Computer Information System - ITM University - Semester 2 - MBA

Computer Information
System
I T M
UNIVERSITY
ONLINE
Computer Information System
Table of Content eBook
1. Introduction to Information Systems 5
1.1 Introduction 6
1.2 Information Systems 7
1.3 M e a n i n g of Information Management 8
1.4 Components of Information Management 10
1. 5 Types of Information Systems 14
1.6 Application Architecture 18
1. 7 Impact of Information Technology 21
1.8 Chapter Summary 24
2. Software Systems: Models and Architecture 25
2.1 Introduction 26
2.2 Defining Software System 27
2.3 Software Development Life Cycle (SDLC) 29
2.4 Life Cycle Models and Methodologies 32
2.5 Role of Architecture in Software Development 40
2.6 Types of Architectural Patterns 42
3. Software Systems: Design and Development 47
3.1 Introduction 48
3.2 Software Design 49
3.3 Design Principles 53
3.4 Software Design Concepts 55
3.5 Software Design Methodologies 57
3.6 Constructive Cost Model (COCOMO) 60
3.7 Data Flow Diagram (DFD) 62
3.8 Chapter S u m m a r y 66
4. Database Management System 67
4.1 Introduction 68
4.2 File O r g a n i z a t i o n Terms and Concepts 69
4.3 Traditional File Processing 73
4.4 Problems with Traditional File Processing 75
4.5 Database Approach to Data Management 76
www.itmuniversityonline.org Page 2
4.6 C a p a b i l i t i e s of D B M S 80
4.7 Types of Database 81
5. Creating a Database Environment 86
5.1 Introduction 87
5.2 Designing Databases 88
5.3 Normalization 90
5.4 Entity-Relationship (ER) Diagram 92
5.5 Distributing Databases 95
5.6 Database Trends 97
5.7 Business Intelligence Tools 99
5.8 Data Mining 100
6. Telecommunications and Networking in Today's Business World 105
6.1 Introduction 106
6.2 Data Communication and Networking 107
6.3 Components of Networking 108
6.4 Basic Types of Network 109
6.5 Network Architecture 111
6.6 Network Protocols 113
6.7 Types of Topology 116
6.8 Transmission Media 120
7. Internet 124
7.2 Internet Addressing 126
7.3 Types of Address 128
7.4 Uniform Resource Locator (URL) 130
7.5 Domain Name System ( D N S ) 131
7.6 World Wide Web (WWW) 132
7.7 Web Browsers 134
7.8 Search Engines 136
7. 9 Difference between Intranet and Extra net 138
7.10 Creating Web Page using HTML 139
8. eCommerce 144
8.2 Definition of eCommerce 146
8.3 Features of eCommerce 150
8.4 Traditional Commerce Vs eCommerce 152
8.5 Advantages and Disadvantages of eCommerce 154
8.6 Business Models 156
8.7 Payment Systems 160
8.8 Electronic Data Interchange (EDI) 163
9. New IT Initiatives 166
9.2 Enterprise Resource Planning (ERP) 168
9.3 eBusiness 172
9.4 eGovernance 175
9.5 Cloud Computing 177
9.6 Knowledge Management Systems ( K M S ) 180
9. 7 Management Information Systems ( M I S ) 183
9.8 Decision S u p p o r t Systems (DSS) 184
9.9 Customer Relationship Management (CRM) 187
1 0 . Security Measures 192
10.2 Types of Attacks 194
10.3 P r i n c i p l e s of Security 196
10.4 Cryptography: Definition and Types 199
10.5 D i g i t a l Signatures 201
10.6 Security Protocols 204
10. 7 Information Security Management 207
I n t r o d u c t i o n to
Information
Systems
01. I n t r o d u c t i o n to Information Systems eBook
1 . 1 Introduction
Information is a v a l u a b l e asset to any organization. Organizational information includes
customer data, operational data, human resource data, financial data, etc. It is stored
either in physical or digital form. There occurs a need to maintain and manage this
information together for easy retrieval. Thus information systems have become an
essential part of any organization today.
Information systems capture the data and make it presentable to end users.
Advancements in the field of Information Technology (IT) causes automation of various
processes in organizations where all physical data is converted into d i g ital and stored in
information systems. The information system component maintains integrity,
confidentiality and avoids redundancy of data. The purpose of information system is to
get the right information to the right people at the right time in the right place and the
rig ht format.
This chapter will discuss the concept of information systems and its influence on
organizational performance.
After reading t h i s chapter, you will be able to:
Describe information system
E x p l a i n advantages of information systems
Explain information management
List components of information management
Describe the types of information system
Define a p p l i c a t i o n architecture
State the impact of IT in various fields
1 . 2 I n f o r m a t i o n Systems
An information system assists the process of storing, evaluating, collecting, retrieving,
and manipulating data. Each of these processes organizes the information in a
structured and relevant manner. These systems obtain raw data from the user and
transform it into formal information. The growing need for automation makes
information system an efficient alternate. Data is stored in the database and is
processed or retrieved on the user's request. Information systems i n c l u d e the processes
mentioned in Fig. 1.2a.
Collect Store Retrieve Evaluate Manipulate
Fig. 1.2a: Processes in Information Systems
Collect
It includes the process of collecting data from the user or other systems. Data
should be collected in a structured format in order to maintain its integrity.
Store
The second process includes retaining data in a storage unit. It captures data and
allows the user to retrieve it from the storage unit for data m a n i p u l a t i o n .
Retrieve
The retrieval process is used to obtain data from the storage unit. If the user
requests data or needs to manipulate it, it should be obtained or retrieve from a
data source such as a database.
Evaluate
The process of checking the data format is necessary. Data validation is done to
store it in a structured format in to the data source. It checks or converts data to a
prescribed format using certain constraints or syntax used to generate reports.
Manipulate
After data validation, the structured data is stored in the data source. On the
user's request, the data is then retrieved and manipulated using Data Manipulation
Language ( D M L ) .
Thus, the information system captures data and provides quick response to the
customers in business. Information management assists in managing data integrity
t h r o u g h o u t the organization's processes.
Advantages:
Data and services are available 2 4 x 7 without interruption.
Information systems have reduced labor charges.
Communication is made accessible to every corner of the world.
It provides spontaneous organizational growth.
It creates a virtual organization of business partners, linked by the Internet or
extra net.
Disadvantages:
The process of implementing and maintaining information systems is expensive.
Growing impact of information technology in various fields causes the threat of
privacy breach t h r o u g h computer attacking, email hacking, p h i s h i n g , etc.
It creates job insecurity and requires constant updates on emerging tech no log ies.
1.3 M e a n i n g of Information M a n a g e m e n t
Information management assists in organizing and managing data used by information
systems. The data collected by information systems are organized in a structured and
formal m a n n e r so that it is used by other systems and sub-systems. The organizational
structure also plays a major role in information management. It controls the information
structure and its delivery.
Information includes both digital and physical data. The method through which
information is stored by the organization plays a major role. Thus, it is important to
select an effective method to handle data. Retrieval of information should not be tedious
and should be a v a i l a b l e to the user easily.
Information management is applied using different software available in the market.
Software Examples
System software Windows, Unix, Linux
A p p l i c a t i o n software MS-Office
Personal productivity software MS-Word, MS-Excel
M u l t i m e d i a software Dreamweaver, Adobe Photoshop
C o m m u n i c a t i o n software Microsoft Lyne
Database m a n a g e m e n t software Oracle, MS-Access, SQL
Programming language Java, .NET, C, C + +
Table 1.3a: Examples of Information M a n a g e m e n t Software
Advantages:
It leads to better organizational planning and controlling.
It assists in generating reports for mid-level authorities in a n organization to study
the business status.
It automates every business process which reduces manpower to a certain extent.
It helps to make effective decisions for better organizational m a n a g e m e n t .
It reduces occurrence of data redundancy in data source.
Disadvantages:
It requires constant monitoring of services on each department in an o r g a n i z a t i o n .
It needs to m a i n t a i n the quality of information management at regular intervals.
It requires users to update regularly the knowledge of emerging new technologies.
It requires risk assessment procedures to predict the occurrence of any illegal
activities.
1 . 4 C o m p o n e n t s of Information Management
Information management requires several components to maintain the integrity and
accuracy of data. These components act either directly or indirectly to manage formal
data. Listed below are the components that are necessary for effective information
management.
Communication
Systems
Fig. 1.4a: Components of Information Management
Computer Hardware
It refers to a combination of peripheral devices combined to form a computational
system. It helps to collect and present data to the user and it also assists in data
storage.
W,eb cam
Monitor
CPU
0 IIS4)c.tkc,
Central Processing Ul'llt (Mult medlb l(it)
1 1
t;t fl
1'!
:
1f: 53
' ; I
"
I
-
i \ L:)
Keyboard " Mouse
Printer
l .tptop
SG!nrer
Zip Drtve
Fig. 1.4b: Computer Hardware
Computer hardware comprises input device, output device, processing unit, memory
storage, and transmission media. The input device obtains information from the user or
other systems, for instance, keyboard, mouse, scanner, etc. Output devices d i s p l a y the
results or information that is necessary for the user, for instance, monitor, speaker,
video camera, etc. The processing unit manipulates data and produces results according
to user requirements. Data in computers is stored using tables. A collection of tables is
called a database. Data can also be stored in external and portable storage devices such
as, pen drives, z i p drives, external hard disk, etc.
Computer Software
Software is a set of instructions that instruct computational systems about the task to be
performed. Software is developed using programming languages such as, C+ + , JAVA,
. NET, etc. Listed below are two categories of computer software.
System Software
It assists in efficient functioning of hardware components. It acts as a mediator
between hardware components and the user. The user instructs the hardware
components through system software like device drivers, utility programs,
operating system to complete a specific task. Operating systems act as a basic
platform upon which other software works. User instructions pass through the
operating system w h i c h in turn informs other components about the task at hand.
A device driver mediates the information between an operating system and
hardware.
Application Software
It assists the user to perform a specific task using various application packages,
such as word processing software, spreadsheet application, scientific software, and
database a p p l i c a t i o n . It is broadly classified into two types.
o Custom-built Software
Software built using programming languages or other software a p p l i c a t i o n is
called custom-built software. It is used to perform or automate a specific
task in an organization. For instance, educational software, computerized
billing system, etc.
o Packaged Software
Software designed by an authority and available to use on purchase is called
packaged software. For instance, MS-Word, MS-PowerPoint, Matlab, Scilab,
etc.
Communication Systems
These are hardware components that assist in information flow among processes or
users to complete a specific task. Data in a database is stored in a d i g i t a l format ( l s and
Os) but communication devices recognize data in electrical signals. Some examples of
communication devices are repeater, hub, coaxial cable, etc.
Repeater Coaxial Cable Twisted Pair Cable Fiber Optic Cable
Fig. 1.4c: Communication Systems
The digital representation of data changes to electrical signals before transmission.
Based on the types of communication, communication hardware is selected. For
instance, a h u b is used to connect different systems for communication; repeater is used
to repeat the signal strength, and cables help in electrical data flow among systems. In
case of wireless transmission, the air, waves, transceiver, and receiver act as a m e d i u m
in c o m m u n i c a t i o n systems.
Database
Information systems collect data in a digital form ( l s and Os). T h e collected data is then
stored in a repository u n i t called database. A database is a collection of tables and each
table holds u n i q u e information about an identity. Data cannot be stored directly into the
database.
Fig. 1.4d: Database Transaction
It is important to denote the database structure using Data Definition Language (DDL).
The data stored in a database undergoes manipulation on the user's request. It can be
done with the help of Data Manipulation Language (DML). Some of the software that
assists in working with database is SQL, PL/SQL, ORACLE, MS-Access, etc. Database is
broadly classified into two categories.
Analytical Database
The contents of t h i s database are static and restricted from modification. The user
can only view the information contents of this database. For instance, contents of
E-Shopping websites are available to the user to view, but they cannot modify its
contents. Complete availability of primary information is available to the user.
Operational Database
The contents of this database are dynamic. They are programmed to update
automatically at regular intervals. The user may or may not have rights in
modification. For instance, online live cricket scores on websites are stored in
operational database which updates automatically.
Organization Structure
Technical officials like database administrators, data analysts, information security
specialists, program me rs and developers play a crucial role in information system. The
effectiveness of information system depends on the format of accessing and retaining
data. A central authority is needed to supervise data usage methods in the information
system. Data integrity and confidentiality should also be considered.
1 . 5 Types of Information Systems
Information System assists in managing the data storage and data flow. They support in
effective organizational functioning, assist in decision making, provide a statistics on
profit and loss, and maintain employee details which aid the organization in day-to-day
activities.
Fig. 1.Sa: Types of Information Systems
Executive Information Systems (EIS}
It retains top position in the pyramid model of information systems. It provides
details to the top management of an organization without the help of mediators.
The senior executives obtain data using this system to meet strategic objectives.
EIS Software
Components
Executive Workstation Corporate Database
Fig. 1.Sb: Executive Information Systems
This information system provides an external view about the status of a business
and assists in decision making. Data is distributed throughout the organizational
network. It allows the user to transform data into a structured format and
generate reports for quick review. It also provides accurate and timely details of
an o r g a n i z a t i o n . The system needs to adapt to the c h a n g i n g business environment
and government regulations.
Advantages
o It helps to achieve organizational objectives.
o It allows the user to use external data.
o It uses both hypertext and hypermedia details.
o Q u a l i t y of communication and management are attained easily.
Decision Support Systems (DSS)
Every organization at a particular stage requires decision making. DSS is used to
h a n d l e and perform this task effectively. It is used among business executives or
the same level of workers who use data like summary information, exceptions,
patterns and trends. Some DSS' that assist in decision making are Computer
Supported Co-operative Work, Financial Planning Systems, etc. This system
obtains a large pool of data from the lower level systems w h i c h acts as a decision
parameter.
DeciSion Support
Systems
Input Output
Fig. 1.Sc: Decision Support Systems
It converts raw data to formal information. Organization documents and employee
knowledge are transformed to a proper data format. In collaboration with expert
systems and artificial intelligence, decisions are made effectively. DSS are broadly
classified as model-driven and data-driven model. In m o d e l - d r i v e n , a prototype is
created for a limited set of data and in data-driven model decisions are made
through analyzing massive data from databases.
Advantages
o It helps to improve interpersonal communication.
o It assists and supports the decision maker's j u d g m e n t .
o It assists in learning the effectiveness of currently implemented systems.
o The economy of an organization is carefully monitored.
Management Information Systems (MIS)
This system acts as an intermediate among other system levels and also assists in
smooth management of an organization. The output of this system is used by
middle m an a g e r s to compare current results with the previous term. It manages
data and obtains prospective organizational information. Several sub-systems are
integrated to form a unified MIS. The information flow among sub-systems should
be easier. The information is also used by DSS for effective decision m a k i n g . Some
examples of MIS are Sales Management Systems, Management Reporting
Systems, etc.
Advantages
o It is used to measure performance of organizational p l a n s and policies.
o It helps to m i n im iz e information overload.
o It assists in better management of organizational controlling and planning.
o Communication and information sharing among departments are
accomplished easily.
..
Fig. 1.Sd: Management Information Systems
Knowledge M a n a g e m e n t Systems (KMS)
KMS, alternatively called Professional Support Systems (PSS), is exclusively
designed to assist a unique profession. With the help of this system, review of a
particular task is done efficiently. The system first creates data sets from the data
source. The data sets are then captured using data mining models and relevant
knowledge is obtained. This knowledge is then s u b se q u e n t l y organized to a
standard format and communicated among workers.
Create Organize
Fig. 1.Se: Knowledge Management Systems
For instance, Feedback System assists in gaining the past knowledge from the
user about a product or service. This is then used further to enhance or m a i n t a i n
the effectiveness of the system.
Advantages
o It trains employees within short durations with the help of past occurrences
of threats.
o It reduces training cost and provides high job q u a l i t y .
o It assists in avoiding redundant work.
Transaction Processing Systems (TPS)
It assists in effective management of transaction information among systems. It
supports the tasks of bottom level organizations in performing basic transactions.
The speed of TPS depends on how information is available on data source. For
instance, in Reservation Systems the user obtains data from database about train
details and reserves a ticket which is in turn stored in database.
Oleots
@!!!!!!I .
Bi------ ]
Database
Fig. 1.Sf: Transaction Processing Systems
TPS helps in quick processing of transactions. Failure of a single transaction
occurrence causes damage to another. Thus, disaster recovery is of great
importance in T P S .
Advantages
o Recovery of data from a database after a system or network crash is easier.
o Hiding sensitive data from users can be done easily.
o It supports concurrent operations.
1 . 6 A p p l i c a t i o n Architecture
A p p l i c a t i o n architecture provides a standard format for information flow among different
systems or a p p l i c a t i o n s . Any process or system communicates with the other to achieve
a specific task. A universal structure is to be followed to share information which is
implemented t h r o u g h application architecture.
The framework for information flow among application systems is described in the
following Fig. 1.6a.
User Interface Components
User Interface Process Components
Data Access Service
Components Gateways
Data Source Services
Fig. 1.6a: Application Architecture
The user interacts with the application system with the help of interface components.
These components are hardware devices that assist the users or a p p l i c a t i o n programs to
instruct the system on data manipulation and retrieval. Based on the interface
components, processes are generated and each process enters into relevant service
components.
The service components interact with the information system in-depth with the help of
the service interface, which interacts with other components of the information system.
If the user requires data retrieval, the service interface allows the user to interact with
the data access components. The user is then redirected to other service components for
a d d i t i o n a l tasks t h r o u g h sub-systems.
Data access components allow data flow between the user and the data source. User
retrieves data for viewing and manipulating whereas, sub-systems request data to
perform data filtering. It is applied through database languages such as Data Definition
Language (DDL) which defines database structure, and Data Manipulation Language
( D M L ) which is used for processing or manipulating data.
Third party components involved in application architecture are communication,
operation management and security. Communication is necessary among information
systems and users to assists data flow. Systems and sub-systems communicate to
perform a task successfully. Operation management is crucial manage or organize
a p p l i c a t i o n system functions.
Data that flows among systems and sub-systems are sensitive and should be protected
from unauthorized access. Thus, information security management plays a crucial role to
m a i n t a i n the confidentiality of data. It should also protect the o r i g i n a l i t y of d a t a .
Application Mo deling
The method in which a p p l i ca t i o n systems are made available to the user denotes
application modeling. It also provides a detailed description of each task. It is
categorized into three types.
Application Modeling
Conceptual Modeling Logical Modeling Physical Modeling
Fig. 1.6b: Application M o d e l i n g
Conceptual Modeling
It includes details about application capabilities for each application domain and
lists the objectives that are necessary to develop it. The principles that are
necessary for d e s i g n i n g the application are included under t h i s m o d e l i n g .
Logical Mo deling
This modeling defines the actual way of implementing application systems. It helps
to apply low level abstraction to a group of functions or services and describes
them in d e t a i l .
Physical Modeling
It i n c l u d e s the method of exact implementation or deployment of a p p l i c a t i o n and
also briefs its technological dependency.
Application Patterns
Listed below are some of the application patterns available for efficient information
management.
Extended Enterprise: it includes a business process that assist in managing
a p p l i c a t i o n systems, programs, users, etc.
Bulk Processing: it assists in managing systems, users and programs that are
large, in a m o u n t .
Information Aggregation: it helps to integrate multiple records and assist
systems to present data to users.
Event Centric: it integrates several systems that change with respect to time.
The output is decided only at a particular event in time.
Pipe and Filter Architecture: it helps in incremental processing model where
s i m i l a r processes are grouped and developed together.
1 . 7 Impact of Information Technology
T h e advancement of Information Technology (IT) caused tremendous achievements in
various fields. Computer generated systems work efficiently when compared to
traditional process. It maintains integrity and confidentiality of data. Data redundancy
never occurs with these systems. Few IT advancements on various fields are listed
below:
Fig. 1.7a: Impact of Information Technology
www.itmuniversityonline.org Page 2 1
Organization
Day-to-day organizational activities, such as decision making, evaluating risks,
communication, etc. are easily maintained. Reports are generated efficiently for
reviewing the status of the organization. Advancement of IT eases organization
management. Handling data, monitoring departments, protecting unauthorized
access, and securing sensitive information of the organization have become
effortless.
Society
Facilities such as, automatic traffic control, Global Positioning System (GPS),
advancements in nanotechnology, artificial intelligence, cloud computing led to
drastic change in the IT sector. Its inclusion in other fields is an added advantage.
For instance, E-Voting supports citizens to vote at any time in any place with high
portability.
Government
Bulk stacking of physical data causes space consumption and cannot be
permanently d i s c a r d e d . Thus, with the help of database concepts like data mining
and data warehouse, data is managed and maintained effectively. The problem of
redundancy never occurs. Computerization or automation of every task facilitates
the government to hand le data efficiently.
Education
Video lectures, eBook and multimedia applications transform learning into a fun
activity. Virtual classroom and flipped classroom is a boom to the education
industry. Lessons designed with multimedia applications make an interactive
approach to learning and increases the learners' interest.
Medicine
Virtual software is used to test the effectiveness of a drug, rather than testing
physically on humans. The change in molecules and compositions are easily
performed and tested before actually implementing the d r u g .
Engineering
A prototype is created for a product using Computer Aided Design (CAD) to test
its feasibility, before actually manufacturing it. If the prototype is acceptable, the
01. I n t r o d u c t i o n to In form a tion Systems eBook
product is manufactured, else a new prototype is made . Since more effort is
required to create a model and reframe it, CAD reduces the effort and cost.
1 . 8 Chapter S u m m a r y
Information system assists in the process of collecting, storing, evaluating,
managing, and processing data.
Information system leads to automation of every process of an organization.
Structured and formal data are collected through information systems.
Information i n c l u d e s both d i g i t a l and physical data.
The components of information systems are computer hardware, software,
communication systems, databases, and organization structure.
Hardware is a physical component that assists in creating a computational system.
Software is set of instructions that inform other information components about the
task.
Communication system assists in effective data flow among systems.
Database is a repository collection of tables and each table holds a unique data
about an entity.
O r g a n i z a t i o n a l structure plays a crucial role in information systems.
Information system is of five types: Executive Information Systems (EIS),
Decision Support Systems (DSS), Management Information Systems (MIS),
Knowledge Management Systems (KMS), and Transaction Processing Systems
(TPS).
Application architecture consists of components, such as User Interface
Components, User Interface Process Components, Service Interfaces, Data Access
Components, Service Gateways, Communications, and Operation Management and
Security.
Application modeling comprises of three types such as, conceptual modeling,
logical m o d e l i n g , a n d physical modeling.
Conceptual modeling describes application capabilities, objectives and principles.
Logical modeling defines the actual way in which information systems are to be
implemented.
Physical m o d e l i n g details technological dependency of an a p p l i c a t i o n .
Extended Enterprise, Bulk Processing, Information Aggregation, Event Centric,
Pipe and Filter Architecture are some of the application patterns.
Software
Systems: Models
a n d Architecture
02. Software Systems: M o d e l s a n d Architecture eBook
2 . 1 Introduction
Software is a set of information that instructs the users, computational systems or other
software components about the task to be performed. Software is developed using
various programming languages and its effectiveness is based on standards used for
designing. The development stages for software are proposed in the Software
Development Life Cycle (SDLC) model.
This chapter lists different types of models that are used for software development and
aids developers in selecting the most appropriate models based on their requirements.
Software architecture defines the overall structure of the software and states the
method of d e s i g n i n g software and arranging its components.
Software architects should possess appropriate design skills and hands-on experience in
distinguishing the models according to user requirements and software components.
They need to be aware of various models and architectures available for software
development.
Define software system
E x p l a i n Software Development Life Cycle (SDLC)
Classify different life cycle models
Describe software architecture
O u t l i n e the role of software architect
D i s t i n g u i s h architectural patterns
2 . 2 D e f i n i n g Software System
A system is defined as, A set of independent components combined together to
form a unified system. Each system has its own structure and boundary. Its
effectiveness depends on the behavior of the surrounding environment. Data flows in
and out of systems and each system communicates with the other systems to perform
the computational task in an effective manner. Fig. 2.2a depicts the structure of a
system.

