The Battle of Cajamarca: an End to an Empire in South America

The Battle of Cajamarca: an end to an Empire in South America New World: Spanish conquistador Francisco Pizarro (c. 1475 – June 26, 1541) seized Incan emperor Atahualpa (pictured; c. 1502 – August 29, 1533) after victory at Cajamarca, Peru. Pizarro had just 168 men and Atahualpa had 80,000 battle-hardened soldiers who had recently defeated an indigenous enemy. However, the Spaniards had iron swords, guns, horses and armour, which the Incas did not. The result: one of history's most incredible battles, and it was all over in one afternoon. Atahualpa (or Atahuallpa; Atabalipa) (ah'-ta-oo-al'-pa), was the13th and final emperor of the Incan Empire. He was a younger son of the Incan ruler Huayna Capac and an Ecuadorian princess of the Quito; although not the legitimate heir, he seems to have been the favourite. When Huayna Capac died (c. 1527), the kingdom was divided between Atahualpa, who ruled the northern part of the empire from Quito, and his half-brother Huascar, the legitimate heir, who ruled from Cuzco, the traditional Inca capital. Contemporary chroniclers depicted Atahualpa as courageous, ambitious, and very popular with the army. In 1532 he was celebrating his victory in a devastating war of accession with his elder half-brother. He had been embroiled in war with Huascar for control of the whole Incan Empire. The war ravaged Inca cities, wreaked havoc on the economy, and decimated the population. Early in 1532, near Cuzco, while Pizarro was making his way to Atahualpa's heartland, the army of the Incan lord had defeated Huascar's army in what was probably the greatest of any Incan military engagement to date. Atahualpa treacherously captured his half-brother and his family and later had them executed, while Atahualpa was himself a prisoner – of Pizarro. (As Huascar had been something of an ally to the Spanish, his half-brother's actions were later cited as a cause of the treatment Pizarro meted out to Atahualpa. ) In November, while the newly victorious Atahualpa and his battle-hardened army of 80,000 were relaxing with the hot springs in the town of Cajamarca, before their planned triumphal entry into Cuzco, Francisco Pizarro entered the city with a force of 168. Atahualpa got wind of the incursion. History was about to change in a most dramatic way. On November 15, as the Spanish band moved close to Cajamarca, they tortured a few natives and discovered that Atahualpa was waiting for them at Cajamarca. Bravely, ‘Governor' Pizarro’s ‘army' moved towards the Incan town, and saw a beautiful place filled with so many tents that the soldiers were filled with fear. Hernando Pizarro, the leader’s brother, estimated the number of Incan soldiers at 40,000, but an eyewitness wrote that he gave this estimate in order to calm his comrades: there were in fact more than 80,000. Meanwhile, most of Pizarro’s men were hidden around the main courtyard of Cajamarca. Atahualpa ambushed Invited by the Spaniard to attend a feast in his honour, the Inca chief accepted. The next day, he arrived at the appointed meeting place with several thousand unarmed retainers; Pizarro, prompted by the example of Hernan Cortes and Moctezuma in Mexico, had prepared an ambush. The next day at around noon, Atahualpa appeared in the town centre, carried on a litter, or palanquin, borne by 80 Incan noblemen in rich blue livery, and with a retinue of 2,000 Indians sweeping the road before him. An eyewitness wrote â€Å"Then came a number of men with armour, large metal plates, and crowns of gold and silver which they bore, that it was a marvel to observe how the sun glinted on it. † Atahualpa was also surrounded by his warriors, many thousands of them. One of the Spaniards who was present wrote: â€Å"Atahualpa himself was very richly dressed, with his crown on his head and a collar of large emeralds around his neck. He sat on a small stool with a rich saddle cushion resting on his litter. The litter was lined with parrot feathers of many colours and decorated with plates of gold and silver †¦ Governor Pizarro now sent Friar Vicente de Valverde to go to speak to Atahualpa, and to require Atahualpa in the name of God and of the King of Spain that Atahualpa subject himself to the law of our Lord Jesus Christ and to the service of His Majesty the King of Spain. [The priest advanced] with a cross in one hand and the Bible in the other hand, and going among the Ind ian troops up to the place where Atahualpa was †¦ â€Å"Atahualpa asked for the Book, that he might look at it, and the Friar gave it to him closed. Atahualpa did not know how to open the Book, and the Friar was extending his arm to do so, when Atahualpa, in great anger, gave him a blow on the arm, not wishing that the Book should be opened. Then he opened it himself, and, without any astonishment at the letters and paper he threw it away from him five or six paces, his face a deep crimson. â€Å"The Friar returned to Pizarro, shouting, ‘Come out! Come out, Christians! Come at these enemy dogs who reject the things of God †¦. Why remain polite and servile towards this over-proud dog when the plains are full of Indians? March out against him, for I absolve you! ’† It has been reported that Atahualpa asked Friar Vicente on what authority he acted, and the friar told him it derived from the book he was holding. The Incan emperor then commanded: â€Å"Give me the book so that it can speak to me. † Atahualpa, holding the book next to his ear, tried to listen to its pages. Finally he asked: â€Å"Why doesn't the book say anything to me? † and defiantly and disdainfully threw it to the ground. On the friar's command (rather than Pizarro's), the Spanish soldiers emerged from the porticoes around the square and fired into the crowds of unarmed warriors and citizens. Seven thousand slain Just several hours of bloody battle ensued, with the conquistadors having the technological advantage. By evening, Pizarro and his men had killed 7,000 Indians yet lost not one of their own merry men. Later, Pizarro said to Atahualpa through an interpreter: â€Å"When you have seen the errors in which you live, you will understand the good that we have done you by coming to your land †¦ Our Lord permitted that your pride should be brought low and that no Indian should be able to offend a Christian. † During the melee, Pizarro had personally grabbed Atahualpa from his litter, calling out the Spanish war cry (â€Å"Santiago! , or â€Å"St James! †) as he did so, and took Atahualpa prisoner. Soon, Atahualpa recognised that a huge ransom was his only chance of freedom, so he promised a huge hoard of gold to the Spaniards, which the Incan king’s subjects duly paid. The ransom, the largest ever made, was staggering – when melted down, it consisted of suffi cient gold to fill a room 22 feet long by 17 feet wide to a height of more than 8 feet! What artistic treasures were lost, we shall never know. We note here that the Incas made even the soldiers rich, not just Pizarro and the King of Spain (who took 20 per cent of the booty). The conquistadors each received a share appropriate to his rank: horseman received 40 kilograms of gold and 81 kg of silver, while foot-soldiers received half that amount. After the full amount had been delivered, Pizarro reneged on his promise and on August 29, 1533, the conquistador ordered Atahualpa burned to death. However, when Atahualpa was brought to the stake, Father de Valverde offered him the choice of being burned alive or being killed by the more merciful garrot if he would convert to Christianity. Although throughout his captivity Atahualpa had resisted conversion, he agreed to it and so died that day by strangulation. Cajamarca was not the only occasion in 1532 on which Western technology was able to trounce Incan technology – for technology such as guns and steel swords, rather than fighting skills and valour were what won the day. Jared Diamond, from whose excellent, Pulitzer Prize-winning book, Guns, Germs and Steel, (Vintage, 1998), the above quotations come, writes: â€Å"During Pizarro’s march from Cajamarca to the Inca capital of Cuzco after Atahualpa’s death, there were four such battles: at Jauja, Vilcashuaman, Vilcaconga, and Cuzco. Those four battles involved a mere 80, 30, 110, and 40 Spanish horsemen, respectively, in each case ranged against thousands or tens of thousands of Indians. † Footnote On January 18, 1535, as Pizarro thought the Inca capital of Cuzco was too far up in the mountains and far from the sea to serve as the Spanish capital of Peru, he founded the city of Lima, still the capital of that nation.

