Allgemein
Cloud Computing Solutions
CLOUD COMPUTING SOLUTIONSTHE MAIN PURPOSE OF THIS BOOK IS TO INCLUDE ALL THE CLOUD-RELATED TECHNOLOGIES IN A SINGLE PLATFORM, SO THAT RESEARCHERS, ACADEMICIANS, POSTGRADUATE STUDENTS, AND THOSE IN THE INDUSTRY CAN EASILY UNDERSTAND THE CLOUD-BASED ECOSYSTEMS.This book discusses the evolution of cloud computing through grid computing and cluster computing. It will help researchers and practitioners to understand grid and distributed computing cloud infrastructure, virtual machines, virtualization, live migration, scheduling techniques, auditing concept, security and privacy, business models, and case studies through the state-of-the-art cloud computing countermeasures. This book covers the spectrum of cloud computing-related technologies and the wide-ranging contents will differentiate this book from others. The topics treated in the book include:* The evolution of cloud computing from grid computing, cluster computing, and distributed systems;* Covers cloud computing and virtualization environments;* Discusses live migration, database, auditing, and applications as part of the materials related to cloud computing;* Provides concepts of cloud storage, cloud strategy planning, and management, cloud security, and privacy issues;* Explains complex concepts clearly and covers information for advanced users and beginners.AUDIENCEThe primary audience for the book includes IT, computer science specialists, researchers, graduate students, designers, experts, and engineers who are occupied with research. SOUVIK PAL is an associate professor in the Department of Computer Science and Engineering at Sister Nivedita University (Techno India Group), Kolkata, India. He has edited about 15 books and published numerous articles in research journals. His research area includes cloud computing, big data, internet of things, wireless sensor network, and data analytics.DAC-NHUONG LE OBTAINED HIS PHD in computer science from Vietnam National University, Vietnam in 2015. He is Deputy-Head of the Faculty of Information Technology, Haiphong University, Vietnam. His area of research includes evaluation computing and approximate algorithms, network communication, security and vulnerability, network performance analysis and simulation, cloud computing, IoT, and image processing in biomedicine. He has more than 50 publications and edited/authored 15 computer science books. PRASANT KUMAR PATTNAIK, PHD is a professor at the School of Computer Engineering, KIIT Deemed to be University, Bhubaneswar, India. He has published many research papers in peer-reviewed international journals and conferences and has authored many computer science books in the fields of data mining, robotics, graph theory, Turing machine, cryptography, security solutions in cloud computing, mobile computing, and privacy preservation. List of Figures xviiList of Tables xixForeword xxiPreface xxiiiAcknowledgments xxvAcronyms xxviiPART I: CLOUD COMPUTING ARCHITECTURE 11 BASICS OF CLOUD COMPUTING 3Souvik Pal, Dac-Nhuong Le, Prasant Kumar Pattnaik1.1 Evolution of Cloud Computing 41.2 Cluster Computing 71.2.1 The Architecture of Cluster Computing Environment 71.2.2 Components of Computer Cluster 81.3 Grid Computing 91.3.1 Grid-Related Technologies 101.3.2 Levels of Deployment 111.3.3 Architecture of Grid Computing Environment 131.4 Mobile Computing 161.4.1 Characteristics of Mobile Computing 171.4.2 Characteristics of Mobile Networks 171.5 Summary 18Exercises 18References 192 INTRODUCTION TO CLOUD COMPUTING 21Souvik Pal, Dac-Nhuong Le, Prasant Kumar Pattnaik2.1 Definition of Cloud Computing 222.2 Characteristics of Cloud 222.2.1 Elasticity and Scalability 232.2.2 Metered and Billing of Service 232.2.3 Self-Service Allocation of Resources 232.2.4 Application Programming Interface (APIs) 242.2.5 Efficiency Measurement Service 242.2.6 Device and Location Interdependency 242.2.7 Customization 242.2.8 Security 252.3 Cloud Computing Environment 252.3.1 Access to Supporting Business Agility 252.3.2 Minimizing Investment Expenditures 252.3.3 Public Cloud Computing Environment 252.3.4 Private Cloud Computing Environment 262.3.5 Hybrid Cloud Computing Environment 272.3.6 Community Cloud Computing Environment 272.4 Cloud Services 282.4.1 Resources as a Service (RaaS) 282.4.2 Infrastructure as a Service (IaaS) 282.4.3 Platform as a Service (PaaS) 292.4.4 Software as a Service (SaaS) 302.4.5 Network as a Service (NaaS) 312.4.6 Desktop as a Service (DaaS/VDI) 322.4.7 Recovery as a Service (DRaaS) 322.5 Security Paradigms and Issues of Cloud Computing 322.6 Major Cloud Service Providers 332.6.1 IaaS CSPs 332.6.2 PaaS CSPs 352.6.3 SaaS CSPs 352.7 Summary 35Exercises 36References 373 ARCHITECTURAL FRAMEWORK FOR CLOUD COMPUTING 39Souvik Pal, Dac-Nhuong Le, Prasant Kumar Pattnaik3.1 Challenges of Cloud Computing Environment 403.2 Architectural Framework for Cloud Computing 413.2.1 Service-Oriented Architecture (SOA) 413.2.2 SOA Characterization 423.2.3 Life Cycle of Services in SOA 433.2.4 Integrating SOA and the Cloud 453.2.5 Cloud Architecture 463.3 Architectural Workflow and Co-ordination of Multiple Activities 493.3.1 Characteristics of Workflow 503.3.2 Need for Workflow 503.4 Examples of Workflow Tools 523.5 Summary 53Exercises 53References 544 VIRTUALIZATION ENVIRONMENT IN CLOUD COMPUTING 57Souvik Pal, Dac-Nhuong Le, Prasant Kumar Pattnaik4.1 Introduction 584.1.1 Need of Virtualization in Cloud Computing Environment 584.1.2 Virtualization versus Traditional Approach 584.2 Virtualization and Virtual Machine 594.2.1 Advantages of Virtualization Technique in Cloud Computing Environment 604.2.2 Category of Virtual Machine 614.3 Virtualization Model for Cloud Computing 644.3.1 Distributed Resources of Physical Hosts 654.3.2 Hypervisor Monitoring Environment (HME) 654.3.3 Platform Service 664.3.4 Software Service 664.3.5 Broker Service 674.3.6 Business Service 674.4 Categorization of Guest OS Virtualization Techniques 684.4.1 Full Virtualization 684.4.2 Paravirtualization 694.4.3 Hardware-Assisted Virtualization 704.5 Mapping Technique of Virtual Machine to Physical Machine in a Private Cloud 714.6 Drawbacks of Virtualization 724.7 Summary 73Exercises 74References 755 CLASSIFICATION OF VIRTUALIZATION ENVIRONMENT 77Souvik Pal, Dac-Nhuong Le, Prasant Kumar Pattnaik5.1 Introduction 785.2 Classification 785.2.1 Scheduling-Based Environment 795.2.2 Load Distribution-Based Environment 805.2.3 Energy-Aware-Based Environment 815.2.4 Operational-Based Environment 825.2.5 Distribution Pattern-Based Environment 855.2.6 Transaction-Based Environment 865.3 Summary 87Exercises 87References 88PART II: CLOUD COMPUTING DATA STORAGE 916 AN APPROACH TO LIVE MIGRATION OF VIRTUAL MACHINES IN CLOUD COMPUTING ENVIRONMENT 93Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik6.1 Introduction 946.2 Need of Live Migration of Virtual Machine 946.3 Advantages of Live Migration 946.4 A Design Approach to Live Migration 956.4.1 Live Migration Process 976.5 Security Issues 996.5.1 Possible Attacks 996.5.2 Solutions 1006.6 Summary 100Exercises 100References 1017 RELIABILITY ISSUES IN CLOUD COMPUTING ENVIRONMENT 103Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik7.1 Introduction 1047.1.1 Research Problem Statement 1057.1.2 Research Aim 1057.1.3 Research Question 1057.2 Literature Review 1067.2.1 Cloud Service Models 1077.2.2 Elements of Reliable Cloud Computing 1087.2.3 Cloud Computing Gaps and Concerns 1097.2.4 Trends in Cloud Computing 1107.3 Reliability Issues in Cloud Computing Research 1117.3.1 Research Methodology 1117.3.2 Research Strategy 1117.3.3 Data Collection 1127.3.4 Sampling 1127.3.5 Data Analysis and Findings 1127.4 Findings 1147.4.1 Lack of Effort to Address Reliability and Availability Issues 1147.4.2 Performance Issues 1157.4.3 Privacy Issues 1157.5 Summary 115Exercises 116References 1168 CLOUD DATABASE 123Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik8.1 Introduction 1248.2 Non-Relational Data Models 1248.2.1 Transactions in Cloud Databases 1258.2.2 Advantages of Cloud Database 1258.3 Heterogeneous Databases in DaaS 1268.3.1 Relational and Non-Relational Database 1268.3.2 Centralized and Distributed Database 1268.3.3 Structured and Unstructured Database 1278.3.4 Infrastructure-Based and Infrastructureless Databases 1278.3.5 SQL-Based and NoSQL-Based Databases 1288.4 Study of a Document-Oriented Cloud Database - MongoDB 1298.4.1 Data Model 1298.4.2 Replication 1298.4.3 Sharding 1308.4.4 Architecture 1318.4.5 Consistency 1328.4.6 Failure Handling 1328.5 CAP Theorem for Cloud Database Transaction 1328.6 Issues in Live Migration of Databases in Cloud 1338.7 Cloud Database Classification Based on Transaction Processing 1348.7.1 ACID-Based Cloud Database 1348.7.2 NoACID-Based Cloud Database 1358.8 Commercially Available Cloud Database Platform 1368.8.1 Amazon Web Services 1378.8.2 Microsoft Windows Azure 1388.8.3 Google App Engine 1388.9 Summary 138Exercises 138References 1409 CLOUD-BASED DATA STORAGE 143Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik9.1 Relevant Hadoop Tools 1449.2 Hadoop Distributed File System (HDFS) 1459.2.1 HDFS Architecture 1459.2.2 Data Read Process in HDFS 1469.2.3 Data Write Process in HDFS 1479.2.4 Authority Management of HDFS 1489.2.5 Limitations of HDFS 1489.3 Data Mining Challenges with Big Data 1499.4 MapReduce 1519.4.1 MapReduce Architecture 1519.4.2 MapReduce Procedure 1529.4.3 Limitations of MapReduce 1539.5 Next Generation of MapReduce: YARN 1549.5.1 YARN Compared to MapReduce 1.0 (MRv1) 1559.5.2 YARN and MapReduce 2.0 (MRv2) 1569.5.3 YARN Architecture 1569.5.4 Advantages of YARN 1599.6 Classification of Data Mining Systems 1609.6.1 Classification According to Kind of Databases Mined 1609.6.2 Classification According to Kind of Knowledge Mined 1609.6.3 Classification According to Kind of Techniques Utilized 1619.6.4 Classification According to the Applications Adapted 1619.7 Summary 162Exercises 162References 16310 AUDITING CONCEPT IN CLOUD COMPUTING 165Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik10.1 Introduction 16610.2 Data Security in Cloud Computing Environment 16610.2.1 Characteristics of a Secure Cloud Computing Environment 16610.2.2 Need for Auditing in Cloud Computing Environment 16710.2.3 Auditing Background Within Third-Party Service Provider 16710.3 Cloud Auditing Outsourcing Life Cycle Phases 16710.4 Auditing Classification 16810.5 Auditing Service 16910.5.1 How Third-Party Service Provider is Enabling Auditing Service 17110.5.2 Auditing Process Analysis 17110.5.3 Privacy and Integrity 17410.5.4 Cloud-Auditing Architecture Analysis 17610.6 Summary 177Exercises 178References 178PART III: CLOUD COMPUTING IMPLEMENTATION, SECURITY AND APPLICATIONS 18111 SECURITY PARADIGMS IN CLOUD COMPUTING 183Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal11.1 Security Paradigms and Issues 18411.2 Cloud Security Challenges 18511.3 Cloud Economics 18711.4 Security of Big Data in Cloud 18711.4.1 The Biggest Risk: Data Breach 18811.4.2 Data Loss 18811.4.3 Account or Service Traffic Hijacking 18911.4.4 Insecure Interfaces and APIs 18911.4.5 Denial of Service 19011.4.6 Malicious Insiders 19011.4.7 Abuse of Cloud Users 19011.4.8 Inadequate Due Diligence 19111.4.9 Vulnerabilities in Shared Technology 19111.5 Security as a Service in Cloud 19111.6 Summary 194Exercises 194References 19512 PRIVACY PRESERVATION ISSUES IN CLOUD COMPUTING 197Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal12.1 Privacy Issues in Cloud Storage 19812.1.1 Encryption Methods 19812.1.2 Access Control Mechanisms 19912.1.3 Query Integrity/Keyword Searches 20012.1.4 Auditability Schemes 20012.2 Privacy and Security 20112.2.1 Performance Unpredictability, Latency and Reliability 20212.2.2 Portability and Interoperability 20312.2.3 Data Breach Through Fiber-Optic Networks 20412.2.4 Data Storage over IP Networks 20412.2.5 Data Storage and Security in Cloud 20512.3 Threats to Security in Cloud Computing 20812.3.1 Basic Security 20812.3.2 Network-Level Security 20912.3.3 Application-Level Security 21112.4 Security Issues in Cloud Deployment Models 21512.4.1 Security Issues in a Public Cloud 21512.4.2 Security Issues in a Private Cloud 21612.5 Ensuring Security Against Various Types of Attacks 21712.6 Survey of Privacy Preservation Using Fuzzy Set and Genetic Algorithm 21912.6.1 Fuzzy-Based Approach for Privacy-Preserving Publication of Data 21912.6.2 Privacy-Preserving Fuzzy Association Rules Hiding in Quantitative Data 22012.6.3 A Rough Computing-Based Performance Evaluation Approach for Educational Institutions 22212.6.4 A New Method for Preserving Privacy in Quantitative Association Rules Using Genetic Algorithm 22312.6.5 Privacy Preserving in Association Rules Using a Genetic Algorithm 22412.7 Summary 225Exercises 225References 22613 APPLICATIONS OF WIRELESS SENSOR NETWORK IN CLOUD 233Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal13.1 Introduction 23413.2 Architectural Issues of Combining Cloud Computing and Wireless Sensor Networks 23413.3 Sensor Network Overview 23513.3.1 Terminology 23513.3.2 Routing Protocols in WSNs 23613.4 Application Scenarios 23713.4.1 Military Use 23713.4.2 Weather Forecasting 23713.4.3 Healthcare 23813.4.4 Transport Monitoring 23813.5 Summary 238Exercises 239References 23914 APPLICATIONS OF MOBILE CLOUD COMPUTING 243Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal14.1 What is Mobile Cloud Computing? 