Computer und IT
Beginning Unreal Engine 4 Blueprints Visual Scripting
Discover how Unreal Engine 4 allows you to create exciting games using C++ and Blueprints. This book starts with installing, launching, and examining the details of Unreal Engine.Next, you will learn about Blueprints and C++ and how to leverage them. The following chapters talk in detail about gameplay, basic physics, and ray-casting for game development in Unreal Engine. Furthermore, you’ll create material, meshes, and textures.The last chapter brings all the concepts together by building a demo game. By the end of the book, you’ll be equipped with the know-how and techniques needed to develop and deploy your very own game in Unreal Engine.WHAT YOU WILL LEARN* Discover Blueprints and how to apply them in Unreal Engine 4* Get started with C++ programming in Unreal Engine 4* Apply the concepts of physics and ray-casting* Work with the Gameplay Framework WHO THIS BOOK IS FORBeginners interested in learning Blueprints visual scripting and C++ for programming games in Unreal Engine 4 would find this book useful.Satheesh Pv is a game programmer living in Mumbai, India. He started his career as a game developer in 2012 by making a first-person multiplayer game with his brother and close friend using Unreal Development Kit and created Unreal X-Editor, which was an IDE developed for UnrealScript, the native scripting language of Unreal Engine 3. He was selected by Epic Games as one of the closed beta testers for Unreal Engine 4 before its public release. He is also a moderator at Unreal Engine forums as well as a spotlight member and Engine contributor.CHAPTER 1: INTRODUCTION TO UNREAL ENGINE 4Chapter Goal: The reader is given a brief introduction to Unreal Engine 4 and how to get both binary version and source code version of the Engine. After installing the Engine, we will create a sample project from one of the given templates and learn about the Unreal Editor and its various settings.Sub -Topics1. Getting Unreal Engine by Epic Games Launcher2. Getting Unreal Engine from GitHub and compiling3. Getting to know more about Unreal EditorCHAPTER 2: INTRODUCTION TO BLUEPRINTSChapter Goal: This is an introduction to the visual scripting language of Unreal Engine 4 called Blueprints. The reader will learn about what are Blueprints, the various types of Blueprints, and how to create and use it in a game.Sub - Topics1. What are Blueprints?2. Blueprint types3. Creating a sample BlueprintCHAPTER 3: C++ AND UNREAL ENGINEChapter Goal: C++ is a powerful language, and in Unreal Engine 4, it is of no exception. In this chapter, we will go through the basics of Unreal C++ by creating C++ classes and accessing various properties and functions in Blueprint and communicating between these two powerful tools.Sub - Topics:1. Creating a new C++ class2. Exposing variables and functions to Blueprints3. Calling C++ functions in BlueprintsCHAPTER 4: GAMEPLAY FRAMEWORKChapter Goal: Introduction to various important gameplay classes that actually make a game. The reader will learn about how to get input from the player and show data to the user through HUD.Sub - Topics:1. Gameplay classes2. Creating character and controller classes to get input from player3. Show relevant data to the player through user interfaceCHAPTER 5: BASIC PHYSICS AND RAYCASTINGChapter Goal: Physics is one of the main driving forces behind any game. If you want to interact with an object in the world or to destroy something in the game world, you need raycasting and physics. In this chapter, the reader will learn how to raycast and pickup an item as well as shoot and destroy something in the world.Sub - Topics: 1. Physics and raycasting2. Using raycasting to pick up an item3. Using physics to destroy something in the game worldCHAPTER 6: IMPORTING MESHES, TEXTURES, AND CREATING MATERIALSChapter Goal: In this chapter, readers will be introduced to the concept of materials and how to create and use them as well as creating instances to modify the material quickly. The reader will also learn how to import a custom 3D models and textures.Sub - Topics:1. Importing meshes and textures2. Material types3. Creating material and material instances4. Modifying the material at runtime using Blueprints and C++CHAPTER 7: PROJECT: DEMO GAMEChapter Goal: Using all the above knowledge, we will create a sample game and package it.Sub - Topics:1. Sample game using Blueprints and C++
Beginning Arduino Nano 33 IoT
Develop Internet of Things projects with Sketch to build your Arduino programs. This book is a quick reference guide to getting started with Nano 33 IoT, Arduino’s popular IoT board.You’ll learn how to access the Arduino I/O, understand the WiFi and BLE networks, and optimize your board by connecting it to the Arduino IoT Cloud.Arduino Nano 33 IoT is designed to build IoT solutions with supported WiFi and BLE networks. This board can be easily extend through I/O pins, sensors and actuators.Beginning Arduino Nano 33 IoTis the perfect solution for those interested in learning how to use the latest technology and project samples through a practical and content-driven approach.WHAT YOU’LL LEARN* Prepare and set up Arduino Nano 33 IoT board* Operate Arduino Nano 33 IoT board hardware and software* Develop programs to access Arduino Nano 33 IoT board I/O* Build IoT programs with Arduino Nano 33 IoT boardWHO THIS BOOK IS FORMakers, developers, students, and professional of all levels. Agus Kurniawan is a lecturer, IT consultant, and author. He has 15 years of experience in various software and hardware development projects, delivering materials in training and workshops, and technical writing. He has been awarded the Microsoft Most Valuable Professional (MVP) award 16 years in a row.Agus is a lecturer and researcher in the field of networking and security systems at the Faculty of Computer Science, Universitas Indonesia, Indonesia.He can be reached on his Linkedin at @agusk and Twitter at @agusk2010.Chapter 1: Setting up Development EnvironmentChapter goal: to introduce Arduino Nano 33 IoT and set up development environment1.1 Introduction1.2 Review Arduino Nano 33 IoT Board1.3 Set up Development Environment1.4 Hello Arduino: Blinking ProgramChapter 2: Arduino Nano 33 IoT Board DevelopmentChapter goal: to access Arduino Nano 33 IoT I/O and communication protocol2.1 Introduction2.2 Basic Sketch Programming2.3 Digital I/O2.4 Analog I/O2.5 Serial Communication2.6 PWM2.7 SPI2.8 I2CChapter 3: IMU Sensor: Accelerator and GyroscopeChapter goal: to access built-in sensors on Arduino Nano 33 IoT3.1 Introduction3.2 Set up LSM6DS3 Library3.3 Working with Accelerator3.4 Working with GyroscopeChapter 4: Arduino Nano 33 IoT NetworkingChapter goal: to access a network from Arduino Nano 33 IoT board4.1 Introduction4.2 Adding WiFiNINA Library4.3 Scanning WiFi Hotspot4.4 Connecting to a WiFi Network4.5 Building a Simple IoT Application4.6 Real Time Clock (RTC)4.7 Accessing Network Time Protocol (NTP) ServerChapter 5: Arduino IoT CloudChapter goal: to work with Arduino IoT Cloud on Arduino Nano 33 IoT board5.1 Introduction5.2 Setting up Arduino Cloud5.3 Build Arduino IoT Cloud ProjectChapter 6: Bluetooth Low Energy (BLE)Chapter goal: to work with Bluetooth Low Energy (BLE) on Arduino Nano 33 IoT board6.1 Introduction6.2 Setting up Bluetooth Low Energy (BLE)6.3 Demo: Controlling LED with BLE
Blockchain
Wer noch nie über Blockchain gehört hat, würde bestimmt das Buch gerade nicht in der Hand halten. Das Thema ist heiß diskutiert und hat bereits viele Befürworter sowie Gegner. In diesem Buch erwartet Sie eine klare und verständliche Erklärung der Blockchain-Technologie mit ausführlichen Erläuterungen zu deren Entstehung, Technik und Umsetzung. Damit möchten wir die Debatte um Blockchain-Hype versachlichen und Ihnen die Entscheidung überlassen, ob Blockchain für Sie tatsächlich ein Hype oder eine Innovation ist. Christoph Meinel (Univ.-Prof., Dr. sc. nat., Dr. rer. nat., 1954) ist wissenschaftlicher Direktor und Geschäftsführer des Hasso-Plattner-Instituts für Digital Engineering gGmbH (HPI). Christoph Meinel ist ordentlicher Professor (C4) für Informatik und hat den Lehrstuhl für Internet-Technologien und Systeme am HPI inne. Seine besonderen Forschungsinteressen liegen in den Bereichen Internet- und Informationssicherheit und Digitale Bildung. Daneben ist er aktiv in der Innovationsforschung rund um die Stanforder Innovationsmethode des Design Thinking.Tatiana Gayvoronskaya ist seit März 2016 in der Forschung in den Bereichen Blockchain-Technologie, Identitätsmanagement und IT-Sicherheit am Hasso-Plattner-Institut für Digital Engineering gGmbH (HPI) tätig. Zusammen mit Prof. Dr. Christoph Meinel hat sie bereits im Juli 2018 einen MOOC auf OpenHPI-Plattform zum Thema Blockchain erarbeitet und durchgeführt.
Security Engineering
The classic book on designing secure systems In this newly revised Third Edition of Security Engineering: A Guide to Building Dependable Distributed Systems, celebrated security expert Ross Anderson updates his best-selling textbook to help you meet the challenges of the coming decade. Security Engineering became a classic because it covers not just the technical basics, such as cryptography, access controls and tamper-resistance, but also how they're used in real life. Real-world case studies – of the security of payment systems, military systems, the phone app ecosystems and now self-driving cars – demonstrate how to use security technology in practice, and what can go wrong. Filled with actionable advice and the latest research, this Third Edition brings a classic book up to date with the modern world of smartphones, cloud computing and AI. As everything gets connected to the Internet, security engineering has come to require inter-disciplinary expertise, ranging from physics to psychology and applied economics. Security Engineering is the only textbook on the market to explain all these aspects of protecting real systems, while still remaining easily accessible. Perfect for computer science students and practicing cybersecurity professionals, as well as systems engineers of all sorts, this latest edition of Security Engineering also belongs on the bookshelves of candidates for professional certification such as CISSP. You'll learn what makes a system secure and reliable and what can render it vulnerable, from phones and laptops through cars and payment terminals to cloud services and corporate networks. You'll find: The basics: cryptography, protocols, access controls and usabilityThe attacks: phishing, software exploits and the cybercrime ecosystemThe responses: biometrics, smartcards, enclaves, app stores and the patch cycleThe psychology of security: what makes security hard for users and engineersThe economics of security: how large systems fail, and what to do about itThe big policy questions: from surveillance through censorship to sustainability Security Engineering is the book that created the discipline. It will continue to define the discipline for the 2020s and beyond. Now that there's software in everything, how can you make anything secure? Understand how to engineer dependable systems with this newly updated classic In Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack. This book became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had let the bad guys specialize and scale up; attacks were increasingly on users rather than on technology. The book repeated its success by showing how security engineers can focus on usability. Now the third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Anderson explores what security engineering means in 2020, including: How the basic elements of cryptography, protocols, and access control translate to the new world of phones, cloud services, social media and the Internet of ThingsWho the attackers are – from nation states and business competitors through criminal gangs to stalkers and playground bulliesWhat they do – from phishing and carding through SIM swapping and software exploits to DDoS and fake newsSecurity psychology, from privacy through ease-of-use to deceptionThe economics of security and dependability – why companies build vulnerable systems and governments look the other wayHow dozens of industries went online – well or badlyHow to manage security and safety engineering in a world of agile development – from reliability engineering to DevSecOps The third edition of Security Engineering ends with a grand challenge: sustainable security. As we build ever more software and connectivity into safety-critical durable goods like cars and medical devices, how do we design systems we can maintain and defend for decades? Or will everything in the world need monthly software upgrades, and become unsafe once they stop? ROSS ANDERSON is Professor of Security Engineering at Cambridge University in England. He is widely recognized as one of the world's foremost authorities on security. In 2015 he won the Lovelace Medal, Britain's top award in computing. He is a Fellow of the Royal Society and the Royal Academy of Engineering. He is one of the pioneers of the economics of information security, peer-to-peer systems, API analysis and hardware security. Over the past 40 years, he has also worked or consulted for most of the tech majors. Preface to the Third Edition xxxvii Preface to the Second Edition xli Preface to the First Edition xliii Formy daughter, and other lawyers… xlvii Foreword xlix Part I Chapter 1 What Is Security Engineering? 3 1.1 Introduction 3 1.2 A framework 4 1.3 Example 1 – a bank 6 1.4 Example 2 – a military base 7 1.5 Example 3 – a hospital 8 1.6 Example 4 – the home 10 1.7 Definitions 11 1.8 Summary 16 Chapter 2 Who Is the Opponent? 17 2.1 Introduction 17 2.2 Spies 19 2.2.1 The Five Eyes 19 2.2.1.1 Prism 19 2.2.1.2 Tempora 20 2.2.1.3 Muscular 21 2.2.1.4 Special collection 22 2.2.1.5 Bullrun and Edgehill 22 2.2.1.6 Xkeyscore 23 2.2.1.7 Longhaul 24 2.2.1.8 Quantum 25 2.2.1.9 CNE 25 2.2.1.10 The analyst’s viewpoint 27 2.2.1.11 Offensive operations 28 2.2.1.12 Attack scaling 29 2.2.2 China 30 2.2.3 Russia 35 2.2.4 The rest 38 2.2.5 Attribution 40 2.3 Crooks 41 2.3.1 Criminal infrastructure 42 2.3.1.1 Botnet herders 42 2.3.1.2 Malware devs 44 2.3.1.3 Spam senders 45 2.3.1.4 Bulk account compromise 45 2.3.1.5 Targeted attackers 46 2.3.1.6 Cashout gangs 46 2.3.1.7 Ransomware 47 2.3.2 Attacks on banking and payment systems 47 2.3.3 Sectoral cybercrime ecosystems 49 2.3.4 Internal attacks 49 2.3.5 CEO crimes 49 2.3.6 Whistleblowers 50 2.4 Geeks 52 2.5 The swamp 53 2.5.1 Hacktivism and hate campaigns 54 2.5.2 Child sex abuse material 55 2.5.3 School and workplace bullying 57 2.5.4 Intimate relationship abuse 57 2.6 Summary 59 Research problems 60 Further reading 61 Chapter 3 Psychology and Usability 63 3.1 Introduction 63 3.2 Insights from psychology research 64 3.2.1 Cognitive psychology 65 3.2.2 Gender, diversity and interpersonal variation 68 3.2.3 Social psychology 70 3.2.3.1 Authority and its abuse 71 3.2.3.2 The bystander effect 72 3.2.4 The social-brain theory of deception 73 3.2.5 Heuristics, biases and behavioural economics 76 3.2.5.1 Prospect theory and risk misperception 77 3.2.5.2 Present bias and hyperbolic discounting 78 3.2.5.3 Defaults and nudges 79 3.2.5.4 The default to intentionality 79 3.2.5.5 The affect heuristic 80 3.2.5.6 Cognitive dissonance 81 3.2.5.7 The risk thermostat 81 3.3 Deception in practice 81 3.3.1 The salesman and the scamster 82 3.3.2 Social engineering 84 3.3.3 Phishing 86 3.3.4 Opsec 88 3.3.5 Deception research 89 3.4 Passwords 90 3.4.1 Password recovery 92 3.4.2 Password choice 94 3.4.3 Difficulties with reliable password entry 94 3.4.4 Difficulties with remembering the password 95 3.4.4.1 Naïve choice 96 3.4.4.2 User abilities and training 96 3.4.4.3 Design errors 98 3.4.4.4 Operational failures 100 3.4.4.5 Social-engineering attacks 101 3.4.4.6 Customer education 102 3.4.4.7 Phishing warnings 103 3.4.5 System issues 104 3.4.6 Can you deny service? 105 3.4.7 Protecting oneself or others? 105 3.4.8 Attacks on password entry 106 3.4.8.1 Interface design 106 3.4.8.2 Trusted path, and bogus terminals 107 3.4.8.3 Technical defeats of password retry counters 107 3.4.9 Attacks on password storage 108 3.4.9.1 One-way encryption 109 3.4.9.2 Password cracking 109 3.4.9.3 Remote password checking 109 3.4.10 Absolute limits 110 3.4.11 Using a password manager 111 3.4.12 Will we ever get rid of passwords? 113 3.5 CAPTCHAs 115 3.6 Summary 116 Research problems 117 Further reading 118 Chapter 4 Protocols 119 4.1 Introduction 119 4.2 Password eavesdropping risks 120 4.3 Who goes there? – simple authentication 122 4.3.1 Challenge and response 124 4.3.2 Two-factor authentication 128 4.3.3 The MIG-in-the-middle attack 129 4.3.4 Reflection attacks 132 4.4 Manipulating the message 133 4.5 Changing the environment 134 4.6 Chosen protocol attacks 135 4.7 Managing encryption keys 136 4.7.1 The resurrecting duckling 137 4.7.2 Remote key management 137 4.7.3 The Needham-Schroeder protocol 138 4.7.4 Kerberos 139 4.7.5 Practical key management 141 4.8 Design assurance 141 4.9 Summary 143 Research problems 143 Further reading 144 Chapter 5 Cryptography 145 5.1 Introduction 145 5.2 Historical background 146 5.2.1 An early stream cipher – the Vigenère 147 5.2.2 The one-time pad 148 5.2.3 An early block cipher – Playfair 150 5.2.4 Hash functions 152 5.2.5 Asymmetric primitives 154 5.3 Security models 155 5.3.1 Random functions – hash functions 157 5.3.1.1 Properties 157 5.3.1.2 The birthday theorem 158 5.3.2 Random generators – stream ciphers 159 5.3.3 Random permutations – block ciphers 161 5.3.4 Public key encryption and trapdoor one-way permutations 163 5.3.5 Digital signatures 164 5.4 Symmetric crypto algorithms 165 5.4.1 SP-networks 165 5.4.1.1 Block size 166 5.4.1.2 Number of rounds 166 5.4.1.3 Choice of S-boxes 167 5.4.1.4 Linear cryptanalysis 167 5.4.1.5 Differential cryptanalysis 168 5.4.2 The Advanced Encryption Standard (AES) 169 5.4.3 Feistel ciphers 171 5.4.3.1 The Luby-Rackoff result 173 5.4.3.2 DES 173 5.5 Modes of operation 175 5.5.1 How not to use a block cipher 176 5.5.2 Cipher block chaining 177 5.5.3 Counter encryption 178 5.5.4 Legacy stream cipher modes 178 5.5.5 Message authentication code 179 5.5.6 Galois counter mode 180 5.5.7 XTS 180 5.6 Hash functions 181 5.6.1 Common hash functions 181 5.6.2 Hash function applications – HMAC, commitments and updating 183 5.7 Asymmetric crypto primitives 185 5.7.1 Cryptography based on factoring 185 5.7.2 Cryptography based on discrete logarithms 188 5.7.2.1 One-way commutative encryption 189 5.7.2.2 Diffie-Hellman key establishment 190 5.7.2.3 ElGamal digital signature and DSA 192 5.7.3 Elliptic curve cryptography 193 5.7.4 Certification authorities 194 5.7.5 TLS 195 5.7.5.1 TLS uses 196 5.7.5.2 TLS security 196 5.7.5.3 TLS 1.3 197 5.7.6 Other public-key protocols 197 5.7.6.1 Code signing 197 5.7.6.2 PGP/GPG 198 5.7.6.3 QUIC 199 5.7.7 Special-purpose primitives 199 5.7.8 How strong are asymmetric cryptographic primitives? 200 5.7.9 What else goes wrong 202 5.8 Summary 203 Research problems 204 Further reading 204 Chapter 6 Access Control 207 6.1 Introduction 207 6.2 Operating system access controls 209 6.2.1 Groups and roles 210 6.2.2 Access control lists 211 6.2.3 Unix operating system security 212 6.2.4 Capabilities 214 6.2.5 DAC and MAC 215 6.2.6 Apple’s macOS 217 6.2.7 iOS 217 6.2.8 Android 218 6.2.9 Windows 219 6.2.10 Middleware 222 6.2.10.1 Database access controls 222 6.2.10.2 Browsers 223 6.2.11 Sandboxing 224 6.2.12 Virtualisation 225 6.3 Hardware protection 227 6.3.1 Intel processors 228 6.3.2 Arm processors 230 6.4 What goes wrong 231 6.4.1 Smashing the stack 232 6.4.2 Other technical attacks 234 6.4.3 User interface failures 236 6.4.4 Remedies 237 6.4.5 Environmental creep 238 6.5 Summary 239 Research problems 240 Further reading 240 Chapter 7 Distributed Systems 243 7.1 Introduction 243 7.2 Concurrency 244 7.2.1 Using old data versus paying to propagate state 245 7.2.2 Locking to prevent inconsistent updates 246 7.2.3 The order of updates 247 7.2.4 Deadlock 248 7.2.5 Non-convergent state 249 7.2.6 Secure time 250 7.3 Fault tolerance and failure recovery 251 7.3.1 Failure models 252 7.3.1.1 Byzantine failure 252 7.3.1.2 Interaction with fault tolerance 253 7.3.2 What is resilience for? 254 7.3.3 At what level is the redundancy? 255 7.3.4 Service-denial attacks 257 7.4 Naming 259 7.4.1 The Needham naming principles 260 7.4.2 What else goes wrong 263 7.4.2.1 Naming and identity 264 7.4.2.2 Cultural assumptions 265 7.4.2.3 Semantic content of names 267 7.4.2.4 Uniqueness of names 268 7.4.2.5 Stability of names and addresses 269 7.4.2.6 Restrictions on the use of names 269 7.4.3 Types of name 270 7.5 Summary 271 Research problems 272 Further reading 273 Chapter 8 Economics 275 8.1 Introduction 275 8.2 Classical economics 276 8.2.1 Monopoly 278 8.3 Information economics 281 8.3.1 Why information markets are different 281 8.3.2 The value of lock-in 282 8.3.3 Asymmetric information 284 8.3.4 Public goods 285 8.4 Game theory 286 8.4.1 The prisoners’ dilemma 287 8.4.2 Repeated and evolutionary games 288 8.5 Auction theory 291 8.6 The economics of security and dependability 293 8.6.1 Why is Windows so insecure? 