow an education. Whether they go to college or not is immaterial. Ive met many self-educated people who are much better read than I am. The point is that a writer needs a sense of the history of literature to be successful as a writer, and you need to read some Dickens, some Dostoyevsky, some Melville, and other great classics - Ã‚ because they are part of our world consciousness, and the good writers tap into the world consciousness when they write.(James Kisner, quoted by William Safire and Leonard Safir in Good Advice on Writing, 1992)Listen, Read, and WriteIf you read good books, when you write, good books will come out of you. Maybe its not quite that easy, but if you want to learn something, go to the source. ... Dogen, a great Zen master, said, If you walk in the mist, you get wet. So just listen, read, and write. Little by little, you will come closer to what you need to say and express it thr ough your voice.(Natalie Goldberg, Writing Down the Bones: Freeing the Writer Within, rev ed., 2005) Read a Lot, Write a LotThe real importance of reading is that it creates an ease and intimacy with the process of writing; one comes to the country of the writer with ones papers and identification pretty much in order. Constant reading will pull you into a place (a mind-set, if you like the phrase) where you can write eagerly and without self-consciousness. It also offers you a constantly growing knowledge of what has been done and what hasnt, what is trite and what is fresh, what works and what just lies there dying (or dead) on the page. The more you read, the less apt you are to make a fool of yourself with your pen or word processor.Ã‚ ...[R]ead a lot, write a lot is the great commandment.(Stephen King, On Writing: A Memoir of the Craft, 2000)And Have FunRead a lot. Write a lot. Have fun.(Daniel Pinkwater) For more specific suggestions on what to read, visit our reading list: 100 Major Works of Modern Creative Nonfiction.

Saturday, October 19, 2019

What Is The Likely Influence Of Institutional Investors On Corporate Essay

What Is The Likely Influence Of Institutional Investors On Corporate Social Performance - Essay Example The World Business Council for Sustainable Development proposes a definition for CSR which is " CSR is the continuing commitment by business to behave ethically and contribute to economic development while improving the quality of life of the workforce and their families as well as of the local community and society at large". Reference (this definition was developed in 1998 for the first WBCSD CSR dialogue in The Netherlands.) There has been an increasing role of CSR in the community these days. This is because of the impact of globalization, where the effects of actions on the other side of the world are being debated in the press. There is also increasing attention from investors through the rise of socially responsible investment or SRI. Investment in ethical funds was given a boost when pension funds were obliged to state whether they took into account social and environmental impacts. The reason behind such an investment is that firms that closely manage their social and environmental conditions are subject to less risk, are possibly better managed and thus will also turn out as better investment, as well as satisfying a principled standard. To promote CSR it is necessary to enter into a trust based relationship with stakeholders. In such an environment the firm will need to think of themselves as being part of a network in which value is created and where co-operation is more vital. The scheme of CSR basically is about moving away from a business focused approach towards a one that explores the impact and value on society which then further has impacts on the business. And thus if a business recognizes that it is a part of society and its aim is to create value in the society it will be able to consider the value that is created both for the firm and for society. Business and society have an impact on each other. With the increasing focus on CSR, comes another scheme better recognized as Corporate Social Performance (also known as CSP) and which also enables to calculate and view the performance of business in the social ambit. The social performance needs to be handled and organized properly to get rid of other liabilities and to make the business move on the road to progress. CSP is not only a moral value but also helps the organization financially. CSP is highly correlated with the financial performance. It is connected and related with accounting return procedures rather than market return procedures. The reason of effectiveness of CSP seems to be due to status effects between a huge number of stakeholder groups, and not because of the organizational learning effects. In order to make CSP profitable and able to pay the full amount of a bill, debt or other financial obligations top administration must plan it with a tactical vision that is communicated all through the organization. To make a successful CSP policy, it should be kept in view that it must contain both "soft" and "hard" topics (soft topics like managerial trends and employee values and hard topics like social policies, programs and managerial structures.) Reference Each of us can probably name more than ten cases in which unprincipled organizational performance had created serious consequences for organizational efficiency, both during and after the managerial "ethics crisis." Until now, however, a small number of efforts have been made to standardize the way that we think about organizational principles and social responsibility, greatly lessen the financial per

Friday, October 18, 2019

Sound Art Essay Example | Topics and Well Written Essays - 2750 words

Sound Art - Essay Example The intonation of the voice of the speaker can designate the emotion of the person and his or her loudness or softness will depict the personality, authority and character of the speaker.1 The use of background music, sound effects either through cyclical or continuous mean can intensify the environment's emotion which can later contribute to the personality of the speaker and/or character and can encourage the curiosity and enthusiasm of the audience. Also, these elements can significantly contribute to the meaning and intensity of the concept being expressed by the certain project thus aiding its dissertation and understanding by the public. In addition, the employment of the effects of silence as a background can also contribute to the expression of the general theme as it can set stages of excitement thus promoting the audience's interest (Altman, 1992). Thus, the employment of sound through the application of each of its elements can significantly contribute to the general theme of a certain project as it promotes a better communication approach between the main concept and its audience. The use of sound can facilitates the dissertation and understanding of the public thus aiding the effectiveness of the project of communicating a certain concept and its significance to the society. ... 2A basic understanding as to how the different cultural music becomes a trademark of different nations around the world shall be considerably tackled within the context of the presentation that follows. What Sound Culture Development Suggests about the World The creation of cultural music has practically brought about a better sense of realization among cultures of the ancient times. It could not be denied that it is through this that the majority of the nations around the globe today have their own signature music, a trademark that makes them known to the world. Instead of being simply a sense of appreciative art, music has practically become a mirror of development among countries around the world. Ancient generations of human civilization have naturally used music for rituals and matters that concerned the higher power of control. However, music was not recognized the way that it is right now. The collection of sounds that are produced through the use of different instruments utilized by the ancient civilization has basically given birth to well arranged music that later on had meaningful indications of the messages that the people making the music would want to impose to others as they present their music to the public. The basic re alization of music being a probable source of information and presentation of emotional standing of those who have created the said music completions has given way to the creation of the different music genres that directly affect the emotions of human individuals today. Sound Art Culture is defined by Murray Schafer (1977) as the basic depiction of human creativity. The utilization of different natural resources to create sound has better increased the interest of the ancient individuals to find better ways of creating

