cil test study material1 topics for today… system analysis & design cyber laws- it act 2000...
TRANSCRIPT
CIL Test Study material 1
Topics for today…
• System Analysis & Design
• Cyber Laws- IT Act 2000
• E-governance
• E-payments
CIL Test Study material 2
• Systems analysisProcess of studying an existing system to determine how it works and how it meets user needs
• Systems designProcess of developing a plan for an improved system, based upon the results of the systems analysis
Systems Analysis and Design What is it?
CIL Test Study material 3
Systems Analyst
• Professional computer employee who performs analysis and design
• Change agent – Overcome reluctance of users to change
• Typical career path– Programmer– Programmer / Analyst– Systems Analyst
CIL Test Study material 4
Systems AnalystFunctions
Coordination• Schedules and system-related tasks
• Personnel
CIL Test Study material 5
Systems AnalystFunctions
• CoordinationSchedules and system-related tasks
• Personnel Communication– Oral presentations– Written documentation
Planning and design– Plans and designs new system– Involved from beginning of project through final
implementation of the system
CIL Test Study material 6
Project Phases
• Planning (Why build the system? How should the team go about building it?)
• Analysis (Who uses system, what will it do, where and when will the system be used?)
• Design (How will the system work?)
• Implementation (System delivery)
CIL Test Study material 7
• Identifying business value
• Analyze feasibility
• Develop work plan
• Staff the project
• Control and direct project
Planning
CIL Test Study material 8
• Analysis strategy
• Gathering business requirements
• Requirements definition use cases
• Process modeling
• Data modeling
Analysis
CIL Test Study material 9
• Design selection
• Architecture design
• Interface design
• Data storage design
• Program design
Design
CIL Test Study material 10
• Construction– Program building– Program and system testing
• Installation– Conversion strategy– Training plan– Support plan
Implementation
CIL Test Study material 11
SDLCSystems Development Life Cycle
• Preliminary investigation
• Analysis
• Design
• Development
• Implementation
CIL Test Study material 12
SDLCPreliminary Investigation
• Feasibility study / System survey• Determine the problem• Describe the problem• Understand management decisions
– Organizational chart– Informal hierarchy
• Produces rough plan and what to do
CIL Test Study material 13
SDLCPreliminary Investigation
Problem Definition• Nature of the problem
Separate problem from symptoms of problem
• Scope of the projectBudget and schedule
• Objectives of the projectWhat user thinks system should do
CIL Test Study material 14
SDLCPreliminary Investigation
ReportWhat you have found
Recommendations
Financially feasible
CIL Test Study material 15
SDLCAnalysis
• Understand the existing system– Gather data– Analyze data
• Establish system requirements
CIL Test Study material 16
SDLCAnalysis – Data Gathering
• Written documents
• Interviews– Structured– Unstructured
• Questionnaires
• Observation– Visits by appointment– Participant observation
• Sampling
CIL Test Study material 17
SDLCAnalysis – Analyze Data
• How the current system works
• Determine system requirements
• Basis for documentation
• Tools– Data flow diagram (DFD)– Decision tables
CIL Test Study material 18
SDLCAnalysis – Data Flow Diagram
CIL Test Study material 19
SDLCAnalysis –Decision Tables
CIL Test Study material 20
SDLCAnalysis – System Requirements
• Detailed list of things the system must be able to do
• Design is based upon system requirements
• Agreement upon requirements is needed before proceeding
CIL Test Study material 21
SDLCAnalysis – Report to Management
• Summarize problems
• Describe requirements
• Cost analysis
• Recommendations for next step
• Obtain authorization to proceed
CIL Test Study material 22
SDLCDesign
• Planning the new system
• Two phases– Preliminary design– Detail design
CIL Test Study material 23
SDLCPreliminary Design
Major system aspects• Centralized or distributed• Online or batch• PC-based?• How will input be
captured?• Necessary reports
CIL Test Study material 24
SDLCPreliminary Design
• Make or buy decision • Packaged software
– Meet at least 75% of requirements?– Change business procedures for part or all of
remainder?– Customize for part of all of remainder?
