Friday, January 5, 2018


Cybercrime Formula
By Raul Bernardino

Abstract:
Modeling a cybercrime is important for Information and Technology professionals to learn the symptoms and to be alerted (ready at any time) when the hackers have penetrated the systems environment. The cybercrime behavior can be formulated into the mathematical model. The base of cybercrime activity starts from unethical behaviors. Moreover, the hackers develop information from social engineering or gain information from spoofing, sniffing, skimming, Distributed Denial of Services (DDoS), and other techniques and forming the knowledge.
Keywords: cybercrime, unethical, social engineering, and knowledge

Introduction:
Nowadays cybercriminals activities are using encryption too. Therefore it is hard to detect their movements in the networking systems. The hackers are also using a similar methodology as IT professionals.

We can take several techniques as an example such as:
1.      Spoofing technique. Spoofing is a technique used to access unauthorized computers, where the attacker (hacker) enters by way of pretending to falsify identity that they are the host or a computer that can be trusted.
o   Types of Spoofing:
IP Spoofing: the technique of this attack is complex, and consists of several components. The first security exploits, concerned working with stealth computers and in the relationship of trust that you are the other person.  
DNS Spoofing: take the name of the Domain Name Server (DNS) of other systems with the DNS domain of an endangering the legitimate.
Identify Spoofing: the Act of infiltration by using official identity illegally. By using it, the intruder will be able to access everything that is on the network.
2.      Sniffing:
Sniffing packets allows individuals to tap the data that is transmitted over the network. This technique was used by the professional to diagnose network problems. However, the hackers use this way to tap the unencrypted data such as the user ID and password of the user.

To formulate the cybercrime activities, I came up RB formula, which stands for Raul Bernardino
Cybercrime = unethical + skill*opportunity                                                               …RB1
Skill = information + knowledge                                                                                …RB2
The relation between the RB1 and RB2 equation becomes:
Cybercrime = unethical + (information*opportunity) + (Knowledge*opportunity) …RB3
Unethical = Gray Hat + Black Hat                                                                            …RB4

The gray hat is still in the area of the balancing (gray) therefore, to be unethical, the gray hat person is expected bigger than his/her intention is more than (>) 50% or it is equivalent to 50% + 1. This means cybercrime would happen when the hackers desire to dominate a system, host, document, data, and information that clearly has no right to possession (unethical). Furthermore, the hackers searching essential information through techniques such as spoofing, sniffing, DDoS, Skimming, and so on, however, it all depends on whether the hackers get a chance to do a  penetration and gain the information. Furthermore, the information is developed and becomes available knowledge and then creates strategic plans to do reliable attacks to gain financial benefit and control critical and confidential information illegally. It includes hiding and eliminating their footpath of hacking (footprints).

Conclusion:
Cybercrime is an illegal activity over the internet and or networking performed by an individual, a group, and even organizations (hackers or hackers) to gain confidential information and or a financial benefit.

Reference list:
Bernardino, R. (2017) Cybercrime [online]. Available from: https://www.researchgate.net/publication/321124293_CYBERCRIME (Accessed date: 6 January 2018)
Bernardino, R. (2017) Modeling a Cybercrime [online]. Available from: https://www.researchgate.net/publication/321145590_Modeling_a_Cybercrime (Accessed date: 6 January 2018)



Thursday, September 8, 2016

Need some insights on Information Systems Management design? Please let me know

If you are passionate about what you love to do, definitely you will win! R. Bernardino

  “You can learn new things at any time in your life if you're willing to
be a beginner. If you actually learn to like being a beginner, the whole
world opens up to you.”

― Barbara Sher


Monday, April 4, 2016

CLASS A MANAGEMENT SOFTWARE ENTERPRICES

GROUP I ‘PIZZA KITCHEN SYSTEM DESIGN’                             
1.       PIUS M DE FATIMA LABI NARE
2.       ALVIN TOKAN
3.       YULEN KRISTIN TUDE HABA
4.       YESLIN LUSIANA TEFNAI

GROUP II ‘FREQUENCY BUYER SYSTEM DESIGN’
1.       MARIA ANA MARINA BETI
2.       MARIA DOLOROSA MELITA SE
3.       ANDINA SUHARTIN INDASAR
4.       WILLY ANDEL ELIM

GROUP III ‘CAMPUS ON-INE SYSTEM DESIGN’
1.       MECHTILDIS WANDA
2.       SERLINDA SOFIA BELLY
3.       DANY FRANSISCO DO'O
4.       YURIS BOY NAITBOHO

GROUP IV ‘VIRTUAL SERVER DESIGN’
1.       PAULUS GABRIEL ADO IGON
2.       GREGORIUS YOSUA ANTONIO
3.       GREGORIUS ARKIANO WUNGU
4.       MAISSY PRAMAISSHELA BABA

