NOTE: You May Not Distribute This SOC 2 Report for Microsoft Azure To

Total Page:16

File Type:pdf, Size:1020Kb

NOTE: You May Not Distribute This SOC 2 Report for Microsoft Azure To NOTE: You may not distribute this SOC 2 report for Microsoft Azure to other parties, except where Microsoft Azure is a component of the services you deliver to your customers. In this circumstance, you may distribute this SOC 2 report to current and prospective customers / users of your own services. You must provide recipients of this SOC 2 report written documentation of the function that Azure provides as it relates to your services. You must keep a complete and accurate record of entities and the personnel of such entities to whom this SOC 2 report is provided. You must promptly provide copies of such records to Microsoft or Deloitte & Touche LLP upon request. You must display or deliver the language in this paragraph or language that is substantially equivalent to this paragraph to recipients of this SOC 2 report for Microsoft Azure. Microsoft Corporation - Microsoft Azure (Azure & Azure Government) System and Organization Controls (SOC) 2 Report July 1, 2018 - June 30, 2019 Table of contents Executive Summary 1 Section I: Independent Service Auditors’ Report for the Security, Availability, Processing Integrity, and Confidentiality Criteria and CCM Criteria 4 Section II: Management’s Assertion 9 Section III: Description of Microsoft Azure System 11 Section IV: Information Provided by Independent Service Auditor Except for Control Activities and Criteria Mappings 73 Section V: Supplemental Information Provided by Microsoft Azure 306 Executive Summary Microsoft Azure Scope Microsoft Azure and Microsoft Datacenters Period of Examination July 1, 2018 to June 30, 2019 Applicable Trust Services Criteria Security, Availability, Processing Integrity, and Confidentiality • Santa Clara, CA (BY1/2/3/4/21/22) • Dublin, Ireland (DB3/4/5, • Phoenix, AZ (PHX20) DUB06/07/08/20/24) • Des Moines, IA (DM1/2/3, DSM05) • Paris, France (PAR20/21/22) • Chicago, IL (CH1/3, CHI20) • Marseille, France (MRS20) • San Antonio, TX (SN1/2/3/4/5/6) • Campinas, Brazil • Ashburn, VA (BL2/3/5/7) (CPQ01/02/20) • Boydton, VA (BN1/3/4/6) • Fortaleza, Brazil (FOR01) • Bristow, VA (BLU) • Rio de Janeiro, Brazil (RIO01) • Reston, VA (BL4/6/30) • Sao Paulo, Brazil (GRU) • Tukwila, WA (TK5) • Santiago, Chile (SCL01) • Quincy, WA (CO1/2, MWH01) • Humacao, Puerto Rico (PR1) • Cheyenne, WY (CYS01/04) • Abu Dhabi, United Arab • San Jose, CA (SJC31) Emirates (AUH20) • Sterling, VA (BL20) • Hong Kong (HK1/2, HKG20) • Toronto, Canada (YTO20) • Mumbai, India (BOM01) • Quebec City, Canada (YQB20) • Dighi, India (PNQ01) Datacenter Location(s) • Macquarie Park, Australia (SYD03) • Dubai, United Arab Emirates • Melbourne, Australia (MEL01) (DXB20) • Sydney, Australia (SYD21, SYD22) • Ambattur, India (MAA01) • Canberra, Australia (CBR20, • Osaka, Japan (OSA01/02/20) CBR21) • Tokyo, Japan (KAW, • Vienna, Austria (VIE) TYO01/20/21/22) • Vantaa, Finland (HEL01) • Cyberjaya, Malaysia (KUL01) • Amsterdam, Netherlands • Singapore (SG1/2/3, SIN20) (AM1/2/3, AMS04/05/06/20) • Busan, South Korea (PUS01, • Berlin, Germany (BER20) PUS20) • Durham, United Kingdom (MME20) • Seoul, South Korea (SEL20) • Frankfurt, Germany (FRA21) • Johannesburg, South Africa • Chessington, United Kingdom (JNB20/21/22) (LON20) • Cape Town, South Africa • London, United Kingdom (LON21) (CPT20) • Cardiff, United Kingdom (CWL20) 1 Microsoft Azure • Ashburn, VA (ASH) • Madrid, Spain (MAD30) • Athens, Greece (ATH01) • Manchester, United Kingdom • Atlanta, GA (ATA) (MAN30) • Auckland, New Zealand (AKL01) • Manila, Philippines (MNL30) • Bangkok, Thailand (BKK30) • Marseille, France (MRS01) • Barcelona, Spain (BCN30) • Queretaro, Mexico (MEX30) • Berlin, Germany (BER30) • Miami, FL (MIA) • Boston, MA (BOS01) • Milan, Philippines (MIL30) • Brisbane, Australia (BNE01) • Montreal, Canada (YMQ01) • Brussels, Belgium (BRU30) • Mumbai, India (BOM02) • Bucharest, Romania (BUH01) • New Delhi, India (DEL01) • Budapest, Hungary (BUD01) • Newark, NJ (EWR30) • Busan, South Korea (PUS03) • New York City, NY (NYC) • Cape Town, South Africa (CPT02) • Palo Alto, CA (PAO) • Chicago, IL (CHG) • Paris, France (PAR02/PRA) • Copenhagen, Denmark (CPH30) • Perth, Australia (PER01) Edge Sites • Dallas, TX (DAL) • Phoenix, AZ (PHX01) • Denver, CO (DEN02) • Prague, Czech Republic • Dubai, United Arab Emirates (PRG01) (DXB30) • San Jose, CA (SJC) • Frankfurt, Germany (FRA) • Santiago, Chile (SCL30) • Helsinki, Finland (HEL03) • Seattle, WA (WST) • Hong Kong (HKB) • Seoul, South Korea (SLA) • Honolulu, HI (HNL01) • Sofia, Bulgaria (SOF01) • Houston, TX (HOU01) • Stockholm, Sweden (STO) • Johannesburg, South Africa • Taipei, Taiwan (TPE30/31) (JNB02) • Tokyo, Japan (TYA/TYB) • Kuala Lumpur, Malaysia (KUL30) • Toronto, Canada (YTO01) • Las Vegas, NV (LAS01) • Vancouver, Canada (YVR01) • Lisbon, Portugal (LIS01) • Warsaw, Poland (WAW01) • Los Angeles, CA (LAX) • Zagreb, Croatia (ZAG30) • Zurich, Switzerland (ZRH) Subservice Providers N/A Opinion Result Unqualified Testing Exceptions 1 2 Section I: Independent Service Auditors’ Report for the Security, Availability, Processing Integrity, and Confidentiality Criteria, CCM Criteria, and C5 . Deloitte & Touche LLP 925 Fourth Avenue Suite 3300 Seattle, WA 98104-1126 USA Tel: 206-716-7000 Fax: 206-965-7000 www.deloitte.com Section I: Independent Service Auditors’ Report for the Security, Availability, Processing Integrity, and Confidentiality Criteria, CCM Criteria, and C5 Microsoft Corporation One Microsoft Way Redmond, WA, 98052-6399 Scope We have examined the attached description of the system of Microsoft Azure and Microsoft datacenters (the “Service Organization” or “Azure”) related to in-scope services for Azure and Azure Government cloud environments1 throughout the period July 1, 2018 to June 30, 2019 (the “Description”) based on the criteria for a description of a service organization’s system set forth in DC Section 200, 2018 Description Criteria for a Description of a Service Organization’s System in a SOC 2® Report (“description criteria”) and the suitability of the design and operating effectiveness of controls stated in the Description throughout the period July 1, 2018 to June 30, 2019 to provide reasonable assurance that Azure’s service commitments and system requirements were achieved based on the trust services criteria relevant to security, availability, processing integrity, and confidentiality (“applicable trust services criteria”)2 set forth in TSP Section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. We have also examined the suitability of the design and operating effectiveness of controls to meet the criteria set forth in the Cloud Security Alliance’s (CSA) Cloud Controls Matrix (CCM) Version 3.0.1 control specifications (“CCM criteria”) and the objectives set forth in the Bundesamt für Sicherheit in der Informationstechnik (BSI) Cloud Computing Compliance Controls Catalogue (“C5”). BSI requires an attestation in order for the service provider to be considered certified as having met the objectives set forth in the BSI’s C5. The information included in Section V, “Supplemental Information Provided by Microsoft Azure” is presented by management of Azure to provide additional information and is not a part of the Description. Information about Service Organization’s Compliance, Infrastructure Redundancy and Data Durability, Data Backup and Recovery, E.U. Data Protection Directive, Additional Resources, Management’s Response to Exceptions Noted, and User Entity Responsibilities, has not been subjected to the procedures applied in the examination of the Description