- Email: [email protected]
System development for different information systems
CHAPTER
System development for different information systems
16
Chapter outline Introduction ............................................................................................................259 Different types of information systems ......................................................................260 Case study 1 (mobile commerce information system) ................................................262 Case study 2 (banking information system)...............................................................264 Case study 3 (mobile tourism information system) ....................................................266 Summary ................................................................................................................267 References .............................................................................................................267
Learning objectives n
To understand different types of information systems
n
To recognize types of existing information systems
n
To be familiar with system development for different information systems
n
To learn how to apply the concept of this book for different information systems
Introduction The main purpose of this book is to offer information on the pin the development of mobile medical information systems (mMISs). For this reason, life cycle, management, methodological approach, and applications are included in this book. However, the concepts of this book are not only limited to the development of mMISs but also it can be applied for any kind of information system. Therefore, this chapter focused on different types of information systems which are categorized as (1) Operation Support Systems (OSSs) and (2) Management Support Systems (MSSs) by O’Brien and Marakas (2010). As there are some information systems that can be either OSS or MSS and even some have different functionalities, O’Brien and Marakas’s information system classification is enhanced in this chapter by adding Multifunction Support Systems (MfSSs). Expert systems, knowledge management systems, strategic information systems, functional business systems, database Perspectives in the Development of Mobile Medical Information Systems. https://doi.org/10.1016/B978-0-12-817657-3.00016-X Copyright © 2020 Elsevier Inc. All rights reserved.
259
260
CHAPTER 16 System development for different information systems
management systems, data warehouses, neural networks, geographic information systems, global information systems, office automation systems, and search engines are examples of MfSS. Development processes of three case studies are discussed in this chapter including Mobile Commerce Information System (mCIS), Web Banking Information System (WBIS), and Mobile Tourism Information System (mTIS).
Different types of information systems Information system (IS) is “any organized combination of people, hardware, software, communications networks, data resources, and policies and procedures that stores, retrieves, transforms, and disseminates information in an organization” (O’Brien & Marakas, 2010). People rely on information systems to communicate with each other for various purposes. This communication requires “variety of physical devices (hardware), information processing instructions and procedures (software), communications channels (networks), and stored data (data resources).” Information technology (IT) is a subset of information system (IS), which refers to the technology aspect within the entire system. IS indicates the management of an entire set of information and involves technology components, people, and processes whereas IT focuses on the maintaining the system’s hardware, software, database, and network for the purpose of creating communication between users. Types of information systems are classified in different ways. For instance, O’Brien and Marakas (2010) categorized information systems into: (1) Operation Support Systems (OSSs) and (2) Management Support Systems (MSSs), each of which includes subcategories. OSSs refer to those systems that produce different information for internal and external use. OSSs include specialized processing systems, transaction processing systems, process control systems, and enterprise collaboration systems. On the other hand, MSSs provide information in the form of report and displays to managers and professionals. MSSs consist of management information systems, decision support systems, executive information systems, and specialized processing systems. There are some other categories of information systems such as expert systems, knowledge management systems, strategic information systems, and functional business systems which can support either operations or management applications. There are some information systems, which produce different information for internal and external use and also provide information in the form of report and display to the managers. For instance, the case of iHeart in this book, which is a mMIS, has the capability of OSSs and MSS. It collects different information about different hospitals and shows to the patients once requesting for the nearest hospital. It provides information about patients’ health, their current location, their family, etc. and displays to the healthcare providers. Prescriptions and recommendations form healthcare providers can be transferred and applied to
Different types of information systems
the patients. Therefore, this kind of systems is considered as MfSSs which include the tasks of OSSs, MSSs, expert systems, knowledge management systems, database management systems, and so forth. Consequently, the types of information systems by O’Brien and Marakas (2010) can be enhanced as illustrated in Fig. 16.1. As mentioned before, iHeart is considered as MfSSs as it offers different information for internal (hospitals) and external (patients and their family) use and also it provides information in the form of report and displays to doctors, nurses, and other medical professionals. Three case studies are discussed in this chapter, first of which is considered as on type of MfSSs. e-Torch, which is a mCIS, supports decisionmaking; provides information for internal (tourists, end users) and external (hotels, restaurants, UNESCO sights); utilizes database management systems, and collects information and displays to the manager of e-Torch company. The system mentioned in the second case study is a simple WBIS. WBIS is considered as a transaction processing system which is one of the subcategory of OSS. The system designed in third case study is a mTIS that is kind of MfSSs. mTIS supports decision-making; provides different information for internal (tourists) and external (tourism industries); and utilizes geographical information and search engines to offer the best solutions to tourists.
FIGURE 16.1 Types of information systems.