A time when I felt isolated or lonely

â€Å"Wow! A three days survival camp without a leader or teacher. Cool! Mum, can I join this camp?† I asked my mum eagerly. My mum, who was observing the book section, turned around and looked at the poster, â€Å"This?† â€Å"Yes,† I explained, â€Å"It's a three days hiking camp. I will hike with another two people from an over-sea scout team.† She examined the advertisement for a moment and said, â€Å"But there aren't any teachers following you.† â€Å"That's why I'm so keen to join this camp,† I exclaimed ardently. â€Å"This is the time when I can really use the skills I learnt in the past two months, surviving in the wild. And if I really have problems, I'm sure my amiable team mates can help me.† My mum studied the poster for a few more moments and finally said, â€Å"Well, if you're so willing to join this survival camp, I will let you.† I kept on telling my parents how happy I was like a parrot at dinner time, but my dad's facial expression stopped me from repeating. He had a small encouraging smile on his face, which looked pretty normal, however when I looked deep into his eyes, I could see that he's worried. â€Å"What's the matter, dad?† â€Å"Umm†¦nothing much. It's just that I had a dog's life the last time I had a survival camp, but I'm sure the one you joined is much better. Hope you have fun,† my dad hesitated strangely. I stared at him for a few seconds, figuring what's that statement about. Slowly and uneasily, I replied, â€Å"Course I will.† The field day was a warm sunny day that you could get plenty of wind, perfect for hiking. When I arrived to the starting point, the team leader approached to me and informed me about my team mates who are both French but speak fluent English. Around five minutes later, two teenagers were heading to this direction. They both wore the scout suits but I was more interested on their badges. From what I could see, they had at least three rock climbing prizes, which show that they are brilliant at climbing. The team leader went to them and said, â€Å"I assume you are Dominic (pointing at the taller one) and this is John (point at the fatter one),† they both nodded, â€Å"and this is your team mate Kelvin.† I put out a hand for shaking, but they just stared at me like a foreigner. The leader ignored their reaction, and continued on his speech, â€Å"Before you guys set off, I want to ask you a question, have you got your map with you? (We all nodded), good, do you know where you're going? (We all nodded), good, then I will leave and you may start now. Good luck.† During the next hour, I tried lots of ways to make friends with them but they just didn't respond and what annoyed me the most is their language. I remembered very clearly that they both spoke fluent English, but what I heard is French, pure French. They chatted to each other and laughed very often while I walked on my own. I tried to calm my anger by enjoying the view, but everytime I felt better, they laughed loudly and exclaimed a phrase in French. I just couldn't stand it anymore. I stomped to their side and asked, â€Å"Don't you guys speak English? I'm also your team mate and I don't understand one damn word you're saying. Can you please switch your channel to English and show me some team spirit?† Dominic and John gazed at me for a few seconds like I was a stranger who just interrupted their great conversation, then they went back to their talk. After another fifteen minutes, they started scowling at me, spoke a few sentences to each other, and started smirking. The smirk made me saw the handwriting on the wall but the only thing I could do was to be more careful. I kept observing them to find out what they're playing at but there's nothing wrong for an hour, so I stopped the observation and went back to luxuriate the view. All of a sudden, I heard a loud shivery scream from Dom then I descried a furry gigantic animal being thrown at me out of the blue. An animal I fear the most, spider. I quickly dodged away and screamed as loud as I could. Then, under my shriek, I could hear two people laughing; Dom and John were guffawing their head off. John said breathlessly, â€Å"Do you see how scared he is? That's the loudest scream I ever heard.† Dom nodded, went to the spider and picked it up. Was it my illusion or what? Did I just heard a language that I understand? And how came the spider didn't struggle when Dom picked it up? I thought of a second then everything just came together at once. It's true that they spoke English and I had just been tricked. The spider is fake! I looked at them disgustedly, rushing past them as quickly as I can. Their unbearable action just made me detest them more and didn't even want to look at them. For the rest of the day, I walked in front of them without saying a word or trying to revenge. I decided not to disturb them and desired they would not irritate me, but this never happened. They kept on insulting me on everything I do. I tried to sing quietly to relax, and they cried stop and emphasised what a bad voice I had. I wished to rest for a moment, and â€Å"suck† was the reply. I walked wearily until evening when they wanted to stop and started setting up the tent. The tent was quite big and needed at least three people to set it up, so even though Dom and John wanted me to do all the work, they helped. They got in first and blocked the entrance with their back-pack. â€Å"No filthy Chinks allow in this clean tent,† John yelled. I stood there, looking blankly at the tent, and then a wave of anger filled me like a tsunami. I kicked the tent fiercely and tried to turn it over, but this action didn't last long, John whirled out and grabbed me by my collar. â€Å"You're not welcome in this tent, you Chink,† John shouted and threw me to the ground. I stared up at him, terrified as he thumped back into the tent. I got up slowly, examined the environment, trying to find a place without too many rocks. After lots of effort, I found a place with little amount of rocks near to the tent, I put my mat on it and lied down. Though there's a mat, I could still feel the hardness of the floor, and the tiny sharp stones stinging my back. Small ants crawled on my right leg and bite, but I was too exhausted to scratch them. I looked at the dark blue sky, thinking about the horrible day I had just experienced, then my dad's word faded into my mind, â€Å"†¦I have a dog's life the last time I join a survival camp†¦Ã¢â‚¬  Although today was not as bad as a dog's life, it's not better. â€Å"I should listen to dad, he's always right. I wonder what he is doing now; maybe he's watching TV with mum†¦Ã¢â‚¬  I thought of the cosy bed in my room that doesn't has any insects in it. I thought of my friends who respect me and never leave me alone. When I thought of my buddies, I could feel tears cascaded down my face. My friends and team mates were like angels and devils; two kind of extreme creatures. I kept on thinking of the good I had with my companions; how we laughed at each others' jokes and helped each other out, and slowly I dozed off with a smile on my face. Next morning, I walked in front of them as usual, staying quiet. Not for long, we arrived to a slope narrow rock wall. The wall is similar to every wall you can see in the wild but this one have a rope hanging from the top. â€Å"This must be the string to tie up my safety lock,† I thought as I open my back-pack and found the lock. Dom looked down his nose at me and teased, â€Å"You suck at everything. Why do we need a safety lock for a short wall?† I ignored him, and continued to find the lock. Dom and John jumped on the wall and started climbing. Five seconds later, I heard a shriek of help above me. I quickly looked up and the sight stunned me. About five metres up the mountain, John was trying to make a big leap. Unluckily, he missed for only a few inches, so he tried to clutch on something, but fail. Everything seemed to happen so quickly, he fell on the ground, hand first, then blood started dripping from his hand and knee. Dom slowly got to the floor and looked at his injury but did nothing about it. â€Å"Don't you know how to do first aid?† I questioned. They looked at each other shamefully and shook their head. I really wanted to laugh at them but I knew I should not. They didn't show me respect but that didn't mean I needed to do the same thing to them. I took out my bandage from my first aid box and wrapped it around John's injury arm. I also took out a bottle of ethanol and washed the wound with it. After first aiding, my team mates both looked at me thankfully, â€Å"Thank you†¦um†¦a†¦sorry about what happened yesterday. W†¦we don't mean it.† I put out a hand and say, â€Å"so can we be friends now?† They nodded and shook my hand. From then on, I didn't hear a single insulting word or French from them, and the rest of the journey continued to be remarkable, in a good way.

Critical thinking paper(All forms of government welfare should be Essay

Critical thinking paper(All forms of government welfare should be abolished.) - Essay Example It is a common phenomenon in America that any kind of government welfare is under abuse. Evidently, a report on the Washington post dated 26th may 2011 asserts that 67% of the people under a welfare program are not genuine. The current fortifications do not seem to curb this ill practice at all. It is a worry that women are proceeding to bear babies outside of wedlock so as to increase the quantity of revenue they obtain from the government checks. A total of $7000 annually is too much to part with especially if the income is not directed to the well-being of the baby. Furthermore, it is an avoidable situation since the likelihood of a woman having the baby clearly knowing that no welfare check will be given to her is very low. The effect of people receiving welfare checks further disorients them in searching a job. There is an internal persuasion not to do anything more provided one is able to acquire a steady income through manipulation of government welfare programs. While most of the welfare programs aim at helping for a short time especially during difficult times, they are increasingly becoming a shoulder to lean on for the many. It is clearly not helping at all in economic development since majority of the people; particularly those without a job are reluctant to find one. (Ginsberg, 1994) Out of forty people under a welfare program that provides benefits for the unemployed, 32 are unenthusiastic to find a job provided a steady flow of money continues to flow. Welfare programs for the unemployed majorly serve to reduce motivation to look for a job while also putting a burden to the people who toil hard. Tyler (1955) asserts that a program that fails to motivate people to look for alternatives such a s employment cannot stop people from relying on it. Any argument suggesting that neediness is the root cause of institution of some of this

