New MSc. option – “Internet Sytems”
October 5, 2007
There’s a new option module on offer this year in the MSc. It’s called “Internet Systems”. Here’s the syllabus: Internet Systems (note the module content section)
Initially, I thought it was a rehash of Enterprise Systems & Architecture (ES&A syllabus) which we did last year as a core module. Upon closer investigation of the syllabus, I came to understand it is quite different.
Ent Sys. & Arch. was mostly all about the Java family of web software, predominantly J2EE.
Internet Systems, on the other hand, seems to be more about how the whole web hangs together. Rather than looking at connectors and containers, it is looking at the internet in general. I think this has strong relevance for KM as the web is a major enabler of knowledge management.
My only concern is that the syllabus says, there is “particular emphasis in server-side development with Java related technologies.” We have covered this in some considerable (excruciating?) detail last semester in EA&S.
My own penchant is for open source web development. I hope there is plenty of scope for discussion around that. Also, although it’s a bit “fashionable” at the moment, Web 2.0, is immensely important for the implementation and development of KM programs so I hope there’s an inclusion of that in the discussions.
One final thing worth mentioning, only 2 people have signed up for this course. The minimum number required to hold a class is 5. So unless at least another 3 people sign up the course won’t be run. I think that’d be a big missed opportunity. Even though I’ve done my required option modules, I plan on doing this as an extra one and would encourage others to give it a try. I think it’s more relevant to KM than some of the other options.
Business Systems Intelligence – option module
July 19, 2007
I’ve been asked by a few people what I thought of the option module, “Business Systems Intelligence” which was taught by Brian MacNamee.
I thought it was really good. It was a bit tough insofar as it’s quite maths-y (not my forte) but great for real-world application. I find it especially relevant to CRM.
The assessments were very do-able. Part practical, i.e. had to run some sample data on SAS Data Miner, and part research, i.e. had to write 2,000 words on the state of the art of data warehousing/mining in a certain industry, e.g. retail, construction, health, etc. Assignment 1 took me about 16 hours (including learning how to use SAS). Assignment 2 took about 18-24 hours (had to do a reasonable about of research for that one). A few of afternoons for each in total.
As far as I know Brian isn’t giving the course next year so I don’t know if that’ll have an effect. I really like his style.
Knowledge Representation & Reasoning
March 9, 2007
The penny finally dropped on what JESS is and how to do our project!! Before Wednesday I was confused and daunted. Now I’m actually excited about the possibilities of designing an expert system!
We spent the first-half of the lecture finalising the code structure. Then we spent the second-half designing the framework needed to hang the code on. This is a completely diagrammatic, visual representation of the “If…, Then…”structure.
Initially, I was going to do it on the stock market and try to predict the outcome of certain conditions. Yesterday, however, I thought I might model it on a political question, i.e. “Will the US leave Iraq this year?” or “Will the US invade Iran?” or “Will Hilary Clinton be the next President of the United States?” These seem like much more interesting questions to me. The stock market would probably be a more potentially lucrative project (though less fun to me) .
The other thing I’d like to do, and this depends on how early I start the project, will be to put a nice front-end UI on it using Java. The cmd line is not attractive at all. Bad user experience. All depends on how soon I get started…!
Yesterday we covered Classification and Prediction. This is the practice of describing historical events and extracting patterns to make future decisions.
This is used by a variety of industries such as credit approval, medical diagnosis, target marketing, SPAM filtering and treatment effectiveness, to name a few.
Classification is a two step process:
- Train the classifyer using historical data
- Use the classifyer to estimate accuracy
Like any data driven application, it’s only as good as the data being fed in so “clean” data is v. important. [I read this article over the weekend by Gartner on clean data - well worth a read.]
The other key point is the algorithim. We looked at Case Based Reasoning, including “K-Nearest Neighbor” and “Decision Trees“. The math isn’t terribly complex it’s just long and somewhat boring, churning through the steps. We explored the ID3 and C4.5 algorithms developed by J. Ross Quinlin.
The result we get is known as “information gain“. Here’s a tutorial (which I haven’t tried out yet): http://www.autonlab.org/tutorials/infogain.html.
KSAAD – Crystal
March 6, 2007
Last night in Knowledge Systems Analysis and Design (KSAAD) we finished off Extreme Programming and began Crystal Orange by Alistair Cockburn.
Just like the last XP, seems very, very like working in the film business. Change and uncertainty is everything. The customer is right (since they’re paying) and people not processes are everything.
