Cis8100 Digital Enterprise: Implementation For Assessment Answer

SDLC Approach

The website for Toyman store will be developed and set up using the SDLC (Software Development Lifecycle) approach. There are many approaches and techniques that are present and the one that will be applicable in this case would be Iterative Waterfall Model for software development. The approach lists out the steps that will be followed in the site and these steps have been explained in the section below (Kaur, 2015).

SDLC Steps

System Planning and Analysis

The first step in the development of website for Toyman store will be planning and analysis of the system. Planning will be essential for determination and finalization of scope of the site and for deciding the budget and schedule as well (Cohen, 2010). There will be many requirements that will be present around the website which will be required to be studied and analyzed so that the website if designed as per the specifications. The requirements will be analyzed in this step.

System Design

Designing will be the stepping stone to the actual development activities that will be carried out for the website. This step will take inputs from the previous phase and there will be design principles that will be finalized according the requirements identified for the website. UI of the site is an important aspect for the customers and the experience that is provided to them. This step will therefore decide upon the design principles and system qualities to be maintained in the site (Mohankumar and Anand Kumar, 2016).

Building the System – System Development

Building the system will be initiated and completed in this phase as it will involve numerous activities and sub-activities. The design principles that will be finalized in the previous step along with the requirements that are identified in the first step will be used for this step. The source code for the site of Toyman store will be created in this step and there will also be a unit testing that will be carried out by the team of developers. There are scenarios wherein it is observed that there are defects present in the source code of the site which are rectified after running the unit test cases (Sabale, 2012).

System Testing

Testing of the website will be very important as it will be required to make sure that the specifications and requirements of the website are met. Also, it will be necessary to ensure that the system qualities in the website are ensured and maintained. There will be many system qualities such as performance, reliability, usability, availability, scalability; security etc. which will be necessary to maintain in the site. Testing process and activities will validate these qualities along with the functional aspects. There may be numerous defects that may be detected which will be logged during this step in the testing tool for defect reporting and management (Habib, 2014).

System Maintenance

Setting up of the website for Toyman store will not be done after the coding and implementation of the site. It will be required to maintain the site by running security and upgrade patches on the site after every interval. The step will include the execution of a number of security patches along with the study of the latest technology that is available. The site will be scaled up or scaled down as per the requirements and necessities in this step. This is the step which will be counted as the last step in the SDLC approach for web development. However, it will be an ongoing step that will be carried out for long so that the site performance does not drop at any time.

Mobile Web Presence

Mobile web presence of Toyman store will be essential so that the customer base is expanded and there are larger numbers of users that access the services. The presence on mobile platform will require analysis and involvement of numerous components.

Mobile OS

Users have been making use of a number of operating systems that are designed for mobile devices. Mobile web presence will be assured through mobile web site and mobile app for Toyman Store. These will be implemented and designed according to the mobile OS that are commonly in use such as Android, iOS and Windows. The application/site shall be compatible with these OS for mobile devices (Barolli, Hsu and Shibata, 2008).

Design of the Application

The design of a web site for desktops and computer systems is different from that of a mobile web site or mobile application. The primary difference lies in the navigation, layout and placement of elements because of the variation in screen sizes of the two types of devices. The following points shall be noted in this case.

• Navigation included in the mobile application shall be smooth and there shall not be too much of navigation involved.
• Simple layout shall be maintained in the application so that the user finds it easy to adapt to the same (N Inukollu et al., 2014).
• One of the prime requirements will be the consistency of the screens and the screen elements in the application in terms of color, layout and navigation.
• Colors used in the application shall also be kept simple. It shall be made sure that there is also personalization offered to the users by allowing them to change colors and set it as per their liking.

Mobile App Security

There will be a lot many issues that will be associated with the application that will be designed for Toyman Store to be implemented on the mobile platform (Vasileiadis, 2014). These issues will be related to the security concerns which will include the issues around security of the device and the issues around the security of the information present in the application. There may be loss of theft of the device which will put the device information at risk. There may also be attacks such as breaching, denial of service, networking attacks etc. that may be executed for impacting the confidentiality of the information.

It will therefore be required to maintain the security by execution of the countermeasures related with the same such as administrative checks and enhanced of technical controls.

