Info Integration 
NSW Schools
Maths
Science
Documentation
Efficiency
Media
Databases
E-commerce
Reporting
Reviews
Data
Simulation
Maths
Computing
Encoding
 

Printer Version of Page

Information Integration

Databases, E-commerce, Reporting & Security

  • System Development
  • Databases
  • E-commerce
    • Standard Accounting Transactions
    • Real Time Transactions
  • Reporting
  • Security

It is of paramount importance that systems must:

  • Meet core information requirements and critical performance criteria
    • Fast
    • Flexible
    • Interchangeable
    • Scalable
    • Simple to Use
  • Be documented and managed
  • Be Cost Effective

System Development

There are examples of sophisticated information management systems which lack commercial justification for the investment required to develop them. It is also well known that any attempt to develop "complete" and comprehensive information systems entails considerable risk of failure. Gilb has discussed alternative development methodologies and suggests that development should proceed via an evolutionary approach (Principles of Software Engineering Management. ISBN: 0201192462 Publisher: Addison Wesley Longman, Inc. Pub. Date: June 1988).

The key stake-holders core information requirements and critical performance attributes must be be identified. A system which meets these requirements should be developed and implemented first and then used as the basis for further developments.

The development and implementation of information systems via an inherently iterative process, which focuses on content and mandatory functionality rather than feature rich systems, can yield very effective systems which meet user's needs as they evolve over time. The recommended systems development strategy is therefore based on an evolutionary process and involves:

  • identifying the information required to render acceptable system output
  • integrating the information into an appropriate content delivery system (which may be quite simple)
  • testing the concepts on real content in an interactive and realistic manner
  • building prototype applications only on the basis of an initially specified information model and functional requirements based on stake-holder requirements and user experience

Databases

The Structured Query Language (SQL) is an ANSI standard (ANSI SQL92) method facilitating communication with relational databases. SQL uses expressions derived from a reserved list of english words to manipulate and store data. Since SQL is a standard query language many relational database management systems use it, including:
  • MySQL
  • Oracle
  • Microsoft SQL Server
  • Access
  • Sybase
  • Postgres
  • Ingres

The steps in creating and interfacing with an Internet accessible database involve:

  • Database Design
    - Deciding where to put appropriate information in tables, columns & fields
  • Connecting to the database server
  • Creating the database space on the database server
    - Achieved by declaring a name for the individual database on the server
  • Creating the tables with their appropriate column headings
    - As specified in the database design, for the database
  • Inputting the information (or data) to the tables
  • Querying the database and presenting the results obtained
  • Editing and updating the information contained within the database

E-commerce

Businesses have a variety of E-commerce requirements from the relatively simple to quite complex.

... Since transactions, not technology, are the cornerstone of business activity, businesses should use the simplest online commerce strategy that fulfills their requirements.

Standard Accounting Transactions

  • Some businesses require only an online presence and have no need to support online transactions in any form
  • Some businesses may have an extensive online presence in the form of a database driven user interactive website. For some of these businesses, who deliver to customers directly and bill at time of delivery, either via Cash, Eftpos, Visa, Cheque or other means, it may be sufficient for the business to be able to issue an HTML copy of an Invoice Statement or Bill. Beyond this internet based transaction facilities are generally not required for these businesses.
  • Business who deal with physical goods should not conduct live transactions since they have no way of guaranteeing that they can actually dispatch or manufacture goods to meet a customers requirements at the time of order. Consequently, businesses dealing with physical goods, should accept credit card details, via an encrypted communication channel, and process the transaction using their normal accounting system only when they can guarantee delivery of goods to the customer.

Real Time Transactions

Businesses who provide on-line services or have sophisticated booking and inventory control systems may wish to process credit-card transactions in real time, allowing them to immediately allocate services to customers.

  • To conduct live transactions it is necessary to establish or access a merchant server.
  • A large number of invalid credit card numbers are submitted to certain sites, for these sites, it a good idea to implement a credit card validation routine. This can be done using the Mod 10 algorithm and PHP's object oriented features to create a credit card storage and validation class. In addition to the Mod 10 algorithm, credit card numbers must satisfy a number of formatting rules:
    • American Express: Must have a prefix of 34 or 37, and must be 15 digits in length.
    • Diners Club: Must have a prefix of 300 to 305, 36, or 38, and must be 14 digits in length.
    • Mastercard: Must have a prefix of 51 to 55, and must be 16 digits in length.
    • Visa: Must have a prefix of 4, and must be either 13 or 16 digits in length.

    An extensive article Creating a Credit Card Validation Class With PHP (Mitchell Harper) describes how to do this. The article is available from:

  • Processing live transactions from a valid credit card can be easily accomplished using any of a number of commercial merchant servers designed specifically to support Internet Transactions. Examples include:

Reporting

Online data reporting and management facilities can

  • Establish a clients (or users) identity (Authentication)
  • Obtain and process a list of client submissions and or data input
  • Confirm the clients submissions to them
  • Email the clients submissions to the client, appropriate system administrators and other interested parties
  • Record the clients submissions on an internet database server

There are diverse applications for such systems including:

  • Reporting Environmental Information
  • Logging Service Calls
  • Storing and distributing qualified patient information between authorised parties such as:
    • Legal Representatives,
    • Case Managers and
    • Consultant Physicians
    • Medical & Social Researchers

Security

A number of organisations widely and falsely publicize their Internet facilities as being "completely" and or "totally" secure. However, it is important to remember that:

  • The Internet carries and disseminates Public Information;
  • An Internet site is only as secure as the host on which it runs; and that
  • Claims of total system security are always illusionary.

Most significant security issues are centered around:

  • Interception of sensitive data transmission (pass words, credit card numbers, logon account details, etc)
  • Unauthorised hackers subverting the Web Servers security system either by exploiting bugs in its executable scripts or obtaining unauthorised access by other means.
Inline Image - Go To www.precisioninfo.com