IT Notes – CA IPCC Old Syllabus

IT Notes – CA IPCC Old Syllabus

Prepared by NAGARAJ IYER, MCA (PMP, CSM, ITIL, Six Sigma GB)

IYER’S ACADEMY OF EXCELLENCE 39/16, Opp Krishna Hospital,

Chitoor Road, Ernakulam - 682011

Phone: +91 9526082655 Email: [email protected]

Chapter 1-5 IPCC

IYER’S ACADEMY Page 2 of 92

Chapter 1

Business Process Management

Prepared by

NAGARAJ IYER, MCA (PMP, CSM, ITIL, Six Sigma GB)

IYER’S ACADEMY OF EXCELLENCE

39/16, Opp Krishna Hospital,


Phone: +91 9526082655

Email: [email protected]

Chapter 1-5 IPCC


Objective Business Process Management

• BPM enables enterprises to assess the usefulness of the business processes and helps them

to achieve enterprises objectives at optimum cost.

• The objective of BPM is to evaluate the efficacy and usefulness of business processes for

o reducing costs and

o ensure value creation

What is a Process?

• Sequence of events that uses inputs to produce outputs.

• From a business perspective, a Process is a coordinated and standardized flow of activities

performed by people or machines, which can traverse functional or departmental

boundaries to achieve a business objective and create value for internal or external

customers

Steps in Process Management

• Organization is a system of interlinked processes, and this involves concerted efforts to

map, improve and adhere to organizational processes. To manage a process

o First step is to Define the process. Defining the steps (tasks) and mapping the tasks

to the roles involved in the process.

o Establish performance measures for the improvement of the process.

o The last one is the organizational setup that enables the standardization of and

adherence to the process throughout the organization.

Business Process

• Business process is a prescribed sequence of work steps, performed in order to produce a

desired result for the organization.

• A business process is initiated by a particular kind of event, has a well-defined beginning

and end, and is usually completed in a relatively short period.

• Organizations have many different processes such as

o Completing a sale

o Purchase a raw material

o Accounting or Booking Keeping Process

Chapter 1-5 IPCC


Purchase to Pay

Business Process Management

• BPM is defined as “The Achievement of an organization’s objectives through the

improvement, management and control of essential business processes”.

• Achievement – Realizing the strategic objectives as outlined in the organization’s strategic

plan.

• Organization – Organization in this context refers to an enterprise or parts of an enterprise,

perhaps a business unit that is discrete in its own right.

• Objectives – The objectives of a BPM implementation range from strategic goals of the

organization through to the individual process goals.

• Improvement – It is about making the business processes more efficient and effective

• Management – It refers to the process, people, performance measurement and

management.

• Control – An essential component of control is to have the ability to measure correctly.

BPM Principles

• Principle 1 – Processes are assets that create value for customers. They are to be managed

and continuously improved.

• Principle 2 – A managed process produces consistent value to customers and has the

foundation for the process to be improved. By measuring, monitoring, controlling and

analyzing business processes, a company can deliver consistent value to customers.

• Principle 3 – As the basis for process improvement – business processes should be

continuously improved and

• Principle 4 – Information technology is an essential enabler for BPM.

Chapter 1-5 IPCC


BPM Practices

• Strive for process-oriented organizational structure

• Appoint process owners

• Senior management needs to commit and drive BPM

• Execution should take a bottom up approach

• Put in place IT to monitor, control, analyze and improve.

• Work collaboratively with business partners on cross-organizational business processes

• Continuously train the workforce and continuously improve the business processes

• Align employee bonuses and rewards to business process performance

• Utilize both incremental and more radical methodologies to implement process

improvement.

BPM Life Cycle

• Analysis Phase – involves analysis of the current environment and current processes,

identification of needs and definition of requirements

• Design Phase – involves evaluation of potential solutions to meet the identified needs,

business process designing and business process modeling.

• Implementation phase – involves project preparation, realization, final preparation, go live

and support

• Run and Monitor phase – involves business process execution or deployment and business

process monitoring

• Optimize – Iterate for continuous improvement.

Process Management

BPM Framework

Radical

Business Process Re-engineering

(BPR)

Incremental

Six Sigma, TQM, ISO, CMMi

Chapter 1-5 IPCC


Six Sigma

• It is set of strategies, techniques and tools for process improvement.

• The objective is to achieve reduction in process cycle time, reduce errors, reduce costs,

increase customer satisfaction and increase profits.

DMAIC

• Six Sigma approach is to understand the root cause of the problem

• DMAIC involves

• Define – Define the process/problem

• Measure – Understand the current performance level by measuring the outcome

• Analyze – Determine the root cause of the defects

• Improve – Eliminate the defects by improving the process

• Control – Continuously evaluate for sustained performance.

Total Quality Management

• It is the organization wide effort to install and make a permanent climate in which it

continuously improves its ability to deliver high-quality products and services to customers.

• TQM is a comprehensive and structured approach to organizational management in

response to continuous feedback

• Goes through PDCA cycle

o Plan – define the problem and understand the root cause

o Do – develop and implement a solution

o Check – confirm the results through measurements

o Act – document the results and improve in the next PDCA cycle

Business Process Re-Engineering

• BPR is the fundamental rethinking and radical redesign of processes to achieve dramatic

improvement, in critical, contemporary measures of performance such as cost, quality,

service and speed.

• Dramatic Achievement means more than 80 to 90% and not just 5 to 10 %

• Radical redesign means total revamping

Six Sigma

Existing Process/Product

DMAIC

New Process/Product

DMADV

Chapter 1-5 IPCC


• Fundamental rethinking – asking question such as “why do you do what you do” thereby

eliminating business processes altogether.

BPR Success Factors

• Organization wide commitment

• BPR team composition

• Business needs analysis

• Adequate IT infrastructure

• Effective Change management

• Ongoing continuous improvement

BPV Vs BPR

BPM Implementation – Factors

Chapter 1-5 IPCC


BPM Implementation – Need

• Create the long term future positioning of the business and enhance its future capability

• Create short-term cost effectiveness and improvement to current customer service

• Initiate continuous improvement from the base of the current, but improved, processes

• Introduce a knowledge of product and customer profitability

• Re-engineer the business radically and provide clear future competitive differentiation

• Address the cultural barriers that prevent effective cross-functional and hierarchical

working

• Introduce leadership and a role for managers and empowered staff.

Challenges in Implementing – BPA

• The number of interfaces with the customers is high

• The product, service and price options have increased the complexity of the business

• Most organizations need their own way of customizations

• Budgets are being cut

Value Chain Automation

• It refers to separate activities which are necessary to strengthen an organization’s strategies

and are linked together both inside and outside the organization.

• It is defined as a chain of activities that a firm operating in a specific industry, performs in

order to deliver a valuable product or service for the market.

• Six business functions of the value chain are as follows

o Research and development

o Design of products, services, or processes

o Production

o Marketing and Sales

o Distribution

o Customer service

Business Process Automation

• Benefits

o Saving on costs – automation leads to saving in time and labour costs.

o Staying ahead in competition

o Fast service to customers – Customers can be served better and faster

• Risks

o Risk to jobs – all the manual jobs may get automatized there by loosing jobs for

many

o False sense of security – automating poor processes will not gain better business

practices

Chapter 1-5 IPCC


Benefits of BPMS

• Automating repetitive business processes

• BPMS works by ‘loosely coupling’ with a company’s existing applications

• Operational Savings

• Reduction in the administration involved in compliance.

• Freeing up of employee time

Business Risks of Failure of IT or BPMS

• Superficial or deficient executive involvement

• Deficient project management

• Breakdown in gap analysis

• Limited options for customization of the BPM software is required

• Difficult to customize the precise workflow and business process

• Failure to identify future business needs

• Inadequate assessment of the need for change management

• Persistent compatibility problems with the diverse legacy systems of the partners

• Resources not available when desirable

• Software fails to meet the business needs

• System over engineered when compared to the actual requirements

• Technological obsolescence.

Approaches to Mapping Systems

Why documentation is important for Information Systems?

• Depicting how the system works

• Training Users

• Designing new systems

• Controlling system development and maintenance costs

• Standardizing communications with others

• Auditing Information systems

• Documenting business processes

Pictorial Representation

• Entity Relationship Diagram

• Data Flow Diagram

• Flowchart

• Decision Tree; and

• Decision Table

Chapter 1-5 IPCC


Entity Relationship Diagram

ER diagram is a data modeling technique that creates a graphical representation of the entities

and the relationships between the entities within an information system.

• Boxes are commonly used to represent entities

• Diamonds are normally used to represent relationships

• Ovals represent attributes

Types of relationships

• One-to-One

• One-to-Many

• Many-to-one

• Many-to-Many

Advantages

• ER Modelling is simple and easily understandable

• Helps in physical database creation

• Can be generalized and specialized based on needs

• Can help in database design

• Gives a higher level description of the system

Limitations of ER diagram

• Physical design derived from ER model may have ambiguities and inconsistency

• Some diagram may lead to misinterpretations

Data Flow Diagram

• DFD is a graphical representation of the flow of data through an information system.

• Four major DFD components are as follows

o Entity – It is the source or destination of data

o Process – The process is the manipulation or work that transforms data, performing

computations, making decisions (logic flow), or directing data flows based on

business rules.

o Data Store – It is where a process stores data

o Data Flow – It is the movement of data between the entity, the process and the data

store.

• There are two types of DFD

o Logical DFD – focusses on the business and how the business operates

o Physical DFD – shows how the system will be implemented

Chapter 1-5 IPCC


Advantages of DFD

• Boundaries of the system can be defined

• Helps in communicating the existing system knowledge to users

• Very straightforward graphical technique

• Provides detailed representation of system components

• Part of the system documentation file

• Supports the logic behind the logic flow

Disadvantages of DFD

• Sometimes confuses the programmers

• Takes long time to create it

• Physical considerations are left out

FlowChart

• Flowchart is a type of diagram that represents an algorithm, workflow or process, showing

the steps as boxes of various kinds and their order by connecting them with arrows.

• Three types

o Document Flowchart – traces the physical flow of documents through an org.

o System Flowchart – focus on the computerized data flows of information systems

o Program Flowchart – focus on the logical/arithmetic operations on data and the flow

of data between input/output peripherals and CPU.

Advantages of FlowChart

• Quicker grasp of relationships

• Effective Analysis – Acts as a blue print of a system that can still be broken down into

detailed parts for study.

• Communication – Aid in communicating the facts of a business problem

• Documentation

• Efficient coding

• Orderly check out of problem – effective tool for debugging

• Efficient program maintenance

Limitations

• Complex Logic – Flow chart becomes complex when the problem logic is complex

• Modification – If modifications are required for flow chart, complete redrawing may be

required

• Reproduction –Reproduction of flow chart is difficult because symbols used in flow chart

cannot be typed

Chapter 1-5 IPCC


• Link between conditions and actions – difficult to establish the linkages between conditions

and actions

• Standardization – not easy to depict as writing in english

Decision Tree

Decision Tree also termed as Inference or Logical Tree is a collection of a basis (condition) and a

conclusion (action). Uses a tree-like graph or model of decisions and their possible

consequences, including chance event outcomes, resource costs and utility.

• Advantages

o Simple to understand and interpret

o Possible scenarios can be added

o Worst, best and expected values can be determined for different scenarios

• Limitations

o Information gain in decision trees are biased in favor of those attributes with more

levels

o Calculation can get more complex

Decision Table

A table which may accompany a flowchart. A decision Table is divided into four parts

• Condition Stub – which comprehensively lists the comparisons or conditions

• Action Stub – which comprehensively lists the actions to be taken

• Condition Entries – which lists the possible permutations of answer to the questions in the

conditions stub

• Action Entries – which lists the actions contingent upon the set of answers to questions.

Advantages

• Easy to Draw

• Compact documentation

• Simplicity

• Direct Codification

• Better Analysis

• Modularity – complex decision structures are broken down

• Non-technical

Limitations

• All programmers may not be familiar with Decision table

• Flow charts can better represent a simple logic of the system than decision table

Chapter 1-5 IPCC


Chapter 2

Information Systems and

IT- Fundamentals

Prepared by





Phone: +91 9526082655


Chapter 1-5 IPCC


What are the benefits of Information Systems?

• Plays a critical role in increasing operational excellence

• Improves customer-supplier intimacy

• Improves decision making

• Competitive advantage

Explain the need for Information Technology

• IT allows enterprises to work more efficiently and to maximize productivity. It is strategic

business enabler than a cost component.

• The reasons for all pervasive use of IT for business are

o Communication Capabilities

o Data and Information Management

o Automated Processes

Communication Capabilities

• Enterprises can integrate business functions and segments spread across different

geographical areas.

• Enterprises these days are equipped with email, video conferencing equipment and internal

chat rooms which provide an efficient way to communicate and conduct business.

• Voice Over Internet Protocol (VOIP) telephones and smart-phones offer cheap ways to

communicate. Skype is one such popular VOIP service which allows people across the

world to make free, unlimited, superior quality voice calls via its peer-to-peer software.

• WhatsApp Messenger is a cross-platform mobile messaging application, which allows us to

exchange messages without having to pay for SMS.

• Collaborative software’s like Teamware allows collective and collaborative working of teams

from different geographical locations.

