计算机科学与技术 外文翻译 英文文献 中英对照

外文原文：Database1.1Database conceptThe database concept has evolved since the 1960s to ease increasing difficulties in designing, building, and maintaining complex information systems (typically with many concurrent end-users, and with a large amount of diverse data). It has evolved together with database management systems which enable the effective handling of databases. Though the terms database and DBMS define different entities, they are inseparable: a database's properties are determined by its supporting DBMS and vice-versa. The Oxford English dictionary cites[citation needed] a 1962 technical report as the first to use the term "data-base." With the progress in technology in the areas of processors, computer memory, computer storage and computer networks, the sizes, capabilities, and performance of databases and their respective DBMSs have grown in orders of magnitudes. For decades it has been unlikely that a complex information system can be built effectively without a proper database supported by a DBMS. The utilization of databases is now spread to such a wide degree that virtually every technology and product relies on databases and DBMSs for its development and commercialization, or even may have such embedded in it. Also, organizations and companies, from small to large, heavily depend on databases for their operations.No widely accepted exact definition exists for DBMS. However, a system needs to provide considerable functionality to qualify as a DBMS. Accordingly its supported data collection needs to meet respective usability requirements (broadly defined by the requirements below) to qualify as a database. Thus, a database and its supporting DBMS are defined here by a set of general requirements listed below. Virtually all existing mature DBMS products meet these requirements to a great extent, while less mature either meet them or converge to meet them.1.2Evolution of database and DBMS technologyThe introduction of the term database coincided with the availability of direct-access storage (disks and drums) from the mid-1960s onwards. The term represented a contrast with the tape-based systems of the past, allowing shared interactive use rather than daily batch processing.In the earliest database systems, efficiency was perhaps the primary concern, but it was already recognized that there were other important objectives. One of the key aims was to make the data independent of the logic of application programs, so that the same data could be made available to different applications.The first generation of database systems were navigational,[2] applications typically accessed data by following pointers from one record to another. The two main data models at this time were the hierarchical model, epitomized by IBM's IMS system, and the Codasyl model (Network model), implemented in a number ofproducts such as IDMS.The Relational model, first proposed in 1970 by Edgar F. Codd, departed from this tradition by insisting that applications should search for data by content, rather than by following links. This was considered necessary to allow the content of the database to evolve without constant rewriting of applications. Relational systems placed heavy demands on processing resources, and it was not until the mid 1980s that computing hardware became powerful enough to allow them to be widely deployed. By the early 1990s, however, relational systems were dominant for all large-scale data processing applications, and they remain dominant today (2012) except in niche areas. The dominant database language is the standard SQL for the Relational model, which has influenced database languages also for other data models.Because the relational model emphasizes search rather than navigation, it does not make relationships between different entities explicit in the form of pointers, but represents them rather using primary keys and foreign keys. While this is a good basis for a query language, it is less well suited as a modeling language. For this reason a different model, the Entity-relationship model which emerged shortly later (1976), gained popularity for database design.In the period since the 1970s database technology has kept pace with the increasing resources becoming available from the computing platform: notably the rapid increase in the capacity and speed (and reduction in price) of disk storage, and the increasing capacity of main memory. This has enabled ever larger databases and higher throughputs to be achieved.The rigidity of the relational model, in which all data is held in tables with a fixed structure of rows and columns, has increasingly been seen as a limitation when handling information that is richer or more varied in structure than the traditional 'ledger-book' data of corporate information systems: for example, document databases, engineering databases, multimedia databases, or databases used in the molecular sciences. Various attempts have been made to address this problem, many of them gathering under banners such as post-relational or NoSQL. Two developments of note are the Object database and the XML database. The vendors of relational databases have fought off competition from these newer models by extending the capabilities of their own products to support a wider variety of data types.1.3General-purpose DBMSA DBMS has evolved into a complex software system and its development typically requires thousands of person-years of development effort.[citation needed] Some general-purpose DBMSs, like Oracle, Microsoft SQL Server, and IBM DB2, have been undergoing upgrades for thirty years or more. General-purpose DBMSs aim to satisfy as many applications as possible, which typically makes them even more complex than special-purpose databases. However, the fact that they can be used "off the shelf", as well as their amortized cost over many applications and instances, makes them an attractive alternative (Vsone-time development) whenever they meet an application's requirements.Though attractive in many cases, a general-purpose DBMS is not always the optimal solution: When certain applications are pervasive with many operating instances, each with many users, a general-purpose DBMS may introduce unnecessary overhead and too large "footprint" (too large amount of unnecessary, unutilized software code). Such applications usually justify dedicated development.Typical examples are email systems, though they need to possess certain DBMS properties: email systems are built in a way that optimizes email messages handling and managing, and do not need significant portions of a general-purpose DBMS functionality.1.4Database machines and appliancesIn the 1970s and 1980s attempts were made to build database systems with integrated hardware and software. The underlying philosophy was that such integration would provide higher performance at lower cost. Examples were IBM System/38, the early offering of Teradata, and the Britton Lee, Inc. database machine. Another approach to hardware support for database management was ICL's CAFS accelerator, a hardware disk controller with programmable search capabilities. In the long term these efforts were generally unsuccessful because specialized database machines could not keep pace with the rapid development and progress of general-purpose computers. Thus most database systems nowadays are software systems running on general-purpose hardware, using general-purpose computer data storage. However this idea is still pursued for certain applications by some companies like Netezza and Oracle (Exadata).1.5Database researchDatabase research has been an active and diverse area, with many specializations, carried out since the early days of dealing with the database concept in the 1960s. It has strong ties with database technology and DBMS products. Database research has taken place at research and development groups of companies (e.g., notably at IBM Research, who contributed technologies and ideas virtually to any DBMS existing today), research institutes, and Academia. Research has been done both through Theory and Prototypes. The interaction between research and database related product development has been very productive to the database area, and many related key concepts and technologies emerged from it. Notable are the Relational and the Entity-relationship models, the Atomic transaction concept and related Concurrency control techniques, Query languages and Query optimization methods, RAID, and more. Research has provided deep insight to virtually all aspects of databases, though not always has been pragmatic, effective (and cannot and should not always be: research is exploratory in nature, and not always leads to accepted or useful ideas). Ultimately market forces and real needs determine the selection of problem solutions and related technologies, also among those proposed by research. However, occasionally, not the best and most elegant solution wins (e.g., SQL). Along their history DBMSs and respective databases, to a great extent, have been the outcome of such research, while real product requirements and challenges triggered database research directions and sub-areas.The database research area has several notable dedicated academic journals (e.g., ACM Transactions on Database Systems-TODS, Data and Knowledge Engineering-DKE, and more) and annual conferences (e.g., ACM SIGMOD, ACM PODS, VLDB, IEEE ICDE, and more), as well as an active and quite heterogeneous (subject-wise) research community all over the world.1.6Database architectureDatabase architecture (to be distinguished from DBMS architecture; see below) may be viewed, to some extent, as an extension of Data modeling. It is used to conveniently answer requirements of different end-users from a same database, as well as for other benefits. For example, a financial department of a company needs the payment details of all employees as part of the company's expenses, but not other many details about employees, that are the interest of the human resources department. Thus different departments need different views of the company's database, that both include the employees' payments, possibly in a different level of detail (and presented in different visual forms). To meet such requirement effectively database architecture consists of three levels: external, conceptual and internal. Clearly separating the three levels was a major feature of the relational database model implementations that dominate 21st century databases.[13]The external level defines how each end-user type understands the organization of its respective relevant data in the database, i.e., the different needed end-user views.A single database can have any number of views at the external level.The conceptual level unifies the various external views into a coherent whole, global view.[13] It provides the common-denominator of all the external views. It comprises all the end-user needed generic data, i.e., all the data from which any view may be derived/computed. It is provided in the simplest possible way of such generic data, and comprises the back-bone of the database. It is out of the scope of the various database end-users, and serves database application developers and defined by database administrators that build the database.The Internal level (or Physical level) is as a matter of fact part of the database implementation inside a DBMS (see Implementation section below). It is concerned with cost, performance, scalability and other operational matters. It deals with storage layout of the conceptual level, provides supporting storage-structures like indexes, to enhance performance, and occasionally stores data of individual views (materialized views), computed from generic data, if performance justification exists for such redundancy. It balances all the external views' performance requirements, possibly conflicting, in attempt to optimize the overall database usage by all its end-uses according to the database goals and priorities.All the three levels are maintained and updated according to changing needs by database administrators who often also participate in the database design.The above three-level database architecture also relates to and being motivated by the concept of data independence which has been described for long time as a desired database property and was one of the major initial driving forces of the Relational model. In the context of the above architecture it means that changes made at a certain level do not affect definitions and software developed with higher level interfaces, and are being incorporated at the higher level automatically. For example, changes in the internal level do not affect application programs written using conceptual level interfaces, which saves substantial change work that would be needed otherwise.In summary, the conceptual is a level of indirection between internal and external. On one hand it provides a common view of the database, independent of different external view structures, and on the other hand it is uncomplicated by details of how the data is stored or managed (internal level). In principle every level, and even every external view, can be presented by a different data model. In practice usually a given DBMS uses the same data model for both the external and the conceptual levels (e.g., relational model). The internal level, which is hidden inside the DBMS and depends on its implementation (see Implementation section below), requires a different levelof detail and uses its own data structure types, typically different in nature from the structures of the external and conceptual levels which are exposed to DBMS users (e.g., the data models above): While the external and conceptual levels are focused on and serve DBMS users, the concern of the internal level is effective implementation details.中文译文：数据库1.1 数据库的概念数据库的概念已经演变自1960年以来，以缓解日益困难，在设计，建设，维护复杂的信息系统（通常与许多并发的最终用户，并用大量不同的数据）。