• Custom software– Programmers write code
• Outsourcing– System is developed by external organization
CIL Test Study material 25
SDLCPreliminary Design
• Create an overall plan
• Offer alternatives that meet requirements
• Explain differences
• Evaluate costs
CIL Test Study material 26
SDLCPreliminary Design
• Build a prototype– Limited working system of subset
• Does not need true functionality– Output looks like anticipated system output
• Working model that can be modified and fine-tuned– Uses high-level software tools – CASE– Best for small-scale systems
CIL Test Study material 27
SDLCPreliminary Design
CASE toolsComputer-Aided Software
Engineering• Supports specific analysis and design tasks• Integrated environment that supports the
entire systems development process
CIL Test Study material 28
SDLCPreliminary Design
Presentation• All alternatives• Selected plan• Prototype of the system• Obtain authorization to proceed
CIL Test Study material 29
SDLCDetail Design
Parts of detail design phase• Output requirements• Input requirements• Files and databases• Systems processing• Systems controls and backup
CIL Test Study material 30
SDLCDetail Design
Output requirements• Medium• Type of reports• Contents
CIL Test Study material 31
SDLCDetail Design
CIL Test Study material 32
SDLCDetail Design
Input requirements• Medium
• Content
• Input forms
• Validation
• Volume
CIL Test Study material 33
SDLCDetail Design
Files and Databases• Organization• Access• Format of records• Coordinate with database administrator
regarding external databases and updating
CIL Test Study material 34
SDLCDetail Design
Flowchart Symbols
CIL Test Study material 35
SDLCDetail Design
CIL Test Study material 36
SDLCDetail Design
Systems Controls and Backup• Insure that input is processed correctly• Prevent fraud and tampering• System journals• Backup of system files
CIL Test Study material 37
SDLCDetail Design
Report to Management• Detailed design specifications report• Presentation• Obtain authorization to proceed
CIL Test Study material 38
SDLCDevelopment
• Doing the work to bring the new system into being
• Scheduling
CIL Test Study material 39
SDLCDevelopment
• Programming– Refine the design– Detailed logic flowcharts and pseudocode
• Testing– Unit testing– System testing– Volume testing
CIL Test Study material 40
SDLCImplementation
• Converting to the new system
• Training
• Equipment conversion
• File conversion
• System conversion
• Auditing
• Evaluation
• Maintenance
CIL Test Study material 41
SDLCImplementation – Training
• Begin during testing• User’s manual (Technical Writers)• Hands-on• Training consideration
– Space– Equipment– Data– User’s schedules
CIL Test Study material 42
SDLCImplementation – Conversion
• Equipment– Planning– Installation of new equipment
• File– Manual to electronic– Special programs to convert old format to new
CIL Test Study material 43
SDLCImplementation – Conversion
• System– Direct conversion– Phased conversion– Pilot conversion– Parallel conversion
CIL Test Study material 44
SDLCImplementation –Auditing
• Audit trail
• Trace output back to source
CIL Test Study material 45
SDLCImplementation – Evaluation
• Working
• Meets original requirements
• Benefits
• Meets budget
• Improvements
CIL Test Study material 46
SDLCImplementation – Maintenance
Ongoing activity for life of system
CIL Test Study material 47
Creating DFDsDefine Entities
• External entities represent persons, processes or machines which produce data to be used by the system or receive data that is output by the system
• Examples: Student, Customer, Client
Define Processes• Processes are discrete actions
that transform input data to output data
• Examples: Create Student Record, Calculate Purchase Cost, Register Client
Student
2.1
Create Student Record
CIL Test Study material 48
Creating DFDs (cont’d)Define Data Stores
• Data stores are temporary or permanent repositories of information that are inputs to or outputs of processes
• Examples: Student Master, Client List
Define Data Flows• Data flows represent the transfer of
data over time from one “place” (entity, process, data store) to another
• Examples: New Student Information (from Student, to Student Master)
New Student Information
(Templates are posted in l:\academic\90728\DFDSymbols.ppt)
Student Master
D3
CIL Test Study material 49
Creating DFDs (cont’d)Define the System
• A system is the collection of all business processes which perform tasks or produce outputs we care about. It is “what happens.”