24414.2 The Architecture of Mobile Cloud Computing 24514.3 Characteristics of Mobile Cloud Computing 24514.4 Advantages of Mobile Cloud Computing 24614.5 Mobile Cloud Applications 24814.5.1 Mobile Commerce 24814.5.2 Mobile Learning 24914.5.3 Mobile Healthcare 24914.5.4 Mobile Gaming 25014.5.5 Mobile Social Network 25114.5.6 Multimedia Sharing 25214.6 Summary 252Exercises 252References 25315 BIG DATA IN CLOUD COMPUTING 257Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal15.1 Introduction to Big Data 25815.2 Big Data vs. Cloud Computing 25915.3 Big Data and the Cloud 26115.4 Cloud Computing to Support Big Data 26215.4.1 Cloud Storage for Big Data Storage 26215.4.2 Cloud Computing for Big Data Processing 26215.4.3 Cloud Computing for Big Data Analytics 26315.4.4 Cloud Computing for Big Data Sharing and Remote Collaboration 26315.5 Opportunities and Challenges 26315.5.1 Pros of Putting Big Data in the Cloud 26315.5.2 Potential Challenges of Big Data in the Cloud 26415.6 Summary 265Exercises 265References 266PART IV: CLOUD COMPUTING SIMULATOR TOOLS 26916 CLOUDSIM: A SIMULATOR FOR CLOUD COMPUTING ENVIRONMENT 271Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik16.1 Introduction 27216.2 Main Features 27216.3 CloudSim Architecture 27316.3.1 Modeling the Cloud 27416.3.2 Modeling the VM Allocation 27516.3.3 Modeling the Cloud Market 27616.3.4 Modeling the Network Behavior 27616.3.5 Modeling a Federation of Clouds 27616.3.6 Modeling Dynamic Workloads 27716.3.7 Modeling Data Center Power Consumption 27816.3.8 Modeling Dynamic Entities Creation 27816.4 Design and Implementation of CloudSim 27916.5 Setting up Development Environments 28216.6 How to Use CloudSim with Eclipse 282References 28517 OPENFAAS 287Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal17.1 Introduction 28817.2 OpenFaaS Architecture 28817.3 OpenFaaS Installation 28917.3.1 Development Environment with Docker Swarm 29017.3.2 Multi-Node Cluster with Docker Swarm 29117.3.3 Production Environment with Kubernetes 29317.3.4 Installing OpenFaaS Using Helm 29717.3.5 Install OpenShift 29817.4 Considerations 30017.5 Operation of OpenFaaS 30017.5.1 Setup and Configuration of the Open FaaS Command Line Tool 30017.5.2 OpenFaaS Store 30117.5.3 Management and Usage of Functions 30117.5.4 Development of Functions 30217.5.5 Working with Docker Registries 30217.5.6 Web UI 303References 30318 OPENNEBULA 305Prasant Kumar Pattnaik, Dac-Nhuong Le, Souvik Pal18.1 Project Goal and Environment 30618.2 Set Up Masternode with Frontend 30618.2.1 Install Components 30618.2.2 Starting the Frontend 30618.3 Set Up Worker Node with KVM 30718.3.1 Install Components 30718.3.2 Establish an SSH Communication Pipeline between Master and Worker 30818.3.3 Network Configuration 30818.4 Register Worker Node 30818.5 Deploy VM 309References 31119 OPENSTACK 313Dac-Nhuong Le, Souvik Pal, Prasant Kumar Pattnaik19.1 OpenStack 31419.2 Terminologies in OpenStack 31419.3 OpenStack Architecture 31519.3.1 Compute (Nova) 31619.3.2 Networking (Neuron) 31619.3.3 Image 31619.3.4 Object Storage (Swift) 31619.3.5 Block Storage (Cinder) 31619.4 Logical Architecture 31719.5 OpenStack Installation Guide 31819.5.1 Hardware Requirements 31819.5.2 Networking Requirements 31919.6 OpenStack Work 321References 32220 EUCALYPTUS 325Souvik Pal, Dac-Nhuong Le, Prasant Kumar Pattnaik20.1 Introduction to Eucalyptus 32620.1.1 Eucalyptus Overview 32620.1.2 Eucalyptus Architecture 32620.1.3 Eucalyptus Components 32720.2 Eucalyptus Installation 32820.2.1 System Requirements 32920.2.2 Services Placement 33020.2.3 Eucalyptus Features 33120.2.4 Networking Modes 33220.2.5 Install Repositories 33220.3 Configure Eucalyptus 33520.4 Amazon Web Services Compatibility 337References 337Glossary 339Authors 365
Practical Industrial Cybersecurity
A PRACTICAL ROADMAP TO PROTECTING AGAINST CYBERATTACKS IN INDUSTRIAL ENVIRONMENTSIn Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT, veteran electronics and computer security author Charles J. Brooks and electrical grid cybersecurity expert Philip Craig deliver an authoritative and robust discussion of how to meet modern industrial cybersecurity challenges. The book outlines the tools and techniques used by practitioners in the industry today, as well as the foundations of the professional cybersecurity skillset required to succeed on the SANS Global Industrial Cyber Security Professional (GICSP) exam. Full of hands-on explanations and practical guidance, this book also includes:* Comprehensive coverage consistent with the National Institute of Standards and Technology guidelines for establishing secure industrial control systems (ICS)* Rigorous explorations of ICS architecture, module and element hardening, security assessment, security governance, risk management, and morePractical Industrial Cybersecurity is an indispensable read for anyone preparing for the Global Industrial Cyber Security Professional (GICSP) exam offered by the Global Information Assurance Certification (GIAC). It also belongs on the bookshelves of cybersecurity personnel at industrial process control and utility companies. Practical Industrial Cybersecurity provides key insights to the Purdue ANSI/ISA 95 Industrial Network Security reference model and how it is implemented from the production floor level to the Internet connection of the corporate network. It is a valuable tool for professionals already working in the ICS/Utility network environment, IT cybersecurity personnel transitioning to the OT network environment, and those looking for a rewarding entry point into the cybersecurity field. CHARLES J. BROOKS is the co-Owner and Vice President of Educational Technologies Group Inc and the co-Owner of eITPrep LLP. He oversees research and product development at those organizations and has authored several books, including the A+ Certification Training Guide and The Complete Introductory Computer Course. For the past eight years Charles has been lecturing and providing Instructor training for cybersecurity teachers throughout the U.S. and abroad. His latest projects have been associated with IT and OT cybersecurity courses and hands-on lab activities that include Cybersecurity Essentials — Concepts & Practices; Cybersecurity Essentials – Environments & Testing; and Industrial Network Cybersecurity.PHILIP A. CRAIG JR is the founder of BlackByte Cyber Security, LLC, a consultancy formed to develop new cybersecurity tools and tactics for use in U.S Critical Infrastructure. He oversees research and product development for the U.S. Department of Energy (DOE), the Defense Advanced Research Projects Agency (DARPA), and the National Rural Electric Cooperative Association (NRECA), as well as providing expert knowledge in next generation signal isolation techniques to protect automated controls in energy generation, transmission, and distribution systems. Mr. Craig has authored regulation for both the Nuclear Regulatory Commission (NRC) and National Energy Reliability Corporation (NERC) and is an active cyber responder in federal partnerships for incident response. Introduction xxiiiCHAPTER 1 INDUSTRIAL CONTROL SYSTEMS 1Introduction 2Basic Process Control Systems 3Closed- Loop Control Systems 5Industrial Process Controllers 6Supervisory Control and Data Acquisition Systems 20System Telemetry 21Utility Networks 23OT/IT Network Integration 25Industrial Safety and Protection Systems 28Safety Instrument Systems 29Review Questions 39Exam Questions 41CHAPTER 2 ICS ARCHITECTURE 43Introduction 44Network Transmission Media 45Copper Cabling 45Fiber- Optic Cabling 46Industrial Network Media Standards 49Ethernet Connectivity 52External Network Communications 53Transmission Media Vulnerabilities 55Field Device Architecture 56PLC I/O Sections 58PLC Implementations 62Industrial Sensors 63Final Control Elements/Actuators 71Relays 73Process Units 76Industrial Network Protocols 79Common Industrial Protocols 79EtherNet/IP Protocol 79Modbus 80ProfiNet/ProfiBus 81Dnp3 82Iccp 83Opc 83BACnet 83Enterprise Network Protocols 84Tcp/ip 84Dynamic Host Configuration Protocol 89Review Questions 90Exam Questions 91CHAPTER 3 SECURE ICS ARCHITECTURE 95Introduction 96Boundary Protection 97Firewalls 98Proxies 104Security Topologies 105Network Switches 106Routers 108Security Zoning Models 109Flat Network Topologies 113Network Segmentation 122Controlling Intersegment Data Movement 128Tunneling 128Wireless Networking 129Wireless Sensors 131Wireless Gateways 134Modems 135Review Questions 137Exam Questions 139CHAPTER 4 ICS MODULE AND ELEMENT HARDENING 143Introduction 145Endpoint Security and Hardening 145User Workstation Hardening 145BIOS Security Subsystems 147Additional Outer Perimeter Access Hardening 148Mobile Device Protection 154OS Security/Hardening 155File System Security 156Operating System Security Choices 160Linux SystemV vs Systemd 160Hardening Operating Systems 162Common Operating System Security Tools 162Virtualization 169Application Software Security 172Software Exploitation 172Information Leakage 173Applying Software Updates and Patches 174Database Hardening 174SQL Injection 175Anti-Malware 177Antivirus 178Anti-spyware 178Anti- Malware: Sanitization 181Embedded Device Security 182Meters 184Network Hardening 189OT/IT Network Security 189Server Security 191Hardening the Server OS 193Logical Server Access Control 194Hardening Network Connectivity Devices 196Review Questions 201Exam Questions 202CHAPTER 5 CYBERSECURITY ESSENTIALS FOR ICS 205Introduction 207Basic Security Tenets 208Confidentiality, Integrity, and Availability 208Availability in ICS Networks 209Nonrepudiation 210Principle of Least Privilege 211Separation of Duties 211Vulnerability and Threat Identification 212Nation- States 213Cyberterrorists 213Cybercriminals 214Insider Threats 216Events, Incidents, and Attacks 217Threat Vectors 217Weaponization 230Delivery 230Exploitation 231Installation 232Command and Control 233Actions on Objectives 233Attack Methods 234Unauthorized Access 251Cryptographics 260Encryption 262Digital Certificates 264Public Key Infrastructure 264Hashing 266Resource Constraints 267Review Questions 268Exam Questions 268CHAPTER 6 PHYSICAL SECURITY 271Introduction 272Infrastructure Security 273Access Control 274Physical Security Controls 276Authentication Systems 278Remote Access Monitoring and Automated Access Control Systems 286Intrusion Detection and Reporting Systems 289Security Controllers 290Video Surveillance Systems 295Cameras 297IP Cameras 297Pan- Tilt- Zoom Cameras 298Physical Security for ICS 306Industrial Processes/Generating Facilities 307Control Center/Company Offices 307Nerc Cip-006-1 309Review Questions 311Exam Questions 312CHAPTER 7 ACCESS MANAGEMENT 315Introduction 316Access Control Models 317Mandatory Access Control 317Discretionary Access Control 318Role- Based Access Control 318Rule- Based Access Control 319Attribute- Based Access Control 319Context- Based Access Control 320Key Security Components within Access Controls 320Directory Services 321Active Directory 321Linux Directory Services 324Application Runtime and Execution Control 326User Access Management 326Establishing User and Group Accounts 328Group Account Security 330Network Authentication Options 331Establishing Resource Controls 332ICS Access Control 334Remote ICS Access Control 336Access Control for Cloud Systems 340Review Questions 343Exam Questions 344CHAPTER 8 ICS SECURITY GOVERNANCE AND RISK MANAGEMENT 347Introduction 348Security Policies and Procedure Development 348Requirements 349Exceptions and Exemptions 350Standards 351ICS Security Policies 356Risk Management 357Asset Identification 358Risk Assessment 359Risk Identification Vulnerability Assessment 362Impact Assessment 363ICS Risk Assessments 364Risk Mitigation 366Nerc Cip-008 367Review Questions 369Exam Questions 370CHAPTER 9 ICS SECURITY ASSESSMENTS 373Introduction 374Security Assessments 374ICS Device Testing 376Vulnerability 376Supply Chain 377Communication Robustness Testing 382Fuzzing 382ICS Penetration Testing 384The Pentest Process 385Security Testing Tools 392Packet Sniffers 392Network Enumeration/Port Scanning 393Port Scanning 395Vulnerability Scanning 395Review Questions 401Exam Questions 402CHAPTER 10 ICS SECURITY MONITORING AND INCIDENT RESPONSE 405Introduction 407ICS Lifecycle Challenges 408Change Management 408Establishing a Security Baseline 409Change Management Documentation 411Configuration Change Management 412Controlling Patch Distribution and Installation for Systems 414Monitoring 419Event Monitoring 420Network Monitoring 421Security Monitoring 423Logging and Auditing 424Event Logging 425Incident Management 433The Incident Response Lifecycle 434Preparation 435Incident Response 442Recovery 445Post- Incident Activities 446Review Questions 449Exam Questions 450CHAPTER 11 DISASTER RECOVERY AND BUSINESS CONTINUITY 453Introduction 454Business Continuity Plans 455System Redundancy 455Local Virtualized Storage 459System Backup and Restoration 462Backup Options 463Backup Media Rotation 466Securing Backup Media 467Other BCP Considerations 467Disaster Recovery 469Planning 470Documenting the Disaster Recovery Plan 472The Disaster Response/Recovery Team 473Nerc Cip-009-6 475Review Questions 477Exam Questions 478APPENDIX A GICSP OBJECTIVE MAP 481ICS410.1 ICS: Global Industrial Cybersecurity Professional (GICSP) Objectives 482Overview 482ICS410.2: Architecture and Field Devices 483ICS410.3: Communications and Protocols 484ICS410.4: Supervisory Systems 485ICS410.5: Security Governance 485APPENDIX B GLOSSARY 487APPENDIX C STANDARDS AND REFERENCES 533Reference Links 536APPENDIX D REVIEW AND EXAM QUESTION ANSWERS 539Chapter 1: Industrial Control Systems 540Review Question Answers 540Exam Question Answers 541Chapter 2: ICS Architecture 542Review Question Answers 542Exam Question Answers 544Chapter 3: Secure ICS Architecture 545Review Question Answers 545Exam Question Answers 547Chapter 4: ICS Modules and Element Hardening 548Review Question Answers 548Exam Question Answers 550Chapter 5: Cybersecurity Essentials for ICS 551Review Question Answers 551Exam Question Answers 553Chapter 6: Physical Security 554Review Question Answers 554Exam Question Answers 556Chapter 7: Access Management 556Review Question Answers 556Exam Question Answers 558Chapter 8: ICS Security Governance and Risk Management 559Review Question Answers 559Exam Question Answers 560Chapter 9: ICS Security Assessments 561Review Question Answers 561Exam Question Answers 563Chapter 10: ICS Security Monitoring and Incident Response 564Review Question Answers 564Exam Question Answers 565Chapter 11: Disaster Recovery and Business Continuity 567Review Question Answers 567Exam Question Answers 568Index 571