Assignment 01 Example | Topics and Well Written Essays - 750 words

01 - Assignment Example Corinthian Colleges, Inc also misrepresented its likely outcomes by promising employments which were not actually achieved. The college also used deception to lure students into the college by promising them a better career in future but just ended offering opportunities for temporary employment. Corinthian was also charged for falsifying its job placement rate and statistics by bribing employers to hire its graduates temporarily. The company was also accused of using deceptive means to promote the use of its career services. The government wants the court to stop the illegal and predatory practices of Corinthian in order to protect past and current students of the Corinthian colleges. The government wants the school to stop lying about its future employment prospects, luring consumers to take loans, and using illegal means to collect debts. The plaintiff is also asking the court to grant relief to affected students who have collectively contributed to about $500 million in student loans (Consumer Financial Protection Bureau 2014). If the court grants these remedies, several businesses will be affected. First, the Corinthian Colleges Inc will incur a lot of losses because it will lose its loans lent to students. The company will also have a bad image which means that it may fail to get customers (students) in future. The third party which bought the debts from Corinthian will also be affected because it will not be able to collect the debts if the students are granted relief. Other colleges in United Sta tes will also benefit by enrolling students who defect from the school. Businesses which have agreed to help the school in its deceptive actions after being bribed will also be affected. It can be concluded that the CEO and the top five officers of the Corinthian do not sleep well at night because they are facing a serious case in court which would completely ruin their business. They constantly think of ways to

Exploring an Organization - International Student and Scholar Office Essay

Exploring an Organization - International Student and Scholar Office - Essay Example The ISSO is the home for some global understudies and researchers on account of it gives administrations and an inviting domain. This interesting association comprises the chief of the ISSO and three cordial guides. ISSO is considered as a go-to office for all students and researchers, and in addition workforce and staff regarding the matter of issues or inquiries identified with worldwide training. ISSO is pleased with its abnormal state of client administration. The office is pleased with its learned staff, a couple of whom are broadly perceived in the universal learning field. The guides of the office are accessible for 15 minutes stroll in counsels or scholars could achieve them by booking an arrangement for more examinations. They give students fundamental diverse learning. Other than that, the ISSO pioneers have gone miles in ensuring the welfare of students is taken care of. They have recruited International Student Advisers (ISA). The ISAs basically aid all those on studies w ith the support of their financial, culture, migration status, personal concerns and occupation regulations. Advisers are mostly consulted when there are urgent or serious concerns that may affect the students learning. Students acquire financial support such as loans and scholarships from ISSO. Additionally, the association supports numerous projects for newcomers act upon. For instance, the International Students Council, the friendship international and the I-Lead. The International Leadership Education Academy for Development (I-LEAD) project is composed of the International Students and Scholars Office (ISSO) to help those who study in succeeding as well as in developing leadership skills. There is a motivational grant for international students who engage themselves in the program and complete it successfully. The scholars to participate and the cash was given out can be used well to clear school fees and cater for any personal effects.Ã‚ Additionally, there are leadership skills that are acquired besides the scholarship they get.

Thursday, October 17, 2019

Module 2 Review Essay Example | Topics and Well Written Essays - 1000 words

Module 2 Review - Essay Example Through the internet, there has been the introduction of online trading where buyers and customers can meet and exchange. The platforms allow consumers to purchase their most preferred products, and receive home deliveries from the supplier (Delone and McLean 2003). Information systems also allow businesses and companies to advertise their products on the internet. In this way, the organizations widen their market coverage, reaching a larger portion of the market. The company thus improves its sales, and overall profitability, which results to growth of the organization. The internet plays a major role in ensuring timely deliveries and supply of products, both from the supplier and to the customers. Previously, organizations relied on post offices, where sending price lists, inquiries and other documents was tedious and time consuming. Through the internet revolutionary, these organizations have been able to optimize their just in time operations, offering faster services to the customers. Online trading and money transfer have helped boost the participation of the internet in bettering companiesÃ¢â‚¬â„¢ market performance. Through these avenues, organizations can process their deliveries fast and reach their customers on time. The internet also offers GPS locators and maps, which help the supplier locate his or her customers easily and deliver immediately. The internet also enables organizations to order for inventory easily, and on demand periods. For this reason, organizations have little or no wastes owing to the ease of ordering products. The companies can process their orders online, choosing their preferred combinations and paying over the online platforms. Therefore, organizations do not require to make prior purchases, which are not sure sales in the highly volatile market. They can order when demand rises, whereby just on time deliveries have been made

Innovation Process Design Essay Example | Topics and Well Written Essays - 1750 words