Flu Vaccination- Benefits and Contra-indications Research Paper

Flu Vaccination- Benefits and Contra-indications - Research Paper Example Active immunity allows the immune system to recognize infected bacteria or viruses as soon as the body comes in contact with them and triggers the production of anti-bodies to tackle them. Vaccination against diseases resists the spread of harmful illnesses in a society, contributing towards a healthy environment. Influenza, more commonly known as Flu, is a respiratory illness that is contagious and is characterized by symptoms like fever, body ache, coughing, sneezing and cold. It can become an epidemic because of its viral nature and once initiated, it is imperative to contain the spread of this disease through proper medication and vaccination. Flu vaccination is generally an annual vaccination program that encourages individuals to ensure protection from the attack of influenza through the year. Since influenza is of several types, it ensures protection against the most major kinds of this disease. It generally offers protection from two strains of type influenza A (H1N1 and H3N2) and one strain of type influenza B. This vaccine can be administered through vaccine injections called flu shots, or through inhalation. Flu vaccination is not mandatory but encouraged in many countries by their respective health ministries. It is more commonly given to young children, pregnant women, elderly, or individuals with health conditions that make them susceptive to such diseases.

To what extent are labour and capital really mobile within the EU Essay

To what extent are labour and capital really mobile within the EU - Essay Example hick (2005, 4) European Union would be rather considered as a ‘treaty-based, institutional framework that defines and manages political and economic cooperation among its 25 member states (Austria, Belgium, Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom)’. On the other hand, it has been found that all member states tend to be influenced by specific social and financial phenomena like the following ones: ‘market globalization, the European single market, and European supranational institutions’ (Verdier, 2001, 227). The reference to the above phenomena is made by Verdier (2001) because these phenomena are mostly related with the following sectors of European Union: ‘labour market, capital market, electoral competition, and centre-local government relations’ (Ve rdier, 2001, 227). In accordance with the above the freedoms provided to the citizens of the member states can be limited under the influence of specific factors that can be related not only with the public sector but also with the private one (as it is represented by the multinational firms that participate in the development of globalization internationally). With a reference especially to the movement of persons and capital across the EU, it is stated by Malone (1999, 54) that ‘right from the outset, two of the fundamental objectives of the European Union (as it is called today) have been to facilitate the free movement of labour and the free movement of capital across member states’. On the other hand, the study of Donaghey et al. (2006) refers especially to the movement of persons (especially of workers) within the European Union. More specifically, it is noticed by the above researchers that ‘citizens of the EU have the right to work in another Member State and the right to reside there for that

Bipolar Affective Disorder Essay Example | Topics and Well Written Essays - 3000 words

Bipolar Affective Disorder - Essay Example The condition could be observed in teen age, adolescence or early adulthood. In many cases the symptom onsets before the age of 25 years (Kessler et al, 2005), but it remains undiagnosed till the problem takes the form of disorder. Management of the condition is crucial and is a long-term process where co-operation of the associated individuals play a significant role. Symptoms of Bipolar Disorder Individuals suffering from bipolar disorder display severe emotional condition which is termed as "mood episodes", encompassing either too thrilled or overjoyed which is called the maniac episode; or the individuals remain in the phase of discouraging thoughts or gloom this phase is termed as the depressive episode. Individuals also witness a mixed stage where phase of mania as well as depression co-exist. Individuals with bipolar disorder may become bad-tempered or dangerous during their mood episode. These symptoms directly influence daily activities such as the energy levels, behaviour o f the person, trouble in proper sleep, restlessness. With time the condition becomes severe and the person have longer duration of unbalanced frame of mind as compared to the distinct phases of depression or mania (Web. Bipolar Disorder). Individuals displaying terrible phases of mood swing and almost every day or remain in such altered mindset for two to three weeks is likely to suffer with bipolar disorder. The symptoms can be categorized as- A. Manic episode or mania encompasses- a. mood swing- this is the extreme phase where the individual is either over joyful, in very high spirit or display very extrovert nature. On the other hand, this phase also displays other aspect where the individual remain ill-tempered, disconcerted, jumpy feeling may also be seen (Web. Bipolar Disorder). b. behaviour alterations- the individual gets diverted without difficulty, can jump from one thought to another or many thoughts could be presented simultaneously. The individual starts taking at a fas ter pace, restlessness is also displayed during this phase and the individual may not sleep appropriately. During this phase some sort of hyperactivity is also observed where the individual may show over enthusiasm in taking new assignments and jobs due to impractical conviction in one's skills. This phase also display unusual behaviour such as participating in high-risk task, may show extravagance temperament, getting diverted towards pleasurable things and perform impetuous investments (Web. Bipolar Disorder). B. Depressive episode of depression encompasses a. mood swing- during this phase the individual has the feeling of being empty and remains depressed. The individual do not show any interest in activities which were once providing pleasure (Web. Bipolar Disorder). b. behaviour alterations- the normal pace of work becomes slow, the individual is not able to concentrate on things and a habit of forgetfulness could be observed. Individuals during this phase may face difficulty i n remembering and recollecting from the memory and therefore finds intricacy in taking any decision rather they remain restless and irritable. Changes could also be observed in eating as well as sleeping habits. Suicidal thoughts often ponder in mind and in severe condition a person may attempt to commit suicide (Web. Bipolar Disorder). Bipolar disorder constitute two phases or poles, BPI, or classic manic-depression. BPII is considered to be placid disorder with alternating phases

M&ms color distribution Essay Example | Topics and Well Written Essays - 500 words - 1

M&ms color distribution - Essay Example Madison assumed all different colors are combined together and made at different time along the way into different size packages. According to the M&M’s website, each package of chocolate milk should contain, 24%, 14%, 16%, 20%, 13%, and 14% of blue, brown, green, orange, red, and yellow respectively. This is what is stated in the consumer office. After doing a practical survey, Madison found out that the percentages indicated in the packages were not even close to the distribution stated. Madison concluded that they produce the indicated percentages of each color and then just fill up the packs off weight based method. This infers that any particular package may be much away off the indicated percentage. Due to this, Madison conducted his study and indicated his results. He did this by random sampling of packs. Madison acquired M&M’s sold in cardboard box containing 48 packages. He then counted every color and then compared the total of all the colors in every package to the sum of the pack as an error checking form. He then did analysis as follows: according to Madison, he expected 24%, 13%, 16%, 29%, 13%, and 14% of blue, brown, green, orange, red, and yellow respectively. However, he observed 18.36%, 14.16%, 18.44%, 20.76%, 14.20%, and 14.08% of blue, brown, green, orange, red, and yellow respectively. The row indicating the quantity expected is based on the total M&M’s observed numbers using expected percent values from M&M’s website. As seen in the results, blue which is the most observed color in the M&M was actually third in popularity watch. It was about 25 percent less than the amount expected. However, orange, brown, yellow, and red were within 2% points on what was expected as their values. Yellow was however closest. At the end of the analysis, it appears t hat pack 22 is much closer to the published

Seizure meds(Advanced pharmacology) Assignment Example | Topics and Well Written Essays - 250 words

Seizure meds(Advanced pharmacology) - Assignment Example Carbamazepine is absorbed into the small intestines after oral administration rapidly and reliably. Both agents have dose-limited absorption. Referring to the pharmacodynamics, Gabapentin has analgesic properties that are considered therapeutic. Carbamazepine decreases the conductivity of Na+ also inhibits the ectopic discharges and thus alleviates pain. In terms of metabolism, in humans the two drugs undergo metabolism corresponding to N-Methyl metabol though minimally. The drugs do not have interactions with other drugs as they undergo minimal metabolism (Bennet & Simpsons, 2004). Comparison studies for efficacy have been carried out and research conducted shows that Gabapentin is more suited for use as it has clearly shown analgesic effects. This is based on studies conducted and its effects exhibited. The two drugs are used to manage neuropathic pain as the effects of neuropathic pain on the nervous system present same similarities with the pathophysiological phenomena that are observed in convulsing diseases such as epilepsy and therefore anticonvulsant medication is administered in the management of neuropathic pain (Bennet & Simpsons,

