Cognitive Behavioral Therapy Essay -- Psychology, Rational Behavioral

Brief history of the hypothesis and scholar. In it's least complex structure, Cognitive Behavioral Therapy, (or CBT as it will be alluded to starting now and into the foreseeable future), alludes to the methodology of changing broken practices and considerations to reasonable and sound ones. CBT includes a few kinds of treatment concentrating on the effect of a person's intuition as it identifies with communicated practices. Such models incorporate sound emotive treatment (RET), sane emotive social treatment (REBT), conduct treatment (BT), Rational Behavior Therapy (RBT), Schema Focused Therapy, Cognitive treatment (CT). Most as of late a couple of different varieties have been connected to CBT, for example, acknowledgment and duty treatment (ACT), argument social treatment (DBT), and Mindfulness-Based Cognitive Therapy (MBCT) (Harrington and Pickles, 2009). The primary perspective that these parts of treatment share, is that our considerations identify with our outer practices. Outside occasions and people don't cause the pess imistic musings or sentiments, at the same time, rather the view of occasions and circumstances is the underlying driver (National Association of Cognitive Behavioral Therapists, 2010). The possibility of musings as they associate with practices can be followed back to Epictetus (55 AD - 135 AD , Greek Stoic and Philosopher). He expressed, â€Å"Men are not upset by things, however by the view which they take of them (Epictetus and Higgonson, 1944). Epictetus likewise composed, â€Å"Do not take a stab at things happening to happen as you wish, yet wish things happening as they happen, and you will stream well (Epictetus and Lebell, 1994).† as it were, perceive the truth about things and great wellbeing will follow (Romaneck, 2007).† Another conviction was that a sage or educator was invulnerable to misery and misf... ...dog by means of story, guidance or through music improvement (Deggs and Davis, 49. 2011). Schoolwork for CBT customers may incorporate perusing proposed articles or books, taking reviews, journaling, recording considerations and testing negative programmed musings, making schedules and evaluated exposures (easing back bringing dreaded things to the cutting edge). Guided revelation, organized meetings, schoolwork and coordinated effort. Socratic thinking/addressing (open addressing). Testing NATS (Negative Automatic Thoughts), testing center convictions. ERP (introduction and reaction anticipation). Intellectual social treatment utilizes the ABC model. A represents activity or enacting occasion, B speaks to convictions or contemplations that are made from the actuating occasion, and C speaks to outcomes or how we respond to the occasion. Schoolwork is a key part of this treatment.

The Position Paper on Thomas Friedmans Speech

In his keynote address for MIT Milestone Celebration (2008), Thomas Friedman examines the globalization forms on the planet and related changes in the correspondence, innovation, work, social exercises, and training while at the same time expressing that the advanced world is ‘flat’.Advertising We will compose a custom article test on The Position Paper on Thomas Friedman’s Speech explicitly for you for just $16.05 $11/page Learn More To comprehend the particular conditions for the world to become ‘flat’, Friedman utilizes the possibility of a ‘flattener’ which adds to the improvement of globalization in the entirety of its structures. Friedman decides four fundamental flatteners which are the PC, Netscape, the work process unrest, and transferring. Alluding to these flatteners, Friedman expresses that the world has changed altogether comparable to making, utilizing, and sharing the advanced substance, and the flatteners assume the notewo rthy job all the while (Friedman, 2008). It is conceivable to concur with Friedman’s thoughts on the job of a PC, utilization of programs, transferring and controlling the advanced information for the world’s progress and changing the ways to deal with conveying and breaking down the substance. Today, the substance saved in the advanced structure is the essential instrument to play out a great deal of activities since individuals transfer, download, look for, and work the computerized information comprehensively so as to finish various assignments. Breaking down the job of the computerized content today, it is conceivable to concur with Friedman’s contention on the job of imagining the PC on the grounds that the creation and conveyance of the advanced substance turned into the truth simply in the wake of working out the PC (Friedman, 2008). Starting here, while examining the job of the computerized content on the planet, its creation, advancement, and associatio n, it is important to allude to the PC as the essential device to make the advanced realty closer to every person round the world. The following perspective which is critical to be talked about is the likelihood to share or convey the advanced substance. Regardless of the way that the PC attempts to make the information, it is imperative to have the assets with the assistance of which people can share and locate the substance. That is the reason, it is suitable to allude to Friedman’s conversation of the job of Netscape all the while. The formation of the general correspondence stage and the creation of the program permitted people to depend on the network of the Internet (Friedman, 2008). Today, the possibility of the substance conveyance is related with each mutual photo and message the connections to which can be additionally found with the assistance of a program. That is the reason, it is practically difficult to dismiss the possibility that Netscape assumed the progress ive job in advancing the substance conveyance and diverse globalization processes.Advertising Looking for article on business financial aspects? We should check whether we can support you! Get your first paper with 15% OFF Learn More Friedman likewise examines the idea of the work process unrest as subject to the advancement of the PC advances and Internet assets (Friedman, 2008). The likelihood to share the advanced information animates the worldwide joint effort of individuals living in various nations. This thought can likewise be bolstered by those people who or whose family members and companions work to finish extends in relationship with the remote colleagues with the assistance of the Internet assets. Starting here, Netscape or the incredible correspondence stages to share the computerized content are the key devices to animate globalization, the work process transformation, and coordinated effort. In addition, it is additionally conceivable to concur with Friedman comparabl e to the point that the following stage is the green upheaval in light of the fact that the procedures should change as per the laws of the advancement, and other progressive thoughts should come. State that web based business and the presentation inside the worldwide market and ventures of various on-screen characters are the intelligent results of the created work process unrest. The world can be examined as open for every person who has the Internet association and who can work the advanced substance. Besides, the work showcase is likewise open for people who are slanted to work abroad without leaving their home spots. Subsequently, Friedman can be considered as right while expressing that individuals share the computerized content for nothing as well as work together with the assistance of PCs, Netscape, and other web assets (Friedman, 2008). In addition, while transferring records and advanced information, individuals additionally become progressively open for the worldwide net work which could utilize this data regularly for nothing. Accordingly, Friedman’s decisions about the ‘flat’ world and cloud limits among states and districts can be seen nearly by everybody in light of the fact that these progressions of the world are watched generally, and it is difficult to overlook the impacts of the globalization related with the innovative turn of events. The unrest related with making, creating, altering, sharing, and conveying the computerized content prompted the upset in the people’s correspondence and occupation cooperations. Besides, these progressions added to the advancement of the globalization forms. In his discourse for MIT Milestone Celebration, Thomas Friedman decides four flatteners, and it is conceivable to concur with the speaker that these variables assumed the key job in improving the cutting edge world in light of the fact that the consequences of the advanced upset are watched today widely.Advertising We will comp ose a custom exposition test on The Position Paper on Thomas Friedman’s Speech explicitly for you for just $16.05 $11/page Learn More Works Cited Friedman, Thomas. MIT Milestone Celebration: Keynote Address. 11 Jan. 2008. Web. https://www.youtube.com/watch?v=EcE2ufqtzyk. This article on The Position Paper on Thomas Friedman’s Speech was composed and put together by client Giselle H. to help you with your own investigations. You are allowed to utilize it for research and reference purposes so as to compose your own paper; be that as it may, you should refer to it likewise. You can give your paper here.

