Term
| In systems design, the Domain Class Diagram from our Requirements models becomes a... |
|
Definition
|
|
Term
| Use case diagrams, activity diagrams, use case descriptions, and SSDs are used for... |
|
Definition
| Interaction Diagrams: Sequence Diagrams that show the sequence from clerk to system to specific domains |
|
|
Term
| List the major design activities |
|
Definition
The environment
Application components
User interface
Database
Software classes and methods |
|
|
Term
Which major design activity involves:
Communications with External Systems-
Web and networks
Communication protocols
Security methods
Error detection and recovery
Conforming to an existing Technology- Architecture
Discover and describe existing architecture |
|
Definition
| Describing the environment |
|
|
Term
| What is an application component? |
|
Definition
| A well-defined unit of software that performs some function(s). |
|
|
Term
| What do we have to consider when packaging application components? |
|
Definition
Scope and size – what are the functions, boundaries, interfaces?
Programming language – what are the accepted languages?
Build or buy – is an acceptable version available to purchase? |
|
|
Term
|
Definition
| Models for defining application components |
|
|
Term
|
Definition
| Models for user interface design |
|
|
Term
|
Definition
|
|
Term
| What are the two types of system controls? |
|
Definition
|
|
Term
|
Definition
Controls that maintain integrity of inputs, outputs and data and programs
Integrated into application programs and database |
|
|
Term
|
Definition
Controls that protect the assets from threats, internal and external
Part of the OS and the network. |
|
|
Term
| Objectives of Integrity Controls |
|
Definition
Ensure that only appropriate and correct business transactions are accepted
Ensure that transactions are recorded and processed correctly
To protect and safeguard assets such as the database |
|
|
Term
|
Definition
| Prevent invalid or erroneous data from entering the system |
|
|
Term
|
Definition
| Value limit, completeness, data validation, field combination |
|
|
Term
|
Definition
| Check the range of inputs for reasonableness |
|
|
Term
|
Definition
| Ensure all the data has been entered |
|
|
Term
|
Definition
| ensure that specific data values are correct |
|
|
Term
| Field combination controls |
|
Definition
| Ensure data is correct based on relationships between fields |
|
|
Term
|
Definition
| ensure that output arrives at proper destination (for authorized eyes) and is accurate, current, and complete |
|
|
Term
| Examples of Output Controls |
|
Definition
| Physical Access to printers and display devices; Access controls to programs that display and print |
|
|
Term
|
Definition
| Preventing internal fraud, embezzlement, or loss |
|
|
Term
|
Definition
Opportunity
Motive
Rationalization |
|
|
Term
| Factors affecting Fraud Risk |
|
Definition
| Separation of duties, records and audit trails, monitoring, asset control and reconciliation, security |
|
|
Term
| Objectives of designing security controls |
|
Definition
| Protect all assets against external threats; protect and maintain a stable, functioning operating environment 24/7(equipment, operating systems, DBMSs) |
|
|
Term
| Types of Security Controls |
|
Definition
| Access controls, registered users, unauthorized users, privileged users, data encryption, digital signatures and certificates, Secure Transactions |
|
|
Term
|
Definition
Limit a person's ability to access servers, files, data, and applications
Involves: authentication, access control list, authorization |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| authenticated user's list of permission level for each resource |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| those that maintain lists and systems |
|
|
Term
|
Definition
method to secure data--either stored or in transmission
Alters data so it is unrecognizable |
|
|
Term
|
Definition
| An additional security measure which automatically deletes sensitive data from portable devices under certain conditions, such as repeated failure to enter a valid username and password |
|
|
Term
|
Definition
| uses the same key to encrypt and decrypt |
|
|
Term
| Asymmetric Key Encryption |
|
Definition
| uses different keys to encrypt and decrypt (AKA Public Key Encryption, where encrypted with public key and decrypted with private key) |
|
|
Term
|
Definition
| technique where a document is encrypted using a private key, and must be decrypted using a public key |
|
|
Term
|
Definition
| authorized third party--built into web browsers (widely known and accepted) |
|
|
Term
| Ways to secure transactions |
|
Definition
| Secure Sockets Layer (SSL), Transport Layer Security (TLS), IP Security (IPsec), Hypertext Transfer Protocol Secure (HTTPS) |
|
|
Term
| Secure Sockets Layer (SSL) |
|
Definition
| standard set of protocols for authentication and authorization |
|
|
Term
| Transport Layer Security (TLS) |
|
Definition
| Internet standard equivalent to SSL |
|
|
Term
|
Definition
| Internet Security Protocol at a low-level transmission |
|
|
Term
| Hypertext Transfer Protocol Secure (HTTPS) |
|
Definition
| Internet standard to transmit Web Pages |
|
|
Term
|
Definition
| Server, and personal computing devices or clients |
|
|
Term
|
Definition
|
|
Term
|
Definition
| The URL of a resource embedded within another resource |
|
|
Term
|
Definition
| Software apps or functions embedded within another app, such as within a browser or O/S (toolbars, plug-ins, widgets) |
|
|
Term
| Virtual Private Network (VPN) |
|
Definition
