Technical papers

Pictures

2008-02-11T19:12:00.001-08:00

Unfortunately, I was not able to copy pictures which are present in the paper here. Please go through the links given in the left side of blog to find related pictures...

cancer_nano_technology

2008-02-11T19:10:00.001-08:00

Abstract

At present there are wide varieties of Technologies, which are vastly being used to analyze biological cells to diagnose diseases and develop methodologies to cure diseases. One such technology is ‘Nanotechnology’.
A nanometer is a billionth of a meter. It's difficult to imagine anything so small, but think of something only 1/80,000 the width of a human hair. Ten hydrogen atoms could be laid side-by-side in a single nanometer. Nanotechnology is the creation of useful materials, devices, and systems through the manipulation of matter on this miniscule scale. The emerging field of nanotechnology involves scientists from many different disciplines, including physicists, chemists, engineers, and biologists.
“Nanotechnology will change the very foundations of cancer diagnosis, treatment, and prevention.”
Nanoscale devices used for treatment of Cancer are based on the constant study of cancer cells and nanotechnology. Nanoscale devices which are smaller than 50 nanometers can easily enter most cells, while those smaller than 20 nanometers can move out of blood vessels as they circulate through the body.
Because of their small size, nanoscale devices can readily interact with biomolecules on both the surface of cells and inside of cells. By gaining access to so many areas of the body, they have the potential to detect disease and deliver treatment in ways unimagined before now. Since biological processes that lead to cancer occur at the nanoscale at and inside cells, nanotechnology offers a wealth of tools with new and innovative ways to diagnose and treat cancer.
In our paper we design a device that contains sensors, transceivers, motors and a processor, which are made up of biodegradable compound. No more destruction of healthy cells due to harmful toxins and radiations generated through chemotherapy and radiation therapy.

INTRODUCTION:
The paper deals with the eradication of cancer cells by providing an efficient method of destroying and curing the cancer so that healthy cells are not affected in any manner. This technology also focuses on a main idea that the patient is not affected by cancer again. The purpose of using the RF signal is to save normal cells.

NANOTECHNOLOGY IN THIS CONTEXT

Nanotechnology refers to the interactions of cellular and molecular components and engineered materials at the most elemental level of biology. This paper emphasizes on the effective utilization of Nanotechnology in the treatment of cancer.

WHAT IS CANCER?

Cancer cells are different from healthy cells because they divide more rapidly than healthy cells. In addition, when cells divide at an accelerated rate, they form a mass of tissue called a tumor. These cancerous cells that come in excess amounts cause many problems to the bodies of patients.
In general, the most common methods used for the cancer treatment are
ü Chemotherapy, a treatment with powerful medicines
ü Radiation therapy, a treatment given through external high-energy rays.

PROBLEM
Both the treatments mentioned above are harmful. Healthy cells are destroyed in the process. As a result, this leaves the patient very weak, causing him not able to recover quickly to medical treatments. It has been proved that any individual who had cancer can survive on deadly chemotherapy up to a maximum of five years and after that it’s anybody’s guess.

PROPOSED SOLUTION
The nanodevices can be programmed to destroy affected cells and kill only them, thus ending the problem of destroying any normally functioning cells which are essential to one’s well-being. Thus the treatment-using nanotechnology will make the affected man perfectly normal.

”Noninvasive access to the interior of a living cell affords the opportunity for unprecedented gains on both clinical and basic research frontiers.”

NANOTECHNOLOGY AND DIAGNOSTICS
Nanodevices can provide rapid and sensitive detection of cancer-related molecules by enabling scientists to detect molecular changes even when they occur only in a small percentage of cells.
CANTILEVERS
Nanoscale cantilevers - microscopic, flexible beams resembling a row of diving boards - are built using semiconductor lithographic techniques. These can be coated with molecules capable of binding specific substrates-DNA complementary to a specific gene sequence, for example. Such micron-sized devices, comprising many nanometer-sized cantilevers, can detect single molecules of DNA or protein.

As a cancer cell secretes its molecular products, the antibodies coated on the cantilever fingers selectively bind to these secreted proteins. These antibodies have been designed to pick up one or more different, specific molecular expressions from a cancer cell. The physical properties of the cantilevers change as a result of the binding event. This change in real time can provide not only information about the presence and the absence but also the concentration of different molecular expressions. Nanoscale cantilevers, thus can provide rapid and sensitive detection of cancer-related molecules.
Nanotechnology and Cancer Therapy
Nanoscale devices have the potential to radically change cancer therapy for the better and to dramatically increase the number of highly effective therapeutic agents. Nanoscale constructs, for example, should serve as customizable, targeted drug delivery vehicles capable of ferrying large doses of chemotherapeutic agents or therapeutic genes into malignant cells while sparing healthy cells, which would greatly reduce or eliminate the often unpalatable side effects that accompany many current cancer therapies.
Nanoparticles
Nanoscale devices have the potential to radically change cancer therapy for the better and to dramatically increase the number of highly effective therapeutic agents.
In this example, nanoparticles are targeted to cancer cells for use in the molecular imaging of a malignant lesion. Large numbers of nanoparticles are safely injected into the body and preferentially bind to the cancer cell, defining the anatomical contour of the lesion and making it visible.
These nanoparticles give us the ability to see cells and molecules that we otherwise cannot detect through conventional imaging. The ability to pick up what happens in the cell - to monitor therapeutic intervention and to see when a cancer cell is mortally wounded or is actually activated - is critical to the successful diagnosis and treatment of the disease.
Nanoparticulate technology can prove to be very useful in cancer therapy allowing for effective and targeted drug delivery by overcoming the many biological, biophysical and biomedical barriers that the body stages against a standard intervention such as the administration of drugs or contrast agents.

WORKING PROCEDURE:
The initial step of identifying the cancer and the location can be done by scanning. Once the location has been identified through scanning, the task is to position the nanodevice to the exact location. We focus on the positioning of the nanodevice into the required location by itself. The nanodevice is allowed to be placed into any part of the body (or) the nano device is injected through the blood vessel. The positioning is done with the help of mathematical calculations. External Control signals could be used to avoid mishap or any other errors.

The nanodevice is loaded with a microchip. The device is also provided with the compounds concealed so that it is initiated externally through a computer. The nano device contains sensors, motor, gene reader, processor, transceiver, camera and power supply. The location of the cancer cells is given as coordinates in a 3-dimensional point of view. This point is considered as the reference and referred as (0, 0, 0).

POSITIONING

The nanodevice performs an internal calculation based on the difference between its current position and the reference. Mathematical computations involve such that only one axis is compared between the nano device and the reference at a time. The motor fan is placed in a particular direction for a particular reference comparison. After one of the axis is completed and comparison is done, then the next axis is being compared followed by the third. Thus the three co-ordinate comparison of the nano-device results in any 3-
Dimensional orientation of the nano-device and results in exact positioning.

NAVIGATION

The output of the mathematical operation is given to a driver circuit (motor). The driver helps the device to navigate through the blood with precision in direction and with the required speed. The device thus should sample its new position with the reference at a sampling rate. The sampling rate is made such that their value is less than the velocity of blood flow.

The cancer killer could thus determine that it was located in (say) the big toe. If the objective were to kill a colon cancer, the cancer killer in the big toe would move to the colon and destroy the cancer cells. Very precise control over location of the cancer killer's activities could thus be achieved. The cancer killer could readily be reprogrammed to attack different targets using acoustic signals while it was in the body.

ALGORITHM FOR NAVIGATION:
Step1: Marking the co-ordinates.
Step2: Initialize the start command.
Step3: Feed the axis.
Step4: Send command to emit ultrasound.
Step5: Wait for T seconds.
Step6: If there is no signal reflected back (or) if the reflected signal is less than the threshold value, then activates the stepper motor to rotate through a certain distance. (Note: the distance is proportional to one axis)
Step7: Subtract the axis value by one.
Step8: Continue from step4 to step7 for both co-ordinates.
Step9: If the signal reflected back is greater than the threshold value then the motor is de-activated.
Step10: The motor (perpendicular to motor1) is activated. The motor2 moves through one step thus making the motor1 to change the axis.
Step11: The motor1 is allowed to travel until next change is required.
Step12: Once the nanodevice reaches the required spot, the motor is deactivated through external command.
Step13: Receives the RF radiation for T seconds that has been already calculated depending upon the intensity of tumor
.
IMAGING
With the available technology, a camera is inserted which helps us to monitor the internal process. Whenever multiple directions are there in the blood vessel, the device is made to stop through the external control signal and another signal is given to activate in the right direction.
Current clinical ultrasound scanners form images by transmitting pulses of ultrasonic energy along various beam lines in a scanning plane and detecting and displaying the subsequent echo signals. Our imaging is based on the absolute scattering properties and in the frequency dependence of scattering in tissues, which will help to differentiate between normal and abnormal cells.

IDENTIFICATION
The nano device identifies the cancer cells using a gene reader. A gene reader is a sensor which contains ten to fifty DNA probes or samples of cancer cells that are complementary. The DNA detection system generates an electronic signal whenever a DNA match occurs or when a virus causing cancer is present. Whenever we get a signal indicating the presence of cancer cells we go for further process. Once the device has been originally located, the next step is the destruction of the cancer cells.
DESTRUCTION:
We can remotely control the behavior of DNA using RF energy. An electronic interface to the biomolecule (DNA) can be created. RF magnetic field should be inductively coupled to nanocrystal antenna linked covalently to a DNA molecule. The inductive coupling results to the increase in the local temperature of the bound DNA, allowing the change of state to take place, while leaving molecules surrounding the DNA relatively unaffected. The switching is fully reversible, as dissolved molecules dissipate the heat in less time duration. Thus RF signal generated outside the body can destroy the affected DNA.

RF HEATING
The treatment tip contains the essential technology components that transform RF to a volumetric tissue heating source. The heat delivery surface transmits RF energy to the cells. Tumors that have little or no oxygen content (i.e. hypoxia) also have increased resistance to radiofrequency radiation. Thus, due to high resistance to radio frequency radiation the affected cells get heated and hence destroyed. The RF carrier frequency is in the biomedical range (174 - 216MHz). A pair of RF pulses is transmitted at a frequency of about 1-2Hz.

HOW NANO DEVICE ESCAPES FROM IMMUNE SYSTEM?
Generally our immune system attacks all the foreign particles entering any part of our body. The problem has been that such nano particles are similar in size to viruses and bacteria, and the body has developed very efficient mechanisms to deal with these invaders. It is known that bacteria with hydrophilic surfaces can avoid being destroyed by immune system and remain circulating in the body for longer periods. To emulate this effect, our nano device can be coated with a polymer such as polyethylene glycol (PEG),
which is proved after the research?

CONCLUSION:
As per our aim we have proposed the usage of nanotechnology and the RF signal for the destruction of cancer cells. This method doesn’t affect the healthy cells such that the cancer affected person is healthy after the treatment. This treatment doesn’t involve critical operations. This treatment will not take longer time as in any other treatments. Surely one day or the other cancer treated patient will be affected again in treatments other than nanotechnology treatment. This can be very well used for other dangerous diseases.

3g_technology

2008-02-11T19:08:00.000-08:00

ABSTRACT

New technology and multimedia platforms are revolutionizing the way we watch television. It seems that the only factors likely to limit the take-up of new viewing technology are people's incomes and the amount of spare time they have. The numbers of people using on-demand, mobile phone and broadband television were all increasing as they moved away from traditional terrestrial television.

The present discussion deals with the evolution of cellular technologies including the various generations of cellular technologies. The discussion starts with the evolution of cellular technologies in various generations. Then the introduction of cellular technologies and the use of radio spectrum is discussed. The discussion continues with the access modes and the cellular standards for various generations. Then a brief introduction of 3G technology is given.

Introduction - Evolution of the Mobile Market :
The first radiotelephone service was introduced in the US at the end of the 1940s, and was meant to connect mobile users in cars to the public fixed network. In the 1960s, a new system launched by Bell Systems, called Improved Mobile Telephone Service” (IMTS), brought many improvements like direct dialling and higher bandwidth. The first analog cellular systems were based on IMTS and developed in the late 1960s and early 1970s. The systems were “cellular” because coverage areas were split into smaller areas or “cells”, each of which is served by a low power transmitter and receiver.
This first generation (1G) analog system for mobile communications saw two key improvements during the 1970s: the invention of the microprocessor and the digitization of the control link between the mobile phone and the cell site.
Second generation (2G) digital cellular systems were first developed at the end of the 1980s. These systems digitized not only the control link but also the voice signal. The new system provided better quality and higher capacity at lower cost to consumers.
Third generation (3G) systems promise faster communications services, including voice, fax and Internet, anytime and anywhere with seamless global roaming. ITU’s IMT-2000 global standard for 3G has opened the way to enabling innovative applications and services (e.g. multimedia entertainment, infotainment and location-based services, among others). The first 3G network was deployed in Japan in 2001. 2.5G networks, such as GPRS (Global Packet Radio Service) are already available in some parts of Europe.
Work has already begun on the development of fourth generation (4G) technologies in Japan.
It is to be noted that analog and digital systems, 1G and 2G, still co-exist in many areas.
The Basics of Cellular Technology and the Use of the Radio Spectrum :
Mobile operators use radio spectrum to provide their services. Spectrum is generally considered a scarce resource, and has been allocated as such. It has traditionally been shared by a number of industries, including broadcasting, mobile communications and the military. At the World Radio Conference (WRC) in 1993, spectrum allocations for 2G mobile were agreed based on expected demand growth at the time. At WRC 2000, the resolutions of the WRC expanded significantly the spectrum capacity to be used for 3G, by allowing the use of current 2G spectrum blocks for 3G technology and allocating 3G spectrum to an upper limit of 3GHz.
Before the advent of cellular technology, capacity was enhanced through a division of frequencies, and the resulting addition of available channels. However, this reduced the total bandwidth available to each user, affecting the quality of service. Cellular technology allowed for the division of geographical areas, rather than frequencies, leading to a more efficient use of the radio spectrum. This geographical re-use of radio channels is knows as “frequency reuse”.
In a cellular network, cells are generally organized in groups of seven to form a cluster. There is a “cell site” or “base station” at the centre of each cell, which houses the transmitter/receiver antennae and switching equipment. The size of a cell depends on the density of subscribers in an area: for instance, in a densely populated area, the capacity of the network can be improved by reducing the size of a cell or by adding more overlapping cells. This increases the number of channels available without increasing the actual number of frequencies being used. All base stations of either by fixed lines or microwave. The MSO is generally connected to the PSTN (Public Switched Telephone Network): each cell are connected to a central point, called the Mobile Switching Office (MSO),
Cellular technology allows the “hand-off” of subscribers from one cell to another as they travel around. This is the key feature which allows the mobility of users. A computer constantly tracks mobile subscribers of units within a cell, and when a user reaches the border of a call, the computer automatically hands-off the call and the call is assigned a new channel in a different cell.International roaming arrangements govern the subscriber’s ability to make and receive calls the home network’s coverage area.

Access Technologies (FDMA, TDMA, CDMA) :
FDMA: Frequency Division Multiple Access (FDMA) is the most common analog system. It is a technique whereby spectrum is divided up into frequencies and then assigned to users. With FDMA, only one subscriber at any given time is assigned to a channel. The channel therefore is closed to other conversations until the initial call is finished, or until it is handed-off to a different channel. A “full-duplex” FDMA transmission requires two channels, one for transmitting and the other for receiving. FDMA has been used for first generation analog systems.
TDMA: Time Division Multiple Access (TDMA) improves spectrum capacity by splitting each frequency into time slots. TDMA allows each user to access the entire radio frequency channel for the short period of a call. Other users share this same frequency channel at different time slots. The base station continually switches from user to user on the channel. TDMA is the dominant technology for the second generation mobile cellular networks.
CDMA: Code Division Multiple Access is based on “spread” spectrum technology. Since it is suitable for encrypted transmissions, it has long been used for military purposes. CDMA increases spectrum capacity by allowing all users to occupy all channels at the same time. Transmissions are spread over the whole radio band, and each voice or data call are assigned a unique code to differentiate from the other calls carried over the same spectrum. CDMA allows for a “soft hand-off”, which means that terminals can communicate with several base stations at the same time. The dominant radio interface for third-generation mobile, or IMT-2000, will be a wideband version of CDMA with three modes (IMT-DS, IMT-MC and IMT-TC).

Cellular Standards for 1G and 2G:
Each generation of mobile communications has been based on a dominant technology, which has significantly improved spectrum capacity. Until the advent of IMT-2000, cellular networks had been developed under a number of proprietary, regional and national standards, creating a fragmented market.
First Generation:
1) Advanced Mobile Phone System (AMPS) was first launched in the US. It is an analog system based on FDMA (Frequency Division Multiple Access) technology. Today, it is the most used analog system and the second largest worldwide.
2) Nordic Mobile Telephone (NMT) was mainly developed in the Nordic countries. (4.5 million in 1998 in some 40 countries including Nordic countries, Asia, Russia, and other Eastern European Countries)
3) Total Access Communications System (TACS) was first used in the UK in 1985. It was based on the AMPS technology.
There were also a number of other proprietary systems, rarely sold outside the home country.
Second Generation:
1) Global System for Mobile Communications (GSM) was the first commercially operated digital cellular system. It was first developed in the 1980s through a pan-European initiative, involving the European Commission, telecommunications operators and equipment manufacturers. The European Telecommunications Standards Institute was responsible for GSM standardization. GSM uses TDMA (Time Division Multiple Access) technology. It is being used by all European countries, and has been adopted in other continents. It is the dominant cellular standard today, with over (45%) of the world’s subscribers at April 1999.
2) TDMA IS-136 is the digital enhancement of the analog AMPS technology. It was called D-AMPS when it was fist introduced in late 1991 and its main objective was to protect the substantial investment that service providers had made in AMPS technology. Digital AMPS services have been launched in some 70 countries worldwide (by March 1999, there were almost 22 million TDMA handsets in circulation, the dominant markets being the Americas, and parts of Asia)
3) CDMA IS-95 increases capacity by using the entire radio band with each using a unique code (CDMA or Code Division Multiple Access) . It is a family of digital communication techniques and South Korea is the largest single CDMA IS-95 market in the world.
4) Personal Digital Cellular (PDC) is the second largest digital mobile standard although it is exclusively used in Japan where it was introduced in 1994. Like GSM, it is based on the TDMA access technology. In November 2001, there were some 66.39 million PDC users in Japan.
5) Personal Handy phone System (PHS) is a digital system used in Japan, first launched in 1995 as a cheaper alternative to cellular systems. It is somewhere in between a cellular and a cordless technology. It has inferior coverage area and limited usage in moving vehicles. In November 2001, Japan had 5.68 million PHS subscribers.

Cellular Standards for the Third Generation: The ITU's IMT-2000 family:
It is in the mid-1980s that the concept for IMT-2000, “International Mobile Telecommunications”, was born at the ITU as the third generation system for mobile communications. After over ten years of hard work under the leadership of the ITU, a historic decision was taken in the year 2000: unanimous approval of the technical specifications for third generation systems under the brand IMT-2000. The spectrum between 400 MHz and 3 GHz is technically suitable for the third generation. The entire telecommunication industry, including both industry and national and regional standards-setting bodies gave a concerted effort to avoiding the fragmentation that had thus far characterized the mobile market. This approval meant that for the first time, full interoperability and inter networking of mobile systems could be achieved. IMT-2000 is the result of collaboration of many entities, inside the ITU (ITU-R and ITU-T), and outside the ITU (3GPP, 3GPP2, UWCC and so on)
IMT-2000 offers the capability of providing value-added services and applications on the basis of a single standard. The system envisages a platform for distributing converged fixed, mobile, voice, data, Internet and multimedia services. One of its key visions is to provide seamless global roaming, enabling users to move across borders while using the same number and handset. IMT-2000 also aims to provide seamless delivery of services, over a number of media (satellite, fixed, etc…). It is expected that IMT-2000 will provide higher transmission rates: a minimum speed of 2Mbit/s for stationary or walking users, and 348 kbit/s in a moving vehicle. Second-generation systems only provide speeds ranging from 9.6 kbit/s to 28.8 kbit/s. In addition IMT-2000 has the following key characteristics:
1. FlexibilityWith the large number of mergers and consolidations occurring in the mobile industry, and the move into foreign markets, operators wanted to avoid having to support a wide range of different interfaces and technologies. This would surely have hindered the growth of 3G worldwide. The IMT-2000 standard addresses this problem, by providing a highly flexible system, capable of supporting a wide range of services and applications. The IMT-2000 standard accommodates five possible radio interfaces based on three different access technologies (FDMA, TDMA and CDMA): Value-added services and worldwide applications development on the basis of one single standard accommodating five possible radio interfaces based on three technologies
2. AffordabilityThere was agreement among industry that 3G systems had to be affordable, in order to encourage their adoption by consumers and operators.
3. Compatibility with existing systemsIMT-2000 services have to be compatible with existing systems. 2G systems, such as the GSM standard (prevalent in Europe and parts of Asia and Africa) will continue to exist for some time and compatibility with these systems must be assured through effective and seamless migration paths.
4. Modular DesignThe vision for IMT-2000 systems is that they must be easily expandable in order to allow for growth in users, coverage areas, and new services, with minimum initial investment.

3G technology:
3G wireless technology represents the convergence of various 2G wireless telecommunications systems into a single uniform global system which includes terrestrial and satellite components in its functioning.
What is 3G wireless?
3G wireless networks are capable of transferring data at speeds of up to 384Kbps. Average speeds for 3G networks will range between 64Kbps and 384Kbps, quite a jump when compared to common wireless data speeds in the U.S. that are often slower than a 14.4Kb modem. 3G is considered high-speed or broadband mobile Internet access, and in the future 3G networks are expected to reach speeds of more than 2Mbps.
3G technologies are turning phones and other devices into multimedia players, making it possible to download music and video clips. The new service is called the freedom of mobile multimedia access (FOMA), and it uses wideband code division multiple access (W-CDMA) technology to transfer data over its networks. W-CDMA sends data in a digital format over a range of frequencies, which makes the data move faster, but also uses more bandwidth than digital voice services. W-CDMA is not the only 3G technology; competing technologies include CDMAOne, which differs technically, but should provide similar services.
FOMA services are available in a 20-mile radius around the centre of Tokyo, the company plans to introduce it to other Japanese cities by the end of the year. But services and phones are expensive and uptake of this market is expected to be slow.

Conclusion:
Technology is expanding at a rapid rate and more and more applications are available to us in the day to day life. Though it has its advantages, its our duty to use in a effective way so that the developed technology will be beneficial rather than creating disasters in some way or the other.

Automated energy[performance] macromodelling of embedded software

2008-02-11T19:07:00.000-08:00

Abstract:

Efficient energy and performance estimation of embedded software is a critical part of any system-level design flow. Macromodeling based estimation is an attempt to speed up estimation by exploiting reuse that is inherent in the design process. Macromodeling involves pre-characterizing reusable software components to construct high-level models, which express the execution time or energy consumption of a sub-program as a function of suitable parameters.During simulation, macromodels can be used instead of detailed hardware models, resulting in orders of magnitude simulation speedup. However, in order to realize this potential, significant challenges
need to be overcome in both the generation and use of macromodels— including how to identify the parameters to be used in the macromodel, how to define the template function to which the macromodel is fitted, etc. This paper presents an automatic methodology to perform characterization-based high-level software macromodeling, which addresses the aforementioned issues.
Given a sub-program to be macromodeled for execution time and/or energy consumption, the proposed methodology automates the steps of parameter identification, data collection through detailed simulation, macromodel template

selection, and fitting. We propose a novel technique to identify potential macromodel parameters and perform data collection, which applicability draws from the concept of data structure serialization used in distributed programming. We utilize symbolic regression techniques to concurrently filter out irrelevant macromodel parameters, construct a macromodel function, and derive the optimal coefficient values to minimize fitting error. Experiments with several realistic benchmarks suggest that the proposed methodology improves estimation accuracy and enables wide of macromodeling to complex embedded software, while realizing its potential for estimation speedup. We describe a case study of how macromodeling can be used to rapidly explore algorithm-level energy tradeoffs, for the zlib data compression library.

Categories and Subject Descriptors -

I.6.5 [Computing Methodologies]: Simulation and Modeling Model development - Modeling methodologies; D.2.8 [Software]:
Software Engineering - Metrics, Performance measures; C.4
[Computer Systems Organization ]: Performance of Systems-
Modeling Techniques
General Terms
Design, Measurement
Keywords
Data Serialization, Embedded Software, Genetic Programming,
Macromodeling, Symbolic Regression

1. INTRODUCTION

Efficient performance and energy estimation are fundamental concerns in the design of embedded software. Simulating the execution of embedded software on models of the underlying processor platform is the most widely used approach for performance and energy estimation. While simulation efficiency has been the subject of significant research effort, rapid growth in the complexity of embedded software (the number of lines of code in a typical embedded application is estimated to double every 10 to 12 months on an average, i.e., even faster than Moore’s law) implies that efficient performance/energy estimation for embedded software will remain a challenge for the foreseeable future.

Our work is based on the observation that large embedded software programs are rarely written from scratch — reliable design, subject to stringent design turnaround time and design cost constraints, mandates substantial reuse. An analysis of the dynamic execution traces of embedded programs reveals that a large fraction of the time consumption arises from reused software components
(including embedded operating systems, middleware, run-time libraries, domain-specific algorithm libraries, etc.). As an example, our experiments with the popular compression utility gzip, showed
that, on an average, 90% of gzip’s execution time is spent in calls to the gzip library1 package, 8% in calls to the standard C library functions, and only 2% in code specific to the gzip program, or what is frequently known as “glue code.” It is hence not surprising that reusable software modules account for a major fraction of simulation or estimation effort.

It is natural to wonder whether reuse, which saves significant design effort, can also be exploited to reduce estimation effort.Characterization-based romodeling takes a step in the above direction by enabling the extraction of fast, higher level models of reusable software components, based on pre-characterization using more detailed, slower models. The effort expended in the construction of macromodels for a software module is amortized over the
large number of applications of the macromodel when the module is simulated in the context of all the programs that include it.

The rest of this paper is organized as follows. We describe the contributions of this paper in Section 1.1 and discuss related work in Section 1.2. In Section 2, we identify the major challenges involved in macromodeling. Section 3 describes in detail how the proposed macromodel generation methodology overcomes
the identified challenges. Our implementation and experimental results are presented in Section 4, and conclusions in Section 5.

1.1 Paper Contributions

The complexity of modern embedded software poses significant challenges for both the generation and use of macromodels. In this work, we identify key limitations of the state-of-the-art in software macromodeling. Notably, significant manual effort is required from the software designer towards the identification of suitable parameters, and a template function on which the macromodel is based. Addressing these problems, while maintaining sufficient
generality in order to handle a wide range of embedded software programs is quite challenging. We propose a methodology to automate the critical steps of parameter identification, data collection through accurate simulation or measurement, and construction of the macromodel function while simultaneously optimizing the values of macromodel coefficients for achieving the best fit. Our work draws inspiration from concepts presented in the fields of distributed programming (automatic data structure serialization), and recent advances in statistical data analysis (symbolic regression). We also demonstrate the practical application of macromodeling to software libraries of significant complexity.
Figure 1: Function bg compute scc and associated data structures

1.2 Related Work

We discuss related work in the areas of macromodeling for hardware power simulation, efficient software performance and energy estimation, and fast instruction set simulation. Macromodels for register-transfer level (RTL) components can be constructed through characterization of their logic-level hardware models and have been used extensively in RTL power estimation. Techniques to speed up cycle-accurate instruction set simulation have received significant attention. Instruction-set simulation can be accelerated with little or no loss of accuracy using compiled simulation , combining compiled and interpreted simulation , or by optimizing the implementation of different functions such as instruction fetch and decode in the instruction set simulator (ISS). Hybrid simulation techniques for energy estimation were proposed . Delay and energy caching (reusing the execution time and energy consumption results from previous simulations of a program segment) are use to speed up estimation .

An alternative approach to embedded software power analysis is to use cycle-accurate and structure-aware architecture simulators, which can identify the architectural blocks activated in each cycle during a program’s execution, and record the stream of inputs seen by them . Software macromodeling at the granularity of functions or sub-programs was explored, demonstrating that orders of magnitude speedup in estimation time could be obtained, while maintaining high estimation accuracy. Performance characterization of library functions using statistical and semantic proerties of function arguments was recently presented.In summary,the importance of embedded software performance and energy estimation has fueled significant research effort but macromodeling for software sub-programs of arbitrary complexity has remained a relatively unexplored area, and many important issues have not been addressed. To the best of our knowledge, this is the first work to automate all the key steps in macromodel generation and demonstrate the applicability of fully automatic macromodeling to software programs of realistic complexity.

2. MOTIVATION

In this section, we describe the key challenges involved in macromodel generation for complex software programs, and illustrate them through the task of constructing an energy macromodel for the bg_compute_scc function taken from a commercial graph data structure library. The C prototype of function bg_compute_sscis shown in Figure 1, along with a description of its input data structures. The bgraph structure contains various dynamically allocated fields, including an adjacency list representation of the graph’s connectivity, and fields to store the identified strongly connected components (SCCs). In addition to the software implementation of the graph data structure library and several testbenches that exercise its functions, we are given a crosscompilation tool chain for the target StrongARM based embedded system, as well as a cycle-accurate ISS that reports energy consumption [14, 15]. Any automated approach to generating a macromodel needs to address the following key challenges:

-Selection of macromodel parameters: In general, macromodel parameters, which are the independent variables used in the macromodel, can include the size or value of any field nested arbitrarily deep within the input or output data structures. The number of candidate parameters can be very large even for simple software functions. However, an efficient and robust macromodel must include only relevant parameters that have an actual impact on energy consumption. For the bg compute scc function, if we consider the values of all nested fields of scalar data types and the sizes of all nested fields of complex types, we can identify 2n+e+s+9potential candidates for macromodel parameters for a graph with n vertices, e edges, and s SCCs. The number of possible relevant subsets of parameters is 22n+e+s+9. While in some cases, human understanding and insight may reveal that only a small subset of parameters may largely determine the execution time or energy consumption, an automatic tool processing the source code does not have the luxury of human insight.
-Data collection: Once a candidate set of macromodel parameters is identified, characterization experiments must be performed to obtain values of the candidate macromodel parameters and the corresponding value of the dependent variable (energy or execution time) for numerous execution instances. Capturing the macromodel parameter values requires runtime tracing of the size of dynamically-created data structures as well as values of nested atomic fields. In practice, this is not a simple task — the number of levels of pointer traversals that have to be performed to access all scalar fields may vary dynamically, and conventional size computation utilities (such as sizeof in the C programming language) do not perform pointer traversal, i.e., they do not include the size of objects pointed to by fields in the given object.
-Macromodel function construction: Given the data gathered from characterization, determining a suitable function to approximate the collected data can be a daunting task. The search space of functions is highly intractable (infinite in the case of real-valued functions). Conventional approaches to macromodeling circumvent this problem by requiring the designer to manually specify a macromodel template. While various templates have been suggested. For example, template identification is in practice an ad hoc and tedious process that demands a detailed understanding of the target function.

