Presentation is loading. Please wait.

Presentation is loading. Please wait.

14 Systems Analysis and Design in a Changing World, Fourth Edition.

Similar presentations


Presentation on theme: "14 Systems Analysis and Design in a Changing World, Fourth Edition."— Presentation transcript:

1 14 Systems Analysis and Design in a Changing World, Fourth Edition

2 14 Systems Analysis and Design in a Changing World, 4th Edition 2 Learning Objectives u Discuss examples of system interfaces found in information systems u Define system inputs and outputs based on the requirements of the application program u Design printed and on-screen reports appropriate for recipients

3 14 Systems Analysis and Design in a Changing World, 4th Edition 3 Learning Objectives ( continued ) u Explain the importance of integrity controls u Identify required integrity controls for inputs, outputs, data, and processing u Discuss issues related to security that affect the design and operation of information systems

4 14 Systems Analysis and Design in a Changing World, 4th Edition 4 Overview u This chapter focuses on system interfaces, system outputs, and system controls that do not require much human interaction u Many system interfaces are electronic transmissions or paper outputs to external agents u System developers need to design and implement integrity and security controls to protect system and its data u Outside threats from Internet and e-commerce are growing concern

5 14 Systems Analysis and Design in a Changing World, 4th Edition 5 Identifying System Interfaces u System interfaces are broadly defined as inputs or outputs with minimal or no human intervention l Inputs from other systems (messages, EDI) l Highly automated input devices such as scanners l Inputs that are from data in external databases l Outputs to external databases l Outputs with minimal HCI l Outputs to other systems l Real-time connections (both input and output)

6 14 Systems Analysis and Design in a Changing World, 4th Edition 6 Full Range of Inputs and Outputs

7 14 Systems Analysis and Design in a Changing World, 4th Edition 7 eXtensible Markup Language (XML) u Extension of HTML that embeds self-defined data structures in textual messages u Transaction that contains data fields can be sent with XML codes to define meaning of data fields u XML provides common system-to-system interface u XML is simple and readable by people u Web services is based on XML to send business transactions over Internet

8 14 Systems Analysis and Design in a Changing World, 4th Edition 8 System-to-System Interface Based on XML

9 14 Systems Analysis and Design in a Changing World, 4th Edition 9 Design of System Inputs u Identify devices and mechanisms used to enter input l High-level review of most up-to-date methods to enter data u Identify all system inputs and develop list of data content for each l Provide link between design of application software and design of user and system interfaces u Determine controls and security necessary for each system input

10 14 Systems Analysis and Design in a Changing World, 4th Edition 10 Input Devices and Mechanisms u Capture data as close to original source as possible u Use electronic devices and automatic entry whenever possible u Avoid human involvement as much as possible u Seek information in electronic form to avoid data re-entry u Validate and correct information at entry point

11 14 Systems Analysis and Design in a Changing World, 4th Edition 11 Prevalent Input Devices to Avoid Human Data Entry u Magnetic card strip readers u Bar code readers u Optical character recognition readers and scanners u Radio-frequency identification tags u Touch screens and devices u Electronic pens and writing surfaces u Digitizers, such as digital cameras and digital audio devices

12 14 Systems Analysis and Design in a Changing World, 4th Edition 12 Defining the Details of System Inputs u Ensure all data inputs are identified and specified correctly u Can use traditional structured models l Identify automation boundary u Use DFD fragments u Segment by program boundaries l Examine structure charts u Analyze each module and data couple u List individual data fields

13 14 Systems Analysis and Design in a Changing World, 4th Edition 13 Automation Boundary on a System-Level DFD

14 14 Systems Analysis and Design in a Changing World, 4th Edition 14 Create New Order DFD with an Automation Boundary

15 14 Systems Analysis and Design in a Changing World, 4th Edition 15 List of Inputs for Customer Support System

16 14 Systems Analysis and Design in a Changing World, 4th Edition 16 Structure Chart for Create New Order (Figure 14-6)

17 14 Systems Analysis and Design in a Changing World, 4th Edition 17 Data Flows, Data Couples, and Data Elements Making Up Inputs (Figure 14-7)

