Upload
madison-todd
View
218
Download
0
Tags:
Embed Size (px)
Citation preview
Management Information Systems:
Solving Business Problems with Information Technology
Part One:Business OperationsChapter Four:Security, Privacy, andAnonymity
Prof. Gerald V. PostProf. David L. Anderson
The Growth of Electronic CommerceThe Growth of Electronic Commerce
Business-to-Business– Includes up and down stream transactions that can
enhance channel coordination and customer relationships
Business-to-Consumer– Encompasses all interaction between the customer
and the organization Open Marketspace
– Connects business, partner, and consumer
Web-Based Commerce ModelWeb-Based Commerce Model
Marketspace
Manufacturer/Supplier
Customers
Intermediary
Business-to-Business Business-to-Consumer
Direct
Operating Effectively in the Operating Effectively in the Business-to-Consumer BoundaryBusiness-to-Consumer Boundary
Leverage Firm’s Logistical System Price and Manage Online Transactions Optimize Communication to Key Consumer
Markets Achieve Excellence through Service
Develop Business PartnershipsDevelop Business Partnerships
Establish Business-to-Business Relationships to Sell Competitively to Customers
Strengthen the Value Chain Provide Value through Communication Optimize Business-to-Business Service
Virtual InterconnectivityVirtual Interconnectivity
Sell in a Virtual World Stay Real or Become Virtual Communicate with a Community Provide Value-Add Services in the
Marketspace
Opportunities and Threats of Opportunities and Threats of End-Run StrategiesEnd-Run Strategies
Odd Person Out Establish Place in Value Chain Compare Information in a Virtual World Optimize the Service Offering Across
Partner Organizations
Managerial Issues for SecurityManagerial Issues for Security
Technical Societal Economic Legal Behavioral Organizational/Managerial
Managerial Issues for SecurityManagerial Issues for Security
Technical– How will Security be Implemented?– What protocols will be the standards of future
electronic commerce?– What are the future technologies used to “wire”
people and households?
Managerial Issues for SecurityManagerial Issues for Security
Societal– How will the privacy of individuals be
protected?– How will consumer data be used?– Will consumer data be misused?– How do user perceptions of issues reflect
reality?
Managerial Issues for SecurityManagerial Issues for Security
Economic– How will electronic and physical markets
differ?– Will economic theories succeed as
instantaneous access to information emerges?– What will be the price of information?
Managerial Issues for SecurityManagerial Issues for Security
Legal– Should governments continue to subsidize the
internet?– How will real world laws apply to the legality
of virtual sites?– Who is liable for information accuracy?
Managerial Issues for SecurityManagerial Issues for Security
Behavioral– How satisfied will users be with virtual
experiences compared to those in the real world?
– How will a sense of community and social needs be represented through E-Commerce?
– What are the characteristics of early adopters of E-Commerce?
Managerial Issues for SecurityManagerial Issues for Security
Organizational/Managerial– What are the differences between managing an
E-commerce business and a more traditional one?
– How will the organization of the firm change as E-commerce becomes more prevalent?
– What products lend themselves to success with E-Commerce?