• The system is a single process, connected to external entities
• Represented in a “Context Diagram”
Define Subsystems• A subsystem gives a more detailed
view individual processes contained in the context diagram
• Includes data stores, more elementary processes
(Figure 4.13, Shelly, Cashman and Rosenblatt)
CIL Test Study material 50
Where to Begin Creating DFDs
• Start with the data flow from an external entity and work forwards
• Start with the data flow to an external entity and work backwards
• Examine the data flows into or out of a data store
• Examine data flows, entity connections and data stores associated with a particular process
• Note fuzzy, ill-defined areas of the system for further clarification
CIL Test Study material 51
What to Avoid in DFDs
Making the data flow diagram too cluttered (e.g. 9 processes)
4
Perform Repair
Processes with no outputs or no inputs
1 2 3Many processes with a single input and output (linear flow)
Processes whose inputs are obviously inadequate to yield
outputs
Having data flows terminate at data stores
Connecting data stores directly to each other
Courses StudentsClass List
Connecting entities to anything other than processes
Payroll Department
Employees
Process A
Process B
Process C
CIL Test Study material 52
CYBER LAWS&
IT ACT 2000
CIL Test Study material 53
What is a cyber threat?
• From the information security perspective, a ‘threat ‘ is defined as the potential to cause an unwanted incident in which an asset, system or organisation may be harmed.
• ‘Cyber threat ‘ is a threat that percolates or infiltrates through the use of computers , internet or interconnected communication devices and could comprise of information stealth, cyber warfare, virus attacks, cyber
terrorism, hacking attempts , phising,sabotage, singly or in combination.
CIL Test Study material 54
Cyber crimes
Hacking Information
TheftE-mail
bombingSalami attacks
Denial of Service attacks
Trojan attacks
Web jacking
TYPES OF CYBER CRIMES
CIL Test Study material 55
Information Technology Act, 2000
• Enacted on 17th May 2000- India is 12th nation in the world to adopt cyber laws
• IT Act is based on Model law on e-commerce adopted by UNCITRAL(un COMMISSION ON INTL.TRADE LAW)
CIL Test Study material 56
Objectives of the IT Act
To provide legal recognition for transactions:-• Carried out by means of electronic data interchange, and other
means of electronic communication, commonly referred to as "electronic commerce“
• To facilitate electronic filing of documents with Government agencies and E-Payments
• To amend the Indian Penal Code, Indian Evidence Act,1872, the Banker’s Books Evidence Act 1891,Reserve Bank of India Act ,1934
CIL Test Study material 57
Important provisions of IT Act, 2000
• Legal recognition to electronic records- Section 4 of IT Act.
• Legal recognition of digital signatures- Section 5 of IT Act, 2000
• Section 6- Use of electronic records and digital signatures in Government and its agencies.
• Section 7- Retention of electronic records1. Information should remain accessible for
subsequent reference2. Retained in a format that ensures accuracy3. Details of dispatch and receipt are available.
CIL Test Study material 58
Offences & Relevant Sections under IT Act
Tampering with CompuTer source documents Sec.65
Hacking with Computer systems, Data alteration Sec.66Publishing obscene information Sec.67Un-authorized access to protected system Sec.70
Breach of Confidentiality and Privacy
Sec.72Publishing false digital signature certificates Sec.73
CIL Test Study material 59
Data theft
According to the section 2 of Information Technology ActAccording to the section 2 of Information Technology Act,, ““Data”Data” means a representation of information, knowledge, facts, means a representation of information, knowledge, facts, concepts or instruction which are being prepared or have been prepared concepts or instruction which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computerinternally in the memory of the computer..
““Data Theft”-Data Theft”- It is the term used when any information in the form of It is the term used when any information in the form of data is illegally copied or taken from a business or other individual data is illegally copied or taken from a business or other individual without his knowledge or consent.without his knowledge or consent.