本科毕业论文外文翻译外文译文题目（中文）：具体数学：汉诺塔问题学院: 计算机科学与技术专业: 计算机科学与技术学号:学生姓名:指导教师:日期: 二○一二年六月1 Recurrent ProblemsTHIS CHAPTER EXPLORES three sample problems that give a feel for what’s to c ome. They have two traits in common: They’ve all been investigated repeatedly by mathe maticians; and their solutions all use the idea of recurrence, in which the solution to eac h problem depends on the solutions to smaller instances of the same problem.1.1 THE TOWER OF HANOILet’s look first at a neat little puzzle called the Tower of Hanoi,invented by the Fr ench mathematician Edouard Lucas in 1883. We are given a tower of eight disks, initiall y stacked in decreasing size on one of three pegs:The objective is to transfer the entire tower to one of the other pegs, movingonly one disk at a time and never moving a larger one onto a smaller.Lucas furnished his toy with a romantic legend about a much larger Tower of Brah ma, which supposedly has 64 disks of pure gold resting on three diamond needles. At th e beginning of time, he said, God placed these golden disks on the first needle and orda ined that a group of priests should transfer them to the third, according to the rules abov e. The priests reportedly work day and night at their task. When they finish, the Tower will crumble and the world will end.It's not immediately obvious that the puzzle has a solution, but a little thought (or h aving seen the problem before) convinces us that it does. Now the question arises：What' s the best we can do？That is，how many moves are necessary and suff i cient to perfor m the task?The best way to tackle a question like this is to generalize it a bit. The Tower of Brahma has 64 disks and the Tower of Hanoi has 8；let's consider what happens if ther e are TL disks.One advantage of this generalization is that we can scale the problem down even m ore. In fact, we'll see repeatedly in this book that it's advantageous to LOOK AT SMAL L CASES first. It's easy to see how to transfer a tower that contains only one or two di sks. And a small amount of experimentation shows how to transfer a tower of three.The next step in solving the problem is to introduce appropriate notation：NAME ANO CONQUER. Let's say that T n is the minimum number of moves that will t ransfer n disks from one peg to another under Lucas's rules. Then T1is obviously 1 , an d T2= 3.We can also get another piece of data for free, by considering the smallest case of all：Clearly T0= 0，because no moves at all are needed to transfer a tower of n = 0 disks! Smart mathematicians are not ashamed to think small,because general patterns are easier to perceive when the extreme cases are well understood(even when they are trivial).But now let's change our perspective and try to think big；how can we transfer a la rge tower? Experiments with three disks show that the winning idea is to transfer the top two disks to the middle peg, then move the third, then bring the other two onto it. Thi s gives us a clue for transferring n disks in general：We first transfer the n−1 smallest t o a different peg (requiring T n-1moves), then move the largest (requiring one move), and finally transfer the n−1 smallest back onto the largest (req uiring another T n-1moves). Th us we can transfer n disks (for n > 0)in at most 2T n-1+1 moves：T n≤2T n—1+1，for n > 0.This formula uses '≤' instead of '=' because our construction proves only that 2T n—1+1 mo ves suffice; we haven't shown that 2T n—1+1 moves are necessary. A clever person might be able to think of a shortcut.But is there a better way? Actually no. At some point we must move the largest d isk. When we do, the n−1 smallest must be on a single peg, and it has taken at least T moves to put them there. We might move the largest disk more than once, if we're n n−1ot too alert. But after moving the largest disk for the last time, we must trans fr the n−1 smallest disks (which must again be on a single peg)back onto the largest；this too re quires T n−1moves. HenceT n≥ 2T n—1+1，for n > 0.These two inequalities, together with the trivial solution for n = 0, yieldT0=0；T n=2T n—1+1 , for n > 0. (1.1)(Notice that these formulas are consistent with the known values T1= 1 and T2= 3. Our experience with small cases has not only helped us to discover a general formula, it has also provided a convenient way to check that we haven't made a foolish error. Such che cks will be especially valuable when we get into more complicated maneuvers in later ch apters.)A set of equalities like (1.1) is called a recurrence (a. k. a. recurrence relation or r ecursion relation). It gives a boundary value and an equation for the general value in ter ms of earlier ones. Sometimes we refer to the general equation alone as a recurrence, alt hough technically it needs a boundary value to be complete.The recurrence allows us to compute T n for any n we like. But nobody really like to co m pute fro m a recurrence，when n is large；it takes too long. The recurrence only gives indirect, "local" information. A solution to the recurrence would make us much h appier. That is, we'd like a nice, neat, "closed form" for Tn that lets us compute it quic kly，even for large n. With a closed form, we can understand what T n really is.So how do we solve a recurrence? One way is to guess the correct solution,then to prove that our guess is correct. And our best hope for guessing the solution is t o look (again) at small cases. So we compute, successively,T3= 2×3+1= 7; T4= 2×7+1= 15; T5= 2×15+1= 31; T6= 2×31+1= 63.Aha! It certainly looks as ifTn = 2n−1，for n≥0. (1.2)At least this works for n≤6.Mathematical induction is a general way to prove that some statement aboutthe integer n is true for all n≥n0. First we prove the statement when n has its smallest v alue,no; this is called the basis. Then we prove the statement for n > n0,assuming that it has already been proved for all values between n0and n−1, inclusive; this is called th e induction. Such a proof gives infinitely many results with only a finite amount of wo rk.Recurrences are ideally set up for mathematical induction. In our case, for exampl e，(1.2) follows easily from (1.1)：The basis is trivial，since T0 = 20−1= 0.And the indu ction follows for n > 0 if we assume that (1.2) holds when n is replaced by n−1：T n= 2T n+1= 2(2n−1−1)+1=2n−1.Hence (1.2) holds for n as well. Good! Our quest for T n has ended successfully.Of course the priests' task hasn't ended；they're still dutifully moving disks,and wil l be for a while, because for n = 64 there are 264−1 moves (about 18 quintillion). Even at the impossible rate of one move per microsecond, they will need more than 5000 cent uries to transfer the Tower of Brahma. Lucas's original puzzle is a bit more practical, It requires 28−1 = 255 moves, which takes about four minutes for the quick of hand.The Tower of Hanoi recurrence is typical of many that arise in applications of all kinds. In finding a closed-form expression for some quantity of interest like T n we go t hrough three stages：1 Look at small cases. This gives us insight into the problem and helps us in stages2 and 3.2 Find and prove a mathematical expression for the quantity of interest.For the Tower of Hanoi, this is the recurrence (1.1) that allows us, given the inc lination，to compute T n for any n.3 Find and prove a closed form for our mathematical expression.For the Tower of Hanoi, this is the recurrence solution (1.2).The third stage is the one we will concentrate on throughout this book. In fact, we'll fre quently skip stages I and 2 entirely, because a mathematical expression will be given tous as a starting point. But even then, we'll be getting into subproblems whose solutions will take us through all three stages.Our analysis of the Tower of Hanoi led to the correct answer, but it r equired an“i nductive leap”；we relied on a lucky guess about the answer. One of the main objectives of this book is to explain how a person can solve recurrences without being clairvoyant. For example, we'll see that recurrence (1.1) can be simplified by adding 1 to both sides of the equations：T0+ 1= 1;T n + 1= 2T n-1+ 2, for n >0.Now if we let U n= T n+1，we haveU0 =1；U n= 2U n-1，for n > 0. (1.3)It doesn't take genius to discover that the solution to this recurrence is just U n= 2n；he nce T n= 2n −1. Even a computer could discover this.Concrete MathematicsR. L. Graham, D. E. Knuth, O. Patashnik《Concrete Mathematics》，1.1 ，The Tower Of HanoiR. L. Graham, D. E. Knuth, O. PatashnikSixth printing, Printed in the United States of America1989 by Addison-Wesley Publishing Company，Reference 1-4 pages具体数学R.L.格雷厄姆，D.E.克努特，O.帕塔希尼克《具体数学》，1.1，汉诺塔R.L.格雷厄姆，D.E.克努特，O.帕塔希尼克第一版第六次印刷于美国，韦斯利出版公司，1989年，引用1-4页1 递归问题本章将通过对三个样本问题的分析来探讨递归的思想。

What Is an Object?Objects are key to understanding object-oriented technology. You can look around you now and see many examples of real-world objects: your dog, your desk, your television set, your bicycle.Real-world objects share two characteristics: They all have state and behavior. For example, dogs have state (name, color, breed, hungry) and behavior (barking, fetching, wagging tail). Bicycles have state (current gear, current pedal cadence, two wheels, number of gears) and behavior (braking, accelerating, slowing down, changing gears).Software objects are modeled after real-world objects in that they too have state and behavior. A software object maintains its state in one or more variables.A variable is an item of data named by an identifier. A software object implements its behavior with methods. A method is a function (subroutine) associated with an object.Definition:An object is a software bundle of variables and related methods. You can represent real-world objects by using software objects. You might want to represent real-world dogs as software objects in an animation program or a real-world bicycle as a software object in the program that controls an electronic exercise bike. You can also use software objects to model abstract concepts. For example, an event is a common object used in window systems to represent the action of a user pressing a mouse button or a key on the keyboard. The following illustration is a common visual representation of a software object.A software object.Everything the software object knows (state) and can do (behavior) is expressed by the variables and the methods within that object. A software object that modelsyour real-world bicycle would have variables that indicate the bicycle's current state: Its speed is 18 mph, its pedal cadence is 90 rpm, and its current gear is 5th. These variables are formally known as instance variables because they contain the state for a particular bicycle object; in object-oriented terminology, a particular object is called an instance. The following figure illustrates a bicycle modeled as a software object.A bicycle modeled as a softwareobject.In addition to its variables, the software bicycle would also have methods to brake, change the pedal cadence, and change gears. (It would not have a method for changing its speed because the bike's speed is just a side effect of which gear it's in and how fast the rider is pedaling.) These methods are known formally as instance methods because they inspect or change the state of a particular bicycle instance.Object diagrams show that an object's variables make up the center, or nucleus, of the object. Methods surround and hide the object's nucleus from other objects in the program. Packaging an object's variables within the protective custody of its methods is called encapsulation. This conceptual picture of an object —a nucleus of variables packaged within a protective membrane of methods — is an ideal representation of an object and is the ideal that designers of object-oriented systems strive for. However, it's not the whole story.Often, for practical reasons, an object may expose some of its variables or hide some of its methods. In the Java programming language, an object can specify one of four access levels for each of its variables and methods. The access level determines which other objects and classes can access that variable or method. Refer to the Controlling Access to Members of a Class section for details.Encapsulating related variables and methods into a neat software bundle is a simple yet powerful idea that provides two primary benefits to software developers:Modularity:The source code for an object can be written and maintainedindependently of the source code for other objects. Also, an objectcan be easily passed around in the system. You can give your bicycleto someone else, and it will still work.Information-hiding: An object has a public interface that otherobjects can use to communicate with it. The object can maintain privateinformation and methods that can be changed at any time withoutaffecting other objects that depend on it. You don't need to understanda bike's gear mechanism to use it.What Is a Message?A single object alone generally is not very useful. Instead, an object usually appears as a component of a larger program or application that contains many other objects. Through the interaction of these objects, programmers achieve higher-order functionality and more complex behavior. Your bicycle hanging from a hook in the garage is just a bunch of metal and rubber; by itself, it is incapable of any activity; the bicycle is useful only when another object (you) interacts with it (by pedaling).Software objects interact and communicate with each other by sending messages to each other. When object A wants object B to perform one of B's methods, object A sends a message to object B (see the following figure).Objects interact by sending each other messages.Sometimes, the receiving object needs more information so that it knows exactly what to do; for example, when you want to change gears on your bicycle, you have to indicate which gear you want. This information is passed along with the message as parameters.Messages use parameters to pass alongextra information that the objectneeds —in this case, which gear thebicycle should be in.These three parts are enough information for the receiving object to perform the desired method. No other information or context is required.Messages provide two important benefits:An object's behavior is expressed through its methods, so (aside fromdirect variable access) message passing supports all possibleinteractions between objects.Objects don't need to be in the same process or even on the same machineto send messages back and forth and receive messages from each other. What Is a Class?In the real world, you often have many objects of the same kind. For example, your bicycle is just one of many bicycles in the world. Using object-orientedterminology, we say that your bicycle object is an instanceof the class of objects known as bicycles. Bicycles have some state (current gear, current cadence, two wheels) and behavior (change gears, brake) in common. However, each bicycle's state is independent of and can be different from that of other bicycles.When building them, manufacturers take advantage of the fact that bicycles share characteristics, building many bicycles from the same blueprint. It would be very inefficient to produce a new blueprint for every bicycle manufactured.In object-oriented software, it's also possible to have many objects of the same kind that share characteristics: rectangles, employee records, video clips, and so on. Like bicycle manufacturers, you can take advantage of the fact that objects of the same kind are similar and you can create a blueprint for those objects.A software blueprint for objects is called a class (see the following figure).A visual representation of a class.Definition: A class is a blueprint that defines the variables and the methods common to all objects of a certain kind.The class for our bicycle example would declare the instance variables necessary to contain the current gear, the current cadence, and so on for each bicycle object. The class would also declare and provide implementations for the instance methods that allow the rider to change gears, brake, and change the pedaling cadence, as shown in the next figure.The bicycle class.After you've created the bicycle class, you can create any number of bicycleobjects from that class. When you create an instance of a class, the system allocates enough memory for the object and all its instance variables. Each instance gets its own copy of all the instance variables defined in the class, as the next figure shows.MyBike and YourBike are two different instances of the Bike class. Each instance has its own copy of the instance variables defined in the Bike class but has different values for these variables.In addition to instance variables, classes can define class variables. A class wariable contains information that is shared by all instances of the class. For example, suppose that all bicycles had the same number of gears. In this case, defining an instance variable to hold the number of gears is inefficient; each instance would have its own copy of the variable, but the value would be the same for every instance. In such situations, you can define a class variable that contains the number of gears (see the following figure); all instances share this variable. If one object changes the variable, it changes for all other objects of that type.YourBike, an instance of Bike, has access to the numberOfGears variable in the Bike class; however, the YourBike instance does not have a copy of this class variable.A class can also declare class methods You can invoke a class method directly from the class, whereas you must invoke instance methods on a particular instance.The Understanding Instance and Class Members section discusses instance variables and methods and class variables and methods in detail.Objects provide the benefit of modularity and information-hiding. Classes provide the benefit of reusability. Bicycle manufacturers use the same blueprint over and over again to build lots of bicycles. Software programmers use the same class, and thus the same code, over and over again to create many objects.Objects versus ClassesYou've probably noticed that the illustrations of objects and classes look very similar. And indeed, the difference between classes and objects is often the source of some confusion. In the real world, it's obvious that classes are not themselves the objects they describe; that is, a blueprint of a bicycle is not a bicycle. However, it's a little more difficult to differentiate classes and objects in software. This is partially because software objects are merelyelectronic models of real-world objects or abstract concepts in the first place. But it's also because the term object is sometimes used to refer to both classes and instances.In illustrations such as the top part of the preceding figure, the class is not shaded because it represents a blueprint of an object rather than the object itself. In comparison, an object is shaded, indicating that the object exists and that you can use it.What Is Inheritance?Generally speaking, objects are defined in terms of classes. You know a lot about an object by knowing its class. Even if you don't know what a penny-farthing is, if I told you it was a bicycle, you would know that it had two wheels, handlebars, and pedals.Object-oriented systems take this a step further and allow classes to be defined in terms of other classes. For example, mountain bikes, road bikes, and tandems are all types of bicycles. In object-oriented terminology, mountain bikes, road bikes, and tandems are all subclasses of the bicycle class. Similarly, the bicycle class is the supclasses of mountain bikes, road bikes, and tandems. This relationship is shown in the following figure.The hierarchy of bicycle classes.Each subclass inherits state (in the form of variable declarations) from the superclass. Mountain bikes, road bikes, and tandems share some states: cadence, speed, and the like. Also, each subclass inherits methods from the superclass. Mountain bikes, road bikes, and tandems share some behaviors — braking and changing pedaling speed, for example.However, subclasses are not limited to the states and behaviors provided to them by their superclass. Subclasses can add variables and methods to the ones they inherit from the superclass. Tandem bicycles have two seats and two sets of handlebars; some mountain bikes have an additional chain ring, giving them a lower gear ratio.Subclasses can also override inherited methods and provide specialized implementations for those methods. For example, if you had a mountain bike with an additional chain ring, you could override the "change gears" method so that the rider could shift into those lower gears.You are not limited to just one layer of inheritance. The inheritance tree, or class hierardry, can be as deep as needed. Methods and variables are inherited down through the levels. In general, the farther down in the hierarchy a class appears, the more specialized its behavior.Note:Class hierarchies should reflect what the classes are, not how they're implemented. When implementing a tricycle class, it might be convenient to make it a subclass of the bicycle class —after all, both tricycles and bicycles have a current speed and cadence. However, because a tricycle is not a bicycle, it's unwise to publicly tie the two classes together. It could confuse users, make the tricycle class have methods (for example, to change gears) that it doesn't need, and make updating or improving the tricycle class difficult.The Object class is at the top of class hierarchy, and each class is its descendant (directly or indirectly). A variable of type Object can hold a reference to any object, such as an instance of a class or an array. Object provides behaviors that are shared by all objects running in the Java Virtual Machine. For example, all classes inherit Object's toString method, which returns a string representation of the object. The Managing Inheritance section covers the Object class in detail.Inheritance offers the following benefits:Subclasses provide specialized behaviors from the basis of commonelements provided by the superclass. Through the use of inheritance,programmers can reuse the code in the superclass many times.Programmers can implement superclasses called abstract classes thatdefine common behaviors. The abstract superclass defines and maypartially implement the behavior, but much of the class is undefinedand unimplemented. Other programmers fill in the details withspecialized subclasses.What Is an Interface?In general, an interface is a device or a system that unrelated entities use to interact. According to this definition, a remote control is an interface between you and a television set, the English language is an interface between two people, and the protocol of behavior enforced in the military is the interface between individuals of different ranks.Within the Java programming language, an interface is a type, just as a class is a type. Like a class, an interface defines methods. Unlike a class, an interface never implements methods; instead, classes that implement the interface implement the methods defined by the interface. A class can implement multiple interfaces.The bicycle class and its class hierarchy define what a bicycle can and cannot do in terms of its "bicycleness." But bicycles interact with the world on other terms. For example, a bicycle in a store could be managed by an inventory program. An inventory program doesn't care what class of items it manages as long as each item provides certain information, such as price and tracking number. Instead of forcing class relationships on otherwise unrelated items, the inventory program sets up a communication protocol. This protocol comes in the form of a set of method definitions contained within an interface. The inventory interface would define, but not implement, methods that set and get the retail price, assign a tracking number, and so on.计算机专业中英文文献翻译To work in the inventory program, the bicycle class must agree to this protocol by implementing the interface. When a class implements an interface, the class agrees to implement all the methods defined in the interface. Thus, the bicycle class would provide the implementations for the methods that set and get retail price, assign a tracking number, and so on.You use an interface to define a protocol of behavior that can be implemented by any class anywhere in the class hierarchy. Interfaces are useful for the following:Capturing similarities among unrelated classes without artificiallyforcing a class relationshipDeclaring methods that one or more classes are expected to implementRevealing an object's programming interface without revealing itsclassModeling multiple inheritance, a feature of some object-orientedlanguages that allows a class to have more than one superclass。

