SPOTLIGHT

Overview of Security Information and Event Management (SIEM) – Part 1Alex Lam

1. BackgroundsOver the years, the central IT of CityU is committed to and capable of providing the best IT services to support its mission. With the rapid advancement of technology, the great behavioral shifts in modern IT usage, the sharp increase in user demands, and the heavy dependence on IT, it has become more and more difficult to react and maintain quality IT services, not to mention the planning of service improvement. Moreover, in meeting the 3-3-4 challenges and the expanding user population, new application systems are added, and existing applications and infrastructure are enhanced. The service integration of these different new and existing applications with the respective infrastructure changes has added another dimension of complexity to the already constrained manpower of IT support.

To provide quality service and support with limited manpower, we need to know our services better. We need to understand how users use these services in their business, and to plan ahead accordingly before demands have consumed all available resources.

NEWSLETTEROCIOIssue 9 • Oct 2012

We also need to know the business risks and impact arisen from potential weakness of the existing setups, be fast alerted of eminent incidents, and respond speedily and effectively when they indeed occur. In maintaining the security protection and smooth operations of these IT services, we need to continuously monitor and respond quickly to millions of system events and alerts. The collection, correlation, storage and presentation of service and security information from events logs of thousands of applications, servers, network and storage systems, which look disparate and unrelated, pose a great challenge in but critical to maintaining their health and security level of IT services as well as the future service improvement planning .

In this article, we discuss how the Security Information and Event Management (SIEM) technology can meet the above challenges and how it delivers additional value in maintaining service quality and assisting in resource planning besides the service event and security management of the IT systems.

2. Traditional security and event/log processing of IT services

As shown in figure 1, modern IT services are sophisticated and composed of multiple components such as networking equipment, operating systems and application systems. The challenges of the security protection and event/log processing of IT services are shown on the right of the diagram. (figure 1)

In summary, the challenges of security and event log processing are:

• Millionsofeventsfromdifferentsystemsarecollectedconcurrently and must be reacted instantly for critical events

• Real-timeeventaggregationandfilteringcapabilitiesare required for the detection of critical events from the noisy event (non-critical event or false-positive alert) and log entries.

• Withtheincreaseinsupporteduserandtrafficbandwidth, it further increases the processing requirements for SIEM

• Thereisnocentralstoragepoolforthestorageand processing of events and logs from different components of an IT service.

• Amanagedcentralstorageforlongtermlogretentionis a requirement for security standard and regulatory compliance

Figure 1 Traditional event and log processing for IT service with different monitoring systems

OCIO NEWSLETTER2

• Aseventsandlogsarestoredindiseparatemonitoringsystems, there is no way to correlate events beween systems.

• Thisprovidesinsufficientinformationfortheincidentdetection. Thus, it is difficult to detect security attack in its early state

• Asthestatusofdifferentcomponentsofaserviceareprocessed separately, there is no way to provide and present a single view of service status.

• ThereisnoDashBoardtoshowsecuritylevelandstandards compliance status

3. Anatomy of Security Information and Event Management (SIEM) system

After discussing the challenges of traditional event processing, this section provides an overview of Security Information and Event Management (SIEM) system. We will present how the SIEM system helps meet the challenges of traditional event processing described earlier.

3.1. Components of SIEMSIEM is a combination of two interrelated components that operate on a shared pool of event and log. The two components are listed as follows:• SIM–SecurityInformationManagementsystem• SEM–SecurityEventManagementsystem

The functions and objectives of the two SIEM components are shown in figure 2.

Bysharingacommonandcentralizedeventandlog storage pool, the SEM and SIM component can work cohesively to achieve its own functions. In fact, modern SIEM system will combine the SEM and SIM components seamlessly into a single system. User can access the SIEM system via a single graphic interface to access the service and security related information.

In the next section, we will show the architecture of SIEM system.

To be continued...

Figure 2 Components of SIEM

Issue 9 • Oct 2012 3

BRIEF UPDATES

CityU IP Phone System Upgrade S K Tsui

BackgroundThe CityU IP Phone (IPT) system has been serving our University for 10 years. Some of its core components such as the voice mail system, voice gateway, etc. have already reached its end of lifecycle and we can no longer get support and maintenance of these components from the manufacturer. In order to retire these legacy components and keep uninterrupted operation of the IPT system, the CSC has decided to upgrade the hardware and software of the core system (Cisco Unify Communication Manager and Cisco Unity) and replaced the obsolete voice gateways last summer.