Innovation Process Design - Essay Example Key Components of Theories Innovation is a common way for companies today to initiate in order for them to reach a specific competitive advantage (Weerawardena & Mavondo, 2011). In order to achieve this, many firms are trying to establish the point that they need to ensure execution of strategies that are competitive enough to provide them the competitive edge over the other established firms in their industry or specific niche (Salunke, Weerawardena & McColl-Kennedy, 2011). In many technological-related companies, innovation has become the major point of their business, because that is one of the substantial ways by which they can compete and even set among themselves a cutting edge advantage over the other competitors to ensure a smooth flow of their operation or achieve a potential market share. At the most specific level, firms that are into innovation or are risks lovers are expected to provide unique product or service offerings (Cucculelli & Ermini, 2013). In this way, they ca n offer highly differentiated product or service offerings that matter to people. Many technological-based firms today from time to time have to produce offerings that are new to the market for the target segments to try and they remarkably eliminate old products in order to introduce success or opportunity for the new ones. This is common to take place in the mobile phone industry where old models will have to be phased out and leave a path for new products and gain from them. Establishing a new product or a unique one is therefore a form of strategy that a firm must embrace. Strategic business innovation is therefore one of the ultimate moves of technological-based companies today. They want to set a new way for them to be able to provide something that is new that matters a lot to their target market. In doing so, a clear business plan must be associated with the goal to innovate. Innovation is not just a simple process, but a complex one that it requires the most appropriate bus iness model. Prior to the emancipation of this business model, every firm that wishes to go for innovation will therefore have to set a clear business plan for themselves. In this way, they can be guided on what to do next especially in cases when there is a need to involve the right plans. Business plans are integral components of a successful innovation process. After all, it requires substantial planning moments prior to the actual innovation process. These plans need to be considered because they fuel the essential growth or development of the organization as far as the concept of innovation is concerned. Innovation therefore is a forward approach that positively aims for advancement and growth (Colombelli, Haned & Le Bas, 2013). Anything that hinders this growth will have to be remarkably considered a contradictory approach against innovation. The backward approach might have to consider plans, actions or initiatives that are to produce backward results. In this case, no innova tion will be necessary, because innovation as a process of growth development requires more engaged idea to embrace something new or fresh ideas for future enhancement of the business. In this regard, proper orientation of the company concerning their evaluation process is necessary or required because such move will have to ensure the emancipation of the right program or actions to be taken into account. Concerning actions that are allowing companies to move forward with

Wednesday, October 16, 2019

Module 2 Review Essay Example | Topics and Well Written Essays - 1000 words

Tuesday, October 15, 2019

Government & The Economy Essay Example | Topics and Well Written Essays - 2000 words

Government & The Economy - Essay Example d inequality within the United States are cheap labor from Asia, unreasonable exchange rates, outsourcing, corporate greed, illegal immigration, discrimination, and involvement in global wars, but policy changes like increase in minimum wages, innovative tax systems, earned income tax credit (EITC), Family and Medical Leave Act of 1993 (FMLA), etc can reduce this inequality to an extent. First of all, the challenge of cheap labor from Asia is an important reason behind the inequality in the United States. For instance, globalization transformed the US role within the global trade relations. The Asian nations began to exploit the scope of globalization because human resource is comparatively cheap in Asian context. So, the American companies began to recruit Asians due to less economic burden. This eventually led the educated US citizens towards economic problems related to joblessness. From a different angle of view, cheap labor from Asia benefited the American companies, but affected the educated US citizens. But the policy makers within the US political context were not able to foresee this problem. Besides, the Asian nations accelerate the challenge of cheap labor because the same is helpful for those nations to gain more revenue. To be specific, the difference in exchange rate helps the Asian nations to benefit from working for American companies. Similarly, unreasonable exchange rates result in inequality within the American context. For instance, the initiatives undertaken by the Federal Reserve to stimulate the economy resulted in the decrease in interest rates. To be specific, the Federal Reserve aimed to help the housing market by decreasing the interest rates. But this initiative did not help the Americans to own homes because decreased rate was not enough attract them towards the housing market. This proves the drastic effect of the ineffective economic policies within the US context. One can see that good jobs help citizens to own homes. On the other