GROUP V ‘NETWORK SYSTEM DESIGN FOR BRING YOUR OWN DEVICES’
1.       ADRIANUS NAHAK
2.       ALDY MUNANDA THONAK
3.       GUYLHERMI A. DC. FELIX
4.       YUNITA WERING ILLUKO

GROUP VI ‘CAMPUS SECURITY SYSTEM DESIGN’
1.       ANGELA YULIA SISILIA KARA
2.       ALFREDO KORNELIO BETU KE
3.       AMIN ISAKH NAHAS
4.       DONALD ADRISON WADU

GROUP VII ‘PRVISIONINING DOOR CONTROLING SYSTEM DESIGN’
1.       EBENHESER LAY HEO
2.       FRANSISKUS YOSIRYANTO MA
3.       BHAKITA VITTI
4.       TRISILA ANITA BETE

GROUP VIII ‘SUPPLY CHAIN MANAGAMENT SYSTEM DESIGN’
1.       ATRIANA AMALIANA TEFA
2.       DESMANTO PAS
3.       THEODORA YULIANI GEDHO

4.       ANTONIUS HUNGA NGGULI

CLASS A INFORMATION TECHNOLOGY PR0JECT MANAGEMENT

GROUP PROJECTS

GROUP I ‘STIKOM UYELINDO LAPTOP PROVISIONING AND DEPLOYMENT FOR BAAK’
1.       MARSELA JIMBON MIKADO  
2.       DAYONA O. TELLA
3.       FEBRIANY BERTHA KOREH
4.       JULANDIANI DAHOKLORI  

GROUP II ‘STIKOM UYELINDO INTERCONECTIVITY’
1.       MARIANUS SAMON
2.       SITI RABIATUL A.L. DAY
3.       APRILIA ABD MUSADJAR  
4.       AGUSTINE MUDIN

GROUP III ‘BIG DATA MANAGEMENT’
1.       HANNA APRILIA FOMEN  
2.       ARINTA MESSAH
3.       ASRIYANTI LOINATI
4.       DESRY GRACE LANGKAMENG   

GROUP IV ‘FREQUENCY SHOPPER USING CRM MODEL’
1.       HANS ANDREAS
2.       ALEXANDRE WIRYODINOMO F
3.       GIGA GUNTARA
4.       HENDRIK ADOLFHPAH
GROUP V ‘INTERNET OF THINGS A FUTURE MODEL’
1.       JESSICA AGUSTIN OCTAVIA N
2.       MUSA SOINBALA
3.       JANSEN IMANUEL TAUNU
4.       PUALA CHRISTIVANI BAILAO

GROUP VI ‘BUSINESS PROCESS MANAGEMENT ’[DATA INTEGRITY, MARKET NICHE, DSS, ETC.]
1.       SCANKSY FREDWRICK LOALNG
2.       ERNESTIM DA SILVES DAKAW
3.       YAIR NYONGKI TERAMAHI
4.       PETRUS KURNIAWAN

GROUP VII ‘PROVISIONING AND DEPLOYMENT OF DATA CENTER INFRASTRUCTURE’
1.       NOFRIANUS FAHIK
2.       WILFRIDUS FERNANDES
3.       VENCE A. YULIANTO

GROUP VIII ‘PROVISIONING AND DEPLOYMENT OF CAMPUS CLOUD COMPUTING’
1.       MARIA F. SIKI
2.       DAMIANUS KOLI BUNGAN
3.       NONA MAYA AMIRUDIN

GROUP IX ‘PROVISIONING AND DELOPLOYING CAMPUS INTRANET’
1.       LORENCO XIMENES
2.       FANDI MUHAMMAD SALEH R

3.       PRIMUS DJOGO

Wednesday, March 30, 2016

Project Topics

for ITPM Class C


1.       Group I ‘Frequency shopper’ (record customer id and location, points rewards, customer access their rewards information etc.)
a.       Nasuri Bongo
b.      Meriwati Baitaru
c.       Fecar r Mbuik
d.      Ridwan Pitay
2.       Group II ‘Knowledge management (data integrity, can be audited, available for institutional memory, etc. )
a.       Jaros B. Nafi
b.      Marten W. Ratu
c.       Novita P. Suni
d.      Rosita Koro Djoh
3.       Group III Intranet portal (any time anywhere)
a.       Hellen M.   Kana
b.      Apryanti Pong
c.       Deki IU
d.       Sancia M..F.H.Bobo
4.       Group IV Data Center(infrastructure as a services)
a.       Lolok Piter Takalogo
b.      Daniel Ikun
c.       Santina  V.F. Belo
d.      Dionicius Mau
5.       Gruop V Internet  of things (secure and smart nation )
a.       Farayana La Fayette
b.      Desi Fitriyaa
c.       Bella  V. Daris
d.      Maxelinoo Ufi
6.       Group VI Campus on-line(software as services)
a.       Maria M. Lodo
b.      Juvita Eco
c.       Yusmina Benu
d.      Jeremias Nennometa
e.   Deviani Honin
7.       Group VII Cloud computing  (Victual Computing )
a.       Radinal M. Usman
b.      Welem Logo Buke
c.       Juan. Anel Omalor
d.      Theodorik M. Woka
8.       Group VIII Campus IT infrastructure
a.       Daamianus Koli. Bungan
b.       Adrianus S. Hane
c.      Kristoforus Mado Lein       
9.       Group IX Campus Business continuity plan 
a.       Vendidus Ambut
b.      Tomar Y. Big
c.       Kokoh a. Theik
d.      Semuel Safa