Social Darwinism Essay Example | Topics and Well Written Essays - 1750 words

Social Darwinism - Essay Example â€Å"Social Darwinism† is a term used to refer to the application of ideas and concepts applied to the social world which are allegedly derived from Charles Darwin’s theory of evolution (Leonard, 2009). There is much controversy surrounding Social Darwinism, its historical significance, its usage and applicability and most importantly its association with some of the known social scientist in history such as Darwin and Spencer. The debate around the definition of the term has in most cases revolved around whether or not Social Darwinism came out of the works of Darwin and other theorists that wrote about the role of biology to explain the social hierarchies present during that era, as Europe, America and other continents witnessed the aftermath of industrialization. There are basically two types of approaches to the definition of the term that have been put forward to explain the different approaches theorists have taken in order to explain the term (Crook, 1996). The â€Å"generalist† approach basically refers to Social Darwinism as the analysis of social inequality by the help of evolutionary and developmental ideas using Darwinian terminologies such as â€Å"survival of the fittest† but not explicitly relying on the original works of Darwin (Weiler). The second type known as the â€Å"restrictionist† approach in contrast, argues that a mere use of phrases that represent the work of a theorist such as â€Å"survival of fittest† does not define the theorist as a Social Darwinist (Weiler). According to the broad definition, the theory came to denote racism, imperialism and capitalism during what came to be known as the Gilded Age where, whilst the poor suffered the consequences of Industrialization in the American society, those that owned the factories and benefited from the wealth they were acquiring, although fewer in number, used Social Darwinism to justify why such notions as â€Å"survival of the fittest† put forward by Darwin and Spencer made it logical for only those that were biologically gifted or a so called â€Å"superior race† to be market leaders and worthy of acquiring the most wealth and superior positions in politics (Hodgson 2004). There is also debate on when the term was first used and while the works of theorists like Hofstadter gave a strict definition of who the Social Darwinist are, others such as Hodgson have argued that these theorists present as facts what are basically just labels (Hodgson 2004). The history of the term is a controversial issue. While some say that the term was first used in the late 1800s and was associated with known social theorists like Spencer and Sumner (Wieler), for example Spencer’s Synthetic Philosophy is one of the first pieces of literature where the term can be traced (Hodgson 2004), others argue that Spencer never used the term Social Darwinism and that he is deemed one of the founders of the theory only based on assoc iations made between the theory and Spencer’s work (Hodgson, 2004). This paper will aim to present a critique of the theory â€Å"Social Darwinism† as presented in the book â€Å"Social Darwinism in American Thought† by Hofstadter that proved to be a very influential piece on the theory. In order to do so I will look at the work of revisionists such as Hodgson and Leonard who

The movie the eternal jew Essay Example | Topics and Well Written Essays - 1250 words

The movie the eternal jew - Essay Example The Jews of Poland are said to be aliens, living in a foreign land, yet having managed to control the people in the social, political and economic dimensions (Haggith 2005). These Jews people have effective managed to create the industries of commerce and the lager banking sector in Poland, yet they are still living like animals. They do not show any proper plan of managing their lives in a manner that is pleasing, something that makes the natives wonder their way of life and actual mission in their foreign land. In as much as these people can sometimes be unquestionably vicious, many can acknowledge that by far, in reference to the standards of the contemporary world, it is actually transparent and crude in all angles. The director of the movie effectively illustrates the ratlike behavior and actions of the Jews of Poland, while at the same time, he openly shows that footage of actual rats squirming and moving from sewers and dirt to the front of the camera. This is done intentionally in order to make a comparison of the actions of these Jews, and link it directly to the lives of the rats, which is not any different from these people. In the movie, many things are happening that makes the natives to wonder the motives that the Jews of Poland seem to be operating under. One of the scenes that is most shocking involves the slaughtering of a cow, which is illustrated in a very bloody and horrific detail. This is done by one of the Rabbis, who is seen grinning (Schwartz 2012). This event if subsequently succeeded by among many things three innocent lands, presumably of German origin nuzzling each other. These scenes are not the only ones that indicate the perverse nature of the Jews people. Many scenes still exist, indicating the actual propagandists apart from the Jews. In essence, the Movie is about a people that cannot be effectively understood as to why they seem to live dilapidated lives yet they

City Road Essay Example for Free

City Road Essay Another would be that pedestrians seem to be favoured more so than motorists. For instance the islands in the middle of the road, they are there to make crossing City Road safer and more convenient to those who travel by foot. The island isn’t just the concrete mound in the middle of the road, it also includes the paint on the ground around it which cars are not allowed to drive over. Again, the bollards that were erected along the pavements are there to favour pedestrians. The reason why they were put there is to stop vehicles parking on the curbs, which was a problem before the bollards were put in place as the cars and lorries would park right over the pavements making it difficult for people to walk past and leaving less space for people with prams or wheelchairs to go round. Some things favour different groups because they appeal to different groups. Take for example the Taste Buds Cafe; one thing that struck me straight away was that the majority of the customers in there were predominantly female and mostly the older generation. They like to go in there because it appeals to them, it appeals to them because; The price is reasonable- a lot of the customers will be drawing a pension so keeping costs down is important to them, They feel safe- because there are regulars who go there and they get familiar with one another and that gives the customers a sense of safety because they know what to expect and Mr Suarez the cafe owner aids in the feeling of safety through being consistent in the way in which he runs his business. Also the menu is all home cooked and this is important to his customers. Because of all these factors, Mr Suarez’s cafe is geared more towards the older generation than the younger ones so in a sense it is favouring, although that isn’t altogether a bad thing. Lastly I would mention the security cameras. They are positioned all over City Road and they are there for a number of reasons, one reason is that a crime is less likely to be committed in an area which has CCTV (which deters people from offending) and also it makes people in the area feel safer knowing that these things are in place to not only aid in the catching of the people who commit the crimes but also that it is part of crime prevention too. CCTV is important on City Road because it does make the residence feel that little bit safer, a lot of them feel that the road is a bit â€Å"rough† and not the sort of place you would like to walk down at night, even though the local policeman denies that there is a problem with crime in the area. People just perceive it to be a crime hotspot, despite having little to no experience of any serious crimes having taken place on the road. Most of the material things on City Road favour one group over another but some inadvertently and some deliberately, the issue with the busses for example is inadvertent. They are not purposely designed to be inconvenient to a certain