and the suitability of the design and operating effectiveness of the controls, to achieve (a) Azure’s service 1 In-scope services and coverage periods are defined in the Azure and Azure Government Report Scope Boundary and Azure Supporting Infrastructure Services subsections in Section III of this SOC 2 report. Applicability of the Processing Integrity Trust Services Criteria is defined in the Azure and Azure Government Report Scope Boundary subsection in Section III of this SOC 2 report. In-scope datacenters, edge sites and coverage periods are defined in the Locations Covered by this Report subsection in Section III of this SOC 2 report. 2 Applicable trust services criteria for Microsoft datacenters are Security and Availability. 4 commitments and system requirements based on the applicable trust services criteria; (b) the CCM criteria; and (c) the objectives set forth in C5. Service Organization’s Responsibilities Azure is responsible for its service commitments and system requirements and for designing, implementing, and operating effective controls within the system to provide reasonable assurance that Azure’s service commitments and system requirements were achieved. Azure has provided the accompanying assertion titled “Management’s Assertion” (“assertion”) about the Description and the suitability of design and operating effectiveness of controls stated therein. Azure is also responsible for preparing the Description and assertion, including the completeness, accuracy, and method of presentation of the Description and assertion; providing the services covered by the Description; selecting the applicable trust services criteria; and stating the related controls in the Description; and identifying the risks that threaten the achievement of (a) the Service Organization’s service commitments and system requirements; (b) the CCM criteria; and (c) the objectives set forth in C5. Service Auditors’ Responsibilities Our responsibility is to express
Recommended publications
  • Paid Search and Microsoft Audience Ads BETTER TOGETHER
    Paid search and Microsoft Audience Ads BETTER TOGETHER Hand in hand, they deliver more eyeballs and clicks Whether it’s cookies with milk or cake and ice cream, some things are simply better together. The same rings true for combining search advertising’s finest with the best of native advertising. When used together, they can help marketers reach customers across multiple touch points of the user journey, and get high-quality clicks and conversions at scale. While native ads is a well-recognized ad format, we call them Microsoft Audience Ads. After all, it’s more about reaching the right audience and less about the ad type, right? Ad spend is growing for native and search In fact, it’s growing by double digits for both. 25% 11% Expected annual growth in Expected annual growth in native ad spending in the paid search ad spending U.S. through 20191 in the U.S. through 20202 2018 2019 2018 2019 2020 Looking to increase impressions and capture more purchase intent? Using native and paid search ads together can help you get results at scale. MORE HIGHER HIGHER HIGHER FREQUENTLY PURCHASE BRAND PURCHASE 53% VIEWED 32% INTENT 24% RECALL 18% INTENT DISPLAY VS. NATIVE NO BRAND AD VS. BRAND AD NO BRAND AD VS. BRAND AD BANNER VS. NATIVE Consumers viewed Searchers on Bing Searchers on Bing who Native ads registered native ads 53% more who saw a brand’s ad saw a brand’s ad were an 18% higher lift in frequently than they showed 32% higher 24% more likely to purchase intent than viewed display ads.3 purchase intent even recall the brand than banner ads.3 if they didn’t click on a those who didn’t see brand’s ad.4 the ad.4 Two powerful ways to run Microsoft Audience Ads Along with your search campaigns, add Microsoft Audience Ads to get more high-quality volume outside of search.
