Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Cyber Laws - WordPress.com

advertisement 
Topics for today…
• System Analysis & Design
• Cyber Laws- IT Act 2000
• E-governance
• E-payments
CIL Test Study material
1
Systems Analysis and Design
What is it?
• Systems analysis
Process of studying an existing system to
determine how it works and how it meets user
needs
• Systems design
Process of developing a plan for an improved
system, based upon the results of the systems
analysis
CIL Test Study material
2
Systems Analyst
• Professional computer employee who
performs analysis and design
• Change agent
– Overcome reluctance of users to change
• Typical career path
– Programmer
– Programmer / Analyst
– Systems Analyst
CIL Test Study material
3
Systems Analyst
Functions
Coordination
• Schedules and system-related tasks
• Personnel
CIL Test Study material
4
Systems Analyst
Functions
• Coordination
Schedules and system-related tasks
• Personnel Communication
– Oral presentations
– Written documentation
Planning and design
– Plans and designs new system
– Involved from beginning of project through final
implementation of the system
CIL Test Study material
5
Project Phases
• Planning (Why build the system? How
should the team go about building it?)
• Analysis (Who uses system, what will it do,
where and when will the system be used?)
• Design (How will the system work?)
• Implementation (System delivery)
CIL Test Study material
6
Planning
•
•
•
•
•
Identifying business value
Analyze feasibility
Develop work plan
Staff the project
Control and direct project
CIL Test Study material
7
Analysis
•
•
•
•
•
Analysis strategy
Gathering business requirements
Requirements definition use cases
Process modeling
Data modeling
CIL Test Study material
8
Design
•
•
•
•
•
Design selection
Architecture design
Interface design
Data storage design
Program design
CIL Test Study material
9
Implementation
• Construction
– Program building
– Program and system testing
• Installation
– Conversion strategy
– Training plan
– Support plan
CIL Test Study material
10
SDLC
Systems Development Life Cycle
•
•
•
•
•
Preliminary investigation
Analysis
Design
Development
Implementation
CIL Test Study material
11
SDLC
Preliminary Investigation
•
•
•
•
Feasibility study / System survey
Determine the problem
Describe the problem
Understand management decisions
– Organizational chart
– Informal hierarchy
• Produces rough plan and what to do
CIL Test Study material
12
SDLC
Preliminary Investigation
Problem Definition
• Nature of the problem
Separate problem from symptoms of
problem
• Scope of the project
Budget and schedule
• Objectives of the project
What user thinks system should do
CIL Test Study material
13
SDLC
Preliminary Investigation
Report
What you have found
Recommendations
Financially feasible
CIL Test Study material
14
SDLC
Analysis
• Understand the existing system
– Gather data
– Analyze data
• Establish system requirements
CIL Test Study material
15
SDLC
Analysis – Data Gathering
• Written documents
• Interviews
– Structured
– Unstructured
• Questionnaires
• Observation
– Visits by appointment
– Participant observation
• Sampling
CIL Test Study material
16
SDLC
Analysis – Analyze Data
•
•
•
•
How the current system works
Determine system requirements
Basis for documentation
Tools
– Data flow diagram (DFD)
– Decision tables
CIL Test Study material
17
SDLC
Analysis – Data Flow Diagram
CIL Test Study material
18
SDLC
Analysis –Decision Tables
CIL Test Study material
19
SDLC
Analysis – System Requirements
• Detailed list of things the system must be
able to do
• Design is based upon system requirements
• Agreement upon requirements is needed
before proceeding
CIL Test Study material
20
SDLC
Analysis – Report to Management
•
•
•
•
•
Summarize problems
Describe requirements
Cost analysis
Recommendations for next step
Obtain authorization to proceed
CIL Test Study material
21
SDLC
Design
• Planning the new system
• Two phases
– Preliminary design
– Detail design
CIL Test Study material
22
SDLC
Preliminary Design
Major system aspects
•
•
•
•
Centralized or distributed
Online or batch
PC-based?
How will input be
captured?
• Necessary reports
CIL Test Study material
23
SDLC
Preliminary Design
• Make or buy decision
• Packaged software
– Meet at least 75% of requirements?
– Change business procedures for part or all of
remainder?
– Customize for part of all of remainder?