Monday, October 14, 2019

Incident Handling on Cloud Computing

Incident Handling on Cloud Computing Introduction Cloud Computing Cloud computing provides people the way to share distributed resources and services that belong to different organizations or sites.As cloud computing allocate the divided possessions by means of the systems in the released surroundings. Thats why it creates the safety issues for us to expand the cloud computing application. Cloud computing is explained by NIST as the representation for allow suitable, on demand arrangements for right to entry to a collective pool of settings the calculative Possessions. All these like networks, servers, storage, application and services is continuously planned and free with less supervisory activities or cloud supplier communication. Cloud computing is taken as a innovative calculating concept up to now. It permitted the use of calculating communication with more than one stage of thoughts. The spot requirement of these services is offered online at fewer prices. Reason is that the insinuation for the high elasticity and accessibility. Cloud computing is the main topic which will be getting the good manner of concentration recently. Cloud computing services gives advantages from financial systems of all range accomplished. With this the flexible utilization of possessions, occupation and others work competency. However, cloud computing is an emerging forming of distributed computing that is still in its infancy. The concept uses of its own all the levels of explanations and analysis. Most of the concepts has been written regarding cloud computing, its explanation. Its main aim is to search the major paradigm of the utilization and given that common classification for Concepts and significant details of the services. A public cloud is the major one which has the communication and other calculative possessions. This consists of making obtainable to the common people online. This is known by all the cloud servicer who is doing the marketing. Its by giving explanation of the outsider industries. On the other hand of the range is the confidential cloud. The confidential cloud is the one in which the calculating surroundings is generated completely for the industry. This can handled by industry or by the third party. This can be hosted under the industries information centre which is within or outside of it. The private cloud provides the industry a good control on the communication and calculative sources as compared to public cloud. There is other operational models which lies between the private and public cloud. These are community cloud and hybrid cloud. The community cloud is mainly related to private cloud. On the other hand the communication and calculative sources will be mutual by various industries that are having a similar confidentiality and regulatory thoughts. Instead they are exclusively checking the one industry. The hybrid cloud is mainly the blend of two or more than two clouds i.e. (private, community, or public) this Become the uncommon bodies which are stringed to each other by harmonized or proprietary technology which allows interoperability. Same as the various operational models which impacts to the industrial range and organized surroundings. Thats why this model gives assistance to the cloud which impacts it. Three well-known and frequently-used service models are the following: Software-as-a-Service. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. been to provide a vehicle for outsourcing parts of that environment to an outside party as a public cloud. Through any outsource of information technology services, relates survived in relation to any connotation for system safety and isolation. The main issue centres on the risks associated with moving important applications or data from within the confines of the Industries calculating centre which is of different other company (i.e. a public cloud). That is easily available to the normal people Decreasing prise and increasing proficiency is the main concerns. These two are the chief inspirations for stepping towards the public cloud. On the other hand deceasing accountability for the safety should not depend on it. Finally the industry is responsible for all safety issues of the outsourced services. Observing and addressing the safety problems which go increase will be at the sight of industry. Some of the major issue like performances and accessibility. Because cloud computing brings with it new security challenges, it is essential for an organization to oversee and Administer in which manner the cloud servicer handles and prevent the computing environment and provides guarantee of safety. Incidents an event is any observable occurrence in a system or network. Events include a user connecting to a file, a server receiving a request for a Web page, a user sending electronic mail, and a firewall blocking a connection attempt. Unfavorable occasion are the one which has unhelpful results. For instance: crashes, network packet floods and unauthorized utilization. of system privileges, unauthorized access to sensitive data, and execution of malicious code that destroys data. A system safety occasion is actually a contravention or forthcoming danger of breach of system safety strategy, suitable utilization policies and modeled safety policies. The terminology for these incidents is helpful to the small business owner for understanding service and product offerings Denial of Service- An attacker directs hundreds of external compromised workstations to send as many ping requests as possible to a business network, swamping the system. Malicious Code- A worm is able to quickly infect several hundred workstations within an organization by taking advantage of a vulnerability that is present in many of the companys unpatched computers. Unauthorized Access- An attacker runs a piece of Ã¢â‚¬Å"evilÃ¢â‚¬ software to gain access to a servers password file. The attacker then obtains unauthorized administrator-level access to a system and the sensitive data it contains, either stealing the data for future use or blackmailing the firm for its return. Inappropriate Usage- An employee provides illegal copies of software to others through peer-to-peer file sharing services, accesses pornographic or hate-based websites or threatens another person through email. Incident Handling: Incident handling can be divided into six phases: preparation, identification, containment, eradication, recovery, and follow-up. Step 1: Preparation: In the heat of the moment, when an incident has been discovered, decision-making may be haphazard. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. Delete the reason of the event. Position the latest clean back up (to prepare for the computer mending) Step 5: Recovery: This phase ensures that the system is returned to a fully operational status. The following steps should be taken in the recovery phase: Restore the system. Authenticate the machine The machine will be re-established then there should be the process of verification of the operations. After this the machine should be reverse to its normal behaviour. Organisation can take decision on leaving the monitor offline when the system is operating and patches installation. Watch the computer. When the monitor is reverse to online, it start the system for backdoors which avoids findings. Step 6: Follow-Up: This stage is significant for recognizing the message delivered and it will reduce the future happenings. Build the explained event report and gives the duplicates to the management. The operating units IT security Officer and the Department of Commerces IT Security Program Manager. Provide the optional alteration to the management. Execute the accepted activities. Post-Incident If the organization has a post-incident lessons learned process, they may want the cloud vendor to be involved in this process. What agreements will the organization need with the cloud provider for the lessons learned process? If the cloud provider has a lessons learned process, does management have concerns regarding information reported or shared relating to the organization? The cloud vendor will not be able to see much of the companys processes, capabilities or maturity. The company may have concerns regarding how much of its internal foibles to share. If there are concerns, get agreement internally first, then negotiate them, if possible, and have them written into the contract. If the vendor will not or cannot meet the customers process requirements, what steps will the organization need to take? An IH team collects and analyzes incident process metrics for trend and process improvement purposes. Like any other organization, the cloud provider will be collecting objective and subjective information regarding IH processes. As NIST points out, the useof this data is for a variety of purposes, including justifying additional funding of the incident response team. Will the organization need this IH process metric data from the provider to enable a complete understanding of the integration area in case the organization ever has a need to bring the cloud function back in-house? Will the organization need this data for reporting and process improvement in general? The use of this data is also for understanding trends related to attacks