IPT System UpgradeThe upgrade process was very complicated and was divided into 4 steps: 1. The first step was to upgrade

the firmware of all the existing IP phone sets at midnight to make them compatible with the new IPT. It took almost a month (from 10 July 12 to 9 August 12) to complete the upgrading of the existing 4,800 phone sets.

2. The second step performed the core equipment setup and burn-in test. It took 18 working days to complete the

Cisco Unified Computing System (UCS) and VMware ESXi 5 installation and configuration, as well as the Unify Communication Manager, Unity Connection and UCCX server virtualization.

3. The third step involved the migration of the system data and user date from the old IPT to the new IPT. It took 2 weeks to backup and restore the data, perform data integrity checking and data rehabilitation aftermigration.Duetotechnicalproblem, the old voice messages could not be migrated to the new system and would be kept in the old voice mail server. If necessary, users can still access and manage their old messages received on or before 19 August 2012 by dialing extension “7000”. These old messages will remainaccessibleuntil31December2012.

4. The last step was to switchover the CityU IP Phone service from the old system to the new system. We needed to disconnect the old system from the network to trigger the phone sets and voice gateways to reboot and re-register themselves tothenewsystem.Tominimizetheimpact to our user due to service interruption, the switchover was made on 19 August 2012 (Sun) morning. The phone and voice mail service resumed at around 11:00am and the other services (personal fax, UCCX, etc.) resumed at 15:00.

New Features and Enhancements of the New IPT System1. Server virtualization ThenewIPTsystemutilizes

servervirtualizationtechnologyto reduce server count and hardware maintenance costs. In the past, we have 10 physical appliances (3 x Callmanagers, 2 x Unity servers, 2 x MS Exchange servers, 2 x MSDomainserversand1xUCCX server) to provide the coreIPTservice.Byvirtualizingthe servers on top of VMware ESXi 5, the core IPT is now running on 3 x powerful Cisco’s Unified Computing System (UCS) servers. Other benefits ofusingvirtualizationisreducing energy consumption, improving service stability, simplifying disaster recovery and delivering high availability.

2. Security enhancement on phone services

Phone services such as personal directory, change credentials, etc. are now transmitting on a more secured protocol (HTTPS) to protect your privacy and sensitive data.

3. More phone models support BesidestheconventionalCisco

Unified IP Phone 7900 series we are using, we can now have a variety of selections

OCIO NEWSLETTER4

on 6900, 8900, and 9900 series to fulfill various requirements from cost-effective to high-quality, interactive multimedia communications. The 6900 series are affordable and are ideal replacement for traditional analog and digital phones. It is most suitable for low-to-moderate voice communications usage such as public phone for laboratories and classrooms. The 8900 and 9900 series are for high end users seeking endpoints with integrated video capability for high-quality, rich, interactive multimedia collaboration.

There are many other new features and improvements in the new system. Most of them are administrative or operational improvements and these features were aimed to reduce the total cost of ownership (TCO). If you would like to know more about the new features, you may visit the following page:http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps556/ps10662/data_sheet_c78-584298.html

IT Security Awareness Series by JUCCWith an aim to enhancing the IT security awareness of the CityU community, the KPMG was commissioned by the Joint Universities Computer Centre (JUCC) to prepare a series of articles on IT security and they will be adopted and published here for your reference.

Portable Storage MediaI. Background

Industry Story University of Arizona Losses Drive Containing Personal Information on ThousandsTheUniversityofArizonarecentlyannouncedthelossofaharddrive containing the personal information on former students. The drive, holding information on individuals enrolled at the university between 1997 and 2008, contained names and Social Security numbers of over 8,000 former students. The drive was moved during the summer of 2010 to a new building and was discovered missing in October 2010.

AccordingtotheUniversityofArizona’sDeanofStudentsDr.CarolThompson, the files and drive were always under supervision, even during the move. Thompson called the incident troubling. In a notice to the affected individuals, the university asks that the former students watch for signs of possible identity theft.