Data and Information Management

• Enterprises store digital versions of documents on servers, storage devices and on cloud.

These documents are instantly available to anyone with access rights regardless of their

geographical location.

• IT provides Information Security, which means the protection of information from

accidental or intentional misuse by persons inside or outside an enterprise. The basic

objectives of Information Security are

o Confidentiality

o Reliability

o Availability

Chapter 1-5 IPCC


• It is enforced through

o Identity Management

o Authentication

o Authorization

Automated Processes

• Business Process Automation is a strategy that is used to optimize and streamline the

essential business processes, using the latest technology to automate the functions involved

in carrying them out.

• BPA can be largely aided by Enterprise Resource Planning (ERP) that enables companies to

replace traditional business silos with tightly integrated structures that encompass internal

processes, human resources, and technology and enterprise strategy.

• Because of automation, enterprises has

o Greater control over business and IT processes

o Reduced cost through high efficiency and better management of the people

involved

o Shortened cycle times in the execution of processes through improved and refined

business workflows

o Reduced risks through greater ability to respond to changing business conditions.

Importance of IT in Auditing

• Auditors needs to embrace technology to perform their job efficiently and effectively.

• They deal with data in myriad forms for analysis and decision making, which should be

easily accessible through Information systems.

• The dynamic changes in IT not only create challenges in enterprises but also to accountants

and auditors in their professional capacity.

• Auditors will be called to provide innovate solutions to create strategic business processes

by integrating specialized technology with their extensive experience.

• Auditors will have to provide assurance on the security, effectiveness and reliability of

information, applications, new and effective business practices and processes.

Briefly Explain the Audit Objectives in IT Environment

• Existence – Verify that the assets, liabilities, ownership and/or activities are real.

• Authorization – Verify events have occurred with management’s intent

• Valuation – Verify accounting values fairly present items worth

• Cutoff – Verify that the transaction is re-coded in the proper accounting period

• Compliance – Verify that the processing is in compliance with governmental laws and

regulations, generally accepted accounting procedures and organization’s policies and

procedures.

Chapter 1-5 IPCC


• Operational – Verify that the program area, or activity is performed economically, efficient

and effectively.

• Assisting management implementing internal controls

• Participating in designing controls and other features for systems to be installed

• Determining the efficiency and effectiveness of the resources

• Determining whether computer system used accomplishes the business objectives and

goals.

Differences in Audit Procedures

• Study Technical aspects - Focus on beginning from peripheral controls to application

controls.

• Use unique techniques – eg, audit planning step includes review of technical documentation

and interviewing technical specialists.

• Audit Software Usage – includes both generic and application software's for the audit

purpose.

Need for Controls in Information Systems

• Controls are needed for

o Information integrity

o Reliability

o Validity

o Timely flow of accurate information throughout the organization

o To achieve efficiency and effectiveness of the resources

State what does Control Procedures for Information Systems contain?

• Strategy and direction

• General Organization and Management

• Access to IT resources, including data and programs

• System development methodologies and change control

• Operational Procedures

• System programming and technical support functions

• Quality Assurance procedures

• Physical Access Controls

• BCP and DRP

• Network and Communication

• Database Administration and

• Protective and detective mechanisms against internal and external attacks

Chapter 1-5 IPCC


Business Process Management (BPM)

• BPM is the methodology used by enterprises to improve end-to-end business processes in

various stages. BPA is automating those business processes.

• BPM aims to improve process agility, operational excellence and cost efficiency by capturing

the total picture of all workflows involved in a business process.

Business Process Automation (BPA)

• Business Process Automation (BPA) is removing the human element from existing business

processes by automating the repetitive or standardized process components.

• The advantages of BPA are

o Cost reduction

o Elimination of human error

o Freeing people from routine and volume

o Help management to take better decisions

o Analyze data implications and trends in a better way

o Improve Customer satisfaction

o Making users more efficient and effective.

Important Activities of BPA

• BPA ties up the following activities

o Integration – BPA allows applications and operating systems not only to read data

that systems produce, but also to pass data between the component applications of

the business process and to modify the data as necessary.

o Orchestration – Enables the ability to bring tasks that exist across multiple

computers and different business departments or branches under one umbrella that

is the business process itself.

o Automation – Orchestration and Integration unite with automation to delivery the

capability to provide a rules-based process of automatic execution that can span

multiple systems and enables a more effective, nimble and efficient business

process.

What is computing?

• Any goal-oriented activity requiring, benefiting from or creating computers. Thus it

includes

o designing and building hardware and software systems for a wide range of purposes;

o processing, structuring and managing various kinds of information;

o doing scientific studies using computers;

Chapter 1-5 IPCC


o making computer systems behave intelligently;

o Creating and using communications and entertainment media

o Finding and gathering information relevant to any particular purpose

Computing Technologies

What is a Server? Explain different types of Servers.

• Server – It is hardware or device on a network dedicated to run one or more services (as a

host), to serve the needs of the users of other computers on a network.

• From the client-Server architecture perspective, a server is a program running to serve the

requests of other programs, the “clients”. Thus it performs some computational task on

behalf of “clients”.

• Types of Servers

o File Server – This is a storage device dedicated to storing files

o Print Server – This is a computer that manages one or more printers

o Network Server – This is a computer that manages network traffic

o Database Server – This is a computer system that processes database queries.

o Application Server – This is a program that handles all application operations

between users and an enterprise’s backend business applications or databases.

o Web Server – They are computers that deliver web pages. They have IP address and

domain name. Any computer can be converted into a web server by installing

server software and connecting the machine to the internet.

o Mail Server – The move and store mail over corporate networks & Internet.

Different Architectures

• The interface between a computer’s hardware and its software is its architecture. The

architecture is described by what the computer’s instructions do, and how they are

specified

o Instruction Set Architecture

o Micro Architecture

o System Design

Instruction Set Architecture (ISA)

• It is a abstract model of computer system that is seen by a machine language programmer,

including the instruction set, memory address modes, processor registers and address and

data formats.

Chapter 1-5 IPCC


• Classification of Instruction Sets

o Complex Instruction Set Computer (CISC)

▪ A large number of micro electronic circuitry is there to generate the control

signals.

▪ They make use of complex addressing modes

▪ Complex and expensive to produce

▪ For machine language programmers, the job becomes easier as there are

only fewer instructions to be given by them.

▪ CISC implementations are slower than RISC.

▪ Most of the PC uses CISC.

▪ Intel 386, 486, Pentium -1, 2, 3 etc.

o Reduced Instruction Set Computer (RISC)

▪ Separate electronic circuitry in the control unit to execute each instruction

▪ Uses small and limited number of instructions.

▪ Simple addressing modes.

▪ Mostly use hardwired control unit.

▪ Less power consumptions and high performance.

▪ Programmers job is difficult.

▪ RISC implementations are faster than CISC.

Micro Architecture

• It is known as computer organization. This is lower level detailed description of the system

that is sufficient for completely describing the operation of all parts of the computing

system and how they are inter-connected and inter-operate in order to implement ISA.

• Micro Architecture essentially forms a specification for the logical implementation.

System Design

• It includes all of the other hardware components within a computing system such as

o Computer buses and switches (system interconnects) – communication system to

transfer data between components inside a computer or between computers.

o Memory controllers and hierarchies – It is a digital circuit which manages the flow of

data going to and from the main memory and can be a separate chip or integrated

into another chip.

o Direct Memory Access (DMA) – It is a feature which allows certain hardware

subsystems within the computer to access system memory independently of the

central processing unit (CPU)

o Multi-Processing – It is use of two or more CPUs within a single computer system to

allocate tasks between them

Chapter 1-5 IPCC


o Hardware/Platform Virtualization – refers to the creation of a virtual machine that

acts like a real computer with an operating system.

Information System Layers

Application Software

• Application Suite – Has multiple applications bundled together. Eg, MS office 2010

• Enterprise Software – Addresses an enterprise’s needs and data flow in a huge distributed

environment eg, ERP

• Enterprise Infrastructure Software – Provides capabilities required to support enterprise

software systems eg, email servers, Security software

• Information worker Software – Addresses individual needs required to manage and create

information for individual projects within department, eg, CAAT (Computer Assisted Audit

Tools)

• Content Access Software – Helps in publishing digital content and entertainment eg, Media

players, Adobe digital etc.

• Education Software – helps students eg, examination test CDs

• Media Development Software – helps to generate and print electronic media for others to

consume. Eg, Desktop publishing, Video Editing etc.

• Advantages

o Addressing User Needs – It meets the exact needs of the user. The user knows he

has to use the specific software to accomplish his task.

o Less threat from virus – The threat of viruses invading custom-made applications is

very small.

o Regular updates – Licensed application software gets regular updates from the

developer for security reasons.

• Disadvantages

o Development is costly

o Infection from Malware

Application

Hardware

System Software

Network Link

DBMS

People

Chapter 1-5 IPCC


Hardware

• Hardware is the tangible portion of our computer systems. Consists of

o Input devices – devices through which we interact with the systems eg, mouse,

keyboard, scanners, webcams etc

o Processing devices – computer chips that contain CPU and main memory. The CPU

Contains Control Unit, Arithmetic and Logical Unit (ALU) and Registers

▪ Control Unit - controls the flow of data and instructions to and from

memory, interprets instruction and controls which tasks to execute and

when.

▪ ALU – Performs arithmetic operations and logical comparisons of numbers

▪ Registers – high speed memory units within CPU

• Accumulators – they can keep running totals of arithmetic values

• Address Registers – they can store memory addresses which tell the

CPU as to where in the memory an instruction is located

• Storage Registers – they can temporarily store data that is being sent

to or coming from the system memory

• Miscellaneous – used for several functions for general purpose.

o Data Storage devices - Refers to the memory where data and programs are stored.

▪ Internal Memory

• Registers are internal memory within the CPU which are very fast and

very small.

• Cache Memory – there is a huge speed difference between fetching

data directly from Registers than from hard disk. To bridge the

difference, we have the Cache Memory. Cache stores copies of data

from the most frequently used main memory locations so that

Processors/Registers can access it more rapidly than directly fetching

it from hard disk using a feature called locality of reference.

▪ Primary Memory – Primarily of two types

• Random Access Memory (RAM)

o This is a Read write Memory

o Information can be read and modified

o Volatile in nature

• Read Only Memory

o Non Volatile in nature

o These are used to store small amount of information for quick

reference by CPU.

o Information can be read but modification not possible.

o Generally used by manufactures to store data and programs.

Chapter 1-5 IPCC


▪ Virtual memory – It is not a separate device but an imaginary memory area

supported by some operating systems in conjunction with the hardware. If a

computer lacks the RAM needed to run a program or operation, windows

uses virtual memory to compensate. VM moves data from RAM to a space

called paging file, to free the RAM.

▪ Secondary Memory – available in bigger sizes and not volatile like CPU

memory. But directly not accessible by CPU. The other features are less

cost but slow in speed compared to registers. Portability is another

advantage. Eg USB, floppy drive, hard drive, CD etc

• Output Devices - Computers provide output to decision makers at all levels to solve

business problems. They are devices through which system responds. Various types of

output devices are

o Cathode Ray type (CRT) – A vacuum tube that uses an electronic gun , to emit a

beam of electrons that illuminates phosphors on a screen as the beam sweeps

across the screen repeatedly.

o Liquid Crystal Display (LCD) – A low powered display technology used in laptop

computers where rod-shaped crystal molecules change their orientation when

an electrical current flows through them.

o Laser Printer – printer which forms images using an electrostatic process, the

same way a photo copier works.

o Ink-Jet Printer – printer which makes images by forcing ink droplets through

nozzles

o Plotter – uses computer directed pens for creating high – quality images, blue

prints etc

o Speakers – Gives an audio output

Chapter 1-5 IPCC


• System Software

• System software is computer software that is designed to operate the computer

hardware and to give and maintain a platform for running application software. Eg,

operating system.

• An Operating system (OS) is a set of computer programs that manages computer

hardware resources and acts as an interface with computer applications programs.

Application program normally requires an OS to function. Eg, Windows, Linux, Unix etc.

Activities performed by OS are

• Performing hardware functions – act as an intermediary between the application

programs and hardware

• User Interfaces – The GUI is provided by the OS in which applications can be seen.

• Hardware Independence – Programmers can use the Application Program Interface

(API) to talk to operating system.

• Memory Management – helps to control how memory is accessed and helps to

maximize memory.

• Task Management – helps in allocating resources to make optimum utilization of

resources, eg multitasking

• Network Capability – helps to connect computer networks

• Logical access security – provides identification & authentication.

• File Management - keeps a track of where each file is stored and who can access it.

• Network Links

• Two types

o Connection Oriented networks – here connection is first established and then

data is exchanged as in the case of telephone networks, eg, TCP

o Connectionless Networks – no prior connection is made before data exchanges.

Eg, IP, UDP

• Data Base Management System

• Enterprises needs to manage its information in an appropriate and desired manner.

They need to do the following things and hence we use DBMS

o Knowing its information needs

o Acquiring that information

o Organizing the information in a meaningful way.

o Assuring information quality

o Providing tools so that users in the enterprise can access the information they

require.

• Data Base Models

• It is a type of data model that determines the logical structure of a database and

fundamentally determines in which manner data can be stored, organized and

manipulated. Some important data models are

Chapter 1-5 IPCC


o Hierarchical Database Model

o Network Database Model

o Relational Database Model and

o Object Oriented Database Model

• Hierarchical Database Model

• Records are logically organized into a hierarchy of relationships.

• The database is arranged logically in an inverted tree pattern.

• All records in hierarchy are called nodes. Each node is related to other in a parent-child

relationship.

• The hierarchical data structure implement one-to-one and one-to-many relationships

• The top parent record is called the root record

• Network Database Model

• Network model is a variation on the hierarchical model, built on the concept of multiple

branches emanating from one or more nodes.

• Here branches can be connected to multiple nodes instead of one node alone.

• The network model is able to represent redundancy in data more efficiently than in the

hierarchical model.

• Relational Database Model

• Both hierarchical and network data structures requires explicit relationships, or links between records in the database. Both the structures require that data be processed one record at a time.

• A relational database allows data to be organized as tables. It is collection of records and each record in a table contains the same fields.

• Relation – A table with rows and columns

Chapter 1-5 IPCC


• Attributes – Named columns of the relation

• Domain – It is the set of values the attributes are allowed to take.

• A key that can be used to uniquely identify a row in a table is called primary key.

• Object Oriented Database Model

• Based on the concept that the world can be modeled in terms of objects and their interactions.

• Object oriented database provides a mechanisms to store complex data such as images, audio, video etc.

• Objects can be organized by first identifying them as a member of a class/subclass.

Advantages of DBMS

• Permitting data sharing – same information can be made available to different users

• Minimizing data redundancy – redundancy of data is reduced and controlled

• Integrity can be maintained – Data integrity is maintained by having accurate, consistent and up-to-date data.

• Program and file consistency – file formats and programs are standardized.

• User-friendly – DBMS makes the data access and manipulation easier for the user.

• Improved Security – authorization and authentication can be enforced.

• Program/Data Independence – Data resides in databases and not in applications.

• Faster application development – application development is independent and can become faster. Data is managed through DBMS.

Disadvantage of DBMS

• Cost – DBMS can be expensive and time-consuming to be trained.

• Security – If anyone get unauthorized access, then all is gone.

People – Users

• People are the most important element in IS.

• Different types of users which we will see in the 4th Chapter

Information System Life Cycle

• This is known as the SDLC (Software Development Life Cycle). Consists of o Investigate (understand the problem)

Chapter 1-5 IPCC


o Analyze (Assess the solution) o Design (Design or select the best solution) o Implement (put solution into effect) o Maintenance & Review (Evaluate Results)

SDLC

• Phase 1 : System Investigation o Technical feasibility o Economic feasibility o Legal feasibility o Operational feasibility o Schedule feasibility

• Phase 2 : System Analysis o Interviewing Staff o Examine current business o Sending out questionnaires o Observation of current procedures

• Phase 3 : System Design o Hardware Platform o Software o Outputs o User Interface o Modular design o Test Plan o Conversion Plan o Documentation

• Phase 4 : Implementation

o Coding and testing of the system o Acquisition of hardware and software o Installation of the new system or conversion of the old system o Installation consists of

▪ Installing the new hardware ▪ Training the users ▪ Implementing the new files

o Conversion consists of ▪ Direct changeover – User stops the old system and replaces with new

system. ▪ Parallel changeover – Old system continues side by side ▪ Phased conversion ▪ Pilot conversion

Chapter 1-5 IPCC


Chapter 3

Telecommunication and Networks

Prepared by





Phone: +91 9526082655


Chapter 1-5 IPCC


Networking

Networking helps to

• Collaborate more creatively

• Manage companies business operations and organizational resources more effectively

• Compete successfully in today’s fast changing global economy.

Trends in Telecommunication

• Industry Trends

o Telecommunications networks and services are available from numerous large and

small telecommunications companies.

o Explosive growth of the Internet and the World Wide Web has created a host of new

telecommunications products, services and providers.

o Business firms have dramatically increased their use of the Internet and the Web for

electronic commerce and collaboration.

• Technology Trends

o Open systems with connectivity, using internet networking technologies, are

becoming the primary telecommunications technology drivers.

o Building client/server networks based on open system architecture.

o Change from analog to digital network technologies

o Change in communications media. From copper wire-based media to Fiber-optic

transmission. Fiber optic network offer significant advantages in terms of

o Reduced size and installation effort

o Greater communication capacity

o Faster transmission speeds

o Freedom from electrical interference.

• Business Application Trends

o The trend toward more vendors, services, Internet technologies and open systems

and the rapid growth of the Internet, the WWW and corporate intranets and

extranets, dramatically increases the number of feasible telecommunications

applications.

o Telecommunications networks are playing a vital and pervasive role in electronic

commerce, enterprise collaboration, and internal business applications that support

the operations, management and strategic objectives of both large and small

companies.

o Telecommunications functions have become an integral part of local and global

computer networks that are used to dramatically

▪ Lock in customers and suppliers

▪ Shorten business lead times and response times

▪ Support electronic commerce

Chapter 1-5 IPCC


▪ Improve the collaboration of workgroups

▪ Develop new products and services

▪ Share resources

▪ Cut Costs and

▪ Develop online operational processes.

Business Value of Communications

• Overcome Geographic barriers – capture information about business transactions from

remote locations

• Overcome Time barriers – Provide information to remote locations immediately after it is

requested

• Overcome Cost barriers – Reduce the cost of more traditional means of communication.

• Overcome Structural barriers – Support linkages for competitive advantage

Need and Scope of Networks

• File Sharing – It provides sharing and grouping of data files over the network

• Resource Sharing – It provides sharing of computer resources such as hard disk, printers etc

by multiple users simultaneously to reduce the cost of installing and maintaining multiple

resources in the organization

• Remote Access – Network allows users to remotely access the data and information from

organization’s network via internet in cost effective manner

• Shared Databases – Network facilitates access to the shared databases to multiple users

• Fault Tolerance – By using network fault tolerance can be implemented as a defense against

accidental data loss. Eg, attaching a server with un-interruptible power supply in case of

power failure or blackouts.

• Internet Access and Security – It provides access to the internet for transferring the

document and to access the resources available on www by maintaining data security

through firewall system in the organization’s network.

Telecommunication Network Model

• Consists of five basic categories of components

• Terminals – Starting and stopping points in any telecommunication network environment.

Eg, Video Terminals, Microcomputers, Telephones etc

• Telecommunication Processors – they support data transmission and reception between

terminals and computers by providing a variety of control and support functions, eg, NIC,

Modem, Multiplexer, Internetwork Processors

• Telecommunication Media/Channels – connects the message source with the message

receiver. They are grouped into Guided Media and Unguided Media

• Computers – they are connected through media to perform their communication

assignments, eg mainframes, mini computers and network servers (microcomputers)

Chapter 1-5 IPCC


• Telecommunications Control Software – they are programs that control

telecommunications activities and manage the functions of telecommunications networks.

Eg, network operating systems, network management components.

Telecommunication Processors

• Network Interface Card (NIC) – It is a computer hardware component that connects a

computer to a computer network. It is circuit board installed in a computer as shown

below.

• Modem – A MODEM is a device that converts a digital computer signal into an analog

telephone signal (modulate), and converts an analog telephone signal into a digital

computer signal (de-modulate) in a data communication system.

Chapter 1-5 IPCC


• Multiplexers – A multiplexer is a communications processor that allows a single

communications channel to carry simultaneous data transmissions from many terminals.

Typically a multiplexer merges the transmissions of several terminals at one end of a

communications channel, while a similar unit separates the individual transmissions at the

receiving end.

• Internetwork Processors – Telecommunication networks are interconnected by special

purpose communications processors called internetwork processors such as switches,

routers, hubs, bridges, repeaters and gateways.

o Switch – It is a communication processor that makes connections between

telecommunications circuits in a network so that a telecommunications message can

reach its intended destination.

o Router – It is a communication processor that interconnects networks based on

different rules or protocols, so that telecommunications message can be routed to

its destination.

Chapter 1-5 IPCC


o Hub – It is a port-switching communications processors. This allows for the sharing

of the network resources such as servers, LAN workstations, printers etc.

o Difference between Hub, Switch and a Router

• Hub – least expensive, least intelligent, and lest complicated among Hub, switch

and router. Anything that is comes in one port is sent out to others

• Switch – A switch does what essentially a hub does, but more efficiently. Over a

period of time, it can “learn” where particular addresses are.

• Router – Router is the smartest and complicated. It can be programmed to

understand, manipulate and route the data that it is being asked to handle.

o Bridge – Bridge is a communication processors that connects numerous LANs. It

magnifies the data transmission signal while passing data from one LAN to another.

It connects similar LANs

Chapter 1-5 IPCC


o Gateway – It is a communication processor that connects networks that use

different communication architectures. It connects dissimilar LANs

Telecommunication Media/Channels

• Guided Media/Bound Media – Uses a cabling system that guides the data signals along a

specific path. The data signals are bound by the cabling system. Given below different

types of Guided Media.

o Twisted Pair Wire

▪ It is ordinary telephone wire, consisting of copper wire twisted into pairs. It

is the most widely used media for telecommunications and is used for both

voice and data transmissions.

▪ It is susceptible to various types of electrical interference (noise), which limits

the practical distance that data can be transmitted without being garbled.

Hence signals must be “refreshed” every one to two miles through the use of

repeaters which are expensive and does not offer security.

o Coaxial Cable

▪ This consists of copper or aluminum wire wrapped with spacers to insulate

and protect it. Insulation minimizes interference and distortion of the

signals the cable carries. Used in carrying large volume of data and allows

high-speed data transmission for cable TV, short distance connection of

computers and peripheral devices (LAN).

▪ It is more expensive than twisted pair.

Chapter 1-5 IPCC


o Fiber Optics

▪ This media consists of one or more hair-thin filaments of glass fiber wrapped

in a protective jacket. Signals are converted to light form and fired by laser

in bursts.

▪ Provides greater speed and carrying capacity than coaxial and twisted pair

lines. It is not affected by electromagnetic radiation and not susceptible to

electronic noise. They are easy to install since they are smaller and more

flexible and can be used undersea for transatlantic sea.

▪ Biggest disadvantage is that installation can be difficult and costly to

purchase.

• Unguided Media/Unbound Media – Consists of a means for the data signals to travel but

nothing to guide them along a specific path. The data signals are not bound to a cabling

media. Some of the unguided media are

o Terrestrial Microwave

▪ It involves earthbound microwave systems, which transmit high-speed radio

signals in a line-of-sight path between relay stations spaced approximately 30

miles apart. Atmosphere is used as the medium to transmit signals.

▪ The disadvantage of Terrestrial microwave is that it cannot bend around the

curvature of the earth.

▪ Radio Waves – Wireless networks do not require any physical media or

cables for data transmission. Its wavelength ranges from around a

Chapter 1-5 IPCC


millimeter to 100,000 km. Radio waves are most commonly used

transmission media in the wireless LAN.

▪ Micro Waves – They are radio waves with wavelengths ranging from as along

as one meter to as short as one millimeter, with frequencies between 300

MHz and 300 GHz. Used in radar systems, radio astronomy, navigation and

spectroscopy.

▪ Infrared Waves – Used in industrial, scientific and medical applications.

Night vision devices using infrared illumination allow people or animals to be

observed without the observer being detected.

▪ Communication Satellites – Use the atmosphere as the medium through

which it to transmit signals. A satellite is some solar-powered electronic

device that receives, amplifies and retransmits signals. They act as relay

station between satellite transmissions stations on the ground. Used for

high volume and long distance communication both data and voice. Very

expensive to develop and place in orbit and age limit of 7-10 years. Weather

conditions and solar activity can cause noise interference. Signals weaken

over long distances. Sensitive data need to be send in an encrypted form as

anyone can listen in on satellite signals.

Network Management Software

The major functions of network management software includes

• Traffic management – manages network resources and traffic to avoid congestion and

optimize telecommunications service levels to users.

• Security – provides authentication, encryption and auditing functions and enforces security

policies.

• Network monitoring – troubleshoot and watch over the network, informing network

administrators of potential problems before they occur.

• Capacity planning – surveys network resources and traffic patterns and user needs to

determine how best to accommodate the needs of the network as it grows and changes.

Chapter 1-5 IPCC


Classification of Telecommunication Networks

The classification is based on different factors like, Area coverage Based, Functional Based and

ownership based.

• Area Coverage Based Classification

o LAN

o MAN

o WAN

• Functional Based Classification

o Client-Server

o Peer-to-Peer

o Multi-Tier

• Ownership Based Classification

o Public Network

o Private Network

o Virtual Private Network (VPN)

Area Based Coverage

• Local Area Network (LAN)

o They are telecommunications network that connect information-processing devices

within a limited physical area. These networks areas such as offices, classrooms,

Buildings etc.

o They use variety of telecommunications media, such as ordinary telephone wiring,

coaxial cable, or wireless radio systems to interconnect microcomputer workstations

and computer peripherals.

o To communicate, a PC has a circuit board called NIC

o Most LAN’s uses a file server or network server that contains the network operating

system, which controls telecommunications and the use of network resources.

o LAN allow end users in a workgroup to communicate electronically, share hardware,

software and data resources and pool their efforts when working on group projects.

o Advantages

▪ Security – Using servers that are locked through both software and physical

means, security of data and programs are achieved.

