Systems Analysis and Design in a Changing World, seventh edition 6-1

Systems Analysis and Design in a Changing

World 7th Edition Satzinger Solutions
Manual
Full download at link:

Solution Manual: https://testbankpack.com/

Test Bank: https://testbankpack.com/

Chapter 6 – Foundations for Systems Design

Solutions to End-of-Chapter Problems

Review Questions
1. How does the objective of systems analysis differ from the objective of systems design?
The objective of systems analysis is to understand the needs and requirements, while the
objective of design is to figure out the solution to those needs and requirements. Analysis is to
understand the problem, design is to solve the problem. (and implementation is to build the
solution.)

2. What are the inputs to systems design? What are the outputs?
Inputs primarily are the requirements models. This includes domain model class diagram, use
case diagrams, use case descriptions, activity diagrams, system sequence diagrams, and state-
machine diagrams.
Outputs are the design models. This includes the design class diagram. Interaction diagrams,
design state-machine diagrams, package diagrams, deployment diagrams, and component
diagrams.

3. List and briefly describe each design activity.

1. Describe the environment – to research and describe the configuration and existing hardware
and software of the current computing environment and of external systems requiring interfaces.
Systems Analysis and Design in a Changing World, seventh edition 6-2

2. Design the application components – this is structural or architectural design to configure the
components, such as subsystems, that will be included in the final system.
3. Design the user interface – this consists of designing the user screens and reports for the new
system.
4. Design the database – this involves using the class diagram to design the database schema.
5. Design the software classes – this involves determining the classes and the methods within
each class to carry out each use case.

4. Why is the environment described while other key design elements such as the user interface
and database are designed?
Most new systems are developed to be integrated into an already existing computing
environment. Hence the task is to understand the existing environment that the new system
must fit into. This normally includes such things as DBMS, Operating Systems, Network,
programming standard languages, and existing hardware.

5. What models are developed during each design activity?

1. Describe the environment – Network diagrams, Deployment Diagrams, Location diagrams
2. Design the application components – Component diagrams, Deployment diagrams, Package
diagrams..
3. Design the user interface – Story boards, screen and report mockups.
4. Design the database – database schema
5. Design the software classes – Interaction diagrams, design class diagrams, state-machine
diagrams
6. On a project that uses iterations to develop the system, in which iteration does systems design
begin? Explain why.
Some of the activities of systems design begin in the very first iteration. For example, describe
the environment needs to start at the beginning of the project. Also some configuration of the
application components may start in the first iteration – especially if build versus buy decisions
must be made.
7. What are the key elements of the environment described during design activities?
External Systems and Technology architecture,
The external systems may need to be specified with message formats, network addresses,
communication protocols, security methods, and error handling.
The technology architecture may involve the DBMS, web server software, firewalls, hardware,
system software, networks, and so forth.
8. List at least three examples of application components.
Various subsystems of a new system, such as billing, accounting, accounts receivable
Systems Analysis and Design in a Changing World, seventh edition 6-3

subsystems.
Smaller components such as tax calculation subroutine.
On a Web based system, a set of pages for example, a payment processing component, may be
considered an application component.

9. Why is the singular form of the term user interface usually a misnomer?
Because with today’s computing environment of desktop, laptop, tablet, smartphone and
multiple manufacturer’s (Apple, Windows) the user interface frequently needs to be built in
multiple versions to respond to all the environments.
10. Designing security and controls impacts the design of which other elements?
Security and controls must be considered in the design of every other element, from the
application design, user interface design, database design, and software design.
11. Compare and contrast integrity controls and security controls. Why isn’t there a separate
activity to design them?
Integrity controls have to do with the maintaining the integrity of the data as it is entered into
the system, processed and stored within the system and output from the system. Security
controls are more associated with the entire environment from primarily external threats that are
malicious. Designing integrity and security controls must be part of every other design activity
and hence is not considered a stand-alone design activity.

12. Explain four types of integrity controls for input forms. Which have you seen most
frequently? Why are they important?
• Value limit controls – check the value of input data to ensure that the data is reasonable.
• Completeness controls – this ensures that all the required data on an input form has been
entered
• Data validation controls – this ensures that values, such as code values are correct as far as
format and acceptable values
• Field combination controls – where cross field consistence checks can be performed this control
ensures that data fields are consistent with each other.
13. What are the two primary objectives of security controls?
• Maintain a stable, functioning operating environment
• Protest information during transmission
14. List and briefly describe the three elements of the fraud triangle. Over which element can a
system designer exercise the greatest control?
• Opportunity – having an environment that easily allows fraud to happen. Lack to controls
• Motivation – a personal need for the money.
Systems Analysis and Design in a Changing World, seventh edition 6-4

• Rationalization – an excuse for doing the fraud, or a thought to return it later.

Usually the system designers have most control over structuring the system and the environment so
that there is no opportunity, or it is at least not easy, to commit fraud.
15. Briefly define or describe authentication, access control lists, and authorization.
Authentication is the process to identify those persons or entities that want access to the system.
The basis for authentication is an access control list of everyone who is allowed access. Each
person on the access control list will also have, as an individual or part of a group, levels of
authorization or permission levels as to what portions of the data she/he has access to and what
actions he/she can perform on the data.
16. How does single-key (symmetric) encryption work? What are its strengths? What are its
weaknesses?
Singe key encryption uses the same key to encrypt the data and to decrypt the data. It is good
because it is fast and straightforward. Its weakness is the difficulty of transmitting the key to
remote locations. And if it is transmitted, it may be shared to non-authorized users. It’s best use
is for local encryption of data. It is often used for remote encryption with a new key used for
each session, and the new key is transmitted using asymmetric encryption.
17. What is the difference between HTTPS and HTTP?
HTTP is hypertext transfer protocol and sends unencrypted data over open lines. It is useful for
sending data that is available to the public. HTTPS is hypertext transfer protocol secure, and is
the method used to transmit secure data in an encrypted form. It is used to send personal or
sensitive data over the Internet.

Problems and Exercises

1. Discuss the technology architecture and deployment environment for information systems at
your work or school with a knowledgeable person. What are the key elements of the
environment? If you were to implement a new system for the organization, which of the
environmental elements could you change? Which could you choose to use or not use?

Answers will vary by student. Answers may include items about External systems and what interfaces
are required.

The technology architecture might address the items such as what DBMS’s are used (SQL Server,
Oracle, MySQL, etc.). What server systems are used (Apache or IIS)? What is the network
environment like? What other purchased software is already installed and that requires interface (such
as ERP systems), or even used (such as Crystal Reports)? What programming languages are used in-
house?

2. Pick a major online retailer (e.g., Amazon, Walmart, or Sears). Examine the default browser-
Systems Analysis and Design in a Changing World, seventh edition 6-5

based shopping interface from the following devices: a desktop computer with a large monitor, a
tablet computer, and a smartphone. How and why do content and layout vary across the devices?
Are there any device specific technologies employed in any of the interfaces, such as voice
recognition, multitouch gestures, and gaze (eye) detection? Is a shopping app available for any of
the devices? If so, how does the app’s user interface differ from browser-based shopping on the
same device?

Answers will vary by student.

Students should particularly look at navigation issues across the different platforms. How does the user
know what information is available on the page? How does the user find new information or navigate
to new pages?

3. This chapter described various situations that emphasize the need for controls. In the first
scenario presented, a furniture store sells merchandise on credit. Based on the descriptions of
controls given in this chapter, identify the various controls that should be implemented in the
furniture store system to ensure that corrections to customer balances are made only by someone
with the correct authorization.

Answers will vary by student. Some issues that might be included:

• Split responsibilities as much as possible. For example, one person takes the information for
the application for credit, and another person does that background and credit and history
verification.
• Be sure to have an audit trail of who, what, when on all payment transactions and any
corrections or adjustments.
• Design into the system so that access to credit authorization is given only to approved
personnel.

In the second scenario illustrating the need for controls, an accounts payable clerk uses the
system to write checks to suppliers. Based on the information in this chapter, what kinds of
controls would you implement to ensure that checks are written only to valid suppliers, that
checks are written for the correct amount, and that all payouts have the required authorization?
How would you design the controls if different payment amounts required different levels of
authorization?

