Operating Systems (OS): programs that control the resources manages content of main memory, processes keystrokes and mouse movements, sends signals to the display monitor, reads and writes disk files, and controls the processing of other programs Major OSs
Non Mobile clients
Personal computer clients
If you want to learn more check out What is known as the pleasure principle?
If you want to learn more check out What happens when a bond has reached its maturity?
Virtualization ● Process by which one physical computer hosts may differ virtual computers within it 1. PC virtualization Oracle VirtualBox on host OS to create Linux and Windows 8 virtual machines 2. Server virtualization Server computer hosts one or more other server computers 3. Desktop virtualization Hosts many versions of desktop OS’s Enables user’s to run their desktop from many different client computers PC or client Own vs. License ● License ○ Right to use specified number of copies ○ Limits vendor’s liability ● Site License ○ Flat fee to install software product on all company computers or all computers at a specific site ● Open Source ○ No license fee Q4 Is Open Source software a viable alternative? GNU general public license agreement ● Open OFfice ● Firefox ● MySQL (DBMS) ● Apache (Web Server) ● Android (mobiledevice OS) ● Cassandra (NoSQL DBMS) ● Hadoop (BigData processing system) How open source works? Open Source Software: available to users in source code form Source code → machine code → software ● Source code: human readable computer code ● Machine code: source code is compiled into instructions executed directly by a computer’s CPU Closed Source Project: source code not available to users or public. Only available to trusted employees and carefully vetted contractors Is open source viable? Depends on requirements and constraints of situation “Free” open source software still requires support and operational costs that could cost more than a licensing fee Future will involve a blend of both proprietary and open source software CE 3 Mobile Systems (included with chapter 4) Q1 What are mobile systems? ● ISs to support users in motion● Major elements in a mobile system ○ Users in motion ○ Mobile devices ○ Wireless connectivity ○ Cloudbased resources Q2 Why are mobile systems important? (hardware, software, data, procedures, people) ● Impact of mobile systems growth ● Industry changes ● Career opportunities Q3 How do native and browserbased mobile applications compare?
ObjectiveC JAva C#, C++ (objectoriented languages)
Professional programmers, only
Professional programmers and technically oriented web developers and business professionals
Skill level required
Low to high
Easy to hard, depending on app requirements
Computer science ISs Graphics design
If you want to learn more check out covalent bonding study guide
Cloud based resources Web sites Text, email, and other services Extend app onto servers Use more powerful servers Support roaming across devices (transparently) Data and news Push (sent to you automatically) Pull (requesting) Roaming ● Occurs when people move their activities, especially long running transactions, across devices Q5 What are challenges of personal mobile devices at work? (BYOD)BYOD Policies None We’ll be a coffee shop We’ll offer limited systems you can access from any device You’re responsible for damage We’ll check it out, reload software, then manage remotely If you connect it, we own it (list starts at no control → full control, same thing with functionality) Chapter 5 5 Qs Database Processing: Terms: Columns database Database administration/ Database application Provide tools to assist in the administration of the database Database management system (DBMS) program used to create, process, and administer a database Fields also called columns File or table, is group of similar rows or records Foreign Key keys of a different table than the one in which they reside Form purpose is to… view data; insert new, update existing, and delete existing data Key (primary key) interchangeable, column or group of columns that identify a unique row LostUpdate problem happens when multiuser processing happens and if 2 people put the same item in their cart (online shopping) one person will not get it Metadata data that describes data Multiuser processing multiple users processing the same database NoSQL DBMS refers to software products that support very high transaction rates, processing relatively simple data structures, replicated on many servers in the cloud Primary key query records relation Relational database Report shows relationships using foreign keys Rows also called records Structured Query Language (SQL) international standard language for processing a database Table also called a file group of similar rows or records Q1 What is the purpose of a database? Organize and keep track of things Keep track of multiple themes General rule: Single theme store in spreadsheet Multiple theme use a database What is a theme? Ex: students grades Q2 What is a database? Hierarchy of data elements → Database = Tables or files + relationship among rows in tables + Metadata Processing database Four DBMS operations: Read, insert, modify, delete data Q3 What is a database management system (DBMS) Program used to create, process, and administer a database Licensed