294 8.6.2 Managing the patching cycle 296 8.6.3 Structural models of attack and defence 298 8.6.4 The economics of lock-in, tying and DRM 300 8.6.5 Antitrust law and competition policy 302 8.6.6 Perversely motivated guards 304 8.6.7 Economics of privacy 305 8.6.8 Organisations and human behaviour 307 8.6.9 Economics of cybercrime 308 8.7 Summary 310 Research problems 311 Further reading 311 Part II Chapter 9 Multilevel Security 315 9.1 Introduction 315 9.2 What is a security policy model? 316 9.3 Multilevel security policy 318 9.3.1 The Anderson report 319 9.3.2 The Bell-LaPadula model 320 9.3.3 The standard criticisms of Bell-LaPadula 321 9.3.4 The evolution of MLS policies 323 9.3.5 The Biba model 325 9.4 Historical examples of MLS systems 326 9.4.1 SCOMP 326 9.4.2 Data diodes 327 9.5 MAC: from MLS to IFC and integrity 329 9.5.1 Windows 329 9.5.2 SELinux 330 9.5.3 Embedded systems 330 9.6 What goes wrong 331 9.6.1 Composability 331 9.6.2 The cascade problem 332 9.6.3 Covert channels 333 9.6.4 The threat from malware 333 9.6.5 Polyinstantiation 334 9.6.6 Practical problems with MLS 335 9.7 Summary 337 Research problems 338 Further reading 339 Chapter 10 Boundaries 341 10.1 Introduction 341 10.2 Compartmentation and the lattice model 344 10.3 Privacy for tigers 346 10.4 Health record privacy 349 10.4.1 The threat model 351 10.4.2 The BMA security policy 353 10.4.3 First practical steps 356 10.4.4 What actually goes wrong 357 10.4.4.1 Emergency care 358 10.4.4.2 Resilience 359 10.4.4.3 Secondary uses 359 10.4.5 Confidentiality – the future 362 10.4.6 Ethics 365 10.4.7 Social care and education 367 10.4.8 The Chinese Wall 369 10.5 Summary 371 Research problems 372 Further reading 373 Chapter 11 Inference Control 375 11.1 Introduction 375 11.2 The early history of inference control 377 11.2.1 The basic theory of inference control 378 11.2.1.1 Query set size control 378 11.2.1.2 Trackers 379 11.2.1.3 Cell suppression 379 11.2.1.4 Other statistical disclosure control mechanisms 380 11.2.1.5 More sophisticated query controls 381 11.2.1.6 Randomization 382 11.2.2 Limits of classical statistical security 383 11.2.3 Active attacks 384 11.2.4 Inference control in rich medical data 385 11.2.5 The third wave: preferences and search 388 11.2.6 The fourth wave: location and social 389 11.3 Differential privacy 392 11.4 Mind the gap? 394 11.4.1 Tactical anonymity and its problems 395 11.4.2 Incentives 398 11.4.3 Alternatives 399 11.4.4 The dark side 400 11.5 Summary 401 Research problems 402 Further reading 402 Chapter 12 Banking and Bookkeeping 405 12.1 Introduction 405 12.2 Bookkeeping systems 406 12.2.1 Double-entry bookkeeping 408 12.2.2 Bookkeeping in banks 408 12.2.3 The Clark-Wilson security policy model 410 12.2.4 Designing internal controls 411 12.2.5 Insider frauds 415 12.2.6 Executive frauds 416 12.2.6.1 The post office case 418 12.2.6.2 Other failures 419 12.2.6.3 Ecological validity 420 12.2.6.4 Control tuning and corporate governance 421 12.2.7 Finding the weak spots 422 12.3 Interbank payment systems 424 12.3.1 A telegraphic history of E-commerce 424 12.3.2 SWIFT 425 12.3.3 What goes wrong 427 12.4 Automatic teller machines 430 12.4.1 ATM basics 430 12.4.2 What goes wrong 433 12.4.3 Incentives and injustices 437 12.5 Credit cards 438 12.5.1 Credit card fraud 439 12.5.2 Online card fraud 440 12.5.3 3DS 443 12.5.4 Fraud engines 444 12.6 EMV payment cards 445 12.6.1 Chip cards 445 12.6.1.1 Static data authentication 446 12.6.1.2 ICVVs, DDA and CDA 450 12.6.1.3 The No-PIN attack 451 12.6.2 The preplay attack 452 12.6.3 Contactless 454 12.7 Online banking 457 12.7.1 Phishing 457 12.7.2 CAP 458 12.7.3 Banking malware 459 12.7.4 Phones as second factors 459 12.7.5 Liability 461 12.7.6 Authorised push payment fraud 462 12.8 Nonbank payments 463 12.8.1 M-Pesa 463 12.8.2 Other phone payment systems 464 12.8.3 Sofort, and open banking 465 12.9 Summary 466 Research problems 466 Further reading 468 Chapter 13 Locks and Alarms 471 13.1 Introduction 471 13.2 Threats and barriers 472 13.2.1 Threat model 473 13.2.2 Deterrence 474 13.2.3 Walls and barriers 476 13.2.4 Mechanical locks 478 13.2.5 Electronic locks 482 13.3 Alarms 484 13.3.1 How not to protect a painting 485 13.3.2 Sensor defeats 486 13.3.3 Feature interactions 488 13.3.4 Attacks on communications 489 13.3.5 Lessons learned 493 13.4 Summary 494 Research problems 495 Further reading 495 Chapter 14 Monitoring and Metering 497 14.1 Introduction 497 14.2 Prepayment tokens 498 14.2.1 Utility metering 499 14.2.2 How the STS system works 501 14.2.3 What goes wrong 502 14.2.4 Smart meters and smart grids 504 14.2.5 Ticketing fraud 508 14.3 Taxi meters, tachographs and truck speed limiters 509 14.3.1 The tachograph 509 14.3.2 What goes wrong 511 14.3.2.1 How most tachograph manipulation is done 511 14.3.2.2 Tampering with the supply 512 14.3.2.3 Tampering with the instrument 512 14.3.2.4 High-tech attacks 513 14.3.3 Digital tachographs 514 14.3.3.1 System-level problems 515 14.3.3.2 Other problems 516 14.3.4 Sensor defeats and third-generation devices 518 14.3.5 The fourth generation – smart tachographs 518 14.4 Curfew tags: GPS as policeman 519 14.5 Postage meters 522 14.6 Summary 526 Research problems 527 Further reading 527 Chapter 15 Nuclear Command and Control 529 15.1 Introduction 529 15.2 The evolution of command and control 532 15.2.1 The Kennedy memorandum 532 15.2.2 Authorization, environment, intent 534 15.3 Unconditionally secure authentication 534 15.4 Shared control schemes 536 15.5 Tamper resistance and PALs 538 15.6 Treaty verification 540 15.7 What goes wrong 541 15.7.1 Nuclear accidents 541 15.7.2 Interaction with cyberwar 542 15.7.3 Technical failures 543 15.8 Secrecy or openness? 544 15.9 Summary 545 Research problems 546 Further reading 546 Chapter 16 Security Printing and Seals 549 16.1 Introduction 549 16.2 History 550 16.3 Security printing 551 16.3.1 Threat model 552 16.3.2 Security printing techniques 553 16.4 Packaging and seals 557 16.4.1 Substrate properties 558 16.4.2 The problems of glue 558 16.4.3 PIN mailers 559 16.5 Systemic vulnerabilities 560 16.5.1 Peculiarities of the threat model 562 16.5.2 Anti-gundecking measures 563 16.5.3 The effect of random failure 564 16.5.4 Materials control 564 16.5.5 Not protecting the right things 565 16.5.6 The cost and nature of inspection 566 16.6 Evaluation methodology 567 16.7 Summary 569 Research problems 569 Further reading 570 Chapter 17 Biometrics 571 17.1 Introduction 571 17.2 Handwritten signatures 572 17.3 Face recognition 575 17.4 Fingerprints 579 17.4.1 Verifying positive or negative identity claims 581 17.4.2 Crime scene forensics 584 17.5 Iris codes 588 17.6 Voice recognition and morphing 590 17.7 Other systems 591 17.8 What goes wrong 593 17.9 Summary 596 Research problems 597 Further reading 597 Chapter 18 Tamper Resistance 599 18.1 Introduction 599 18.2 History 601 18.3 Hardware security modules 601 18.4 Evaluation 607 18.5 Smartcards and other security chips 609 18.5.1 History 609 18.5.2 Architecture 610 18.5.3 Security evolution 611 18.5.4 Random number generators and PUFs 621 18.5.5 Larger chips 624 18.5.6 The state of the art 628 18.6 The residual risk 630 18.6.1 The trusted interface problem 630 18.6.2 Conflicts 631 18.6.3 The lemons market, risk dumping and evaluation games 632 18.6.4 Security-by-obscurity 632 18.6.5 Changing environments 633 18.7 So what should one protect? 634 18.8 Summary 636 Research problems 636 Further reading 636 Chapter 19 Side Channels 639 19.1 Introduction 639 19.2 Emission security 640 19.2.1 History 641 19.2.2 Technical surveillance and countermeasures 642 19.3 Passive attacks 645 19.3.1 Leakage through power and signal cables 645 19.3.2 Leakage through RF signals 645 19.3.3 What goes wrong 649 19.4 Attacks between and within computers 650 19.4.1 Timing analysis 651 19.4.2 Power analysis 652 19.4.3 Glitching and differential fault analysis 655 19.4.4 Rowhammer, CLKscrew and Plundervolt 656 19.4.5 Meltdown, Spectre and other enclave side channels 657 19.5 Environmental side channels 659 19.5.1 Acoustic side channels 659 19.5.2 Optical side channels 661 19.5.3 Other side-channels 661 19.6 Social side channels 663 19.7 Summary 663 Research problems 664 Further reading 664 Chapter 20 Advanced Cryptographic Engineering 667 20.1 Introduction 667 20.2 Full-disk encryption 668 20.3 Signal 670 20.4 Tor 674 20.5 HSMs 677 20.5.1 The xor-to-null-key attack 677 20.5.2 Attacks using backwards compatibility and time-memory tradeoffs 678 20.5.3 Differential protocol attacks 679 20.5.4 The EMV attack 681 20.5.5 Hacking the HSMs in CAs and clouds 681 20.5.6 Managing HSM risks 681 20.6 Enclaves 682 20.7 Blockchains 685 20.7.1 Wallets 688 20.7.2 Miners 689 20.7.3 Smart contracts 689 20.7.4 Off-chain payment mechanisms 691 20.7.5 Exchanges, cryptocrime and regulation 692 20.7.6 Permissioned blockchains 695 20.8 Crypto dreams that failed 695 20.9 Summary 696 Research problems 698 Further reading 698 Chapter 21 Network Attack and Defence 699 21.1 Introduction 699 21.2 Network protocols and service denial 701 21.2.1 BGP security 701 21.2.2 DNS security 703 21.2.3 UDP, TCP, SYN floods and SYN reflection 704 21.2.4 Other amplifiers 705 21.2.5 Other denial-of-service attacks 706 21.2.6 Email – from spies to spammers 706 21.3 The malware menagerie – Trojans, worms and RATs 708 21.3.1 Early history of malware 709 21.3.2 The Internet worm 710 21.3.3 Further malware evolution 711 21.3.4 How malware works 713 21.3.5 Countermeasures 714 21.4 Defense against network attack 715 21.4.1 Filtering: firewalls, censorware and wiretaps 717 21.4.1.1 Packet filtering 718 21.4.1.2 Circuit gateways 718 21.4.1.3 Application proxies 719 21.4.1.4 Ingress versus egress filtering 719 21.4.1.5 Architecture 720 21.4.2 Intrusion detection 722 21.4.2.1 Types of intrusion detection 722 21.4.2.2 General limitations of intrusion detection 724 21.4.2.3 Specific problems detecting network attacks 724 21.5 Cryptography: the ragged boundary 725 21.5.1 SSH 726 21.5.2 Wireless networking at the periphery 727 21.5.2.1 WiFi 727 21.5.2.2 Bluetooth 728 21.5.2.3 HomePlug 729 21.5.2.4 VPNs 729 21.6 CAs and PKI 730 21.7 Topology 733 21.8 Summary 734 Research problems 734 Further reading 735 Chapter 22 Phones 737 22.1 Introduction 737 22.2 Attacks on phone networks 738 22.2.1 Attacks on phone-call metering 739 22.2.2 Attacks on signaling 742 22.2.3 Attacks on switching and configuration 743 22.2.4 Insecure end systems 745 22.2.5 Feature interaction 746 22.2.6 VOIP 747 22.2.7 Frauds by phone companies 748 22.2.8 Security economics of telecomms 749 22.3 Going mobile 750 22.3.1 GSM 751 22.3.2 3G 755 22.3.3 4G 757 22.3.4 5G and beyond 758 22.3.5 General MNO failings 760 22.4 Platform security 761 22.4.1 The Android app ecosystem 763 22.4.1.1 App markets and developers 764 22.4.1.2 Bad Android implementations 764 22.4.1.3 Permissions 766 22.4.1.4 Android malware 767 22.4.1.5 Ads and third-party services 768 22.4.1.6 Pre-installed apps 770 22.4.2 Apple’s app ecosystem 770 22.4.3 Cross-cutting issues 774 22.5 Summary 775 Research problems 776 Further reading 776 Chapter 23 Electronic and Information Warfare 777 23.1 Introduction 777 23.2 Basics 778 23.3 Communications systems 779 23.3.1 Signals intelligence techniques 781 23.3.2 Attacks on communications 784 23.3.3 Protection techniques 785 23.3.3.1 Frequency hopping 786 23.3.3.2 DSSS 787 23.3.3.3 Burst communications 788 23.3.3.4 Combining covertness and jam resistance 789 23.3.4 Interaction between civil and military uses 790 23.4 Surveillance and target acquisition 791 23.4.1 Types of radar 792 23.4.2 Jamming techniques 793 23.4.3 Advanced radars and countermeasures 795 23.4.4 Other sensors and multisensor issues 796 23.5 IFF systems 797 23.6 Improvised explosive devices 800 23.7 Directed energy weapons 802 23.8 Information warfare 803 23.8.1 Attacks on control systems 805 23.8.2 Attacks on other infrastructure 808 23.8.3 Attacks on elections and political stability 809 23.8.4 Doctrine 811 23.9 Summary 812 Research problems 813 Further reading 813 Chapter 24 Copyright and DRM 815 24.1 Introduction 815 24.2 Copyright 817 24.2.1 Software 817 24.2.2 Free software, free culture? 823 24.2.3 Books and music 827 24.2.4 Video and pay-TV 828 24.2.4.1 Typical system architecture 829 24.2.4.2 Video scrambling techniques 830 24.2.4.3 Attacks on hybrid scrambling systems 832 24.2.4.4 DVB 836 24.2.5 DVD 837 24.3 DRM on general-purpose computers 838 24.3.1 Windows media rights management 839 24.3.2 FairPlay, HTML5 and other DRM systems 840 24.3.3 Software obfuscation 841 24.3.4 Gaming, cheating, and DRM 843 24.3.5 Peer-to-peer systems 845 24.3.6 Managing hardware design rights 847 24.4 Information hiding 848 24.4.1 Watermarks and copy generation management 849 24.4.2 General information hiding techniques 849 24.4.3 Attacks on copyright marking schemes 851 24.5 Policy 854 24.5.1 The IP lobby 857 24.5.2 Who benefits? 859 24.6 Accessory control 860 24.7 Summary 862 Research problems 862 Further reading 863 Chapter 25 New Directions? 865 25.1 Introduction 865 25.2 Autonomous and remotely-piloted vehicles 866 25.2.1 Drones 866 25.2.2 Self-driving cars 867 25.2.3 The levels and limits of automation 869 25.2.4 How to hack a self-driving car 872 25.3 AI / ML 874 25.3.1 ML and security 875 25.3.2 Attacks on ML systems 876 25.3.3 ML and society 879 25.4 PETS and operational security 882 25.4.1 Anonymous messaging devices 885 25.4.2 Social support 887 25.4.3 Living off the land 890 25.4.4 Putting it all together 891 25.4.5 The name’s Bond. James Bond 893 25.5 Elections 895 25.5.1 The history of voting machines 896 25.5.2 Hanging chads 896 25.5.3 Optical scan 898 25.5.4 Software independence 899 25.5.5 Why electronic elections are hard 900 25.6 Summary 904 Research problems 904 Further reading 905 Part III Chapter 26 Surveillance or Privacy? 909 26.1 Introduction 909 26.2 Surveillance 912 26.2.1 The history of government wiretapping 912 26.2.2 Call data records (CDRs) 916 26.2.3 Search terms and location data 919 26.2.4 Algorithmic processing 920 26.2.5 ISPs and CSPs 921 26.2.6 The Five Eyes’ system of systems 922 26.2.7 The crypto wars 925 26.2.7.1 The back story to crypto policy 926 26.2.7.2 DES and crypto research 927 26.2.7.3 CryptoWar 1 – the Clipper chip 928 26.2.7.4 CryptoWar 2 – going spotty 931 26.2.8 Export control 934 26.3 Terrorism 936 26.3.1 Causes of political violence 936 26.3.2 The psychology of political violence 937 26.3.3 The role of institutions 938 26.3.4 The democratic response 940 26.4 Censorship 941 26.4.1 Censorship by authoritarian regimes 942 26.4.2 Filtering, hate speech and radicalisation 944 26.5 Forensics and rules of evidence 948 26.5.1 Forensics 948 26.5.2 Admissibility of evidence 950 26.5.3 What goes wrong 951 26.6 Privacy and data protection 953 26.6.1 European data protection 953 26.6.2 Privacy regulation in the USA 956 26.6.3 Fragmentation? 958 26.7 Freedom of information 960 26.8 Summary 961 Research problems 962 Further reading 962 Chapter 27 Secure Systems Development 965 27.1 Introduction 965 27.2 Risk management 966 27.3 Lessons from safety-critical systems 969 27.3.1 Safety engineering methodologies 970 27.3.2 Hazard analysis 971 27.3.3 Fault trees and threat trees 971 27.3.4 Failure modes and effects analysis 972 27.3.5 Threat modelling 973 27.3.6 Quantifying risks 975 27.4 Prioritising protection goals 978 27.5 Methodology 980 27.5.1 Top-down design 981 27.5.2 Iterative design: from spiral to agile 983 27.5.3 The secure development lifecycle 985 27.5.4 Gated development 987 27.5.5 Software as a Service 988 27.5.6 From DevOps to DevSecOps 991 27.5.6.1 The Azure ecosystem 991 27.5.6.2 The Google ecosystem 992 27.5.6.3 Creating a learning system 994 27.5.7 The vulnerability cycle 995 27.5.7.1 The CVE system 997 27.5.7.2 Coordinated disclosure 998 27.5.7.3 Security incident and event management 999 27.5.8 Organizational mismanagement of risk 1000 27.6 Managing the team 1004 27.6.1 Elite engineers 1004 27.6.2 Diversity 1005 27.6.3 Nurturing skills and attitudes 1007 27.6.4 Emergent properties 1008 27.6.5 Evolving your workflow 1008 27.6.6 And finally… 1010 27.7 Summary 1010 Research problems 1011 Further reading 1012 Chapter 28 Assurance and Sustainability 1015 28.1 Introduction 1015 28.2 Evaluation 1018 28.2.1 Alarms and locks 1019 28.2.2 Safety evaluation regimes 1019 28.2.3 Medical device safety 1020 28.2.4 Aviation safety 1023 28.2.5 The Orange book 1025 28.2.6 FIPS 140 and HSMs 1026 28.2.7 The common criteria 1026 28.2.7.1 The gory details 1027 28.2.7.2 What goes wrong with the Common Criteria 1029 28.2.7.3 Collaborative protection profiles 1031 28.2.8 The ‘Principle of Maximum Complacency’ 1032 28.2.9 Next steps 1034 28.3 Metrics and dynamics of dependability 1036 28.3.1 Reliability growth models 1036 28.3.2 Hostile review 1039 28.3.3 Free and open-source software 1040 28.3.4 Process assurance 1042 28.4 The entanglement of safety and security 1044 28.4.1 The electronic safety and security of cars 1046 28.4.2 Modernising safety and security regulation 1049 28.4.3 The Cybersecurity Act 2019 1050 28.5 Sustainability 1051 28.5.1 The Sales of goods directive 1052 28.5.2 New research directions 1053 28.6 Summary 1056 Research problems 1057 Further reading 1058 Chapter 29 Beyond “Computer Says No” 1059 Bibliography 1061 Index 1143
Interaktive Datenvisualisierung in Wissenschaft und Unternehmenspraxis
Interaktive Visualisierungen gewinnen in Wissenschaft und Unternehmenspraxis zunehmend an Bedeutung. Neben der Analyse und Darstellung von Unternehmensdaten z.B. mit Hilfe moderner Data Science Methoden werden auch Visualisierungen und Animationen mit Hilfe von 3D und Virtual Reality/Augmented Reality Technologien immer wichtiger, etwa bei der Planung von Industrieanlagen, in der Architektur oder bei der Darstellung naturwissenschaftlicher Prozesse.Das vorliegende praxisorientierte Herausgeberwerk basiert auf Ergebnissen, die im Kontext der Tagung VISUALIZE an der Hochschule Rhein-Waal vorgestellt wurden und umfasst Beiträge unterschiedlicher Visualisierungsdomänen, darunter auch Business Intelligence Lösungen mit Qlik Sense, R, Shiny und Python. Die Visualisierungstechniken und konkreten Methoden aus begleitenden Workshops werden zu anwendungsnahen Handlungsempfehlungen und Best Practices für eigene Visualisierungsvorhaben zusammengefasst.Ein Buch für alle, die auf der Suche nach konkreten Handlungsempfehlungen und Praxisbeispielen zur interaktiven Datenvisualisierung sind.Dr. Timo Kahl ist Professor für Wirtschaftsinformatik an der Hochschule Rhein-Waal und leitet den Studiengang und das Labor für E-Government. Seine fachlichen Schwerpunkte liegen in den Bereichen Prozessmanagement, Verwaltungsmodernisierung, Business Integration und Business Intelligence.Dr. Frank Zimmer ist Professor für Informatik und Mathematik an der Hochschule Rhein-Waal und leitet das Labor für Computational Intelligence und Visualisierung. Seine fachlichen Schwerpunkte sind Maschinelles Lernen, Data Science, Simulationen und Visualisierung.Visualisierungen in 3D Anwendungen.-Visualisierungskonzepte und moderne Werkzeuge (Qlik Sense, R, Shiny, Python, Houdini, Unity, Unreal & Co.).-Prozess- und Datenvisualisierung.-Visualisierung im Kontext von Machine Learning.
Strategie, Planung und Organisation von Testprozessen
Das Buch gibt konkrete Tipps zur erfolgreichen Organisation von Softwaretests. Denn: Für erfolgreiche Testprojekte sind Planung und Konzeption im Vorfeld essentiell. Die richtigen Weichenstellungen verhindern von Anfang an Probleme und zeigen notwendige Handlungsbedarfe im Softwaretest auf. Dieses Werk zeigt neben theoretischen Grundlagen die Umsetzung in der Praxis auf und behandelt dabei typische Probleme. Frank Witte erläutert die entscheidenden Aspekte, die im Testkonzept zu berücksichtigen sind, um den Testprozess optimal zu unterstützen und zu begleiten.FRANK WITTE verfügt über langjährige Erfahrung im Softwaretest in unterschiedlichen Unternehmen und Branchen. Bei jedem neuen Softwareprojekt ist es für ihn erforderlich, Testaktivitäten umfassend zu planen und den Test zu organisieren. Daher hat er bereits mehrere Testkonzepte selbst verfasst und erfahren, worauf es dabei besonders ankommt und welche Probleme bereits im Vorfeld und am Beginn von Testprozessen erkannt, aber auch proaktiv verhindert oder verringert werden können.Testdokumente nach IEEE 829.- Teststrategie.- Testziele.- Testplanung.- Bezeichnung des Testkonzepts und Einleitung.- Testorganisation.- Prozessbeschreibung.-Testobjekte und Testphasen.-Teststufen.- Zu testende Leistungsmerkmale.-Leistungsmerkmale, die nicht getestet werden.-Priorisierung von Testfällen.-Permanente Testorganisation.-Abnahmekriterien .-Kriterien für Testabbruch und Testfortsetzung.-Testrisiken.-Testdaten.-Testdokumentation.-Testaufgaben.-Testumgebung.-Verantwortlichkeiten, Zuständigkeiten und Kommunikation.-Personal, Einarbeitung, Ausbildung.-Zeitplan/ Arbeitsplan.-Planungsrisiken und Unvorhersehbares.-Genehmigung und Freigabe.-Projektorganisation.-Testmethoden.-Reifegrad des Testmanagements.-Besonderheiten der Testorganisation in agilen Projekten.-Künstliche Intelligenz und kognitives Testen.