We present techniques using type analysis, data serialization concepts and symbolic regression to overcome these challenges, making it possible to significantly extend the applicability of macromodeling to complex software, while greatly simplifying macromodel construction and minimizing the need for human intervention.

Figure 2: Energy estimates from macromodeling and
instruction-level simulation for bg compute scc
To illustrate the utility of our methodology, we used
it to construct an energy consumption macromodel for the
bg compute scc function shown in Figure 1. The resulting
macromodel equation, which relates energy consumption to the
size2 of the input argument bgr and values of its member fields,
is as follows:

Energy = (5.83E - 6) * last * size(bgr) + (0.5934) * no vertices - (0.576) * last + (3.625E - 4) * size(bgr).

A model in terms of function arguments, like the one shown above, also has the additional advantage of being well-suited to automated macromodel application within a larger estimation framework, because the model parameters should be readily available in any software simulator. A comparison of the energy estimates from the use of the macromodel vs. the energy estimates from instruction-level simulation for various input instances, as shown in Figure 2, shows them to be in close agreement with instruction level estimates,with an average estimation error of 0.7%.

3.AUTOMATIC ACROMODELING
METHODOLOGY

Figure 3 presents an overview of the proposed macromodeling methodology. Starting with the source code for the target function to be macromodeled, and a testbench that thoroughly exercises the target function over a wide range of input instances, the methodology consists of a sequence of steps that culminates in the generation of macromodels which approximate the energy consumption or execution time of the function. Two parallel compilation and execution flows are used to collect the data necessary to construct the macromodel. First, the source code is subject to parsing and type analysis, based on which our tool automatically generates data structure traversal and serialization routines and instruments the source code to invoke them at appropriate locations. The instrumented source code, traversal and serialization routines, and testbench are compiled and executed (any functionally accurate execution environment suffices for this step). During execution, the traversal and serialization routines dynamically enumerate and collect the values of candidate macromodel parameters. Crosscompilation and instruction-level simulation of the uninstrumented target source code and testbench is used to obtain the energy consumption and execution time for each execution instance of the target function. The collected instance-by-instance profile database, which contains values for all the independent and dependent variables,
is then fed to the symbolic regression engine to produce the macromodel.

The rest of this section describes the key steps of our methodology, which are highlighted as shaded rectangles in Figure 3.

Figure 3: Overview of the proposed automatic macromodeling
Methodology

3.1 Data Collection

Our data collection tool parses the input C files3 to collect information about data types and function arguments in the program, which is used to suitably instrument the input program.

We use argument sizes and values of the input and output data structures of the target function, as well as their nested fields, as model parameters.
We define argument size of a data structure as the number of bytes it would occupy if it were serialized. Serialization is the process of converting structured data to serial byte streams for the purpose
of storage or transmission, as in a remote procedure call.
We use type analysis to automatically generate code that computes argument sizes. In compiler theory , two types of data types are identified: basic types (e.g, int, char, float) and type constructors (e.g, pointers, arrays, and structures). Our object size calculations utilize rules associated with each basic type and type constructor. The size of basic types can be directly obtained using language facilities. The size of a structure is the sum of all nested fields. Pointers are recursively traversed using indirection
until a non-pointer type is obtained, whose size is then taken as the size of the pointer. Array sizes can be calculated similarly but require knowledge of array bounds at runtime. While C implementations do not in general maintain array bounds, C functions that
have array arguments usually also include other arguments specifying array bounds.

Callee function argument sizes are computed dynamically by code inserted in the caller function that calls the target function, immediately before and after the call. The framework described above enables run-time calculation of object size and other interesting information. For example, the size of a linked list object would be calculated as the sum of the sizes of all elements of the linked list. As a more complex example, consider the bgraph structure shown in Figure 1. Most macromodel templates for bg compute scc would require data about the number of vertices, n, and number of edges, e, in the graph. From the value of field no vertices, n can be obtained directly. Calculating e requires recognizing that vlist (the graph’s adjacency list) is actually an array of size no vertices of LISTPTR objects. Hence, the size of the vlist field ends up serving as a good estimate of e.

3.2 Macromodel intruction Using Symbolic Regression

The data collected through characterization experiments should be used to construct a macromodel relating the target function’s energy or execution time to a subset of the potential macromodel parameters. We perform this critical step through the use of symbolic regression, which was first introduced as an application that combined the fields of statistical data analysis and genetic programming (GP) by Koza . GP is used to evolve formulae containing the identified model parameters and a chosen set of mathematical operators. Based on extensive experimentation, we found the set F = {+,-,×, /, x2, x3, and log(x)} of operators to be quite adequate for our modeling needs.

We used an extended form of Koza’s symbolic regression technique, called Hybrid GP (HGP) [19], to increase the numerical robustness of symbolic regression. HGP extends Koza’s symbolic regression by introducing weights for all additive terms in the genetically derived regression formula. Classical linear regression is used to tune the weights.

4. IMPLEMENTATION AND RESULTS

In this section, we discuss our implementation and present experimental
results demonstrating the benefits of the proposed methodology.

The instrumentation and data collection steps in our methodology were implemented using a YACC based parser and several PERL scripts. Our implementation of symbolic regression is based on the GP kernel gpc++ and libraries for symbolic and numerical manipulation .

We conducted several experiments using a variety of benchmark software programs to demonstrate the utility of our automatic macromodeling framework. Table 1 shows how the macromodels obtained using our framework perform compared to execution times and energy consumption values obtained through a combination of extensive simulations and measurements from real implementations.
The benchmarks have been given descriptive names to indicate their function. For each benchmark, a sample set of 500 input instances (data sets) was used to develop the macromodel. The error associated with a macromodel is defined as the root mean square (RMS) deviation from observed values (obtained through instruction-set simulation or measurement), taken over the entire sample set. The symbolic regression tool was programmed to terminate after fifty GP generations or when the error dropped to less than 1%, whichever occurred sooner.

Table 1: Macromodeling examples

We chose the SimIt-ARM-1.1 cycle-accurate ARM ISS as our measurement platform because of its high simulation speed. The execution time of a code segment was determined as the difference in execution times of two versions of the benchmark, one with the execution of the target function enabled, and the other with it disabled. To compute energy consumption, we extended SimIt-ARM-1.1, to report processor and memory energy estimates.

4.1 Case Study: Energy Tradeoffs during Lossless Data Compression

In this section, we explore the use of macromodels in making algorithmic tradeoffs using the zlib [29] compression library. zlib can be embedded into any software application in order to perform lossless data compression. The compress2() function provided by zlib, whose interface is given by int compress2 (Bytef *dest, uLongf *destLen, uLong sourceLen, int level), allows the user to vary the computational effort expended in compression by using the level function argument that takes values from zero (no compression) to nine (maximum compression).

We developed a macromodel for the energy consumed by the compress2 function using the proposed methodology, and used it to study the tradeoff between energy consumption and the actual compression ratio achieved, for various values of the level parameter, over 300 files of various types ranging in size from 1 byte to 1 MB. It can be seen from the results of this experiment in Figure 4 that the average energy consumption increases monotonically with level but the compression ratio does not, indicating that not all compression levels are Pareto-optimal in terms of the above metrics. The figure also shows that macromodel estimates are in close agreement with energy estimates obtained using SimIt-ARM. Furthermore, the macromodel based approach has the same relative trend as the simulation based estimates, which makes it suitable for high-level design space exploration. The advantage of macromodeling is evident from the fact that estimation using the macromodel for all the input samples required less than a
minute, while the ISS took over a day to complete.

Figure 4: Using macromodeling to explore compression vs. energy
Tradeoffs

5. CONCLUSIONS

We presented a systematic methodology to automate the generation of energy and performance macromodels for embedded software. The proposed methodology radically simplifies macromodel construction, while expanding its applicability to complex embedded software. Furthermore, the use of properties of program data structures, including function arguments, as model parameters simplifies macromodel use, enabling usage in conjunction with any simulation environment. For example, macromodels could be integrated into an instruction-level simulation environment, so that some parts of the code are handled using macromodels, while glue code or parts that are difficult to macromodel are simulated using conventional techniques.

Fingerprint Recognition

2008-02-11T19:05:00.000-08:00

ABSTRACT:

Fingerprint image analysis for automatic identification technology has been developed for use in a number of major applications. Important industries affected by this technology include network security and protection, smart money, ATM transaction, and biometric identifier systems for many major government sectors. In this paper we discuss the major components of the technology including the live-scan fingerprint subsystem, the WSQ compression algorithm, and the recognition algorithm.

INTRODUCTION:

The fingerprints have been used as a mean for identifying individual for a long time because the fingerprints are unique and stay unchanged through out an individual life time. The chance of two people—even identical twins—having the same fingerprint is probably less than one in a billion. Fingerprint comparison is the most widely used method of biometric authentication and the most cost effective. Currently there are about 200 million FBI cards (10 fingerprints per cards) stored in cabinets that would fill an area of one acre. The manual effort of identifying and maintaining such a system is very cumbersome, time consuming and expensive as the number of finger print records grows at a rate from 30 to 50 thousands cards per day [1]. With the advancement of computer technology the problem of automatic finger print identification has attracted wide attention among researchers that results in automatic fingerprint identification system (AFIS) available today. Going in hands with the recognition problem is the problem of real-time matching system for large fingerprint data bases. Since the storage requirement for such a large amount of data can be thousands of terabytes system, data compression is another aspect of automatic identification using fingerprints. Currently the FBI data compression specification for finger is the “de facto national standard which is based on wavelet transform scalar quantization (WSQ)”.

AFIS: AUTOMATIC FINGERPRINT IDENTIFICATION SYSTEM

The four main components of an AFIS system is the scanner, the recognition algorithm, the search and query algorithm of the data base and the data compression algorithm.

1. The Live Scanner:
The live scanner captures the finger print at a minimum resolution of 500 pixels per inch in both row and column and each pixel shall be gray level quantized to 8 bits. Regardless of the method and media used by the scanner, the electronic image must be sufficient quality to provide conclusive finger print comparison, successful finger classification and feature detection, and can support an AFIS search reliably. The major consideration for the scanner is whether or not it meets number test procedures that will warranty the image quality as stated in the Minimum Image Quality Requirement, Electronically Produced, Fingerprint Cards, and Appendix F- IAFIS Image Quality Specifications.

¨ Geometric Image Accuracy
§ 1% for distance between .07 and 1.5 inch
§ .0007 for distance less than or equal to .07 inch

¨ Modulation Transfer Function (MTF).
MTF is the point response of the image capturing system. For each frequency the Image Modulation (IM) is computed.
IM = (Max- Min)/ (Min-Max)
The MTF is then computed by dividing the Image Modulation by the Target Modulation.

¨ Signal to Noise Ratio (SNR).
For adequate image quality, the SNR must be less than 125 for both black and white noise.
The SNR is computed as the difference between the average white and the average black value, alternately divided by the white noise standard deviation and the black noise standard deviation.
¨ Grey-Scale Range of Image Data
At least 80% of the captured images should have a dynamic range of at least 200 grey levels and at least 90% shall have a dynamic range of at least 128 grey levels.
¨ Grey Scale Linearity and Grey Level Uniformity
Linearity and uniformity of the grey level must meet a standard to assure an image quality suitable for AFIS. When scanning a uniform reference of white (and black), no two adjacent rows or columns of length 5 pixels or greater shall have an average grey scale different more than a threshold value, pixel’s grey level must remain within a deviation from mean value of local area, the mean grey level of adjacent quarter inch area shall not differ by certain value.

2. Fingerprint Matching:

The fingerprint matching process can be represented by the flowing block diagram
Matching block diagram

The pre-processing aim is to improve the quality of the image. The pre-processing has two tasks:
¨ Ridge enhancement
¨ Restoration and segmentation of fingerprint image
The pre-processing step produces a binary segmented fingerprint ridge image from an input grey scale image. The ridges have a value of ‘1’ and the rest of the image has value of ‘0’. The pre-processing steps involve
¨ Computation of orientation field
¨ foreground/background separation,
¨ ridge segmentation ,
¨ Directional smoothing of ridge
Analysis of the fingerprints shows that the ridges exhibit different anomalies referred to as ridge ending, ridge bifurcation, short ridge, ridge crossovers etc... There are some eighteen different types of features enumerated and called minutiaes. The most frequently used are the ridge ending and ridge bifurcations.

(a): Ridge ending (b): Ridge bifurcation (c): Ridge direction

A typical good finger print has about 70 to 80 minutiae points. Other complex fingerprint features can be expressed as a combination of these two features. The features are normally recorded as a vector with three attributes: the x-co-ordinate, the y-co-ordinate, and the local ridge direction ().
The finger matching is the matching of the minutiae sets. This can be done with number of techniques including point set matching, graph matching, and sub-graph isomorphism.
3. Fingerprint classification:

Block Diagram of Classification Algorithm

Given the database for the fingerprints is very large, the matching should be done only on a subset of the database. To this end, the fingerprints are classified in to five main categories as high-level features that can be used in reducing the search source during a match. They are: arch, tented arch, left loop, right loop, and whorl. The singular points commonly used are the core and the delta. The core is the highest point on the innermost ridge; the delta is the point at which three ridges radiated from it.

III. The Wavelet Scalar Quantization:

The US Federal Bureau of Investigation (FBI) has formulated a national standard for digitization and compression of grey-scale fingerprint image. At a 15:1 compression ration, the WSQ is a lossy compression but can produce archival-quality image. The compression and decompression is based on adaptive uniform scalar quantization of discrete wavelet transform sub band decomposition.

WSQ Decoder
The encoding consists of three main processes:
¨ The discrete wavelet transform (DWT) decomposition,
¨ The scalar quantization, and
¨ The Huffman entropy coding.

In the DWT step, the digital image is split into 64 spatial frequency sub bands by a two-dimensional discrete wavelet transform which is a multi rate digital filter bank. The output DWT coefficient which is in floating point arithmetic format is truncated by the scalar quantization step ("quantized"). The integer indices output by the quantization encoder are entropy-encoded by run-length coding of zeros and Huffman coding. The compressed image data, a table of wavelet transform specifications, tables for the scalar quantizes and the Huffman codes are concatenated into a single bit stream of compressed data.
In the WSQ, a two-dimensional symmetric wavelet transform is applied to the input image by transforming first the rows and then the column yielding four-channel decomposition. The four sub bands are then cascaded back through the two-dimensional analysis bank to produce more refined sixteen-bank decomposition. This process is repeated until 64-band decomposition is achieved.
The WSQ decoder reverses the process above to reproduce the finger print image from compressed data. The Huffman decoder first recovers the quantized DWT coefficients. Through the de quantizer, approximation of the original floating point format of the DWT coefficients obtained and the coefficients are feed to an inverse DWT to reconstruct the finger print image.

Application: The Conceptual Design of a Fingerprint based Identifier

¨ Verification of driver-license authenticity and license validity check

Verifying the matching between driver fingerprint and the fingerprint features stored on the license assures that the driver is indeed the person that the license is issued for. This task can be done on-site where the fingerprint features obtained from the driver by live scanning is compared with the features magnetically stored on the driver license. Current "smart card" technology allows abundant memory capacity to store the features on card.A driver/ license match means that the license indeed belongs to the driver, this, however does no warranty that the driver license is not falsified. To check for validity of the driver license the police officer has the option to make additional inquiry against the database.
In this case license validity check will result.

CONCLUSION:

We have presented the overview of the finger print technology which include primarily the scanner, the classification of fingerprint image in the database, the matching algorithms and the compression\decompression algorithm standardized by the FBI. Certain standard perhaps might be needed for this area before major commercial system applications can be implemented. An application which is a part of the fingerprint based biometric systems for commercial driver license has been shown. Once the standards and compliance procedures are in place, one can predict an explosion in the number of applications of the fingerprint technology to important industries including network security and protection, smart money, ATM transaction, military installations , airports and other secure facilities.

SCADA (Supervisory Control And Data Acquisition.)

2008-02-11T19:03:00.000-08:00

ABSTRACT
==========
SCADA is the acronym for Supervisory Control And Data Acquisition. The term refers to a large-scale, distributed measurement (and control) system. SCADA systems are used to monitor or to control chemical or transport processes, in municipal water supply systems, to control electric power generation, transmission and distribution, gas and oil pipelines, and other distributed processes.
An industrial SCADA system will be used for the development of the controls of the four LHC experiments.
So what is SCADA?
It is used to monitor and control plant or equipment. The control may be automatic, or initiated by operator commands. The data acquisition is accomplished firstly by the RTU's scanning the field inputs connected to the RTU (it may be also called a PLC - programmable logic controller). This is usually at a fast rate. The central host will scan the RTU's (usually at a slower rate.) The data is processed to detect alarm conditions, and if an alarm is present, it will be displayed on special alarm lists.

Data can be of three main types.Analogue data (ie real numbers) will be trended (ie placed in graphs). Digital data (on/off) may have alarms attached to one state or the other. Pulse data (eg counting revolutions of a meter) is normally accumulated or counted.The primary interface to the operator is a graphical display (mimic) which shows a representation of the plant or equipment in graphical form. Live data is shown as graphical shapes (foreground) over a static background. As the data changes in the field, the foreground is updated.
Example: a valve may be shown as open or closed. Analog data can be shown either as a number, or graphically. The system may have many such displays, and the operator can select from the relevant ones at any time.

Contents
========
1. Systems concepts
2. Human Machine Interface
3. Hardware solutions
4. System components
4.1 Remote Terminal Unit (RTU)
4.2 Master Station
5. Operational philosophy
6. Communication infrastructure and methods
7. Future trends in SCADA

Systems concepts
A SCADA system includes input/output signal hardware, controllers, HMI, networks, communication, database and software.
The term SCADA usually refers to a central system that monitors and controls a complete site or a system spread out over a long distance (kilometres/miles). The bulk of the site control is actually performed automatically by a Remote Terminal Unit (RTU) or by a Programmable Logic Controller (PLC). Host control functions are almost always restricted to basic site over-ride or supervisory level capability. For example, a PLC may control the flow of cooling water through part of an industrial process, but the SCADA system may allow an operator to change the control set point for the flow, and will allow any alarm conditions such as loss of flow or high temperature to be recorded and displayed. The feedback control loop is closed through the RTU or PLC; the SCADA system monitors the overall performance of that loop.

Data acquisition begins at the RTU or PLC level and includes meter readings and equipment statuses that are communicated to SCADA as required. Data is then compiled and formatted in such a way that a control room operator using the HMI can make appropriate supervisory decisions that may be required to adjust or over-ride normal RTU (PLC) controls. Data may also be collected in to a Historian, often built on a commodity Database Management System, to allow trending and other analytical work.
SCADA systems typically implement a distributed database, commonly referred to as a tag database, which contains data elements called tags or points. A point represents a single input or output value monitored or controlled by the system. Points can be either "hard" or "soft". A hard point is representative of an actual input or output connected to the system, while a soft point represents the result of logic and math operations applied to other hard and soft points. Most implementations conceptually remove this distinction by making every property a "soft" point (expression) that can equal a single "hard" point in the simplest case. Point values are normally stored as value-timestamp combinations; the value and the timestamp when the value was recorded or calculated. A series of value-timestamp combinations is the history of that point. It's also common to store additional metadata with tags such as: path to field device and PLC register, design time comments, and even alarming information.
It is possible to purchase a SCADA system, or Distributed Control System (DCS) from a single supplier. It is more common to assemble a SCADA system from hardware and software components like Allen-Bradley or GE PLCs, HMI packages from Wonderware, Rockwell Automation, Inductive Automation, Citect, or GE. Communication typically happens over ethernet.
Human Machine Interface
A Human-Machine Interface or HMI is the apparatus which presents process data to a human operator, and through which the human operator controls the process.
The HMI industry was essentially born out of a need for a standardized way to monitor and to control multiple remote controllers, PLCs and other control devices. While a PLC does provide automated, pre-programmed control over a process, they are usually distributed across a plant, making it difficult to gather data from them manually. Historically PLCs had no standardized way to present information to an operator. The SCADA system gathers information from the PLCs and other controllers via some form of network, and combines and formats the information. An HMI may also be linked to a database, to provide trending, diagnostic data, and management information such as scheduled maintenance procedures, logistic information, detailed schematics for a particular sensor or machine, and expert-system troubleshooting guides. Since about 1998, virtually all major PLC manufacturers have offered integrated HMI/SCADA systems, many of them using open and non-proprietary communications protocols. Numerous specialized third-party HMI/SCADA packages, offering built-in compatibility with most major PLCs, have also entered the market, allowing mechanical engineers, electrical engineers and technicians to configure HMIs themselves, without the need for a custom-made program written by a software developer.
SCADA is popular, due to its compatibility and reliability. It is used in small applications, like controlling the temperature of a room, to large applications, such as the control of nuclear power plants.
Hardware solutions
SCADA solutions often have Distributed Control System (DCS) components. Use of "smart" RTUs or PLCs, which are capable of autonomously executing simple logic processes without involving the master computer, is increasing. A functional block programming language, IEC 61131-3, is frequently used to create programs which run on these RTUs and PLCs. Unlike a procedural language such as the C programming language or FORTRAN, IEC 61131-3 has minimal training requirements by virtue of resembling historic physical control arrays. This allows SCADA system engineers to perform both the design and implementation of a program to be executed on a RTU or PLC.
System components
The three components of a SCADA system are:
Multiple Remote Terminal Units (also known as RTUs or Outstations).
Master Station and HMI Computer(s).
Communication infrastructure

Remote Terminal Unit (RTU)
The RTU connects to physical equipment, and reads status data such as the open/closed status from a switch or a valve, reads measurements such as pressure, flow, voltage or current. By sending signals to equipment the RTU can control equipment, such as opening or closing a switch or a valve, or setting the speed of a pump.
The RTU can read digital status data or analogue measurement data, and send out digital commands or analogue setpoints.
An important part of most SCADA implementations are alarms. An alarm is a digital status point that has either the value NORMAL or ALARM. Alarms can be created in such a way that when their requirements are met, they are activated. An example of an alarm is the "fuel tank empty" light in a car. The SCADA operator's attention is drawn to the part of the system requiring attention by the alarm. Emails and text messages are often sent along with an alarm activation alerting managers along with the SCADA operator.

Master Station
The term "Master Station" refers to the servers and software responsible for communicating with the field equipment (RTUs, PLCs, etc), and then to the HMI software running on workstations in the control room, or elsewhere. In smaller SCADA systems, the master station may be composed of a single PC. In larger SCADA systems, the master station may include multiple servers, distributed software applications, and disaster recovery sites.
The SCADA system usually presents the information to the operating personnel graphically, in the form of a mimic diagram. This means that the operator can see a schematic representation of the plant being controlled. For example, a picture of a pump connected to a pipe can show the operator that the pump is running and how much fluid it is pumping through the pipe at the moment. The operator can then switch the pump off. The HMI software will show the flow rate of the fluid in the pipe decrease in real time. Mimic diagrams may consist of line graphics and schematic symbols to represent process elements, or may consist of digital photographs of the process equipment overlain with animated symbols.
The HMI package for the SCADA system typically includes a drawing program that the operators or system maintenance personnel use to change the way these points are represented in the interface. These representations can be as simple as an on-screen traffic light, which represents the state of an actual traffic light in the field, or as complex as a multi-projector display representing the position of all of the elevators in a skyscraper or all of the trains on a railway. Initially, more "open" platforms such as Linux were not as widely used due to the highly dynamic development environment and because a SCADA customer that was able to afford the field hardware and devices to be controlled could usually also purchase UNIX or OpenVMS licenses. Today, all major operating systems are used for both master station servers and HMI workstations.
Operational philosophy
Instead of relying on operator intervention, or master station automation, RTUs may now be required to operate on their own to control tunnel fires or perform other safety-related tasks. The master station software is required to do more analysis of data before presenting it to operators including historical analysis and analysis associated with particular industry requirements. Safety requirements are now being applied to the system as a whole and even master station software must meet stringent safety standards for some markets.
For some installations, the costs that would result from the control system failing is extremely high. Possibly even lives could be lost. Hardware for SCADA systems is generally ruggedized to withstand temperature, vibration, and voltage extremes, but in these installations reliability is enhanced by having redundant hardware and communications channels. A failing part can be quickly identified and its functionality automatically taken over by backup hardware. A failed part can often be replaced without interrupting the process. The reliability of such systems can be calculated statistically and is stated as the mean time to failure, which is a variant of mean time between failures. The calculated mean time to failure of such high reliability systems can be in the centuries.
Communication infrastructure and methods
SCADA systems have traditionally used combinations of radio and direct serial or modem connections to meet communication requirements, although Ethernet and IP over SONET is also frequently used at large sites such as railways and power stations.
This has also come under threat with some customers wanting SCADA data to travel over their pre-established corporate networks or to share the network with other applications. The legacy of the early low-bandwidth protocols remains, though. SCADA protocols are designed to be very compact and many are designed to send information to the master station only when the master station polls the RTU. Typical legacy SCADA protocols include Modbus, RP-570 and Conitel. These communication protocols are all SCADA-vendor specific. Standard protocols are IEC 60870-5-101 or 104, Profibus and DNP3.
These communication protocols are standardised and recognised by all major SCADA vendors. Many of these protocols now contain extensions to operate over TCP/IP, although it is good security engineering practice to avoid connecting SCADA systems to the Internet so the attack surface is reduced.
RTUs and other automatic controller devices were being developed before the advent of industry wide standards for interoperability. The result is that developers and their management created a multitude of control protocols. Among the larger vendors, there was also the incentive to create their own protocol to "lock in" their customer base. A list of automation protocols is being compiled here. industrial firewall and VPN solutions for TCP/IP based SCADA networks.
Future trends in SCADA
The trend is for PLC and HMI/SCADA software to be more "mix-and-match". In the mid 1990s, the typical DAQ I/O manufacturer offered their own proprietary communications protocols over a suitable-distance carrier like RS-485. Towards the late 1990s, the shift towards open communications continued with I/O manufacturers offering support of open message structures like Modicon MODBUS over RS-485, and by 2000 most I/O makers offered completely open interfacing such as Modicon MODBUS over TCP/IP. The primary barriers of Ethernet TCP/IP's entrance into industrial automation (determinism, synchronization, protocol,selection,environment suitability) are still a concern to a few extremely specialized applications, but for the vast majority of HMI/SCADA markets these barriers have been broken.
Recently, however, the very existence of SCADA based systems has come into question as they are increasingly seen as extremely vulnerable to cyberwarfare/cyberterrorism attacks. Given the mission critical nature of a large number of SCADA systems, such attacks could, in a worse case scenario, cause massive financial losses through loss of data or actual physical destruction, misuse or theft, even loss of life, either directly or indirectly. Whether such concerns will cause a move away from the use of SCADA systems for mission critical applications towards more secure architectures and configurations remains to be seen, given that at least some influential people in corporate and governmental circles believe that the benefits and lower initial costs of SCADA based systems still outweigh potential costs and risks.

CONCLUSION
Potential benefits of SCADA
The benefits one can expect from adopting a SCADA system for the control of experimental physics facilities can be summarised as follows:
a rich functionality and extensive development facilities. The amount of effort invested in SCADA product amounts to 50 to 100 p-years!
the amount of specific development that needs to be performed by the end-user is limited, especially with suitable engineering.
Enhance reliability and robustness.
technical support and maintenance by the vendor. For large collaborations, as for the CERN LHC experiments, using a SCADA system for their controls ensures a common framework not only for the development of the specific applications but also for operating the detectors. Operators experience the same

Pictures

2008-02-11T19:01:00.000-08:00

For the Images which are missing in the paper,browse through the links provided on the left..

Nano Technology

2008-02-11T18:59:00.000-08:00

Abstract
Eric Drexler has proposed a hypothetical nanotechnology based on diamond and investigated the properties of such molecular systems. While attractive, diamond nanotechnology is not physically accessible with straightforward extensions of current laboratory techniques, we propose a nanotechnology based on functionalized fullerenes and investigate carbon nanotube based gears with teeth added via a benzyne reaction known to occur with C60. The gears are single-walled carbon nanotubes with appended o-benzyne groups for teeth. Fullerenes are in widespread laboratory use and can be functionalized in many ways .Companion papers computationally demonstrate the properties of these gears and the accessibility of the benzyne/nanotube reaction. This paper describes the molecular design techniques and rationale as well as the software that implements these design techniques. The software is a set of persistent C++ objects controlled by TCL command scripts. The C++_TCLinterface is automatically generated by a software system called TCL_C++ developed by the author and described here. The objects keep track of different portions of the molecular machinery to allow different simulation techniques and boundary conditions to be applied as appropriate. This capability has been required to demonstrate (computationally) our gear's feasibility. A new distributed software architecture featuring a WWW universal client, CORBA distributed objects, and agent software is under consideration. The software architecture is intended to eventually enable a widely disbursed group to develop complex simulated molecular machines.

Contents
Introduction
Fullerene Nanotechnology
Design Software
Current Software Architecture
Proposed Future Software Architecture
Self replication and Nanotechnology
Applications
Conclusions
1) Introduction
Eric Drexler has proposed a hypothetical nanotechnology based on diamond and there is informed speculation that this technology could have tremendous aerospace applications. Unfortunately, no one knows how to build diamonoid components in the laboratory. To gain the benefits of nanotechnology, a more accessible chemical basis is needed. We have chosen to investigate fullerene nanotechnology and develop software to support this work. Software development is at a very early stage. This paper is a status report, not an exposition of finished work.
2) Fullerene Nanotechnology
A nanotechnology based on fullerenes has been suggested by others. C60 and other cage-like fullerenes provide points, carbon nanotubes provide lines, and these can -- in principle -- be combined to create three dimensional objects. Since fullerenes can be functionalized by a wide variety of molecular fragments [Dresselhaus 96], a wide array of objects with many properties may be created. The first systems we have investigated are various gears built out of single walled carbon nanotubes with o-benzyne groups attached to form the teeth. [Thess 96] has demonstrated a 70% yield in carbon nanotube production so the tube should be synthetically accessible, although generated (10,10) tubes whereas most of our simulations use (14,0) tubes. has shown that benzyne reacts with C60 to form a 1-2 bond between six membered rings and quantum calculations suggest that a similar reaction should take place on carbon nanotubes, although 1-4 bonds are slightly preferred. Adding aromatic rings to the tube should give us relatively stiff molecular gear teeth, and this has proved to be the case.
A typical gear configuration
Using the NanoDesign design and simulation software described below, [Han 96] has shown that -- assuming you believe the force field -- a number of gear and gear/shaft systems will function mechanically in a vacuum. These simulations used a software thermostat and motor, but there is reason to believe that physical implications of these functions can be provided. Preliminary simulations suggest that cooling is possible using an inert atmosphere. Experimental evidence and simulation suggest that lasers may be used to rotate the gears.

The tube is functionalizing with positive and negative charges in appropriate locations and the lasers are used to create a rotating electric field.
3) Design Software
The simple molecular machines simulated so far can be easily designed and modeled using ad hoc software and molecule development. However, to design complex systems such as the molecular assembler/replicators envisioned by the NASA Ames Computational Molecular Nanotechnology Project, a more sophisticated software architecture will be needed. The current NanoDesign software architecture is a set of c++ classes with a tcl front end for interactive molecular gear design. Simulation is via a parallelized FORTRAN program which reads files produced by the design system. We envision a future architecture centered around an object oriented database of molecular machine components and systems with distributed access via CORBA from a user interface based on a WWW universal client.
4) Current Software Architecture
The current system consists of a parallelized FORTRAN program to simulate hydrocarbon systems. Supramolecular conformations come from xyz files (the force field does not require a bond network in the input) produced by a c++ and tcl program using the TCL_C++ interface generator. The software also creates FORTRAN files with indices into an array of atoms indicating where each component (e.g., gear teeth) begins and ends. The user creates tcl files with tcl functions to create and modify c++ objects.