Answers will vary by student:

• Split responsibilities. One department will approve suppliers and set up supplier accounts.
Another department will write payments to the supplier. All checks must be written only to
approved suppliers.
• Different people will have authorization to write checks for different levels of payout. Higher
levels will require double approval. The screens that accept payment, will have built in checks
to required input codes known only to those who have the correct level of payment. (It doesn’t
have to be done all on the same screen or at the same time. One person can enter the data, and
Systems Analysis and Design in a Changing World, seventh edition 6-6

the system can then send all those payouts requiring additional approval will automatically be
sent.)
• Paper trails and audit trails must be associated with each payout. Scanned invoices and
documents can be attached to payments.

4. Examine the privacy policy (or privacy section of the user agreement) for a major online
service provider such as Gmail, eBay, or Facebook. What are the implications of the privacy
guarantees for controls and security? Briefly describe cost benefit trade-off of the guarantees.

Answers will vary by student

Most online service provides indicate that they will maintain privacy information only for their own
use and for the use of their business partners.

Here is a sample from Google:

Information security
We work hard to protect Google and our users from unauthorized access to or unauthorized alteration,
disclosure or destruction of information we hold. In particular:

• We encrypt many of our services using SSL.

• We offer you two step verification when you access your Google Account, and a Safe Browsing
feature in Google Chrome.

• We review our information collection, storage and processing practices, including physical
security measures, to guard against unauthorized access to systems.

• We restrict access to personal information to Google employees, contractors and agents who
need to know that information in order to process it for us, and who are subject to strict
contractual confidentiality obligations and may be disciplined or terminated if they fail to meet
these obligations.

When this Privacy Policy applies

Our Privacy Policy applies to all of the services offered by Google Inc. and its affiliates, including
YouTube, and services offered on other sites (such as our advertising services), but excludes services
that have separate privacy policies that do not incorporate this Privacy Policy.

Our Privacy Policy does not apply to services offered by other companies or individuals, including
products or sites that may be displayed to you in search results, sites that may include Google services,
or other sites linked from our services. Our Privacy Policy does not cover the information practices of
other companies and organizations who advertise our services, and who may use cookies, pixel tags
and other technologies to serve and offer relevant ads.
Systems Analysis and Design in a Changing World, seventh edition 6-7

Item four above leaves a lot of open issues with “employees, contractors, and agents who need to
know.” Personal privacy is shared with many other entities.

5. Look on the Web site you use to access your bank account(s). What kinds of security and
controls are integrated into the system?

Answers will vary by student.

Most bank sites will require a user id and a password. In addition, behind the scenes, the bank website
remembers the machine address (MAC code) of the user’s computer. If the user accesses the account
on a different computer, he/she will need to answer a set of personal and private predefined questions.

6. Examine the information system of a local business, such as a fast-food restaurant, doctor’s
office, video store, grocery store, etc. Evaluate the screens (and reports, if possible). What kinds
of integrity controls are in place? What kinds of improvements would you make?

Answers will vary by student and by business.

7. Search the Web for information about Pretty Good Privacy. What is it? How does it work?
Find information about a passphrase. What does it mean? Start your research at http://
www.pgpi.org.
Answers will vary by student.
A better site to reference is http://www.openpgp.org/. Also PGP on Wikipedia is a good reference.
Here is a diagram how PGP works (from Wikipedia as noted below). As noted both asymmetric and
symmetric encryption are used together. The symmetric key is encrypted using the public key of the
receiving organization. The receiving organization then decrypts the symmetric key and uses it to
decrypt the data.
The receiving organization must ensure that its private key is super secret and super well protected. It
will often use a long passphrase to maintain its private key in an encrypted form within its own
systems.
Systems Analysis and Design in a Changing World, seventh edition 6-8

"PGP diagram" by xaedes & jfreax & Acdx - Licensed under CC BY-SA 3.0 via Wikimedia Commons -
http://commons.wikimedia.org/wiki/File:PGP_diagram.svg#mediaviewer/File:PGP_diagram.svg
Systems Analysis and Design in a Changing World, seventh edition 6-9

Solutions to End-of-Chapter Cases

Case Study: County Sheriff Mobile System for Communications (CSMSC)

Law enforcement agencies thrive on information. In previous eras, it was sufficient to receive
information through the police dispatch radio. Today, much more than voice based information is
required. Officers often need to check vehicle registrations, personal identities, outstanding
warrants, mug shots, maps, and the locations of other officers.
One major difficulty with meeting this need for more information is figuring out how to
transmit the data to remote and mobile locations. Local police agencies are sometimes able to
restrict their transmission needs to within the city limits. However, county sheriffs and state
troopers often have to travel to remote locations that aren’t within a metropolitan area’s
boundaries.
Suppose a rural county sheriff’s department has received a grant to upgrade its existing
voice-only communication system. Among other requirements, the grant specifies that all
communications must be protected against eavesdropping and unintended information
disclosure.
Your assignment: Recommend specific controls to be applied to radio, cellular, and
satellite transmissions. How will you ensure that only sheriffs and other authorized users can use
the system?
Answers will vary by student. The objective of this assignment is to get students thinking about
issues. Some students may research the Internet and discover what is actually reasonable.

One of the problems with totally secure communication is that often communications must
occur between groups such as sheriff’s department, local police, state police, fire departments,
and possibly other emergency personnel. Consequently a law enforcement agency such as the
sheriff’s department may utilize both secure and open communication channels.

Cellular transmission tends to be fairly secure simply because it is one-to-one communications.

The voice communication is not of itself encrypted, so it can potentially be monitored.
However, each phone connection has a unique configuration which changes each time and
consequently is difficult to eavesdrop. (Most eavesdropping occurs on either end when other
people overhear the conversation.)

Radio and satellite transmission utilize standard frequencies, and this is difficult to make it
secure. However, there are digital and encrypted devices that can be purchased and utilized.
Data for these types of devices is can be encrypted for transmission. Laptop computers inside
police vehicles can be set up with digital certificates and SSL transmission. The data that is
transmitted is encrypted and secure. Again for radio communications eavesdropping can occur
when the officer has his radio communication transmitted on a loud open speaker. Officers
could be provided with earplug speakers for more secure conversations.
Systems Analysis and Design in a Changing World, seventh edition 6-10

Running Cases: Community Board of Realtors

The Community Board of Realtors’ Multiple Listing Service (MLS) will be a Web-based
application with extensions to allow wireless interaction between the agents and their customers
using cell phones, tablets, and other portable devices. Review the functional and nonfunctional
requirements you have developed for previous chapters. Then, for each of the five design
activities discussed in this chapter, list some specific tasks required for describing the
environment and designing application components, user interfaces, the database, and software
methods. How will you integrate the design of integrity and security controls into those tasks?
You may want to refer back to the Tradeshow System discussed in Chapter 1 for some design
specifics.

Describe the environment: The environment is basically a client/server architecture. As

indicated above the client hardware environment is all types of portable devices. In the home
office, the application software will run under a Web server. The tasks required will be to
define more precisely the needs for the portable devices. Also describe the client/server
technology including web server, hardware, and the DBMS to be used. Research to see if any
interfaces into external systems are required.

Design application components: It appears that this is a stand-alone system. However, the
system may need to be divided into subsystems. Research to see if any components can be
purchased. Being a web-based system on multiple devices the client components need to be
carefully defined.

Design the user interface: The user interface will be one of the more difficult portions of this
system. Listing information can include text, images, and even possible videos. To be able to
have meaningful display of all three types on desktops, laptops, and mobile devices some care
will need to be given in designing the user interface. Tasks will include design sessions with
some users for each type of device. Perhaps even some trial prototypes will need to be built to
test the effectiveness of different screen layouts.

Design the database: Design of the database will require defining the tables based on the
classes and relationships in the data model. Also the various indexes and searching options
must be identified. Other tasks include defining the attribute characteristics and foreign keys.

Design the software classes and methods: As mentioned the application is a three-layer design
consisting of the database, the application logic, and the user interface. Design will follow the
normal design steps of specifying the code structure and the methods. Tasks will include
creating use case descriptions, sequence diagrams, and other application models.