261
262
CHAPTER 16 System development for different information systems
Case study 1 (mobile commerce information system) e-Torch is a location-based mCIS, which focuses on the promotion advertisement for hotels, restaurants, and UNESCO sights near to mobile device current location by using ellipse model for tracking. This system is considered as MfSSs, which was proposed on 2013 to facilitate businesses (such as hotel, restaurant, UNESCO sights) and to advertise their products in an efficient way to the mobile customers according to their current Global Positioning System (GPS) coordinates (Keikhosrokiani, Mustaffa, Sarwar, & Zakaria, 2013). The e-Torch framework architecture, illustrated in the work done by Keikhosrokiani et al. (2013), is composed of important abstract layers namely: Mobile Software and Clients layer, Network Communication Technology layer, e-Torch Core Framework Component, Client Service Lookup (such as UNESCO Site, Google Maps, Shopping Mall advertisements, Restaurant and Hotel lookup services, respectively), and e-Torch Database Repository layer. Description of technology being used: The main component of the research that is conducted related to this software is the location tracking and m-commerce-based framework platform that can accommodate a mobile user by providing requested point of interests accurately, efficiently, and with robustness. The client GPS location tracking will be done through GPS or A-GPS in which the mobile client sends the request to satellite in order to get the exact location. That information will be later transmitted to the e-Torch server through cellular network (GPRS). After sending the request to the server, the information will be processed and then sent back to the client through cellular network (GPRS) by SMS or MMS. Therefore, the proposed system framework platform is based on hybrid technology that is a combination of GPS (for location tracking information) and cellular network (for point of interest information details) to the mobile client user. System Development Life Cycle (SDLC): System Development Life Cycle (SDLC) gives the platform for software analysts, designers, and engineers to develop the software in a well-defined phase that starts from requirement gathering till its deployment phase. These phases are linked together to form a chain or cycle that never ends throughout the life cycle of the software evolution. Through these phases, the software evolution goes through requirement gathering, software product design and documentation with design patterns, and implementation and importantly testing before the prototype is ready to be deployed (Easton, 1980). The SDLC has many models that have different phases that are linked together to form the evolution of software development from requirement to the deployment. These models are waterfall model, fountain model, ellipse model, rapid prototyping, incremental model, etc. that have different attributes and advantages according to the type of development requirements. The model is selected by the project manager of the software according to the requirement specification given by the software analyst. Project planning and feasibility study: Generally planning and feasibility study is an important and integral part to make the project either successful or unsuccessful. It is only true for big projects with long process flow but will be unnecessary for
Case study 1 (mobile commerce information system)
small-scale projects. In large-scale projects, the feasibility study is carried out with formal process flow with realistic measures and expected risk involvement that can change the project scope and result. Systems analysis and requirements definition: The first phase of the SDLC starts from the requirement gathering from the client about the project. Normally the requirement is gathered by the system analyst in the form of software requirement specification (SRS) that was analyzed in order to generate client requirements and market trends (Satzinger, Jackson, & Burd, 2008). Systems design: The SRS is then given to a software engineer who converts those requirement specifications to data flow diagram, sequence diagram, design patterns, or pseudo-development tools like C, Cþþ, Java, etc. In case of any ambiguity in design, the software engineer contacts the software analyst for the clarification of the design requirements (Walls, Widmeyer, & Sawy, 1992). Implementation: The design of flows and sequences is then translated to the algorithms and pseudocode and later implemented by the software developer using a programming language appropriate for the requirement and design such as C, Cþþ, Java, etc. After the implementation and internal testing, the output of the design is then analyzed and verified as to confirm whether the end result is equivalent to the projected design output. If it is not, then the cycle will start from the beginning. Integration and testing: After the implementation and evaluation, the next phase of the SDLC is to test according to the real-time environment to make the product more reliable. This is mainly done by the quality assurance team that tests the software in a real-time scenario so when deployed it should not have any problem. In case, if any bug occurred, the software is given to the development team with severity feedback and the process continues until the quality assurance team approved that software is bug-free (LI, 1990). Maintenance: The software life cycle is continuous process that never finishes as the requirements change according to the market trends. After successful deployment of the software market, added functionality can be added or existing option can be modified that was first studied by the software analyst, designed by the software engineer, and later implemented and tested that will result in latest version of the software in market. Development model for e-Torch: In the previous section, we discussed about SDLC and its phases that explain the software life cycle. Depending upon the complexity of SDLC methodology, SDLC has many models such as incremental, spiral, waterfall, agile and prototyping, etc. We have selected incremental model for the research project that suits requirement and type of software. Incremental model starts from the requirement gathering phase, proceeds with design of the software, and then moves toward the implementation and testing phase. On each phase of the model, it gets incremented following the incremental model. When one phase gets completed, then the process is incremented to the next phase where the iteration is based on the phases like inception (project scope), elaboration (design and architecture), construction (fills in the building blocks), and transition (operation and deployment). Architects and analysts work on iteration ahead of developers and testers to keep their work-product backlog full.