targeting the organization. Would the lack of this attack trend data leave the organization unacceptably exposed to risk? Determine what IH process metric data is required by the team and write it into the contract. The organization will need to decide if they require provisions with the cloud provider regarding their evidence retention policies. Will the vendor keep the evidence long enough to meet the organizations requirements? If not, will the organization need to bring the cloud vendors evidence in-house? Will the vendor allow the customer to take custody of the evidence? If the vendor retains the evidence longer than the customer policies dictate does this work create risk for the customer? If so, what recourse does the customer have? Legal counsel will need to provide direction in this area in order to ensure compliance with laws for all jurisdictions. Background: Cloud computing has built on industry developments dating from the 1980s by leveraging outsourced infrastructure services, hosted applications and software as a service (Owens, 2010). In the all parts, the techniques used are not original. Yet, in aggregate, it is something very different. The differences provide both benefits and problems for the organization integrating with the cloud. The addition of elasticity and pay-as-you-go to this collection of technologies makes cloud computing compelling to CIOs in companies of all sizes. Cloud integration presents unique challenges to incident handlers as well as to those responsible for preparing and negotiating the contract for cloud services. The challenges are further complicated when there is a prevailing perception that the cloud integration is Ã¢â‚¬Å"inside the security Edge or the organisation has been stated in written that a agreement needed the supplier to be safe, this must be sufficient. This sort of thinking may be naÃƒ ¯ve but, unfortunately, it is not rare. The cloud provider may have a great deal of built in security or they may not. Whether they do or not, incident handling (IH) teams will eventually face incidents related to the integration, necessitating planning for handling incidents in this new environment. The impacts of cloud integration warrant a careful analysis by an organization before implementation. An introduction of a disruptive technology such as cloud computing can make both definition and documentation of services, policies, and procedures unclear in a given environment. The IH team may find that it is helpful to go through the same process that the team initially followed when establishing their IH capability. Security Incident The term security incident used in this guideline refers to any incident related to information security. It refers to information leakage that will be undesirable to the interests of the Government or an adverse event in an information system and/or network that poses a threat to computer or network security in respect of availability, integrity and confidentiality. On the other hand, the worse incidents like natural calamity, power cuts and data line failure. . are not within the scope of this guideline, and should be addressed by the system maintenance and disaster recovery plan. Examples of security incidents include: unauthorized access, unauthorized utilization of services, denial of resources, disruption of services, compromise of protected data / program / network system privileges, leaks of classified data in electronic form, malicious destruction or modification of data / information, penetration and intrusion, misuse of system resources, computer viruses and hoaxes, and malicious codes or scripts affecting networked systems. Security Incident Handling Security incident handlingis a set of continuous processes governing the activities before, during and after a security incident occurs. Security incident handling begins with the planning and preparing for the resources, and developing proper procedures to be followed, such as the escalation and security incident response procedures. When a security incident is detected, security incident response is made by the responsible parties following the predefined procedures The safety events gave the response which is representing the actions accepted out to handle the safety events. These are mainly helpful to re-establish the common operations. Specific incident response teams are usually established to perform the tasks of making security incident response. When the incident is over, follow up actions will be taken to evaluate the incident and to strengthen security protection to prevent recurrence. The planning and preparation tasks will be reviewed and revised accordingly to ensure that there are sufficient resources (including manpower, equipment and technical knowledge) and properly defined procedures to deal with similar incidents in future. Cloud Service The outlook on cloud computing services can vary significantly among organizations, because of inherent differences These events as its main aim, assets held and open to the domestic risks faced and risk bearable. For example, a government organization that mainly handles data about individual citizens of the country has different security objectives than a government organization that does not. Similarly, the security objectives of a government organization that prepares and disseminates information for public consumption are different from one that deals mainly with classified information for its own internal use. From a risk perspective, determining the suitability of cloud services for an organization is not possible without understanding the context in which the organization operates and the consequences from the plausible threats it faces. The set of security objectives of an organization, therefore, is a key factor for decisions about outsourcing information technology services and, In specific, in order to make genuine decisions related to industries sources about the public cloud. The cloud calculating particular servicer and the service arrangements for the organization. There are lot of things which works for one industry but not for other. Not only this some pragmatic thoughtfulness. Many industries will not afford economically to save all calculative sources and possessions at all highest degree possible and must prioritize available options based on cost as well as criticality and sensitivity. When keeping the strong advantages of public cloud computing, it is indispensable to focus of safety. Significantly the safety of industry security goals is of major concern, so that the future decisions can be made accordingly. Finally the conclusion on the cloud computing rely on the risk analysis of the trade included. Service Agreements Specifications for public cloud services and service arrangements are generally called Service Level Agreements (SLAs). The SLA presents the thoughtfulness among the cloud subscriber and cloud provider related to the known range of services. This is to be delivered in the range that the servicer is not able to provide at different range defined. There are typical forms of a part of the different levels of services. The specific is the overall services contract or the services agreement. The terms of service cover other important details such as licensing of services, criteria for acceptable use, Provisional procrastination, boundaries of all responsibility, security policies and alterations in that period of service. The main aim of this report is the period of SLA which is utilize for the services agreement in its entity. There are two types of SLAs exists: i.e. which is non defined and non negotiable contract the other is negotiated agreement. Non-variable contracts is the many ways on the basis for the financial level which is enjoyed by the public cloud computing. The terms which are agreed fully by cloud provider but with some offerings, the service provider has also the capability to do the changes. Negotiated SLAs are more like traditional information technology outsourcing contracts. These SLAs can be employed to deal with corporations apprehension about technical controls, procedures, security procedures and privacy policy such as the vetting of employees,data ownership and exit rights, isolation of tenant applications, data encryption and segregation, tracking and reporting service effectiveness, compliance with laws and regulations (e.g., Federal Information Security Management Act), and the deployment of appropriate products following international or national standards (e.g., Federal Information Processing Standard 140-2 for cryptographic modules). A negotiated SLA for critical data and application might require an agency A negotiated SLA is less cost effective because of the inherent cost of negotiation which can significantly disturb and have a negative impact on the economies of scale, which is main asset a non-negotiable SLA bring to the public cloud computing. Result of a negotiation is based on the size of the corporation and the magnitude of influence it can exert. Irrespective of the type of SLA, it is very necessary to obtain pertinent legal and technical advice to make sure terms of service meets the need of the organization. The Security Upside While the biggest obstacle facing public cloud computing is security, the cloud computing paradigm provides opportunities