本科毕业设计(论文) 外文翻译（附外文原文）系 ( 院 )：信息科学与工程学院课题名称：学生信息管理系统专业(方向)：计算机科学与技术（应用）7.1 Enter ActionMappingsThe Model 2 architecture (see chapter 1) encourages us to use servlets and Java- Server Pages in the same application. Under Model 2, we start by calling a servlet.The servlet handles the business logic and directs control to the appropriate pageto complete the response.The web application deployment descriptor (web.xml) lets us map a URL patternto a servlet. This can be a general pattern, like *.do, or a specific path, like saveRecord.do.Some applications implement Model 2 by mapping a servlet to each business operation. This approach works, but many applications involve dozens or hundredsof business operations. Since servlets are multithreaded, instantiating so manyservlets is not the best use of server resources. Servlets are designed to handle anynumber of parallel requests. There is no performance benefit in simply creatingmore and more servlets.The servlet’s primary job is to interact with the container and HTTP. Handlinga business operation is something that a servlet could delegate to another component. Struts does this by having the ActionServlet delegate the business operationto an object. Using a servlet to receive a request and route it to a handler is knownas the Front Controller pattern [Go3].Of course, simply delegating the business operation to another componentdoes not solve the problem of mapping URIs [W3C, URI] to business operations.Our only way of communicating with a web browser is through HTTP requests and URIs. Arranging for a URI to trigger a business operation is an essential part of developing a web application.Meanwhile, in practice many business operations are handled in similar ways.Since Java is multithreaded, we could get better use of our server resources if wecould use the same Action object to handle similar operations. But for this towork, we might need to pass the object a set of configuration parameters to usewith each operation.So what’s the bottom line? To implement Model 2 in an efficient and flexibleway, we need to:Enter ActionMappings 195♉ Route requests for our business operations to a single servlet♉ Determine which business operation is related to the request♉ Load a multithreaded helper object to handle the business operation♉ Pass the helper object the specifics of each request along with any configuration detail used by this operationThis is where ActionMappings come in.7.1.1 The ActionMapping beanAn ActionMapping (org.apache.struts.action.ActionMapping) describes howthe framework handles each discrete business operation (or action). In Struts,each ActionMapping is associated with a specific URI through its path property. When a request comes in, the ActionServlet uses the path property to select the corresponding ActionMapping. The set of ActionMapping objects is kept in an ActionMappings collection (org.apache.struts.action.ActionMappings). Originally, the ActionMapping object was used to extend the Action objectrather than the Action class. When used with an Action, a mapping gives a specific Action object additional responsibilities and new functionality. So, it was essentiallyan Action decorator [Go4]. Along the way, the ActionMapping evolved into anobject in its own right and can be used with or without an Action.DEFINITION The intent of the decorator pattern is to attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassingfor extending functionality [Go4].The ActionMappings are usually created through the Struts configuration file.For more about this file, see chapter 4.7.1.2 The ActionMappings catalogThe ActionMappings catalog the business logic available to a Struts application.When a request comes in, the servlet finds its entry in the ActionMappings catalogand pulls the corresponding bean.The ActionServlet uses the ActionMapping bean to decide what to do next. Itmay need to forward control off to another resource. Or it may need to populateand validate an ActionForm bean. At some point, it may have to pass control to an Action object, and when the Action returns, it may have to look up an Action-Forward associated with this mapping.196 CHAPTER 7Designing with ActionMappingsThe ActionMapping works like a routing slip for the servlet. Depending onhow the mapping is filled out, the request could go just about anywhere.The ActionMappings represent the core design of a Struts application. If youwant to figure out how a Struts application works, start with the ActionMappings. Ifyou want to figure out how to write a new Struts application, start with the Action- Mappings. The mappings are at the absolute center of every Struts application.In this chapter, we take a close look at the ActionMapping properties andexplore how they help you design the flow of a Struts application.1.0 vs 1.1 In Struts 1.1, ActionMapping subclasses ActionConfig (org.apache. struts.config.ActionConfig) and adds API methods required forbackward compatibility. ActionMapping is not deprecated, and how thehierarchy will be handled in future releases has not been determined.For now, we refer to the ActionMapping class, but you should note thatin Struts 1.1 all of the action properties are actually defined by the ActionConfigsuper class. The ActionMapping class otherwise works thesame way in both versions.7.2 ActionMapping propertiesTable 7.1 describes the base ActionMapping properties. As with other configuration components, developers may extend ActionMapping to provide additionalproperties.Table 7.1 The base ActionMapping propertiesProperty Descriptionpath The URI path from the request used to select this mapping. (API command) forward The context-relative path of the resource that should serve this request via a forward.Exactly one of the forward, include, or type properties must be specified.orinclude The context-relative path of the resource that should serve this request via aninclude. Exactly one of the forward, include, or type properties must be specified.ortype Optionally specifies a subclass oforg.apache.struts.action.ActionMappingthat should be used when instantiating this mapping.className The fully qualified name of the Action class used by this mapping. SinceStruts 1.1ActionMapping properties 197In the sections that follow, we take a look at each of these properties.7.2.1 The path propertyThe ActionMapping URI, or path, will look to the user like just another file onthe web server. But it does not represent a file. It is a virtual reference to our ActionMapping.Because it is exposed to other systems, the path is not really a logical name, likethose we use with ActionForward. The path can include slashes and an extension—as if it referred to a file system—but they are all just part of a single name.The ActionMappings themselves are a “flat” namespace with no type of internalhierarchy whatsoever. They just happen to use the same characters that we areused to seeing in hierarchical file systems.name The name of the form bean, if any, associated with this action. This is not the classname. It is the logical name used in the form bean configuration.roles The list of security roles that may access this mapping.scope The identifier of the scope (request or session) within which the form bean, if any,associated with this mapping will be created.validate Set to true if the validate method of the form bean (if any) associated with thismapping should be called.input Context-relative path of the input form to which control should be returned ifa validationerror is encountered. This can be any URI: HTML, JSP, VM, or another Action- Mapping.parameter General-purpose configuration parameter that can be used to pass extra informationto the Action selected by this ActionMapping.attribute Name of the request-scope or session-scope attribute under which our form bean isaccessed, if it is other than the bean's specified name.prefix Prefix used to match request parameter names to form bean property names, if any.suffix Suffix used to match request parameter names when populating the properties ofour ActionForm bean, if any.unknown Can be set to true if this mapping should be configured as the default for this application(to handle all requests not handled by another mapping). Only one mappingcan be defined as the default unknown mapping within an application.forwards(s) Block of ActionForwards for this mapping to use, if any.exception(s) Block of ExceptionHandlers for this mapping to use, if any.Table 7.1 The base ActionMapping properties (continued)Property DescriptionSinceStruts 1.1SinceStruts 1.1198 CHAPTER 7Designing with ActionMappingsOf course, it can still be useful to treat your ActionMappings as if they werepart of a hierarchy and group related commands under the same "folder." Theonly restriction is that the names must match whatever pattern is used in the application’s deployment description (web.xml) for the ActionServlet. This is usuallyeither /do/* or *.do, but any similar pattern can be used.If you are working in a team environment, different team members can begiven different ActionMapping namespaces to use. Some people may be workingwith the /customer ActionMappings, others may be working with the /vendor ActionMappings. This may also relate to the Java package hierarchy the team isusing. Since the ActionMapping URIs are logical constructs, they can be organizedin any way that suits your project.With Struts 1.1, these types of namespaces can be promoted to applicationmodules. Each team can work independently on its own module, with its own setof configuration files and presentation pages. Configuring your application to use multiple modules is covered in chapter 4.DEFINITION The web runs on URIs, and most URIs map to physical files. If you want to change the resource, you change the corresponding file. Some URIs, likeStruts actions, are virtual references. They do not have a correspondingfile but are handled by a programming component. To change the resource,we change how the component is programmed. But since thepath is a URI and interacts with other systems outside our control, thepath is not a true logical reference—the name of an ActionForward, forinstance. We can change the name of an ActionForward without consultingother systems. It’s an internal, logical reference. If we change thepath to an ActionMapping, we might need to update other systems thatrefer to the ActionMapping through its public URI.7.2.2 The forward propertyWhen the forward property is specified, the servlet will not pass the request to an Action class but will make a call to RequestDispatcher.forward. Since the operationdoes not use an Action class, it can be used to integrate Struts with otherresources and to prototype systems. The forward, include, and type propertiesare mutually exclusive. (See chapter 6 for more information.)7.2.3 The include propertyWhen the include property is specified, the servlet will not pass the request to an Action class but will make a call to RequestDispatcher.include. The operationActionMapping properties 199does not use an Action class and can be used to integrate Struts with other components. The forward, include, and type properties are mutually exclusive. (Seechapter 6 for more information.)7.2.4 The type propertyMost mappings will specify an Action class type rather than a forward or include.An Action class may be used by more than one mapping. The mappings may specifyform beans, parameters, forwards, or exceptions. The forward, include, andtype properties are mutually exclusive.7.2.5 The className propertyWhen specified, className is the fully qualified Java classname of the ActionMapping subclass that should be used for this object. This allows you to use your own ActionMapping subclass with specialized methods and properties. See alsosection 7.4.7.2.6 The name propertyThis property specifies the logical name for the form bean, as given in the formbean segment of the Struts configuration file. By default, this is also the name tobe used when placing the form bean in the request or session context. Use theattribute property of this class to specify a different attribute key.7.2.7 The roles propertyThis property is a comma-delimited list of the security role names that are allowed access to this ActionMapping object. By default, the same system that is used with standard container-based security is applied to the list of roles given here. Thismeans you can use action-based security in lieu of specifying URL patterns in the deployment descriptor, or you can use both together.The security check is handled by the processRoles method of the Request- Processor (org.apache.struts.action.RequestProcessor). By subclassing RequestProcessor, you can also use the roles property with application-based security. See chapter 9 for more about subclassing RequestProcessor.7.2.8 The scope propertyThe ActionForm bean can be stored in the current request or in the session scope (where it will be available to additional requests). While most developers userequest scope for the ActionForm, the framework default is session scope. Tomake request the default, see section 7.4.SinceStruts 1.1SinceStruts 1.1200 CHAPTER 7Designing with ActionMappings7.2.9 The validate propertyAn important step in the lifecycle of an ActionForm is to validate its data before offering it to the business layer. When the validate property for a mapping is true, the ActionServlet will call the ActionForm’s validate method. If validate returns false, the request is forwarded to the resource given by the input property.Often, developers will create a pair of mappings for each data entry form. Onemapping will have validate set to false, so you can create an empty form. Theother has validate set to true and is used to submit the completed form.NOTE Whether or not the ActionForm validate method is called does not relateto the ActionServlet’s validating property. That switch controlshow the Struts configuration file is processed.7.2.10 The input propertyWhen validate is set to true, it is important that a valid path for input be provided. This is where control will pass should the ActionForm validate methodreturn false. Often, this is the address for a presentation page. Sometimes it willbe another Action path (with validate set to false) that is required to generatedata objects needed by the page.NOTE The input path often leads back to the page that submitted the request.While it seems natural for the framework to return the request to whereit originated, this is not a simple task in a web application. A request is oftenpassed from component to component before a response is sent backto the browser. The browser only knows the path it used to retrieve theinput page, which may or may not also be the correct path to use for theinput property. While it may be possible to try and generate a default inputpage based on the HTTP referrer attribute, the Struts designersdeemed that approach unreliable.inputForwardIn Struts 1.0, the ActionMapping input property is always a literal URI. InStruts 1.1, it may optionally be the name of an ActionForward instead. The ActionForward is retrieved and its path property is used as the input property.This can be a global or local ActionForward.To use ActionForwards here instead of literal paths, set the inputForwardattribute on the <controller> element for this module to true:SinceStruts 1.1ActionMapping properties 201<controller inputForward="true">For more about configuring Struts, see chapter 4. For more about ActionForwards,see chapter 6.7.2.11 The parameter propertyThe generic parameter property allows Actions to be configured at runtime. Severalof the standard Struts Actions make use of this property, and the standardScaffold Actions often use it, too. The parameter property may contain a URI, the name of a method, the name of a class, or any other bit of information an Actionmay need at runtime. This flexibility allows some Actions to do double and tripleduty, slashing the number of distinct Action classes an application needs on hand.Within an Action class, the parameter property is retrieved from the mappingpassed to perform:parameter = mapping.getParameter();Multiple parametersWhile multiple parameters are not supported by the standard ActionMappingsclass, there are some easy ways to implement this, including using HttpUtils, a StringTokenizer, or a Properties file (java.util.Properties).HttpUtils. Although deprecated as of the Servlet API 2.3 specification, theHttpUtils package (javax.servlet.http.HttpUtils) provides a static method that parses any string as if it were a query string and returns a Hashtable(java.util.Hashtable):Hashtable parameters = parseQueryString(parameter);The parameter property for your mapping then becomes just another query string, because you might use it elsewhere in the Struts configuration. stringTokenizer. Another simple approach is to delimit the parameters using the token of your choice—such as a comma, colon, or semicolon—and use the StringTokenizer to read them back:StringTokenizer incoming =new StringTokenizer(mapping.getParameter(),";");int i = 0;String[] parameters = new String[incoming.countTokens()]; while (incoming.hasMoreTokens()) {parameters[i++] = incoming.nextToken().trim();}202 CHAPTER 7Designing with ActionMappingsProperties file. While slightly more complicated than the others, another popular approach to providing multiple parameters to an ActionMapping is with a standard Properties files (java.util.Properties). Depending on your needs, the Properties file could be stored in an absolute location in your file system or anywhere on your application’s CLASSPATH.The Commons Scaffold package [ASF, Commons] provides a ResourceUtils package (mons.scaffold.util.ResourceUtils) with methods forloading a Properties file from an absolute location or from your application’s CLASSPATH.7.2.12 The attribute propertyFrom time to time, you may need to store two copies of the same ActionForm inthe same context at the same time. This most often happens when ActionFormsare being stored in the session context as part of a workflow. To keep their names from conflicting, you can use the attribute property to give one ActionForm bean a different name.An alternative approach is to define another ActionForm bean in the configuration, using the same type but under a different name.7.2.13 The prefix and suffix propertiesLike attribute, the prefix and suffix properties can be used to help avoid naming conflicts in your application. When specified, these switches enable aprefix or suffix for the property name, forming an alias when it is populatedfrom the request.If the prefix this was specified, thenthisName=McClanahanbecomes equivalent toname=McClanahanfor the purpose of populating the ActionForm. Either or both parameters would call getName("McClanahan");This does not affect how the properties are written by the tag extensions. It affects how the autopopulation mechanism perceives them in the request.Nested components 2037.2.14 The unknown ActionMappingWhile surfing the Web, most of us have encountered the dreaded 404— page not found message. Most web servers provide some special features for processing requests for unknown pages, so webmasters can steer users in the right direction. Struts offers a similar service for ActionMapping 404s—the unknown ActionMapping. In the Struts configuration file, you can specify one ActionMapping toreceive any requests for an ActionMapping that would not otherwise be matched:<actionname="/debug"forward="/pages/debug.jsp"/>When this option is not set, a request for an ActionMapping that cannot bematched throws400 Invalid path /notHere was requestedNote that by a request for an ActionMapping, we mean a URI that matches the prefix or suffix specified for the servlet (usually /do/* or *.do). Requests for other URI patterns, good or bad, will be handled by other servlets or by the container:/do/notHere (goes to the unknown ActionMapping)/notHere.txt (goes to the container)7.3 Nested componentsThe ActionMapping properties are helpful when it comes to getting an Action torun a business operation. But they tell only part of the story. There is still much todo when the Action returns.An Action may have more than one outcome. We may need to register several ActionForwards so that the Action can take its pick.7.3.1 Local forwardsIn the normal course, an ActionMapping is used to select an Action object to handle the request. The Action returns an ActionForward that indicates which pageshould complete the response.The reason we use ActionForwards is that, in practice, presentation pages areeither often reused or often changed, or both. In either case, it is good practice to encapsulate the page’s location behind a logical name, like “success” or “failure.”The ActionForward object lets us assign a logical name to any given URI.204 CHAPTER 7Designing with ActionMappingsOf course, logical concepts like success or failure are often relative. What represents success to one Action may represent failure to another. Each Action-Mapping can have its own set of local ActionForwards. When the Action asks for a forward (by name), the local set is checked before trying the global forwards. See chapter 6 for more about ActionForwards.Local forwards are usually specified in the Struts configuration file. See chapter4 for details.7.3.2 Local exceptionsMost often, an application’s exception handlers (org.apache.struts.action. ExceptionHandler) can be declared globally. However, if a given ActionMapping needs to handle an exception differently, it can have its own set of local exception handlers that are checked before the global set.Local exceptions are usually specified in the Struts configuration file. Seechapter 4 for details.7.4 Rolling your own ActionMappingWhile ActionMapping provides an impressive array of properties, developers may also provide their own subclass with additional properties or methods. InStruts 1.0, this is configured in the deployment descriptor (web.xml) for the ActionServlet:<init-param><param-name>mapping</param-name><param-value>app.MyActionMapping</param-value></init-param>In Struts 1.1, this is configured in the Struts configuration file as an attribute to the <action-mappings> element:<action-mappings type="app.MyActionMapping">Individual mappings may also be set to use another type through the className attribute:<action className="app.MyActionMapping">For more about configuring Struts, see chapter 4.SinceStruts 1.1Summary 205The framework provides two base ActionMapping classes, shown in table 7.2. They can be selected as the default or used as a base for your own subclasses.The framework default is SessionActionMapping, so scope defaults to session. Subclasses that provide new properties may set them in the Struts configuration using a standard mechanism:<set-property property="myProperty" value="myValue" /> Using this standard mechanism helps developers avoid subclassing the Action- Servlet just to recognize the new properties when it digests the configuration file. This is actually a feature of the Digester that Struts simply inherits.7.5 SummarySun’s Model 2 architecture teaches that servlets and JavaServer Pages should be used together in the same application. The servlets can handle flow control and data acquisition, and the JavaServer Pages can handle the HTML.Struts takes this one step further and delegates much of the flow control anddata acquisition to Action objects. The application then needs only a single servletto act as a traffic cop. All the real work is parceled out to the Actions and theStruts configuration objects.Like servlets, Actions are efficient, multithreaded singletons. A single Actionobject can be handling any number of requests at the same time, optimizing your server’s resources.To get the most use out of your Actions, the ActionMapping object is used as a decorator for the Action object. It gives the Action a URI, or several URIs, and away to pass different configuration settings to an Action depending on which URIis called.In this chapter, we took a close look at the ActionMapping properties andexplained each property’s role in the scheme of things. We also looked at extendingthe standard ActionMapping object with custom properties—just in case yourscheme needs even more things.Table 7.2 The default ActionMapping classesActionMapping Descriptionorg.apache.struts.action.SessionActionMapping Defaults the scope property to sessionorg.apache.struts.action.RequestActionMapping Defaults the scope property to request206 CHAPTER 7Designing with ActionMappingsIn chapter 8, the real fun begins. The configuration objects covered so far aremainly a support system. They help the controller match an incoming requestwith a server-side operation. Now that we have the supporting players, let’s meet the Struts diva: the Action object.7.1 进入ActionMappingModel 2 架构(第1章)鼓励在同一个应用中使用servlet和JSP页面。

