Professional Documents
Culture Documents
Systems Analysis and Design in A Changing World 7th Edition Satzinger Solutions Manual 1
Systems Analysis and Design in A Changing World 7th Edition Satzinger Solutions Manual 1
Systems Analysis and Design in A Changing World 7th Edition Satzinger Solutions Manual 1
Review Questions
1. How does the objective of systems analysis differ from the objective of systems design?
The objective of systems analysis is to understand the needs and requirements, while the
objective of design is to figure out the solution to those needs and requirements. Analysis is to
understand the problem, design is to solve the problem. (and implementation is to build the
solution.)
2. What are the inputs to systems design? What are the outputs?
Inputs primarily are the requirements models. This includes domain model class diagram, use
case diagrams, use case descriptions, activity diagrams, system sequence diagrams, and state-
machine diagrams.
Outputs are the design models. This includes the design class diagram. Interaction diagrams,
design state-machine diagrams, package diagrams, deployment diagrams, and component
diagrams.
2. Design the application components – this is structural or architectural design to configure the
components, such as subsystems, that will be included in the final system.
3. Design the user interface – this consists of designing the user screens and reports for the new
system.
4. Design the database – this involves using the class diagram to design the database schema.
5. Design the software classes – this involves determining the classes and the methods within
each class to carry out each use case.
4. Why is the environment described while other key design elements such as the user interface
and database are designed?
Most new systems are developed to be integrated into an already existing computing
environment. Hence the task is to understand the existing environment that the new system
must fit into. This normally includes such things as DBMS, Operating Systems, Network,
programming standard languages, and existing hardware.
subsystems.
Smaller components such as tax calculation subroutine.
On a Web based system, a set of pages for example, a payment processing component, may be
considered an application component.
9. Why is the singular form of the term user interface usually a misnomer?
Because with today’s computing environment of desktop, laptop, tablet, smartphone and
multiple manufacturer’s (Apple, Windows) the user interface frequently needs to be built in
multiple versions to respond to all the environments.
10. Designing security and controls impacts the design of which other elements?
Security and controls must be considered in the design of every other element, from the
application design, user interface design, database design, and software design.
11. Compare and contrast integrity controls and security controls. Why isn’t there a separate
activity to design them?
Integrity controls have to do with the maintaining the integrity of the data as it is entered into
the system, processed and stored within the system and output from the system. Security
controls are more associated with the entire environment from primarily external threats that are
malicious. Designing integrity and security controls must be part of every other design activity
and hence is not considered a stand-alone design activity.
12. Explain four types of integrity controls for input forms. Which have you seen most
frequently? Why are they important?
• Value limit controls – check the value of input data to ensure that the data is reasonable.
• Completeness controls – this ensures that all the required data on an input form has been
entered
• Data validation controls – this ensures that values, such as code values are correct as far as
format and acceptable values
• Field combination controls – where cross field consistence checks can be performed this control
ensures that data fields are consistent with each other.
13. What are the two primary objectives of security controls?
• Maintain a stable, functioning operating environment
• Protest information during transmission
14. List and briefly describe the three elements of the fraud triangle. Over which element can a
system designer exercise the greatest control?
• Opportunity – having an environment that easily allows fraud to happen. Lack to controls
• Motivation – a personal need for the money.
Systems Analysis and Design in a Changing World, seventh edition 6-4
1. Discuss the technology architecture and deployment environment for information systems at
your work or school with a knowledgeable person. What are the key elements of the
environment? If you were to implement a new system for the organization, which of the
environmental elements could you change? Which could you choose to use or not use?
Answers will vary by student. Answers may include items about External systems and what interfaces
are required.
The technology architecture might address the items such as what DBMS’s are used (SQL Server,
Oracle, MySQL, etc.). What server systems are used (Apache or IIS)? What is the network
environment like? What other purchased software is already installed and that requires interface (such
as ERP systems), or even used (such as Crystal Reports)? What programming languages are used in-
house?
2. Pick a major online retailer (e.g., Amazon, Walmart, or Sears). Examine the default browser-
Systems Analysis and Design in a Changing World, seventh edition 6-5
based shopping interface from the following devices: a desktop computer with a large monitor, a
tablet computer, and a smartphone. How and why do content and layout vary across the devices?
Are there any device specific technologies employed in any of the interfaces, such as voice
recognition, multitouch gestures, and gaze (eye) detection? Is a shopping app available for any of
the devices? If so, how does the app’s user interface differ from browser-based shopping on the
same device?
Students should particularly look at navigation issues across the different platforms. How does the user
know what information is available on the page? How does the user find new information or navigate
to new pages?
3. This chapter described various situations that emphasize the need for controls. In the first
scenario presented, a furniture store sells merchandise on credit. Based on the descriptions of
controls given in this chapter, identify the various controls that should be implemented in the
furniture store system to ensure that corrections to customer balances are made only by someone
with the correct authorization.
In the second scenario illustrating the need for controls, an accounts payable clerk uses the
system to write checks to suppliers. Based on the information in this chapter, what kinds of
controls would you implement to ensure that checks are written only to valid suppliers, that
checks are written for the correct amount, and that all payouts have the required authorization?
How would you design the controls if different payment amounts required different levels of
authorization?
the system can then send all those payouts requiring additional approval will automatically be
sent.)
• Paper trails and audit trails must be associated with each payout. Scanned invoices and
documents can be attached to payments.
4. Examine the privacy policy (or privacy section of the user agreement) for a major online
service provider such as Gmail, eBay, or Facebook. What are the implications of the privacy
guarantees for controls and security? Briefly describe cost benefit trade-off of the guarantees.
Most online service provides indicate that they will maintain privacy information only for their own
use and for the use of their business partners.
Information security
We work hard to protect Google and our users from unauthorized access to or unauthorized alteration,
disclosure or destruction of information we hold. In particular:
• We offer you two step verification when you access your Google Account, and a Safe Browsing
feature in Google Chrome.
• We review our information collection, storage and processing practices, including physical
security measures, to guard against unauthorized access to systems.
• We restrict access to personal information to Google employees, contractors and agents who
need to know that information in order to process it for us, and who are subject to strict
contractual confidentiality obligations and may be disciplined or terminated if they fail to meet
these obligations.
Our Privacy Policy does not apply to services offered by other companies or individuals, including
products or sites that may be displayed to you in search results, sites that may include Google services,
or other sites linked from our services. Our Privacy Policy does not cover the information practices of
other companies and organizations who advertise our services, and who may use cookies, pixel tags
and other technologies to serve and offer relevant ads.
Systems Analysis and Design in a Changing World, seventh edition 6-7
Item four above leaves a lot of open issues with “employees, contractors, and agents who need to
know.” Personal privacy is shared with many other entities.
5. Look on the Web site you use to access your bank account(s). What kinds of security and
controls are integrated into the system?
Most bank sites will require a user id and a password. In addition, behind the scenes, the bank website
remembers the machine address (MAC code) of the user’s computer. If the user accesses the account
on a different computer, he/she will need to answer a set of personal and private predefined questions.
6. Examine the information system of a local business, such as a fast-food restaurant, doctor’s
office, video store, grocery store, etc. Evaluate the screens (and reports, if possible). What kinds
of integrity controls are in place? What kinds of improvements would you make?
7. Search the Web for information about Pretty Good Privacy. What is it? How does it work?
Find information about a passphrase. What does it mean? Start your research at http://
www.pgpi.org.
Answers will vary by student.
A better site to reference is http://www.openpgp.org/. Also PGP on Wikipedia is a good reference.
Here is a diagram how PGP works (from Wikipedia as noted below). As noted both asymmetric and
symmetric encryption are used together. The symmetric key is encrypted using the public key of the
receiving organization. The receiving organization then decrypts the symmetric key and uses it to
decrypt the data.
The receiving organization must ensure that its private key is super secret and super well protected. It
will often use a long passphrase to maintain its private key in an encrypted form within its own
systems.