Allegiance

Allegiance 1. Labels The number of double takes and comments I’ve gotten this month in response to my choice of dorm has been astounding: “What does your room look like? Does all the furniture in your room hang from the ceiling?” “Are you this quiet all the time? You must be crazier in everyday life. Are you hiding something from us?” “I hear it’s really dirty…but I mean, I bet you live in one of the cleaner parts.” I imagine a big label being added next to my nameâ€"from East Campus. May show up to work with green hair. May enjoy setting things on fire in free time. May affix furniture to ceiling when bored.1 I’m a pretty vanilla EC resident. My lifestyle doesn’t take advantage of the perks of living in ECâ€"I don’t spend a lot of time building roller coasters, customizing my room, being naked in public, or playing with cats. It’s a very special place and the culture is great and everything, but I live there because I ended up hanging out there a lot during CPW and REX, most likely because I had friends who lived there already. I’m happy enough there and I like many of the residents. These reasons are, I imagine, pretty much the same as anyone else’sto me, EC is a home, not a social statement. Like my internship: it is a job, not a social statement. Among my friends at MIT, announcements of ones decision to work in finance are shrouded in the pretense of “it’ll be an interesting thing to try for a month, but I don’t expect to like it”â€"because people Like Us don’t actually pursue careers at big banks, which, you know, overflow with moneyed people who judge you based on what you wear to the interview. If I mention that I am Course 14, I’ll often clarify that I like theoretical stuff, I like behavioral stuff, I like the kind of economics that takes place in third-world countries and not in banksanything that doesn’t have to do with money, because God forbid anyone should ever actually contemplate making a profit. So I’m hesitant to tell people where I’m working right now, because the reactions are like, “I see; you’re a yuppie now. Should’ve seen this one coming,” or worse, “Oh my god, are you a banker now? Are you just going to sell out like that? What are your hours? Can I even trust you anymore? (Absolutely not. I am going to sell all your stuff when your back is turned.) Are you a Sloanie2 now? What about Bernie Sanders?!” The adults who populate universities have already made the choice to eschew finance and corporate jobs in favor of teaching and research, so I’ve wondered if even my research mentors are judging meâ€"I told my research supervisor where I would be over IAP, and she immediately asked not what I would be doing but how much I would be making. I’ve been on the other endâ€"I’m weirdly allergic to the idea of my friends going into finance, and the word comes with many negative associations that I have to work hard to reason past. I use the phrase “sell out” a lot, mostly when talking about myself. I really, really didnt want to like my job. And I’m surprised that I now like my workplace and might seriously want to return for the summer.3 To address some stereotypes: “finance” can mean many different things. Especially in a large bank, hours and work vary greatly across divisions and desks. I’m at a desk with relatively reasonable hours (8:45 â€" 7:30?) because we focus on constructing longer-term portfolios, don’t execute trades (i.e. don’t need to be in super early, don’t need to be on our toes following the markets), and, as I understand, spend a lot of time building tools for others to use. On a day-to-day basis, we mostly code quietly.4 2. Swallowing my pride Last week, I told my momâ€"who works in quantitative trading, one flavor of financeâ€"that I didn’t like my work environment, and she basically said, “suck it up, intern.” This is the tough-love way of saying, Youve only been there a week; youll get used to it, and it will get better, which was, as it turns out, what I needed to hear. It takes time to get used to the reward system of my workplace because it’s so different from the one in school. You are judged based on your record of performance. If you are used to being praised for your talent in theoretical, abstract fields, tough luck, because none of that directly influences performance. If you are new, tough luck, because you have no record of anything. I hang out with a lot of mathematicians and theoretical physicists who have incredibly powerful minds and little patience for illogical stuff that is learned by rote. I share their impatience; I don’t dedicate much time to learning materialâ€"like corporate financeâ€"that is theoretically easy to learn. But at the end of the day, I’m less knowledgeable than someone who put in the hours, even if I have all this extra theoretical knowledge and this big brain to boot. Soâ€"note to self and people “like me” at the lower rungs of a large bank: Learn to swallow your pride. Yes, you might be more capable of solving difficult problems than, say, your manager, and financial literacy is easier to pick up than abstract algebra, but you still need to invest the effort of learning it. Its easy to fall into the trap of thinking most of these peoples minds arent as sharp as mine, but hard work, opportunism, and results trump all else. While chatting with a MIT graduate who is now in the top rungs of the hierarchy, I asked, “Do you regret not doing anything when you were at MIT?” And he said: now that he has faith in his own abilities, he would have taken 18.701 and the advanced economics courses: 14.04, 14.05, 14.06. I took 18.701 and 14.04 this semester, yet Im certainly not doing better than him. I think I would like to be somewhere that rewards me for the abstract thinking I learned in courses like these. Bonus points if my job allows me to write in a format that’s not just code or business emails. Also, I (and probably most of the workforce) function best when my emotions are engaged in alignment with what I need to accomplish; I am going to seek out work that feels like a better cause.5 I’m currently moving more and more in the direction of grad school/research. And yeahâ€"I do fear that the true, real, deep, unspeakable reason I don’t want to work in (most divisions of) a big bank is that I’m too soft and lazy. Im a millennial who wants to be valued “as a person” and am not disciplined enough to deal with long hours and bureaucracy. But alas, we’ll never know. Anyway, it’s been fun, but I think I’m done. Part of me wants to stay and prove myself and my ability to work my ass off and be entrepreneurial and get ahead, but first I need to go back to MIT and take 14.05. Footnotes 1 I could be wrong about them judging me. It just feels that way. Also, for the unacquainted, these are stereotypes associated with the dorm East Campus and, more generally, the dorms on the east side of MITs campus, which have, I guess, relaxed social conventions and dorm rules. 2 SloanieMIT business student or undergrad who behaves like a business student, oft. mocking or derogatory. A relevant Quora answer. 3 But in the research division, so it’s okay, right?!! I think itd be better in the summer because Id know more people in the city/the intern program would be long enough to make lasting connections/it wouldnt be too cold to go outside. I don’t superficially have a lot in common with the people I’ve met, which makes small talk awkward (and networking events excruciating). So it’d be hard for me to make good friends from the job alone: work moves quickly, and there’s not much time to get to know someone beyond the labels they wear in order to signal what type of person they are. (Its not really a place where people go to make friends, though, which is a shamethe employees spend so many hours together. But I guess this is also a millennial thing, the idea that workplace should be friendly.) 4 In addition, everyone around me (and, from what I’ve heard, around the firm) is extraordinarily hardworking and resourceful. This month was almost like a boot camp, and in that light I think the externship was a very worthwhile experience. It is refreshing being around people who are all very socially savvy (or think they are), but you’re constantly left wondering, “Do you actually care about me or did you just read the book How to Win Friends and Influence People?” It feels like high school all over again: who’s fake, who’s doing it just for college admissions, who’s for real, and does it even matter? I can play that game, but I’d rather not. 5 I was going to say, I want a creative job, but I also thought, lol, i sound like such a millennial, its insane, so this thought has been relegated to the footnotes section.

Evolution of Communication - 1115 Words

The Evolution of Communication Communications is a field and industry as diverse as it is important. The concept of human communications is one that has been evolving alongside man himself. Early communications involved primitive, shallow exchanges among local people, while today, we are able to communicate across the world in a seemingly infinite number of ways. For all of its complexities, the concept of communication is very simple: relaying a piece of information from one or more humans to others. In this way, the evolution of human communication sheds light onto both the way we as humans communicate and the significance of communications. From the early days of human civilization, the idea of communications was quite†¦show more content†¦This evolution has yielded ever-expanding ways of communicating with people over the internet. No longer is it possible to only send text messages. Now, people can send text, pictures, videos and more and have access to all of the se files via their social networking accounts. While these changes have given wonder and amazement to our capabilities, the effects such changes have had on friendship are not all positive. Increased emphasis on social networking and digital communications have undermined the newer generation’s ability and proclivity to build and sustain traditional normal and healthy human relationships (Ad Age 2006). While such technology is beneficial in many ways, an inherent caveat of the expansion of technology is the increasing need for emphasis on computer and web ethics. Such ethics, whose presence or necessity seemed unthinkably unnecessary or irrelevant, now come to dominate the way in which society uses the technology at their disposal. The increase of this technology has led to a vast increase of freedom and unchecked expressivity, exemplified primarily through the way people use social networks. People can enter their own information, say what they want to who they want wit hout any real consequences, since they have the safety veil of the computer removing them from real consequence. In this way, an ethical code must be discussedShow MoreRelatedThe Evolution Of Communication And Communication882 Words   |  4 PagesThe Evolution of Communication Communication is undeniably the most valuable resource known to man. As humans, or beings for that matter, communication is essential for success in life, for human connection, survival and as a basic necessity. Our ability to communicate has had a direct effect on society. The advances in the modes we use to communicate or the technology used to communicate has resulted in dramatic changes in our relevance and efficiency as a society and a species. From pictographsRead MoreEvolution Of Communication893 Words   |  4 PagesEvolution of Communication What would we do without our cell phones and Facebook? We would have to get in a car and go see our friends or family. Think about the old days, when smoke signals were the only instant messenger we had. Our means of communication have vastly transformed over the past years. I will explain the significant changes in communication in detail. If we look back to the prehistoric era, we saw cave paintings from the neanderthals which depicted events and portrayed messages.Read MoreThe Evolution of Human Communication1217 Words   |  5 Pageswas at an all-time high. The children were forced to go outside to make friends and have fun. Adults went to work and talked to other coworkers and had to leave their house to talk to other people. Social integration was solely based on physical communication. When you woke up in the morning, you didn’t know what your day was going be like unless you had a calendar. At the end of a long day people would come home to their families, eat dinner, and sit together as a family and watch television at nightRead MoreTechnology and the Evolution of Communication2084 Words   |  9 PagesTechnology and the Evolution of Communication Technology, driven by innovation, provided people with the ability to communicate with other people all over the world. Some would say this technology helped the masses to become more introverted as it has the potential to separate individuals from the neighbors across the street. The online environment was once used infrequently as cyberspace remained relatively unknown to the public. Individuals received their bills in the mail and in turn, wroteRead More The Evolution of Communication Essay757 Words   |  4 PagesThe Evolution of Communication Since the earliest of years, communication has been an important part of life. The term communication is defined as a means to give or interchange thoughts, feelings, information, or the like, by writing, speaking, gesturing, etcetera ( Stein, 298). Communication allows humans and other life-forms to interact with each other and transfer important information. The information transferred could be comprised of anything from a nearby food source to the discovery ofRead MoreThe Evolution Of Mobile Communication2329 Words   |  10 Pages1.2 Evolution of Mobile Communication A mobile communication is evaluates through different generations: First Generation(1G): First generation of mobile communication developed in 1980 s and completed in early 1990 s based on analog system.1G systems are based on AMPS(Advanced Mobile Phone Service ) technology.1G network only supports voice communication and no data service is provided by this. Second Generation (2G): Second generation of mobile communication was developed in 1990 s basedRead MoreEssay on Evolution and Ambiguous Communication766 Words   |  4 Pages Throughout the debate concerning evolution, I have noted the relative precision or imprecision of various methods of human communication. From the connotations of particular words to the emotion incited by a distinct music phrase, it is often surprising which human forms of expression are ambiguous and which seem to be universal. When considering this phenomenon, it is perhaps useful to construct a method for discussing the relative accuracy of communicating exactly what we mean when we use variousRead MoreEvolution Of Gesture And Vocal Communication1538 Words   |  7 PagesEvolution of Gesture and Vocal Communication in Primates Introduction Apes are the model organisms in the field of animal communication and neuro-scientific studies. Apes DNA is about 98.6% similar to humans possessing cognitive, emotional and psychological characteristic which closely resemble humans. Not long ago scientists started studying primates because of these characteristics and most of the work is in the field of cognitive and behavioral neuroscience. Phylogenetically, primates and humanRead MoreCommunication And Cell Phones : The Evolution Of Electronic Communication1339 Words   |  6 PagesThe evolution of social interaction, like so much of human existence, usually takes place over multiple generations. However, the advent of mobile cellular devices and their proliferating ownership and use has altered social interaction dramatically in the last decade; communication never stops. Instead of looking ahead while walking and engaging with other pedestrians, many people are looking down and interacting with their mobile device. Texting whil e driving is such a significant problem thatRead MoreThe Change And Evolution Of Print Communication2258 Words   |  10 PagesAnjali Thomas EGL 102 Professor Sloan The world we live in: From traditional to digital The change and evolution in print communication have been happening for a long time. It has been significantly seen more rapid and fast approaching over the recent years. Newspaper industries have been downsizing their papers over the country rapidly more than before and slowly turning to see the change in depending on the digital side. The digital replacement for these print media is not just seen in newspaper

Will our Generation Understand the Impacts of Global...