    [Show full text]
  • Windows Kernel Hijacking Is Not an Option: Memoryranger Comes to The
    WINDOWS KERNEL HIJACKING IS NOT AN OPTION: MEMORYRANGER COMES TO THE RESCUE AGAIN Igor Korkin, PhD Independent Researcher Moscow, Russian Federation [email protected] ABSTRACT The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically allocated data in the Windows OS kernel and demonstrate the capacity of MemoryRanger to prevent these attacks. This paper discusses three new hijacking attacks on kernel data, which are based on bypassing OS security mechanisms. The first two hijacking attacks result in illegal access to files open in exclusive access. The third attack escalates process privileges, without applying token swapping. Although Windows security experts have issued new protection features, access attempts to the dynamically allocated data in the kernel are not fully controlled. MemoryRanger hypervisor is designed to fill this security gap. The updated MemoryRanger prevents these new attacks as well as supporting the Windows 10 1903 x64. Keywords: hypervisor-based protection, Windows kernel, hijacking attacks on memory, memory isolation, Kernel Data Protection. 1. INTRODUCTION the same high privilege level as the OS kernel, and they also include a variety The security of users’ data and of vulnerabilities. Researchers applications depends on the security of consider that “kernel modules (drivers) the OS kernel code and data. Modern introduce additional attack surface, as operating systems include millions of they have full access to the kernel’s lines of code, which makes it address space” (Yitbarek and Austin, impossible to reveal and remediate all 2019).
    [Show full text]
  • Migrating from Storsimple to Azure Netapp Files and Global File Cache
    REFERENCE ARCHITECTURE Globally Distributed Enterprise File Sharing with Azure NetApp Files and NetApp Global File Cache Evolving from StorSimple to next-gen Azure solutions. Table of contents Introduction 3 Solution overview 3 A New Data Store with Azure NetApp Files 4 Azure NetApp Files features 4 Using Azure NetApp Files to consolidate distributed file servers 5 Accessing the ANF datastore with a Global File Cache fabric 5 NetApp Global File Cache Edge 6 NetApp Global File Cache Edge instance 6 Network connectivity 6 Configuration guidelines 6 Azure NetApp Files with Global File Cache topology 6 Deployment methodologies 7 Operating environment summary 7 User experience 7 Migrate your StorSimple data to Azure NetApp Files 8 Overview of data migration – StorSimple to Azure NetApp Files 8 Getting the data to Azure 8 Volume Clone 8 Create Azure VM 8 Connecting to the Cloud Appliance 8 Create Azure NetApp Files share 9 Data copy 9 Summary 9 2 Document title Streamline and simplify IT storage Solution overview and infrastructure by centralizing NetApp Global File Cache + Azure NetApp Files: unstructured data into Microsoft Azure a “major step” in unstructured data management for the distributed enterprise using Azure NetApp Files to provide 85% of companies are in the process of adopting a fast local and geographically distributed cloud transformation strategy. This means combining access with NetApp Global File Cache™. on-premises, hybrid, and public cloud services and associated storage technologies, like file/block-based and object storage (e.g., Azure BLOB) to host both Introduction structured and unstructured data. Why did people use StorSimple...what are the NetApp and Microsoft recognize the impact on primary use-cases? the organization, end users, distributed IT strategy, • Unstructured file shares that can be more easily datacenter, and cloud operations.
    [Show full text]
  • The Developer's 5-Step Guide to Power BI Embedded
    The Developer’s 5-Step Guide to Power BI Embedded 5 Step Guide to Using Power BI Embedded 2 Your guide to using Power BI Embedded will briefly cover a few prerequisites, and will then look at five steps to complete: Start building fully 1. Set up your development environment interactive reports and dashboards into 2. Set up your Power BI environment your application, 3. Create and publish content website, or portal. 4. Embed your content for testing 5. Move to production If you’re not ready to start today, get familiar with Power BI Embedded in the Power BI Embedded Playground. Try out all the front-end features you can offer customers with pre-configured visuals and data models. 5 Step Guide to Using Power BI Embedded 3 What is Power BI Embedded? Power BI Embedded allows you to white label Microsoft Power BI to quickly and easily provide engaging front-end analytics and dashboards to your customers. Save time and expense by embedding fully Give your customers high-fidelity, Choose from a broad range of data interactive reports and dashboards into interactive analytics across any device. visualizations or build your own applications, websites, and portals. custom illustrations. Power BI Embedded also includes an extensive library of data connectors, APIs, and fully-documented SDKs. Choose the right set of options for your application and customers, whether you need basic data visualizations or complex interactive analytics. The Prerequisites: Complete these prerequisites to get started: • Open an Azure subscription. Create a free account. • Set up your own Azure Active Directory tenant.
