ACCA P3考试I:NFORMATION TECHNOLOGY
NETWORKS
Only the very smallest of businesses will have stand-alone computers, computers not connected to other computers. Even in small businesses employees need to share data and very soon after personal computers were invented networks of computers were introduced. There are two main types:
• Local area network (LAN): Here the network extends over only a relatively small area, such as an office, a university campus or a hospital. The small area means that these networks use specially installed wiring to connect the machines.
• Wide area networks (WAN): Here the network can extend between several cities and countries. Each office would have its LAN, but that connects to LANs in other offices and countries using commercial, public communications systems. At one time this would have been done by the organisation leasing telephone lines for their private use to transmit data from office to office. However, this is expensive and inflexible and the common system now used is known as a virtual private network (VPN)
VPN’s allow data to be transmitted securely over the internet between any two locations. For example, an employee working from home or a hotel can access the company system as though being in the office. Information will pass over many different circuits and connections but the system gives the impression that you are operating over a dedicated, private communications link. Hence, the name: virtual private network. Because data is being transmitted over public systems it is particularly vulnerable to interception and it is very important that adequate security measures are in place to safeguard the data. There are three essential steps in the security measures:
1. Access control and authentication – this ensures that unauthorised users do not access the system. Typically this will be accomplished through a log-in procedure. Many organisations, such as banks, may require a password, answers to security questions (such as ‘What is the fourth letter of your secret word?’), and also a code number generated by a security device that has been issued to the user. Use of the latter technique means that anyone logging on has both to know a password and to be in possession of the security device.
2. Confidentiality – this ensures that data cannot be intercepted and read by a third party whilst being transmitted. This is achieved using encryption.
3. Data integrity – this ensures that the data has not been altered or distorted whilst in transit. To ensure this, the message could have special check digits added to ensure that the data complies with a mathematical rule.
CENTRALISED AND DECENTRALISED (DISTRIBUTED) ARCHITECTURES
Consider an office local area network. There are three main ways in which the data and processing can be arranged: centralised, decentralised (distributed) and hybrid.
Centralised systems
In these systems there is a powerful central computer which holds the data and which carries out the processing. The main advantages of such systems are:
• Security: all data can be stored in a secure data centre so that, for example, access to the data and back-up routines are easier to control.
• One copy of the data: all users see the same version of the data.
• Lower capital and operational costs: minimal hardware is needed at each site. There is also less administrative overhead.
• The central computer can be very powerful: this will suit in processing-intensive applications.
• They allow a centralised approach to management. For example, a chain of shops needs to keep track of inventory in each shop and to transfer it as needed. There is little point in a shop that is running low ordering more of a product if another branch already has a surplus of that product.
The main disadvantages of such systems are:
• Highly dependent on links to the centralised processing facility. If that machine fails or communication is disrupted then all users are affected.