from vendors such as IBM, Microsoft, Oracle, and others DB2, Access and SQL server, Oracle database MySQL open source, licensefree for most applications Deconstructing the database Four popular database objects or applications Table store data Form view, insert, update or delete data Query find or filter data Report present data in meaningful format Querying the database: Structured query language SQL (seequell) International standard Used by most popular DBMS Administering the database Setup security system involving user accounts, passwords, permissions, and limit for processing Limit user permissions in very specific ways Backing up database data Adding structures to improve performance of database applications Removing unwanted data Q4 How do database applications make databases more useful?Q5 What is a NoSQL DBMS Primary reason for relational model’s existence is gone, and document piece making via normalization no longer necessary Constraints of limited storage space and limited processing speeds removed Relational model never a natural fit with business documents Why Need For NoSQL New data types, such as images, audio, and videos don’t fit into relational structures AllRoad Parts’ desire to store images for customers’ image queries provides an excellent example MongoDB opensource documentoriented DBMS Need for faster processing using many servers Dynamo, Bigtable, Cassandra Will NoSQL replace relational DBMS products? Probably not Conversion enormously expensive and disruptive NoSQL DBMS products are very technical and require a deep background in computer science to use Chapter 6 The Cloud 4 Questions Terms: Cloud Elastic Ethernet Infrastructure as a service (IaaS) Platform as a service (PaaS) Pooled ServiceOriented architecture (SOA) Software as a service (SaaS) Tunnel Virtual private network (VPN) web services Q1 Why is the cloud the future for most organizations What is the cloud? Elastic leasing of pooled computer resources over the internet Elastic Leased computing resources quickly increased or decreased dynamically, programmatically, organizations only pay for resources actually used Flexibility for unpredictable demand while limiting financial risk Pooled Cloud resources pooled Many organizations share same physical hardware through virtualization No need to build or contract infrastructure that supports maximum demand Benefits from Economies of scale Average cost of production decreases as size of operating increases Major cloud vendors operate enormous web farms Why is the cloud preferred to inhouse hosting? Cloud based In House hosting Positive Small capital requirement control of data location Speedy development indepth visibility of security Superior flexibility and adapting to growing or fluctuating demand Known cost structure Possibly bestofbreed/ disaster preparedness No obsolescence Industry wide economies of scale Negative Dependent on vendor Significant capital required Loss of control over data location significant development effort Little visibility into true security and disaster preparedness Annual maintenance Ongoing support cost Staff and train personnel Increase management requirements Why Now? time sharing vendors sold slices of computing time on usefee basis since 1960s Cloud based hosting advantages Cheap processors, essentially free data communication and data storage Web farm of hundreds of thousands of processors, virtual machine hour costs is essentially nothing Instantaneous creation of new virtual machine environments Internetbased standards enable cloudhosting vendors to provide flexible, standardized processing capabilities When does the cloud not make sense? When law or standard industry practice require physical control or possession of the data Financial institutions might be legally required to maintain physical control over its data Q2 How do organizations use the cloud? Three fundamental cloud types: SaaS provides not only hardware infrastructure, but also an operating system and application programs as well PaaS Vendors provide hosted computers, an operating system, and possibly a DBMS IaaS Most basic, cloud hosting of a bare server computer or data storage Content Delivery Networks from cloud vendors Content delivery network (CDN) System of hardware and software stores user data in many different geographical locations and makes data available on demand Provides specialized type of PaaS, but usually considered in its own category Minimize latency Used to store and deliver content seldom changed CDN benefits Decreased, even guaranteed load time Reduced load on origin server Increased reliability Protection from DoS attacks Reduced delivery costs for mobile users Payasyougo Q3 How can AllRoad Parts use the cloud? Some Saas products AllRoad could use Google mail, google drive, office 365, salesforce.com, microsoft CRM OnLine Q4 How can organization use cloud services securely?Virtual Private Network (VPN): Uses the internet to create the appearance of private, secure connections Data transmitted from VPN is always Encrypted Cloud security alliance list of threats Data breaches, data loss, account or service traffic hijacking, insecure interfaces and APIs, Denial of service attacks, malicious insiders, abuse of cloud services, insufficient due diligence, shared technology vulnerabilities Q5 