1 / 38

IAD 2263: System Analysis and Design

IAD 2263: System Analysis and Design. Chapter 7: Designing System Databases, Interfaces and Security. Content. Designing Databases Designing the User Interface Designing the System Interfaces, Controls and Security. Databases and Database Management Systems.

stinson
Download Presentation

IAD 2263: System Analysis and Design

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IAD 2263: System Analysis and Design Chapter 7: Designing System Databases, Interfaces and Security

  2. Content • Designing Databases • Designing the User Interface • Designing the System Interfaces, Controls and Security

  3. Databases and Database Management Systems • Databases (DB) – integrated collections of stored data that are centrally managed and controlled • Database management system (DBMS) – system software that manages and controls access to database • Databases described by a schema – description of structure, content, and access controls

  4. Database Models • Impacted by technology changes since 1960s • Model types • Hierarchical • Network • Relational • Object-oriented • Most current systems use relational or object-oriented data models

  5. Relational Databases • Relational database management system (RDBMS) organizes data into tables or relations • Tables are two dimensional data structures • Tuples –rows or records • Fields –columns or attributes • Tables have primary key field(s) that can be used to identify unique records • Keys relate tables to each other

  6. Partial Display of Relational Database Table

  7. Designing Relational Databases • Create table for each entity type • Choose or invent primary key for each table • Add foreign keys to represent one-to-many relationships • Create new tables to represent many-to-many relationships

  8. Designing Relational Databases (continued)‏ • Define referential integrity constraints • Evaluate schema quality and make necessary improvements • Choose appropriate data types and value restrictions (if necessary) for each field

  9. Relationship Between Data in Two Tables

  10. RMO Entity-Relationship Diagram

  11. Representing Relationships • Relational databases use foreign keys to represent relationships • One-to-many relationship • Add primary key field of “one” entity type as foreign key in table that represents “many” entity type • Many-to-many relationship • Use the primary key field(s) of both entity types • Use (or create) an associative entity table to represent relationship

  12. Entity Tables with Primary Keys

  13. Database Normalization • Normal forms minimize data redundancy • First normal form (1NF) – no repeating fields or groups of fields • Functional dependency – one-to-one relationship between the values of two fields • 2NF – in 1NF and if each non-key element is functionally dependent on entire primary key • 3NF – in 2NF and if no non-key element is functionally dependent on any other non-key element

  14. Object-Oriented Databases • Direct extension of OO design and programming paradigm • ODBMS stores data as objects • Direct support for method storage, inheritance, nested objects, object linking, and programmer-defined data types • Object Definition Language (ODL)‏ • Standard language for describing structure and content of an object database

  15. Designing Object Databases • Determine which classes require persistent storage • Define persistent classes • Represent relationships among persistent classes • Choose appropriate data types and value restrictions (if necessary) for each field

  16. RMO Domain Model Class Diagram

  17. One-to-Many Relationship Between Customer and Order Classes

  18. Views of Stored Data

  19. Relationships • Relationships are represented with foreign keys • Foreign key values serve same purpose as object identifiers in ODBMS • 1:M relationship – add primary key field of class on “one” side of the relationship to table representing class on “many” side • M:M relationship – create new table that contains primary key fields of related class tables and attributes of the relationship itself

  20. Systems Analysis and Design in a Changing World, 5th Edition Identifying System Interfaces • System interfaces are broadly defined as inputs or outputs with minimal or no human intervention • Inputs from other systems (messages, EDI)‏ • Highly automated input devices such as scanners • Inputs that are from data in external databases • Outputs to external databases • Outputs with minimal HCI • Outputs to other systems • Real-time connections (both input and output)‏

  21. Systems Analysis and Design in a Changing World, 5th Edition Full Range of Inputs and Outputs Figure 15-1

  22. Systems Analysis and Design in a Changing World, 5th Edition Designing System Outputs • Determine each type of output • Make list of specific system outputs required based on application design • Specify any necessary controls to protect information provided in output • Design and prototype output layout • Ad hoc reports – designed as needed by user