CIL Test Study material 60
Computer Related Crimes under IPC and Special Laws
Sending threatening messages by email Sec 503 IPCSending defamatory messages by email Sec 499, 500 IPC
Forgery of electronic records Sec 463, 470, 471 IPC
Bogus websites, cyber frauds Sec 420 IPC
Email spoofing Sec 416, 417, 463 IPC
Online sale of Drugs NDPS Act
Web - Jacking Sec. 383 IPC
Online sale of Arms Arms Act
CIL Test Study material 61
Section 65: Source Code• Most important asset of software companies• “Computer Source Code" means the listing of
programmes, computer commands, design and layout• Ingredients
– Knowledge or intention – Concealment, destruction, alteration– computer source code required to be kept or
maintained by law• Punishment
– imprisonment up to three years and / or– fine up to Rs. 2 lakh
CIL Test Study material 62
Section 66: Hacking
• Ingredients– Intention or Knowledge to cause wrongful loss
or damage to the public or any person– Destruction, deletion, alteration, diminishing
value or utility or injuriously affecting information residing in a computer resource
• Punishment– imprisonment up to three years, and / or – fine up to Rs. 2 lakh
• Cognizable, Non Bailable,
Section 66 covers data theft aswell as data alterationSection 66 covers data theft aswell as data alteration
CIL Test Study material 63
E-GOVERNANCE
CIL Test Study material 64
e-Governance in India has steadily evolved from computerization of Government Departments to initiatives that encapsulate the finer points of Governance, such as citizen centricity, service orientation and transparency. Lessons from previous e-Governance initiatives have played an important role in shaping the progressive e-Governance strategy of the country. Due cognizance has been taken of the notion that to speed up e-Governance implementation across the various arms of Government at National, State, and Local levels, a programme approach needs to be adopted, guided by common vision and strategy. This approach has the potential of enabling huge savings in costs through sharing of core and support infrastructure, enabling interoperability through standards, and of presenting a seamless view of Government to citizens.The National e-Governance Plan (NeGP), takes a holistic view of e-Governance initiatives across the country, integrating them into a collective vision, a shared cause. Around this idea, a massive countrywide infrastructure reaching down to the remotest of villages is evolving, and large-scale digitization of records is taking place to enable easy, reliable access over the internet. The ultimate objective is to bring public services closer home to citizens, as articulated in the Vision Statement of NeGP.
CIL Test Study material 65
The Government approved the National e-Governance Plan (NeGP), comprising of 27 Mission Mode Projects (MMPs) and 8 components
NeGP comprises of 27 Mission Mode Projects (MMPs) encompassing 10 Central MMPs, 10 State MMPs and 7 Integrated MMPs spanning multiple Ministries/ Departments. "Mission Mode" implies that the objective and the scope of the project are clearly defined, that the project has measurable outcomes and service-levels, and the project has well-defined milestones and timelines for implementation.MMPs are owned and spearheaded by various Line Ministries concerned for Central, State, and Integrated MMPs. The concerned Ministry/ Department is entirely responsible for all decisions related to their MMPs. However, decisions impacting NeGP as a whole are taken in consultation with DIT. Additionally, wherever required by the concerned Ministries/ Departments, DIT provides necessary support for project formulation and development.Every State has the flexibility of identifying up to 5 additional State-specific MMPs (relevant for economic development within the State). In cases where Central Assistance is required, such inclusions are considered on the advice of the concerned Line Ministries/ Departments.
CIL Test Study material 66
Central MMPs State MMPs Integrated MMPs
•Banking•Central Excise & Customs•Income Tax (IT)•Insurance•MCA21•National Citizen Database•Passport•Immigration, Visa and Foreigners Registration& Tracking•Pension•e-Office
•Agriculture•Commercial Taxes•e−District•Employment Exchange•Land Records•Municipalities•Gram Panchayats•Police•Road Transport•Treasuries
•CSC•e-Biz•e-Courts•e-Procurement•EDI For eTrade•National e-governance Service Delivery Gateway•India Portal
CIL Test Study material 67
E-procurements
Through effective deployment of e-procurement technology, enterprises can:• Reduce transaction costs• Improve process efficiency• Reduce or eliminate “maverick” buying• Increase contract compliance• Reduce cycle times• Save inventory costs• Reduce formation of cartels
CIL Test Study material 68
E-payments
Selection of Payment MethodSelection of Payment MethodBased on:Based on:ConvenienceConvenience
–Trace-abilityTrace-ability
–RepudiationRepudiation
–Financial riskFinancial risk
–Fraud protectionFraud protection
CIL Test Study material 69
• A very common method of payment
• Cards are issued by a bank
• Unique 16-digit number (including check digits) and an expiration date
• Third party authorization companies verify purchases
Credit Cards/Debit Cards
Net Banking
•Through password and secure authentication
CIL Test Study material 70
RTGS- Real Time Gross Settlement is a high value transfer system, handling funds worth Rs 100,000 and above, while NEFT – National electronic Fund Transfer transfers smaller amounts below Rs 100,000.