                

Tuesday, March 22, 2016

Change Control in the Project Management

‘Hand is Assignment for next week'

By Raul Bernardino

Introduction:
In the early 1950 up to 1980 the change control was focusing on the project that has been planned within time and budget. There are issues that involving in the projects and project teams were often can’t meet project goals. In other word the project teams were rarely meeting the project original goals. Therefore, in early 1990 almost all project managers and companies top managements are realizing that, project managements are a process of fitting the needs along the project life cycle. Therefore it is in need of having the constant communication and negotiation along the project life time to adjust the objectives and goals in order to meet the expectation.

The administrative of the changing controls are important part in project management, because it will be transparent or clearly stated in the procedure on how and why it would be changed including who is the authorization person or body for changing. “The changing control system often involves the change control board, configuration management, and process of communication of the change”. (Schwalbe, K.,2010)

The changing to the procedures or contract may impact to the services of the delivery and qualities of the services, to the cost and time of the project, and to the other related resources (people, technology, and business). Therefore it has to be clear instruction in the contract on how and when we need to adapt the changing. For instances allocation person who is responsible for requesting a change or assessing the impact of the changing, who can makes a priorities and authorize the changes; who will be making the agreement with contractors; who is controlling the implementation of the changes, and who is documenting the changes.

My first suggestion is outsourcing the developers especially on software application and hardware technology. Because basically companies or organizations have not have enough human resource or even they have, the person may need specific course or trainings to perform the task. And it may not lead cost effectives and on time delivery as well. Therefore in the contract with developer have to have a clear picture. For example software application, we do need to explain or state in the contract or in the separate assessment document that current existing operation systems is X OS or so, other applications that are also up and running, and including what application that is planning  to develop and integrating into the current system. These are also involving security, scalabilities, availabilities, reliabilities, and change management. This situation is same as for deploying new hardware technologies.

Far before outsourcing the third parties, company or organization has to have a internal procurement procedure, whereas to help the organization or company in selecting the third parties to become a vendor, service delivery, and application developer.

My second suggestion is outsourcing the business continuity plan for the organization or company. Most organization or company has limited recourses to build similar office and system in case of the main office is burn down or defected by natural disaster or the system itself is down. Therefore organization or company has to have a contract with the third parties to establish essential system functionality in the third party data center or office. In the contract agreement has to clearly stated, what are those functionalities, the reliabilities of data and functionality, data integrity or confidentiality, including the availabilities, and security.

Conclusion: organization and Company internal change configuration management procedure have to be in place. This is to help the organization or company to know why and when need to change.

In the project contracts have to be flexible in the changing of the objectives or goals in order to meet the expectation, however it should be creating a clear control change management in the contracts.

References list:
·        Schwalbe, K. Information Technology Project Management, Revised 6th edition, Ch 4. P.162-164 and Ch 12.P.462-473
·        Lecture note, PM_WK2_seminar
·        Principle for service contract, Contract Management guidance [online]. Available from: http://www.ogc.gov.uk/documents/Contract_Management.pdf   (Accessed Date: May 14, 2011)
·        Institute of configuration management [online]. Available from: http://www.icmhq.com/ (Accessed Date: May 14, 2011)


Sunday, March 20, 2016

Software Enterprise Key Consideration

By Raul Bernardino
Introduction:
Today Information Technology (IT) projects are more complex and sometimes it gets to be crept in the scope or even failure before it reaches to the success result. Therefore, in my opinion to organize a software enterprise or to delivery any IT projects for the organization, companies, and institutions have to be in line with the Information Technology Project Management knowledge and tools.
The first consideration is that any enterprise projects have to be a systematic in order to accomplish organization vision/goal, in line with organization strategy, such as to digitalize the manual operation to the automate operation, to ensure effectiveness of the business operations and system has to easy to use. In general to develop any system enterprise has to follows SDLC tools. The SDLC stands for System Development Life Cycle as it shows in the below diagram:

The SDLC diagram above is a framework to describe step by step that involving the software development. It is starting from ideas and assessment of the business requirement needs or feasibility, followed by initial project plan. Those eight steps are a sequence steps from ideas to maintenance. In the traditional approach it has four steps of system development project such as:
a)     Concept: The concept comes from someone ideas, end user ideas, business analyst, or system analyst to develop an application
b)    Development: The development part Business Analyst, System Analyst, Developer, designer, tester have to build a proto-type
c)     Implementation: In this stage end users and business analyst will confirm the features; in other end the developers will do a maintenance
d)    Close-out: In the close-out stage some time it faces the issues such as new regulation, new technology, and etc.
The traditional system development approach as shows in the below diagram:


The second consideration in the organizing the software enterprise is a triple constrain of the project management as follows:
Scope:  The scope is “work that needs to be done in order to deliver a product, service, or result with the specific feature and functions”, PMBOK Guide, P. 104
Time: The time is referring to the schedule or duration of the project
Cost: the cost is referring money, labor, equipments, and other resources needed to accomplish the project.
The third consideration of developing the software enterprise is focusing on the people. The reason is that to develop software has to involve the human being (people). People in the organization use the software for the business operation in order to improve the productivities. People that architecting and developing the application, and etc. There is different type of personality according to the McGregor (1960) “Theory X and Theory Y”. The theory X personality will be an average person such as to avoid their own responsibility, little ambition, wants security, prefers directed, the rewards are not sufficient, and dislike the current work. While the Theory Y personality will be happy with works that they have. These people have self direction and self-control to achieve the goals and objectives of the organization. People will learn to accept and even seek for responsibility. They are also imaginative person realization of the dream for the organization. McGregor, Maslow, and Herzberg also said that motivation is deeply in root in the human biology and psychology.
People from different cultures and nations have different attitude and behavior. Hofstede,G  “had done systematic observation on personal attitude and value in on single organization such as IBM around the world and it concludes four dimension of the group of personality. They are:
a.  Power of distance
b. Individualism and collectivisms
c. Masculinity and femininity
d. Uncertain avoidance” , Hall, P. A.V. & Fernandez-Ramil, J. (2007,P. 57)
The fourth consideration of the software development as follows:
a)     Market: Before, we are trying to develop new software enterprise; we have to do several researches around and if there is someone have done it, then we have to compare with the following questions such as: “are this new enterprise are unique?” Are this new production is better that existing one? Is it cheap compare to existing one? The project team have to do a short of research be for deciding to organization new software enterprise.
b)   Economic: To organize software enterprise implementation, we have to measure cost benefit for the investment. Is this application in line with over all organization strategy? Is this enterprise application support organization business growth? By having this enterprise, organization are more effective and efficient in the decision making processes? The aim of having the new software enterprise is to speed the productivities of the organization and to facilitate business process in the decision making or other purposes.
c)     Financial: By organizing the software enterprise has to have adequate fund to execute the project such as to pay labors, equipment, developers, designers, and other resources. 
d)    Technical: New software needs new technical expertise. The new technology application may need new hardware or software. It has to be tested with current applications and without any bags or errors. The technical engineers can be deployed to be on site or work from remote as a part of the virtual team. Hiring the right technical person to develop the application will help the organization to not wasting time and money on mistakes.
e)     Management: Managing the new software enterprise need several skills, such as soft skills, leadership, negotiator, communicator, team building, has to have project management knowledge, and etc. It is including using similar projects lesson learned from the past. It is important to decide to use internal resources that currently organization have or deploy from the outsourcing.

In conclusion: To organize new software enterprise, we have to have feasibility documents from business analyst such scope and visioning report, work requirement plan and business requirement documents. Business analyst and System Analyst develop the design. The developer and system engineers are developing the code according to the design. The developer and system analyst prototype or piloting the software enterprise or produce beta version and release candidate for testing purpose before it releases the gold version to deploy. During the process of developing the enterprise in SDLC, the team works, the communication plan, have clear vision/goals, use triple constrains in the project, and people are rewarded and recognized. These all are an integrate part to reach the successful result.

References:
Hall, P. A.V. & Fernandez-Ramil, J. (2007) Managing the Software Enterprise:
Software Engineering and Information Systems in Context. London: Thomson Learning.
Schwalbe, K. Information Technology Project Management, Revised 6th edition

Clause, R., (n.d)), Key considerations in Adding Enterprise, [Online]. Available from:
Endeavour Software technology, [Online]. Available from:
Gallier, R. and Leidner, D.E., (n.d), Strategy Information Management: Challenges
and Strategies in Managing Information System, [Online]. Available from:
Enterprise Project Management, [Online]. Available from: