systems analysis and design in a changing world, 6th edition 1 chapter 12 databases, controls, and...
TRANSCRIPT
![Page 1: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/1.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 1
Chapter 12 Databases, Controls, and Security
![Page 2: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/2.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 2
Example Set of TablesWith Primary Key and Foreign Key
![Page 3: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/3.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 3
Database and DBMS Components
![Page 4: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/4.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 4
Designing Data Base and System Controls Architecture
Existing databases Integrity control –
rejects invalid inputs, prevents unauthorized outputs, and protects data and programs against tampering
Security controls – part of the operating system and network and tend to
be less application specific.
![Page 5: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/5.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 5
Partitioning Database SchemaInto Client Access Subsets
![Page 6: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/6.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 6
Architecture for RMOReplicated and Partitioned Database
![Page 7: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/7.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 7
Integrity and Security Controls
![Page 8: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/8.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 8
Integrity ControlsInput Controls
Value limit control Completeness control Data validation control Field combination control
![Page 9: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/9.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 9
Integrity ControlsCont.
Access control Transaction logging Complex update control Output control Redundancy Backup Recovery
![Page 10: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/10.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 10
Integrity ControlsTo Prevent Fraud
Fraud triangle – Opportunity, Motivation, and Rationalization must all exist for
a fraud to occur
![Page 11: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/11.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 11
Integrity ControlsTo Prevent Fraud
![Page 12: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/12.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 12
Security Controls
Access Controls
![Page 13: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/13.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 13
Security ControlsData Encryption
Public key encryption – a form of asymmetric key encryption that uses a public key for encryption
and a private key for decryption
![Page 14: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/14.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 14
Security ControlsDigital Certificate Digital certificate -- an institution’s name and public key (plus other
information, such as address, Web site URL, and validity date of the certificate) encrypted and certified by a third party
Certifying authority -- a widely accepted issuer of digital certificates
![Page 15: Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 Databases, Controls, and Security](https://reader036.vdocument.in/reader036/viewer/2022062518/56649efc5503460f94c1056b/html5/thumbnails/15.jpg)
Systems Analysis and Design in a Changing World, 6th Edition 15
Security ControlsSecure Transactions
Secure Sockets Layer (SSL) -- a standard set of methods and protocols that address authentication, authorization, privacy, and integrity
Transport Layer Security (TLS) -- an Internet standard equivalent to SSL
IP Security (IPSec) -- an Internet standard for secure transmission of low-level network packets
Secure Hypertext Transport Protocol (HTTPS) -- an Internet standard for securely transmitting Web pages