Environment

System

B o u n d a ry

Fig. 2.2a: System
A software is defined as, A set of instructions that instructs the components of
the system about the task to be performed. It commands and controls the
functioning of systems. It helps in data management, security implementation, threat
analysis, communication, data presentation, data sharing, etc.
Software is broadly classified into two types. These are depicted in Fig. 2.2b.
Fig. 2 . 2 b : Types of Software
Application Software
It is designed using high level programming languages. It assists users or any
computational device to perform a specific task. Some of the examples for
a p p l i c a t i o n software are MS-Office, Adobe Photoshop, Antivirus, etc.
System Software
It helps in efficient functioning of computational devices and supports in
communication and data sharing among these devices. System software acts as a
mediator between users and hardware components. Windows, UNIX, Linux,
Solaris, etc. are some examples of system software.
A software system is defined as, A collection of software that builds a system
with its own behavior and boundaries. Input is obtained from users or other
systems and is processed and manipulated using software. The processed result is
displayed through any hardware components. Fig. 2.2c is an illustration of a software
system.
+ -
-
Fig. 2.2c: Software System
Components of Software System
Software systems are implemented and maintained through the components mentioned
in Fig. 2.2d.
Operating System Utility Program
Device Driver
Fig. 2.2d: Software System Components
Operating System
It is a basic platform upon which other programs or software is executed. It also acts as
a mediator between a user and hardware. Users invoke the instructions which are
transferred to the hardware components using operating systems. It communicates
through machine level language (ls and Os). Windows, UNIX, and LINUX are some
examples of operating system.
Utility Program
It helps users to m a i n t a i n the system and supports efficient functioning of the operating
system. Antivirus, Hex Editors, and Boot Loader are some examples of u t i l i t y programs.
Device Driver
It supports hardware components to perform their tasks. It acts as a mediator between
the operating system and hardware components. The operating system carries user
controls and interacts with the hardware through device drivers.
2 . 3 Software Development Life Cycle ( S D L C )
Basically, machines communicate in machine level language. To ease the process of
coding for developers, software systems are developed using high level languages such
as, Java, . NET, etc. This code is later converted to machine language. ISO/IEC 12207
standardizes the process of developing software. Software Development Life Cycle
(SDLC) denotes the steps to develop software. It helps to create, develop, test,
implement, and m a i n t a i n a software system.
There are six stages that should be followed for effective development of a software
system. Fig. 2.3a depicts the diagrammatic representation of software development
process.
Fig. 2.3a: Software Development Life Cycle (SDLC)
Stage 1: Analyze Requirements
The most important task in software development is analyzing requirements. Hence,
developers need to study and analyze the requirements of the users in detail. These
requirements need to be documented accurately.
Stage 2 : Define Requirements
User requirements are tested for economical and technical feasibility. Feasibility study
defines the most effective way to implement the software. Economic feasibility describes
the overall cost required for the development of software. Technical feasibility study
denotes the technical requirements such as flexibility of programming language, nd
a v a i l a b i l i t y of staff, and computer resources.
Stage 3 : Design
The selection of the software design models and architectures is based on the
requirements defined in the previous stage. Every model and architecture has its own
advantages. It also includes the development of data source, d e s i g n s database schema,
proposes user interface, and selects implementation methods. The conceptual schema is
designed and converted to a relational database model.
Stage 4 : Code
The user interface and database schema are transformed to operational mode using
programming languages. The connection among interface and schema are coded using
high level programming languages such as Java, C, C+ + , etc. The selection of the
language is done in the design stage. The database schema is actually implied on the
data source.
Stage 5 : Test
The software is tested for its effective performance. It undergoes two processes. The
first is verification, which states whether the software is designed in the correct format,
and the second is validation, which states whether the right software is designed.
Software testing tools are used to test the software. Each took has its own unique
testing methods.
Stage 6 : Implement
After testing the software for its accuracy, it is deployed in the market. Various business
strategies should be followed before implementing the software.
Stage 7 : M a i n t ain
R e g u l a r maintenance and feedback is necessary to maintain the q u a l i t y of the software
in accordance with emerging technologies.
2 . 4 Life Cycle M o d e l s a n d Methodologies
SDLC models define a standardized format for designing software. There are different
types of models and methodologies that can be selected based on the requirements and
feasibility study of the software. Each process model follows a series of steps u n i q u e to
its type. Fig. 2.4a depicts some of the SDLC models.
V Model
Iterative Model Spiral Model
Waterfall Model Agile Model
-
Fig. 2.4a: SDLC Models
Waterfall Model
It is the first model that was implemented for software development. It is primitive and
follows a linear and sequential flow of control. The entire process of software
development is broken into sub-categories such as requirement analysis, system d e s i g n ,
system code, system test, deployment, and maintenance.
Fig. 2.4b: Waterfall Model
Requirement Analysis
The first step gathers requirements from the user. It is a crucial step since the
effectiveness of the system depends on user satisfaction. The requirements are
collected and documented carefully. A feasibility test is conducted to know how
effectively the software is developed. It includes both economical and technical
feasibility.
System Design
User interface is designed based on the requirements gathered from the first step.
Designing includes both front-end and back-end where, front-end denotes the
design of user interface screen and back-end denotes database schema. Thus,
using any h i g h e r level language the system is designed.
System Code
The schema developed in the above step should be converted to d y n a m i c format.
It should be coded with instructions that combines database schema and interface
screen to enable users to access the data in data source. It is ideal to code the
system using a high level structured and programming language to maintain
interoperability and robustness.
System Test
The fully operational system is tested for its efficiency. Testing verifies and
validates the systems' output. A system is segmented into smaller u n i t s , and each
unit is tested for its accuracy. There are different types of testing methods
available such as white box testing, black box testing, u n i t testing, stress testing,
etc. the testing method is selected based on the priority of efficiency needed.
Deployment
The fully developed and tested system is sold to the customer directly, or
implemented in the market for purchase. Deployment includes various background
business strategies such as obtaining patent or copyright, framing sub-partners'
agreement policies, tenure of usage, monitoring access rights of every customer,
training to customers on how to effectively use the system, etc.
Maintenance
The quality and standardization of a system is maintained through regular
feedback from the users. Faults may arise only after proper execution of the
system. These should be recovered immediately. The system should be closely
monitored for its flexibility towards emerging trends.
The control in this model steadily flows downwards resembling a waterfall. There is no
provision to loopback to the previous steps.
Advantages
It is ideal for smaller projects.
The model is s i m p l e and easy to implement.
Every task in the model is well departmentalized.
Disadvantages
Risk and uncertainty may occur in system model.
No working model is generated till the end of the life cycle.
It is difficult to i m p l e m e n t changes frequently.
Iterative Model
In iterative model, the requirements are initially gathered from the user and later the
software is segmented to smaller units. The software units are generated based on the
requirements and it is iteratively built before creating a final system. Each iteration acts
as a new version of the software unit.
Fig. 2.4c: Iterative Model
In Fig. 2.4c, the requirements are collected in the initial stage and the system is
generated in three iterations. The developer decides the number of iterations. As the
iteration increases, more requirements are met. A single iteration performs four tasks
namely, design, code, test, and deployment. The system unit undergoes a l l these tasks
and the output of first iteration is passed as an input to the next iteration.
The system unit undergoes the same tasks in the next iteration while verifying the user
requirements. The Iterative model can generate and update an entire system at each
iteration, or it can develop and design small system units iteratively.
Advantages
A working model is generated prior to the end of life cycle.
The analysis of risk is easier.
Parallel development of various closely related software units are possible.
Changing requirements of users are met easily.
Disadvantages
It requires more management and documentation for both old and proposed
versions.
Greater resources are required.
As project termination is not clearly predicted, it leads to risks.
V Model
The process of generating a software system in this model resembles a "V" shape. It is
also called as verification and validation model, since verification is done at one side
of "V" shape and v a l i d a t i o n to another. It is similar to the traditional waterfall model but
development and testing is done simultaneously.
Fig. 2.4d: "V" Model
The system in this model is designed in three phases namely, verification, coding, and
validation.
Verification
The verification phase includes requirement analysis, system design, architectural
design, and module design. The requirements are gathered from the user and
evaluated using acceptance testing design. The system d e s i g n includes planning of
the entire system, and the architectural design includes the o u t l i n e of each system
unit. The internal design for every module is listed in the module design plan. It
also decides the communication model among system units.
Coding
The schema generated in the verification phase is converted to a workable model
through coding. It is implemented using any high level programming language
that suites the proposed architectural design. The codes are reviewed and
optimized before final implementation of developed system.
Validation
This phase includes unit testing, integration testing, system testing, and
acceptance testing. Unit testing is performed on every system u n i t to check for its
accuracy. It e l i m i n a t e s the occurrence of lower level bugs. After the system units
are tested, it is integrated to form a unified system. The effectiveness of an
integration process is checked through integration testing, since a c o m b i n a t i o n of
system units may alter the behavior of the entire system. In the final stage, the
unified system is tested through system testing. The system output is checked for
accuracy t h r o u g h acceptance testing.
Advantages
It is a well structured and disciplined model.
It attains h i g h accuracy in small projects.
It is s i m p l e and easy to implement.
Every phase provides a reviewed and acceptable product.
Disadvantages
It is difficult to i m p l e m e n t in large projects.
After testing, changes to previous stages are difficult to attain.
No working model is generated till the end of the cycle.
Spiral Model
Spiral model is the combination of the traditional waterfall model and the iterative
model. Each task of the software development is sequentially layered and repeated until
it meets the user's requirements.

Cumulnt,w Con
2. Desion
3. """
System
Requirements ,
1. Requlr<ements '4. E&tlm;i,tlon
Fig. 2.4e: Spiral Model
The four major tasks performed in this model are,
Requirements
The requirements for the development of a software module are generated in
incremental format. In the initial step, the system requirements are obtained and
subsequently it i n c l u d e s requirements of sub-system, software units, etc. T h u s , at
each increment the developer communicates with the user to obtain detailed
requirements.
Design
In the initial stage, it includes abstract schema of the system and subsequently it
i n c l u d e s architectural design, logical design, physical design, and interface design
of the system.
Code
The coding of software units are done spirally, and at each spiral the developer
obtains feedback from the user. Thus at the final spiral the user requirements are
achieved at a h i g h rate.
Estimation
It involves risk analysis procedures and estimates the performance of the software
through customer's feedback. The entry of software to the next iteration depends
on the feedback provided by the customer. If any changes are required in the
module, it is made at next iteration.
Advantages
It helps to attain h i g h user satisfaction.
Users can predict the outcome of the system.
Since the systems are segmented, it assists in early development of critical u n i t s .
Disadvantages
It requires more managerial tasks and is not recommended for s m a l l e r projects.
It needs extensive documentation for every intermediate task.
The end of the projects is not explicitly predicted, as the spiral may go on
indefinitely.
Agile Model
The entire activity in a software system is divided into fragments and allotted a time
frame. It passes on iteratively and achieves each activity within a given period. The
working model is delivered at the end of an individual iteration in order to test its
accuracy. At the final iteration, all the user requirements are met. This model is flexible
and adapts to c h a n g i n g users' requirements.
Fig. 2.4f: Agile Model
Since a working model is released at every phase, it enables better c o m m u n i c a t i o n with
user. If a user requires any changes, it is achieved at the next phase. This model
requires maximum user interaction, since at every iteration end the working model is
transferred for user acceptance. This model responds to every change a user specifies
and q u i c k l y adapts it at any stage.
Advantages
It is suitable for c h a n g i n g user requirements.
It is flexible to the needs of the developer.
It is easy to implement.
Disadvantages
It requires h i g h management control.
Its effectiveness d e p e n d s on customer's interaction.
It requires more documentation and different teams handle different iterations.
Thus, it requires cross-training.
2 . 5 Role of Architecture in Software Development
An organization models the outline for a system and decides the format of
communication and relationship among its components with the environment. It also
includes the protocols for its design and implementation.
According to the definition by IEEE STD 1471-2000, Architecture is defined by the
recommended practice as the fundamental organization of a system, embodied
in its components, their relationships to each other and the environment, and
the p r i n c i p l e s governing its design and evolution.
Software architecture includes the design framework of a software system along with
the properties and relationship among its units. It contains the communication model
among the software modules, and the output structure for every u n i t .
According to the definition by L. Bass, P. Clements, R. Kazman, The software
architecture of a program or computing system is the structure or structures of
the system, which comprise software elements, the externally visible
properties of those elements, and the relationships among t h e m .
S o f t w a r e architecture includes the algorithms and data structures that are implemented
for the effective development of software. It decides the protocols for communication,
synchronization, and data access.
Software architecture decides the following four components of software which are
depicted in Fig. 2.sa.
Software Components
Structure
Communication
Non-functional
Requirements
Abstraction
Fig. 2 . S a : Software Components
The architecture decides the structure of the software. Software consists of a set of co
related components such as objects, modules, or units. The object oriented design is
implemented through responsibility-driven design which is used to specify the key
components in architecture. It uses certain informal tools to implement object oriented
design.
Since software is designed in a segmented format, the architecture specifies a standard
for communication among sub-systems. These systems are at different locations a n d
can be invoked with various techniques.
Architecture includes three non-functional requirements. These are technical
constraints, business constraints, and quality attributes. The technical constraints
include the limitations related to technical resources such as programming language,
database software, etc. The restrictions related to business strategies falls under
business constraints. The quality attributes includes principles like performance,
scalability, flexibility, robustness, etc.
The architecture helps to create abstraction hierarchy in the form of information hiding
and data a v a i l a b i l i t y for different users. It decides data access rights for users based on
which the data availability is also scaled.
Architectural Views
There are four ways to describe and view software architecture. These are depicted in
Fig. 2.Sb.
Architectural View
Logical View Process View Physical View Development View
Fig. 2.Sb: Architectural Views
Logical View
It defines the architectural elements and its relationships. The structure is
designed t h r o u g h class diagrams.
Process View
It describes the concurrency operation among systems and the communication
types such as synchronous, or asynchronous.
Physical View
It decides the abstract view of the application programs or hardware components.
Development View
It denotes the internal structure of the development process. For instance, to
select the rig ht Java package to implement a specific task.
Role of Software Architects
Software architects should have strong design skills and should be able to perform
sound software engineering practices. They need to perform various roles. Some of
them are listed below.
Software architects act as a link between customers and technical team members.
They assist in d e s i g n plan, cost estimation, and decision m a k i n g .
They manage the communication with stakeholders.
They are responsible for selecting third party components and technologies.
Software architects perform risk identification and evaluation t h r o u g h the software
available in the market.
2 . 6 Types of Architectural Patterns
Architectural patterns suggest the framework for interconnection among systems. They
provide the design styles to connect sub-systems and enable communication among
them. Users can select the most suitable architectural plan based on their need. Fig.
2.6a lists some architectural patterns.
Fig. 2.6a: Types of Architectural Patterns
Client-server Architecture Pattern
This architecture is also called two-tier architecture. It includes several hosts
called clients. These are connected to a central authority termed as server t h r o u g h
communication media. The client requests server for data access or data
manipulation. The server is responsible for every activity over the network. It
provides the clients with the necessary output. For instance, the web browser acts
as a client that requests the web server for data. The web server replies back to
the web browser with the data.

Database Database Database
Server Server Server
Database Database Database
Server Server Server
Fig. 2.6b: Client-server Architecture Pattern
Layered Architecture Pattern
The process of combining similar tasks and forming distinct layers in an a p p l i c a t i o n
are proposed in layered architecture. Coupling refers to interdependency of layers
while cohesion refers to its robust structure. A good layered software design
should have less coupling and more cohesion. It helps to achieve abstraction in the
form of data hiding from unauthorized users. Since there are no dependencies
among layers, it can be reused or replaced easily without extensive configuration
changes.
User Interface
Application
Infrastructure
Fig. 2.6c: Layered Architecture Pattern
Object Oriented Architecture Pattern
The software components in this architecture are differentiated into reusable and
di s t i nct objects. Each object contains its own data and behaviors. The system is
viewed through a series of connected objects called class. Every activity in the
system is invoked by calling objects with the help of methods or members of a
class. This architecture creates well-structured, reusable, and easily explained
systems.
Fig. 2.6d: Object Oriented Architecture Pattern
Message Bus Architecture Pattern
It helps the applications to send and receive messages through one or more
communication media. Message Bus Architecture Pattern includes systems such as
message router, message queue, etc. It helps in processing complex operations by
segmenting it into smaller units and distributing it to other systems. It easily
combines applications that are designed using different types of software.
Flexibility and scalability are easily implemented through t h i s architectural pattern.
Users
Fig. 2.6e: Message Bus Architecture Pattern
Two or more patterns are implemented on different software units to make a complete
system. For instance, a Service Oriented Architecture (SOA) is laid with a c o m b i n a t i o n of
layered architecture and object oriented architecture.
A system is defined as a set of independent components grouped together to form
a unified system.
Software is defined as a set of instructions that guides the user, computational
system or other software components to perform a specific task.
Application software is designed using high level programming languages that
assist in performing specific tasks.
System software promotes efficient functioning of a computational system.
Software system is a collection of software that forms a system with its own
behavior and boundaries.
Operation system, utility program, and device driver are the components of
software system.
Software Development Life Cycle (SDLC) proposes standardized steps for the
development of the software.
Analyze and define requirements, design, code, test, implement, and maintain are
the stages involved in SDLC.
Waterfall model, iterative model, V model, spiral model, and a g i l e model are some
of the SDLC models.
Waterfall model follows a linear and sequential flow of control.
Requirement analysis, system design, system code, system test, deployment, and
maintenance are the steps involved in waterfall model.
Software is segmented into units and each unit is built iteratively in iterative
model.
V model is s i m i l a r to traditional waterfall model. However, here the developing and
testing is done simultaneously.
S p i r a l model is a combination of traditional waterfall model and iterative model.
Software architecture defines the structure of system and other software
components along with its properties and relationships among them.
Logical, process, physical, and development are four types of architectural views.
Architectural patters are categorized as client-server architecture, layered
architecture, object oriented architecture, and message b u s architecture.
Software
Systems: Design
a n d Development
C o m p u t e r I n f o r m a t i o n System
03. Software Systems: Design and Development eBook
3 . 1 Introduction
The process of d e s i g n i n g software using Software Development Life Cycle (SDLC) is a
critical task. The efficiency of its output influences other stages in SDLC. It is mandatory
for a software engineer to discern the design skills and be adept at various software
d e s i g n methodologies.
A software engineer needs to follow design guidelines despite the fact that design is a
creative task. The effectiveness of software not only depends on the method selected for
design, but also i n c l u d e s the design principles.
Designing software needs to generate solutions for a problem domain. The designer
plans, creates, devises, and implements the design according to user requirements. The
design plan acts as a blue print for further processes in software development. It is also
stated as m o d e l - b u i l d i n g that generates a prototype for a specific problem.
This chapter elaborates various design principles and methodologies that are basic
constraints for designing software. The economic feasibility is decided using a model
called Constructive Cost Model (COCOMO).
Define software d e s i g n plan
O u t l i n e the processes in generating design plan
E x p l a i n software d e s i g n levels
List software d e s i g n principles
Elaborate software design concepts
Categorize different methodologies of software design
E x p l a i n Constructive Cost Model (COCOMO) model
Demonstrate Data Flow Diagram (DFD) for any system
3 . 2 Software Design
S o f t w a r e design is a process of defining a schema for software, subject to constraints.
It influences further stages in Software Development Life Cycle (SDLC) and i n c l u d e s the
overall software structure with the interface through which a user communicates with
the software components. It helps to generate a solution for a software problem. A user
forwards the requirements that are to be achieved using different solution types. These
are considered as problem domain.
The design is predicted with a storyboard that depicts detailed information about
modeling or flowcharts to represent the flow of events. Unified Modeling Language
( U M L ) clearly proposes the method to define a software design plan.
A good software design is suggested by factors like occupying less memory size, and
reduced energy consumption. It should also achieve code compactness. The
effectiveness of d e s i g n depends on the application being developed. It should be simple
and easy to understand since poor design leads to wastage of money, time, and
resources.
A n u m b e r of d e s i g n p l a n s arise for a particular problem and the effectiveness of software
depends on the optimized design plan being selected and implemented. The selection
varies according to human cognitive skills. Different individuals may have their own
preferences in terms of the design. Hence, in order to attain a greater level of
satisfaction, it is important to have closer interaction with the users.
A design plan comprises solution in the form of modules with low coupling and high
cohesion. Coupling states the interdependency factor among two or more modules. The
m o d u l e s should be designed in such a way that there is m i n i m u m dependency with each
other. Cohesion refers to the strength or robustness of modules. The structure of the
m o d u l e should not collapse with the occurrence of any failure.
The design plan is generated by grouping similar tasks to form layers. This layered
model leads to better clarity as it can be independently reused and executed. Debugging
is easy. It also implements data abstraction.
Design Plan Process
The design plan is generated efficiently by meeting user requirements and developing
the plan in effective format. For a good software design plan, the processes should take
place in sequential order. The processes in a design plan are depicted in Fig. 3 . 2 a .
Clarify Requirements

Generate Black Box Model
Plan

wh.te Box Model

Validate Solution
Implernent
Design Plan
Fig. 3 . 2 a : Processes in Design Plan
Clarify Requirements
The outcome of an effective designing depends on the degree of meeting users'
requirements. Thus a designer should interact with the user to obtain their
requirements and carefully document it.
Generate Black Box Model
The requirements act as a base to create the black box model. Black box denotes
only the exterior structure of the software. It does not consider the structure of
internal components.
Plan White Box Model
Using the external structure obtained through black box model, the structure of
the internal components is designed. All the components or m o d u l e s are designed
through implementation of modularity and layered structured. It should include
h i g h cohesion and low coupling.
Validate Solution
The black box and white box model act as a solution for the software problem. It is
verified and validated to check the effectiveness of the plan. It is done either by
using any third party software tool, or by proposing the inactive d e s i g n p l a n to the
users for approval. In case the user needs any changes, a new d e s i g n plan needs
to be generated.
I m p l e m e n t Design Plan
After the approval of the design plan, it moves to the coding phase where the
static d e s i g n is transformed into a dynamic one.
Software design levels
The software d e s i g n p l a n s are developed in the three basic levels as shown in Fig. 3 . 2 b .
Software Design Levels
Architectural Level High Level Design Detailed Design
Fig. 3 . 2 b : Software Design Levels
Architectural Level
The design plan associated with this level defines the structure of the software
architecture. It proposes the outline format of software and does not depict the
internal structure of its components. It provides the highest conceptual version of
the system.
High Level Design
It briefs the components of the software architecture in detail and denotes the
relationship among them. The data flow among different components in the
software is discussed with mid-level abstraction.
Detailed Design
It includes both the architectural structure of the software and logical structure of
every m o d u l e within the software. It also denotes the communication path among
the modules.
Approaches to Software Design
Software is developed using various models and methodologies. These are selected
either on the basis of the user requirements, or the convenience of the developer. Fig.
3.2c depicts two approaches to design software.
Fig. 3 . 2 c : Software Design Approaches
Top-down Design
The software is initially treated as a single entity and then decomposed to achieve
two or more sub-systems or components or modules. Each module is again
treated as a system and further decomposition takes place. It resembles a
hierarchical or tree-like structure. This approach is recommended if the software
has to be developed from scratch, or only limited details are known for
development. The top-down software design approach is depicted in the example
illustrated in Fig. 3 . 2 d .
' draw_scene
draw_mountain
draw_sun
draw_leaves draw_branches
Fig. 3 . 2 d : Top-down Design Approach
Bottom-up Design
This process d e s i g n s the lower level components initially and later composes these
components to higher level components. The same level components are grouped
together, which in turn form the next higher level component. This happens
iteratively u n t i l it creates the desired software d e s i g n . It is suitable if any u p d a t i o n
is required in the existing system. The bottom-up software design approach is
clearly depicted with the help of an example in Fig. 3 . 2 e .
President and CEO
Voce Pre,.,dent Voce Prcodcnt
Slt!S f,nanc"
Con troll.,, Csh,.,,
Fig. 3 . 2 e : Bottom-up Design Approach
3.3 Design Principles
Software d e s i g n p l a n forms the basic platform for the development of the software. The
schema developed at the design phase acts as a proposal, based on which the further
stage of SDLC continues. Any flaw at the design stage can create inaccuracy in further
stages and leads to loss of resources, time, and money. Thus, for a good software
design, it is necessary to include design principles. These principles have been explained
below.
Principle 1: Alternative approaches
The design plan should not be a narrow vision. It is easy to accept any changes that
occur with emerging trends or increasing user requirements.
Principle 2: Loop is not created
The cost procured for labor, resources, etc. are very expensive. Thus, the design plan
should be checked thoroughly in the testing phase and comprise reusable components.
It should be possible to implement in other systems.
Principle 3 : Prior solution
The software d e s i g n generated should solve the problem domain up to a certain extent
before the final development stage. The distance between the final software and the
problem d o m a i n is m i n i m i z e d by achieving the solution prior to the end of the cycle.
Principle 4 : Uniform design
The style of generating a schema should be uniform for all the software components.
Thus, it helps in better understanding and debugging. The uniformity in integration is
essential in order to avoid any collision among different components.
Principle 5 : Well structured
The structure of the d e s i g n plan should be stable. Any changes or modifications made to
the existing plan should not collapse its schema as robustness is one of the the main
p r i n c i p l e s in d e s i g n i n g .
Principle 6 : Layered design
Every module in the software should follow a layered model that clearly differentiates
the processes. Similar processes are grouped together to form a layer. It helps to
achieve data abstraction and reduces interdependency among layers. The layers should
be designed with h i g h cohesion and less coupling.
Principle 7 : Represent model
The d e s i g n plan should act as a replica for the solution of a problem d o m a i n . It would be
more effective if the solution is virtually presented to the users. Here, changes in the
solution are achieved by simply modifying the design plan.
Principle 8 : M i n i m i z e semantic errors
The minute details in the design plan should be reviewed in detail. At times, missing a
m i n o r detail may make the software design inaccurate.
Principle 9 : Retain standard
The plan can be designed in different ways. But it is important to follow a standardized
format that helps to make changes and is easy to understand.
Principle 10: Completeness
The d e s i g n plan should contain all the information requested by users. Missing data may
lead to an incomplete design schema and this in turn leads to poor satisfaction. The
quality of the design plan depends on external and internal factors, where the former
denotes the features observed by users and the latter denotes technical features.
3 . 4 Software Design Concepts
Software design concepts act as a basic platform for designing software. Thus, a
software designer should know all the concepts mentioned in Fig. 3.4a before
effectively selecting the designing methods.
Abstraction
Refinement Modularity
Functional Software
Independence Architecture
Structural
Data Structure
Partition
Software
Control Hierarchy
Procedure
Information
Hidinq
Fig. 3 . 4 a : Software Design Concepts
Abstraction
It denotes the process of grouping similar tasks and relates closely to
encapsulation. It reduces the information content and retrieves o n l y the data that
is relevant to the user.
Modularity
The complete software system is divided into smaller components or u n i t s that are
called modules. The process of performing it is called as modularization. Similar
processes in a system are decomposed and grouped together to form a module. It
should possess h i g h cohesion and low coupling.
Software Architecture
It denotes hierarchical arrangement of modules and the relationship among them.
It specifies the system interface, user interface, and database schema along with
performance, reliability, security, etc.
Data Structure
It refers to the representation of data with its semantics. Data stored in the
database should include the constraints of data structure. The structure differs
based on the types of data such as text, image, video, a u d i o , g r a p h i c s , etc.
Software Procedure
It denotes the method of accessing and manipulating the software. It is a set of
instructions that assists in directing the manipulation control of each software
component.
Information Hiding
T h e process of hiding confidential information from unauthorized users or systems
is called information hiding. Each module should be designed in such a way that it
disallows access to its data from other modules. The necessary details should be
available for data sharing.
Control Hierarchy
It denotes control rank and data flow among software components. It does not
specify decisions and repetitions. It makes structure of data components visible
and lists connectivity among them.
Structural Partition
Decomposition of hierarchical system based on its common features state the
structural partitioning. The segmentation process considers only the structure of
the software and not its semantics. It is done either horizontally or vertically.
Functional Independence
Development of modules with zero or less interaction among components falls
under this concept. Modules do not depend on each other for its execution. It
should be layered clearly and possess very low coupling for good software d e s i g n .
Refinement
It is a process of elaborating functional statement that starts from abstract level of
the system d e s i g n and continues till it reaches programming l a n g u a g e statements.
It involves a l l the internal details of the components.
3 . 5 Software Design Methodologies
Software design refers to the method of generating a solution to a problem domain
considering user requirements as input. There are several ways to d e s i g n software and
each differs in the technique of presenting information. Fig. 3.Sa depicts the three
major categories of software design methodologies.
Software Design
Methodologies
Structured Design Object Oriented Design Function Oriented Design
Fig. 3 . S a : Software Design Methodology Types
Structured Design Methodology
It denotes departmentalization of a problem into well organized solution u n i t s . Due
to its structured format, it leads to better understanding and assists designers in
easy achievement of solution to a particular problem. It is similar to the "divide
and conquer" technique where the problem is decomposed and a solution is
achieved for each decomposed problem until it solves the entire problem domain.
Decomposed problems are also called modules. Each of it should possess two
major factors, low coupling and high cohesion. A good software design should
avoid dependency among software modules. Fig. 3.Sb portrays a sample
structured software d e s i g n .
\ \ I
\ \ I
\ \ I
\ \ I
\ -''-,-'
PROt..:lJREMENT
SALES TEAM LEADER TECH SUPPORT MANAGER PROJECT OFFICE
TEAM LEADER
USERS USERS ANALYST EXTERNAL QA
CONSULTANT CONSULTANT ANALYST/PROGRAMMERS CHANGE MANAGER
ANALYST -- ANALYST --1 TECH SUPPORT TRAINING SPECIALIST