What does the cloud mean for your future? Cloud services faster, more secure, easier to use, and cheaper Fewer organizations set up own computing infrastructure; will pool servers across organizations and use economies of scale like by cloud vendor More techbased startups Increased demand for employees who know how to use and manage informations systmes Mobile systems will be standard More remote action systems Telediagnosis Telesurgery Telelaw enforcement Drone and other military equipment Live remote digital broadcasting CE 8 2 Qs Network and Cloud technology: Terms: 10/100/1000 ethernet, bluetooth, commerce server database tier, Digital subscriber line (DSL), domain name, ehternet, ICANN, Internet, intranet, IP (Internet protocol) Address, IPv4, IPv6, Local Area Network(LAN), Net neutrality, network, optical fiber cables packet, private IP address, protocol, public IP address, server tier, TCP/IP protocol architecture, the internet, Threetier archictecture, URL (Uniform resource locator), User tier, web servers, wide area Network(WAN) Mobile device “native” application It was designed to work only with a particular operating system Q1 What is a computer network? Collection of computers that communicate over transmission lines or wirelessy Local area network (LAN) computers connected at a single, physical site Wide area network (WAN) computers connected between two or more separate sites The internet and internets networks of networks Q2 What are components of a LAN Small office/ home office Abbreviations used for communications and computer memory speeds differ Communication equipment, k, stands for 1000, not 1,024 like memory M is 1,000,000 G is 1,000,000,000 Communication speed is expressed in bits, memory speed is expressed in bytes LAN protocol Q3 How does the internet work? The cloud resides in the internet Carriers and net neutrality Carriers Sprint, verizon Net neutrality All data is treated equally Large carriers exchange traffic freely via peering agreements without charging access fees Problem with peering Some people use more bandwidth than others; ex: netflix Internet Addressing Public IP Addresses Identifies particular device on public internet Public ip addresses unique worldwide Assignment controlled by ICANN (internet corporation for assigned names and #) Private IP Addresses Identifies particular device on a private network Major Benefits: Public IP: All devices on LAN share a public IP address Private IP: need not register computer with ICANNapproved agency Assignment controlled within the LAN Public IP addresses and Domain Names IPv4: four decimal dotted notation like 184.108.40.206 Domain Name Worldwideunique names affiliated with public IP address Affiliation of domain names with IP addresses is dynamic URL: uniform resource locator IPv6: longer format Q4 How does the cloud work? Serviceoriented architecture (SOA) All interactions among computing devices defined as service in a formal, standardized way Enables all pieces of the cloud to fit together Chapter 7 Processes, Organizations, and ISs 6 Qs Q1 How do information systems vary by scope? Personal information system ● Ex: drug salesperson ● Single user procedures informal; problems isolated; easy to manage change Workgroup information system ● Ex: physician partnership ● 10100 users; procedures understood within group; problem solutions within group; somewhat difficult to change Enterprise Information System ● Ex: Hospital ● 1001000s users; procedures formalized; problem solutions affect enterprise; difficult to change Interenterprise information system ● Ex: PRIDE System ● 1000s users; procedures formalized; problem solutions affect multiple organizations; difficult to change Q2 How do enterprise systems eliminate the problems of information silos? Information silo: condition that exists when data are isolated in separate ISs Data integrity: in a database or collection of databases, the condition that exists when data values are consistent and in agreement with one another. What are the problems of information silos? Data duplicated Data inconsistency Data isolated Business processes disjointed Lack of integrated enterprise info Inefficiency: decisions made in isolation Increased cost for the organization Departmental Information Systems sales and marketing, operations, manufacturing, customer service, HR, accounting How do organizations solve the problems of information silos? Use information silos as driversQ3 How do CRM, ERP, and EAI support Enterprise processes? Business process reengineering: activity of altering existing and designing new business processes to take advantage of new information systems technology. Difficult, slow, and exceedingly expensive Key personnel determine how best to use new technology Requires high level and expensive skills Requires considerable time to do Inherent Processes: predesigned procedures for using software products, CRM ERP EAI Customer Relationship Management (CRM) ● Suite of apps, a database, and set of inherent processes ● Manage all interactions with customer through 4 phases of customer life cycle: ○ Marketing, customer acquisition, relationship management, loss/churn ● Intended to support customercentric organization Enterprise Resource Planning (ERP) ● Suite of apps, a database, and a set of inherent processes for