Key Benefit of Portable Storage MediaTheemergenceofexternalharddrives,USBsticksorevensmartphones makes our work and life much easier. Portable storage media withlargestoragesizesandconvenientconnectivityinterfaceallowstudents or staff to take their study and work wherever they go.

Key Risks of Portable Storage MediaNevertheless, portable storage media poses a number of security threats to the university. Without adequate protection mechanism like authentication or encryption, portable storage media may bring significant risk of data theft or data loss. On the other side, improper use of protection mechanism (e.g. loss of decryption key) or device failure could deny the university from accessing important data timely.

Another common threat is the introduction of malware from portable storage media to the university’s IT systems. Hackers may use social engineering techniques to manipulate users into connecting infected portable data storage devices to their desktop, laptop or even university’s IT systems.

Issue 9 • Oct 2012 5

II. Management

In order to manage the risks associated with the use of portable data storage media by staff and students, while enjoying the benefits of greater mobility and flexibility, the Management should consider the following dimensions of security practice:

Policies and proceduresPolicies and procedures should be developed to clearly outline the roles and responsibilities with respect to the use and management of portable data storage media for university’s data.

1. Establish a portable data storage system security policy, which encompasses both university-issued and privately owned portable data storage media. This security policy should also be integrated into university’s overall IT security framework and rigorously enforced.

2. Reviewandconsequentlyreviseorupdatetheuniversity’s portable data storage system security policy, particularly in light of the availability of new data storage technologies, and in the wake of security incidents involving portable data storage systems.

3. Developasetofhandlingprocedurestocovertheentirelife-cycle of portable data storage devices, including acquisition, deployment, use, to disposal.

4. Limit or prohibit the connection of privately owned portable data storage devices to university’s IT systems. For university’s sensitive data, rigorous access control procedures should be implemented to prevent unauthorised data access, modification and leakage.

5. Consider establishing a centralised encryption key and password repository system to achieve efficient management of authentication information and avoid accidental loss of encryption keys or passwords.

PeopleApplying security controls to counter the security risks caused by human mistakes and negligence is critical for securing the portable storage media used by university. Sufficient staff and student awareness and training programs should be offered by university to achieve the following objectives:

1. Identify and communicate roles and responsibilities of staff and students in securing their portable storage media.

2. Inform staff and students of the risks associated with the use of portable storage media and consequence when those threats are exploited by malicious parties.

3. Emphasise the importance of timely reporting on suspicious data leakage, data loss or data denial incidents to university’s IT security team.

4. Educate users and administrators regarding the physical access control, acceptable use, permissible data storage devices, and security incident handling and escalation procedures in relation to portable storage media.

TechnologyWhilst technical solutions cannot substitute for an integrated and comprehensive portable data storage security framework, a range of technologies or products can effectively reduce the level of risk exposure arising from the portable data storage devices, and mitigate the impact of security incidents when they occur.

1. Encrypt sensitive data residing on portable data storage devices using strong passwords or algorithm. For example, 8-character alpha-numeric password, RSAkeyencryption.

2. Alter the default settings of the university’s IT system to prohibit automatic execution of applications residing on a portable data storage device upon connection.

3. Deployandenableauditloggingfunctionthatrecord connection of portable storage devices and data transferred between university IT systems and portable data storage media.

4. Blocktheabilitytoconnectportabledatastoragemedia for university’s IT systems holding sensitive data by disabling connection sockets on related desktops, laptops or servers.

5. Where possible, implement tiered connection states (i.e. no connection, read only data from the portable data storage media, read/write data to and from

OCIO NEWSLETTER6

the portable data storage media) within university’s IT systems based on the institutional imposed risk criteria.

6. Employ secured physical or logical destruction mechanism to enforce safe disposal of portable storage media.

III. General Users

Care and StorageUsers should keep portable storage media with information related to university out of sight from other people to minimise the risk of theft. In addition, such media should not be left unattended at any time.

Where possible, users should utilise the security featuresoftheportablestoragemedia(e.g.USBstickwith finger print recognition function) or security tools recommended by the university (e.g. data encryption software) to protect the information from unauthorised access or modification.

Important data stored on portable storage devices should be regularly backed up to designated file servers of the university.

Cleansing and SanitisationPortable storage media containing the university related information must be appropriately cleansed and sanitised after use and before disposal. If un-rewritable portable storagedevices/mediaareused,suchasCDandDVD,they must be destroyed either by a disintegrator, or by grinding, smashing or burning.