1
I I
DBMS SUPPORT ADMINJSTRATOR
I I
I I
OPS ANALYST CLERK
I I
I I SECURITY ANALYST SECRETARY/TYPIST
I I I
I I I
I I I
L _J_ J
Fig. 3 . S b : Structured Design Methodology
Object Oriented Design
Every component or entity in the problem is represented in the form of objects.
For example, customer, bank, organization, etc. Every object consists of attributes
and methods that uniquely define it. Collection of well defined and s i m i l a r objects
is called class. It denotes the attributes of objects as variables, and functionality
as methods. It b u n d l e s the attributes and methods of an object and hides it from
unauthorized access through encapsulation. It is possible to inherit similar
properties of an object from different classes. The design process includes tasks
such as creation of solution prototype based on user requirements, identification of
objects, generation of classes, and creation of application framework. Fig. 3.Sc
portrays a sa m p l e object oriented design.
graphics
Fig. 3 . S c : Object Oriented Design Methodology
Function Oriented Design
In this design, the system is decomposed into smaller components or modules
which are called functions, where each function specifies a unique task. It is
similar to structured oriented design with "divide and conquer" technique. The
system provides only the top view for functions and hides sensitive data and
operations. The data or functions that are to be shared should be declared
globally. This d e s i g n is easily depicted through Data Flow Diagram (DFD) which
demonstrates the data flow among different functions. Fig. 3.Sd portrays a
sample DFD for a library management process.
SEARCH DETAILS
BORROWER
SEARCH REPORT
SORROWER ANO
LOAN REPORT
DUE INFORMATION
CHECKOUT DETAILS
LOAN DETAILS
BOOK/USER
REFERENCE
USER VERIFICATION REQUEST
REPORT
USER DETAILS
Fig. 3 . S d : Function Oriented Design Methodology
3 . 6 Constructive Cost Model ( C O C O M O )
Barry W. Boehm, software engineer, proposed an algorithmic software cost estimation
model named as Constructive Cost Model (COCOMO).
Before discussing COCOMO model in detail, it is important to know the three kinds of
software development modes. They are,
Organic Mode
Software developed using a well-structured application program falls u n d e r organic
mode. Here, the size of the project is relatively small and the developing team
works for s i m i l a r types of different software.
Semi-detached Mode
The software is developed by a combination of experienced and inexperienced
team members in a semi-detached mode. They have limited experience in
developing the software and not familiar with few of its components.
Embedded Mode
Software developed with the combination of hardware and software comes under
embedded mode. It is difficult to implement as compared to the organic and semi
detached mode.
Levels of COCOMO Model
The estimation of effort and time in software development using COCOMO model is
layered into three levels.
Basic COCOMO Intermediate COCOMO
Complete COCOMO
Fig. 3 . 6 a : COCO MO Levels
Basic COCOMO
It provides the approximate estimation of project parameters. The estimation is
obtained t h r o u g h following expressions.
Effort= a x (KLOC)"
Time to d e v e l o p = 2 . 5 x (Effort)'
where,
a, b, c = Constants depend on software development mode
KLOC= Kilo Lines Of Code
Effort = Effort in developing a software product. Unit is person months ( P M )
Time to develop = Time required to develop a software. Unit is months ( M )
According to Boehm, every line of source text is considered as line of code
(LOC). If the software has N lines, it is considered as N lines of code (NLOC).
The values of a, b, and c are given in Table 3.6a.
Modes c
Organic 2.4 1.05 0.38
Semi-detached 3.0 1.12 0.35
Embedded 3.6 1.20 0.32
Table 3.6a: Basic COCOMO Constant Values
Intermediate COCOMO
The basic C O C O M O model considers only LOC as a measurement metric. But there
are other components that affect the development time. For effective estimation of
software effort and project time, it is necessary to consider every possible
parameter and it can be implemented using intermediate COCOMO model. It
i n i t i a l l y uses basic COCOMO model and later includes cost drivers for its estimation
process. Listed below are three main categories upon which the cost drivers'
parameters are decided.
o Product: it includes project complexity, requirement specification, technical
requirements, etc.
o Personnel: it comprises staff experience, programming capability,
development capacity, designing speed, etc.
o Computer: it refers to storage space, retrieval speed, network capacity,
security i m p l i c a t i o n s , etc.
It uses the same formula of basic model but the value of parameter "a" differs.
Modes
Organic 3.2 1.05 0.38
Semi-detached 3.0 1.12 0.35
Embedded 2.8 1.20 0.32
Table 3 . 6 b : Intermediate COCOMO Constant Values
Complete COCOMO
The estimation in complete COCOMO uses program size, parameters of cost
drivers along with complexity rating such as, very low, low, nominal, high, and
very high. It differs based on the software type being developed and is set by the
project managers.
Cost Driver Rating Requirement Design Code Test
Very Low :, 1.35 1.35 1.50
Low 0.85 0.85 0.85 1.20
Personnel
Nominal 1.00 1.00 1.00 1.00
High 0.75 0.90 0.90 0.85
Very High 0.55 0.75 0.75 0.70
Table 3 . 6 c : Complete COCOMO Constant Values
3 . 7 Data Flow D i a g r a m ( D F D )
The pictorial representation of data flow among software components are clearly
depicted with the help of Data Flow Diagram (DFD). It visualizes the data processing
of the entire system and also portraits the data input and output of every components.
There exists wide variety of software that assists in developing DFD for a complete
system. Some of them are Microsoft Visio, SmartDraw, Lucidchart, etc.
D F D Components
Table 3.7a lists the components that are used to design DFD of a software system.
Table 3.7a: DFD Components
Process
It denotes the manipulation that is performed using data and also specifies the
operation type. It also specifies business constraints and decision m a k i n g process.
It is specified using a rounded rectangle divided into two. The u p p e r part holds the
process name and the lower part denotes the member function name.
Data Flow
It shows the direction of data flow among entities and processes. It is specified
using a directional arrow and the details about the data are indicated above the
arrow.
Data Source
It denotes the storage space of data. Data is retrieved or uploaded into the
database depending on the transaction being performed. It is specified using a
three sided rectangle shape.
Terminator
It is also called entity and denotes either source or destination of the data flow. It
either provides the data to the destination, or retrieves data from source
depending on the process being performed.
Fig. 3.7a depicts the context diagram for DVD rental system. The context d i a g r a m , also
called as Level O d i a g r a m portraits the external view of the system.
CUSTOMER RENTAL DETAIL
REQUIREMENT GENERATION
RENTAL NOTICE COMPLETION
REQUIREMENT
BILL
Fig. 3.7a: Context diagram for DVD Rental System
Fig. 3.7b depicts the level 1 DFD for the DVD rental system that e x p l a i n s system's i n n e r
view. It can be further decomposed into smaller modules and each decomposed process
is specified with a new level.
cusmMER GENERATION
REQU[REMENT RENTAL DETAIL
COMPLETED REQUIREMENT
rNVOICE
PAYMENT DETAIL
INVOICE
OETAtl
BILL
Fig. 3.7b: Level 1 DFD for DVD Rental System
Advantages
It is s i m p l e and easy to implement.
It provides easy readability and clarity to the customers without need for any
technical knowledge.
It is a cost effective method to portray the entire functioning of the system.
Disadvantages
It becomes u n m a n a g e a b l e when the project size increases.
It is a time consuming process.
It does not specify physical constraints that are to be included in software
development.
Software design is a process to generate a schema for software components
subject to constraints.
The steps involved in design plan are clarifying requirements, generating black
model, planning white box model, and validating solution a n d implementation.
Architectural level, high level design, and detailed design are the three levels in
software d e s i g n .
Architectural d e s i g n defines the schema for the entire software structure.
High level design includes the designing of software components and relationships
among t h e m .
Detailed d e s i g n states both architectural and logical structure of software m o d u l e .
Software is designed using top down design and bottom u p d e s i g n approach.
Alternative solution, avoid loop creation, prior solution, uniform design, well
defined structure, layered design, virtual model, minimization of semantic errors,
retaining standard, and completeness are good software d e s i g n principles.
Abstraction, modularity, software architecture, data structure, software procedure,
information hiding, c o n t r o l hierarchy, structural partition, functional independence,
and refinement are the software design concepts.
Structured design, object oriented design, and function oriented design a r e three
software d e s i g n methodologies.
COCOMO stands for Constructive Cost Model is used for estimating cost and time
for software development.
Organic mode, semi-detached, and embedded mode are three types of software
development modes.
Three types of COCO MO model are basic, intermediate, and complete C O C O M O .
Basic COCO MO model estimates the effort and developing time of a software u s i n g
Lines of Code ( L O C ) .
Intermediate C O C O M O model estimates the effort and developing time of software
using L O C and cost drivers.
Complete COCOMO model estimates with the help of program size, cost driver
parameters, and software complexity rating.
The pictorial representation of data flow among software components are easily
depicted using Data Flow Diagram ( D F D ) .
Process, data flow, data source, and terminator are the components of D F D .
Database
Management
System
04. Database M a n a g e m e n t System eBook
4 . 1 Introduction
Database Management System (DBMS) is a collection of interconnected data and a set
of instructions to access this data. It helps to organize the data in a structured format.
In collaboration with the application programs, data is handled and manipulated on the
request of users. It assists users to create, manipulate, retrieve, organize, and update
the contents of database.
It also helps to achieve critical principles such as confidentiality, security, integrity,
atomicity, and uniqueness. DBMS provides stable storage and recovers data whenever
needed. Integrating concurrent processing technique with DBMS saves time and the
data can be accessed from remote places through distributed database.
Database management techniques have evolved from a specialized computer a p p l i c a t i o n
to a central component used by almost all organizations and hence, knowledge about
database systems has become an essential part for effectively hand l i n g data.
E x p l a i n file organization terms
Identify types of file
Describe traditional file processing and its shortcomings
E x p l a i n database approach to store data
Discuss components of database manager
List c a p a b i l i t i e s of D B M S
Classify database types
4 . 2 F i l e O r g a n i z a t i o n Terms and Concepts
Data is a set of values, either in qualitative or quantitative variables. Initially obtained
from the user in an unstructured manner, it is processed using various data models.
These processed data are stored digitally ( l s and Os) in the database.
Terminologies
The basic terms used in a file processing system are listed in Fig. 4 . 2 a .
Database
File
Fig. 4. 2 a : File Organization Hierarchy
Bit: it is the smallest u n i t of data, either 1 or 0.
Byte: eight bits combine to form a byte. For example 01110101 may be counted as
e i g h t bits or one byte.
Field: it is s i n g l e u n i t of information about an entity, for example, John Mayer.
Record: the collection of relevant fields makes a record. For instance,
101 John Mayer 88
Table 4.2a: Record
File: it comprises of collection of same type of records. For instance, Table 4.2b
illustrates the students mark details.
Roll No Name Marks
101 John Mayer 88
102 Alicia Orsen 87
103 Bree Aniston 94
Table 4 . 2 b : Student Marksheet File
Database: it is a repository collection of related files. For instance,
Database
Student
Teacher
Marksheet
S a l a ry File
File
Finance
Audit File
Fig. 4 . 2 b : Database
An organization can possess multiple databases as depicted in Fig. 4.2b. Data flow
occurs among tables and databases for effective completion of a transaction. Following
are the terminologies used to describe a data relationship and data flow.
Entity: t h i s denotes an i n d i v i d u a l or organization that participates or invokes in a
data flow. For instance, customer. It is denoted using a rectangular box.
Attribute: t h i s defines the features of an entity in detail. For instance, customer
address. It is denoted using an oval shape.
Key Field: this is used to uniquely identify a field on a table. Any sing le attribute
is identified as key field. For instance, customer name. It is denoted by u n d e r l i n i n g
the text.
Process: t h i s denotes the relation among entities or the reason for occurrence of
a data flow. For instance, borrows. It is denoted using a d i a m o n d shape.
Fig. 4 . 2 c : Entity Relationship Diagram
File Organization Methods
It comprises three methods for easy retrieval of a file from the database or any storage
devices.
Sequential
The files in this method are stored and retrieved in a sequential manner. It is
stored on devices like magnetic tapes. However, in case the volume of data to be
stored sequentially is large then it is difficult to handle.
Direct
Direct access to a file is possible using this method. The data is stored at a known
range of address. The address is calculated using key field applied to a
mathematical formula. It is very expensive and difficult to i m p l e m e n t .
Indexed
In this method, the files are organized based on the ordered key that uniquely
identifies a record. It allows a user to view the data through different logical
arrangement of records.
Types of Files
Files are categorized into eight types based on its usage and the content.
. - . .
Fig. 4 . 2 d : Types of Files
Master File
It is a very important file since it contains sensitive information about an
organization. It is categorized as static master file where the contents remain
same and dynamic master file where the contents changes frequently after every
transaction.
Transaction File
It is a temporary file that collects data about the invoked transaction and assists in
updating the contents of master file.
Table File
The data that is most frequently referred during transaction is loaded in the table
file. It is easy to maintain and conserves memory.
Report File
It is used as an instruction file that instructs the user or system when an
unexpected event occurs. It is created through a process called spooling. For
instance, if a print command is invoked without printer connection, the control is
spooled in the report file and presented to the user for appropriate action.
Backup File
It is a replication of master, transaction and table file that is created for safety. It
can be reloaded in case of any damage to the original file.
Archival File
It is similar to backup file and resides for longer period. It is difficult to retrieve
from the storage u n i t .
Dump File
It is a replication of a file that is temporarily created for q u i c k transaction. It gets
deleted automatically once the transaction is completed.
Library File
It contains application programs, software packages, utility tools, device drivers,
etc.
4.3 Traditional F i l e Processing
Initially, an attempt was taken to automate all the activities of an organization through
traditional file processing. Every task of a department is managed using individual files.
It provides better data management and generates reports easily based on user
requirements.
Fig. 4.3a describes the traditional file processing method used by a college
management system. Each activity in the management system performs operation
individually and uses flat files without any hierarchical relation. Account Processing,
Teacher Processing, and Student Processing are application programs that run
independently through this management system. Each program interacts individually
with the data resources. There is no collaboration or exchange of data among application
programs. If needed, a user may have to create an isolated program to achieve the
process.
Account
Teacher Student
Department
Fees Marks JD
Processing Evaluating Generation
Student
Fees Table Marks Table Personal_details
Table
Fig. 4 . 3 a : Traditional File Processing
Characteristics of traditional file processing:
Each activity in an organization has unique files.
Two different files do not collaborate with each other.
There is no hierarchical relation and each file is independent.
Files look disorganized when large data accommodates.
Increase in data quantity and exchange of data among departments causes problems in
traditional file processing. The former leads to a problem of data redundancy and the
latter leads to data inconsistency. Traditional file processing system is still in practice at
s m a l l organizations that cannot afford complex storage methods.
4.4 P r o b l e m s with Traditional F i l e Processing
The process of maintaining individual files for every activity of an organization is a
complex task. As the organization size increases with inclusion of new departments and
different activities, it becomes difficult to manage. The problems that occur d u e to this
method are listed in Fig. 4.4a.
Fig. 4.4a: Problems in Traditional File Processing
Data Redundancy
Every activity over a network holds unique files. Similar data is required at
multiple files for completing a transaction. This leads to its multiple occurrences
causing poor space utilization. Since different names for an entity occurs at
different files, it causes poor data control. For instance, name of the student in
FEES table is S_NAME and in PERSONAL_DETAILS table is N A M E .
Poor Sharing
Since files are isolated, data flow does not occur among files which lead to poor
data sharing. It is difficult to access the data of one file from another. In case if
any necessity arises, a creation of new file has to be made to capture that specific
activity.
Data Inconsistency
Multiple occurrences of data arise at different tables. Modification of a data
h a p p e n s at one file but they changes do not get updated in other files. This leads
to data inaccuracy. Traditional file processing does not support concurrency
process. For instance, if user A wants to deposit an amount to user B's account
and if the transaction fails in between, the amount is withdrawn from user A's
account but not deposited in user B's account.
Poor Standard
This system is less efficient and does not support complex data storage such as
g r a p h i c s , a u d i o , video, image, etc. As the data storage increases, the file structure
loses its organized format. Inclusion of any new activity in the management
system requires lengthy development process.
Data Inflexibility
Each file is developed and managed using different programming languages such
as C, C++, JAVA, etc. Incompatibility arises among file formats. If the system has
to be switched or installed in another location, it requires complex set u p .
Poor Maintenance
Files are distributed randomly without a central control. It leads to poor structure
and requires more maintenance to organize it. Occurrence of data redundancy and
inconsistency make it difficult to maintain the quality of systems.
4 . 5 Database Approach to Data M a n a g e m e n t
Database system helps to overcome the disadvantages of traditional file processing. It is
a repository collection of closely related logical resources. Database is a storage unit
that holds the data in a well organized manner. Instead of u s i n g isolated files for each
activity, a common database is created and shared throughout the entire process of an
organization. T h u s , data redundancy does not occur with database a p p r o a c h .
It is a collection of closely related records. It is also described as self explanatory data
since it holds description about the data stored in it. The users are not provided direct
access to the database. An interface is created through an application program that
helps the user to interact with the database contents.
Database Management System (DBMS)
Fig. 4 . S a : Database Management System (DBMS)
U n l i k e traditional file processing, DBMS does not provide direct access to the data in the
database. The end users interact with an interface designed through application
programs such as C, C+ + , Java, etc. This helps in achieving data independence. The
data availability constraints are stated through application programs using which the
data is filtered and presented to the end user. Database Management System
(DBMS) allows the user to change the data format such as defining a new structure to
the data base.
Components of Database
The components that assist in building a database are given below.
Columns: it refers to fields which stores similar type of data. For instance, Roll No
Rows: it refers to the data of a particular entity.
Tables: it is a logical collection of columns.
Column
102 Ah1a orsen 87
103 Bree Amslon 94
Fig. 4 . S b : Sample Table
Primary Key: any column that uniquely identifies an individual is considered as a
primary key. For instance, two individuals will not have same roll n u m b e r s .
Foreign Key: a foreign key is a column referential which is to be shared among
other tables.
Components of Database Manager
Database Manager assists in managing and organizing the data that are stored in the
data source. The structure of management differs based on the database used. The
components of database manager that assist in efficient data management are given in
Fig. 4.Sc.
Fig. 4 . S c : Components of Database Manager
Authorization Controller
A software m o d u l e acts as an authorization controller that checks the authorization
rights of every user who accesses the data from the data source.
Transaction Manager
This module monitors and assists the transactions or processes that take place
during data manipulation. It collaborates with authorization controller to check
user's access rights before performing a transaction.
Query Processor
Structured Query Language (SQL) manipulates data in a database using Data
Definition Language (DDL) which is similar to formal English language. Query
processor assists in converting this formal English language q u e r i e s to a database
u n d e r s t a n d a b l e format.
Integrity Checker
It helps in checking the originality of data before performing a n y operations on a
database. It also checks the integrity constraints that are defined w h i l e creating a
database.
Command Processor
The query processor transforms logical controls to command processor. Based on
the controls, the command processor transfers the action to other components.
Recovery Manager
In case of hardware or software failure, the recovery manager assists in
recovering the data and ensures that the damage has not affected the database
contents.
Data Dictionary
It is also called metadata which holds data about data that is stored in database.
The content of the database is automatically updated or altered. Any process in
database is performed only after consulting data dictionary.
Database Languages
Data structure and data operations are defined with the help of database languages.
D D L and D M L are two types of database languages.
Data Definition Language ( D D L }
It is used to represent the structure of a database. The constraints that are to be
followed while uploading to a database are defined in DDL. Some of the
constraints that are used in database are:
o Field Constraints: it denotes the range of values that a field can
accommodate.
o Referential Constraints: the data in a field is sometimes referred to
another data sources' field using this constraint.
o Authorization: it denotes the types of access that are provided to every
user to access data.
o Affirmation: it refers to the constraints that should always be satisfied
whenever data is uploaded in a field.
Data Manipulation Language ( D M L )
It assists users in performing several operations on data such as,
o Insertion of data into database
o Retrieval of data from data storage
o Deletion of data from data storage
o Modification of an existing data
4.6 C a p a b i l i t i e s of D B M S
Database M a n a g e m e n t System ( D B M S ) allows users to store and access the data in well
organized format. Replacing traditional file processing with DBMS has improved the
efficiency of data handling. Fig. 4.6a lists some of the factors that are achieved through
DBMS.
Less Confines Effective
Redundancy Access Rights Sharing
Stable Backup a n d
Integrity
Storage Recovery
Assist
Complex
Relation
Fig. 4 . 6 a : DBMS Capabilities
Less Redundancy
Unlike traditional file system where every activity possesses a file, the DBMS
stores data at an isolated location. User can access data through an integrated
interface designed using high level languages. Chances for m u l t i p l e occurrence of
a file are not possible.
Confines Access Rights
DBMS does not allow direct access to the data in database. Instead it uses an
application program which acts as a mediator between user and data. It is also
used to restrict users from accessing sensitive data without authorization. Data
abstraction is implemented easily using DBMS to protect confidentiality.
Effective Sharing
Data are stored in centralized location using DBMS. It assists in successful sharing
of data among different systems. Program compatibility is achieved with high
standards through DBMS usage. Thus multiple systems can easily access the
database.
Stable Storage
Data storage using DBMS is secure and persistent. Data creation, deletion,
alteration are possible only with central authority's approval. It assists in
authorized data access.
Integrity
With high security standards, the data originality is not lost. Data integrity is
maintained by storing database in a centralized location which reduces
redundancy. It assists in concurrent processing.
Backup and Recovery
DBMS promotes isolated data storage. It stores the data with high security and
retrieves only on users' demand. Retrieval of data at damage recovery is easy to
perform.
Assist Complex Relation
Some transactions require data from multiple data source. It includes complex
data grouping that is possible with the combination of logical operators and
Structured Query Language (SQL).
4 . 7 Types of Database
Database is categorized into three types based on the presentation and structure of
data.
Database
Relational Hierarchical Object-oriented
Fig. 4 . 7 a : Types of Database
Relational Database
In this database type, data are stored in the form of tables. Tables communicate and
share information that facilitates in data reporting, organizing and searching. The row
specifies the data of a particular entity and column or field specifies the data of s i m i l a r
type.
Roll No Name Marks
IDl John Mayer 88
ID2 Alicia Orsen 87
ID3 Bree Aniston 94
Table 4 . 7 a : Relational Structure
Comparison of data is easier, since similar data is stored in columns. Referential
constraint is used when a data of one source is referred by another. Complex relations
among tables can be formed using mathematical operators. Relational database uses
special languages such as Structured Query Language (SQL), for a l l o w i n g manipulation
over data on tables. Its collaboration with application programs helps users to manage
the data of an entire organization.
The advantages of relational database are data extendibility, high performance,
flexibility, security, and privacy.
Hierarchical Database
The data in this database is hierarchically arranged. It is similar to one-to-many
relationship and also resembles tree like structure, where it consists of one parent (root)
with one or more c h i l d r e n (nodes).
Department
Accounts Production Marketing
Fig. 4 . 7 b : Hierarchical Structure
It is used only in specific conditions within an organization where it requires reporting
from lower level to h i g h e r level department. It concentrates on information gathering in
a hierarchical m a n n e r .
Publisher JD Publisher Name location Number
Author ID Author Name Location Number
Book ID Book Name Location Number
Fig. 4 . 7 c : Hierarchical Database Schema
Fig. 4.7c shows a sample hierarchical database schema. It is clear that this database
leads to redundancy. For instance, a same author belongs to different p u b l i s h e r s which
cause m u l t i p l e occurrences of data.
Object-oriented Database
It stores data as objects where each object represents numbers, texts, and images. It is
used in collaboration with object-oriented languages such as, Java, C+ + , etc. It is
compared to relational database to a certain extent. However, it is less p o p u l a r among
data analysts.
The collection of objects is called class. Each class comprises closely related data. This
database establishes hierarchical property without redundancy using inheritance
method. It i nhe ri t s certain properties from one class that are required to be a p p l i e d to
another class.
Data abstraction assists in hiding sensitive data from other classes or users to maintain
confidentiality.
Passenger Train
Passenger_ID Train_ID
Name * * Train_Name
Age Source
Gender Destination
DOB Seats_Available
Fig. 4 . 7 d : Object-oriented Database Schema
Fig. 4.7d shows a sample object-oriented schema for train ticket reservation. The class
is represented using rectangular object with its name in bold. The attribute and member
names are listed below the class name. Arrow indicates the direction of data flow or
relationship among classes. The type of relationship are denoted symbolically above the
arrow (1 for one and * for many). In the above example, it is many-to-many
relationship.
For instance, the Passenger class holds passenger details and Train class holds train
details. The relationship among them is denoted as many-to-many, since many
passengers reserve tickets in many trains.
4.8 Chapter S u m m a r y
Database Management System (DBMS) is a collection of interconnected data.
Data, database schema, and database processor are three m a i n aspects of D B M S .
File organization hierarchy includes bit, byte, field, record, file, and database.
S e q u e n t i a l , direct, and indexed are three types of file organization methods.
Files are categorized as master, transaction, table, report, backup, archival, d u m p ,
and library file.
File storage and retrieval occurs sequentially in sequential file o r g a n i z a t i o n .
Direct access to a file is possible in direct file organization.
Ordered key, which uniquely identifies a record, organizes the file in index file
organization.
Traditional file processing creates files for every activity in an o r g a n i z a t i o n .
It leads to problems such as, data redundancy, poor s h a r i n g , loss of integrity, low
q u a l i t y standard, absence of privacy, and security.
Database is a repository collection of data that assists user in effective data
h a n d l i n g and manipulation.
Columns, rows, tables, primary key, and foreign key are components of database.
Database M a n a g e r assists in managing and organizing data in data source.
The components of database manager are authorization controller, transaction
manager, query processor, integrity checker, command processor, recovery
manager, and data dictionary.
Data Definition Language (DDL) and Data Manipulation Language (DML) are two
types of database languages.
D D L assists users to define the structure of data and its respective constraints.
D M L assists users to manipulate database operations.
Data dictionary is called as metadata which holds information about data in
database.
Relational, hierarchical, and object-oriented are three types of database.
Creating a
Database
Environment
05. Creating a Database Environment eBook
5 . 1 Introduction
Data is stored in a database, a repository collection of files. This helps in efficient
management. Installing a Database Management System (DBMS) alone does not make
any difference. The primary role of a Database Administrator (DBA) is to define the
design p r i n c i p l e s for a good database design.
The environment provided for the database user is significant in data management. It is
the role of DBA to explicitly design database and indicate the relationship among data
items. Information is obtained in unstructured format from the user. It has to be
processed and checked for its accuracy before storing it in database. There are several
normalization stages that have to be followed for efficient storage of data in a structured
format.
This chapter elaborates the role of DBA along with techniques like, normalization, Entity
relationship (ER) diagram, Business Intelligence (BI) tools, etc. through which an
efficient data storage is designed. With the emerging technologies, the trend of data
storage changes with respect to user requirements.
List stages involved in designing a database
S u m m a r i z e the features for good database design
E x p l a i n different normalization stages
Draw Entity-Relationship (ER) diagram
E x p l a i n the concept of distributed database
List some of the database trends
Describe Business Intelligence (BI) tools and data mining
5.2 Designing Databases
Database design includes the process of designing a database schema which is used to
store and h a n d l e data effectively. It also designs complete database a p p l i c a t i o n system
that assists the enterprise in handling and organizing data. Organizational information
possesses interdependence among data which is necessary to effectively accomplish a
task. It is achieved with a standard database schema.
Design Stages
Database d e s i g n i n g process undergoes five stages depicted in Fig. 5 . 2 a .
Conceptual Design
Functional Requirements
Logical Design Phase
Physical Design Phase
Fig. S . 2 a : Database Design Stages
The database designer obtains the requirements from the database user and
interacts with various domain experts for effective d e s i g n i n g and implementing of
its architecture. This acts as a critical stage which decides the effectiveness of
meeting user satisfaction. The requirements are carefully documented and
implemented.
Conceptual Design
The database designer then develops a conceptual schema based on the
requirements gathered in the first stage. The schema is verified t h o r o u g h l y for its
effectiveness and conflicts among data are identified. The occurrence of data
redundancy is rectified and relationships among data and entities are defined.
Functional Requirements
Functional requirements of an organization are half met d u r i n g the development of
conceptual schema. The database designer interacts with the organization and
obtains information related to operations that are to be performed on data. For
instance, updating or deleting a range of data, searching or retrieving specific
data, etc.
Logical Design Phase
The designer relates the conceptual schema with data model of the database. It
includes the process of implementing conceptual design models and assists in
converting conceptual schema to relational schema using entity-relationship
model.
Physical Design Phase
Using the above phase, physical features of the database are specified which
includes file organization techniques, storage structure, etc.
Design Alternatives
For a good database d e s i g n , the following features should be avoided.
Data Redundancy
A good database design should avoid the occurrence of similar data at multiple
places. Data redundancy leads to poor data structure with less accuracy. For
instance, using customer name at both CUSTOMER table and ACCOUNT table leads
to r e d u n d a n c y .
Partial Data
At times certain fields in a table are left blank, this later leads to confusion. Such
fields should be denoted as primary key to avoid the above situation. For instance,
if the database user intentionally had not entered the account number, and there
are customers who have the same name, the problem arises in identifying them.
Thus the account number field should be made as primary key so that it is used to
u n i q u e l y identify the customers and not left blank.
5.3 Normalization
Normalization is the process of decomposing master table in order to avoid the
a n o m a l i e s listed below.
Insert A n o m a l y : it occurs when a data is being inserted in absence of its related
record.
Update Anomaly: due to occurrence of same data at different location, the
updation of data at one location does not have impact on the other locations.
Thus, it leads to data discrepancy.
Delete Anomaly: after deletion of data, part of its remains undeleted due to
unawareness of its multiple locations.
Normalization methods help to remove these anomalies from a database.
First Normal Form ( 1 NF)
It includes the process of deleting duplicate g r o u p s in any column of a table and
creating separate tables for each co-related data. It identifies each row uniquely
by setting a primary key to a column.
Items Companv
..
INF
Pen Parker
Pen Reynolds
Pencil Apsara
Fig. S . 3 a : First Normal Form (1NF)
Second Normal Form (2NF)
It comprises first normal form and also separates multiple occurrences of same
data to another table. It also creates relationship among these tables u s i n g foreign
key.
0 5 . Creating a D a t a b a s e E n v i r o n m e n t eBook
S.No Name Department
I Sarah Parker Accounts
2 Alicia Orson IT
3 Adam Smith IT
4 William Hayes Marketing
.2NF
S.No Name Depart. No Depart. No Department Name
I Sarah Parker I I Accounts
2 Alicia Orson 2 2 IT
3 Adam Smith 2 3 Marketing
4 William Hayes 3
Fig. 5.3b: Second Normal Form (2NF)
Third Normal Form (3NF)
It comprises second normal form and also removes columns that are not
dependent on primary key.
SID SName City Zip
I Sarah Parker Round Hill 43231
2 Alicia Orson Perryridge 43423

- -
3 Adam Smith Round Hill 43231
4 William Hayes Downtown 45322
.3NF
SID SName Zip Zip City
Sarah Parker 43231 43231 Round Hill
2 Alicia Orson 43423 43423 Perryridge

>-
3 Adam Smith 43231 45322 Downtown
-
4 William Hayes 45322
Fig. 5.3c: Third Normal Form (3NF)
Fourth Normal Form ( 4NF)
It i n c l u d e s third normal form and removes multi-valued dependencies.
Fifth Normal Form (SNF)
It is also called as Projection Normal Form (PJNF) and eliminates cyclic
dependencies.
Boyce-Codd Normal Form (BCNF)
Here, every determinant of a table is a candidate key.
Domain Key Normal Form (DKNF)
It i n c l u d e s the measurement of conceptual state of a database.
5.4 Entity-Relationship ( E R ) Diagram
The conceptual schema in database design is graphically represented using Entity
Relationship (ER) diagram. It represents relationship among different entities and
attributes. Data flow and the process that invokes it are also displayed effectively u s i n g
ER d i a g r a m . The components of ER diagram and its symbol representation are listed in
Table 5.4a.
Symbols Usage
Entity sets
I I
Attributes
0 Relationship sets
Links
((_
Multivalued attributes

. Derived attributes

Total p a rt i c i p a t i o n
f- -
Weak entity sets

II II
Table 5 . 4 a : Components of Entity-Relationship Diagram
For instance, the relationship model for customer and book entity is g i v e n as,
customer
customer_id customer_name customer_street customer _city
(primary key)
book
customer_id book_number amount
(foreign key) (primary key)
The corresponding ER diagram is depicted in the figure Fig. 5.4a g i v e n below.
Fig. 5 . 4 a : Entity-Relationship Diagram
The customer borrows books from a publication house. The above ER diagram shows
relationship among customer and book entity. The entities are denoted using a rectangle
with each of its attributes listed using an ellipse. The underlined attributes denotes
primary key, which uniquely identifies the entities. The relation is represented using
diamond shape. The line shows the relationship among entity and relation or entity and
attributes.
one-to-one
onetomany 1 .. *
many-to-one *.. 1
l many-to-many
Table 5.4b: Types of Relationship
The relationship among entities in the above entity-relationship diagram can be given
as,
Fig. 5 . 4 b : Entity-Relationship Diagram (with relationship)
Since a customer borrows many books, the relationship among customer to book entity
is one-to-many ( 1 . . *) relationship.
Advantages
It assists the database designer to accurately focus on the organization modeling.
It helps in easy understanding even though the client does not have any prior
designing knowledge.
It provides h i g h - l e v e l database design.
The relational model of a database is easily designed.
V i s u a l representation of relationship provides better u n d e r s t a n d a b i l i t y .
5.5 Distributing Databases
Database files that are scattered at different locations on network is called distributed
database. Distributed Database Management Systems (DDBMS) is software that
manages database files and allows users to remotely access it on a network. The main
objective of DBMS is to synchronize these files to maintain data consistency. The
advantages of using distributed database are improved reliability, high scalability, and
better performance.
Some of the difficulties that arise due to distributed databases are complexity in
database design, expensive, requirement of high security standards, and difficulty in
maintaining integrity.
Types of Distributed Database
The accessibility technique for distributed database is broadly classified into two
categories. They are,
Fig. 5 . S a : Types of Distributed Database
Homogeneous Distributed Database
The a p p l i c a t i o n program of each site on a network uses the same DBMS software
and it provides knowledge to the user about other user's transaction. It h o l d s the
same schema for similar transactions. Each site surrenders segment of their
database to check for its atomicity.
IQ
r> \
-
.
(
ccrnmumcenon
Network

_>-_/J
10 .. _
.-
Fig. 5 . S b : Homogeneous Distributed Database
Heterogeneous Distributed Database
Different D B M S are attached to every site on network where its schema and DBMS
software are unique. Data access to several databases is possible. Unlike the
above method, heterogeneous distributed database does not provide users any
knowledge on other user's transaction. It is also called as multi-database system
or federated database system. It maintains data accessibility standards using
gateway protocols.
Distributed Database Architecture
The architecture of distributed database is classified as,
Distributed
Database
Client-server Collaborative Middleware
Architecture Architecture Architecture
Fig. 5 . S c : Architecture Types
Client-server Architecture
The database is controlled by a server which is the central authority of a network.
The user or client requests data from the server to complete a transaction. The
server checks client's data access rights and responds accordingly with the data.
This technique provides high data confidentiality.
Collaborative Architecture
This architecture assists in retrieving data for a long complex query from the
database. It generates sub-queries and assigns it to multiple remote servers. The
final result is the collaboration of sub-query data results.
Middleware Architecture
It is designed to allow single query to span over multiple servers. It acts as a
mediator among different transaction processors and database servers. It is also
responsible for routing the query control to local servers.
Distributed Database Design
The process of d e s i g n i n g a distributed database is a difficult task and has to u n d e r g o the
following objectives for effective implementation.
Data relations should be partitioned and allocated to different servers in a
relational database model.
Data shou Id be available to the user with more accuracy.
Performance of the system is increased through data replication.
It should provide location transparency which enables the user to access data
without the knowledge of its existence.
Scalability should be provided without any special requirement on hardware
configuration.
Integration of different database at different location should be maintained easily
with accuracy.
5 . 6 Database Trends
Information Technology (IT) is developing tremendously. Database Management
Systems (DBMS), one of the core parts of IT that is used to maintain data has
undergone drastic changes in recent years. Many changes and new features are
developed to improve the efficiency of database. Fig. 5.6a lists some of the current
database trends that have significantly changed the art of storing data in database.
Spatial Cloud
Database Database
Bridging
SQL/NoSQL
Database
Fig. 5 . 6 a : Database Trends
Spatial Database
It helps to store and query spatial imagery data such as maps, and sensory
geographical images. It also helps in storing geometric shapes such as circle,
square, polygon, lines, curves, three dimensional objects, topological
arrangement, etc.
M u l t i d i m e n s i o n a l expressions ( M D X )
It is a programming language for generating analytical queries for Online
Application Processing ( O LA P ) databases. An imaginary l i n k appears between MDX
and Structured Query Language (SQL). Its language syntax is similar to
spreadsheet formulae.
B r i d g i n g S Q L / N o S Q L Database
Every network uses different database structure. It is used for connecting several
SQL databases or traditional databases. It also assists users to access data in
t r a d i t i o n a l database model with relational database structure.
Automated Data Management
Automated techniques are being developed for recovery from damage, predicting
unauthorized data access, and effective filtering of data. Yet, it is recommended to
have a central authority to monitor every process of database access.
Cloud Database
Computer connected virtually for communication is called as cloud network. The
database associated with this network is called cloud database. It can be either
t r a d i t i o n a l database or distributed database. Increased accessibility, fast recovery,
automated scaling, less expensive, and better performance are some of its
advantages.
5 . 7 B u s i n e s s I n t e l l i g e n c e Tools
Business Intelligence (BI) tools assist in effective decision making and strategic p l a n n i n g
in an organization. It helps to capture, organize, manage, filter, and analyze data.
Market research, market segmentation, customer profiling and support, statistical and
profit a n a l y s i s are some of the core areas where BI tools are used efficiently.
Decision making becomes difficult for an organization due to bulk amount of data.
Analyzing data generated by different software is a complex task. Thus, BI tools assist in
providing data at timely manner and increase the performance of m a n a g i n g a business.
It helps in extraction of data from on-going business transactions and provides its status
review. It obtains data from multiple sources of an enterprise and provides an interface
to users to access those data for report generation and analysis.
It supports improved decision making, increased efficiency on transactions, gaining
competitive advantages over rivals, and optimizing internal business. Initially, it was
used by software professionals for analyzing reports and queries. With the developed
user-friendly features, they are used by business executives and workers themselves.
BI tools use both past and present business data for effective decision making. The data
visualization software uses BI techniques to design charts and d a s h b o a r d s for easy data
review. It is used in various applications such as mobile BI, real-time BI, organizational
reporting, location intelligence, Online Analytical Processing ( O LA P ) , etc.
It also plays a significant role in data mining, image m i n i n g , text mining, and statistical
and predictive a n a l y s i s . BI data are stored using hadoop systems. The unstructured data
should be collected, integrated, and formatted before storing it in data source.
Apart from business executives, BI tools are used by business workers for testing the
status of the business and to measure the achievement of objectives.
Table 5.7a lists some of the business intelligence tools that help to achieve better
industrial performance.
Icon Tool N a m e
pentaho Penta ho
Birst
*birst
-
-
bo,nJ BOARD
T A R G I T u2, TARGIT Decision Suite
business lntell19ence
Table 5 . 7 a : Business Intelligence Tools
Advantages
It a i d s business workers in report generation.
It analyzes the business output results and tests its performance.
It performs competitive study among rivals.
It helps to achieve organizational objectives and setting budgets.
The method to promote a product is decided beforehand using BI tools.
Disadvantages
Implementation of BI in an organization would be expensive.
I n i t i a l l y , the employees require training and maintenance for h a n d l i n g BI tools.
There is a chance of exposing company's sensitive information.
5 . 8 Data Mining
The process of extracting information from bulk data is called as data mining. It is also
defined as the process of obtaining knowledge from data. It transforms the huge
quantity of data of an organization to structured information which is later used to
predict business behavior and its future trends.

It helps to improve the business performance by meeting its objectives and strategies
and analyzes the data to find hidden patterns and proactive knowledge. It helps in
predicting the following two major aspects of an organization.
Automated Prediction of Trends and Behaviors
It helps to retrieve or extract past trends and behaviors of an organization and
tests its performance on business outcomes. It helps in prior estimation of
bankruptcy situations and depicting product favorable population u n i t s .
Automated Extraction of Hidden Patterns
Every unit or segment of a database is carefully analyzed to identify the hidden
patterns. For instance, purchase of unrelated products, detecting credit card
frauds, etc.
Data mining predicts unexpected occurrence of events through a process called
modeling. It is similar to prototype building where a model is built from the previous
occurrence of events.
Fig. 5.Sa shows the detail architecture of data mining and working of its components.
The data mining e n g i n e obtains the data from the knowledge base and passes on to the
pattern evaluation for discovering hidden patterns in data. These patterns are presented
to users through Graphical User Interface (GUI) or passed on to data warehouse for
storing these patterns. The data warehouse is responsible for data cleaning, data
integration, and data selection.
Data cleaning is the process of extraction or removing unwanted data such as noise, or
any discrepancies that affects the data originality. Data Integration is the process of
integrating heterogeneous data and logical data. The process of retrieving relevant
information from the data based on users request is called data selection.

Fig. 5 . S a : Data Mining Architecture
Issues in Data Mining
The algorithms used by data mining are very complex. It is difficult to implement since
data are located at remote places. Fig. 5.Sb highlights the issues related to data m i n i n g
strategies.
Data Mining
Issues
Interaction a n d Varied Data

Performance
Methodology Types
Fig. S . S b : Data Mining Issues
Interaction and Methodology Issues
Users require different types of output at the same time. However, each user may
possess different access rights. Thus, developing a user interface is a c h a l l e n g i n g
task. Pattern generation and heterogeneous data requires different types of
methodologies to handle. It is selected based on the user's need.

Varied Data Types
A database system holds different types of data such as text, image, graphics,
audio, video, etc. It is a challenge for the database system to handle these data
types and generate patterns from it. Information that is obtained initially from
different networks is in an unstructured format and needs to be formatted prior to
storing in the data warehouse.
Performance Issues
To extract knowledge from bulk quantity of data, the mining algorithm shou Id be
more stable and efficient. It should be more flexible to hand le data s c a l a b i l i t y . The
complexity increases if the database is in distributed or incremental format.
Advantages
It helps to decide production quantity based on organization's past sales data.
It helps to detect occurrence of credit card fraudulent and profiling customers in
banking industry.
It supports government to detect money laundering and other financial criminal
activities.
Disadvantages
Generation of patterns and knowledge of an organization leaks sensitive
information.
Rivals make use of this information for reframing their product promotion.
Implementation of data security is still a major issue.

Database design frames structure of a database that instructs the method of
storing and organizing data.
Requirement analysis, conceptual design, functional requirements, logical design
phase, and physical design are the five stages of database d e s i g n .
Data redundancy a n d partial data are the factors to be avoided for good database
design.
Normalization is the process of decomposing master table to avoid update, delete
and insert anomalies.
First Normal Form (lNF) includes the process of deleting duplicate columns in a
table.
Second Normal Form (2NF) includes lNF along with the process of removing
m u l t i p l e occurrences of data.
Third Normal Form (3NF) includes 2NF and also removes columns that are not
dependent on primary key.
Fourth Normal Form (4NF) includes 3NF and also removes multi-valued
dependencies.
E l i m i n a t i o n of cyclic dependencies happens in Fifth Normal Form (SNF).
Every determinant of a table is a candidate key in Boyce-Codd Normal Form
(BCNF).
Measurement of a conceptual database takes place in Domain Key Normal Form
(DKNF).
Entity-Relationship (ER) diagram helps in graphical representation of conceptual
schema in database d e s i g n .
Databases residing at remote locations on a network is called distributed database.
It is managed using Distributed Database Management System (DDBMS).
Homogeneous and heterogeneous are the two types of distributed database.
Spatial database, Multidimensional expression (MDX), bridging S Q LJ N o S Q L
database, automated data management, and cloud management are the recent
trends in database.
Business Intelligence (BI) tools assist in effective decision making and strategic
planning in an organization.
Data mining is the process of extracting hidden patterns from the b u l k a m o u n t of
data.

Telecommunications
a n d Networking i n
Today's B u s i n e s s
World
06. T e l e c o m m u n i c a t i o n s and Networking in Today's B u s i n e s s World eBook
6 . 1 Introduction
Instant communication is not difficult in today's world. A person can share information
q u i c k l y and effectively t h r o u g h d i g i t a l communication. In d i g i t a l c o m m u n i c a t i o n , the use
of personal computers in fields like business, education, and banking has increased.
D i g i t a l c o m m u n i c a t i o n a i d s to share information in a fraction of a second.
Data sharing is performed by connecting computers that are remotely located with the
help of a network. They play an important role in the field of business to h a n d l e day-to
day decision making. Thus, communication is necessary in d a i l y life and should be done
rapidly and securely. Improvement in data security technologies prevents data misuse
over networks. With technological advancements, services have expanded tremendously
and data like a u d i o , video, graphics, etc. can be flawlessly shared.
Define data c o m m u n i ca t i o n and networking
Describe the components of a network
Illustrate the basic types of network
State network architecture
Identify network protocols
List different types of topology
E x p l a i n t r a n s m i s s i o n media

06. T e l e c o m m u n i c a t i o n s a n d Networking in Today's B u s i n e s s World eBook
6 . 2 Data C o m m u n i c a t i o n a n d Networking
Communication is necessary to exchange information from source to destination. Data
communication refers to the exchange of data among devices. In general, d i g i t a l data
is represented in binary format ( ls and Os) or electrical signals, depending on its
transmission m e d i a . Similarly, data in communication is delivered in the form of packets.
Different sub-systems are unified to form an information system. These sub-systems
communicate with each other or among processes, operating systems, programs, etc. to
request data to complete a specified task.
Transmission media is used to connect computational systems to enable c o m m u n i c a t i o n
among them. To support these computational systems several other hardware
components are a v a i l a b l e that act as data carriers from source to d e s t i n a t i o n .
The process of connecting computational systems for communication is called
networking. It acts as a boundary which decides the scope of data communication. If
any two systems are not connected, or are not in a network, communication is not
possible.
Fig. 6 . 2 a : Communication and Networking
The effectiveness of data communication in a network depends on the following
characteristics.
Delivery: it refers to the process of sending packets to the correct destination
Accuracy: it refers to maintaining the integrity of data d u r i n g t r a n s m i s s i o n
Timeliness: it refers to timely delivery of data packets or without delay
Jitter: it refers to the variation in packet arrival time.

Advantages
Communication is made easy with high speed and accuracy.
Files, data, and information are easily shared to any computer on a network.
Hardware and software are shared remotely, reducing multiple installations.
Disadvantages
Network breakdowns cause resource failure.
An efficient central authority is necessary to handle and m a n a g e the network.
Security threat is a major issue.
6 . 3 C o m p o n e n t s of Networking
Effective functioning of data communication and networking requires the following set of
components.
Sender: the device or computer that invokes communication to send data, it is
also referred to as source.
Receiver: the device or computer that receives the data sent by the sender, it is
also referred to as destination.
Message: it is the data sent by the sender during communication. It is
fragmented and sent in the form of packets.
Protocols Message Protocols
Medium
Sender Receiver
Fig. 6 . 3 a : Components of Networking
Medium
It is referred to as a carrier of data from source to destination. For instance,
cables, air, etc.

Protocol
It is a set of rules and standards that are to be followed during data
communication. Based on the type of network and message, protocols are
selected.
6 . 4 B a s i c Types of Network
Networks are classified based on their geographical coverage. It ranges from a small
distance between cell phones to a large distance or covering the globe. There are four
basic types of network:
Personal Area Network (PAN)
Local Area Network ( LA N )
Metropolitan Area Network ( M A N )
Wide Area Network (WAN)
Personal Area Network (PAN}
The systems in PAN are connected up to a range of up to 10 meters. Most of them are
wireless. Any mobile devices can be connected to each other with the help of PAN. For
instance, Bluetooth technology connects mobile devices up to a short distance. Laptops
are connected to printers or any devices that are available relatively close to the device.
The devices h a n d s h a k e with each other and create connection among them. After this
process, data is transferred. Once the entire data packet is sent, the connection is
terminated. Fig. 6.4a denotes a PAN sample.
O PDA
{;; Cell phone
laptop
Printer
Fig. 6 . 4 a : Personal Area Network (PAN}

Local Area Network (LAN}
Systems or workstations within an administrative office or a b u i l d i n g are connected on a
network to form a LAN connection. Its range varies from 1 to 2 kilometers. It also
assists in sharing resources within the network. LAN can be both; wired and wireless.
For instance, LAN connects computers in a single room and each computer shares
hardware resources available on the network.
Workstation 1 Workstation 2 Workstation 3
j
j

j
LAN Cable
Printer
Fig. 6 . 4 b : Local Area Network ( L A N }
In Fig. 6.4b, Workstation 1, 2, and 3 are connected to the printer t h r o u g h a LAN cable.
These workstations share the printer on a first-come-first-serve basis.
Metropolitan Area Network (MAN}
Different LAN networks within a city connect to form a MAN. It is used to expand the
services beyond LA N . For instance, in a Cable television network, every TV in a
particular city is connected to the cable network vendor. MAN also acts as a mediator
between LAN and WAN. Its range varies from 2 to SO kilometers. Fig. 6.4c is a sample
of a MAN network.
MAN
cnvare
Corporate Office
Fig. 6.4c: Metropolitan Area Network ( M A N }

Wide Area Network ( W A N }
WAN refers to the interconnection of different MAN or networks in the entire world.
Computers located in any corner of the world are connected using WAN for
communication beyond their national boundaries. Internet is one among these types of
networks. It is very expensive to implement and maintain. Fig. 6.4d denotes the
sample of a WAN.
Residence
ll;l- +-
Workstation Government
' Office
Private
Corporate Office
Fig. 6.4d: Wide Area Network (WAN}
6 . 5 Network Architecture
Network architecture defines the layout of a network. It states the format of connecting
different network components and devices. The message being sent shou Id follow the
prescribed format stated in the architecture. It is used to d e s i g n framework of a network
and instructs how each component should interact. It is broadly classified into two
categories:
Peer-to-peer Architecture (P2P)
The systems in P2P are connected individually to each other. It is recommended
for small networks. Each system or workstation acts as both; client and server. In
contrast to client-server architecture, each workstation in P2P is given equal
priority on the network. The increase in network size creates an overload. P2P is
noted for its scalability. When the demand is more, workstations are easily added

to the network. Information is shared easily among peers. The P2P architecture is
depicted using Fig. 6.Sa.
Fig. 6.Sa: Peer-to-Peer Architecture (P2P)
Failure of a workstation does not affect the functioning of others. A major
disadvantage is that it does not have an administrator abstraction. The
administrative sections are easily visible to workstations due to equal
responsibilities given to them. Thus, confidentiality and security are d i ff i c u l t to
implement. Malicious software like Trojan horse, Virus, and Spyware easily
replicate to different systems.
Client-server Architecture
Each computer in a network is either a client or a server. The server is the
centralized authority in the architecture. Data and resources reside at the server
side. Thus the client completely depends on the server to perform any task. The
client requests either data or manipulation from the server. The server o b t a i n s the
request and replies with the necessary data. It is also called two-tier architecture.
Unlike P2P, server handles resource allocation and data storage. Fig. 6.Sb
portrays client-server architecture.
Fig. 6.Sb: Client-server Architecture
It implements high security and prevents data loss or misuse. It does not allow
unauthorized access to data and workstations. A major disadvantage is that if the

eBook
server crashes, the whole network collapses and data retrieval becomes almost
impossible. In centralized architecture, a central server manages every client in
the network. Several servers are distributed throughout the network to handle
clients in the distributed architecture.
6.6 Network Protocols
Protocols are a set of rules and procedures that lay certain constraints on computer
networking. It defines the syntax and semantics on how communication has to be
established. There are different types of protocols that perform unique tasks on the
network. The activities on a network are classified in the form of layers for better
management.
Transmission Control Protocol/Internet Protocol (TCP/IP) is one of the models that
standardize every activity that are performed on a network. It composes similar
activities in the form of layers. Each layer has wide variety of protocols. Layers included
in this model are Network Interface Layer, Internet Layer, Transport Layer and
Application Layer.
TCP/IP Protocols
---
Trarsport Layer
---
Internet Layer
---- IP PSec
Networl< totertace
Ethernet Tolcen R,ng Fr.ome Rel;iy ATM
Layer
Fig. 6.6a: TCP /IP Protocols
Network Interface Layer
It performs physical tasks such as connection of devices through cables, obtains
electrical signals and converts them into binary formatted data, etc. It breaks the data
to s m a l l fragments called units. Each unit accommodates into packets and is sent to the
upper layer. The protocols that work under network interface layer are Ethernet, token
r i n g , frame relay, and ATM.

Ethernet protocol works with Carrier Sense Multiple Access/Collision Detection
(CSMA/CD). It first senses the medium for its availability. If it is free, it transmits
data or it stops the access for a time period to avoid collision. It operates at a
speed of 10 mega bits per second to 1000 mega bits per second.
Token ring protocol passes tokens to every computer connected in the form of
ring topology. If the computer does not need to transmit data, it s i m p l y passes the
token or else it obtains the token and feeds data into it. The speed of t r a n s m i s s i o n
is only 230 kilo bits per second.
Frame relay protocol is widely used on WAN. It is also called as packet-switched
protocol that provides h i g h speed transmission of up to 2 mega bits per second.
Asynchronous Transfer Mode (ATM) protocol transmits data up to a speed of
1 5 5 mega bits per second. It is cost effective and widely used in LAN connections.
Internet layer
It is responsible for effective packet delivery. It attaches the address of the receiver
node to the packet which is to be sent. It is also responsible for selecting the route to
reach the destination on the network. Each packet takes a different route to reach the
d e s t i n a t i o n . The protocols associated with this layer are IP and IPSec.
Internet Protocol ( I P ) defines the syntax of data packets or datagrams, or data
units. It is similar to a postal system where the packets are addressed and
dropped into the network without a direct link between the source and d e s t i n a t i o n .
Internet Protocol Security (IPSec) assists in encryption and decryption of data
packets that help to maintain data integrity.
Transport layer
It unites same type of processes and passes it to the upper layer. It also performs error
correction and error detection on each packet. At the sender's side, it segments the
processes and at the receiver's side it re-assembles the segmented packets. Protocols
included u n d e r this layer are TCP, UDP, IGMP, and ICMP.
Transmission Control Protocol (TCP) defines the procedure for network
communication and format of data packets.

eBook
User Datagram Protocol (UDP) is similar to TCP, except that the transmission
takes place on an unreliable network.
Internet Group Message Protocol (IGMP) assists message transmission to a
g r o u p of recipients.
Internet Control Message Protocol (ICMP) supports message t r a n s m i s s i o n to
a particular host on a network.
Application layer
In t h i s layer, the binary data is transformed to a presentable format before s u b m i t t i n g to
the user. At the sender's end, it transforms original data to coded words called
encryption and at the receiver's end it obtains original data from the coded words called
decryption. It also assists users in interacting with the network t h r o u g h an interface. It
allows the user to perform services such as sending mails, managing files, setting
authorization, etc. The protocols that work under this layer are D N S , Telnet, FTP, SMTP,
RIP, and SNMP.
Domain Name System (DNS) helps to translate the website name to an IP
address, either in a binary format or a decimal dotted format.
Terminal Network (Telnet) works on a client computer that assists in
connecting to the server on request.
File Transfer Protocol (FTP} defines the standard of file transmission on the
network.
Simple Mail Transfer Protocol (SMTP} runs on server machines that assist in
communication among servers.
Routing Information Protocol (RIP) defines the standard of communication
among routers d u r i n g packet transmission.
Simple Network Management Protocol (SNMP) d e sc r i b e s simple activities
that are performed on network such as checking for malicious activities, threats,
logging user credentials, etc.

6 . 7 Types of Topology
The arrangements of computers in a network or the way in which the systems are
interconnected are called topology. Based on their functionality, they are classified into
five types.
Topology
Bus Ring Star Mesh Hybrid
Topology Topology Topology Topology Topology
Fig. 6 . 7 a : Types of Topology
Bus Topology
Computers in a bus topology are connected serially. Each system or node is connected
sequentially through a common cable called a bus or a backbone. The message from a
source travels t h r o u g h the bus and serially checks for its recipient. Once the addressed
recipient is found, the message is delivered. A major disadvantage is that if the bus
crashes, the entire network collapses. Fig. 6.7b depicts the architecture of a bus
topology.
Nodesll;J 11;1 li;J

- - -
I I I

Terminal Backbone Terminal
I
lc:J
Fig. 6 . 7 b : Bus Topology
-
Ring Topology
Systems are interconnected in the form of closed loops in ring topology. Each node is
connected to two other nodes on either side. Thus, communication is possible through
two routes. If one route fails, the transmission takes place through another route t h u s ,
it reduces c o l l i s i o n . Fig. 6.7c depicts the architecture of ring topology.

?- i;J I ,
I i;JI
'- 1 ..)
Fig. 6.7c: Ring Topology
Star Topology
Each node is connected to a central terminal in star topology. It resembles client-server
architecture. The nodes do not communicate directly. It requests for connection from the
central authority which controls the entire network. After a connection is established,
communication is performed only through authority. It provides high security and easy
scalability. Crash of the entire network takes place if the central authority collapses
which leads to a major disaster. Fig. 6.7d depicts the architecture of star topology.
Fig. 6 . 7 d : Star Topology

Mesh Topology
It does not have a standard format of connection. The nodes are connected to each
other in a random manner. If a node needs to connect to another node, a direct point
to-point link is made. This leads to effective and fast communication but is difficult to
manage. This topology can be used to connect computers in a s m a l l geographical area.
Listed below, Fig. 6.7e depicts the architecture of mesh topology.
; l l;J \
ll;l l;ll
\ 1 l;J /
Fig. 6 . 7 e : Mesh Topology

Hybrid Topology
Every topology has its own advantages and disadvantages. Thus, hybrid topology allows
arrangement of computers with a combination of different topological types. Based on
the requirement, the organization connects different topological networks together.
However, it is difficult to implement and manage. The connection type used on the
internet comes under this category. Fig. 6.7f depicts the architecture of hybrid
topology.
Star Topology
10
-
Bus Topology
Fig. 6 . 7 f : Hybrid Topology

6.8 Transmission Media
Data communication is possible over a network with the help of transmission media. It
acts as a m e d i u m or carrier of data in the form of electrical or l i g h t s i g n a l s . As shown in
Fig. 6.Sa, transmission media is broadly classified as wired and wireless. The twisted
pair cable, coaxial cable, and fiber-optic cable fall under the wired category and in
wireless, open space acts as a m e d i u m .
Transmission
Media
Wired Wireless
I I
Twisted Coaxial Fiber Optic

Space
Pair Cable Cable Cable
Fig. 6 . S a : Types of Transmission Media
Wired Transmission Media
The connection among nodes is made physically using cables in a wired transmission.
The transmission range depends on physical limits of a connection. It is implemented
with the help of following cables.
Twisted Pair Cable
Two copper wires are coiled to each other in a twisted pair cable. The cable
contains either a single pair or multiple pair of cables. These copper wires are
individually covered by a plastic shield, which are again collectively covered by
another shield. An outer plastic jacket protects these cables. Initially, telephone
line networks used twisted pair cable to avoid cross talk and electromagnetic
induction. A major disadvantage is the cable generates more heat. It is cost
effective for a small LA N . Fig. 6.Sb clearly depicts the internal components of
twisted p a i r cable.

o,w P,lr
lcket Shields Twisted P,1,r
t
1
Fig. 6 . S b : Twisted Pair Cable
Coaxial Cable
It consists of a strand of copper wire which is wound by dielectric material to keep
the cable from heating. A braided and foil shield covers the dielectric material. The
outer plastic cover protects the cable from damage. It is used in analog telephone
networks and carries up to a 10000 voice signals. Loss of signal strength due to
long distance transmission is a major disadvantage of this type of cable. Fig. 6.Sc
clearly depicts the internal components of a coaxial pair cable.
Braided Shield
Foil Shield
+--- Center Conductor
Outer Jacket Dielectric
Fig. 6.Sc: Coaxial Cable
Fiber Optic Cable
A fiber optic cable consists of two glass materials; core and cladding. In t h i s cable,
data is transferred in the form of light waves. The distance between core and
cladding is very less so that the light waves reflect within the cable and do not
refract. It provides high-speed data transmission, up to the speed of light. The
main disadvantage is that it is very expensive and needs special components to
maintain. Fig. 6.Sd portrays the internal structure of an optic fiber cable.

"' . eBook
Jacket 900m
Total Internal Reflection
L19ht Rays
Buffer 250m
Cladding
Core Sm
Fig. 6.Sd: Fiber Optic Cable
Wireless Transmission Media
The process of sending data signals without physical connection between the source and
the destination is possible through wireless transmission media. Open a i r or space acts
as a carrier for s i g n a l s . It requires a specific device to send and receive data s i g n a l s . The
signals are transferred either through radio waves, microwaves, or infrared waves. It
requires an antenna to receive signals. Present day cable TV network is laid using this
t e c h n i q u e . The wireless transmission method is easily portrayed using Fig. 6.Se.
r
Transmitter
Antenna
r
Receiver
Antenna
Fig. 6 . S e : Wireless Transmission

Data communication is a process of exchanging data or information among
computers.
The process of connecting computers using physical components to enable
communication is called networking.
The effectiveness of data communication depends on delivery, accuracy,
timeliness, and jitter.
Sender, receiver, message, medium, and protocol are network components.
Based on the geographical span, the basic types of network are Personal Area
Network (PAN), Local Area Network ( LA N ) , Metropolitan Area Network ( M A N ) , and
Wide Area Network ( W A N ) .
Peer-to-peer (P2P) architecture refers to individual connection of a computer in a
network.
All the hosts (nodes) in a network are connected to the central authority (server)
in client-server architecture.
Protocols are set of rules and procedures that instruct how to perform every
activity on a network.
Protocols at Network Interface Layer are Ethernet, Token ring, Frame Relay, and
Asynchronous Transfer Mode (ATM).
Protocols at Internet Layer are Internet Protocol (IP) and Internet Protocol
Security (IPSec).
Protocols at Transport Layer are Transmission Control Protocol (TCP), User
Datagram Protocol (UDP), Internet Group Message Protocol (IGMP), and Internet
Control Message Protocol ( I C M P ) .
Protocols at A p p l i c a t i o n Layer are Domain Name System ( D N S ), Terminal Network
(Telnet), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP),
Routing Information Protocol (RIP), and Simple Network Management Protocol
(SNMP).
The arrangement of systems in a network is called topology.
Bus topology, ring topology, star topology, mesh topology, and hybrid topology
are the different types of topology.
Transmission media acts as a carrier or medium for data t r a n s m i s s i o n .
Twisted Pair Cable, Coaxial Cable, and Fiber Optic Cable are wired transmission
media.
Open space are used as medium in wireless transmission m e d i a .

Internet
I T M
UNIVERSITY
ONLINE
0 7 . Internet eBook
7 . 1 Introduction
Users connect to the internet to share information that is available extensively over a
network. It provides effective communication which leads to its growing need. It is also
called as a "publicly accessible network" where anyone can connect online to provide
and retrieve information. Internet services are obtained through Internet Service
Providers ( I S P s . )
Internet revolutionized the method of business processes through its various
components that assist information sharing among employees, enable distributed
computing, browse products catalogue, and facilitate banking, and much more. Thus, it
shrinks the world by bringing any kind of information straight to the computer and
allows communication access beyond national boundaries. Initially, it was used for
defense purposes through ARPANET, now it contains massive amounts of information
and services to assist various sectors.
Define Internet addressing
List types of address
Describe U R L structure
E x p l a i n various web browser components
Understand the working of search engines
Differentiate intranet and extranet
Design a web page

07. Internet eBook
7 . 2 Internet Addressing
An address is used to identify a node or system on a network. Data communication and
resource sharing are possible with the help of addresses that identify the node. Each
node has a unique address over a network. An address range is allocated to a network
and addresses are shared among that node but the same address is not allocated to two
different systems. For instance, the source identifies the destination uniquely with the
help of the address and then transfers the data or message.
32
The universal standard for an address consists of 32 bits that includes 2 combinations
of addresses. Internet addressing universally uses IPv4 called Internet Protocol version
4. There also exists IPv6 or Internet Protocol version 6, which is not functional currently.
IP address is a v a i l a b l e in two formats.
Decimal Dotted Notation
This notation is easy to understand and memorize. It includes four octets, each of
8 bits. Each octet is separated by a decimal dot ( . ) and ranges between O and 255.
Fig. 7.2a depicts a sample address in a decimal dotted notation.
Octet
6
127.89.34.45
Fig. 7 . 2 a : Decimal Dotted Notation
Binary Notation
The system or any component on a network understands o n l y the b i n a r y notation.
Each octet is converted to a binary equivalent. It is not separated by d e c i m a l dots.
Fig. 7.2b depicts a sample address in a binary notation.
011111111 01011001 00100010 00101101
\ I I I
127.89.34.45
Fig. 7 . 2 b : Binary Notation

07. Internet eBook
IPv4 addressing protocol uses two types of addressing modes for successfully providing
address to each node.
Classful Addressing
In t h i s addressing technique, the address space is divided into five classes namely,
Class A, Class B, Class C, Class D, and Class E. Based on the organization size; the
classes are assigned to them.
Classes First Byte Second Byte Third Bvte Fourth Byte Application
0 (BN)
Class A ... ... ... Large orcamaaucn
0-127 (DON)
10 (BN)
... ... ...
Class B Midsize Organization
1 2 8 - 1 9 1 (DON)
110 (BN)
... ... ...
Class C Small Organization
192-223 (DON)
1 1 1 0 (BN)
... ... ...
Class D Multicast
224-239 {DON)
1 1 1 1 (BN)
... ... ...
Class E Reserved for future use
240-255 (DON)
BN - Binary Notation DON - Decimal Dotted Notation
Table 7 . 2 a : Types of Classes
In Class A addressing, the first byte (first octet), starts with bit O in binary
notation or any number from O to 127 in decimal dotted notation. In Class B
a d d r e s s i n g , the first two bits consists of 1 O in binary notation or any n u m b e r from
128 to 191 in decimal dotted notation. In Class C addressing, the first three bits
consist of 1 1 O in binary notation or any number from 192 to 223 in decimal
dotted notation. In Class D addressing, the first four bits consist of 1 1 1 0 in
binary notation or any number from 224 to 239 in decimal dotted notation. In
Class E addressing, the first four bits consist of 1 1 1 1 in binary notation or a n y
number from 240 to 255 in decimal dotted notation. A visual representation is
portrayed in Table 7 . 2 a .
Classless Addressing
It is a good alternative for classful addressing that causes address depletion and
wastage. It assigns a range of address blocks to an organization. Thus, it is
allocated to the host that is presently active on the network. The same address is
reused if it is inactive. For instance, if an organization requires 10 addresses, it is
provided with addresses that range from 1 9 2 . 1 6 . 2 . 3 to 192.16.2.11.

07. Internet eBook
7 . 3 Types of Address
Fig. 7 .3a portrays four levels of addressing used by the Internet that works on TCP/IP
protocol.
Addressing
Physical Address Log ica I Address Port Address Specific Address
Fig. 7 . 3 a : Internet Addressing Levels
Physical Address
This address identifies a host at the network interface layer in the TCP/IP model. As the
packet reaches t h i s layer, the physical address is attached to it. It is m a i n l y used in LAN
and WAN. The address size depends on the types of network protocols. For instance,
Ethernet consumes 6-byte physical address. It changes at every hop. To obtain the
physical address of a particular node, click on Win Key on the keyboard, type cmd on
the search text box, and click on Enter. The Command Processor window appears on
the screen. Type ipconfig I all in the command prompt and click on Enter. The physical
address of the particular host is displayed which is clearly shown in Fig. 7 . 3 b .
Fig. 7 . 3 b : Physical Address

Logical Address
It uniquely identifies the host throughout the global network. No two hosts or systems
can have the same logical address. Physical address uniquely refers to a node. When it
is combined with the logical address, it uniquely identifies the host over WAN. It has a
universal standard for addressing that consumes 32 bits. Fig. 7.3c portrays a sa m p l e of
a logical address.
Octet
6
127.89.34.45
Fig. 7 . 3 c : Logical Address
Logical address consists of four octets differentiated with a dot (.) symbol. Each octet is
of 8 bits and ranges from O t o 255.
Port Address
Physical address h e l p s to identify the host, either a source or destination. With this, the
message is transmitted to the right destination node. In case of multi-processing,
confusion arises in finding a specific host. Since it consists of many processors, there is
a necessity to uniquely identify a particular process port. This is done with the help of a
port address w h i c h is of 1 6 bits. It is represented using a decimal format. For instance,
37 is port address for TIME protocol.
Specific Address
It is used to identify either the user or the system. It is either an email address, for
instance, smsan@itm.edu or Uniform Resource Locator (URL), for instance,
www.itm.edu.

07. Internet eBook
7 . 4 Uniform Resource Locator ( U R L )
A URL identifies the web page over the internet. Any webpage is viewed with the help of
its homepage URL. Its universal structure is given in Fig. 7 .4a.
Port Query
_J_
http://www.domain.com: 1234/path/to/resource?a=b&x=y
T
Protocol Host Resource Path
Fig. 7.4a: Uniform Resource Locator ( U R L )
Listed below are the components that define the structure of a URL for any webpage.
Protocol
It denotes the type of the protocol used by webpage. HTIP ( H y p e r Text Transfer
Protocol) is a commonly used protocol which transfers the hypertext contents to
the web browsers through which the contents of a web page is viewed. For
instance, HTIP, HTIPS, and FTP are some protocols available on a network. It
shou Id be noted that these protocols are typed in lowercase.
Host
It denotes the name of the domain where the resources are located. It can also be
a host or a server name. For instance, yahoo.com, g m a i l . c o m
Port
It denotes the port address which uniquely identifies the port over a network. It is
an optional component. Some URLs do not contain a port address. It is denoted in
decimal format.
Resource Path
It denotes the path of the resource. It is a directory, sub-directory, file, or a
combination of them which resides on the host. For instance, in the path
home/courses/MBASyllabus.docx "home" is a directory w i t h i n which sub-directory
"courses" exist. "MBASyllabus.docx" is a file that appears w i t h i n the sub-directory.

07. Internet eBook
Query
To view limited results on a webpage, data filtering or data retrieving should be
done. It obtains the results from the data source. Thus, these operations are
performed with the help of query language. For instance,
age= lO&location= Mumbai retrieves the data whose age and location matches with
the above query.
A complete example for URL is given as,
http ://www.itm.edu/home/courses/MBASyllabus?specialization= IT
Following are the t i p s to create a user-friendly URL:
Appropriate folder and file names
Logical configuration of URL should be well-structured
S i m p l e names will improve Search Engine Optimization (SEO)
Avoid hyphens between words
Avoid lengthy d o m a i n names
7.5 Domain N a m e System (DNS)
DNS is used to translate web names into its IP address. Users prefer web names, since it
is easy to remember and understand, but a computer can only understand its IP
address. Thus, the D N S converts web names into decimal dotted IP addresses w h i c h are
again converted into binary notations. The DNS acts in a simple network. If one DNS
does not recognize the IP address of a particular web name, it passes on the request to
another.
The user requests a webpage by providing its URL. The control passes to DNS Client. If
the DNS Client knows the IP address, it replies or else it passes on the request to the
D N S Server. If the D N S Server knows the IP address, it replies to the D N S Client, or else
passes on the request to other DNS Servers on the network. Every Internet Service
Providers (ISP) owns their respective DNS servers. The working of DNS is pictorially
explained in F i g . 7 .Sa.

07. Internet eBook
External ONS Servers
I I
I
Fig. 7 . S a : Domain Name System (DNS)
Two parties do not have similar web names in the same domain. For instance,
example.com and example.gov are different. Table 7.Sa lists some of the domain
names available on the Internet.
Domain Domain Names
.com Commercial Entities
.gov Governmental Entities
.edu Educational Institutions
.org Organizations
.net Closed Network
.rn E n t i t i e s connected with I n d i a
.uk E n t i t i e s connected with United Kingdom
Table 7 . S a : Domain Names List
7 . 6 World W i d e Web (WWW)
World Wide Web (WWW) is a collection of contents described in a well-structured format
using hypertext standards. These contents reside at the application server. The user
requests for content through the web browser using its IP address. The control transfers
to the a p p l i c a t i o n server. It consists of Hyper Text Transfer Protocol (HTTP) server and
content database. It replies to the client with content and displays it through the web
browser.

07. Internet eBook
Application Server
Client
Request(URL}
Web
Reply(Content)
Browser
Fig. 7.6a: World Wide Web ( W W W ) Architecture
The content is arranged in a standard format using any hypertext languages. Each page
of it is called a web page, and a collection of web pages is called a website. Web pages
contain different types of content that includes text, audio, video files, g r a p h i c s , images,
etc. A web page is either static or dynamic. The content of a static web page does not
change. It has to be changed manually by the administrator. Similarly, the content of a
d y n a m i c page c h a n g e s over time.

07. Internet eBook
7 . 7 Web Browsers
A web browser provides information and resources to users on request. It also allows
the user to interact with the web pages and dynamic content such as data filtering, form
filling, etc. It assists in navigation through the entire content of the web page.
The source code for a web page is viewed with the help of web browsers in H y p e r Text
Markup Language (HTML) format. Thus, it provides a user-friendly interface for the user
to interact with the web page contents. It grants first level security to both web content
and user.
Different types of web browsers are available in the market. Some of them are listed in
Table 7 . 7 a .
Browsers Icon
Internet Explorer
Mozilla
Konqueror
Netscape
Opera
Safari
Firefox
Table 7 . 7 a : Web Browsers List

07. Internet eBook
The browsing tasks t h r o u g h w e b browsers can be achieved with the help of the following
components.
Windows and Tabs
The contents of a web page are displayed with the help of windows in web
browsers. Tabs help to view alternative content on the same window but in
another partition. Thus the user switches among different content by simply
clicking on a tab.
W revcntes Q u, )UggesteO )fi es @.I wee )IKf: uattesy ..
&g [) MSN lndi1 BJ Google X ( ITM j PGOM Colleges I Eng.-
Fig. 7.7a: Tabs
Address Bar
It denotes the complete domain name of the current window. If the user wants to
reach a particular web site, the URL is simply typed on the address bar.
fiJ http< google.co.in ?gft_rd:::cr&ei=qb1QVMqEG0_"1lg
Fig. 7 . 7 b : Address Bar
Controls
It i n c l u d e s set of controls such as, navigation to first page or last page, refreshing
or reloading web page content or reaching home page.
Fig. 7 .7c: Controls
History
It stores the previous browsing history so that it assists the user in reloading the
prior sessions. The history can be deleted on user's request for confidentially .
--

r
-
::: "-9 IN .....,. -fi,,no
."'9,MUS-O..WN-. ....... -.... ... .._

f
q
--
......,
..u..-...- .
MIPS:/.....,.,_
- ........ U,..ApS....,i.tFirwfoo.,eMo;iBo.... ........-...,.,l)JOM'....... -.....
L ../ U f. ....,.,-Jto,otlfA:OfN<Mlao!XI
JOE l)UW! , tio, -101o!l ''f"'" .,_,."'11110.--
llWffll\'Mtrna lltlplhJfltdl! !900Slt.<aml<<C")'o....._
tt """"""""''""'r-.-.. -M
S!-MO:&.. ... .
',.,.
oi---""' !lom<- t.
arb
--
ll T........
. Ill b,:-t..g,
lt,t( e,. "'1HI
Fig. 7 . 7 d : History

07. Internet eBook
Favorites or Bookmarks
The web browser allows the user to mark any web page as favorite or bookmark.
The web page icon appears on a floating panel so that the user accesses it with
just a s i n g l e click.
I llll GEO c;) CT llo'I LH lili] I) n M lii!f Rcd Loltcr e a d! d1i I:, Rc,c.,rch
Fig. 7 . 7 e : Bookmarks
Cache
Cache is a small storage unit allocated in the hard drive. The browser stores
certain history on cache for faster reloading. When the user demands content of
previous searches, the browser reloads the data from cache swiftly. This reduces
response delay.
Index of active cache
Qpen lR (ind em t'oil
Number ol cadiil In-. 355
URL Oete le.st oo:essed
1-,J/eo:kdl::J\J.JJ.,c:e1tcom/t:ive1/ _.dfNetnb!ComNleb 06/21 /2000 00 36:)1
h'l'fK./t-all!MltO.com{C$t{ClVCSt 05/30/2000 09 09:01
h://a2000.compuse,vede/ 06/06/2000 12 29:<13
h/.,.....btlOlcom/orng/l_rildgii 06/30/20001129:SG _j
htl'J,-qvc.com/1moges/b_Jewelryg,I 04/30/2000 01 Z0.01
hl'fj/tw-qvc.oom/q,.c/g,Vcheck.g 04/30/2000 01 20:00
hJ,.._t.aa/lw\1 Qll1 05/30/2000 0911.18
M'fr/t-wet>Stal.CX>m/1mg/Mdo.gt 02/21/2000 21 <17:)0
hJ/w',wrwebstat.i:om/1mg/boic....1ap.g 02/13/21)001232.17
h /tw-wvbsW.eom/1moges/b1 gil 06/30/2000 11 '.i9 43
hJ/Pi 1111Q!rnet.;om/OQ$noao1ozh,ro_ 468lt60 grl 02/09/2".Mi Il .W 38
h'/lusyimg CtJttljm&g&/nt!vll. g,I .Jjf"{$,J,31'54, ..l
Fig. 7.7f: Cache
7 . 8 Search Engines
Search Engines consist of a set of programs or instructions that assists in searching
content on the user's request. The user provides a keyword which is obtained by the
search engines to search. It uses automated programs like bot, or spider that crawls
every website and refines the content based on the keyword.
It uses Boolean operators like AND, OR, NOT to explicitly refine the search process. It
also uses complex mathematical formulae which optimizes search content relatively
compared to the keyword.

Search engines are noted for both; effective speed and better refinement of searches.
Its ranking is based on comparatively close search results to that of keywords in short
time. It differs based on the algorithms used for searching. The algorithms are unique
and modifications as well as revision are performed at regular intervals to meet
standards.
Table 7 .Sa portrays some search engines available in the market.
Search E n g i n e s Icon
Google
Go0gle
Yahoo
YAEoOr.
Bing
bing
AOL Search AOL). Search
msn msn. .
Ask ,.
Table 7 . S a : Search Engines List
Search engines explore only the source code of the web page and not the animated
content. Thus, it refines the results of web pages that are developed using H y p e r Text
Markup Language (HTML) and Cascading Style Sheet (CSS). It does not look into
animated scripts used in the web page.

07. Internet eBook
Spider
Log
Keyword
----+ w ----+
--
Refined
Search

JI;
--
Retrieve
Crawl
\
Conteni\
Collection of Websites
Fig. 7 . S a : Working of Search Engines
There are three m a i n activities that every search engines performs.
Crawl
An automated program, spider crawls every web page and obtains the content
that is relatively closer to the keyword.
Index
The search results in the first step are logged, based on its relevance priority.
Compare and return
The automated program compares the logged results with the provided keyword
and d i s plays the refined search to the user.
7 . 9 Difference between Intranet and Extranet
Intranet
It is also called internal network. Intranet is accessible only within an organization. It
resembles a website which is accessible only to authorized users who are employed with
the company. Any unauthorized access is denied through a virtual device called firewall.
It d i s a l l o w s unofficial activities on the network.
Intranet is mainly used to share resources, data, software, applications, programs, and
it also assists in communication among different hosts within the organization.
Scalability of the organization has caused a growing need to use intranet. An
organization uses this facility for announcements, sharing organization policies and
procedures, obtain reports from lower-level deportments, etc.

07. Internet eBook
U n l i k e the Internet, which is controlled by the government, intra net is entirely hand led
and controlled by a particular company's interest. Hence, it reduces paper work and
increases the work efficiency. Staff outside the organization access intranet through
Virtual Private Network (VPN). Communication over intranet takes place in an encrypted
form.
Extra net
It acts like an extension of the intranet where it is accessible outside the network.
Stakeholders have limited access to company data through the extra net. Data
availability is measured depending on the administrator's view and customers' priority.
For instance, E-shopping websites allow customers to view product's details but cannot
add or change the product's description. Instead, rights are given to the user to post
reviews and comments.
High security and privacy is required to withhold confidentiality of the database. Thus,
extranet provides limited information associated to intranet activities. It does not
provide complete access to intranet.
I_
'
Intranet
-'--.....
Internet \ Server
I_
- <,.. .s; J-_,,J
--
Applocation
...,.,
I_
Customer's 1010
Net,,,'OJt
- Intranet -
Fig. 7 . 9 a : Intranet and Extranet
7 . 1 0 Creating Web Page using HTML
Hyper Text Markup Language (HTML} is a programming language used to create
web pages. It is simple and easy to understand. This language consists of keywords
enclosed between angle brackets < and > called markups or tags. The general
structure of an H T M L program is given in Fig. 7 . 1 0 a .