Selbstorganisation braucht Führung
SELBSTORGANISATION BRAUCHT FÜHRUNG // - Erfahren Sie, warum agile Unternehmenskulturen mehr und vor allem echte Führung brauchen - Schaffen Sie mit einfachen Werkzeugen die Rahmenbedingungen für die Selbstorganisation Ihres Teams - Lernen Sie aus den Erfahrungen, Erfolgen und Misserfolgen der Autoren als Manager - Nutzen Sie die Tipps und Übungen, um Ihr persönliches Führungsverständnis zu formen - Neue Themen in der 3. Auflage: Legitimation, Mut, Remote-Führung und selbstbestimmte Gehälter - Ihr exklusiver Vorteil: E-Book inside beim Kauf des gedruckten Buches Durch die Herausforderungen der Digitalisierung ist das Thema »Agilität« an die Spitze der Management-Agenda gerückt. Waren selbstorganisierte Arbeitsweisen bis vor wenigen Jahren noch eine Grassroots-Bewegung, so kommen die Initiativen zur agilen Transformation ganzer Organisationen heute von oben, aus den Führungs- und Vorstandsetagen. Vielen Managern ist klargeworden, dass sie Agilität selbst leben müssen und durch ihr eigenes Verhalten maßgeblich fördern. Nur, wie geht das? Führungskräfte müssen immer wieder auf das System einwirken, damit es die nächste Entwicklungsstufe der Selbstorganisation erreichen kann. Das funktioniert nicht durch Mikromanagement oder Delegation von Veränderung. Es bedeutet: konsequente Arbeit an der eigenen Haltung, Vorbild sein im Verhalten und die Wahrnehmung von Mitarbeitern als Menschen – nicht als Ressourcen. Boris Gloger und Dieter Rösner entwerfen keine agile Führungslehre, sondern leiten zur Selbstreflexion an. Sie erzählen von eigenen und beobachteten Krisen, vom eigenen Scheitern und dem Erkennen, wie Selbstorganisation entsteht. Daraus leiten sie ein modernes Führungsverständnis für eine Kultur des Gelingens ab. AUS DEM INHALT // Warum Führen heute so schwierig ist/Wie Selbstorganisation funktioniert/Mensch, Modell, Manager: Agilität als Kultur des Gelingens/Welche Strukturen die Selbstorganisation anregen/Vom Anreizsystem zum Anerkennungssystem
Gefühlte Zukunft
Welche Rolle spielen Emotionen bei der Konstruktion, Kommunikation und Nutzung von Zukunftsbildern? Sind Emotionen primär eine Komponente, die Vorurteile transportiert? In welchem Maße sind Forschende selbst Emotionen ausgesetzt, die die Methodenwahl und die Ergebnisse beeinflussen? In dem Sammelband kommt die gesamte Breite der Thematik „Zukunftsforschung und Emotionalität“ zur Sprache, von den philosophischen Grundlagen bis zu methodischen Fragestellungen und Erkenntnissen aus der Praxis, die die enge Verschränkung von Kognition und Emotion in allen Phasen von Vorausschauprozessen belegen. Psychodynamik und Foresight. Zum subjektiven Faktor in der prospektiven Forschung.- Gefühl und Zukunftsbild.- Sein zur Lust. Zukünfte als Modalstrukturen.- Narrative Scharniere – Zur Vermittlung von Emotionalität und Zukunftsperspektiven.- Zur Uneindeutigkeit von Zukunft – Widerspruchstoleranz im Umgang mit mehrdeutigen Zukünften.- Der „subjektive Faktor“: Angst, Hoffnung und Zuversicht in drei Berichten an den Club of Rome.- Risikoanalysen als Austauschformat im Rahmen verantwortungsvoller Forschung und Innovation.- Im emotionalisierten Raum. Human Factors in Hardware- und Software-Design von Robotern und Künstlicher Intelligenz.- Personas, ein Instrument zur erleichterten Handhabung emotionaler Aspekte in Foresightprozessen?.- Einflussreiche Metaphern: Funktionen und Wirkungspotentiale von metaphorisch-emotionalen Ausdrücken beim Formulieren und Kommunizieren von Zukunftsbildern.- Ist Angst tatsächlich ein schlechter Ratgeber? Über den Zusammenhang von Technik, Emotionen und Vorsorge.- Wilde Zukünfte. Zur Emotionalität beim Umgang mit Wild Cards.- Geschichten aus der Zukunft – das Unfassbare erlebbar machen.- Tabuisierte Zukünfte – Wie Tabus die Analyse des zukünftigen Möglichkeitenraums beeinflussen.- Von der Furcht, konkret zu werden.
Advanced Analytics and Deep Learning Models
ADVANCED ANALYTICS AND DEEP LEARNING MODELSTHE BOOK PROVIDES READERS WITH AN IN-DEPTH UNDERSTANDING OF CONCEPTS AND TECHNOLOGIES RELATED TO THE IMPORTANCE OF ANALYTICS AND DEEP LEARNING IN MANY USEFUL REAL-WORLD APPLICATIONS SUCH AS E-HEALTHCARE, TRANSPORTATION, AGRICULTURE, STOCK MARKET, ETC.Advanced analytics is a mixture of machine learning, artificial intelligence, graphs, text mining, data mining, semantic analysis. It is an approach to data analysis. Beyond the traditional business intelligence, it is a semi and autonomous analysis of data by using different techniques and tools. However, deep learning and data analysis both are high centers of data science. Almost all the private and public organizations collect heavy amounts of data, i.e., domain-specific data. Many small/large companies are exploring large amounts of data for existing and future technology. Deep learning is also exploring large amounts of unsupervised data making it beneficial and effective for big data. Deep learning can be used to deal with all kinds of problems and challenges that include collecting unlabeled and uncategorized raw data, extracting complex patterns from a large amount of data, retrieving fast information, tagging data, etc. This book contains 16 chapters on artificial intelligence, machine learning, deep learning, and their uses in many useful sectors like stock market prediction, a recommendation system for better service selection, e-healthcare, telemedicine, transportation. There are also chapters on innovations and future opportunities with fog computing/cloud computing and artificial intelligence. AUDIENCEResearchers in artificial intelligence, big data, computer science, and electronic engineering, as well as industry engineers in healthcare, telemedicine, transportation, and the financial sector. The book will also be a great source for software engineers and advanced students who are beginners in the field of advanced analytics in deep learning. ARCHANA MIRE, PHD, is an assistant professor in the Computer Engineering Department, Terna Engineering College, Navi Mumbai, India. She has published many research articles in peer-reviewed journals. SHAVETA MALIK, PHD, is an associate professor in the Computer Engineering Department (NBA accredited), Terna Engineering College, Nerul, India. She has published many research articles in peer-reviewed journals. AMIT KUMAR TYAGI, PHD, is an assistant professor and senior researcher at Vellore Institute of Technology (VIT), Chennai Campus, India. He received his PhD in 2018 from Pondicherry Central University, India. He has published more than 8 patents in the area of deep learning, Internet of Things, cyber-physical systems, and computer vision. Preface xixPART 1: INTRODUCTION TO COMPUTER VISION 11 ARTIFICIAL INTELLIGENCE IN LANGUAGE LEARNING: PRACTICES AND PROSPECTS 3Khushboo Kuddus1.1 Introduction 41.2 Evolution of CALL 51.3 Defining Artificial Intelligence 71.4 Historical Overview of AI in Education and Language Learning 71.5 Implication of Artificial Intelligence in Education 81.5.1 Machine Translation 91.5.2 Chatbots 91.5.3 Automatic Speech Recognition Tools 91.5.4 Autocorrect/Automatic Text Evaluator 111.5.5 Vocabulary Training Applications 121.5.6 Google Docs Speech Recognition 121.5.7 Language MuseTM Activity Palette 131.6 Artificial Intelligence Tools Enhance the Teaching and Learning Processes 131.6.1 Autonomous Learning 131.6.2 Produce Smart Content 131.6.3 Task Automation 131.6.4 Access to Education for Students with Physical Disabilities 141.7 Conclusion 14References 152 REAL ESTATE PRICE PREDICTION USING MACHINE LEARNING ALGORITHMS 19Palak Furia and Anand Khandare2.1 Introduction 202.2 Literature Review 202.3 Proposed Work 212.3.1 Methodology 212.3.2 Work Flow 222.3.3 The Dataset 222.3.4 Data Handling 232.3.4.1 Missing Values and Data Cleaning 232.3.4.2 Feature Engineering 242.3.4.3 Removing Outliers 252.4 Algorithms 272.4.1 Linear Regression 272.4.2 LASSO Regression 272.4.3 Decision Tree 282.4.4 Support Vector Machine 282.4.5 Random Forest Regressor 282.4.6 XGBoost 292.5 Evaluation Metrics 292.6 Result of Prediction 30References 313 MULTI-CRITERIA–BASED ENTERTAINMENT RECOMMENDER SYSTEM USING CLUSTERING APPROACH 33Chandramouli Das, Abhaya Kumar Sahoo and Chittaranjan Pradhan3.1 Introduction 343.2 Work Related Multi-Criteria Recommender System 353.3 Working Principle 383.3.1 Modeling Phase 393.3.2 Prediction Phase 393.3.3 Recommendation Phase 403.3.4 Content-Based Approach 403.3.5 Collaborative Filtering Approach 413.3.6 Knowledge-Based Filtering Approach 413.4 Comparison Among Different Methods 423.4.1 MCRS Exploiting Aspect-Based Sentiment Analysis 423.4.1.1 Discussion and Result 433.4.2 User Preference Learning in Multi-Criteria Recommendation Using Stacked Autoencoders by Tallapally et al. 463.4.2.1 Dataset and Evaluation Matrix 463.4.2.2 Training Setting 493.4.2.3 Result 493.4.3 Situation-Aware Multi-Criteria Recommender System: Using Criteria Preferences as Contexts by Zheng 493.4.3.1 Evaluation Setting 503.4.3.2 Experimental Result 503.4.4 Utility-Based Multi-Criteria Recommender Systems by Zheng 513.4.4.1 Experimental Dataset 513.4.4.2 Experimental Result 523.4.5 Multi-Criteria Clustering Approach by Wasid and Ali 533.4.5.1 Experimental Evaluation 533.4.5.2 Result and Analysis 533.5 Advantages of Multi-Criteria Recommender System 543.5.1 Revenue 573.5.2 Customer Satisfaction 573.5.3 Personalization 573.5.4 Discovery 583.5.5 Provide Reports 583.6 Challenges of Multi-Criteria Recommender System 583.6.1 Cold Start Problem 583.6.2 Sparsity Problem 593.6.3 Scalability 593.6.4 Over Specialization Problem 593.6.5 Diversity 593.6.6 Serendipity 593.6.7 Privacy 603.6.8 Shilling Attacks 603.6.9 Gray Sheep 603.7 Conclusion 60References 614 ADOPTION OF MACHINE/DEEP LEARNING IN CLOUD WITH A CASE STUDY ON DISCERNMENT OF CERVICAL CANCER65Jyothi A. P., S. Usha and Archana H. R.4.1 Introduction 664.2 Background Study 694.3 Overview of Machine Learning/Deep Learning 724.4 Connection Between Machine Learning/Deep Learning and Cloud Computing 744.5 Machine Learning/Deep Learning Algorithm 744.5.1 Supervised Learning 744.5.2 Unsupervised Learning 774.5.3 Reinforcement or Semi-Supervised Learning 774.5.3.1 Outline of ML Algorithms 774.6 A Project Implementation on Discernment of Cervical Cancer by Using Machine/Deep Learning in Cloud 934.6.1 Proposed Work 944.6.1.1 MRI Dataset 944.6.1.2 Pre Processing 954.6.1.3 Feature Extraction 964.6.2 Design Methodology and Implementation 974.6.3 Results 1004.7 Applications 1014.7.1 Cognitive Cloud 1024.7.2 Chatbots and Smart Personal Assistants 1034.7.3 IoT Cloud 1034.7.4 Business Intelligence 1034.7.5 AI-as-a-Service 1044.8 Advantages of Adoption of Cloud in Machine Learning/ Deep Learning 1044.9 Conclusion 105References 1065 MACHINE LEARNING AND INTERNET OF THINGS–BASED MODELS FOR HEALTHCARE MONITORING 111Shruti Kute, Amit Kumar Tyagi, Aswathy S.U. and Shaveta Malik5.1 Introduction 1125.2 Literature Survey 1135.3 Interpretable Machine Learning in Healthcare 1145.4 Opportunities in Machine Learning for Healthcare 1165.5 Why Combining IoT and ML? 1195.5.1 ML-IoT Models for Healthcare Monitoring 1195.6 Applications of Machine Learning in Medical and Pharma 1215.7 Challenges and Future Research Direction 1225.8 Conclusion 123References 1236 MACHINE LEARNING–BASED DISEASE DIAGNOSIS AND PREDICTION FOR E-HEALTHCARE SYSTEM 127Shruti Suhas Kute, Shreyas Madhav A. V., Shabnam Kumari and Aswathy S. U.6.1 Introduction 1286.2 Literature Survey 1296.3 Machine Learning Applications in Biomedical Imaging 1326.4 Brain Tumor Classification Using Machine Learning and IoT 1346.5 Early Detection of Dementia Disease Using Machine Learning and IoT-Based Applications 1356.6 IoT and Machine Learning-Based Diseases Prediction and Diagnosis System for EHRs 1376.7 Machine Learning Applications for a Real-Time Monitoring of Arrhythmia Patients Using IoT 1406.8 IoT and Machine Learning–Based System for Medical Data Mining 1416.9 Conclusion and Future Works 143References 144PART 2: INTRODUCTION TO DEEP LEARNING AND ITS MODELS 1497 DEEP LEARNING METHODS FOR DATA SCIENCE 151K. Indira, Kusumika Krori Dutta, S. Poornima and Sunny Arokia Swamy Bellary7.1 Introduction 1527.2 Convolutional Neural Network 1527.2.1 Architecture 1547.2.2 Implementation of CNN 1547.2.3 Simulation Results 1577.2.4 Merits and Demerits 1587.2.5 Applications 1597.3 Recurrent Neural Network 1597.3.1 Architecture 1607.3.2 Types of Recurrent Neural Networks 1617.3.2.1 Simple Recurrent Neural Networks 1617.3.2.2 Long Short-Term Memory Networks 1627.3.2.3 Gated Recurrent Units (GRUs) 1647.3.3 Merits and Demerits 1677.3.3.1 Merits 1677.3.3.2 Demerits 1677.3.4 Applications 1677.4 Denoising Autoencoder 1687.4.1 Architecture 1697.4.2 Merits and Demerits 1697.4.3 Applications 1707.5 Recursive Neural Network (RCNN) 1707.5.1 Architecture 1707.5.2 Merits and Demerits 1727.5.3 Applications 1727.6 Deep Reinforcement Learning 1737.6.1 Architecture 1747.6.2 Merits and Demerits 1747.6.3 Applications 1747.7 Deep Belief Networks (DBNS) 1757.7.1 Architecture 