▪ Expanded PC usage through inexpensive workstation.

▪ Distributed Processing – A single program can run at various sites. The

network operating system software identifies the idle CPUs on the network

and parcels out programs to utilize them.

▪ Electronic mail and Message Broadcasting

▪ Organizational Benefits – Reduction in the costs

▪ Data management benefits – easier to manage as data is located centrally

Chapter 1-5 IPCC


▪ Software cost and up-gradation – cost will be less if centrally running

software is purchased.

• Metropolitan Area Network (MAN)

o It is somewhere between a LAN and a WAN. The term MAN is used to refer to

networks which connect systems or local area networks within a metropolitan area

(roughly 40KM from one point to another).

o A MAN can support both data and voice. Cable television networks are examples of

MANs that distribute television signals. A MAN just has one or two cables and does

not contain switching elements.

• Wide Area Network (WAN)

o They are telecommunications networks that cover large geographic areas with

various communication facilities such as long distance telephone service, satellite

transmission and under-sea cables.

o These networks cover areas such as large city or metropolitan area, Whole Country

or Many countries and continents.

o Eg, Interstate banking networks and airline reservations systems

Function Based Classification

• Client Server Networking

o Computing power has rapidly become distributed and interconnected throughout

many organizations by networked computer systems that take the form of

client/server networks.

o Client/Server network is a computer network in which one centralized powerful

computer (called Server) is connected to many less powerful PCs or workstations

(called Clients)

o Client – A client is single workstation that provides a presentation services and the

appropriate computing, connectivity and the database services relevant to the

business need. They are classified into Fat Client, Think Client or Hybrid Client

▪ Fat Client – A Fat Client or thick Client is a client that performs the bulk of any

data processing operations itself, and does not necessarily rely on the server.

Chapter 1-5 IPCC


The server accessed primarily for storage purposes. Cost of maintenance is

high in the case of Fat Client eg, PC.

▪ Thin Client – Use the resources of the host computer. A thin client generally

only presents processed data provided by an application server. The

applications server performs the bulk of any required processing. Eg, A

device using web application is a think client.

▪ Hybrid Client – It is a mixture of above two client models. This approach

offers features from both fat client (multimedia support, high performance)

and thin client (high manageability, flexibility) eg, suitable for video gaming.

▪ Server – A Server is one more multi-user processors with shared memory providing

computing, connectivity and the database services and the interfaces relevant to the

business need.

▪ The network system implemented within the client/server technology is commonly

called by the computer industry as Middleware. They are the distributed software

needed to allow client and servers to interact.

▪ Features of Client/Server

• Service – Server is provider of services and client is consumer of

services

• Shared Resources – A server can service many clients at the same

time and regulate their access to shared resources.

• Transparency of Location – Location of the server from the clients is

normally masked

• Mix-and-Match – The ideal C/S software is independent of hardware

or Operating system software platforms.

• Scalability – In a C/S environment, client workstations can either be

added or removed and also the server load can be distributed across

multiple servers.

• Integrity – The server code and server data is centrally managed,

which results in cheaper maintenance and the guarding of shared

data integrity.

• Issues in Client Server network

o When the server crashes all the computers connected to it

become unavailable to use.

o Simultaneous access to data and services by the user takes

little more time for server to process the task.

Chapter 1-5 IPCC


• Peer-to-Peer Networking

▪ It is created with two or more PCs connected together and share resources without

going through a separate server computer.

▪ It can be an adhoc connection, couple of computers connected via a universal serial

bus to transfer files.

▪ The primary objective of P2P file sharing network is that many computers come

together and pool their resources to form a content distribution system.

▪ The computers are called peers because each one can alternately act as a client to

another peer, fetching its content, and as a server, providing content to other peers.

▪ Peer networks allow data to be shared easily in both directions, whether download

or uploads to and from the computer.

▪ Advantages

o They are easy and simple to set up and only require a hub or a switch to

connect all the computers together.

o It is very simple and cost effective

o If one computer fails to work, all other computers connected to it continue

to work.

▪ Disadvantages

o There can be problem in accessing files if computers are not connected

properly

o It does not support connections with too many computers as the

performance gets degraded in case of high network size.

o The data security is very poor in this architecture.

Chapter 1-5 IPCC


• Single-Tier Architecture

A tier is a distinct part of hardware or software

Single Tier Systems/One-Tier Architecture – A single computer that contains a database and

a front-end (GUI) to access the database is known as Singe Tier System.

o In this model there is one computer which stores all of company’s data on a single

database. The Interface which needs to talk to the database normally resides in the

same computer. The Interface can be either part of the database or a separate

program which runs on the same computer.

o Advantage – Normally requires only one stand alone computer. Hence cost effective

o Disadvantage – Normally can be used by only one user at a time, Also security is not

much there for the files.

• Two Tier Architecture

A two tier systems consists of a client and a server. Here Interface (GUI) runs on the client

and the data base is stored in the server.

Chapter 1-5 IPCC


• Advantages

▪ The system performance is higher because business logic and database are

physically close

▪ More users can interact with the system since processing is shared between

client and server

▪ By having simple structure, it is easy to setup and maintain entire system

smoothly

• Disadvantages

▪ Performance deteriorates if number of users increases

▪ The language used to talk to DBMS is proprietary to each vendor and hence

restricted flexibility and choice of DBMS.

• Three—Tier Architecture

Three tier architecture is a client server architecture in which the functional process logic,

data access, computer data storage and user interface are developed and maintained as

independent modules on separate platforms.

o Presentation Tier – Occupies the top level and displays information related to

services available on a website (GUI)

o Application Tier – Also called middle tier, logic tier, this tier is pulled from the

presentation tier. It controls application functionality by performing detailed

processing.

o Database Tier – This tier houses the database servers where information is stored

and retrieved. Data is kept independent of application tier or business logic.

o Advantage of Three Tier Systems

▪ Clear separation of user-interface-control and data presentation from

application logic.

▪ Dynamic load balancing – If bottlenecks in terms of performance occur, the

server process can be moved to other servers at run time.

Chapter 1-5 IPCC


▪ Change management/Scalable – It is easy and faster to exchange a

component on the server than to furnish numerous PCs with new program

versions.

o Disadvantages

▪ It creates an increased need for network traffic management, server load

balancing and fault tolerance

▪ Cost of installation increases and complexity is also more

• n-Tier Architecture

It is a client architecture in which presentation, application, processing and data

management functions are logically separated. By segregating an application into tiers

developers acquire the option of modifying or adding a specific layer, instead of reworking

the entire application.

Ownership Based Classification

• Public Data Network – It is defined as a network shared and accessed by users not

belonging to a single organization. Eg, Internet.

• Private Data Network – It provides businesses, government agencies and organizations of all

sizes as dedicated network to continuously receive and transmit data critical to both the

daily operations and mission critical needs of an organization.

• Virtual Private Network (VPN) – They are overlay networks on top of public networks but

with most of the properties of private networks. They are used to establish secure

intranets and extranets. VPN uses virtual connections routed through internet from the

business’s private network to the remote site.

Network Computing

Components

• Network Client computers with a browser based UI

• System and Application software

• Databases and DBMS

The two basic models of computing are

• Centralized Computing – computing is done at a central location, using terminals that are

attached to a central computer

o Disadvantages

o This system totally relies on the central computer. If the central computer crash

the entire system will go down

o Central computing relies heavily on the quality of administration and resources

provided to its users. If the support is inadequate the usage will be suffering.

Chapter 1-5 IPCC


• Decentralized Computing – It is allocation of resources, both hardware and software to each

individual workstation, or office location. These systems are capable of running

independently of each other. They enable file sharing and resource sharing. However in

case of up-gradation all computers have to be updated individually with new software,

unlike a centralized computer system.

Network Topology

The term ‘Toplogy’ defines the physical or logical arrangement of links in a network. Four basic

topologies used in wide area and local area telecommunications networks are as follows

• Star Network

• Ring Network

• Bus Network

• Mesh Network

Star Network

• Involves a central unit that has a number of terminals tied into it

• The central unit acts as a traffic controller which acts as the file server.

• Advantages

o Several users can use the central unit at the same time

o It is easy to add new nodes and remove existing nodes

o A node failure doesn’t bring down the entire network

o It is easier to diagnose network problems through a central hub

• Disadvantage

o The whole unit is affected if the main unit goes down.

o Less reliable than a ring network, because of the central computer dependency.

o Costs of cabling the central system and points of the star network together are very

high

Chapter 1-5 IPCC


Bus Network

• Here a single length of wire, cable or optical fiber connects a number of computers

• All communications travel along this single cable

• Bus networks have a decentralized approach.

• Advantages

o There is no host computer or file server, which makes bus network reliable as well as

easy to use and understand

o If one of the computer fails it will not affect the entire network.

o Less expensive than other cabling arrangements

o It is easy to extend

o A repeater can also be used to extend a bus configuration.

• Disadvantages

o Heavy network traffic can slow a bus considerably since any computer can transmit

at any time.

o Each connection between two cables weakens the electrical signal.

o A cable break or malfunctioning can be difficult to be find and hence difficult to

trouble shoot.

Ring Network

Chapter 1-5 IPCC


• It is similar to bus network, except the length of wire, cable or optical fiber connects to

form a loop.

• A ring network has a decentralized approach

• When one computer needs data from another computer, the data is passed along the

ring.

• More reliable and less costly than star

• Advantages

o Do not require a central computer to control activity nor does it need a file

server

o Each computer connected to the network can communicate directly with the

other computers in the network by using common communication channel.

o Not susceptible to failures like Star

o Offer high performance

o Ring can span longer distances than other types of networks

o Ring networks are easily extendable

• Disadvantages

o Relatively expensive and difficult to install

o It is difficult to troubleshoot

o Adding or removing computers can disrupt the work

Mesh Network

• In this there is random connection of nodes using communication links.

• It is either fully connected or connected with partial links

• Reliability is high

• Advantages

o Yields the greatest amount of redundancy in the event that if one of the nodes fails

the network traffic can be redirected to another node

o Network problems are easier to diagnose.

Chapter 1-5 IPCC


• Disadvantage

o High cost of installation

o High cost of maintenance (more cable requirements)

Digital Data Transmission

• A given transmission on a communication channel between two machines can be

accomplished either in Parallel mode or Serial mode. Further while there is one way to

send parallel data, there are two subclasses of serial transmission; Asynchronous and

Synchronous.

Serial and Parallel Transmission

Data Transmission

Parallel Serial

Asynchronous Synchronous

Chapter 1-5 IPCC


Asynchronous and Synchronous

Chapter 1-5 IPCC


Transmission Mode

• The transmission mode is used to define the direction of signal flow between two linked

devices. There are three types of transmission modes

o Simplex – the data flows in only one direction from the transmitter to receiver, eg,

key boards can only input and printer can only receive the data.

o Half-duplex – the data flows in one direction or the other, but not both at the same

time. Eg, walkie Talkie

o Full-duplex – the data flow in both directions simultaneously. Eg, mobile phones

Chapter 1-5 IPCC


Transmission Techniques

Based on the techniques used to transfer data, communication networks can be categorized

into

• Broadcast – the data transmitted by one node is received by many.

• Switched networks – the data transferred from source to destination is routed through the

switch nodes. There are three types of switching techniques

o Circuit Switching – It establishes a circuit before the communication. The route is

dedicated and exclusive and released only when the communication session

terminates. The three phases are 1. Establish a circuit, 2. Transfer of data and 3.

Disconnect the circuit

o Message Switching – end-users communicate by sending each other a message,

which contains the entire data being delivered from the source to destination node.

As the message is routed from source to destination each intermediate switch

within the network stores the entire message, providing a very reliable service.

(Store-Forward Service) eg, email, voice mail.

o Packet Switching – Messages are broken up into small transmission units called

packets, before they are sent. Different packets follow different routes and they

may reach the destination out of order, which will eventually be recompiled. Packet

switching is an emerged technology which is faster than message switching.

Network Architecture

It refers to the layout of the network consisting of the hardware, software, connectivity,

communication protocols and mode of transmission such as wired or wireless. The diagram of

the architecture provides a full picture of the established network with detailed view of all the

resources available.

Chapter 1-5 IPCC


Protocols

• They are software that performs a variety of actions necessary for data transmission

between computers.

• They are a set of rules for inter-computer communication that have been agreed upon and

implemented by many vendors, users and standard bodies to ensure that the information

being exchanged between two parties is received and interpreted correctly.

• A protocol defines the following three aspects of digital communication.

o Syntax: The format of data being exchanged, character set used, type of error

correction used, type of encoding scheme (e.g, signal levels) being used.

o Semantics: Type and order of messages used to ensure reliable and error free

information transfer

o Timing: Defines data rate selection and correct timing for various events during data

transfer

How does Protocol work?

At the sending computer, protocols

• break data down into packets

• Add destination address to the packet and

• Prepares data for transmission through Network Interface Card (NIC)

At the receiving computer, protocols

• Take data packets off the cable

• Bring packets into computer through Network Interface Card (NIC)

• Strip the packets off any transmitting information

• Copy data from packet to a buffer for reassembly; and

• Pass the reassembled data to the application

The OSI Model

• The International Standards Organization (ISO) developed a seven-layer Open Systems

Interconnection (OSI) model to serve as a standard model for network architectures.

Dividing data communications functions into seven distinct layers promotes the

development of modular network architectures, which assists the development, operation,

and maintenance of complex telecommunications networks. The seven layers of OSI

include the following:

o Layer 1 or Physical Layer – This is hardware layer which specifies mechanical

features as well as electromagnetic features of the connection between the devices

and transmission. It defines the relationship between a device and a physical

medium.

Chapter 1-5 IPCC


o Layer 2 or Data Link Layer – This layer responds to service requests from the

Network layer and issues service requests to the physical layer.

o Layer 3 or Network Layer – It provides the functional and procedural means of

transferring variable length data sequences from a source to a destination via one or

more networks, while maintaining the quality of service requested by the Transport

Layer.

o Layer 4 or Transport Layer –This layer ensures reliable and transparent transfer of

data between user processes, assembles and disassembles message packets and

provides error recovery and flow control. Multiplexing and encryption are

undertaken at this layer level.

o Layer 5 or Session Layer – This layers sets up, coordinates and terminates

conversations, exchanges, and dialogs between the applications at each end. It

deals with session and connection coordination. It provides for full-duplex, half-

duplex or simplex operation.

o Layer 6 or Presentation Layer – Also termed as Syntax Layer, which is part of the

operating system, which converts incoming and outgoing data from one

presentation format to another.

o Layer 7 or Application Layer – This layer is closest to the end user. Both the OSI

application layer and user interact directly with the software application. File

sharing, File transfer etc are carried through this layer.

Internet’s TCP/IP

• The Internet uses a system of telecommunications protocol that has become so widely used

that, it is equivalent to network architecture. The internet protocol suite is called

Transmission Control Protocol/Internet Protocol and is known as TCP/IP.

Chapter 1-5 IPCC


• TCP/IP consists of five levels of protocols that can be related to the seven layers of the OSI

architecture.

• Five levels of TCP/IP are

o Application or Process layer

o Host-to-Host Transport layer

o Internet Protocol (IP)

o Network Interface

o Physical layer.

Network Security

• The basic objective for providing network security is two-fold. It is

o to safeguard assets, and

o to ensure and maintain the data integrity.

• There are two types of Systems Security

o Physical Security – is implemented to protect the physical systems assets of an

organization like the personnel, hardware, facilities, supplies and documentation.

o Logical Security – is intended to protect data/information and software. Security

administrators tend to have responsibility for controls over

▪ Malicious and non-malicious threats to physical security and

▪ Malicious threats to logical security itself.

Chapter 1-5 IPCC


Threats

• Threat is a possible danger that can disrupt the operation, functioning, integrity or

availability of a network or system. They are four types

1. Unstructured Threats – These originate mostly from inexperienced individuals using

easily available hacking tools from the internet. Most of these kinds of probes done

more out of curiosity than with a malicious intent in mind.

2. Structured Threats – These originate from people who are highly motivated and

technically competent and usually understand network systems design and

vulnerabilities of those systems.

3. External Threats – These originate from individuals or organizations working outside an

organization, which does not have authorized access to organization’s computer

systems or network.

4. Internal Threats – Typically these originate from individuals who have authorized access

to the network. These users either have an account on a server or physical access to

the network.

Vulnerability

• Vulnerability is an inherent weakness in the design, configuration or implementation of a

network or system that renders it susceptible to a threat. Following are the facts

responsible for occurrence of vulnerabilities in the software

o Software Bugs – eg:-access validation errors, input validation erros

o Timing Windows – When a temporary file is exploited by an intruder to gain access

to the file, overwrite important data and use the file as a gateway for advancing

further into the system.

o Insecure default configurations – this occurs when vendors use known default

passwords to make it easy as possible for consumers to set up new systems.

Unfortunately most intruders know these passwords and can misuse it

o Trusting Untrustworthy information – routers need to be effectively programmed to

ensure that no unauthorized users are gaining access to the systems

o End Users – They need to be security conscious.

Level of Security/security programs

• Security Programs involve the following eight steps

1. Preparing Project plan for enforcing security

2. Asset Identification

3. Asset valuation

4. Threat identification

5. Threats probability of occurrence assessment

6. Exposure analysis

o Identify the controls in the place

Chapter 1-5 IPCC


o Assessing the reliability of the existing controls

o Evaluating the probability that a threat can be successful

o Assessing the resulting loss if threat is successful

7. Controls adjustments

8. Report generation outlining the levels of security to be provided for individual systems,

end user, etc

Network security

Security involves four aspects

1. Privacy (Confidentiality)

a. Cryptography – practice and study of techniques for secure communication in the

presence of third parties.

b. Encryption – technique used in cryptography to encode messages in such a way that

eavesdroppers or hackers cannot read it. Decryption is the recovery of original

message from the encrypted data.

2. Authentication – the receiver is sure of the sender’s identity and that an imposter has not

sent the message.

3. Integrity – data must arrive at the receiver exactly as it was sent.

4. Non-Repudiation – receiver must be able to prove that a received message came from a

specific sender and the sender must not be able to deny sending it.

• Encryption Types

o Secret Key/Private Key Encryption – the same key (private key) is used by both

sender and the receiver

o Public Key Encryption – there are two keys, private key and a public key. The private

key is kept by the receiver and the public key is announced to the public.

• Encryption Approaches

o Hardware Encryption – Specific devices are available at a reasonable cost for

encryption especially when there is high volume of traffic.

o Software Encryption – It is built in certain application where encryption is required

for selected data.

Network security protocols

• SSH (Secure Shell) – It is a program to log into another computer over a network, to execute

commands in a remote machine, and to move files from one machine to another. It

protects a network from attacks such as IP spoofing & DNS spoofing. During ssh login, the

entire login session the password is encrypted.

• SFTP – The SSH File Transfer Protocol (also known as Secure FTP) – It is protocol for

accessing and managing files on remote file systems. Unlike FTP, SFTP encrypts commands

Chapter 1-5 IPCC


and data both, preventing passwords and sensitive information from being transmitted over

the network.

• HTTPS – Hypertext Transfer Protocol Secure (HTTPS) – It is communication protocol for

secure communication over a computer network, especially over the internet. It uses

private and public keys to encrypt data flow between client and server.

• SSL – Secure Socket Layer (SSL) – It is a protocol that provides a secure channel between

two machines operating over the internet or an internal network. It is used when a web

browser needs to connect to server over the insecure internet. Especially used to secure

credit card transactions and other sensitive information when exchanged online, to secure

webmail and to secure intranet based traffic such as internal networks, file sharing,

database connections etc.

Network security techniques

• Intrusion Detection System (IDS) – It is a device or software application that monitors

network or system activities for malicious activities or policy violations and produces

reports to a management station.

o Network Intrusion Detection (NID) – placed on network to analyze the traffic

between the hosts.

o Host-based Intrusion Detection (HID) – placed on the hosts itself to monitor, detect

and respond to the user and system activity and attack on a given host.

o Hybrid Intrusion Detection – It offer management and alert notification from both

network and host-based intrusion detection devices.

• Firewall – It is a device that forms a barrier between a secure and an open environment

when the latter environment is usually considered hostile, usually internet.

• Network Access Control –NAC products enforce security policy by granting only security-

policy-compliant devices access to network assets.

• Anti-Malware – Malware or Malicious software is a term used to refer to a variety of hostile

software, including computer viruses and other malicious programs. Anti-Malware tools

helps administrators identify, block and remove malware.

• Site Blocking – It is a software based approach that prohibits access to certain websites that

are deemed inappropriate by management.

Network administration and management

• Operation – deals with keeping the network up and running smoothly

• Administration – deals with keeping track of resources in the network and how they are

assigned.

• Maintenance – deals with performing repairs and upgrades for the network.

• Provisioning – concerned with configuring resources in the network to support a given

service. Eg, provision a new customer access to the network.

Chapter 1-5 IPCC


FCAPS

• A common way of characterizing network management functions is FCAPS, which is the ISO

Telecommunications Management Network Model and framework for network

management.

o Fault management – identifies and isolates network issues, proposes problem

resolution and subsequently logs the issues and associated resolution.

o Configuration management – Monitors network and system configuration

information so that the impact on network operations (software and hardware

elements) can be tracked and managed.

o Accounting management – It is concerned with tracking network utilization

information, such that individual users, departments, or business units can be

appropriately billed for accounting purposes.

o Performance management – measures and makes network performance data

available so that performance can be maintained under acceptable thresholds.

o Security management – controls access to network resources as established by

organizational security guidelines.

Types of network

• Local Area Network or the Intranet – It is a company’s private network accessible only to

the employees of that company. It uses the common standards and protocols of the

internet.

• Extranet –It is similar to Intranet except that it offers access to selected outsiders. Extranets

allows business partners to exchange information.

• Internet – Global computer network

Chapter 1-5 IPCC


Internet

• To connect to Internet, the computer is first connected to an Internet Service Provider (ISP).

• The connection to ISP is through a telephone line or through separate cable.

• ISPs architecture is made up of long distance transmission lines that interconnect routers at

POPs (Point of Presence) in the different cities that ISPs serve.

• ISP’s connect to each other through Peer network

• The data to destination is send by ISP as packets.

Internet applications

• Email, Social media

• E-Commerce

• Blogs

• E-Conference

• Chat

• Gather information

Intranet

• An Intranet is a network inside the organization that uses Internet technologies.

• Business Value of Intranets include

o Communications and collaboration – email, voice mail, fax

o Web Publishing – company’s newsletters, technical drawings, product catalogs

o Business operations and management – applications like Order processing,

inventory controls, sales management can be implemented

Extranet

• Extranets are network links that use Internet technologies to interconnect the Intranet of a

business with the Intranets of its customers, suppliers or other business partners.

• Business value of Extranets

o User friendly and faster access to resources

o Enables to offer interactive web-enabled services to their business partners

o Improves collaboration by a business with its customers and other business partners

o Facilitate Customer focused process and product development.

E-commerce

• Reduction in costs to buyers

• Reduction in errors, time and overhead costs in information processing by eliminating

requirements for re-entering data

• Reduction in costs for suppliers

• Reduction in time to complete business transaction

Chapter 1-5 IPCC


• Creation of new markets and easier entry to geographically dispersed markets

• Better quality of goods

• Faster time to market

• Reduction in inventories

• Reduction in overhead costs

• Reduction in advertising costs

Types of e-commerce

• Business-to-Business (B2B) e-Commerce

• Business-to-Consumer (B2C) e-Commerce

• Consumer-to-Business (C2B) e-Commerce

• Consumer-to-Consumer (C2C) e-Commerce

• Business-to-Government (B2G) e-Commerce

• Business-to-Employee (B2E) e-Commerce

Mobile commerce

• M-Commerce is about the explosion of application and services that are becoming

accessible from Internet-enabled mobile devices.

• The industries mostly affected are

o Financial services

o Telecommunication Services

Electronic fund transfer

• Automated Teller Machines (ATMs)

• Point-of-Sale (POS) transactions

• Preauthorized Transfers

• Telephone Transfers

Chapter 1-5 IPCC


Chapter 4

Business Information Systems

Prepared by





Phone: +91 9526082655


Chapter 1-5 IPCC


What is Information?

• Information is processed data

• Information related to description, definition or perspective (what, who, when and where)

• Information is a key business asset. Which is crucial for business decision making.

What are Systems?

• Set of inter related and interacting elements that operate collectively to accomplish some

common purpose or goal.

• Accepts Inputs, producing outputs in an ordered transformation process.

Eg, Human Body, Business Enterprise

What are Information Systems?

• Information system facilitates in converting input “data” into output “information”.

• It is an integrated process of components for collecting, storing, processing and

communicating information.

• Aims to support operations, management and decision making.

• Information Systems (IS) refers to the interface of People, Processes and technology (PPT)

Chapter 1-5 IPCC


What are the Components of Information System?

• The purpose of each information system is to convert the data into information which is

useful and meaningful. This consists of four basic concepts.

• People, hardware, software and data are four basic resources of information systems;

• Human resources consist of end users and IT specialists; hardware involves machines and

media; software consists of programs and procedures; and data resources includes data,

model, and knowledge base;

• A process is used to convert data into information for end users

• Information processes consist of input, processing, output, storage and control processes.

What is Business Information System?

• BIS may be defined as systems integrating information technology, people and business.

• BIS bring business functions and information modules together for establishing effective

communication channels which are useful for making timely and accurate decisions and in

turn contribute to organizational productivity and competitiveness.

Chapter 1-5 IPCC


What is the need of Business Information System?

• To compete successfully in the modern business environment, information systems must be

able to

• Have large capacity for storage of information and also provide faster access

• Provide support for decision making

• Grant a competitive edge

• Ensure fast and accurate processing of data and make it available as and when required

• Offer faster communication and exchange of information across the value chain

• Reduce information redundancy

What is the Role of Information System in Business?

• Effectiveness of Information systems always results in better management of business

processes.

• When business processes are good, they can be much more successful and competitive in

the marketplace.

• A well organized, integrated information system helps to deliver companies better services

more promptly and cheap.

• The backbone of IS is Internet, eCRM, eCommerce and host of others which portray new

ways in which IS can be employed to cultivate business.

Types of Information Systems

Chapter 1-5 IPCC


• Strategic Level Systems: For Strategic managers to track and deal with strategic issues,

assisting long-range planning.

• Management-Level Systems: Used for monitoring, controlling, decision-making and

administrative activities of middle management. The systems takes care of predictions or

“what if..” type questions.

• Knowledge-Level Systems: These systems support discovery, processing and storage of

knowledge and data workers. These further control the flow of paper work and enable

group working.

• Operational-Level Systems: Support operational managers tracking elementary activities.

These can include tracking customer orders, invoice tracking, etc. They ensure that

business procedures are followed.

What are Transaction Processing Systems?

• A type of IS that collects, stores, modifies and retrieves the day-to-day transactions of an

enterprise.

• Airline Reservation systems, Railway reservation by IRCT, Banking Systems or the

accounting system of roughly any outsized company

Explain TPS Life Cycle.

• Data Entry – Capturing of business data. Eg, Point of Sale terminals. The data should be

quickly captures for its processing.

• Transaction Processing – Processing can be done in two ways

o Batch Processing – Data are accumulated over a period of time and processed

periodically

o Real Time Processing or Online Processing – Data are processed immediately after a

transaction occurs.

• Database Maintenance – An organizations databases must be updated by its transaction

processing systems so that they are always correct and up-to-date.

• Document and Report Generation – Transaction processing systems produce a variety of

documents and reports.

Explain TPS Attributes

• Access Control – TPS: Most TPS come with access control to put ceiling on users to only

those allowed to accomplish so.

• Equivalence – TPS: Transactions are processed in the similar format every time to ensure

that full effectiveness is achieved. The TPS Interfaces are designed to get hold of identical

data for each transaction, despite the consequences of the source.

• High Volume Rapid Processing- TPS is designed to process transactions in an immediate to

make confidant that the transactions data is available to other users or processes that entail

it.

Chapter 1-5 IPCC


• Trustworthiness - It is designed to be robust and trustworthy. The system is capable to

process transactions very rapidly yet at the same time conduct several checks to make

certain that the data integrity is preserved.

Explain Transaction Processing Qualifiers or ACID test.

In order to qualify as a TPS, transactions made by the system must pass the ACID test.

• Atomicity: This means the transaction is either completed in full or not at all. Eg, funds are transferred from one account to another, which means withdrawal and deposit both should take place.

• Consistency: TPS system exist within a set of operating rules or integrity constraints. Eg, if

trying to withdraw Rs.2000 from an ATM, it should be giving always Rs.2000 instead any

other amount.

• Isolation: Transactions must appear to take place in seclusion. Eg, in the fund transaction,

the debit and credit appear to be occurring simultaneously, but before the credit there

debit should happen.

• Durability: Once transactions are completed they cannot be undone. A log should be created to document all completed transactions. Eg, In the fund transaction, once the fund is transferred after some days it should not again reverse the fund automatically

What are Knowledge Management Systems? These systems support discovery, processing and storage of knowledge and data workers

• Office Automation Systems (OAS)

• Knowledge Management System (KMS)

What are Office Automation Systems (OAS)?

• OAS is amalgamation of hardware, software and other resources used to smooth the

progress of communications and augment efficiency.

• Office automation refers to the use of computer and software to digitally generate, collect,

store, manipulate and relay office information needed for accomplishing basic tasks and

goals.

• Eg, Microsoft Office 365

• OAS consists of the following activities

o Exchange of Information

o Management of administrative documents

o Handling of numerical data and

o Meeting, planning and management of work schedules.

Chapter 1-5 IPCC


Explain the Types of OAS?

• Text processing system

o Desk top publishing systems

o Support all types of printers and scanners and hence produces excellent documents

• Electronic document Management System

o Easy Storage and Retrieval

o Remote access possible

• Electronic message Communication System

o Email

o Fascimile (FAX)

o Voice Mail

• Teleconferencing and Video Conferencing System

Explain Knowledge Management System.

• An organization’s competitive gain depends on its knowledge processing, i.e what it knows;

how it uses and how fast it can know something new.

• KM is the process of capturing, developing, sharing and effectively using organizational

knowledge.

• KMS refers to any kind of IT system that stores and retrieves knowledge, improves

collaboration, locates knowledge sources, mines repositories for hidden knowledge,

captures and uses knowledge, or in some other way enhances the KM process.

What are the types of Knowledge?

• Explicit: - Explicit knowledge is that which can be formalized easily and as a consequence is

easily available across the organization. Explicit knowledge is articulated and represented

as spoken words, written material and compiled data. Eg; online tutorials, procedures,

policy etc.

OAS

Text Processing

Documentation Management

Message Communication

System

Video Conferencing

Chapter 1-5 IPCC


• Tacit : - Tacit knowledge on the other hand, resides in a few often-in just one person and

hasn’t been captured by the organization or made available to others. It is unarticulated

and represented as intuition, perspective, beliefs and values that individuals form based on

their experiences. Eg; hand-on skills, special know-how, employee experiences.

Differentiate between Information and Knowledge.

Explain knowledge discovery and Data Mining.

• KDD fundamentally deals with ways and means of capturing and making obtainable

knowledge of the experts to others, in electronic form.

• Data mining is one of the knowledge discovery technique

• Why knowledge has gained so much momentum?

o Altering Business surroundings: Business environment are not stable these days.

o Burgeon connections : Dispersed operations, global expansion and continual change

of business

o Globalization: in this period of globalization, innovation and managing the existing

knowledge is very important.

Chapter 1-5 IPCC


o Modification in Organizational composition: We are in the world of virtual

organization.

What are Management Level Systems?

Consists of the following types of Systems

• Management Information Systems

• Decision Support Systems

Briefly explain Management Information System (MIS)

• MIS is network of Information that supports the Management decision-making.

• It is computer based system that provides flexible and speedy access to accurate data.

• MIS is an integrated information system that serves all departments within an enterprise.

• It provides information to support operation, management and decision making functions in

an organization

• Aims at meeting the information needs of managers with regard to the current and past

operations of the enterprise.

• MIS provides meaningful data for management for planning, analysis and control to

optimize the growth of the organization

• Eg, University Information System, Airline reservations systems, Bank operations etc

Explain the steps in developing an MIS

• Step 1 : Groundwork Examination

o Understanding the Problem for which MIS is developed

o Analyzing the scope of work

o Identifying alternatives

o Analyzing cost effectiveness and selecting the best alternative.

Chapter 1-5 IPCC


• Step 2: Requirement Analysis

o Understanding the users

o User requirements

• Step 3: System Blueprint or Design

o Inputs, processes, outputs, procedures, storage/network

• Step 4: Acquisition and Procurement

o Ensure system acquired is compatible and cost effective

o The new system should meet all the performance standards and efficient.

Explain Decision Support System.

• Decision Support System is a type of computerized information system that supports

business and organizational decision-making activities.

• Supports the human decision-making process.

• Two types of languages ae used commonly in DSS

o General Purpose Planning language such as Script language in an Excel.

o Special Purpose Planning language such as SAS.

What are the characteristics of DSS?

• Supports decision making and occurs at all levels of management.

• Flexible and adaptable.

• DSS focus on decision rather than data and information.

• It should be easy to use.

• User-friendly.

• Mainly for decision making rather than for communicating decisions and training purposes

Explain the components of DSS

• The user

o Manager

o Staff Specialist

• Model Base – This is the master database and act as a brain

• Other Databases – can contain one or more databases. Implementation of databases in

three levels

• Planning Languages – General purpose and Special purpose languages which allows users

to perform routine tasks and specific tasks respectively

What are the four Phases of Decision Making?

• Intelligence Phase – This requires that the decision maker clearly understands the problem

for which decision is required

• Design – This phase includes inventing, developing and analyzing possible alternative

solutions for the problem to be resolved

Chapter 1-5 IPCC


• Choice – This phase includes selecting a correct solution among possible alternative

solutions

• Implementation – This includes adopting and implementing the selected solution.

What are Executive Information Systems (EIS)?

• EIS is an information system that serves the information need of top executives

• EIS provides highly user friendly graphical reporting system (dashboards) that will have the

drill down capabilities.

• In a way EIS = MIS + DSS

• Provides rapid access to timely information and direct access to management reports

• Capable of accessing both internal data and external data.

• All are online systems

• Provides trend analysis, market conditions etc

Differentiate between TPS and EIS.

Explain Specialized Systems.

• Specialized systems help organizations to automate complex business processes and help to

solve problems.

o Enterprise Resource Planning (ERP)

▪ Customer Relationship Management (CRM)

▪ Supply Chain Management (SCM)

▪ Human Resources Management System (HRMS)

▪ Accounting Information System (AIS)

o Core Banking System

Chapter 1-5 IPCC


Explain Enterprise Resource Planning (ERP).

• ERP provides solution to overall business problems

• ERP help to integrate five major resources of an organization namely : Man, Material,

Money, Machine and Market

• ERP Involves managing a large volume of data, large number of users and multiple system

components distributed anywhere in the world.

• Various modules coming under ERP are

o Customer Relationship management

o Supply Chain Management

o Human Resource Management

o Accounting Information System

Explain Customer Relationship Management (CRM)

• It is business process in which client relationships, customer loyalty and brand value are

built through marketing strategies and activities.

• Allows businesses to develop long-term relationships with established and new customers

while helping modernize corporate performance.

• It helps in employee training, marketing planning, relationship building and advertising.

• Analytical CRM definition = Customer understanding + Relationship management

• Greenberg’s definition of CRM = CRM establishes a business strategy, which drives

transformation in the business and influences work processes. These processes are

enabled by Information Technology.

What are the Benefits of CRM

• Provide product information and technical assistance to customers

• Acquire and retain good customers

• Increase the importance of customers for organization

• Identify each individual customer to define quality and provide customized services

• Provide mechanism of all possible contacts between organization and customers

• Provide a user friendly mechanism to register customer complaints

• Provide a fast mechanicsm to handle customer’s complaints and solutions

• Help to provide services in faster and best possible manner.

What is Supply Chain Management?

• Every product reaching end user goes through cumulative efforts of multiple organization.

These organizations are referred to collectively as the supply chain.

• Supply Chain Management is defined as the process of planning, implementing and

controlling the operations of the supply chain with the purpose of satisfying the customer’s

requirement as efficiently as possible.

Chapter 1-5 IPCC


• With the help of IT we need to manage the entire chain of activities from source to

destination.

Explain the Components of SCM.

• Procurement/Purchasing – procurement of raw material at optimum costs. It also takes

care of who should supply the parts, the components, or the services.

• Operations – includes maintaining optimum or minimum inventory of raw material and

finished goods such that organizations are able to achieve the maximum profit without

losing production or customers

• Distribution – Transportations, warehousing and managing goods for customers

• Integration – coordination with different elements of supply chain. Helps to integrate all

the components of supply chain.

Explain Human Resource Management System (HRMS)

• People are the most valuable asset of an enterprise.

• Substantial time and endeavor has to be spent in managing the human resources.

• A human resources management system (HRMS) is a software application that coalesce

many human resources functions, together with benefits administration, payroll, recruiting

and training, and performance analysis and assessment into one parcel.

State the Sub Modules (functions) taken care through HRMS.

• Workforce Management – effectively helps to manage labour rules, ensure compliance and

control labour costs and expenses.

• Time And Attendance management

• Payroll management

• Training Management

• Compensation Management – It helps to retain talented employees and in general to

achieve optimized organizational results.

Chapter 1-5 IPCC


• Recruitment Management

• Personnel Management

• Organizational Management

• Employee Self Service

• Analytics

Explain Accounting Information System (AIS)

• A system for collection, storage and processing of financial and accounting data that is used

by decision makers.

• An AIS is generally a computer-based method for tracking accounting activity in conjunction

with information technology resources.

• The resulting statistical reports can be used internally by management or externally by

other interested parties including investors, creditors and tax authorities.

• By implementing AIS organization can improve its own efficiency as well as that of its

managers and accountants.

What are the components of AIS?

• People – helps accountants, consultants, business analysts, managers, CFO and auditors etc

from different departments to work together

• Procedure and Instructions – these include both manual and automated methods for

collecting storing, retrieving and processing data.

• Data – information pertaining to the organizations business practices which includes, sales

order, customer billing statements, sales analysis reports, payroll information etc.

• Software – Programs which provide quality, reliability and security to the company’s

financial data that may be stored, retrieved, processed and analyzed

• IT Infrastructure – include all the hardware’s like servers, computers, printers etc

• Internal Controls – Security measures enforced to protect the data against unauthorized

computer access and to limit access to authorized users.

What is CORE Banking? Give some examples for CORE Banking.

• Core – Centralized Online Real-time Environment.

o Core Banking Systems are the heart of a bank. All transactions budge through core

systems. It is defined as the set of basic software components that manage the

services provided by a bank to its customers through its branches

• They run normally 24*7 to support internet banking, global operations and real time

transactions via ATM, Internet, phone and debit card.

• Various elements of core banking include

o Making and Servicing loans

o Operating new accounts

o Processing cash deposits and withdrawals

Chapter 1-5 IPCC


o Processing payment and cheques

o Calculating interest

o CRM

o Managing customer accounts

o Establishing criteria for minimum balances, interest rates etc

o Establishing interest rates and

o Maintaining records for all the bank’s transactions.

• Eg, Finacle from Infosys, Flex Cube from Oracle, Finn One from Nucleus

What is Artificial Intelligence?

• AI systems replicate or mimic human behavior like human thinking, communication and

recognition characteristics. It is research field that studies how to comprehend the

intelligent human behaviors on a computer.

• Various AI systems are

o Neural Network – human thinking capabilities

o Natural Language communications – human communication capabilities

o Robotics – human working capability

o Expert System – human experts’ problem solving capability

What are the commercial applications of AI?

• Decision Support –

o Intelligent work environment that will help you capture the why as well as what of

engineered design and decision making

o Intelligent human computer Interface (HCI) systems that can understand spoken

language and gestures and facilitate problem solving by supporting organization

wide collaboration to solve particular problems.

o Situation assessment and resource allocation software for uses that range from

airlines and airports to logistics centers.

• Information Retrieval

o AI based intranet and internet systems that helps to fetch information in a simple

form

o Natural Language Processing helps to retrieve online information in any form in

response to simple English

o Data base mining for marketing trend analysis, financial forecasting and

maintenance cost reduction

• Virtual Reality

o X-ray like vision enabled by enhanced reality visualization that allows neuro

surgeons to operate, monitor and evaluate disease progression

o Automated animation interfaces that allow users to interact with virtual objects via

touch

Chapter 1-5 IPCC


• Robotics

o Machine-vision inspections systems for gauging, guiding, identifying and inspecting

products and providing competitive advantage in manufacturing

o Cutting-edge robotics systems from micro-robots and hands and legs.

What are Expert Systems?

• Experts systems is a computerized information system that allows non-experts to make

decisions comparable to those of an expert.

• Components of Expert System

o User Interface

o Inference Engine – It contains various rules and logics to arrive at a solution for a

problem.

o Explanation facility – Provides explanation of logics to users for solution

o Knowledgebase – contains past knowledge of experts

o Knowledge Acquisition Facility – used for building knowledge base.

What are the types of Expert Systems? State the benefits and uses of Expert Systems.

• Expert System Types – Example based, Rule based (if then else) and frame based (where it

divides data and processes related to problems into logically linked frames to create the

most logical solution)

• Benefits

o Provide low cost solution or advice

o Always available for advice

o Helps users in better decision making

• Uses

o Doctors use in medical practices

o Auditors use in auditing

Chapter 1-5 IPCC


Explain Business Intelligence (BI). List some of the Tools.

• Business Intelligence is a technique which provides useful information to decision makers

automatically by scanning internal and external databases of organizations.

• It is very much linked to data mining technique

• BI helps in effective decision making

• Provides useful patterns, trends and charts about customers, suppliers, employees etc

• BI is dealing with collection of data from many data sources and then analyzing and

presenting information in useful way to decision makers.

Tools

• Simple reporting and Querying Tools: These tools provide appropriate response to given

data query.

• Business Analysis Tools: Involves business logics to create useful pattern and present data in

multidimensional form for better decision making. This is an advance form of query

reporting tools.

• Dashboard – This can be configured as per user requirements. Includes collection of

graphs, reports and KPI that can help to monitor important business activities together.

• Scorecards – It represents organization’s key matrix and graphics for organization’s

performance indicators

• Data mining and Statistical Analysis – Data mining tool help analyze large volume of data

(big data). Data mining along with Statistical analysis helps to arrive at better strategic

decisions for the organization.

Access Controls and its types.

• Information system and its resources can have two types of access

o Logical Access – Access of resources through programs or applications

o Physical Access – It is physical or direct access of information system resources like

access to hard-disk, tape and other disk devices which has information.

• Based on the above access we need to provide two types of controls

o Logical Access controls through ID and passwords

o Physical Access controls through locks on doors.

How to enforce Access control?

• Identity management – User Name or Id

• Authentication – Identity management & Authentication are inseparable. It is actually

validation of the user’s identity.

• Authorization – It identifies what systems and network resources a user can access

• Accountability – Every step from providing identity through authentication and

authorization is logged or recorded into the system.

Chapter 1-5 IPCC


What are the approaches to Access Control?

• Role Based (RBAC) – Access for resources are assigned to the role rather an individual.

• Rule Based (RAC) – Access for resources based on Business rules. Eg, Timesheet approvals.

Explain Payment Mechanisms.

• Credit Cards – Electronic Fund Transfer (EFT) is something part of our life. Credit card

payment is one of the EFT where the payment is digital.

• Steps involved in Credit Card Payment

• Step 1 – Submits his credit card to merchant

• Step 2 – Merchant uses a card processor which is connected to Payment Gateway.

• Step 3- Payment Gateway passes the secure transaction information via a secure

connection to the Interchange or the credit card network (VISA, MASTERCARD). The credit

card network routes the transaction to the Issuing Bank that issued the credit card.

• Step 4 – The issuing bank approves or declines the transaction based on customer’s

available funds and passes the transaction results back to the credit card network, which in

turn informs Payment Gateway.

• Step 5 – Payment gateway stores the transaction results and sends them to the card

processor for the customer and merchant to see.

• Step 6 – The merchant delivers goods or services to the buyer

• Step 7 – The issuing bank send the appropriate funds for the transactions to the credit card

network, which passes the funds to the merchant’s bank.

Chapter 1-5 IPCC


What are other electronic Payment mechanisms used?

• Electronic Cheques: It reduces the dependency on paper based cheques for transfer of

money. It is basically an electronic version of paper cheque.

• Smart Cards: Contains embedded microchip instead of magnetic strip used in credit card. It

can be used as electronic wallet. Used to avail parking fee, booking of cinema tickets etc.

o Contact Card – This type of card needs to be inserted into the reader machine for

payment

o Contact less Card – Doesn’t need to be inserted into the reader

o Combi Card – Combination of contact & contact less card.

• Electronic Purses – Smart card with Pre-loaded money value. The user can charge the

amount through an ATM machine. This card needs PIN from user for payment to merchant

or over internet.

Chapter 1-5 IPCC


Chapter 5

Business Process Application

Through Application Software

Prepared by





Phone: +91 9526082655


Chapter 1-5 IPCC


Types of Business Applications

Business Application are classified based on

• Nature of processing: batch processing/online processing. Applications are categorized

based how data is updated by these applications. If there is a time delay for the application

to update data, then it is batch processing, otherwise it is online processing such as ATM,

online booking etc. In Real time processing, input is continuously, automatically acquired

from sensors.

• Source of application: in house (customer built)/off the shelf (Packaged)/outsourced

(leased) – from where the application is sourced

• Nature of business: small business/large business – based on number of users for whom the

application has been developed. It is based on the size and complexity of the business.

• Functions covered: accounting/office management etc – based on business functions.

Business Applications based on Functions

• Accounting applications

• Office management software

• Compliance applications

• Customer Relationship Management software

• Management support software

• ERP Software

• Product Lifecycle Management Software

• Logistics Management Software

• Legal Management Software

• Industry Specific Applications

Why BPA

• BPA is a strategy to automate business processes so as to bring benefit to enterprise in

terms of cost, time and effort

• The core objective of BPA is achieved integrating various business processes.

• The key benefits are

o Cost Saving

o To remain competitive

o Fast service to customers

Chapter 1-5 IPCC


Objectives of BPA

• Key objectives of BPA are to provide efficient and effective business processes. However

BPA provides efficient and effective business processes through the following parameters :

o Confidentiality – ensure that business data is available to only authorized persons

o Integrity – ensure no un-authorized amendments can be made in the data

o Availability – data is available to authorized users whenever required

o Timeliness – data is made available at the right time.

Steps to Go for BPA

• Step 1: Define why we plan to implement BPA?

• Step 2: Understand the rules/regulation under which it needs to comply with?

• Step 3: Document the process, we wish to automate

• Step 4: Define the objectives/goals to be achieved by implementing BPA.

• Step 5: Engage the business process consultant.

• Step 6: Calculate the ROI for project.

• Step 7: Development of BPA

• Step 8: Testing the BPA

Applications that help to achieve BPA

• Tally – takes care of accounting and inventory

• SAP R/3 -

• MS Office applications

• Attendance systems

• Vehicle Tracking Systems

• Automated Toll Collection Systems

• Department Stores Systems

• Educational Institute Management Systems etc

Delivery Channels

Refers to the mode through which information or products are delivered to users

• For information include

o Intranet

o Email

o Internal newsletters and magazines

o Portable devices

o Social networking sites etc

Chapter 1-5 IPCC


• For product include

o Traditional models, brick and mortar type

o Buying from a shop

o Home delivery

o Buying from deptl stores

o Buying from online

How to Choose Delivery Channel?

• Information Delivery -

o More than just Intranet – Organizations should consider other channels as well for

information delivery within the organization. Eg, notice board in canteen.

o Understand staff needs & environment – Organizations having limited use of IT can

depend more f2f meetings and other informal methods of delivery.

o Traditional channels need to be formalized – Organizations should not ignore the

importance of traditional delivery channels, in fact they should try to formalize these

channels to successfully gain the importance of these.

• Product Delivery – Online delivery is gaining more popularity compared to traditional.

Controls in BPA

• Control is defined as technique, policy, procedure or practice adopted by organization to

provide reasonable assurance that undesired events will be prevented or detected and

corrected.

• Controls help organization to achieve desired business objectives.

Control objectives

• Physical safeguard and security – ensures access to physical assets and IS are controlled.

• Accuracy of transactions – ensures transactions are accurate and consistent.

• Completeness – ensures that transactions are complete

• Validity – ensures that transactions are valid

• Authorization – ensures transactions are approved by responsible personnel

• Error handling – ensures corrective actions are taken place for the errors identified

• Segregation of Duties – duties to be segregated for effective control.

Information System Controls

• Benefits – Auditors cannot examine and evaluate all the data processing carried out with in

an organization. Controls direct them toward those aspects of information system function

in which material losses or account misstatements are most likely to occur. Control reduce

expected losses from unlawful events by

o Decreasing the probability of the event occurring in the first place or

o Limiting the losses that arise if the event occurs

Chapter 1-5 IPCC


• Types of Controls – Control can be divided into two parts

o Managerial Controls

o Application Controls

Managerial Controls

• These are controls over managerial functions that must be performed to ensure the

development, implementation, operation and maintenance of information systems in a

planned and controlled manner in an organization. They are classified as

o Top Management

o Information Systems Management

o Systems Development Management

o Programming Management

o Data Administration

o Quality Assurance Management

o Security Administration

o Operations Management

Top Management and Information Systems Management Controls

• Top Management must ensure that information systems function is well managed. It is

responsible for policy decisions relating to how information systems will be used in the

organization.

• Information Systems Management has overall responsibility for the planning and control of

all information system activities. It has the responsibility to translate the long-run policy

decision of the top management into short-run goals and objectives.

• Top Management does Planning, Organizing, leading and Controlling

• Top Management prepares two types of information systems plan – Strategic Plan and an

Operational Plan.

Systems Development Management Controls

It has the responsibility for the functions concerned with analyzing, designing, building,

implementing and maintaining information systems. Three different types of audits are

conducted to ensure this.

• Concurrent Audit – Generally done during the development phase.

• Post implementation Audit

• General Audit – Can be done anytime

Chapter 1-5 IPCC


Programming Management Controls

The primary objectives of this is to produce and implement high quality programs. The

program development life cycle comprises of six major phases. The controls in these phases

ensures that software released to production is authentic, accurate and complete.

• Planning – WBS, Gantt Charts

• Design – Structured design, object oriented design

• Coding –Coding Strategy and documentation Strategy

• Testing – Unit Testing, Integration Testing, System Testing

• Operation and Maintenance – Repair Maintenance (bug fixing), Adaptive Maintenance

(enhancements), Perfective maintenance (tune the program)

Data Resource Management Controls

Data is a critical resource and hence it should be managed centrally and controlled.

• Availability of Data to users

• Integrity of Data need to be preserved

• Reliability of Data need to be maintained

• Security of Data

Quality Assurance Management Controls

Organizations are bound to produce quality products to their customers. Organization wide

quality procedures and objectives for the products produced are enforced.

Security Management Controls

Some of the major threats and Controls enforced related to security are given below

• Fire – Fire Protection systems

• Water – Facilities must be designed to mitigate losses from water damage

• Energy variations – Voltage regulators, ups etc

• Structural Damage – Facilities must designed to prevent this.

• Pollution – Regular cleaning

• Unauthorized intrusion – physical access controls

• Viruses and worms – antivirus software's

• Misuse of software, data and services – Code of conduct

• Hackers – Logical Access controls to mitigate losses from the activities of hackers

Chapter 1-5 IPCC


Operations Management Controls

Responsible for the daily running of hardware and software facilities. Typically performs

controls over the functions like computer operations, communication network control,

documentation file library, help desk, capacity planning and performance monitoring,

Outsourced operations.

• Operation Management controls ensures –

• hardware/software systems are executing as expected

• An acceptable response time is achieved

• An acceptable level of uptime is occurring.

Application controls

• These controls are applied for data processing steps of any application or software.

• These controls prevent, detect and correct errors related to data processing.

• These controls are inbuilt in the application software to ensure accurate and reliable

processing of data.

• They ensure that all transactions are authorized, complete and accurate.