The primary concern with security in this system is to protect the listing data as it resides on the
server. The server, the database, the applications must all be protected against hacking and
defacing. Output data is created for the general public so it is not private or confidential at that
point. Design tasks will be to integrate secure data input, update, and protection.
Systems Analysis and Design in a Changing World, seventh edition 6-11

Running Cases: The Spring Breaks 'R' Us Travel Service

The SBRU information system includes four subsystems: Resort relations, Student booking,
Accounting and finance, and Social networking. The first three are purely Web applications, so
access to those occurs through an Internet connection to a Web server at the SBRU home office.
However, the Social networking subsystem has built-in chat capabilities. It relies on Internet
access, as students compare notes before they book their travel reservations and as they chat
while traveling. To function properly, the system obviously requires a wireless network at each
resort. SBRU isn’t responsible for installing or maintaining the resort wireless network; they only
plan to provide some design specifications and guidelines to each resort. The resort will be
responsible for connecting to the Internet and for providing a secure wireless environment for the
students.

1. For which subsystem(s) is(are) integrity and security controls most important? Why?

Integrity and security are most important for financial transactions and for personal information.
The Student Booking subsystem will contain personal information for the students, including
name, addresses, phone numbers, and email addresses. It may also collect payment information
such as credit card numbers and/or paypal account information. All of this information must be
protected.

The Accounting and Finance information will also contain sensitive financial information. It
will contain billing information to the resorts as well as payment information from the students.

2. What data should be encrypted during transmission through resort wireless networks to SBRU
systems? Does your answer change if students interact with SBRU systems using a cell phone
(directly, or as a cellular modem)?

All personal information should be encrypted when it is transmitted. This includes the
information the students enter when they reserve their hotels and accommodations. Also when
the reservation information is sent to the resorts, it should be encrypted because it also is
personal and private.
It would be a good idea to encrypt chat information at the hotels. However, the hotels may not
be as committed to security issues as SBRU.
Cell phones are usually not encrypted. Therefore, local wireless provided by cell phones is not
normally encrypted while it is wireless. Thus it is even more important that the data be
encrypted by the SBRU system and its local client software.
Systems Analysis and Design in a Changing World, seventh edition 6-12

Running Cases: On the Spot Courier Services

(See the case in the textbook for the description.)
1. What kind of fraud is possible in this scenario? By the customer? By the truck driver? By
collaboration between system users? What steps should Bill take to minimize the opportunity for
fraud?
Answers will vary.
Fraud is always possible by the person accepting money, namely the truck driver. One way to
commit fraud is to overcharge the customer, or to actually put less postage on the package and
keep the difference between the charge for the package and the amount the customer pays. This
could easily happen for large customers that have many packages.
Fraud is more difficult for customers to commit by themselves since they do not have control
over the money or the weight. However, a customer (like a clerk) could collaborate with a
driver to overcharge for the packages and split the overcharge. A driver, either by himself, or in
collaboration with a clerk could also ship phantom packages. In essence charge the customer
for packages that never existed.
Fraud prevention can be done with several techniques:
1. Always provide receipts to the customer. Provide a receipt at time of pickup. Also provide a
list of packages, and charges on a periodic list sent to the client. Encourage customers to check
the list. And to check their payments against the recorded payment amounts.
2. Give all packages a tracking number. Track the package throughout its progress. (Avoids,
phantom packages.)
3. Rotate the delivery routes so drivers do not become too familiar with clerks at the customer
location.

2. What kind of access controls should be put in place? For the customer? (Notice the customer
has no financial transactions. Would you change your answer if the customer could also make
payments online?) For the truck driver? For Bill? Are the typical userID and password sufficient
for all three, or would you require more or less for each?

At a minimum userID and password should be required of all three users. Clients need them so
that other people do not use client accounts to send packages. (There may be other financial
considerations other than immediate payment.)

One of the problems with the drivers is that the devices are portable and always have a risk of
being lost or stolen. For safety purposes, it would be wise to have the device automatically log
off after a few minutes of non-use. (It is important to try to balance security with productivity.
Requiring logon for every transaction will cause inefficiency.)

If the customer also had an account, for example, and could print postage stamps as well as
labels, additional controls would be necessary. The client would need to protect access to the
system within his own organization. Additional access controls might be necessary such as
Systems Analysis and Design in a Changing World, seventh edition 6-13

limiting access to specified or recognizable computers.