1In the past decade the business environment has changed dramatically. The world has become a small and very dynamic marketplace. Organizations today confront new markets, new competition and increasing customer expectations. This has put a tremendous demand on manufacturers to; 1) Lower total costs in the complete supply chain 2) Shorten throughput times 3) Reduce stock to a minimum 4) Enlarge product assortment 5) Improve product quality 6) Provide more reliable delivery dates and higher service to the customer 7) Efficiently coordinate global demand, supply and production. Thus today's organization have to constantly re-engineer their business practices and procedures to be more and more responsive to customers and competition. In the 1990's information technology and business process re-engineering, used in conjunction with each other, have emerged as important tools which give organizations the leading edge.ERP Systems EvolutionThe focus of manufacturing systems in the 1960's was on inventory control. Most of the software packages then (usually customized) were designed to handle inventory based on traditional inventory concepts. In the 1970's the focus shifted to MRP (Material Requirement Planning) systems which translatedthe Master Schedule built for the end items into time-phased net requirements for the sub-assemblies, components and raw materials planning and procurement,In the 1980's the concept of MRP-II (Manufacturing Resources Planning) evolved which was an extension of MRP to shop floor and distribution management activities. In the early 1990's, MRP-II was further extended to cover areas like Engineering, Finance, Human Resources, Projects Management etc i.e. the complete gamut of activities within any business enterprise. Hence, the term ERP (Enterprise Resource Planning) was coined.In addition to system requirements, ERP addresses technology aspects like client/server distributedarchitecture, RDBMS, object oriented programming etc. ERP Systems-Bandwidth ERP solutions address broad areas within any business like Manufacturing, Distribution, Finance, Project Management, Service and Maintenance, Transportation etc. A seamless integration is essential to provide visibility and consistency across the enterprise.An ERP system should be sufficiently versatile to support different manufacturing environments like make-to-stock, assemble-to-order and engineer-to-order. The customer order decoupling point (CODP) should be flexible enough to allow the co-existence of these manufacturing environments within the same system. It is also very likely that the same product may migrate from one manufacturing environment to another during its produce life cycle.The system should be complete enough to support both Discrete as well as Process manufacturing scenario's. The efficiency of an enterprise depends on the quick flow of information across the complete supply chain i.e. from the customer to manufacturers to supplier. This places demands on the ERP system to have rich functionality across all areas like sales, accounts receivable, engineering, planning, inventory management, production, purchase, accounts payable, quality management, distribution planning and external transportation. EDI (Electronic Data Interchange) is an important tool in speeding up communications with trading partners.More and more companies are becoming global and focusing on down-sizing and decentralizing their business. ABB and Northern Telecom are examples of companies which have business spread around the globe. For these companies to manage their business efficiently, ERP systems need to have extensive multi-site management capabilities. The complete financial accounting and management accounting requirementsof the organization should be addressed. It is necessary to have centralized or de-centralized accounting functions with complete flexibility to consolidate corporate information.After-sales service should be streamlined and managed efficiently. A strong EIS (Enterprise Information System) with extensive drill down capabilities should be available for the top management to get a birds eye view of the health of their organization and help them to analyze performance in key areas.Evaluation CriteriaSome important points to be kept in mind while evaluating an ERP software include: 1) Functional fit with the Company's business processes 2) Degree of integration between the various components of the ERP system 3) Flexibility and scalability 4) Complexity; user friendliness 5) Quick implementation; shortened ROI period 6) Ability to support multi-site planning and control 7) Technology; client/server capabilities, database independence, security 8)Availability of regular upgrades 9) Amount of customization required 10) Local support infrastructure II) Availability of reference sites 12) Total costs,including cost of license, training, implementation, maintenance, customization and hardware requirements.ERP Systems-ImplementationThe success of an ERP solution depends on how quick the benefits can be reaped from it. This necessitates rapid implementations which lead to shortened ROI periods. Traditional approach to implementation has been to carry out a Business Process Re-engineering exercise and define a "TO BE"model before the ERP system implementation. This led to mismatches between the proposed model and the ERP functionality, the consequence of which was customizations, extended implementation time frames, higher costs and loss of user confidence.ERP Systems-The FutureThe Internet represents the next major technology enabler which allows rapid supply chain management between multiple operations and trading partners. Most ERP systems are enhancing their products to become "Internet Enabled" so that customers worldwide can have direct to the supplier's ERP system. ERP systems are building in the Workflow Management functionally which provides a mechanism to manage and controlthe flow of work by monitoring logistic aspects like workload, capacity, throughout times, work queue lengths and processing times.译文1在过去十年中，商业环境发生了巨大的变化。

