2010年10月23日星期六

1. Overview of system interface (do not require much human interaction)

2. Design of system inputs:

a) Identifying devices and mechanisms used to enter input

b) Identify all system inputs and develop list of data content with each other. (ensure all data inputs are identified and specified correctly)
i. Identify automation boundary
ii. Examine structure charts

OO model: system sequence diagrams identify each incoming message.

3. Design system outputs:

a) Types of reports: printed reports, electronic displays and turnaround documents.

b) Types of outputs reports: detailed, summary, exception, executive/dashboard

4. Design integrity control

a) Ensure that only appropriate and correct business transactions occur.

Ensure that transactions are recorded and processed correctly.

b) Input integrity control
i. used with all input mechanisms
ii. addition level of verification to help reduce input errors
iii. common control techniques: filed combination control, value limit control, completeness control, data validation control

c) database integrity control
i. access control
ii. data encryption
iii. transaction control
iv. update control
v. backup and recovery protection

d) Output integrity control
Ensure output arrives at proper destination and is correct accurate, complete and current.
Destination control: output is channeled to correct people.
Completeness, accuracy and correctness control.
Appropriate information presents on output.

5. Designing of security control (protect assets of organization from all threats )

a) Access to systems: control access to any resource managed by OS or network. (unauthorized user, registered user, privileged user)
b) Data security
c) Secure transactions

6. Tree-tier applications
a) Presentation tier: the user interface
b) Business tier: class that handle the data
c) Data tier: retrieving and storing the data in a database.

没有评论:

发表评论