07. Internet eBook
<html>
<head> }
<title> </title> Head S e c t i o n
</head>
<body>
} Body Section
</body>
</html>
Fig. 7 . 1 0 a : Structure of H T M L
H T M L programs always start with < h t m l > tag and end with < / h t m l > tag. The close
(end) tag is s i m i l a r to the start tag but a s l a s h ( / ) precedes the keyword.
The text enclosed between < h e a d > and < / h e a d > tag is displayed as heading on the
web page. The text to be displayed on the topmost bar of browser called the title bar is
given between < t i t l e > and < / t i t l e > . Any text or content to be displayed on the web
page is included between <body> and </body> tag.
The H T M L programs are written on Notepad and saved as < fil e n a m e > . h t m l .
7J Samp!eP.age Notep
File Edit Format Vitw Help
<head>
<t1tle>Sample HTML Page </title>
</head>
<body>
Hypertext systems are particularly useful for organizing and browsing
through large databases that consist of disparate types of information.
There are several Hypertext systems available for Apple Macintosh computers
and PCs that enable you to develop your own databases. such systems are often
called authoring systems. Hypercard software from Apple computeris the most famous.
</body>
</html>i
< I I
'"
Fig. 7 . 1 0 b : Sample HTML Program

07. Internet eBook
n,s.,.As -
C)r--
, C-om-,--ff-
,N---.-.-
,-
, -
( ---
, N---o
l-
d-
l s----.r.,
-
,,.S,,,
, -t,_N_":'.
__ l_old------p'f
o,ganiu New folder
[] Documents Name Oete modified Type
j. Musi(
No IIems m.ttch )'our SQrch

.;] Pictures
fl! Subversion
H Videos
Computer
SI.ii locel Orsk (C:) E
r_. Nrw Volume (D:)
New Volume (E.;)
Nork
Filenam Samplage.html
Sa-tt as typ IT a1 Docum r .b:t)
Hid!' Foldtts Encoding: !ANSI
I I-""'-' I c,ml
Fig. 7.10c: Saving HTML Document
The file bears the icon of the web browser that is currently used. Go to that location and
d o u b l e - c l i c k on the file icon, the web page is displayed through the web browser.
HTML P
[ Samplt
+
C Rl Gq w
P D
or or;wzill1 and browsin, throuib lar1c datab Wt coruist of dispanuc t:t't>t.t of ittforma1io11. There arc
Hypcne ssicms arc particularly uteful f
several Hypertext 1ysteins available f

ot Apple i\1acu11osh compuien and PCs that mab\c )"OU ID de\"elop your 0\\11 databases. Such systc111s are often
called authoring systems. HrpeiCard software from Apple Computeris the mos1 famoui
Fig. 7 . 1 0 d : HTML Web Page
To edit or modify the HTML code, right click on the web page and select View Page
Source.

07. Internet eBook
Back
fQrward
Be:load
Bookmark This Page
Save fage As...
View Background lmi!lge
Seled All
ew Page Source
View Pagl!! Info
Inspect Element (Q)
Fig. 7 . 1 0 e : Viewing Page Source
Thus, the H T M L program is a source code for a respective web page. Any c h a n g e to its
content and structure is done through it. Some of the other tags that are used to
enhance the presentation of the document are listed below:
Tags Purpose
 ... Bold
<l > ... Italics
 ... U n d e rl i n e
 ... Subscript
< s u p > ... Superscript
< h l > ... < / h l > Heading level 1
<strike> ... </strike> Strikethrough
Table 7 . 1 0 a : Basic HTML Tags

7 . 1 1 Chapter Summary
Data c o m m u n i c a t i o n and networking uses source and destination address.
32
Address consists of 32 bits and includes 2 combinations of addresses.
Addresses are denoted in two notations; binary and decimal dotted notation.
Internet Protocol version 4 (IPv4) uses either classfu I addressing or classless
addressing.
Classful addressing using five types of classes. They are Class A, Class B, Class C,
Class D, and Class E.
Classless addressing allocates range of addresses depending on organization size.
Physical, logical, port, and specific address are the four types of address.
Uniform Resource Locator (URL) uniquely recognizes the web page over internet.
The components of URL are protocol, host, port, resource path, and query.
Domain Name System (DNS) translates web site names to its respective IP
address.
World Wide Web (WWW) is a collection of information presented in a well
structu red format.
Web browser assists the user in interacting with the web pages.
Components of web browser are windows and tabs, address bar, controls, history,
favorites, or bookmarks, and cache.
Search e n g i n e s are a set of programs that assist the user to search content.
Core activities performed by every search engine are crawl, index, compare, and
return.
Intranet is a network that is accessible to a closed group in an o r g a n i z a t i o n .
Extranet provides limited access to stakeholders to interact with the intranet.
Hyper Text Markup Language (HTML) is used to create static web pages.

eCommerce
I T M
UNIVERSITY
ONLINE
08. eCommerce eBook
8 . 1 Introduction
Enterprises across the world require noteworthy technology for effective business
f u n c t i o n i n g . They require a cost effective medium to promote their business g l o b a l l y and
to share information in a timely manner. The immense development and usage of the
Internet and electronic devices in business has changed traditional commerce.
To cater to this need a new technique called eCommerce has come into existence. It
helps business progression and assists business operations to reach globally.
eCommerce assists easy exchange of goods or services to consumers and vendors u s i n g
electronic tools and techniques.
Shopping trends have changed and consumers can buy any and every product through
the Internet. Books, magazines, and journals are now available in d i g ital formats for
easy access. This has reduced paperwork and manual labor to the maximum extent. It
leads the organization to a new competitive world by satisfying consumers through
effective service.
Define eCommerce
Elaborate eCommerce framework
E x p l a i n the features provided through eCommerce
D i s t i n g u i s h traditional commerce and eCommerce
Paraphrase its advantages and disadvantages
List various business models and payment methods
Describe the processes involved in Electronic Data Interchange ( E D I )

08. eCommerce eBook
8 . 2 Definition of eCommerce
eCommerce, alternatively called as electronic commerce, refers to the process of
handling business activities using Information and Communication Technology ( I CT ) .
Traditional transaction states that, it is necessary for both the parties to be present
physically to perform any kind of transaction. Through eCommerce, data a v a i l a b i l i t y and
transaction processing is possible round the clock. It is not necessary for the seller and
buyer to be physically presented to handle business operations.
The evolution of eCommerce started in 1995 where netscape.com published its first
advertisement, paving a new trend for the business process. It caused tremendous
growth in eCommerce retail sales and reduced paperwork by using techniques like World
Wide Web (WWW), electronic mail, electronic money transfer, etc. It transformed
traditional commerce to an electronic environment and introduced business operations
on a g l o b a l scale.
Generally, business operations include transaction data gathering, manipulating, and
sharing. eCommerce includes all these tasks along with high speed processing and huge
data storage at remote locations. Through computer networking, connections among
customers are laid easily. Thus, it provides easy communication among customers and
executives without geographical restrictions.
eCommerce is easily implemented through three types of integrations, such as vertical
integration, cross-business integration, and technology integration. Vertical integration
denotes the process of converting transaction processing systems to web applications.
Cross-business integration specifies the method in which the transactions are performed
by customers, officials, and suppliers using websites. Introducing electronic e q u i p m e n t s
in activities, such as order handling, marketing, and customer service refers to
technological integration.
Whinston, Choi, and Stahl proposed a framework that describes the three d i m e n s i o n s of
commerce. Fig. 8.2a depicts the functionality of traditional and electronic commerce
which is decided based on three factors, such as product, process, and delivery agent. In
traditional processing, all three factors are physical. For instance, purchasing a book
from a shop is pure traditional commerce where the factors, product, process, and
delivery happen physically. Partial eCommerce takes place if a n y one of the factors
turns digital. For instance, purchasing a book through flipkart.com is a partial
eCommerce where processing takes place digitally. If all the factors appear in a digital

08. eCommerce eBook
mode, then it is called pure eCommerce. For instance, purchasing an eBook from
flipkart.com where a ll the factors are digital.
Product
Virtual
Process
Drqttal
Physical
Physical Digital Virtual Delivery Agent
Fig. 8 . 2 a : eCommerce Dimensions
According to a definition by Wigand, E-commerce is the seamless application of
information and communication technology from its point of origin to its
endpoint along the entire value chain of business processes conducted
electronically and designed to enable the accomplishment of a business goal.
These processes may be partial or complete and may encompass business to
business as well as business to customer and customer to business
transactions.
eCommerce Framework
eCommerce had changed the perspective of business handling. Every activity is now
performed digitally in eCommerce. Organizations switch to digital mode to introduce
their business into the g l o b a l world which has led to tough competition. To b u i l d a strong
eCommerce framework, it is necessary to follow certain constraints.

08. eCommerce eBook
F l e x i b i l t y with
Forward Integration
Innovative Revenue
Collection
Collective
Products' Information
Fig. 8 . 2 b : eCommerce Framework Constraints
Interoperability
Business operations are handled digitally using the Internet. Since customers are
remotely located, the network architecture, connectivity pattern, and technologies
may differ. The platform on which business operations are implemented digitally
should be operable u n d e r such circumstances.
Technological Implication
The platform on which the d i g i t a l operations are performed should accept various
technologies used in a network. Any advance or emerging technologies should be
adaptable easily without major changes to the existing operations. For instance,
there arise different types of digital payment systems. Thus, a framework should
be flexible and accept these technologies to provide best service to the customers.
Flexibility with Forward Integration
Emergence of new services and business applications constantly arises. Thus, the
framework of eCommerce should accommodate future developments and
improvements. The framework should be flexible enough to accept dynamic
changes.
Innovative Revenue Collection Methods
eCommerce provides different payment collection modes, such as eCash,
ePayment, etc. An emerging method called meterware b i l l s the customer based on
product usage.

08. eCommerce eBook
Legacy Systems
Emergence of eCommerce has computerized maximum business processes. Still,
certain legal policies and procedures are maintained manually through paperwork.
Complete transformation of entire business application to digital mode is not
applicable in a single shot. Thus, eCommerce should effectively develop and
implement d i g i t a l legal procedures.
Collective Products' Information
eCommerce provides a wide variety of information such as, text, images, g r a p h i c s ,
audio, video, etc. to customers digitally where as in traditional commerce only
selective details are provided. eCommerce provides different modes of information
about a particular product. For instance, if a customer is purchasing a mobile
t h r o u g h any on line s h o p p in g website, the details of the m o b i l e are provided in text
along with its images, video demonstration, etc. Thus, the customer will have a
real experience and complete knowledge while buying the product.
eCommerce Issues
It provides unlimited enhanced services to facilitate customers and business executives
through electronic mode of business. Though, data accuracy and speedy response is
achieved t h r o u g h d i g ital maintenance of information, certain issues arise that are major
concerns and they need to be solved for effective functioning of eCommerce.
Market Related Soc,o-cultural legal and Regulatory Network and Technological

F1nanc1al Issues
Issues [ssues Issues Issues
Reliability Purchase potential Customs Pnvacy Compatibility
Competition Lifestyle Taxation Security Hardware standards
Market development Navigation patterns Electronic payments Content liability Interoperability
Customer orientation Attitude Fund transfers Uniform commerclal code Acceptability standards
Table 8 . 2 a : Issues in eCommerce

08. eCommerce eBook
8.3 Features of eCommerce
The rebellion of eCommerce is still unfolding. Industries such as education, news,
entertainment, finance, reservations, etc. adapt eCommerce to attain business
progression. Listed in Fig. 8.3a are some of the key features of eCommerce.
Global Reach Richness
Information
Interactivity
Density
Universal
C u s t o rn l z a t l o n
Standard
Social
U b i q u i ty
Technology
Fig. 8 . 3 a : eCommerce Features
Ubiquity
U n l i k e t r a d i t i o n a l commerce where goods and market is a v a i l a b l e only at a specific
place, eCommerce is referred as ubiquitous due to its a v a i l a b i l i t y everywhere and
at all times. Buying and selling of goods is possible at any place such as home,
work, and also while travelling. Thus, the marketspace is extended and
geographical restrictions are dissolved.
Universal Standard
It refers to the technical standards of the Internet used in eCommerce. These
standards are shared by every computer connected through the Internet, located
remotely t h r o u g h o u t the world. The structure and function of these standards are
s i m i l a r t h r o u g h o u t the network. Thus, it aids to reduce market entry costs that are
invested in searching for a customized product.

08. eCommerce eBook
Information Density
With the advent of the Internet and Web, the amount of data available to
consumers, sellers, and market participants is unlimited. eCommerce technologies
reduce costs of information processing, storage, and communication a n d increases
concurrency, accuracy, and timeliness of data.
Global Reach
Compared to traditional commerce, eCommerce provides business services across
cultural and national boundaries at substantially reduced costs. It is stated that
the potential market size of eCommerce merchants is roughly e q u a l to the world's
o n l i n e p o p u l a t i o n and is still growing.
Richness
It was assumed that the richness of information is achieved only through
traditional eCommerce with face-to-face interaction. It was imagined that the
knowledge of a consumer is easily depicted only through physical contact. This
trend changed with the introduction of eCommerce. It holds data in the form of
audio, video, image, and text and provides abundant information to the consumers
s i m i l a r to traditional commerce.
Interactivity
Product details are delivered to consumers through conventional resources such
as, televisions, radio, etc. It leads to one-way communication between seller and
consumers. eCommerce provides a two-way communication where consumers can
interact with sellers. For instance, through television, a consumer cannot interact
much with the seller but through Web and internet services, consumers can
communicate directly to request detailed information about the product and can
also post queries.
Customization
With the person's name, age, interests, and purchase history, sellers target
consumers with relevant messages or products. In case, a consumer prefers to
change the product or requires an alternative service, it can be easily done with
the help of eCommerce technologies. Thus, the online sellers study a consumer's
behavior with the help of information density.

08. eCommerce eBook
Social Technology
In contrast to traditional commerce, the consumers share their views and
experiences about a specific product with their friends and relatives through the
Internet. This indirectly acts as an oral publicity or advertisement of the product.
Positive reviews about the product increase its advancement through which
m a x i m u m consumer base is attained.
8 . 4 T r a d i t i o n a l Commerce Vs eCommerce
eCommerce provides m u lt ip l e services that assist consumers, society, and organization
to h a n d l e business activities effectively. It promotes business operations g l o b a l l y without
any restrictions on geographical area and connectivity. Many organizations switch from
traditional commerce to eCommerce to attain tremendous business progression. Fig.
8.4a pictorially explains the difference between traditional commerce and eCommerce.
In traditional commerce, every transaction takes place physically but in eCommerce,
every bus i ne s s transaction is handled in a digital format.
purchase l .c l
L:d"_j -
Buyer Traditional Commerce sales-purchase transaction Seller
.. 001100111100 ..

Send Send
Order
Buyer Ele<tronlc Commerce sales-purchase transaction Seller
Fig. 8 . 4 a : Traditional Commerce Vs eCommerce
Table 8.4a g i v e s a comparative study on traditional commerce and eCommerce.

08. eCommerce eBook
S. No. Concepts Traditional Commerce eCommerce
1 Data Transmission Transmitting data is a challenging Communication channels assist in easy
task and requires more effort. data exchange which leads to m i n i m u m
Data transmission depends on dependency on person-to-person
person-to-person communication. communication.
2 Communication Effectiveness of communication There is no necessity for human
depends on respective person's intervention. Every transaction is
skills. handled digitally.
3 Data Availability Data is made available only on Data is available round the clock and
request for a limited period. the user can access i

t at any time.
4 Data Sharing It requires multiple copies of data With the central database technique,
for every department which leads data is stored in remote locations
to inaccuracy and redundancy. and can be accessed at any time
with less redundancy.
5 Standards Traditional commerce does not eCommerce provides universal
have a uniform framework and standard for communication and
completely depends on personal transaction throughout the network.
communication.
6 Transactions Transactions are performed syn- Transactions are performed using
chronously and require human electronic systems and broadcasted
intervention. automatically to consumers.
7 Reachable Scale It takes maximum effort to cover a Reaching maximum population scale
reasonable quantity of population. is an easy task with the help of
emerging internet technologies.
Table 8 . 4 a : Traditional Commerce Vs eCommerce

08. eCommerce eBook
8 . 5 Advantages a n d Disadvantages of eCommerce
Advantages
The promotion of g l o b a l business activities, providing cost effective services, reaching
maximum population scale, flexible and improved infrastructure, and resourcefulness
t h r o u g h eCommerce has benefitted many sectors such as organization, consumers, and
society.
Organization
o eCommerce lays communication among merchants and consumers in a
much reduced cost.
o It assists in implementing business process reengineering effectively.
o It promotes h i g h profiled businesses.
o The cost of creating, processing, distributing, and retrieving paper based
transactions is provided through eCommerce at less cost.
o It introduces local business to the global market.
Consumers
o The competitive spirit among different business providers grants attractive
discounts to impress consumers.
o It assists in selection of products based on reviews provided by other
consumers.
o Through eCommerce consumers participate in virtual auctions, irrespective
of t h e i r locations.
o Filtering of relevant data among the bulk quantity of information is easily
implemented through eCommerce.
o Consumers quickly receive delivery of their products or services when
compared to traditional commerce.
o Unlimited ranges of products are provided to consumers.
o The most important advantage is that it allows consumers to invoke
transaction from anywhere, at any time.
Society
o Through online business activities, individuals work at home where the cost
spent for travelling is much reduced.
o It delivers the product beyond the reachable area such as, rural regions.
o Products through eCommerce are sold in much reduced cost, thus it allows
the customers to consume more and increase their standard of l i v i n g .

08. eCommerce eBook
o Delivery of public and non-profitable services such as, education, social
services, medical help, etc. are provided at much reduced cost.
Disadvantages
eCommerce provides unlimited services and aids consumers with enhanced technologies
available in the market. But, there exists certain limitations that affect the functioning of
eCommerce w h i c h can be overcome with effective recovery measures. These limitations
are broadly classified u n d e r two categories.
Technical Limitations
o There is lack of uniform and high bandwidth which leads to improper
communication.
o Software development tools are dynamic and still evolving.
o Integration of existing application with the advanced techniques is a
challenging task.
o Achieving complete system security and reliability is in its early stages.
o Special installation and configuration is required to implement eCommerce
software.
o Requirement of special web servers and network servers are necessary to
i m p l e m e n t eCommerce features.
Non-technical Limitations
o Consumers and sellers should be aware of advanced technologies. Complete
knowledge of eCommere is necessary to attain potential benefits.
o Certain countries are still unable to meet the infrastructure requirements to
lay an eCommerce background.
o Gaining confidence among consumers to buy products on a virtual world is
still a difficult task.
o Lack of trust in providing sensitive details such as, credit card number is
challenging.

08. eCommerce eBook
8.6 Business Models
Business models refer to the methods of connectivity among business entities. It also
provides description about core features, such as trading methods, operational
processes, organizational structures, consumers, and infrastructure.
According to the definition by AI-Debei and Avison, Business model is an abstract
representation of an organization, be it conceptual, textual, and/or graphical,
of all core interrelated architectural, co-operational, and financial
arrangements designed and developed by an organization presently and in the
future, as well as all core products and/or services the organization offers, or
will offer, based on the arrangements that are needed to achieve its strategic
goals and objectives.
eCommerce comprises seven types of business models based on the role of business
entities who invokes the operations.
Fig. 8 . 6 a : eCommerce Business Models

08. eCommerce eBook
Business to Business ( B 2 B )
In 626 model, the mediator places orders using the company's website. Business
operations happen among two organizations.
Supplies
I
I Order Processing
Orders
Website
Fig. 8.6b: B2B Model
For instance, a wholesaler orders the product using the company's website. The
company processes the order and delivers it to the wholesaler. They in turn sell the
product to customers.
Business to Consumer ( B 2 C )
This model allows the consumer to directly interact with the organization through its
website. A consumer places the order using the organization's website. The order is
then processed and is directly delivered to the consumer.
Supplies
I
I Order Processing
Orders
Website
Fig. 8.6c: B2C Model
Some websites which provide B2C services are drugstore.com, noble.com, and
beyond.com. A customer places the order using any online shopping website. The
order is processed by the respective organization and delivered to the customers
directly without the need of a mediator.

08. eCommerce eBook
Consumer to Consumer (C2C)
A transaction takes place between consumers through services provided by third a
party vendor. Consumers interact with the website to buy or sell products. The
website which controlled by a third party organization, charges the consumer based
on t h e i r usage.
Places advertisement
Want to buy products
Receives products
- - - - - - - - - - - -
Receives money
-----------
Fig. 8 . 6 d : C2C Model
For instance, Customer A wants to sell a cell phone using websites like quikr.com,
olx. i n , etc. the first step is to upload the mobile details on to the website. The
prospective buyer can view its details through the website. The service of interaction
is provided by the third party through the website but it does not directly participate
in the transaction.
Consumer to Business (C2B)
In the C2B model, the consumer contacts a website for a particular service that
contains information about different organizations.
Website
Places money for

Processes Order
particular service
Receives products
---------- 'r
Business Organization I Customer
Receives money
-- - - - - - - - - - -
Fig. 8 . 6 e : C2B Model
For instance, customer uses policybazaar.com which displays the comparative rates
of loan de t a i l s . The customer can then select the organization based on his budget
and a p p l y for a loan.

08. eCommerce eBook
Business to Government ( B 2 G )
Government interacts with websites developed by the organization to trade and
exchange information. The government recognizes such websites and allows
s u b m i s s i o n of a p p l i c a t i o n forms through it.
Government
Fig. 8 . 6 f : B2G Model
Government to Business ( G 2 B )
In G2B model, the government uses its website to publish tender notices, contract
an n o unce m e nO t s , agreement policies, etc.
Business Organization
Fig. 8 . 6 9 : G2B Model
Government to Citizen (G2C)
The government uses websites to interact with customers to provide online services
such as, passport application, availability of birth certificate, PAN card, vehicle
registration, etc. The main aim of G2C model is to provide accurate and fast response
to its citizens.
Fig. 8.6h: G2C Model

08. eCommerce eBook
8 . 7 Payment Systems
eCommerce introduces the traditional commerce to the digital world. Every transaction
in a business, such as displaying product details, promoting a product, placing and
processing the order, product delivery, and payment are performed using digital
techniques. This helps to reduce paperwork and manual labor.
Absence of physical contact among consumers, sellers, organizations, and agents in
eCommerce leads to the requirement of digital payment systems. Technological
advancement has led to multiple forms of payment systems in eCommerce. Listed below
are some of the most commonly used payment systems.
S m a rt Card
Debit Card eMoney
Credit Card efund
- -
Fig. 8 . 7 a : eCommerce Payment Systems
Credit Card
Credit card is one of the common modes of payment used by consumers. It is a s m a l l
hand held plastic card with a u n i q u e card number and has a black magnetic strip. It is
swiped to share information which is necessary to complete a transaction. Initially,
the bank pays for the product on behalf of the card holder and the amount has to be
returned back in a limited time period. Fig. 8.7a depicts the overall view of credit
card payment.

08. e C o m m e r c e eBook
3 Upon approval by card Issuing
bank, MGI credits merchant account

2 Merch11nt aiptures the
and submits transaction f
OI'
crl'dit aird information
settlement
4 Back end processor pays the

7 Customer receives statement
acqulrer and eeens the
and pays the Issuing bank
card-issuer account; transaction
Is sent to issuer
l
- _)
' '
6 Issuer postS the transaction
to the customer's account v S

I '
Acqulrer funds the
merchant's account
Fig. 8 . 7 b : Credit Card Payment Process
Debit Card
A d e b i t card is s i m i l a r to the credit card, physically. It is also a s m a l l plastic card with
a u n i q u e account number along with cardholder's name and signature. It is issued by
the bank only to the customers who own an account. The major difference between a
d e b i t and credit card is the way the customer reimburses the payment. With a debit
card, the money is deducted directly from the cardholder's account during payment
without mediation from the bank.
Fig. 8 . 7 c : Sample Debit Card
Smart Card
Smart card is physically similar to debit and credit card. A small microprocessor c h i p
is embedded in it that stores bulk quantities of information about a customer. It is
also used to store d i g i t a l money in the form of a binary format ( l s and Os). It is less

08. eCommerce eBook
expensive and can be accessed only with the help of a Personal Identification Number
(PIN).
Fig. 8 . 7 d : Sample Smart Card
eMoney
eMoney or electronic money denotes currencies in digital format. The currency is
stored, retrieved, and transmitted digitally. Payment processor, digital currency, etc.
are some of the trends where eMoney trend is u se d . It is simple, convenient, and
easy to i m p l e m e n t .
efund
efund or electronic fund is a popular method for exchange of electronic money from
one bank to another. This introduces the concept of internet banking that assists in
exchanging money d i g i t a l l y , either within the same bank or different banks.

08. eCommerce eBook
8 . 8 E l e c t r o n i c Data Interchange ( E D I )
The process of sending information digitally or electronically without human intervention
is called as Electronic Data Interchange (EDI). Data is transferred among various
entities connected with different types of communication links.
Both the sender and receiver should use standard format for data exchange. It may
include bus i ne s s documents such as, invoices, notices, policies, order details, etc.
Companies or departments located remotely share sensitive information using EDI to
accomplish effective business functioning.
In contrast, with traditional format where maximum time is consumed in delivering
information EDI reduces manual labor by automatically exchanging the information
using electronic devices.
Data m Internal l} Prepare the document!. to be sent

Format
,.
EDI Network
Swvic. Pro,,id..-
PolnttoPolnt Communications
3) Connect and tr.insmit your
documents to your busll'less
patner
Fig. 8 . S a : EDI Processes
The step-by-step process to exchange digital data through EDI system is listed below.
I n i t i a l l y , the data is filtered and passed on to EDI translator.
EDI translator helps to transform a document into electronic data format.
D i g i t a l data is sent to the receiving company through a c o m m u n i c a t i o n c h a n n e l .
Dig ital data is transferred again to a normal format using EDI translator at the
receiving e n d .

08. eCommerce eBook
Advantages
Listed below are some advantages of EDI systems.
Since computational electronic devices are used in EDI, occurrences of data entry
errors reduce.
Information is exchanged automatically with the help of electronic devices. T h u s , it
consumes less time as compared to traditional process.
Transformation of physical data to a digital format reduces paperwork.
It is s i m p l e , easy to implement, and cost effective.
A standardized communication process improves the quality of the communication
channel.