263
264
CHAPTER 16 System development for different information systems
Development tools: The proposed e-Torch framework system will use sophisticated telecommunication infrastructure and technology from GPS and cellular (GPRS-General Package Radio Service) networks in order to address the requirement of the proposed project. In the initial stage project life cycle, we will use Java platform for the application middleware between the server database management architecture and the mobile client. The database management system will be mySQL which is free and open source and can handle well more than 1000 users simultaneously. For mobile user, Java-based software application was used that can help to navigate through maps and provide services regarding promotion and UNESCO sights. Testing methods: Software testing following the quality of assurance criteria is one of the crucial phases of project development in which the software attributes and functionalities are compared with the SRSs and then tested in a simulated real-time environment. The application developers do white box testing where they debug the code and then verify the data values in variables and importantly test the application based on the API testing, code coverage, fault injection methods, mutation testing methods, etc. On later stage, the software is retested by a quality assurance engineer using black box testing method where, on real-time scenario, they produce bugs of different severity with methods including equivalence partitioning, boundary value analysis, all-pairs testing, traceability matrix, and importantly specification-based testing.
Case study 2 (banking information system) An effective and secure WBIS was developed by Mitropoulos, Othonos, and Douligeris (2013), which is a transaction processing system, which is one of the subcategories of OSS. Waterfall model was used for system development. The emphasis of system development was on security standards using the SSL protocol, the security techniques provided by the .Net Framework and a Role-Based Access Control (RBAC) model. After development of the system, it was evaluated using balanced scorecard method. Technological trends: Recent development in modern web banking systems during that time was related to technologies and architectures, security, business intelligence, system integration, multichannelled systems, and the use of the Web 2.0 innovations. Complex web banking system usually needs internet portals to offer multiple functionalities, products, and services to the users. Traditional web technologies such as HTML, ASP, PHP, JSP, etc. are no longer useful for web banking system. These kinds of system require a sophisticated, multitiered architecture which is developed by latest technologies. Furthermore, as web banking manage large amount of data, it needs to be supported by strong database management system to handle big data. As web banking system is more vulnerable to threats, all possible threats must be analyzed and the security of the system must be ensured. In addition, as web banking
Case study 2 (banking information system)
system includes many complex transactions and procedures, a systematic analysis and modeling using UML is required before development and deployment. Business intelligence (BI) features can be added to the design of web banking system to gain the attention of more customers and improve customer relationship management. Web banking system can perform integrated systems where customers and employees can use a common access point. In another word, back-office and frontoffice systems utilize a secured framework to access to the resources and processes. Web banking systems can increase the number of products and offered online services using automotive services between client and service providers. Finally, use of Web 2.0 and above can help web banking become more interactive and user friendly. Social media can be used as a platform for promoting web banking services. System development: The proposed WBIS used waterfall model to analyze, design, and develop the system. The waterfall model utilized the phases of requirement analysis, design, implementation and testing, operation, and maintenance. During requirement analysis, WEIS was divided into three subsystems to fulfill the desired functionalities. These three subsystems are (1) web banking system, (2) security and used administration, and (3) employee bank office system. Requirement analysis: Modern programming technologies and security techniques was used to develop WBIS. The system was divided into three subsystems based on the functionality requirements. A common interface was used to provide different view for each user category who are end users, employees, and administration users. The web banking subsystem, which is used by end users, contains basic banking services such as account details, transactions, fund transfers, client authentication, transaction authentication, electronic payment, user administration, remittances, etc. Security and user administration subsystem provides capabilities for users, manage permissions and roles, and support user authentication issues. This subsystem is responsible for the security of the overall system as it utilized several security functions. Finally, the employee bank office subsystem manages human resources and positions in the bank. Furthermore, it controls several internal processes related to employees by initiating requests to the administration subsystem. Security requirement: For the security requirement phase, first the security threats for the web banking system were analyzed. Some threats include data injection, session hijacking, identity spoofing, network eavesdropping, and information disclosure. After, analyzing these threats for the proposed WBIS, solutions were added into the system for each attack. System functionality: In order to present system functionality, indicative workflow and UML diagrams were used during requirement analysis and design phase. The process of a remittance batch execution; states and the transitions of an external remittance; the interactions concerning the execution of an external remittance; the activation of a new TAN list; the creation of a new employee; and the creation of a user’s credentials were illustrated in this step to make the system functionality apparent.