    [Show full text]
  • Azure Web Apps for Developers Microsoft Azure Essentials
    Azure Web Apps for Developers Microsoft Azure Essentials Rick Rainey Visit us today at microsoftpressstore.com • Hundreds of titles available – Books, eBooks, and online resources from industry experts • Free U.S. shipping • eBooks in multiple formats – Read on your computer, tablet, mobile device, or e-reader • Print & eBook Best Value Packs • eBook Deal of the Week – Save up to 60% on featured titles • Newsletter and special offers – Be the first to hear about new releases, specials, and more • Register your book – Get additional benefits Hear about it first. Get the latest news from Microsoft Press sent to your inbox. • New and upcoming books • Special offers • Free eBooks • How-to articles Sign up today at MicrosoftPressStore.com/Newsletters Wait, there’s more... Find more great content and resources in the Microsoft Press Guided Tours app. The Microsoft Press Guided Tours app provides insightful tours by Microsoft Press authors of new and evolving Microsoft technologies. • Share text, code, illustrations, videos, and links with peers and friends • Create and manage highlights and notes • View resources and download code samples • Tag resources as favorites or to read later • Watch explanatory videos • Copy complete code listings and scripts Download from Windows Store PUBLISHED BY Microsoft Press A division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2015 Microsoft Corporation. All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. ISBN: 978-1-5093-0059-4 Microsoft Press books are available through booksellers and distributors worldwide.
    [Show full text]
  • Leveraging Forticlient with Microsoft Defender: 6 Use Cases
    SOLUTION BRIEF Leveraging FortiClient with Microsoft Defender: 6 Use Cases Executive Overview A compromised endpoint can quickly infect an entire enterprise network—which FortiClient Features Include: is why endpoint devices are now a favorite target for cyber criminals. More than an endpoint protection platform that provides automated, next-generation threat nnSecurity Fabric Connector. protection, FortiClient connects endpoints with the Security Fabric. It enables Enables endpoint visibility and endpoint visibility and compliance throughout the Security Fabric architecture. compliance throughout the Combining FortiClient with OS-embedded protection, such as Microsoft Security Fabric architecture. Defender or Microsoft Defender ATP, enhances these capabilities, providing nnVulnerability scanning. an integrated endpoint and network security solution that reinforces enterprise Detects and patches endpoint defenses, reduces complexity, and enhances the end-user experience. vulnerabilities. nn Improving Protection of Endpoint Devices Anti-malware protection. Employs machine learning (ML), FortiClient provides automated threat protection and endpoint vulnerability scanning to help artificial intelligence (AI), and maintain endpoint security hygiene and deliver risk-based visibility across the Fortinet Security cloud-based threat detection Fabric architecture. As a result, organizations can identify and remediate vulnerabilities or in addition to pattern-based compromised hosts across the entire attack surface. malware detection. In some cases, customers may wish to take advantage of certain FortiClient features while nnAnti-exploit engine. Uses leaving existing third-party protections in place. For example, in instances where there are signatureless, behavior-based policies in an organization that require two different antivirus (AV) vendors on an endpoint protection against memory and for governance or compliance reasons, the need for FortiClient alongside a third-party AV fileless attacks; detects exploit solution such as Microsoft Defender is necessitated.
    [Show full text]
  • Microsoft Cloud Agreement
    Microsoft Cloud Agreement This Microsoft Cloud Agreement is entered into between the entity you represent, or, if you do not designate an entity in connection with a Subscription purchase or renewal, you individually (“Customer”), and Microsoft Ireland Operations Limited (“Microsoft”). It consists of the terms and conditions below, Use Rights, SLA, and all documents referenced within those documents (together, the “agreement”). It is effective on the date that your Reseller provisions your Subscription. Key terms are defined in Section 10. 1. Grants, rights and terms. All rights granted under this agreement are non-exclusive and non-transferable and apply as long as neither Customer nor any of its Affiliates is in material breach of this agreement. a. Software. Upon acceptance of each order, Microsoft grants Customer a limited right to use the Software in the quantities ordered. (i) Use Rights. The Use Rights in effect when Customer orders Software will apply to Customer’s use of the version of the Software that is current at the time. For future versions and new Software, the Use Rights in effect when those versions and Software are first released will apply. Changes Microsoft makes to the Use Rights for a particular version will not apply unless Customer chooses to have those changes apply. (ii) Temporary and perpetual licenses. Licenses available on a subscription basis are temporary. For all other licenses, the right to use Software becomes perpetual upon payment in full. b. Online Services. Customer may use the Online Services as provided in this agreement. (i) Online Services Terms. The Online Services Terms in effect when Customer orders or renews a subscription to an Online Service will apply for the applicable subscription term.