Front end and Back end

The front end of the mobile application or site shall be created in a language that offers inter-operatibility and robustness such as JAVA. The coding may also be done in PHP programming language. For the back-end, it will be required to make use of a database engine that offers flexibility and abundant storage space. Also, it shall be compatible with the programming language that is used for the development of front end. All of these requirements will be fulfilled by MySQL database engine (Chen, 2016).

E-Commerce Security Environment 

Security Threats and Risks

The major threats that will be involved with the Toyman Store website will be associated with the security of the information present within the website. The information properties such as integrity and confidentiality will be affected by it. There may also be issues around the availability of the site because of these threats and attacks (Herrmann, 2004).

Computer and information networks will be used for offering the accessibility of the site to the users which will have numerous access points. A number of security risks will arise because of these networks and access points such as information breaching, network eavesdropping etc. The availability of the site may be affected due to denial of service attacks and other flooding attacks on the site (Stubblefield, Rubin and Wallach, 2005).

Security Steps and Measures

With the increase in number and types of security risks, there has also been an increase in the protective measures to deal with these risks.

The following steps shall be implemented on the site to fight against the security attacks.

• Administrative Controls

There will be five steps that will be taken in the setting up of the website for Toyman store that will include planning and analysis, design, building of the system, testing and maintenance. It will be required to monitor and review these tasks at frequent intervals so that the deviations associated with the site may be prevented. It will therefore be required to develop and implement enhanced policies to validate the activities related with the website by the administration of Toyman and its managers. Network shall also be reviewed timely to detect the attacks (Hein, Morozov and Saiedian, 2011).

• Logical Controls

The logical/technical controls that will be applicable to Toyman store have been listed below.

• Basic security of the site for Toyman store will be necessary to be improved to make sure that the access control, identity management and authentication is effectively done and latest measures in association with the same are adopted (Schaupp, 2010).
• Automation shall be brought in use by making use of and implementing the tools and packages related with anti-malware and anti-denial services.
• The information present in the website of Toyman store shall be encrypted to enhance its security.
• Data backups shall be taken so that the information is always protected. Also, there shall be disaster recovery plans and controls set up in advance (Changchit, 2011).

Use and adaptation of the above suggested measures will be extremely necessary to prevent the security issues related with the website of Toyman store. Timely detection will lead to minimization of the probable damage and the use of measures such as encryption will also control the damage that may be caused. If these occurrences repeat themselves over and over again, the engagement of the site with the customers will be poorly affected. It will therefore be required that the same is avoided under all the circumstances.

Information Privacy in Social Media

Social media and its use has become a necessity in the current architecture and web services that are provided by the business organizations. There are several advantages that are offered by the use and application of social media. However, there are also certain defects and risks that may come up (Chung, 2016).

Problems to Customers

• Hackers usually introduce malicious and malignant URLs on the social media channels which are used and accessed by the users and it leads to triggering of malware or breaching of information by the attackers (Montaquila and Godwin, 2016).
• Location based services are used by the users on the social media accounts for posting and sharing of information. The location may be tracked and there may be harm caused to the user (Rosenblum, 2007).
• User patterns, choices, preferences and likes shall be noted down by the hackers which may be misused to cause trouble to the user (Hazari and Brown, 2013).

There may also be a number of issues for the organization as the competitors may gain a lot of information from the social media channels and accounts which may be misused.

Steps to Follow by the Organization

• Toyman store and the associates that are related with it shall make sure that the information that is posted on the social media accounts and channels is always restricted. The restriction may be applied according to the type of information and the same will lead to avoidance of many risks and breaching of information.
• The users shall be made aware of the risks and attacks that may be executed and the steps that the users shall take from their ends to avoid any of such occurrences (Zhang, 2016).
• Social media accounts that are set up shall be free from any type of the malware attacks and shall therefore make use of anti-malware packages.
• The employees that work with Toyman store shall be given ethical trainings so that they may not misuse the privileges that are granted to them. Also, they shall be made aware of the probable outcomes that may occur with the tampering of the information.

Toyman store will be able to gain a lot with the implementation of the social media channels in its architecture. It is because of the reason that the social media channels will allow the store to reach out to maximum number of people. Also, it will provide an opportunity to the organization to study about the choices and preferences of the users so that the strategies and policies may be accordingly designed and setup (Qi and Edgar-Nevill, 2011). It will be required to pay attention to the numerous issues so that the benefits that are possible and probable in association with the social media are yielded completely and there are no losses or damages caused in between.