265
266
CHAPTER 16 System development for different information systems
Implementation: Implementation phase consists of (1) system implementation, (2) security encapsulation, and (3) Role-Based Access Control model (RBAC) implementation. The system is implemented using MS Visual Studio platform programming technologies and uses a service-oriented architecture. The web portal interface was implemented in ASP.Net, VB.Net, and Javascript. Security service, back office, transaction service, and automated email service are the services that encapsulate the business logic of WBIS. Security encapsulation was implemented toward a secure WBIS. The service provided by security encapsulation consists of a secure system that includes data restriction and validation, low privileged accounts, cryptographic functions, strong passwords, use of the SSL protocol, exception handling, auditing of processes, and a strong authentication and authorization framework based on a role-based access model (Mitropoulos et al., 2013). RBAC provides large-scale authorization for different bank roles. It uses the basic functionalities offered by the security classes of .Net Framework. Authentication and authorization are provided by .Net Framework in which users, roles, and all data are stored in tables. On the other hand, permissions are defined in an XML web configuration file and define access in certain subsystems. Finally, admin tool is used to encapsulate users, roles, permissions, and management processes in the basic workflow of a banking system. Multiperspective system evaluation: Balance scorecard (BSC) was used to evaluate the proposed WBIS. The BSC evaluated business processes toward finance, customer, internal business processes, and the learning and growth. In addition, external factors that are affected by the development of WBIS were examined. The external factors include financial status, customer relationship, trainings, and expected growth of company.
Case study 3 (mobile tourism information system) An assistive software application was developed by Pozi (2013) to reduce cost and limitations faced by tourists in Malaysia. This system is kind of MfSSs. Using the proposed mTIS assists tourists to view attractive destinations, accommodations, and travel information in Malaysia. In addition, tourists can record their favorite destination addresses. Iterative Development Life Cycle was used in this project. The application was designed for Android operating systems and iwas called iTravel. By applying iterative Development Life Cycle, a series of prototype have been developed. Every version of new prototype was scaled down to meet the requirements of the final version of the mobile application. Requirement planning: In the requirement planning phase, the plans for development of iTravel was mentioned based on the given time period. The problem statement, objectives, project scope, and the significance of the project were defined in the phase. In addition, a survey was conducted among foreign students in Universiti Teknologi PETRONAS to find their need from iTravel.
References
Analysis: This phase starts with researches, fact findings, and analysis of iTravel. In addition, the application requirements were collected using literature review from the existing applications. Furthermore, flowchart and use case diagram of iTravel were created in this phase. Design: This phase involved the overall description of iTravel that includes interface design. The user interface consists of home screen and four features including map tour, homestay, travel kits, and GPS. Implementation: This phase is part of cutover activities including data conversion, testing, changeover to the new app, and user training. The implementation phase was conducted based on the use case diagram and application behaviors which were designed in the design phase. MIT App Inventor, an open source tool, was used to build the application. Testing: After implementation, iTravel was tested and evaluated by users to check whether their requirements were fulfilled. If not, modifications were applied from the analysis phase, design, implementation, and testing. Testing was done to correct the results by applying user feedback. The main purpose of testing phase was to verify the acceptability and user satisfaction. Two types of testing were applied for this project comprising functional testing and user acceptance testing. Functional testing focused on the requirements whereas user acceptance testing applied to ensure iTravel meets the objectives of the project and to make sure users are satisfied. Delivery: In the delivery phase, iTravel was submitted for evaluation and grading purpose after application was improved in testing phase and it was error-free.
Summary This chapter focused on different types of information systems. O’Brien and Marakas’s information system classification is enhanced in this chapter by adding MfSSs. Furthermore, it provides different case studies to show system development for different types of information systems. Theses case studies can assist the readers to find the similarities between the concepts of this book and development processes for different type of information system.
References Easton, M. (1980). Batch throughput efficiency of ADCCP/HDLC/SDLC selective reject protocols. Communications, IEEE Transactions on, 28(2), 187e195. Keikhosrokiani, P., Mustaffa, N., Sarwar, M. I., & Zakaria, N. (2013). E-Torch: A mobile commerce location-based promotion system. The International Technology Management Review, 3(3), 140e159. LI, E. Y. (1990). Software testing in a system development process: A life cycle perspective. Journal of Systems Management, 41(8), 23e31.
267
268
CHAPTER 16 System development for different information systems
Mitropoulos, S., Othonos, C., & Douligeris, C. (2013). An effective and secure web banking system: Development and evaluation. International Journal of Business Information Systems, 12(3), 335e361. O’Brien, J. A., & Marakas, G. (2010). Management information systems (10th ed.). McGrawHill. Pozi, S. N. F. B. (2013). Travel guide in Malaysia mobile application (Bachelor). Universiti Teknologi PETRONAS. Satzinger, J. W., Jackson, R. B., & Burd, S. D. (2008). Systems analysis and design in a changing world. Boston: Course Technology, Cengage Learning. Walls, J. G., Widmeyer, G. R., & Sawy, O. A. E. (1992). Building an information system design theory for vigilant EIS.
System development for different information systems
16
Chapter outline Introduction ............................................................................................................259 Different types of information systems ......................................................................260 Case study 1 (mobile commerce information system) ................................................262 Case study 2 (banking information system)...............................................................264 Case study 3 (mobile tourism information system) ....................................................266 Summary ................................................................................................................267 References .............................................................................................................267
Learning objectives n
To understand different types of information systems
n
To recognize types of existing information systems
n
To be familiar with system development for different information systems
n
To learn how to apply the concept of this book for different information systems
Introduction The main purpose of this book is to offer information on the pin the development of mobile medical information systems (mMISs). For this reason, life cycle, management, methodological approach, and applications are included in this book. However, the concepts of this book are not only limited to the development of mMISs but also it can be applied for any kind of information system. Therefore, this chapter focused on different types of information systems which are categorized as (1) Operation Support Systems (OSSs) and (2) Management Support Systems (MSSs) by O’Brien and Marakas (2010). As there are some information systems that can be either OSS or MSS and even some have different functionalities, O’Brien and Marakas’s information system classification is enhanced in this chapter by adding Multifunction Support Systems (MfSSs). Expert systems, knowledge management systems, strategic information systems, functional business systems, database Perspectives in the Development of Mobile Medical Information Systems. https://doi.org/10.1016/B978-0-12-817657-3.00016-X Copyright © 2020 Elsevier Inc. All rights reserved.
259
260
CHAPTER 16 System development for different information systems
management systems, data warehouses, neural networks, geographic information systems, global information systems, office automation systems, and search engines are examples of MfSS. Development processes of three case studies are discussed in this chapter including Mobile Commerce Information System (mCIS), Web Banking Information System (WBIS), and Mobile Tourism Information System (mTIS).
Different types of information systems Information system (IS) is “any organized combination of people, hardware, software, communications networks, data resources, and policies and procedures that stores, retrieves, transforms, and disseminates information in an organization” (O’Brien & Marakas, 2010). People rely on information systems to communicate with each other for various purposes. This communication requires “variety of physical devices (hardware), information processing instructions and procedures (software), communications channels (networks), and stored data (data resources).” Information technology (IT) is a subset of information system (IS), which refers to the technology aspect within the entire system. IS indicates the management of an entire set of information and involves technology components, people, and processes whereas IT focuses on the maintaining the system’s hardware, software, database, and network for the purpose of creating communication between users. Types of information systems are classified in different ways. For instance, O’Brien and Marakas (2010) categorized information systems into: (1) Operation Support Systems (OSSs) and (2) Management Support Systems (MSSs), each of which includes subcategories. OSSs refer to those systems that produce different information for internal and external use. OSSs include specialized processing systems, transaction processing systems, process control systems, and enterprise collaboration systems. On the other hand, MSSs provide information in the form of report and displays to managers and professionals. MSSs consist of management information systems, decision support systems, executive information systems, and specialized processing systems. There are some other categories of information systems such as expert systems, knowledge management systems, strategic information systems, and functional business systems which can support either operations or management applications. There are some information systems, which produce different information for internal and external use and also provide information in the form of report and display to the managers. For instance, the case of iHeart in this book, which is a mMIS, has the capability of OSSs and MSS. It collects different information about different hospitals and shows to the patients once requesting for the nearest hospital. It provides information about patients’ health, their current location, their family, etc. and displays to the healthcare providers. Prescriptions and recommendations form healthcare providers can be transferred and applied to
Different types of information systems
the patients. Therefore, this kind of systems is considered as MfSSs which include the tasks of OSSs, MSSs, expert systems, knowledge management systems, database management systems, and so forth. Consequently, the types of information systems by O’Brien and Marakas (2010) can be enhanced as illustrated in Fig. 16.1. As mentioned before, iHeart is considered as MfSSs as it offers different information for internal (hospitals) and external (patients and their family) use and also it provides information in the form of report and displays to doctors, nurses, and other medical professionals. Three case studies are discussed in this chapter, first of which is considered as on type of MfSSs. e-Torch, which is a mCIS, supports decisionmaking; provides information for internal (tourists, end users) and external (hotels, restaurants, UNESCO sights); utilizes database management systems, and collects information and displays to the manager of e-Torch company. The system mentioned in the second case study is a simple WBIS. WBIS is considered as a transaction processing system which is one of the subcategory of OSS. The system designed in third case study is a mTIS that is kind of MfSSs. mTIS supports decision-making; provides different information for internal (tourists) and external (tourism industries); and utilizes geographical information and search engines to offer the best solutions to tourists.
FIGURE 16.1 Types of information systems.