08. eCommerce eBook
Electronic commerce (eCommerce) refers to the process of using electronic
devices and the Internet in business activities.
Every business activity is handled digitally and data is a v a i l a b l e round the clock.
Product, process, and delivery agent are three main factors that decide the trend
of commerce.
Interoperability, technological implication, flexibility, forward integration,
innovative revenue collection, legacy systems, and collective product information
are the constraints to be followed to build a better eCommerce framework.
Ubiquity, universal standard, information density, global reach, richness,
interactivity, customization, and social technology are the features provided
t h r o u g h eCommerce.
Promoting business activities globally with cost effective services, reaching out to
a large population, flexible and improved infrastructure, and resourcefulness are
the advantages provided through eCommerce.
Business models refers to the methods of connectivity among business entities
and description about features like trading methods, operational processes,
organizational structures, consumers, and infrastructure.
Business to Business (B2B), Business to Consumer (B2C), Consumer to Consumer
(C2C), Consumer to Business (C2B), Business to Government (B2G), Government
to Business (G2B), and Government to Citizen (G2C) are the seven basic types of
business models.
Credit card, debit card, smart card, eMoney, and efund are few electronic
payment methods used in eCommerce.
The process of sending information digitally or electronically without human
intervention is called as Electronic Data Interchange ( E D I ) .

N e w IT
Initiatives
I T M
UNIVERSITY
ONLINE
09. New IT I n i t i a t i v e s eBook
9 . 1 Introduction
Technological developments have tremendously transformed the era of business
processes. In contemporary times, it introduces global businesses without geographical
restrictions and allows business operations to take place at remotely located offices with
the help of the Internet. Email, video conferencing, wireless networks, cellular phones,
and virtual networking have allowed business operations to be conducted on the
Internet at remote locations.
A user expects operations to be performed on a real time platform with data available
round the clock. This has led to the application of business on the Internet where
customers and businesspersons interact with each other at remote locations. Data
sharing and communication is accomplished easily through services provided by the
Internet. Thus, application of Internet over various business activities has led to the
development of infinite technologies.
Describe Enterprise Resource Planning (ERP)
E x p l a i n e B u s i n e s s with its security implications
Define eGovernance
S u m m a r i z e cloud computing
Describe Knowledge Management Systems ( K M S )
E x p l a i n M a n a g e m e n t Information Systems ( M I S )
E x p l a i n Decision S u p p o r t Systems (DSS)
Describe Customer Relationship Management (CRM)

09. N e w IT I n i t i a t i v e s eBook
9 . 2 Enterprise Resource P l a n n i n g (ERP)
Alternatively called Transaction Processing System (TPS), ERP assists to capture and
store transactions of an enterprise. It helps to retrieve these transactions that assist
business executives to handle decisions effectively.
ERP comprises details of every aspect, such as finance, marketing, production,
purchase, etc. and with the help of integrated software it records transaction details of
these aspects. It is also called the backbone of information system since the
effectiveness of decision making depends on transactions being captured. The
availability of reliable, accurate, and appropriate information is an important feature of
ERP.
For instance, a customer places an order based on product availability and receives a
unique number for every order. This transaction is uniquely identified using the order
number and any queries regarding the order are solved in reference to it. All these
processes are automatically generated without much manual labor using the ERP
system.
Methodologies and Approaches
ERP is implemented based on the methodology selected by the respective o r g a n i z a t i o n .
Methodology states the order in which the implementation processes are applied. It
includes a set of methods such as, creating a plan, monitoring progress, maintaining
project modules, and evaluating requirements.
The schema for ERP implementation includes selection of the approaches mentioned in
Fig. 9.2a that best fits the organization.
Approaches
Business
Big Bang Approach Pilot Approach Phased Approach
Model Approach
Fig. 9 . 2 a : ERP Implementation Approaches

Big Bang Approach
ERP software is implemented in all departments of the organization in a single
shot. T h i s approach has both positive and negative aspects. The positive aspect is
that it provides an integrated platform to every department and the negative
aspect is that it requires more co-ordination from different departments, staff
training, etc. Breakdown of one department affects the functioning of the other
which leads to lack of confidence among stakeholders.
Pilot Approach
Disadvantage of the big bang approach is overcome t h r o u g h the pilot Approach. In
this model, all the ERP modules are implemented in a single business entity. The
functioning of the software is carefully monitored. If any problem arises, it is
rectified easily and it affects only the respective department. Once the software is
successful, it is implemented throughout the organization.
Phased Approach
In this approach, the ERP is generated for every module in a business. For
instance, ERP is applied for marketing initially and later on developed for sales,
production, etc. At the final stage, all the modules are integrated and a unified ERP
is generated.
Business Model Approach
It is a c o m b i n a t i o n of the big bang and pilot approach where a universal model is
generated for the entire organization and moves on with individual modules.
Developers prefer modules that are relatively smaller in size and are easy to
implement. Thus it lowers costs, risks, and boosts confidence among developers
with the success from the first project.

Implementation Stages
ERP implementation depends on the size and models generated by the organization. Fig.
9.2b depicts the general steps which are to be followed for effectively implementing an
ERP. The output of one step becomes an input for another.
I - I
Deployment
. - ..
Preparation
- . -
Fig. 9 . 2 b : ERP Implementation Stages
Project Strategy
It includes the process of collecting requirements from every department. One
individual from each department participates in the planning process and
elaborates the functions about their respective department in detail based on
which a blue p r i n t is generated.
Business Analysis
This is a crucial step which decides the effectiveness of the project. User
requirements are carefully documented and evaluated for its feasibility. Improper
planning leads to poor project development and destroys the q u a l i t y of software.
It is recommended to dedicate maximum time in this step until user requirements
are fully met.

Plan
This includes the generation of a design schema with respect to the user
requirements and design constraints. The prototype is provided to the user for its
acceptance. Any changes requested by the user are implemented at this stage.
Develop
The static design plan is changed to dynamic using any one of the ERP
approaches. The development takes place individually for every m o d u l e , s i m i l a r to
the Pilot Approach. The design plan is devised based on various constraints such
as, cost, time, complexity, and influence on the organization.
Integrate
At this stage, modules designed individually are integrated to form a complete
system. For instance, if a product is ordered, the control is transferred to the
production department that checks the stock availability. After that, it moves to
the sales department which decides the delivery of the product. If the stock is not
available, then the control is transferred to the purchase department to purchase
the product. Thus, the output of one system influences another.
Test
A test plan is generated using the business analysis documentation. It is used to
test the outcome of the transaction. Testing every function of a module is
important. The report structure and data quantity should also be checked.
Deployment Preparation
It includes preparation related to the actual implementation of the project.
Functioning of processes in the right order, authenticating network connection,
user access permission, printing and numbering documents are tasks to be
checked under this step. It should be monitored that a compromise on data
accuracy never occurs.
Deployment
It states the actual implementation of the project in an organization. This takes
place either t h r o u g h Big Bang, Pilot, Phased or the Business Model Approach.

Maintain
When user satisfaction with the transaction system is scaled, the user views and
captures reports generated using the ERP system. If any demand occurs with the
ERP, it is easily implied.
ERP Benefits
Operation costs reduce realistically with better management of ERP systems.
Every user requirement is achieved through close interaction with the user w h i c h
assists in project delivery in a short cycle.
Notification in occurrence of any critical task assists in effective decision m a k i n g .
Fast and better data management techniques are a v a i l a b l e to the organization as
per the user's requirement.
The structure of ERP is rigid and flexible simultaneously which easily adapts to
d y n a m i c user requirements.
Business process becomes faster with group work technology and automation of
workflow.
9.3 eBusiness
Development of the Internet has led to the emergence of a new organization structure
called eBusiness or electronic business. Every operation in an organization works
with electronic data interchange at any time. It introduces organizations to a global
market.
Implementation of the Internet and web technology has changed the concept of
traditional business. Geographical area is not a restriction anymore and services are
provided to partners, vendors, and customers located remotely. It acts as a m e d i u m for
every kind of business operations round the clock.
Internet features have changed the era of buying and selling goods. It allows the user to
buy or sell any product across the globe. Due to minimum paper work, the cost of
business processing has reduced considerably. It also helps to maintain data accuracy
and allows users to access data at any time without interruption. Systems like the
decision support system, application packages, and information systems assist in
efficient functioning of eBusiness.

eBusiness shares information in a digital format ( l s and Os). Prior to the d i g i t a l format,
data was transferred in the form of analog signals with varying frequency and amplitude.
eBusiness heavily d e p e n d s on the Internet for all its activities w h i c h makes organizations
more flexible, profitable, competitive, and efficient.
In eBusiness, customer order, billing, and payment are performed in a d i g ital format. It
is achieved through web portal that is designed for the users' interaction for data.
Enterprise Resource System (ERS), Knowledge Management System (KMS), Customer
Relationship Management system ( C R M ) , etc. assist in its efficient f u n c t i o n i n g . Fig. 9.3a
portrays a sample eBusiness structure in an organization .
,. a<MC -: .,.
Onhne
Sales Auctions Payments web Factory E-Mail Factory
Catalogs
eBuisness tools
MY COMPANY
Fig. 9 . 3 a : eBusiness Structure
eBusiness integrates every function of a business process to a single task. It helps in
business automation and assists in easy data updates. The software is designed with
front end and back end systems where the former denotes the user interface designed
using any p r o g r a m m i n g languages and latter denotes the data source.
eBusiness Security
Implementing significant business operations on a virtual network and maintaining data
in digital format is a difficult task. Any unauthorized access or information theft is
difficult to discover since the attacker is not actively present. It is also important to
check the authenticity of the customers for pure transaction. Fig. 9 . 3 b shows some the
security techniques implemented to effectively handle eBusiness operations.

Digital D1g1t1al
Certificate Signature
Data Protection
Encryption
Act
Fig. 9 . 3 b : eBusiness Security Techniques
Encryption
The information shared over the Internet is not communicated in original format.
Data confidentiality is maintained by transforming the content into a coded form.
This process is called encryption. In case, if any unauthorized data access is
attempted, privacy is maintained.
Digital Certificate
It is used to identify whether the source of transaction is authentic or not. It is
s i m i l a r to the physical certificate which uniquely identifies and describes the user.
If an unauthorized user poses as a trusted identity and invoke transaction the
user's identity is validated through the digital certificate. It can also use a simple
method such as, "username and password" technique.
Digital Signature
Information is coded through encryption in which the digital signature acts as a
key. Every user possesses a unique digital signature and the transaction is invoked
only by the authentic user who possesses it.
Data Protection Act
Data controllers should follow certain principles described in the Data Protection
Act, 1 9 9 8 to handle user data. Any violation of the customer's data or u n d e r m i n i n g
its p r i n c i p l e s w i l l be liable under law.

9 . 4 eGovernance
Development of Information Technology (IT) has improved every sector by providing
fast communication, high reliability, and data accuracy. It creates a high impact in the
governance sector that facilitates both society and officials. A society expects
government to function faster and respond with accurate information at the rig ht t i m e .
With the implementation of Information and Communication Technology (ICT), IT helps
to achieve good governance. Wider and deeper participation of i n d i v i d u a l s , institutions,
organization, etc acts as a main objective of eGovernance which is achieved easily.
According to a definition by World Bank, "E-Government" refers to the use by
government agencies of information technologies (such as Wide Area
Networks, the Internet, and mobile computing) that have the ability to
transform relations with citizens, businesses, and other arms of government.
These technologies can serve a variety of different ends: better delivery of
government services to citizens, improved interactions with business and
industry, citizen empowerment through access to information, or more efficient
government management. The resulting benefits can be less corruption,
increased transparency, greater convenience, revenue growth, and/or cost
reductions. This definition specifies the use of information technology for easy revenue
generation, f i n a n c i a l decisions, and improving citizen-government r e l a t i o n s h i p .
According to another definition by UNESCO, Governance refers to the exercise of
political, economic, and administrative authority in the management of a
country's affairs, including citizens' articulation of their interests and exercise
of their legal rights and obligations. E-Governance may be understood as the
performance of this governance via the electronic medium in order to facilitate
an efficient, speedy and transparent process of disseminating information to
the public, and other agencies, and for performing government administration
activities. This definition highlights the use of electronic medium in a country's top
affairs m a n a g e m e n t and creates lucidity and efficiency to citizens as per t h e i r request.
eGovernance benefits many entities such as, citizens, government authorities, etc.
Listed below are some advantages of eGovernance.
It provides better quality services to the citizens with perfect data management.
S c a l a b i l i t y to reach every citizen has become easier.
Every activity of a government is implemented in a simple, efficient, and elegant
manner.

Stages of eGovernance
From the g i v e n definitions, it is clear that eGovernance is closely related to Information
Technology (IT), computer networking, and communication systems. Fig. 9.4a portrays
the stages to i m p l e m e n t eGovernance in any nation.
Online Data
Interactrvttv
Online Data
Presence
Ccmputenzatton
Fig. 9.4a: eGovernance Stages
Computerization
Computers were introduced in government organizations to automate every
activity. Initially, it was used for word processing and slowly progressed to data
processing.
Networking
Local government organizations located remotely are connected together to form a
network. It assists in data and resource sharing.
O n l i n e Data Presence
There arises a necessity for data availability on the network. The government
designed a website that displays information related to the organization structure,
citizenship procedures, law and order, reports and publications, etc.
O n l i n e Data Interactivity
The need for communication among citizens and government entities is laid down
easily. It reduces personal interface with government entities and increases timely
completion of related tasks.

9.5 Cloud Computing
The t e c h n i q u e of sharing remotely located data storage and software u n d e r the control
of a third party is called cloud computing. Thus, it assists in reducing the data
supervision effort. The organization becomes scalable without changing much of its
infrastructure. It is cost effective and provides huge benefits for the organization in
sharing resources and data with h i g h security.
According to a definition by U. S. National Institute of Standards and Technology
(NIST), Cloud computing is a model for enabling ubiquitous, convenient, on
demand network access to a shared pool of configurable computing resources
(e.g., networks, servers, storage, applications, and services) that can be
rapidly provisioned and released with minimal management effort or service
provider interaction. This cloud model is composed of five essential
characteristics, three service models, and four deployment models.
Source: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145. pdf
Model Types
Fig. 9.Sa depicts three types of cloud computing models which differ based on the
functions it provides.
End Users
Saas
PaaS
l a a S Network
Architects
Fig. 9 . S a : Cloud Computing Models
Infrastructure as a Service (IaaS)
Storage components, computing capabilities, networking equipment, connecting
media, servers, workstations, etc. are provided to the customers t h r o u g h IaaS. It
assists customers to completely access software within the infrastructure. For
instance, Amazon, GoGrid, 3 Tera provides IaaS.

Platform as a Service (PaaS)
Customers are offered a particular software layer or development environment as
a service in PaaS. Freedom of application generation is g i v e n to the customer and
is executed on the provider's area. Combination of an operating system and
a p p l i c a t i o n servers increases scalability and eases m a n a g e a b i l i t y requirements. For
instance, Google's A p p Engine, force.com provides PaaS.
Software as a Service (SaaS)
The entire a p p l i c a t i o n is offered to the user as a service in Saas. A s i n g l e copy is
run on the cloud and is accessed by multiple users. Installation cost and effort of
server configuration, and software license are reduced. For instance, Google,
Microsoft, Zoho provides Saas.
Cloud Types
Fig. 9.Sb portrays different types of clouds that are used based on the type of access
required by the organization.
Hybrid
Cloud
VMware vSphere
vr-iwere vSphere
Private P1.1bltC
Cloud Clo...d
Fig. 9 . S b : Types of Cloud
Private Cloud
It provides complete privacy and security for sensitive data of an organization
using a private d o m a i n . T h e hardware components and infrastructure are specified
by the organization itself. Since it provides a huge platform, the c o m p u t i n g speed
and facility increases. S i m i l a r to an intranet, private clouds are laid and open only
to sing le o r g a n i z a t i o n . Private clouds are classified into two types. They are,
o On premise Private Cloud: where the organization creates a private cloud
internally. It provides more security and protection of data.
o Externally Hosted Private Cloud: where the cloud provider assigns a
private cloud to the organization externally.

P u b l i c Cloud
External providers assign clouds to customers which is valid for a payment. It is
cost effective, since the payment is shared by multi-clients. All clients operate on a
single infrastructure cloud with different resources, access rights, security levels,
etc.
Hybrid Cloud
The organization can create a combination of public and private clouds. High
priority and sensitive information is stored in the private cloud to maintain
security. Programs or applications are run from the public cloud for easy allotment
and scalability.
Benefits
It is cost effective and the payment is based on u sa g e . It does not require
installation charges which h i g h l y reduces the expenses of an o r g a n i z a t i o n .
Cloud providers offer bulk storage space so that the organization can store huge
quantities of data. Workload spikes can be easily hand led with this scalability
feature.
Cloud computing adopts changing business constraints easily. It acts as a b u i l d i n g
block t h r o u g h which a unified integrated management control is possible.
Challenges
Cloud computing is flexible, cost effective, and assists customers to effectively handle
business operations remotely. However, there exist certain concerns which are
important to m a i n t a i n its effectiveness.
Management Capabilities
The process of platform management and infrastructure is still narrow. Auto
scalability of infrastructure is still a difficult task.
Data Recovery and Availability
Certain business constraints like data replication, maintenance, damage recovery,
transaction management, and performance management are strictly followed in an
organization. Cloud providers should not compromise with such constraints.

Data Protection
It is an important principle to maintain since an organization does not want to
compromise on data security. Prevention and detection of unauthorized access to
sensitive information is crucial.
Legal Issues
Cloud providers should observe legal issues irrespective of any country. For
instance, in European countries, it is a law that the personal information of any
entity should not be placed outside it. Thus, it is the responsibility of cloud
providers to follow laws of their respective locations.
9 . 6 K n o w l e d g e M a n a g e m e n t Systems ( K M S )
The ability of a person to observe and respond significantly in a situation refers to
knowledge. Thus, in an organization it is important for employers to comprehend a
situation before reacting to it. The experiences of an individual build knowledge and the
human brain obtains, stores, and manages them through different techniques listed in
Table 9 . 6 a .
Input Human Response
Signal Hint of an occurrence
Data Measure of indication
Information Measure in addition with focus and accuracy
Expertise Information build ing on account of certain constraints and principles
Knowledge Generating aptitude depending on cognitive sciences
Table 9 . 6 a : H u m a n Brain Knowledge Acceptance Method
The process of defining, obtaining, storing, and formatting knowledge is called
Knowledge Management (KM). According to a definition by Broadbent, Knowledge
management is a form of expertise management which draws out tacit
knowledge, making it accessible for specific purposes to improve the
performance of organization; about how the organization's 'know-how' should
be structured, organized, located and utilized to provide the most effective
action at that point in time.

Knowledge management components are broadly classified as people, process, and
technology. Participation of process and technology are found to be easier when
compared to people. Ensuring complete participation of people or employees is a
challenging task in KM and is achieved through motivation, rewards, performance
a p p r a i s a l s , etc.
Fig. 9 . 6 a : Knowledge Management Components
Organization develops critical knowledge over time that resides in employees,
databases, files, etc. which is used for strategic management. It is not obtained easily
and requires special techniques for extraction which is done through the help of
Knowledge Management Systems (KMS). Therefore, KMS deals with the definition,
a c q u i s i t i o n , development, storage, delivery, and application of knowledge.
Table 9.6b depicts some of the tools used for knowledge management.
Database management tools SQL, MS-Access
Search e n g i n e tools Google, Yahoo, msn
Document m a n a g e m e n t tools Lotus
www.actiontech.com
www.vmark.com
www.semio.com
www.infoseek.com
Table 9 . 6 b : Knowledge Management Tools

K M S Architecture
Fig. 9.6b shows the processes that are included in knowledge management system.
Knowledge
Delivery
Fig. 9 . 6 b : K M S Architecture
Knowledge Identification
At the initial step knowledge is defined and identified for further processing. The
scope and category of knowledge is defined. The next step includes the process of
searching the source for obtaining such knowledge.
Knowledge Generation
It i n c l u d e s the process of obtaining knowledge according to the constraints defined
in identification. Once knowledge is captured, it is passed on for manipulation.
Scrap knowledge is integrated in the form of sets based on which knowledge
database is created. The process of knowledge generation is a difficult task.
Knowledge Delivery
Once knowledge is created, it is stored in database. It can be retrieved later for
manipulation. Knowledge in database contains sensitive information and it has to
be h i g h l y secure.

9 . 7 M a n a g e m e n t Information Systems ( M I S )
Management Information System (MIS) integrates several sub-systems that provide
information and support business activities, management analysis, a n d decision making.
It provides output from the reports generated through mathematical models.
According to a definition by Davis and Olson, MIS is an integrated user machine
system for providing information to support operations, management, and
decision making functions in an organization. The system utilizes computer
hardware and software, manual procedures for analysis, planning, control and
decision m a k i n g , and database.
MIS
Decision M.iking
Feedback
serrormance
Fig. 9 . 7 a : MIS Structure
Data is obtained and transformed to a formal structure which is used for decision
making. Decisions are then generated and implemented using the Decision Support
System ( D S S ) . The performance of every decision is monitored and feedback is provided
to the MIS, based on w h i c h changes are made to its components.
Objectives
A major a i m of the MIS is to provide better organizational structure and manage it in an
enhanced way. It also obtains potential information from business processes. Listed
below are some of the objectives that are to be achieved through MIS.
Data Capture: obtains internal and external data which decides the performance
of business processes and assists in effective decision m a k i n g .
Data Process: it includes processing of data to structured information and
performs data manipulation such as, summarization, analysis, report generation,
calculation, etc.

Information Storage: information or processed data is stored in a n y data source
which can be retrieved in future for further operations.
Information Retrieval: it includes the process of obtaining relevant information
from the data source in an effective format.
Data Distribution: it stores data at remote locations for easy accessibility to the
user.
Characteristics
MIS promotes features that assist in better management of an organization. Some
characteristics that are provided by MIS are listed below.
It contains a central database, rather than a traditional file system.
It allows easy flow of information among different sub-systems with less c o u p l i n g
and h i g h cohesion.
It predicts information that is necessary for decision makers to study the o n g o i n g
competition in the market.
Design of the MIS should always be a top down approach.
It is designed in such a way that it is used for long term planning.
Data processing is rapid and secure.
It follows the business strategies and principles of an o r g a n i z a t i o n .
It collects processes, stores, analyzes, and retrieves unstructured data to
structured information.
9 . 8 D e c i s i o n Support Systems (DSS)
Decision Support Systems (DSS} helps to perform effective decisions and also
validates its performance. The problem parameters are utilized for evaluation and it is
performed through sensitive analysis. It resembles the Herbert Simon model. It
summarizes the objectives of a problem and the solution varies among different
systems.
The process of decision making is broadly classified into programmable and non
programmable. Programmable decisions are framed using pre-defined rules and
computer components such as, input devices, output devices, database, and software
utilities. Non-programmable decisions are performed without pre-defined rules and
require complete user involvement to constantly check the decision cycle process.

-+ O U T P U T
Fig. 9 . S a : Programmable DSS
DSS does not provide decisions directly instead, it assists decision makers by providing
information that is useful for decision making. The information is provided until the
decision-making process is completed successfully. The higher the rank of making
decisions the more information is sought.
Types of DSS
Fig. 9.Sb shows five types of DSS which is used for effective decision m a k i n g .
Status Inquiry Systems
Data Analysis Systems
Information Analysis
Systems
Accounting Systems
Model Based Systems
Fig. 9 . S b : DSS Types
Status I n q u i r y Systems
Decisions are performed based on one or two features of decision-making
situations. It does not include any computation, calculations, research, analysis,
etc. Once a status is decided, decision making is performed easily.

Data Analysis Systems
It performs a comparative analysis using various formulae and algorithm. It is not
well structured and can be improved with the help of data processing tools and
business rules. Cash flow analysis, inventory analysis, and personal inventory
systems are some examples for data analysis systems.
Information Analysis Systems
This system analyzes data from data sources and generates reports which assist
decision makers in providing situations for effective decision making. Market
research analysis, sales analysis, and accounts receivable systems are some
examples of information analysis systems.
Accounting Systems
This system assists indirectly in the decision-making process which monitors the
status and performance of business and its processes. The core of the system
includes data processing and report generation. Factors like cash, inventory,
products, personnel, etc. are used to control decisions.
Model Based Systems
Since it generates prototype solutions, it is also called simulation models or
optimization models. It provides certain guidelines on which decisions are made.
Models of DSS
Fig. 9.Sc shows three DSS models which are categorized based on its usage in
collaboration with different architectures and components.
DSS Models
Management Science Operations Research

Behavioral Models
Models Models
Fig. 9.Sc: DSS Models
Behavioral Models
This model analyzes the behavior of decision variables and its relationships which
assist in the d e c i s i o n - m a k in g process. The analysis is used to alarm or alert the

decision maker. It includes trend analysis, prediction, and statistical investigation.
The parameters or variables that predict business trendsetting are studied through
these behavioral models. Regression among these variables is identified by its
influence t h r o u g h the regression model.
Management Science Models
The model developed using business management, econometrics, and accounting
principles are called management science models. Certain management rules act
as a constraint which is to be followed to make decisions. These management
systems are easily converted to decision support systems. For instance, budgetary
systems, ABC analysis, inventory control are management sciences used in
material management. It can either be used directly into the decision design or
t h r o u g h management principles.
Operations Research Models
These are mathematical models that represent real time business problems in
terms of constraints, variables, constants, parameters, etc. The solutions are
achieved through various mathematical methods such as, set theory, calculus,
matrix a l g e b r a , probability, etc. The operation research models are used to obtain
optimum solutions for problems. A problem that does not provide solution t h r o u g h
the operation model is solved using simulation model.
9 . 9 Customer R e l a t i o n s h i p Management ( C R M )
Customer Relationship Management (CRM) establishes a direct relationship between
business executives and customers which helps effective progression of business. It also
supports effective understanding of customer behavior with respect to business growth
and promotion. Once expectations put forth are met, customer satisfaction is achieved
t h r o u g h constant interaction.
Thus, CRM assists in interaction with customers and uses various tech no log ies to
maintain the relationship. The main need for CRM is to provide complete fulfillment of
customer expectations. A customer's behavior and initiatives assist in managing the
relationship between customers and sellers and provides comfort, happiness, and
fulfillment.

Organizations combine procedures, policies, and business strategies to provide an
effective C R M . CRM d i s p l a y s status of the business and constraints for meeting customer
needs. The CRM software helps to track and monitor customer contacts and supports
customer-interfacing processes. It captures customer queries, orders, and contact
information which is shared among departments internally. The three key areas where
information is shared are front office operations, business relationship, and back office
operations.
Fig. 9.9a lists five CRM modules that are used to implement customer interaction and
achieve customer satisfaction.
Sales I n t e l l i g e n c e
Fig. 9 . 9 a : CRM Package
Sales Force Automation Activities: includes activity management, monitoring
customer response, generates report, assessment of management and accounts,
and target account selling.
Analytical CRM Activities: refers to design and execution of marketing
c a m p a i g n s , a n a l y s i s of customer profitability, behavior, and response
Sales Intelligence CRM: generates three As (Attention, Alert, and Action).
Occurrence of changes in cross-selling and customers opting competitor's products
are the features captured in this package.
Campaign Management Activities: refers to planning, d e s i g n i n g , and launching
c a m p a i g n material. It also includes analysis of campaign feedback.