• Custom software
– Programmers write code
• Outsourcing
– System is developed by external organization
CIL Test Study material
24
SDLC
Preliminary Design
•
•
•
•
Create an overall plan
Offer alternatives that meet requirements
Explain differences
Evaluate costs
CIL Test Study material
25
SDLC
Preliminary Design
• Build a prototype
– Limited working system of subset
• Does not need true functionality
– Output looks like anticipated system output
• Working model that can be modified and
fine-tuned
– Uses high-level software tools – CASE
– Best for small-scale systems
CIL Test Study material
26
SDLC
Preliminary Design
CASE tools
Computer-Aided Software
Engineering
• Supports specific analysis and design tasks
• Integrated environment that supports the
entire systems development process
CIL Test Study material
27
SDLC
Preliminary Design
Presentation
•
•
•
•
All alternatives
Selected plan
Prototype of the system
Obtain authorization to proceed
CIL Test Study material
28
SDLC
Detail Design
Parts of detail design phase
•
•
•
•
•
Output requirements
Input requirements
Files and databases
Systems processing
Systems controls and backup
CIL Test Study material
29
SDLC
Detail Design
Output requirements
• Medium
• Type of reports
• Contents
CIL Test Study material
30
SDLC
Detail Design
CIL Test Study material
31
SDLC
Detail Design
Input requirements
•
•
•
•
•
Medium
Content
Input forms
Validation
Volume
CIL Test Study material
32
SDLC
Detail Design
Files and Databases
•
•
•
•
Organization
Access
Format of records
Coordinate with database administrator
regarding external databases and updating
CIL Test Study material
33
SDLC
Detail Design
Flowchart Symbols
CIL Test Study material
34
SDLC
Detail Design
CIL Test Study material
35
SDLC
Detail Design
Systems Controls and Backup
•
•
•
•
Insure that input is processed correctly
Prevent fraud and tampering
System journals
Backup of system files
CIL Test Study material
36
SDLC
Detail Design
Report to Management
• Detailed design specifications report
• Presentation
• Obtain authorization to proceed
CIL Test Study material
37
SDLC
Development
• Doing the work to bring the new system
into being
• Scheduling
CIL Test Study material
38
SDLC
Development
• Programming
– Refine the design
– Detailed logic flowcharts and pseudocode
• Testing
– Unit testing
– System testing
– Volume testing
CIL Test Study material
39
SDLC
Implementation
•
•
•
•
•
•
•
•
Converting to the new system
Training
Equipment conversion
File conversion
System conversion
Auditing
Evaluation
Maintenance
CIL Test Study material
40
SDLC
Implementation – Training
•
•
•
•
Begin during testing
User’s manual (Technical Writers)
Hands-on
Training consideration
–
–
–
–
Space
Equipment
Data
User’s schedules
CIL Test Study material
41
SDLC
Implementation – Conversion
• Equipment
– Planning
– Installation of new equipment
• File
– Manual to electronic
– Special programs to convert old format to new
CIL Test Study material
42
SDLC
Implementation – Conversion
• System
–
–
–
–
Direct conversion
Phased conversion
Pilot conversion
Parallel conversion
CIL Test Study material
43
SDLC
Implementation –Auditing
• Audit trail
• Trace output back to source
CIL Test Study material
44
SDLC
Implementation – Evaluation
•
•
•
•
•
Working
Meets original requirements
Benefits
Meets budget
Improvements
CIL Test Study material
45
SDLC
Implementation – Maintenance
Ongoing activity for life of system
CIL Test Study material
46
Creating DFDs
Define Entities
• External entities represent
persons, processes or machines
which produce data to be used
by the system or receive data
that is output by the system
• Examples: Student, Customer,
Client
Student
2.1
Define Processes
• Processes are discrete actions
that transform input data to
output data
• Examples: Create Student
Record, Calculate Purchase
Cost, Register Client
CIL Test Study material
Create
Student
Record
47
Creating DFDs (cont’d)
Define Data Stores
• Data stores are temporary or
permanent repositories of information
that are inputs to or outputs of
processes
• Examples: Student Master, Client
List
D3
Student
Master
Define Data Flows
• Data flows represent the transfer of
data over time from one “place”
(entity, process, data store) to another
• Examples: New Student Information
(from Student, to Student Master)
New Student
Information
(Templates are posted in l:\academic\90728\DFDSymbols.ppt)
CIL Test Study material
48
Creating DFDs (cont’d)
Define the System
• A system is the collection of all
business processes which perform
tasks or produce outputs we care
about. It is “what happens.”
• The system is a single process,
connected to external entities
• Represented in a “Context
Diagram”
(Figure 4.13,
Shelly,
Cashman and
Rosenblatt)
Define Subsystems
• A subsystem gives a more detailed
view individual processes
contained in the context diagram
• Includes data stores, more
elementary processes
CIL Test Study material
49
Where to Begin Creating DFDs
• Start with the data flow from an external entity and work
forwards
• Start with the data flow to an external entity and work
backwards
• Examine the data flows into or out of a data store
• Examine data flows, entity connections and data stores
associated with a particular process
• Note fuzzy, ill-defined areas of the system for further
clarification
CIL Test Study material
50
What to Avoid in DFDs
4
Processes with no outputs or
no inputs
Perform
Repair
Processes whose inputs are
obviously inadequate to yield
outputs
Connecting data stores directly
to each other
Class List
Students
Courses
Having data flows terminate at
data stores
Connecting entities to anything
other than processes
Payroll
Department
Employees
Making the data flow diagram too
cluttered (e.g.  9 processes)
Many processes with a single
input and output (linear flow)
1
2
3
Process
A
Process
B
Process
C
CIL Test Study material
51
CYBER LAWS
&
IT ACT 2000
CIL Test Study material
52
What is a cyber threat?