261
262
CHAPTER 16 System development for different information systems
Case study 1 (mobile commerce information system) e-Torch is a location-based mCIS, which focuses on the promotion advertisement for hotels, restaurants, and UNESCO sights near to mobile device current location by using ellipse model for tracking. This system is considered as MfSSs, which was proposed on 2013 to facilitate businesses (such as hotel, restaurant, UNESCO sights) and to advertise their products in an efficient way to the mobile customers according to their current Global Positioning System (GPS) coordinates (Keikhosrokiani, Mustaffa, Sarwar, & Zakaria, 2013). The e-Torch framework architecture, illustrated in the work done by Keikhosrokiani et al. (2013), is composed of important abstract layers namely: Mobile Software and Clients layer, Network Communication Technology layer, e-Torch Core Framework Component, Client Service Lookup (such as UNESCO Site, Google Maps, Shopping Mall advertisements, Restaurant and Hotel lookup services, respectively), and e-Torch Database Repository layer. Description of technology being used: The main component of the research that is conducted related to this software is the location tracking and m-commerce-based framework platform that can accommodate a mobile user by providing requested point of interests accurately, efficiently, and with robustness. The client GPS location tracking will be done through GPS or A-GPS in which the mobile client sends the request to satellite in order to get the exact location. That information will be later transmitted to the e-Torch server through cellular network (GPRS). After sending the request to the server, the information will be processed and then sent back to the client through cellular network (GPRS) by SMS or MMS. Therefore, the proposed system framework platform is based on hybrid technology that is a combination of GPS (for location tracking information) and cellular network (for point of interest information details) to the mobile client user. System Development Life Cycle (SDLC): System Development Life Cycle (SDLC) gives the platform for software analysts, designers, and engineers to develop the software in a well-defined phase that starts from requirement gathering till its deployment phase. These phases are linked together to form a chain or cycle that never ends throughout the life cycle of the software evolution. Through these phases, the software evolution goes through requirement gathering, software product design and documentation with design patterns, and implementation and importantly testing before the prototype is ready to be deployed (Easton, 1980). The SDLC has many models that have different phases that are linked together to form the evolution of software development from requirement to the deployment. These models are waterfall model, fountain model, ellipse model, rapid prototyping, incremental model, etc. that have different attributes and advantages according to the type of development requirements. The model is selected by the project manager of the software according to the requirement specification given by the software analyst. Project planning and feasibility study: Generally planning and feasibility study is an important and integral part to make the project either successful or unsuccessful. It is only true for big projects with long process flow but will be unnecessary for
Case study 1 (mobile commerce information system)
small-scale projects. In large-scale projects, the feasibility study is carried out with formal process flow with realistic measures and expected risk involvement that can change the project scope and result. Systems analysis and requirements definition: The first phase of the SDLC starts from the requirement gathering from the client about the project. Normally the requirement is gathered by the system analyst in the form of software requirement specification (SRS) that was analyzed in order to generate client requirements and market trends (Satzinger, Jackson, & Burd, 2008). Systems design: The SRS is then given to a software engineer who converts those requirement specifications to data flow diagram, sequence diagram, design patterns, or pseudo-development tools like C, Cþþ, Java, etc. In case of any ambiguity in design, the software engineer contacts the software analyst for the clarification of the design requirements (Walls, Widmeyer, & Sawy, 1992). Implementation: The design of flows and sequences is then translated to the algorithms and pseudocode and later implemented by the software developer using a programming language appropriate for the requirement and design such as C, Cþþ, Java, etc. After the implementation and internal testing, the output of the design is then analyzed and verified as to confirm whether the end result is equivalent to the projected design output. If it is not, then the cycle will start from the beginning. Integration and testing: After the implementation and evaluation, the next phase of the SDLC is to test according to the real-time environment to make the product more reliable. This is mainly done by the quality assurance team that tests the software in a real-time scenario so when deployed it should not have any problem. In case, if any bug occurred, the software is given to the development team with severity feedback and the process continues until the quality assurance team approved that software is bug-free (LI, 1990). Maintenance: The software life cycle is continuous process that never finishes as the requirements change according to the market trends. After successful deployment of the software market, added functionality can be added or existing option can be modified that was first studied by the software analyst, designed by the software engineer, and later implemented and tested that will result in latest version of the software in market. Development model for e-Torch: In the previous section, we discussed about SDLC and its phases that explain the software life cycle. Depending upon the complexity of SDLC methodology, SDLC has many models such as incremental, spiral, waterfall, agile and prototyping, etc. We have selected incremental model for the research project that suits requirement and type of software. Incremental model starts from the requirement gathering phase, proceeds with design of the software, and then moves toward the implementation and testing phase. On each phase of the model, it gets incremented following the incremental model. When one phase gets completed, then the process is incremented to the next phase where the iteration is based on the phases like inception (project scope), elaboration (design and architecture), construction (fills in the building blocks), and transition (operation and deployment). Architects and analysts work on iteration ahead of developers and testers to keep their work-product backlog full.
