系统分析与设计 第十四章ppt

1、14 Systems Analysis and Design in a Changing World, Fourth Edition 14 Systems Analysis and Design in a Changing World, 4th Edition2 Learning Objectives uDiscuss examples of system interfaces found in information systems uDefine system inputs and outputs based on the requirements of the application p

2、rogram uDesign printed and on-screen reports appropriate for recipients 14 Systems Analysis and Design in a Changing World, 4th Edition3 Learning Objectives (continued) uExplain the importance of integrity controls uIdentify required integrity controls for inputs, outputs, data, and processing uDisc

3、uss issues related to security that affect the design and operation of information systems 14 Systems Analysis and Design in a Changing World, 4th Edition4 Overview uThis chapter focuses on system interfaces, system outputs, and system controls that do not require much human interaction uMany system

4、 interfaces are electronic transmissions or paper outputs to external agents uSystem developers need to design and implement integrity and security controls to protect system and its data uOutside threats from Internet and e-commerce are growing concern 14 Systems Analysis and Design in a Changing W

5、orld, 4th Edition5 Identifying System Interfaces uSystem interfaces are broadly defined as inputs or outputs with minimal or no human intervention lInputs from other systems (messages, EDI) lHighly automated input devices such as scanners lInputs that are from data in external databases lOutputs to

6、external databases lOutputs with minimal HCI lOutputs to other systems lReal-time connections (both input and output) 14 Systems Analysis and Design in a Changing World, 4th Edition6 Full Range of Inputs and Outputs 14 Systems Analysis and Design in a Changing World, 4th Edition7 eXtensible Markup L

7、anguage (XML) uExtension of HTML that embeds self-defined data structures in textual messages uTransaction that contains data fields can be sent with XML codes to define meaning of data fields uXML provides common system-to-system interface uXML is simple and readable by people uWeb services is base

8、d on XML to send business transactions over Internet 14 Systems Analysis and Design in a Changing World, 4th Edition8 System-to-System Interface Based on XML 14 Systems Analysis and Design in a Changing World, 4th Edition9 Design of System Inputs uIdentify devices and mechanisms used to enter input

9、lHigh-level review of most up-to-date methods to enter data uIdentify all system inputs and develop list of data content for each lProvide link between design of application software and design of user and system interfaces uDetermine controls and security necessary for each system input 14 Systems

10、Analysis and Design in a Changing World, 4th Edition10 Input Devices and Mechanisms uCapture data as close to original source as possible uUse electronic devices and automatic entry whenever possible uAvoid human involvement as much as possible uSeek information in electronic form to avoid data re-e

11、ntry uValidate and correct information at entry point 14 Systems Analysis and Design in a Changing World, 4th Edition11 Prevalent Input Devices to Avoid Human Data Entry uMagnetic card strip readers uBar code readers uOptical character recognition readers and scanners uRadio-frequency identification

12、 tags uTouch screens and devices uElectronic pens and writing surfaces uDigitizers, such as digital cameras and digital audio devices 14 Systems Analysis and Design in a Changing World, 4th Edition12 Defining the Details of System Inputs uEnsure all data inputs are identified and specified correctly

13、 uCan use traditional structured models lIdentify automation boundary uUse DFD fragments uSegment by program boundaries lExamine structure charts uAnalyze each module and data couple uList individual data fields 14 Systems Analysis and Design in a Changing World, 4th Edition13 Automation Boundary on

14、 a System-Level DFD 14 Systems Analysis and Design in a Changing World, 4th Edition14 Create New Order DFD with an Automation Boundary 14 Systems Analysis and Design in a Changing World, 4th Edition15 List of Inputs for Customer Support System 14 Systems Analysis and Design in a Changing World, 4th

15、Edition16 Structure Chart for Create New Order (Figure 14-6) 14 Systems Analysis and Design in a Changing World, 4th Edition17 Data Flows, Data Couples, and Data Elements Making Up Inputs (Figure 14-7) 14 Systems Analysis and Design in a Changing World, 4th Edition18 Using Object-Oriented Models uId

16、entifying user and system inputs with OO approach has same tasks as traditional approach uOO diagrams are used instead of DFDs and structure charts uSystem sequence diagrams identify each incoming message uDesign class diagrams and sequence diagrams identify and describe input parameters and verify

17、characteristics of inputs 14 Systems Analysis and Design in a Changing World, 4th Edition19 Partial System Sequence Diagram for Payroll System Use Cases (Figure 14-8) 14 Systems Analysis and Design in a Changing World, 4th Edition20 System Sequence Diagram for Create New Order 14 Systems Analysis an

18、d Design in a Changing World, 4th Edition21 Input Messages and Data Parameters from RMO System Sequence Diagram (Figure 14-10) 14 Systems Analysis and Design in a Changing World, 4th Edition22 Designing System Outputs uDetermine each type of output uMake list of specific system outputs required base

19、d on application design uSpecify any necessary controls to protect information provided in output uDesign and prototype output layout uAd hoc reports designed as needed by user 14 Systems Analysis and Design in a Changing World, 4th Edition23 Defining the Details of System Outputs uType of reports l

20、Printed reports lElectronic displays lTurnaround documents uCan use traditional structured models to identify outputs lData flows crossing automation boundary lData couples and report data requirements on structure chart 14 Systems Analysis and Design in a Changing World, 4th Edition24 Table of Syst