Conclusion and Recommendations

E-commerce is an industry that has been expanding and flourishing at a rapid speed. Toyman store is an organization that has only web presence as the form of conducting business and does not have an offline store or set-up. It will be required to make sure that the strategies are developed in such a manner that the site is reached out to maximum number of people. Also, it shall be ensured that the site has the adequate security features and policies to maintain the security infrastructure.

It is recommended that the mobile web presence is included for Toyman store at an immediate basis because there are more number of users that prefer mobile sites and applications that may run on mobile devices instead of the ones that may access the same on desktops. In order to increase the customer base, it will be essential that the mobile web presence is quickly done. Security is one of the prime concerns that are present in the Toyman store’s website which shall be resolved and taken care of by following the adequate principles and practices to control the security occurrences. Use of encryption in the web site along with the mobile site or application shall be must.

References

Barolli, L., Hsu, H. and Shibata, Y. (2008). Mobile Systems and Applications. Mobile Information Systems, 4(2), pp.77-79.

Changchit, C. (2011). Security Systems Framework, Security-Related Research, Web Threats. Journal of Information Privacy and Security, 7(4), pp.1-2.

Chen, C. (2016). Cognition and Cooperation in Advanced Wireless and Mobile Information Systems. Mobile Information Systems, 2016, pp.1-2.

Chung, W. (2016). Social media analytics: Security and privacy issues. Journal of Information Privacy and Security, 12(3), pp.105-106.

Cohen, S. (2010). A Software System Development Life Cycle Model for Improved Stakeholders’ Communication and Collaboration. International Journal of Computers Communications & Control, 5(1), p.20.

Habib, B. (2014). Relationship between the System Development Life Cycle and Software Quality Criterions for Achieving a Quality Software Product. International Journal of Computer Applications, 104(10), pp.17-23.

Hazari, S. and Brown, C. (2013). An Empirical Investigation of Privacy Awareness and Concerns on Social Networking Sites. Journal of Information Privacy and Security, 9(4), pp.31-51.

Hein, D., Morozov, S. and Saiedian, H. (2011). A survey of client-side Web threats and counter-threat measures. Security and Communication Networks, 5(5), pp.535-544.

Herrmann, G. (2004). Introduction: Security and Trust in Electronic Commerce. Electronic Commerce Research, 4(1/2), pp.5-7.

Kaur, A. (2015). Suitability of Existing Software Development Life Cycle (SDLC) in Context of Mobile Application Development Life Cycle (MADLC). International Journal of Computer Applications, 116(19), pp.1-6.

Mohankumar, M. and Anand Kumar, M. (2016). Green based Software Development Life Cycle Model for Software Engineering. Indian Journal of Science and Technology, 9(32).

Montaquila, J. and Godwin, C. (2016). Personnel security and open source intelligence: Employing social media analytics in pre-employment screening and selection. Journal of Information Privacy and Security, 12(3), pp.145-159.

N Inukollu, V., Keshamon, D., Kang, T. and Inukollu, M. (2014). Factors Influncing Quality of Mobile Apps: Role of Mobile App Development Life Cycle. International Journal of Software Engineering & Applications, 5(5), pp.15-34.

Qi, M. and Edgar-Nevill, D. (2011). Social networking searching and privacy issues. Information Security Technical Report.

Rosenblum, D. (2007). What Anyone Can Know: The Privacy Risks of Social Networking Sites. IEEE Security & Privacy Magazine, 5(3), pp.40-49.

Sabale, R. (2012). Comparative Study of Prototype Model For Software Engineering With System Development Life Cycle. IOSR Journal of Engineering, 02(07), pp.21-24.

Schaupp, L. (2010). Web Site Success: Antecedents of Web Site Satisfaction and Re-use. Journal of Internet Commerce, 9(1), pp.42-64.

Stubblefield, A., Rubin, A. and Wallach, D. (2005). Managing the Performance Impact of Web Security. Electronic Commerce Research, 5(1), pp.99-116.

Vasileiadis, A. (2014). Security Concerns and Trust in the Adoption of M-Commerce. Social Technologies, 4(1), pp.179-191.

Zhang, J. (2016). Exploring the Effects of the Privacy-Handling Management Styles of Social Networking Sites on User Satisfaction: A Conflict Management Perspective. Decision Sciences.