263
264
CHAPTER 16 System development for different information systems
Development tools: The proposed e-Torch framework system will use sophisticated telecommunication infrastructure and technology from GPS and cellular (GPRS-General Package Radio Service) networks in order to address the requirement of the proposed project. In the initial stage project life cycle, we will use Java platform for the application middleware between the server database management architecture and the mobile client. The database management system will be mySQL which is free and open source and can handle well more than 1000 users simultaneously. For mobile user, Java-based software application was used that can help to navigate through maps and provide services regarding promotion and UNESCO sights. Testing methods: Software testing following the quality of assurance criteria is one of the crucial phases of project development in which the software attributes and functionalities are compared with the SRSs and then tested in a simulated real-time environment. The application developers do white box testing where they debug the code and then verify the data values in variables and importantly test the application based on the API testing, code coverage, fault injection methods, mutation testing methods, etc. On later stage, the software is retested by a quality assurance engineer using black box testing method where, on real-time scenario, they produce bugs of different severity with methods including equivalence partitioning, boundary value analysis, all-pairs testing, traceability matrix, and importantly specification-based testing.
Case study 2 (banking information system) An effective and secure WBIS was developed by Mitropoulos, Othonos, and Douligeris (2013), which is a transaction processing system, which is one of the subcategories of OSS. Waterfall model was used for system development. The emphasis of system development was on security standards using the SSL protocol, the security techniques provided by the .Net Framework and a Role-Based Access Control (RBAC) model. After development of the system, it was evaluated using balanced scorecard method. Technological trends: Recent development in modern web banking systems during that time was related to technologies and architectures, security, business intelligence, system integration, multichannelled systems, and the use of the Web 2.0 innovations. Complex web banking system usually needs internet portals to offer multiple functionalities, products, and services to the users. Traditional web technologies such as HTML, ASP, PHP, JSP, etc. are no longer useful for web banking system. These kinds of system require a sophisticated, multitiered architecture which is developed by latest technologies. Furthermore, as web banking manage large amount of data, it needs to be supported by strong database management system to handle big data. As web banking system is more vulnerable to threats, all possible threats must be analyzed and the security of the system must be ensured. In addition, as web banking
Case study 2 (banking information system)
system includes many complex transactions and procedures, a systematic analysis and modeling using UML is required before development and deployment. Business intelligence (BI) features can be added to the design of web banking system to gain the attention of more customers and improve customer relationship management. Web banking system can perform integrated systems where customers and employees can use a common access point. In another word, back-office and frontoffice systems utilize a secured framework to access to the resources and processes. Web banking systems can increase the number of products and offered online services using automotive services between client and service providers. Finally, use of Web 2.0 and above can help web banking become more interactive and user friendly. Social media can be used as a platform for promoting web banking services. System development: The proposed WBIS used waterfall model to analyze, design, and develop the system. The waterfall model utilized the phases of requirement analysis, design, implementation and testing, operation, and maintenance. During requirement analysis, WEIS was divided into three subsystems to fulfill the desired functionalities. These three subsystems are (1) web banking system, (2) security and used administration, and (3) employee bank office system. Requirement analysis: Modern programming technologies and security techniques was used to develop WBIS. The system was divided into three subsystems based on the functionality requirements. A common interface was used to provide different view for each user category who are end users, employees, and administration users. The web banking subsystem, which is used by end users, contains basic banking services such as account details, transactions, fund transfers, client authentication, transaction authentication, electronic payment, user administration, remittances, etc. Security and user administration subsystem provides capabilities for users, manage permissions and roles, and support user authentication issues. This subsystem is responsible for the security of the overall system as it utilized several security functions. Finally, the employee bank office subsystem manages human resources and positions in the bank. Furthermore, it controls several internal processes related to employees by initiating requests to the administration subsystem. Security requirement: For the security requirement phase, first the security threats for the web banking system were analyzed. Some threats include data injection, session hijacking, identity spoofing, network eavesdropping, and information disclosure. After, analyzing these threats for the proposed WBIS, solutions were added into the system for each attack. System functionality: In order to present system functionality, indicative workflow and UML diagrams were used during requirement analysis and design phase. The process of a remittance batch execution; states and the transitions of an external remittance; the interactions concerning the execution of an external remittance; the activation of a new TAN list; the creation of a new employee; and the creation of a user’s credentials were illustrated in this step to make the system functionality apparent.