1767.7.2 Merits and Demerits 1767.7.3 Applications 1767.8 Conclusion 177References 1778 A PROPOSED LSTM-BASED NEUROMARKETING MODEL FOR CONSUMER EMOTIONAL STATE EVALUATION USING EEG 181Rupali Gill and Jaiteg Singh8.1 Introduction 1828.2 Background and Motivation 1838.2.1 Emotion Model 1838.2.2 Neuromarketing and BCI 1848.2.3 EEG Signal 1858.3 Related Work 1858.3.1 Machine Learning 1868.3.2 Deep Learning 1918.3.2.1 Fast Feed Neural Networks 1938.3.2.2 Recurrent Neural Networks 1938.3.2.3 Convolutional Neural Networks 1948.4 Methodology of Proposed System 1958.4.1 DEAP Dataset 1968.4.2 Analyzing the Dataset 1968.4.3 Long Short-Term Memory 1978.4.4 Experimental Setup 1978.4.5 Data Set Collection 1978.5 Results and Discussions 1988.5.1 LSTM Model Training and Accuracy 1988.6 Conclusion 199References 1999 AN EXTENSIVE SURVEY OF APPLICATIONS OF ADVANCED DEEP LEARNING ALGORITHMS ON DETECTION OF NEURODEGENERATIVE DISEASES AND THE TACKLING PROCEDURE IN THEIR TREATMENT PROTOCOL 207Vignesh Baalaji S., Vergin Raja Sarobin M., L. Jani Anbarasi, Graceline Jasmine S. and Rukmani P.9.1 Introduction 2089.2 Story of Alzheimer’s Disease 2089.3 Datasets 2109.3.1 ADNI 2109.3.2 OASIS 2109.4 Story of Parkinson’s Disease 2119.5 A Review on Learning Algorithms 2129.5.1 Convolutional Neural Network (CNN) 2129.5.2 Restricted Boltzmann Machine 2139.5.3 Siamese Neural Networks 2139.5.4 Residual Network (ResNet) 2149.5.5 U-Net 2149.5.6 LSTM 2149.5.7 Support Vector Machine 2159.6 A Review on Methodologies 2159.6.1 Prediction of Alzheimer’s Disease 2159.6.2 Prediction of Parkinson’s Disease 2219.6.3 Detection of Attacks on Deep Brain Stimulation 2239.7 Results and Discussion 2249.8 Conclusion 224References 22710 EMERGING INNOVATIONS IN THE NEAR FUTURE USING DEEP LEARNING TECHNIQUES 231Akshara Pramod, Harsh Sankar Naicker and Amit Kumar Tyagi10.1 Introduction 23210.2 Related Work 23410.3 Motivation 23510.4 Future With Deep Learning/Emerging Innovations in Near Future With Deep Learning 23610.4.1 Deep Learning for Image Classification and Processing 23710.4.2 Deep Learning for Medical Image Recognition 23710.4.3 Computational Intelligence for Facial Recognition 23810.4.4 Deep Learning for Clinical and Health Informatics 23810.4.5 Fuzzy Logic for Medical Applications 23910.4.6 Other Intelligent-Based Methods for Biomedical and Healthcare 23910.4.7 Other Applications 23910.5 Open Issues and Future Research Directions 24410.5.1 Joint Representation Learning From User and Item Content Information 24410.5.2 Explainable Recommendation With Deep Learning 24510.5.3 Going Deeper for Recommendation 24510.5.4 Machine Reasoning for Recommendation 24610.5.5 Cross Domain Recommendation With Deep Neural Networks 24610.5.6 Deep Multi-Task Learning for Recommendation 24710.5.7 Scalability of Deep Neural Networks for Recommendation 24710.5.8 Urge for a Better and Unified Evaluation 24810.6 Deep Learning: Opportunities and Challenges 24910.7 Argument with Machine Learning and Other Available Techniques 25010.8 Conclusion With Future Work 251Acknowledgement 252References 25211 OPTIMIZATION TECHNIQUES IN DEEP LEARNING SCENARIOS: AN EMPIRICAL COMPARISON 255Ajeet K. Jain, PVRD Prasad Rao and K. Venkatesh Sharma11.1 Introduction 25611.1.1 Background and Related Work 25611.2 Optimization and Role of Optimizer in DL 25811.2.1 Deep Network Architecture 25911.2.2 Proper Initialization 26011.2.3 Representation, Optimization, and Generalization 26111.2.4 Optimization Issues 26111.2.5 Stochastic GD Optimization 26211.2.6 Stochastic Gradient Descent with Momentum 26311.2.7 SGD With Nesterov Momentum 26411.3 Various Optimizers in DL Practitioner Scenario 26511.3.1 AdaGrad Optimizer 26511.3.2 RMSProp 26711.3.3 Adam 26711.3.4 AdaMax 26911.3.5 AMSGrad 26911.4 Recent Optimizers in the Pipeline 27011.4.1 EVE 27011.4.2 RAdam 27111.4.3 MAS (Mixing ADAM and SGD) 27111.4.4 Lottery Ticket Hypothesis 27211.5 Experiment and Results 27311.5.1 Web Resource 27311.5.2 Resource 27711.6 Discussion and Conclusion 278References 279PART 3: INTRODUCTION TO ADVANCED ANALYTICS 28312 BIG DATA PLATFORMS 285Sharmila Gaikwad and Jignesh Patil12.1 Visualization in Big Data 28612.1.1 Introduction to Big Data 28612.1.2 Techniques of Visualization 28712.1.3 Case Study on Data Visualization 30212.2 Security in Big Data 30512.2.1 Introduction of Data Breach 30512.2.2 Data Security Challenges 30612.2.3 Data Breaches 30712.2.4 Data Security Achieved 30712.2.5 Findings: Case Study of Data Breach 30912.3 Conclusion 309References 30913 SMART CITY GOVERNANCE USING BIG DATA TECHNOLOGIES 311K. Raghava Rao and D. Sateesh Kumar13.1 Objective 31213.2 Introduction 31213.3 Literature Survey 31413.4 Smart Governance Status 31413.4.1 International 31413.4.2 National 31613.5 Methodology and Implementation Approach 31813.5.1 Data Generation 31913.5.2 Data Acquisition 31913.5.3 Data Analytics 31913.6 Outcome of the Smart Governance 32213.7 Conclusion 323References 32314 BIG DATA ANALYTICS WITH CLOUD, FOG, AND EDGE COMPUTING 325Deepti Goyal, Amit Kumar Tyagi and Aswathy S. U.14.1 Introduction to Cloud, Fog, and Edge Computing 32614.2 Evolution of Computing Terms and Its Related Works 33014.3 Motivation 33214.4 Importance of Cloud, Fog, and Edge Computing in Various Applications 33314.5 Requirement and Importance of Analytics (General) in Cloud, Fog, and Edge Computing 33414.6 Existing Tools for Making a Reliable Communication and Discussion of a Use Case (with Respect to Cloud, Fog, and Edge Computing) 33514.6.1 CloudSim 33514.6.2 SPECI 33614.6.3 Green Cloud 33614.6.4 OCT (Open Cloud Testbed) 33714.6.5 Open Cirrus 33714.6.6 GroudSim 33814.6.7 Network CloudSim 33814.7 Tools Available for Advanced Analytics (for Big Data Stored in Cloud, Fog, and Edge Computing Environment) 33814.7.1 Microsoft HDInsight 33814.7.2 Skytree 33914.7.3 Splice Machine 33914.7.4 Spark 33914.7.5 Apache SAMOA 33914.7.6 Elastic Search 33914.7.7 R-Programming 33914.8 Importance of Big Data Analytics for Cyber-Security and Privacy for Cloud-IoT Systems 34014.8.1 Risk Management 34014.8.2 Predictive Models 34014.8.3 Secure With Penetration Testing 34014.8.4 Bottom Line 34114.8.5 Others: Internet of Things-Based Intelligent Applications 34114.9 An Use Case with Real World Applications (with Respect to Big Data Analytics) Related to Cloud, Fog, and Edge Computing 34114.10 Issues and Challenges Faced by Big Data Analytics (in Cloud, Fog, and Edge Computing Environments) 34214.10.1 Cloud Issues 34314.11 Opportunities for the Future in Cloud, Fog, and Edge Computing Environments (or Research Gaps) 34414.12 Conclusion 345References 34615 BIG DATA IN HEALTHCARE: APPLICATIONS AND CHALLENGES 351V. Shyamala Susan, K. Juliana Gnana Selvi and Ir. Bambang Sugiyono Agus Purwono15.1 Introduction 35215.1.1 Big Data in Healthcare 35215.1.2 The 5V’s Healthcare Big Data Characteristics 35315.1.2.1 Volume 35315.1.2.2 Velocity 35315.1.2.3 Variety 35315.1.2.4 Veracity 35315.1.2.5 Value 35315.1.3 Various Varieties of Big Data Analytical (BDA) in Healthcare 35315.1.4 Application of Big Data Analytics in Healthcare 35415.1.5 Benefits of Big Data in the Health Industry 35515.2 Analytical Techniques for Big Data in Healthcare 35615.2.1 Platforms and Tools for Healthcare Data 35715.3 Challenges 35715.3.1 Storage Challenges 35715.3.2 Cleaning 35815.3.3 Data Quality 35815.3.4 Data Security 35815.3.5 Missing or Incomplete Data 35815.3.6 Information Sharing 35815.3.7 Overcoming the Big Data Talent and Cost Limitations 35915.3.8 Financial Obstructions 35915.3.9 Volume 35915.3.10 Technology Adoption 36015.4 What is the Eventual Fate of Big Data in Healthcare Services? 36015.5 Conclusion 361References 36116 THE FOG/EDGE COMPUTING: CHALLENGES, SERIOUS CONCERNS, AND THE ROAD AHEAD 365Varsha. R., Siddharth M. Nair and Amit Kumar Tyagi16.1 Introduction 36616.1.1 Organization of the Work 36816.2 Motivation 36816.3 Background 36916.4 Fog and Edge Computing–Based Applications 37116.5 Machine Learning and Internet of Things–Based Cloud, Fog, and Edge Computing Applications 37416.6 Threats Mitigated in Fog and Edge Computing–Based Applications 37616.7 Critical Challenges and Serious Concerns Toward Fog/Edge Computing and Its Applications 37816.8 Possible Countermeasures 38116.9 Opportunities for 21st Century Toward Fog and Edge Computing 38316.9.1 5G and Edge Computing as Vehicles for Transformation of Mobility in Smart Cities 38316.9.2 Artificial Intelligence for Cloud Computing and Edge Computing 38416.10 Conclusion 387References 387Index 391
Hacking Artificial Intelligence
Sheds light on the ability to hack AI and the technology industry’s lack of effort to secure vulnerabilities.We are accelerating towards the automated future. But this new future brings new risks. It is no surprise that after years of development and recent breakthroughs, artificial intelligence is rapidly transforming businesses, consumer electronics, and the national security landscape. But like all digital technologies, AI can fail and be left vulnerable to hacking. The ability to hack AI and the technology industry’s lack of effort to secure it is thought by experts to be the biggest unaddressed technology issue of our time. Hacking Artificial Intelligence sheds light on these hacking risks, explaining them to those who can make a difference.Today, very few people—including those in influential business and government positions—are aware of the new risks that accompany automated systems. While society hurdles ahead with AI, we are also rushing towards a security and safety nightmare. This book is the first-ever layman’s guide to the new world of hacking AI and introduces the field to thousands of readers who should be aware of these risks. From a security perspective, AI is today where the internet was 30 years ago. It is wide open and can be exploited. Readers from leaders to AI enthusiasts and practitioners alike are shown how AI hacking is a real risk to organizations and are provided with a framework to assess such risks, before problems arise.Davey Gibian is a technologist and artificial intelligence practitioner. His career has spanned Wall Street, the White House, and active war zones as he has brought cutting-edge data science tools to solve hard problems. He has built two start-ups, Calypso AI and OMG, was a White House Presidential Innovation Fellow for AI and Cybersecurity, and helped scale Palantir Technologies. He holds patents in machine learning and served in the US Air Force. He currently resides in New York City.Introduction: Hacking facial recognitionChapter 1: A brief overview of artificial intelligenceChapter 2: How AI is different from traditional softwareChapter 3: Data biasChapter 4: Hacking AI systemsChapter 5: Evasion AttacksChapter 6: Data PoisoningChapter 7: Model Inversion (“Privacy”) AttacksChapter 8: Obfuscation attacksChapter 9: Talking to AI: Model interpretabilityChapter 10: Machine vs. machineChapter 11: Will someone hack my AI?About the Author
C++ mit Visual Studio 2022 und Windows Forms-Anwendungen
Dieses Buch stellt C++ umfassend dar. Zahlreiche Beispiele veranschaulichen die Theorie. Dabei werden die Neuerungen von C++11, C++14 und C++17 von Anfang an integriert und ihre Vorteile gezeigt. Im Unterschied zu den allermeisten anderen C++-Büchern werden Windows-Programme mit einer grafischen Benutzeroberfläche entwickelt.Dieses Buch ist ein Lehrbuch, das sich an Studenten von Fachhochschulen und Universitäten richtet. Da es keine Vorkenntnisse voraussetzt, ist es auch zum Selbststudium geeignet. Es entstand aus zahlreichen Vorlesungen und Firmenseminaren. Der Aufbau, die Beispiele und Übungsaufgaben sind erprobt und bewährt.Und es ist gleichzeitig auch ein Fachbuch, das erfahrene C++-Programmierer auf den Stand von C++17 bringt. Es zeigt, wie die zahlreichen Neuerungen selbst elementare Programmiertechniken einfacher und sicherer machen. Dazu kommen neue Konzepte, die bessere und effizientere Lösungen als noch vor einigen Jahren ermöglichen. Viele dieser neuen Möglichkeiten sind in der industriellen Praxis noch nicht verbreitet.Übungsaufgaben ermöglichen dem Leser, das Gelernte zu vertiefen. Lösungen stehen auf www.rkaiser.de zum Download bereit.Dieses Buch erscheint in zwei weitgehend identischen Ausgaben:• In der vorliegenden Ausgabe werden Programme mit einer grafischen Benutzeroberfläche geschrieben, in denen alle Ein- und Aus-gaben über eine Windows-Benutzeroberfläche erfolgen.• In der anderen Ausgabe „C++ mit Visual Studio 2019“ (ISBN 978-3-662-594759) werden C++-Programme ohne eine grafische Benutzeroberfläche geschrieben. Alle Ein- und Ausgaben erfolgen mit cin und cout über die Konsole.Nach seinem Mathematikstudium an der Universität Tübingen war RICHARD KAISER einige Jahre in der Lehrerausbildung tätig, Trainer in der Industrie, Software-Entwickler (vor allem für technische Anwendungen) und Leiter der Software-Abteilung. Seit 1991 ist er Professor an der Dualen Hochschule Baden-Württemberg (Lörrach), wo er vor allem Vorlesungen über Programmiersprachen (C/C++/C#) und Mathematik hält. In den letzten Jahren hat er viele Seminare über C++ und C# für Firmen durchgeführt.Die Entwicklungsumgebung.- Steuerelemente für die Benutzeroberfläche.- Elementare Datentypen und Anweisungen in C und C++.- Sie Stringklassen string und wstring.- Arrays und Container.- Einfache selbstdefinierte Datentypen.- Zeiger, Strings und dynamisch erzeugte Variablen.- Überladene Funktionen und Operatoren.- Objektorientierte Programmierung.- Namensbereiche.- Exception-Handling.- Containerklassen der C++-Standardbibliothek.- Dateibearbeitung mit den Stream-Klassen.- Funktionsobjekte und Lambda-Ausdrücke.- Templates und STL.- C++11 Smart Pointer: shared_ptr, unique_ptr und weak_ptr.- Literatur.- Index.
