http://sudeeraj.com/pubs/sudeeraj.com-Comparison-of-the-privacy-facilities-of-Gmail-with-those-of-Hotmail.pdf

Comparison of the privacy facilities of Gmail with those of Hotmail

References

[1] Create an Account

Gmail

https://www.google.com/accounts/NewAccount?service=mail

04/08/2010 (access)

[2] Sign up

Microsoft

https://signup.live.com/signup.aspx?rollrs=12&lic=1

04/08/2010 (last access)

[3] What is TLS/SSL

Microsoft

http://technet.microsoft.com/en-us/library/cc784450(WS.10).aspx

March 2003

[4] Cryptanalysis of RC4-like Ciphers

S. Mister and S. E. Tavares

http://target0.be/madchat/crypto/codebreakers/Y_23_rc4_cryptana.pdf

1998

[5] Strength Assessment of Encryption Algorithms

Limor Elbaz & Hagai Bar-El (Discretix Technologies Ltd.)

http://www.discretix.com/PDF/Strength%20Assessment%20of%20Encryption%20Algorithms.pdf

October 2000

[6] Attacks on the RC4 stream cipher

Andreas Klein

http://cage.ugent.be/~klein/RC4/RC4-en.ps

February 2006

[7] Research proves feasibility of collision attacks against MD5 (961509)

Microsoft Security Advisory

http://www.microsoft.com/technet/security/advisory/961509.mspx

December 2008

[8] CCNA Security Study Guide

Tim Boyles

http://books.google.lk/books?id=AHzAcvHWbx4C&pg=PA309

2010

[9] A Simple Guide to Cryptography

Microsoft –MSDN & Wrox Press.

http://msdn.microsoft.com/en-us/library/aa480359.aspx

1998

[10] Remote sign out and info to help you protect your Gmail account

Erwin D’Souza – Gmail

http://gmailblog.blogspot.com/2008/07/remote-sign-out-and-info-to-help-you.html

July 2008

[11] Detecting suspicious account activity

Pavni Diwanji – Gmail

http://gmailblog.blogspot.com/2010/03/detecting-suspicious-account-activity.html

March 2010

[12] Hotmail’s new security features vs Gmail’s old security features

Dancho Danchev – zdenet.com

http://www.zdnet.com/blog/security/hotmails-new-security-features-vs-gmails-old-security-features/6509

May 2010

[13] The super-trustworthy, anti-phishing key

Brad Taylor – Gmail

http://gmailblog.blogspot.com/2009/07/new-in-labs-super-trustworthy-anti.html

July 2009

[14] DomainKeys Identified Mail (DKIM)

DKIM

http://www.dkim.org/

09/08/2010 (access)

[15] Some file types are blocked

GMail

http://mail.google.com/support/bin/answer.py?answer=6590

April 2010

[16] Attach and Send Any File Type with GMail Like EXE, ZIP, Videos; Trick GMail Antivirus Scanner

Amit Agarwal

http://labnol.blogspot.com/2005/12/cheat-gmail-antivirus-scanner-attach.html

December 2005

[17] Can’t download attachments

Microsoft

http://help.live.com/Help.aspx?market=en-US&project=MailFull&querytype=topic&query=WL_Mail_TROU_CantDownload.htm

09/08/2010 (access)

[18] Yahoo! Mail introduces new virus scan feature

Yahoo!

http://docs.yahoo.com/docs/pr/release517.html

May 2000

[19] Gmail uses Google’s innovative technology to keep spam out of your inbox.

Gmail

http://www.google.com/mail/help/fightspam/spamexplained.html

10/08/2010 (access)

[20] MSN Hotmail Adds Safety E-Alerts for E-Mail Authentication

Microsoft

http://www.microsoft.com/presspass/features/2005/jun05/06-22senderid.mspx

June 2005

[21] How Does the New Hotmail Stack Up to Gmail?

Adam Dachis- Lifehacker.com

http://lifehacker.com/5564776/how-does-the-new-hotmail-stack-up-to-gmail

[22] Gmail uses Google’s innovative technology to keep spam out of your inbox.

Gmail

http://www.google.com/mail/help/fightspam/spamexplained.html

10/08/2010 (access)

[23] Gmail’s Spam Filter No Longer Effective?

