Slide1 l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 63

Management Information Systems: Solving Business Problems with Information Technology Part One: Business Operations Chapter Four: Security, Privacy, and PowerPoint PPT Presentation


  • 134 Views
  • Uploaded on
  • Presentation posted in: General

Management Information Systems: Solving Business Problems with Information Technology Part One: Business Operations Chapter Four: Security, Privacy, and Anonymity Prof. Gerald V. Post Prof. David L. Anderson. The Growth of Electronic Commerce. Business-to-Business

Download Presentation

Management Information Systems: Solving Business Problems with Information Technology Part One: Business Operations Chapter Four: Security, Privacy, and

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

Management

Information

Systems:

Solving Business

Problems with

Information Technology

Part One:

Business Operations

Chapter Four:

Security, Privacy, and

Anonymity

Prof. Gerald V. Post

Prof. David L. Anderson


The growth of electronic commerce l.jpg

The Growth of Electronic Commerce

  • Business-to-Business

    • Includes up and down stream transactions that can enhance channel coordination and customer relationships

  • Business-to-Consumer

    • Encompasses all interaction between the customer and the organization

  • Open Marketspace

    • Connects business, partner, and consumer


Web based commerce model l.jpg

Web-Based Commerce Model

Manufacturer/

Supplier

Customers

Direct

Marketspace

Business-to-Business

Business-to-Consumer

Intermediary


Operating effectively in the business to consumer boundary l.jpg

Operating Effectively in the Business-to-Consumer Boundary

  • Leverage Firm’s Logistical System

  • Price and Manage Online Transactions

  • Optimize Communication to Key Consumer Markets

  • Achieve Excellence through Service


Develop business partnerships l.jpg

Develop Business Partnerships

  • Establish Business-to-Business Relationships to Sell Competitively to Customers

  • Strengthen the Value Chain

  • Provide Value through Communication

  • Optimize Business-to-Business Service


Virtual interconnectivity l.jpg

Virtual Interconnectivity

  • Sell in a Virtual World

  • Stay Real or Become Virtual

  • Communicate with a Community

  • Provide Value-Add Services in the Marketspace


Opportunities and threats of end run strategies l.jpg

Opportunities and Threats of End-Run Strategies

  • Odd Person Out

  • Establish Place in Value Chain

  • Compare Information in a Virtual World

  • Optimize the Service Offering Across Partner Organizations


Managerial issues for security l.jpg

Managerial Issues for Security

  • Technical

  • Societal

  • Economic

  • Legal

  • Behavioral

  • Organizational/Managerial


Managerial issues for security9 l.jpg

Managerial Issues for Security

  • Technical

    • How will Security be Implemented?

    • What protocols will be the standards of future electronic commerce?

    • What are the future technologies used to “wire” people and households?


Managerial issues for security10 l.jpg

Managerial Issues for Security

  • Societal

    • How will the privacy of individuals be protected?

    • How will consumer data be used?

    • Will consumer data be misused?

    • How do user perceptions of issues reflect reality?


Managerial issues for security11 l.jpg

Managerial Issues for Security

  • Economic

    • How will electronic and physical markets differ?

    • Will economic theories succeed as instantaneous access to information emerges?

    • What will be the price of information?


Managerial issues for security12 l.jpg

Managerial Issues for Security

  • Legal

    • Should governments continue to subsidize the internet?

    • How will real world laws apply to the legality of virtual sites?

    • Who is liable for information accuracy?


Managerial issues for security13 l.jpg

Managerial Issues for Security

  • Behavioral

    • How satisfied will users be with virtual experiences compared to those in the real world?

    • How will a sense of community and social needs be represented through E-Commerce?

    • What are the characteristics of early adopters of E-Commerce?


Managerial issues for security14 l.jpg

Managerial Issues for Security

  • Organizational/Managerial

    • What are the differences between managing an E-commerce business and a more traditional one?

    • How will the organization of the firm change as E-commerce becomes more prevalent?

    • What products lend themselves to success with E-Commerce?