| Creates a private network but on the Internet by using secure technologies and encryption |
|
|
Term
|
Definition
| Hypertext markup language used for web page content |
|
|
Term
|
Definition
| Extensible markup language that enables defining semantics of tags |
|
|
Term
|
Definition
| Hypertext transfer protocol that defines format and content for transfer of Web documents |
|
|
Term
|
Definition
| hypertest transfer protocol secure defines format and content and encrypts and secures it for transfer of web documents |
|
|
Term
|
Definition
| Software as a Service -- no software is installed on the user's device, app is accessed remotely, user data is isolated and stored on common servers |
|
|
Term
|
Definition
software function that is executed with Web standards
accessed via a URL, inputs sent via the URL, executes remotely, data returned within a web page |
|
|
Term
|
Definition
| Client/server architecture with application divided into view layer, logic layer, and data layer |
|
|
Term
|
Definition
| the user interface layer of an app with three-layer architecture |
|
|
Term
|
Definition
| program logic to implement the functions of an app with three-layer architecture |
|
|
Term
|
Definition
| the functions to access the data of an app with three-layer architecture |
|
|
Term
|
Definition
| Location Diagram: identifies geographical placement of hardware, software, and users |
|
|
Term
| How should we group functions in order to build application components? |
|
Definition
Actors: funcs particular actors use
Shared data: funcs that use the same data
Events: funcs that occur in common business events |
|
|
Term
|
Definition
| Grouping functions by customer actor |
|
|
Term
| Good Design Principles of User Interfaces |
|
Definition
| Visibility, affordance, feedback |
|
|
Term
|
Definition
| inputs and outputs that directly involve a human user/actor (dialog goes on between actor and system) |
|
|
Term
|
Definition
| entire human computer interaction (HCI) |
|
|
Term
|
Definition
| focus early on users and their work, evaluate designs to ensure usability, and use iterative development |
|
|
Term
|
Definition
| Direct Manipulation metaphor, Desktop Metaphor, Document metaphor, Dialog metaphor |
|
|
Term
| Direct Manipulation Metaphor |
|
Definition
| metaphor in which objects on a display are manipulated to look like physical objects (pictures) or graphic symbols that represent them (icons) |
|
|
Term
|
Definition
| metaphor in which the visual display is organized into distinct regions, with a large empty workspace in the middle and a collection of tool icons around the perimeter |
|
|
Term
|
Definition
| metaphor in which data is visually represented as paper pages or forms |
|
|
Term
|
Definition
| metaphor in which user and computer accomplish a task by engaging in a conversation or dialog via text, voice, or tools such as labeled buttons |
|
|
Term
|
Definition
| The appearance of the object suggest its function |
|
|
Term
| Radio buttons and check boxes are good examples of __________ because_________. |
|
Definition
Human-Interface Objects
because they are both visible on the display and provide a response to a user action in displaying whether or not they selected what they wanted to select |
|
|
Term
| Consistency (UI Design Principle) |
|
Definition
Must be consistent:
-Across all platforms
-Within a suite of applications
-Within a particular application |
|
|
Term
|
Definition
| -Consistency across releases over time |
|
|
Term
|
Definition
| helps users "discover" hidden features or objects; active discovery--mouse hovers, pop-ups, tool tips |
|
|
Term
|
Definition
on dialogues: end of a series of actions
used to protect user's work, both at end and partially completed work
provide undo to reverse actions |
|
|
Term
|
Definition
| "A way out"; breadcrumbs navigation |
|
|
Term
|
Definition
| shortcut keys for experienced users, meaningful error messages |
|
|
Term
|
Definition
| Limit the amount of these by presenting the user with only valid options |
|
|
Term
| When creating a menu, we should... |
|
Definition
| group by actor and subsystem to create a hierarchy before implementing the actual menu |
|
|
Term
| SSD defines input messages which then indicates what _______ we need |
|
Definition
|
|
Term
|
Definition
| Reviewing each use case and using natural language to emphasize feedback to user from the system |
|
|
Term
| Layout and Formatting Good Practices |
|
Definition
| purposeful designs, location and grouping, no sloppiness or errors |
|
|
Term
|
Definition
| database component that contains descriptive information about the data stored in the physical data store (sometimes called metadata) |
|
|
Term
|
Definition
| naming, definition, data typing |
|
|
Term
|
Definition
| ownership, accessibility, confidentiality |
|
|
Term
|
Definition
| validation rules, completeness, currency |
|
|
Term
| Who is in charge of structure and integrity of data? |
|
Definition
|
|
Term
| Who is in charge of the safety and operation of the database? |
|
Definition
| Database Administrator (DBA) |
|
|
Term
|
Definition
|
|
Term
|
Definition
| An Association (mandatory one, and optional many) |
|
|
Term
|
Definition
| First Normal Form; put multivalued attributes in a separate table and use the primary key of the initial table as a foreign key in the new table |
|
|
Term
| First Normal Form when each non-key attribute is only functionally dependent on the entire primary key (arises in tables with multiple attributes keys) |
|
Definition
Second Normal Form
***Example:
PromoionID, ProductItemID, RegularPrice, PromoPrice are all in a table.