Since Bill has access to all the financial records, access should be controlled much like to a
bank account with userId and password but also from recognizable computer addresses.

3. Research on the Web and find out what is required to purchase a digital certificate for a Web
site. Explain what Bill would have to do to implement a secure site with HTTPS. Do you
recommend that Bill secure his site with HTTPS and digital security? Why or why not?
There is open source software that can be used to implement a private digital certificate at no
cost. Web servers, including Apache and IIS, support HTTPS without any additional cost. They
just need to be configures to listen on the https port (443).
To implement a digital security that is recognized by one of the Certifying Authorities, Bill must
purchase it from a recognized CA. Depending on the specific CA and the type of certificate, the
cost usually varies from a hundred to two thousand dollars a year.
Digital Certificates also have an expiration date, so they should be kept current.
Digital Certificates are quite easy to implement with today’s software. Since On the Spot
allows customers to access its systems, it should implement https with recognized digital
certificates. This will become more important if some clients are allowed to pay online and/or
print postage online.
Systems Analysis and Design in a Changing World, seventh edition 6-14

Running Cases: Sandia Medical Devices

Answer these questions in light of HIPPA requirements:
1. Does HIPAA apply to the RTGM system? Why or why not?

It would appear that HIPAA regulations do apply to the RTGM system. The system maintains
personal health related information about the patient, hence it must comply. It also transmits
detailed monitoring results over public links and therefore should encrypt the data that is being
sent.

2. How should the system ensure data security during transmission between a patient’s mobile
device(s) and servers?

Since the data is being sent over telephone links, it is only as secure as cellular telephone
signals. Someone could possibly receive those transmissions by finding the correct frequency.
Therefore, the data itself should be encrypted before being sent. Hence Sandia will need to
provide, and patients will need to install encrypted SMS to receive their text message alerts.
Sending the glucose monitoring results should also be sent securely and encrypted.

3. Consider the data storage issues related to a patient’s mobile device and the possible
ramifications if the device is lost or stolen. What measures should be taken to protect the data
against unauthorized access?

This is an interesting problem. Most patients will not want to have to enter a password or a pin
every time they need to access their alert messages or to activate the transmission of monitoring
data. It is not clear how much responsibility rests on the patient (to keep his/her phone secure),
and how much responsibility rests on Sandia (to require a password or pin to activate). The data
itself could be encrypted on the smart phone, but of course, the application is able to decrypt it
to access it. Perhaps a middle ground might be to require a pin when the smartphone is turned
on, or once each day.

4. Consider the issues related to health care professionals accessing server data by using
workstations and mobile devices within a health care facility. How will the system meet its
duty to record and examine access to ePHI? If a health care professional uses a mobile device
outside a health care facility, what protections must be applied to the device and/or any data
stored within it or transmitted to it?

Requirements for health care professionals can be more stringent to access secure ePHI data.
Each health care person can be required to enter ID and password to access the data within the
facility on workstations or laptop computing devices. Mobile devices can also require a login
process in order for the professional to access the data. And the data should be encrypted when
it is transmitted. Something as simple as a 4 digit pin for mobile devices is not too burdensome,
yet still provides a level of security.

All access to the data should also be logged so that Sandia knows who has access and who has
accessed the data. The system will maintain login information for authorized users. (See
Systems Analysis and Design in a Changing World, seventh edition 6-15

Chapter 12 for more details.)

5. Consider the issues related to wired and wireless data transmission between servers and
workstations within a health care facility. What security duties, if any, apply to transmissions
containing ePHI? Does your answer change if the servers are hosted by a third-party
provider?

Security of wired and wireless data transmission and hosted servers requires first that the
servers are hosted in a secure environment and second that all data, stored and transmitted be
encrypted. Encryption of local data is easier because the access program maintains the
encryption key. (Hence the program itself must be kept physically secure.) Transmitted data is
more complex because the encryption must be dynamic due to the remote nature of mobile
devices and distributed computers.

The solution will need to be the same whether the servers are hosted in house or with a third-
party provider. The physical facilities and access to the servers themselves must be in a HIPAA
secure facility.