    [Show full text]
  • Digital Commerce Transformation and Modern Customer Experience with Microsoft Azure and Billing Solutions with SAP Customer Experience
    The Microsoft Journey Digital Commerce Transformation and Modern Customer Experience with Microsoft Azure and Billing Solutions with SAP Customer Experience Matt Forrest (Principal Software Engineering Manager) & Cassandra Wong (Principal Program Manager) Nishant Vats (Technical Quality Manager) Session ID: ASUG83722 May 7 – 9, 2019 About the Speakers Matt Forrest Cassandra Wong Nishant Vats • Principal Software • Principal Program • Technical Quality Engineering Manager Manager, SAP Manager • Core Services • Core Services Engineering, Engineering, Microsoft Microsoft Agenda • Microsoft – history & background with SAP • Microsoft Online Commerce • Business Case for BRIM at Microsoft • Architecture & Process Monitoring Key Outcomes/Objectives 1. Understanding of E2E business process 2. Technical architecture leveraging BRIM on Azure 3. Understand how we’re leveraging Azure tools to get the best out of BRIM About Microsoft Over the years, major forces and innovations in our industry required Microsoft to transform Deliver Reliant & Agile Enable Modern Provide Real Time ERP Platform Experiences Processes Highly Up to Monitored Up to 17TB compressed 9M Dialog 300K Batch 300M Transaction database Steps/Day Jobs/Month steps/Month Named User SAP Surround Internal Users Non-SAPGUI (Mostly Indirect Accounts 110K 8K 96% users Strategy Access to SAP) Raw Seconds user SQL/Win 0.4 response time 99.998% Uptime Transaction Compression System growth Servers 15-30% Incident Ticket volume ever Storage 2x in past 2 years 2x ≈600 (100% virtual) 250TB Reduction
    [Show full text]
  • Power BI Pitch Deck FY20
    Power BI overview Speaker name Title Modern analytics Speaker name Title Companies want to do more with data 70% of organizations believe their data is not used to its fullest extent But it’s hard to do Amount of data Data sources Lack of is growing are growing specialized workers 163ZB 86% #1 worldwide data challenged to analyze data science and creation by 2025 unstructured data analytics are most –IDC: Data Age 2025 –IDG: Big Data Survey challenging to find –IDG: State of CIO How does Power BI help modernize analytics? Unify self-service AI gets to Anyone can and enterprise BI insights faster access and analyze Remove the challenges of multiple Reduce the amount of Make sense of data and drive solutions and conquer data both time spent wrangling data and confident decisions without structured and unstructured spend more time getting answers relying on specialized skills Data culture Unify self-service and enterprise BI • Reduce cost, complexity, and challenges of multiple analytics systems • Grow and evolve with a scalable, secure, and compliant platform • Enterprise BI tools like SSRS and SSAS are inside Power BI • Protect your data inside and outside of Power BI Pair Power BI with Microsoft Information Protection and Microsoft Cloud App Security to better protect Power BI data Apply sensitivity labels Extend protection and Better meet privacy and Help prevent exposure of familiar in Office 365 governance policies to regulatory requirements sensitive data by apps like Word, Excel, Power BI data— with oversight of blocking risky user PowerPoint, and Outlook including exported sensitive data through activities, in real time, to Power BI data.