• From the information security perspective, a ‘threat ‘ is defined as the
potential to cause an unwanted incident in which an asset, system or
organisation may be harmed.
• ‘Cyber threat ‘ is a threat that percolates or infiltrates through the use of
computers , internet or interconnected communication devices and could
comprise of information stealth, cyber warfare, virus attacks, cyber
terrorism, hacking attempts , phising,sabotage, singly or in combination.
CIL Test Study material
53
TYPES OF CYBER CRIMES
Cyber crimes
Web jacking
Hacking
Information
Theft
E-mail
bombing
Salami
attacks
CIL Test Study material
Denial of
Service
attacks
Trojan
attacks
54
Information Technology Act, 2000
• Enacted on 17th May
2000- India is 12th
nation in the world to
adopt cyber laws
• IT Act is based on
Model law on ecommerce adopted by
UNCITRAL(un
COMMISSION ON
INTL.TRADE LAW)
CIL Test Study material
55
Objectives of the IT Act
To provide legal recognition for transactions:• Carried out by means of electronic data interchange, and other
means of electronic communication, commonly referred to as
"electronic commerce“
• To facilitate electronic filing of documents with Government
agencies and E-Payments
• To amend the Indian Penal Code, Indian Evidence Act,1872,
the Banker’s Books Evidence Act 1891,Reserve Bank of India
Act ,1934
CIL Test Study material
56
Important provisions of IT Act, 2000
•
Legal recognition to electronic records- Section 4 of
IT Act.
• Legal recognition of digital signatures- Section 5 of
IT Act, 2000
• Section 6- Use of electronic records and digital
signatures in Government and its agencies.
• Section 7- Retention of electronic records
1. Information should remain accessible for subsequent
reference
2. Retained in a format that ensures accuracy
3. Details of dispatch and receipt are available.
CIL Test Study material
57
Offences & Relevant Sections under IT Act
Tampering with CompuTer source documents
Hacking with Computer systems, Data alteration
Publishing obscene information
Un-authorized access to protected system
Breach of Confidentiality and Privacy
Publishing false digital signature certificates
CIL Test Study material
Sec.65
Sec.66
Sec.67
Sec.70
Sec.72
Sec.73
58
Data theft
According to the section 2 of Information Technology Act,
“Data” means a representation of information, knowledge, facts,
concepts or instruction which are being prepared or have been prepared
in a formalised manner, and is intended to be processed, is being
processed or has been processed in a computer system or computer
network, and may be in any form (including computer printouts magnetic
or optical storage media, punched cards, punched tapes) or stored
internally in the memory of the computer.
“Data Theft”- It is the term used when any information in the form of data
is illegally copied or taken from a business or other individual without his
knowledge or consent.
CIL Test Study material
59
Computer Related Crimes under IPC and
Special Laws
Sending threatening messages by email
Sec 503 IPC
Sending defamatory messages by email
Sec 499, 500 IPC
Forgery of electronic records
Sec 463, 470, 471 IPC
Bogus websites, cyber frauds
Sec 420 IPC
Email spoofing
Sec 416, 417, 463 IPC
Online sale of Drugs
NDPS Act
Web - Jacking
Sec. 383 IPC
Online sale of Arms
Arms Act
CIL Test Study material
60
Section 65: Source Code
• Most important asset of software companies
• “Computer Source Code" means the listing of
programmes, computer commands, design and layout
• Ingredients
– Knowledge or intention
– Concealment, destruction, alteration
– computer source code required to be kept or
maintained by law
• Punishment
– imprisonment up to three years and / or
– fine up to Rs. 2 lakh
CIL Test Study material
61
Section 66: Hacking
• Ingredients
– Intention or Knowledge to cause wrongful loss
or damage to the public or any person
– Destruction, deletion, alteration, diminishing
value or utility or injuriously affecting
information residing in a computer resource
• Punishment
– imprisonment up to three years, and / or
– fine up to Rs. 2 lakh
• Cognizable, Non Bailable,
Section 66 covers data theft aswell as data alteration
CIL Test Study material
62
E-GOVERNANCE
CIL Test Study material
63
e-Governance in India has steadily evolved from computerization of Government
Departments to initiatives that encapsulate the finer points of Governance, such as
citizen centricity, service orientation and transparency. Lessons from previous eGovernance initiatives have played an important role in shaping the progressive eGovernance strategy of the country. Due cognizance has been taken of the notion that to
speed up e-Governance implementation across the various arms of Government at
National, State, and Local levels, a programme approach needs to be adopted, guided
by common vision and strategy. This approach has the potential of enabling huge
savings in costs through sharing of core and support infrastructure, enabling
interoperability through standards, and of presenting a seamless view of Government to
citizens.