Promo Price is functionally dependent on promoid and productid (fine)
regularprice is ALSO dependent on productID --> TAKE OUT REGULARPRICE TO ATTAIN 2ND NORMAL FORM |
|
|
Term
| Second Normal Form (2NF) where NO non-key attribute (or set) is functionally dependent on any other non-key attribute (or set) |
|
Definition
Third Normal Form
***Example:
PromoionID, ProductItemID, PromoPrice are all in a table.
Promo Price is functionally dependent on BOTH promoID (PK) and productID (non-key attribute); NOT IN 3NF
Get rid of any "totals" columns! |
|
|
Term
| Standard Primitive Data Types for Databases |
|
Definition
datetimeoffset
int, small int, bigint
float and real
money
nchar and nvarchar (like string)
varbinary (byte sequence up to 2GB)
xml (xml doc up to 2GB) |
|
|
Term
|
Definition
| Different rows are stored at different locations |
|
|
Term
|
Definition
| Different columns are stored at different locations |
|
|
Term
|
Definition
| a technique to record all updates including change,date, time, user in order to prevent fraud, and serve as a recovery mechanism for failures (protecting the database) |
|
|
Term
| Concurrency and Update Controls (list) |
|
Definition
| database lock, shared or read lock, exclusive or write lock |
|
|
Term
| 2 Adaptive Approaches to Systems Development |
|
Definition
| Incremental Development, Walking Skeleton |
|
|
Term
|
Definition
| Complete portions of the system in small increments and integrated as the project progresses |
|
|
Term
|
Definition
| The complete system structure is built first, but with bare-bones functionality |
|
|
Term
|
Definition
| includes a collection of techniques that are used to complete activities and tasks, including modeling, for every aspect of the project |
|
|
Term
|
Definition
Value responding to change over following a plan
Value individuals and interactions over processes and tools
Value working software over comprehensive documentation
Value customer collaboration over contract negotiation |
|
|
Term
| What do we concatenate to the end of attributes when going from domain class diagram to a design class diagram |
|
Definition
| attribute types (integer/string/number, etc) and "(key)" next to the key |
|
|
Term
| Proper format for a method signature |
|
Definition
+createStudent(name, address, major): Student
+methodName(parameters):return value or type
if no return, do not put anything at end |
|
|
Term
|
Definition
Class-Responsibility-Collaboration (CRC) Card
Used to brainstorm and assign responsibilities to classes for how they collaborate to accomplish a use case |
|
|
Term
|
Definition
| Sequence Diagram for changeName method for Student class |
|
|
Term
|
Definition
| Communication Diagram for changeName method of Student class |
|
|
Term
| Proper format for attributes in design class diagram |
|
Definition
visibility attribute-name: data-type = initial-value{property}
types: class, string, integer, double, date
initial value: default value
property: only if applicable "{key}" |
|
|
Term
| What does an underline method mean? |
|
Definition
Class level method that applies to the class rather than objects of the class
Counting the number of customers in a class
Creating an array of Students' credit hours |
|
|
Term
|
Definition
Switchboard between user-interface classes and domain layer classes
A controller can be created for each use case, however, several controllers can be combined together for a group of related use cases
It is a completely artificial class – an artifact |
|
|
Term
|
Definition
| the instantiated class objects that perform the actions (methods) to execute the use case. They receive messages and process messages. |
|
|
Term
|
Definition
| simply connectors between objects to carry the messages. |
|
|
Term
|
Definition
| the requests for service with an originating actor or object and a destination object, which performs the requested service |
|
|
Term
What is this the syntax for:
[true/false condition] sequence-number: return-value: = message-name (parameter-list) |
|
Definition
| Messages being sent and received in a communication diagram |
|
|
Term
|
Definition
Communication Diagram
***This one extends to all objects involved |
|
|
Term
|
Definition
| software components tested to perform defined requirements and specs when tested in isolation (implementation) |
|
|
Term
|
Definition
| software components tested in combination with other components to ensure that they communicate correctly. For example, a sales tax component that calculates incorrectly when receiving money amounts in foreign currencies is unacceptable (Implementation) |
|
|
Term
| System and stress testing |
|
Definition
| System or subsystem must meet both functional and non-functional requirements (deployment) |
|
|
Term
|
Definition
| System must satisfy the business need and meet all user "ease of use" and "completeness" requirements (deployment) |
|
|
Term
| Performance test/Stress Test |
|
Definition
| an integration and usability test that determines whether a system or subsystem can meet time-based performance criteria. Tests response time and throughput (desired minimum number of queries and transactions that must be processed per minute or hour) |
|
|