for thinking out of the box solutions to improve overall security of the corporation. Small corporations are going to have the biggest advantage from the cloud computing services as small companies have limited staff and infrastructure support to compete with bigger organization on fronts of technology and economies of scale. Potential areas of improvement where organizations may derive security benefits from transitioning to a public cloud computing environment include the following: Staff Specialization. Just like corporations with large-scale computing facilities, cloud providers provides an break to staff toto specialize in security, privacy, and other areas of high interest and concern to the organization. Increases in the scale of computing induce specialization, which in turn allows security staff to shed other duties and concentrate exclusively on security issues. Through increased specialization, there is an opportunity for staff members gain in-depth experience, take remedial actions, and make security improvements more readily than otherwise would be possible with a diverse set of duties. Platform Strength. The structure of cloud computing platforms is typically more uniform than that of most traditional computing centers. Greater uniformity and homogeneity facilitate platform hardening and enable better automation of security management activities like configuration control, vulnerability testing, security audits, and security patching of platform components. Information assurance and security response activities also profit from a uniform, homogeneous cloud infrastructure, as do system management activities, such as fault management, load balancing, and system maintenance. Many cloud providers meet standards for operational compliance and certification in areas like healthcare (e.g., Health Insurance Portability and Accountability Act (HIPAA)), finance (e.g., Payment Card Industry Data Security Standard (PCI DSS)) and audit (e.g., Statement on Auditing Standards No. 70 Resource Availability. The scalability of the cloud computing facilities permits the greatest consideration. Unemployment and calamity healing capability is building into the cloud computing surroundings. The different sources ability would be utilizing for better flexibility while facing higher demands or divided rejection of servicer and for faster improvement from Severe events When any event happens, the occasion survived again to collect the data. The large data is easily available with good explanation and less effect on construction. On the other hand the pliability might be having different results. For Instance: a non successful person divided the rejection of service attackers which can consume fast. Support and Improvement. The encouragement and revival strategy and processes of a cloud services might be better than that of the industry. In case the different duplicates are maintained in the assorted natural features can be healthier. Information stored within the cloud would be easily available which is easy to store and highly reliable. In different situation it proved to be maintained in a traditional information centre. In such situation, cloud services could means for offsite encouragement data collection. Mainly the network performance on the net and the usage of the data involved are preventing the issue which impacted the re-establishment. The structure of a cloud solution spreads to the consumer at the service endpoints. This utilizes to access the hosted submission. Cloud consumer is based on browser and on application. However the main calculative sources need to be held by the cloud provider. Consumer is normally low weight calculation and easily handled. The laptops, notebook and net books are well embedded devices like smart mobile phones, tablets and personal digital help. Information Awareness. Information prepared and developed in the cloud would be able to show low risk to the industry. There are lot of risk involved in the industry, different information are transferring on various systems. Portable systems or transferrable media is out in the field, where the loss of devices and theft occurs frequently. Many industries have made the evolution to handle the availability to the industry. So many industries have already made the evolution to hold the availability to the organizational information. In addition to calculating the stage or alternative for domestic submission and public cloud services like target on providing security and safety to other calculating surroundings. Information Midpoint Familiarize. Cloud services would be able to utilize the safety information centres. For instance: e-mail can be t Incident Handling on Cloud Computing Incident Handling on Cloud Computing Introduction Cloud Computing Cloud computing provides people the way to share distributed resources and services that belong to different organizations or sites.As cloud computing allocate the divided possessions by means of the systems in the released surroundings. Thats why it creates the safety issues for us to expand the cloud computing application. Cloud computing is explained by NIST as the representation for allow suitable, on demand arrangements for right to entry to a collective pool of settings the calculative Possessions. All these like networks, servers, storage, application and services is continuously planned and free with less supervisory activities or cloud supplier communication. Cloud computing is taken as a innovative calculating concept up to now. It permitted the use of calculating communication with more than one stage of thoughts. The spot requirement of these services is offered online at fewer prices. Reason is that the insinuation for the high elasticity and accessibility. Cloud computing is the main topic which will be getting the good manner of concentration recently. Cloud computing services gives advantages from financial systems of all range accomplished. With this the flexible utilization of possessions, occupation and others work competency. However, cloud computing is an emerging forming of distributed computing that is still in its infancy. The concept uses of its own all the levels of explanations and analysis. Most of the concepts has been written regarding cloud computing, its explanation. Its main aim is to search the major paradigm of the utilization and given that common classification for Concepts and significant details of the services. A public cloud is the major one which has the communication and other calculative possessions. This consists of making obtainable to the common people online. This is known by all the cloud servicer who is doing the marketing. Its by giving explanation of the outsider industries. On the other hand of the range is the confidential cloud. The confidential cloud is the one in which the calculating surroundings is generated completely for the industry. This can handled by industry or by the third party. This can be hosted under the industries information centre which is within or outside of it. The private cloud provides the industry a good control on the communication and calculative sources as compared to public cloud. There is other operational models which lies between the private and public cloud. These are community cloud and hybrid cloud. The community cloud is mainly related to private cloud. On the other hand the communication and calculative sources will be mutual by various industries that are having a similar confidentiality and regulatory thoughts. Instead they are exclusively checking the one industry. The hybrid cloud is mainly the blend of two or more than two clouds i.e. (private, community, or public) this Become the uncommon bodies which are stringed to each other by harmonized or proprietary technology which allows interoperability. Same as the various operational models which impacts to the industrial range and organized surroundings. Thats why this model gives assistance to the cloud which impacts it. Three well-known and frequently-used service models are the following: Software-as-a-Service. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. been to provide a vehicle for outsourcing parts of that environment to an outside party as a public cloud. Through any outsource of information technology services, relates survived in relation to any connotation for system safety and isolation. The main issue centres on the risks associated with moving important applications or data from within the confines of the Industries calculating centre which is of different other company (i.e. a public cloud). That is easily available to the normal people Decreasing prise and increasing proficiency is the main concerns. These two are the chief inspirations for stepping towards the public cloud. On the other hand deceasing accountability for the safety should not depend on it. Finally the industry is responsible for all safety issues of the outsourced services. Observing and addressing the safety problems which go increase will be at the sight of industry. Some of the major issue like performances and accessibility. Because cloud computing brings with it new security challenges, it is essential for an organization to oversee and Administer in which manner the cloud servicer handles and prevent the computing environment and provides guarantee of safety. Incidents an event is any observable occurrence in a system or network. Events include a user connecting to a file, a server receiving a request for a Web page, a user sending electronic mail, and a firewall blocking a connection attempt. Unfavorable occasion are the one which has unhelpful results. For instance: crashes, network packet floods and unauthorized utilization. of system privileges, unauthorized access to sensitive data, and execution of malicious code that destroys data. A system safety occasion is actually a contravention or forthcoming danger of breach of system safety strategy, suitable utilization policies and modeled safety policies. The terminology for these incidents is helpful to the small business owner for understanding service and product offerings Denial of Service- An attacker directs hundreds of external compromised workstations to send as many ping requests as possible to a business network, swamping the system. Malicious Code- A worm is able to quickly infect several hundred workstations within an organization by taking advantage of a vulnerability that is present in many of the companys unpatched computers. Unauthorized Access- An attacker runs a piece of Ã¢â‚¬Å"evilÃ¢â‚¬ software to gain access to a servers password file. The attacker then obtains unauthorized administrator-level access to a system and the sensitive data it contains, either stealing the data for future use or blackmailing the firm for its return. Inappropriate Usage- An employee provides illegal copies of software to others through peer-to-peer file sharing services, accesses pornographic or hate-based websites or threatens another person through email. Incident Handling: Incident handling can be divided into six phases: preparation, identification, containment, eradication, recovery, and follow-up. Step 1: Preparation: In the heat of the moment, when an incident has been discovered, decision-making may be haphazard. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. Delete the reason of the event. Position the latest clean back up (to prepare for the computer mending) Step 5: Recovery: This phase ensures that the system is returned to a fully operational status. The following steps should be taken in the recovery phase: Restore the system. Authenticate the machine The machine will be re-established then there should be the process of verification of the operations. After this the machine should be reverse to its normal behaviour. Organisation can take decision on leaving the monitor offline when the system is operating and patches installation. Watch the computer. When the monitor is reverse to online, it start the system for backdoors which avoids findings. Step 6: Follow-Up: This stage is significant for recognizing the message delivered and it will reduce the future happenings. Build the explained event report and gives the duplicates to the management. The operating units IT security Officer and the Department of Commerces IT Security Program Manager. Provide the optional alteration to the management. Execute the accepted activities. Post-Incident If the organization has a post-incident lessons learned process, they may want the cloud vendor to be involved in this process. What agreements will the organization need with the cloud provider for the lessons learned process? If the cloud provider has a lessons learned process, does management have concerns regarding information reported or shared relating to the organization? The cloud vendor will not be able to see much of the companys processes, capabilities or maturity. The company may have concerns regarding how much of its internal foibles to share. If there are concerns, get agreement internally first, then negotiate them, if possible, and have them written into the contract. If the vendor will not or cannot meet the customers process requirements, what steps will the organization need to take? An IH team collects and analyzes incident process metrics for trend and process improvement purposes. Like any other organization, the cloud provider will be collecting objective and subjective information regarding IH processes. As NIST points out, the useof this data is for a variety of purposes, including justifying additional funding of the incident response team. Will the organization need this IH process metric data from the provider to enable a complete understanding of the integration area in case the organization ever has a need to bring the cloud function back in-house? Will the organization need this data for reporting and process improvement in general? The use of this data is also for understanding trends related to attacks targeting the organization. Would the lack of this attack trend data leave the organization unacceptably exposed to risk? Determine what IH process metric data is required by the team and write it into the contract. The organization will need to decide if they require provisions with the cloud provider regarding their evidence retention policies. Will the vendor keep the evidence long enough to meet the organizations requirements? If not, will the organization need to bring the cloud vendors evidence in-house? Will the vendor allow the customer to take custody of the evidence? If the vendor retains the evidence longer than the customer policies dictate does this work create risk for the customer? If so, what recourse does the customer have? Legal counsel will need to provide direction in this area in order to ensure compliance with laws for all jurisdictions. Background: Cloud computing has built on industry developments dating from the 1980s by leveraging outsourced infrastructure services, hosted applications and software as a service (Owens, 2010). In the all parts, the techniques used are not original. Yet, in aggregate, it is something very different. The differences provide both benefits and problems for the organization integrating with the cloud. The addition of elasticity and pay-as-you-go to this collection of technologies makes cloud computing compelling to CIOs in companies of all sizes. Cloud integration presents unique challenges to incident handlers as well as to those responsible for preparing and negotiating the contract for cloud services. The challenges are further complicated when there is a prevailing perception that the cloud integration is Ã¢â‚¬Å"inside the security Edge or the organisation has been stated in written that a agreement needed the supplier to be safe, this must be sufficient. This sort of thinking may be naÃƒ ¯ve but, unfortunately, it is not rare. The cloud provider may have a great deal of built in security or they may not. Whether they do or not, incident handling (IH) teams will eventually face incidents related to the integration, necessitating planning for handling incidents in this new environment. The impacts of cloud integration warrant a careful analysis by an organization before implementation. An introduction of a disruptive technology such as cloud computing can make both definition and documentation of services, policies, and procedures unclear in a given environment. The IH team may find that it is helpful to go through the same process that the team initially followed when establishing their IH capability. Security Incident The term security incident used in this guideline refers to any incident related to information security. It refers to information leakage that will be undesirable to the interests of the Government or an adverse event in an information system and/or network that poses a threat to computer or network security in respect of availability, integrity and confidentiality. On the other hand, the worse incidents like natural calamity, power cuts and data line failure. . are not within the scope of this guideline, and should be addressed by the system maintenance and disaster recovery plan. Examples of security incidents include: unauthorized access, unauthorized utilization of services, denial of resources, disruption of services, compromise of protected data / program / network system privileges, leaks of classified data in electronic form, malicious destruction or modification of data / information, penetration and intrusion, misuse of system resources, computer viruses and hoaxes, and malicious codes or scripts affecting networked systems. Security Incident Handling Security incident handlingis a set of continuous processes governing the activities before, during and after a security incident occurs. Security incident handling begins with the planning and preparing for the resources, and developing proper procedures to be followed, such as the escalation and security incident response procedures. When a security incident is detected, security incident response is made by the responsible parties following the predefined procedures The safety events gave the response which is representing the actions accepted out to handle the safety events. These are mainly helpful to re-establish the common operations. Specific incident response teams are usually established to perform the tasks of making security incident response. When the incident is over, follow up actions will be taken to evaluate the incident and to strengthen security protection to prevent recurrence. The planning and preparation tasks will be reviewed and revised accordingly to ensure that