Types of Application Controls

• Boundary controls

• Input Controls

• Communication Controls

• Process Controls

• Output Controls

• Database Controls

Boundary Controls

• They are primarily related to access controls. The access control mechanism has three

steps

o Identification

o Authentication

o Authorization

• The key boundary control techniques are the following

o Cryptography – This technique transforms data into encrypted codes.

o Passwords – This technique identifies the user by authenticating name or employ id

or a secret code or combination of both.

o Personal identification Numbers (PIN) – similar to password and assigned to a user

by an institution based on user characteristics.

Chapter 1-5 IPCC


o Identification Cards – In this a smart card is used for authentication of user.

Identification cards or smart cards are used to store information required in an

authentication process.

Input Control

• These controls ensure the accuracy and completeness of input data to system.

• The data input can be by either using source document or direct input.

• The key input controls are

o Source Document Controls

o Data Coding Controls

o Batch Control

o Validation Control

Communication Controls

• Communication components are responsible for transporting data

o within the system

o To and from another system.

• Three types of exposure are there in the communication subsystem.

o Data can be impaired during transportation

o The hardware and software components in a communication system can fail

o The communication system itself can be subjected to attacks.

Communication Control Types

In order to prevent the exposure following controls can be implemented

• Physical component control – Chose the physical media which is reliable, eg bounded or

unbounded, communication lines – private (leased) or public, multiplexers etc.

• Line Error controls – whenever data is transmitted over a communication line, it can be

received in error because of distortion or noise that occurs in the line. enforced through

Error Detection(eg, Parity Check, Cyclic Redundancy checks and Loop Check) and Error

Correction (eg, Forward and Error correction and Backward Error correction)

• Flow Controls – These are needed because two nodes in a network can differ in terms of the

rate at which they can send and receive and process data. The simplest form is “Stop and

wait flow control” where send transmits a frame of data only when the receiver is ready to

accept the frame.

• Link Controls – involves two common protocols – HDLC (Higher Level Data Control) and

SDLC (Synchronous Data Link control)

• Topological Controls – Topology specifies the location of nodes in a network, the ways in

which these nodes will be linked and the data transmission capabilities of the links between

the nodes (eg, Bus, ring, Star and Tree topology)

Chapter 1-5 IPCC


• Channel Access Controls – In order to prevent Contention (two nodes in a network

competing to use a network channel), some type of access control technique must be used.

Eg, Polling methods and Contention methods. Polling techniques establish an order in

which a node can gain access whereas in Contention methods, nodes in a network must

compete with each other to gain access.

• Internetworking Controls – Internetworking is the process of connecting two or more

communication networks together to allow the users of one network to communicate with

the uses of other networks. Three types of devices are used, Bridge, Router and Gateway.

Process Controls

In the processing stage, the controls help for correct processing of transactions.

• Run to Run Control – The control is applicable when transactions are processed through

different stages. This ensures no record is missed or double counted while moving

between each stage.

• Reasonableness Verification – In this any field is verified or compared through different

methods to check correctness of value.

• Edit Checks – It is applied in the processing stage to verify the accuracy and completeness of

data.

• Field Initialization – All fields should be initialized before the calculations otherwise it will

result in data overflow.

• Exception Reports or message – This control provides message to user if an error occurs

during processing.

• Existence/Recovery Controls- The check-point/restart logs, facility is a short-term backup

and recovery control that enables the system to be recovered if failure is temporary.

Output Controls

These controls ensure that error free output is delivered to authorized users and in a secured

manner.

• Maintaining log – This ensures keeping log details of what is being given as output.

• Spooling/Queue media control – This ensures and prevents unauthorized access to printers.

• Controls over printing – Selection of printer is controlled.

• Report Distribution – Report distribution should be in a secured form.

• Secured Maintenance of sensitive printed output forms/records

• Retention Control – This control ensure that outputs are maintained for the required period

before these outputs are destroyed.

• Existence/Recovery Control – This control is needed to recover the outputs incase outputs

are intentionally or accidently destroyed

Chapter 1-5 IPCC


Database Controls

Integrity of database is maintained with the help of database controls.

• Sequence Check, Transaction and Master Files – Synchronization and the correct sequence

of processing between master and transaction file is critical to maintain the integrity of

data.

• Ensure all records on files are processed – All the records in the transaction file should

update the Masterfile. Ensured through end of file check.

• Process multiple transactions for a single record in the correct order – Multiple transactions

can occur based on a single master record.

Emerging Technologies

Network Virtualization

Virtualization is known as the process of creating logical computing resources with the help of

available physical resources. It is accomplished through using virtualization software.

• Through virtualization large physical network can be provisioned into multiple smaller

logical network and conversely multiple physical LANs can be combined into a larger logical

network.

• The key applications of this concept are:

o Server Consolidation – Virtual machines are used to consolidate many physical

servers into fewer servers. The physical servers are treated as a virtual machines

and can host many platforms and applications for large number of users. This is

known as Physical-to-Virtual or “P2V” transformation.

o Disaster Recovery – Virtual machines can be used as “hot standby” environments for

physical production servers. This helps to take over shift the load of physical server

to virtual server in case of disaster or shutdown of physical server.

o Testing and Training – Hardware virtualization help to act as training and testing

platforms as these provide combination of multiple resources without affecting the

working of underlying physical resources.

o Portable Applications – Network Virtualization help running portable applications,

i.e, without installing permanently into a physical server.

o Portable workspaces – It helps to create portable workspaces for working devices

like iPods and USB memory sticks

Chapter 1-5 IPCC


Types of Virtualization

• Hardware Virtualization – The hardware virtualization consolidate many small physical

servers into one large physical server so that processor can be used more effectively. The

software that creates a virtual machine on the host hardware is called a hypervisor or

Virtual machine manager.

• Network Virtualization – This allows a large physical network to be provisioned into multiple

smaller logical networks and conversely allows multiple physical LANs to be combined into a

larger logical network. This allows network administrators to improve traffic control,

enterprise and security. Network virtualization is intended to optimize network speed,

reliability, flexibility, scalability and security.

• Storage Virtualization – It is pooling of data from multiple storage devices, even different

types of storage devices, into what appears to be a single device that is managed from a

central console. It helps the Storage administrator to perform the tasks of backup, archiving

and recovery more easily and in less time.

Grid Computing

• Grid Computing – It is computer network in which each computer’s resources are shared

with every other computer in the system. Hence the complex jobs to different nodes result

in efficient computing of complex jobs.

• In Grid computing, every distributed resource (which may located in different locations) is

shared in such a way that grid computing network turns into a powerful supercomputer for

processing.

• Every authorized computer would have access to enormous processing power and storage

capacity.

Chapter 1-5 IPCC


Benefits of Grid Computing

• Making use of Underutilized resources – Grid computing can be used to aggregate this

unused storage into a much larger virtual data store, which results in improved

performance and reliability over that of any single machine.

• Resource Balancing – For applications that are grid enabled, resource balancing can be

achieved by scheduling grid jobs on machines with low utilization. An unexpected peak

load can be routed to relatively idle machines in the grid and at the same time a low priority

work can be temporarily suspended and can be performed at a later point of time.

• Parallel CPU capacity – The potential of multiple CPU’s in the grid can be utilized to perform

jobs in one tenth of time if otherwise run independently with a single CPU.

• Virtual resources and Virtual organizations for collaboration – Grid provides the

environment for collaboration among a wider audience virtually.

• Access to additional resources – In addition to CPU and storage resources, a grid can

provide access to other resources like other software’s, increasing the bandwidth etc.

• Reliability – Expensive hardware’s are used to increase reliability. Duplicate processors help

to replace one automatically, if the other one is failed. Similarly power supplies and cooling

systems are duplicated.

• Management – Grid helps to manage the future upgrade needs of the environment. Also

whenever maintenance is required, grid work can be rerouted to other machines without

crippling the projects involved.

Types of Resources in Grid Computing

• Computation – There are three ways to exploit the computation resources of a grid

o To run an existing application on an available machine on the grid rather than locally

o To use an application designed to split its work in such a way that separate parts can

execute in parallel on different processors and

o To run an application that needs to be executed many times, on many different

machines in the grid

• Storage – A grid providing an integrated view of data storage is called data grid. Storage can

be memory attached to the processor grid or secondary storage.

• Communications – They are important for sending jobs and their required data, to points

within the grid.

• Software and Licenses – Licensing management software keeps track of how many

concurrent copies of the software are being used and prevents more than that number

from executing at any given time.

• Special equipment, capacities, architectures and policies – Platforms on the grid will have

different architectures, operating systems, devices, capacities and equipment

Chapter 1-5 IPCC


User’s Perspective – Using a Grid

• Enrolling and Installing Grid Software – Once the user and/or machine are authenticated,

the grid software is provided to the user for installing on his machine for the purpose of

using the grid as well as donating to the grid

• Logging onto the Grid – Normally user will have to login to query and submit jobs.

• Queries and submitting jobs – queries are done using CLI or GUI. Job submission consists of

three parts

o Input data/file is sent to the machine to execute the job

o Job is executed in the grid machine

o Results are sent back to the submitted

• Data configuration – The data used for various grid jobs need to be effectively used.

• Monitoring progress and recovery - User can query the grid system to see how his

application and its sub-jobs are progressing.

• Reserving resources – To improve the quality of a service, the user may arrange to reserve a

set of resources in advance for his exclusive or high priority use.

Administrative Perspective – Using a Grid

• Planning – The administrator should understand the organization’s requirements for the

grid to better choose the grid technologies that satisfy grid’s requirements.

o Security – It is very important factor in planning and maintaining a grid. It is

important to provide suitable authentication and authorization for users for specific

operations.

o Organization – It is important to understand how the departments in an organization

interact, operate and contribute to the whole.

• Installation – Grid system must be installed on an appropriately configured set of machines.

• Managing enrollment of donors and users – Administrator is responsible for controlling the

rights of the users in the grid.

• Certificate Authority – It is critical to ensure the highest levels of security in a grid because

the grid is designed to execute code and not just share data. The primary responsibilities of

a certificate authority are

o Positively identifying entities requesting certificates

o Issuing, removing and archiving certificates

o Protecting the certificate authority server

o Maintaining a namespace of unique names for certificate owners

o Serving signed certificates to those needing to authenticate entities and

o Logging activity

• Resource Management – to manage the resources like tracking the usage, identifying future

needs etc

Chapter 1-5 IPCC


• Data sharing – Administrator should consider procedures to maintain backup copies and

replicas to improve performance in case large grid. All of the resource management

concerns apply to data on the grid.

Application Areas of Grid Computing

• Civil engineers collaborate to design, execute & analyze shake table experiments

(earthquake)

• An insurance company mines data from partner hospitals for fraud detection.

• An application service provider offloads excess load to a compute cycle provider

• Large-scale science and engineering are done through the interaction of people,

heterogeneous computing resources, information systems and instruments, all of which are

geographically and organizationally dispersed.

Grid Computing Security

Grid systems and applications require standard security functions which are Authentication,

Access Control, Integrity, Privacy and No Repudiation. To develop security architecture,

following constraints are taken from the grid environment and application.

• Single sign-on – A user should authenticate only once and they should be able to acquire

resources, use them and release them and to communicate internally without any further

authentication.

• Protection of Credentials – User passwords, private keys etc need to be protected

• Interoperability with local security solutions – Access to local resources should have local

security policy at a local level

• Exportability – The code should be exportable

• Support for secure group communication - a number of communications takes place and it

should be coordinated securely.

• Support for multiple implementations - There should be a security policy which should

provide security to multiple sources based on public and private key cryptography.

Cloud Computing

• Cloud Computing - Use of computing resources as a service through networks, typically

internet.

• Internet Clouds, hence the term “Cloud” Computing.

• Eg, Google Apps where any application can be accessed using a browser.

• Physical location of the accessed resources are not known to the end user.

• User can even develop, deploy and manage their applications “on the cloud”.

Chapter 1-5 IPCC


Cloud Service Models

• IaaS : The IaaS providers offer computers and virtual machines as a service. Eg; Azure, HP

Cloud

• PaaS : The PaaS providers offer, the Operating System and the programming language

execution environment, database and Web Server. Eg; Azure, Heroku

• SaaS : The SaaS providers offer access to large variety of applications, eg; Google Apps

Advantages of Cloud

• Cost Efficiency: The costs involved for the service provided are almost negligible compared

to the costs when we own the resources.

• Unlimited Storage: No worries on Storage getting expired.

• Backup and Recovery: This is normally part of the engagement with the cloud provider and

comes with the service which is easier.

• Automatic Software Integration for the types of services that you need to get from the

cloud.

• Easy Access to information: Once registered the information is available from anywhere.

• Quick Deployment: Relatively much easier deployment and is depending on the kind of

technology of the business.

Risks of Cloud Computing

• Technical Issues – This technology is prone to outages and other risks. Even the best cloud

service providers run into technical issues despite keeping high standards of maintenance.

• Security in the Cloud – Keeping all the company’s sensitive information to a third-party

cloud service provider can potentially put the company to a great risk.

• Prone to Attack – Storing information the cloud could make the company vulnerable to

external hacker’s attack and threats. There is always the high possibility of stealing

sensitive data.

Date post:	22-Dec-2021
Category:	Documents
Upload:	others
View:	3 times
Download:	0 times

IT Notes – CA IPCC Old Syllabus

Documents