Will our generation ever understand the impacts of global change? I am going to give information and examples of global climate change in this essay/report. Most people does not even know the difference between weather and climate. So I am going to explain to those people the difference. Weather and climate are not the same thing. Even though they effect each other and are similar. Weather is the state of the atmosphere at a certain time and place, with it being hot or cold, wet or dry, calm or stormy, or clear or cloudy. Climate is weather patterns over a period of time. Weather is what makes climate. There has to be weather in an area for there to be a climate in the specific area. There are two main natural processes that affect global†¦show more content†¦By cutting down trees that use carbon dioxide, or takes it out of the air, makes the carbon dioxide in the air build up and as you know carbon dioxide is a greenhouse gas. The more carbon in the air the hotter it gets and can cause global warming. When you burn fossil fuels it releases all the carbon that is stored up in the fossil fuels. Fossil fuels are biggest contributor to greenhouse gases. Fracking is drilling into the earth for things such as wells. Fracking can release chemicals that can harm many people. Mining is when people in an industry that mines for coal. Coal is a fossil fuel and is one of the fossil fuels that is burned a lot. As I said previously, burning fossil fuels releases lots of carbon dioxide. Carbon dioxide or CO2 is a greenhouse gas that traps in a lot of heat. The more CO2 we release the warmer it gets. We can tell these things by ice sheets when they are examined. Urbani zation is when you add more people to an urban area. An urban area is something like a city or town. All this is just a big chain effect. lets start from the beginning. First you have to cut down trees or also known as deforestation. By cutting down trees that is letting more carbon to get in the air, rather than taking some of it out of the air with trees. Then after you cut up trees and fix the area for buildings you bring in equipment the put up buildings. All of the equipment that is used releases carbon dioxide. Also it takes fossil fuels to make theShow MoreRelatedThe Ethical And Moral Task Of The United States Ammunition Stockpiling Within Gun Owners917 Words   |  4 Pageshuman population. As the world’s population and demands to raise the quality of life grows exponentially, it is the ethical and moral task of the global community to define, implement, and educate the world on sustainable practices to prevent scarcity and limited availability that can hinder econo mic, environmental, and political progress of the global society presently and in the future. Sustainable practices are the resulting actions, technology development, and social and environmental perspectivesRead More Exemplification Essay: Why The World Is Doomed1086 Words   |  5 Pagesquite an impression on our world, and has transformed the earths resources into tools to make life easy. However, mans manipulation on earth has become detrimental to the health of our planet and the safety of mankind. Through the use and production of resources such as oil and energy, man is gradually poisoning the earth. Pollution has become such a dilemma in society; there is no real control or a feasible solution to societys recklessness. Without complete change, our system will collapse. TheRead MoreThe Issue Of Global Warming1338 Words   |  6 Pagesissue of global warming has been primarily brought to the attention of the public. Global warming is generally assumed to be the main cause of rising average global temperature. The climate on the Earth is changing and there is no big surprise. It is believed that global warming is caused by many natural and manmade activities, which is affecting the planet by the seconds, minutes, hours, days, and years. Many may not even care about this serious issue, but others harm for the future generations. GlobalRead MoreGlobal Warming Public Policy Paper1311 Words   |  6 PagesGlobal Warming Public Policy Paper The issue of Global warming is currently a very heated argument in the scientific community. Since the start of the industrial revolution countless amounts of carbon emissions have been pumped into the earth’s atmosphere, causing the temperatures in a majority of the parts of the world to rise. The research in this paper will inform the reader about the general concepts behind global warming and the ways the government effects how it is treated, by the end of thisRead MoreClimate Change And Global Warming Essay1659 Words   |  7 Pages Climate Change: A New Subject in School? Carmela Roque US Government period 3 Mr. Wootten Mercy High School Burlingame September 29, 2016 The Earth has always been undergoing climate change. Extreme weather, natural disasters, and global warming are a few examples of current climate changes. To help prevent this, the Climate Change Education act was introduced by Ed Markey, a democrat from Massachusetts. The main goal of this act was to educate the citizensRead MoreThe Effects Of Fossil Fuels On The Environment1734 Words   |  7 PagesWhat we can be scientifically certain of is that our continued use of fossil fuels is pushing us to a point of no return, warns President Obama, â€Å"we are condemning future generations to global catastrophe.† The point of no return metaphorically represents the place in ones journey that must be continued with no alternative routes or ability to make change. In consort with President Obama, many scientists believe the point of no return could occur if significant efforts aren’t made soon. AnthropogenicRead MoreClimate Change Is A Serious Problem For The Planet Earth975 Words   |  4 Pages Climate change is the rise in the temperature of the earth’s surface mainly credited to the increased levels of Carbon dioxide in the atmosphere. Climate change is a serious problem for the planet earth that have leaders from around the world worried about its effects. The rise of sea level, the melting of the glaciers on Antarctica due to the emission of carbon dioxide (CO2) and other greenhouse gases in the atmosphere is threatening the life of people living in many different big cities aroundRead MoreGlobal Climate Change And Global Warming1054 Words   |  5 Pageshuge part of our daily lives and over the years we have seen energy consumption rates raise significantly. It really isn t much of a secret that global climate change is happening. From the melting of the polar ice caps, to record severe temperatures, rise in natural disasters, rise in pollution, greater number of vector-borne and water borne illnesses, and much more. Unless there is some thing done to change the current technology being used to provide energy to the human population global climate changeRead MoreEnvironmental Sustainable Development : Global Warming1696 Words   |  7 Pagesthe impact of war. The world fears famine, floods, and earthquakes because we have all seen the damage caused by these phenomena. The world fears terrorists because we have all seen the damage they can cause. Unfortunately, few people are concerned about the dangers of climate change because the world is yet to witness its brunt. Environmentalists seem to be the only click of people worried about the activities of human beings that are pointing to a catastrophe commonly referred to as global warmingRead MoreThe Problem Of Global Warming1088 Words   |  5 Pageshimself why we did not stop the climate change when we had the chance. However, today global warming is out of control, global temperatures are steadily rising. â€Å"The primary cause, a consensus of scientists has sai d, is the rising emissions of greenhouse gases like carbon dioxide and methane† (Stone, 2013). The CO2 stays in the atmosphere for 50 to 100 years, nitrous oxide for 114 years while the methane stay in the atmosphere for at least 12 years. The impact of these greenhouse gases is of an immediate

Smart Cards Free Essays

string(113) " chip connection is either via direct physical contact or remotely via a contact less electromagnetic interface\." 1. INTRODUCTION Smart card is one of the greatest achievements in the world of information technology. Similar in size to today’s plastic payment card, the smart card has a microprocessor or memory chip embedded in it that, when coupled with a reader, has the processing power to serve many different applications. We will write a custom essay sample on Smart Cards or any similar topic only for you Order Now As an access-control device, smart cards can be used to access server remotely over the Internet and they can make personal and business data available only to the appropriate users. Smart cards provide data portability, security, convenience and the like. According to Gemplus (ref. 19]), smart cards can be categorized into the following . Memory and microprocessor- Memory cards simply store data and can be viewed as a small floppy disk with optional security. A microprocessor card, on the other hand, can add, delete and manipulate information in its memory on the card. Contact and contactless – Contact smart cards are inserted into a smart card reader, making physical contact with the reader. However, contactless smart cards have an antenna embedded inside the card that enables communication with the reader without physical contact. A combi card combines the two features with a very high level of security. Smart cards help businesses evolve and expand their products and services in a changing global marketplace. The scope of uses for a smart card has expanded each year to include applications in a variety of markets and disciplines. In recent years, the information age has introduced an array of security and privacy issues that have called for advanced smart card security applications. â€Å"Key to the global village†,  that is how the Smart Card has been described. Smart Cards will bring big changes to the way people provide and receive information and the way they spend money. They will have a profound impact on retailing and service delivery. A  Smart Card  is like an â€Å"electronic wallet†. It is a standard credit card-sized plastic intelligent token within which a microchip has been embedded within its body and which makes it ‘smart’. It provides not only memory capacity, but computational capability as well and thus the chip is capable of processing data. It has gold contacts that allow other devices to communicate with it. This chip holds a variety of information, from stored (monetary) value used for retail and vending machines to secure  information  and  applications  for higher-end operations such as medical/healthcare records. New information and applications can be added depending on the chip capabilities. Smart Cards can store several hundred times more data than a conventional Card with a  magnetic stripe  and can be programmed to reveal only the relevant information. For Example, it could tell a device in a store that there is sufficient balance in an account to pay for a transaction without revealing the balance amount. The marriage between a convenient plastic card and a microprocessor allows information to be stored, accessed and processed either online or offline. Therefore, unlike the read-only plastic card, the processing power of Smart Cards gives them the versatility needed to make payments, to configure your cell phones, TVs and video players and to connect to your computers via telephone, satellite or the Internet anytime, anywhere in the world. 2. HISORICAL PERSPECTIVE Smart card was invented at the end of the seventies by Michel Ugon (Guillou, 1992). The French group of bankcards CB (Carte Bancaire) was created in 1985 and has allowed the diffusion of 24 million devices (Fancher, 1997). For the physical characteristics the first draft proposal was registered in 1983. A long discussion resulted in the standardization of the contact location. Next was the standardization of signals and protocols which resulted in standards ISO/IEC 7816/1-4. Logical security came next, as it was clear from the beginning that there was a need for cryptographic capabilities, though this was a bit difficult due to the limited computing power and the few bytes of RAM available at that time (Quisquater, 1997). Nowadays, smart cards are used in several applications. The technology has its historical origin in the seventies when inventors in Germany, Japan, and France filed the original patents. While inventors in the U. S. , Japan and Austria, were issued patents, it was the French who put up big money to push the technology. They did this in the 1970’s, during a period of major national investment in modernizing the nation’s technology infrastructure. Due to several factors most work on Smart Cards was at the research and development level until the mid-eighties. Since then, the industry has been growing at tremendous rate is shipping more than one billion (1,000,000,000) cards per year (since 1998). The current world population of Smart Cards of some 1. 7 billion is set to increase to 4 billion or more cards within the next 3-4 years. A survey completed by Card Technology Magazine (http://www. cardtechnology. com) indicated that the industry had shipped more than 1. 5 billion smart cards worldwide in 1999. Over the next five years, the industry will experience steady growth, particularly in cards and devices to conduct electronic commerce and to enable secure access to computer networks. A study by Dataquest in March, 2000, predicts almost 28 million smart card shipments (microprocessor and memory) in the U. S. According to this study, an annual growth rate of 60% is expected for U. S. smart card shipments between 1998 and 2003. Smart Card Forum Consumer Research, published in early 1999, provides additional insights into consumer attitudes towards application and use of smart cards. The market of smart card is growing rapidly due to its wide range of applications. The worldwide smart cards market forecast in millions of dollars and billions of units as shown in figure 1: 3. CONSTRUCTION OF THE SMART CARD The main storage area in such cards is normally  EEPROM (Electrically Erasable Programmable Read-Only Memory),  which can have its content updated, and which retains current contents when external power is removed. Newer Smart Card chips, sometimes, also have  math co-processors  integrated into the microprocessor chip, which is able to perform quite complex encryption routines relatively quickly. The chip connection is either via direct physical contact or remotely via a contact less electromagnetic interface. You read "Smart Cards" in category "Essay examples" Its chip therefore characterizes a Smart Card uniquely; with its ability to store much more data  (currently up to about 32,000 bytes)  than is held on a  magnetic stripe,  all within an extremely secure environment. Data residing in the chip can be protected against external inspection or alteration, so effectively that the vital secret keys of the cryptographic systems used to protect the integrity and privacy of card-related communications can be held safely against all but the most sophisticated forms of attack. The functional architecture of a GSM (Global system of mobile communication) system can be broadly divided into  the Mobile Station, the Base Station Subsystem, and the Network Subsystem. Each subsystem is comprised of functional entities that communicate through the various interfaces using specified protocols. The subscriber carries  the mobile station;  the base station subsystem  controls the radio link with the Mobile Station. The network subsystem,  the main part of which is the Mobile services Switching Center, performs the switching of calls between the mobile and other fixed or mobile network users, as well as management of mobile services, such as authentication. Fig 3. 1. 1: Smart Card Construction. Fig 3. 1. 2: Smart Card Construction. Mostly all chip cards are built from layers of differing materials, or substrates, that when brought together properly gives the card a specific life and functionality. The typical card today is made from PVC, Polyester or Poly carbonate. The card layers are printed first and then laminated in a large press. The next step in construction is the blanking or die cutting. This is followed by embedding a chip and then adding data to the card. In all, there may be up to 30steps in constructing a card. The total components, including software and plastics, may be as many as 12 separate items; all this in a unified package that appears to the user as a simple device. 3. 1 Types of smart cards: Today, there are basically three categories of Smart Cards – A microprocessor chip can add, delete and otherwise manipulate information in its memory. It can be viewed as a miniature computer with an input/output port, operating system and hard disk. Microprocessor chips are available 8, 16, and 32 bit architectures. Their data storage capacity ranges from 300 bytes to 32,000 bytes with larger sizes expected with semiconductor technology advances. 3. 1. 2 Integrated Circuit (IC)  Microprocessor Cards – Fig 3. 1. 1: An Integrated Circuit used in Smart Cards. Microprocessor cards (generally referred to as  Ã¢â‚¬Å"chip cards†) offer greater memory storage and security of data than a traditional magnetic stripe card. Their chips may also be called as  microprocessors with internal memory  which, in addition to memory, embody a processor controlled by a  card operating system,  with the ability to process data onboard, as well as carrying small programs capable of local execution. The microprocessor card can add, delete, and otherwise manipulate information on the card, while a memory-chip card (for example, pre-paid phone cards) can only undertake a pre-defined operation. The current generation of chip cards has an  eight-bit  processor, 32KB read-only memory, and 512 bytes of random-access memory. This gives them the equivalent processing power of the original  IBM-XT  computer, albeit with slightly less memory capacity. 3. 1. 2. 1. Uses: These cards are used for a variety of applications, especially those that have cryptography built in, which requires manipulation of large numbers. Very often the data processing power is used to encrypt/decrypt data, which makes this type of card very unique person identification token. Data processing permits also the dynamic storage management, which enables realization of flexible multifunctional card. Thus, chip cards have been the main platform for cards that hold a secure digital identity. Hence they are capable of offering advanced security mechanism, local data processing, complex calculation and other interactive processes. Most stored-value cards integrated with identification, security and information purposes are processor cards. Some examples of these cards are – * Cards that hold money  (â€Å"stored value cards†) Card that hold money equivalents (for example,  Ã¢â‚¬Å"affinity cards†) * Cards that provide secure access to a network * Cards that secure cellular phones from fraud * Cards that allow set-top boxes on televisions to remain secure from piracy 3. 1. 3 Integrated Circuit (IC)  Memory Cards – Memory cards can just store data and have no data processing capabilities. These have a  memory chip with non-programma ble logic,  with storage space for data, and with a reasonable level of built-in security. IC memory cards can hold up to  1 – 4 KB  of data, but have no processor on the card with which to manipulate that data. They are less expensive than microprocessor cards but with a corresponding decrease in data management security. They depend on the security of the card reader for processing and are ideal when security requirements permit use of cards with low to medium security and for uses where the card performs a fixed operation. There is also a special type memory cards called the  Wired Logic (or Intelligent Memory)  cards, which contain also some built-in logic, usually used to control the access to the memory of the card. 3. 1. 3. 1 Uses: Memory cards represent the bulk of the Smart Cards sold primarily for pre-paid, disposable-card applications like pre-paid phone cards. These are popular as high-security alternatives to magnetic stripe cards. 3. 1. 4 Optical Memory Cards – Optical memory cards look like a card with a piece of a CD glued on top – which is basically what they are. Optical memory cards can store up to  4 MB  of data. But  once written, the data cannot be changed or removed. 3. 1. 4. 1 Uses: Thus, this type of card is ideal for record keeping – for example medical files, driving records, or travel histories. 3. 1. Fundamentals of Card Operation: Today’s Smart Cards need electrical power from outside, plus a way for data to be read from, and sometimes to be transmitted to, the chip. They interact with an  Ã¢â‚¬Å"accepting device†,  usually known as a  card reader, which exchanges data with the card and usually involves the electronic transfer of money or pers onal information. The information or application stored in the IC chip is transferred through an electronic module that interconnects with a terminal or a card reader. There are two general categories of Smart Cards:  Contact  and  Contactless  Smart Cards. Fig 3. 1. 5. 1: Contact Smart Card. The  contact  Smart Card has a set of gold- plated electrical contacts embedded in the surface of the plastic on one side. It is operated by inserting the card (in the correct orientation) into a slot in a card reader, which has electrical contacts that connect to the contacts on the card face thus establishing a direct connection to a conductive micro module on the surface of the card. This card has a contact plate on the face, which is a small gold chip about 1/2† in diameter on the front, instead of a magnetic stripe on the back like a â€Å"credit card†. When the card is inserted into a Smart Card reader, it makes contact with an electrical connector for reads and writes to and from the chip it is via these physical contact points, that transmission of commands, data, and card status takes place. Such a card is traditionally used at the retail point of sale or in the banking environment or as the GSM SIM card in the mobile ‘phone. Fig 3. 1. 5. 2: Contactless Smart Card (This diagram shows the top and bottom card layers which sandwich the antenna/chip module. ) A  contactless  Smart Card looks just like a plastic â€Å"credit card† with a computer chip and an antenna coil embedded within the card. This antenna allows it to communicate with an external antenna at the transaction point to transfer information. The antenna is typically 3 – 5 turns of very thin wire (or conductive ink), connected to the contactless chip. This aerial coil of the antenna is laminated into the card and allows communication even whilst the card is retained within a wallet or handbag. The same activation method applies to watches, pendants, baggage tags and buttons. Thus no electrical contacts are needed and it is therefore called as â€Å"contactless†. Such Smart Cards are used when transactions must be processed quickly, as in mass-transit toll collection or wherever the cardholder is in motion at the moment of the transaction. Close proximity, typically two to three inches for non-battery powered cards (i. e. an air-gap of up to 10cms) is required for such transactions, which can decrease transaction time while increasing convenience as both the reader and the card have antenna and it is via this contactless link that the two communicate. Most contactless cards also derive the internal chip power source from this electromagnetic signal. Radio frequency technology is used to transmit power from the reader to the card. Two new categories, derived  from the contact and contactless cards are  combi  cards and  hybrid  cards. A  hybrid  Smart Card has  two chips,  each with its respective contact and contactless interface. The two chips are not connected, but for many applications, this Hybrid serves the needs of consumers and card issuers. Fig 3. 1. 5. 3: Combi Card (This shows both the contact and contactless elements of the card. ) The  combi  card (also known as the  dual-interface  card)  is a card with both contact and contactless interfaces. With such a card, it becomes possible to access the same chip via a contact or contactless interface, with a very high level of security. It may incorporate two non-communicating chips – one for each interface – but preferably has a single, dual-interface chip providing the many advantages of a single e-purse, single operating architecture, etc. The mass transportation and banking industries are expected to be the first to take advantage of this technology. 4. SMART CARD APPLICATION The self-containment of Smart Card makes it resistant to attack, as it does not need to depend upon potentially vulnerable external resources. Because of the security and data storage features, Smart Cards are rapidly being embraced as the consumer token of choice in many areas of the public sector and commercial worlds and are often used in different applications, which require strong security protection and authentication. Many of the applications of Smart Cards require sensitive data to be stored in the card, such as biometrics information of the card owner, personal medical history, and cryptographic keys for authentication, etc. Smart Cards are being deployed in most sectors of the public and private marketplaces. Here are some  popular application areas where  Smart Cards are being used in today’s world: * Loyalty * Financial * Information Technology * Government * Healthcare * Telephony * Mass Transit * Identification on Internet 4. 1 Some of the major applications of the Smart Cards, as seen around the world, are: * There are over 300,000,000 GSM mobile telephones with Smart Cards, which contain the mobile phone security and subscription information. The handset is personalized to the individual by inserting the card, which contains its phone number on the network, billing information, and frequently call numbers. Various countries with national health care programs have deployed Smart Card systems. The largest is the German solution which deployed over 80,000,000 cards to every person in Germany and Austria. * There are over 100 countries worldwide who have reduced or eliminated coins from the pay phone system by issuing Smart Cards. Germany, France, UK, Brazil, Mexico, and Chin a have major programs. * Almost every small dish TV satellite receiver uses a Smart Card as its removable security element and subscription information. They are used as a credit/debit bankcard, which allows them for off-line transactions and store the credit and debit functions of financial institutions. * They can be used in retail loyalty schemes and corporate staff systems. Other applications for Smart Cards include computer/internet user authentication and non-repudiation, retailer loyalty programs, physical access, resort cards, mass transit; mass transit ticketing schemes, electronic toll, product tracking, national ID, driver’s license, pass ports, and the list goes on. . 2 Automating Transportation Services: With billions of transport transactions occurring each day, Smart Cards have easily found a place in this rapidly growing market. A few of the numerous examples of Smart Cards in transportation are: * Mass Transit Ticketing  Ã¢â‚¬â€œ Using contactless Smart Car ds allows a passenger to ride several buses and trains during his daily commute to work while not having to worry about complex fare structures or carrying change. * Urban Parking  Ã¢â‚¬â€œ You don’t need to carry the correct change anymore†¦ ust a prepaid contact Smart Card. * Electronic Toll Collection  Ã¢â‚¬â€œ As you drive through the toll gate of a bridge, a Smart Card, inserted into an RF transponder within your car, electronically pays the toll; without you ever stopping! * Airline Application  Ã¢â‚¬â€œ Your frequent flyer miles are added onto your airline Smart Card as your ticket is removed from it at the gate, eliminating paperwork! 4. 3 Internet: The role of the Internet has developed to include the support of electronic commerce. It was designed for the free exchange of information, and as such, t is a rich supply of academic, product and service information. But how does an Internet shopper go from looking at the product to actually buying it? The Smar t Card is the ideal support for payment over the Internet, whether in cash or as credit. However, the Internet shopper needs to connect his smart payment card to his computer and through the computer to the Internet. Smart Card readers are inexpensive, low-power devices which can be easily added to existing computers. The additional cost of building them into future computers or peripherals is extremely low. The Internet is focusing the need for online identification and authentication between parties who cannot otherwise know or trust each other, and Smart Cards are believed to be the most efficient way of enabling the new world of e-trade. Smart Cards can act as an identification card, which is used to prove the identity of the cardholder. Besides using Smart Cards for payment over the Internet, the possibilities are endless like  carrying your favorite addresses from your own personal computer to your friend’s Network Computer and downloading your airline ticket and boarding passes, telepayments of the goods purchased online and such others. . SMART CARD TERMS AND CONCEPTS 5. 1 Memory Management Smart card is a device with major hardware constraints: low-power CPU, low data rate serial I/O, little memory etc. Today, card technology utilizes 8 bit processors (mainly of the 6805 or 8051 family) whose memory sizes are about a few tens of kilobytes (Urien, 2000), typically 1-4 kb RAM (Random Access Memory), 32-128 kb ROM (Read Only memory) and 32-64 kb EEPROM (Electrically Erasable Programmable Read Only Memory) at least, with options on FLASH and FRAM (Ferroelectric Random Access Memory) as well. As the demand for smart cards matures the standard memory of 32 or 64 Kbytes can prove a serious limitation. A solution to this is to look at some of the design issues and techniques to incorporate multiple memory chips in a single smart card. Gemplus had already produced a twin card, incorporating two unconnected chips in a single card. Other approaches include the use of PC in conjunction with smartcard. For instance, Blaze (1996) proposes the use of a powerful PC with a smart card for symmetric key encryption because the PC provides higher encryption bandwidth. Table 1 below shows storage capacity needed for various communication rates. | Communication rate| Storage capacity| P C (Pentium IV)| 120 Mbps | 10 K Bytes| Standard smart card| 9600 bps | 64 K Bytes | Multiple chip card| 20 Mbps | 224 M Bytes | Table 5. 1. 1: Communication rate and storage capacity According to Junko (2002), the EEPROM used in current smart cards is reaching its scalability limits, particularly for smart card devices built in 0. 13-micron technology and beyond. For this reason, companies like Philips agree on the need for alternative non-volatile memory for future smart cards. Currently Philips is leaning toward magnetic RAM as an alternative to EEPROM. Another important application that requires memory management is the application of biometrics. The use of biometrics within the card itself will mean that biometric features (fingerprint, retina, voice etc) can reliably identify a person. With enhancement in memory system, it will soon be possible to authorize the use of electronic information in smart card using a spoken word. The use of some of these features has already been implemented in many applications. Malaysia’s national ID, for instance, is a multipurpose smart card with a fingerprint biometric. The card is first of its kind in the world as it combines many applications such as driving license, passport, healthcare, and non-government applications such as an e-purse. (See http://www. jpn. gov. my/ or www. iris. com. my for details). Table 2 below gives the required bytes for various biometrics. Additional information about biometric technology and standards can be found from the following organizations: The Biometric Consortium (www. biometrics. org), International Biometric Industry Association (www. ibia. rg), or Bio API Consortium (www. iapi com) Biometric| Bytes Required| Finger scan| 300-1200| Finger geometry| 14| Hand geometry| 9| Iris recognition| 512| Voice verification| 1500| Face recognition| 500-1000| Signature verification| 500-1000| Retina recognition| 96| Table 5. 1. 2 Required Bytes for Biometrics 5. 2 Security Issues Security is always a big concern for smart cards applications. This naturally gives rise to the need for reliable, efficient cryptographic algorithms. We need to be able to provide authentication and identification in online-systems such as bank machine and computer networks, access control and the like. Currently such facilities allow access using a token; however, it is vital that the holder of the token be the legitimate owner or user of the token. As smart card is handicapped or highly restricted in their input/output (unable to interact with the world without outside peripherals), this leads to the involvement of many parties in its applications. Some of the parties involve: Cardholder, Data Owner, Card Issuer, Card Manufacturer, Software Manufacturer, and Terminal Owner as mentioned in (Schneier, 1999). It is there for essential to ensure that none of the above mentioned parties is threat to one another. To achieve this, there is need for further investigation in the design and analysis of smart card authentication and identification protocols. For this reason, Gobioff (1996) proposes that smart cards be equipped with â€Å"additional I/O channels† such as buttons to alleviate these shortcomings. Further, there are numerous intrusion techniques able to tamper with smart cards and other similar temper-resistant devices as presented in (Anderson, 1997). This also indicates the need for effective intrusion detection/prevention techniques. 5. 3 Open Architecture Existing smart card standards leave vendors too much room for interpretation. To achieve wider implementation, there is need for an open standard that provides for inter-operable smart cards solutions across many hardware and software platforms. Open Platform, as defined by Global Platform (www. GlobalPlatform. org) is a comprehensive system architecture that enables the fast and easy development of globally interoperable smart card systems. It comprises three elements; card, terminal and systems, each of which may include specifications, software and/or chip card technology. Together these components define a secure, flexible, easy to use smart card environment. Development environment in use today include; Java, Visual C, Visual Basic, C++, and the like. The development of standards like GSM, EMV, CEPS, PC/SC, OCF, ITSO and IATA 791 represents an opportunity for manufacturers to produce products on an economic scale and give stability to systems designers. According to a report by Data card Group (White paper version1. ), True ‘open’ smart cards will have the following characteristics: * They will run a non-proprietary operating system widely implemented and supported. * No single vendor will specify the standards for the operating system and the card’s use. * The cards will support a high-level application programming language (e. g. , Java, C++) so issuers can supply and support their own applicat ions as well as applications from many other vendors. * Applications can be written and will operate on different vendor’s multi-application smart cards with the same API (Application Programming Interface). To overcome the problem of lack of standardization, U. S. organizations have developed an add-on piece of smart card software meant to overcome communication problems between chip cards and readers from different vendors. They would like to see this technology, which they call a â€Å"card capabilities container,† used worldwide, making it an industry standard that would allow U. S. agencies to buy cards and readers from many vendors, sure that they would work together (Cathy, 2002). Another move is the development of a new organization called Smart Card Alliance, formed by Smart Card Industry Association (SCIA) and Smart Card Forum (SCF) to act as a single voice for the US smart card industries. Even in biometrics, each vendor has its own methods for enrolling individuals and later checking someone’s identity against the stored image. However, there are efforts underway to create biometric standards, largely driven by the U. S. government. In a major step, the American National Standards Institute approved Bio API as a standard way for biometric devices to exchange data with ID applications. ANSI now is preparing to propose Bio API to ISO for adoption as an international standard (Donald, 2002). 5. 3. 1 Operating Systems Today’s smart card operating systems and application frameworks are intrinsically local and mono application. Moreover, smartcard communicates with the outside world through a serial link. As the chip has a single bi-directional I/O pin, this link can only support haft-duplex protocol. The majority of chips work at the speed of 9600 baud, although the ISO standard 7816 has defined a maximum data rate of 230400 baud. A new type of SPOM (Self-Programmable One-Chip Microcomputer), named ISO/USB has been introduced in 1999; it provides a direct connection between a SPOM and the terminal via an USB port (Urien, 2000). According to USB specification, a data throughput from 1. 2 to 12 Mbits/s may be obtained between the chip and the terminal. The vision of smart card as an application platform rather than a simple security token is a paradigm shift for smartcard operating systems. According to Jurgensen (2002), the current operating system model cannot completely support the needs or the vision of Universal Integrated Circuit Card (UICC). The move is now towards the development of Next Generation Smart Card Operating Systems (COSng), which will be able to handle multi-applications and support future requirements. 5. 