SA Chapter 11

1,793 views
1,673 views

Published on

SA Chapter 11

Published in: Education, Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,793
On SlideShare
0
From Embeds
0
Number of Embeds
21
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SA Chapter 11

  1. 1. Phase 3: Systems Design – Application Architecture บทที่ 11
  2. 2. เนื้อหาที่จะเรียนครั้งนี้ : <ul><li>ปัจจัยที่มีส่วนเกี่ยวข้องกับการกำหนด สถาปัตยกรรมของระบบงาน </li></ul><ul><li>วิธีการประมวลผล </li></ul><ul><li>ฟังก์ชั่นในการประมวลผล </li></ul><ul><li>การสำรองและการกู้คืน </li></ul><ul><li>การรักษาความปลอดภัย </li></ul>
  3. 3. <ul><li>มีแนวคิดในการทำ Enterprise Resource Planning (ERP) หรือไม่ บริษัทในกลุ่มเครือข่ายธุรกิจร่วมกำหนด architecture มาตรฐานของข้อมูล ขั้นตอนการประมวลผล เครือข่าย hardware และ software platform เพื่อให้ระบบสามารถเชื่อมต่อกันได้ </li></ul><ul><li>ค่าใช้จ่ายและงบประมาณ ต่างๆ </li></ul><ul><li>ความสามารถของระบบในการขยาย (extensibility) เพื่อรองรับการ เปลี่ยนแปลง </li></ul>ปัจจัยที่มีส่วนเกี่ยวข้องกับการกำหนดสถาปัตยกรรมของระบบงาน
  4. 4. <ul><li>Legacy interface requirements มี การเชื่อมต่อกับระบบเก่าหรือไม่ถ้ามีก็ต้องมีการเตรียมการในเรื่อง การ convert ข้อมูล การเชื่อมต่อของระบบ </li></ul><ul><li>จะจัดทำเป็น web application หรือไม่ </li></ul><ul><li>Processing Options e.g. 24 hours operation </li></ul><ul><li>Security Level </li></ul>ปัจจัยที่มีส่วนเกี่ยวข้องกับการกำหนดสถาปัตยกรรมของระบบงาน
  5. 5. <ul><li>Data Storage </li></ul><ul><li>Processing methods </li></ul><ul><li>Computer systems & OS </li></ul><ul><li>Programming Language </li></ul><ul><li>Hardware </li></ul><ul><li>Network </li></ul>นักวิเคราะห์ระบบต้องกำหนด รายละเอียดเกี่ยวกับ : สถาปัตยกรรมของระบบ
  6. 6. <ul><li>Magnetic disk: Floppy disk, Hard disk </li></ul><ul><li>Optical disks: CD-ROM, DVDs </li></ul><ul><li>Magnetic tape: Inexpensive, older secondary-storage medium </li></ul>Data Storage :
  7. 7. <ul><li>Batch processing </li></ul><ul><li>Transactions accumulated and stored until processing </li></ul><ul><li>On-line processing </li></ul><ul><li>Transactions are entered directly into computer and processed immediately </li></ul>Processing methods:
  8. 8. A Comparison of Batch and On-line Processing
  9. 9. <ul><li>Mainframes: Largest computer, massive memory, rapid processing power </li></ul><ul><li>Midrange computers: Less powerful, less expensive, and smaller than a mainframe </li></ul><ul><li>Server: Provides software and other resources to computers over a network </li></ul>Computer systems :
  10. 10. <ul><li>Minicomputers: Middle-range computer, used in universities, factories, or research laboratories </li></ul><ul><li>Server Farm: Large group of servers maintained by a commercial vendor, available for electronic commerce and other activities </li></ul>
  11. 11. <ul><li>Personal Computer (PC): Small desktop or portable computer </li></ul><ul><li>Workstation: Desktop computer with powerful graphics and mathematical capabilities </li></ul><ul><li>Supercomputer: Highly sophisticated and powerful, performs complex computations </li></ul>
  12. 12. Type of processing : <ul><li>Distributed processing: Distribution of processing work among multiple computers </li></ul><ul><li>Centralized processing: Accomplished by one large central computer </li></ul><ul><li>Client/server computing: Splits processing between “clients” and “servers” on network </li></ul>
  13. 13. Client/Server Computing
  14. 14. Types of Client/Server Computing
  15. 15. The Major Types of Software OS :
  16. 16. <ul><li>Windows </li></ul><ul><li>UNIX </li></ul><ul><li>Linux </li></ul>PC Operating Systems
  17. 17. <ul><li>Object-oriented programming </li></ul><ul><li>Approach to software development that combines data and procedures into a single object </li></ul><ul><li>Visual programming </li></ul><ul><li>Construction of software programs by selecting and arranging programming objects </li></ul>Language :
  18. 18. <ul><li>Programming language </li></ul><ul><li>Delivers the software functionality needed for a particular task </li></ul><ul><li>Runs on any computer and operating system </li></ul>Java
  19. 19. <ul><li>Hypertext Markup Language (HTML): </li></ul><ul><li>Page description language, creates Web pages and other hypermedia documents </li></ul><ul><li>XML (eXtensible Markup Language): </li></ul><ul><li>General-purpose language, supports links to multiple documents, used for both Web and non-Web applications </li></ul>
  20. 20. <ul><li>Capacity planning: </li></ul><ul><li> Process of predicting the computing power </li></ul><ul><li>Scalability: </li></ul><ul><li> Ability of a computer, product, or system to expand and to serve without breaking down </li></ul>Hardware :
  21. 21. <ul><li>Cost : </li></ul><ul><ul><li>Designates the total cost of owning technology resources includes initial purchase costs, cost of hardware and software upgrades, maintenance, technical support, and training </li></ul></ul>
  22. 22. <ul><li>On-Line storage service providers </li></ul><ul><ul><li>Third-party provider </li></ul></ul><ul><ul><li>Rent out storage space to subscribers over the Web </li></ul></ul><ul><ul><li>Allow customers to store and access data </li></ul></ul><ul><li>Buy </li></ul><ul><li>Rent </li></ul>
  23. 23. <ul><li>What technologies are used in telecommunications systems? </li></ul><ul><li>What telecommunications transmission media should our organization use? </li></ul><ul><li>How should our organization design its networks </li></ul><ul><li>What alternative network services are available to our organization? </li></ul>Network :
  24. 24. COMPONENTS AND FUNCTIONS OF A TELECOMMUNICATIONS SYSTEM Components of a Telecommunications System
  25. 25. <ul><li>Wireless transmission: Microwave, Satellites, Paging systems, Cellular telephones, Personal communication Services, Personal Digital Assistants, Mobile data networks </li></ul><ul><li>Transmission: Baud, bandwidth </li></ul>Communications Channels
  26. 26. <ul><li>Star Network: All computers and other devices are connected to a central host computer </li></ul><ul><li>Bus Network: Links a number of computers by a single circuit </li></ul><ul><li>Ring Network: All computers are linked by a closed loop </li></ul>Network Topologies
  27. 27. A Star Network Topology COMMUNICATIONS NETWORKS
  28. 28. A Bus Network Topology COMMUNICATIONS NETWORKS
  29. 29. A Ring Network Topology COMMUNICATIONS NETWORKS
  30. 30. COMMUNICATIONS NETWORKS A Local Area Network (LAN)
  31. 31. <ul><li>Value-Added Networks (VANs) </li></ul><ul><li>Private, multipath, data-only, third-party-managed network </li></ul><ul><li>Other Network Services </li></ul><ul><li>Packet switching, Frame Relay, Asynchronous transfer mode (ATM) </li></ul><ul><li>Integrated Services Digital Network (ISDN), Digital subscriber line (DSL), Cable modems, T1 line, Broadband </li></ul>Network Services and Broadband Technologies
  32. 32. <ul><li>องค์กรแห่งหนึ่งจะซื้อเครื่อง PC จำนวนหนึ่งเพื่อนำมาใช้บันทึกข้อมูลลูกค้า พนักงานพิมพ์ข้อมูล </li></ul><ul><li>ได้ในอัตราการพิมพ์เฉลี่ย 2 ,400 ตัวอักษรต่อชั่วโมง เวลาทำงานปกติคือ 5 วันต่อสัปดาห์ และ </li></ul><ul><li>6 ชั่วโมงต่อ วัน จำนวนข้อมูลที่ต้องบันทึกได้แก่ </li></ul><ul><li>ประเภทของข้อมูล จำนวนรายการ (records) ความยาว ( ตัวอักษร ) </li></ul><ul><li>ที่ต้องการพิมพ์ต่อสัปดาห์ (record length) </li></ul><ul><li>รายการขาย 1,000 80 </li></ul><ul><li>ประวัติลูกค้า 500 70 </li></ul><ul><li>รายการสินค้าคงคลัง 1 ,500 100 </li></ul><ul><li>ถ้าหน่วยงานนี้ต้องการประมาณจำนวนข้อมูลที่ต้องพิมพ์เกินไว้อีก 15 % เขาจะต้องซื้อเครื่อง PC กี่เครื่อง จึงจะรองรับปริมาณงานที่คาดไว้ได้ </li></ul><ul><li>ถ้าค่าแรงของพนักงานพิมพ์ข้อมูลเท่ากับ 30 บาทต่อชั่วโมง ค่าใช้จ่ายในการพิมพ์ข้อมูลดังกล่าวต่อสัปดาห์จะเป็นเท่าใด ( ไม่คิดค่าใช้จ่ายของอุปกรณ์ ) </li></ul>
  33. 33. 1 วัน พิมพ์ได้ 2400 * 6 = 14400 ตัวอักษร 1 สัปดาห์พิมพ์ได้ 14400 * 5 = 72000 ตัวอักษร 1 สัปดาห์ต้องพิมพ์งาน = 265000 ตัวอักษร เผื่อข้อมูลที่ต้องพิมพ์อีก 15 % = 39750 ตัวอักษร งานที่ต้องพิมพ์ = 304750 ต้องซื้อเครื่อง PC = 304750 / 72000 = 4.23 = 5 ค่าใช้จ่ายในการพิมพ์ ต่อสัปดาห์ = 30 บาท * 6 ชั่วโมง * 5 วัน * 5 เครื่อง = 4500 บาท
  34. 34. <ul><li>file retention – generations </li></ul><ul><li>( eg. grand parent, parent, child) </li></ul>การสำรองและการกู้คืน (backup and recovery)
  35. 35. Management of Security and User Support System Security, Threat Control Legal issues
  36. 36. <ul><li>Why are information systems so vulnerable to destruction, error, abuse, and system quality problems? </li></ul><ul><li>What types of controls are available for information systems? </li></ul><ul><li>What special measures must be taken to ensure the reliability, availability and security of electronic commerce and digital business processes? </li></ul>INFORMATION SYSTEMS SECURITY AND CONTROL
  37. 37. <ul><li>Advances in telecommunications and computer software </li></ul><ul><li>Unauthorized access, abuse, or fraud ( cheat) </li></ul><ul><li>Hackers </li></ul><ul><li>Service attack </li></ul><ul><li>Computer virus </li></ul>ความไม่มั่นคงและการใช้ระบบในทางไม่ถูกต้อง ( SYSTEM VULNERABILITY AND ABUSE) Why Systems are Vulnerable ?
  38. 38. SYSTEM VULNERABILITY AND ABUSE Telecommunication Network Vulnerabilities
  39. 39. <ul><li>Disaster </li></ul><ul><li>Destroys computer hardware, programs, data files, and other equipment </li></ul><ul><li>Security </li></ul><ul><li>Prevents unauthorized access, alteration, theft, or physical damage </li></ul><ul><li>Errors </li></ul><ul><li>Cause computers to disrupt or destroy organization’s record-keeping and operations </li></ul>SYSTEM VULNERABILITY AND ABUSE Concerns for System Builders and Users
  40. 40. <ul><li>Bugs </li></ul><ul><li>Program code defects or errors </li></ul><ul><li>Maintenance Nightmare </li></ul><ul><li>Maintenance costs high due to organizational change, software complexity, and faulty system analysis and design </li></ul>SYSTEM VULNERABILITY AND ABUSE System Quality Problems: Software and Data <ul><li>Data Quality Problems </li></ul><ul><li>Caused due to errors during data input or faulty information system and database design </li></ul>
  41. 41. Threats to System Security <ul><li>Accidents </li></ul><ul><li>Natural Disaster </li></ul><ul><li>Sabotage การก่อวินาศกรรม </li></ul><ul><li>Vandalism การทำลาย ( อย่างป่าเถื่อน ) </li></ul><ul><li>Theft </li></ul><ul><li>Unauthorised Use </li></ul><ul><li>Computer Viruses </li></ul>
  42. 42. Accidents and Incompetence <ul><li>Loss through user error </li></ul><ul><ul><li>Transposition, spelling </li></ul></ul><ul><li>Lack of user skill </li></ul><ul><ul><li>Not understanding an operation </li></ul></ul><ul><li>Ignoring procedures </li></ul><ul><ul><li>Lack of interest or boredom </li></ul></ul><ul><ul><li>Not enough time </li></ul></ul>
  43. 43. Natural Disasters, Sabotage and Blackmail <ul><li>Flood, Fire and Earthquake </li></ul><ul><li>Bomb </li></ul><ul><ul><li>Terrorist or political protest </li></ul></ul><ul><li>Logic bomb </li></ul><ul><li>Externally planned attacks </li></ul><ul><ul><li>e-mail and internet threats </li></ul></ul>
  44. 44. Vandalism <ul><li>Intentional damage of equipment </li></ul><ul><li>Casual damage through carelessness </li></ul>
  45. 45. Theft and Unauthorised Use <ul><li>Stealing hardware </li></ul><ul><ul><li>RAM raiding </li></ul></ul><ul><li>Stealing software </li></ul><ul><ul><li>Copying applications </li></ul></ul><ul><li>Stealing information </li></ul><ul><ul><li>Copying mailing lists to disk </li></ul></ul><ul><li>Accessing restricted data </li></ul><ul><ul><li>Reading and sending personal info. </li></ul></ul>
  46. 46. Viruses <ul><li>Executable </li></ul><ul><li>Embedded in files </li></ul><ul><li>Self-replicating </li></ul><ul><li>Self-propagating </li></ul><ul><li>Mail viruses </li></ul>
  47. 47. Managing the Threats <ul><li>Controlling Access to the system </li></ul><ul><li>Maintaining integrity of information </li></ul><ul><li>Ensuring physical security of equipment </li></ul><ul><li>Implementing security policy </li></ul>
  48. 48. Types of Control (1) <ul><li>Physical </li></ul><ul><ul><li>Locks, chains, barriers </li></ul></ul><ul><li>Biometric </li></ul><ul><ul><li>Voice recognition, fingerprint </li></ul></ul><ul><li>Communication </li></ul><ul><ul><li>Passwords and personal information </li></ul></ul>
  49. 49. Types of Control (2) <ul><li>Failure </li></ul><ul><ul><li>Backup and recovery procedures </li></ul></ul><ul><li>Audits </li></ul><ul><ul><li>Inventories of hardware and logs of user activity </li></ul></ul><ul><li>Legal </li></ul><ul><ul><li>Computer Misuse and Data Protection Acts </li></ul></ul>
  50. 50. <ul><li>Controls </li></ul><ul><li>Methods, policies, and procedures </li></ul><ul><li>Ensures protection of organization’s assets </li></ul><ul><li>Ensures accuracy and reliability of records, and operational adherence to management standards </li></ul>CREATING A CONTROL ENVIRONMENT
  51. 51. <ul><li>High-availability computing: Tools and technologies enabling system to recover from a crash </li></ul><ul><li>Disaster recovery plan: Runs business in event of computer outage </li></ul><ul><li>Load balancing: Distributes large number of requests for access among multiple servers </li></ul>CREATING A CONTROL ENVIRONMENT Protecting the Digital Firm
  52. 52. <ul><li>Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption </li></ul><ul><li>Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing </li></ul>CREATING A CONTROL ENVIRONMENT Protecting the Digital Firm
  53. 53. <ul><li>Firewalls </li></ul><ul><li>Prevent unauthorized users from accessing private networks </li></ul><ul><li>Intrusion Detection System </li></ul><ul><li>Monitors vulnerable points in network to detect and deter unauthorized intruders </li></ul>CREATING A CONTROL ENVIRONMENT Internet Security Challenges
  54. 54. CREATING A CONTROL ENVIRONMENT Internet Security Challenges
  55. 55. <ul><li>Encryption: Coding and scrambling of messages to prevent their access without authorization </li></ul><ul><li>Authentication: Ability of each party in a transaction to ascertain identity of other party </li></ul><ul><li>Message integrity: Ability to ascertain that transmitted message has not been copied or altered </li></ul>CREATING A CONTROL ENVIRONMENT Security and Electronic Commerce
  56. 56. <ul><li>Digital signature: Digital code attached to electronically transmitted message to uniquely identify contents and sender </li></ul><ul><li>Digital certificate: Attachment to electronic message to verify the sender and to provide receiver with means to encode reply </li></ul>CREATING A CONTROL ENVIRONMENT Security and Electronic Commerce
  57. 57. Encryption Methods <ul><li>Public key infrastructure (PKI): A scheme for securing e-payments using public key encryption and various technical components </li></ul>
  58. 58. Public key infrastructure (PKI)
  59. 59. Encryption Methods (cont.) <ul><li>Private and public key encryption </li></ul><ul><ul><li>Encryption: The process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it </li></ul></ul>
  60. 60. Encryption Methods (cont.) <ul><ul><li>Plaintext: An unencrypted message in human-readable form </li></ul></ul><ul><ul><li>Ciphertext: A plaintext message after it has been encrypted into a machine-readable form </li></ul></ul><ul><ul><li>Encryption algorithm: The mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa </li></ul></ul>
  61. 61. Encryption Methods (cont.) <ul><li>Symmetric (private) key system </li></ul><ul><ul><li>Key: The secret code used to encrypt and decrypt a message </li></ul></ul><ul><ul><li>Symmetric (private) key system: An encryption system that uses the same key to encrypt and decrypt the message </li></ul></ul>
  62. 62. Encryption Methods (cont.) <ul><ul><li>Data Encryption Standard (DES): The standard symmetric encryption algorithm supported the NIST and used by U.S. government agencies until October 2, 2000 </li></ul></ul><ul><ul><li>Rijndael: The new Advanced Encryption Standard used to secure U.S. government communications since October 2, 2000 </li></ul></ul>
  63. 63. Encryption Methods (cont.)
  64. 64. Elements of PKI <ul><li>Digital signature: An identifying code that can be used to authenticate the identity of the sender of a document </li></ul><ul><ul><li>Portable </li></ul></ul><ul><ul><li>Cannot be easily repudiated or imitated, and can be time-stamped </li></ul></ul>
  65. 65. Elements of PKI (cont.)
  66. 66. Elements of PKI (cont.) <ul><li>Digital signatures include: </li></ul><ul><ul><li>Hash: A mathematical computation that is applied to a message, using a private key, to encrypt the message </li></ul></ul><ul><ul><li>Message digest: A summary of a message, converted into a string of digits, after the hash has been applied </li></ul></ul><ul><ul><li>Digital envelope: The combination of the encrypted original message and the digital signature, using the recipient’s public key </li></ul></ul>
  67. 67. Digital Signature
  68. 68. Elements of PKI (cont.) <ul><li>Digital certificate: Verification that the holder of a public or private key is who they claim to be </li></ul><ul><li>Certificate authorities (CAs): Third parties that issue digital certificates </li></ul>
  69. 69. Security Protocols <ul><li>Secure Socket Layer (SSL): Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality </li></ul><ul><li>Transport Layer Security (TLS): As of 1996, another name for the SSL protocol </li></ul>
  70. 70. Secure Socket Layer (SSL)
  71. 71. Security Protocols (cont.) <ul><li>Secure Electronic Transaction (SET): A protocol designed to provide secure online credit card transactions for both consumers and merchants; developed jointly by Netscape, Visa, MasterCard, and others </li></ul>
  72. 72. Secure Electronic Transaction (SET) <ul><li>The customer obtains a credit card account with a bank that supports electronic payment and SET </li></ul><ul><li>The customer receives an X.509v3 digital certificate signed by the bank. </li></ul><ul><li>Merchants have their own certificates </li></ul><ul><li>The customer places an order </li></ul><ul><li>The merchant sends a copy of its certificate so that the customer can verify that it's a valid store </li></ul><ul><li>The order and payment are sent </li></ul><ul><li>The merchant requests payment authorization </li></ul><ul><li>The merchant confirms the order </li></ul><ul><li>The merchant ships the goods or provides the service to the customer </li></ul><ul><li>The merchant requests payment </li></ul>

×