Current NanoDesign software architecture.
For example, this tcl fragment creates a buckytube:
# create a buckytube
set tube [aBuckytube]
# it will be 14,0 tube
$tube setRingCircumference 14
# make it 21 rings long
$tube setRingLength 21
# set the FORTRAN variable name for the tube
$tube setVariableName "tube"
# tell c++ to create the tube
$tube build
# write the confirmation into a file
$tube writeXyz "tube.xyz"
# write the FORTRAN declarations and index assignments into a file
$tube write FORTRAN variables "tube.f"
See here for details on the FORTRAN output.
TCL_C++
C++ was chosen for molecular design for its object oriented properties and high performance. However, c++ is a compiled language so changes to the code take a bit of time. This is inconvenient when designing molecular systems; an interpreted language would be better. Tcl is meant to be used as an embedded interpreted command language in c and c++ programs. Tcl is a full-featured language with loops, procedures, variables, conditionals, expressions and other capabilities of procedural computer languages. C++ programs can add new tcl functions to any tcl interpreter linked in. Thus, tcl gives us an interpreted interface to the c++ class library so molecules can be designed at interactive rates. Note that both Cerius2 and Insight/Discover commercial computational chemistry packages use tcl for their command language.
The Visualization Toolkit project [Schroeder 96] discovered that a tcl interface to a large c++ class library can require substantial programmer effort to write the glue that allows tcl to control c++ classes. The vtk project avoided this by writing a partial c++ header file parser that reads the c++ header file for a class and automatically generates the tcl interface code. We wanted more control over which c++ member functions were tcl accessible, so the TCL_C++ system requires a file for each c++ class to define which member functions, variables, and constants are tcl accessible. This file is read by a tcl interpreter with tcl procedures defined to generate c++ code to allow another tcl interpreter to control the c++ class in question. Fortunately, although TCL_C++ itself was hard to program, it is easy and convenient for a programmer to use. For details of TCL_C++ see here.
5) Proposed Future Software Architecture
Future distributed NanoDesign software architecture. Note that each box may represent many instances distributed onto almost any machine.
The current NanoDesign molecular design software appears to the user as an interpreted language based on tcl. This is very effective for design of simple parts and systems. To design and computationally test complex replicators will require a more sophisticated system similar to the mechanical CAD systems available in the commercial marketplace. Furthermore, it would be of substantial practical advantage if the design team could be geographically dispersed. Therefore, we are investigating an software architecture based on a universal client (for example, a WWW browser), CORBA distributed objects, an object oriented database, and encapsulated computational chemistry legacy software. We are also interested in using command language fragments to control remote objects. Software that communicates this way is sometimes called agents

Universal Client
With the advent of modern WWW browsers implementing languages such as Java and JavaScript, it is possible to write applications using these browsers as the user interface. This saves development time since most user interface functionality comes free, integration with the WWW is trivial, and the better browsers run on a wide variety of platforms so portability is almost free. VRML can be used for 3D graphics and plug-ins such as the recently announced Biosym/MSI, Inc. molecule browser provide crucial functionality without much work.
Recently, Netscape, Inc. announced that the Netscape WWW browser would be made CORBA (see below) compliant offering a standard way to communicate between application code loaded by the browser and databases and computational chemistry software resident on servers and supercomputers. Previously, only the stateless http protocol was available to web browsers. Hopefully, other companies in the extremely competitive WWW browser market will follow suit.
These developments suggest that a single program can function as the user interface for a wide variety of applications, including computational nanotechnology. These applications load software (e.g. Java applets and JavaScript) into the browser when the user requests it. The applications then communicate with databases and remote objects (such as encapsulated legacy software) to meet user needs.

CORBA (Common Object Request Broker Architecture)
The universal browser is of little use in developing complex molecular machines if it cannot communicate with databases of components and systems and invoke high performance codes on fast machines to do the analysis. CORBA, a distributed object standard developed by the OMG (Object Management Group), provides a means for distributed objects -- for example the universal browser application, a database containing an evolving molecular machine design, and simulation codes -- to communicate and control each other. The simplest description of CORBA is that each object is represented by an interface described by the CORBA IDL (interface description language). Operations and data defined in the IDL may be accessed by other CORBA objects on the network. System software (called ORBs -- object request brokers) is responsible for communicating between objects whether they be on the same machine or widely distributed. See [Siegel 96] for a description of CORBA.
Object Oriented Database
To develop complex molecular machines, databases of components and processes as well as complex databases describing individual systems will be required. Object oriented databases appear to be better than relational databases for design systems for products such as aircraft and molecular machines.
Encapsulated Computational Chemistry Legacy Software
Like most research centers, NASA Ames has a number of very capable codes that do not fit the object model. However, it is often possible to create a c++ object that 'encapsulates' the legacy software. That is, the c++ object has methods that reformat their parameters, execute the legacy software, reformat the result and return it. When the legacy software does IO, the encapsulating object must intervene between the legacy software and the CORBA system. This technique allows existing codes to operate within an object oriented framework with minimal modification.
Agent Style Communication
In this context, agent software means software components that communicate by sending programs to each other. When each component is controlled by a command language, this is relatively easy to implement. Thus, a user interface component could control the tcl/c++ design software by writing a tcl command file and sending it to the design software for execution. This approach to software is powerful but not yet well understood.
6) Self replication and nanotechnology
A crucial objective of nanotechnology is the ability to make products inexpensively. While the ability to make a few very small, very precise molecular machines very expensively would clearly be a major scientific achievement, it would not fundamentally change how we make most products.
Fortunately, we are surrounded and inspired by products that are marvelously complex and yet very inexpensive. Potatoes, for example, are made by intricate molecular machines involving tens of thousands of genes, proteins, and other molecular components; yet the result costs so little that we think nothing of mashing this biological wonder and eating it.
It's easy to see why potatoes and other agricultural products are so cheap: put a potato in a little moist dirt, provide it with some air and sunlight, and we get more potatoes. In short, potatoes are self replicating.
Just as the early pioneers of flight took inspiration by watching birds soar effortlessly through the air, so we can take inspiration from nature as we develop molecular manufacturing systems. Of course, "inspired by" does not mean "copied from" Airplanes are very different from birds: a 747 bears only the smallest resemblance to a duck even though both fly. The artificial self replicating systems that have been envisioned for molecular manufacturing bear about the same degree of similarity to their biological counterparts as a car might bear to a horse.
Horses and cars both provide transportation. Horses, however, can get their energy from potatoes, corn, sugar, hay, straw, grass, and countless other types of "fuel." A car uses only a single artifical and carefully refined source of energy: gasoline. Putting sugar or straw into its gas tank is not recommended!
The machines that people make tend to be inflexible and brittle in response to changes in their environments. By contrast, living biological systems are wonderfully flexible and adaptable. Horses can pick their way along a narrow trail or jump over shrubs; they get "parts" (from their food) in the same flexible way they get energy; and they have a remarkable self repair ability.
Cars, on the other hand, need roads on which to travel; have to be provided with odd and very unnatural parts; are often difficult to repair (let alone self repairing!); and in general are simply unable to cope with a complex environment. They work because we want them to work, and because we can fairly inexpensively provide carefully controlled conditions under which they can perform as we desire.
In the same way, the artifical self replicating systems that are being proposed for molecular manufacturing are inflexible and brittle. It's difficult enough to design a system able to self replicate in a controlled environment, let alone designing one that can approach the marvelous adaptibility that hundreds of millions of years of evolution have given to living systems. Designing a system that uses a single source of energy is both much easier to do and produces a much more efficient system: the horse pays for its ability to eat potatoes when grass isn't available by being less efficient at both. For artificial systems where we wish to decrease design complexity and increase efficiency, we'll design the system so that it can handle one source of energy, and handle that one source very well. Horses can manufacture the many complex proteins and molecules they need from whatever food happens to be around. Again, they pay for this flexibility by having an intricate digestive system able to break down food into its constituent molecules, and a complex intermediary metabolism able to synthesize whatever they need from whatever they've got. Artificial self replicating systems will be both simpler and more efficient if most of this burden is off-loaded: we can give them the odd compounds and unnatural molecular structures that they require in an artifical "feedstock" rather than forcing the device to make everything itself -- a process that is both less efficient and more complex to design.
The mechanical designs proposed for nanotechnology are more reminiscent of a factory than of a living system. Molecular scale robotic arms able to move and position molecular parts would assemble rather rigid molecular products using methods more familiar to a machine shop than the complex brew of chemicals found in a cell. Although we are inspired by living systems, the actual designs are likely to owe more to design constraints and our human objectives than to living systems. Self replication is but one of many abilities that living systems exhibit. Copying that one ability in an artificial system will be challenge enough without attempting to emulate their many other remarkable abilities.
Self replication is an effective route to truly low cost manufacturing. Our intuitions about self replicating systems, learned from the biological systems that surround us, are likely to seriously mislead us about the properties and characteristics of artificial self replicating systems designed for manufacturing purposes. Artificial systems able to make a wide range of non-biological products (like diamond) under programmatic control are likely to be more brittle and less adaptable in their response to changes in their environment than biological systems. At the same time, they should be simpler and easier to design. The complexity of such systems need not be excessive by present engineering standards.
7) Applications
In the coming decades nanotechnology could make a supercomputer so small it could barely be seen in a light microscope. Fleets of medical nanorobots smaller than a cell could roam in our bodies eliminating bacteria, clearing out clogged arteries, and reversing the ravages of old age. Clean factories could eliminate pollution caused by manufacturing. Low cost solar cells and batteries could replace coal, oil and nuclear fuels with clean, cheap and abundant solar power. New inexpensive materials over fifty times stronger per kilogram than those used in today's rockets could open up space and make lunar vacations no more expensive than vacations to the South Pole. Material abundance for all the people of the earth could become a reality.
Not long ago, such a forecast would have been ridiculed. Today, the President of the United States has called for a $500 million National Nanotechnology Initiative and invites us to imagine "...materials with ten times the strength of steel and only a small fraction of the weight -- shrinking all information housed at the Library of Congress into a device the size of a sugar cube -- detecting cancerous tumors when they are only a few cells in size." Scientists around the world agree this is all possible (though with big disagreements about exactly how long it will take and exactly what it will look like).
At its heart, the coming revolution in manufacturing is a continuation of trends that date back decades and even centuries. Manufacturing has been getting more precise, more diverse and less expensive for over fifty years. Looking ahead, in a few decades we'll be able to manufacture products with the ultimate in precision: the finest features will be made from individual atoms and molecules -- the fundamental building blocks of matter from which all the objects in the world around us are made. The diversity of products will be staggering: we'll be able to make almost any arrangement of atoms consistent with physical law. And we'll be able to make things inexpensively -- a dollar a kilogram or less.
8) Conclusions
The NanoDesign software is intended to design and test fullerene based hypothetical molecular machines and components. The system is in an early stage of development. Presently, tcl provides an interpreted interface, c++ objects represent design components, and a parallelized FORTRAN program simulates the machine. In the future, an architecture based on distributed objects is envisioned. A key requirement for this vision is a standard set of interfaces to various computational chemistry capabilities (e.g., force fields, integrators, etc.). A standard set of interfaces would allow vendors to supply small, high quality components to a distributed system. AcknowledgmentsI would like to thank my colleagues at the Molecular Engineering Laboratory at the University of California at Santa Cruz, led by Dr. Todd Wipke, for many fruitful discussions and an environment tremendously conducive to molecular design

PHISHING

2008-02-09T20:26:00.001-08:00

1. Phishing:

Phishing is a form of social engineering practice done by cyber criminals for gaining access into bank accounts by stealing sensitive information.
Customers of leading banks, through out the world have been a target of phishing

1.1 Definition:
Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

1.2 History of phishing:
The word “phishing” originally comes from the analogy that early Internet criminals used email lures to “phish” for passwords and financial data from a sea of Internet users. The use of “ph” in the terminology is partly lost in the annals of time, but most likely linked to popular hacker naming conventions such as “Phreaks” which traces back to early hackers who were involved in “phreaking” – the hacking of telephone systems.

The term was coined in the 1996 timeframe by hackers who were stealing America Online (AOL) accounts by scamming passwords from unsuspecting AOL users. The popularized first mention on the Internet of phishing was made in alt.2600 hacker newsgroup in January 1996

2. Phishing Threat:
The use of the phishing medium as a money laundering tool appears to be emerging, where volumes of compromised user data is sold to crime groups who aggregate the stolen funds into centralized false accounts by a principal organizer or “dump leader”. The use of false employment websites, encouraging users to sign up and provide their banking facilities to forward money to other accounts for a 20% administration fee has also been revealed

2.1 Social Engineering Factors:
Phishing attacks rely upon a mix of technical deceit and social engineering practices. In the majority of cases the Phisher must persuade the victim to intentionally perform a series of actions that will provide access to confidential information.Communication channels such as email, web-pages, IRC and instant messaging services are popular. In all cases the Phisher must impersonate a trusted source (e.g. the helpdesk of their bank, automated support response from their favorite online retailer, etc.) for the victim to believe

To date, the most successful Phishing attacks have been initiated by email – where the Phisher impersonates the sending authority (e.g. spoofing the source email address and embedding appropriate corporate logos). For example, the victim receives an email supposedly from support@mybank.com (address is spoofed) with the subject line 'security update’, requesting them to follow the URL www.mybank-validate.info (a domain name that belongs to the attacker – not the bank) and provide their banking PIN number

3. Phishing Message delivery:

3.1 Email and spam:
Phishing attacks initiated by email are the most common. Using techniques and tools used by Spammers, Phishers can deliver specially crafted emails to millions of legitimate “live” email addresses within a few hours (or minutes using distributed Trojan networks). In many cases, the lists of addresses used to deliver the phishing emails are purchased from the same sources as conventional spam

3.2 Web based delivery:
An increasingly popular method of conducting phishing attacks is through malicious web-site content. This content may be included within a web-site operated by the Phisher, or a third-party site hosting some embedded content.

3.3 Fake Banner Advertising:
Banner advertising is a very simple method Phishers may use to redirect an organisations customer to a fake web-site and capture confidential information. Using copied banner advertising, and placing it on popular websites, all which is necessary is some simple URL obfuscation techniques to obscure the final destination.

3.4 Trojaned Hosts:
While the delivery medium for the phishing attack may be varied, the delivery source is increasingly becoming home PC’s that have been previously compromised. As part of this compromise, a Trojan horse program has been installed which allows Phishers (along with Spammers, Warez Pirates, DDoS Bots, etc.) to use the PC as a message propagator. Consequently, tracking back a Phishing attack to an individual initiating criminal is extremely difficult.
4 Phishing attack techniques:
4.1 Man-in-the-middle Attacks
One of the most successful vectors for gaining control of customer information and resources is through man-in-the-middle attacks. In this class of attack, the attacker situates themselves between the customer and the real web-based application, and proxies all communications between the systems. From this vantage point, the attacker can observe and record all transactions.
4.2 URL Obfuscation Attacks:
The secret for many phishing attacks is to get the message recipient to follow a hyperlink (URL) to the attacker’s server, without them realizing that they have been duped. Unfortunately phishers have access to an increasingly large arsenal of methods for obfuscating the final destination of the customer’s web request.
4.3 Cross-site Scripting Attacks:
Cross-site scripting attacks (commonly referred to as CSS or XSS) make use of custom URL or code injection into a valid web-based application URL or imbedded data field. In general, these CSS techniques are the result of poor web-application development processes.

4.4 Preset Session Attack:

In this class of attack the phishing message contains a web link to the real application server, but also contains a predefined SessionID field. The attackers system constantly polls the application server for a restricted page using the preset SessionID. Until a valid user authenticates against this SessionID, the attacker will receive errors from the web-application server .

4.5 Hidden Attacks:
Extending beyond the obfuscation techniques discussed earlier, an attacker may make use of HTML, DHTML and other scriptable code that can be interpreted by the customers web browser and used to manipulate the display of the rendered information. In many instances the attacker will use these techniques to disguise fake content as coming from the real site – whether this is a man-in-the-middle attack, or a fake copy of the site hosted on the attackers own systems.

5 Defence Mechanisms:

5.1 Client-side:

The client-side should be seen as representing the forefront of anti-phishing security. Given the distributed nature of home computing and the widely varying state of customer skill levels and awareness, client-side security is generally much poorer than a managed corporate workstation deployment. However, many solutions exist for use within both the home and corporate environments.

5.2 Server-side:

By implementing intelligent anti-phishing techniques into the organisations web application security, developing internal processes to combat phishing vectors and educating customers – it is possible to take an active role in protecting customers from future attack. By carrying out this work from the server-side, organisations can take large steps in helping to protect against what is invariably a complex and insidious threat.At the client-side, protection against Phishing can be afforded by:
Using strong token-based authentication systems
Keeping naming systems simple and understandable

5.3 Enterprise Level:

Businesses and ISP’s may take enterprise-level steps to secure against Phishing scams – thereby protecting both their customers and internal users. These enterprise security solutions work in combination with client-side and server-side security mechanisms, offering considerable defence-in-depth against phishing and a multitude of other current threats.

Key steps to anti-phishing enterprise-level security include:
Automatic validation of sending email server addresses,
Digital signing of email services,
Monitoring of corporate domains and notification of “similar” registrations,
Perimeter or gateway protection agents,
Third-party managed services
CONCLUSION:
Phishing started off being part of popular hacking culture. Now, as more organisations provide greater online access for their customers, professional criminals are successfully using phishing techniques to steal personal finances and conduct identity theft at a global level. By applying a multi-tiered approach to their security model (client-side, server-side and enterprise) organisations can easily manage their protection technologies against today’s and tomorrows threats – without relying upon proposed improvements in communication security that are unlikely to be adopted globally for many years to come.

BIBLIOGRAPHY:
Cyveillance the brand monitoring network www.cyveillance.com
The Open Web Application Security Project www.owasp.org/images/a/ad/Phishing-a_new_age_weapon
Wikipedia, the free encyclopedia www.wikipedia.org
4. The phishing Guide www.ngssoftware.com

BLUETOOTH TECHNOLOGY in WIRELESS COMMUNICATION

2008-02-09T20:23:00.000-08:00

ABSTRACT:-

Today, electronics that connect to one another are found everywhere--in the office, home, Car, etc. Keyboards connect to computers, MP3 players to headphones and so on. So, how do these devices connect to each other? Usually the answer is: with wires and cables. But, as you know, wires and cables always result in a tangled mess.

Bluetooth wireless technology eliminates many of the wires that clutter our offices, homes, etc., while allowing our electronic devices of today and tomorrow to with one communicate another .Bluetooth technology has been around for years, however for many people it is just another “tech” term.

Bluetooth technology is how mobile phones, computers, and personal digital assistants (PDAs), not to mention a broad selection of other devices, can be easily interconnected using a short-range wireless connection. Using this technology, users can have all mobile and fixed computer devices be totally coordinated.

This presentation explains the present scenario of using wireless technology for transmission of data .This includes working of Bluetooth wireless technology, protocols used, profiles and specifications needed for transmission,security provision and includes some of the devices using bluetooth.

INTRODUCTION

Today, electronics that connect to one another are found everywhere--in the office, home car, etc. keyboards connect to computers, MP3 players to headphones and so on. So, how do these devices connect to each other? Usually the answer is: with wires and cables. But, as you know, wires and cables always result in a tangled mess
Bluetooth wireless technology eliminates many of the wires that clutter our offices, homes, etc., while allowing our electronic devices of today and tomorrow to with one communicate another .Bluetooth technology has been around for years, however for many people it is just another “tech” term.
Most people have little or no understanding of the technology and have very little knowledge of its applications. However, you hear and read about it everywhere--in ads for computers, cell phones, PDAs and all types of different devices enabled with Bluetooth technology.
What is Bluetooth wireless technology?
Bluetooth technology is how mobile phones, computers, and personal digital assistants (PDAs), not to mention a broad selection of other devices, can be easily interconnected using a short-range wireless connection. Using this technology, users can have all mobile and fixed computer devices be totally coordinated.
Bluetooth wireless technology is a short-range radio technology. Bluetooth wireless technology makes it possible to transmit signals over short distances between telephones, computers and other devices and thereby simplify communication and synchronization between devices. Generally, Bluetooth has a range of up to 30 ft. or greater, depending on the bluetooth core specification version. Newer devices, using newer versions of Bluetooth, have ranges over 100 ft.
It is a global standard that:
· eliminates wires and cables between both stationary and mobile devices;
· facilitates both data and voice communication;
· offers the possibility of ad hoc networks and delivers the ultimate synchronicity between all your personal devices.
Bluetooth technology is actually derived from a combination of wireless technologies. The Bluetooth specification unites these technologies under the title: "Bluetooth technology". Bluetooth radio uses a fast acknowledgement and frequency-hopping scheme to make the link robust, even in noisy radio environments. Due to the fact that Bluetooth technology is a standardized wireless technology, you can rest assure it will be around for many years to come.

HISTORY :
The Bluetooth SIG:
The name “Bluetooth” and its logo are trademarked by the privately held trade association named the Bluetooth Special Interest Group (SIG).
Founded in September 1998, the Bluetooth SIG is a unification of leaders in the telecommunications, computing, network, industrial automation, and Automotive industries. Today, the Bluetooth SIG is responsible for encouraging and supporting research and development in Bluetooth technology.
The Bluetooth SIG includes promoter member companies Microsoft, Ericsson, IBM, Intel, Agere, Motorola, Nokia, and Toshiba, plus thousands of Associate and Adopter member companies .
· Why is It Called Bluetooth?
The developers of this wireless technology first used the name "Bluetooth" as a code name, but as time past, the name stuck.
The word "Bluetooth" is taken from the 10th century Danish King Harald Bluetooth. King Bluetooth had been influential in uniting Scandinavian Europe during an era when the region was torn apart by wars and feuding clans.
The founders of the Bluetooth SIG felt the name was fitting because: 1) Bluetooth technology was first developed in Scandinavia, and 2) Bluetooth technology is able to unite differing industries such as the cell phone, computing, and automotive markets. Bluetooth wireless technology simplifies and combines multiple forms of wireless communication into a single, secure, low-power, low-cost, globally available radio frequency.
· Where Did the Logo Come From?
A Scandinavian firm originally designed the logo at the time the SIG was formally introduced to the public. Keeping to the same origin as the Bluetooth name, the logo unites the Runic alphabetic characters "H", which looks similar to an asterisk, and a "B", which are the initials for Harald Bluetooth. If you look close enough you can see both embodied in the logo.
How Bluetooth Works?
In order to understand how Bluetooth technology works, we must first take a look at how electronic devices (Bluetooth or not) connect and communicate with one another.
There are several questions that need to be addressed before any two devices can communicate with one another.
Q: Will the devices communicate via wires or through the air?
A: Obviously, if the devices are using Bluetooth technology, they will communicate without wires. However, if the devices are not Bluetooth enabled, then they have the option of communicating either with or without wires. Devices can take advantage of several wireless technologies (Bluetooth included) by using various transmitters to send information over the airwaves.

Q: How will messages or information be sent between the two devices?
A: Information can be sent one bit at a time in a scheme called serial communications, or in groups of bits (usually 8 or 16 at a time) in a scheme called parallel communications.
Q: How will devices in this “electronic conversation” know what the information (bits or groups of bits) means? How will they know if they received the same message that was sent?

A: Most of the time these questions are answered by the creation of what is known as a protocol. A protocol is a standard that controls or enables the connection, communication, and data transfer between two electrical devices. Basically, a protocol is the "language" of devices.With so many different types of electronics available, it is probably no surprise that there are tons of established protocols. However, almost all protocols address one or more of the following:
* Detecting the presence of other devices* Establishing communications guidelines between two devices (AKA: Handshaking)* Determining the various connection characteristics* How to format a message* How to start and end a message* What to do with corrupted or incorrectly formatted messages* How to recognize unexpected connection loss, and what to do next* Ending the connection or “conversation”

Bluetooth: Low Power and Low Cost!
Bluetooth wireless technology operates on an open frequency within the 2.4 gigahertz band, which is the same as WiFi, cordless phones and various other wireless devices. Bluetooth is able to share the same frequency band without experiencing any interference because it utilizes various key technologies.
One of the ways Bluetooth avoids interference is through the use of low power signals (around one milliwatt). Devices using the Bluetooth Core Specification Version 1.1 or later are able to avoid interference with other wireless devices because their signal is so weak. Take into consideration that powerful cell phones use a signal of around three watts. Even though the signal is weaker, Bluetooth still offers a range of up to 30 feet (Newe versions can have a range over 100 feet).
The signal is also capable of passing through the walls in your home, making it useful for controlling several devices in different rooms. Data can be transferred at a rate of up to one Megabyte per second (Mbps).
Also, because Bluetooth transmitters require minimal amounts of power, they are relatively inexpensive to manufacture. Simply put, Bluetooth uses low-power radio waves to reliably communicate in an inexpensive way.
“Hopping” = No Interference
Another way Bluetooth devices are able to avoid interference is through a technique known as spread-spectrum frequency hopping. By using the “hopping” method, a device will use one of 79 different, randomly chosen frequencies within an assigned range, and will frequently change frequencies from one to another.
Bluetooth enabled devices, which all use the “hopping” method, change frequencies 1,600 times per second. As a result, more devices can use a portion of the radio spectrum.The risk of a device like a cell phone or baby monitor interfering with Bluetooth devices is minimized, since any interference on a specific frequency will last for only a fraction of a second.Bluetooth version 2.0 + EDR, the very latest of the Bluetooth specification versions, uses an enhanced technology called: Adaptive Frequency Hopping (AFH).
AFH allows Bluetooth devices to measure the quality of the wireless signal and then determine if there are bad channels present on specific frequencies due to interference from other wireless devices.If bad channels are present on a specific frequency, the Bluetooth device will adjust its hopping sequence to avoid them. As a result, the Bluetooth connection is stronger, faster, and more reliable.
Bluetooth Profiles: How Bluetooth is Used
Bluetooth enabled devices must use and understand certain Bluetooth "profiles" in order to use Bluetooth technology to connect to one another. These profiles define the possible applications that a Bluetooth enabled device can support.In order for one Bluetooth device to connect to another, both devices must share at least one of the same Bluetooth profiles.

.
Bluetooth Pairing
If you are familiar with Bluetooth wireless technology, you'll probably recognize the term "Bluetooth pairing". But do you actually know what Bluetooth pairing means?
Bluetooth pairing occurs when two Bluetooth devices agree to communicate with each other and establish a connection.In order to pair two Bluetooth wireless devices, a password (passkey) has to be exchanged between the two devices. A Passkey is a code shared by both Bluetooth devices, which proves that both users have agreed to pair with each other.
This is the normal process that occurs with Bluetooth pairing:
Bluetooth device A looks for other Bluetooth devices in the area
In order to find other Bluetooth devices, Bluetooth device A must be set to discoverable mode. When set to discoverable, Bluetooth device A will allow other Bluetooth devices to detect its presence and attempt to establish a connection.
.
Bluetooth device A finds Bluetooth device B
Usually the discoverable device will indicate what type of device it is (Such as a printer, cell phone, headset, etc.) and its Bluetooth device name. The Bluetooth device name is the name that you give the Bluetooth device or the factory name that originally was programmed.

Bluetooth Device A prompts you to enter a password (PassKey)
With advanced devices, both users must agree on the Passkey and enter it into their device. The code can be anything you like as long as it is the same for both Bluetooth wireless devices.On other devices, such as Bluetooth headsets, the Passkey stays the same. Refer to the product’s manual for the default passkey. Most often , the passkey is zero.
Bluetooth device A sends the Passkey to Bluetooth device B

Bluetooth device B sends the Passkey back to Bluetooth device A
If both Passkeys are the same, a trusted pair is formed. This will happen automatically.
Bluetooth device A and B are now paired and able to exchange data

Bluetooth technology must be examined in two separate sections in order for you to understand the entire process of how the technology works and how it is used.
* The Bluetooth protocol defines how the wireless technology works, and
* The Bluetooth Profiles describe and organize how the technology is used.
Protocol:
Overview of the Bluetooth Protocol
The Bluetooth standard requires a basic level of communication between devices, so that they can connect to each other over the airwaves, at the correct frequencies, using the correct channels, and finding the correct destination(s). In order to create this basic level of communication, a specific protocol was created. The Bluetooth protocol establishes the set of rules by which all Bluetooth devices must abide in order to establish a connection to communicate with one another.
Protocol stack
Most protocols, Bluetooth’s included, are usually layered together into “protocol stacks”, and the various tasks are split up and assigned to the different layers of protocols in the stack.

Bluetooth Protocol Architecture
Bluetooth Protocol Stack
Here is an outline of the different levels in the Bluetooth protocol stack:
Radio Layer
When looking at the different layers of the Bluetooth protocol stack, you will always find the raio layer first. Everything in Bluetooth runs over the Radio Layer, which defines the requirements for a Bluetooth radio transceiver, which operates in the 2.4GHz band. The radio layer defines the sensitivity levels of the transceiver, establishes the requirements for using Spread-spectrum Frequency Hopping and classifies Bluetooth devices into three different power classes:
* Power Class 1 – long rang devices (100m),
* Power Class 2 – normal or standard range devices (10m), and
* Power Class 3 – short (10cm)-range operation
Baseband Layer
The next “floor” in the Bluetooth protocol stack is the Baseband Layer, which is the physical layer of the Bluetooth. It is used as a link controller, which works with the link manager to carry out routines like creating link connections with other devices. It controls device addressing, channel control (how devices find each other) through paging and inquiry methods, power-saving operations, and also flow control and synchronization among Bluetooth devices.
Link Manager Protocol (LMP)
A Bluetooth device’s Link Manager Protocol (LM) carries out link setup, authentication, link configuration and other protocols. It discovers other LMs within the area and communicates with them via the Link Manager Protocol (LMP).
Host Controller Interface (HCI)
Next in the protocol stack, above the LMP is the Host Controller Interface (HCI), which is there to allow command line access to the Baseband Layer and LMP for control and to receive status information. It’s made up of three parts: 1) The HCI firmware, which is part of the actual Bluetooth hardware, 2) The HCI driver, which is found in the software of the Bluetooth device, and 3) The Host Controller Transport Layer, which connects the firmware to the driver.
Logical Link Control and Adaptation Protocol (L2CAP)
Above the HCI level is the Logical Link Control and Adaptation Protocol (L2CAP), which provides data services to the upper level host protocols. The L2CAP plugs into the Baseband Layer and is located in the data link layer, rather than riding directly over LMP. It provides connection-oriented and connectionless data services to upper layer protocols.
RFCOMM
Above L2CAP, the RFCOMM protocol is what actually makes upper layer protocols think they’re communicating over a RS232 wired serial interface, so there’s no need for applications to know anything about Bluetooth.
Service Discovery Protocol (SDP)
Also relying on L2CAP is the Service Discovery Protocol (SDP). The SDP provides a way for applications to detect which services are available and to determine the characteristics of those services.