Practical Machine Learning with AWS
Successfully build, tune, deploy, and productionize any machine learning model, and know how to automate the process from data processing to deployment.This book is divided into three parts. Part I introduces basic cloud concepts and terminologies related to AWS services such as S3, EC2, Identity Access Management, Roles, Load Balancer, and Cloud Formation. It also covers cloud security topics such as AWS Compliance and artifacts, and the AWS Shield and CloudWatch monitoring service built for developers and DevOps engineers. Part II covers machine learning in AWS using SageMaker, which gives developers and data scientists the ability to build, train, and deploy machine learning models. Part III explores other AWS services such as Amazon Comprehend (a natural language processing service that uses machine learning to find insights and relationships in text), Amazon Forecast (helps you deliver accurate forecasts), and Amazon Textract.By the end of the book, you will understand the machine learning pipeline and how to execute any machine learning model using AWS. The book will also help you prepare for the AWS Certified Machine Learning—Specialty certification exam.WHAT YOU WILL LEARN* Be familiar with the different machine learning services offered by AWS * Understand S3, EC2, Identity Access Management, and Cloud Formation* Understand SageMaker, Amazon Comprehend, and Amazon Forecast* Execute live projects: from the pre-processing phase to deployment on AWSWHO THIS BOOK IS FORMachine learning engineers who want to learn AWS machine learning services, and acquire an AWS machine learning specialty certificationHIMANSHU SINGH is Technology Lead and Senior NLP Engineer at Legato Healthcare (an Anthem Company). He has seven years of experience in the AI industry, primarily in computer vision and natural language processing. He has authored three books on machine learning. He has an MBA from Narsee Monjee Institute of Management Studies, and a postgraduate diploma in Applied Statistics.Part-I – Introduction to Amazon Web Services (100 Pages)Chapter 1: AWS Concepts and TechnologiesIntroduction to services like S3, EC2, Identity Access Management, Roles, Load Balancer, Cloud Formation, etc.Chapter 2: AWS Billing and PricingUnderstanding AWS pricing, billing, group and tagging, etc.Chapter 3: AWS Cloud SecurityDescription about AWS compliance and artifacts, AWS Shield, Cloudwatch, Cloud Trail, etc.Part-II – Machine Learning in AWS (300 Pages)Chapter 4: Data Collection and PreparationConcepts include AWS data stores, migration and helper tools. It also includes pre-processing concepts like encoding, feature engineering, missing values removal, etc.Chapter 5: Data Modelling and AlgorithmsIn this section, we will talk about all the algorithms that AWS supports, including regression, clustering, classification, image, and text analytics, etc. We will then look at Sagemaker service and how to make models using it.Chapter 6: Data Analysis and VisualizationThis chapter talks about the relationship between variables, data distributions, the composition of data, etc.Chapter 7: Model Evaluation and OptimizationThis chapter talks about the monitoring of training jobs, evaluating the model accuracy, and fine-tuning models.Chapter 8: Implementation and OperationIn this chapter, we’ll look at the deployment of models, security, and monitoring.Chapter 9: Building a Machine Learning WorkflowIn this chapter, we’ll look at the machine learning workflow in AWS .Part-IV – Projects (100 Pages)Chapter 10: Project – Building skills with AlexaChapter 11: Project - Time series forecasting using Amazon forecastChapter 12: Project – Modelling and deployment using XGBoost in SagemakerChapter 13: Text classification using Amazon comprehend and textractChapter 14: Building a complete project pipeline
Building Versatile Mobile Apps with Python and REST
Develop versatile iOS and Android apps using Python withRESTful web services. Dive into full-stack development with Django, a powerfulPython framework, and React Native, the most in-demand JavaScript library.Begin by building a mobile app using the RESTful APIs andReact Native. Starting from scratch, create a database and serialize the datawith Django REST to serve APIs. Then build the front-end with React and mobileapps for iOS and Android with React Native.By the end of the book, you’ll have developed three appspowered by Django—a desktop React app, an iOS app, and an Android app. Discoverthe whole process of developing apps from inception to distribution of an iOSapp in the Apple store and an Android app in the Google Play store.You will:* Develop using the Model-View-Controller pattern* Facilitate the communications between the back-end andfront-end of web apps with HTTP* Design a robust front-end for an app with React* Create one back-end solution for both iOS and Androiddevices with DjangoART YUDIN is a FinTech enthusiast who has a great passion for coding and teaching. He earned a Master of Science in Banking and Finance from Adelphi University, Garden City, New York. Mr. Yudin previously held asset management positions with international financial institutions such as Merrill Lynch and Allianz Investments. Currently, Art Yudin develops financial services software and leads classes and workshops in Python at Practical Programming in New York and Chicago.CHAPTER 1. STARTING WITH DJANGO- How modern websites work- Python and Virtual environment- Install Django and Django REST- Initial setup- Understanding the MVC pattern in Django- Starting new Django project and creating appsCHAPTER 2. LET’S BUILD OUR WEB API APP- Models- Admin- Views- URLsCHAPTER 3. CREATING RESTFUL API- Serializers- API Views- Browsable APICHAPTER 4. HOW IOS WORKS- Xcode interface- Intro to SwiftCHAPTER 5. DESIGNING OUR FRONT-END IOS APP- Setting up the structure of our App- Designing layoutChapter 6. CONNECTING BACK-END API WITH IOS APP- Creating an API Manager- Displaying data- List View- Detail View- Update ViewCHAPTER 7. ADDITIONAL FEATURES- User authentication- Adding reviews and displaying ratings- Adding places to favoritesChapter 8. LAUNCHING APP- Deploying back-end to a live server- Adding our App to App Store
Pro Cryptography and Cryptanalysis
Utilize this comprehensive, yet practical, overview of modern cryptography and cryptanalysis to improve performance. Learn by example with source code in C# and .NET, and come away with an understanding of public key encryption systems and challenging cryptography mechanisms such as lattice-based cryptography.Modern cryptography is the lifeboat of a secure infrastructure. From global economies and governments, to meeting everyday consumer needs, cryptography is ubiquitous, and used in search, design, data, artificial intelligence, and other fields of information technology and communications. Its complexity can lead to misconfiguration, misuse, and misconceptions. For developers who are involved in designing and implementing cryptographic operations in their applications, understanding the implications of the algorithms, modes, and other parameters is vital.PRO CRYPTOGRAPHY AND CRYPTANALYSIS is for the reader who has a professional need or personal interest in developing cryptography algorithms and security schemes using C# and .NET. You will learn how to implement advanced cryptographic algorithms (such as Elliptic Curve Cryptography Algorithms, Lattice-based Cryptography, Searchable Encryption, Homomorphic Encryption), and come away with a solid understanding of the internal cryptographic mechanisms, and common ways in which the algorithms are correctly implemented in real practice. With the new era of quantum computing, this book serves as a stepping stone to quantum cryptography, finding useful connections between current cryptographic concepts and quantum related topics.WHAT YOU WILL LEARN* Know when to enlist cryptography, and how it is often misunderstood and misused* Explore modern cryptography algorithms, practices, and properties* Design and implement usable, advanced cryptographic methods and mechanisms* Understand how new features in C# and .NET impact the future of cryptographic algorithms* Use the cryptographic model, services, and System.Security.Cryptography namespace in .NET* Modernize your cryptanalyst mindset by exploiting the performance of C# and .NET with its weak cryptographic algorithms* Practice the basics of public key cryptography, including ECDSA signatures* Discover how most algorithms can be brokenWHO THIS BOOK IS FORInformation security experts, cryptologists, software engineers, developers, data scientists, and academia who have experience with C#, .NET, as well as IDEs such as Visual Studio, VS Code, or Mono. Because this book is for an intermediate to advanced audience, readers should also possess an understanding of cryptography (symmetric and asymmetric) concepts.MARIUS IULIAN MIHAILESCU, PHD is CEO of Dapyx Solution Ltd., a company focused on security- and cryptography-related research. He has authored and co-authored more than 50 articles, journal contributions, and conference proceedings, and three books related to security and cryptography. He lectures at well-known national and international universities, teaching courses on programming, cryptography, information security, and other technical topics. He holds a PhD (thesis on applied cryptography over biometrics data) and two MSc in information security and software engineering.STEFANIA LOREDANA NITA, PHD is a software developer and researcher at the Institute for Computers. Prior to that she was an assistant lecturer at the University of Bucharest, where she taught courses on advanced programming techniques, simulation methods, and operating systems. She has authored and co-authored more than 15 papers and journals, most recently Advanced Cryptography and Its Future: Searchable and Homomorphic Encryption, as well as two books. She holds a PhD (thesis on advanced cryptographic schemes using searchable encryption and homomorphic encryption), an MSc in software engineering and two BSc in computer science and mathematics.PART I: FOUNDATIONAL TOPICSChapter 1: Cryptography FundamentalsChapter 2: Mathematical Background and Its ApplicabilityChapter 3: Large Integer ArithmeticChapter 4: Floating-Point ArithmeticChapter 5: What's New in C# 8.0Chapter 6: Secure Coding GuidelinesChapter 7: .NET Cryptography ServicesChapter 8: Overview of System.Cryptography NamespaceChapter 9: Cryptography Libraries in C# and .NETPART II: CRYPTOGRAPHYChapter 10: Elliptic-Curve CryptographyChapter 11: Lattice-based CryptographyChapter 12: Searchable EncryptionChapter 13: Homomorphic EncryptionChapter 14: (Ring) Learning with Errors CryptographyChapter 15: Chaos-based CryptographyChapter 16: Big Data CryptographyChapter 17: Cloud Computing CryptographyPART III: PRO CRYPTANALYSISChapter 18: Getting Started with CryptanalysisChapter 19: Cryptanalysis Attacks and TechniquesChapter 20: Linear and Differential CryptanalysisChapter 21: Integral CryptanalysisChapter 22: AttacksChapter 23: Text CharacterizationChapter 24: Implementation and Practical Approach of Cryptanalysis Methods
Azure DevOps for Web Developers
Explore the architecture, product offerings, and the various stages of implementation processes in Azure DevOps. The book starts with the basic concepts of DevOps and moves on to discuss project management in Azure DevOps. Next, you will learn requirement management and version control in DevOps. Along the way, you will go through test management followed by continuous integration and build automation with more details on code quality and security implementations.Moving forward, you will learn release pipeline and infrastructure as code implementation including ARM-based environment provisioning and execution. Finally, you’ll cover DevOps architecture blueprints used for deploying your web applications to different platforms .After reading this book, you will be able to understand each stage of Azure DevOps and master its implementation.WHAT YOU WILL LEARN* Understand the various concepts of Azure DevOps* Apply DevOps concepts in a variety of application contexts including web applications, containers, and database* Understand the implementation of end-to-end DevOps in Azure* Work with the different DevOps design patterns and architectures in AzureWHO IS THIS BOOK FOR:Developers and architects working with Azure.For over a dozen years AMBILY has worked on cloud adoption and accelerating software delivery through DevOps. As the head of Azure, DevOps, and UI practice at TCS HiTech Industry she supports major public and private sector companies across the globe in their cloud journey and DevOps implementation. Ambily blogs about her experiences and speaks at conferences to share what she has learned.Blog at https://ambilykk.com/CHAPTER 1: DEVOPS BASICS AND VARIATIONSCovers the basic concepts of DevOps and how the journey or explain the maturity model of DevOps in an organization. This roughly cover the concepts like DevOps Team, DevOps Practices,DevOps Variations- DevOps 1.0, DevOps 2.0, SecDevOps and Intelligent DevOpsCHAPTER 2: PROJECT MANAGEMENT USING AZURE DEVOPSThis chapter talks about organization and project. Start with creation of Azure DevOps organization, user management, Security policies, permissions, Azure AD integration, etc. Then, step into a single project and explain project level permissions, areas, iterations, process, etc.CHAPTER 3: REQUIREMENT MANAGEMENT USING AZURE DEVOPSExplain the usage of different work items like Epic, features, product backlog, spring backlog, etc. How the requirements are tracked in the systemCHAPTER 4: VERSION CONTROL USING AZURE DEVOPSExplain the version control system, possibilities to integrate with external systems, how to work offline and online mode, etc. Branching and merging strategy followed by various teams.CHAPTER 5: TEST MANAGEMENT USING AZURE DEVOPSThis chapter focus of the Test plans which should be executed to verify the implementations.CHAPTER 6: CONTINUOUS INTEGRATION AND BUILD AUTOMATIONDiscuss about the concept of Continuous Integration with the help of web application and database project. Also, explain more about the code quality and security implementations in build configuration.CHAPTER 7: RELEASE PIPELINE AND CONTINUOUS DEPLOYMENTThis chapter focus on the release pipeline and Infrastructure as a code implementation. Covers ARM based environment provisioning, execution of automated test scripts, implementation of quality gates and approval flows, and release to various environments.CHAPTER 8: CONTINUOUS FEEDBACK AND OTHER FEATURESExplains the Integration of AppInsights back to the DevOps backlog, alert configurations, collaboration features.CHAPTER 9: DEVOPS ARCHITECTURE BLUEPRINTSThis chapter covers architecture blueprints for commonly used Azure product catalogs.CHAPTER 10: DEVOPS FOR SUPPORT TEAMThis chapter covers more about the Swarming support model and various architecture options.