Lost or Stolen Portable Storage MediaUsersmustreporttotheITHelpDeskassoonaspossibleif a portable storage device containing information related to the university is lost or stolen. The IT security staff must be notified immediately and record the identification (e.g. serial number, type, asset register code) of the device, the physical appearance of the device and the details of the information stored.

RestrictionUnless specifically approved, users should not keep the university related information on privately owned portable storage media. On the other hand, data related to personal matters should not be kept on the portable storage provided by the university.

ConclusionThe convenience and flexibility of portable storage media increase the efficiency of university’s staff and students during their work and study. However, the security threats of data loss or denial cannot be ignored. To build a safe environment for using portable storage media, both the Management and general users should pay great attention to the establishment, enforcement and maintenance of necessary security measures.

Copyright StatementAll material in this document is, unless otherwise stated, the property of the Joint Universities Computer Centre (“JUCC”). Copyright and other intellectual property laws protect these materials.Reproductionorretransmissionofthematerials,inwholeor in part, in any manner, without the prior written consent of the copyright holder, is a violation of copyright law. A single copy of the materials available through this document may be made, solely for personal, noncommercial use. Individuals must preserve any copyright or other notices contained in or associated with them. Users may not distribute such copies to others, whether or not in electronic form, whether or not for a charge or other consideration, without prior written consent of the copyright holder of the materials. Contact information for requests for permission to reproduce or distribute materials available through this document are listed below: copyright@jucc.edu.hkJoint Universities Computer Centre Limited (JUCC),Room223,RunRunShawBuilding,c/o Computer Centre, The University of Hong Kong,PokfulamRoad,HongKong

Reference:http://security.tennessee.edu/pdfs/SMDBP.pdf

http://www.sandisk.com/media/226722/enterprise_whitepaper_endpointsecurity.pdf

Issue 9 • Oct 2012 7

BRIEF UPDATES

Blackboard Surveys 2012 Crusher Wong

BlackboardSurveystostudentsand teachers were first launched in 2006 to inform e-Learning development at City University of Hong Kong. Two online questionnaires are disseminated annually to collect perceptions of teachers and students separately ontheadoptionofBlackboardLearn for teaching and learning. Survey questions and formats have been slightly adjusted over the years and the following aspects are covered in 2012: usage level, popularity of features and functions (including third partyBuildingBlocktools),userexperience, future expectations, other web services used for teaching and learning, and mobile learning experience. The surveys were conducted anonymously with authentication at the end ofsemesterB2011/12(Aprilto May 2012). Statistical results are available at http://go.cityu.hk/z7g5kdandhttp://go.cityu.hk/zm6edwforCityUmemberswhen key findings are listed below. In order to cope with the advancement in e-learning pedagogy and technology, the surveys will receive a major makeover in 2013 according to feedback from stakeholders.

Key Findings1. 64% of the surveyed students

saidBlackboardwasusedin all courses that they weretakinginsemesterB

2011/12 (see Figure 1). The population with around half of all courses or above usingBlackboardcovered91% of the responses. The significanceofBlackboardtostudents was evidenced.

2. TheuseofBlackboardwas necessary to the achievement of at least some of the course learning outcomes (integral use, central use and exclusive use) according to the majority of teachers and students (over 70%) as shown in Figure 2 & 3, respectively.

3. e-Learning at CityU mainly facilitated course material dissemination and asynchronous messaging based on the 3 most used features identified by both teachers (see Figure 4) and students(seeFigure5)–CourseDocuments(coursecontents), Announcement ande-Mail.Besidesthetop3, assignment submissions (with or without plagiarism prevention), grading and online discussions were also popular activities among users.

4. Pedagogical development in e-learning might lag behind the advancement of e-learning technology as suggested by the fact that more students

Figure 1

Figure 2

Figure 3

OCIO NEWSLETTER8

acknowledged the advantage ofBlackboardinmanagingtheirstudies comparing to enriching the quality of their studies (65% vs 31%, see Figure 6). According to Figure 7, similar situation was found with teachers when 81% of the surveyed believedBlackboardhelpedthemmanage courses but only 42% of them thought students’ learning experience was enhanced.