there are sufficient resources (including manpower, equipment and technical knowledge) and properly defined procedures to deal with similar incidents in future. Cloud Service The outlook on cloud computing services can vary significantly among organizations, because of inherent differences These events as its main aim, assets held and open to the domestic risks faced and risk bearable. For example, a government organization that mainly handles data about individual citizens of the country has different security objectives than a government organization that does not. Similarly, the security objectives of a government organization that prepares and disseminates information for public consumption are different from one that deals mainly with classified information for its own internal use. From a risk perspective, determining the suitability of cloud services for an organization is not possible without understanding the context in which the organization operates and the consequences from the plausible threats it faces. The set of security objectives of an organization, therefore, is a key factor for decisions about outsourcing information technology services and, In specific, in order to make genuine decisions related to industries sources about the public cloud. The cloud calculating particular servicer and the service arrangements for the organization. There are lot of things which works for one industry but not for other. Not only this some pragmatic thoughtfulness. Many industries will not afford economically to save all calculative sources and possessions at all highest degree possible and must prioritize available options based on cost as well as criticality and sensitivity. When keeping the strong advantages of public cloud computing, it is indispensable to focus of safety. Significantly the safety of industry security goals is of major concern, so that the future decisions can be made accordingly. Finally the conclusion on the cloud computing rely on the risk analysis of the trade included. Service Agreements Specifications for public cloud services and service arrangements are generally called Service Level Agreements (SLAs). The SLA presents the thoughtfulness among the cloud subscriber and cloud provider related to the known range of services. This is to be delivered in the range that the servicer is not able to provide at different range defined. There are typical forms of a part of the different levels of services. The specific is the overall services contract or the services agreement. The terms of service cover other important details such as licensing of services, criteria for acceptable use, Provisional procrastination, boundaries of all responsibility, security policies and alterations in that period of service. The main aim of this report is the period of SLA which is utilize for the services agreement in its entity. There are two types of SLAs exists: i.e. which is non defined and non negotiable contract the other is negotiated agreement. Non-variable contracts is the many ways on the basis for the financial level which is enjoyed by the public cloud computing. The terms which are agreed fully by cloud provider but with some offerings, the service provider has also the capability to do the changes. Negotiated SLAs are more like traditional information technology outsourcing contracts. These SLAs can be employed to deal with corporations apprehension about technical controls, procedures, security procedures and privacy policy such as the vetting of employees,data ownership and exit rights, isolation of tenant applications, data encryption and segregation, tracking and reporting service effectiveness, compliance with laws and regulations (e.g., Federal Information Security Management Act), and the deployment of appropriate products following international or national standards (e.g., Federal Information Processing Standard 140-2 for cryptographic modules). A negotiated SLA for critical data and application might require an agency A negotiated SLA is less cost effective because of the inherent cost of negotiation which can significantly disturb and have a negative impact on the economies of scale, which is main asset a non-negotiable SLA bring to the public cloud computing. Result of a negotiation is based on the size of the corporation and the magnitude of influence it can exert. Irrespective of the type of SLA, it is very necessary to obtain pertinent legal and technical advice to make sure terms of service meets the need of the organization. The Security Upside While the biggest obstacle facing public cloud computing is security, the cloud computing paradigm provides opportunities for thinking out of the box solutions to improve overall security of the corporation. Small corporations are going to have the biggest advantage from the cloud computing services as small companies have limited staff and infrastructure support to compete with bigger organization on fronts of technology and economies of scale. Potential areas of improvement where organizations may derive security benefits from transitioning to a public cloud computing environment include the following: Staff Specialization. Just like corporations with large-scale computing facilities, cloud providers provides an break to staff toto specialize in security, privacy, and other areas of high interest and concern to the organization. Increases in the scale of computing induce specialization, which in turn allows security staff to shed other duties and concentrate exclusively on security issues. Through increased specialization, there is an opportunity for staff members gain in-depth experience, take remedial actions, and make security improvements more readily than otherwise would be possible with a diverse set of duties. Platform Strength. The structure of cloud computing platforms is typically more uniform than that of most traditional computing centers. Greater uniformity and homogeneity facilitate platform hardening and enable better automation of security management activities like configuration control, vulnerability testing, security audits, and security patching of platform components. Information assurance and security response activities also profit from a uniform, homogeneous cloud infrastructure, as do system management activities, such as fault management, load balancing, and system maintenance. Many cloud providers meet standards for operational compliance and certification in areas like healthcare (e.g., Health Insurance Portability and Accountability Act (HIPAA)), finance (e.g., Payment Card Industry Data Security Standard (PCI DSS)) and audit (e.g., Statement on Auditing Standards No. 70 Resource Availability. The scalability of the cloud computing facilities permits the greatest consideration. Unemployment and calamity healing capability is building into the cloud computing surroundings. The different sources ability would be utilizing for better flexibility while facing higher demands or divided rejection of servicer and for faster improvement from Severe events When any event happens, the occasion survived again to collect the data. The large data is easily available with good explanation and less effect on construction. On the other hand the pliability might be having different results. For Instance: a non successful person divided the rejection of service attackers which can consume fast. Support and Improvement. The encouragement and revival strategy and processes of a cloud services might be better than that of the industry. In case the different duplicates are maintained in the assorted natural features can be healthier. Information stored within the cloud would be easily available which is easy to store and highly reliable. In different situation it proved to be maintained in a traditional information centre. In such situation, cloud services could means for offsite encouragement data collection. Mainly the network performance on the net and the usage of the data involved are preventing the issue which impacted the re-establishment. The structure of a cloud solution spreads to the consumer at the service endpoints. This utilizes to access the hosted submission. Cloud consumer is based on browser and on application. However the main calculative sources need to be held by the cloud provider. Consumer is normally low weight calculation and easily handled. The laptops, notebook and net books are well embedded devices like smart mobile phones, tablets and personal digital help. Information Awareness. Information prepared and developed in the cloud would be able to show low risk to the industry. There are lot of risk involved in the industry, different information are transferring on various systems. Portable systems or transferrable media is out in the field, where the loss of devices and theft occurs frequently. Many industries have made the evolution to handle the availability to the industry. So many industries have already made the evolution to hold the availability to the organizational information. In addition to calculating the stage or alternative for domestic submission and public cloud services like target on providing security and safety to other calculating surroundings. Information Midpoint Familiarize. Cloud services would be able to utilize the safety information centres. For instance: e-mail can be t