计算机外⽂翻译（完整）毕业设计(论⽂)外⽂资料翻译专业：计算机科学与技术姓名：王成明学号：06120186外⽂出处：The History of the Internet附件： 1.外⽂原⽂ 2.外⽂资料翻译译⽂；附件1：外⽂原⽂The History of the InternetThe Beginning - ARPAnetThe Internet started as a project by the US government. The object of the project was to create a means of communications between long distance points, in the event of a nation wide emergency or, more specifically, nuclear war. The project was called ARPAnet, and it is what the Internet started as. Funded specifically for military communication, the engineers responsible for ARPANet had no idea of the possibilities of an "Internet."By definition, an 'Internet' is four or more computers connected by a network.ARPAnet achieved its network by using a protocol called TCP/IP. The basics around this protocol was that if information sent over a network failed to get through on one route, it would find another route to work with, as well as establishing a means for one computer to "talk" to another computer, regardless of whether it was a PC or a Macintosh.By the 80's ARPAnet, just years away from becoming the more well known Internet, had 200 computers. The Defense Department, satisfied with ARPAnets results, decided to fully adopt it into service, and connected many military computers and resources into the network. ARPAnet then had 562 computers on its network. By the year 1984, it had over 1000 computers on its network.In 1986 ARPAnet (supposedly) shut down, but only the organization shut down, and the existing networks still existed between the more than 1000 computers. It shut down due to a failied link up with NSF, who wanted to connect its 5 countywide super computers into ARPAnet.With the funding of NSF, new high speed lines were successfully installed at line speeds of 56k (a normal modem nowadays) through telephone lines in 1988. By that time, there were 28,174 computers on the (by then decided) Internet. In 1989 there were 80,000 computers on it. By 1989, there were290,000.Another network was built to support the incredible number of people joining. It was constructed in 1992.Today - The InternetToday, the Internet has become one of the most important technological advancements in the history of humanity. Everyone wants to get 'on line' to experience the wealth of information of the Internet. Millions of people now use the Internet, and it's predicted that by the year 2003 every single person on the planet will have Internet access. The Internet has truly become a way of life in our time and era, and is evolving so quickly its hard to determine where it will go next, as computer and network technology improve every day.HOW IT WORKS:It's a standard thing. People using the Internet. Shopping, playing games,conversing in virtual Internet environments.The Internet is not a 'thing' itself. The Internet cannot just "crash." It functions the same way as the telephone system, only there is no Internet company that runs the Internet.The Internet is a collection of millioins of computers that are all connected to each other, or have the means to connect to each other. The Internet is just like an office network, only it has millions of computers connected to it.The main thing about how the Internet works is communication. How does a computer in Houston know how to access data on a computer in Tokyo to view a webpage?Internet communication, communication among computers connected to the Internet, is based on a language. This language is called TCP/IP. TCP/IP establishes a language for a computer to access and transmit data over the Internet system.But TCP/IP assumes that there is a physical connecetion between onecomputer and another. This is not usually the case. There would have to be a network wire that went to every computer connected to the Internet, but that would make the Internet impossible to access.The physical connection that is requireed is established by way of modems,phonelines, and other modem cable connections (like cable modems or DSL). Modems on computers read and transmit data over established lines,which could be phonelines or data lines. The actual hard core connections are established among computers called routers.A router is a computer that serves as a traffic controller for information.To explain this better, let's look at how a standard computer might viewa webpage.1. The user's computer dials into an Internet Service Provider (ISP). The ISP might in turn be connected to another ISP, or a straight connection into the Internet backbone.2. The user launches a web browser like Netscape or Internet Explorer and types in an internet location to go to.3. Here's where the tricky part comes in. First, the computer sends data about it's data request to a router. A router is a very high speed powerful computer running special software. The collection of routers in the world make what is called a "backbone," on which all the data on the Internet is transferred. The backbone presently operates at a speed of several gigabytes per-second. Such a speed compared to a normal modem is like comparing the heat of the sun to the heat of an ice-cube.Routers handle data that is going back and forth. A router puts small chunks of data into packages called packets, which function similarly to envelopes. So, when the request for the webpage goes through, it uses TCP/IP protocols to tell the router what to do with the data, where it's going, and overall where the user wants to go.4. The router sends these packets to other routers, eventually leadingto the target computer. It's like whisper down the lane (only the information remains intact).5. When the information reaches the target web server, the webserver then begins to send the web page back. A webserver is the computer where the webpage is stored that is running a program that handles requests for the webpage and sends the webpage to whoever wants to see it.6. The webpage is put in packets, sent through routers, and arrive at the users computer where the user can view the webpage once it is assembled.The packets which contain the data also contain special information that lets routers and other computers know how to reassemble the data in the right order.With millions of web pages, and millions of users, using the Internet is not always easy for a beginning user, especially for someone who is not entirely comfortale with using computers. Below you can find tips tricks and help on how to use main services of the Internet.Before you access webpages, you must have a web browser to actually be able to view the webpages. Most Internet Access Providers provide you with a web browser in the software they usually give to customers; you. The fact that you are viewing this page means that you have a web browser. The top two use browsers are Netscape Communicator and Microsoft Internet Explorer. Netscape can be found at /doc/bedc387343323968011c9268.html and MSIE can be found at /doc/bedc387343323968011c9268.html /ie.The fact that you're reading this right now means that you have a web browser.Next you must be familiar with actually using webpages. A webpage is a collection of hyperlinks, images, text, forms, menus, and multimedia. To "navigate" a webpage, simply click the links it provides or follow it's own instructions (like if it has a form you need to use, it will probably instruct you how to use it). Basically, everything about a webpage is made to be self-explanetory. That is the nature of a webpage, to be easily navigatable."Oh no! a 404 error! 'Cannot find web page?'" is a common remark made by new web-users.Sometimes websites have errors. But an error on a website is not the user's fault, of course.A 404 error means that the page you tried to go to does not exist. This could be because the site is still being constructed and the page hasn't been created yet, or because the site author made a typo in the page. There's nothing much to do about a 404 error except for e-mailing the site administrator (of the page you wanted to go to) an telling him/her about the error.A Javascript error is the result of a programming error in the Javascript code of a website. Not all websites utilize Javascript, but many do. Javascript is different from Java, and most browsers now support Javascript. If you are using an old version of a web browser (Netscape 3.0 for example), you might get Javascript errors because sites utilize Javascript versions that your browser does not support. So, you can try getting a newer version of your web browser.E-mail stands for Electronic Mail, and that's what it is. E-mail enables people to send letters, and even files and pictures to each other.To use e-mail, you must have an e-mail client, which is just like a personal post office, since it retrieves and stores e-mail. Secondly, you must have an e-mail account. Most Internet Service Providers provide free e-mail account(s) for free. Some services offer free e-mail, like Hotmail, and Geocities.After configuring your e-mail client with your POP3 and SMTP server address (your e-mail provider will give you that information), you are ready to receive mail.An attachment is a file sent in a letter. If someone sends you an attachment and you don't know who it is, don't run the file, ever. It could be a virus or some other kind of nasty programs. You can't get a virus justby reading e-mail, you'll have to physically execute some form of program for a virus to strike.A signature is a feature of many e-mail programs. A signature is added to the end of every e-mail you send out. You can put a text graphic, your business information, anything you want.Imagine that a computer on the Internet is an island in the sea. The sea is filled with millions of islands. This is the Internet. Imagine an island communicates with other island by sending ships to other islands and receiving ships. The island has ports to accept and send out ships.A computer on the Internet has access nodes called ports. A port is just a symbolic object that allows the computer to operate on a network (or the Internet). This method is similar to the island/ocean symbolism above.Telnet refers to accessing ports on a server directly with a text connection. Almost every kind of Internet function, like accessing web pages,"chatting," and e-mailing is done over a Telnet connection.Telnetting requires a Telnet client. A telnet program comes with the Windows system, so Windows users can access telnet by typing in "telnet" (without the "'s) in the run dialog. Linux has it built into the command line; telnet. A popular telnet program for Macintosh is NCSA telnet.Any server software (web page daemon, chat daemon) can be accessed via telnet, although they are not usually meant to be accessed in such a manner. For instance, it is possible to connect directly to a mail server and check your mail by interfacing with the e-mail server software, but it's easier to use an e-mail client (of course).There are millions of WebPages that come from all over the world, yet how will you know what the address of a page you want is?Search engines save the day. A search engine is a very large website that allows you to search it's own database of websites. For instance, if you wanted to find a website on dogs, you'd search for "dog" or "dogs" or "dog information." Here are a few search-engines.1. Altavista (/doc/bedc387343323968011c9268.html ) - Web spider & Indexed2. Yahoo (/doc/bedc387343323968011c9268.html ) - Web spider & Indexed Collection3. Excite (/doc/bedc387343323968011c9268.html ) - Web spider & Indexed4. Lycos (/doc/bedc387343323968011c9268.html ) - Web spider & Indexed5. Metasearch (/doc/bedc387343323968011c9268.html ) - Multiple searchA web spider is a program used by search engines that goes from page to page, following any link it can possibly find. This means that a search engine can literally map out as much of the Internet as it's own time and speed allows for.An indexed collection uses hand-added links. For instance, on Yahoo's site. You can click on Computers & the Internet. Then you can click on Hardware. Then you can click on Modems, etc., and along the way through sections, there are sites available which relate to what section you're in.Metasearch searches many search engines at the same time, finding the top choices from about 10 search engines, making searching a lot more effective.Once you are able to use search engines, you can effectively find the pages you want.With the arrival of networking and multi user systems, security has always been on the mind of system developers and system operators. Since the dawn of AT&T and its phone network, hackers have been known by many, hackers who find ways all the time of breaking into systems. It used to not be that big of a problem, since networking was limited to big corporate companies or government computers who could afford the necessary computer security.The biggest problem now-a-days is personal information. Why should you be careful while making purchases via a website? Let's look at how the internet works, quickly.The user is transferring credit card information to a webpage. Looks safe, right? Not necessarily. As the user submits the information, it is being streamed through a series of computers that make up the Internet backbone.The information is in little chunks, in packages called packets. Here's the problem: While the information is being transferred through this big backbone, what is preventing a "hacker" from intercepting this data stream at one of the backbone points?Big-brother is not watching you if you access a web site, but users should be aware of potential threats while transmitting private information. There are methods of enforcing security, like password protection, an most importantly, encryption.Encryption means scrambling data into a code that can only be unscrambled on the "other end." Browser's like Netscape Communicator and Internet Explorer feature encryption support for making on-line transfers. Some encryptions work better than others. The most advanced encryption system is called DES (Data Encryption Standard), and it was adopted by the US Defense Department because it was deemed so difficult to 'crack' that they considered it a security risk if it would fall into another countries hands.A DES uses a single key of information to unlock an entire document. The problem is, there are 75 trillion possible keys to use, so it is a highly difficult system to break. One document was cracked and decoded, but it was a combined effort of14,000 computers networked over the Internet that took a while to do it, so most hackers don't have that many resources available.附件2：外⽂资料翻译译⽂Internet的历史起源——ARPAnetInternet是被美国政府作为⼀项⼯程进⾏开发的。