It’s too early to say yet, but I’m chewing over the possibility of doing my thesis on Agile Methodologies as they pertain to the media industry. Not sure yet how that would gel as the thesis is about KM not media…
Security – phishing & pretexting
March 6, 2007
Our first Security module assignment was due Sunday. I was ploughing away until all hours on Saturday night trying to get it finished. The topic was:
“Discuss the current trends in security threats on computer systems security and how we can mitigate these threats. Discuss the role of Knowledge Management in mitigating security threats if any?”
Since coding isn’t my forte I took a look at the effects of threats on common usage. I examined Phishing and Pretexting. I was surprised how little deep information there is out there these two issues. After much examination I concluded the reason there isn’t much in-depth information is because the scams are very basic in form.
Phishing doesn’t require much explanation, to say, “A phisher send you a phoney website. You fall for the ruse and plug in all your personal details. Phisher then uses your identity to steal you money and rack up depts.” Certainly there is a skill to it but the technology is very basic. Very little is required to understand how it is set up, how people fall for it and the resultant effects
It’s asymmetrical: tiny scam – huge problem. According to some sources, last year phishing cost nearly $5bn in consumer losses in the US. The numbers are hotly debated but whatever the exact amount, phishers are making a lot of money from their basic confidence-trick.
Pretexting also is easy to define. Same as above except using the phone. So far this isn’t as much as source of financial theft as it is about finding personal information about people for the purposes of private investigations, newspaper stories or in the case of HP, to plug a leak. Talk about about taking a sledgehammer to crack a wall nut! The corporate fall out and bad press HP got over that affair was orders of magnitude worse than the original problem, i.e. where a board member leaked long term HP strategy to CNET News.com. Ironically, HP’s situation was also somewhat asymmetrical: tiny problem – huge scandal.
Here is a sample of links I found very helpful:
References
Federal Trade Commission
SPAM
http://www.ftc.gov/bcp/conline/edcams/spam/index.html
Identity Theft Site
http://www.ftc.gov/bcp/edu/microsites/idtheft/
Phishing
http://www.onguardonline.gov/phishing.html
Pretexting
http://www.ftc.gov/bcp/conline/pubs/credit/pretext.htm
The Gramm-Leach Bliley Act
http://www.ftc.gov/privacy/privacyinitiatives/glbact.html
CNET News.com
HP execs: Spy scandal was ethical wake-up call
http://news.com.com/HP+execs+Spy+scandal+was+ethical+wake-up+call/2100-1014_3-6163563.html
HP outlines long-term strategy
http://news.com.com/HP+outlines+long-term+strategy/2100-1014_3-6029519.html?tag=st.prev
Wikipedia
Social engineering (security)
http://en.wikipedia.org/wiki/Social_engineering_(computer_security)#Pretexting
Phishing
http://en.wikipedia.org/wiki/Phising
Ira Winkler on How To Fight Pretexting
http://www.baselinemag.com/article2/0,1540,2060332,00.asp
Kevin Mitnick
http://en.wikipedia.org/wiki/Kevin_Mitnick
United States Department of Justice
First Conviction in Hewlett Packard Pretexting Investigation
http://www.cybercrime.gov/wagnerPlea.htm
Sophos
Simple steps to avoid being phished
http://www.sophos.com/security/best-practice/phishing.html
The White House
The National Strategy to Secure Cyberspace
http://www.whitehouse.gov/pcipb/
The Mecury News
http://www.mercurynews.com/mld/mercurynews/news/local/16370086.htm
SANS
Top-20 Internet Security Attack Targets (2006 Annual Update)
CERT
Social Engineering and Phsihing Attacks
http://www.us-cert.gov/cas/tips/ST04-014.html
Current Activity
http://www.uscert.gov/current/
NIST
National Vulnerability Database
FBI
Cyber Investigations Division
http://www.fbi.gov/cyberinvest/cyberhome.htm
US Department of Homeland Security
US Ready
http://www.ready.gov/business/protect/cybersecurity.html
BBC
Which? highlights phishing losses
http://news.bbc.co.uk/2/hi/business/6401079.stm
Taxman Warns of ‘Phishing’ Fraud
http://news.bbc.co.uk/2/hi/business/6182151.stm
Net-security.org
Phishers Are Improving Their Chances of Success with Targeted Attacks
http://www.net-security.org/article.php?id=913&p=4
Scalet, Sarah D.