5. Students’ immense dependence on community built resources was reinforced by the popularity of Wikipedia (73%) and YouTube (71%) for learning as illustrated in Figure 8. The adoption of Facebook (57%) to their studies also hinted the era of social learning in tertiary education.

6. 39% of responded students had experience with mobile learning. As indicated in Figure 9 & 10, amongst this group of students:

6.1. the most popular devices used for mobile learning were Android phones (52%) and iPhones (39%). Since no purchasing scheme of smart phones was launched at CityU, the trend of self-directed adoption of mobile phones for learning was confirmed.

6.2. iOS and Android both had adoption rates of over half of the population (some reported the use of both platforms). The support to iOS and Android platforms for m-learning was inevitable until a major shift in market share.

Figure 4

Figure 5

Issue 9 • Oct 2012 9

6.3. the most common practice in mobile learning was accessing Blackboardanytimeanywherefor studies (82%). Hence, one of the initial goals of m-learning had been achieved without the need of additional involvement from teachers. Nevertheless, advanced practice such as engaging in in-class activities (27%) would require acceptance from teachers to become ubiquitous at CityU.

Figure 6

Figure 7

Figure 8

Figure 9

Figure 10

OCIO NEWSLETTER10

FEATURES

DMS (Document Management System) Implementation for HRO and FO Alex Ho

A small team of 3 persons in the OCIO was approved for taking up the Paperless Office Project with the EMCDocumentumsoftwarefromthecentral administrative offices. The team, EnterpriseDocumentManagementTeam(EDMT),establishedinMarch2012with only 2 members on board, has been working hard to implement the softwareforusebytheHROandtheFO,initially for document management.

The Project Team and the TasksLedbytheEDMT,aprojectteamwasformed with the IT Security Officer, and representatives from the CSC and the ESU as members. A system integrator was contracted for installing the software and implementing the system asdesignedandrequestedbytheHRO,the FO and the University.

System security and data protection are the biggest concern of the implementationsinceHROpersonneland related documents, FO payroll and other financial and contractual information are highly confidential information. The CSC, in consultation with the Security Officer, has designed and built a network and system infrastructure, the security level of which matches the nature of the information to be stored. The architecture of the network and system infrastructure was also reviewed by an external security advisor.

To bring up the system for use as quickly as possible, the first task was to implementtheDMSfortheHROandthe FO to store personnel and payroll documents.Toachieveit,theEDMTinterviewedtheHROandtheFO-Payrollstaff to collect user requirements and expectations, did analysis, designed the system, managed and worked with the system integrator, conducted system integration test and user acceptance test,andorganizedend-usertraining.AsastandardofSoftwareDevelopmentLifeCycle(SDLC),threesystemenvironments were built separately for development, staging and production. Three system drill tests had been conducted on system performance and backup restore process. The project started in March, the system went into softlaunchon22June,andtheHROand the FO-Payroll users started using the system for real data on 7 August 2012.

Live Production – 7 August 2012TheHROandtheFO-Payrollteamstarted putting personnel and payroll documenttotheDMS.Theestimationof document volume is approximately 4,000HROpersonnelfilesamounting

to 200,000 pages, and 8,500 FO payroll files amounting to 425,000 pages.DocumentsarescannedintoDMSrepositorybyeitherusinga2Dbarcodesprocessordragging and dropping scanned documents into the system.

On the capture process, firstly, the HROandtheFOgeneratea2Dbarcode document cover page and document dividers which are a document separator. So, after the process, each document after a divider will form a single documentstoredintoDMSrepository in the below pattern.

Document cover a Divider a[document] aDivider a [document] and so on ...

The barcode contains document properties, tagged metadata and userIDforsubsequentprocesses.When the document set is scanned, the Captiva capturing process decodes the information from the barcode, and creates folder, associating folder level access control, assigning metadata

Figure 1

Issue 9 • Oct 2012 11

to the document properties, and creatingadocumentinPDFformat.Duringtheprocess,thedocumenthasalsoappliedtheOCR(opticalcharacterrecognition) to make it full-text searchable. (figure 1) A departmental administrative role isalsocreatedtomaintaintheDMSoperation tasks. With the departmental administratorrole,theHROandtheFO can nominate some of their staff to be a departmental administrator. The latter is responsible for user account maintenance task, such as assigning or removing user from groups, granting useraccesstonewcomer.Besides,they are also responsible for document housekeeping, complying with their document retention policy.