4 Performance Performance and speed are very important factors that need to be considered in most smart card application. To achieve this, transistor scaling or the reduction of the gate length (the size of the switch that turns transistors on and off), must be taken into consideration. This idea not only improves the performances of chips but also lowers their manufacturing cost and power consumption per switching event. Recently, IBM have built a working transistor at 6 nano meters in length which is per beyond the projection of The Consortium of International Semiconductor Companies that transistors have to be smaller than 9 nano meters by 2016 in order to continue the performance trend. The ability to build working transistors at these dimensions could allow developers to put 100 times more transistors into a computer chip than is currently possible. The IBM results will lead to further research into small, high-density silicon devices and allow scientists to introduce new structures and new materials. Details are available from IBM Research News 9thDecember 2002, available online: http://www. research. ibm. com/. 5. 5 Reader Requirements As the needs and uses of smart card increases, the need for a Smart Card reader that is not portable, small or light, but also easy to connect and access has arrived. However, some developers like â€Å"Browns† (http://www. brownsbox. com/) believe that the need for a reader is a problem, meaning extra expenditure, and, when working with a laptop, is a waste of a port. In view of this, an approach toward a device that can be attached to a PC (internally or externally) has arrived. To solve this problem, Browns developed a method that turns a floppy disk drive into a smart card reader. Another popular approach in Europe is the smarty smartcard reader/writer the size of a 3. 5-inch diskette by Smart Disk Corp. The device does not require a serial, parallel, or USB port, instead it works directly from a diskette drive. Smarty supports all smart card a protocol, including ISO 7816 and it works under different operating systems. Details are available from: http://www. smartcomputing. com/. This idea of smart diskette was initially proposed by Paul (1989) as shown in figure 3. A similar approach involves the development of keyboard with integrated card reader, and/or keyboard with integrated fingerprint sensor and card reader by â€Å"Cherry†(http://www. accesskeyboards. co. uk/cherry. tm). 5. 6 Portability As mentioned earlier, portability or convenience of handling is one of the most important characteristics of smart cards. Since the smartness of smart card relies on the integrated circuit embedded in the plastic card, it is possible that the future smart cards might look like other everyday objects such as rings, watches, badges, glasses or earring because that same electronic funct ion could be performed by embedding it in these objects. What remain is for developers and researchers to look into the best way of implementing it if the need arises. 6. SMART CARD VS BIOMETRIC One of the primary reasons that smart cards exist is for security. The card itself provides a computing platform on which information can be stored securely and computations can be performed securely. Consequently, the smart card is ideally suited to function as a token through which the security of other systems can be enhanced. Most of today’s systems need proper user authentication/identification as it is a crucial part of the access control that makes the major building block of any system’s security. Three methods are currently in use: what the user has (e. . smart card), what the user knows (e. g. password), and what the user is (biometrics). Each of these methods has its own merits and demerits especially when used alone. When a single method is used, we believe smartcard is the best choice. Passwords can easily be forgotten, attacked, and guessed. Similarly, biometric schemes alone are not good enough to ensure user authentication, as the y are also vulnerable to attacks. First, we look into some of the benefits in using biometric schemes and then analyze some of their limitations. The primary advantage of biometric authentication methods over other methods of user authentication is that they use real human physiological or behavioral characteristics to authenticate users. These biometric characteristics are (more or less) permanent and not changeable. It is also not easy (although in some cases not principally impossible) to change one’s fingerprint, iris or other biometric characteristics. Further, most biometric techniques are based on something that cannot be lost or forgotten. This is an advantage for users as well as for system administrators because the problems and costs associated with lost, reissued or temporarily issued tokens/cards/passwords can be avoided, thus saving some costs of the system management. However, as reported in (Luca 2002), the major risk posed by the use of biometric systems in an authentication process is that a malicious subject may interfere with the communication and intercept the biometric template and use it later to obtain access. Likewise, an attack may be committed by generating a template from a fingerprint obtained from some surface. Further, performance of biometric systems is not ideal. Biometric systems still need to be improved in terms of accuracy and speed. Biometric systems with the false rejection rate under 1% (together with a reasonably low false acceptance rate) are still rare today. Although few biometric systems are fast and accurate (in terms of low false acceptance rate) enough to allow identification (automatically recognizing the user identity), most of current systems are suitable for the verification only, as the false acceptance rate is too high. Moreover, not all users can use any given biometric system. People without hands cannot use fingerprint or hand-based systems. Visually impaired people have difficulties using iris or retina based techniques. Some biometric sensors (particularly those having contact with users) also have a limited lifetime. While a magnetic card reader may be used for years (or even decades), the optical fingerprint reader (if heavily used) must be regularly cleaned and even then the lifetime need not exceed one year. Biometric data are not considered to be secret and security of a biometric system cannot be based on the secrecy of user’s biometric characteristics. The server cannot authenticate the user just after receiving his/her correct biometric characteristics. The user authentication can be successful only when user’s characteristics are fresh and have been collected from the user being authenticated. This implies that the biometric input device must be trusted. Its authenticity should be verified (unless the device and the link are physically secure) and user’s likeness would be checked. The input device also should be under human supervision or tamper-resistant. The fact hat biometric characteristics are not secret brings some issues that traditional authentication systems need not deal with. Many of the current biometric systems are not aware of this fact and therefore the security level they offer is limited. User’s privacy may be violated by biometric schemes. Biometric characteristics are sensitive data that may contain a lot of personal information. The DNA (being the typical example) contains (among others) t he user’s preposition to diseases. This may be a very interesting piece of information for an insurance company. The body odour can provide information about user’s recent activities. It is also mentioned in (Jain, 1999) that people with asymmetric fingerprints are more likely to be homosexually oriented, etc. Use of biometric systems may also imply loss of anonymity. While one can have multiple identities when authentication methods are based on something the user knows or has, biometric systems can sometimes link all user actions to a single identity. Furthermore, biometric systems can potentially be quite troublesome for some users. These users find some biometric systems intrusive or personally invasive. In some countries people do not like to touch something that has already been touched many times (e. g. , biometric sensor), while in some countries people do not like to be photographed or their faces are completely covered. Lack of standards may also poses a serious problem. Two similar biometric systems from two different vendors are not likely to interoperate at present. Although good for user authentication, biometrics cannot be used to authenticate computers or messages. Biometric characteristics are not secret and therefore they cannot be used to sign messages or encrypt documents and the like. On the other hand, smart cards provide tamper- resistant storage for protecting private keys, account numbers, passwords, and other forms of personal information. Smart cards can also serve to isolate security-critical computations involving authentication, digital signatures, and key exchange from other parts of the system that do not have a â€Å"need to know. † In addition, smart cards provide a level of portability for securely moving private information between systems at work, home, or on the road. A better approach for the usage of biometrics is to combine biometrics with smartcards. The advantages of this may include: all attributes of the smartcards will be maintained, counterfeiting attempts are reduced due to enrolment process that verifies identity and captures biometrics. It will be extremely secure and provide excellent user-to-card authentication. 7. THREATS TCG does not really address security from a user point of view; as the model is centered on platforms. User identification and authentication mechanisms, including owner, are rather rudimentary. Basically, proof of knowledge of a secret value shared between the owner and the TPM is proof of ownership. In the case of the owner proof of knowledge is even proof of identity. To some extent, the pair (object UUID, Authorization Data) corresponds to a capability associated to a TPM-protected object. Threats are actually similar to those applying to capability-basedmodels. For example, the access authorization to a TPM-protected object is given very early, when the authorization data is associated to the object and not when the access is attempted. But more important authentication data can be freely duplicated and the user has to find some way to protect them. Like for every sensitive piece of information the key issue with authorization data is storage protection. Because it is impossible for an operator to remember a 20-byte random value, most of the TPM administration products available today implement a simple password-based technique. The authentication data Auth Data is computed from a password value using SHA-1 hash algorithm. Auth Data= SHA( password)Of course, all the well-known weaknesses of password-based authentication apply to such a mechanism: †¢ One-factor only authentication, †¢ Easy to guess, subject to dictionary attacks, Easy to snoop, visible in the clear when keyed or transmitted to the verifying party, †¢ Easy to lose and forget, †¢ Easy to write down and to share with others This type of implementation is so common that TPM manufacturers had to implement countermeasures like lockout or response degradation in order to protect from dictionary types of attacks. Another natural solution would be to s ecurely store the authorization data directly on the platform hard drive. This type of solution is considered subject to attacks [9] and raises a lot of side issues. For example, the authorization data must be stored on an opaque container that is generally protected by a password and hence prone to dictionary attacks. Outside of the platform owner, who just plays an administrative role, regular platform users have also to be taken into account. In every day operations, platforms interact with users and user identity is a critical piece of the security and trust puzzle. For that matter all platform operating systems implement user identification and authentication mechanisms. How users fit in this picture is not completely in the scope of TCG specification. As a consequence, authentication data are not assigned to specific users. Even though this is not a threat in itself, there is lot of practical cases where TPM-protected keys have to be assigned to specific users only. For example, the file encryption keys used by one user on a platform must be kept separated from the other platform users. 