Pro Microsoft Power BI Administration
Manage Power BI within organizations. This book helps you systematize administration as Microsoft shifts Power BI from a self-service tool to an enterprise tool. You will learn best practices for many Power BI administrator tasks. And you will know how to manage artifacts such as reports, users, work spaces, apps, and gateways. The book also provides experience-based guidance on governance, licensing, and managing capacities.Good management includes policies and procedures that can be applied consistently and even automatically across a broad user base. This book provides a strategic road map for the creation and implementation of policies and procedures that support Power BI best practices in enterprises. Effective governance depends not only on good policies, but also on the active and timely monitoring of adherence to those policies. This book helps you evaluate the tools to automate and simplify the most common administrative and monitoring tasks, freeing up administrators to provide greater value to the organization through better user training and awareness initiatives.WHAT YOU WILL LEARN* Recognize the roles and responsibilities of the Power BI administrator* Manage users and their work spaces* Know when to consider using Power BI Premium* Govern your Power BI implementation and manage Power BI tenants* Create an effective security strategy for Power BI in the enterprise* Collaborate and share consistent views of the data across all users* Follow a life cycle management strategy for rollout of dashboards and reports* Create internal training resources backed up by accurate documentation* Monitor Power BI to better understand risks and compliance manage costs, and track implementation WHO THIS BOOK IS FORIT professionals tasked with maintaining their corporate Power BI environments, Power BI administrators and power users interested in rolling out Power BI more widely in their organizations, and IT governance professionals tasked with ensuring adherence to policies and regulationsÁSGEIR GUNNARSSON is a data platform MVP and Chief Consultant at Datheos. He works on business intelligence solutions using the whole of the Microsoft BI stack. Ásgeir has been working in BI since 2007 both as a consultant and internal employee. Before turning to BI, he worked as a technical trainer and he currently teaches BI courses at the Continuing Education Department of the University of Iceland. Ásgeir speaks regularly at events both domestic and internationally and is the group leader of the Icelandic PASS Group as well as the Icelandic Power BI user group. He is passionate about data and loves solving problems with BI.MICHAEL JOHNSON is a data platform MVP from Johannesburg, South Africa where he works as a business intelligence architect. Outside of work, Michael runs the local SQL Server User Group and provides Power BI presentations and training both locally and abroad.PART I. GOVERNANCE1. Introduction to Governance and Governance Strategies2. Power BI Licensing3. Collaboration4. Laws and Policies5. Application Lifecycle Management6. Training7. DocumentationPART II. ADMINISTRATION8. Introduction to Power BI Administration9. Managing the Tenant10. Administering Power BI Capacities11. Workspace Administration12. Managing Users and Security13. Datasets & Dataflows14. On-premises Data Gateway15. Power BI Administration Tools16. Monitoring
Artificial Neural Networks with TensorFlow 2
Develop machine learning models across various domains. This book offers a single source that provides comprehensive coverage of the capabilities of TensorFlow 2 through the use of realistic, scenario-based projects.After learning what's new in TensorFlow 2, you'll dive right into developing machine learning models through applicable projects. This book covers a wide variety of ANN architectures—starting from working with a simple sequential network to advanced CNN, RNN, LSTM, DCGAN, and so on. A full chapter is devoted to each kind of network and each chapter consists of a full project describing the network architecture used, the theory behind that architecture, what data set is used, the pre-processing of data, model training, testing and performance optimizations, and analysis.This practical approach can either be used from the beginning through to the end or, if you're already familiar with basic ML models, you can dive right into the application that interests you. Line-by-line explanations on major code segments help to fill in the details as you work and the entire project source is available to you online for learning and further experimentation. With Artificial Neural Networks with TensorFlow 2 you'll see just how wide the range of TensorFlow's capabilities are.WHAT YOU'LL LEARN* Develop Machine Learning Applications* Translate languages using neural networks* Compose images with style transferWHO THIS BOOK IS FORBeginners, practitioners, and hard-cored developers who want to master machine and deep learning with TensorFlow 2. The reader should have working concepts of ML basics and terminologies.POORNACHANDRA SARANG has 30+ years of IT experience and is an experienced author. His work has always focused on state-of-the-art and emerging technologies. He has provided consulting services to—Sun Microsystems, Microsoft, Oracle, and Hewlett-Packard. He has been a Ph.D. advisor for Computer Science and is currently on a Thesis Advisory Committee for students pursuing Ph.D. in Computer Engineering—setting the course curriculum for both under-graduate and post-graduate courses in Computer Science/Engineering. He has delivered seminars, written articles, and provided consulting recently on Machine Learning and Deep Learning. He maintains a machine learning blog at education.abcom.com. Chapter 1: TensorFlowIntroductionWhat's new in TensorFlow 2Chapter 2: A Quick Start on TensorFlowHello World for TensorFlow using Google ColabChapter 3: TensorFlow Keras Integrationtf.kerasImage ClassificationChapter 4: TensorFlow HubTransfer LearningTensorFlow Hub and KerasChapter 5: RegressionPredicting Continuous Value OutputChapter 6: EstimatorsSolving Classification Problems Using EstimatorsChapter 7: Distributed TrainingDescribing tf.distribute.StrategyChapter 8: TextText ClassificationGeneration with RNNChapter 9: Language TranslationThe seq2seq model for language translationChapter 10: Language UnderstandingUsing Transformer ModelChapter 11: Image CaptioningAttention-based model for captioning imagesChapter 12: Time Series ForecastingUsing RNNsForecasting a univariate/multivariate time seriesChapter 13: Style TransferComposing an image in the style of another imageChapter 14: Image Generation using GANIntroduction to GANGenerating images using a DCGANChapter 15: Image TranslationColorizing B&W images
Tweak Your Mac Terminal
Look beyond the basics of Mac programming and development to become a Mac power user. When most people think about the Mac, they think about the amazing graphical user interface macOS is known for. However, there is a whole world to explore beneath the hood. This book approaches working directly in the terminal with fun projects and ideas to help turn you into an advanced Mac user.You'll work with Brew (HomeBrew), which gives you the ability to install applications from Linux (and Unix) that can make the terminal more useful. This is important, because a lot of applications have been stripped out of macOS or deprecated. For example, Apple's built-in PHP is usually a major release behind. You'll also customize your terminal to change everything about it, making it your own. The whole world is about personalizing. Why put up with the Apple defaults?Once you have your terminal set up and ready to rock, you'll review the basics of programming on the Mac terminal. This will allow you to get a taste of power scripting. You'll discover the power of bash, PHP, and Python. And then you'll apply those tools to web development.Tweak Your Mac Terminal takes you on a journey into a world of the terminal and its hidden applications.WHAT YOU'LL LEARN* Customize the terminal to make it perfect for your needs* Develop web applications using basic coding skills in the terminal* Install HomeBrew and by extension Linux and Unix applicationsWHO THIS BOOK IS FORMac users who are already very familiar with the GUI and want to go further. This book will especially help starting IT professionals and beginning programmers.DANIEL PLATT is a software developer and system admin. Much of his time is spent writing code and setting up computers. He is a Senior Software Engineer at Comparison Technologies Ltd. and has spent a lifetime working with computers keeping on the bleeding edge of technology.Chapter 1: System Setup and Requirements· Introduction· Requirements· Installing XCode· ResourcesChapter 2: Basics of the Terminal· Where is the terminal· What is the terminal· Built-in manual· Text editor· What is a shell?· Moving around· The filesystemo Pwdo Cd· PermissionsChapter 3: Customizing Your Terminal· Customising the look (background/foreground colour)· Aliases· Paths· Ln – Aliases / shortcuts· PromptChapter 4: Built in Commands Provided by macOS· Lsof – Eject a drive with an open file· Which – where is your command?· Open· Say· Sysctl for system state· Compression – gz, zip· Finding content in files· Find a file name· Search and replace - Sed· Spot the difference in text files – Diff· Copy and paste· Built-in Psychotherapist (emacs)· Downloading files· Scheduling with launchd· Running processes· Sudo· Pretending website is somewhere else· Remote shellChapter 5: Brew· What brew is· Why use brew· Installing brew· Finding applications in brew· Installing applications from brew· Brew maintenance· When things go wrongChapter 6: Extra Applications· Tmux· Cowsay· Figlet· Lolcat· Archey· Linux utilities missing from macOS· head, tail· formatting xml, json files· grepChapter 7: Services· Using terminal to access content· Weather· Star WarsChapter 8: Oh My Zsh· What is oh My Zsh· Installation· Themes· PluginsChapter 9: Programming Languages· Bash· PHP· Python· Build a few simple terminal games in different languagesChapter 10: Web Development· Why· Nginx· MySQL· WordPress· Putting it liveChapter 11: Version Control· What is version control· Getting started· Using other repository· Publishing your repository· Using applicationChapter 12: Going Further· Replace terminal with iTerm2· Ideas for customising the terminal· Programming Languages
Red Hat and IT Security
Use Red Hat’s security tools to establish a set of security strategies that work together to help protect your digital data. You will begin with the basic concepts of IT security and DevOps with topics such as CIA triage, security standards, network and system security controls and configuration, hybrid cloud infrastructure security, and the CI/CD process. Next, you will integrate and automate security into the DevOps cycle, infrastructure, and security as code. You will also learn how to automate with Red Hat Ansible Automation Platform and about hybrid cloud infrastructure.The later chapters will cover hyper-converged infrastructure and its security, Red Hat Smart Management, predictive analytics with Red Hat Insights, and Red Hat security auditing to ensure best security practices. Lastly, you will see the different types of case studies with real-world examples.Red Hat and IT Security will help you get a better understanding of IT security concepts from a network and system administration perspective. It will help you to understand how the IT infrastructure landscape can change by implementing specific security best practices and integrating Red Hat products and solutions to counter against modern cybersecurity threats.WHAT YOU WILL LEARN● Understand IT infrastructure security and its best practices● Implement hybrid cloud infrastructure● Realign DevOps process into DevSecOps, emphasizing security● Implement automation in IT infrastructure services using Red Hat Ansible● Explore Red Hat Smart Management, predictive analytics, and auditingWHO THIS BOOK IS FORIT professionals handling network/system administration or the IT infrastructure of an organization. DevOps professionals and cybersecurity analysts would find the book useful.Rithik Chatterjee graduated as an electronics and telecommunications engineer. As he was interested in the networking domain, he completed his course in IT infrastructure management. Later on, he was accredited as a Red Hat Certified System Administrator and Red Hat Certified Engineer. Working for a startup, his responsibilities included network/system administration, IT security, information security, and DevOps. Having gained a better understanding of the IT landscape, his interest and goals leaned towards cybersecurity leading to his training and certification as an EC-Council Certified Ethical Hacker.His hobbies include landscape and wildlife photography, blogging, reading, and watching anime. To pursue his hobby of writing he developed his own blogging website (Inspirio Scripts), also encouraging budding authors like him to pen their thoughts.CHAPTER 1: INTRODUCTION TO IT SECURITYChapter Goal: Introduction to IT Security conceptsSub-Topics:Networking basicsSystem administration and IT InfrastructureStandardizing security in Red Hat Enterprise LinuxConclusionCHAPTER 2: RED HAT HYBRID CLOUD INFRASTRUCTUREChapter Goal: To understand the concepts and technologies related to cloud infrastructure and automating the security process.Sub - Topics:Basics of Cloud InfrastructureIntroduction to Hybrid Cloud ArchitectureOrchestration with Red Hat OpenShiftBuilding Hybrid Cloud with Red Hat Cloud SuiteCHAPTER 3: SECURITY IN DEVOPS AND AUTOMATIONChapter Goal: To grasp and gain a better understanding of the importance of security in DevOps and automation using Red Hat technologiesSub - Topics:Difference between DevOps and DevSecOpsAutomation with Red Hat Ansible Automation PlatformDevSecOps Integration with Red Hat OpenShiftInfrastructure as Code and Security as CodeBenefits of Red Hat ConsultingCHAPTER 4: RED HAT HYPERCONVERGED INFRASTRUCTUREChapter Goal: To learn about the advantages of using a hyper-converged infrastructure and how to ensure its security.Sub - Topics:What is a hyper-converged infrastructure?Red Hat Hyperconverged Infrastructure for VirtualizationOpen & Scalable Red Hat VirtualizationFlexibility with Red Hat Gluster StorageRed Hat Hyperconverged Infrastructure for CloudCloud Computing with Red Hat OpenStack PlatformScalability with Red Hat Ceph StorageHyperconverged Infrastructure Security best practicesCHAPTER 5: RED HAT SMART MANAGEMENT AND RED HAT INSIGHTSChapter Goal: To learn how to manage Red Hat Infrastructure across every environment and also learn about predictive analytics and how it improves the security of any infrastructureSub - Topics:Introduction to Red Hat SatelliteInfrastructure Controlling with Red Hat Smart ManagementLearn how to evaluate vulnerabilities and verify compliancePredictive analytics using Red Hat InsightsCHAPTER 6: RED HAT SECURITY AUDITINGChapter Goal: Learn about the importance and best practices of Security Auditing in Red Hat Enterprise LinuxSub - Topics:System AuditingRed Hat security auditing best practicesConclusionCHAPTER 7: CASE STUDIESChapter Goal: Learn about some of the real-world examples regarding IT Security and ramifications caused due to security negligence.Sub - Topics:Learn more about the real-world case studies related to some of the impacting IT and cybersecurity incidents and what the technological world has learned from them.