Bluetooth Profiles

Overview of Bluetooth Profiles
The Bluetooth SIG states, "Bluetooth profiles are general behaviors through which Bluetooth enabled devices communicate with other devices."
In order to connect to one another, devices that use Bluetooth technology must support and understand certain Bluetooth profiles. Bluetooth profiles define the possible applications and describe how Bluetooth technology is to be used for each specific device.
For example, the File Transfer profile is used to define how devices like a PDA will use Bluetooth Technology to transfer files to other devices like another PDA, cell phone, or computer.When a Bluetooth device is developed, the manufacturer assigns (In accordance with the Bluetooth SIG's requirements) specific Bluetooth profiles for that device to use in order to establish applications which will work with other Bluetooth devices.
In order for one Bluetooth device to connect to another, both devices must share at least one of the same Bluetooth profiles.
For example, if you want to use a Bluetooth headset with your Bluetooth enabled cell phone, both devices must use the Headset (HS) profile (Defines how headsets and cell phones use Bluetooth technology to connect to one another).
According to the Bluetooth SIG: At minimum, every Bluetooth profile includes information on the following issues:
* Dependencies on other profiles. * Recommended user interface formats. * Particular parts of the Bluetooth protocol stack used by the profile. To perform its functions, each profile uses particular options and parameters at each layer of the stack.

An Example of Bluetooth in Action
The Wireless Office
Imagine a modern day office with various hi-tech, yet common electronic devices.
The first thing an office should have are the basic essentials: a computer, keyboard, mouse, printer and phone. Next, lets say there is a Headset that works with the phone.
Now that we have all the basics, lets make this office a little more exciting by adding some fun "toys", like a PDA, digital camera and MP3 player.
By now you should have a pretty good picture of the office and the various devices in it.
Every device is connected, or is capable of being connected to at least one other device. For example, the keyboard and mouse have to connect to the computer and the PDA has the option to connect to the computer.
Just imagine if all these devices used cables to connect to one another. The office would have cables running everywhere and we'd be left with a big, tangled mess.
Now imagine all of these devices use Bluetooth technology to connect to one another instead. The result: no more cables and no more mess.
Suppose the Bluetooth enabled printer comes with a Bluetooth Computer Adapter that plugs into the computer's universal serial bus (USB) port. The company that manufactured the printer and computer adapter programmed each device with the same Bluetooth profiles.
Bluetooth profiles are used by devices to instruct them on how to use the Bluetooth technology
After the printer is turned on, it transmits a signal, which looks for a response from other Bluetooth enabled devices with the same profile(s). Since the USB adapter shares the same profile(s), it responds and a small network (AKA: Piconet) is created.
Since this piconet is established between devices with the same specific profiles, the signals sent by other devices with different profiles, like the headset, will be ignored. All the other Bluetooth devices in the room establish similar piconets that are all separated from one another based on the specific profile(s) they use.

Bluetooth Security
Bluetooth Technology Faces Security Threats
Today, all communication technologies are facing the issue of privacy and identity theft. Bluetooth technology is no exception. The information and data we share through these communication technologies is both private and in many cases, critically important to us.
Everyone knows that email services, company networks, and home networks all require security measures. What Bluetooth users need to realize, is: Bluetooth requires similar security measures.

The Bluetooth SIG Focuses on Security
The Bluetooth SIG is constantly improving formats for combating security threats associated with Bluetooth technology. Offering a secure method to wirelessly communicate has always been one of the key benefits of Bluetooth technology
In order to lead the security effort, a group of engineers within the Bluetooth SIG formed the Bluetooth Security Experts Group. As the Bluetooth Core Specification Versions continue to advance, the Bluetooth Security Experts Group is responsible for monitoring the advancement and testing for flaws in its security.
The Fundamentals of Bluetooth Security
One of the most basic levels of security for Bluetooth devices is the “pairing” process.
Pairing = Two or more Bluetooth devices recognize each other by the Bluetooth Profiles they share, and in most cases, both must enter the same PIN.
The Bluetooth core specifications use an encryption algorithm, which is entirely secure. Once Bluetooth devices pair with one another, they too are entirely secure.
.

How Developers Can Provide Security Companies who develop Bluetooth enabled products have multiple options in order to provide security. There are three security modes for connecting two Bluetooth devices: 1.Security Mode 1: non-secure 2. Security Mode 2: service level enforced security 3. Security Mode 3: link level enforced security It is the company who develops each specific Bluetooth product that decides which security modes to use. Also, the devices and services have different security levels as well.

What is Bluejacking?
Bluejacking allows phone users to send business cards anonymously to one another using Bluetooth technology. Bluejacking does NOT involve any altercations to your phone's data. These business cards usually consist of some clever message or joke. Bluejackers are simply looking for a reaction from the recipient. To ignore bluejackers, simply reject the business card, or if you want to avoid them entirely, set your phone to non-discoverable mode
What is Bluesnarfing?
Bluesnarfing refers to a hacker who has gained access to data, which is stored on a Bluetooth enabled phone. Bluesnarfing allows the hacker to make phone calls, send and receive text messages, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. The good news is, bluesnarfing requires advanced equipment and expertise or requires the hacker to be within a 30 ft. range. If your phone is in non-discoverable mode, it becomes significantly more difficult for hackers to bluesnarf your phone. According to the Bluetooth SIG, only some older Bluetooth enabled phones are vunerable to bluesnarfing.
What is Bluebugging?
Bluebugging refers to a skilled hacker who has accessed a cell phone's commands using Bluetooth technology without the owner's permission or knowledge. Bluebugging allows the hacker to make phone calls, send messages, read and write contacts and calendar events, eavesdrop on phone conversations, and connect to the Internet. Just like all Bluetooth attacks, the hacker must be within a 30 ft. range. Bluebugging and bluesnarfing are separate security issues, and phones that are vulnerable to one are not necessarily vulnerable to the other.

Bluetooth Specifications
Here Are a Few Specifications From the Bluetooth SIG (Special Interest Group):
Bluetooth devices in a piconet share a common communication data channel. The channel has a total capacity of 1 megabit per second (Mbps). Headers and handshaking information consume about 20 percent of this capacity.
In the United States and Europe, the frequency range is 2,400 to 2,483.5 MHz, with 79 1-MHz radio frequency (RF) channels. In practice, the range is 2,402 MHz to 2,480 MHz. In Japan, the frequency range is 2,472 to 2,497 MHz with 23 1-MHz RF channels.
A data channel hops randomly 1,600 times per second between the 79 (or 23) RF channels.
Each channel is divided into time slots 625 microseconds long.
A piconet has a master and up to seven slaves. The master transmits in even time slots, slaves in odd time slots.
Packets can be up to five time slots wide.
Data in a packet can be up to 2,745 bits in length.
There are currently two types of data transfer between devices: SCO (synchronous connection oriented) and ACL (asynchronous connectionless).
In a piconet, there can be up to three SCO links of 64,000 bits per second each. To avoid timing and collision problems, the SCO links use reserved slots set up by the master.
Masters can support up to three SCO links with one, two or three slaves.
Slots not reserved for SCO links can be used for ACL links.
One master and slave can have a single ACL link.
ACL is either point-to-point (master to one slave) or broadcast to all the slaves. ACL slaves can only transmit when requested by the master.

The Advantages of Bluetooth
Main Reasons to Use a Bluetooth Device:
1. Bluetooth Devices are Wireless.
2. Bluetooth Technology is Inexpensive.
3. Bluetooth is Automatic.
4. Standardized Protocol = Interoperability
5. Low Interference
6. Low Energy Consumption
7. Share Voice and Data
8. Instant Personal Area Network (PAN)
9. Upgradeable

Some of the devices using Bluetooth technology are

1.wireless audio devices
2.bluetooth car where the drivers can restricted to use their cell phones while driving.
3.cell phones using Bluetooth technology
4.bluetooth computer adapters and receivers
5.bluetooth gps receivers
6.bluetooth head sets

Conclusion:
In the future Bluetooth is likely to be standard in tens of millions of mobile phones, PCs laptops and a whole range of other electronic devices. As a result, the market is going to demand new innovative applications. Value-added services, end – to – end solutions, and much more. The possibilities opened up really are limitless and because the radio frequency used is globally available, Bluetooth can offer fast and secure access to wireless connectivity all over the world. With potential like that it is no wonder that Bluetooth is set to become the fastest adopted technology in history.
Reference:
www.bluetomorrow.com

Digital Signature

2008-02-09T20:22:00.000-08:00

Abstract

The concept of securing messages through cryptography has a long history. Throughout history, however, there has been one central problem limiting widespread use of cryptography. That problem is key management, the term key management refers to the secure administration of keys to provide them to users where and when they are required. To better understand how cryptography is used to secure electronic communications through Digital Signature.Digital signature is generally taken to be a 'subset' of electronic signatures.. A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged.
In this paper digital signature is used to mean a cryptographically based signature assurance scheme. A digital signature can be used with any kind of message, whether it is encrypted or not.Digital signatures, like physical signatures, can verify that a specific user affixed their signature to a document and they can also verify that the document is the same as when the user affixed the digital signature. Digital signature systems (DSS) use public key cryptography methods to create digital signatures. The integrity of the digital signature is tied to the security of the user's private key. As long as the user's private key is secure, then only the user can affix their digital signature to a document

Contents
Key terms
Overview of
-- Public Key Cryptography (PKC)
-- Digital Signature
Digital Signature Cryptography with No Real Math
Applications
Conclusion

Key Terms:
· Keys
· Key Ring
· Finger Print
· Key Certificate
Keys:
Private key - The private key is the portion of the key we use to actually sign a document. The private key is protected by a password.
Public key - The public key is the portion of the key that is available to other people who use to check your signature. A list of other people who have signed your key is also included with your public key. You will only be able to see their identify if you already have their public keys on your key ring.
Key Ring: A key ring contains public keys. You have a key ring that contains the keys of people who have sent you their keys or whose keys you have gotten from a public key server.
Finger Print: When confirming a key, you will actually be confirming the unique series of letters and numbers that comprise the fingerprint of the key.

The fingerprint is a different series of letters and numbers.
Key Certificate :When you select a key on a key ring, you will usually see the key certificate, which contains information about the key, such as the key owner, the date the key was created, and the date the key will expire.
Overview:
This section will provide a brief introduction to public key cryptography (PKC) and digital signatures.
Public Key Cryptography (PKC):The purpose of a digital signature is to provide a means for an entity to bind its identity to a piece of information. Digital signatures use PKC, which employs an algorithm using two different but mathematically related keys: one to create a digital signature and another to verify a digital signature.
Unlike conventional symmetric-key cryptography, which uses the same secret key for encryption and decryption, PKC uses a key pair, a private and a public key, for encryption and decryption operations (see Figure 1). The public key is freely available to anyone, but the private key is protected and never shared. Each key pair shares a mathematical relationship that ties the two keys exclusively to one another, and they are related to no other keys.
Figure 1: Public Key Cryptography
A cryptographic transformation encoded with one key can be reversed only with the other key. It is computationally not feasible to deduce the private key from the public key nor to deduce the public key from the private key. This defining nature of PKC enables the following:
Confidentiality. A message encrypted with a public key can only be decrypted with the corresponding private key.
Endpoint authentication. The recipient can determine the sender's identity.
Message integrity. The recipient can easily identify whether anything has tampered with the message content during transit.
Nonrepudiation. The sender cannot deny sending the message or committed actions.

Digital Signature Protocol
Digital signatures are important because they provide end-to-end message integrity guarantees, and can also provide authentication information about the originator of a message. In order to be most effective, the signature must be part of the application data, so that it is generated at the time the message is created, and it can be verified at the time the message is ultimately consumed and processed.
As an analogy, consider a conventional letter. If I'm sending a check to my phone company, I sign the check—the message—and put it in an envelope to get privacy and delivery. Upon receipt of the mail, the phone company removes the envelope, throws it away, and then processes the check. I could make my message be part of the envelope, such as by gluing the payment to a postcard and mailing that, but that would be foolish.
PKC enables electronic messages with a mechanism analogous to signatures in the paper world, known as a digital signature. However, a digital signature verifies the authenticity of electronic documents and provides stronger security than do signatures on paper documents.
As Figure 2 shows, in order to create a digital signature, the sender first generates a small unique thumbprint of the document, called a hash or digest. Even a very minor change to the original document will cause the hash value to change. By comparing the hash that was received with the hash calculated from the received document, the recipient can verify whether the document was altered.

The hash of the document signed or encrypted with the sender's private key acts as a digital signature for that document and can be transmitted openly along with the document to the recipient. The recipient will be able to verify or decrypt the signature (see Figure 3) by taking a hash of the message and verifying it with the signature that accompanied the message and the sender's public key.
Figure 3: Digital Signature Verification
The digital signature protocol helps to ensures the following:
The signature is authentic. When the receiver verifies the message with the sender's public key, the receiver knows that the sender signed it.
The signature cannot be forged. Only the sender knows his or her private key.
The signature is not reusable. The signature is a function of the document and cannot be transferred to any other document.
The signed document is unalterable. If there is any alteration to the document, the signature verification will fail at the receiver's end because the hash value will be recomputed and will differ from the original hash value.
The signature cannot be repudiated. The sender cannot deny previous committed actions, and the receiver does not need the sender's help to verify the sender's signature.

Digital Signature Cryptography with No Real Math
Before we can really understand XML DSIG, we need to have an understanding of some basic cryptography.
A digital signature provides an integrity check on some content. If a single byte of the original content has been modified—an extra zero added to a price, a "2" changed to a "4", or a "No" to a "Yes"', and so on—then the signature will fail to verify. Here's how it works.
The first step is to ''hash'' the message. A cryptographic hash takes an arbitrary stream of bytes and converts it to a single fixed-size value known as a digest. A digest is a one-way process: it's ''computationally infeasible'' to recreate a message from the hash, or to find two different messages which produce the same digest value.
The most common hash mechanism is SHA1, the Secure Hash Algorithm. SHA1 takes any message up to 2**64 bytes in length and produces a 20-byte result.
So if I generate a message M, and create a digest, (written as H(M), for "the hash of M"), and you receive M and H(M), you can create your own digest H'(M), and if the two digest values match, we know that you got what I sent. To protect M against modification, I only need to protect H(M) from being modified. How do we do that? There are two common approaches. The first is to mix a shared secret into the digest. In other words, create H(S+M). When you get the message, you use your own copy of S to create H'(S+M). This new digest is called an HMAC, or Hashed Messsage Authentication Code.
When we use an HMAC, the strength of the integrity protection depends on the (in)ability of the attacker to figure out S. Therefore, S should be something not easily guessed, and something that should be changed often. One of the best ways to meet these requirements is to use Kerberos. In Kerberos, a central authority distributes "tickets" that contain a temporary session key whenever two entities want to communicate. This session key is used as the shared secret. When I want to send you a signature, I get a ticket to talk to you. I open my part of the ticket to get S, and I send you the message, its HMAC, and your part of the ticket. You open the ticket and get S and information about my identity. You can now take the message, M, generate your own H'(S+M), and see if they match. If they do match, you know that you received my message intact, and Kerberos told you who I am.
Another method to protect the digest is to use public-key cryptography, such as RSA. In public-key cryptography, there are two keys, a private key, known only to the holder, and a public key, accessible to anyone who wants to communicate with the key holder. In public-key cryptography, anything encrypted with the private key can be decrypted with the public key, and vice versa.
Let's look at a simple example that demonstrates how public-key cryptography works. In this example, we'll limit our messages to the letters a through z, and assign them the values one through 26. To encrypt, we'll add the value of the private key; in this case it's +4:Letter h e l l o
Numeric Value 8 5 12 12 15
Private Key 4 4 4 4 4
Encrypted Value 12 9 16 16 19
To decrypt, we add the public key, which will be +22; if the result is outside the number range, we add or subtract 26 until it's valid. E
Encrypted Value 12 9 16 16 19
Public Key 22 22 22 22 22
Raw decrypted value 34 31 38 38 41
Normalized value 8 5 12 12 15
Plaintext h e l l o
RSA works the same way, except that instead of addition we use exponentiation and the numbers are hundreds of digits long.
Using RSA, I generate a digest, H(M), and encrypt it with my private key, {H(M)}private-key, which is the signature. When you receive the message, M, you generate the digest, H'(M), and decrypt the signature using my public key, getting the H(M) that I generated. If H(M) and H'(M) are the same, then we know that M is the same. Further, you know that whoever has the private key—that is, me—is the sender of the message.

How It Works???
Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you.
1.You copy-and-paste the contract (it's a short one!) into an e-mail note.
2.Using special software, you obtain a message hash (mathematical summary) of the contract.
3.You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash.
4.The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.).
At the other end, your lawyer receives the message.
1.To make sure it's intact and from you, your lawyer makes a hash of the received message.
2.Your lawyer then uses your public key to decrypt the message hash or summary.
3.If the hashes match, the received message is valid

There are three common reasons for applying a digital signature to communications: -
Authentication:Public-key cryptosystems allow encryption of a message with a user's private key. The message itself need not be sent in cipher text. If a hash of the document is generated and then protected via encryption, the document cannot be altered in any way without changing the hash to match, which, if quality algorithms are properly used, will be quite difficult. By decrypting the hash using the sender's public key, and checking the result against a newly generated hash of the alleged plaintext, the recipient can confirm (with high confidence) that the encryption was done with the sender's private key (and so presumably by the user who should have been the only person able to use that key), and that the message hasn't been altered since it was signed. No recipient can ever be absolutely certain the purported sender is indeed the signer -- i.e., the person who used the private key -- since the cryptosystem might have been broken, the key copied, or the whole scheme evaded using social engineering.
The importance of high confidence in both the message integrity and sender authenticity is especially obvious in a financial context.
Integrity:Both parties will always wish to be confident that a message has not been altered during transmission. Encryption of the message makes it difficult for a third party to read it, but that third party may still be able to alter it, perhaps maliciously, without actually reading it. An example is the homomorphism attack: consider a bank which sends instructions from branch offices to the central office in the form (a, b) where a is the account number and b is the amount to be credited to the account. A devious customer may deposit £100, intercept the resulting transmission and then transmit (a, b3) to become an instant millionaire.
Non-repudiation:In a cryptographic context, the word repudiation refers to the act of disclaiming responsibility for a message (i.e., claiming it was sent by some third party, certainly not me; "I repudiate this message and its contents!"). A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party (e.g., a court) to reinforce a claim as to its origin. However, loss of control over a user's private key will mean that all digital signatures using that key, and so 'from' that user, are suspect.

Digital Signature Applications for E-Government:
The increasing opportunities created by innovative systems and programming techniques have given rise to a new kind of application scenario, commonly referred to as electronic government. The digital signature is a technology that enables safe and legally binding transactions based on networked communication and the exchange of electronic documents. To explore possible application areas and the potential of this technology requires the modeling of processes, focusing, among other things, on administrative matters, their interlinking and interaction with other applications.
Application Development Trends In E-Business:
Applications of digital signature technology are on the rise because of legal and technological developments, along with strong market demand for secured transactions on the Internet. In order to predict the future demand for digital signature products and online security, it is important to understand the application development trends in digital signature technology. These developments promise to provide a robust security infrastructure for online businesses, which may promote e-business further in the future.

Conclusion:
Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.

Reference:
· Digital Signature: Network Security Practices
by Kailash N. Gupta, Kamlesh N. Agarwala, Prateek A. Agarwala - 2005
· Handbook of Applied Cryptography - Page 426
by Alfred J. Menezes, Oorschot, Paul C. Van, Scott A. Vanstone - 1996
· R. Rivest, A. Shamir, L. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, Vol. 21 (2), pp.120–126. 1978.
· www.youdzone.com/signature.html

Blue Eyes Technology

2008-02-09T20:21:00.000-08:00

ABSTRACT:
Is it possible to create a computer which can interact with us as we interact each other? For example imagine in a fine morning you walk on to your computer room and switch on your computer, and then it tells you “Hey friend, good morning you seem to be a bad mood today. And then it opens your mailbox and shows you some of the mails and tries to cheer you. It seems to be a fiction, but it will be the life lead by “BLUE EYES” in the very near future. The basic idea behind this technology is to give the computer the human power. We all have some perceptual abilities. That is we can understand each others feelings. For example we can understand ones emotional state by analyzing his facial expression. If we add these perceptual abilities of human to computers would enable computers to work together with human beings as intimate partners. The “BLUE EYES” technology aims at creating computational machines that have perceptual and sensory ability like those of human beings.

How can we make computers "see" and "feel"?
Blue Eyes uses sensing technology to identify a user's actions and to extract key information. This information is then analyzed to determine the user's physical, emotional, or informational state, which in turn can be used to help make the user more productive by performing expected actions or by providing expected information. For example, in future a Blue Eyes-enabled television could become active when the user makes eye contact, at which point the user could then tell the television to "turn on". This paper is about the hardware, software, benefits and interconnection of various parts involved in the “blue eye” technology.

INTRODUCTION:
Animal survival depends on highly developed sensory abilities. Likewise, human cognition depends on highly developed abilities to perceive, integrate, and interpret visual, auditory, and touch information. Without a doubt, computers would be much more
powerful if they had even a small fraction of the perceptual ability of animals or humans. Adding such perceptual abilities to computers would enable computers and humans to work together more as partners. Toward this end, the Blue Eyes aims at creating computational devices with the sort of perceptual abilities that people take for granted Blue eyes is being developed by the team of Poznan University of Technology& Microsoft. It makes use of the “blue tooth technology “developed by Ericsson.

PARTS OF A BLUE EYE SYSTEM :
The major parts in the Blue eye system are Data Acquisition Unit and Central System Unit. The tasks of the mobile Data Acquisition Unit are to maintain Bluetooth connections, to get information from the sensor and sending it over the wireless connection, to deliver the alarm messages sent from the Central System Unit to the operator and handle personalized ID cards. Central System Unit maintains the other side of the Blue tooth connection, buffers incoming sensor data, performs on-line data analysis, records the conclusions for further exploration and provides visualization interface.

THE HARDWARE:
Data Acquisition Unit
Data Acquisition Unit is a mobile part of the Blue eyes system. Its main task is to fetch the physiological data from the sensor and to send it to the central system to be processed. To accomplish the task the device must manage wireless Bluetooth connections (connection establishment, authentication and termination). Personal ID cards and PIN codes provide operator's authorization.
Figure Showing Jazz-multi Sensor

Communication with the operator is carried on using a simple 5-key keyboard, a small LCD display and a beeper. When an exceptional situation is detected the device uses them to notify the operator. Voice data is transferred using a small headset, interfaced to the DAU with standard mini-jack plugs.

The Data Acquisition Unit
The Data Acquisition unit comprises several hardware modules figure showing data
acquisition unit
· Atmel 89C52 microcontroller - system core
· Bluetooth module (based on ROK101008)
· HD44780 - small LCD display
· 24C16 - I2C EEPROM (on a removable ID card)

Block Diagram of Data Acquisition Unit:

· MC145483 – 13bit PCM codec
· Jazz Multisensor interface
· beeper and LED indicators, 6 AA batteries and voltage level monitor

CENTRAL SYSTEM UNIT :
Central System Unit hardware is the second peer of the wireless connection. The box contains a Bluetooth module (based on ROK101008) and a PCM codec for voice data transmission. The module is interfaced to a PC using a parallel, serial and USB cable.
The audio data is accessible through standard mini-jack sockets over view of central system unit To program operator's personal ID cards we developed a simple programming device. The programmer is interfaced to a PC using serial and PS/2 (power source) ports. Inside, there is Atmel 89C2051 microcontroller, which handles UART transmission and I2C EEPROM (ID card) programming.

THE SOFTWARE:
Blue Eyes software's main task is to look after working operators' physiological condition. To assure instant reaction on the operators' condition change the software performs real time buffering of the incoming data, real-time physiological data analysis and alarm triggering.
The Blue Eyes software comprises several functional modules System core facilitates the
transfers flow between other system modules (e.g. transfers raw data from the Connection Manager to data analyzers, processed data from the data analyzers to GUI controls, other data analyzers, data logger etc.).

The System Core fundamental are single-producer-multi-consumer thread safe queues. Any number of consumers can register to receive the data supplied by a producer. Every single consumer can register at any number of producers, receiving therefore different types of data.
Naturally, every consumer may be a producer for other consumers. This approach enables high system scalability – new data processing modules (i.e. filters, data analyzers and loggers) can be easily added by simply registering as a costumer

.
Connection Manager is responsible for managing the wireless communication between the mobile Data Acquisition Unit the central system. The Connection Manager handles:
· communication with the CSU hardware
· searching for new devices in the covered range
· establishing Bluetooth connections
· connection authentication
· incoming data buffering
· sending alerts
Data Analysis module performs the analysis of the raw sensor data in order to obtain information about the operator’s physiological condition. The separately running Data Analysis module supervises each of the working operators.
The module consists of a number of smaller analyzers extracting different types of information. Each of the analyzers registers at the appropriate Operator Manager or another analyzer as a data consumer and, acting as a producer, provides the results of the analysis. The most important analyzers are:
· saccade detector - monitors eye movements in order to determine the level of operator's visual attention
· pulse rate analyzer - uses blood oxygenation signal to compute operator's pulse rate
· custom analyzers – recognize other behaviors than those which are built-in the system. The new modules are created using C4.5 decision tree induction algorithm

Visualization module provides a user interface for the supervisors. It enables them to watch each of the working operator’s physiological condition along with a preview of selected video source and related sound stream. All the incoming alarm messages are instantly signaled to the supervisor.
The Visualization module can be set in an off-line mode, where all the data is fetched from the database.
Watching all the recorded physiological parameters, alarms, video and audio data the supervisor is able to reconstruct the course of the selected operator’s duty.
The physiological data is presented using a set of custom-built GUI controls:
· a pie-chart used to present a percentage of time the operator was actively acquiring the visual information
· A VU-meter showing the present value of a parameter time series displaying a history of selected parameters' value.

BLUE-EYES BENEFITS:
Prevention from dangerous incidents Minimization of ecological consequences financial loss a threat to a human life Blue Eyes system provides technical means for monitoring and recording human-operator's physiological condition. The key features of the system are:
· visual attention monitoring (eye motility analysis)
· physiological condition monitoring (pulse rate, blood oxygenation)
· operator's position detection (standing, lying)
· wireless data acquisition using Blue tooth technology
· real-time user-defined alarm triggering
· physiological data, operator's voice and overall view of the control room recording
· recorded data playback
Blue Eyes system can be applied in every working environment requiring permanent operator's attention:
· at power plant control rooms
· at captain bridges
· at flight control centers

CONCLUSION:
In future it is possible to create a computer which can interact with us as we interact each other with the use of blue eye technology. It seems to be a fiction, but it will be the life lead by “BLUE EYES” in the very near future. ordinary household devices -- such as televisions, refrigerators, and ovens -- may be able to do their jobs when we look at them and speak to them.

Steganography

2008-02-09T20:19:00.000-08:00

ABSTRACT

Steganography, literally meaning “secret writing”, involves hiding a data file in another innocuous-looking file. From the time of Herodotus in Greece, to the defense mechanisms of today, steganography has been used to deny one’s adversaries the knowledge of message traffic.

Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message; this is in contrast to cryptography, where the existence of the message is clear, but the meaning is obscured. hence, it is said to be the advanced cryptography.

The advantage of steganography is that it can be used to secretly transmit messages without the fact of the transmission being discovered. Using encryption can identify the sender and the receiver. Thus, steganography has a double layer of protection: first, the file itself is hidden and second, the data in it is encrypted. A person, group, or company can have a web page containing secret information meant for another.

In this paper, a detailed analysis of steganography is made. The history of steganography is briefly dealt with. How steganography works is examined, keeping in mind Bender’s specifications. Data hiding is implemented in two different media; audio and image files. Each offers challenges and solutions to these challenges are analyzed. The main characteristics of steganographic software are discussed, together with the various forms of steganographic methods. Steganalysis, the science of detecting steganography is touched upon. The weaknesses of steganography are also described, together with measures for improvement. The paper concludes by taking a look at the potential of steganography and the changes it can bring about as the future of network security.

WHAT IS STEGANOGRAPHY?
The word Steganography comes from the Greek name “stegnos” (hidden or secret) and “graphy” (writing or drawing) and literally means hidden writing. Steganography uses techniques to communicate information in a way that is hidden.
Steganography is the dark cousin of cryptography, the use of codes. While cryptography provides privacy, steganography is intended to provide secrecy. Privacy is what you need when you use your credit card on the Internet -- you don't want your number revealed to the public. For this, you use cryptography, and send a coded pile of gibberish that only the web site can decipher. Though your code may be unbreakable, any hacker can look and see you've sent a message. For true secrecy, you don't want anyone to know you're sending a message at all. For this, you use Steganography.
The most common use of Steganography is hiding information, image or sound within the information of another file by using a stegokey such as password is additional information to further conceal a message.

STEGANOGRAPHY AND CRYPTOGRAPHY:
Cryptography provides confidentiality of the message but not secrecy. In other words, the encoded message can be seen but cannot be understood. The message has a “key”, which is the only way it can be decrypted. If the message is being passed through human spies, the chances of the key falling into enemy hands is very high once suspicion has been aroused.
However, with steganography, since the message is hidden, we cannot know that a secret message even exists. The container file holds the secret message. Everyone can and will see the container file, but no one can make out that a message is hidden beneath it. If the message is passed either through human spies or through digital means, the code cannot be found without a passphrase, which only the sender and receiver have. Steganography can augment cryptography by obscuring communication and preventing the enemy from knowing a communication is being sent. Steganography should not be considered as a replacement for cryptography. The two mutually complement and complete each other.

HISTORY OF STEGANOGRAPHY:
Steganography has a long and colourful history. The idea behind steganography is pretty ancient, but it has been given a new lease of life with the advent of computers. Steganography has been widely used in historical times, especially before cryptographic systems were developed. Examples of historical usage include:
Hidden messages in wax tablets, on messenger's body: also in ancient Greece. Herodotus tells the story of a message tattooed on a slave's shaved head, hidden by the growth of his hair, and exposed by shaving his head again. Hidden messages on paper written in secret inks under other messages or on the blank parts of other messages. Later, steganography was used in various forms, until as recently as World War II. The Germans invented the “microdot”, which was a photograph the size of a dot, but with the clarity of fully type-written text. It could hold a large amount of information.
Other private codes used invisible ink. This would dry up after the message was written and would not be visible until it was exposed to heat. With the Computer age, steganography has been given a marvelous boost. Old methods like hiding data in images have been digitized and modernized through the computer.

¨ Protection Against Detection:
Most of steganography is used in protection against detection. This can be done by hiding info in user data or volatile data. The latter model is called data hiding in network model architecture. For example, in the OSI reference model, data is sent through packets. Covert channels can be established using the control data to send info that is hidden. At the receiver, the information is stripped off. Information files stay on the hard drive unless specifically deleted.

¨ Watermarking:
Steganography can be used to place a hidden trademark in music, images and software using a technique called “watermarking”. Watermarking techniques are more integrated into the image, so they can be applied without fear of destruction due to lossy compression. Watermarking extends image information and becomes an attribute of the cover information, providing copyright details.