8. SMART CARD-BASED USER AUTHENTICATION Smart card-based authentication is a first step towards the TPM and-smartcard cooperative model introduced in section 2. The principle is to use a smart card during the execution of the user side of the TCG authorization protocols. The most critical piece of information in TCG authorization protocol is the Authorization Data that is either stored locally on the platform or computed from an external seed secret such as password. This model raises many issues. Since smart cards another hardware tokens, are used to address this type of user authentication issues in environments like corporate IT or banking, smart card-based authentication can be the answer to the threats identified in section 3. 4. For instance, as smart cards are physically secure and cannot beckoned, the duplication of an authorization data becomes impossible. Likewise, smart cards allow the usage of truly random authorization data, offering a particularly efficient protection against a dictionary attack. To offer a higher protection level, access to the authorization data can be protected by a Personal Identification Number (PIN). In the context of user authentication, smart cards will also provide: †¢ Two-factor authentication, †¢ Tamper-resistant storage for protecting authentication data and other user personal information. Isolation of security-critical computations involving the authentication data from other parts of the system that do not have a â€Å"need to know. † †¢ Portability of credentials and other private information between computers. But the integration of smart cards within TCG authorization protocols has an impact in terms of smart cards capabilities. 8. 1 Smart card s requirements In a smart card-based authentication scheme, the smart card will be primarily used to physically protect the Authorization Data. This means that the smart card must be able to: 1. Store the Authorization Data, 2. Process the user side of the authorization protocol computation that requires the Authorization Data. Storing the Authorization Data in a smart card presents no particular difficulty. Every smart card, including the most basic one like simple memory card, has the capability to store a 20-bytevalue. On another hand, how much of the authorization protocol can be processed by a smart card is directly linked with the card cryptographic capabilities. In order to perform the entire user side of the protocol a smart card will have to be able to: Generate random values, †¢ Compute a shared secret using a SHA-1-based HMAC, †¢ Compute and verify authentication values using SHA-1 andSHA-1-based HMAC operations, †¢ Encrypt authentication data using a XOR Most of cryptographic smart cards today have robust Random Number Generator and support SHA-1 in native mode, but smartcards offering HMAC in native mode are less common. A solutions to simply impl ement a Java Card applet providing these features. Following sections describe three, incrementally secure, possible implementation of smart card-based authentication. . 2 Importance of Smartcards to Computer Security 8. 2. 1 Importance of Smartcards as a Design Mechanism for Computer Networks This section highlights the fundamental security challenges that face us in this increasingly computer network oriented world, and how smartcards can provide key advantages towards security. 8. 2. 2 Fundamental Security Challenges Because computers and networks are becoming so central to our lives in this digital age, many new security challenges are arising. This is the era of full connectivity, both electronically and physically. Smartcards can facilitate this connectivity and other value added capabilities, while providing the necessary security assurances not available through other means. On the Internet, smartcards increase the security of the building blocks Authentication, Authorization, Privacy, Integrity, and Non-Repudiation. Primarily, this is because the private signing key never leaves the smartcard so it’s very difficult to gain knowledge of the private key through a compromise of the host computer system. In a corporate enterprise system, multiple disjointed systems often have their security based on different technologies. Smartcards can bring these together by storing multiple certificates and passwords on the same card. Secure email and Intranet access, dial-up network access, encrypted files, digitally signed web forms, and building access are all improved by the smartcard. In an Extranet situation, where one company would like to administer security to business partners and suppliers, smartcards can be distributed which allow access to certain corporate resources. The smartcard’s importance in this situation is evident because of the need for the strongest security possible when permitting anyone through the corporate firewall and proxy defenses. When distributing credentials by smartcard, a company can have a higher assurance that those credentials cannot be shared, copied, or otherwise compromised. 8. 2. 3 The Smartcard Security Advantage Some reasons why smartcards can enhance the security of modern day systems are: 8. 2. 3. 1 PKI is better than passwords – smartcards enhance PKI Public Key Infrastructure systems are more secure than password based systems because there is no shared knowledge of the secret. The private key need only be known in one place, rather than two or more. If the one place is on a smartcard, and the private key never leaves the smartcard, the crucial secret for the system is never in a situation where it is easily compromised. A smartcard allows for the private key to be usable and yet never appear on network or in the host computer system. 8. 2. 3. 2 Smartcards Increase the Security of Password Based Systems Though smartcards have obvious advantages for PKI systems, they can also increase the security of password based systems. One of the biggest problems in typical password systems is that users write down their password and attach it to their monitor or keyboard. They also tend to choose weak passwords and share their passwords with other people. If a smartcard issued to store a user’s multiple passwords, they need only remember the PIN to the smartcard in order to access all of the passwords. Additionally, if a security officer initializes the smartcard, very strong passwords can be chosen and stored on the smartcard. The end user need never even know the passwords, so that they can’t be written down or shared with others. 8. 2. 3. 3 Two Factor Authentication, and more Security systems benefit from multiple factor authentications. Commonly used factors are: Something you know, something you have, something you are, and something you do. Password based systems typically use only the first factor, something you know. Smartcards add an additional factor, something you have. Two factor authentications have proven to be much more effective than single because the â€Å"Something you know† factor is so easily compromised or shared. Smartcards can also be enhanced to include the remaining two features. Prototype designs are available which accept a thumbprint on the surface of the card in addition to the PIN in order to unlock the services of the card. Alternatively, thumbprint template, retina template, or other biometric information can be stored on the card, only to be checked against data obtained from a separate biometric input device. Similarly, something you do such as typing patterns, handwritten signature characteristics, or voice inflection templates can be stored on the card and be matched against data accepted from external input devices. 8. 2. 3. 4 Portability of Keys and Certificates Public key certificates and private keys can be utilized by web browsers and other popular software packages but they in some sense identify the workstation rather than the user. The key and certificate data is stored in a proprietary browser storage area and must be export/imported in order to be moved from one workstation to another. With smartcards the certificate and private key are portable, and can be used on multiple workstations, whether they are at work, at home, or on the road. If the lower level software layers support it, they can be used by different software programs from different vendors, on different platforms, such as Windows, UNIX, and Mac. 8. 2. 3. 5 Auto-disabling PINs Versus Dictionary Attacks If a private key is stored in a browser storage file on a hard drive, it is typically protected by password. This file can be â€Å"dictionary attacked† where commonly used passwords are attempted in a brute force manner until knowledge of the private key is obtained. On the other hand, a smartcard will typically lock itself up after some low number of consecutive bad PIN attempts, for example 10. Thus, the dictionary attack is no longer a feasible way to access the private key if it has been securely stored on a smartcard. 8. 2. 3. 6 Non Repudiation The ability to deny, after the fact, that your private key performed a digital signature is called repudiation. If, however, your private signing key exists only on a single smartcard and only you know the PIN to that smartcard, it is very difficult for others to impersonate your digital signature by using your private key. Many digital signature systems require â€Å"hardware strength on Repudiation†, meaning that the private key is always protected within the security perimeter of hardware token and can’t be used without the knowledge of the proper PIN. Smartcards can provide hardware strength Non Repudiation. 8. 2. 3. 7 Counting the Number of Private Key Usages So many of the important things in our lives are authorized by our handwritten signature. Smartcard based digital signatures provide benefits over handwritten signatures because they are much more difficult to forge and they can enforce the integrity of the document through technologies such as hashing. Also, because the signature is based in a device that is actually a computer, many new benefits can be conceived of. For example, a smartcard could count the number of times that your private key was used, thus giving you an accurate measure of how many times you utilized your digital signature over a given period of time. Figure 8. 2. 3. 7. 1: Smartcard Electrical Contacts Table 8. 2. 3. 7. 2 : Description of Contacts POSITION TECHNICAL ABBREVIATION FUNCTION C1 VCC Supply Voltage C2 RST Reset C3 CLK Clock Frequency C4 RFU Reserved for future use C5 GND Ground C6 VPP External programming voltage C7 I/O Serial input/output communications C8 RFU Reserved for future use 9. SMART CARD ENABLED PRODUCTS This section lists popular security products and explains how smartcards can be used to enhance their security. 9. 1Web Browsers (SSL, TLS) Web browsers use technology such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS) to provide security while browsing the World Wide Web. These technologies can authenticate the client and/or server to each other and also provide an encrypted channel for any message traffic or file transfer. The authentication is enhanced because the private key is stored securely on the smartcard. The encrypted channel typically uses a symmetric cipher where the encryption is performed in the host computer because of the low data transfer speeds to and from the smartcard. Nonetheless, the randomly generated session key that is used for symmetric encryption is wrapped with the partner’s public key, meaning that it can only be unwrapped on the smartcard. Thus it is very difficult for an eavesdropper to gain knowledge of the session key and message traffic. 9. 2 Secure Email (S/MIME, Open PGP) S/MIME and Open PGP allow for email to be encrypted and/or digitally signed. As with SSL, smartcards enhance the security of these operations by protecting the secrecy of the private key and also unwrapping session keys within a security perimeter. 9. 3 Form Signing Web based HTML forms can be digitally signed by your private key. This could prove to be a very important technology for internet based business because it allows for digital documents to be hosted by web servers and accessed by web browsers in a paperless fashion. Online expense reports, W-4 forms, purchase requests, and group insurance forms are some examples. For form signing, smartcards provide portability of the private key and certificate as well as hardware strength non repudiation. 9. 4Object Signing If an organization writes code that can be downloaded over the web and then executed onclient computers, it is best to sign that code so the clients can be sure it indeed came from areputable source. Smartcards can be used by the signing organization so the private key can’tbe compromised by a rogue organization in order to impersonate the valid one. 9. 