Collaborative CRM Activities: identifies interdependent activities and supports
collaborative effort through information interchange.
CRM Approaches
CRM is effectively implemented based on the following two models mentioned in Fig.
9.9b.
CRM Models
Data-driven Model Process-driven Model
Fig. 9 . 9 b : CRM Models
Data-driven C R M Model
This model decides the process of building CRM strategies based on the customers'
past data from data source. This data is obtained and analyzed based on which
management decisions are made. These principles are then implemented on the
customer data w h i c h is evaluated and modified on request.
Process-driven C R M Model
It is a d y n a m i c process and requires specific functions to study customer behavior.
It decides the type of service that is to be provided to the customers. It includes
service initialization, service transaction, and pre-service and post-service
information.
Electronic CRM (eCRM)
With the development of the Internet and electronic technologies, CRM has made a
tremendous transfiguration to electronic CRM (eCRM). Online and round the clock
service are provided through eCRM. Customer intelligence which is defined as deriving
data about customers are implemented through online data mining tools. Evaluation,
analysis and interpretation of customer interactions are laid easily. It provides value
added experience to customers through various channels such as, call centers, ATM, self
help, PDA, etc.

9 . 1 0 Chapter S u m m a ry
Enterprise Resource Planning (ERP) assists to capture and store transaction data
of an enterprise.
Big bang, pilot, phase, and business model are ERP implementation approaches.
Project strategy, business analysis, plan, develop, integrate, test, deployment
preparation, deployment, and maintain are ERP implementation stages.
The development of the Internet has led to the emergence of a new organization
structure w h i c h processes on network is called eBusiness.
Encryption, d i g i t a l certificates, d i g i t a l signatures, and data protection act are some
of the security techniques implemented in eBusiness.
Faster communication, high data reliability, and quick response to citizens are
possible with the help of introducing the Internet in governance operations
t h r o u g h eGovernance.
Computerization, networking, online data presence, and online data interactivity
are the stages for introducing eGovernance.
The technique of sharing remotely located data storage and software under the
control of a third party is called as cloud computing.
Infrastructure as a Service (IaaS), Platform as a Service ( P a a S ) , and Software as a
Service (Saas) are three different types of cloud computing models.
Clouds are categorized into three types such as, public, private, and hybrid clouds.
The process of defining, obtaining, storing, and formatting knowledge is called as
Knowledge Management ( K M ) .
Knowledge identification, knowledge generation, and knowledge delivery are the
processes involved in K M S architecture.
Management Information System (MIS) integrates several sub-systems that
provides information and supports business activities, management analysis and
decision m a k i n g .
Decision Support Systems (DSS) helps to perform effective decisions and also
validates its performance.
DSS can be either a programmable or a non-programmable activity.
Status inquiry system, data analysis system, information analysis system,
accounting system, and model based system are the five different types of D S S .
The DSS model is categorized into three types such as, behavioral, management
science, and operations research models.
Customer Relationship Management (CRM) establishes a direct relationship
between business executives and customers which helps effective progression of
business.

CRM package includes sales force automation, analytical CRM, sales intelligence,
c a m p a i g n management, and collaborative CRM.
Data-driven model and process-driven model are two different approaches of C R M .
Electronic CRM refers to implementation of CRM using the Internet and electronic
tech no log ies.

Security
Measures
I T M
UNIVERSITY
ONLINE
10. Security Measures eBook
1 0 . 1 Introduction
Security is a major prospective for every activity over a network. Transactions are
possible at any corner of the world using Internet. Confidential and sensitive information
is shared on the Internet to accomplish effective transactions in an instant. Customers
do not compromise on security aspects such as confidentiality, integrity, and non
repudiation. Thus, advancement in Information Technology (IT) has led to the
development of in-built security features in web browsers, search engines, web sites,
etc.
"Prevention is better than cure", thus, predicting possible occurrences of risks and taking
the rig ht action at the rig ht time is preferred over recovery from data loss. It is
important to know security mechanisms for effectively implementing a secure network.
Various available IT laws monitor every online activity and the same is also applicable
for infringement of IT rights.
Security is required to protect physical and digital data. Every transaction on the
Internet is handled digitally. Various techniques and tools are available on the market
which can be used to achieve high security. This chapter elaborates various security
m e c h a n i s m s which can be used to attain high security on every o n l i n e transaction.
Classify types of attack
List security p r i n c i p l e s
Define cryptography
S u m m a r i z e the working of digital signatures
Differentiate types of security protocols
E x p l a i n Information Security Management Systems ( I S M S )

10. Sec u r i t y Measures eBook
1 0 . 2 Types of Attacks
The unauthorized process of viewing, retrieving, modifying, or deleting a users' data or
resources is called an attack. The person or device that assists in digitally attacking a
computer or its resources is called an attacker.
According to a definition by USA's Committee on National Security Systems, An
attack, via cyberspace, is targeting an enterprise's use of cyberspace for the
purpose of disrupting, disabling, destroying, or maliciously controlling a
computing environment or infrastructure; or destroying the integrity of the
data or stealing controlled information.
Fig. 1 0 . 2 a elaborates the different types of attacks which are categorized based on the
intention of the attacker.
Attacks
Passive Attacks Active Attacks
Content
Traffic Scrutiny
Observation
Message
Deception Replay Repudiation
Modification
Fig. 10.2a: Types of Attacks
Passive Attacks
In t h i s attack, data on a computer or its resources are only viewed and are not altered
by the attacker. The m a i n objective is to obtain the information that is being shared on a
network. It i n c l u d e s two types of attacks.
Content Observation
The attacker obtains and observes messages that are being transmitted on the
network. The observed information is released illegally to other unauthorized users
on the network and this creates a privacy breach. For instance, an intruder illegally
observes a product's details that are viewed or shopped by any individual. Thus,
using these details, gullible buyers are lured by posing attractive discounts which
may lead to unauthorized proprietors.

Traffic Scrutiny
In this type of attack, the attacker simply monitors the communication pattern and
the message length which occurs on the network. For instance, an intruder illegally
monitors the traffic or network structure of an organization. It provides important
details that are used in a network such as, network architecture, topology,
protocols, etc.
A passive attack is very difficult to detect as the attacker is not active. The solution to
avoid this type of attack is to encrypt the entire process on the Internet, so that only
authorized users can access data.
Active Attacks
In active attacks, the computer resources are attacked and altered. It leads to serious
problems and is very difficult to recover. Active attacks are classified into five types.
They are,
Deception
The attacker impersonates a different identity to make use of confidential
information. Authentication credentials are obtained illegally and used to gain
illegal access. For instance, an intruder illicitly logs in to a company's intranet by
impersonating an employee using authentication credentials to access the
company's confidential details.
Replay
A particular process is captured from the network and is replayed multiple times
which causes network overload. It crashes or slows down the entire network. For
instance, an attacker obtains a message packet that is on transmission and
replicates it infinite times to slowdown the network. If the network cannot handle
the overload, it finally crashes.
Repudiation
Here, communication takes place between a sender and receiver. The repudiation
problem occurs when either a sender denies sending a message or a receiver
denies receiving the message. For instance, a sender sends an e-payment and
later denies sending it or the receiver denies receiving the e-payment and may
request it a g a i n .

Message Modification
The process of changing information without authorization falls under this
category. The attacker captures data from the sender modifies it and sends it to
the receiver. Both, the sender and the receiver are unaware about the loss of data
originality. For instance, a customer sends an e-payment of 1000 and the
attacker modifies it to 10000 by adding an extra zero, this poses as a huge loss
to the customer.
Denial of Service (DOS)
The process of denying access to an authorized u se r is called Denial of Service
(DOS). The attacker performs this either by changing authorization credentials or
collapsing the network. For instance, an attacker may try to login with a random
username and password, but fails. The system may detect the activity as a threat
and block the user from intra net. At a later time, even though an authorized
customer provides correct username and password, he will be denied access due
to m u l t i p l e wrong usernames and passwords.
10.3 P r i n c i p l e s of Security
Since confidential information is shared on network, security becomes a major aspect.
To enable c o m m u n i c a t i o n , systems are interconnected on network where privacy breach
is an issue. Thus, it is important to follow the security principles w h i c h are represented
in Fig. 1 0 . 3 a for safe and efficient usage of network.
Availability
Fig. 10.3a: Security Principles
Confidentiality
It denotes that only the intended sender and receiver of a message should be able
to access it. It should not allow any unauthorized person to view the contents of
message. For instance, u se r A sends message to u se r B, but an unauthorized user

C gets access to the message and views it. Thus confidentiality is broken among
user A and B. Confidentiality is categorized as,
o Connection Confidentiality: data protection to all users connected within
a network.
o Connectionless Confidentiality: protection to user data in a single data
block.
o Selective Field Confidentiality: protection to selective field for the user
data on a connected network.
o Traffic Flow Confidentiality: protection to information that are observed
from traffic a n a l y s i s .
Integrity
The o r i g i n a l i t y of the message should remain same till it reaches the receiver. If
the attacker modifies the data before the receiver receives it, then data integrity is
lost. For instance, u se r A sends message to user B, but it is i l l e g a l l y obtained by
user C during transmission. User C alters the message before placing it over
network. Integrity is categorized as:
o Connection integrity without recovery: data integrity is sustained over
connection-oriented systems with absence of data recovery.
o Connection integrity with recovery: it preserves connection-oriented
system a l o n g with recovery of user data.
o Selective field connection integrity: data integrity is maintained for
selective field on user data.
o Connectionless integrity: it includes data integrity for connectionless
systems.
o Selective field connectionless integrity: it sustains data integrity for
selective fields in user data on connectionless systems.
Authentication
It denotes the proof of identity with the help of which an individual is provided
access rights. Authentication credentials decide the scope of access. For instance,
if user A wants to send a message to user B, user B's identity is checked whether
it's really user B or someone impersonating. The simple method to apply this
t e c h n i q u e is by u s i n g username and password.

Non-repudiation
Some situations occur where a user initially sends a message and denies it later.
Thus, non-repudiation helps to prove such denials. For instance, user A sends an
eFund to an N G O and later denies invoking it.
Access Control
It defines the scope of access that is allocated to an authorized user on a network.
For instance, a student has less access control compared to teachers. They are not
privileged to access the teachers' salary.
Availability
Data and services should be available to authorized users at all times. Due to
unauthorized users' intention, an authorized user should not be blocked on a
network. For instance, intranet details of a company are to be hidden from the
stakeholders but products details should be available to them to enable purchase.

10. S ecu r i t y Measures eBook
1 0 . 4 Cryptography: Definition a n d Types
The solution for passive attacks is to encrypt the original text or message. The process
of changing original text to coded text is called cryptography or encryption. The
process of changing coded text to original text is called cryptanalysis or decryption.
The va r i a bl e a p p l i e d to perform the technique for encoding and decoding is called a key.
A c o m b i n a t i o n of these processes is called cryptology.
+
Fig. 10.4a: Cryptology
The sender changes the o r i g in a l message to a coded text using different techniques.
This coded text is then sent to the receiver, who in turn changes the coded text to the
original text. The techniques used for coding and decoding should be known only to the
sender and receiver. If the attacker tries to obtain data d u r i n g transmission, it would be
in a coded format and cannot be deciphered. Thus, confidentiality is maintained. Fig.
10.4b and Fig. 10.4c pictorially depict the encryption and decryption process,
respectively.
Original Coded
Message Message
Hello 4DffOJ,
World (+wsV
Fig. 10.4b: Encryption

Coded Onginal
Message Message
0
4Dff Ai Hello
(+wsV World
Key
Fig. 10.4c: Decryption
Fig. 10.4d depicts the cryptographic techniques which are classified based on the
n u m b e r of keys used.
Cryptography
Symmetric Key Cryptography Asymmetric Key Cryptography
Fig. 10.4d: Cryptography Types
Symmetric Key Cryptography
If the same keys are used at the sender and receiver end, then it is called as
symmetric key cryptography. It is important not to leak the key w h i c h is the m a i n
source to protect confidentiality. The attacker can decode and change data
illegally, only if the key is revealed. This cryptographic type is easy to implement.
For instance, Twofish, Serpent, AES, IDEA are algorithms that use symmetric key
cryptography. Fig. 10.4e portrays the functioning of symmetric key cryptography.
Origin al Coded Orlglnal
Message Message Message
I'\
Key Key
Fig. 10.4e: Symmetric Key Cryptography

Asymmetric Key Cryptography
In asymmetric key cryptography, two different keys are used at the sender and
receiver side to encode and decode, respectively. Each party holds a pair of keys,
a Public Key and a Private Key. A Public key is used to encode and is shared with
all users whereas a private key is used to decode and is kept secret. For instance,
user A uses the public key of user B to encrypt the message and sends it. User B
uses h i s own private key to decode the encoded message. RSA, EIGamal, Cramer
Shoup are algorithms that use asymmetric key cryptography. Fig. 10.4f portray
the functioning of asymmetric key cryptography.
Ong1nal Coded Ongmal
n
a
9f-- Hill iii iI>-- iii:1 ii il-______.9

Sender Receiver
ft ;
Receiver's Receiver's
Public key Private key
Fig. 10.4f: Asymmetric Key Cryptography
1 0 . 5 Digital Signatures
The non-repudiation, one of the security principles is achieved with the help of d i g i t a l
signatures. This helps to identify and accredit the correct sender. It has major
significance in Web commerce. In most online trading and banking activities, the
customer authorizes transactions using digital signatures, s i m i l a r to paper signatures. It
has a legal status u n d e r the Information Technology (IT) law. For instance, if a customer
A wants to transfer money to customer B, he informs the bank by attaching his d i g ital
signature to the message.
www.itmuniversityonline.org Page 2 0 1
Original Coded Original
-lliiliiilHl
l lll
: f-----ill
i fiilhliiIll--
Sender Receiver
Sender's Sender's
Private key Public key
Fig. 10.Sa: Digital Signature
The usage of a d i g i t a l signature is portrayed with Fig. 10.Sa. In digital signature, the
sender encrypts the message using its own private key. It is contradictory to the
asymmetric key cryptography. The coded message is decrypted using the sender's
public key. Since the sender's public key is known to all, it does not achieve
confidentiality but helps in authentication.
For instance, if customer A sends a message, encrypting with his private key, the
receiver can decrypt that coded message with A's private key o n l y . It helps to achieve
the authentication principle.
Another added advantage is that it helps to achieve the non-repudiation principle. For
instance, if the message is decrypted only with A's public key. If customer A denies
sending the message, then receiver can prove by decrypting it with A's p u b l i c key where
decryption is possible only with sender's public key.
Process
The sender uses a s i g n i n g algorithm and signs the message. The data and signature are
sent to the receiver. The receiver uses the verification algorithm to verify the signature,
sent by the sender. If the result is true, the message is accepted, else rejected. This
process is portrayed in Fig. 10.Sb.

-
Sender
-
Receiver
Message Message
Siqninq Algorithm Verification Algorithm
Message, Signature
Fig. 10.Sb: Digital Signature Process
Attacks on Digital Signatures
Key-only attack: with the help of a public key, the attacker tries to forge a
document by creating a subsequent private key.
Known-message attack: the attacker holds documents which were previously
signed by the sender. For instance, Mr. X, an attacker holds documents that were
signed by the sender, Mr. Y. He uses Mr. Y's signature-message pattern to s i g n on
one of his i l l e g a l l y generated documents.
Selective-message attack: the attacker convinces the sender to s i g n on some of
illegal content on the pretext of legal content. For instance, Mr. X forges Mr. Y's
signature by forcing him to sign on a document which he wants to use for illegal
activities.
Existential Forgery: the content of the digital signature is randomly forged.
Selective Forgery: selective content of the digital signature is forged.

1 0 . 6 Security Protocols
Security protocols are a set of rules and regulations to be followed to i m p l e m e n t security
p r i n c i p l e s on a network. Every activity over a network such as e m a i l , o n l i n e transaction,
IP a d d r e s s i n g , etc. hold different types of security protocols.
Secure Electronic Transaction (SET}
Internet advancement causes tremendous development in eCcommerce. eCheque,
eDraft, and digital money are possibilities of payment through online transactions. Thus,
SET is a security protocol which is used to monitor and protect d i g i t a l transactions. Fig.
10.6a portrays the working of an SET protocol.
Merchant

- , - Ji
Card holder
Internet
Certificate
Issuer"
,_,
Payment
network
-- Acquirer
Payment gateway
Fig. 10.6a: S e c u r e Electronic Transaction (SET}
It was first implemented through Visa, MasterCard, etc. It provides the option of a
d i g i t a l wallet to an i n d i v i d u a l where transactions are made t h r o u g h d i g i t a l money, Thus,
confidentiality and privacy becomes a major requirement,
The working of an SET protocol is listed below:
The customer should posses and uses an SET-enabled web browser to access Visa
or MasterCard account
A d i g ital certificate is provided to the customer that can be used for on line
purchases, It i n c l u d e s an expiry date which is necessary for the b a n k to validate,
Bank also issues its d i g i t a l certificate which holds bank's p u b l i c key and merchant's
p u b l i c key to the merchants,
Customer places the order of the merchant's product o n l l n e ,
The customer's browser then receives the merchant's dig ital certificate which is
later used to check the merchant's identity,
www.ltmunlversltvonltne.orq Page 204

Browser places the order and encrypts it using merchant's public key and also
encrypts the payment, using bank's public key.
The encrypted payment is sent to the bank that checks for the merchant's v a l i d i t y
and confirms the payment.
Pretty Good Privacy ( P G P )
The confidentiality principle in email is achieved through PGP protocol. The message is
sent among users, in a coded format. The sender encrypts the original message using
the receiver's public key. The receiver's private key is used to decrypt them message at
the receiver e n d . Fig. 10.6b pictorially depicts the working of PGP protocol.
SENDER SIGNING AND ENCRYPTION PROCESS
Sende,-'s Receive,-'s
Private Key Public Key
('\
- - '@:,II
Raw File Signed and Email or FTP
Encrypted File
RECEIVER DECRYPTION AND VERIFICATION PROCESS
Reeerver's Sender's
Private Key Publtt Key
,. ('\
a Decrypt File
with Private Key

Verify Signature
with Public Key

@
Email or FTP Signed and Raw Fiie

Encrypled File
Fig. 10.6b: Pretty Good Privacy ( P G P )
The keys are password protected and shared among users on the network. Thus, the
authorized user can alone access the key and decrypt the message. PGP is more secure,
since it uses two level securities, one in encrypting the message w h i c h is to be sent and
the other, encrypting the key which is used to code the message.
Listed below are the steps to be followed for including PGP security features.
Download any PGP tool available in the market, such as iGolder, G n u P G , etc.
Using the tool, generate a public and private key.
E n a b l e the PGP option at the client side of the e-mail.
Obtain public keys from contacts which are used for encryption before sending the
message.
Thus, at the receiver end, the private key is used to decrypt the message.
Secure Multipurpose Internet Mail Extensions ( S / M I M E )
The process of sending messages through e-mail is secured using this protocol. It is
included by default in modern web browsers. It helps to identify the correct sender and
sends messages in an encrypted format. Non-repudiation and confidentiality are the two
security p r i n c i p l e s achieved using this protocol.
fi----i. Iatemet f;,ewall BlackBerry
Enterprise
Me55aging
server
Recipient's computer
with 5/MIME private key

BlackBerry Wireless
Server
device network
I
Server that hosts
5/MIME Certificates
Fig. 10.6c: Secure Multipurpose Internet Mail Extensions ( S / M I M E )
In Fig. 10.6c, the mobile device sends data which reaches its enterprise server. It is
responsible to check the validity of the sender through its 5/MIME server. If the sender
is v a l i d , then the data reaches the receiver's messaging server. A major d i s a d v a n t a g e of
5/MIME is retrieval of past mails. Since every mail is encrypted, searching mails based
on a keyword becomes d ifficu It. The outgoing mail is scanned for presence of viruses
and then encrypted, but it is difficult to scan incoming 5/MIME mails. 5/MIME provides
mail in a readable format only to sender and receiver. Thus, on the intranet, the
organization cannot be attached as a third party. It raises legal issues in monitoring the
communication s t a n d a r d .

10. S ecu r i t y Measures eBook
Secure Socket Layer (SSL) Protocol
It h e l p s to secure connectivity between customers and web sites. A customer performs
transactions and shares sensitive information. Thus security is much more needed to
m a i n t a i n confidentiality.
[a GMO GlobalSign Inc (US] J https://www.globalsign.com/en/ssl-information-center/what-is-ssl/
Fig. 10.6d: Secure Socket Layer (SSL) Protocol
There exists a padlock before the URL in the address bar which denotes that the web
site is secured using SSL protocol. Thus, transaction among customers and SSL
protected web sites are encrypted which provides high confidentiality. It provides
security to credit card transactions, system logs, sensitive information, and webmail,
connection between email client and email server, and transferring files. It also assists in
monitoring intranet traffic and database connections.
1 0 . 7 I n f o r m a t i o n Security Management
In Internet, every transaction is done through digital data. It acts as a critical resource
for an individual. Since eBusiness and eCommerce are entirely performed on digital
network, there exists a necessity to secure information. Information Security
Management System (ISMS) solely performs the task for securing information and
provides a standard for m a n a g in g it on network.
Information Security Management Process
Risk Risk Execute

Policy Scope Control
A n a l ys i s Measures Measures
Fig. 10.7a: Information Security Management Systems ( I S M S )
Policy
The company designs strategies and procedures to maintain security. It includes
terms or rules that are to be achieved to handle information security. This step
plays a crucial role to achieve better security management.

Scope
Policies designed in the first step are checked for its scope. It should also confirm
to w h i c h extent the security policies can be implemented. The scope of information
security at different departments is also discussed and constraints to access
information are put forth accordingly.
Risk Analysis
The company that plans security management should know the possible risk
factors. Confidentiality of the information and the method used to share matters
the most when maintaining security. The probability of risk factors should be
judged and documented. Security management should be stable to handle sudden
occurrence of risks.
Risk Measures
It is important to measure risks that are possible to occur in every situation. Each
risk listed at the analysis stage should be measured based on how critical it is. It
helps to decide the risk solution which is applied on the occurrence of risks. It also
decides the process of designing automated machines that immediately predicts its
pre-occurrence in prior based on the previous history.
Execute Measures
Each risk holds many solutions which are selected and executed based on certain
requirements such as, cost, time, efficiency, etc. These measures are calculated
for its effectiveness and are ready to be implemented on occurrence of risks.
Control
It informs every online task to a concerned central authority. They are information
manager, information analysts, and information officer. The physical and logical
a v a i l a b i l i t y of information to every authority are finalized.
Principles of ISMS
The effectiveness of ISMS mainly depends on risk analysis, risk measures, execute
measures, and control.
Information Security Management satisfies the following three security p r i n c i p l e s .
Integrity: The data sent by the sender should reach the receiver without any
compromise on its content originality.

Availability: Data should be available at the right time with the r i g h t scope to an
individual.
Confidentiality: Data viewing rights should be given only to the sender and
receiver.
International Organization for Standardization (ISO) 17799: Scope and
Implementation
Information security, the most important factor, is implemented in an organization using
the steps standardized by ISO 17799. It provides rules and regulations to be
implemented to obtain high-level security to protect information which is a critical asset
to any organization.
Fig. 10.7b: ISO 17799 Standard
Security policy: policies associated with the information security of an
organization are described and reviewed under this section. It should i n c l u d e every
concern associated to protect a company's data.
Organizational security: it comprises security principles associated with an
organization.
Asset classification and control: information, an important asset of an
organization, is listed in the hierarchy and its control measures are also listed.

Personal security: it includes security features used to protect information, such
as biometric, fingerprint analysis, face recognition, etc.
Physical and environmental security: it includes security measures laid
physically in an organization to protect its asset.
Communication and operation management: the c o m m u n i c a t i o n method used
in an organization for sharing information is concerned in this section. It also
comprises of operations used to manage and manipulate information.
Access control: it denotes the access permissions allotted to every user in an
organization. Confidentiality of data is achieved by providing access control to
users carefully.
System development and maintenance: the development of I S M S is discussed
under this section. It is used to standardize the process of ISMS and lay
maintenance for each module in the process.
Business continuity management: it includes maintenance factors to be
followed after a p p l y i n g ISMS in an organization along with efficient documentation
for each process in I S M S .
Compliance: it includes careful documentation of the agreement list which is to
be laid for each department in an organization. It is presented to every user in an
organization who accesses the information and acceptance is o b t a i n e d .

Computer Information System - ITM University - Semester 2 - MBA

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Computer Information System - ITM University - Semester 2 - MBA

Hochgeladen von

Copyright:

Verfügbare Formate

Computer Information

Table of Content eBook

1. Introduction to Information Systems 5

1.2 Information Systems 7

1.3 M e a n i n g of Information Management 8

1.4 Components of Information Management 10

1. 5 Types of Information Systems 14

1.6 Application Architecture 18

1. 7 Impact of Information Technology 21

1.8 Chapter Summary 24

2. Software Systems: Models and Architecture 25

2.2 Defining Software System 27

2.3 Software Development Life Cycle (SDLC) 29

2.4 Life Cycle Models and Methodologies 32

2.5 Role of Architecture in Software Development 40

2.6 Types of Architectural Patterns 42

2.7 Chapter Summary 46

3. Software Systems: Design and Development 47

3.2 Software Design 49

3.3 Design Principles 53

3.4 Software Design Concepts 55

3.5 Software Design Methodologies 57

3.6 Constructive Cost Model (COCOMO) 60

3.7 Data Flow Diagram (DFD) 62

4. Database Management System 67

4.2 File O r g a n i z a t i o n Terms and Concepts 69

4.3 Traditional File Processing 73

4.4 Problems with Traditional File Processing 75

4.5 Database Approach to Data Management 76

Table of Content eBook

4.7 Types of Database 81

5. Creating a Database Environment 86

5.2 Designing Databases 88

5.4 Entity-Relationship (ER) Diagram 92

5.5 Distributing Databases 95

5.6 Database Trends 97

5.7 Business Intelligence Tools 99

5.8 Data Mining 100

5.9 Chapter S u m m a r y 104

6. Telecommunications and Networking in Today's Business World 105

6.1 Introduction 106

6.2 Data Communication and Networking 107

6.3 Components of Networking 108

6.4 Basic Types of Network 109

6.5 Network Architecture 111

6.6 Network Protocols 113

6.7 Types of Topology 116

6.8 Transmission Media 120

6.9 Chapter S u m m a r y 123

7.1 Introduction 125

7.2 Internet Addressing 126

7.3 Types of Address 128

7.4 Uniform Resource Locator (URL) 130

7.5 Domain Name System ( D N S ) 131

7.6 World Wide Web (WWW) 132

7.7 Web Browsers 134

7.8 Search Engines 136

Table of Content eBook

7. 9 Difference between Intranet and Extra net 138

7.10 Creating Web Page using HTML 139

7.11 Chapter S u m m a r y 143

8.1 Introduction 145

8.2 Definition of eCommerce 146