Daten- und Informationsqualität
Dieses Buch war das erste deutsche Buch zum Thema Daten- und Informationsqualität und ist mittlerweile ein Klassiker. Es wurde für die fünfte Auflage um neue Inhalte erweitert, aktualisiert und an zahlreichen Stellen überarbeitet. Von Wissenschaftlern und Praktikern geschrieben, präsentiert es den aktuellen Stand aus Forschung und Anwendung und ist somit ein Muss für alle IT-Profis.PROF. DR. KNUT HILDEBRAND ist als Hochschullehrer an der Hochschule Weihenstephan-Triesdorf mit dem Forschungsschwerpunkt Stammdatenqualität und Stammdatenmanagement tätig. Zudem war er Mitglied der Gesellschaft für Informations- und Datenqualität e.V. (DGIQ).DR. MARCUS GEBAUEr ist als Head of Department Information Technology bei der Hannover Rück AG tätig. Zudem war er Gründungsmitglied und Vorsitzender des Vorstands der Deutschen Gesellschaft für Informations- und Datenqualität e.V. (DGIQ).PROF. MICHAEL MIELKE ist Leiter Digitalisierung & Innovation DB AG, DB Training HD.l4, Leiter Campus 4.0 (www.campus40.de). Er lehrt Data Science an der FH Kiel, der HNU und der FOM und ist als Autor für die DIN ISO 8000 tätig, Zudem war er Gründungsmitglied und Präsident der Deutschen Gesellschaft für Informations- und Datenqualität e.V.Informationsqualität - Grundlagen - Methoden - Techniken - Management - Tools - Organisation - Data Governance - Praxisbeispiele
Getting Started with Containers in Google Cloud Platform
Deploy, manage, and secure containers and containerized applications on Google Cloud Platform (GCP). This book covers each container service in GCP from the ground up and teaches you how to deploy and manage your containers on each service.You will start by setting up and configuring GCP tools and the tenant environment. You then will store and manage Docker container images with GCP Container Registry (ACR). Next, you will deploy containerized applications with GCP Cloud Run and create an automated CI/CD deployment pipeline using Cloud Build. The book covers GCP’s flagship service, Google Kubernetes Service (GKE), and deployment of a Kubernetes cluster using clear steps and considering GCP best practices using the GCP management console and gcloud command-line tool. Also covered is monitoring containers and containerized applications on GCP with Cloud Monitoring, and backup and restore containers and containerized applications on GCP.By the end of the book, you will know how to get started with GCP container services and understand the fundamentals of each service and the supporting services needed to run containers in a production environment. This book also assists you in transferring your skills from AWS and Azure to GCP using the knowledge you have acquired on each platform and leveraging it to gain more skills.WHAT YOU WILL LEARN* Get started with Google Cloud Platform (GCP)* Store Docker images on GCP Container Registry * Deploy Google Kubernetes Engine (GKE) cluster* Secure containerized applications on GCP* Use Cloud Build to deploy containers * Use GCP Batch for batch job processing on KubernetesWHO THIS BOOK IS FORGoogle Cloud administrators, developers, and architects who want to get started and learn more about containers and containerized applications on Google Cloud Platform (GPC)SHIMON IFRAH is an IT professional with 15+ years of experience in the design, management, and deployment of information technology systems and networks. In recent years, he has been specializing in cloud computing and containerized applications on Microsoft Azure, Amazon AWS, and Google Cloud Platform (GCP). He holds more than 20 vendor certificates from Microsoft, AWS, VMware, and Cisco. During his career in the IT industry, he has worked for some of the largest managed services and technology companies in the world, helping them administer systems for the largest enterprises. He is based out of Melbourne, Australia. Chapter 1: Get Started with Google Cloud Platform (GCP)Chapter Goal: Setup and configure GCP tools and tenant environmentNo of pages: 40Sub -Topics1. Set up your Google Cloud Platform (GCP) tenant2. Understanding GCP projects3. Understanding cloud shell4. Secure and manage your GCP account (projects and more)5. GCP Services overviewChapter 2: Store and Manage Docker Container Images with GCP Container Registry (ACR)Chapter Goal: Here we learn how to Store Docker Container images on GCP Container registryNo of pages: 40Sub - Topics1. Setup GCP Container Registry2. Push Docker images to Container Registry3. Pull images from GCP Container Registry4. Manage and secure GCP Container RegistryChapter 3: Deploy Containerized Applications with GCP Cloud RunChapter Goal: This chapter explains how to deploy containers and containerized applications on GCP cloud runNo of pages: 40Sub - Topics:1. Set up GCP cloud run 2. Deploy containers with cloud run3. Use cloud build and git to deploy containers4. Scale containerized applications on cloud run5. Monitor and manage containerized applications on cloud runChapter 4: Deploy Containerized Applications with Google Kubernetes Engine (GKE)Chapter Goal: This chapters explains how to deploy containers and containerized applications with GKENo of pages:Sub - Topics:1. Getting started with GKE2. Setup and configure GKE networking and storage3. Deploy Kubernetes dashboard (Web UI) on GKE4. Manage and secure GKE5. Run Batch jobs on Kubernetes with batch (beta)Chapter 5: Deploy Docker Containers on GCP Compute EngineChapter Goal: This chapter explains how to deploy containers and containerized applications on GCP compute engineNo of pages: 40Sub - Topics:1. Install Docker container host on Ubuntu Linux VM2. Install Docker container host on Windows server 2019 VM3. Deploy containers on GCP compute engine using GCP container-optimized OSChapter 6: Secure your GCP Environment and ContainersChapter Goal: This chanpters explains how to secure and protect containers and containerized applications on GCPNo of pages: 40Sub - Topics:1. Introduction to GCP identify infrastructure2. Setup organization policies3. Roles, service accounts and auditing capabilities4. GCP networking and firewalls configurationChapter 7: Scale Containers and Containerized Applications on GCPChapter Goal: This chapter explains how to scale containers and containerized applications on GCPNo of pages: 40Sub - Topics:1. Scale Google Kubernetes Service (GKE)2. Scale cloud run and cloud build containers3. Scale GCP Container Registry4. Scale compute engine hosts and containersChapter 8: Monitor Containers and Containerized Applications on GCP with Stackdriver MonitoringChapter Goal: Learn how to Monitor Containers and Containerized Applications on GCPNo of pages: 40Sub - Topics:1. Monitor Google Kubernetes Service (GKE)2. Monitor cloud run containers3. Monitor compute engine resources4. GCP cost management and toolsChapter 9: Backup and Restore Containers and Containerized Applications on GCPChapter Goal: This chapter explains how to backup and restore containers and containerized applications on GCPNo of pages: 40Sub - Topics:1. Backup persistent storage disks2. Backup compute engine resources3. Manage cloud storage and file storeChapter 10: Troubleshooting Containers and Containerized Applications on GCPChapter Goal: This chapters explains how to troubleshoot containers and containerized applications issues on GCPNo of pages: 40Sub - Topics:1. Troubleshoot Google Kubernetes Service (GKE)2. Troubleshoot cloud run and cloud build deployments3. Troubleshoot GCP Container Registry5. Troubleshoot compute engine resource
Datengetriebenes Qualitätsmanagement
Die Gesellschaft für Qualitätswissenschaft e.V. GQW hat sich seit ihrer Gründung im Dezember 1994 dem Ziel verschrieben, die Qualitätswissenschaft in Lehre und Forschung zu fördern und den Wissenstransfer in die industrielle Anwendung zu unterstützen. Seit 1998 werden hierzu im Rahmen von Jahrestagungen Forschungs- und Entwicklungsergebnisse vorgestellt, die für die Qualitätswissenschaft aktuelle und relevante Themen aufgreifen. Die Jahrestagung 2019 der Gesellschaft für Qualitätswissenschaft e.V. (GQW) fand unter der Leitung von Prof. Dr.-Ing. Robert H. Schmitt am 30. Oktober in Aachen statt. Der Themenschwerpunkt adressierte die Potenziale der gesteigerten Datenverfügbarkeit und von Data Analytics für die Qualitätswissenschaft. Der Tagungsband beinhaltet die eingereichten und begutachteten Beiträge, die im Rahmen der Tagung präsentiert worden sind.
Penetration Testing mit mimikatz
- Penetration Tests mit mimikatz von Pass-the-Hash über Kerberoasting bis hin zu Golden Tickets - Funktionsweise und Schwachstellen der Windows Local Security Authority (LSA) und des Kerberos-Protokolls - Alle Angriffe leicht verständlich und Schritt für Schritt erklärt mimikatz ist ein extrem leistungsstarkes Tool für Angriffe auf das Active Directory. Hacker können damit auf Klartextpasswörter, Passwort-Hashes sowie Kerberos Tickets zugreifen, die dadurch erworbenen Rechte in fremden Systemen ausweiten und so die Kontrolle über ganze Firmennetzwerke übernehmen. Aus diesem Grund ist es wichtig, auf Angriffe mit mimikatz vorbereitet zu sein. Damit Sie die Techniken der Angreifer verstehen und erkennen können, zeigt Ihnen IT-Security-Spezialist Sebastian Brabetz in diesem Buch, wie Sie Penetration Tests mit mimikatz in einer sicheren Testumgebung durchführen. Der Autor beschreibt alle Angriffe Schritt für Schritt und erläutert ihre Funktionsweisen leicht verständlich. Dabei setzt er nur grundlegende IT-Security-Kenntnisse voraus. Sie lernen insbesondere folgende Angriffe kennen: Klartextpasswörter aus dem RAM extrahieren Authentifizierung ohne Klartextpasswort mittels Pass-the-Hash Ausnutzen von Kerberos mittels Overpass-the-Hash, Pass-the-Key und Pass-the-Ticket Dumpen von Active Directory Credentials aus Domänencontrollern Erstellen von Silver Tickets und Golden Tickets Cracken der Passwort-Hashes von Service Accounts mittels Kerberoasting Auslesen und Cracken von Domain Cached Credentials Darüber hinaus erfahren Sie, wie Sie die Ausführung von mimikatz sowie die Spuren von mimikatz-Angriffen erkennen. So sind Sie bestens gerüstet, um Ihre Windows-Domäne mit mimikatz auf Schwachstellen zu testen und entsprechenden Angriffen vorzubeugen. Aus dem Inhalt: Sichere Testumgebung einrichten Grundlagen der Windows Local Security Authority (LSA) Funktionsweise des Kerberos-Protokolls Passwörter und Hashes extrahieren: Klartextpasswörter NTLM-Hashes MS-Cache-2-Hashes Schwachstellen des Kerberos-Protokolls ausnutzen: Ticket Granting Tickets und Service Tickets Encryption Keys Credentials des Active Directorys mimikatz-Angriffe erkennen Invoke-Mimikatz und weiterführende Themen Praktisches Glossar
Asp.Net Core and Azure with Raspberry Pi 4
Take your Raspberry Pi further with Asp.net and Microsoft Azure. Run .Net Core applications on Raspberry Pi and turn your Pi into an IoT hub or use it for Edge and Central computing.The future leans towards IoT. We live in a world where everything is connected. Running the Raspberry PI with .Net core applications opens a world of possibilities. Asp.Net Core offers an amazing open-source web framework that enables you to build cloud-ready IoT apps. What if we add the power of Microsoft Azure to it? You’ll be able to use the power of Asp.Net Core and Microsoft Azure with your Pi!Once the initial setup is complete, you'll move on to a real-world scenario—running your applications inside a Raspberry Pi. Develop an application that sends automated data to the Microsoft Azure IoT hub then retrieve it using the Azure extensions we have. You will also set up the Azure IoT Edge and Azure IoT Central to make our application ready for production scenarios.You will:• Set up Raspbian OS on the Raspberry Pi• Develop a .Net core application and run it in the Pi• Create and use Azure resources such as Azure IoT Hub, Azure IoT Edge, and Azure IoT CentralSIBEESH VENU is a passionate learner and writer and advocates life-long learning. He has been awarded Most Valuable Professional from Microsoft 5 times for Azure and Developer Technologies. He’s the author of more than 400 articles in his blog sibeeshpassion.com.Chapter 1: Getting to Know Your Raspberry PI : In this chapter we will learn about the Raspberry PI and its features.· About the design· Capacity· Ports· Cables· AdditionalChapter 2: Introduction to Windows 10 IoT Core : In this chapter we will discover features of Windows 10 IoT Core· History· Revisions· Features· Other possible optionsChapter 3: Setting Up Windows 10 IoT Core on Raspberry PI 4· Initial downloads and prerequisites· Set up· Image files· IoT Core dashboard tools and featuresChapter 4: Developing a Background Application for Windows 10 IoT Core: In this chapter we will develop an application in Visual Studio· Tools· CodesChapter 5: Install A Custom Background Application on Raspberry PI· Ways to install applicationso Using dashboard applicationo Using FFUo What is FFUChapter 6: Setting Up Azure Resources: In this chapter we will set up our Azure resources· What are Azure resource groupso Best practice for naming conventionso Cost analysis· Azure IoT Hubo What is IoT Hub?o Adding deviceso Set up· Azure Signal R· Azure Functionso Develop appo Deploy appo What is Azure Func· Configure Signal Ro Develop appo Deployo BroadcastChapter 7: Configure Everything and Demo
Excel Portable Genius