Alex Chitu – Google system blog

http://googlesystem.blogspot.com/2010/05/gmails-spam-filter-no-longer-effective.html

10/08/2010 (access)

[24] GMail and SSL Encryption – how much is encrypted

SuperUser.com

http://superuser.com/questions/25658/gmail-and-ssl-encryption-how-much-is-encrypted

11/08/2010 (access)

[25] About your e‑mail storage

Hotmail

http://explore.live.com/windows-live-hotmail-email-storage-about-ui

11/08/2010 (access)

Comparison of Web Services with CORBA

In the modern technological world, data communication is a vital aspect. When considering data communications, the interoperability of data that is being communicated is of utmost importance. Data which cannot be interpreted at the receivers end is useless data.

With the expansion of the internet in the recent years, it was important, to agree on a universal medium of client server communication, which both parties could understand inherently, without requiring additional meta-data.

One of the technologies which provided a solution for the interoperability problem was, CORBA, which was introduced in early 1990′s.

Nearly 10 years after CORBA was introduced; “Web Services” immerged, which also addressed the interoperability problem.

While interoperability was a major consideration in both the technologies CORBA and “Web Services”, they also addressed other major issues. But both CORBA and “Web Services” have their roots with addressing the interoperability problem.

When considering about the similarities between CORBA and “Web Services”, both the technologies contain similar components, for which the following table can be produced.

Both CORBA and “Web Services” have their advantages and disadvantages.

Advantages of CORBA

• Supports Object Orientation
• Consumes very less network traffic due to the messages between clients and servers are transmitted in a compact representation
• CORBA’s IDL contains standardized programming language mappings which describe implementation logic, other than the interface.
• CORBA supports evening using CORBA event service
• CORBA IDL language bindings support type safety; Stub classes provide compile-time type checking. Therefore an attempt to send a parameter of the wrong type when compiled will result in a compile-time error.

Disadvantages of CORBA

• TCP/IP connections are used in CORBA to transmit data. Therefore if a client is behind a highly restrictive firewall or proxy server environment that only allows HTTP connections to the outside through port 80, communication using CORBA may be impossible, unless the proxy server or firewall allows the HTTP CONNECT method or SOCKS connections so that CORBA connections would initiate.
• When CORBA is used there is a requirement of an ORB being present on all clients.
  
• No official Perl mapping. There are at least two Perl ORBs available as open source, but both mapping are not official, or the implementations are complete.

Web Services Advantages

• The biggest advantages of Web Services are that it can be used with HTTP protocol over port 80 (or HTTPS if SSL is involved). Therefore it can be used; Web Services can easily communicate through restrictive firewalls without changes to the firewall policies implemented.
• Web Services are platform-independent and language-independent, since they use standard XML languages. The XML generated by Web Services are in human readable format.
• The Web Services are also described in a XML based textual format (WSDL) which has a standard format, therefore any new clients can easily adhere according to the WSDL and make use of the Web Service.
• Web Services use structured communication, which benefit from intermediary node processing. The SOAP messages generated by web services can also contain specific processing information intended for intermediate nodes between the service caller and the end point service provider.

Disadvantages of Web Services

• Web services uses textual for mat for data and Meta data exchange, normally the textual data results in very large file size compared to binary data. Therefore web services generate much more network traffic than binary data exchange.
• Serialization and de-serialization needs to be performed for every web service request, and also requires parsing XML documents, Therefore web services consumes much more processor time.
• HTTP and HTTPS protocols which Web Services used for communication are stateless protocols. Therefore additional work needs to be done to keep track of state.

Recommendations for using CORBA or Web Services

• Considering the advantages and the disadvantages both the technologies, have iti is possible to conclude the contexts which either of the technologies. CORBA is of optimal usage when a adequate level control is present within the deployment context. That is when; a service created using CORBA is consumed by a limited client base which are written using CORBA supported languages and also there is control over the firewall and proxy’s which lay in between the service provider and the service invoker. This generates less network traffic, supports State, and CORBA eventing.

• Web Services are of optimal use when the deployment environment is less controllable (nearly no control), therefore Web Services are optimal when a Service is exposed to the public (via Internet). Any forms of Clients which can parse XML are able to plug in to the service, by adhering according to the WSDL.

• CORBA and Web Service can be used together also. CORBA service can be encapsulated using Web Services or Vice-versa; clients are able to consume the service either through the wrapper service or the actual service, without any discrepancy. Such a methodology is described in http://wso2.org/library/2807 document.