毕业设计(论文)外文文献翻译专业计算机科学与技术学生姓名班级学号指导教师信息工程学院Mobile Malware and Smart Device Security:Trends,Challenges and SolutionsAbdullahi Arabo and Bernardi PranggonoThe Oxford Internet Institute(OII),Oxford University,Oxford,OX13JS,U.K. School of Engineering and Built Environment,Glasgow Caledonian University, Glasgow,G40BA,U.K.Abstract—This work is part of the research to study trends and challenges of cyber security to smart devices in smart homes.We have seen the development and demand for seamless interconnectivity of smart devices to provide various functionality and abilities to users.While these devices provide more features and functionality,they also introduce new risks and threats.Subsequently, current cyber security issues related to smart devices are discussed and analyzed. The paper begins with related background and motivation.We identified mobile malware as one of the main issue in the smart devices’security.In the near future,mobile smart device users can expect to see a striking increase in malware and notable advancements in malware-related attacks,particularly on the Android platform as the user base has grown exponentially.We discuss and analyzed mobile malware in details and identified challenges and future trends in this area.Then we propose and discuss an integrated security solution for cyber security in smart devices to tackle the issue.Index—Botnet,cyber security,mobile malware,security framework,smart device securityI.INTRODUCTIONThe Internet is one of the most remarkable developments to have happened to mankind in the last100years.The development of ubiquitous computing makes things even more interesting as it has given us the possibility to utilise devices and technology in unusual ways.We have seen the development and demand for seamless interconnectivity of smart devices to provide various functionalities and abilities to users.But we also know the vulnerabilities that exist within this ecosystem.However, these vulnerabilities are normally considered for larger infrastructures and little attention has been paid to the cyber security threats from the usage and power of smart devices as a result of the Internet of Things(IoT)technologies.In the IoT vision,every physical object has a virtual component that can produce and consume services.Smart spaces are becoming interconnected with powerful smart devices (smartphones,tablets,etc.).On the other hand,we also have the backbone,the power grid that powers our nations.These two phenomena are coming at the same time.The increased usage of smart meters in our homes or businesses provides an avenue ofconnectivity as well as powerful home services or interconnected powerful smart devices.The example of the smart grid also provides the means of controlling and monitoring smart grid infrastructures via the use of portable smart devices.The vulnerability of the connected home and developments within the energy industry’s new wireless smart grid are exposed to the wrong people;it will inevitably lead to lights out for everyone.This will eventually uncover the multitude of interconnected smart devices in the IoT as a hotbed for cyber-attacks or robot networks(botnets)and a security nightmare for smart space users and possibly for national infrastructures as a whole.The latest research has reported that on average people own three internet-connected smart devices such as smartphones and tablets.Therefore,as a result of the ubiquity of smart devices,and their evolution as computing platforms,as well as the powerful processors embedded in smart devices,has made them suitable objects for inclusion in a botnet.Botnets of mobile devices(also known as mobile botnets)are a group of compromised smart devices that are remotely controlled by bot-masters via command-and-control(C&C)channels.Mobile botnets have different characteristics in several aspects as compared to PC-based botnets,such as their C&C channels medium.PC-based botnets are seen as the most common platforms for security attacks, and mobile botnets are seen as less of a threat in comparison to their counterparts. This is so for different reasons,such as limited battery power,resource issues,and Internet access constraints,etc.Therefore,the efforts directed to both the manifestation of operating mobile botnets and corresponding research and development endeavours are not as wide as for PC-based botnets.However,this development could change with the recent surge in popularity and use of smart devices.Smart devices are now widely used by billions of users due to their enhanced computing ability,practicality and efficient Internet access,thanks to advancement in solid-state technologies.Moreover,smart devices typically contain a large amount of sensitive personal and corporate data and are often used in online payments and other sensitive transactions.The wide spread use of open-source smart device platforms such as Android and third-party applications made available to the public also provides more opportunities and attractions for malware creators.Therefore,for now and the near future smart devices will become one of the most lucrative targets for cybercriminals.The main focus of this paper is threefold:firstly to highlight the possible threats and vulnerability of smart devices,secondly to analyse the challenges involved in detecting mobile malware in smart devices and finally to propose a general security solution that will facilitate solving or addressing such threats.The rest of the paper isorganized as follows.In section II we provide a detailed analysis of the security threats on smart devices and their links with cyber security.We have identified mobile malware as one of the main issues and we discuss it in more detail in Section III. Section IV provides our proposed security solution that will be able to deter the problems of mobile malware.The paper is concluded in section V.II.SECURITY THREATS ON SMART DEVICESThe weakest link in any IT security chain is the user.The human factor is the most challenging aspect of mobile device security.Home users generally assume that everything will work just as it should,relying on a device’s default settings without referring to complex technical manuals.Therefore service content providers and hardware vendors need to be aware of their responsibilities in maintaining network security and content management on the devices they provide.Service providers might also have the opportunity to provide add-on security services to complement the weaknesses of the devices.The issue of cyber security is much closer to the home environment than has been usually understood;hence,the problem of cyber security extends beyond computers it is also a threat to portable devices.Many electronic devices used at home are practically as powerful as a computer-from mobile phones,video consoles,game consoles and car navigation systems.While these devices are portable,provide more features and functionality,they also introduce new risks.These devices previously considered as secure can be an easy target for assailants.The information stored and managed within such devices and home networks forms part of an individual’s Critical Information Infrastructure(CII)[2]as identified by the POSTnote on cyber security in the UK.For example,an attacker may be able to compromise a smart device with a virus,to access the data on the device.Not only do these activities have implications for personal information,but they could also have serious consequences if corporate information were also stored on the smart device.The use of mobile devices in healthcare is also more common these days,such as in mobile-health.A typical example is having a health device connected to the home network,which is capable of transmitting data wirelessly to hospitals and other relevant parties.Most of the manufacturers of these devices do not put much effort in trying to make sure that the devices are secure.If these devices are compromised not only will the information and privacy of the user of the device be compromised,but the attacker can even change the settings of the devices,which could lead to harmful consequences.It has been shown that it is possible to hack into a pacemaker and read the details of data stored in the device such as names and medical data without having direct access to the devices simply by standing nearby[3].Therefore,it is also possible to reconfigure the parameters of the device.This is not only applicable to medical devices,but also to any devices that are used within the home network for any purpose.According to the Juniper Networks report[4],76percent of mobile users depend on their mobile devices to access their most sensitive personal information,such as online banking or personal medical information.This trend is even more noticeable with those who also use their personal mobile devices for business purposes.Nearly nine in ten(89percent)business users report that they use their mobile device to access sensitive work-related information.Another more worrying impact is when cybercriminals use the vast resources of the network to turn it into a botnet and launch a cyber-attack on national critical infrastructures.There are some Android applications that when downloaded from a third party market(not the Android market)are capable of accessing the root functionality of devices(“rooted”)and turning them into botnet soldiers without the user’s explicit consent.People could easily and unwittingly download malware to their smart devices or fall prey to“man-in-the-middle”attacks where cyber-criminals pose as a legitimate body,intercept and harvest sensitive information for malicious use.In2011,there was a mix of Android applications removed from the Android Market because they contained malware.There were over50infected applications-these applications were copies of“legitimate”applications from legitimate publishers that were modified to include two root exploits and a rogue application downloader.The Juniper Networks Mobile Threat Centre(MTC)reported that in2011 there was an unparalleled increase in mobile malware attacks,with a155percent increase from the previous year across all platforms[5].It is also reported that Android malware experienced an increase of3,325percent in2011.Notable in these findings is a significant number of malware samples obtained from third-party applications which do not enjoy the benefit or protection Google Play Store scanning techniques.Previously,an Android developer could post an application to the official Android Market and have it available immediately,without inspection or vetting to block pirated or malicious applications.This increase in malware is mainly due to the combination of Google Android’s dominant market share in smartphone(68.8percent in2012)and the lack of security control over the applications appearing in the various Android application markets.It was reported recently that Google Play store,which has more than700,000apps just passed15billion downloads.Security firm Fortinet estimated that money-stealing malware has increased exponentially in2006-2011as shown in Figure1.Based on an estimation by Kaspersky Lab,cybercriminals who target smart devices likesmartphones earn from$1,000to$5,000per day per person.Mobile phone hacking is also getting more attractive with the rise of the Near-Field Communication technology(NFC),which expands the use of smart devices as e-wallet or helps people to read product information.In December2011alone,Kaspersky Lab discovered more than1,000new Trojans targeting smartphones.That is more than all the smartphone viruses spotted during2003-2010.This trend is continuing;in2012,the number of cyber-attacks targeting mobile devices increased exponentially during the first quarter,as reported by security firm Trend Micro[6].Their report identified approximately5,000new malicious Android applications in just the first three months of the year,mainly due to the increase of the Android user base.The research also pointed out a marked escalation in the number of active advanced persistent threat(APT)campaigns currently being mounted against companies and governments.APT is a cyber-attack launched by a group of sophisticated,determined,and coordinated attackers who systematically compromise the network of a specific target or entity for a prolonged period.Security researchers see APT in different ways,while some researchers regard APT as different type of attack;others just categorize it as a more organized botnet with more resources behind it.Malware developments that targets smart home devices have several known monetization factors.Most malwares are aimed at mobile pick pocketing(short message service(SMS)or call fraud)or the ability to charge premium bills via SMS or calls,as illustrated in Figure2.Some malware are used as part of botnet creations. Malwares like DreamDroid(or DroidDream)[7]have integrated thousands of mobile devices into extensive botnets.Some of the malwares are developed to exploit vulnerabilities on either the operating systems(OS),installed applications,or just to create trouble to user information.Home devices and general consumer electronics are progressively becoming more advanced and are capable of connecting with other devices over a network. While it may sound unreal,devices such as TVs,digital picture frames,smart meters and e-readers are quite vulnerable and absolutely capable of causing problems on your network.The next few years will provide opportunities for various types of malware developers to explore unlikely methods of achieving their goals.Smartphones are not invulnerable and Macs can get malware,such as the CVE-2012-0507vulnerability [8].Luigi Auriemma in[9]has uncovered a vulnerability in a Samsung D6000high definition(HD)TV that caused it to get stuck in an endless loop of restarts. Auriemma's report followed another denial-of-service(DoS)vulnerability in SonyBravia TVs uncovered by Gabriel Menezes Nunes[10]which stops users from changing the volume,channels or access any functions.In the2012first quarterly report from Trend Micro[11],it was pointed out that the large diffusion of mobile devices and the increase in awareness of the principal cyber threats have resulted in an increase in the interest of cybercrime in the mobile sector.Another significant interest is concentrated on the threat in terms of the rapid spread of botnets based on mobile devices,favored by the total almost absence of protection and the difficulty of tracing the agents composing the network.If these exploits are targeted by well-established hacker groups such as Anonymous,it will pose a bigger threat to organizations and smart environments that protect highly sensitive data,targeting companies and individuals for various political and financial reasons.III.MOBILE MALWAREOne of the major and most common problems in today’s Internet is malware. Among these malware,Botnets are considered as the biggest challenge.Botnets are used to send email spam,carry out distributed denial of services(DDoS)attacks,and for hosting phishing and malware sites.Botnets are slowly moving towards smart devices since those devices are now basically everywhere,powerful enough to run a bot and offer additional gains for a bot-master such as financial gains as discussed earlier.With PC-based botnets,cybercriminals often use zombies within botnets to launch DDoS attacks.Even though there have been no major mobile DDoS incidents, with current trends we can expect to see this in the near future.Botnets are maintained by malicious actors commonly referred to as “bot-masters”that can access and manage the botnet remotely or via bot proxy servers as illustrated in Error!Reference source not found..The bots are then programmed and instructed by the bot-master to perform a variety of cyber-attacks,including attacks involving the further distribution and installation of malware on other information systems.In PC-based botnets,botnet master controllers typically use http requests with normal port80to transmit and receive their messages.In mobile-based botnets,the bot-master also uses similar http techniques to distribute their commands but also exploits SMS,Bluetooth,etc.The bot-master exploits operating system and configuration vulnerabilities to compromise smart devices and to install the bot software.The first mobile malware,known as Cabir,was discovered in2004and was also known as the first mobile worm.The first mobile botnet was discovered around July 2009,when a security researcher found SymbOS.Yxes or SymbOS.Exy.C(aka Sexy Space)[12]targeting Symbian devices and using simple HTTP-basedCommand-and-Control(C&C).Later the same year,a security researcher discovered Ikee.B[13],which targets jailbroken iPhones using a similar mechanism to SymbOS.Yxes.Geinimi,which is considered to be the first Android botnet,was discovered in China in December2010. Geinimi also implements similar HTTP-based C&C with the added feature of encrypted communications.Geinimi steals the device’s international mobile equipment identity(IMEI),international mobile subscriber identity(IMSI),GPS coordinate,SMS,contact list,etc.and forwards it to the bot-master.Although advanced mobile botnets have not been observed in the main population of smartphones,we believe it is just a matter of time.As shown in[14], mobile botnets are obviously serious threats for both end users and cellular networks. Threats imposed by botnets will continue to increase.As more people use smart devices,it is essential to analyze and explore the mechanisms of mobile botnets and develop security solutions in regard to smart devices.The use of C&C for a mobile botnet stipulates additional challenges that differentiate it from well-known PC-based botnets.Some of these main challenges include,among others:computational power,seamless connectivity,inter-connectivity with other secure platforms networks,portability and amount of stored sensitive data, and computational power.PC-based botnets also use an IRC-channel as the main C&C communication channel.The impact of SMS-based C&C,IP-based C&C,and Bluetooth-based C&C has been addressed in detail in[15],while P2P-based C&C mobile botnets are analyzed and discussed in[16].As a result of the abilities of smart devices in terms of placing i.e.calls,use of SMS and MMS amongst others,the burdens for mobile botnets are very interesting and challenging as it opens the door for easy financial gain for a bot-master. Additionally,since mobile phones interact with operators and other networks,attacks against the critical infrastructure are also possible.Hence,it is possible to launch sophisticated cyber-attacks on the mobile phone network that will be very hard to prevent.Detecting and preventing malware is not a trivial task as malware developers adopt and invent new strategies to infiltrate mobile devices.Malware developers employ advanced techniques such as obfuscation and encryption to camouflage the signs of malware and thereby undermine anti-malware software.Some of the main reasons why mobile malware are an attractive point for viruses and malware developers are:1.The ubiquity of smart devices such as smartphones in general.2.The increasing computational powers of smart devices.Whose they arebecoming virtually as powerful as desktop systems.3.The lack of awareness of the threats and the risk attached to smartdevices from the end-user’s perspective.4.The growing uses of jailbreak/rooted devices both on iOS and Androiddevices.5.Each smart device really is an expression of the owner.It provides ameans to track the user’s activity,hence serves as a single gateway to our digital identity and activities.6.Most of the widely used smart devices operate on an open platform suchas Android,which encourages developers and download of applications from both trusted applications markets and third party markets.IV.POTENTIAL SECURITY SOLUTIONSConsidering the above threats and challenges,a new security solution is essential for cyber security for smart devices in smart homes.More specifically,several key research tasks are required:1)investigate new secure system architecture for smart devices in smart homes;2)re-evaluate and enhance security system architecture for smart devices in smart homes.Android OS has four layers:Linux kernel,libraries(+Android runtime), application solution and applications layers(see Figure4).So,basically Android runtime is a kind of“glue”between the Linux kernel and the applications.Figure4.Android OS layersThe main security features common to Android involve process and file system isolation;application or code signing;ROM,firmware,and factory restore;and kill switches.However,the main security issue with Android OS is it relies heavily to the end-user to decide whether an application is safe or not.Even though Google’s just adding one piece of the security layer by scanning an applications in the Google Play, the end users still needs to analyze and make the final decision themselves whether tocontinue with the installation or not.Until now,the end-users cannot rely on the operating system to protect themselves from malware.As part of Google’s marketing strategy to gain market share as big as possible by offering applications as many as possible,the Android application publishing process makes it easy for developers to develop Android applications,but also provides too much space for malicious application creators.Malicious applications have successfully infected Android market before,one example being a malware application called droid09which allowed users to carry out banking transactions.The application needs the user to provide the bank’s details and tricks the user by masquerading a legitimate login of a bank website(phishing).Malware applications have become more sophisticated these days;they find new ways and techniques to enter the system by exploiting software vulnerabilities or by just tricking the users.End-user:It is always essential for the end-user to be aware of the security measures of their mobile device.End-users should be aware of at least the following measures:•Install anti-virus and anti-malware solutions to protect the device against malware and viruses.Also ensure to turn on the automatic update.It is been shown that installing anti-virus and anti-malware is very effective to protect mobile devices from malicious applications[5,6,17].•Install a personal firewall to protect mobile device interfaces from direct attack and illegal access.The effectiveness of mobile firewalls to increase a mobile device’s security is shown in[18].•Install only applications from trusted sources that have legitimate contact information and a website.As the current Android Market(Google Play) does not adopt a certification process for applications,it is up to the end-user to make sure he/she only installs trusted applications from trusted developers.•Install only applications from the official and original developer(for example,if you are installing Instagram applications,make sure you download it from Instagram Inc.).•Check the permissions carefully when the application is prompting you during the installation phase.For example,when you install a wallpaper application,do you think it really needs full Internet access?•Ensure your OS and software's always up-to-date with the latest versions and security patches need to be installed.•Install remote locate,track,lock,wipe,backup and restore software to retrieve,protect or restore a lost or stolen mobile device and the personal data on the device.•Only install applications that have a high number of downloads and positive reviews.•Never view sensitive data over public wireless networks which have no passwords or encryption.•Should be alert to anomaly behaviours and activities in their devices.•Should be careful when clicking links on social network sites.Malicious links on social networks can be a very effective method to spread malware.Participants tend to trust such networks and are thus willing to click on links that are on“friends’”social networking sites.Mobile Network Operators(MNOs):MNO also has responsibility to create a more secure environment for their customers.MNOs need to install anti-virus and anti-malware software to scan outgoing and incoming SMS and MMS to the mobile network,as many malwares use SMS/MMS to propagate and contact the bot-master. MNO should also build a global partnership with related agencies such as other MNOs to prevent mobile malware propagation by exchanging information, knowledge,database and expertise.Apps Developers:Developers also need to take care of the security measures implemented in their application.They should ensure that private data is not being sent via an unencrypted channel;the data must be sent through HTTPS or TLS networks.Developers should minimize the use of built-in permissions in their applications, for example do not ask for full Internet access permission,INTERNET,unless it is essential for your applications to work properly.Android has about100built-in permissions that control operations such as dialing the phone(CALL_PHONE), sending shot message(SEND_SMS),etc.In Android,there are three main“security protection levels”for permission labels:a“normal”permission is granted to any application that requests it;a “dangerous”permission is only granted after user approval at install-time;and a “signature”permission is only granted to applications signed by the same developer key as the application defining the permission label.This“signature”protection level is integral in ensuring that third-party applications do not gain access affecting the Android’s trusted computing base (TCB)’s integrity.Furthermore,applications developers need only collect data which is essential and required for the application otherwise it will be tampered by the attackers.This is also useful to minimize repackaging attacks.Repackaging attacks are a very common approach,in which a malware developer downloads a legitimate application,modifies it to include malicious code and then republishes it to an application market ordownload site.It is shown that the repackaging technique is highly effective mainly because it is often difficult for end-users to tell the difference between a legitimate application and its malicious repackaged form.In fact,repackaging was the most prevalent type of social engineering attack used by Android malwaredevelopers in the first two quarters of2011[17].One of the characteristics of Android malware is typically it is specifically developed for a speci fic group of users.It is very unlikely for an Android user from Russia to be infected by Chinese malware for example.Android malware is typically created by cybercriminals with users in specific countries as their target, which is usually their own compatriot.Market Store:The store needs to vet and rigorously screen new mobile applications before they can be put in the market. Google(Google Play)recently made a significant improvement in their security by screening new applications before they were put in the market.Applications store providers also should consider certification for each application before it can be published in the marketplace.The effectiveness of such certification process is shown in[19].Applications should be rigorously reviewed to ensure that applications are safe from malicious codes,reliable,perform as expected,and are also free of explicit and offensive material.V.CONCLUSIONThe paper discussed a development of security solution to handle the challenges of cyber security to smart devices in smart homes.The IoT technologies may be able to extend anywhere computing to almost anything,but there are fundamental security issues that need to be properly addressed.In the near future,mobile smart device users can expect to see a striking increase in malware and notable advancements in malware-related attacks,particularly on the Android platform as the user base has grown exponentially.Today’s users utilize their mobile smart devices for everything from accessing emails to sensitive transactions such as online banking and payments. As users become more dependent on their mobile devices as digital wallets,this creates a very lucrative target for cybercriminals.Mobile smart device users can expect to see a significant malware increase on finance related applications,such as mobile Internet banking.Detecting and preventing malware in mobile device need comprehensive and multi-level approaches.This work is part of ongoing research to design and implement a security model for smart devices in the smart home environment.For the future work we plan to implement and assess the security solution proposed in the test-bed environment which includes a honeynet for mobile malware.。