.
A watermarked picture

Steganography is used to conceal files in various forms of data. This is done in three different media: text, images and audio signals. Steganography can and is being used widely in these media.
IMAGE STEGANOGRAPHY:
Image steganography has truly advanced with the invention of fast, powerful computers. Software is easily available for processing and hiding of data images. Images can also be retrieved very easily. Least Significant Bit Insertion is the most well-known image steganography technique. It is simple, easy to create and also easy to apply.

1. Image without embedded picture 2. Image with embedded steganographic picture.

Embedded picture in image 2

Embedded Map In The Image
Masking and filtering hide information by marking an image in a manner similar to paper watermarks. By masking a faint image with another in order to make the first non-perceptible, we exploit the fact that the human eye cannot detect faint changes in a visual image. Masking techniques are more suitable for use in lossy JPEG images than in LSB insertion because of their relative immunity to compression and cropping.

STEGANOGRAPHY IN AUDIO:
This is a very risky and challenging approach, as the human auditory system can detect even very minor changes in sound in a wide range. Random noise can be sensed easily. The four primary methods are:
¨ Low-bit encoding: Binary data can be stored in the Least Significant Bits of the sound files (similar to the image files). For example, channel capacity is 1kb per second per Hz. Therefore, if we have 8kHz sequence, the capacity is 8kbps.
¨ Phase coding: This works by substituting the phase of an audio segment with a reference phase that represents data.
¨ Spread spectrum: The encoded data is spread as much as possible over the frequency spectrum. In Direct Sequence Spread Spectrum, the signal is spread by multiplying it by a certain maximal length pseudorandom sequence, called a chip.
¨ Echo data hiding: Echo data hiding embeds data into a signal by using an echo. The data is hidden by varying three parameters of the echo: initial amplitude, decay rate and offset or delay.

CHARACTERISTICS OF STEGANOGRAPHIC SOFTWARE:
Steganographic software enables information to be hidden in graphic, sound and apparently blank media. Examples include data sent through images and pictures. Image steganography is most effectively handled by JPEG software. JPEG uses lossy encoding to compress its data. JFIF files are used for output. JFIF consist of both lossy and lossless stages. The information to be passed is hidden between these stages. File compression in JPEG is its greatest advantage. Large images in unlimited colours can be stored in relatively small files. Another example could involve data sent through sound or audio files. Various steganographic software packages available in the market are very recent and include Hide-&-Seek, StegosDos, White Noise, etc. in all versions; the messages are encrypted before being embedded, in order to provide an increased layer of protection.
FORMS OF STEGANOGRAPHY:
Many forms of steganography were devised and implemented. This includes methods like blindside, S-Mail and Scramdisk.
¨ Blindside: This is an application of steganography that allows one to conceal a file or a set of files within a standard computer image. This involves some very easy steps to store the data file. Encrypted passwords are used for authorization to access data.
¨ S-Mail: This encrypts any data in a very difficult-to-decrypt kind of way and then hides it in EXE or DLL files. The EXE file is then sent through the internet, via e-mail, to the recipient.
¨ Scramdisk: this allows the creation and use of a virtual encrypted data drive. On an existing hard drive, first an encrypted password is entered and data files are stored in the virtual drive. The recipient needs to first access the hard drive with the correct passphrase, without which the drive is inaccessible, and then the data can be extracted.

STEGANALYSIS:
This is the science of detecting hidden messages. A rising field today, it aims to discover and render useless all covert messages. A public watermark detector has been developed as an oracle to estimate a secret spread watermark. The image is first degraded and then random signals are added to completely wash out the watermark. Steganalysis is getting more and more advanced, in an effort to combat steganography.

WEAKNESSES OF STEGANOGRAPHY:
Ø Steganography is not without its disadvantages. However, these can be corrected and once implemented; it can strengthen the core of steganography.
Ø Most data hiding methods take advantage of human perceptual weaknesses, but they have weaknesses of their own. However, these can be individually rectified.
Ø One major drawback of steganography is that, unlike cryptography, it requires a lot of overhead to hide relatively few bits of data. However, it fares no worse than cryptography and is still the preferred medium.

Steganography was in the news lately, as an advanced means of secret communication. It has its obvious advantages, as an almost unbreakable system, and is complemented by cryptography. It can slip important communication without anyone knowing. Soon, we can have artists, musicians and authors using steganography to fight piracy. It can be used to track infringement of copyrights in a digital medium and can work wonders on the internet.

Steganography, if fallen into wrong hands, can create tremendous damage. It was in the news lately, as being the form by which Osama Bin Laden communicated with his associates, via Al-Jazeera television images. The US government recently released a public statement, declaring that “terrorist organizations are hiding maps, photographs of their targets and instructions for terrorist activities on chat rooms, bulletin boards and other websites using steganography”. The famous copyright infringement case against Napster, the online music website, was filed after using steganographic methods.

Currently in the news, steganography is finding increasing uses. It can be used to protect copyrights, prevent piracy and work in the transfer of top-secret data from place to place. Once its relatively minor disadvantages are rectified, steganography will be found to have amazing potential in the days to come.

REFERENCES:
[1]. Neil F Johnson, “Steganography”.
[2]. William Stallings, “Network and Interwork Security”.

Wireless Fidelity (WiFi) technology.

2008-02-09T20:16:00.000-08:00

ABSTRACT

The internet has been around for many years. When it first came about, people were used to using the big, old clunky computers with the forever slow dial up internet connection process. Many years have passed and new technology has made amazing things possible, especially the new Wireless Fidelity (WiFi) technology. The technology is used on everything from your typical laptop, to a next generation cell phone, enabling anyone who wishes to connect to the internet or a network they belong to at their own discretion, anywhere they are. In essence, one may see the world, from wherever they are

People may connect to a wireless network, and talk to the entire world.If you are using mostly desktop computers, a wired network may work fine. However, for mobility, modifications and growth (especially if you are running a small business), WiFi provides the best answer because it enables you to move the computers anywhere in the building where they can connect to the wireless network

Today's workforce, equipped with PDAs, laptops and other mobile devices, demand access to your network from wherever they are, without the hassle of a fixed network. WiFi allows your business to deploy a network more quickly, at lower cost, and with greater flexibility than a wired system. In this presentation we just give you a brief idea of what exactly is WiFi (wireless fidelity) technology, working of WiFi, its different types, its uses in various fields, and its future to what extent it is going to improve further.

Wireless Fidelity, the wave of the future. From cell phones to computers, its uses are endless

Wireless broadband can deliver fast Internet access by using radio waves instead of cables or wires. . If you or your company move to a new location, you don't need to leave your cables, cable drops and other network investments behind. The entire wireless network comes with you and takes only moments to set up in a new location.
Wireless Internet connections come in two forms.
WiFi (Wireless Fidelity) or 802.11

WiFi (Wireless Fidelity) is the latest data transmission technology using radiofrequency energy, which allows the user to enjoy wireless broadband Internet access. WiFi allows both companies and individuals alike to enter the world of high-speed, wireless Internet access, thus optimizing connection costs and generating sales through flexibility. Using laptops, desktops or PDAs, users can read their e-mail, access their corporate network, or simply browse the Internet without wires -provided that their devices feature WiFi technology - by means of special processors, PCMCIA WiFi cards or WiFi adaptors.
WiFi is designed for communication between devices such as computers, printers and scanners. It is typically used to set up private wireless networks in a home or office, allowing you to move your PC or laptop while still having access to the Internet and to your printer and other devices. WiFi has a range of about 90m. WiFi is also being used to provide public high speed Internet access in locations such as cafes, hotels and airport lounges, providing Internet access to users who are away from their normal place of work.

WiFi is a form of WLAN (wireless local area network) technology. Its radius is typically a few hundred feet, but may be cut down depending on interference (from walls, etc.). The standards of WiFi are called 802.11b, 802.11a, 802.11g, and the most recent is called A+G, which uses a combination of the 802.11a and 802.11g standards. When using the wireless internet through WiFi, you will get fast data speeds up to 11Mbps with 802.11b and up to 54Mbps for the 802.11a and 802.11g.

WiFi is the popular protocol that allows users to connect to a computer network wirelessly.WiFi, or its technical name, 802.11b, uses an unlicensed high-radio frequency to communicate with a computer network. This means that anyone has the right to broadcast in this unlicensed 2.1 GHz spectrum. Though not as fast as hardwired connections, WiFi reaches up to 11mbs-plenty of bandwidth for surfing the Internet or sharing files.

Of course, there are issues with WiFi. One is that there are different standards of WiFi. WiFi5, also known as 802.11a, uses a higher frequency than regular WiFi, and is able to transmit about 5 times as much data. Because of this greater data rate, businesses are more apt to use 801.11a for their wireless infrastructure. As the two technologies run at different frequencies, they do not interfere with each other's signal. However that also means that they are incompatible. That's where 802.11g fills in. 802.11g, which has no "WiFi" designation yet, runs at the same frequency as 802.11b, but provides the speed of 802.11a. That said, 802.11g can provide 55mbs and still is compatible with the existing WiFi networks-which are the most prevalent.

Another issue with WiFi is that it is easily interceptable-meaning, someone with a wireless computer notebook were to travel around a city, he would likely be able to see a number of open networks to which he could connect. The act of driving around with a wireless computer and an antenna to record all the wireless networks in an area is called "war driving." Of course, security becomes an issue with an open network, and there are protocols to protect ones wireless network.

Wireless technology can be disruptive as a new channel as well as can add value to existing channels by enabling both low cost access and growth in reach. WiFi, wireless Local Area Networks (LANs) over 802.11 networks, are a low-cost, relatively simple way to gain high-speed access to the Internet. WiFi hotspots—WiFi is one of the few bright spots on the technology landscape, the one that ought to have the telecommunications industry on its feet by sheer size of opportunity it points toward.

WiFi connects you to others and to the Internet without the restriction of wires, cables or fixed connections. WiFi gives you freedom to change locations — and to have full access to your files, office and network connections wherever you are. And WiFi can do this better than other technologies used to set up a home or SOHO (small office — home office) network. In addition WiFi will easily extend an established wired network.

How Does Wi-Fi Compare to Other Networking Methods?

No other networking technology used to set up a small home or SOHO network provides the convenience or mobility of a WiFi network. That's because other methods, including standard wired Ethernet networks and phone line- and power line-based networks, all require a connection via wire or cable. WiFi uses radio waves that travel through walls and floors and connect you anywhere, indoors or out. Networks based on phone lines, also called HomePNA, must have a phone jack close to the computer or peripheral that is to be networked with the rest of your system. Unfortunately, most homes have only two or three phone outlets — or even just one! — And these outlets may not be where you want to put your computer, printer or other device. You may have problems with this type of network based on the quality of your phone line installation and especially if you have numerous phone devices plugged into each wall jack. Networks based on power lines, also called Home Plug, have location problems, too.

Of course, there are many more power outlets in a home than there are phone plugs, but power plugs may not be where you need them when you need them, especially outdoors. Power line networks are often more expensive than WiFi based equipment. Power line networks can experience interference from transformers, large appliances, power strips, surge protectors and even common "wall warts" (DV power supplies). In addition, apartments and condominiums that share power lines may also inadvertently share access to confidential files and information on the computers that are attached to the power line network — even if users think they've established tight security protections Neither power line - nor phone line-based networks provide true mobility or portability. These technologies don't allow you to just pick up your laptop or PDA and go anywhere in your home or small office and begin working or continue working in another location without losing contact with your network. Working outside on your patio or next to the pool is impossibility. And since power-line — and phone line-based networks aren't available at "Hotspots" (e.g., airports, hotels and cafes), localized access networks or at the office, they can't be used when traveling or working in a corporate office.

Is a Wired, Wireless or Wireless/Wired Network Best For You?

If you are using mostly desktop computers, a wired network may work fine. However, for mobility, modifications and growth (especially if you are running a small business), WiFi provides the best answer because it enables you to move the computers anywhere in the building where they can connect to the wireless network. If you or your company moves to a new location, you don't need to leave your cables, cable drops and other network investments behind. The entire wireless network comes with you and takes only moments to set up in a new location. Obviously if you are using laptop computers and/or other kinds of mobile computing devices.

WiFi is the only answer for both home and business. If you already have a functioning wired network, it's easy to just keep it in place and add wireless components to extend your network's reach and give users more flexibility and convenience. Many home and SOHO access points and gateways allow you to easily connect to both wired and wireless equipment through their installed Ethernet ports. To see the variety of ways you can hook up a home or small office to create a wireless or combined wired/wireless network, go to SOHO — Small Office — Home Office Networking Configurations Corporations frequently extend their wired networks with WiFi networks. They connect wireless access points to their network backbone to provide Internet and network access in meeting rooms, lobbies, cafeterias and other common areas.

Companies also add wireless access points in their general office space to make it easy for staff to meet informally. For example, someone from marketing can carry his or her laptop to the sales manager's office two floors up and, via the wireless network there, make a presentation on the spot using their laptop. When employees are mobile, as in a large warehouse or shipping center, WiFi networks can easily cover the entire area: staff can operate anywhere in the building, not just at predetermined desktops and workstations.

WiFi is meeting a long overdue demand in the office environment where cabling and re-cabling to accommodate shifting seating arrangements or company growth is not only inconvenient but expensive. Initially installing a WiFi network in an office building or warehouse was a complex business, possibly requiring software development to integrate with existing technology and testing and site surveys to ensure optimal coverage.

WiFi is only one of many types of services that can be described by the term 'wireless networking.' Don't confuse WiFi with Wireless in general. You would use wireless LAN technology to provide access to shared resources in a small geographic area, like a warehouse, an office space full of cubicles, or a home. You might want to share your printer, a digital camera or connections to the Internet with more than one computer. A wireless LAN does not replace your connection to the Internet, just the wires in your house. This becomes more important as you add network enabled devices such as MP3 and video that might be stored on a computer somewhere in your house and played back on your A/V system.

Why adopt WiFi?

Today's workforce, equipped with PDAs, laptops and other mobile devices, demand access to your network from wherever they are, without the hassle of a fixed network. WiFi allows your business to deploy a network more quickly, at lower cost, and with greater flexibility than a wired system.

Productivity increases too, since workers can stay connected longer, and are able to collaborate with their co-workers as and where needed. WiFi networks are more fluid than wired networks. A network is no longer a fixed thing, networks can be created and ripped down in an afternoon instead of the days or weeks required to create a structured cable network.

Architecture
Wireless cards can operate in two modes,
Infrastructure and Ad-hoc.

Infrastructure mode: Most business systems use wireless in Infrastructure mode. This means that devices communicate with an access point. Typically the access point also has a connection to the company wired network, allowing user’s access to servers and files as if they were physically attached to the LAN.

Ad-hoc mode: Ad-hoc connections are direct connections between wireless cards. This type of connection is more common amongst home users, but if used by business users could have serious management and security implications.

Different Types of WiFi

· IrDA
· HomeRF (Swap)
· Bluetooth
· WECE(WiFi)
IrDA: IrDA stands for Infrared Data Association. This technology is the bases for communicating using direct infrared light. It is only good for short distances and requires no interfering object with the light beam. It is capable of transferring 4 megabits per second. HomeRF and Swap : This type is basically based on the digital enhanced cordless telecommunications standard and the 802.11 wireless - Ethernet specifications. A system or a swap system can transmit up to 1 Mbps while making 50 hops per second. Bluetooth : Bluetooth basically is the way that any electronic component to connect itself to a wireless network. The advantages of this type of WIFI are short and sweet ; it's wireless, cheap and can connect on it's own with no help from the user.
WECA & WiFi : WECE & WiFi type just means there is a "seal of approval" stating that a certain wireless product is usable with the IEEE 802.11 specification. This system can transfer data or information at a very fast rate, even up to 11 Mbps.
WORKING OF WIFI SYSTEM

WiFi operates using a credit-card sized wireless PC card, which plugs into your computer and communicates over the airwaves with a local access point. From there information is transmitted via a cable or ADSL link to your Internet service provider.

The above image is a wireless network card shown with antenna

WiFi LAN technology can be described simply by saying that it is the sending of a radio signal, and receiving that signal with a antenna, transforming it into a understandable media. WiFi radios work in the same way as a walkie-talkie almost, yet it has slight differences. They have the ability to convert radio signals into one’s and zero’s, and vice versa. The main advantage of a WiFi radio however is its ability to hop frequencies. A radio may transmit on more than one band, and can split it’s bandwidth between many frequencies. This allows for less of a chance of interference. For computers, WiFi is simple. Most computers are already set up with a WiFi capability or you may add a WiFi card to an older computer very easily. With more modern computers, if you have a WiFi system, and you are within a hot spot (an area with 802.11, which is a specific frequency, either 2.4 gig, or 5 gig) you will automatically be connect to the internet and be allowed to do anything you normally would on your home pc. The wide use of notebook and other portable computers has driven advances in wireless networks. The most common use for a wireless network is to connect a single notebook computer to a broadband internet connection. Wireless networks use either infrared or radio-frequency transmissions to link these mobile computers to networks. Wifi networks use radio technologies called IEEE 802.11b or 802.11a to provide a secure, fast, and reliable wireless connection. The international standard for wireless networking uses a frequency of 2.4-2.4835GHz. These frequencies are common in microwaves, and cord less phones.

WiFi functions through a transmitting antenna which is usually linked to a DSL or high-speed land-based Internet connection and uses radio waves to beam signals. Another antenna, which is in the laptop or PC, catches the signal. The signal, usually l, has a range of about 300 feet for most home connections. The farther the user is from the signal, the slower the connection speed. Wireless LANS have capacity speeds from less than 1 Mbps to 8 Mbps. WiFi can easily be expanded in the home or business with the simple step of plugging in a card or a USB connection to the new computer or other WiFi certified product. No cords or cables, or wires are necessary.

WiFi - wireless fidelity - is mainly centered around the 802.11b standard using the unlicensed 2.4GHz band to transmit data across the radio spectrum normally occupied by cordless phones, garage door openers and a growing number of Bluetooth products designed for device connectivity.

A transmitting antenna, usually linked to a DSL or high-speed land-based internet connection, uses radio waves to beam signals to PCs, laptops, PDAs and mobile devices. A client antenna, a PC card ( PCI or USB connected) , removable PCMCIA card or chip embedded into the remote device, picks up the signal. The client device can receive strong signal within a 100 metre range of the transmitter. The further from the signal the slower the data rate - although additional transmitters can boost that rate.

Moving data using radio frequency is nothing new, in fact the first Morse code radio transmission has a lot in common with today's WiFi technology, after sending what is in effect the first binary wireless transmission mankind spent the next 20 years perfecting the reproduction of the human voice in an analogue format.

The telephone while revolutionary did mask the ability of data transmission, this was not left to rot as militaries around the world continued to develop the sending of data via RF transmissions. WIFI of today is a distant cousin of that Morse signal, although instead of a low bandwidth dot and dash being sent thousands of bits of data is sent every second and we are now measuring in kilobits per second and with newer technologies even megabits.

WiFi as a standard uses the 2.4 GHz range which is largely unused by the European military and other RF users like mobile communications, this frequency band is then broken down into channels which a wireless device can use to transmit data and in order to avoid interference the devices can frequency hop or jump between them mid data stream. So we have a method of moving data over RF but each device needs to be connected and enabled to work with WiFi, this is in effect like giving each device in your network a handheld radio (except they work at much high frequencies). Over this radio link the binary DataStream carries your data for example a webpage back to the device that requested it. A laptop for example would have a wireless access card or dongle this is both a transmit and receive device, this could connect to another laptop with the same setup and create a point to point connection. It is far more likely that the laptop and any other client device will connect to a router or access point to join a much larger wireless network.

Performance of any wireless link is limited by the same factors that affect your radio or TV signal, weather, distance, power and walls or objects, again an example if you use an indoor aerial for your TV your signal is weaker and therefore the picture quality drops. With a WiFi network if the signal strength or quality drops the effective data rate is reduced as more packets are re sent to counteract the errors, so it is important to bear in mind the maximum achievable range of a WiFi enabled device may be at the minimum sustainable speed.

WiFi Uses

In the Home:

Home networking is not fun, that is reflected in the number of homes that have cabled CAT5 networks today, and few homeowners want to run cabling under floors and have unsightly connection boxes in each room that you might use a device. So wireless is a real answer offering the ability for a broadband internet connection to be shared between users in the home, perhaps mum using the PC, dad on a laptop in the garden while the kids hook up their playststaion upstairs. It’s only a small step from sharing your internet connection to a full network, sharing a printer and even a music server with all your collection stored as MP3's

In the Workplace

The workplace on the other hand is far more cautious, most offices already have a perfectly good and fast (at least 100mbits) network in place in strict terms for desktop PC's there are few, but more and more workers are issued with laptops as standard. Those laptops will almost certainly have a wireless access card as standard and the new centurion technology for Intel means every laptop shipped has embedded WiFi.

We must also consider the number of devices in an office network there could be hundreds of devices trying to share the limited number of channels, and then there are issues of where to site access points to work most efficiently. It’s not all doom and gloom with good planning these can be overcome to fully extract the business benefits of wireless networks but it takes some guts to get started.

In Public

When is a hotspot not a hotspot? When no one knows about it!
And there lies the dilemma, while there is a market for those who wish public internet access on their mobile devices there are rarely enough users concentrated in one location to make it pay. Even when there are at airports or stations getting the average user to understand how to connect and pay for the time they will be using the service is a tough job.

Advantages of Wireless

· Some wireless technology allows users the flexibility to physically move while using a device such as a computer.
· New nodes can be added to a wireless network.
· Wireless can be used in places where it is not possible to run cables or drill holes, such as within historic buildings.
· Wireless technology can give users broadband access even when they are away from their home or office.
· Wireless is sometimes available where ADSL and cable are not.

Disadvantages of Wireless

· Wireless has a relatively high initial outlay, compared to ADSL or cable.
· Some wireless technology may require line-of-sight between the transmitting and receiving points. This can be a problem in some areas.
· Wireless suffers from potential security risks. As radio waves travel in all directions, anyone within range can access an unsecured wireless network, be they in the next office, the next building or even out in the street. However, security measures for wireless networks are continually being updated.
· Bandwidth can be limited in a congested network. WiFi shares the airwaves with devices such as microwaves and cordless phones, which can use up valuable bandwidth, or cause interference on occasions.

Security

So we intend to send data through the airwaves, well its not long before someone raises the security card and its right they should, data sent on computer networks is always private be it a web surfing session or email. Use of the industry standard triple DES encryption was deemed too slow for wireless networks which had limited bandwidth to cope with encryption overheads. So WEP the wireless encryption protocol emerged as the preferred method of securing the wireless connections, the 128bit WEP standard is not bombproof but would take a few months with a high powered server to crack, this of course assumes you don't change the key which of course you will!.

Security is the bane of everybody who puts together a wireless network. access points, using factory default settings, are not secure at all. So, if security is such a concern does that mean I shouldn't deploy WiFi? No, it doesn't. But it is something that you should bear in mind when in the planning stage. When talking about security there is no such thing as having a completely secure system. Everything is insecure to some degree or other. The degree of security you require is dictated by the sensitivity of the information you possess. If you require very high levels of security then you cannot rely on the built in security measures of a WiFi network alone. On the other hand, most small to medium sized companies do not require very high levels of security.
If you already have a wireless network you may be concerned about whether it is secure. There are four things you can do to ensure that you are secure.
· Make sure that your access point(s) are not broadcasting the SSID (identifier for N/W)
· Make sure that your access point(s) are encrypting the wireless traffic using Wireless Equivalent Privacy (WEP)
· Buy a wireless intrusion detection system.
· A number of products are available designed to help you monitor the security of your WiFi network as well as who is using it.
If you have a high security requirement, then you should either ensure your network people are appropriately trained or hire a wireless consultant. You may also need to buy proprietary, non-standard access points from the likes of Cisco (although even some proprietary standards from the likes of Cisco have their problems). Unfortunately, this will substantially increase the cost of your wireless network.
The Future of WiFi

With the spread of this new technology the future will provide fasterWiFi Protected Access (WPA) offers confidence and privacy to authorized users.WPA is a level of security that greatly increases the authentication and encryptionof your wireless system. The system works by using an access point to block LAN access until the user can be identified by entering a pass code. Once the correct pass code is entered the user can then begin surfing the net. This process will keep unauthorized users from accessing the authorized users account and keep all data safe and secured. WiFi telephones are also on the rise and soon will be widely available.
With the continuation of this progress more and more internet users will feel confident enough to upgrade from the out-dated dial up connection to the powerful WiFi network. With these high quality performance products, the future will only become more functional for everyone, everywhere.

There may also be potential problems that could occur in the future with WiFi. With more people connected to WiFi, the signals sent can become weaker causing a slow connection. Analysts are worried that the growing population of WiFi users could possibly slow down the signals making WiFi inconvenient.

Conclusion

With the increasing popularity of WiFi, several communities and businesses are setting up wireless communities that allow users to roam around the area while connected. Hotels, airports, and coffee shops are setting up more networks as the demand increases for this low-cost service. Globally, this wireless local area networking (LAN) technology is springing up in airports, cafes, and along city streets, creating ubiquitous broadband access in public and private spaces. One of the reasons for extensive growth of WiFi is the promotion of technology by collaborative group of vendors making WiFi gear, and referred as WiFi Alliance. WiFi Alliance also works on certification, standardization and interoperability of WiFi gear from all the vendors. WiFi has improved a lot since it was first introduced. Basically, the price and performance of WiFi is now at a point where it makes sense for a wider group of users

Web Mining

2008-02-09T20:14:00.000-08:00

Web mining
Abstract :
Data Mining is a set of automated procedures used to find previously unknown patterns and relationships in data. These patterns and relationships, once extracted, can be used to make valid predictions about the behavior of the customer. Data
Mining is generally used for four main tasks: (1) to improve the process of making new
Customers and retaining customers; (2) to reduce fraud; (3) to identify internal wastefulness and deal with that wastefulness in operations, and (4) to chart unexplored areas of the internet .
An important and active area of current WWW and Internet is data mining and World Wide Web. A natural combination of the two areas, sometimes referred to as Web Mining, has been the focus of several recent research projects and papers. The term Web Mining has been used in two distinct ways. The first describes the process of information or resource discovery from millions of sources across the World Wide Web, known as Web Content Mining. The second, which we call Web Using Mining, is the process of mining Web access logs or other user information user browsing and access patterns on one or more Web localities. In these papers I define Web Mining and, in particular, present an overview of the various research issues, techniques, and development efforts in Web Content Mining and Web Usage Mining.

Introduction:

Present age is clinched Information Age. There is an ever-expanding amount of information “out there”. Moreover, the evolution of the Internet into the Global Information Infrastructure, coupled with the immense popularity of the Web, has also enabled the ordinary citizen to become not just a consumer of information, but also its disseminator. Given that there is this vast and ever growing amount of information, how does the average user quickly find what she/he is looking for - a task in which the present day search engines don’t seem to help much.

One possible approach is to personalize the web space – create a system, which responds to user queries by potentially aggregating information from several sources in a manner, which is dependent on who is the user, is. As a trivial example – An Indian querying on “Software Companies in AP” is probably better served by URL’s pointing to Hyderabad, whereas someone in America should get URL’s pointing to Silicon Valley.

Existing commercial systems seek to do some minimal personalization based on declarative information directly provided by the user, such as their zip code or keywords describing their interests or specific URL’s or even particular piece of information they are interested in (e.g. price for particular stock). Engineers are creating systems that (semi) automatically tailor the content delivered to the user from a web-site. They do so by mining the web – both the contents, as well as the user’s interaction.

Web mining can broadly defined as the discovery and analysis of useful information from the World Wide Web. Web mining, when looked upon in data mining terms; can be said to have three operations of interests –
(1). Clustering (finding natural grouping of users, pages etc.)
(2). Associations (which URLs tend to be requested together)
(3). Sequential Analysis (the order in which URLs tend to be accessed).

As in most real – world problems, the clustering and association in Web mining do not have crisp boundaries and often overlap considerably. In addition, bad exemplars (outliers) and incomplete data can easily occur in data set, due to a wide variety of reasons inherent to web browsing and logging. Thus, Web mining and personalization requires modeling of an unknown number of overlapping sets in presence of significant noise and outliers (i.e., bad exemplars). Moreover, the data sets in Web mining are extremely large. Research is going on to develop scalable robust fuzzy techniques to model noisy data sets containing an unknown number of overlapping categories.

Web Mining

Basically there are two types of web mining techniques are available. They are :- (a). Web Content Mining
(b). Web Usage Mining
(a)Web Content Mining:

The heterogeneity and lack of structure that permeates much of the ever Expanding information sources on the World Wide Web, such as hypertext documents, makes automated discovery, organization, and Management of Web–based information difficult. Traditional search and indexing tools of Internet and World Wide Web such as Lycos, AltaVista and others provide some comfort to users, but they do not generally provide structural information nor categorize, filter or interpret documents.

In recent years these factors have prompted researchers to develop more intelligent tools for information retrieval, such as Intelligent Web Agents, as well as to extend databases and data mining techniques to provide a higher level of organization for semi-structured data available on the Web. Here I summarize these efforts below
(I). Database based web content mining
(II). Agent Based web content mining
(I) Database Approach:
The database approach to Web mining have generally focused on techniques for
integrating and organizing the heterogeneous and semi–structured data on web into more
structured and high-level collections of resources, such as in relational databases, and using standard database querying mechanism and data mining techniques to access and analyze this information.

(i). Multilevel Databases
several researchers have proposed a multilevel database approach to organizing Web based information. Most of them propose is that the lowest level of the database contains primitive semi-structured information stored in various Web repositories, such as hypertext documents. At the higherlevel(s) metadata or generalizations are extracted from lower levels and organized in structured collections such as relational or object-oriented databases. For example sometimes a multi-layered database is used where each layer is obtained via generalization and transformation operations performed on the lower layers. Another proposal is the creation and maintenance of Meta-databases at each information-providing domain and the use of a global schema for the Meta-databases.

(ii). Web Query Systems
There have been many Web-base query systems and languages developed recently that attempted to utilize standard database query languages such as SQL, structural information about Web documents, and even natural language processing for accommodating the types of queries that are used in World Wide Web searches. Few examples of this Web-based query systems are
W3QL:Combines structured queries, based on the organization of hypertext documents, and contents queries, based on information-retrieval techniques.

WEBLOG: Logic-based query language for restructuring extracted Information from web information resources.

(II) Agent based approach:
These agent-based approach to Web mining involves the development of sophisticated AI systems that can act autonomously or semi-autonomously on behalf of a particular user, to discover and Organize Web-based information. Generally, the agent-based Web mining systems can be placed on the following three categories:

(i). Intelligent Search Agents:
Several intelligent Web agents have been developed that search for relevant information using characteristics of a particular domain (and possibly a user profile) to organize and interpret the discovered information. For example, agents such as Harvest,
FAQ-finder, Information Manifold, OCCAM, and ParaSite rely either on pre-specific and domain specific information about particular types of documents, or on hard coded models of the information sources to retrieve and interpret documents. Other agents, such as ShopBot and ILA (Internet Learning agent), attempt to interact with and learn the structure of unfamiliar information sources. ShopBot retrieves product information from
a variety of vendor sites using only general information about the product domain. ILA, on the other hand, learns models of various information sources and translates these into its own internal concept hierarchy.