Incident Handling on Cloud Computing

Incident Handling on Cloud Computing Introduction Cloud Computing Cloud computing provides people the way to share distributed resources and services that belong to different organizations or sites.As cloud computing allocate the divided possessions by means of the systems in the released surroundings. Thats why it creates the safety issues for us to expand the cloud computing application. Cloud computing is explained by NIST as the representation for allow suitable, on demand arrangements for right to entry to a collective pool of settings the calculative Possessions. All these like networks, servers, storage, application and services is continuously planned and free with less supervisory activities or cloud supplier communication. Cloud computing is taken as a innovative calculating concept up to now. It permitted the use of calculating communication with more than one stage of thoughts. The spot requirement of these services is offered online at fewer prices. Reason is that the insinuation for the high elasticity and accessibility. Cloud computing is the main topic which will be getting the good manner of concentration recently. Cloud computing services gives advantages from financial systems of all range accomplished. With this the flexible utilization of possessions, occupation and others work competency. However, cloud computing is an emerging forming of distributed computing that is still in its infancy. The concept uses of its own all the levels of explanations and analysis. Most of the concepts has been written regarding cloud computing, its explanation. Its main aim is to search the major paradigm of the utilization and given that common classification for Concepts and significant details of the services. A public cloud is the major one which has the communication and other calculative possessions. This consists of making obtainable to the common people online. This is known by all the cloud servicer who is doing the marketing. Its by giving explanation of the outsider industries. On the other hand of the range is the confidential cloud. The confidential cloud is the one in which the calculating surroundings is generated completely for the industry. This can handled by industry or by the third party. This can be hosted under the industries information centre which is within or outside of it. The private cloud provides the industry a good control on the communication and calculative sources as compared to public cloud. There is other operational models which lies between the private and public cloud. These are community cloud and hybrid cloud. The community cloud is mainly related to private cloud. On the other hand the communication and calculative sources will be mutual by various industries that are having a similar confidentiality and regulatory thoughts. Instead they are exclusively checking the one industry. The hybrid cloud is mainly the blend of two or more than two clouds i.e. (private, community, or public) this Become the uncommon bodies which are stringed to each other by harmonized or proprietary technology which allows interoperability. Same as the various operational models which impacts to the industrial range and organized surroundings. Thats why this model gives assistance to the cloud which impacts it. Three well-known and frequently-used service models are the following: Software-as-a-Service. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. been to provide a vehicle for outsourcing parts of that environment to an outside party as a public cloud. Through any outsource of information technology services, relates survived in relation to any connotation for system safety and isolation. The main issue centres on the risks associated with moving important applications or data from within the confines of the Industries calculating centre which is of different other company (i.e. a public cloud). That is easily available to the normal people Decreasing prise and increasing proficiency is the main concerns. These two are the chief inspirations for stepping towards the public cloud. On the other hand deceasing accountability for the safety should not depend on it. Finally the industry is responsible for all safety issues of the outsourced services. Observing and addressing the safety problems which go increase will be at the sight of industry. Some of the major issue like performances and accessibility. Because cloud computing brings with it new security challenges, it is essential for an organization to oversee and Administer in which manner the cloud servicer handles and prevent the computing environment and provides guarantee of safety. Incidents an event is any observable occurrence in a system or network. Events include a user connecting to a file, a server receiving a request for a Web page, a user sending electronic mail, and a firewall blocking a connection attempt. Unfavorable occasion are the one which has unhelpful results. For instance: crashes, network packet floods and unauthorized utilization. of system privileges, unauthorized access to sensitive data, and execution of malicious code that destroys data. A system safety occasion is actually a contravention or forthcoming danger of breach of system safety strategy, suitable utilization policies and modeled safety policies. The terminology for these incidents is helpful to the small business owner for understanding service and product offerings Denial of Service- An attacker directs hundreds of external compromised workstations to send as many ping requests as possible to a business network, swamping the system. Malicious Code- A worm is able to quickly infect several hundred workstations within an organization by taking advantage of a vulnerability that is present in many of the companys unpatched computers. Unauthorized Access- An attacker runs a piece of â€Å"evil† software to gain access to a servers password file. The attacker then obtains unauthorized administrator-level access to a system and the sensitive data it contains, either stealing the data for future use or blackmailing the firm for its return. Inappropriate Usage- An employee provides illegal copies of software to others through peer-to-peer file sharing services, accesses pornographic or hate-based websites or threatens another person through email. Incident Handling: Incident handling can be divided into six phases: preparation, identification, containment, eradication, recovery, and follow-up. Step 1: Preparation: In the heat of the moment, when an incident has been discovered, decision-making may be haphazard. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. Delete the reason of the event. Position the latest clean back up (to prepare for the computer mending) Step 5: Recovery: This phase ensures that the system is returned to a fully operational status. The following steps should be taken in the recovery phase: Restore the system. Authenticate the machine The machine will be re-established then there should be the process of verification of the operations. After this the machine should be reverse to its normal behaviour. Organisation can take decision on leaving the monitor offline when the system is operating and patches installation. Watch the computer. When the monitor is reverse to online, it start the system for backdoors which avoids findings. Step 6: Follow-Up: This stage is significant for recognizing the message delivered and it will reduce the future happenings. Build the explained event report and gives the duplicates to the management. The operating units IT security Officer and the Department of Commerces IT Security Program Manager. Provide the optional alteration to the management. Execute the accepted activities. Post-Incident If the organization has a post-incident lessons learned process, they may want the cloud vendor to be involved in this process. What agreements will the organization need with the cloud provider for the lessons learned process? If the cloud provider has a lessons learned process, does management have concerns regarding information reported or shared relating to the organization? The cloud vendor will not be able to see much of the companys processes, capabilities or maturity. The company may have concerns regarding how much of its internal foibles to share. If there are concerns, get agreement internally first, then negotiate them, if possible, and have them written into the contract. If the vendor will not or cannot meet the customers process requirements, what steps will the organization need to take? An IH team collects and analyzes incident process metrics for trend and process improvement purposes. Like any other organization, the cloud provider will be collecting objective and subjective information regarding IH processes. As NIST points out, the useof this data is for a variety of purposes, including justifying additional funding of the incident response team. Will the organization need this IH process metric data from the provider to enable a complete understanding of the integration area in case the organization ever has a need to bring the cloud function back in-house? Will the organization need this data for reporting and process improvement in general? The use of this data is also for understanding trends related to attacks targeting the organization. Would the lack of this attack trend data leave the organization unacceptably exposed to risk? Determine what IH process metric data is required by the team and write it into the contract. The organization will need to decide if they require provisions with the cloud provider regarding their evidence retention policies. Will the vendor keep the evidence long enough to meet the organizations requirements? If not, will the organization need to bring the cloud vendors evidence in-house? Will the vendor allow the customer to take custody of the evidence? If the vendor retains the evidence longer than the customer policies dictate does this work create risk for the customer? If so, what recourse does the customer have? Legal counsel will need to provide direction in this area in order to ensure compliance with laws for all jurisdictions. Background: Cloud computing has built on industry developments dating from the 1980s by leveraging outsourced infrastructure services, hosted applications and software as a service (Owens, 2010). In the all parts, the techniques used are not original. Yet, in aggregate, it is something very different. The differences provide both benefits and problems for the organization integrating with the cloud. The addition of elasticity and pay-as-you-go to this collection of technologies makes cloud computing compelling to CIOs in companies of all sizes. Cloud integration presents unique challenges to incident handlers as well as to those responsible for preparing and negotiating the contract for cloud services. The challenges are further complicated when there is a prevailing perception that the cloud integration is â€Å"inside the security Edge or the organisation has been stated in written that a agreement needed the supplier to be safe, this must be sufficient. This sort of thinking may be naà ¯ve but, unfortunately, it is not rare. The cloud provider may have a great deal of built in security or they may not. Whether they do or not, incident handling (IH) teams will eventually face incidents related to the integration, necessitating planning for handling incidents in this new environment. The impacts of cloud integration warrant a careful analysis by an organization before implementation. An introduction of a disruptive technology such as cloud computing can make both definition and documentation of services, policies, and procedures unclear in a given environment. The IH team may find that it is helpful to go through the same process that the team initially followed when establishing their IH capability. Security Incident The term security incident used in this guideline refers to any incident related to information security. It refers to information leakage that will be undesirable to the interests of the Government or an adverse event in an information system and/or network that poses a threat to computer or network security in respect of availability, integrity and confidentiality. On the other hand, the worse incidents like natural calamity, power cuts and data line failure. . are not within the scope of this guideline, and should be addressed by the system maintenance and disaster recovery plan. Examples of security incidents include: unauthorized access, unauthorized utilization of services, denial of resources, disruption of services, compromise of protected data / program / network