Managerial issues for security15 l.jpg

Managerial Issues for Security

  • Technical

  • Societal

  • Economic

  • Legal

  • Behavioral

  • Organizational/Managerial


Strategic security leverage paradigm l.jpg

Strategic SecurityLeverage Paradigm

Change

the

Game

Change

the

Game

Competitive

Position

Competitive

Position

Nature of Conflict;

Terms of

Competition

Strategic

Leverage

Objectives

Strategies

Tactics


Systems development lifecycle l.jpg

Systems DevelopmentLifecycle

Obsolete Solution

Problem to be Solved

Planning

New, Related Problem or Requirement

Analysis

Support

New implementation Alternative or Requirement

Implementation

Error (bug)

Problem

Understanding

and

Solution

Requirements

Implemented

Solution

Design

Implementation

Acceptable

Solution

Statement


Systems planning elements l.jpg

Systems Planning Elements

  • People

    • Users, Management, Information Specialists

  • Data

    • How it is captured, used, and stored

  • Activities

    • Automated and Manual

    • Business and Information Applications

  • Networks

    • Where data is stored and processed

    • How data is exchanged between different locations

  • Technology

    • hardware and software used


Electronic commerce building block l.jpg

Electronic CommerceBuilding Block

Systems

Owners

Systems

Users

Systems

Designers

Systems

Builders


Differentiation versus cost leadership l.jpg

Differentiation versus Cost Leadership

T1

Cost

Differentiated

Player

Sustainable

Premium

Technology

Curve

Cost

Leader

Minimum or

Market-Required

Quality

Quality


Is cost leadership sustainable l.jpg

Is Cost Leadership Sustainable?

T1

T2

Cost

Differentiated

Player

Sustainable

Premium

New

Technology

Curve

Old

Technology

Curve

Cost

Leader

Minimum or

Market-Required

Quality

Quality


Industry company relationships l.jpg

Industry/Company Relationships

Industry

Structure &

Competitive

Position

Freedom

of

Maneuver

Long-term

Objectives,

Strategic

Direction

Detailed

Strategies

and Tactics


Break even point l.jpg

Break-Even Point

Total Revenue

Revenue

and

Costs

Profit

Profit

Total Costs

Fixed

Costs

Fixed Costs

Sales

Break-Even Volume


Decision trees l.jpg

Decision Trees

Probability

Decision

Point


Efforts to categorize the unknown l.jpg

Efforts to Categorizethe Unknown

Uncertainty

Complexity

Instability


Variables l.jpg

Variables

Cost

Time

Risk


Barriers to information security sources l.jpg

Barriers to Information Security Sources

  • Economies of Scale

  • Economies of Scope

  • Product Differentiation

  • Capital Requirements

  • Cost Disadvantages

    • Independent of Size

  • Distribution Channel Access

  • Government Policy


Four generic approaches l.jpg

Four Generic Approaches

Lose

Win

Win/Win

Win/Lose or

Cooperative Equilibrium

Win

Lose

Win/Lose or

Cooperative

Equilibrium

Lose/Lose


Lose lose l.jpg

Structure Defines the Industry War

Lose/Lose

  • Total Industry Profits are Very Low, Zero, or Negative

  • Industry Revenues are Declining, or, at best, steady

  • Product Technology is at or past its peak


Win win l.jpg

Win/Win

  • Total Industry Revenues and Profits are Growing Rapidly

  • Numerous Players of All Sizes

  • Products and Services are not Standardized


Win lose l.jpg

Win/Lose

  • Total Industry Revenues and/or Profits are Constant or are Growing very Slowly

  • Significant Economies of Scale in Production, Distribution, and/or Promotion

  • Number of Firms Participating in the Industry is Limited and Stable

  • Individual Participants have, or can obtain, Information Regarding the Relative Positions of the Players


Structure defines the terms of competition l.jpg

Structure Defines the Terms of Competition

  • Wasting Resources

    • generic advertising rather than focusing on specific market segments

  • Precipitating Unwanted Warfare

    • Causing a full-scale price war when only brand repositioning was necessary

  • Failing to Anticipate and Adapt to Changes

    • Following historical patterns

    • Underspending on Advertising


Structure defines maneuver l.jpg

Structure Defines Maneuver

  • Standard or Dominant Product Emerges

  • Distribution Channels Limit Firm’s Ability to Determine which Channels to Select

  • Target and Market Niches Become More Difficult to Defend

  • Substitutes Limit Price Increases which Requires Increase in Advertising Expenditure


Two levels of planning l.jpg

Two Levels of Planning

  • Systems Planning

    • Gives Managers, Users, and Information Systems Personnel Projects

    • Establishes what should be done

    • Sets a budget for the total cost of these projects

  • Systems Project Planning

    • Setting a plan for the development of each specific systems project


Systems professional skills l.jpg

Systems Professional Skills

  • Systems Planning

    • Form project team after proposed systems project is cleared for development

  • Systems Analysis

    • Business Systems Analysts knowledgeable in business

  • General Systems Design

    • Business Systems Analysts

  • Systems Evaluation and Selection

    • Business Systems Analysts

  • Detailed Systems Design

    • Wide Range of Systems and Technical Designers

  • Systems Implementation

    • Systems analysts, programmers, and special technicians


Effective leadership style l.jpg

Effective Leadership Style

  • Autocratic Style

    • Crisis-Style Management

    • Used to Correct Major Problem, such as Schedule Slippage

  • Democratic Style

    • Team-oriented Leadership

    • Gives each team member the freedom to achieve goals which he/she helped set

  • Laissez-Faire Style

    • Highly-motivated, Highly-Skilled Team Members

    • People who work best alone


Project management skills l.jpg

Project Management Skills

  • Planning

    • States what should be done

    • Estimates how long it will take

    • Estimates what it will cost

  • Leading

    • Adapts to dynamics of enterprise and deals with setbacks

    • Guides and induces people to perform at maximum abilities

  • Controlling

    • Monitors Progress Reports and Documented Deliverables

    • Compares Plans with Actuals

  • Organizing

    • Staffs a Systems Project Team

    • Brings together users, managers, and team members


Case frameworks l.jpg

CASE/Frameworks

  • Computer-Aided Systems and Software Engineering

  • Increase Productivity of Systems Professionals

  • Improve the Quality of Systems Produced

  • Improve Software Maintenance Issue


Case frameworks39 l.jpg

CASE/Frameworks

  • Includes:

    • workstations

    • central repository

    • numerous modeling tools

    • project management

    • Systems Development Life Cycle Support

    • Prototyping Applications

    • Software Design Features


Central repository for models l.jpg

Central Repository for Models

  • Models Derived from Modeling Tools

  • Project Management Elements

  • Documented Deliverables

  • Screen Prototypes and Report Designs

  • Software Code from Automatic Code Generator

  • Module and Object Libraries of Reusable Code

  • Reverse Engineering, Reengineering, and Restructuring Features


Software maintenance l.jpg

Software Maintenance

  • Reverse Engineering

    • Extract original design from spaghetti-like, undocumented code to make maintenance change request

    • Abstract meaningful design specifications that can be used by maintenance programmers to perform maintenance tasks

  • Reengineering

    • Examination and changing of a system to reconstitute it in form and functionality

    • Reimplementation

  • Restructuring

    • Restructures code into standard control constructs

      • sequence, selection, repetition


Data design l.jpg

Data Design

  • Define all the entities to be dealt with and the relationships between them

  • Transform the conceptual design into logical design wherein all the views are combined and all the resulting data elements are defined and the data structure is syntactically and semantically determined

  • Normalize this logical design for mathematically minimized redundancy and maximized integrity

  • Transform this logical design to a physical design where the underlying RDBMS, hardware, and use patterns are taken into account

  • Develop the SQL DDL code specific to each RDBMS vendor’s product is generated


Business rules for data l.jpg

Business Rules For Data

  • Basic selection of what data elements are of interest, what are their characteristics (data type and acceptable range - also called syntactic structure)

  • How they are related to, or dependent on, each other in a business sense (key, foreign key and referential constraint rule - also called the semantic structure)

  • Data Integrity Rules


Advantages of data analysis l.jpg

Advantages of Data Analysis

  • “slice and dice” dynamic query support

  • standard high-level access language (SQL)

  • minimum data redundancy

  • self-protecting data integrity

    • no insert, delete and update anomalies


Relational model l.jpg

Relational Model

  • The Relational Model for data design is the foundation of the relational database and the industry that produces the “engines” that run them.

  • It puts data design (and data modeling) on a formal, mathematical footing.


Relationship types l.jpg

Relationship Types

a). One-to-one (1:1): means that an occurrence if one OT uniquely determines an occurrence of other OT - and vice-versa

b). One-to-many (1:n): means that an occurrence of one OT determines an occurrence of the other OT - but not vice-versa

c). Many-to-many (n:m):means that an occurrence of one OT can be related to many occurrences of other OT - and vice-versa


Data rationalization l.jpg

Data Rationalization

  • Identification of data synonyms and homonyms across multiple and disparate data sources and the creation of a map that points back to their original sources.


Data access gateway l.jpg

Data Access Gateway

  • sits between end users (usually in PC networks) and a legacy database

  • accepts data read requests (expressed as SQL statements)

  • converts the requests to legacy access method instructions

  • provides the resulting data to the users

  • data flow is one-way read-only.


Structured data analysis l.jpg

Structured Data Analysis

  • the functions or activities which are to be handled by the system

  • the external entities which interact with the system

  • the logical data stores, and

  • the data flows among all the the above

  • Data flow diagrams (DFD) are used to diagrammatically describe the elements.


Entity relationship diagrams erds l.jpg

Entity Relationship Diagrams (ERDs)

  • A method of documenting and visualizing a conceptual data model.


Normalization l.jpg

Normalization

  • The process based on the business rules for data

    • a set of data elements (attributes) are arranged in a mathematically minimum set of tables (relations), within which all the attributes are dependent on a primary key attribute (the key).


Normalization model l.jpg

Normalization Model

  • The SA/Normalization method is based on the use of decomposition rules, which enable one to decompose tables/relations.

    • Database design starts with flat tables/relations, each of which is created out of a data stores in the DFDs and then decomposed into the normal form relations. No conceptual schema of the enterprise is created to express the semantics of its information structure.

  • The SA/IA method is based on the use of grouping rules which map simple relationships in the binary-relationship data model onto normal form relationships.

    • The relational model and the normalization method have been criticized for being too detailed to use at the initial design stage, and for lacking a semantic structure for making unambiguous choices in modeling the enterprise.

    • The IA method incorporates a semantic model of the enterprise which captures its essential semantic features from which the normal form relations are derived.


Conversion into normalized record types l.jpg

Conversion into Normalized Record Types

  • For every data flow which either enters or emanates from a data store (in the leaf level DFDs), the integral data elements are identified

  • For every data store, a list of the data elements which are entering and emanating are drawn up

  • The dependencies among all the data elements are analyzed, and the normalization rules are applied in steps so that at every step a given relation is split into more “simple” relations

    • Every relation has a key which consists of one or more data elements

    • Every non-key data element functionally depends on that entire key and not on part of it

    • No non-key data element depends on any other non-key data element in the relation (there are no transitive dependencies)


Conversion into normalized record types54 l.jpg

Conversion into Normalized Record Types

Enter exams dates & rooms

List of Exams details

D1

Exams File

Details of Exams

Details of Exams

for lecturer

for students

Notify Lectures

Notify Students


De normalization l.jpg

De-Normalization

  • The process of selectively

    • combining two or more normalized tables into one, or

    • decomposing one normalized table into two or more


Part description for model for general motors l.jpg

Part Description for Modelfor General Motors

“Part #123 that is supplied by GM was assembled on bus 456 on May 28, 1996” is decomposed into the following elementary sentences:

a). A part... is supplied by a manufacturer...

b). A part... was assembled on a bus...

c). The assembly [part*bus] was performed on a date...


Part distribution model for general motors l.jpg

Part Distribution Modelfor General Motors

Part (p#)

Manufacturer (name)

Supplier of

Supplied of


Relationship types58 l.jpg

Relationship Types

a). One-to-one (1:1): means that an occurrence if one OT uniquely determines an occurrence of other OT - and vice-versa

b). One-to-many (1:n): means that an occurrence of one OT determines an occurrence of the other OT - but not vice-versa

c). Many-to-many (n:m):means that an occurrence of one OT can be related to many occurrences of other OT - and vice-versa


Gm parts assembly distribution model l.jpg

GM Parts Assembly Distribution Model

Bus

(License #)

Manu-facturer (name)

Part (p#)

Supplier

Date (Calc. date)

Date of Assembly


Data warehouse l.jpg

Data Warehouse

  • An intermediate, read-only store (usually based in a purchased RDBMS product) and the programs that manage it.

  • Contains recent and summarized data extracted from across some or all of the legacy data systems

  • Presents a subject-based view


Functional dependency l.jpg

Functional Dependency

  • Mathematical term for the key relationship (using rational terminology) between data elements. A data element (attribute) that is functionally dependent on another data element (the key) will always exist in a relation (table) such that a unique value for the key will always “determine” or “locate” or “define a unique value of” the dependent.


Metadata l.jpg

Metadata

  • Data about data that is generally extracted from an existing system or created for a new system and stored in a design repository for developers to use in maintaining or extending the system during its lifecycle

  • Metadata refers to the table, attribute, and key definitions contained in the catalog of a relational database. It can also mean the business rules for data designed for a new design, or the business rules for data thought to be enforced in a legacy system (semantic data structure, sometimes called meta-data, or meta2 data).

  • The actual syntactic and semantic data structure (not just what the documentation might say), including a complete synonym and homonym map, plus the business rules for data that are actually being enforced in the legacy system.


Slide63 l.jpg

Graduate School of

Business Administration

Loyola University


  • Login