(ii). Information Filtering/Categorization:
A number of Web agents use various information retrieval techniques and characteristics of open hypertext Web documents to automatically retrieve, filter, and categorize them. For example, Hypursuit uses semantic information embedded in link structures as well as document content to create cluster hierarchies of hypertext Documents, and structure an information space. BO(Bookmark Organizer) combines hierarchical clustering techniques and user interaction to organize a collection of Web documents based on conceptual information.

(iii). Personalized Web Agents:
Another category of Web agents include those that obtain or learn user preferences and discover Web information sources that correspond to these preferences, and possibly those of other individuals with similar interests (using collaborative filtering). A few recent examples of such agents include the WebWacther, PAINT, Syskill & Webert, and others. For example, Syskill & Webert are a system that utilizes a user profile and learns to rate WebPages of interest using a Bayesian classifier.
(b)Web Usage Mining:
Web usage mining is the type of Web mining activity that involves the automatic discovery of user access patterns from one or more Web servers. As more organizations rely on the Internet and World Wide Web to conduct business, the traditional strategies and techniques for market analysis need to be revisited in this context. Organizations often generate and collect large volumes of data in their daily operations. Most of this information is usually generated automatically by Web servers and collected in server access logs. Other sources of user information include referrer logs, which contain information about the referring pages for each page references, and user registration on survey data gathered via tools such as CGI scripts.

Analyzing such data can help these organizations to determine the life time value of customers, cross marketing strategies across products, and effectiveness of promotional campaigns, among other things. Analysis of server access logs and user registration data can also provide valuable information on how to better structure a Web site in order to create a more effective presence for the organization. In organizations using Intranet technologies, such analysis can shed light on more effective management of work group communication and organizational infrastructure. Finally, for organizations that sell advertising on the World Wide Web, analyzing user access patterns helps in targeting ads to specific groups of users.

Most of the existing Web analysis tools provide mechanisms for reporting user activity in the servers and various forms of data filtering. Using such tools, for example, it is possible to determine the number of accesses to the server and individual files within the organizations Web space, the times or time intervals of visits, and domain names and the URLs of users of the Web server. However, in general, these tools are designed to deal handle low to moderate traffic servers, and furthermore, they usually provide little or no analysis of data relationships among the accessed files and directories within the Web space. More sophisticated systems and techniques for discovery and analysis of patterns are now emerging. I shall discuss about tem below.

WEBMINER:
This is a general architecture for Web usage mining. The architecture divides the Web usage mining process into two Main parts. The first part includes the domain dependent processes of transforming the Web data into suitable transaction form. This includes preprocessing, transaction identification, and data integration components. The second part includes the largely domain independent application of generic data mining and pattern matching techniques (such as the discovery of association rule and equential Patterns) as part of the system’s data mining engine. The overall architecture for the Web mining process is depicted in the figure below.

Data cleaning is the first step performed in the Web usage mining process. After the data cleaning, the log entries must be partitioned into logical clusters using one or a series of transaction identification modules. Once the domain-dependent data transformation phase is completed, the resulting transaction data must be formatted to conform to the data model of the appropriate data-mining task. Finally, a query mechanism will allow the user (analyst) to provide more control over the discovery process by specifying various constraints.

The emerging data mining tools and systems lead naturally to demand for a powerful data mining query language, on top of which many interactive and flexible graphical user interfaces can be developed. Such a query mechanism can provide user control over the data mining process and allow the user to extract only relevant and useful rules. In WEBMINER, a simple Query mechanism has been implemented by adding some primitives to an SQL-like language. This allows the user to provide guidance to the mining engine by specifying the patterns of interest.

As an example, let us consider a situation where the user is interested in the patterns which start with URL l, and contain m and n in that order, this pattern can be expressed as a regular expression l*m*n*. To see how this expression is used within an SQL-like query, suppose further that the analyst is interested in finding all such rules with a minimum support of 1% and a minimum confidence of 90%. Moreover, let us also assume that the analyst is interested only in client from the domain .edu, and only wants to consider data later than Jan 1,1996. The query based on these parameters can be expressed as follows:

SELECT association-rules (L*M*N*)
FROM log. data
WHERE date >= 960101
AND domain = “edu”
AND support = 1.0
AND confidence = 90.0

This information from the query is used to reduce the scope, and thus the cost of the mining process.

PATTERN DISCOVERY TOOLS:

The emerging tools for user pattern discovery use sophisticated techniques from AI, data mining, psychology, and information theory, to mine for knowledge from collected data. For example, the some of the systems introduce a general architecture for Web usage mining. Automatically discovers association rules and sequential patterns from server access logs.

PATTERN ANALYSIS TOOLS:

Once access patterns have been discovered, analysts need the appropriate tools and techniques to understand, visualize, and interpret these patterns. Examples of such tools include the Web-Viz. systems for visualizing path traversal patterns. Others have proposed using OLAP techniques such as data cubes for the purpose of simplifying the analysis of usage statistics from server access logs.

OLAP Techniques:
On-Line Analytical Processing (OLAP) is emerging as a very powerful paradigm for strategic analysis of databases in business settings. Some of the key characteristics of strategic analysis include very large data volume ,explicit support for the temporal dimensions ,support for various kinds of information aggregations , long-range analysis, where overall trends are more important than details of individual data items.While OLAP can be performed directly on top of relational databases, industry has developed specialized tools to make it more efficient and effective.

Recent work has shown that the analysis needs of Web usage data have much in common with those of a data warehouse, and hence OLAP techniques are quite applicable. The access information in server logs is modified as an append-only history, which grows over time. A single access log is not likely to contain the entire request history for pages on a server, especially since many clients use a proxy server. Because information on access requests will be distributed and there is a need to integrate it. Since the size of server logs grows quite rapidly, it may not be possible to provide on-line analysis of all of it. Therefore, there is a need to summarize the log data, perhaps in various ways, to make its on-line analysis feasible. Making portions of the log selectively (in) visible to various analysts may be requested for security reasons. These requirements for Web usage data analysis show that OLAP techniques may be quite applicable.

THE MINING PROCESS:
The key component of Web mining is the mining process itself. As we know Web mining has adapted techniques from the field of data mining, databases, and information retrieval, as well as development some techniques of its own, e.g.. Path analysis. A lot of work still remains to be done in adapting known mining techniques as well as developing new ones. Specifically, the following issues must be addressed.

1.New Types of Knowledge:
We usage mining studies reported that to date have mined for association rules, temporal sequences, clusters, and path expressions. As the manner in which the Web is used continues to expand, there is a continual need to figure out new kinds of knowledge about user behavior that needs to be mined for.
2.Improved Mining Algorithms:
The quality of mining algorithm can be measured both in terms of how effective it is in mining for knowledge and how efficient it is in computational terms. There will always be a need to improve the performance of mining algorithms along both these dimensions.
3.Incremental Web mining
Usage data collection on the Web is incremental in nature. Hence, there is a need to develop mining algorithms that take as input the existing data and mined knowledge, and the new data, and develop a new model in an efficient manner.
4.Distributed Web mining
Usage data collection on Web is distributed by its very nature. If all the data to be integrated before mining, a lot of valuable information could be extracted. However, an approach of collecting data from all possible server logs is both non-scalable and impractical. Hence, there needs to be an approach where knowledge mined from various logs can be integrated together into a more comprehensive model.

DATA MINING AND BUSINESS GOALS:
Data mining works best when the business has clear, measuring goals. The following are some goals:

· Increase average page views per session
· Increase average profit per checkout
· Decrease products returned
· Increase number of referred customers
· Increase brand awareness
· Increase retention rate (such as number of visitors that have returned within 30 days)
· Reduce clicks-to-close (average page views to accomplish a purchase or obtain desired information)
· Increase conversion rate (checkouts per visit).

CONCLUSION: As the popularity of the World Wide Web continues to increase, there is an increasing need to develop tools and techniques that will help improve its overall usefulness. Since one of the principal goals of the World Wide Web is to act as a World –wide distributed information resources, a number of efforts are underway to develop techniques that will make it more useful in this regard. The term Web mining has been used to refer to different kinds of techniques that encompass a broad range of issues. However, while measuring and attractive, this very broadness has caused Web Mining to mean different things to different people, and there is a need to develop a common vocabulary for all these efforts. Towards this goal, in this paper I have followed a common, popular definition of web mining, and tried to discuss various ongoing efforts related to web mining

RADIO FREQUENCY IDENTIFICATION DEVICE

2008-02-09T20:11:00.000-08:00

RADIO FREQUENCY IDENTIFICATION DEVICE

ABSTRACT

Traditional methods for inventory and asset management are not well suited to today's evolving supply chain. And, the increasingly demanding logistics environments in the commercial and public sectors require solutions that can provide cost-effective automation to address their changing requirements. Bar codes, the currently dominant identification technology, have limited effectiveness due to a reliance on line-of-sight, which can be inefficient and labor-intensive. Additionally, bar codes have suspect durability, hampering reliable management. Radio Frequency Identification (RFID) addresses these needs by providing fully automated, ubiquitous identification.

Radio Frequency Identification (RFID) is a powerful communications technology, utilizing low-cost transponders (ID tags) and high-powered receivers to provide automated identification for virtually any item. Widely adopted in commercial applications, RFID provides value in a number of applications including loss and theft control, location tracking, and instantaneous identification. RFID provides a simple, cost-effective method to incorporate immediate feedback and rapid indexing, increasing value in business processes. For automatic identification, inventory management and control, and overall business process improvement, RFID has proven to be a powerful solution in both public and private sector projects. However, like all emergent technologies, there exist challenges in addressing the needs unique to each organization and determining the optimal application of RFID.

This paper gives an introduction to RFID, its basic building blocks, the features and benefits of using RFID and the various applications and scenarios of RFID.

KEYWORDS: Identification,Tags,Transponders,Automated,Tracking, Indexing,

1.RFID - WHAT IS IT?

Ø Radio Frequency Identification (Device)
Ø It is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders.
Ø An RFID tag is a small object that can be attached to or incorporated into a product, animal, or person. RFID tags contain silicon chips and antennas to enable them to receive and respond to radio-frequency queries from an RFID transceiver.
Ø Passive tags require no internal power source, whereas active tags require a power source.
Ø These tags can hold a small amount of unique data – a serial number or other unique attribute of the item.
Ø The data can be read from a distance – no contact or even line of sight necessary.
Ø It enables individual items – down to the proverbial “can of beans” to be individually tracked from manufacture to consumption.

2. RFID TAG ATTRIBUTES

The following table compares the attributes of active and passive tags:

Active RFID
Passive RFID
Tag Power Source
Internal to tag
Energy transferred using RF from reader
Tag Battery
Yes
No
Availability of power
Continuous
Only in field of reader
Required signal strength to Tag
Very Low
Very High
Range
Up to 100m
Up to 3-5m, usually less
Multi-tag reading
1000’s of tags recognized – up to 100mph
Few hundred within 3m of reader

3. RFID BUILDING BLOCKS

Ø Tags: There are a great many different types of tags but they all serve the same purpose. They are electrical devices, using some form of antenna to communicate. They are the item, which is used to identify something to an RFID tag reader.

Fig 1.An RFID tag used for electronic toll collection

Ø Tag Reader: A reader is just what it implies, a device that reads RFID tags. As with tags there are a great many different types with various capabilities.

Fig2. Tag Reader

Ø Antenna: RFID tag readers use an antenna to communicate to the RFID tag through the tag’s antenna. Some readers have integral antenna while other can have various types and sizes of antenna fitted to them.

Fig3.Antenna

Ø Host Application: The host application can be defined as something that tells the reader when to read RFID tags and then do something with the data that it receives.

Ø Savant - Servers/Software middleware to support readers, extract unique information from the read data, and communicate with External databases.

Ø Environment: The single greatest item you will have to deal with in implementing RFID is the environment. However this one can not be so simplified as the other components simply for the fact that it is the least understood, yet can have the greatest impact on the system, usually negatively. The environment can be defined as the physical (including unseen items such as radio and magnetic waves) items between and surrounding both the tags themselves and the area in which we are trying read tags. This would include the items that the tags would be placed upon as well.

4. RFID BASED SYSTEM BLOCK DIAGRAM

Fig 4. Block diagram of an RFID based system

5. RFID FEATURES AND BENEFITS

The list of benefits and features afforded by an RFID system is quite impressive. They can include applications that remove human intervention completely, allowing for the changing of data in the field, operation where line of sight is not possible, and acquiring of information from multiple items at high speed, and the ability to identify items nested inside of packaging without opening the packaging.

Ø Read anywhere, anytime: Since RFID operates using radio frequency communications; there is no need for a direct line-of-sight between the tags and the reading equipment (the antenna). This means that items can be identified even when they cannot be seen or reached by an individual. It is no longer necessary to position an item to be scanned or to open containers to scan all of the contents, piece by piece. Additionally, tags and antenna systems are available that can allow read ranges as short as 2-3 inches or as wide as several hundred feet. RFID tags come in all shapes and sizes, some as small as a thread or a single grain of rice. And, the functional capability of the tags has little relevance to the size at all. In fact, much of the operation of the tag is reliant on the size of the antenna reading the tags. Furthermore, many RFID tags are powered only when in contact with the RF signal. There is no battery associated with the tag, therefore there is no overhead needed to replace batteries or provide a power source for the tags.

Ø Uniqueness: Each RFID tag is entirely unique, containing a serial number that identifies only that tag. When applied to an item, it creates a unique identifier for the item, providing much more visibility of the item within the supply chain. The tag can denote not only manufacturer and product name, but the unique identifier can associate the item with information like expiration dates or a comprehensive tracking history.

Ø Durability: RFID tags are available for application in a multitude of applications and environments. RFID tags are resistant to heat and moisture and can be located anywhere on an item, allowing for safe placement. And, particularly durable RFID tags can be purchased that are designed specifically for operation and use in harsh industrial environments.

Ø Read/Write capabilities: RFID tags can be used to simply associate an item with a unique serial number, beneficial to many applications, or they can be used to store item-specific data along with a unique identifier. And, the increasing data capacities of RFID tags mean that logistics data does not need to reside only in a centralized database. Relevant inventory and asset information can be stored with the items themselves, making it instantly available to those involved in the specific tasks of packing, shipping, and tracking the items.

6. RFID APPLICATIONS

Fig 6. RFID applications
Ø Supply Chain Automation: Supermarkets are tagging pallets, cases and other returnable transit items, such as plastic crates used for fresh foods. Tagging the crates gives total asset visibility and allows better management of the asset pool. The ability to write to the tag also allows the addition of information such as the contents of the crate, sell-by date and manufacturer. Linking this type of information to the store’s inventory management systems can ensure that goods are moved to the shelves in strict rotation and reduce spoilage and out-of-stocks.

Fig 7.Tagging pallets and crates using RFID tags

Ø Asset Tracking: RFID improves the tracking of assets both large and small so that they can be more quickly located and maintained. Once located that asset can benefit the company instead of ending up in the loss column. RFID can be used to track assets in offices, labs, warehouses, pallets and containers in the supply chain, books in libraries.

Fig 8.An example of asset tracking

Ø Manufacturing: Manufacturing is an old use of RFID, including parts and work in progress in car factories when unions permit. Steady growth continues with few constraints from technology other than the need for very low cost thin tags tolerant of water and metal and suitable for even low cost small parts. That is something like the unsolved problem of tagging Coke in the supermarket.

Fig 9.RFID bar code tracking systems

Ø Retail: Tracking store trolleys in supermarkets, active shelves. RFID can also be used to tracking individual products in a retail store. One example is potentially comparing cashier sales with product that is carried out of the store. Some cashiers do not ring up big-ticket items, and work with an accomplice to steal from the store. Now, if the product has not been sold recently, and it is carried out of the store, an alarm can be sounded, or the loss prevention team alerted.

Fig 10.Items being tracked by attaching RFID tags
Ø Tracking Students in School, Employees: One particularly unpopular use of RFID tags has been to track the location of students within a public school building. The RFID tag is embedded into an ID badge that the student is obligated to wear throughout the school day. Each classroom has sensors installed that detect the presence of each badge, allowing administrative staff and attendance workers to instantly track what room a particular student is located in. A RFID vendor donated the equipment in exchange for the opportunity to test the system in action. The news media was alerted by some parents who disliked the idea, and after a nation-wide uproar, the school administration discontinued the use of the technology in the school building. It is notable that some companies are planning on doing a similar project for tracking the location of their employees.

Fig11.Student ID tags embedded with a RFID transponder
Ø Warehouse: Real-time inventory by automated registration of items in a warehouse

Fig 12.Warehouseapplication of RFID
Ø Livestock: implanted RFID tags in animals for tracking and linking the animal to food, location. Electronic tags, with enhanced tracking capabilities, offer a higher read and retention rate as more accurate data is captured. What is more convenient, information can be easily read and captured by a wand or portal at an abattoir or sales barn

.

Fig 13.Animal tagged with RFID

Fig 14.The four component parts, identically numbered, come in a handy nest to provide national identification for each dairy animal.

Ø Pharmaceutical industry: The e-pedigree is a hot topic in the pharmaceutical industry. The origin of pharmaceuticals has to be verified on the item level. There is also need for anti-counterfeiting procedures. The utilization of RFID empowers safe and secure supply and administration of pharmaceuticals.

Fig 15. RFID in pharmaceutical applications
Ø Libraries and media management: RFID is used in many libraries to automate the issue and return of books, videos and CDs and to give real-time visibility for library inventory. Until recently, books and CDs have been identified using bar coded labels, each of which had to be read individually with a bar code reader. Inventory control and reconciliation has been a laborious and time-consuming operation. With RFID, books and CDs can be checked in and out automatically and inventory control can be automated using scanners on shelves or with their hand-held counterparts. The result is a reduction in the need for personnel and a much higher degree of accuracy in inventory management.

Fig 16.Implementation of RFID tags in libraries

RFID technology is being used in some libraries to replace barcode systems and electromagnetic security systems and eliminate repetitive staff functions. Some RFID applications are:
o Self check-out
o Automatic check-in
o Automated book sorting
o Shelf reading &Theft detection
Ø Garment tags: Incorporating RFID tags into garment labels or even into the garment itself can be a valuable tool for brand owners. A tag inserted at the garment manufacturing plant can identify its source. By using the tag’s unique identification number, the garment can be certified as authentic, which enables the identification and control of counterfeits. Grey market imports can be controlled through the use of source identity. The tags enable inventory visibility throughout the supply chain, reducing shrinkage and out-of-stocks, and the EAS function can reduce in-store theft. Finally, where warranty information is needed for after-sales service, the tag can be written to at the point of sale.

Fig17.RFID garment tags
Ø Baggage tagging: Many airlines have run RFID trials over the past few years to prove the efficacy of the systems employed in the air transport environment. Tests have shown first-read rates of over 99% with RF tags compared to less than 90% for bar code-only tags. The additional functionality offered by the re-write function on the IC allows information to be changed at different points in the airline system. This makes it possible to hold bags for security checking and release them for loading when checked, provided the RFID system is linked to the baggage reconciliation systems. Similarly, RFID is already being used to track passenger progress through airports, reducing the number of passengers arriving late at the gate and in so doing ensuring that planes leave on time.

Fig 18.RFID baggage tags
Ø Parcel and post: RFID is being used today in the postal environment to enable improved item tracking during the sorting and delivery processes. RFID doesn’t require a line of sight for information transfer, so it allows postal items to be routed without concerns over item orientation. Multiple items can be read as they pass through the RF field.

Fig19.Mobile printers allow mail carriers and delivery drivers to sell postage, issue delivery receipts, collect payments, and label parcel pick-ups.

7. CONCLUSION
RFID is a wonderful technology. It can provide great functionality. It can offer unique solutions that no other technology can provide. Be judicious in your use of it and you will be rewarded with successful implementations and all that accompany such successes. Blindly apply it, as a miracle like solution to all problems and failure will be an all to familiar term. As in all technical projects striving for the simplest approach and the least amount of effort that provides the greatest return will serve you well.

8. REFERENCES
1. www.rfidjournal.com
2. www.rfidgazette.org
3. www.rfidnews.org
4. www.wikepedia.org

Knowledge Authentication

2008-02-09T20:09:00.001-08:00

ABSTRACT
Knowledge-based authentication, where the user is required to prove the knowledge of a single secret in order to authenticate her self, is by far the cheapest method to confirm one's identity. Because of its simplicity and low costs, it is one of the most popular authentication methods on the internet. By now, it has become quite natural to identify ourselves by typing in our user id and a password in order to gain access to remote resources or authorize various transactions.
However, knowledge-based authentication has a number of challenges and, in fact; it has become the primary target for on-line criminals. In this paper, I will present a novel approach to knowledge-based one-factor authentication that solves many problems, thwarting most common attacks against such systems, while retaining its simplicity and convenience. It is achieved by the means of identity-based public key cryptography: the public/private key pair is generated directly from the unique user id and a secret password. Both provable and zero-knowledge authentications are discussed.
In financial applications, it is essential that users can accurately estimate the value with which they are entrusting service providers. In particular, this value needs to be clearly bounded from above; the damage from any malicious or erroneous action on the service provider's part should not exceed this limit. The proposed authentication method does not let the service provider to unilaterally compromise the user's security with respect to other systems — a feature certainly lacking from many authentication schemes currently in use.
The proposed method has broader applications than authentication. For example, it allows for a digital signature scheme that matches paper-based signatures more closely in that the signer does not need to own any unique key for a signature, just have access to a general-purpose signing application (a pen) that can be shared by any number of users and know a secret that she can remember.

INTRODUCTION
Long before the invention of computers, passwords, pass phrases, lock combinations and signatures became widely used means of one-factor knowledge-based authentication for gaining access to resources or authorizing transactions. The public became familiar and comfortable with such things many generations ago. In most cases, computer technology attempts to imitate these methods as closely as possible. This is reasonable, because they are results of a long evolution of ideas and sufficient experience and trust has been accumulated with them.
In the computer world, one-factor authentication based on typing a single password dates back to the first multi-user systems. Its primary shortcoming is that passwords have to be assigned in a centralized fashion; the users cannot pick their passwords themselves. Otherwise, there would be no guarantee that no two users will pick the same password: if the password picked by a new user is rejected on the grounds that it has already been taken, the user would learn someone else's password, which is unacceptable. The probability of this happening by chance is uncomfortably high.
To mitigate against the above outlined risks, unique user ids have been introduced early on. In some cases they are centrally assigned, in other cases the user can pick one that is not already taken. But authorization requires both a valid user id and the corresponding password, meaning that learning someone else's user id does not immediately compromise the security of the system. Some systems make them public (e.g. UNIX™), others keep even the ids secret (e.g. most on-line banks). In such systems, users can change their passwords at will, thus protecting themselves against the possibility that their secret has leaked. The overwhelming majority of current knowledge-based authentication systems follow this paradigm (user id + password). Throughout this paper, we assume that the user id is known to potential attackers.
The attacker has two options to obtain the password: he can either steal or guess it. Also, in some protocols under certain circumstances it is possible to hijack a session without knowing the password. In this paper, we consider attacks on the communication channel and on the server. There are two kinds of attacks which lie outside of the scope of our research:
Compromise of the terminal, when the user cannot trust it anymore: this kind of attack can be prevented only on the hardware and/or the operating system level of the terminal. It is also an issue of physical security.
Guessing of the password through a number of attempts using the legitimate interface to access the system. This kind of attack can be foiled by introducing sufficient waiting times between unsuccessful attempts on the system's part and choosing a strong password on the user's part.
It is important to emphasize, that most humans are not able to remember a large number of high-entropy passwords; while the costs of protecting them in some recorded form is often unacceptably high. Losing access because of a forgotten password also constitutes a failure condition, while rarely used passwords have a tendency of being forgotten. Actually, one of the advantages of one-factor authentication is that there is only one item to protect from both theft and loss. Thus, it would be advantageous, if the user could use the same password for many services, without giving up too much security.

WHAT IS AN AUTHENTICATION?

Authentication binds a subject/principal outside the computer to an identity inside the the
Computer. Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. The weakness in this system for transactions that are significant (such as the exchange of money) is that passwords can often be stolen, accidentally revealed, or forgotten. All subsequent stages assume the mapping is correct, so this is really important! For this reason, Internet business and many other transactions require a more stringent Authentication.

WHY AUTHENTICATION?
One-factor user authentication, where the user is required to prove the knowledge of a single secret in order to authenticate herself, is by far the cheapest method to confirm one's identity. Because of its simplicity and low costs, it is one of the most popular authentication methods on the internet. By now, it became quite natural to identify ourselves by typing in our user id and a password in order to gain access to remote resources or authorize various transactions.
However, knowledge-based authentication has a number of challenges and, in fact; it has become the primary target for on-line criminals. In this paper, I will present a novel approach to knowledge-based one-factor authentication that solves many problems, thwarting most common attacks against such systems, while retaining its simplicity and
Convenience. It is achieved by the means of identity-based public key cryptography: the public/private key pair is generated directly from the unique user id and a secret password. Both provable and zero-knowledge authentications are discussed.
In financial applications, it is essential that users can accurately estimate the value with which they are entrusting service providers. In particular, this value needs to be clearly bounded from above; the damage from any malicious or erroneous action on the service provider's part should not exceed this limit. The proposed authentication method does not let the service provider to unilaterally compromise the user's security with respect to their systems — a feature certainly lacking from many authentication schemes currently in use.
The proposed method has broader applications than authentication. For example, it allows for a digital signature scheme that matches paper-based signatures more closely in that the signer does not need to own any unique key for a signature, just have access to a general-purpose signing application (a pen) that can be shared by any number of users and know a secret that she can remember

TYPES OF KNOWLEDGE AUTHENTICATION
Knowledge authentication is broadly classified into following categories
· Without public key cryptography
· Using public key i.e. public key cryptography to the rescue
· Adding string to key pair
These classifications may be briefly explored as follows

WITHOUT PUBLIC KEY CRYPTOGRAPHY
In this case, at least at some point in the protocol, the user and the server share the secret password. This means that if the server has been compromised (which includes corrupt operators), the attacker immediately gains access to all the other systems, where the user uses the same password. This is a substantial security risk.
In the simplest case, the server has an authentication database relating each user id to the corresponding password. The user proves his knowledge of the password by transmitting it to the server. In this setup, even the passive compromise of any part of the system, that is eavesdropping on the communication or stealing the database results in compromised security.
Protecting either the database or the communication channel by means of symmetric (invertible) encryption does not add much in terms of security, as the key must be available on both ends, meaning that it can be stolen.
One-way encryption can protect the communication channel or the database, but not both:
The communication channel can be protected by a challenge-response protocol where the server provides the salt (which is unique for each session) for some one-way string-to-key transformation so that the terminal can perform it and send the result to the server, which can verify this result. The attacker has a very limited use of the information learned from eavesdropping, if the salt is unique for each session and the string-to-key transformation satisfies certain cryptographic assumptions. He can use it to verify his guesses of the passwords off-line. A man-in-the-middle attacker may hijack a session if the content is not integrity-protected with some MAC based on the shared secret, but cannot learn the passwords and use it for access to other systems or this same system at a later time. However, the entire unencrypted password database can be stolen, if the server gets compromised.
Alternatively, one can store a single string-to-key transformation's result for each user id with the corresponding salt in the database, but then the password needs to be sent through the communication channel, from where it can be stolen. This can happen either by eavesdropping the communication between the terminal and the server or by tricking the user into connecting to the attacker's server and providing his password. Similarly to the previous case, if the authentication database gets stolen, the attacker can launch a dictionary-attack offline.
In order to hamper dictionary attacks, the string-to-key transformation should require considerable computational effort even in the legitimate direction (about half a second or so), imposing a possibly prohibitive computational cost on the attacker. This is typically achieved by iterating the same salted hash-function several thousand times. Note, however, that the search can be performed in parallel on many computers. Unfortunately, gathering enormous computational power through viral infection is uncomfortably easy, due to the lax security of most internet-connected PCs.

PUBLIC KEY CRYPTOGRAPHY TO THE RESCUE
The most widespread use of public-key cryptography on the web is site-authentication through SSL, coupled with a secret key negotiation for protecting the communication channel. As seen in the previous section, one can protect the database using salted and iterated one-way string-to-key transformations. Thus, eaves dropping the communication or stealing the authentication database does not reveal the password to the attacker.
However, if the attacker succeeds in deceiving the user to connect to its server, the password gets delivered on a silver plate. Since verifying the site's authenticity requires effort on the user's part, one can always find some users who do not go through all these hoops. This is known as "phishing" and has become one of the most damaging criminal activities on the internet.
Also, there is nothing to prevent the server's corrupt administrator from logging the entered passwords and selling them on for profit. If the password gets used on a different system (remember, many people use the same password for accessing different systems), it is next to impossible to find the source of the leak.
In a more sophisticated authentication method (used, for example, by Hush Mail™ [Hush]), the server has the user's private key encrypted with a symmetric key derived from a password using a one-way string-to-key transformation and the public key in clear text in its authentication database. In order to authenticate, the user sends a unique id, the server answers with the encrypted private key, and from that point on the user signs every request with her private key. In case of Hush Mail™, the unique id serving as key to the encrypted private key database is also derived from the password, providing some preliminary authentication.
This solution, if the private key is generated and encrypted on a trustworthy terminal, prevents the server from ever seeing the user's password and forces the attacker to attack either the symmetric cipher protecting the private key or the public key itself. A good string-to-key transformation may slow down off-line dictionary attacks against the symmetric key.
It is very important to provide appropriate integrity protection for the private key, for otherwise a malicious server or an active attacker can mount an attack by tricking the user into signing with something else than her private key, and then infer her true private key from the resulting signatures. For example, the OpenPGP encrypted private key packet does not provide appropriate integrity protection. [Klima, Rosa]
Currently, such systems are implemented by passing a java applet to the client, providing another point of attack. In theory, however, this kind of authentication could be standardized and the necessary software installed on the terminals (e.g. as part of the web-browser). But this system has some drawbacks, too.
In fact, it is not a one-factor knowledge-based authentication but a faux two-factor knowledge and possession based authentication, where the "possession" part is stored by the server and given to the — yet to be fully authenticated — user. Thus, the security of the system depends on the security of the password, the security of the symmetric cipher and the security of the public key system together. The compromise of any one of these leads to the compromise of the security of the system. The loss of the password by the user or the encrypted private key by the server will lock the user out. Also, since the authentication is interactive, it can only be used over a duplex communication channel, even for one-way communication.
Finally, as counter-intuitive as it may sound, regularly changing the password in this setting results in deteriorating security: since the encrypted private key is given to the user before authentication, the attacker can collect the private keys encrypted with all the passwords and it suffices to break only one of them. In order to mitigate the risk of cracked passwords or public keys, the whole key has to be changed.
Therefore, the system is not pareto-secure [Grigg], since it can be improved without any tradeoff, as demonstrated in the next section.
STRING TO KEY PAIR
One can eliminate the symmetric cipher from the above scheme and generate the public/private key pair directly from the pass phrase by seeding a secure pseudorandom number generator with the user id and the password. Since the signing operation can be expected to be performed on different implementations, it is beneficial to use a digital signature scheme that does not have a subliminal channel, in order to prevent malicious implementations from leaking the secret key though signatures. For this reason, and its good reputation in the cryptographic community, I suggest the RSA signature algorithm.
This decreases both costs and risks of the defender compared to the stored encrypted private key scheme, while not decreasing the cost that it imposes on the attacker. The cost of storing encrypted private keys with high levels of reliability and integrity by the security provider are removed, as are the risks of successful attacks (of any kind) on the symmetric key encryption used to protect the private keys.
Since generating an RSA key pair requires a large amount of random data, it is instrumental to use a fast, yet secure pseudo-random number generator. The key-stream generator of the RC4 stream cipher is a good choice, if we discard the first 256 bytes, as suggested by RSADSI, to overcome the weakness of the key schedule. As the generation of an RSA key takes a considerable amount of time anyway, there is no reason for an additional string-to-key transformation; one can key the RC4 key stream generator directly with a concatenation of the user id and the password, with a unique separator in between and a unique terminator in the end, to prevent collisions. For separation, I suggest the line-feed character (ASCII 0x0A), since it cannot be entered from the keyboard anyway at an arbitrary position. For the same reason, I suggest the C string terminator (ASCII 0x00) for termination. Non-ASCII characters should be encoded in UTF-8. Of course, this limits the user id and the password to 254 bytes, but for most purposes this is enough.
Another important consideration is the key size (N). The amount of required random data is roughly proportional to the square of the key size, as the expected number of discarded prime candidates before finding a prime is proportional to the length of the prime. So is the number of required primarily tests, which is the computational bottleneck in a pure software implementation. Thus, the time required for generating a key pair from a string is clearly super linear in the key size. While the system can be attacked both on the public key level and on the password level and both attacks become more difficult with the increased key size, as the password can only be verified by checking whether or not the resulting first prime is a divisor of the public modulus, increasing the key size is not necessarily a rational decision.
The other parameter affecting security is the entropy of the password (H). The computational effort to break the password exceeds O (2HN). The computational effort to factor an RSA modulus is currently believed to be in excess of O (2N/8). It is clear that beyond some sufficiently large N; further increasing the key size strengthens the public key much more than the password to the point that increasing the password entropy becomes the rational choice.
Most humans can comfortably memorize a password with approximately 50 bits of entropy, especially if it is used on a regular basis. Factoring 1024 bit numbers seems to be on the far edge of feasibility for the forseable future. Using 1024-bit keys, verifying a password takes about a second on a modern PC. Thus, a million PCs dedicated to cracking our password would finish in about 35 years. This is about the same order of magnitude as the factorization of 1024-bit numbers. Remember, that this is a signature key, not an encryption key, so if it expires before it gets cracked, it cannot be abused. Thus, using 1024 bit keys and changing them together with the passwords each few years appears to be a balanced, secure decision.
Generating an RSA key pair involves generating two N/2 bit primes. If these primes are congruent to 3 mod 4, the public modulus will be a Blum integer. The advantage is that the best known zero-knowledge proof of factorization of Blum integers is a lot more efficient than the best known zero-knowledge proof of factorization. Thus, we propose the following method for generating an N or N-1 bit RSA key, where N is divisible by 16:
Initialize an RC4 key stream generator with a key consisting of the concatenation of the user id, the 0x0A separator, the password and the 0x00 terminator.
Discard the first 256 bytes from the key stream.
Read N/16 bytes from the key stream into p in big-endian manner.
Set the most significant bit and the two least significant bits of p
Test p for primality. If it fails, go to step 3.
Generate q the same way as p.
The public modulus becomes pq.
Using the system-wide public exponent e (e.g. F4=65537), calculate d as the multiplicative inverse of e mod (p-1)(q-1).
Calculating the optimization parameters is superfluous in most cases, as a signature operation is performed only once after generating the key (remember that the key is generated each time from the user id and the password), so we cannot gain anything by pre computations.
If the public key is available, the generation of the private key can be sped up by obtaining q by dividing the public modulus by p in step 6, rather than generating it from the key stream. This saves about half the time.
A pure java implementation of the above algorithm with N=1024 and e=65537 takes typically 15 seconds on a 500MHz PC. If the public key is available then half that time. In C, it is about an order of magnitude faster.
The resulting key pair can be used both for provable authentication through a signature and for zero-knowledge authentication in a very efficient manner.
Most public key infrastructures (PKIs) support RSA keys, thus such a key can be certified using any of these. Both OpenPGP and X.509 certificates can be supported with such a system.
PROVABLE AUTHENTICATION
Using the above key-generation process, one can RSA-sign each request to the server, as described in [PKCS#1]. The server can then verify whether the signature is correct and whether the request is not a replay of an earlier one. This is in direct analogy with the numbered and signed deposit and withdrawal slips used by banks for centuries.
Such a signed request constitutes a proof to a third party. This is desirable in many applications.
Since the RSA signature protects the integrity and the authenticity of the request, there is very little an attacker can do to make illegitimate requests on the legitimate user's behalf.
When registering for the service, the user generates the key pair using the above procedure and registers with her public key. It is worth noting that the service provider does not need to know how the public key was generated and how the user obtains the secret counterpart. Thus, the same server-side interface can be used for both one-factor and two-factor authentication.
Note, furthermore, that the registration and/or certification of the public key can happen after the first signature(s), just like in the case of paper-based ones. There is an important difference, however. Until the public key becomes available, there is no easy way to verify that two documents have been signed by the same person. Thus, it is recommended to transmit the public key with each signature, if deferred registration is allowed.

ZERO-KNOWLEDGE AUTHENTICATION
If the integrity of the communication-session is sufficiently protected by some other means, this same key can be used for zero-knowledge authentication as well (see e.g. [Freige, Fiat, Shamir] for details), when the service provider, while being satisfied about the identity of the user, is left with no third-party proof. This is analogous to verbal pass-phrases for accessing a secret bank account. Of course, this rules out any kind of arbitrated dispute resolution.
Using the same public key for provable and zero-knowledge authentication significantly simplifies the key-distribution problem.

ADVANTAGES

Authentication tools provide the ability to determine the identity of a party to an interaction and to ensure that a message came from who it claims to have come from. Like encryption, authentication is seldom used in isolation. Authentication is used as the basis for authorization (determining whether a privilege will be granted to a particular user or process), privacy (keeping information from becoming known to non-participants), and non-repudiation (not being able to deny having done something that was authorized to be done based on the authentication

Relatively simple administration
· Relatively cheap method of user authentication
· Identity confirmed — Both the server and the client can be sure of who they are communicating with.
Encryption — Both the request and the response are protected from intermediate prying eyes.

DISADVANTAGES

Weak security mechanism:
easy to guess (rules) or hard to remember (writing them down)
passwords are sometimes shared for convenience reasons
· Passwords can be stolen by monitoring keyboard keystrokes or network traffic, hacking increased load — Encrypting and decrypting communications is noticeably more CPU-intensive than unencrypted communications. Every request requires additional back and forth communications to set up the secure socket.
· Additional server requirements — The server must create a unique client certificate for each client that wishes to access the API. These APIs must be created and stored in a secure location and transmitted to the client via a secure channel

CASE STUDIES
Credit Card Verification for High-risk TransactionsIndustries: Financial ServicesApplications: Credit Card TransactionsProducts: ProCheck, ProID, ProMonitor CommercialA Gateway application vendor develops credit card payment processing software and also provides credit card transaction monitoring services for online merchants and credit card issuing banks. These Gateway vendors offer enhanced or packaged identity verification, authentication and monitoring features to online merchants as an additional service.Choice Point’s Authentication Solutions are integrated into the Gateway vendor's packaged application services to reduce "chargebacks." Chargebacks occur when a credit card customer successfully disputes fraudulent charges that appear on his or her credit card; the result is that the card-issuing bank is left holding the bad debt. If an online merchant receives too many chargebacks within a certain period, the credit card-issuing bank may choose to increase its "discount rate" (service fees) or close the merchant account.The authentication process is triggered for high-value or high-risk transactions (e.g., "big ticket" electronic items such as expensive stereo equipment or items that are shipped to an address where the credit card is not billed).Choice Point’s Authentication Solutions verifies the user's identity and then presents the user with a series of randomly generated questions, allowing the user to complete his or her transaction automatically online or via the telephone.The Choice Point authentication process could also be used as part of the credit card activation process, and monitoring services can be used throughout the credit card transaction process.

CONCLUSIONS AND FINAL REMARKS
We have presented a cryptographic technique that matches the standard procedures already widely used in the banking industry: the use of signed deposit and withdrawal slips to initiate transactions and that of proving identity without leaving evidence. As has been pointed out to me by a bank employee, performing authorization after having the request communicated is instrumental to security. This practice commonly followed in traditional banking and almost completely ignored in on-line financial services allows the security service to learn about an attacker's intent before the successful impersonification and aids detecting and assessing the nature of the attack while still in progress. The proposed technique, in the author's opinion, stands good chance of acceptance because it is more analogous to security procedures that people are familiar with.As building blocks, we have used time-honored cryptographic primitives and algorithms. The costs of assessing the security of the proposed technique should be acceptably low, as a large body of past experience can be leveraged. Similarly, the development costs of secure implementations are lowered by the fact that it can be built from pre-existing building blocks. The integration into existing systems can and should be facilitated by standards-compliance whenever possible

Grid Computing

2008-02-09T20:08:00.000-08:00

Abstract

In this developed and demanding realm of scientific and technical computing, Grid computing and its capabilities brought a new change in the Computer technology (especially in parallel processing) .This sharing of computing (Grid computing) capacity is transforming a number of business processes in a variety of industries. From solving emergency scenarios at a space agency in a fraction of time through “in-silico” testing, computing grids enables organizations to complete and compute intensive jobs faster than before.

Grid computing mainly enables the virtualization of distributed computing and data resources such as processing, network bandwidth and storage capacity to create a single system image, granting users and applications seamless capabilities to vast IT capabilities. Just as internet user views a unified instance of content via web, a grid user essentially sees a single, large virtual computer.

The main purpose of this paper is to discuss the benefits of Grid computing that lead to advancement in technology.

Contents

1. Introduction
2. Distributed computing
Advantages of distributed computing
Disadvantages of distributed computing
3. Grid computing
3.1 What is grid computing?
3.2 Definitions
3.3 Origin
3.4 Features
4. Conceptual Framework
4.1 Virtual Organization
4.2 Resources
5. Evolution of Grid architecture
5.1 Grid architecture model
5.2 OGSA architecture model
6. Standards
6.1 OGSI Standard
6.2 WSRF Standard
7. Advantages of grid computing
8. Disadvantages of grid computing
9. Applications
10. Conclusion

Reference
www.ibm.com/grid/
www.gridcomputing.org
www.keepmedia.com
1. INTRODUCTION
The rapid pace of change that has always characterized computer technology continues with no letup. These changes cover all aspects of computer technology, from underlying integrated circuit technology used to construct computer components to the increasing use of parallel organization concepts in combining those components. Further these changes also covered computing methods which enable to improve system’s scalability, through put, reliability. The recent computing methods like distributed computing, grid computing also enhance the processing speed.

2. DISTRIBUTED COMPUTING
Distributed computing is a type of parallel processing and a method of computer processing in which different parts of a program run simultaneously on two or more computers that are communicating with each other over a network.
An example of distributed computing is BOINC, a service in which large problems can be divided into many small problems which are distributed to many computers. Later the small results are reassembled into a larger solution.

2.1 Advantages of distributed computing:-
1. Openness
2. Scalability
3. Monotonicity
4. Pluralism
5. Unbounded non determinism

2.2 Drawbacks and disadvantages:-
1. A distributed system can decrease the overall reliability of computations if the unavailability of a node can cause a disruption of other nodes if they are not connected or planned properly.
2. Trouble shooting and diagnosing problems in a distributed system can also become more difficult, because the analysis may now require connecting to remote nodes or inspecting communications being sent between nodes.
3. Only few types of computations are well suited for distributed environments, due to the amount of network communication or synchronization required between nodes.
4. A distributed system consists of a set of software agents that work together to implement some intended functionality. Because the agents in a distributed system don’t operate in a uniform processing environment, they must communicate by protocol stacks that are intrinsically less reliable than direct code invocation and shared memory.

The above bottlenecks due to distributed computing can be solved by GRID COMPUTING

3. GRID COMPUTING
3.1 What is grid computing?
Grid computing is an emerging computing model that provides the ability to perform higher throughput computing by taking advantage of many networked computers to model a virtual computer architecture that is able to distribute process execution across a parallel infrastructure. Grids use the resources of many separate computers connected by a network and provide ability to perform many computations at once than would be possible on single computer.

Grid computing has emerged as one of the key computing paradigms thatenable the creation and management of Internet-based utility computinginfrastructure, called Cyberinfrastructure, for realization of e-Scienceand e-Business at the global level

3.2 Definitions
The term GRID COMPUTING originated in the early 1990s as a metaphor for making computer power as easy to access as electric power grid.
Today there are many definitions of grid computing.
Some of them are as follows:
· The definitive definition of a grid is provided by lan foster as a three point check list. The three points of check list are
1. Computing resources are not administered centrally
2. Open standards are used
3. Non trivial quality of service is achieved
· Plaszczak/wellner defines grid technology as “The technology that enables resource virtualization, on demand provisioning, and service (resource) sharing between organizations.”
· IBM defines grid computing as “the ability using a set of open standards and protocols, to gain access to applications and data, processing power, storage capacity and vast array of other computing resources over the internet. A grid is a type of parallel and distributed system that enables the sharing, selection, and aggregation of resources distributed across ‘multiple’ administrative domains based on their (resources) availability, capacity, performance, cost, and users quality of service requirements.”

3.3 Origin
Like the internet, the grid computing evolved from computational needs of “Big science”. Fully functional Proto-Gird systems date back to the early 1970’s with distributed computing system (DCS) project at the University of California, Irvine. David Farber was the main architect. This projects final report was published in 1977.This technology was mostly abandoned in 1980’s and seen as insurmountable as the administrative and security issues involved in having many machines did not control the computation.
In early 1990’s the ideas of grid were again brought together by Ian Foster, Carl Kesselman and Steve Tuecke, the so called “Fathers of the Grid”. They led the effort to create the Globus Toolkit incorporating not just CPU management but also storage management, security provisioning, data movement, monitoring and a toolkit for developing additional services based on the same infrastructure including agreement negotiation, notification, trigger mechanisms, and information aggregation.

3.4 Features
· Grid computing offers a model for solving massive computational problems by making use of the unused resources (CPU cycles and/ or disk storage) of large numbers of disparate computers, often desktop computers, treated as virtual cluster embedded in a distributed telecommunications infrastructure.
· Grid computing focus on the ability to support computation across administrative domain seta apart from the traditional computer cluster or traditional distributed computing.
· Grid offers a way to solve Grand challenge problems like protein Folding, financial modeling, earth quake simulation, climate/weather modeling and a way of using Information technology resources optimally inside an organization.
· Grid computing has the design goal of solving problems too big for any single super computer, whilst retaining the flexibility to work on multiple smaller programs. Thus grid computing provides a multi user environment.
· This approach implies the use of secure authorization techniques to allow remote users to control resources.
· Grid computing involves sharing heterogeneous resources (based on different plat forms, hardware/ software architectures and computing languages), located in different places belonging to different administrative domains over a network using open standards. In short we can say Virtualzing computing resources.
· Grid computing is often confused with cluster computing. The key difference is that a cluster is a single set of nodes in one location , while a grid is composed of many clusters and other kinds of resources (eg: networks ,storage facilities)
4. Conceptual framework
Grid computing reflects a conceptual framework rather than a physical resource. The grid approach is utilized to provision a computational task with administratively-distant resources. The focus of grid technology is associated with the issues and requirements of flexible computational provision beyond the local administrative domain.

4.1 Virtual organization
A grid environment is created to address resource needs. The use of that resources (e.g.: CPU cycles, disk storage, data, software programs, peripherals) is usually characterized by its availability outside of the context of the local administrative domain. The ‘external provisioning’ approach entails creating a new administrative domain referred to a virtual organization (VO) with a distinct and separate set of administrative policies. The context for Grid ‘job execution’ is distinguished by the requirements created when operating outside of the home administrative context. Grid technology is employed to facilitate formalizing and complying with the Grid context associated with your application execution.
.

4.2 Resources
One characteristic that currently distinguishes Grid computing from distributed computing is the abstraction of a ‘distributed resource ‘into grid resource. One result of abstraction is that allows resource substitution to be easily accomplished. Some of overhead associated with this flexibility is reflected in the middleware layer and temporal latency associated with the access of a grid resource. This overhead, especially the temporal latency, must be evaluated in terms of the impact on computational performance when grid resource is employed

5. Evolution of grid computing architecture
In 1998, it was stated that “a computational grid is a hardware and software infrastructure that provides dependable, consistent, pervasive, primarily centered on the computational aspects of grids. Later iterations broadened this definition with more focus on coordinated resource sharing and problem solving in multi-institutional virtual organizations.
Assigning users, resources and organizations from different domains to VO remains one of the key technical challenges in grid computing. The task includes the determination of a definition of resources mechanisms, such as identifications and application of appropriate resource sharing methods, specification and application of rules and conditions for member assignment, security federation or delegation and access control among participants.

The above characteristics and requirements lead to the definition of architecture of VO
Many architectural models have been developed. Few of them are
5.1. Grid architecture model:
A new architecture model and technology has been developed for establishment and management of cross organizational resource sharing. This new architecture, called Grid architecture, identifies the basic components of a grid system. The grid architecture defines the purpose and functions of its components, while indicating how these components interact with one another. The main focus of the architecture is on interoperability among resource providers and users in order to establish the sharing relationships. The interoperability, in turn, necessitates common protocols at each layer of the architecture model, which leads to the definition of a grid protocol architecture as shown in figure 1
The above figure shows the component layers of the grid architecture and the capabilities of each layer. Each layer shares the behavior of the underlying component layers.
· Fabric layer:- This layer defines the interface to local resources, which may be shared. This includes computational resources, data storage, networks, etc.
· Connectivity layer:-this layer defines the basic communication and authentication protocols required fro grid-specific networking-service transactions.
· Resource layer:- this layer uses communication and security protocols to control secure negotiation, initiation, monitoring, accounting, and payment for the sharing of functions to access and control local resources.
· Collective layer: - While the resource layer manages an individual resource, the collective layer is responsible for all global resources.
· Application layer:- This layer enables resources in a grid environment through various collaboration and resource access protocols.
5.2. OGSA architecture and goal:-
The grid architecture is designed for controlled resource sharing. In contrast, emerging architectures help the earlier- defined grid architecture quickly adapt to a wider technology domain. OGSA is layered architecture, with clear separation of the functionalities at each layer.
As shown in figure2 the core architecture layers are Open Grid Services Infrastructure (OGSI) and OGSA platform services. The platform services establish a set of standard services including policy, logging, and networking services. High-level applications and services use these lower-layer platform core components to become a part of resource- sharing grid.
The Global Grid Forum(GGF) has adopted the OSGA platform.
The IBM vision of the OGSA can be summarized as shown in figure3. This is a layered architecture, with the lowest layer comprising the basic IT resources, such as servers, storage and network services. This includes the hardware and corresponding software support for operating systems, subsystems, and the components that control them. The layer above IT resources handles security, workflow, databases, file systems, directories and messaging software.

6. Standards
Standards are critical to interoperability within a distributed computing platform, especially an advanced platform that provides a service-oriented, loosely coupled, cross-platform programming model. Standards enable platform services to more simply integrate with middleware and also helps to reduce complexity to heterogeneous and cross-enterprise orchestration and integration.
There are two core standards that are available in the grid standardization
6.1. The OGSI standard:
The base component of the OGSA architecture is OGSI. This is a grid software infrastructure standard based on the emerging web services standards. The goal of OGSI is to provide maximum interoperability among OGSA software components.
Figure 4 shows the layering of The OSGI components in a web service with new interfaces and behaviors. The most notable point is the extension of WSDL to provide additional state description mechanisms. In addition to this ,the specification is a set of behaviors and interfaces to support service life-cycles stages: for example collection management, state-change notifications, service creation mechanisms and instance reference mechanisms.
Message-level interoperability is a key feature of this standard, and it is achieved by using XML as the core message format and schema. One of the requirements of the services defined by OGSI is the ability to describe the concepts of state data, life-cycle properties, and instance behaviors using an OGSI description model.
6.2. The WSRF standard:
WSRF is a collection of specifications to support grid services or other stateful resources and is comparable to OGSI. There are many motivations behind WSRF specifications and the most notable contribution is the intersection of grid computing and web services standards and their alignment with SOA principles.
This alignment will continue to help define open standards through interoperable and compatible plug-and-play service extensions to the grid architectures, thereby increasing acceptance and facilitating integration. Through this alignment with the web service as stack Grid services can use existing web services standards, such as WS-Notification, WS-Addressing and WS-Security and build extensions for extended capabilities such a service state data, lifetime, grouping and reference management.

7. Advantages of grid computing
Grid computing has evolved into an important discipline within the computer industry by differentiating itself from distributed computing through an increased focus on resource sharing, manageability and high performance.
1. Consolidation: - From servers to applications to whole sites, consolidation is a key benefit of Grid computing model, especially in the data center. Consolidation not only minimizes the infrastructure necessary to meet an enterprise’s business demands, but also reduces costs by migrating from proprietary or single-use systems to commercial off-the-shelf(COTS)-based systems that can be shared by multiple applications.
2. Modular computing: - Modular computing, especially in the data center, minimizes and simplifies the infrastructure using building blocks that address higher density, lower power, lower thermals, simplified cabling, and ease of upgrading and management. Blade
Servers are an excellent example of modularity.
3.Virtualization: - By creating pools of resources enabled by highly automated management capabilities, virtualization can enable an IT system administrator to utilize far resources in data center, making the resources accessible to more than single application sitting on single physical server.
4. Utility computing: -Utility computing allows an infrastructure to be managed analogously to an electric utility, applying a pay-per-use model, thereby optimizing and balancing the computing needs of an enterprise, and allowing it to run maximum efficiency.
8. Disadvantages of Grid computing
There are some disadvantages with grid computing.
1. Resource sharing is further complicated when grid is introduced as a solution for utility computing where commercial applications and resources become available as shareable and on demand resources.
2. The concept of commercial on-demand shareable adds new, more difficult challenges to the already complicated grid problem list including service level features, accounting, usage metering, flexible pricing, federated security, scalability, and open-ended integration.
9. Applications
Grid computing is applied in many fields. Some of them are
1. Oracle application server 10g, component of oracle fusion middleware has been specifically designed to run enterprise applications on computing grids.
2. IBM, seeking to push grid computing beyond its scientific and technical roots and into mainstream of commercial business enterprises.

10. Conclusion
The grid architecture and global standards serve a major role in determining the adoption rate of grids in the commercial world. Grid services convections are non trivial in their functions; they solve some of the fundamental issues in distributed computing. With these intersections of services and standards enables a transformation by applying the full power of traditional distributed systems to grids, including naming and binding techniques, across the widest possible set of web services.
Thus I conclude that emergence of grid computing is an important milestone in the development of global web services because it provides uniformity and consistency for many vital distributed system functions.

Computer Vision(A.I)

2008-02-09T20:06:00.001-08:00

ABSTRACT

Artificial intelligence is the emerging technology which enables the computers to behave closer to human brain. Computer vision is that field of artificial intelligence which enables computers to analyze process and understand objects and its properties. Early evolution of computer vision was from thinking machines and a more focused study followed. Computer vision is subfields of Artificial intelligence, physics, signal processing. Many methods of computer vision are based on statistics, optimization and geometry. face recognition technologies, pattern recognition and machine learning, personalized cartoon generation and animation, analyzing, simulating and rendering of handwriting(English), human motion analysis and synthesis, appearance modeling, non-photorealistic animation and rendering, video enhancement, dynamic video texture are part of computer vision. The challenges faced by computer vision are serial design in modern computers and huge amounts of data that needs to be transmitted or stored. Finally, computer vision is an ultimate unsolved problem and the future of this field can be limited only by our imagination.
INTRODUCTION:
Since the very beginning of the Industrial Revolution, human vision has played an indispensable role in the process of manufacturing products. Human eyes did what no machines could do themselves: locating and positioning work, tracking the flow of parts, and inspecting output for quality and consistency. Today, however, the requirements of many manufacturing processes have surpassed the limits of human eyesight. Manufactured items often are produced too quickly or with tolerances too small to be analyzed by the human eye. In response to manufacturers' needs, a new technology known as "machine vision" emerged, providing manufacturing equipment with the gift of sight. Computer vision is the science (some say art) of programming a computer to process, and ultimately understand, images and video.
Fig: Video camera used for a computer vision application

STATE OF THE ART:
There is no standard formulation of how computer vision problems should be solved. Instead, there exists an abundance of methods for solving various well-defined computer vision tasks, where the methods often are very task specific and seldom can be generalized over a wide range of applications. Computer vision is by some seen as a subfield of artificial intelligence where image data is being fed into a system as an alternative to text based input for controlling the behavior of a system. Some of the learning methods which are used in computer vision are based on learning techniques developed within artificial intelligence. Since a camera can be seen as a light sensor, there are various methods in computer vision based on correspondences between a physical phenomenon related to light and images of that phenomenon. Consequently, computer vision can also be seen as an extension of physics. Yet another field related to computer vision is signal processing. Many existing methods for processing of one-variable signals, typically temporal signals, can be extended in a natural way to processing of two-variable signals or multi-variable signals in computer vision. Many methods in computer vision are based on statistics, optimization or geometry. Finally, a significant part of the field is devoted to the implementation aspect of computer vision; how existing methods can be realized in various combinations of software and hardware, or how these methods can be modified in order to gain processing speed without losing too much performance.
HISTORY:
Since 1960’s researchers are going on, on formulating thinking machines (computers and common sense) slowly artificial intelligence concepts merged out. In 1970’s that a more focused study of the field started when computers could manage the processing of large data sets such as images. However, these studies usually originated from various other fields, and consequently there is no standard formulation of the "computer vision problem".

WHY COMPUTER VISION:
Computer vision research is to endow computers with the ability to understand still and moving imagery. Although we, as human beings, can make sense of photographs and video, to a computer they're just an array of numbers representing each pixel's brightness and color value.
Fig: a collection of cameras used in vision application
PART OF COMPUTER VISION:
1. FACE RECOGNITION TECHNOLOGIES:
These are aimed to develop algorithms and technologies for real-time, automated and highly accurate face detection, tracking, alignment and recognition under variations in lighting, pose and expression. The key issues are: (1) analyzing and modeling intrinsically low-dimensional subspace of the face pattern embedded in high dimensional image space, and (2) effectively discriminating between face patterns of different individuals. Applications include human computer interface, graphics and animation, security and surveillance, and multimedia retrieval.
2. PATTERN RECOGNITION AND MACHINE LEARNING:
This is aimed at understanding fundamental problems in visual and audio information processing, and developing new techniques and algorithms for analysis and classification of real world image, video and audio data. The topics include example-based learning, linear and nonlinear subspace analysis, statistical and neural network methods for modeling and classification.

FIG: pattern vision as applied to computer vision
3. PERSONALIZED CARTOON GENERATION AND ANIMATION:
In this we study how to automatically / interactively generate the personalized cartoon face and its animation from an input image. After the system automatically generates a realistic-looking cartoon, attractive cartoon expressions and animations can be created with very little user-interaction. The system consists of three main components: an image-based automatic Cartoon Generator, an interactive Cartoon editor for exaggeration, and a speech-driven Cartoon Animator. To capture an artistic style, the cartoon generation is decoupled into sketch generation and stroke rendering. For sketch generation, an example-based approach is taken to automatically generate sketch lines which depict the facial structure. An inhomogeneous non-parametric sampling plus a flexible facial template is employed to extract the vector-based facial sketch. Then, by stroke rendering, various styles of strokes can be applied. To animate the cartoon face easily, a real time lip-syncing algorithm is developed by recovering a statistical audio-visual mapping between the character's voice and the corresponding lip configuration.
4. ANALYZING, SIMULATING AND RENDERING OF HANDWRITING (ENGLISH):
The project investigates new paradigms for manipulation of pen-based input based on philosophy of ink as a first-class citizen. The main goals of this project include:
· Analyzing the users habit of handwriting and tracking user's handwriting;
· Optimizing handwriting for readability and distinguishing;
· For the user who uses the keyboard as input device, we can generate his/her personalized font. In other word, user can input the personalized font likes as his/her handwriting;
· For the user who uses the digital pen as input device, we automatically update his/her handwriting glyphs but retain legibility of the input.
Fig: refinement of images by computer vision
5. HUMAN MOTION ANALYSIS AND SYNTHESIS:
This is aimed to develop algorithms and technologies for human motion data representation and modeling. Based on the statistical model, we could achieve the goals of tracking, recognition and realistic synthesis for complex human motion. The key issues are: (1) analyzing the motion captured data, and effectively modeling the low-dimensional linear subspace of the motion data embedded in high-dimensional nonlinear space; (2) modeling the dynamics and kinematics of human motion based on automatic control theory; (3) modeling the statistical distribution of complex human motion. (4) Synthesizing realistic human motion under various constraints.
6. APPEARANCE MODELLING:
The focus is on estimating properties of surfaces from images, and modeling their appearances under varying illumination conditions. Research towards this end has involved synthesis and fast rendering of bidirectional texture functions, removal of specular reflections in images, depth recovery in the presence of specular reflections, and single-view estimation of bidirectional reflectance distribution functions.
7. NON-PHOTOSYNTHETIC ANIMATIONAND RENDERING:
This is aimed to develop algorithms and technologies for producing artistic style animation and image. Researchers are currently working on image-based sketching, video toning, personalized color schemer, self-adaptive and scalable graphics, and so on.
8. VIDEO ENHANCEMENT:
Video enhancement has been steadily gaining in importance with the increasing prevalence of digital visual media. The aim is at developing video processing methods to improve video quality and provide new user experiences. Research which is going on involves video stabilization, video object cut-out, video completion, denoising and deblurring.
9. DYNAMIC VIDEO TEXTURE:
Dynamic video texture is sequences of images of moving scenes that exhibit some form of temporal regularity, such as sea-waves, fire, smoke, steam, foliage, whirlwind, fountain etc. The main goals of this include:
· Parametric modeling of dynamic video texture
· Synthesis - generating a continuous, similar but slightly different sequence of any length from a short original video
· Editing - the synthesis can be driven by another signal
· Model transfer to animate still image

APPLICATIONS:
One of the most prominent application fields is medical computer vision or medical image processing. This area is characterized by the extraction of information from image data for the purpose of making a medical diagnosis of a patient. Typically image data is in the form of microscopy images, X-ray images, angiography images, ultrasonic images, and tomography images. An example of information which can be extracted from such image data is detection of tumors, arteriosclerosis or other malign changes. It can also be measurements of organ dimensions, blood flow, etc. This application area also supports medical research by providing new information, e.g., about the structure of the brain, or about the quality of medical treatments. A second application area in computer vision is in industry. Here, information is extracted for the purpose of supporting a manufacturing process. One example is quality control where details or final products are being automatically inspected in order to find defects. Another example is measurement of position and orientation of details to be picked up by a robot arm. Military applications are probably one of the largest areas for computer vision, even though only a small part of this work is open to the public. The obvious examples are detection of enemy soldiers or vehicles and guidance of missiles to a designated target. Space exploration is already being made with autonomous vehicles using computer vision, e. g., NASA's Mars Exploration Rover.
CHALLENGES:
One of the main difficulties of computer vision; modern computers have a 'serial' design, meaning they can only process one piece of data at a time. 'Parallel' processing computers would be more suitable for multidimensional signals such as vision task, and indeed, this is how the human visual system is organized. Another difficulty is the huge amount of data to store or transmit, which makes it extremely difficult to capture and render scenes with dynamic content.
LAST WORDS:
Computer Vision is one of the ultimate unsolved problems in computer science, and solving it, or even small parts of it, creates exciting new possibilities in technology, engineering and even entertainment. Today’s examples run from visual aids for the blind, to robotics, to the new Sony Eye Toy! The future of this quickly developing field is only limited by our imagination
General resources
Wikia has a wiki about: Computer Vision
Keith Price's Annotated Computer Vision Bibliography and the Official Mirror Site Keith Price's Annotated Computer Vision Bibliography
USC Iris computer vision conference list

Biometrics

2008-02-09T19:57:00.000-08:00

BIOMETRICS

ABSTRACT:

A wide variety of systems require reliable personal recognition schemes to either confirm or determine the identity of an individual requesting their services. The purpose of such schemes is to ensure that the rendered services are accessed only by a legitimate user, and not anyone else. Examples of such applications include secure access to buildings, computer systems, laptops, cellular phones and ATMs. In the absence of robust personal recognition schemes, these systems are vulnerable to the wiles of an impostor. Biometric recognition, or simply biometrics, refers to the automatic recognition of individuals based on their physiological and/or behavioral characteristics. By using biometrics it is possible to confirm or establish an individual’s identity based on “who she is”, rather than by “what she possesses” (e.g., an ID card) or “what she remembers” (e.g., a password).
In this paper, we give a brief overview of the field of biometrics and summarize some of its types, applications, limitations .This paper also throws light on one of the efficient types of biometrics “THE IRIS RECOGNITION” as a case study. It helps us to understand what it means and how do we do.