The National e-Governance Plan (NeGP), takes a holistic view of e-Governance
initiatives across the country, integrating them into a collective vision, a shared cause.
Around this idea, a massive countrywide infrastructure reaching down to the remotest
of villages is evolving, and large-scale digitization of records is taking place to enable
easy, reliable access over the internet. The ultimate objective is to bring public services
closer home to citizens, as articulated in the Vision Statement of NeGP.
CIL Test Study material
64
The Government approved the National e-Governance Plan (NeGP), comprising of
27 Mission Mode Projects (MMPs) and 8 components
NeGP comprises of 27 Mission Mode Projects (MMPs) encompassing 10 Central
MMPs, 10 State MMPs and 7 Integrated MMPs spanning multiple Ministries/
Departments. "Mission Mode" implies that the objective and the scope of the project
are clearly defined, that the project has measurable outcomes and service-levels, and
the project has well-defined milestones and timelines for implementation.
MMPs are owned and spearheaded by various Line Ministries concerned for
Central, State, and Integrated MMPs. The concerned Ministry/ Department is
entirely responsible for all decisions related to their MMPs. However, decisions
impacting NeGP as a whole are taken in consultation with DIT. Additionally,
wherever required by the concerned Ministries/ Departments, DIT provides
necessary support for project formulation and development.
Every State has the flexibility of identifying up to 5 additional State-specific MMPs
(relevant for economic development within the State). In cases where Central
Assistance is required, such inclusions are considered on the advice of the
concerned Line Ministries/ Departments.
CIL Test Study material
65
Central MMPs
•Banking
•Central Excise &
Customs
•Income Tax (IT)
•Insurance
•MCA21
•National Citizen Databa
se
•Passport
•Immigration, Visa and
Foreigners
Registration& Tracking
•Pension
•e-Office
State MMPs Integrated MMPs
•Agriculture
•Commercial
Taxes
•e−District
•Employment
Exchange
•Land
Records
•Municipalitie
s
•Gram
Panchayats
•Police
•Road Transp
ort
•Treasuries
CIL Test Study material
•CSC
•e-Biz
•e-Courts
•e-Procurement
•EDI For eTrade
•National e-governance
Service Delivery Gateway
•India Portal
66
E-procurements
Through effective deployment
of e-procurement technology, enterprises can:
• Reduce transaction costs
• Improve process efficiency
• Reduce or eliminate “maverick” buying
• Increase contract compliance
• Reduce cycle times
• Save inventory costs
• Reduce formation of cartels
CIL Test Study material
67
E-payments
Selection of Payment Method
Based
on:
Convenience
–Trace-ability
–Repudiation
–Financial risk
–Fraud protection
CIL Test Study material
68
Credit Cards/Debit Cards
• A very common method of payment
• Cards are issued by a bank
• Unique 16-digit number (including check
digits) and an expiration date
• Third party authorization companies verify
purchases
Net Banking
•Through password and secure authentication
CIL Test Study material
69
RTGS- Real Time Gross Settlement is a
high value transfer system, handling
funds worth Rs 100,000 and above, while
NEFT – National electronic Fund
Transfer transfers smaller amounts below
Rs 100,000.
CIL Test Study material
70
Related documents
corporate-and-personnel-ethics
corporate-and-personnel-ethics
Scribblers, Sculptors, and Scribes
Scribblers, Sculptors, and Scribes
Workshop
Workshop
Examiner's Programme for Tuesday (click to view)
Examiner's Programme for Tuesday (click to view)
3356-10-21 3356-10-21 Establishing, altering, or abolishing
3356-10-21 3356-10-21 Establishing, altering, or abolishing
Interview Guide for CIL Consumers
Interview Guide for CIL Consumers
James Renwick, Ashford BC CIL Presentation
James Renwick, Ashford BC CIL Presentation
Five Year Review of Previously Faculty Senate Approved Centers
Five Year Review of Previously Faculty Senate Approved Centers
CCN/DCN Seminar - Delivering CIL Efficiently in Two
CCN/DCN Seminar - Delivering CIL Efficiently in Two
Download
advertisement