Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Programming

PROS

advertisement 
What is System Design?
• In System design, we use the requirements we
developed in system analysis to create a
blueprint of the future system
• Successful design builds on what we have
learned in analysis and transforms that
knowledge into a working system.
• Design is still planning as the system need not
be developed during this phase.
Design Strategies
• Custom development (build from scratch)
• Purchase and customize
• Outsource development
Custom Development
• PROS
– Allows flexibility and
creativity
– Builds technical skills and
functional knowledge inhouse
– Best ‘fit’
• CONS
– Requires significant time and
effort
– May exacerbate existing
backlogs
– May require missing skills
– Often costs more
– Often takes more time
– Risk of project failure
Packaged Software
• Include small single-function tools
• All-encompassing enterprise resource planning (ERP)
systems
• Rarely a perfect fit with business needs
• May allow for customization
– Manipulation of system parameters
– Changing way features work
– Synchronizing with other application interfaces
Outsourcing
• Hiring an external vendor, developer, or
service provider
• May reduce costs or add value
• Risks include possibly
–
–
–
–
Losing confidential information
Losing control over future development
Losing control over future cost structure
Losing learning opportunities
Outsourcing Contracts
• There are Three types:
• Time and Arrangement:
– Pay for what is needed to get job done. Flexible but risk of
large bill at the end.
• Fixed-price
– Certainty regarding payment but very little flexibility in
delivering IS support. ‘You get what you ask for.’
• Value-added
– Outsourcer shares in benefits gained from the system.
Selecting a Design Strategy
• Consider each of the following:
– Business need
– In-house experience
– Project skills
– Project management
– Time frame
Key Definitions
• The architecture design consists of plans for the
hardware, software, communications, security ,
and global support for the new application
• The designers must decide if processing will occur
in the server (server-based), at the personal
computer (client-based), or in some combination
of these (client-server based).
Key Definitions
• The network model shows major components
of the system, where they are located and
how they will be connected to one another.
• The hardware and software specifications
describe these components in detail and aid
those responsible for purchase and acquisition
of these products.
Architectures
• Server based
• Client based
• Client-server based
– thick versus thin client
– cloud computing
Server-Based Computing
(and, essentially, Thin-Client Computing)
Client-Based Computing
Client-Server-Based Computing
Client-Server Attributes
• Typical Pros
– Compatible with webbased system design
– Scaleable
– Work with multiple
vendors/products
– No central point of
failure
• Typical Cons/Limits
– Complexity
– New programming
languages and
techniques (stress for
personnel)
– More complex to update
Identifying Threats to the System
• A threat is any potential adverse occurrence that can
do harm to the application or its data
• Threats come from internal as well as external
sources
• Categories of threats
– Disruptions, destruction and disaster
• Viruses fall into this category
– Unauthorized access
Most Common Threats
Creating Controls
• A control is something that mitigates or stops
a threat
• Controls include
– redundancy
– fault tolerant servers
– disaster recovery plans
– anti-virus software
Additional Controls Include
• A security policy
• ‘Social Engineering’
• Passwords and encryption
– What you have
– What you know
– What you are
• Firewalls
– wired, wireless controls
Current Threats
• Malware Delivery
– Software Updates
– Banner Ads (‘malvertising’)
– Downloadable documents
– Man-in-the-middle
– Keyloggers
The threat of open WiFi
• ‘Sidejacking’
– packet sniffers intercept traffic between two html
parties and steal the session cookie
– Firesheep is an application that supports this as an
extension of the Firefox browser
• requires Firefox browser use
• cannot read https sessions
Related documents
A. Explain the nature of marketing plans. B. Explain the role of
A. Explain the nature of marketing plans. B. Explain the role of
Client-Server
Client-Server
Business Plan Scope Sheet - Cleveland Clinic Academy
Business Plan Scope Sheet - Cleveland Clinic Academy
Physical Architecture Layer Design
Physical Architecture Layer Design
How Cities Work - Urban Systems Collaborative
How Cities Work - Urban Systems Collaborative
SWOT-Analysis-Worksheet
SWOT-Analysis-Worksheet
Risk Analysis - Information Systems and Internet Security
Risk Analysis - Information Systems and Internet Security
The concept of Human Security
The concept of Human Security
MGMT 490 Firm Strategic Analysis 2007
MGMT 490 Firm Strategic Analysis 2007
TESTIMONY OF GENERAL CHARLES WALD, USAF (Ret.) Member, Military Advisory Board
TESTIMONY OF GENERAL CHARLES WALD, USAF (Ret.) Member, Military Advisory Board
A study of Object-Oriented Information Security Management Model 物件導向資訊保安管理模型的研究
A study of Object-Oriented Information Security Management Model 物件導向資訊保安管理模型的研究
10 Threat modeling
10 Threat modeling
06 Threat analysis
06 Threat analysis
Chapter 5
Chapter 5
Using risk heat map approach as a tool to
Using risk heat map approach as a tool to
Defence Committee
Defence Committee
FORCE PROTECTION FOR GLOBAL AEROSPACE PRESENCE
FORCE PROTECTION FOR GLOBAL AEROSPACE PRESENCE
Document13727087 13727087
Document13727087 13727087
TDDC03 Projects, Spring 2006
TDDC03 Projects, Spring 2006
Threat-Removal Strategies for Mark A. hot
Threat-Removal Strategies for Mark A. hot
Toward a Framework for Conducting Ecoregional Threats Assessments
Toward a Framework for Conducting Ecoregional Threats Assessments
RETHINKING ASYMMETRIC THREATS Stephen J. Blank September 2003
RETHINKING ASYMMETRIC THREATS Stephen J. Blank September 2003
Download
advertisement