18 14 Systems Analysis and Design in a Changing World, 4th Edition 18 Using Object-Oriented Models u Identifying user and system inputs with OO approach has same tasks as traditional approach u OO diagrams are used instead of DFDs and structure charts u System sequence diagrams identify each incoming message u Design class diagrams and sequence diagrams identify and describe input parameters and verify characteristics of inputs

19 14 Systems Analysis and Design in a Changing World, 4th Edition 19 Partial System Sequence Diagram for Payroll System Use Cases (Figure 14-8)

20 14 Systems Analysis and Design in a Changing World, 4th Edition 20 System Sequence Diagram for Create New Order

21 14 Systems Analysis and Design in a Changing World, 4th Edition 21 Input Messages and Data Parameters from RMO System Sequence Diagram (Figure 14-10)

22 14 Systems Analysis and Design in a Changing World, 4th Edition 22 Designing System Outputs u Determine each type of output u Make list of specific system outputs required based on application design u Specify any necessary controls to protect information provided in output u Design and prototype output layout u Ad hoc reports – designed as needed by user

23 14 Systems Analysis and Design in a Changing World, 4th Edition 23 Defining the Details of System Outputs u Type of reports l Printed reports l Electronic displays l Turnaround documents u Can use traditional structured models to identify outputs l Data flows crossing automation boundary l Data couples and report data requirements on structure chart

24 14 Systems Analysis and Design in a Changing World, 4th Edition 24 Table of System Outputs Based on Traditional Structured Approach (Figure 14-11)

25 14 Systems Analysis and Design in a Changing World, 4th Edition 25 Using Object-Oriented Models u Outputs indicated by messages in sequence diagrams l Originate from internal system objects l Sent to external actors or another external system u Output messages based on an individual object are usually part of methods of that class object u To report on all objects within a class, class-level method is used that works on entire class

26 14 Systems Analysis and Design in a Changing World, 4th Edition 26 Table of System Outputs Based on OO Messages (Figure 14-12)

27 14 Systems Analysis and Design in a Changing World, 4th Edition 27 Designing Reports, Statements, and Turnaround Documents u Printed versus electronic u Types of output reports l Detailed l Summary l Exception l Executive u Internal versus external u Graphical and multimedia presentation

28 14 Systems Analysis and Design in a Changing World, 4th Edition 28 RMO Summary Report with Drill Down to the Detailed Report

29 14 Systems Analysis and Design in a Changing World, 4th Edition 29 Sample Bar Chart and Pie Chart Reports

30 14 Systems Analysis and Design in a Changing World, 4th Edition 30 Formatting Reports u What is objective of report? u Who is the intended audience? u What is media for presentation? u Avoid information overload u Format considerations include meaningful headings, date of information, date report produced, page numbers

31 14 Systems Analysis and Design in a Changing World, 4th Edition 31 Designing Integrity Controls u Mechanisms and procedures built into a system to safeguard it and information contained within u Integrity controls l Built into application and database system to safeguard information u Security controls l Built into operating system and network

32 14 Systems Analysis and Design in a Changing World, 4th Edition 32 Objectives of Integrity Controls u Ensure that only appropriate and correct business transactions occur u Ensure that transactions are recorded and processed correctly u Protect and safeguard assets of the organization l Software l Hardware l Information

33 14 Systems Analysis and Design in a Changing World, 4th Edition 33 Points of Security and Integrity Controls

34 14 Systems Analysis and Design in a Changing World, 4th Edition 34 Input Integrity Controls u Used with all input mechanisms u Additional level of verification to help reduce input errors u Common control techniques l Field combination controls l Value limit controls l Completeness controls l Data validation controls

35 14 Systems Analysis and Design in a Changing World, 4th Edition 35 Database Integrity Controls u Access controls u Data encryption u Transaction controls u Update controls u Backup and recovery protection

36 14 Systems Analysis and Design in a Changing World, 4th Edition 36 Output Integrity Controls u Ensure output arrives at proper destination and is correct, accurate, complete, and current u Destination controls - output is channeled to correct people u Completeness, accuracy, and correctness controls u Appropriate information present in output

37 14 Systems Analysis and Design in a Changing World, 4th Edition 37 Integrity Controls to Prevent Fraud u Three conditions are present in fraud cases l Personal pressure, such as desire to maintain extravagant lifestyle l Rationalizations, including “I will repay this money” or “I have this coming” l Opportunity, such as unverified cash receipts u Control of fraud requires both manual procedures and computer integrity controls

38 14 Systems Analysis and Design in a Changing World, 4th Edition 38 Fraud Risks and Prevention Techniques

39 14 Systems Analysis and Design in a Changing World, 4th Edition 39 Designing Security Controls u Security controls protect assets of organization from all threats l External threats such as hackers, viruses, worms, and message overload attacks u Security control objectives l Maintain stable, functioning operating environment for users and application systems (24 x 7) l Protect information and transactions during transmission outside organization (public carriers)

40 14 Systems Analysis and Design in a Changing World, 4th Edition 40 Security for Access to Systems u Used to control access to any resource managed by operating system or network u User categories l Unauthorized user – no authorization to access l Registered user – authorized to access system l Privileged user – authorized to administrate system u Organized so that all resources can be accessed with same unique ID/password combination

41 14 Systems Analysis and Design in a Changing World, 4th Edition 41 Users and Access Roles to Computer Systems

42 14 Systems Analysis and Design in a Changing World, 4th Edition 42 Managing User Access u Most common technique is user ID / password u Authorization – Is user permitted to access? u Access control list – users with rights to access u Authentication – Is user who they claim to be? u Smart card – computer-readable plastic card with embedded security information u Biometric devices – keystroke patterns, fingerprinting, retinal scans, voice characteristics

43 14 Systems Analysis and Design in a Changing World, 4th Edition 43 Data Security u Data and files themselves must be secure u Encryption – primary security method l Altering data so unauthorized users cannot view u Decryption l Altering encrypted data back to its original state u Symmetric key – same key encrypts and decrypts u Asymmetric key – different key decrypts u Public key – public encrypts; private decrypts

44 14 Systems Analysis and Design in a Changing World, 4th Edition 44 Symmetric Key Encryption

45 14 Systems Analysis and Design in a Changing World, 4th Edition 45 Asymmetric Key Encryption

46 14 Systems Analysis and Design in a Changing World, 4th Edition 46 Digital Signatures and Certificates u Encryption of messages enables secure exchange of information between two entities with appropriate keys u Digital signature encrypts document with private key to verify document author u Digital certificate is institution’s name and public key that is encrypted and certified by third party u Certifying authority l VeriSign or Equifax

47 14 Systems Analysis and Design in a Changing World, 4th Edition 47 Using a Digital Certificate

48 14 Systems Analysis and Design in a Changing World, 4th Edition 48 Secure Transactions u Standard set of methods and protocols for authentication, authorization, privacy, integrity u Secure Sockets Layer (SSL) renamed as Transport Layer Security (TLS) – protocol for secure channel to send messages over Internet u IP Security (IPSec) – newer standard for transmitting Internet messages securely u Secure Hypertext Transport Protocol (HTTPS or HTTP-S) – standard for transmitting Web pages securely (encryption, digital signing, certificates)

49 14 Systems Analysis and Design in a Changing World, 4th Edition 49 Summary u System interfaces include all inputs and outputs except those that are part of GUI u Designing inputs to system is three-step process l Identify devices/mechanisms used to enter input l Identify system inputs; develop list of data content l Determine controls and security necessary for each system input u Traditional approach to design inputs and outputs l DFDs, data flow definitions, structure charts

50 14 Systems Analysis and Design in a Changing World, 4th Edition 50 Summary ( continued ) u OO approach to design inputs and outputs l Sequence diagrams, class diagrams u Integrity controls and security designed into system l Ensure only appropriate and correct business transactions occur l Ensure transactions are recorded and processed correctly l Protect and safeguard assets of the organization l Control access to resources


Download ppt "14 Systems Analysis and Design in a Changing World, Fourth Edition."

Similar presentations


Ads by Google