Cyber-Sicherheit
Dieses Lehrbuch gibt Ihnen einen Überblick über die Themen der IT-Sicherheit Die digitale Transformation eröffnet viele neue Möglichkeiten, den dadurch lassen sich Geschäftsmodelle und Verwaltungsprozesse radikal verändern. Aber mit fortschreitender Digitalisierung nimmt jedoch die Komplexität der IT-Systeme- und Infrastrukturen zu. Zudem werden die Methoden der professionellen Angreifer ausgefeilter und die Angriffsziele kontinuierlich lukrativer, insgesamt führt dies bei Unternehmen und der Gesellschaft zu hohen Schäden. Für eine erfolgreiche Zukunft unserer Gesellschaft ist es daher entscheidend, diesen gestiegenen Risiken entgegenzuwirken und eine sichere sowie vertrauenswürdige IT zu gestalten. Von daher ist es notwendig, dass mit den wachsenden Herausforderungen auch neue Entwicklungen und Prozessen in der Cyber-Sicherheit einhergehen. Was sich hier getan hat können Sie in der 2. Auflage des Lehrbuchs ‚Cyber-Sicherheit‘, von Prof. Norbert Pohlmann, nachlesen. Denn inder Überarbeitung der sehr erfolgreichen Erst-Auflage wurden die bestehenden Kapitel ergänzt und aktualisiert sowie zusätzlich für neue Themen weitere Kapitel hinzugefügt. Aber auch Lehrmaterialien, wie 19 komplette Vorlesungen und Überbungen auf den Webseiten wurden angepasst und erweitert. Auf insgesamt 746 Seiten bietet Informatikprofessor Norbert Pohlmann grundlegendes Wissen über die Cyber-Sicherheit und geht bei innovativen Themen, wie Self Sovereign Identity oder dem Vertrauenswürdigkeits-Modell, detailliert in die Tiefe. Dabei ist dem Autor wichtig, nicht nur theoretisches Fachwissen zu vermitteln, sondern auch den Leser in die Lage zu versetzen, die Cyber-Sicherheit aus der anwendungsorientierten Perspektive zu betrachten. Lernen Sie mithilfe dieses Lehrbuchs mehr über Mechanismen, Prinzipien, Konzepte und Eigenschaften von Cyber-Sicherheitssystemen. So sind Sie in der Lage, die Sicherheit und Vertrauenswürdigkeit von IT-Lösungen zu beurteilen. Grundlegende Aspekte der Cyber-Sicherheit Im einführenden Abschnitt werden den Lesenden die Grundlagen der IT-Sicherheit vermittelt: · Cyber-Sicherheitsstrategien · Motivationen von Angreifern · Sicherheitsbedürfnisse der Bürger und Mitarbeiter von Unternehmen · Aktuelle Cyber-Sicherheitsprobleme · Herausforderungen für eine sicher und vertrauenswürdige digitale Zukunft · Wirksamkeitskonzepte von Cyber-Sicherheitsmechanismen Detaillierte Darstellung relevanter Systeme, Prozesse und Prinzipien In den weiteren Kapiteln wird auf besonders relevante Teilbereiche der Cyber-Sicherheit fokussiert: · Kryptographie · Hardware-Sicherheitsmodule zum Schutz von sicherheitsrelevanten Informationen · Digitale Signatur, elektronische Zertifikate sowie PKIs und PKAs · Identifikation und Authentifikation · Enterprise Identity und Access Management · Trusted Computing · Cyber-Sicherheit Frühwarn- und Lagebildsysteme · Firewall-Systeme · E-Mail-Sicherheit · Blockchain-Technologie · Künstliche Intelligenz und Cyber-Security · Social Web Cyber-Sicherheit · Self-Sovereign Identity (SSI) - neu · Vertrauen und Vertrauenswürdigkeit - neu · Weitere Aspekte der Cyber-Sicherheit - neu Zudem erfahren Sie mehr über neue Standards und Methoden bei IPSec-Verschlüsselung, Transport Layer Security (TLS) sowie Sicherheitsmaßnahmen gegen DDoS-Angriffe. Anschauliche Grafiken und Tabellen bilden Prozesse und Zusammenhänge verständlich ab. Didaktisch gut aufbereitet, können Sie die Inhalte mit zahlreichen neuen Übungsaufgaben vertiefen. Das Lehrbuch richtet sich insbesondere an Lesende, für die ein umfassendes Know-how zu Cyber-Security im Arbeits-, Lehr- oder Privatumfeld relevant und interessant ist: · Studierende der Informatik, IT- oder Cyber-Sicherheit, aber auch angrenzende Disziplinen · Auszubildende im Bereich Fachinformatik, digitale Medien · Mitarbeitende/Führungspersonen aller Branchen, die sich mit Digitalisierung beschäftigen Die zweite Auflage des Lehrbuchs Cyber-Sicherheit von Prof. Norbert Pohlmann wurde umfassend überarbeitet, aktualisiert und um drei neue Kapitel sowie ein Glossar erweitert.
Werde ein Data Head
Data Science, Machine Learning und Statistik verstehen und datenintensive Jobs meistern. Fundierte Datenkompetenz für den Arbeitsplatz entwickeln – auch ohne Programmierkenntnisse.Dieses Buch ist ein umfassender Leitfaden für das Verständnis von Datenanalyse am Arbeitsplatz. Alex Gutman und Jordan Goldmeier lüften den Vorhang der Data Science und geben Ihnen die Sprache und die Werkzeuge an die Hand, die Sie benötigen, um informiert mitreden zu können, kritisch über die Auswertung von Daten zu sprechen und die richtigen Fragen zu stellen. Dank dieses Buchs kann jede:r ein Data Head werden und aktiv an Data Science, Statistik und Machine Learning teilnehmen – auch ohne einen technischen Background.In diesem unterhaltsamen und gut verständlichen Buch werden die aktuellen, zum Teil komplexen Data-Science- und Statistik-Konzepte anhand einfacher Beispiele und Analogien veranschaulicht. Sie lernen statistisches Denken, das Vermeiden häufiger Fallstricke bei der Interpretation von Daten, und Sie erfahren, was es mit Machine Learning, Textanalyse, Deep Learning und künstlicher Intelligenz wirklich auf sich hat. Wenn Sie in Ihrem Unternehmen konkret mit Daten arbeiten, Führungskraft oder angehender Data Scientist sind, zeigt Ihnen dieses Buch, wie Sie ein echter Data Head werden.Die Autoren:Alex J. Gutman ist Data Scientist, Unternehmenstrainer und Accredited Professional Statistician®. Sein beruflicher Schwerpunkt liegt auf statistischem und maschinellem Lernen, und er verfügt über umfangreiche Erfahrungen als Data Scientist für das US-Verteidigungsministerium und zwei Fortune-50-Unternehmen. Seinen Doktortitel in angewandter Mathematik erhielt er vom Air Force Institute of Technology.Jordan Goldmeier ist ein international anerkannter Analytik- und Datenvisualisierungs-Experte, Autor und Redner. Er wurde sieben Mal mit dem Microsoft Most Valuable Professional Award ausgezeichnet und hat Mitglieder von Pentagon und Fortune-500-Unternehmen in Analytik unterrichtet. Er ist Autor der Bücher Advanced Excel Essentials und Dashboards for Excel.
Software Architecture by Example
Design system solutions using modern architectural patterns and practices. This book discusses methods to keep a system responsive, even when it is being constantly updated, extending a system's functionality without changing the core code, methods of maintaining data history, and designing a distributed transactional system.This book will guide you in understanding how a software solution is designed using different architectural processes and scenarios. Each scenario explains if and why a software solution is required to resolve a given issue, and discusses possible architectural approaches to solve the problem. You will learn specific implementations of software architecture for each case along with different approaches to achieve the solutions. Each chapter is structured as a real-world requirement from a client and describes a process to meet that requirement.After reading this book, you should have a high-level understanding of the architectural patterns used in the book, and you should have a methodology for approaching system design.WHAT YOU WILL LEARN* Understand design principles and considerations for various stages of software development* Translate patterns into code samples* Create a blueprint for approaching system design* Understand architectural patterns: CQRS, event sourcing, distributed systems, distributed transactions, and plug-in architectureWHO THIS BOOK IS FORDevelopers who wish to move into architecture, and junior software architects also will find the book usefulPAUL MICHAELS is the Head of Development at musicMagpie. He started his career as a professional software engineer in 1997. Paul is a regular speaker, published author, and Microsoft MVP. He enjoys programming, playing with new technology, and finding neat solutions to problems. When he's not working, you can find him cycling or walking around The Peak District, playing table tennis, or trying to cook for his wife and two children. You can follow him on twitter @paul_michaels or find him on LinkedIn. He also writes a blog at pmichaels.net.CHAPTER 1: THE TICKET SALES PROBLEMCHAPTER GOAL: DESIGN A SOFTWARE SOLUTION THAT ADDRESSES THE PROBLEM OF SELLING TICKETS FOR EVENTS. TICKET SALES WILL BE INITIALLY LOW, BUT FOR CERTAIN EVENTS THERE WILL BE HUGE SPIKES.NO OF PAGES: 50SUB -TOPICS1. Message queues / pub / sub2. CQRS – which it doesn’t fitCHAPTER 2: THE CASH DESK PROBLEMCHAPTER GOAL: DESIGN A SOLUTION THAT CATERS FOR A SYSTEM TRACKING MONEY IN AND OUT OF A CASH DESK.NO OF PAGES: 50SUB - TOPICS1. Event Sourcing2.CHAPTER 3: THE TRAVEL AGENT PROBLEMCHAPTER GOAL: DESIGN A SOLUTION THAT CATERS FOR A SYSTEM WHEREBY YOU NEED TO INTERFACE WITH MANY DIFFERENT THIRD-PARTY SYSTEMS AND COLLATE THE RESULTS.NO OF PAGES: 50SUB - TOPICS:1. Distributed systems2. Microservices3. Service bus4. Scheduler Agent Supervisor PatternCHAPTER 4: THE SOCIAL MEDIA PROBLEMCHAPTER GOAL: DESIGN A SOLUTION THAT CATERS FOR A SYSTEM WHEREBY A HIGH FREQUENCY OF UPDATES ARE MADE, AND YET THE EXACT ORDER OF THE TRANSACTIONS IS UNIMPORTANT.NO OF PAGES: 50SUB - TOPICS:1. CQRSCHAPTER 5: THE ADMIN APPLICATION PROBLEMCHAPTER GOAL: DESIGN A SOLUTION WHERE A USER IS ABLE TO CONFIGURE THE RULES WITHIN A GIVEN APPLICATION.NO OF PAGES: 501. N-Tier2. Plug-in architectureCHAPTER 6: THE TRAVEL REP PROBLEMCHAPTER GOAL: DESIGN A SOLUTION TO ALLOW AN APPLICATION TO ACCEPT TRAVEL AGENT QUERIES, BUT TO POLL THE SERVER OFFLINENO OF PAGES: 501. Ambassador pattern2. Message Queues
Creating Apps with React Native
Produce high-quality, cross-platform apps with user experiences almost identical to pure native apps. When evaluating cross-platform frameworks, developers make an assumption that quality will be compromised. But that doesn't have to be true. The principles in this book will show you how to meet quality expectations both from engineering and consumer standpoints.You’ll also realize the ideal of a greater front end. That means your whole front-end team, including app side and web side, will be optimized. The shared knowledge base as well as mobilization potential give more flexibility and strength in all front-end facets without the need of increasing team sizes.The market has seen a large amount of high quality React Native apps and successful stories about them. Nevertheless, under optimized apps and unsuccessful stories shadow. The fundamental difference between the two opposing groups is understanding. Discover the critical points in the React and React Native architecture, and develop general best practices that can lead to consistently developing 0 crash, 5 star apps based on an understanding of fundamentals.WHAT YOU'LL LEARN* Measure and define successful app design* Create animation based on user need* Reduce performance bottleneck throughout your appsWHO THIS BOOK IS FORMobile developers who want to expand their front end skill set, and web developers who want to enter mobile development.Muyang (Holmes) He is a software engineer. He spent four years working with Tencent on hyperscale social network products. At the time when this book is written, he is a mobile software engineer with Microsoft. He is an active advocate and a practice leader of using React Native to create 0 crash, 5 star apps (05 apps).Chapter 1 Start thinking in ReactThe hello world app in piecesProps and StatesFunction componentsChapter 2 React ToolsFlexbox – A Practical GuideScrollView and FlatListInheritance v.s. Composition, HOCError handlingState Management, ReduxReact NavigationApp architecture in action – a boilerplateChapter 3 React Native ArchitectureApp initializationUnder the hood of componentsCommunication between JavaScript and NativeChapter 4 Custom NativeCustom native moduleCustom native componentChapter 5 NetworksPromise chainAwait for async eventConnectivityCommon error handlingPutting it all togetherChapter 6 PerformanceHow to measure and what defines successCritical points in RN architectureLong listPerformance bottlenecks in FlatListCommon optimization techniquesCase studiesItem 1Item 2Item 3Chapter 7 AnimationLayout animationValue driven animationGesture driven animationChapter 8 3rd-Party Components
A Complete Guide to Docker for Operations and Development
Harness the power of Docker by containerizing your code with all its libraries and file systems to consistently run anywhere. This book is your source for learning all about Docker operations and development. It’s divided into two units and focuses on the topics that the Docker Certified Associate exam covers.Unit 1 covers the Docker fundamentals, such as Docker Enterprise for Operations, Docker Enterprise for Developers, Swarm, and an introduction to Kubernetes. You will learn how to install Docker Community Edition, Docker Enterprise Edition with Kubernetes and CLI. Also, you will learn the Docker cycle, container lifecycle, develop applications in any language, wrap, build, ship, and deploy them for production. Finally, you will learn how to create a Swarm cluster, deploy an app to it, and manage it with the best practices according to the current technologies.Unit 2 provides quizzes to help you prepare for the certification test. The DCA exam format and the question style has changed since Mirantis acquired Docker. To accommodate this, the quizzes mirror these changes.WHAT YOU’LL LEARN* Understand the difference between containerization and virtualization* Install Docker CE on various platforms and manage the resources* Write Dockerfile, Docker Compose YAML, and Kubernetes manifest YAML files* Compare microservices and monolithic applications * Containerize monolithic applicationsWHO THIS BOOK IS FORSoftware developers, Cloud Architects, and DevOps operation managers.Engy Fouda is an adjunct lecturer at Suny New Paltz University. She also teaches SAS, Docker Fundamentals, Docker for Enterprise Developers, Docker for Enterprise Operations, and Kubernetes at a Microsoft Training Partner, ONLC Training Centers, and at several other venues as a freelance instructor. She is an Apress and Packt Publishing author. Moreover, she has more than 20 years of experience passing technical certificates. All her students always pass the certifications from the first try. She holds two master’s degrees, one in journalism with a Data Science Professional Graduate Certificate from Harvard University, Extension School, and another in computer engineering from Cairo University, Egypt.UNIT 1: DOCKER FUNDAMENTALSChapter 1: IntroductionChapter 2: Installation and ConfigurationChapter 3: Image and Containers Creation, Management, and RegistryChapter 4: NetworkingChapter 5: Storage and VolumesChapter 6: Docker Enterprise Edition/Mirantis Kubernetes Edition installationChapter 7: Universal Control Plane (UCP)Chapter 8: Docker Trusted Registry (DTR)Chapter 9: MicroservicesChapter 10: OrchestrationChapter 11: Security, RBAC, and DCTChapter 12: DCA exam guideUNIT 2: EXAM PREP QUIZZESChapter 13: Orchestration QuizChapter 14: Image Creation, Management, and Registry QuizChapter 15: Installation and Configuration QuizChapter 16: Networking QuizChapter 17: Security QuizChapter 18: Storage and Volumes Quiz
Beginning Ansible Concepts and Application