system privileges, leaks of classified data in electronic form, malicious destruction or modification of data / information, penetration and intrusion, misuse of system resources, computer viruses and hoaxes, and malicious codes or scripts affecting networked systems. Security Incident Handling Security incident handlingis a set of continuous processes governing the activities before, during and after a security incident occurs. Security incident handling begins with the planning and preparing for the resources, and developing proper procedures to be followed, such as the escalation and security incident response procedures. When a security incident is detected, security incident response is made by the responsible parties following the predefined procedures The safety events gave the response which is representing the actions accepted out to handle the safety events. These are mainly helpful to re-establish the common operations. Specific incident response teams are usually established to perform the tasks of making security incident response. When the incident is over, follow up actions will be taken to evaluate the incident and to strengthen security protection to prevent recurrence. The planning and preparation tasks will be reviewed and revised accordingly to ensure that there are sufficient resources (including manpower, equipment and technical knowledge) and properly defined procedures to deal with similar incidents in future. Cloud Service The outlook on cloud computing services can vary significantly among organizations, because of inherent differences These events as its main aim, assets held and open to the domestic risks faced and risk bearable. For example, a government organization that mainly handles data about individual citizens of the country has different security objectives than a government organization that does not. Similarly, the security objectives of a government organization that prepares and disseminates information for public consumption are different from one that deals mainly with classified information for its own internal use. From a risk perspective, determining the suitability of cloud services for an organization is not possible without understanding the context in which the organization operates and the consequences from the plausible threats it faces. The set of security objectives of an organization, therefore, is a key factor for decisions about outsourcing information technology services and, In specific, in order to make genuine decisions related to industries sources about the public cloud. The cloud calculating particular servicer and the service arrangements for the organization. There are lot of things which works for one industry but not for other. Not only this some pragmatic thoughtfulness. Many industries will not afford economically to save all calculative sources and possessions at all highest degree possible and must prioritize available options based on cost as well as criticality and sensitivity. When keeping the strong advantages of public cloud computing, it is indispensable to focus of safety. Significantly the safety of industry security goals is of major concern, so that the future decisions can be made accordingly. Finally the conclusion on the cloud computing rely on the risk analysis of the trade included. Service Agreements Specifications for public cloud services and service arrangements are generally called Service Level Agreements (SLAs). The SLA presents the thoughtfulness among the cloud subscriber and cloud provider related to the known range of services. This is to be delivered in the range that the servicer is not able to provide at different range defined. There are typical forms of a part of the different levels of services. The specific is the overall services contract or the services agreement. The terms of service cover other important details such as licensing of services, criteria for acceptable use, Provisional procrastination, boundaries of all responsibility, security policies and alterations in that period of service. The main aim of this report is the period of SLA which is utilize for the services agreement in its entity. There are two types of SLAs exists: i.e. which is non defined and non negotiable contract the other is negotiated agreement. Non-variable contracts is the many ways on the basis for the financial level which is enjoyed by the public cloud computing. The terms which are agreed fully by cloud provider but with some offerings, the service provider has also the capability to do the changes. Negotiated SLAs are more like traditional information technology outsourcing contracts. These SLAs can be employed to deal with corporations apprehension about technical controls, procedures, security procedures and privacy policy such as the vetting of employees,data ownership and exit rights, isolation of tenant applications, data encryption and segregation, tracking and reporting service effectiveness, compliance with laws and regulations (e.g., Federal Information Security Management Act), and the deployment of appropriate products following international or national standards (e.g., Federal Information Processing Standard 140-2 for cryptographic modules). A negotiated SLA for critical data and application might require an agency A negotiated SLA is less cost effective because of the inherent cost of negotiation which can significantly disturb and have a negative impact on the economies of scale, which is main asset a non-negotiable SLA bring to the public cloud computing. Result of a negotiation is based on the size of the corporation and the magnitude of influence it can exert. Irrespective of the type of SLA, it is very necessary to obtain pertinent legal and technical advice to make sure terms of service meets the need of the organization. The Security Upside While the biggest obstacle facing public cloud computing is security, the cloud computing paradigm provides opportunities for thinking out of the box solutions to improve overall security of the corporation. Small corporations are going to have the biggest advantage from the cloud computing services as small companies have limited staff and infrastructure support to compete with bigger organization on fronts of technology and economies of scale. Potential areas of improvement where organizations may derive security benefits from transitioning to a public cloud computing environment include the following: Staff Specialization. Just like corporations with large-scale computing facilities, cloud providers provides an break to staff toto specialize in security, privacy, and other areas of high interest and concern to the organization. Increases in the scale of computing induce specialization, which in turn allows security staff to shed other duties and concentrate exclusively on security issues. Through increased specialization, there is an opportunity for staff members gain in-depth experience, take remedial actions, and make security improvements more readily than otherwise would be possible with a diverse set of duties. Platform Strength. The structure of cloud computing platforms is typically more uniform than that of most traditional computing centers. Greater uniformity and homogeneity facilitate platform hardening and enable better automation of security management activities like configuration control, vulnerability testing, security audits, and security patching of platform components. Information assurance and security response activities also profit from a uniform, homogeneous cloud infrastructure, as do system management activities, such as fault management, load balancing, and system maintenance. Many cloud providers meet standards for operational compliance and certification in areas like healthcare (e.g., Health Insurance Portability and Accountability Act (HIPAA)), finance (e.g., Payment Card Industry Data Security Standard (PCI DSS)) and audit (e.g., Statement on Auditing Standards No. 70 Resource Availability. The scalability of the cloud computing facilities permits the greatest consideration. Unemployment and calamity healing capability is building into the cloud computing surroundings. The different sources ability would be utilizing for better flexibility while facing higher demands or divided rejection of servicer and for faster improvement from Severe events When any event happens, the occasion survived again to collect the data. The large data is easily available with good explanation and less effect on construction. On the other hand the pliability might be having different results. For Instance: a non successful person divided the rejection of service attackers which can consume fast. Support and Improvement. The encouragement and revival strategy and processes of a cloud services might be better than that of the industry. In case the different duplicates are maintained in the assorted natural features can be healthier. Information stored within the cloud would be easily available which is easy to store and highly reliable. In different situation it proved to be maintained in a traditional information centre. In such situation, cloud services could means for offsite encouragement data collection. Mainly the network performance on the net and the usage of the data involved are preventing the issue which impacted the re-establishment. The structure of a cloud solution spreads to the consumer at the service endpoints. This utilizes to access the hosted submission. Cloud consumer is based on browser and on application. However the main calculative sources need to be held by the cloud provider. Consumer is normally low weight calculation and easily handled. The laptops, notebook and net books are well embedded devices like smart mobile phones, tablets and personal digital help. Information Awareness. Information prepared and developed in the cloud would be able to show low risk to the industry. There are lot of risk involved in the industry, different information are transferring on various systems. Portable systems or transferrable media is out in the field, where the loss of devices and theft occurs frequently. Many industries have made the evolution to handle the availability to the industry. So many industries have already made the evolution to hold the availability to the organizational information. In addition to calculating the stage or alternative for domestic submission and public cloud services like target on providing security and safety to other calculating surroundings. Information Midpoint Familiarize. Cloud services would be able to utilize the safety information centres. For instance: e-mail can be t Incident Handling on Cloud Computing Incident Handling on Cloud Computing Introduction Cloud Computing Cloud computing provides people the way to share distributed resources and services that belong to different organizations or sites.As cloud computing allocate the divided possessions by means of the systems in the released surroundings. Thats why it creates the safety issues for us to expand the cloud computing application. Cloud computing is explained by NIST as the representation for allow suitable, on demand arrangements for right to entry to a collective pool of settings the calculative Possessions. All these like networks, servers, storage, application and services is continuously planned and free with less supervisory activities or cloud supplier communication. Cloud computing is taken as a innovative calculating concept up to now. It permitted the use of calculating communication with more than one stage of thoughts. The spot requirement of these services is offered online at fewer prices. Reason is that the insinuation for the high elasticity and accessibility. Cloud computing is the main topic which will be getting the good manner of concentration recently. Cloud computing services gives advantages from financial systems of all range accomplished. With this the flexible utilization of possessions, occupation and others work competency. However, cloud computing is an emerging forming of distributed computing that is still in its infancy. The concept uses of its own all the levels of explanations and analysis. Most of the concepts has been written regarding cloud computing, its explanation. Its main aim is to search the major paradigm of the utilization and given that common classification for Concepts and significant details of the services. A public cloud is the major one which has the communication and other calculative possessions. This consists of making obtainable to the common people online. This is known by all the cloud servicer who is doing the marketing. Its by giving explanation of the outsider industries. On the other hand of the range is the confidential cloud. The confidential cloud is the one in which the calculating surroundings is generated completely for the industry. This can handled by industry or by the third party. This can be hosted under the industries information centre which is within or outside of it. The private cloud provides the industry a good control on the communication and calculative sources as compared to public cloud. There is other operational models which lies between the private and public cloud. These are community cloud and hybrid cloud. The community cloud is mainly related to private cloud. On the other hand the communication and calculative sources will be mutual by various industries that are having a similar confidentiality and regulatory thoughts. Instead they are exclusively checking the one industry. The hybrid cloud is mainly the blend of two or more than two clouds i.e. (private, community, or public) this Become the uncommon bodies which are stringed to each other by harmonized or proprietary technology which allows interoperability. Same as the various operational models which impacts to the industrial range and organized surroundings. Thats why this model gives assistance to the cloud which impacts it. Three well-known and frequently-used service models are the following: Software-as-a-Service. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. been to provide a vehicle for outsourcing parts of that environment to an outside party as a public cloud. Through any outsource of information technology services, relates survived in relation to any connotation for system safety and isolation. The main issue centres on the risks associated with moving important applications or data from within the confines of the Industries calculating centre which is of different other company (i.e. a public cloud). That is easily available to the normal people Decreasing prise and increasing proficiency is the main concerns. These two are the chief inspirations for stepping towards the public cloud. On the other hand deceasing accountability for the safety should not depend on it. Finally the industry is responsible for all safety issues of the outsourced services. Observing and addressing the safety problems which go increase will be at the sight of industry. Some of the major issue like performances and accessibility. Because cloud computing brings with it new security challenges, it is essential for an organization to oversee and Administer in which manner the cloud servicer handles and prevent the computing environment and provides guarantee of safety. Incidents an event is any observable occurrence in a system or network. Events include a user connecting to a file, a server receiving a request for a Web page, a user sending electronic mail, and a firewall blocking a connection attempt. Unfavorable occasion are the one which has unhelpful results. For instance: crashes, network packet floods and unauthorized utilization. of system privileges, unauthorized access to sensitive data, and execution of malicious code that destroys data. A system safety occasion is actually a contravention or forthcoming danger of breach of system safety strategy, suitable utilization policies and modeled safety policies. The terminology for these incidents is helpful to the small business owner for understanding service and product offerings Denial of Service- An attacker directs hundreds of external compromised workstations to send as many ping requests as possible to a business network, swamping the system. Malicious Code- A worm is able to quickly infect several hundred workstations within an organization by taking advantage of a vulnerability that is present in many of the companys unpatched computers. Unauthorized Access- An attacker runs a piece of â€Å"evil† software to gain access to a servers password file. The attacker then obtains unauthorized administrator-level access to a system and the sensitive data it contains, either stealing the data for future use or blackmailing the firm for its return. Inappropriate Usage- An employee provides illegal copies of software to others through peer-to-peer file sharing services, accesses pornographic or hate-based websites or threatens another person through email. Incident Handling: Incident handling can be divided into six phases: preparation, identification, containment, eradication, recovery, and follow-up. Step 1: Preparation: In the heat of the moment, when an incident has been discovered, decision-making may be haphazard. Software-as-a-Service (SaaS) is an on demand software services in which user gets access to the required software thorough some intermediate client like browser using internet. Software platform and relevant files are stored centrally. It drastically reduces the total cost of software for the user as it does not require user to incur any infrastructure cost which include hardware installation cost, maintenance cost and operating cost. Subscribers of these services are only given limited control related to the desired software including any preference selection and administrative setting. They do not have any control over the underlying cloud infrastructure. Platform-as-a-Service. Platform-as-a-Service (PaaS) is an on demand platform delivery model. In this user is provided with the complete software platform which is used by the subscriber to develop and deploy software. It also result in considerable saving for the subscriber as he does not have to incur costs related to buying and managing of complicated hardware and software components required to support the software development platform. The special purpose development environment is tailored to the specific needs of the subscriber by the cloud service provider. Good enough controls are given to the subscriber to aid in smooth development of software. Infrastructure-as-a-Service. Infrastructure-as-a-Service (IaaS) is an on demand infrastructure delivery services. In this host of computing servers, softwares, and network equipments are provided. This infrastructure is used to establish platform to develop and execute software. Subscriber can cut down his cost to bare minimum by avoiding any purchase of hardware and software components. Subscribers is given quite a lot of flexibility to choose various infrastructural components as per the requirements. Cloud subscriber controls the maximum security features. Figure illustrates the differences in scope and control between the cloud subscriber and cloud provider. Given central diagram shows the five conceptual layers of a cloud environment which apply to public clouds and other deployments models The arrows at the left and right of the diagram denote the approximate range of the cloud providers and users scope and control over the cloud environment for each service model. Cloud subscribers extent of control over the system is determined by the level of support provided by the cloud provider. Higher the support by cloud provider lower is the scope and control of the subscriber. Physical elements of cloud environment are shown by two lower layers of the diagram. These physical elements are completely controlled by cloud provider irrespective of the service model. The facility layer which is the lowest layer comprises of Heating, ventilation, air conditioning (HVAC), power, communications, and other aspects of the physical plant whereas hardware layers comprises of network , storage and other physical computing infrastructure elements The logical elements of a cloud environment is denoted by other layers The virtualized infrastructure layer lead to software components, such as hypervisors, virtual machines, virtual data storage, and supporting middleware elements required to setup a capable infrastructure to establish efficient computing platform While virtual machine technology is commonly used at this layer, other means of providing the necessary software abstractions are not precluded. Similarly, the platform architecture layer entails compilers, libraries, utilities, and other software tools and development environments needed to implement applications. The application layer represents deployed software applications targeted towards end-user software clients or other programs, and made available via the cloud. Iaas ans Paas as services are very close and difference between them is quite vague. Basically these are distinguished by the kind of support environment, level of support and control allocation between cloud subscriber and cloud provider. Main thrust of cloud computing is not only limited to single organization but also extends as a vehicle for outsourcing various components as public cloud. Delete the reason of the event. Position the latest clean back up (to prepare for the computer mending) Step 5: Recovery: This phase ensures that the system is returned to a fully operational status. The following steps should be taken in the recovery phase: Restore the system. Authenticate the machine The machine will be re-established then there should be the process of verification of the operations. After this the machine should be reverse to its normal behaviour. Organisation can take decision on leaving the monitor offline when the system is operating and patches installation. Watch the computer. When the monitor is reverse to online, it start the system for backdoors which avoids findings. Step 6: Follow-Up: This stage is significant for recognizing the message delivered and it will reduce the future happenings. Build the explained event report and gives the duplicates to the management. The operating units IT security Officer and the Department of Commerces IT Security Program Manager. Provide the optional alteration to the management. Execute the accepted activities. Post-Incident If the organization has a post-incident lessons learned process, they may want the cloud vendor to be involved in this process. What agreements will the organization need with the cloud provider for the lessons learned process? If the cloud provider has a lessons learned process, does management have concerns regarding information reported or shared relating to the organization? The cloud vendor will not be able to see much of the companys processes, capabilities or maturity. The company may have concerns regarding how much of its internal foibles to share. If there are concerns, get agreement internally first, then negotiate them, if possible, and have them written into the contract. If the vendor will not or cannot meet the customers process requirements, what steps will the organization need to take? An IH team collects and analyzes incident process metrics for trend and process improvement purposes. Like any other organization, the cloud provider will be collecting objective and subjective information regarding IH processes. As NIST points out, the useof this data is for a variety of purposes, including justifying additional funding of the incident response team. Will the organization need this IH process metric data from the provider to enable a complete understanding of the integration area in case the organization ever has a need to bring the cloud function back in-house? Will the organization need this data for reporting and process improvement in general? The use of this data is also for understanding trends related to attacks targeting the organization. Would the lack of this attack trend data leave the organization unacceptably exposed to risk? Determine what IH process metric data is required by the team and write it into the contract. The organization will need to decide if they require provisions with the cloud provider regarding their evidence retention policies. Will the vendor keep the evidence long enough to meet the organizations requirements? If not, will the organization need to bring the cloud vendors evidence in-house? Will the vendor allow the customer to take custody of the evidence? If the vendor retains the evidence longer than the customer policies dictate does this work create risk for the customer? If so, what recourse does the customer have? Legal counsel will need to provide direction in this area in order to ensure compliance with laws for all jurisdictions. Background: Cloud computing has built on industry developments dating from the 1980s by leveraging outsourced infrastructure services, hosted applications and software as a service (Owens, 2010). In the all parts, the techniques used are not original. Yet, in aggregate, it is something very different. The differences provide both benefits and problems for the organization integrating with the cloud. The addition of elasticity and pay-as-you-go to this collection