consolidating business operations into a single, consistent computing platform. ● Includes the function of CRM, but also accounting, manufacturing, inventory, and HR applications Enterprise Application Integration (EAI) ● Connects system “islands” ● Enables communicating and sharing data ● Provides integrated information ● Provides integrated layer over the top of existing systems while leaving functional applications “as is” ● Enables a gradual move to ERP Challenges associated with implementing and upgrading enterprise systems ● Collaborative management ○ No single manager to resolve disputes ○ Need committees and steering groups to provide enterprise process management ○ Slow and expensive ● Requirement gaps ○ Gaps between requirements and capabilities of specific functions, features, and inherent processes ○ 1st challenge identify gap ○ 2nd challenge deciding what to do with identified gaps ● Transition problem ○ Change from isolated departmental systems to new enterprise system, while doing business ○ Requires careful planning and substantial training ○ Senior management must explain need for change and help work out kinks ● Employee resistance ○ People resist change because change requires effort and engenders fear ○ Resist change because it threatens self efficacy (person’s belief that they are successful at their job) CE 9 included in Chapter 7 Q1Q3 Q1 Purpose of ERP systems Purpose of ERP Systems: integration of purchasing, human resources, production, sales, and accounting data into a single system Q2 Elements of ERP solution Elements of ERP Solution ● ERP application programs ○ Software: ERP app programs ○ Configurable app programs ■ set parameters on how ERP will operate ● ERP business process procedures ○ Procedures: Business Process Procedures ○ Set of 100s1000s inherent procedures (process blueprints) ○ How to accomplish process work using the ERP apps ● ERP databases ○ Data: ERP databases ○ Includes a database design and initial configuration data ● ERP training and consulting ○ Vender training and numerous classes before and after implementation ○ In house super users to train the trainer ○ Types of training: how to implement ERP solution, how to use ERP software ○ Onsite consulting for implementing and using ERP Q3 How are ERP systems implemented and upgraded? (1)Determine current and ERP processes → (2)remove inconsistencies → (3)implement the ERP app (All of this while running the business) (1) model current process “as is” (2) compare “as is” to blueprint processes (3) prepare plan CE 10 included in Chapter 7 and CE 9 Q1 what are typical interorganizational processes? Processes occur in 2 or more independent organizations Q2 What is a supply chain? Network for organizations and facilities that transforms raw materials into products delivered to customers Supply Chain (network) relationships disintermediation, eliminates supply chain links Q3 What factors affect supply chain performance? Factors of info 1. Purpose 2. Availability 3. Means Q4 Supply Chain Profitability vs. Organizational Profitability Profit: total revenue total costs Max profit from chain Not achieved if each organization maxs profit in isolation Profitability increases when one or more operate at less than max profitability (ex: carries larger than optimal inventory) Why? When one supplier loses sales due to outofstock, others in supply chain lose revenue Q6 How do ISs affect supply chain performance? Reduce costs of buying and selling Increase supply chain speed Reduce size and cost of inventory Improve delivering schedule Do not optimize supply chain profitability Chapter 8 5 Questions Social Media Information Systems Terms: Businesstobusiness (B2B) Businesstoconsumer (B2C) Communities Connection data Content data Crowdsourcing Influencer Social capital Social CRM Social media (SM) Social media provider Strength of relationships User generated content (UGC) Value of social Capital Viral Hook“Its all about eyeballs” Number of eyeballs and clicks generate revenue Generating revenue from social applications is difficult, but possible Q1 What is a social media information system (SMIS) Social Media (SM) Use of IT to support content sharing among network of users Enables communities, tribes, or hives People related by a common interes Social media information system (SMIS) Supports sharing of content among networks of users 3 SMIS Roles Social media providers Facebook, google+, linkedIn, Twitter, instagram Attracting and targeting certain demographic groups Users Both individuals and organizations Communities Mutual interests and transcend familial, geographic, and organizational boundaries Five components of SMIS are same as normal IS Q2: How do SMIS advance organizational strategy Strategy determines value chains, which determine business processes, which determine information systems Value chains determine structured business processes Constantly changing nature of SM means process flows cannot be easily designed or diagrammed Social media and the sales and marketing activity Dynamic, SMbased CRM process Social CRM Each customer crafts relationships Wikis, blogs, discussion lists, FQA, sites for user reviews Customers search content, contribute reviews and commentary, ask questions, create user groups No longer centered on customer lifetime value Social media and customer service Relationships emerge from joint activity, customers have as much control as companies Product users freely help each other solve problems Selling to or through developer network's most successful Microsoft's most valuable professional (MVP) program Risk of peertopeer support loss of control possible SM and inbound and outbound logistics Social media used to provide numerous solution ideas and rapid evaluations of them May provide better solutions to complex supply chain problems Facilitates user created content and feedback among networks needed for problem solving Loss of privacy a significant risk Problem solving in front of your competitors Social media and manufacturing and operations Designing products, developing supplier relationships and improving operational efficiencies Crowdsourcing Process of employing users to participate in product design or product redesign Widely used in B2C relationships to market products to end users Youtube channel and post videos of product reviews and testing, factory walk throughs Q3 How do SMIS increase social capital Capital Investment of resources for future profit Types of business capital Physical capital Produce goods and services Human capital Human knowledge and skills investments Social capital Social relations with expectation of marketplace returns What is the value of social capital? ****value of social capital Number and strength of relationships, resources controlled Adds value in four ways Information Influence Social credentials Personal reinforcement professional image or status How do social networks add value to businesses? Progressive organization Maintain presence on facebook, linkedin, twitter Encourage customers and interested parties to leave comments Risk? Excessively critical feedback Using social networks to increase the strength of relationships Strength of relationship Likelihood other person or organization will do something that benefits your orgnization Write positive reviews Organizations strengthen relationships with you by asking you to do them a favor Using social networks to connect to those with more resources ***Social capital= number of relationships * relationship strength * entity resources Most organizations ignore resources aspect and just try to make stronger relationships Q4 How do some Companies earn revenue from social media? Hypersocial organizations Uses SM to transform interactions with customers, employees, and partners into mutually satisfying relationships with them and their community You are the product If you are not paying, you are the product Renting your eyeballs to an advertiser Revenue models for SM Advertising Pay per click Use increases value As more people use a sit, the more value it has, and the more people will visit Freemium revenue model Offers users a basic service for free, and charges a premium for upgrades or advanced features Sale of apps, virtual goods, affiliate commissions, donations Does mobility reduce online ad revenue? By 2018, number of mobile devices is expected to reach 10 billion Mobile data traffic increase elevenfold Average clickthrough rate of smartphones is 4.12%, but 2.39% on PCs Conversion rate Frequency someone clicks on ad, makes a purchase,likes a site, or takes some other action desired by advertisers PC ad clicks more effective than mobile clicks Clickstream data easy to gather Android users far more likely to click and convert on facebook ads than iphone users Mobile devices unlikely to kill web/social media revenue model How best to configure mobile experience to obtain legitimate clicks and conversions Q5 How can organizations address SMIS security concerns? Need a social media policy Consider risks from nonemployee usergenerated content Look at risks from employee use of SM Managing the risk of employee communications Develop and publicize a social media policy Statement delineates employees rights and responsibilities Intel’s three pillars of SM policy Disclose Protect Use common sense Responding to social networking problems Leave it Respond to it Delete it Internal risks from SM Threats to information security, increased organizational liability, and decrease emplouee productivity Directly affect ability of an organization to secure information resources Seemingly innocuous comments can inadvertently leak information used to secure access to organizational resources Dont tell everyone its your birthday, can get identity stolen Employees may increase corporate liability when they use social media Sexual harassment liability Leak confidential information Reduced employee productivity 64% of employees visit nonwork related web sites each day Tumbler 57%, facebook 52% Q6 Where is social media taking us? Chief digital officers (CDO) responsible for developing and managing innovative social media programs Integrated mobile video, augmented by google/facebook’s Whammo++Star, enables employees and teams to instantly publish ideas in blogs, wikis, videos, etc. BYOD Harness power of employee social behavior and partners to advance company strategy Loss of management control of employees Employees craft own relationships with employer Mobility + cloud + social media create fascinating opportunities for your non routine cognitive skills in next 10 years Chapter 9 5 Questions Business