Learn the concepts and develop the skills to be a true Ansible artist and use it inside and outside the box. This book applies key concepts immediately while building up your Ansible skills layer by layer through easy to grasp examples and engaging projects. You’ll also think about security, why testing is important, and how to use version control safely.As a beginner to Ansible, you'll be guided step-by-step through creating your first Ansible playbook to deploying your first server and writing more complex cross-dependency playbooks. From the first line of code to the last, you'll constantly iterate and simplify your playbooks, iwhile taking on more complex topics as you construct a full Wordpress website stack consisting of a database, web servers, and load balancer. This book will prompt you to think about how these fit together and will explain what to do to ensure maintainability long into the future.Don’t just use Ansible. Completely change how you go about provisioning, configuring, and managing servers, applications, and their dependencies with this powerful, open source automation tool. In exchange for this power and efficiency, Ansible demands a very different way of thinking about resources and how they all fit together. This can be hard to get your head around if you’ve never done it before. Every step of the way, Beginning Ansible Concepts and Application show you best practices so that you can confidently start using Ansible right away.WHAT YOU'LL LEARN* Set up an Ansible environment* Create and run playbooks* Organize groups of variables, vaults, roles, and tasks to ensure your playbooks are scalable* Protect secrets using Ansible Vaults* Automate the build of a Wordpress websiteWHO THIS BOOK IS FORDevelopers looking for a better way to manage their servers other than by logging in and typing commands. Also enthusiasts who want to learn not just how to use Ansible but how to use it correctly and confidently.SHAUN SMITH is a Fellow of the British Computer Society (BCS) and holds degrees in Computer Science and Psychology. He has a wealth of experience across a broad range of technology, which he combines in novel ways to build out industry-leading, scalable and highly-secure solutions to complex problems. He evangelises simple, elegant and secure designs and these days is focusing on making the Internet a safer place to be and up-skilling the next generation.PETER MEMBREY is a Chartered Fellow of the British Computer Society, a Chartered IT Professional and a Chartered Engineer with nearly a quarter of a century in the field. He has a doctorate in engineering and a masters degree in IT specialising in Information Security. He's co-authored over a dozen books, a number of research papers on a variety of topics and has recently been awarded the Distinguished Contributor award by the IEEE Computer Society. Chapter 1 – Setting the SceneFoundations of AnsiblCreate an environmentChallenges to comeChapter 2 – Say Hello to AnsibleIntroduce AnsibleHistoryToolsChapter 3 – Getting Ansible and Setting Up the EnvironmentDownload and set up AnsibleUsing virtual python environmentsUsing VirtualBoxChapter 4 – Your First Steps with AnsiblePlay with AnsibleRevision control and security aspectsPython 2 vs 3Chapter 5 – Run Your First playbookCreate and run your first playbookStructure of a playbookPut servers under source controlChapter 6 – Designing an InventoryUsing localhostInventoriesChapter 7 – Setting Your Sights – Target the Servers You WantSetting up real serversPlaybook skills and inventory skillsWriting the playbookChapter 8 – Batteries Included – The Core ModulesCore modulesInstalling packages, copying config files, and making changes to system configWeb based documentationChapter 9 – Gathering Data and the Power of FactsUsing fact gatheringAutomatic (implicit) fact-gathering for every playbookExplicit fact gatheringStat to gain information on files, directories, and symbolic linksChapter 10 – The Building Blocks of Ansible – RolesChapter 11 – Making Decisions and Controlling FlowConditionalsOptionsincludes and when clausesChapter 12 – Repeating YourselfLoopsSyntaxChapter 13 – Jinja 2 and the Power of TemplatesChapter 14 – Structuring Your Repo for SuccessBasic directory structureOrganize groups of variables, vaults, roles, and tasks to ensure your playbooks are scalableChapter 15 – Locking Away Your SecretsAnsible-vaultsEnvironment specific encrypted storesChapter 16 – Extending the Power of AnsibleCreation of custom modulesModule types (actions, filters, callback to name a few)Hints and tips on when a plugin is the right course of actionChapter 17 – Dynamically Generating Your InventoryInventory, or CMDBInventory sourceSimple web service to pull in the ansible inventory at runtimeMeta groupsChapter 18 – CommunityShare playbooks with like-minded sysadminsAnsible GalaxyChapter 19 - Troubleshooting AnsibleChapter 20 – Other Projects Around AnsiblePOSSIBLE: document interesting projects that make use of Ansible's power, such as ansible-cmdb
Das datengetriebene Unternehmen
Daten stellen inzwischen einen unverzichtbaren Erfolgsfaktor für jedes Unternehmen dar. Der Weg zur datengetriebenen Organisation ist jedoch mit zahlreichen Herausforderungen gepflastert. Dieses Buch zeigt ein Prozessmodell für den Weg zu einem datengetriebenen Unternehmen auf und gibt Empfehlungen zur Gestaltung aller relevanten Handlungsfelder: Welche Strukturen müssen geschaffen werden? Welche Systeme und Prozesse haben sich als vorteilhaft erwiesen? Wie stellen kann die Qualität der Daten sichergestellt werden und welche Voraussetzungen benötigt die datengetriebene Organisation in den Bereichen Governance und Kommunikation? Und nicht zuletzt: Wie können die Mitarbeiter auf dem Weg mitgenommen werden und welche Implikationen hat die datengetriebene Organisation für unsere Unternehmenskultur? Jonas Rashedi zeigt einen Orientierungs- und Handlungsrahmen zur strategischen und operativen Gestaltung der datengetriebenen Organisation auf, losgelöst von aktuellen technischen Lösungen. Weitere Experten geben prägnante Lösungsvorschläge und Best Practices zu besonders relevanten Aspekten ausgewählter Handlungsfelder.
Python Challenges
Augment your knowledge of Python with this entertaining learning guide, which features 100 exercises and programming puzzles and solutions. Python Challenges will help prepare you for your next exam or a job interview, and covers numerous practical topics such as strings, data structures, recursion, arrays, and more.Each topic is addressed in its own separate chapter, starting with an introduction to the basics and followed by 10 to 15 exercises of various degrees of difficulty, helping you to improve your programming skills effectively. Detailed sample solutions, including the algorithms used for all tasks, are included to maximize your understanding of each area. Author MICHAEL INDEN also describes alternative solutions and analyzes possible pitfalls and typical errors.Three appendices round out the book: the first covers the Python command line interpreter, which is often helpful for trying out the code snippets and examples in the book, followed by an overview of Pytest for unit testing and checking the solutions. The last explains the O notation for estimating performance.After reading this book, you'll be prepared to take the next step in your career or tackle your next personal project. All source code is freely available for download via the Apress website.WHAT YOU WILL LEARNImprove your Python knowledge by solving enjoyable but challenging programming puzzles * Solve mathematical problems, recursions, strings, arrays and more* Manage data processing and data structures like lists, sets, maps* Handle advanced recursion as well as binary trees, sorting and searching* Gamify key fundamentals for fun and easier reinforcementWHO THIS BOOK IS FOR:Programmers, software developers who are either professionals or makers, as well as students and teachers. At least some prior experience with the Python programming is recommended.Michael Inden is an Oracle-certified Java developer with over 20 years of professional experience designing complex software systems for international companies. There, he has worked in various roles such as SW developer, SW architect, consultant, team leader, CTO, head of academy, and trainer. Currently, he is working as a freelancer.His special interests are creating high-quality applications with ergonomic GUIs, developing and solving programming puzzles, and coaching. He likes to pass on his knowledge and has led various courses and talks, both internally and externally, as well as at conferences such as JAX/W-JAX, JAX London, and Oracle Code One.Besides, he is also an author of technical books. His german books, among others "Der Weg zum Java-Profi", Java Challenge", "Python Challenge" are all published by dpunkt.verlag.1. Introduction.- Part I - Fundamentals.- 2. Mathematical Problems.- 3. Recursion.- 4. Strings.- 5. Basic Data Structures: Lists, Sets, and Dictionaries.- 6. Arrays.- Part II - More Advanced and Tricky Topics.- 7. Recursion Advanced.- 8. Binary Trees.- 9. Searching and Sorting.- 10. Conclusion and Supplementary Material.- Part III - Appendices.- Appendix A. Short Introduction to Pytest.- Appendix B. Short Introduction to Decorators.- Appendix C. Quick Start O-Notation.- Appendix D. Short Introduction to Python 3.10.- Bibliography.
CISM Certified Information Security Manager Study Guide
SHARPEN YOUR INFORMATION SECURITY SKILLS AND GRAB AN INVALUABLE NEW CREDENTIAL WITH THIS UNBEATABLE STUDY GUIDEAs cybersecurity becomes an increasingly mission-critical issue, more and more employers and professionals are turning to ISACA's trusted and recognized Certified Information Security Manager qualification as a tried-and-true indicator of information security management expertise.In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you need to prove yourself where it really counts: on the job.Chapters are organized intuitively and by exam objective so you can easily keep track of what you've covered and what you still need to study. You'll also get access to a pre-assessment, so you can find out where you stand before you take your studies further.Sharpen your skills with Exam Essentials and chapter review questions with detailed explanations in all four of the CISM exam domains: Information Security Governance, Information Security Risk Management, Information Security Program, and Incident Management.In this essential resource, you'll also:* Grab a head start to an in-demand certification used across the information security industry* Expand your career opportunities to include rewarding and challenging new roles only accessible to those with a CISM credential* Access the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key termsPerfect for anyone prepping for the challenging CISM exam or looking for a new role in the information security field, the Certified Information Security Manager (CISM) Study Guide is an indispensable resource that will put you on the fast track to success on the test and in your next job.ABOUT THE AUTHORMIKE CHAPPLE, PHD, CISM, is Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame’s Mendoza College of Business. He is a bestselling author of over 25 books and serves as the Academic Director of the University’s Master of Science in Business Analytics program. He holds multiple additional certifications, including the CISSP (Certified Information Systems Security Professional), CySA+ (CompTIA Cybersecurity Analyst), CIPP/US (Certified Information Privacy Professional), CompTIA PenTest+, and CompTIA Security+. Mike provides cybersecurity certification resources at his website, CertMike.com Introduction Assessment Test xxiCHAPTER 1 TODAY’S INFORMATION SECURITY MANAGER 1Information Security Objectives 2Role of the Information Security Manager 3Chief Information Security Officer 4Lines of Authority 4Organizing the Security Team 5Roles and Responsibilities 7Information Security Risks 8The DAD Triad 8Incident Impact 9Building an Information Security Strategy 12Threat Research 12SWOT Analysis 13Gap Analysis 13Creating SMART Goals 16Alignment with Business Strategy 16Leadership Support 17Internal and External Influences 17Cybersecurity Responsibilities 18Communication 19Action Plans 19Implementing Security Controls 20Security Control Categories 21Security Control Types 21Data Protection 23Summary 25Exam Essentials 25Review Questions 27CHAPTER 2 INFORMATION SECURITY GOVERNANCE AND COMPLIANCE 31Governance 33Corporate Governance 33Governance, Risk, and Compliance Programs 35Information Security Governance 35Developing Business Cases 36Third- Party Relationships 37Understanding Policy Documents 38Policies 38Standards 40Procedures 42Guidelines 43Exceptions and Compensating Controls 44Developing Policies 45Complying with Laws and Regulations 46Adopting Standard Frameworks 47Cobit 47NIST Cybersecurity Framework 49NIST Risk Management Framework 52ISO Standards 53Benchmarks and Secure Configuration Guides 54Security Control Verification and Quality Control 56Summary 57Exam Essentials 57Review Questions 59CHAPTER 3 INFORMATION RISK MANAGEMENT 63Analyzing Risk 65Risk Identification 66Risk Calculation 67Risk Assessment 68Risk Treatment and Response 72Risk Mitigation 73Risk Avoidance 74Risk Transference 74Risk Acceptance 75Risk Analysis 75Disaster Recovery Planning 78Disaster Types 78Business Impact Analysis 79Privacy 79Sensitive Information Inventory 80Information Classification 80Data Roles and Responsibilities 82Information Lifecycle 83Privacy- Enhancing Technologies 83Privacy and Data Breach Notification 84Summary 84Exam Essentials 85Review Questions 86CHAPTER 4 CYBERSECURITY THREATS 91CHAPTER 5 EXPLORING CYBERSECURITY THREATS 92Classifying Cybersecurity Threats 92Threat Actors 94Threat Vectors 99Threat Data and Intelligence 101Open Source Intelligence 101Proprietary and Closed Source Intelligence 104Assessing Threat Intelligence 105Threat Indicator Management and Exchange 107Public and Private Information Sharing Centers 108Conducting Your Own Research 108Summary 109Exam Essentials 109Review Questions 111Information Security Program Development and Management 115Information Security Programs 117Establishing a New Program 117Maintaining an Existing Program 121Security Awareness and Training 123User Training 123Role- Based Training 124Ongoing Awareness Efforts 124Managing the Information Security Team 125Hiring Team Members 126Developing the Security Team 126Managing the Security Budget 127Organizational Budgeting 127Fiscal Years 127Expense Types 128Budget Monitoring 129Integrating Security with Other Business Functions 130Procurement 130Accounting 133Human Resources 133Information Technology 135Audit 138Summary 139Exam Essentials 139Review Questions 141CHAPTER 6 SECURITY ASSESSMENT AND TESTING 145Vulnerability Management 146Identifying Scan Targets 146Determining Scan Frequency 148Configuring Vulnerability Scans 149Scanner Maintenance 154Vulnerability Scanning Tools 155Reviewing and Interpreting Scan Reports 159Validating Scan Results 160Security Vulnerabilities 161Patch Management 162Legacy Platforms 163Weak Configurations 164Error Messages 164Insecure Protocols 165Weak Encryption 166Penetration Testing 167Adopting the Hacker Mindset 168Reasons for Penetration Testing 169Benefits of Penetration Testing 169Penetration Test Types 170Rules of Engagement 171Reconnaissance 173Running the Test 173Cleaning Up 174Training and Exercises 174Summary 175Exam Essentials 176Review Questions 177CHAPTER 7 CYBERSECURITY TECHNOLOGY 181Endpoint Security 182Malware Prevention 183Endpoint Detection and Response 183Data Loss Prevention 184Change and Configuration Management 185Patch Management 185System Hardening 185Network Security 186Network Segmentation 186Network Device Security 188Network Security Tools 191Cloud Computing Security 195Benefits of the Cloud 196Cloud Roles 198Cloud Service Models 198Cloud Deployment Models 202Shared Responsibility Model 204Cloud Standards and Guidelines 207Cloud Security Issues 208Cloud Security Controls 210Cryptography 212Goals of Cryptography 212Symmetric Key Algorithms 214Asymmetric Cryptography 215Hash Functions 217Digital Signatures 218Digital Certificates 219Certificate Generation and Destruction 220Code Security 223Software Development Life Cycle 223Software Development Phases 224Software Development Models 226DevSecOps and DevOps 229Code Review 230Software Security Testing 232Identity and Access Management 234Identification, Authentication, and Authorization 234Authentication Techniques 235Authentication Errors 237Single- Sign On and Federation 238Provisioning and Deprovisioning 238Account Monitoring 239Summary 240Exam Essentials 241Review Questions 244CHAPTER 8 INCIDENT RESPONSE 249Security Incidents 251Phases of Incident Response 252Preparation 253Detection and Analysis 254Containment, Eradication, and Recovery 255Post- Incident Activity 267Building the Incident Response Plan 269Policy 269Procedures and Playbooks 270Documenting the Incident Response Plan 270Creating an Incident Response Team 272Incident Response Providers 273CSIRT Scope of Control 273Coordination and Information Sharing 273Internal Communications 274External Communications 274Classifying Incidents 274Threat Classification 275Severity Classification 276Conducting Investigations 279Investigation Types 279Evidence 282Plan Training, Testing, and Evaluation 288Summary 289Exam Essentials 290Review Questions 292CHAPTER 9 BUSINESS CONTINUITY AND DISASTER RECOVERY 297Planning for Business Continuity 298Project Scope and Planning 299Organizational Review 300BCP Team Selection 301Resource Requirements 302Legal and Regulatory Requirements 303Business Impact Analysis 304Identifying Priorities 305Risk Identification 306Likelihood Assessment 308Impact Analysis 309Resource Prioritization 310Continuity Planning 310Strategy Development 311Provisions and Processes 311Plan Approval and Implementation 313Plan Approval 313Plan Implementation 314Training and Education 314BCP Documentation 314The Nature of Disaster 318Natural Disasters 319Human- Made Disasters 324System Resilience, High Availability, and Fault Tolerance 327Protecting Hard Drives 328Protecting Servers 329Protecting Power Sources 331Recovery Strategy 331Business Unit and Functional Priorities 332Crisis Management 333Emergency Communications 334Workgroup Recovery 334Alternate Processing Sites 334Database Recovery 338Recovery Plan Development 340Emergency Response 341Personnel and Communications 341Assessment 342Backups and Offsite Storage 342Utilities 345Logistics and Supplies 345Training, Awareness, and Documentation 345Testing and Maintenance 346Read- Through Test 346Structured Walk- Through 346Simulation Test 347Parallel Test 347Full- Interruption Test 347Lessons Learned 347Maintenance 348Summary 349Exam Essentials 349Review Questions 351Appendix Answers to the Review Questions 357Chapter 1: Today’s Information Security Manager 358Chapter 2: Information Security Governance and Compliance 360Chapter 3: Information Risk Management 362Chapter 4: Cybersecurity Threats 363Chapter 5: Information Security Program Development and Management 365Chapter 6: Security Assessment and Testing 368Chapter 7: Cybersecurity Technology 370Chapter 8: Incident Response 372Chapter 9: Business Continuity and Disaster Recovery 374Index 377