Managerial Issues for SecurityManagerial Issues for Security
Technical Societal Economic Legal Behavioral Organizational/Managerial
Strategic SecurityStrategic SecurityLeverage ParadigmLeverage Paradigm
CompetitivePosition
CompetitivePosition
Nature of Conflict;Terms of
Competition
StrategicLeverage
ObjectivesStrategies
Tactics
Changethe
Game
Changethe
Game
Systems DevelopmentSystems DevelopmentLifecycleLifecycle
Planning
Support
Implementation Design
Analysis
Obsolete SolutionProblem to be Solved
ProblemUnderstanding
andSolution
RequirementsAcceptable
SolutionStatement
ImplementedSolution
ImplementationError (bug)
New, Related Problem or Requirement
New implementation Alternative or Requirement
Systems Planning ElementsSystems Planning Elements People
– Users, Management, Information Specialists
Data– How it is captured, used, and stored
Activities– Automated and Manual– Business and Information Applications
Networks– Where data is stored and processed– How data is exchanged between different locations
Technology– hardware and software used
Electronic CommerceElectronic CommerceBuilding BlockBuilding Block
Systems Builders
Systems Designers
Systems Users
Systems Owners
Differentiation versus Cost LeadershipDifferentiation versus Cost LeadershipT1
SustainablePremium
Quality
Cost
Minimum or Market-RequiredQuality
DifferentiatedPlayer
CostLeader
TechnologyCurve
Is Cost Leadership Sustainable?Is Cost Leadership Sustainable?T1
SustainablePremium
Quality
Cost
Minimum or Market-RequiredQuality
DifferentiatedPlayer
CostLeader
OldTechnologyCurve
T2
NewTechnologyCurve
Industry/Company Industry/Company RelationshipsRelationships
IndustryStructure &Competitive
Position
Long-termObjectives,StrategicDirection
DetailedStrategies
and Tactics
Freedomof
Maneuver
Break-Even PointBreak-Even PointTotal Revenue
Profit
Total Costs
Fixed Costs
SalesBreak-Even Volume
Revenueand
Costs
Profit
FixedCosts
DecisionDecision Trees Trees
DecisionPoint
Probability
Efforts to CategorizeEfforts to Categorizethe Unknownthe Unknown
Complexity
Instability
Uncertainty
VariablesVariables
Cost
Risk
Time
Barriers to Barriers to Information Security SourcesInformation Security Sources Economies of Scale
Economies of Scope Product Differentiation Capital Requirements Cost Disadvantages
– Independent of Size Distribution Channel Access Government Policy
Four Generic ApproachesFour Generic ApproachesWin
Win
Lose
Lose
Win/Win Win/Lose orCooperative Equilibrium
Lose/LoseWin/Lose orCooperative Equilibrium
Lose/LoseLose/Lose Total Industry Profits are Very Low, Zero,
or Negative Industry Revenues are Declining, or, at
best, steady Product Technology is at or past its peak
Structure Defines the Industry War
Win/WinWin/Win
Total Industry Revenues and Profits are Growing Rapidly
Numerous Players of All Sizes Products and Services are not Standardized
Win/LoseWin/Lose Total Industry Revenues and/or Profits are
Constant or are Growing very Slowly Significant Economies of Scale in Production,
Distribution, and/or Promotion Number of Firms Participating in the Industry is
Limited and Stable Individual Participants have, or can obtain,
Information Regarding the Relative Positions of the Players
Structure Defines the Terms Structure Defines the Terms of Competitionof Competition
Wasting Resources – generic advertising rather than focusing on specific
market segments Precipitating Unwanted Warfare
– Causing a full-scale price war when only brand repositioning was necessary
Failing to Anticipate and Adapt to Changes– Following historical patterns– Underspending on Advertising
Structure Defines ManeuverStructure Defines Maneuver
Standard or Dominant Product Emerges Distribution Channels Limit Firm’s Ability
to Determine which Channels to Select Target and Market Niches Become More
Difficult to Defend Substitutes Limit Price Increases which
Requires Increase in Advertising Expenditure
Two Levels of PlanningTwo Levels of Planning Systems Planning
– Gives Managers, Users, and Information Systems Personnel Projects
– Establishes what should be done– Sets a budget for the total cost of these projects
Systems Project Planning– Setting a plan for the development of each
specific systems project
Systems Professional SkillsSystems Professional Skills Systems Planning
– Form project team after proposed systems project is cleared for development
Systems Analysis– Business Systems Analysts knowledgeable in business
General Systems Design– Business Systems Analysts
Systems Evaluation and Selection– Business Systems Analysts
Detailed Systems Design– Wide Range of Systems and Technical Designers
Systems Implementation– Systems analysts, programmers, and special technicians