外文文献原稿和译文原稿IntroductionThe creation and maintenance of records relating to the students of an institution are essential to:. managing the relationship between the institution and the student;. providing support and other services and facilities to the student;. controlling the student’s academic progress and measuring their achievement, both at the institution and subsequently;. providing support to the student after they leave the institution.In addition, student records contain data which the institution can aggregate and analyse to inform future strategy, planning and service provision.The number of students in HEIs has increased rapidly in the last twenty years. An institution’s relationship with an individual student has also become increasingly complex because of the range of support services institutions now provide to students and life long learning initiatives. Consequently, the volume and complexity of student records have also increased, as have the resources required to create, maintain, use, retain and dispose of them, irrespective of the format in which they are kept. Ensuring that the personal data contained in student records is controlled and managed in line with the principles of the Data Protection Act 1998 creates an additional complication.Institutions should, therefore, establish a policy on managing student records to ensure that they are handled consistently and effectively wherever they are held and whoever holds them. This policy should ensure that:. records relating to an individual student are complete, accurate and up to date;. duplication of student data is deliberate rather than uncontrolled and kept to the minimum needed to support effective administration;. records are held and stored securely to prevent unauthorised access to them;. records relating to the academic aspects of the student’s relationship with the institution are clearly segregated from those dealing with financial, disciplinary, social, support and contractual aspects of that relationship. This will enable differential retention periods to be applied to each of these to meet business and regulatory requirements.What are student records?Records are documents or other items which:. contain recorded information;. are produced or received in the initiation, conduct or completion of an activity;. are retained as evidence of that activity, or because they have other informational value.The recorded information may be in any form (e.g. text, image, sound) and the records may be in any medium or format.Student records –records associated with managing the relationship between an institution and its students –can be organised into three broad categories, each of which may be additionally divided:1. Records documenting the contractual relationship between the student and the institutione.g. records documenting admission and enrolment, payment of tuition fees, non-academic disciplinary proceedings.2. Records documenting the student as a learnere.g. records documenting programmes undertaken, academic progress and performance, awards.3. Records documenting the student as an individual and consumer of services provided by the institutione.g. records documenting use of accommodation services, counseling services, library and IT support services, careers and employment services.Most records in categories 1 and 3 have specific retention periods triggered by the formal end of a student’s direct relationship with an institution, although the information they contain may be aggregated and analyzed to provide data requested by third parties1 orto support the institution’s planning and development activities. An institution will need to retain some of the records in category 2 to provide confirmatory information to potential employers, professional bodies and associations, and to bodies which regulate entry to medical and other professions and which assess and maintain evidence of fitness to practice in those professions.Who is responsible for managing student records?HEI organizational structures vary considerably. As a result, it is difficult to specify exactly where these responsibilities should lie in any one institution.Responsibility for managing student records should be clearly defined and documented. It is important to define the responsibilities of staff involved in: . managing the institution’s general, contractual relationship with the student;. managing the institution’s relationship with the student as a learner;. providing technical and personal support services to the student;for creating, maintaining, using, retaining and disposing of records documenting those activities during the student’s time at the institution.Institutions should also designate one clear point of responsibility for maintaining complete, accurate and up to date records on every student, covering all aspects of the relationship. They should also define the minimum content of the core student record so that the institution can, if required:. demonstrate, within the provisions of limitation statutes, that its implied contract with the student has been fulfilled;. provide information on the student’s academic performance and award(s) to potential employers, to licensing/regulatory bodies (normally first registration only)which control entry to professions and to other organizations (e.g. those providing chartered status) as well as to the student;. provide information on the student as an individual as a means of enabling the institution, or others acting on its behalf, to analyse and aggregate student data for planning and developing its future programmes, recruitment activities and the facilities and services required to support future students.Where and how should student records be stored?The nature of student records and the personal information they contain demands that they should be stored in facilities and equipment (‘hard copy’ records) or electronic systems (digital records) which are, above all, secure and accessible only to authorized staff whose work requires them to have access. In addition, the facilities and equipment should provide: . adequate space for all the records which need to be produced and retained;. appropriate environmental conditions for the record media used.Storage facilities and systems should meet the same standards irrespective of where they are located and who is responsible for managing them.Authorized staff should maintain a record of:. the content, format and location of all student records;. the names and designations of all staff with access to student records, and any limitations on that access;. student records which have been transferred to another part of the institution, particularly after the student has left;. organizations, professional bodies, statutory regulators to whom personal data relating to the student has been provided.Student records should be stored and indexed so that they can be identified and retrieved quickly and easily.. Paper records should be housed in durable containers which carry only an impersonal code number related to a restricted-access list or index to prevent casual, unauthorised access. These containers should be stored in locked equipment or rooms when they are not being used to ensure that the personal data they contain is protected in line with the requirements of the Data Protection Act 1998.. Digital records should be uniquely identified and protected with passwords and other electronic security measures. In all cases, access should be limited to those staff who have ‘a need to know’. If ele ctronic systems are not centrally managed, designated staff should make back-up copies to prevent loss of records through accidental or intentional damage.Whatever its format, the ‘core student record’ shou ld be treated as a vital record and action taken to protect it from disaster or systems failure by copying and dispersal.Student records will become relatively inactive once the student leaves the institution.They may then be transferred to other storage facilities or systems. At this point, duplicates of records created for administrative convenience should be destroyed so that only the designated official records survive.Who should have access to student records?Institutions should tightly control access to student records to prevent unauthorised use, alteration, removal or destruction of the records themselves and unauthorised disclosure of the information they contain. Only those members of staff who need them to do their work should have access to student records and, their access should be restricted to records of the direct relationship and not to the content of the whole file.Student records contain personal data and are therefore subject to the provisions of the Data Protection Act 1998, including the provision that the student, as the data subject, should be given access to personal data held, whether in digital or hard copy form. In addition, the ‘core student record’ as defined by the KCL study includes personal data on the student’s parents which is also subject to the provisions of th e Act.How long should student records be kept?In general, student records should be kept only for as long as is necessary to:. fulfill and discharge the contractual obligations established between the institution and the student, including the completion of any non-academic disciplinary action;. provide information on the academic career and achievements of the student to employers, licensing/regulatory bodies and other organizations, as well as to the student as part of their lifelong learning record;. record the activities of the student as an individual and as a consumer of student support and other institutional services as a means of managing those services and planning and developing them in the future.The nature of the activities which give rise to these categories of records drives their retention.. The contractual relationship between the institution and the student is subject to the same statutory limitations on action as any other contract. This will include records of disciplinary action taken against the student. The records should be disposed of accordingly. The date at which the student leaves the institution normally provides the retention‘trigger’.. The records relating to the student as a learner need to be retained for longer than other student records. Institutions accept that they have an obligation, during a student’s working life, to provide factual information on what they have studied and achieved, i.e. a Transcript. The proposed lifelong learning record or progress file would also include additional data on relevant non-academic achievements and activities (e.g. voluntary work). The retention period for these records should reflect the need to fulfill this obligation over long periods of time, perhaps for the lifetime of the student. It is important to segregate these records from those relating to other aspects of the relationship so that non-academic records are not retained for unnecessarily long periods, consuming storage resources and creating potential breaches of the Data Protection Act 1998.. Records relating to the student as an individual and as a user of student support and institutional services are relatively short term and should be retained for a short finite period once the student leaves the institution. This period should be shorter than for records relating to the wider contractual arrangements.The KCL study proposed the development of a ‘core student record’ which would contain, in addition to the formal transcript, data relating to the background of the student, including parents’ address and occupation, schools attended, first employment, etc. In addition to providing academic information on the individual student, KCL suggested that the availability of this data facilitates its analysis for institutional business planning and development purposes, as well as supporting subsequent academic historical, sociological and demographic research.Individual institutions should decide whether they wish to retain this data for research purposes once immediate institutional business needs have been met. In doing so they will need to take account of:. the cost and technical difficulty of maintaining records, even in summary form, permanently;. the security and subject access implications of retaining personal data relating to named individuals;. the need to create and maintain finding aids so that individual records can be easilyand quickly retrieved when required, particularly to meet subject access requests.How should student records be destroyed?Student records should be destroyed in line with agreed retention periods. Destruction should be authorized by staff with appropriate authority and it should be carried out in accordance with the institution’s procedures for the destruction of redundant rec ords containing personal data.The authority for destruction and the date of destruction should be recorded and held by the section of the institution with final responsibility for the student record.译文介绍创建与维护和学生相关的记录对一个公共机构来说是十分重要的：处理机关和学生之间的关系；提供支持和其他服务以及便利给学生；在机关，控制学生学术进展和测量他们的成就；随后提供支持给学生，在他们离开机关之后。