    [Show full text]
  • Command-Line Sound Editing Wednesday, December 7, 2016
    21m.380 Music and Technology Recording Techniques & Audio Production Workshop: Command-line sound editing Wednesday, December 7, 2016 1 Student presentation (pa1) • 2 Subject evaluation 3 Group picture 4 Why edit sound on the command line? Figure 1. Graphical representation of sound • We are used to editing sound graphically. • But for many operations, we do not actually need to see the waveform! 4.1 Potential applications • • • • • • • • • • • • • • • • 1 of 11 21m.380 · Workshop: Command-line sound editing · Wed, 12/7/2016 4.2 Advantages • No visual belief system (what you hear is what you hear) • Faster (no need to load guis or waveforms) • Efficient batch-processing (applying editing sequence to multiple files) • Self-documenting (simply save an editing sequence to a script) • Imaginative (might give you different ideas of what’s possible) • Way cooler (let’s face it) © 4.3 Software packages On Debian-based gnu/Linux systems (e.g., Ubuntu), install any of the below packages via apt, e.g., sudo apt-get install mplayer. Program .deb package Function mplayer mplayer Play any media file Table 1. Command-line programs for sndfile-info sndfile-programs playing, converting, and editing me- Metadata retrieval dia files sndfile-convert sndfile-programs Bit depth conversion sndfile-resample samplerate-programs Resampling lame lame Mp3 encoder flac flac Flac encoder oggenc vorbis-tools Ogg Vorbis encoder ffmpeg ffmpeg Media conversion tool mencoder mencoder Media conversion tool sox sox Sound editor ecasound ecasound Sound editor 4.4 Real-world
    [Show full text]
  • Applications of Access Control As a Service for Software Security
    International Journal of Industrial Engineering and Management (IJIEM), Vol. 7 No 3, 2016, pp. 111-116 Available online at www.iim.ftn.uns.ac.rs/ijiem_journal.php ISSN 2217-2661 UDK: 004.41 Applications of Access Control as a Service for Software Security Predrag Daši ć High Technical Mechanical School of Professional Studies, Trstenik 37240, Serbia SaTCIP Publisher Ltd. Vrnja čka Banja 36210, Serbia, [email protected] Jovan Daši ć SaTCIP Publisher Ltd. Vrnja čka Banja 36210, Serbia Bojan Crvenkovi ć SaTCIP Publisher Ltd. Vrnja čka Banja 36210, Serbia Received (27.05.2015.); Revised (18.11.2015.); Accepted (09.06.2016.) Abstract Cloud technology has been around for some time now and is gaining increased influence in almost every aspect of information technology services. As a consequence of above stated, cloud technology offers improvements to traditional security systems by converging logical (cloud network) and physical security (on-site devices). In this paper, we will discuss the application of Access Control as a Service (ACaaS) for software security systems. ACaaS defines a common policy format for security, the translation of the policy into deployment environments and represents an efficient, cost-effective mechanism for access control. Key words: Access Control as a Service (ACaaS); Cloud computing; Cloud security; Security as a Service (SECaaS); Software as a Service (SaaS). 1. INTRODUCTION market; Azure Platform AppFabric Access Control Access Control as a Service (ACaaS) offers centralized Service, Junos Pulse Access Control Service etc. hosted security solution which integrates cloud An ACaaS comprises of Policy Decision Point (PDP), computing features on top of existing physical security Policy Enforcement Point (PEP), Policy Administrator layer.
    [Show full text]
  • Sound-HOWTO.Pdf
    The Linux Sound HOWTO Jeff Tranter [email protected] v1.22, 16 July 2001 Revision History Revision 1.22 2001−07−16 Revised by: jjt Relicensed under the GFDL. Revision 1.21 2001−05−11 Revised by: jjt This document describes sound support for Linux. It lists the supported sound hardware, describes how to configure the kernel drivers, and answers frequently asked questions. The intent is to bring new users up to speed more quickly and reduce the amount of traffic in the Usenet news groups and mailing lists. The Linux Sound HOWTO Table of Contents 1. Introduction.....................................................................................................................................................1 1.1. Acknowledgments.............................................................................................................................1 1.2. New versions of this document.........................................................................................................1 1.3. Feedback...........................................................................................................................................2 1.4. Distribution Policy............................................................................................................................2 2. Sound Card Technology.................................................................................................................................3 3. Supported Hardware......................................................................................................................................4
    [Show full text]