  23. Systems Analysis and Design in a Changing World, 5th Edition Defining the Details of System Outputs • Type of reports • Printed reports • Electronic displays • Turnaround documents

  24. Systems Analysis and Design in a Changing World, 5th Edition Sample Bar Chart and Pie Chart Reports Figure 15-17

  25. Systems Analysis and Design in a Changing World, 5th Edition Formatting Reports • What is objective of report? • Who is the intended audience? • What is media for presentation? • Avoid information overload • Format considerations include meaningful headings, date of information, date report produced, page numbers

  26. Systems Analysis and Design in a Changing World, 5th Edition Objectives of Integrity Controls • Ensure that only appropriate and correct business transactions occur • Ensure that transactions are recorded and processed correctly • Protect and safeguard assets of the organization • Software • Hardware • Information

  27. Systems Analysis and Design in a Changing World, 5th Edition Points of Security and Integrity Controls Figure 15-18

  28. Systems Analysis and Design in a Changing World, 5th Edition Input Integrity Controls • Used with all input mechanisms • Additional level of verification to help reduce input errors • Common control techniques • Field combination controls • Value limit controls • Completeness controls • Data validation controls

  29. Systems Analysis and Design in a Changing World, 5th Edition Designing Security Controls • Security controls protect assets of organization from all threats • External threats such as hackers, viruses, worms, and message overload attacks • Security control objectives • Maintain stable, functioning operating environment for users and application systems (24 x 7)‏ • Protect information and transactions during transmission outside organization (public carriers)‏

  30. Systems Analysis and Design in a Changing World, 5th Edition Security for Access to Systems • Used to control access to any resource managed by operating system or network • User categories • Unauthorized user – no authorization to access • Registered user – authorized to access system • Privileged user – authorized to administrate system • Organized so that all resources can be accessed with same unique ID/password combination

  31. Systems Analysis and Design in a Changing World, 5th Edition Users and Access Roles to Computer Systems Figure 15-20

  32. Systems Analysis and Design in a Changing World, 5th Edition Managing User Access • Most common technique is user ID / password • Authorization – Is user permitted to access? • Access control list – users with rights to access • Authentication – Is user who they claim to be? • Smart card – computer-readable plastic card with embedded security information • Biometric devices – keystroke patterns, fingerprinting, retinal scans, voice characteristics

  33. Systems Analysis and Design in a Changing World, 5th Edition Data Security • Data and files themselves must be secure • Encryption – primary security method • Altering data so unauthorized users cannot view • Decryption • Altering encrypted data back to its original state • Symmetric key – same key encrypts and decrypts • Asymmetric key – different key decrypts • Public key – public encrypts; private decrypts

  34. Systems Analysis and Design in a Changing World, 5th Edition Symmetric Key Encryption Figure 15-22

  35. Systems Analysis and Design in a Changing World, 5th Edition Asymmetric Key Encryption Figure 15-23

  36. Systems Analysis and Design in a Changing World, 5th Edition Digital Signatures and Certificates • Encryption of messages enables secure exchange of information between two entities with appropriate keys • Digital signature encrypts document with private key to verify document author • Digital certificate is institution’s name and public key that is encrypted and certified by third party • Certifying authority • VeriSign or Equifax

  37. Systems Analysis and Design in a Changing World, 5th Edition Secure Transactions • Standard set of methods and protocols for authentication, authorization, privacy, integrity • Secure Sockets Layer (SSL) renamed as Transport Layer Security (TLS) – protocol for secure channel to send messages over Internet • IP Security (IPSec) – newer standard for transmitting Internet messages securely • Secure Hypertext Transport Protocol (HTTPS or HTTP-S) – standard for transmitting Web pages securely (encryption, digital signing, certificates)‏

  38. Thanks

More Related