2006: The Year of the Security Non-Event
http://www2.cio.com/research/security/edit/a01042007.html
Anti-Phishing Working Group
Crimeware Mutations Shatter Records in December
http://www2.cio.com/research/security/edit/a01042007.html
Looks Too Good To Be True
Consumer Information and Protection
http://www.lookstoogoodtobetrue.com/about.aspx
Carlson Analytics
http://www.caslon.com.au/pretextingnote.htm
Webopedia
All About Phishing
http://www.webopedia.com/DidYouKnow/Internet/2005/phishing.asp
National Consumer League’s Internet Fraud Watch
http://www.fraud.org/tips/internet/phishing.htm
Search Security.com
http://searchsecurity.techtarget.com/sDefinition/0,290660,sid14_gci916037,00.html
Microsoft
Recognize phishing scams and fraudulent e-mails
http://www.microsoft.com/athome/security/email/phishing.mspx
ComputerWorld.com
Phising
http://www.computerworld.com/securitytopics/security/story/0,10801,89096,00.html
CACI
Knowledge Management in Crime
Forrester
Security Knowledge Management
http://www.forrester.com/Research/LegacyIT/Excerpt/0,7208,33469,00.html
Foundations of Knowledge Management
February 27, 2007
The first half of tonight’s Foundations of Knowledge Management lecture was focused on changing the culture of an organisation to prepare it to accept the knowledge management process.
In the second half we focused on the how the a KM process would actually be carried out (assuming the organisation is culturally ready for it). Broadly speaking, first one wants to create a Knowledge Map. In its most simplest form this is a list (Excel will do) of who knows what in an organisation. This list brings to light expertise people may have that could not be recognised from their job title. Gathering this information is mostly a manual task, finding out and documenting who knows what. From there we create a Knowledge Yellow Pages. This is a slimmed down version of the Knowledge Map and is a published (via intranet) for everyone in the organisation to see.
These steps turn tacit knowledge into explicit knowledge with relative ease. If an organisation only went this far (which we hope they wouldn’t) it would be a great improvment and benefit. We all know what it’s like starting work at a new company. We’re given a company telephone directory and (maybe) an org chart. We don’t really know who does what, or how to get things done effectively. Imagine now what it would be like if there was a Yellow Pages for the company. A veritiable directory of service providers that could help us get our jobs done. Getting up to speed would be much quicker and productivity would be greatly increased. Even people who’ve worked at companies for years may discover industry experts they never knew about, e.g. people who contribute to newsgroups and forums and communities of practice.
Open Source Development seminar
February 27, 2007
Went to a seminar on Saturday morning in DIT Kevin Street as part of the Case Studies Module. It was on Open Source Development & KM. It was given by Prof. Brian Fitzgerald of University Limerick. He used a case study involving Beaumont Hospital which adopted OSS in about 2003. Apparently even though the migration to StarOffice and other OSS packages was largely successful (there were a few hold out departments) the organisation is planning on going back to purchsed systems, e.g. MSOffice.
I learned a lot about the current state of OSS and the LAMP stack which was helpful. I’ve downloaded OpenOffice and plan in installing it over the weekend to evaluate it. Amongst other things I hear it offers “Save As PDF”. I’d switch just for that. It’s a feature that I really like about Mac’s office package. I know there are other ways to print PDFs but they require 3rd party packages, like PrimoPDF.
I’m not sure what the connection is between OSS and KM. I think it was more a presentation on how to excecute a case study and in this it was very informative.
Business Systems Intelligence
February 27, 2007
This course is an special option module. The module aim is “to study and practise advanced data modelling techniques and to understand and practice, techniques of data warehousing and data mining in the context of knowledge management.” (http://www.comp.dit.ie/DT217/Syllabi/BSI.html)
So far it’s been pretty straightforward if a little dry. It’s quite alorithm heavy but you wouldn’t need to be John Forbes Nash (http://en.wikipedia.org/wiki/John_Forbes_Nash) to understand it. The old “beer and nappies” connection comes up a lot!
Knowledge Systems Analysis & Design
February 27, 2007
We covered Extreme Programming in class tonight, mainly SCRUM. It turns out, in my opinion, that Agile software development methodology involves the exact same process as producing VFX commercials (my former job). If one wrote down and codified the work of a VFX producer the processes, ethos, challenges, strategies, etc are identical. As far as I’m aware no-one has ever codified the job of a VFX producer. You just learn how to do by doing it. I’m looking forward to exploring this connection in a later post.
Here’s a good (if long-ish) video explaining the subject: http://video.google.com/videoplay?docid=-7230144396191025011
Here are some other good links:
