Management Information Systems: Solving Business Problems with Information Technology Part One: Business Operations Chapter Four: Security, Privacy, and - PowerPoint PPT Presentation

Slide1 l.jpg
1 / 63

  • Uploaded on
  • Presentation posted in: General

Management Information Systems: Solving Business Problems with Information Technology Part One: Business Operations Chapter Four: Security, Privacy, and Anonymity Prof. Gerald V. Post Prof. David L. Anderson. The Growth of Electronic Commerce. Business-to-Business

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Management Information Systems: Solving Business Problems with Information Technology Part One: Business Operations Chapter Four: Security, Privacy, and

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Slide1 l.jpg




Solving Business

Problems with

Information Technology

Part One:

Business Operations

Chapter Four:

Security, Privacy, and


Prof. Gerald V. Post

Prof. David L. Anderson

The growth of electronic commerce l.jpg

The Growth of Electronic Commerce

  • Business-to-Business

    • Includes up and down stream transactions that can enhance channel coordination and customer relationships

  • Business-to-Consumer

    • Encompasses all interaction between the customer and the organization

  • Open Marketspace

    • Connects business, partner, and consumer

Web based commerce model l.jpg

Web-Based Commerce Model









Operating effectively in the business to consumer boundary l.jpg

Operating Effectively in the Business-to-Consumer Boundary

  • Leverage Firm’s Logistical System

  • Price and Manage Online Transactions

  • Optimize Communication to Key Consumer Markets

  • Achieve Excellence through Service

Develop business partnerships l.jpg

Develop Business Partnerships

  • Establish Business-to-Business Relationships to Sell Competitively to Customers

  • Strengthen the Value Chain

  • Provide Value through Communication

  • Optimize Business-to-Business Service

Virtual interconnectivity l.jpg

Virtual Interconnectivity

  • Sell in a Virtual World

  • Stay Real or Become Virtual

  • Communicate with a Community

  • Provide Value-Add Services in the Marketspace

Opportunities and threats of end run strategies l.jpg

Opportunities and Threats of End-Run Strategies

  • Odd Person Out

  • Establish Place in Value Chain

  • Compare Information in a Virtual World

  • Optimize the Service Offering Across Partner Organizations

Managerial issues for security l.jpg

Managerial Issues for Security

  • Technical

  • Societal

  • Economic

  • Legal

  • Behavioral

  • Organizational/Managerial

Managerial issues for security9 l.jpg

Managerial Issues for Security

  • Technical

    • How will Security be Implemented?

    • What protocols will be the standards of future electronic commerce?

    • What are the future technologies used to “wire” people and households?

Managerial issues for security10 l.jpg

Managerial Issues for Security

  • Societal

    • How will the privacy of individuals be protected?

    • How will consumer data be used?

    • Will consumer data be misused?

    • How do user perceptions of issues reflect reality?

Managerial issues for security11 l.jpg

Managerial Issues for Security

  • Economic

    • How will electronic and physical markets differ?

    • Will economic theories succeed as instantaneous access to information emerges?

    • What will be the price of information?

Managerial issues for security12 l.jpg

Managerial Issues for Security

  • Legal

    • Should governments continue to subsidize the internet?

    • How will real world laws apply to the legality of virtual sites?

    • Who is liable for information accuracy?

Managerial issues for security13 l.jpg

Managerial Issues for Security

  • Behavioral

    • How satisfied will users be with virtual experiences compared to those in the real world?

    • How will a sense of community and social needs be represented through E-Commerce?

    • What are the characteristics of early adopters of E-Commerce?

Managerial issues for security14 l.jpg

Managerial Issues for Security

  • Organizational/Managerial

    • What are the differences between managing an E-commerce business and a more traditional one?

    • How will the organization of the firm change as E-commerce becomes more prevalent?

    • What products lend themselves to success with E-Commerce?

Managerial issues for security15 l.jpg

Managerial Issues for Security

  • Technical

  • Societal

  • Economic

  • Legal

  • Behavioral

  • Organizational/Managerial

Strategic security leverage paradigm l.jpg

Strategic SecurityLeverage Paradigm











Nature of Conflict;

Terms of







Systems development lifecycle l.jpg

Systems DevelopmentLifecycle

Obsolete Solution

Problem to be Solved


New, Related Problem or Requirement



New implementation Alternative or Requirement


Error (bug)













Systems planning elements l.jpg

Systems Planning Elements

  • People

    • Users, Management, Information Specialists

  • Data

    • How it is captured, used, and stored

  • Activities

    • Automated and Manual

    • Business and Information Applications

  • Networks

    • Where data is stored and processed

    • How data is exchanged between different locations

  • Technology

    • hardware and software used

Electronic commerce building block l.jpg

Electronic CommerceBuilding Block









Differentiation versus cost leadership l.jpg

Differentiation versus Cost Leadership











Minimum or




Is cost leadership sustainable l.jpg

Is Cost Leadership Sustainable?
















Minimum or




Industry company relationships l.jpg

Industry/Company Relationships


Structure &












and Tactics

Break even point l.jpg

Break-Even Point

Total Revenue






Total Costs



Fixed Costs


Break-Even Volume

Decision trees l.jpg

Decision Trees




Efforts to categorize the unknown l.jpg

Efforts to Categorizethe Unknown




Variables l.jpg





Barriers to information security sources l.jpg

Barriers to Information Security Sources

  • Economies of Scale

  • Economies of Scope

  • Product Differentiation

  • Capital Requirements

  • Cost Disadvantages

    • Independent of Size

  • Distribution Channel Access

  • Government Policy

Four generic approaches l.jpg

Four Generic Approaches




Win/Lose or

Cooperative Equilibrium



Win/Lose or




Lose lose l.jpg

Structure Defines the Industry War


  • Total Industry Profits are Very Low, Zero, or Negative

  • Industry Revenues are Declining, or, at best, steady

  • Product Technology is at or past its peak

Win win l.jpg


  • Total Industry Revenues and Profits are Growing Rapidly

  • Numerous Players of All Sizes

  • Products and Services are not Standardized

Win lose l.jpg


  • Total Industry Revenues and/or Profits are Constant or are Growing very Slowly

  • Significant Economies of Scale in Production, Distribution, and/or Promotion

  • Number of Firms Participating in the Industry is Limited and Stable

  • Individual Participants have, or can obtain, Information Regarding the Relative Positions of the Players

Structure defines the terms of competition l.jpg

Structure Defines the Terms of Competition

  • Wasting Resources

    • generic advertising rather than focusing on specific market segments

  • Precipitating Unwanted Warfare

    • Causing a full-scale price war when only brand repositioning was necessary

  • Failing to Anticipate and Adapt to Changes

    • Following historical patterns

    • Underspending on Advertising

Structure defines maneuver l.jpg

Structure Defines Maneuver

  • Standard or Dominant Product Emerges

  • Distribution Channels Limit Firm’s Ability to Determine which Channels to Select

  • Target and Market Niches Become More Difficult to Defend

  • Substitutes Limit Price Increases which Requires Increase in Advertising Expenditure

Two levels of planning l.jpg

Two Levels of Planning

  • Systems Planning

    • Gives Managers, Users, and Information Systems Personnel Projects

    • Establishes what should be done

    • Sets a budget for the total cost of these projects

  • Systems Project Planning

    • Setting a plan for the development of each specific systems project

Systems professional skills l.jpg

Systems Professional Skills

  • Systems Planning

    • Form project team after proposed systems project is cleared for development

  • Systems Analysis

    • Business Systems Analysts knowledgeable in business

  • General Systems Design

    • Business Systems Analysts

  • Systems Evaluation and Selection

    • Business Systems Analysts

  • Detailed Systems Design

    • Wide Range of Systems and Technical Designers

  • Systems Implementation

    • Systems analysts, programmers, and special technicians

Effective leadership style l.jpg

Effective Leadership Style

  • Autocratic Style

    • Crisis-Style Management

    • Used to Correct Major Problem, such as Schedule Slippage

  • Democratic Style

    • Team-oriented Leadership

    • Gives each team member the freedom to achieve goals which he/she helped set

  • Laissez-Faire Style

    • Highly-motivated, Highly-Skilled Team Members

    • People who work best alone

Project management skills l.jpg

Project Management Skills

  • Planning

    • States what should be done

    • Estimates how long it will take

    • Estimates what it will cost

  • Leading

    • Adapts to dynamics of enterprise and deals with setbacks

    • Guides and induces people to perform at maximum abilities

  • Controlling

    • Monitors Progress Reports and Documented Deliverables

    • Compares Plans with Actuals

  • Organizing

    • Staffs a Systems Project Team

    • Brings together users, managers, and team members

Case frameworks l.jpg


  • Computer-Aided Systems and Software Engineering

  • Increase Productivity of Systems Professionals

  • Improve the Quality of Systems Produced

  • Improve Software Maintenance Issue

Case frameworks39 l.jpg


  • Includes:

    • workstations

    • central repository

    • numerous modeling tools

    • project management

    • Systems Development Life Cycle Support

    • Prototyping Applications

    • Software Design Features

Central repository for models l.jpg

Central Repository for Models

  • Models Derived from Modeling Tools

  • Project Management Elements

  • Documented Deliverables

  • Screen Prototypes and Report Designs

  • Software Code from Automatic Code Generator

  • Module and Object Libraries of Reusable Code

  • Reverse Engineering, Reengineering, and Restructuring Features

Software maintenance l.jpg

Software Maintenance

  • Reverse Engineering

    • Extract original design from spaghetti-like, undocumented code to make maintenance change request

    • Abstract meaningful design specifications that can be used by maintenance programmers to perform maintenance tasks

  • Reengineering

    • Examination and changing of a system to reconstitute it in form and functionality

    • Reimplementation

  • Restructuring

    • Restructures code into standard control constructs

      • sequence, selection, repetition

Data design l.jpg

Data Design

  • Define all the entities to be dealt with and the relationships between them

  • Transform the conceptual design into logical design wherein all the views are combined and all the resulting data elements are defined and the data structure is syntactically and semantically determined

  • Normalize this logical design for mathematically minimized redundancy and maximized integrity

  • Transform this logical design to a physical design where the underlying RDBMS, hardware, and use patterns are taken into account

  • Develop the SQL DDL code specific to each RDBMS vendor’s product is generated

Business rules for data l.jpg

Business Rules For Data

  • Basic selection of what data elements are of interest, what are their characteristics (data type and acceptable range - also called syntactic structure)

  • How they are related to, or dependent on, each other in a business sense (key, foreign key and referential constraint rule - also called the semantic structure)

  • Data Integrity Rules

Advantages of data analysis l.jpg

Advantages of Data Analysis

  • “slice and dice” dynamic query support

  • standard high-level access language (SQL)

  • minimum data redundancy

  • self-protecting data integrity

    • no insert, delete and update anomalies

Relational model l.jpg

Relational Model

  • The Relational Model for data design is the foundation of the relational database and the industry that produces the “engines” that run them.

  • It puts data design (and data modeling) on a formal, mathematical footing.

Relationship types l.jpg

Relationship Types

a). One-to-one (1:1): means that an occurrence if one OT uniquely determines an occurrence of other OT - and vice-versa

b). One-to-many (1:n): means that an occurrence of one OT determines an occurrence of the other OT - but not vice-versa

c). Many-to-many (n:m):means that an occurrence of one OT can be related to many occurrences of other OT - and vice-versa

Data rationalization l.jpg

Data Rationalization

  • Identification of data synonyms and homonyms across multiple and disparate data sources and the creation of a map that points back to their original sources.

Data access gateway l.jpg

Data Access Gateway

  • sits between end users (usually in PC networks) and a legacy database

  • accepts data read requests (expressed as SQL statements)

  • converts the requests to legacy access method instructions

  • provides the resulting data to the users

  • data flow is one-way read-only.

Structured data analysis l.jpg

Structured Data Analysis

  • the functions or activities which are to be handled by the system

  • the external entities which interact with the system

  • the logical data stores, and

  • the data flows among all the the above

  • Data flow diagrams (DFD) are used to diagrammatically describe the elements.

Entity relationship diagrams erds l.jpg

Entity Relationship Diagrams (ERDs)

  • A method of documenting and visualizing a conceptual data model.

Normalization l.jpg


  • The process based on the business rules for data

    • a set of data elements (attributes) are arranged in a mathematically minimum set of tables (relations), within which all the attributes are dependent on a primary key attribute (the key).

Normalization model l.jpg

Normalization Model

  • The SA/Normalization method is based on the use of decomposition rules, which enable one to decompose tables/relations.

    • Database design starts with flat tables/relations, each of which is created out of a data stores in the DFDs and then decomposed into the normal form relations. No conceptual schema of the enterprise is created to express the semantics of its information structure.

  • The SA/IA method is based on the use of grouping rules which map simple relationships in the binary-relationship data model onto normal form relationships.

    • The relational model and the normalization method have been criticized for being too detailed to use at the initial design stage, and for lacking a semantic structure for making unambiguous choices in modeling the enterprise.

    • The IA method incorporates a semantic model of the enterprise which captures its essential semantic features from which the normal form relations are derived.

Conversion into normalized record types l.jpg

Conversion into Normalized Record Types

  • For every data flow which either enters or emanates from a data store (in the leaf level DFDs), the integral data elements are identified

  • For every data store, a list of the data elements which are entering and emanating are drawn up

  • The dependencies among all the data elements are analyzed, and the normalization rules are applied in steps so that at every step a given relation is split into more “simple” relations

    • Every relation has a key which consists of one or more data elements

    • Every non-key data element functionally depends on that entire key and not on part of it

    • No non-key data element depends on any other non-key data element in the relation (there are no transitive dependencies)

Conversion into normalized record types54 l.jpg

Conversion into Normalized Record Types

Enter exams dates & rooms

List of Exams details


Exams File

Details of Exams

Details of Exams

for lecturer

for students

Notify Lectures

Notify Students

De normalization l.jpg


  • The process of selectively

    • combining two or more normalized tables into one, or

    • decomposing one normalized table into two or more

Part description for model for general motors l.jpg

Part Description for Modelfor General Motors

“Part #123 that is supplied by GM was assembled on bus 456 on May 28, 1996” is decomposed into the following elementary sentences:

a). A part... is supplied by a manufacturer...

b). A part... was assembled on a bus...

c). The assembly [part*bus] was performed on a date...

Part distribution model for general motors l.jpg

Part Distribution Modelfor General Motors

Part (p#)

Manufacturer (name)

Supplier of

Supplied of

Relationship types58 l.jpg

Relationship Types

a). One-to-one (1:1): means that an occurrence if one OT uniquely determines an occurrence of other OT - and vice-versa

b). One-to-many (1:n): means that an occurrence of one OT determines an occurrence of the other OT - but not vice-versa

c). Many-to-many (n:m):means that an occurrence of one OT can be related to many occurrences of other OT - and vice-versa

Gm parts assembly distribution model l.jpg

GM Parts Assembly Distribution Model


(License #)

Manu-facturer (name)

Part (p#)


Date (Calc. date)

Date of Assembly

Data warehouse l.jpg

Data Warehouse

  • An intermediate, read-only store (usually based in a purchased RDBMS product) and the programs that manage it.

  • Contains recent and summarized data extracted from across some or all of the legacy data systems

  • Presents a subject-based view

Functional dependency l.jpg

Functional Dependency

  • Mathematical term for the key relationship (using rational terminology) between data elements. A data element (attribute) that is functionally dependent on another data element (the key) will always exist in a relation (table) such that a unique value for the key will always “determine” or “locate” or “define a unique value of” the dependent.

Metadata l.jpg


  • Data about data that is generally extracted from an existing system or created for a new system and stored in a design repository for developers to use in maintaining or extending the system during its lifecycle

  • Metadata refers to the table, attribute, and key definitions contained in the catalog of a relational database. It can also mean the business rules for data designed for a new design, or the business rules for data thought to be enforced in a legacy system (semantic data structure, sometimes called meta-data, or meta2 data).

  • The actual syntactic and semantic data structure (not just what the documentation might say), including a complete synonym and homonym map, plus the business rules for data that are actually being enforced in the legacy system.

Slide63 l.jpg

Graduate School of

Business Administration

Loyola University

  • Login