systems analysis and design in a changing world, 6th edition 1 chapter 12 - databases, controls, and...
TRANSCRIPT
Systems Analysis and Design in a Changing World, 6th Edition 1
Chapter 12 - Databases, Controls, and Security
Systems Analysis and Design in a Changing World, 6th Edition 2
Distributed Database Architectures
Single database server
Replicated database server
Partitioned database server
Cloud-based database server
Systems Analysis and Design in a Changing World, 6th Edition 3
Partitioning Database SchemaInto Client Access Subsets
Systems Analysis and Design in a Changing World, 6th Edition 4
Architecture for RMOReplicated and Partitioned Database
Systems Analysis and Design in a Changing World, 6th Edition 5
Designing System Controls Controls -- mechanisms and procedures that are
built into a system to safeguard the system and the information within it
Integrity control -- a control that rejects invalid data inputs, prevents unauthorized data outputs, and protects data and programs against accidental or malicious tampering
Security controls -- are part of the operating system and the network and tend to be less application specific.
Systems Analysis and Design in a Changing World, 6th Edition 6
Integrity and Security Controls
Systems Analysis and Design in a Changing World, 6th Edition 7
Integrity ControlsInput Controls
value limit control
completeness control
data validation control
field combination control
Systems Analysis and Design in a Changing World, 6th Edition 8
Integrity Controls
Access control
Transaction logging
Complex update control
Output control
Systems Analysis and Design in a Changing World, 6th Edition 9
Integrity Controls
Redundancy
Backup
Recovery
Systems Analysis and Design in a Changing World, 6th Edition 10
Integrity ControlsTo Prevent Fraud
Fraud triangle Opportunity Motivation Rationalization
Systems Analysis and Design in a Changing World, 6th Edition 11
Integrity ControlsTo Prevent Fraud
Systems Analysis and Design in a Changing World, 6th Edition 12
Designing Security Controls
Security control - protects the assets of an organization from all threats, with a primary focus on external
Two Objectives Maintain a stable, functioning operating environment for
users and application systems (usually 24 hours a day, 7 days a week).
Firewalls to protect from hackers, viruses, works, and denial of service attacks
Protect information and transactions during transmission across the Internet and other insecure environments
Information could be intercepted, destroyed or modified
Systems Analysis and Design in a Changing World, 6th Edition 13
Security Controls
Access Controls
Systems Analysis and Design in a Changing World, 6th Edition 14
Security ControlsData Encryption
Asymmetric key encryption -- encryption method that uses different keys to encrypt and decrypt the data
Public key encryption -- a form of asymmetric key encryption that uses a public key for encryption and a private key for decryption