21、em Outputs Based on Traditional Structured Approach (Figure 14-11) 14 Systems Analysis and Design in a Changing World, 4th Edition25 Using Object-Oriented Models uOutputs indicated by messages in sequence diagrams lOriginate from internal system objects lSent to external actors or another external s

22、ystem uOutput messages based on an individual object are usually part of methods of that class object uTo report on all objects within a class, class-level method is used that works on entire class 14 Systems Analysis and Design in a Changing World, 4th Edition26 Table of System Outputs Based on OO

23、Messages (Figure 14-12) 14 Systems Analysis and Design in a Changing World, 4th Edition27 Designing Reports, Statements, and Turnaround Documents uPrinted versus electronic uTypes of output reports lDetailed lSummary lException lExecutive uInternal versus external uGraphical and multimedia presentat

24、ion 14 Systems Analysis and Design in a Changing World, 4th Edition28 RMO Summary Report with Drill Down to the Detailed Report 14 Systems Analysis and Design in a Changing World, 4th Edition29 Sample Bar Chart and Pie Chart Reports 14 Systems Analysis and Design in a Changing World, 4th Edition30 F

25、ormatting Reports uWhat is objective of report? uWho is the intended audience? uWhat is media for presentation? uAvoid information overload uFormat considerations include meaningful headings, date of information, date report produced, page numbers 14 Systems Analysis and Design in a Changing World,

26、4th Edition31 Designing Integrity Controls uMechanisms and procedures built into a system to safeguard it and information contained within uIntegrity controls lBuilt into application and database system to safeguard information uSecurity controls lBuilt into operating system and network 14 Systems A

27、nalysis and Design in a Changing World, 4th Edition32 Objectives of Integrity Controls uEnsure that only appropriate and correct business transactions occur uEnsure that transactions are recorded and processed correctly uProtect and safeguard assets of the organization lSoftware lHardware lInformati

28、on 14 Systems Analysis and Design in a Changing World, 4th Edition33 Points of Security and Integrity Controls 14 Systems Analysis and Design in a Changing World, 4th Edition34 Input Integrity Controls uUsed with all input mechanisms uAdditional level of verification to help reduce input errors uCom

29、mon control techniques lField combination controls lValue limit controls lCompleteness controls lData validation controls 14 Systems Analysis and Design in a Changing World, 4th Edition35 Database Integrity Controls uAccess controls = management user uData encryption uTransaction controls = transact

30、ion log uUpdate controls uBackup and recovery protection 14 Systems Analysis and Design in a Changing World, 4th Edition36 Output Integrity Controls uEnsure output arrives at proper destination and is correct, accurate, complete, and current uDestination controls - output is channeled to correct peo

31、ple uCompleteness, accuracy, and correctness controls uAppropriate information present in output 14 Systems Analysis and Design in a Changing World, 4th Edition37 Integrity Controls to Prevent Fraud uThree conditions are present in fraud cases lPersonal pressure, such as desire to maintain extravaga

32、nt lifestyle lRationalizations, including “I will repay this money” or “I have this coming” lOpportunity, such as unverified cash receipts uControl of fraud requires both manual procedures and computer integrity controls 14 Systems Analysis and Design in a Changing World, 4th Edition38 Fraud Risks a

33、nd Prevention Techniques 14 Systems Analysis and Design in a Changing World, 4th Edition39 Designing Security Controls uSecurity controls protect assets of organization from all threats lExternal threats such as hackers, viruses, worms, and message overload attacks uSecurity control objectives lMain

34、tain stable, functioning operating environment for users and application systems (24 x 7) lProtect information and transactions during transmission outside organization (public carriers) 14 Systems Analysis and Design in a Changing World, 4th Edition40 Security for Access to Systems uUsed to control

35、 access to any resource managed by operating system or network uUser categories lUnauthorized user no authorization to access lRegistered user authorized to access system lPrivileged user authorized to administrate system uOrganized so that all resources can be accessed with same unique ID/password

36、combination 14 Systems Analysis and Design in a Changing World, 4th Edition41 Users and Access Roles to Computer Systems 14 Systems Analysis and Design in a Changing World, 4th Edition42 Managing User Access uMost common technique is user ID / password uAuthorization Is user permitted to access? uAc

37、cess control list users with rights to access uAuthentication Is user who they claim to be? uSmart card computer-readable plastic card with embedded security information uBiometric devices keystroke patterns, fingerprinting, retinal scans, voice characteristics 14 Systems Analysis and Design in a Ch

38、anging World, 4th Edition43 Data Security uData and files themselves must be secure uEncryption primary security method lAltering data so unauthorized users cannot view uDecryption lAltering encrypted data back to its original state uSymmetric key same key encrypts and decrypts uAsymmetric key diffe

39、rent key decrypts uPublic key public encrypts; private decrypts 14 Systems Analysis and Design in a Changing World, 4th Edition44 Symmetric Key Encryption 14 Systems Analysis and Design in a Changing World, 4th Edition45 Asymmetric Key Encryption 14 Systems Analysis and Design in a Changing World, 4

40、th Edition46 Digital Signatures and Certificates uEncryption of messages enables secure exchange of information between two entities with appropriate keys uDigital signature encrypts document with private key to verify document author uDigital certificate is institutions name and public key that is encrypted and certified by third party uCertifying authority lVeriSign or Equifax 14 Systems Analysis and Design in a Changing World, 4th Edition47 Using a Digital Certificate 14 Systems Analysis and Design in a Changing World, 4th Edition48