外文资料Object landscapes and lifetimesTechnically, OOP is just about abstract data typing, inheritance, and polymorphism, but other issues can be at least as important. The remainder of this section will cover these issues.One of the most important factors is the way objects are created and destroyed. Where is the data for an object and how is the lifetime of the object controlled? There are different philosophies at work here. C++ takes the approach that control of efficiency is the most important issue, so it gives the programmer a choice. For maximum run-time speed, the storage and lifetime can be determined while the program is being written, by placing the objects on the stack (these are sometimes called automatic or scoped variables) or in the static storage area. This places a priority on the speed of storage allocation and release, and control of these can be very valuable in some situations. However, you sacrifice flexibility because you must know the exact quantity, lifetime, and type of objects while you're writing the program. If you are trying to solve a more general problem such as computer-aided design, warehouse management, or air-traffic control, this is too restrictive.The second approach is to create objects dynamically in a pool of memory called the heap. In this approach, you don't know until run-time how many objects you need, what their lifetime is, or what their exact type is. Those are determined at the spur of the moment while the program is running. If you need a new object, you simply make it on the heap at the point that you need it. Because the storage is managed dynamically, at run-time, the amount of time required to allocate storage on the heap is significantly longer than the time to create storage on the stack. (Creating storage on the stack is often a single assembly instruction tomove the stack pointer down, and another to move it back up.) The dynamic approach makes the generally logical assumption that objects tend to be complicated, so the extra overhead of finding storage and releasing that storage will not have an important impact on the creation of an object. In addition, the greater flexibility is essential to solve the general programming problem.Java uses the second approach, exclusively]. Every time you want to create an object, you use the new keyword to build a dynamic instance of that object.There's another issue, however, and that's the lifetime of an object. With languages that allow objects to be created on the stack, the compiler determines how long the object lasts and can automatically destroy it. However, if you create it on the heap the compiler has no knowledge of its lifetime. In a language like C++, you must determine programmatically when to destroy the object, which can lead to memory leaks if you don’t do it correctly (and this is a common problem in C++ programs). Java provides a feature called a garbage collector that automatically discovers when an object is no longer in use and destroys it. A garbage collector is much more convenient because it reduces the number of issues that you must track and the code you must write. More important, the garbage collector provides a much higher level of insurance against the insidious problem of memory leaks (which has brought many a C++ project to its knees).The rest of this section looks at additional factors concerning object lifetimes and landscapes.1 Collections and iteratorsIf you don’t know how many objects you’re going to need to solve a particular problem, or how long they will last, you also don’t know how to store those objects. How can you know how much space to create for thoseobjects? You can’t, since that information isn’t known until run-time.The solution to most problems in object-oriented design seems flippant: you create another type of object. The new type of object that solves this particular problem holds references to other objects. Of course, you can do the same thing with an array, which is available in most languages. But there’s more. This new object, generally called a container(also called a collection, but the Java library uses that term in a different sense so this book will use “container”), will expand itself whenever necessary to accommodate everything you place inside it. So you don’t need to know how manyobjects you’re going to hold in a container. Just create a container object and let it take care of the details.Fortunately, a good OOP language comes with a set of containers as part of the package. In C++, it’s part of the Standard C++ Library and is sometimes called the Standard Template Library (STL). Object Pascal has containers in its Visual Component Library (VCL). Smalltalk has a very complete set of containers. Java also has containers in its standard library. In some libraries, a generic container is considered good enough for all needs, and in others (Java, for example) the library has different types of containers for different needs: a vector (called an ArrayListin Java) for consistent access to all elements, and a linked list for consistent insertion at all elements, for example, so you can choose the particular type that fits your needs. Container libraries may also include sets, queues, hash tables, trees, stacks, etc.All containers have some way to put things in and get things out; there are usually functions to add elements to a container, and others to fetch those elements back out. But fetching elements can be more problematic, because a single-selection function is restrictive. What if you want to manipulate or compare a set of elements in the container instead of just one?The solution is an iterator, which is an object whose job is to select the elements within a container and present them to the user of the iterator. As a class, it also provides a level of abstraction. This abstraction can be used to separate the details of the container from the code that’s accessing that container. The container, via the iterator, is abstracted to be simply a sequence. The iterator allows you to traverse that sequence without worrying about the underlying structure—that is, whether it’s an ArrayList, a LinkedList, a Stack, or something else. This gives you the flexibility to easily change the underlying data structure without disturbing the code in your program. Java began (in version 1.0 and 1.1) with a standard iterator, called Enumeration, for all of its container classes. Java 2 has added a much more complete container library that contains an iterator called Iterator that does more than the older Enumeration.From a design standpoint, all you really want is a sequence that can be manipulated to solve your problem. If a single type of sequence satisfied all of your needs, there’d be no reason to have different kinds. There are two reasons that you need a choice of containers. First, containers provide different types of interfaces and external behavior.A stack has a different interface and behavior than that of a queue, which is different from that of a set or a list. One of these might provide a more flexible solution to your problem than the other. Second, different containers have different efficiencies for certain operations. The best example is an ArrayList and a LinkedList. Both are simple sequences that can have identical interfaces and external behaviors. But certain operations can have radically different costs. Randomly accessing elements in an ArrayList is a constant-time operation; it takes the same amount of time regardless of the element you select. However, in a LinkedList it is expensive to move through the list to randomly selectan element, and it takes longer to find an element that is further down the list. On the other hand, if you want to insert an element in the middle of a sequence, it’s much cheaper in a LinkedList than in an ArrayList. These and other operations have different efficiencies depending on the underlying structure of the sequence. In the design phase, you might start with a LinkedList and, when tuning for performance, change to an ArrayList. Because of the abstraction via iterators, you can change from one to the other with minimal impact on your code.In the end, remember that a container is only a storage cabinet to put objects in. If that cabinet solves all of your needs, it doesn’t really matter how it is implemented (a basic concept with most types of objects). If you’re working in a programming environment that has built-in overhead due to other factors, then the cost difference between an ArrayList and a LinkedList might not matter. You might need only one type of sequence. You can even imagine the “perfect”container abstraction, which can automatically change its underlying implementation according to the way it is used.2 The singly rooted hierarchyOne of the issues in OOP that has become especially prominent since the introduction of C++ is whether all classes should ultimately be inherited from a single base class. In Java (as with virtually all other OOP languages) the answer is “yes”and the name of this ultimate base class is simply Object. It turns out that the benefits of the singly rooted hierarchy are many.All objects in a singly rooted hierarchy have an interface in common, so they are all ultimately the same type. The alternative (provided by C++) is that you don’t know that everything is the same fundamental type. From a backward-compatibility standpoint this fits the model of C better and can be thought of as less restrictive, but when you want to do full-onobject-oriented programming you must then build your own hierarchy to provide the same convenience that’s built into other OOP languages. And in any new class library you acquire, some other incompatible interface will be used. It requires effort (and possibly multiple inheritance) to work the new interface into your design. Is the extra “flexibility” of C++ worth it? If you need it—if you have a large investment in C—it’s quite valuable. If you’re starting from scratch, other alternatives such as Java can often be more productive.All objects in a singly rooted hierarchy (such as Java provides) can be guaranteed to have certain functionality. You know you can perform certain basic operations on every object in your system. A singly rooted hierarchy, along with creating all objects on the heap, greatly simplifies argument passing (one of the more complex topics in C++).A singly rooted hierarchy makes it much easier to implement a garbage collector (which is conveniently built into Java). The necessary support can be installed in the base class, and the garbage collector can thus send the appropriate messages to every object in the system. Without a singly rooted hierarchy and a system to manipulate an object via a reference, it is difficult to implement a garbage collector.Since run-time type information is guaranteed to be in all objects, you’ll never end up with an object whose type you cannot determine. This is especially important with system level operations, such as exception handling, and to allow greater flexibility in programming.3 Collection libraries and support for easy collection useBecause a container is a tool that you’ll use frequently, it makes sense to have a library of containers that are built in a reusable fashion, so you can take one off the shelf Because a container is a tool that you’ll use frequently, it makes sense to have a library of containers that are built in a reusable fashion, so you can take one off the shelf and plugit into your program. Java provides such a library, which should satisfy most needs.Downcasting vs. templates/genericsTo make these containers reusable, they hold the one universal type in Java that was previously mentioned: Object. The singly rooted hierarchy means that everything is an Object, so a container that holds Objects can hold anything. This makes containers easy to reuse.To use such a container, you simply add object references to it, and later ask for them back. But, since the container holds only Objects, when you add your object reference into the container it is upcast to Object, thus losing its identity. When you fetch it back, you get an Object reference, and not a reference to the type that you put in. So how do you turn it back into something that has the useful interface of the object that you put into the container?Here, the cast is used again, but this time you’re not casting up the inheritance hierarchy to a more general type, you cast down the hierarchy to a more specific type. This manner of casting is called downcasting. With upcasting, you know, for example, that a Circle is a type of Shape so it’s safe to upcast, but you don’t know that an Object is necessarily a Circle or a Shape so it’s hardly safe to downcast unless you know that’s what you’re dealing with.It’s not completely dangerous, however, because if you downcast to the wrong thing you’ll get a run-time error called an exception, which will be described shortly. When you fetch object references from a container, though, you must have some way to remember exactly what they are so you can perform a proper downcast.Downcasting and the run-time checks require extra time for the runningprogram, and extra effort from the programmer. Wouldn’t it make sense to somehow create the container so that it knows the types that it holds, eliminating the need for the downcast and a possible mistake? The solution is parameterized types, which are classes that the compiler can automatically customize to work with particular types. For example, with a parameterized container, the compiler could customize that container so that it would accept only Shapes and fetch only Shapes.Parameterized types are an important part of C++, partly because C++ has no singly rooted hierarchy. In C++, the keyword that implements parameterized types is “template.” Java currently has no parameterized types since it is possible for it to get by—however awkwardly—using the singly rooted hierarchy. However, a current proposal for parameterized types uses a syntax that is strikingly similar to C++ templates.译文对象的创建和存在时间从技术角度说，OOP（面向对象程序设计）只是涉及抽象的数据类型、继承以及多形性，但另一些问题也可能显得非常重要。

中英文资料对照外文翻译异步JavaScript技术和XML （AJAX ）与Java平台使用过Flickr、GMail,、Google、Suggest或Google地图的人都知道一种全新的动态WEB应用正在成型、这些应用看上去和传统桌面应用非常相似、他们不依赖于插件或者浏览器特效。

传统意义上的WEB应用就是一组网页、当页面上有任何一点内容有所变化的时候必须更新整个网页。

一些技术比如JavaScript和CSS已经非常成熟、你可以使用他们高效的创建动态网页、并可以跑在大多数主流浏览器上。

本文将细述数种可以使你的WEB应用更丰富更具交互性（就象桌面应用一样）的技术。

使用JavaScript技术、HTML网页可以异步调用生成它的服务器上的服务并可以获取返回的XML文档形式的结果。

JavaScript再使用这个XML文档更新或改动本网页的文档对象模型（DOM）、名词AJAX就是近年来出现的用与描述这种交互模式的新名词。

AJAX并不是新事物、数年前使用微软IE浏览器的开发者们就在使用它、直到最近、这项技术被冠以远程脚本而更出名了。

以前WEB开发者使用插件、applets或者隐藏框架来仿效这种交互模式。

但是现在由于XMLHttpRequest对象技术已经在各大平台的主流浏览器上普及、所以这种模仿的情况越来越少了。

真正神奇的事情在于JavaScript和XMLHttpRequest对象技术的结合、尽管XMLHttpRequest对象技术并不属于JavaScript标准规范、但是现代的主流浏览器都支持、在Firefox、IE、Safari这些浏览器对JavaScript和CSS的执行有微小不同、但这些不同之处很容易理解和处理。

如果你一定要兼容老一代浏览器那还是不要用AJAX了。

是什么使得基于AJAX的客户端如此独特？那就是客户端所嵌入的页面特定的控制逻辑、这些控制逻辑以JavaScript代码的形式存在。

页面与JavaScript的交互建立在事件的基础上（比如文档加载事件、鼠标点击事件、焦点变化事件、甚至一个时钟事件）。