of technologies makes cloud computing compelling to CIOs in companies of all sizes. Cloud integration presents unique challenges to incident handlers as well as to those responsible for preparing and negotiating the contract for cloud services. The challenges are further complicated when there is a prevailing perception that the cloud integration is â€Å"inside the security Edge or the organisation has been stated in written that a agreement needed the supplier to be safe, this must be sufficient. This sort of thinking may be naà ¯ve but, unfortunately, it is not rare. The cloud provider may have a great deal of built in security or they may not. Whether they do or not, incident handling (IH) teams will eventually face incidents related to the integration, necessitating planning for handling incidents in this new environment. The impacts of cloud integration warrant a careful analysis by an organization before implementation. An introduction of a disruptive technology such as cloud computing can make both definition and documentation of services, policies, and procedures unclear in a given environment. The IH team may find that it is helpful to go through the same process that the team initially followed when establishing their IH capability. Security Incident The term security incident used in this guideline refers to any incident related to information security. It refers to information leakage that will be undesirable to the interests of the Government or an adverse event in an information system and/or network that poses a threat to computer or network security in respect of availability, integrity and confidentiality. On the other hand, the worse incidents like natural calamity, power cuts and data line failure. . are not within the scope of this guideline, and should be addressed by the system maintenance and disaster recovery plan. Examples of security incidents include: unauthorized access, unauthorized utilization of services, denial of resources, disruption of services, compromise of protected data / program / network system privileges, leaks of classified data in electronic form, malicious destruction or modification of data / information, penetration and intrusion, misuse of system resources, computer viruses and hoaxes, and malicious codes or scripts affecting networked systems. Security Incident Handling Security incident handlingis a set of continuous processes governing the activities before, during and after a security incident occurs. Security incident handling begins with the planning and preparing for the resources, and developing proper procedures to be followed, such as the escalation and security incident response procedures. When a security incident is detected, security incident response is made by the responsible parties following the predefined procedures The safety events gave the response which is representing the actions accepted out to handle the safety events. These are mainly helpful to re-establish the common operations. Specific incident response teams are usually established to perform the tasks of making security incident response. When the incident is over, follow up actions will be taken to evaluate the incident and to strengthen security protection to prevent recurrence. The planning and preparation tasks will be reviewed and revised accordingly to ensure that there are sufficient resources (including manpower, equipment and technical knowledge) and properly defined procedures to deal with similar incidents in future. Cloud Service The outlook on cloud computing services can vary significantly among organizations, because of inherent differences These events as its main aim, assets held and open to the domestic risks faced and risk bearable. For example, a government organization that mainly handles data about individual citizens of the country has different security objectives than a government organization that does not. Similarly, the security objectives of a government organization that prepares and disseminates information for public consumption are different from one that deals mainly with classified information for its own internal use. From a risk perspective, determining the suitability of cloud services for an organization is not possible without understanding the context in which the organization operates and the consequences from the plausible threats it faces. The set of security objectives of an organization, therefore, is a key factor for decisions about outsourcing information technology services and, In specific, in order to make genuine decisions related to industries sources about the public cloud. The cloud calculating particular servicer and the service arrangements for the organization. There are lot of things which works for one industry but not for other. Not only this some pragmatic thoughtfulness. Many industries will not afford economically to save all calculative sources and possessions at all highest degree possible and must prioritize available options based on cost as well as criticality and sensitivity. When keeping the strong advantages of public cloud computing, it is indispensable to focus of safety. Significantly the safety of industry security goals is of major concern, so that the future decisions can be made accordingly. Finally the conclusion on the cloud computing rely on the risk analysis of the trade included. Service Agreements Specifications for public cloud services and service arrangements are generally called Service Level Agreements (SLAs). The SLA presents the thoughtfulness among the cloud subscriber and cloud provider related to the known range of services. This is to be delivered in the range that the servicer is not able to provide at different range defined. There are typical forms of a part of the different levels of services. The specific is the overall services contract or the services agreement. The terms of service cover other important details such as licensing of services, criteria for acceptable use, Provisional procrastination, boundaries of all responsibility, security policies and alterations in that period of service. The main aim of this report is the period of SLA which is utilize for the services agreement in its entity. There are two types of SLAs exists: i.e. which is non defined and non negotiable contract the other is negotiated agreement. Non-variable contracts is the many ways on the basis for the financial level which is enjoyed by the public cloud computing. The terms which are agreed fully by cloud provider but with some offerings, the service provider has also the capability to do the changes. Negotiated SLAs are more like traditional information technology outsourcing contracts. These SLAs can be employed to deal with corporations apprehension about technical controls, procedures, security procedures and privacy policy such as the vetting of employees,data ownership and exit rights, isolation of tenant applications, data encryption and segregation, tracking and reporting service effectiveness, compliance with laws and regulations (e.g., Federal Information Security Management Act), and the deployment of appropriate products following international or national standards (e.g., Federal Information Processing Standard 140-2 for cryptographic modules). A negotiated SLA for critical data and application might require an agency A negotiated SLA is less cost effective because of the inherent cost of negotiation which can significantly disturb and have a negative impact on the economies of scale, which is main asset a non-negotiable SLA bring to the public cloud computing. Result of a negotiation is based on the size of the corporation and the magnitude of influence it can exert. Irrespective of the type of SLA, it is very necessary to obtain pertinent legal and technical advice to make sure terms of service meets the need of the organization. The Security Upside While the biggest obstacle facing public cloud computing is security, the cloud computing paradigm provides opportunities for thinking out of the box solutions to improve overall security of the corporation. Small corporations are going to have the biggest advantage from the cloud computing services as small companies have limited staff and infrastructure support to compete with bigger organization on fronts of technology and economies of scale. Potential areas of improvement where organizations may derive security benefits from transitioning to a public cloud computing environment include the following: Staff Specialization. Just like corporations with large-scale computing facilities, cloud providers provides an break to staff toto specialize in security, privacy, and other areas of high interest and concern to the organization. Increases in the scale of computing induce specialization, which in turn allows security staff to shed other duties and concentrate exclusively on security issues. Through increased specialization, there is an opportunity for staff members gain in-depth experience, take remedial actions, and make security improvements more readily than otherwise would be possible with a diverse set of duties. Platform Strength. The structure of cloud computing platforms is typically more uniform than that of most traditional computing centers. Greater uniformity and homogeneity facilitate platform hardening and enable better automation of security management activities like configuration control, vulnerability testing, security audits, and security patching of platform components. Information assurance and security response activities also profit from a uniform, homogeneous cloud infrastructure, as do system management activities, such as fault management, load balancing, and system maintenance. Many cloud providers meet standards for operational compliance and certification in areas like healthcare (e.g., Health Insurance Portability and Accountability Act (HIPAA)), finance (e.g., Payment Card Industry Data Security Standard (PCI DSS)) and audit (e.g., Statement on Auditing Standards No. 70 Resource Availability. The scalability of the cloud computing facilities permits the greatest consideration. Unemployment and calamity healing capability is building into the cloud computing surroundings. The different sources ability would be utilizing for better flexibility while facing higher demands or divided rejection of servicer and for faster improvement from Severe events When any event happens, the occasion survived again to collect the data. The large data is easily available with good explanation and less effect on construction. On the other hand the pliability might be having different results. For Instance: a non successful person divided the rejection of service attackers which can consume fast. Support and Improvement. The encouragement and revival strategy and processes of a cloud services might be better than that of the industry. In case the different duplicates are maintained in the assorted natural features can be healthier. Information stored within the cloud would be easily available which is easy to store and highly reliable. In different situation it proved to be maintained in a traditional information centre. In such situation, cloud services could means for offsite encouragement data collection. Mainly the network performance on the net and the usage of the data involved are preventing the issue which impacted the re-establishment. The structure of a cloud solution spreads to the consumer at the service endpoints. This utilizes to access the hosted submission. Cloud consumer is based on browser and on application. However the main calculative sources need to be held by the cloud provider. Consumer is normally low weight calculation and easily handled. The laptops, notebook and net books are well embedded devices like smart mobile phones, tablets and personal digital help. Information Awareness. Information prepared and developed in the cloud would be able to show low risk to the industry. There are lot of risk involved in the industry, different information are transferring on various systems. Portable systems or transferrable media is out in the field, where the loss of devices and theft occurs frequently. Many industries have made the evolution to handle the availability to the industry. So many industries have already made the evolution to hold the availability to the organizational information. In addition to calculating the stage or alternative for domestic submission and public cloud services like target on providing security and safety to other calculating surroundings. Information Midpoint Familiarize. Cloud services would be able to utilize the safety information centres. For instance: e-mail can be t