References- Accessed during 1^st to 21^st June 2010

www.omg.org/news/whitepapers/CORBA_vs_SOAP1.pdf

http://www2002.org/CDROM/alternate/395/

http://www.ciaranmchale.com/corba-explained-simply/benefits-of-corba.html

http://packetstormsecurity.nl/programming-tutorials/CORBA/why-corba.html

http://www.iona.com/support/docs/e2a/asp/5.0.1/mainframe/ConceptsGuide/cgCORBAConcepts7.html

http://www.spiritus-temporis.com/web-service/advantages-of-web-services.html

http://social.msdn.microsoft.com/forums/en-US/asmxandxml/thread/435f43a9-ee17-4700-8c9d-d9c3ba57b5ef/

+ Classification of Database Management Systems
–Oracle
— Data Model
Oracle DBMS is world renowned as a relational database management system facilitating the relational model of data. The relational model was invented by E.F. (Ted) Codd as a general model of data. There are 12 rules sated by Codd, which needs to be adhered with, so that a database can be declared as a Relational model database. Oracle does adhere to most of the rules but provides the user the ability to violate the rules in order to extend the capabilities. Newer distributions of Oracle (10g and 11g) are capable of catering data requests relating other data models also i.e. RDF Data Model, Spatial Network Data Model. The necessary data transformations are performed by Data Interfacing Layers mostly written using Java. Recent ratings have claimed that Oracle is the number one Relational database provider.
—Number of Users
Oracle has a customer base of 250,000 customers, highest market share of 47.1% that is 7168 million USD in 2006; most of the customers are corporate organizations, which fulfill their data requirements using Oracle.
—Cost
Oracle has several database server configurations, each having different levels of functionalities and accordingly different levels of pricing. Oracle Express Edition is available freely but is limited to 4 GB of user data, 1 GB of RAM and single processor utilization. Standard ONE, Standard, and Enterprise are the other versions, which are priced according to the level of performance they offer, e.g. memory utilization, number of parallel processors etc.
—Number of Sites of distribution
Oracle can be considered as the number one enterprise preferred database server provider. Oracle is widely distributed in the high range and mid-range database market on UNIX and Linux platforms, Oracle has a fair stake on the windows based database servers market also.

–Microsoft SQL Server
— Data Model
Microsoft SQL Server is also a Relational model database management system. Like Oracle, Microsoft SQL Server also facilitates the usage of multiple data models in the recent versions. SQL Server 2008 supports the ADO.NET Entity Framework and the reporting tools, replication, and data definition will be built around the Entity Data Model. In 2008 Microsoft introduced LINQ to Relational Data which is an object-relational mapping (ORM) framework that allows the direct 1-1 mapping of a Microsoft SQL Server database to .NET classes, and query of the resulting objects using LINQ
—Number of Users
Microsoft SQL had a market share of 2654.4 million USD by the end of 2006, that’s a 15.6% of the total market share in 2006.
—Cost
Microsoft SQL Server 2008 has the option to be purchased under a server operating system license with incremental Client Access Licenses (CALs), or a per-processor license model. Express Edition, Compact Edition & Evaluation edition are the free versions. A free edition of Microsoft SQL Server is ideal for learning and building desktop and small server applications. Non fee editions are priced according to the functionality and the level of performance provided.
—Number of Sites of distribution
Microsoft SQL Server dominates the high range and mid-range database market on Microsoft Windows platforms. Microsoft SQL server has no stake on the Linux / UNIX market share because it is a Windows only version.

–My SQL
— Data Model
Like Oracle and MS SQL Server, MySQL is also a Relational model database management system. When we consider presentation and accessibility of data with other data models, MySQL is with poor ranking compared to Oracle and MS SQL Server i.e. When we consider Network model interfacing, both Oracle and MS SQL Server have recursive operators for processing recursive sets, though they all work a little differently. MySQL has no such special tools, though there is a graph engine under development for MySQL
—Number of Users
With over 65,000 downloads per day, MySQL has the highest adoption and growth. MySQL has gained 25% market share in overall database usage by developers in the past two years. MySQL continues to have the largest mindshare in the open source database market and has the highest number of paying customers for product support: an estimated 16,000.
—Cost
MySQL is available free of cost. MySQL is an “Open Source” database. MySQL is part of LAMP (Linux, Apache, MySQL, PHP / Perl / Python) environment, a fast growing open source enterprise software stack. More and more companies are using LAMP as an alternative to expensive proprietary software stacks because of its lower cost, reliability, and documentation.
—Number of Sites of distribution
MySQL is the world’s most popular open source database. Broad acceptance of MySQL can be attributed to the rapid overall adoption of the L/WAMP stack. Because of its popularity, MySQL has the support of leading IT organizations including major hardware and software vendors

+ Introduction to Oracle DBMS
–Sharing Data
Oracle provides several methods which can be used to share data among other DBMS. Additionally these methods provide a consistent way to perform logical database backup and recovery. Of these, the common utilities used are the import and export tools. Mostly they are used to move schema definitions and data between different Oracle instances and users. While still supported on 10g the original import (imp) and export (exp) utilities were replaced in 10g with the faster and more advanced Data Pump-based, impdp and expdp.

–Minimizing Redundancies and Inconsistency
As relational database Oracle provides the facilities to reduce redundancies and inconsistencies. Minimizing redundancy requires complex queries and schema structures, which in turn requires a high performance database system which is capable is fulfilling complex requests. Oracles highly scalable architecture and high performance therefore provides the ability to reduce redundancies and inconsistencies. Also the newest Oracle release Oracle Database 11g Release 2 contains Automatic Storage Management, Oracle Real Application Clusters, and Active Data Guard allow storage and server resources to be used for both fault tolerance and running production workloads, keeping servers and storage from sitting idle waiting for failures, thus reducing inconsistencies and redundancy.

–Support for Transactions
Oracle DBMS provides the support transactions. Oracle transactions act according to definitions defined by the SQL standard. A transaction is a sequence of SQL statements that Oracle treats as a single unit of work, every SQL DML (Data Manipulation Language) statement issued subsequently becomes a part of this transaction. When disconnecting from the database the transaction ends as well as when issued with a COMMIT or ROLLBACK command.

–Integrity
Oracle provides a number of integrity constraints and database triggers to facilitate the management of business rules. Referential integrity (foreign key constraint) is one way Oracle provides for maintaining business rules. Relational systems allow control of business rules with constraints, and referential integrity rules form the backbone of relational tables. Several types of constraints can be applied to Oracle tables to enforce data integrity, i.e. Check Constraint: validates incoming columns at row insert time, Not Null Constraint: used to specify that a column may never contain a NULL value, Primary Key Constraint: used to identify the primary key for a table, References Constraint: used to ensure that a row is not deleted, if rows still exist in a dependent table, Unique Constraint: used to ensure that all column values within a table does not contain duplicate entries.

–Security
Oracle database has many complex security measures which make it an ideal database system for enforcing tight security standards. Data confidentiality, integrity, and availability can all be well protected with properly designed Oracle database. Oracle allows for various types of authentication. Oracle-based authentication allows for Oracle database accounts with user-ids and strong password management. Oracle passwords are encrypted with a modified DES algorithm for each database connection. Oracle passwords are stored in an encrypted format in the data dictionary. All passwords are encrypted, including user passwords whether across the network or local connections, server to server passwords, and even database administrator passwords when the database is down. Oracle also supports host-based authentication which is based on the operating system’s user accounts which are then passed on to Oracle. Additional authentication options are available for those that choose the Oracle Advanced Security Option Oracle makes use of profiles to allow the administrator to place specific restrictions and controls on a number of system resources, password use and various Oracle products. These profiles can be defined, named, and then assigned to specific users or groups of users. By default, new Oracle users are not given any privileges. New users must be given privileges before they can logon or execute any database operation. Users can not do anything unless they have been given the specific privilege to do so. There are an impressive number of privileges that can be given, around 100 in all. There are two types of privileges available to be granted to users. They are system and object privileges. Roles are used to ease the management task of assigning a multitude of privileges to users. Roles are first created and then given sets of privileges that can be assigned to users and other roles. Users can be given multiple roles. It is much easier to create sub-sets of privileges that are organized into roles and then assign the role to one or more users. Roles can be protected with passwords. Roles that are protected with passwords require that a password be provided before activating a role unless it is the user’s default role. There are three standard types of auditing available in Oracle, including SQL statement-level, privilege-level, and object-level auditing. Audit records can be written to the standard Oracle audit table, to an operating system audit trail (dependent on operating system used), or to an external file.

–Standards
Oracle conforms to Entry level conformance defined in the ANSI document, X3.135-1992, “Database Language SQL.” Oracle supports the ASCII character set (FIPS PUB 1-2). Oracle supports both single-byte and multibyte character sets. Also Oracle provides extend functionality, which are not defined in standards, but provide valuable functionality.