5 Kiosk / Portable Preferences Certain applications operate best in a â€Å"kiosk mode† where one computer is shared by a number of users but becomes configured to their preferences when they insert their smartcard. The station can then be used for secure email, web browsing, etc. and the private key would never leave the smartcard into the environment of the kiosk computer. The kiosk can even be configured to accept no mouse or keyboard input until an authorized user inserts the proper smartcard and supplies the proper PIN. 9. 6 File Encryption Even though the 9600 baud serial interface of the smartcard usually prevents it from being a convenient mechanism for bulk file encryption, it can enhance the security of this function. If a different, random session key is used for each file to be encrypted, the bulk encryption can be performed in the host computer system at fast speeds and the session key can then be wrapped by the smartcard. Then, the only way to easily decrypt the file is by possessing the proper smartcard and submitting the proper PIN so that the session key can be unwrapped. 9. 7 Workstation Logon Logon credentials can be securely stored on a smartcard. The normal login mechanism of the workstation, which usually prompts for a username and password, can be replaced with one that communicates to the smartcard. 9. 8 Dialup Access (RAS, PPTP, RADIUS, TACACS) Many of the common remote access dial-up protocols use passwords as their security mechanism. As previously discussed, smartcards enhance the security of passwords. Also, as many of these protocols evolve to support public key based systems, smartcards can be used to increase the security and portability of the private key and certificate. . 9 Payment Protocols (SET) The Secure Electronic Transactions (SET) protocol allows for credit card data to be transferred securely between customer, merchant, and issuer. Because SET relies on public key technology, smartcards are a good choice for storage of the certificate and private key. 9. 10 Digital Cash Smartcards can implement protocols whereby digital cash can be carried around o n smartcard. In these systems, the underlying keys that secure the architecture never leave the security perimeter of hardware devices. Mondex, VisaCash, EMV ( Europay-Mastercard-Visa), and Proton are examples of digital cash protocols designed for use with smartcards. 9. 11 Building Access Even though the insertion, processing time, and removal of a standard smartcard could be a hassle when entering a building, magnetic stripe or proximity chip technology can be added to smartcards so that a single token provides computer security and physical access. 10. PROBLEM WITH SMART CARD Even though smartcards provide many obvious benefits to computer security, they still haven’t caught on with great popularity in countries like the United States. This is not only because of the prevalence, infrastructure, and acceptability of magnetic stripe cards, but also because of a few problems associated with smartcards. Lack of a standard infrastructure for smartcard reader/writers is often cited as a complaint. The major computer manufactures haven’t until very recently given much thought to offering a smartcard reader as a standard component. Many companies don’t want to absorb the cost of outfitting computers with smartcard readers until the economies of scale drive down their cost. In the meantime, many vendors provide bundled solutions to outfit any personal computer with smartcard capabilities. Lack of widely adopted smartcard standards is often cited as a complaint. The number of smartcard related standards is high and many of them address only a certain vertical market or only a certain layer of communications. This problem is lessening recently as web browsers and other mainstream applications are including smartcards as an option. Applications like these are helping to speed up the evolution of standards. 11. FUTURE WORK Different usage scenario can be defined to explore additional synergies between TPM and smart cards. For example, a MIS department orders trusted platforms from their favorite PC manufacturer. The machines are configured and personalized according to the end-user profile, following the corporate policies. The MIS representatives possess a specific smart card, the owner card, which is used for trusted platforms initialization and maintenance. During the initialization process the user smart card is created for the platform end-user. This card stores the user secrets and credentials, to be used during the processing of security functions like digital signature of documents. Our scenario provides features to securely share the TPM among several users. Each user owns a dedicated Protected Storage Tree under the Storage Root Key (SRK), protected by local User Root Keys (URK). The first phase in the trusted platform life cycle will be the initialization of the TPM. During this step, the corporation, through the MIS department, will â€Å"take ownership† of the TPM. This phase covers the loading of secrets into the TPM, the creation of a root storage key, but also the generation of a smart card that will be given to the main platform user. During this process a URK can be created for the first user, secured by the SRK, and then user keys can be generated under the URK. These keys will be used to generate quotes for a given user. The platform is then given to the main end-user, who also receives a user smart card. 12. CONCLUSION Most of the smart card systems in use today serve one purpose and are related to just one process or is hardwired to only one application. A smart card cannot justify its existence in this respect. The approach of future smart card is therefore towards designing multi-application card with own operating system based on open standard that can perform a variety of functions. It must be configurable and programmable and it must be able to adapt to new situations and new requirements especially in areas such as security, memory management, and operating system. Most of smart card application methods today rely on the fact that the code of functions to be performed should be imported by card operating system from an outside server. This approach is quite weak with regards to security. It is, therefore, important t How to cite Smart Cards, Essay examples

Information Technology Derivatives and Risk Management

Question: Discuss about the Information Technology Derivatives and Risk Management. Answer: Would the technology I develop be welcomed by society? The technology will definitely be welcomed by the society once the users learn how to use it. The project is going to deliver a software-controlled remote control system for music systems and other similar devices. This will greatly reduce the hassle of using wired speakers that are needed to be connected with the main system for playing video and music. Hence, the new technology should be welcomed by the society. However, the devices are mainly used by the young generation of the society and hence, the older generation might not welcome such technology as they refrain from the use of excessive technology for daily needs. Is the benefit greater than the risk? In this particular project, the benefit is not greater that the risk at this moment. This is because, this technology poses a large number of risks that must be first mitigated before any benefit is expected. First of all, there are security threats. The software is still under development and it is vulnerable to a large number of security threats. If the software is compromised by a hacker, it may be misused to control the speakers and other similar devices of the user that may harm his lifestyle. Again, most of the older generation do not require this kind of technology as they are not much fluent with these devices. Is my work and behavior ethical and socially responsible? My work and behavior in this project has been ethical and socially responsible from the start to the end of the project. During execution of any project as well as conducting a study session, one must exhibit proper ethical behavior. This is needed because there are some social guidelines that must be followed or the fellow people will start to see that person in a negative sight. Moreover, if ethical behavior is maintained, more people will come forward to help enhancing the project work. The person must also be socially responsible for his works in order to acknowledge everyone around for their valuable time and help. Have I asked the right questions? Roles of stakeholders are extremely important in any project. In order to ensure success of a project, the stakeholders must play their roles accurately and successfully. However, it is the role of the project manager to ask the right questions to the right stakeholders in order to ensure they are working correctly and effectively. I did the same; I asked the right questions to the stakeholders and learnt their progress of works in their roles and I instructed them to work accordingly. The progress of the work of stakeholders allowed me to maintain the course of the project in the right direction. Have I asked the right questions of the right people? Asking right questions to the right people are critical in any project. Keeping in mind the end goal to guarantee accomplishment of a project, the partners must assume their parts precisely and effectively. Nevertheless, it is the part of the project director to ask the right questions to the right people with a specific end goal to guarantee they are working accurately and adequately. Asking wrong questions will not help as no clear idea can be received for the outcome of the work of the stakeholders of the project. Hence, asking right questions to right people is necessary. Have I been thorough in thinking this through and prepared as well as I can? In any project, technical and other issues are common and it is the duty of the project manager to mitigate all the issues so that the project is completed successfully. As the manager of this project, I ran a risk assessment test to identify possible areas where issues may occur in the future. I noted them down and tried them in order to find solutions. I deployed a lot of thinking on the possible ways of mitigating the issues and found some solutions. I prepared myself and the project team for the possible encounters of issues and prepared the mitigation plans so that we can easily mitigate all the issues. Will the software/services I provide work to benefit the company and society? The software is still under development and hence, at this moment it may not work accurately. However, after the development is complete and all the issues are mitigated, it is expected to benefit the company and some age groups of the society. The software is expected to be extremely popular and a huge amount of profits can be earned from the sale of the software. This will definitely benefit the company. It is also expected that the software will be useful for the young and the elderly generation and this software will benefit them by fulfilling their needs and requirements. Does the software/services take into account all relevant legislation and compliance requirements? The software does take into account all relevant legislation and compliance requirements. Any work on projects are to be strictly executed by complying with some set of rules or guidelines. If these guidelines and legislation requirements are not satisfied, any project will be stopped and heavy penalties will be imposed. Hence, we took utmost care to not break any legislation and compliance requirements during working in the project. Can I take my knowledge into the community to enhance the reputation of my company and support the community in which my company operates? I have every opportunity to use my knowledge and the company reputation for supporting the surrounding community. It is also my duty to support the company in which the company executes its operations. However, there are some risks too. On one one hand, I should use my knowledge for supporting the community and on the other hand, I should not let any company strategy to outside as this will create a nuisance situation for the company. Hence, I will have to work for the support of the community using my knowledge but should have to be careful so that no rival company can gather any idea about our secret strategies. Bibliography Chance, D.M. and Brooks, R., 2015.Introduction to derivatives and risk management. Cengage Learning. Christoffersen, P.F., 2012.Elements of financial risk management. Academic Press. Glendon, A.I., Clarke, S. and McKenna, E., 2016.Human safety and risk management. Crc Press. Hull, J., 2012.Risk Management and Financial Institutions,+ Web Site(Vol. 733). John Wiley Sons. Lam, J., 2014.Enterprise risk management: from incentives to controls. John Wiley Sons. McNeil, A.J., Frey, R. and Embrechts, P., 2015.Quantitative risk management: Concepts, techniques and tools. Princeton university press.