Next Phases…Movingforward,theEDMTwillworkonthesubjectdocumentsoftheHROand the FO payroll section. The subject files require a highly hierarchical folderstructurewithwell-organizedusergroupaccesscontrol.DocumentsharingbetweentheFOandtheHROintheDMSisalsoanideathatwillbeimplementedatthisphase.Besides,wewill work with other teams of the FO to implementtheDMSforthem.

FEATURES

CSC Teaching Studios on G/F, 4/F and 5/F in AC2Joe Lee

While moving a single home from one place to another is already time-consuming and problematic, the level of difficulty in moving all the teaching studios, facilities and services from one building to another is much higher. After several months of preparation and hard work, the Computing Services Centre (CSC) Service Counter and Teaching Studio Areas have been successfully moved from Academic 1 (AC1) to Academic 2 (AC2) before the commencement of Semester A 2012-13. Actually, the new Service Counter located on 4/F (AC2) has started to provide full services since 24 August 2012. There is a total of 19 Teaching Studios providing 870 PCs and 30 iMacs forteachingandlearning.BelowisasummaryoftheTeaching Studios.

Teaching Studio Operating System Capacity

AC2-G600

Windows 7/Windows XP

108

AC2-4101 29

AC2-4109 69

AC2-4200 39

AC2-4208 66

AC2-4307 82

AC2-4400 69

AC2-4412 82

AC2-5506 39

AC2-5606 60

AC2-5500 30

AC2-5501 30

AC2-5502 27

AC2-5503 30

AC2-5505 30

AC2-5601 27

AC2-5604 27

AC2-5608 26

AC2-5607 Mac OS X 10.6 30

For details of the new CSC Teaching Studio areas, please refer to the CSC website athttp://www.cityu.edu.hk/csc/deptweb/facilities/terminal-area/teaching-studio.htm.

OCIO NEWSLETTER12

FEATURES

CSC Teaching Studios on G/F, 4/F and 5/F in AC2Joe Lee

In view that the demand for computers will be keen due to a larger student population resulting from the 334 academic reform, we have increased the number of notebook computers for daily loan to students from 600 to 900. Opening hours of the CSC Teaching Studio Areas,ServiceCounterandDLSCounterhavebeenadjusted to align with the University’s new class hours so that students have sufficient time to obtain printouts, borrow and return notebook computers and resolve problems encountered.

CSC Teaching

Studio Areas

Service Counter

Student Notebook Computer Daily

Loan Scheme

Mon - Fri 8:30 am-11:00 pm

8:45 am-11:00 pm

8:45 am- 10:00 pm

Sat 8:30 am-11:00 pm

8:45 am-9:30 pm

8:45 am- 9:00 pm

Sun 8:30 am-11:00 pm

12:30 pm-6:00 pm

1:00 pm- 5:30 pm

Public Holidays

8:30 am-11:00 pm

Closed Closed

Major facilities and services (such as Service Counter support,StudentNotebookComputerDailyLoanScheme, Multiple Choice Scanning, document scanner and others) are provided on 4/F of AC2. However, student printing facilities are deliberately distributed on G/F, 4/F and 5/F of AC2 for the convenience of students. Belowisasummaryoftheprintingfacilities.

Printing Service Location Quantity

Quota-controlled printing

AC24/FneartheDLSCounter 2

(Konica Minolta Bizhub950)

AC2 4/F near the Service Counter

2

AC25/FnearRoom5604 1

AC25/FnearRoom5503 1

AC2G/FRoomG600 2

(Fuji Xerox DC7000CPS)

CMC 4/F 2

Charged printing AC2 4/F near CSC Service Counter

1

(Konica Minolta BizhubC360)

AC25/FnearRoom5503 1

For the new floor plan of the CSC and further information, please visit the CSC website at www.cityu.edu.hk/csc, or contact the Service Counter at 3442 8340.

CSC Teaching Studio

DLS Counter

CSC Service Counter

Scanners Printers

Issue 9 • Oct 2012 13

There is no doubt that receiving up-to-date information is very important nowadays. In CityU we have already established several communication channels including CityU Announcement Portal (CAP) [1] and CityU NewsCentre [2] to ensure that our staff, students and the general public can receive University information quickly and systematically.