Effective Leadership StyleEffective Leadership Style Autocratic Style
– Crisis-Style Management– Used to Correct Major Problem, such as Schedule
Slippage Democratic Style
– Team-oriented Leadership– Gives each team member the freedom to achieve goals
which he/she helped set Laissez-Faire Style
– Highly-motivated, Highly-Skilled Team Members– People who work best alone
Project Management SkillsProject Management Skills Planning
– States what should be done– Estimates how long it will take– Estimates what it will cost
Leading– Adapts to dynamics of enterprise and deals with setbacks– Guides and induces people to perform at maximum abilities
Controlling– Monitors Progress Reports and Documented Deliverables– Compares Plans with Actuals
Organizing– Staffs a Systems Project Team– Brings together users, managers, and team members
CASE/FrameworksCASE/Frameworks
Computer-Aided Systems and Software Engineering
Increase Productivity of Systems Professionals
Improve the Quality of Systems Produced
Improve Software Maintenance Issue
CASE/FrameworksCASE/Frameworks
Includes:– workstations– central repository– numerous modeling tools– project management– Systems Development Life Cycle Support– Prototyping Applications– Software Design Features
Central Repository for ModelsCentral Repository for Models Models Derived from Modeling Tools Project Management Elements Documented Deliverables Screen Prototypes and Report Designs Software Code from Automatic Code Generator Module and Object Libraries of Reusable Code Reverse Engineering, Reengineering, and
Restructuring Features
Software MaintenanceSoftware Maintenance Reverse Engineering
– Extract original design from spaghetti-like, undocumented code to make maintenance change request
– Abstract meaningful design specifications that can be used by maintenance programmers to perform maintenance tasks
Reengineering– Examination and changing of a system to reconstitute it in
form and functionality– Reimplementation
Restructuring– Restructures code into standard control constructs
sequence, selection, repetition
Data DesignData Design Define all the entities to be dealt with and the relationships
between them Transform the conceptual design into logical design wherein all
the views are combined and all the resulting data elements are defined and the data structure is syntactically and semantically determined
Normalize this logical design for mathematically minimized redundancy and maximized integrity
Transform this logical design to a physical design where the underlying RDBMS, hardware, and use patterns are taken into account
Develop the SQL DDL code specific to each RDBMS vendor’s product is generated
Business Rules For Data Basic selection of what data elements are of
interest, what are their characteristics (data type and acceptable range - also called syntactic structure)
How they are related to, or dependent on, each other in a business sense (key, foreign key and referential constraint rule - also called the semantic structure)
Data Integrity Rules
Advantages of Data AnalysisAdvantages of Data Analysis “slice and dice” dynamic query support standard high-level access language (SQL) minimum data redundancy self-protecting data integrity
– no insert, delete and update anomalies
Relational ModelRelational Model
The Relational Model for data design is the foundation of the relational database and the industry that produces the “engines” that run them.
It puts data design (and data modeling) on a formal, mathematical footing.
Relationship TypesRelationship Typesa). One-to-one (1:1): means that an occurrence
if one OT uniquely determines an occurrence of other OT - and vice-versa
b). One-to-many (1:n): means that an occurrence of one OT determines an occurrence of the other OT - but not vice-versa
c). Many-to-many (n:m):means that an occurrence of one OT can be related to many occurrences of other OT - and vice-versa
Data RationalizationData Rationalization
Identification of data synonyms and homonyms across multiple and disparate data sources and the creation of a map that points back to their original sources.
Data Access GatewayData Access Gateway sits between end users (usually in PC
networks) and a legacy database accepts data read requests (expressed as SQL
statements) converts the requests to legacy access method
instructions provides the resulting data to the users data flow is one-way read-only.
Structured Data Analysis the functions or activities which are to be
handled by the system the external entities which interact with the
system the logical data stores, and the data flows among all the the above Data flow diagrams (DFD) are used to
diagrammatically describe the elements.