YOUR GENIUS-LEVEL GUIDE TO EXCEL EXCELLENCEExcel Portable Genius covers the key features of Microsoft Excel in a concise, fast-paced, portable format that provides the perfect quick and easy-to-follow reference for novices and experienced users alike. Written by seasoned tech expert and trainer Lisa A. Bucki, it answers the nine key questions Excel users are most likely to face in their work and adds some hot tips and advice on this incredibly useful—but sometimes difficult-to-learn—program's lesser-known features.* Build formulas to perform powerful calculations* Format data to make it easy to find interpret and to highlight key results* Sort and filter to organize or display specific information* Chart data to pinpoint changes and identify trends* Communicate results by printing and sharingComplete with a comprehensive index and extensive illustrations complementing straightforward instructions, this is the ideal guide to mastery of the world's most popular spreadsheet program.LISA A. BUCKI is an author, trainer, and content creator who's been educating others about computers and software since 1990. She's written dozens of books, provided marketing and training services to her clients, and written online tutorials. She is the co-founder of 1x1 Media.Fun, hip, and straightforward, the Portable Genius series gives forward-thinking computer users useful information in handy, compact books that are easy to navigate and don't skimp on the essentials. Collect the whole series and make the most of your digital lifestyle.Acknowledgments viiIntroduction xivCHAPTER 1 HOW DO I START USING EXCEL? 2Starting and Exiting Excel 4Taking a Look Around 5Reviewing key screen features 5Workbooks versus worksheets 8Changing views 8Zooming 10Working with Files 11Creating a blank file 11Exploring templates 12Opening an existing file 13Switching to another file 14Making Your First Cell Entries 16Moving around the sheet 16Text and values 17Dates and times 19Number formatting on the fly 20Making Selections 21Understanding cells and ranges 22Selecting a range 22Selecting a row or column 23Working with Sheets 24Adding, renaming, and jumping to a sheet 25Moving or copying a sheet 26Saving and Closing a File 27CHAPTER 2 HOW DO I MAKE CHANGES TO MY SHEET? 30Cell Editing Basics 32Making changes 32Commenting when editing 33Clearing cell contents 33Using Undo and Redo 34Spell-checking your work 35Copying or Moving a Range 35Using Paste Special 37Using Auto Fill and Filling Series 38Inserting and Deleting Rows, Columns, and Cells 41Creating Range Names 44Using the Name box 45Using the New Name dialog box 46Assigning multiple range names at once 47Deleting a range name 48Using Find and Replace 50Freezing Rows and Columns On-Screen 51CHAPTER 3 HOW DO I ADD UP THE NUMBERS WITH FORMULAS? 54Entering a Basic Formula 56Typing the formula 56Cell and range references in formulas 57Using the mouse to save time 58Dealing with minor errors 60Learning More About Operators 60Understanding Order of Precedence 63How order of precedence works 63Using parentheses in formulas 64Making a Cell or Range Reference Absolute Rather Than Relative 66Changing the reference type in a formula 66How referencing works when filling, copying, or moving a formula 67Showing Formulas in Cells 69Using Other Formula Review Techniques 70CHAPTER 4 WHEN DO I NEED TO INCLUDE A FUNCTION? 72Understanding Functions 74Using AutoSum on the Home or Formulas Tab 74Typing a Function in a Formula 77Using the Formulas Tab to Insert a Function 79Choosing from the Function Library 79Using Insert Function to find a function 82Using Range Names in Formulas 83Reviewing Some Essential Functions 84CHAPTER 5 HOW DO I USE FORMATTING TO ENHANCE MY WORKSHEET? 90Changing the Number or Date Format 92Using number formats 94Using date and time formats 96Using special and custom formats 96Changing Cell Formatting 99Applying font formatting 100Applying alignment formatting 103Working with Borders and Shading 105Using Styles 107Clearing Formatting 109Understanding Themes 109Reviewing elements of a theme 109Changing themes 110Changing theme colors, fonts, and effects 111Working with Column Width and Row Height 113Using Conditional Formatting to Highlight Information 115CHAPTER 6 HOW DO I USE GRAPHICS IN EXCEL? 118Inserting Simple Graphics 120Shapes 120Pictures 122Icons 126Selecting and Formatting Graphics 127Adding text to shapes 128Changing styles 129Changing sizing and position 132Working with layering, alignment, and rotation 134Inserting WordArt 136Combining and Creating Your Own Graphics 138Creating and Working with SmartArt 141Adding a SmartArt graphic 141Editing and rearranging shapes 143Changing the graphic type and formatting 144Deleting a Graphic 145Adding a Background Image 146CHAPTER 7 HOW DO I MANAGE LISTS OF INFORMATION? 148Arranging a List in Excel 150Cleaning Up Data 152Using Flash Fill 152Using Text to Columns 155Removing duplicates and consolidating 157Sorting, Filtering, and Subtotaling Lists of Information 159Sorting and filtering a list 160Subtotaling a sorted list 162Understanding Excel’s Table Feature 163Converting a range to a table 164Importing or connecting to a list of data 166Changing table styles 168Resizing a table 169Renaming a table 170Sorting and Filtering a Table 170Using Table Calculations 170Adding a calculated column 171Adding a total row 173Converting a Table Back to a Range of Regular Cells 174CHAPTER 8 HOW DO I PRESENT MY DATA IN CHARTS? 176Charts and Their Role in Your Workbooks 178Chart Types 179Creating a Chart 180Changing the Chart Type and Layout 184Formatting Chart Elements 186Changing the Charted Data 189Moving a Chart to Its Own Sheet and Deleting a Chart 190Using Special Charts: Sparklines, PivotTables, and Maps 192CHAPTER 9 HOW DO I PRINT AND SHARE MY CONTENT? 194Creating Headers and Footers 196Changing Page Settings 199Margins 199Orientation and paper size 200Scaling 201Changing Sheet Settings 201Adding print titles 201Controlling whether gridlines and other features print 203Working with Page Breaks 203Setting a print area 204Viewing and moving breaks 204Previewing a Printout and Printing 206Other Ways to Share Information 207Exporting a PDF 208Using OneDrive 209Index 212
OneNote, Teams und mehr smarte Tools für den vernetzten Alltag mit OneDrive
- Mit OneNote & Teams effizient organisieren und kommunizieren- Programm- und geräteübergreifend arbeiten – Synergien nutzenOb privat oder im Büro, ob für Schüler, Lehrer oder Studenten: Eine Reihe kleiner und meist kostenloser Programme steht bereit, um Ihren Alltag leichter und effizienter zu gestalten. Vom simplen Einkaufszettel über das Organisieren von Besprechungen bis zum komplexen Informationsaustausch erweisen sich diese oft unterschätzten Apps als nützliche Helfer. In diesem Buch lernen Sie mehrere dieser praktischen Werkzeuge kennen und erfahren, wie sie perfekt in Ihren Microsoft-Workflow passen. Anschaulich erklären die Autoren die Einstellungsmöglichkeiten und Varianten der Programme im Detail und zeigen, wie Sie die Tools miteinander verknüpfen, um schlaue Synergien zu nutzen. Organisieren Sie sich mit den Apps auf PC, Laptop, Tablet und Smartphone, um überall und jederzeit produktiv sowie stressfrei arbeiten zu können. Sowohl Einsteiger als auch Fortgeschrittene werden von den zahlreichen Tipps und Tricks rund um OneNote, Teams, OneDrive, Sticky Notes, IFTTT & Co. profitieren. Schneller Erfolg ohne Kopfzerbrechen ist garantiert!Aus dem Inhalt:- Mit OneNote Notizen synchron auf PC, Smartphone und Tablet verwalten – von der simplen Liste bis zu komplexen Wiki-Inhalten- Kommunikation und Datenaustausch mit Microsoft Teams- Aufgaben bzw. Einkaufslisten mit ToDo anlegen- Digitale Post-its mit Sticky Notes nutzen- Schnelle Bildschirmfotos und Sprachaufnahmen erstellen- Mit dem Cloud-Speicher OneDrive immer alle Daten griffbereit haben- Office Lens zum Scannen von Dokumenten verwenden- Maße, Einheiten und Währungen schnell umrechnen - Programmübergreifend arbeiten und dafür alle Tools miteinander verknüpfen - Mit IFTTT auch dort Verbindungen schaffen, wo auf den ersten Blick keine sind- Effizienter Datenaustausch zwischen PC, Tablet und Smartphone - Im Team mit anderen zusammenarbeiten – ob im Büro, in der Schule oder in Ihrer Freizeit
Spiele programmieren mit Unity
* 2D- UND 3D-SPIELE SELBST ENTWICKELN* LANDSCHAFTEN UND GEBÄUDE GESTALTEN SOWIE FIGUREN ANIMIEREN * WICHTIGE C#-PROGRAMMIER-ELEMENTE KENNENLERNEN UND ANWENDENUnity ist eine sehr beliebte Spiele-Engine, mit der du eigene 3D-Spiele entwickeln kannst. Der erfahrene Kids-Autor Hans-Georg Schumann zeigt dir, wie du mit Unity und der Programmiersprache C# schnell zu beeindruckenden Ergebnissen kommst.Schritt für Schritt lernst du, wie du Figuren durch die Welt wandern und auch gegen gefährliche Gegner kämpfen lässt. Du erstellst Landschaften mit Bäumen und Seen, gestaltest und animierst eigene Charaktere, und lernst ganz nebenbei das Programmieren in C#. Das Unity-Partikelsystem erzeugt tolle Effekte mit Licht und Schatten, die dem Spiel das nötige Reality-Gefühl geben. Und alles, was du zum Programmieren deiner Spiele brauchst, findest du auch zum Download.AUS DEM INHALT:* Unity starten und ein erstes kleines Kollisionsspiel erstellen* In die Script-Programmierung mit C# einsteigen* Einen Charakter entwerfen und ihm Eigenschaften geben* Ein Jump & Run-Spiel entwickeln* Das Prinzip von 3D verstehen und die Spielfläche mit Bäumen und Wasser gestalten* Ganze Bauwerke entstehen lassen* Die Figur klettern, schwimmen und sogar tauchen lehren* Eine Fantasie-Kreatur entwerfen und durch Animation lebendig werden lassen* Strahlen, Partikel und Sound einbinden* Künstliche Intelligenz nutzen* Energiekontrolle und andere Features aufrüsten* Installationshilfe und Fehlerbehebung Hans-Georg Schumann war Informatik- und Mathematiklehrer an einer Gesamtschule. Er hat viele erfolgreiche Bücher in der mitp-Buchreihe »... für Kids« geschrieben.
Windows 10 - Leichter Einstieg für Senioren
Nachvollziehbare Erklärungen zu Windows 10 in aktueller Auflage.Windows-Experte Günter Born führt Sie leicht verständlich und anschaulich in das aktuelle Windows ein – inklusive der Neuheiten des aktuellen Herbst-Updates.Schritt für Schritt machen Sie sich mit den Grundlagen des Betriebssystems und weiterer Anwendungen vertraut.Sie schreiben Mails, surfen im Internet, sichern Ihre Daten, hören Musik, verwalten und bearbeiten Fotos und passen die Windows-Einstellungen nach Ihren Wünschen an – auf dem PC, Notebook oder Tablet.Aus dem Inhalt:Die ersten Schritte mit Windows 10Die Neuerungen des Herbst-2020-UpdatesLaufwerke, Ordner und DateienDer Umgang mit ProgrammenMit Texten arbeitenFotos verwalten und bearbeitenSpiele und UnterhaltungInternet und E-MailKontakte, Termine und mehrWindows anpassenInhalt & Leseprobe (PDF-Link)
Beginning Java MVC 1.0
Get started with using the new Java MVC 1.0 framework for model, view, and controller development for building modern Java-based web, native, and microservices applications.Beginning Java MVC teaches you the basics, then dives in to models, views, controllers. Next, you learn data binding, events, application types, view engines, and more. You will be given practical examples along the way to reinforce what you have learned. Furthermore, you'll work with annotations, internationalization, security, and deployment.After reading this book, you'll have the know how to build your first full Java-based MVC application.WHAT YOU WILL LEARN* Discover the Java MVC 1.0 APIs and how to use themMaster the Model, View and Controller design pattern * Carry out data binding * Write events* Work with view enginesWHO THIS BOOK IS FORThose new to Java MVC 1.0. Some prior experience with Java programming recommended, especially with JSF or Struts. Peter Späth graduated in 2002 as a physicist and soon afterwards became an IT consultant, mainly for Java-related projects. In 2016 he decided to concentrate on writing books, with his main focus set on software development. With two books about graphics and sound processing and two books for Android and Kotlin programming, his new book addresses beginning Jakarta EE developers willing to develop enterprise-level Java applications with Java EE 8.1. About MVC - Model, View, Controller* History of MVC* MVC in Web Applications* MVC for Java* Finally, Java MVC (JSR-371)* Why MVC* Where is Hello World?2. Prerequisite - Jakarta EE / Java EE* The Nature of Java for Enterprise Applications* Glassfish, a Free Java Server* Using a Preinstalled Java Server* Learning Java for Enterprise Applications* RESTful Services3. Development Workflow* Using Gradle as a Build Framework* Using Eclipse as an IDE* More About Gradle* Developing Using the Console* Installing MVC4. Hello World for Java MVC* Starting The Hello World Project* The Hello World Model* The Hello World View* The Hello World Controller* Using Gradle to Build Hello World* Starting a Jakarta EE Server* Deploying and Testing Hello World5. Start Working With Java MVC* Handling User Input From Forms* Exception Handling in Java MVC* Non-String Post Parameters6. In-Depth Java MVC* The Model* The View: JSPs* The View: Facelets* The Controller7. In-Depth Java MVC - Part II* Injectable Context* Persisating State* Dealing With Page Fragments* Observers* Configuration8. Internationalization* Language Resources* Adding Localized Messages to the Session* Formatting of Data in the View* Using JSF for Formatting* Localized Data Conversion9. Java MVC and EJBs* About Session EJBs* Defining EJBs* Accessing EJBs* EJB Projects* EJBs with Dependencies* Asynchronous EJB Invocation* Timer EJBs10. Connecting Java MVC to a Database* Abstracting Away Database Access With JPA* Setting up a SQL Database* Creating a DataSource* Preparing the Member Registration Application* Adding EclipseLink as ORM* Controllers* Adding Data Access Objects* Updating the View* Adding Entities* Adding Relations11. Logging Java MVC Applications* System Streams* JDK Logging in Glassfish* Using JDK Standard Logging For Other Servers* Adding Log4j Logging to Your Application12. A Java MVC Example Application* The BooKlubb Database* The BooKlubb Eclipse Project* The BooKlubb Infrastructure Classes* Configure BooKlubb Database Access* The BooKlub Internationalization* The BooKlubb Entity Classes* BooKlubb Database Access Via DAOs* The BooKlubb Model* The BooKlubb Controller* The BooKlubb View* Deploying and Testing BooKlubbAppendix* Solutions to The Exercises