Positive Unlabeled Learning
MACHINE LEARNING AND ARTIFICIAL INTELLIGENCE (AI) ARE POWERFUL TOOLS THAT CREATE PREDICTIVE MODELS, EXTRACT INFORMATION, AND HELP MAKE COMPLEX DECISIONS. They do this by examining an enormous quantity of labeled training data to find patterns too complex for human observation. However, in many real-world applications, well-labeled data can be difficult, expensive, or even impossible to obtain. In some cases, such as when identifying rare objects like new archeological sites or secret enemy military facilities in satellite images, acquiring labels could require months of trained human observers at incredible expense. Other times, as when attempting to predict disease infection during a pandemic such as COVID-19, reliable true labels may be nearly impossible to obtain early on due to lack of testing equipment or other factors. In that scenario, identifying even a small amount of truly negative data may be impossible due to the high false negative rate of available tests. In such problems, it is possible to label a small subset of data as belonging to the class of interest though it is impractical to manually label all data not of interest. We are left with a small set of positive labeled data and a large set of unknown and unlabeled data.Readers will explore this Positive and Unlabeled learning (PU learning) problem in depth. The book rigorously defines the PU learning problem, discusses several common assumptions that are frequently made about the problem and their implications, and considers how to evaluate solutions for this problem before describing several of the most popular algorithms to solve this problem. It explores several uses for PU learning including applications in biological/medical, business, security, and signal processing. This book also provides high-level summaries of several related learning problems such as one-class classification, anomaly detection, and noisy learning and their relation to PU learning.* Preface* Acknowledgments* Introduction* Problem Definition* Evaluating the Positive Unlabeled Learning Problem* Solving the PU Learning Problem* Applications* Summary* Bibliography* Authors' Biographies
Operating AI
A HOLISTIC AND REAL-WORLD APPROACH TO OPERATIONALIZING ARTIFICIAL INTELLIGENCE IN YOUR COMPANYIn Operating AI, Director of Technology and Architecture at Ericsson AB, Ulrika Jägare, delivers an eye-opening new discussion of how to introduce your organization to artificial intelligence by balancing data engineering, model development, and AI operations. You'll learn the importance of embracing an AI operational mindset to successfully operate AI and lead AI initiatives through the entire lifecycle, including key areas such as; data mesh, data fabric, aspects of security, data privacy, data rights and IPR related to data and AI models.In the book, you’ll also discover:* How to reduce the risk of entering bias in our artificial intelligence solutions and how to approach explainable AI (XAI)* The importance of efficient and reproduceable data pipelines, including how to manage your company's data* An operational perspective on the development of AI models using the MLOps (Machine Learning Operations) approach, including how to deploy, run and monitor models and ML pipelines in production using CI/CD/CT techniques, that generates value in the real world* Key competences and toolsets in AI development, deployment and operations* What to consider when operating different types of AI business modelsWith a strong emphasis on deployment and operations of trustworthy and reliable AI solutions that operate well in the real world—and not just the lab—Operating AI is a must-read for business leaders looking for ways to operationalize an AI business model that actually makes money, from the concept phase to running in a live production environment.ULRIKA JÄGARE is the MSc. Director of Technology and Architecture at Ericsson AB. She has over 10 years of experience in data, analytics, and machine learning/artificial intelligence and over 20 years’ experience in telecommunications.Foreword xiiIntroduction xvCHAPTER 1 BALANCING THE AI INVESTMENT 1Defining AI and Related Concepts 3Operational Readiness and Why It Matters 8Applying an Operational Mind- set from the Start 12The Operational Challenge 15Strategy, People, and Technology Considerations 19Strategic Success Factors in Operating AI 20People and Mind- sets 23The Technology Perspective 28CHAPTER 2 DATA ENGINEERING FOCUSED ON AI 31Know Your Data 32Know the Data Structure 32Know the Data Records 34Know the Business Data Oddities 35Know the Data Origin 36Know the Data Collection Scope 37The Data Pipeline 38Types of Data Pipeline Solutions 41Data Quality in Data Pipelines 44The Data Quality Approach in AI/ML 45Scaling Data for AI 49Key Capabilities for Scaling Data 51Introducing a Data Mesh 53When You Have No Data 55The Role of a Data Fabric 56Why a Data Fabric Matters in AI/ML 58Key Competences and Skillsets in Data Engineering 60CHAPTER 3 EMBRACING MLOPS 71MLOps as a Concept 72From ML Models to ML Pipelines 76The ML Pipeline 78Adopt a Continuous Learning Approach 84The Maturity of Your AI/ML Capability 86Level 0— Model Focus and No MLOps 88Level 1— Pipelines Rather than Models 89Level 2— Leveraging Continuous Learning 90The Model Training Environment 91Enabling ML Experimentation 92Using a Simulator for Model Training 94Environmental Impact of Training AI Models 96Considering the AI/ML Functional Technology Stack 97Key Competences and Toolsets in MLOps 103Clarifying Similarities and Differences 106MLOps Toolsets 107CHAPTER 4 DEPLOYMENT WITH AI OPERATIONS IN MIND 115Model Serving in Practice 117Feature Stores 118Deploying, Serving, and Inferencing Models at Scale 121The ML Inference Pipeline 123Model Serving Architecture Components 125Considerations Regarding Toolsets for Model Serving 129The Industrialization of AI 129The Importance of a Cultural Shift 139CHAPTER 5 OPERATING AI IS DIFFERENT FROM OPERATING SOFTWARE 143Model Monitoring 144Ensuring Efficient ML Model Monitoring 145Model Scoring in Production 146Retraining in Production Using Continuous Training 151Data Aspects Related to Model Retraining 155Understanding Different Retraining Techniques 156Deployment after Retraining 159Disadvantages of Retraining Models Frequently 159Diagnosing and Managing Model Performance Issues in Operations 161Issues with Data Processing 162Issues with Data Schema Change 163Data Loss at the Source 165Models Are Broken Upstream 166Monitoring Data Quality and Integrity 167Monitoring the Model Calls 167Monitoring the Data Schema 168Detecting Any Missing Data 168Validating the Feature Values 169Monitor the Feature Processing 170Model Monitoring for Stakeholders 171Ensuring Stakeholder Collaboration for Model Success 173Toolsets for Model Monitoring in Production 175CHAPTER 6 AI IS ALL ABOUT TRUST 181Anonymizing Data 182Data Anonymization Techniques 185Pros and Cons of Data Anonymization 187Explainable AI 189Complex AI Models Are Harder to Understand 190What Is Interpretability? 191The Need for Interpretability in Different Phases 192Reducing Bias in Practice 194Rights to the Data and AI Models 199Data Ownership 200Who Owns What in a Trained AI Model? 202Balancing the IP Approach for AI Models 205The Role of AI Model Training 206Addressing IP Ownership in AI Results 207Legal Aspects of AI Techniques 208Operational Governance of Data and AI 210CHAPTER 7 ACHIEVING BUSINESS VALUE FROM AI 215The Challenge of Leveraging Value from AI 216Productivity 216Reliability 217Risk 218People 219Top Management and AI Business Realization 219Measuring AI Business Value 223Measuring AI Value in Nonrevenue Terms 227Operating Different AI Business Models 229Operating Artificial Intelligence as a Service 230Operating Embedded AI Solutions 236Operating a Hybrid AI Business Model 239Index 241
The Definitive Guide to Security in Jakarta EE
Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth.The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included.Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again.WHAT YOU WILL LEARN* Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications* Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS* Work with the daunting number of security APIs in Jakarta EE* Understand how EE security evolvedWHO THIS BOOK IS FORJava developers using Jakarta EE and writing applications that need to be secured (every application). Basic knowledge of Servlets and CDI is assumed. Library writers and component providers who wish to provide additional authentication mechanisms for Jakarta EE also will find the book useful.ARJAN TIJMS was a JSF (JSR 372) and Security API (JSR 375) EG member, and is currently project lead for a number of Jakarta projects, including Jakarta- Security, Authentication, Authorization, and Faces and Expression Language. He is the co-creator of the popular OmniFaces library for JSF that was a 2015 Duke’s Choice Award winner, and is the author of two books: The Definitive Guide to JSF- and Pro CDI 2 in Java EE 8. Arjan holds an MSc degree in computer science from the University of Leiden, The Netherlands. He has been involved with Jakarta EE Security since 2010, has created a set of tests that most well-known vendors use (IBM, Oracle, Red Hat) to improve their offerings, was part of the JSR 375 (EE Security) EG, and has been the main architect of the security API and its initial RI implementation Soteria. Arjan has also written and certified the MicroProfile JWT implementation for Payara. He was mentored by Sun's (later Oracle's) security expert Ron Monzillo. He wrote a large series of blog posts about EE Security that have attracted a lot of views.WERNER KEIL is a cloud architect, Eclipse RCP, and a microservice expert for a large bank. He helps Global 500 Enterprises across industries and leading IT vendors. He worked for over 30 years as an IT manager, PM, coach, and SW architect and consultant for the finance, mobile, media, transport, and public sectors. Werner develops enterprise systems using Java, Java/Jakarta EE, Oracle, IBM, Spring or Microsoft technologies, JavaScript, Node, Angular, and dynamic or functional languages. He is a Committer at Apache Foundation, and Eclipse Foundation, a Babel Language Champion, UOMo Project Lead, and active member of the Java Community Process in JSRs such as 321 (Trusted Java), 344 (JSF 2.2), 354 (Money, also Maintenance Lead), 358/364 (JCP.next), 362 (Portlet 3), 363 (Unit-API 1), 365 (CDI 2), 366 (Java EE 8), 375 (Java EE Security), 380 (Bean Validation 2), and 385 (Unit-API 2, also Spec Lead), and was the longest serving Individual Member of the Executive Committee for nine years in a row until 2017. Werner is currently the Community representative in the Jakarta EE Specification Committee. He was among the first five Jakarta EE Ambassadors when it was founded as Java EE Guardians, and is a member of its Leadership Council.TEO BAIS is a Software Development Manager, Scrum Master, and Programmer who contributes to the prosperity of the (software) community in several ways. He is the founder and leader of Utrecht Java User Group, which counts over 2600 members and has hosted over 45 events and amazing speakers (among others, James Gosling, Uncle Bob, and over 20 Java Champions), and is running 3 programs: Devoxx4kids, Speaker Incubator and uJCP. Teo served JSR-385 (JSR of the Year 2019) as an EG Member and was nominated as JCP Participant of the Year in 2019. Teo Bais enjoys sharing his knowledge as a public speaker to help others achieve their goals in career and life.1: Security History2: Jakarta EE Foundations3: Jakarta Authentication4: Jakarta Authorization5: Jakarta Security6: Java SE Underpinnings7: EE Implementations8: MicroProfile JWTAppendix A: Spring SecurityAppendix B: Apache ShiroAppendix C: Identity Management
Projektmanagement kurz & gut
Die essenziellen Bestandteile und Anforderungen des Projektmanagements verstehen und Projekte souverän(er) managen* Kompakte Darstellung aller Phasen, Rollen und Bestandteile des Projektmanagements* Denkanstöße und Praxistipps für Projektmanager mit erster Projekterfahrung * Projektmanagement und Agilität im Projektalltag – eine praxisnahe EinordnungWarum sprengen so viele Projekte den angesetzten Zeit- und Kostenrahmen, wo es doch Projektmanagement-Methoden und -Standards wie IPMA, PMI, Scrum, PRINCE2 oder SAFe gibt?Mehr ist häufig zu viel! Die meisten Ansätze sind umfangreich und weisen Projektleiterinnen und Projektleitern eine Vielzahl von Rollen zu. Anstatt das eigene Projekt gedanklich zu durchdringen, bleibt es vielfach beim Abarbeiten von Prozessschritten und Checklisten.Die Autoren von "Projektmanagement kurz & gut" arbeiten die wesentlichen Aspekte und Kernaufgaben des Projektmanagements heraus. Projektleiter, die diese Essenz im Blick haben, können ihr Projekt gezielter und effektiver steuern und bringen Struktur, Klarheit und Ruhe in die Abläufe.Das Taschenbuch behandelt alle Phasen und wesentlichen Aspekte des Projektmanagements wie z.B. Planung, Ressourcen- und Risikomanagement, Softwarequalität und Dokumentation. Es behandelt aber auch Softfaktoren wie den Umgang mit Schwierigkeiten, dem Team und den Stakeholdern. Zudem beleuchtet es das Zusammenspiel von Projektmanagement und agilen Arbeitsweisen.Christoph Bommer ist bei der Yunex Traffic zuständig für das Engineering von Verkehrs- und Tunnelleittechnikprojekten. Er erwarb ein Diplom als Elektroingenieur an der Hochschule für Technik Rapperswil und begann seine berufliche Laufbahn als Softwareentwicklungsingenieur im Telekommunikationsumfeld bei der Siemens AG. Später leitete er verschiedene Entwicklungsprojekte im internationalen Umfeld und führte Softwareentwicklungsabteilungen in der Telekommunikationsbranche wie auch in der Bahnleittechnik. In dieser Zeit befasste er sich intensiv mit der Verbesserung von Entwicklungsprozessen (CMMI). Daniel Brönimann erwarb ein Diplom als Elektroingenieur an der Hochschule für Technik in Rapperswil. Er begann seine berufliche Laufbahn als Softwareentwicklungsingenieur und arbeitete später als Projektleiter bei verschiedensten Softwareprojekten. Dabei kamen sehr unterschiedliche Entwicklungsprozesse zum Einsatz: von schlanken agilen Projekten bis zu stark strukturierten Großprojekten im sicherheitsrelevanten Umfeld. Als Assessor und Certified Senior Project Manager nach IPMA Level B hat er seit vielen Jahren Einblick in die Projektmanagementpraktiken unterschiedlichster Firmen. Heute ist er bei der Siemens Mobility AG als Abteilungsleiter in der Softwareentwicklung tätig und engagiert sich dort unter anderem für die Einführung eines Lean Project Framework. Mehr zu den Autoren finden Sie auch unter: https://pm-essenz.com.