INTRODUCTION:

Biometrics is used to identify people based on their biological traits. This growing technological field has deep implications because proving identity is becoming an integral part of our daily lives. Humans have used body characteristics such as face, voice, gait, etc. for thousands of years to recognize each other. Although biometrics emerged from its extensive use in law enforcement to identify criminals (e.g., illegal aliens, security clearance for employees for sensitive jobs, fatherhood determination, forensics, positive identification of convicts and prisoners), it is being increasingly used today to establish person recognition in a large number of civilian applications.
Any human physiological and/or behavioral characteristic can be used as a biometric characteristic as long as it satisfies the following requirements:

· Universality describes how common a biometric is found in each individual.
· Uniqueness is how well the biometric separates one individual from another.
· Permanence measures how well a biometric resists aging.
· Collectability explains how easy it is to acquire a biometric for measurement.
· Performance indicates the accuracy, speed, and robustness of the system capturing the biometric.
· Acceptability indicates the degree of approval of a technology by the public in everyday life.
· Circumvention is how easy it is to fool the authentication system.

A practical biometric system should meet the specified recognition accuracy, speed, and resource requirements, be harmless to the users, be accepted by the intended population, and be sufficiently robust to various fraudulent methods and attacks to the system.

Biometric Systems:

A biometric system is essentially a pattern recognition system that operates by acquiring biometric data from an individual, extracting a feature set from the acquired data, and comparing this feature set against the template set in the database. Depending on the application context, a biometric system may operate either in verification mode or identification mode:
· In the verification mode, the system validates a person’s identity by comparing the captured biometric data with her own biometric template(s) stored in system database. In such a system, an individual who desires to be recognized claims an identity, usually via a PIN (Personal Identification Number), a user name, a smart card, etc., and the system conducts a one-to one comparison to determine whether the claim is true or not (e.g., “Does this biometric data belong to Bob?”). Identity verification is typically used for positive recognition, where the aim is to prevent multiple people from using the same identity.
· In the identification mode, the system recognizes an individual by searching the templates of all the users in the database for a match. Therefore, the system conducts a one-to-many comparison to establish an individual’s identity (or fails if the subject is not enrolled in the system database) without the subject having to claim an identity (e.g., “Whose biometric data is this?”). Identification is a critical component in negative recognition applications where the system establishes whether the person is who she (implicitly or explicitly) denies to be. The purpose of negative recognition is to prevent a single person from using multiple identities. Identification may also be used in positive recognition for convenience (the user is not required to claim an identity). While traditional methods of personal recognition such as passwords, PINs, keys, and tokens may work for positive recognition, negative recognition can only be established through biometrics.

Designing:

A biometric system is designed using the following four main modules
1. Sensor module, which captures the biometric data of an individual. An example is a
fingerprint sensor that images the ridge and valley structure of a user’s finger.

2. Feature extraction module, in which the acquired biometric data is processed to extract a set of salient or discriminatory features. For example, the position and orientation of minutiae points (local ridge and valley singularities) in a fingerprint image are extracted in the feature extraction module of a fingerprint-based biometric system.

3. Matcher module, in which the features during recognition are compared against the stored templates to generate matching scores. For example, in the matching module of a
fingerprint-based biometric system, the number of matching minutiae between the input and the template fingerprint images is determined and a matching score is reported. The matcher module also encapsulates a decision making module, in which a user's claimed identity is confirmed (verification) or a user’s identity is established (identification) based on the matching score.

4. System database module, which is used by the biometric system to store the biometric templates of the enrolled users. The enrollment module is responsible for enrolling individuals into the biometric system database. During the enrollment phase, the biometric characteristic of an individual is first scanned by a biometric reader to produce a digital representation (feature values) of the characteristic. The data capture during the enrollment process may or may not be supervised by a human depending on the application. A quality check is generally performed to ensure that the acquired sample can be reliably processed by successive stages. In order to facilitate matching, the input digital representation is further processed by a feature extractor to generate a compact but expressive representation, called a template. Depending on the application, the template may be stored in the central database of the biometric system or be recorded on a smart card issued to the individual. Usually, multiple templates of an individual are stored to account for variations observed in the biometric trait and the templates in the database may be updated over time.

Types of Biometrics:

Fingerprint Recognition - Visual Biometric The use of the ridges and valleys (minutiae) found on the surface tips of a human finger to identify an individual.

Finger Geometry Recognition - Visual/Spatial Biometric The use of 3D geometry of the finger to determine identity.

Face Recognition - Visual Biometric The analysis of facial features or patterns for the authentication or recognition of an individuals identity. Most face recognition systems either use eigen faces or local feature analysis.

Eyes - Iris Recognition - Visual Biometric The use of the features found in the iris to identify an individual.

Eyes - Retina Recognition - Visual Biometric The use of patterns of veins in the back of the eye to accomplish recognition

Voice - Speaker Verification - Auditory Biometric The use of the voice as a method of determining the identity of a speaker for access control.

Voice - Speaker Recognition - Auditory Biometric The determination of identity of a speaker use the characteristics of their voice.

Hand Geometry Recognition - Visual/Spatial Biometric The use of the geometric features of the hand such as the lengths of fingers and the width of the hand to identify an individual.

Signature Recognition - Visual/Behavioural Biometric The authentication of an individual by the analysis of handwriting style, in particular the signature.

Typing Recognition - Behavioural Biometric The use of the unique characteristics of a persons typing for establishing identity.

DNA Matching - Chemical Biometric The identification of an individual using the analysis of segments from DNA.

Ear - Visual Biometric The identification of an individual using the shape of the ear.

Odour - Olfactory Biometric The use of an individual’s odour to determine identity.

Gait – Behavioural Biometric The use of an individuals walking style or gait to determine identity.

Applications :

There are many applications of Biometrics. Some of them are still under the area of testing and are optional for the end users. The accuracy and effectiveness of these systems need to be verified in the real time operation environment. Different areas where biometrics is employed are

Aviation Security:
Biometrics has been successfully deployed at some of the world’s largest airports. The result has been a dramatic increase in both security and productivity. The identities of personnel with access to aircraft, baggage areas, maintenance and service areas, ticket counters, and boarding areas are increasingly authenticated by biometrics. In addition, the Registered Traveler Program now being tested by the U.S. Department of Homeland Security is using biometrics to authenticate passengers, thus enabling them to speed their transit through security checkpoints

Border Control: Authenticating the identity of travelers who want to cross international borders is a vital means of strengthening security in the age of terror. In coming years, a majority of nations worldwide will require their own citizens and foreign visitors to present biometrically-enabled border-crossing documents, meaning passports or visas or both, upon entry and exit. In the U.S., the US-VISIT program began capturing the biometrics of foreign visitors in early 2005. US-VISIT has succeeded in identifying and deterring potential terrorists and led to the capture of criminals sought by law enforcement agencies.

Gaming: The gaming industry has a particular interest in establishing and ensuring identities by the use of biometrics. In casino cash rooms and other operations centers, only individuals whose identities have been examined and verified can be admitted. With millions of dollars potentially at stake, impersonators are not welcome. On casino floors, cheaters who may be caught once and tossed out can be identified biometrically and their records circulated to other casinos, thus discouraging them from trying to defraud one casino after another.

Health Care: Biometrics can be a matter of life and death in health care. Biometrics can establish personal identity from the moment patients enter the care of a physician or medical facility, and that identity can be transmitted accurately and securely throughout the health care system. Biometrics are used to ensure that only authorized medical personnel can access sensitive hospital facilities, such as nurseries and operating rooms, to see to it that prescribed medications are delivered to the proper patients, and to safeguard the privacy of patients’ medical records by assuring that only authorized personnel can view them.

Immigration: Just as biometrics are being deployed to authenticate the identity of temporary visitors to the U.S. and other countries, biometrics are also being used to verify the identity of immigrants. Biometrics are being collected as part of the routine background investigation of applicants for immigration and asylum in order to insure that individuals are who they claim to be.

IT Security: Biometrics play a key role in ensuring that IT devices, from computers to cell phones, respond only to authorized users. Biometrically-enabled devices can verify and authorize one or more users without the need for easily stolen or forgotten passwords. Institutions that employ from five to 50 thousand employees, whether working on site or at remote locations, can secure their IT networks through a variety of biometric technologies.
Personal Identity: Entering facilities and conducting transactions of all sorts, from attending a professional football game to cashing a check, increasingly depend on establishing identity quickly and accurately. Biometrics increasingly help guarantee personal identity, through enrolled user programs, biometrically-enabled documents and smart cards, personal-authentication devices, cell phones and other digital equipment, and scanners placed at fixed points of service.

Physical Access: A common use of biometrics is to control physical access to sensitive buildings and sites. Many different biometric technologies are used alone or in combination to ensure that only authorized persons gain entry to secured facilities. Unlike passwords that can be stolen or forgotten, or photo IDs that can be forged, biometrics are reliable and virtually foolproof.

Police & Public Safety: Most people don't realize that biometrics have been an important police and security tool for over 150 years. The fingerprint was recognized early as a unique biometric, and has been central to criminal identification and identity verification. In the past, however, fingerprints had to be captured with ink on paper in central booking stations, sent by mail, courier or fax to repositories to be analyzed by experts, a process that takes hours or days. Now fingerprints have been joined by other biometrics, and new technologies allow biometrics to be captured in the field, for example by police on the beat. These data may be transmitted and compared instantly to vast databases, allowing the cop on the beat to identify an deadbeat dad, escaped felon, or international terrorist.

Voter Registration: Establishing the identity of registered voters is vital to help deter voter fraud and thus increase confidence that elections can’t be stolen. Biometrics can play a key role in authenticating the identity of voters at the registration booth, at polling places, and not least in online voting, where no good means of authenticating identity exists apart from biometrics.

Transportation: Few sectors of the economy are as complex as transportation. Trucking, rail travel, aviation, and shipping have begun to use biometrics to make sure that transport employees of all kinds – especially key personnel like drivers, engineers, pilots, and ships’ officers and seamen – are who they claim to be, and that they are authorized to access the transport system. Truck drivers who pick up containers at seaports, for example, are being biometrically screened to authenticate their identities and make sure they pick up the right shipments. Biometrics are also being used to verify that operators of heavy transportation equipment are not exceeding time limits on working hours. Digital manifests are being linked with biometrically-identified drivers to prevent theft and tampering. In the future, biometrics and radio frequency identification (RFID) systems will be used together to identify, tag, and track shipments and people throughout integrated transportation networks.

Limitations of (Unimodal) Biometric Systems

The successful installation of biometric systems in various civilian applications does not imply that biometrics is a fully solved problem. Table 1 presents the state-of-the-art error rates of three popular biometric traits. It is clear that there is plenty of scope for improvement in biometrics. Researchers are not only addressing issues related to reducing error rates, but they are also looking at ways to enhance the usability of biometric systems. Biometric systems that operate using any single biometric characteristic have the following limitations:

1. Noise in sensed data: The sensed data might be noisy or distorted. A fingerprint with a scar, or a voice altered by cold are examples of noisy data. Noisy data could also be the result of defective or improperly maintained sensors (e.g., accumulation of dirt on a fingerprint sensor) or unfavorable ambient conditions (e.g., poor illumination of a user's face in a face recognition system). Noisy biometric data may be incorrectly matched with templates in the database (see Figure 1) resulting in a user being incorrectly rejected.

Table: State-of-the-art error rates associated with fingerprint, face, and voice biometric systems.

2. Intra-class variations: The biometric data acquired from an individual during authentication may be very different from the data that was used to generate the template during enrollment, thereby affecting the matching process. This variation is typically caused by a user who is incorrectly interacting with the sensor (see Figure 2), or when sensor characteristics are modified (e.g., by changing sensors - the sensor interoperability problem) during the verification phase. As another example, the varying psychological makeup of an individual might result in vastly different behavioral traits at various time instances.

Figure 2. Intra-class variation associated with an individual's face image. Due to change in pose, an appearance-based face recognition system will not be able to match these 3 images successfully, even though they belong to the same individual.

3. Distinctiveness: While a biometric trait is expected to vary significantly across individuals, there may be large inter-class similarities in the feature sets used to represent these traits. This limitation restricts the discriminability provided by the biometric trait thus, every biometric trait has some theoretical upper bound in
terms of its discrimination capability.

4. Spoof attacks: An impostor may attempt to spoof the biometric trait of a legitimate enrolled user in order to circumvent the system. This type of attack is especially relevant when behavioral traits such as signature and voice are used. However, physical traits are also susceptible to spoof attacks. For example, it has been demonstrated that it is possible (although difficult and cumbersome and requires the help of a legitimate user) to construct artificial fingers/fingerprints in a reasonable amount of time to circumvent a fingerprint verification system.

5. Non-universality: While every user is expected to possess the biometric trait being acquired, in reality it is possible for a subset of the users to not possess a particular biometric. A fingerprint biometric system, for example, may be unable to extract features from the fingerprints of certain individuals, due to the poor quality of the ridges (see Figure 3). Thus, there is a failure to enroll (FTE) rate associated with using a single biometric trait. It has been empirically estimated that as much as 4% of the population may have poor quality fingerprint ridges that are difficult to image with the currently available fingerprint sensors and result in FTE errors.

Figure 3. An example of “failure to enroll” for fingerprints (with respect to a given fingerprint recognition system): four different impressions of a subject's finger exhibiting poor quality ridges due to extreme finger dryness. A given fingerprint system (using a certain sensor and matching algorithm) might not be able to enroll this subject since
minutiae and ridge information cannot be reliably extracted.
A practical biometric system should meet the specified recognition accuracy, speed, and resource requirements, be harmless to the users, be accepted by the intended population, and be sufficiently robust to various fraudulent methods and attacks to the system.

Electric Motor Drives and Control1(Electrical)

2008-02-08T21:25:00.000-08:00

ELECTRIC MOTOR DRIVES AND CONTROL-PAST, PRESENT AND FUTURE

Abstract-Many industrial applications require variable-speed motor drives. Traditionally, dc motors have been used in sucb applications. However, recent advancements in semiconductor power electronics and microelectronics have made it possible to use ac motors in many variable speed drive applications. Implementation of new control techniques such as field-oriented control, variable-structure control with sliding-mode features, and others have made ac motors viable alternatives to dc motors in high-performance drive applications. The advent ofMicroprocessors/microcontroUers/microcomputersh as made it possible to implement these complex control techniques.

Electric drive technology has undergone a dynamic evolution during the last three decades. This paper presents a comprehensive review of the state of the art in the & Id of electric motor drives and control Strategies. Trends in the technological evolution are also indicated.

INTRODUCTION

EL ECTRIC machines have been the workhorses of industry for many years. The three basic electric machines [l]-dc, induction, and synchronous-have served industrial needs for nearly a century. In recent years, intense research effort has made other variations of electric machines, such as brushless dc machines, permanent magnet machines, and
Switched reluctance machines, viable alternatives in many applications.

DC machines [l], [2] have traditionally dominated the domain of drive systems. Even now most industrial drives use dc machines. Although the machine is more expensive,
the control principles and the converter equipment required are somewhat simpler in dc drives. However, the main disadvantages are its commutators and brushes and the frequent maintenance required for its operation. Ac machines [l], [3], [4], on the other hand, are rugged and less expensive. Historically, they have been favored for constant-speed drive applications. The equipment required to use them in variable-speed drives has a history of being complex and expensive. However, during the last three decades, there has been intense research on the development of ac drive technology.

As a consequence, the cost and performance of ac drives have improved considerably. Their popularity in industry is definitely on the upswing. Traditionally, electric motors were controlled manually [1]-resistance control of dc motors and variac control of ac
motors being examples. Electronic control started with the advent of gas tubes such as thyratrons and ignitrons in the 1930’s. The modem era of control began with the advent of power semiconductors in the 1950’s. Subsequent progress in power electronics and microelectronics has profoundly influenced the operation and performance of drive systems, in particular, ac variable-speed drives. Ac machines exhibit highly coupled, nonlinear, multivariable structures, as opposed to dc machines (separately excited), with their much simpler decoupled control structure. Comparable control performance of ac drives generally requires more complicated control algorithms implemented by fast real time signal processing.

Recent advancements in power electronics, microelectronics, and microcomputers have made it possible to implement sophisticated control tasks at reasonable cost.

Technology breakthroughs have made ac drives viable alternatives to dc drives in many applications. In high-performance drive applications, for example, in the areas of robotics, machine tools, and rolling mills, drive systems are required that can provide fast dynamic response, parameter-insensitive control characteristics, and rapid recovery from speed drop caused by impact loads. Conventional linear controllers (PI, PID) cannot achieve these requirements simultaneously. In recent years, intense research efforts have been focused on the use of modem control technique in drive systems. Such techniques as model reference [5], adaptive control [6], and variable-structure control (sliding-mode control) [7] have shown promise in meeting the needs of high-performance drives.

II. DC MOTOR DRIVES

Control of dc machines is simple [2]. The field rnmf and the armature rnmf are decoupled, as can be seen from Fig. 1. The torque depends on armature current and field flux (T 01 I, af), and the field flux depends on field current (cpf 01 If). This decoupled feature provides enhanced speed of response for torque and speed. The control of torque is normally achieved by controlling the armature with constant field current. Field weakening is employed to increase the speed beyond a basespeed. The simplicity and flexibility of control of dc motors have made them suitable for variablespeed drive applications. Fast torque response has favored their use in high-performance servo drives. In fact, a majority of industrial drives today use dc machines.
Fig. 2 illustrates a typical dc motor speed drive system in which an outer speed loop and an inner current loop are implemented. The addition of the inner current loop-which indirectly provides the torque control - can limit the excursion of current, as can be seen from Fig. 3. However, because of time delay involved in the imperfect analog
Devices normally used for implementation (such as in a PI controller for speed loop), the initial excursion of current cannot be limited (Fig. 3(a)). A variation of the speed controller, known as the IP controller [8], 191, shown in Fig.4 can overcome this problem as shown in Fig. 3(b).

The converters in Figs. 2 and 4 can be phase-controlled rectifiers or choppers, depending on the supply available. Two quadrant converters can provide regeneration capability
[2]. A dual converter can provide fast speed reversal and are frequently used in mill drives [2].
A dc machine, although is ideal from the standpoint of control, is, in general, bulky and expensive compared with an ac machine. In addition, commutators and brushes require
Periodic maintenance and make the dc machine less reliable and unsuitable to operate at high speed or in an explosive environment. As a consequence, for more than a quarter
Century, attention has been diverted to develop ac drives as available alternative to dc drives in many applications.

111. INDUCTION MOTOR DRIVES

The induction machine is a rugged, reliable, and less expensive ac machine. It has been the economical workhorse for use in ac motor drive applications during the past quarter
Century. It has been used for both low-performance as well as high-performance drive applications. Basically, there are two types of induction machines: the squirrel cage induction machine (SCIM) and the wound rotor induction machine (WRIM). The SCIM is less expensive, more robust, and has been extensively used in a wide range

of power ratings. It will continue to play a prominent role in ac drive systems in the future.

Control of the SCIM
Different control methods of varying degrees of complexity have been proposed and used for control of induction machines the nature of application dictates the acceptance
of a particular method.
A simple and economic method of control is to vary the stator voltage [lo] at supply frequency using thyristors (or triacs is shown in Fig. 5. This method of control is
Characterized by poor dynamic and static performance. Although
it is inefficient because of high slip power loss, it is used in fans, pumps, and blower drives.
An efficient method of speed control for induction motors is to change the stator frequency [ 13, [3], [4]. Since the speed is close to synchronous speed, the operating slip is small, and slip power loss in the rotor circuit is small. However, this will require a frequency converter, which is expensive.
In drive systems, it is desired that the machine flux is regulated to provide better utilization of the machine. A requirement for maximum possible transient dynamics is to
operate the motor at its rated flux level. Indirect flux regulation schemes such as the “volt/Hertz” control [ll] and the “slip-current” control [ 121 use variable frequency control and have been extensively used in industry.
B. Flux Regulation by Stator Voltage and Frequency
Variable-frequency drives originally used open-loop, volt/Hertz control to regulate machine flux. They were found to be satisfactory for low-performance, cost-effective industrial drives. Closed-loop control with slip regulation was introduced later for improved drive performance. The air gap flux can be regulated if the air gap voltage and
Frequencies are varied simultaneously at a constant ratio Maximum torque per ampere of stator current can be obtained by coordination between torque and flux at a particular loading condition. The concept of variable-voltage variable-frequency control is illustrated in Fig. 6. Below the base speed, constant flux operation it used. Beyond the base speed, constant flux operation is used. Beyond the base speed, the motor terminal voltage is constant, and as the decreases (which is known as field weakening). The machine can be operated in constant power mode, as is shown in Fig.6. Fig. 7 shows a closed-loop volt/Hertz control scheme with slip frequency control, which provides a limit on the maximum torque.
C. Flux Regulation by Current and SlipFrequency
Another method that is often used for flux regulation is based on a coordination of stator current and slip frequency. The current-slip frequency relationship is shown in Fig. 8(a).
A closed-loop system based on this technique is shown in Fig. 8@). A current source inverter is suitable for this drive. Unlike the volt/Hertz control, the current-slip
frequency control technique is independent of stator parameters (resistance, leakage inductance). Hence, flux regulation can be achieved even at low speeds.
D. Field-Oriented Control
Both the volt/Hertz and current-slip frequency control provide satisfactory steady-state performance. The volt/Hertz control scheme is quite simple to implement. On the other hand, the current-slip frequency control scheme requires closed-loop current regulation as well as accurate speed measurement and, therefore, is somewhat complicated to
Implement. However, both these methods fail to provide satisfactory transient performance. Fig. 9 shows the typical transient characteristics of the current-slip frequency control scheme. As can be seen from the figure. The machine torque and the air gap flux experiences flux oscillation during transient. High performance drives like robotics, rolling mills and machine tools require fast and precise torque response. To achieve this, the dynamic structure of the machine has to be taken into account. The induction machine is a on linear multi variable highly coupled device. Several methods [14]-[18] have been proposed to obtain fast torque response with flux regulation. However, the emerging consensus is to use field-oriented control (FOC) [ 141, [ 151. Field orientation is a technique that provides a method of decoupling the two

components of stator current: one producing the air gap flux and the other producing the torque. Therefore, it provides independent control of torque and flux, which is similar to a separately excited dc machine. The magnitude and phase of the stator currents are controlled in such a way that flux and torque components of current remain decoupled during dynamic and static conditions.

Fig. 12 shows such an indirect method of control The scheme is simpler to implement than the direct method of FOC (Fig. 11); hence, there is an increasing popularity towards the indirect method of FOC.

Fig. 13 shows the experimental results of the torque and flux responses for step changes in command torque from zero to its rated value. As can be seen from this figure, the
machine torque response is almost instantaneous, and the average torque is controlled. The high-frequency torque pulsation is mainly caused by the motor current harmonics. The figure also shows that the machine flux is maintained constant during torque transition. This demonstrates the decoupling control of torque.

Both the direct and indirect methods of FOC are machine parameter dependent unless means are included for directly measuring the rotor flux component. Inductance parameters vary about f 20 %, whereas rotor resistance changes dramatically
(F 100%) with temperature. Without the exact knowledge of the machine parameters, optimum decoupling and torque linearization cannot be achieved [20]. Considerable
amount of research effort has been directed to developing parameter adaptation schemes for optimum decoupling of field-oriented control. The proposed schemes are based on modified reactive power compensation [2 11, estimation of magnetic flux [22], indirect measurement of instantaneous rotor resistance [23], and identification of rotor resistance by signal injection [24]. Thus far, no standard solution for parameter adaptation has emerged. In most parameter adaptation schemes, the identification is more effective at higher speeds and loaded conditions.
Decoupling control can also be achieved by orienting the air gap flux or stator flux [ 191. Stator flux orientation provides direct control on the saturation level of the machine. However, implementation of these schemes requires more real time
Computations than indirect rotor-flux orientation.

E. Control of the WRIM
In earlier days, the SCIM was used for essentially constant speed drive, and the WRIM was used for variable-speed drive systems. Although the WRIM is more expensive and
less rugged than the SCIM, it has been favored for use in high-power applications in which a large amount of slip power could be recovered. It may be noted that an attractive
feature of WRIM control is that only the slip power is handled by power electronics, which may be only a fraction of the rated machine power.
Classically, speed of the WRIM was changed by mechanically varying external rotor circuit resistance [11. The performance can be improved by using a chopper to control the equivalent rotor resistance [25], as is shown in Fig. 14. The static Kramer [26] or static Scherbius [4] systems, shown in Fig. 15 and 16, respectively, allow recovery of slip power and have been used for pump and blower drives. The Kramer drive provides sub synchronous speed control. The use of a cycloconverter in the Scherbius method allows bi-directional power flow, and hence, the drive can operate in both subsynchronous
and supersynchronous mode.

Field-oriented control can also be applied in WRIM’s [27] to provide decoupled control of real power and reactive power. These features are extremely beneficial in high-power
applications. Fig. 17 shows the field-oriented control of a WRIM. In this case, it is more convenient to use stator flux field orientation than rotor flux field orientation.
A novel use of the WRIM for high-power cycloconverterfed drive [28]-[30] is shown in Fig. 18(a). The scheme incorporates field-oriented control of high dynamic performance.
The WRIM is connected in a series fashion (Fig. 18(b)) such that the stator currents and rotor currents are equal in magnitude but reverse in phase sequence. Under balanced excitation, average torque production is possible only if the rotor rotates at twice the speed of the stator MMF wave [28]-[30]. Hence, speed doubling is achieved, and this allows speed enlargement with cycloconverter-fed operations. The field-oriented control of a series-connected WRIM has less parameters involved than the FOC of SCIM’s or
doubly fed WRIM’s. The machine parameter in question is the mutual inductance, the variation of which under flux regulation is expected to be small (much less than the variation of resistive parameters with temperature in the SCIM). Hence, the use of parameter adaptation is not required in this case.

VIII. MODERN CONTROL TECHNIQUES

The conventional linear controllers such as PI, PID have been used in many applications. The IP controller [8], [9] has also been applied with dc drives. However, these controllers
are sensitive to plant parameter variations and load disturbance. The performance varies with operating conditions, and it is also difficult to tune controller gain both on-line and
off-line. The increased productivity and improved product quality demands fast response and parameter-insensitive robust dfive systems.
.
The model referencing adaptive control (MRAC) (Fig. 36) is also being applied in electric drive systems [5]. In MRAC, the output response is forced to track the response of a reference model (idealized model with fixed plant parameters) irrespective of plant parameters variations. The controller parameters are adjusted to give a desired closed-loop performance. This adjustment is based on an adaptation algorithm that utilizes the difference between the reference model output and the plant output as its input.

Both the self-tuning or the MRAC techniques involve intricate control algorithms. The variable structure control using sliding mode was recently introduced into the field of controlled electric drive systems to compete with the former two adaptive control schemes. With sliding mode control (SLMC), the control system can be designed to provide parameter-insensitive features, prescribed error dynamics, and simplicity in implementation. Researchers have reported the application of SLMC in dc drives and ac servo drives [56]-[59] (using synchronous and induction machines). In SLMC, the drive system is forced to follow a predefined trajectory in the phase plane (Fig. 37) irrespective of plant parameter variation. This is achieved by using a set of switching control laws]. The structure and design of the SLMC are relatively simple. A typical SLMC drive system is shown in Fig. 38. In position control drives using
the SLMC, the actual position and speed are required as feedback signals. They are easy to obtain

Fig. 39 shows the first-order parameter invariant response for a step change in position command. In speed control drives, the speed and acceleration are required as feedback
signals. It is difficult to sense an accurate acceleration signal. Observers may be used to estimate the acceleration .
FUTURE TRENDS

The technology of electric motor drives spans many diverse disciplines such as electric machines, power semiconductor devices, converter circuits, control theory, signal processing, and microelectronics. This multidisciplinary technology has made impressive progress during the last two decades and continues to mature. Evolution in each discipline has contributed to the overall improvement in drive technology.

PWM techniques will be used for both converters and inverters to improve performance. Microcomputers will be used to obtain PWM patterns to optimize inverter switching losses and machine harmonic losses. SCR type current-source inverters will become obsolete in the future. The PWM GTO current-source inverter will challenge the popular PWM voltage- source inverter. In high-performance drives, the current-controlled PWM voltage-source inverter will be widely accepted.

In the future, researchers will attempt to use artificial intelligence or expert systems in conjunction with high-performance electric drives. Expert systems have the potential
for use in real-time control applications. In such systems, the controller could possibly interpret the dynamics of the system operation and self-adjust accordingly. Systems incorporating artificial intelligence could permit diagnosis and correction of faults in a complex system to supplant the need for human intervention.

X. CONCLUSIONS

This paper has presented a comprehensive review of the state of the art in the field of electric motor drives and control strategies. Drive technology has seen impressive growth during the last three decades. AC drive technology has been maturing rapidly and will likely overtake dc drive technology in many industrial applications. New high-speed, high-efficiency switching devices, new motor structures, new converter configuration, new control techniques, and new high speed micro controllers will contribute to the further development of high-performance motor drives. Interest and research
in this area will continue relentlessly.