265
266
CHAPTER 16 System development for different information systems
Implementation: Implementation phase consists of (1) system implementation, (2) security encapsulation, and (3) Role-Based Access Control model (RBAC) implementation. The system is implemented using MS Visual Studio platform programming technologies and uses a service-oriented architecture. The web portal interface was implemented in ASP.Net, VB.Net, and Javascript. Security service, back office, transaction service, and automated email service are the services that encapsulate the business logic of WBIS. Security encapsulation was implemented toward a secure WBIS. The service provided by security encapsulation consists of a secure system that includes data restriction and validation, low privileged accounts, cryptographic functions, strong passwords, use of the SSL protocol, exception handling, auditing of processes, and a strong authentication and authorization framework based on a role-based access model (Mitropoulos et al., 2013). RBAC provides large-scale authorization for different bank roles. It uses the basic functionalities offered by the security classes of .Net Framework. Authentication and authorization are provided by .Net Framework in which users, roles, and all data are stored in tables. On the other hand, permissions are defined in an XML web configuration file and define access in certain subsystems. Finally, admin tool is used to encapsulate users, roles, permissions, and management processes in the basic workflow of a banking system. Multiperspective system evaluation: Balance scorecard (BSC) was used to evaluate the proposed WBIS. The BSC evaluated business processes toward finance, customer, internal business processes, and the learning and growth. In addition, external factors that are affected by the development of WBIS were examined. The external factors include financial status, customer relationship, trainings, and expected growth of company.
Case study 3 (mobile tourism information system) An assistive software application was developed by Pozi (2013) to reduce cost and limitations faced by tourists in Malaysia. This system is kind of MfSSs. Using the proposed mTIS assists tourists to view attractive destinations, accommodations, and travel information in Malaysia. In addition, tourists can record their favorite destination addresses. Iterative Development Life Cycle was used in this project. The application was designed for Android operating systems and iwas called iTravel. By applying iterative Development Life Cycle, a series of prototype have been developed. Every version of new prototype was scaled down to meet the requirements of the final version of the mobile application. Requirement planning: In the requirement planning phase, the plans for development of iTravel was mentioned based on the given time period. The problem statement, objectives, project scope, and the significance of the project were defined in the phase. In addition, a survey was conducted among foreign students in Universiti Teknologi PETRONAS to find their need from iTravel.
References
Analysis: This phase starts with researches, fact findings, and analysis of iTravel. In addition, the application requirements were collected using literature review from the existing applications. Furthermore, flowchart and use case diagram of iTravel were created in this phase. Design: This phase involved the overall description of iTravel that includes interface design. The user interface consists of home screen and four features including map tour, homestay, travel kits, and GPS. Implementation: This phase is part of cutover activities including data conversion, testing, changeover to the new app, and user training. The implementation phase was conducted based on the use case diagram and application behaviors which were designed in the design phase. MIT App Inventor, an open source tool, was used to build the application. Testing: After implementation, iTravel was tested and evaluated by users to check whether their requirements were fulfilled. If not, modifications were applied from the analysis phase, design, implementation, and testing. Testing was done to correct the results by applying user feedback. The main purpose of testing phase was to verify the acceptability and user satisfaction. Two types of testing were applied for this project comprising functional testing and user acceptance testing. Functional testing focused on the requirements whereas user acceptance testing applied to ensure iTravel meets the objectives of the project and to make sure users are satisfied. Delivery: In the delivery phase, iTravel was submitted for evaluation and grading purpose after application was improved in testing phase and it was error-free.
Summary This chapter focused on different types of information systems. O’Brien and Marakas’s information system classification is enhanced in this chapter by adding MfSSs. Furthermore, it provides different case studies to show system development for different types of information systems. Theses case studies can assist the readers to find the similarities between the concepts of this book and development processes for different type of information system.
References Easton, M. (1980). Batch throughput efficiency of ADCCP/HDLC/SDLC selective reject protocols. Communications, IEEE Transactions on, 28(2), 187e195. Keikhosrokiani, P., Mustaffa, N., Sarwar, M. I., & Zakaria, N. (2013). E-Torch: A mobile commerce location-based promotion system. The International Technology Management Review, 3(3), 140e159. LI, E. Y. (1990). Software testing in a system development process: A life cycle perspective. Journal of Systems Management, 41(8), 23e31.
267
268
CHAPTER 16 System development for different information systems
Mitropoulos, S., Othonos, C., & Douligeris, C. (2013). An effective and secure web banking system: Development and evaluation. International Journal of Business Information Systems, 12(3), 335e361. O’Brien, J. A., & Marakas, G. (2010). Management information systems (10th ed.). McGrawHill. Pozi, S. N. F. B. (2013). Travel guide in Malaysia mobile application (Bachelor). Universiti Teknologi PETRONAS. Satzinger, J. W., Jackson, R. B., & Burd, S. D. (2008). Systems analysis and design in a changing world. Boston: Course Technology, Cengage Learning. Walls, J. G., Widmeyer, G. R., & Sawy, O. A. E. (1992). Building an information system design theory for vigilant EIS.