Intelligence Systems Terms: Push publishing delivers publications without request Pull publishing requires user to request BIData warehouse facility for managing and organizing BI data Granularity term refers to the level of detail represented by the data Data mart: a data collection, smaller than the data warehouse, that addresses the need for a particular department or functional area of the business Exception reports: reports produced when something out of predefined bounds occur Data mining application of statistical techniques to find patterns and relationships among data for classification and prediction Unsupervised data mining do not create a model or hypothesis before running analysis Cluster analysis unsupervised data mining technique that finds and groups entities with similar characteristics Supervised data mining go into analysis with a plan Regression analysis supervised data mining technique that measures impact of one set of variables onto another Big Data huge volume, rapid velocity, and great variety of data MapReduce harnessing power of thousands of computers working in parallel Hadoop open source program supported by Apache that manages thousands of computers and that implements MapReduce Dynamic reports: BI documents updated at time of request Subscriptions user requests for particular BI on particular schedule BI server web server application that is purpose built for publishing BI Q1 How do organizations use business intelligence (BI) systems? What are typical uses of BI? Identifying changes in purchase patterns Important life events cause customers to change what they want to buy BI for entertainment Netflix uses data to determine what people actually want, not what they say they want Predictive policing Analyzing data on past crimes to predict where crimes likely to occurQ2 What are the 3 primary activities in the BI process Q3: how do organizations use data warehouses and Data marts to acquire data? Function of a data warehouse Extract data from operational, internal or external databases Cleanse data Organize and relate data Catalog data using metadata Q4 What are three techniques for Processing BI data? Reporting create information about past performance Data mining: classify and predict BigData find patterns and relationships in big data Chapter 10 5 Qs Terms (a fuck ton) Advanced persistent threat (APT) Adware Asymmetric encryption Authentication Biometric authentication Brute force attack Cookies small files that your browser receives when you visit websites Denial of service (DOS) Email spoofing Encryption Firewall Hacking https Identification Internal firewalls IP spoofing Key Key escrow Key loggers Malware Perimeter firewall Personal identification number (PIN) Phishing Pretexting Public key encryption Smart cards Sniffing Spoofing Spyware SQL injection attack Symmetric encryption Trojan horses Usurpation Virus Wardrivers Worm Q1 what is the goal of ISs security? Sources of Threats? Unauthorized Data Disclosure Pretexting: deceiving someone over the internet by pretending to be someone else Phishing: technique for obtaining unauthorized data that use pretexting via email. The phisher pretends to be a legit company and sends an email requesting confidential data, such as account #s (synonym email spoofing) Spoofing: pretending to be someone else with intent of obtaining unauthorized data (IP spoofing) Sniffing: technique for intercepting computer communications, with wired it requires a physical connection Wardriver: people who use computers with wireless connections to search for unprotected wireless networks Hacking (self explanatory) Incorrect Data Modification ● Procedures incorrectly designed or not followed ● Increasing customer discount or incorrectly modifying employee’s salary ● Placing incorrect data on company website ● Improper internal controls on systems ● System errors ● Faulty recovery after a disaster Faulty Service ● Incorrect data modification ● Systems working incorrectly procedural mistakes ● Programming errors ● IT installations errors ● Usurpation ● Denial of service (unintentional)● Denial of service attacks (intentional) ○ DOS security problems in which users are not able to access an IS; can be caused by human error, natural disasters, or malicious activity Loss of Infrastructure ● Human accidents ● Theft or terrorist events ● Disgruntled or terminated employee ● Natural disasters ● Advanced Persistent Threat (APT) sophisticated, long running computer hack perpetrated by large, wellfunded organizations Goals of IS security ● Find tradeoff between risk of loss and cost of implementing safeguards ● Use antivirus software ● Deleting browser cookies? ● Get in front of security problem by making appropriate trade offs for your life and your business Q2 How big is the computer security problem? ● Data loss is principal cost of computer crime ● Mobile device data significant security threat ● Security safeguards work Q3 How should organizations respond to security threats? Personal security safeguards Brute Force Attack: passwordcracking program that tries every possible combination of characters Q4 Respond to security threats● Min. Security Policy ○ What sensitive data the organization will store ○ How it will process that data ○ Whether the data will be shared with other organizations ○ How employees and other can obtain copies of data stored about them ○ How employees and others can request changes to inaccurate data ■ Manage risk (tradeoff between risk/cost) Q5 How can technical safeguards protect against security threats? Identification: process whereby an IS identifies a user by requiring the user to sign on with a username and password Authentication: process whereby a IS verifies (Validates) a user ● This method falls into 3 categories ○ What you know (password or PIN) ○ What you have (smart card) ○ What you are (biometric) Smart Card: plastic card similar to credit card and that have microchips. The microchip, which holds much more data than a magnetic strip, is loaded with identifying data. Normally requires a PIN Personal Identification Number (PIN): form of authentication whereby the user supplies a number that only he or she knows Biometric authentication: use of personal physical characteristics, such as fingerprints, facial features, and retinal scans, to authenticate users ISs often require multiple sources of authentication Encryption: process of transforming clear text into coded, unintelligible text for secure storage or communication Key: used to encrypt data Symmetric encryption: encryption method whereby the same key is used to encode and decode the message Asymmetric: 2 keys used; one to encode and one to decodePublic Key encryption: version of asymmetric, each site has a public key for encoding messages and a private key for decoding them Https: indication that a web browser is using the SSL/TLS protocol to provide secure communications Firewall: computing device that prevents unauthorized network access Perimeter firewall: sits outside organization network; first device that internet traffic encounters Internal firewall (opposite of above) Malware Types and Spyware and Adware Symptoms ● Viruses computer program that replicates itself ○ Payload program codes of a virus that causes unwanted or harmful actions, such as deleting programs or data, modifying data in ways that is undetected by users, even worse ○ Trojan horses viruses that masquerade as useful programs or files ○ Worms virus that propagates itself using the internet or some other computer network. Worm code is written specifically to infect another computer as quickly as possible ● Spyware programs installed on user’s computer without user’s knowledge or permission that resides in background and, unknown to user, observes user’s actions and keystrokes, modify activity, and report the user’s activities to sponsoring organization ○ Keyloggers: malicious spyware that captures keystrokes without the user’s knowledge ■ Used to steal usernames, passwords, accounts #s, etc. ● Adware same as spyware but doesn’t perform malicious acts or steal data ○ Watches user activity and produces popup ads Malware Safeguards ● Antivirus and antispyware programs ● Scan frequently ● Update malware definitions ● Open email attachments only from known sources ● Install software updates ● Browse only reputable internet neighborhoods SQL injection attack: user obtains unauthorized access to data by entering a SQL into a form in which one is supposed to enter a name or other data. If the program is improperly designed, it will accept it and make it a part of the SQL command that it issues to DBMS Q6 How can data safeguards protect against security threats?● Key escrow control procedure whereby a trusted party is given a copy of a key used ot encrypt database data Q7 How can human safeguards protect against security threats? ● Position definition ○ Separate duties and authorities ○ Determine least privilege ○ Document position sensitivity ● Hiring and screening ● Dissemination and enforcement ○ Responsibility ○ Accountability ○ Compliance ● Termination ○ Friendly ○ Unfriendly Chapter 11 3 questions Chapter 12 7 Qs Analysis paralysis Beta testing Brooks’ Law Business analyst Component design Cost feasibility Implementation Maintenance Organizational feasibility Parallel installation Patch Phased installation Pilot installation Plunge installation Requirements analysis Schedule feasibility Service packs System conversion System definition Systems analyst Systems development Systems development life cycle (SDLC) Technical feasibility Test plan Waterfall Q1 What is systems development? Process of creating and maintaining ISs Involves all 5 components of IS Requires: Establishing system goals Setting up the project Determining the requirements Business knowledge and management skill required! Q2 Why is systems development difficult and risky? ● Difficulty of requirement determination ● Changes in requirements ● Scheduling and budgeting difficulties and overruns ● Changes in technology ● Diseconomies of scale (as teams become larger, average contribution per worker decreases) ● Enter SDLC (systems development life cycle) Q3 5 phases of SDLC (also referred to as waterfall method) 1. Systems definition 2. Requirement analysis 3. Component design 4. Implementation 5. Maintenance Q4 How is system definition accomplished?1. Define system goals and scope a. IS exists to facilitate an organization's competitive strategy 2. Assess feasibility (4 dimensions) a. Cost Feasibility approximates total costs it compares it to system value b. Schedule Feasibility estimate time it will