Systems Analysis and Design in a Changing World, seventh edition 6-8
"PGP diagram" by xaedes & jfreax & Acdx - Licensed under CC BY-SA 3.0 via Wikimedia Commons -
http://commons.wikimedia.org/wiki/File:PGP_diagram.svg#mediaviewer/File:PGP_diagram.svg
Systems Analysis and Design in a Changing World, seventh edition 6-9
One of the problems with totally secure communication is that often communications must
occur between groups such as sheriff’s department, local police, state police, fire departments,
and possibly other emergency personnel. Consequently a law enforcement agency such as the
sheriff’s department may utilize both secure and open communication channels.
Radio and satellite transmission utilize standard frequencies, and this is difficult to make it
secure. However, there are digital and encrypted devices that can be purchased and utilized.
Data for these types of devices is can be encrypted for transmission. Laptop computers inside
police vehicles can be set up with digital certificates and SSL transmission. The data that is
transmitted is encrypted and secure. Again for radio communications eavesdropping can occur
when the officer has his radio communication transmitted on a loud open speaker. Officers
could be provided with earplug speakers for more secure conversations.
Systems Analysis and Design in a Changing World, seventh edition 6-10
Design application components: It appears that this is a stand-alone system. However, the
system may need to be divided into subsystems. Research to see if any components can be
purchased. Being a web-based system on multiple devices the client components need to be
carefully defined.
Design the user interface: The user interface will be one of the more difficult portions of this
system. Listing information can include text, images, and even possible videos. To be able to
have meaningful display of all three types on desktops, laptops, and mobile devices some care
will need to be given in designing the user interface. Tasks will include design sessions with
some users for each type of device. Perhaps even some trial prototypes will need to be built to
test the effectiveness of different screen layouts.
Design the database: Design of the database will require defining the tables based on the
classes and relationships in the data model. Also the various indexes and searching options
must be identified. Other tasks include defining the attribute characteristics and foreign keys.
Design the software classes and methods: As mentioned the application is a three-layer design
consisting of the database, the application logic, and the user interface. Design will follow the
normal design steps of specifying the code structure and the methods. Tasks will include
creating use case descriptions, sequence diagrams, and other application models.
The primary concern with security in this system is to protect the listing data as it resides on the
server. The server, the database, the applications must all be protected against hacking and
defacing. Output data is created for the general public so it is not private or confidential at that
point. Design tasks will be to integrate secure data input, update, and protection.
Systems Analysis and Design in a Changing World, seventh edition 6-11
1. For which subsystem(s) is(are) integrity and security controls most important? Why?
Integrity and security are most important for financial transactions and for personal information.
The Student Booking subsystem will contain personal information for the students, including
name, addresses, phone numbers, and email addresses. It may also collect payment information
such as credit card numbers and/or paypal account information. All of this information must be
protected.
The Accounting and Finance information will also contain sensitive financial information. It
will contain billing information to the resorts as well as payment information from the students.
2. What data should be encrypted during transmission through resort wireless networks to SBRU
systems? Does your answer change if students interact with SBRU systems using a cell phone
(directly, or as a cellular modem)?
All personal information should be encrypted when it is transmitted. This includes the
information the students enter when they reserve their hotels and accommodations. Also when
the reservation information is sent to the resorts, it should be encrypted because it also is
personal and private.
It would be a good idea to encrypt chat information at the hotels. However, the hotels may not
be as committed to security issues as SBRU.
Cell phones are usually not encrypted. Therefore, local wireless provided by cell phones is not
normally encrypted while it is wireless. Thus it is even more important that the data be
encrypted by the SBRU system and its local client software.
Systems Analysis and Design in a Changing World, seventh edition 6-12
2. What kind of access controls should be put in place? For the customer? (Notice the customer
has no financial transactions. Would you change your answer if the customer could also make
payments online?) For the truck driver? For Bill? Are the typical userID and password sufficient
for all three, or would you require more or less for each?
At a minimum userID and password should be required of all three users. Clients need them so
that other people do not use client accounts to send packages. (There may be other financial
considerations other than immediate payment.)
One of the problems with the drivers is that the devices are portable and always have a risk of
being lost or stolen. For safety purposes, it would be wise to have the device automatically log
off after a few minutes of non-use. (It is important to try to balance security with productivity.
Requiring logon for every transaction will cause inefficiency.)
If the customer also had an account, for example, and could print postage stamps as well as
labels, additional controls would be necessary. The client would need to protect access to the
system within his own organization. Additional access controls might be necessary such as
Systems Analysis and Design in a Changing World, seventh edition 6-13
Since Bill has access to all the financial records, access should be controlled much like to a
bank account with userId and password but also from recognizable computer addresses.
3. Research on the Web and find out what is required to purchase a digital certificate for a Web
site. Explain what Bill would have to do to implement a secure site with HTTPS. Do you
recommend that Bill secure his site with HTTPS and digital security? Why or why not?
There is open source software that can be used to implement a private digital certificate at no
cost. Web servers, including Apache and IIS, support HTTPS without any additional cost. They
just need to be configures to listen on the https port (443).
To implement a digital security that is recognized by one of the Certifying Authorities, Bill must
purchase it from a recognized CA. Depending on the specific CA and the type of certificate, the
cost usually varies from a hundred to two thousand dollars a year.
Digital Certificates also have an expiration date, so they should be kept current.
Digital Certificates are quite easy to implement with today’s software. Since On the Spot
allows customers to access its systems, it should implement https with recognized digital
certificates. This will become more important if some clients are allowed to pay online and/or
print postage online.
Systems Analysis and Design in a Changing World, seventh edition 6-14
It would appear that HIPAA regulations do apply to the RTGM system. The system maintains
personal health related information about the patient, hence it must comply. It also transmits
detailed monitoring results over public links and therefore should encrypt the data that is being
sent.
2. How should the system ensure data security during transmission between a patient’s mobile
device(s) and servers?
Since the data is being sent over telephone links, it is only as secure as cellular telephone
signals. Someone could possibly receive those transmissions by finding the correct frequency.
Therefore, the data itself should be encrypted before being sent. Hence Sandia will need to
provide, and patients will need to install encrypted SMS to receive their text message alerts.
Sending the glucose monitoring results should also be sent securely and encrypted.
3. Consider the data storage issues related to a patient’s mobile device and the possible
ramifications if the device is lost or stolen. What measures should be taken to protect the data
against unauthorized access?
This is an interesting problem. Most patients will not want to have to enter a password or a pin
every time they need to access their alert messages or to activate the transmission of monitoring
data. It is not clear how much responsibility rests on the patient (to keep his/her phone secure),
and how much responsibility rests on Sandia (to require a password or pin to activate). The data
itself could be encrypted on the smart phone, but of course, the application is able to decrypt it
to access it. Perhaps a middle ground might be to require a pin when the smartphone is turned
on, or once each day.
4. Consider the issues related to health care professionals accessing server data by using
workstations and mobile devices within a health care facility. How will the system meet its
duty to record and examine access to ePHI? If a health care professional uses a mobile device
outside a health care facility, what protections must be applied to the device and/or any data
stored within it or transmitted to it?
Requirements for health care professionals can be more stringent to access secure ePHI data.
Each health care person can be required to enter ID and password to access the data within the
facility on workstations or laptop computing devices. Mobile devices can also require a login
process in order for the professional to access the data. And the data should be encrypted when
it is transmitted. Something as simple as a 4 digit pin for mobile devices is not too burdensome,
yet still provides a level of security.
All access to the data should also be logged so that Sandia knows who has access and who has
accessed the data. The system will maintain login information for authorized users. (See
Systems Analysis and Design in a Changing World, seventh edition 6-15
5. Consider the issues related to wired and wireless data transmission between servers and
workstations within a health care facility. What security duties, if any, apply to transmissions
containing ePHI? Does your answer change if the servers are hosted by a third-party
provider?
Security of wired and wireless data transmission and hosted servers requires first that the
servers are hosted in a secure environment and second that all data, stored and transmitted be
encrypted. Encryption of local data is easier because the access program maintains the
encryption key. (Hence the program itself must be kept physically secure.) Transmitted data is
more complex because the encryption must be dynamic due to the remote nature of mobile
devices and distributed computers.
The solution will need to be the same whether the servers are hosted in house or with a third-
party provider. The physical facilities and access to the servers themselves must be in a HIPAA
secure facility.