MC Microsoft Certified Azure Data Fundamentals Study Guide
THE MOST AUTHORITATIVE AND COMPLETE STUDY GUIDE FOR PEOPLE BEGINNING TO WORK WITH DATA IN THE AZURE CLOUDIn MC Azure Data Fundamentals Study Guide: Exam DP-900, expert Cloud Solution Architect Jake Switzer delivers a hands-on blueprint to acing the DP-900 Azure data certification. The book prepares you for the test – and for a new career in Azure data analytics, architecture, science, and more – with a laser-focus on the job roles and responsibilities of Azure data professionals. You’ll receive a foundational knowledge of core data concepts, like relational and non-relational data and transactional and analytical data workloads, while diving deep into every competency covered on the DP-900 exam. You’ll also get:* Access to complimentary online study tools, including hundreds of practice exam questions, electronic flashcards, and a searchable glossary* Additional prep assistance with access to Sybex’s superior interactive online learning environment and test bank* Walkthroughs of skills and knowledge that are absolutely necessary for current and aspiring Azure data pros in introductory rolesPerfect for anyone just beginning to work with data in the cloud, MC Azure Data Fundamentals Study Guide: Exam DP-900 is a can’t-miss resource for anyone prepping for the DP-900 exam or considering a new career working with Azure data. ABOUT THE AUTHORJAKE SWITZER is a Cloud Solution Architect at Microsoft specializing in Big Data and Advanced Analytics. He has worked with major athletics customers like the NBA, NFL, MLB, and the USGA on architecting and proving out big data and advanced analytics solutions in Azure. Introduction xxviAssessment Test xviiAnswers to the Assessment Test xxxixCHAPTER 1 CORE DATA CONCEPTS 1Describe Types of Core Data Workloads 2Data Value 3Data Volume 10Data Variety 11Data Velocity 14Describe Data Analytics Core Concepts 21Data Processing Techniques 21Describe Analytics Techniques 32Describe Data Visualization Techniques 34Summary 40Exam Essentials 41Review Questions 44CHAPTER 2 RELATIONAL DATABASES IN AZURE 49Relational Database Features 51Relational Database Design Considerations 51Relational Database Offerings in Azure 61Azure SQL 63Azure Synapse Analytics Dedicated SQL Pools 90Open- Source Databases in Azure 92Management Tasks for Relational Databases in Azure 96Deployment Scripting and Automation 96Migrating to Azure SQL 105Database Security 106Common Connectivity Issues 113Management Tools 115Query Techniques for SQL 119DDL vs. DML Commands 120Query Relational Data in Azure SQL, MySQL, MariaDB, and PostgreSQL 125Summary 129Exam Essentials 130Review Questions 132CHAPTER 3 NONRELATIONAL DATABASES IN AZURE 139Nonrelational Database Features 140Key- Value Store 141Document Database 142Columnar Database 143Graph Database 144Azure Cosmos DB 145High Availability 146Request Units 148Azure Cosmos DB APIs 150Management Tasks for Azure Cosmos DB 154Deployment Options 154Azure Cosmos DB Security 165Azure Cosmos DB Common Connectivity Issues 167Management Tools 169Summary 170Exam Essentials 171Review Questions 174CHAPTER 4 FILE, OBJECT, AND DATA LAKE STORAGE 177File and Object Storage Features 178Azure Storage 179Performance Tiers 180Data Redundancy 181Deploying through the Azure Portal 182Azure Storage Services 187Management Tasks for Azure Storage 198Deployment Scripting and Automation 198Azure Storage Security 201Azure Storage Common Connectivity Issues 212Management Tools 213Summary 217Exam Essentials 218Review Questions 221CHAPTER 5 MODERN DATA WAREHOUSES IN AZURE 225Analytical Workload Features 226Transactional vs. Analytical Workloads 226Data Processing Techniques 229Modern Data Warehouse Components 233Data Modeling Best Practices for Data Warehouses 233Azure Services for Modern Data Warehouses 234End- to- End Analytics with Azure Synapse Analytics 268Deploying an Azure Synapse Analytics Workspace 270Contents xvNavigating the Synapse Studio UI 271Dedicated SQL Pools 275Serverless SQL Pools 287Summary 292Exam Essentials 293Review Questions 295CHAPTER 6 REPORTING WITH POWER BI 301Power BI at a Glance 302Working with Power BI 303Summary 324Exam Essentials 325Review Questions 326Appendix Answers to the Review Questions 329Chapter 1: Core Data Concepts 330Chapter 2: Relational Databases in Azure 331Chapter 3: Nonrelational Databases in Azure 333Chapter 4: File, Object, and Data Lake Storage 334Chapter 5: Modern Data Warehouses in Azure 335Chapter 6: Reporting with Power BI 337Index 339
Data Science mit AWS
End-to-End-Pipelines für Continuous Machine Learning implementieren Mit diesem Buch lernen Machine-Learning- und KI-Praktiker:innen, wie sie erfolgreich Data-Science-Projekte mit Amazon Web Services erstellen und in den produktiven Einsatz bringen. Das praxisorientierte Handbuch stellt den KI- und Machine-Learning-Stack von Amazon vor, der Data Science, Data Engineering und Anwendungsentwicklung umfasst. Chris Fregly und Antje Barth zeigen Ihnen, wie Sie ML-Pipelines in der Cloud anlegen und die Ergebnisse innerhalb von Minuten in Anwendungen integrieren. Sie erfahren zudem, wie Sie Kosten senken können und die Performance Ihrer Anwendungen optimieren.Aus dem Inhalt: Wenden Sie den KI- und ML-Stack von Amazon auf reale Use Cases an, insbesondere aus den Bereichen Natural Language Processing, Computer Vision, Betrugserkennung oder dialogfähige GeräteNutzen Sie AutoML, um sich wiederholende Aufgaben mit Amazon SageMaker Autopilot zu automatisierenTauchen Sie tief in den kompletten Lebenszyklus einer NLP-Modellentwicklung auf BERT-Basis ein und lernen Sie dabei, wie Sie Daten einlesen und analysieren sowie Modelle trainieren und deployenBündeln Sie alle Teilschritte eines Workflows zu einer wiederverwendbaren MLOps-PipelineVerwenden Sie Amazon Kinesis und Amazon Managed Streaming for Apache Kafka für Echtzeit-ML, Anomalieerkennung und Streaming-AnalysenProfitieren Sie von bewährten Sicherheitspraktiken für das Identitäts- und Zugriffsmanagement, die Authentifizierung und AutorisierungAutoren: Chris Fregly ist Principal Developer Advocate für KI und Machine Learning bei AWS in San Francisco. Er spricht regelmäßig auf Konferenzen auf der ganzen Welt zu KI und Machine Learning, unter anderem bei der O'Reilly AI Superstream Series. Zuvor hat er PipelineAI gegründet, war Solutions Engineer bei Databricks und Software Engineer bei Netflix. In den letzten zehn Jahren hat er sich auf den Aufbau von KI- und Machine-Learning-Pipelines mit AWS konzentriert. Antje Barth ist Senior Developer Advocate für KI und Machine Learning bei AWS in Düsseldorf. Sie ist Mitbegründerin der Düsseldorfer Gruppe von „Women in Big Data“ und spricht häufig auf KI- und Machine Learning-Konferenzen und Meetups auf der ganzen Welt. Außerdem leitet und kuratiert sie Inhalte für O'Reilly-AI-Superstream-Veranstaltungen. Zuvor war sie als Software Engineer bei Cisco und MapR tätig und beschäftigte sich mit Infrastrukturen für Rechenzentren, Big Data und KI-Anwendungen.Zielgruppe: Data ScientistsData EngineersMachine Learning Engineers
Mastering the Microsoft Kinect
Know how to program the Microsoft Kinect and use the device for applications that interact directly with humans through gestures and motion. This book covers the mathematics and theoretical background needed for depth sensing, motion tracking, and object recognition while maintaining a practical focus on getting things done. You will learn to track the human body in three-dimensional space, analyze the human motion, and remove the background to isolate the person being tracked. You will see how to recognize objects and voice, and transform between the three-dimensional physical space and a computer’s two-dimensional screen.The book is written with real-world applications in mind. It provides step-by-step tutorials and source code for common use cases. The author has worked with startups and Fortune 500 companies, and all of the examples are taken directly from the industry. The book’s practical focus simplifies the core principles, removes the clutter, and allows developers to start writing code right away. Also covered is the use of Azure Cognitive Services on Microsoft’s cloud platform and their use for object and voice recognition, enabling your applications to “see” objects and respond to their environment.WHAT YOU WILL LEARN* Visualize color, depth, and body data* Calculate angles between different body joints* Analyze human motion and create fitness applications* Recognize objects and voice using cloud-powered artificial intelligence* Remove the background from a scene to create virtual worldsWHO THIS BOOK IS FORDevelopers who want to build demanding Kinect apps and games, and those who are looking for a careful balance between theoretical knowledge and practical application that favors the practical. Readers should have a basic knowledge of C# and some familiarity with the Unity3D engine.VANGOS PTERNEAS is a professional software engineer and an award-winning Microsoft Most Valuable Professional. Since 2012, Vangos has been helping Fortune 500 companies and ambitious startups create demanding motion-tracking applications. He is obsessive about analyzing and modeling every aspect of the human motion using computer vision and mathematics. Kinect programming started as a hobby and quickly evolved into a full-time business. Vangos is sharing his passion by regularly publishing articles and open-source projects that help fellow developers understand the fascinating Kinect technology. PART I. MEET THE KINECT1. Mixed Reality and Kinect2. The Developer ToolboxPART II. THE BASICS3. Configuring the Device4. Color Data5. Depth Data6. Body TrackingPART III. THE MAGIC7. Streaming Data in the Background8. Coordinate Mapping9. Augmented Reality – Removing the Background of the Users10. Motion AnalysisPART IV. THE "AZURE" IN KINECT11. Azure Cognitive Services12. Computer Vision and Object Detection
Automotive Cybersecurity
Die aktuellen technologischen Veränderungen, allen voran die Digitalisierung, die Vernetzung von Verkehrssystemen und das Autonome Fahren, schaffen einerseits neue Mobilitätslösungen, andererseits rücken dadurch Fahrzeuge und die Automotive Infrastruktur als zunehmend attraktive Angriffsziele in den Fokus von Hackern und Cyberkriminellen. Die höhere Komplexität elektronischer Systeme hat eine größere Angriffsoberfläche zur Folge. Ein strukturierter und ganzheitlicher Ansatz macht diese Herausforderung beherrschbar. Dieses Buch verschafft dem Leser einen Überblick über die für ein umfassendes Securitykonzept erforderlichen Security-Bausteine. Die detaillierte Darstellung verschiedener Security-Mechanismen beschreibt einerseits wie Fahrzeugsysteme vor bestimmten Angriffen geschützt werden und macht andererseits deutlich, welche Herausforderungen und Abhängigkeiten deren Implementierung in ein Automotive Deeply-Embedded System mit sich bringt. Cybersecurity im Automobilbereich.- Security-Strategie.- Security-Organisation und -Management.- Sicherer Produktlebenszyklus.- Technische Security-Bausteine.- ECU-Schutzkonzepte.- Sichere E/E-Architektur.- Sichere Außenschnittstellen.- Sichere Fahrzeug-Infrastruktur