take to build the system c. Technical refers to whether existing information technology is likely to be able to meet the needs of the new system d. Organization concerns whether the new system fits within the organization’s customs, culture, character, or legal requirements 3. Form a project team a. Manager b. Business analyst c. Systems analyst d. Programmers e. Software tester f. Users g. Outside contractor? First major task for the team is to plan the project It is important to keep users involved throughout the whole process Q5 What is user's’ role in the requirements phase? Primary purpose of this phase is to determine and document the specific features and functions of the new system 1. Determine requirements 2. Approve requirements Consider all 5 components User must approve all before project continues If requirements are wrong the system will be wrong Easiest and cheapest time to alter the IS is during the requirements phase 3. Role of a prototype To be useful, prototype actually needs to work Q6 How are the 5 components designed? ● Determine hardware specifications ● Determine software specifications ● Design database ● Design procedures ○ Normal, backup, and failure recovery procedures ● Design job descriptions ○ Create and define new tasks and responsibilitiesQ7 How is an IS implemented? Beta Testing users have final say on whether system is “production ready” System Conversion Approaches ● Pilot Installation implement entire system in limited portion of business ○ Limits exposure to business if system fails ● Phased installation system installed in phases or modules ○ Each piece installed and tested ● Parallel installation complete new and old systems run simultaneously ○ Very safe, but expensive ● Plunge installation high risk if new system fails ○ Only if new system not vital to company operations Q8 Tasks for System Maintenance Q9 What are some problems with SDLC? SDLC Waterfall Method ● Requirement documentation difficult● Business requirements change ● “Analysis Paralysis” projects spend so much time on documentation it hampers progress CE 17 included in CH 12 Agile Development Terms: Agile development including rapid application development, unified process, extreme programming, scrum and other stuff that are alternatives to the SDLC Justintime design only portions needed to complete the current work Paired programming team members working in pairs Product owner business professional who provides requirements and is available for clarification and testing Scrum master expert in scrum processes who helps keep the process organized and operating Standup 15 minute long meeting Velocity number of points a team can complete in a scrum period Waterfall method once you finish a phase in the SDLC you don’t go back to up Q1 why is the sdlc losing credibility? System requirements are fuzzy and always changing Waterfall method: dont go back once you finish phase Very risky users do not see system until end Projects often run out of money or time before completion SDLC assumes requirements don’t change Agile development methods Rapid application development Unified process Extreme programming Scrum Q2 what are the principles of Agile Development methodologiesQ3 what is the scrum process Key roles Product owner Business professional provides requirements, clarification, testing Scrum master Expert in scrum processes, keeps process organized and working Coach or referee, guardian of team members time Team members 59 per team Programmers, systems analysts, business analysts, database designers, cloud engineers, PQA testing personnel Stand up meetings 15 minute meeting where each team member states: What he or she has done in the past What he or she will do in coming day Any factors blocking progress Purpose: Accountability for progress and give public forum for blocking factors When are we done? Customer satisfied with product created and accepts it, even if some requirements are left unfinished Project runs out of time Money runs out Organization may wish to define done Q4 How do requirements drive the scrum process Requirements drive planning and scheduling Express requirements in terms of who does what and why Product owner creates requirements and prioritizes them Scheduling tasks: Way tasks are scheduled makes scrum innovative Developers terrible at determining how long task will take, good at how long something will take in comparison to something else Assign each task a difficulty score, called points Points for a fibonacci sequence Points summed to a total for requirement Team estimation and planning poker Iterative, feedbackgenerating process to obtain team scores Committing to finish tasks Team velocity Total number of work points team can accomplish in each scrum period Determines how many requirements team can commit to in next scrum period Team assigns 1 point to simplest task Hocuspocus Incorporates team iteration and feedback for scheduling and tasking Team can create something that far exceeds what each member can do individually Scrum a good technique, but not magic
If you want to learn more check out global climate change may produce major shifts in biomes because
We also discuss several other topics like social psychology final exam
We also discuss several other topics like what is the starting molecule for glycolysis