Assignment 3 - System Design Report
The Spring Breaks ‘R’ US Travel service (SBRU) is an online travel service that is designed to book the trips for springs break for university students. Many students book the trips through this conventional system but due to change in technology the business is shifted towards the online service system. The basic idea for such a system is that to facilitate the students in booking a room in resort for making their breaks awesome and enjoyable. There are tons of states with which SPRU contract with, in-order to book a resort for the students. Its website gives the information about the resorts, their prices, rooms that are available, resort information updates and other special features. Students can search for the room of their choice and place the order. It also gives the travel information for students who booked a resort after they are login into the system. There is also need for resort to access information from the SBRU system. They need to update regard the weekly booking orders, type of room that are booked, price details etc. before the season starts they should enter information of resorts, their prices and other features. They are also responsible to make a report for the damage created by the spring breakers during their stay.
FIRST-CUT DESIGN CLASS DIAGRAM (DCD):
First-cut design class diagram for Spring Breaks ‘R’ Us (SBRU) system using domain classes:
FIRST-CUT CLASS DIAGRAM SBRU:
BOOK A RESERVATION ➔
The above first-cut DCD consists of two controllers, they are:
o Resort Controller o Reservation Controller
The classes belong to the SBRU system’s First-DCD diagram are:
Resort Controller Class:
Reservation Controller Class:
Person Account Class:
Payment Txn Class:
Traveller In Room Class:
ADD A RESORT ➔
The above first-cut DCD consists of one controllers, it is:
o Resort Controller
The classes belong to the SBRU system’s First-DCD diagram are:
Resort Controller Class:
Add Resort Class:
FIRST-CUT DESIGN SEQUENCE DIAGRAM OF SBRU SYSTEM:
SEQUENCE DIAGRAM FOR BOOKING SYSTEM:
SEQUENCE DIAGRAM FOR ADD RESORT SYSTEM:
Security is a big concern currently in information technology more than ever. As more and more tasks are performed online it is making life easier. At the same time risk as data theft and identity theft are increased as well. Spring Breaks R Us are going to use social networking to benefit their business same as any other company nowadays. To provide a secure and trustworthy experience to the customers here are some suggestion from security point of view.
Security will be providing to Spring Breaks U Us by implementing integrity controls and security controls.
Integrity controls are associated with the applications and database. Integrity control make sure the system is functioning in a right manner. It achieves it by rejecting and or preventing invalid and unauthorized data input. It protects data and application from malicious attacks. It allows only appropriate and correct business transactions. Ensures that the transactions are processed correctly and recorded accordingly. It protects the asset of the organization.
Integrity control achieves its goal by implementing following controls in the organization.
It controls the data input in the system and application. It ensures only valid data is being entered by users. It is generally implemented on application or database schema.
Access control basically restrict a person or program to make changes to data which they are not authorized to access or edit. Access control implemented in DBMS applies control each time when an attempt is made to edit or read any data.
Transaction logging keeps a track of all the changes made to the database with the relevant information such as user id, time, date, data input etc. Generally, it is stored separately to keep track of changes made to the database and look for any irregularities in the data. Transaction logging achieves two important goals, one it prevents malicious database changes as it will be recorded in the log. And the other is providing a recovery point. Transaction logging can provide an exact time and date where data was manipulated so it makes it easy to recover unaltered data.
Backup of data can be partial or full. It copies data from the database and store in a removable storage offsite. It can’t be accessed by application software. When In need for a recovery of data back up is being used and the data from the backup is transferred to the database.
Output controls manage the output of the data whether its been printed physically or displayed on an output device. It ensures that output is being displayed at the current location and is not being accessed by an authorized person.
Security controls are associated with operating systems and network. It ensures the security and integrity of network and operating systems. It mainly focuses on external threats to the organization. It protects information and transactions across the internet. Security controls use following to ensure the security of data in network.
Access control is a part of security control as well. It allows authorized users to use servers, files, database etc accordingly to their privileges. Access control rely on some of these processes. Authentication, access control list (White list), authorization.
Encryption Users will be providing their sensitive information such banking details, date of birth, address, phone numbers and such. In this case all the data must be protected from unauthorized use. Encryption is a security technique to secure such data from malicious use. Encryption is a process to convert the data from its original format to encrypted format using encryption algorithm and encryption keys. Encrypted data can only be accessed by authorized users with a decryption key to decrypt the data to its original format.
Secure transactions of data is possible with protocols and methods like Transport layer Security, IP Security and Secured Hypertext Transport Protocol.
During changeover, a new system and an existing system run side by side for an agreed period. This should be long enough to ensure that all aspects of the new system have been confirmed that it can work properly. Both input the same data and perform the same processes. This will compare their output and prove the reliability of the new system. If the new system is accepted, the existing system will stop running and will be replaced by the new one. If both old and new systems are computerized, the input data can be held on a disk or tape and run concurrently on both systems.
As students must deal with the new system so these are the following instructions they need to follow:
All the old data need to be backup into hard drive or into the cloud.
Multiple servers should be installed, so if the server went down they can use the other one.
A different type of room is needed because sometimes a student need to be added due to the change of group size
Payment method should be secure and need to be under peer to peer transaction using 256 bitencryptions to prevent attacks from hackers.
A secure internet connection is needed so that student can get access to the internet all the time and it won’t affect their performance
Allow backups of data to be taken and easy restore.
To prevent all the system from failing down risk should be reduced.
Budget failure can affect the project.
Risk1 Old data may loss as they have no backup
Risk2 Possibility of redundancy as there has no unique ID when any student get register with website
Risk3 There is no perfect design for social networking
Risk4 Server breakdown
Risk5 Lost of recent student data
Risk6 Budget risk
Risk7 Lack of security
Risk8 Accounting and financing bank transfer hack chances
As there are few risks we are going to focus on reducing its impact and chance of occurring.
MITIGATION OF RISKS
Risk1: In order to avoid data loss, we can enter the entries into the database of old students while going on web services
Risk2: In order to avoid redundancy every student must represent by unique primary key which should be always different for each student
Risk3: If we want a social networking feature into your system. It is very complex process. As it requires whole new design and the process is expensive. we need to re-code whole system with new backup servers
Risk4: There are huge possibilities of server breakdown with numerous possibilities like wires getting broken or some servers or some hardware problems so, there always should be a backup of server on cloud storage.
Risk5: To prevent this risk day by day backup should be needed or all the data should be save in secure hard drives
Risk6: There is a possibility to go over budget we should control the budget and prevent it from going over the limits
Risk7: In order to prevent website from breakdown and other threating attacks from hackers. There should be use of better form of fire-walls and SSID certificates
Risk8: While making transactions it should always be peer to peer transaction using 256 bit-encryption
EFFECT OF RISK
Risk1 Once data loss if you do not have backup will resulting in loosing all the information and bank transactions resulting in huge loss of money Risk2 Possibility of redundancy.
Risk3 if there is no social networking it will be hard to run a system.
Risk4 Server breakdown leads to website crash and may even have possibilities to loss all the database
Risk5 Lack of security leads to stealing of confidential data
Risk6 Budget failure can collapse the project
Risk8 If there is no proper encrypte and look whole into network can give chance to hackers to steal money from student bank accounts
Satzinger, J., Jackson, R. and Burd, S. (2012). Systems analysis and design in a changing world. Boston, MA: Course Technology, Cengage Learning
Altshuler, Y. (2014). Security and privacy in social networks. [Place of publication not identified]: Springer
Assignment Writing Help
Engineering Assignment Services
Do My Assignment Help
Write My Essay Services