Entity Relationship Diagrams Entity Relationship Diagrams (ERDs)(ERDs)
A method of documenting and visualizing a conceptual data model.
NormalizationNormalization
The process based on the business rules for data– a set of data elements (attributes) are arranged
in a mathematically minimum set of tables (relations), within which all the attributes are dependent on a primary key attribute (the key).
Normalization ModelNormalization Model The SA/Normalization method is based on the use of
decomposition rules, which enable one to decompose tables/relations. – Database design starts with flat tables/relations, each of which is
created out of a data stores in the DFDs and then decomposed into the normal form relations. No conceptual schema of the enterprise is created to express the semantics of its information structure.
The SA/IA method is based on the use of grouping rules which map simple relationships in the binary-relationship data model onto normal form relationships. – The relational model and the normalization method have been criticized
for being too detailed to use at the initial design stage, and for lacking a semantic structure for making unambiguous choices in modeling the enterprise.
– The IA method incorporates a semantic model of the enterprise which captures its essential semantic features from which the normal form relations are derived.
Conversion into Normalized Record Types
For every data flow which either enters or emanates from a data store (in the leaf level DFDs), the integral data elements are identified
For every data store, a list of the data elements which are entering and emanating are drawn up
The dependencies among all the data elements are analyzed, and the normalization rules are applied in steps so that at every step a given relation is split into more “simple” relations
– Every relation has a key which consists of one or more data elements
– Every non-key data element functionally depends on that entire key and not on part of it
– No non-key data element depends on any other non-key data element in the relation (there are no transitive dependencies)
Enter exams dates & rooms
D1 Exams File
List of Exams details
Details of Exams
Notify Lectures
Details of Exams
Notify Students
for lecturer for students
Conversion into Normalized Record Types
De-NormalizationDe-Normalization
The process of selectively – combining two or more normalized tables into
one, or – decomposing one normalized table into two or
more
Part Description for ModelPart Description for Modelfor General Motorsfor General Motors
“Part #123 that is supplied by GM was assembled on bus 456 on May 28, 1996” is decomposed into the following elementary sentences:
a). A part... is supplied by a manufacturer...
b). A part... was assembled on a bus...
c). The assembly [part*bus] was performed on a date...
Manufacturer (name)
Supplier of
Supplied of
Part (p#)
Part Distribution Modelfor General Motors
Relationship TypesRelationship Typesa). One-to-one (1:1): means that an occurrence if
one OT uniquely determines an occurrence of other OT - and vice-versa
b). One-to-many (1:n): means that an occurrence of one OT determines an occurrence of the other OT - but not vice-versa
c). Many-to-many (n:m):means that an occurrence of one OT can be related to many occurrences of other OT - and vice-versa
Bus (License #) Part
(p#)Supplier
Manu-facturer (name)
Date of Assembly
Date (Calc. date)
GM Parts Assembly Distribution Model
Data WarehouseData Warehouse
An intermediate, read-only store (usually based in a purchased RDBMS product) and the programs that manage it.
Contains recent and summarized data extracted from across some or all of the legacy data systems
Presents a subject-based view
Functional DependencyFunctional Dependency
Mathematical term for the key relationship (using rational terminology) between data elements. A data element (attribute) that is functionally dependent on another data element (the key) will always exist in a relation (table) such that a unique value for the key will always “determine” or “locate” or “define a unique value of” the dependent.
MetadataMetadata Data about data that is generally extracted from an existing system or
created for a new system and stored in a design repository for developers to use in maintaining or extending the system during its lifecycle
Metadata refers to the table, attribute, and key definitions contained in the catalog of a relational database. It can also mean the business rules for data designed for a new design, or the business rules for data thought to be enforced in a legacy system (semantic data structure, sometimes called meta-data, or meta2 data).
The actual syntactic and semantic data structure (not just what the documentation might say), including a complete synonym and homonym map, plus the business rules for data that are actually being enforced in the legacy system.
Graduate School of Business Administration
Loyola University