To further extend the reachability and availability of information across smartphones and tablets, CityU is actively exploring the use of mobile apps and has recently published two official CityU mobile apps including CityU Mobile CAP and CityU Mobile News.

CityU Mobile CAPBasedontheexistinginfrastructureof the CAP, the mobile counterpart CityU Mobile CAP retrieves, categorizesandtransformsthemessages on the CAP into a fully native mobile application experience. Users can easily browse through the content with just one flick of a finger.

In addition, Mobile CAP is integrated with the push notification services provided by Apple and Google. University announcements and emergency messages are actively pushed to the mobile devices so that users will never miss any important information.

The future version of Mobile CAP will also allow users to save messages

onto device storage for offline viewing. Usage will no longer be bounded by connectivity.

CityU Mobile NewsFocusing on a pleasant cross-platform reading experience, CityU Mobile News brings the latest news and achievements of the University from the traditional desktop devices to mobile devices.

Readerscanenjoythesameintuitiveexperiencenomatterwhatkind,sizeor orientation the mobile device is. Users will soon be able to share articles through social networks as well.

Mobile CAP and Mobile News are the first round of mobile apps introduced by the Central IT to enrich our service mobility. With the increasing popularity and influence of mobile devices, more apps will be launched for the other University services in the near future.

References:[1] CityU Announcement Portal (CAP)

https://cap.cityu.edu.hk[2] CityU NewsCentre http://wikisites.cityu.

edu.hk/sites/newscentre/en/Pages/index.aspx

CityU Mobile CAPAvailable on Apple App Store and Google Play

CityU Mobile NewsAvailable on Apple App Store and Google Play

BRIEF UPDATES

Mobile Apps for CAP and NewsCentre Tomson Xu and Vicker Leung

OCIO NEWSLETTER14

Blackboard Mobile Learn Statistics for September 2012

Issue 9 • Oct 2012 15

IT Concepts from WikipediaAndy Chun (ed.)

Big Data is a collection of data sets so large and complex that it becomes difficult to process using on-hand database management tools. The challenges include capture, storage, search, sharing, analysis, andvisualization.Thetrendtolargerdatasetsisduetotheadditionalinformation derivable from analysis of a single large set of related data, as compared to separate smaller sets with the same total amount of data, allowing correlations to be found to “spot business trends, determine quality of research, prevent diseases, link legal citations, combat crime, and determine real-time roadway traffic conditions.”

Scientists regularly encounter limitations due to large data sets in many areas, including meteorology, genomics, connectomics, complex physics simulations, and biological and environmental research. The limitations alsoaffectInternetsearch,financeandbusinessinformatics.Datasetsgrow because they are increasingly being gathered by ubiquitous information-sensing mobile devices, aerial sensory technologies (remote sensing), software logs, cameras, microphones, radio-frequency identification readers, and wireless sensor networks.

Bigdataisdifficulttoworkwithusingrelationaldatabasesanddesktopstatisticsandvisualizationpackages,requiringinstead“massivelyparallelsoftware running on tens, hundreds, or even thousands of servers”.

This article uses material from Wikipedia. The Author(s) and Editor(s) listed with this article may have significantly modified the content derived from Wikipedia with original content or with content drawn from other sources. The current version of the cited Wikipedia article may differ from the version that existed on the date of access. Text in this article available under the Creative Commons Attribution/Share-Alike License

GLOSSARY

Editorial Box

OCIO Newsletter Advisory Board Dr. Andy Chun (OCIO) Ms. Annie Ip (OCIO) Mrs. W K Yu (ESU) Mr. Raymond Poon (CSC) Mr. Peter Mok (CSC) Ms. Maria Chin (CSC)

Publishing Team Ms. Noel Laam (CSC) Ms. Annie Yu (CSC) Ms. Joyce Lam (CSC) Mr. Ng Kar Leong (CSC) Mrs. Louisa Tang (ESU) Ms. Doris Au (OCIO)

For Enquiry Phone 3442 6284

Fax 3442 0366

Email cc@cityu.edu.hk

OCIO Newsletter Online http://issuu.com/cityuhkocioTheme photo on the cover courtesy of Peter Mok (CSC)

OCIO NEWSLETTER16