Cloud Security and SDLC Models
VerifiedAdded on 2020/03/16
|12
|2461
|34
AI Summary
The assignment examines the intersection of cloud computing security and software development methodologies. It delves into the unique security risks associated with cloud environments and analyzes how various SDLC models, such as Waterfall, V-Model, Agile, and Scrum, address these challenges. The document also considers the role of non-functional requirements in ensuring robust security within cloud-based applications. Specific focus is given to hybrid cloud approaches and their implications for data security and privacy.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: SYSTEM ANALYSIS AND DESIGN
System Analysis and Design
Name of the Student
Name of the University
Author Note
System Analysis and Design
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
SYSTEM ANALYSIS AND DESIGN
Table of Contents
1. Introduction......................................................................................................................3
2. The non-functional Requirements of the system.............................................................3
2.1. Functionality.............................................................................................................3
2.2. Usability....................................................................................................................4
2.3. Reliability.................................................................................................................4
2.4. Performance..............................................................................................................4
2.5. Security.....................................................................................................................4
3. Functional Requirements Vs the Non-functional Requirements of the system...............5
4. The cloud Environment Chosen: Hybrid cloud...............................................................5
4.1. Strength of Hybrid cloud environment.....................................................................6
4.2. Weakness of the Hybrid cloud..................................................................................6
5. SDLC Approach, Predictive or Adaptive........................................................................7
5.1. Predictive SDLC Approach......................................................................................7
5.1.1. Pros....................................................................................................................8
5.1.2 Cons....................................................................................................................8
5.2. Adaptive SDLC Approach........................................................................................8
5.2.1. Pros....................................................................................................................9
5.2.2. Cons...................................................................................................................9
6. Conclusion.......................................................................................................................9
SYSTEM ANALYSIS AND DESIGN
Table of Contents
1. Introduction......................................................................................................................3
2. The non-functional Requirements of the system.............................................................3
2.1. Functionality.............................................................................................................3
2.2. Usability....................................................................................................................4
2.3. Reliability.................................................................................................................4
2.4. Performance..............................................................................................................4
2.5. Security.....................................................................................................................4
3. Functional Requirements Vs the Non-functional Requirements of the system...............5
4. The cloud Environment Chosen: Hybrid cloud...............................................................5
4.1. Strength of Hybrid cloud environment.....................................................................6
4.2. Weakness of the Hybrid cloud..................................................................................6
5. SDLC Approach, Predictive or Adaptive........................................................................7
5.1. Predictive SDLC Approach......................................................................................7
5.1.1. Pros....................................................................................................................8
5.1.2 Cons....................................................................................................................8
5.2. Adaptive SDLC Approach........................................................................................8
5.2.1. Pros....................................................................................................................9
5.2.2. Cons...................................................................................................................9
6. Conclusion.......................................................................................................................9
2
SYSTEM ANALYSIS AND DESIGN
7. References......................................................................................................................10
SYSTEM ANALYSIS AND DESIGN
7. References......................................................................................................................10
3
SYSTEM ANALYSIS AND DESIGN
1. Introduction
The organization headspace works with the mental ill health patients of 12 to 25 who
experience several problems due to depression and anxiety. The organization decided to develop
an information system that would store the patients’ data and information in the very first time it
is told. The primary aim of developing this system is the elimination of story retelling. A cloud
based environment is would be effective for the system implementation (Steele, Min & Lo,
2012). The report highlights a proper cloud environment that will be appropriate for the system
implementation along with the recommendation of a proper SDLC approach for project
implementation.
2. The non-functional Requirements of the system
The proper operation of the system is judged by specifying the non-functional
requirements of the system. Therefore, along with the functional requirements it is essential to
consider the non-functional requirements as well. The non-functional requirements identify the
different system requirements, interfaces and system constraints (Chung, Nixon & Mylopoulos,
2012). The different non-functional requirements that are identified for this project are discussed
in the section below-
2.1. Functionality
The system’s functionality is one major non-functional requirement of the system.
Maintaining a proper functionality of the system includes the non functional requirement of data
availability and scalability of the system. This is therefore a major non-functional requirement of
the system.
SYSTEM ANALYSIS AND DESIGN
1. Introduction
The organization headspace works with the mental ill health patients of 12 to 25 who
experience several problems due to depression and anxiety. The organization decided to develop
an information system that would store the patients’ data and information in the very first time it
is told. The primary aim of developing this system is the elimination of story retelling. A cloud
based environment is would be effective for the system implementation (Steele, Min & Lo,
2012). The report highlights a proper cloud environment that will be appropriate for the system
implementation along with the recommendation of a proper SDLC approach for project
implementation.
2. The non-functional Requirements of the system
The proper operation of the system is judged by specifying the non-functional
requirements of the system. Therefore, along with the functional requirements it is essential to
consider the non-functional requirements as well. The non-functional requirements identify the
different system requirements, interfaces and system constraints (Chung, Nixon & Mylopoulos,
2012). The different non-functional requirements that are identified for this project are discussed
in the section below-
2.1. Functionality
The system’s functionality is one major non-functional requirement of the system.
Maintaining a proper functionality of the system includes the non functional requirement of data
availability and scalability of the system. This is therefore a major non-functional requirement of
the system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
SYSTEM ANALYSIS AND DESIGN
2.2. Usability
The system usability is another significant non-functional requirement of the system. The
usability of the system can be increased by incorporation of simple easy and interactive interface
of the system. Simple interface increases the usability and in turn enhances the performance of
the system. Therefore, it can be considered as a major non-functional requirement of system
implementation.
2.3. Reliability
The project is undertaken to develop a system that would store the data of the mental ill
patients. This data is very sensitive and therefore the system should be reliable enough to store
such sensitive data. Reliability is therefore considered as a primary non-functional requirement
of the system. The presence of a data recovery option will help in increasing the reliability of the
system.
2.4. Performance
Effective system performance is another important non-functional requirement for the
system. The performance of the system includes the data availability and flexibility as the major
non-functional requirement of the system. Proper performance of this system will help in
evaluating the system on basis of its objectives and effectiveness.
2.5. Security
This is a primary non-functional requirement of the system considering the nature of the
data that will be stored into the system. Maintaining the data confidentially is a primary aspect of
this project and therefore proper security measures are needed to be taken (Kulkarni et al., 2012).
SYSTEM ANALYSIS AND DESIGN
2.2. Usability
The system usability is another significant non-functional requirement of the system. The
usability of the system can be increased by incorporation of simple easy and interactive interface
of the system. Simple interface increases the usability and in turn enhances the performance of
the system. Therefore, it can be considered as a major non-functional requirement of system
implementation.
2.3. Reliability
The project is undertaken to develop a system that would store the data of the mental ill
patients. This data is very sensitive and therefore the system should be reliable enough to store
such sensitive data. Reliability is therefore considered as a primary non-functional requirement
of the system. The presence of a data recovery option will help in increasing the reliability of the
system.
2.4. Performance
Effective system performance is another important non-functional requirement for the
system. The performance of the system includes the data availability and flexibility as the major
non-functional requirement of the system. Proper performance of this system will help in
evaluating the system on basis of its objectives and effectiveness.
2.5. Security
This is a primary non-functional requirement of the system considering the nature of the
data that will be stored into the system. Maintaining the data confidentially is a primary aspect of
this project and therefore proper security measures are needed to be taken (Kulkarni et al., 2012).
5
SYSTEM ANALYSIS AND DESIGN
Data encryption is therefore considered as a primary non-functional requirement in this case that
will prevent the use and access to an unauthorized person.
3. Functional Requirements Vs the Non-functional Requirements of the system
Keeping in mind the sensitivity of the data to be stored and the objective of the project
the functional requirement identified for the project includes authentication, which will help in
limiting the access of the data only to the authorized person. Defining the authorization level of
the system will further help in limiting the access to the system. This is related to the non-
functional requirement of security and encryption. Encryption of data will definitely help in
limiting the data access only to the candidates registered to use this system (Pearce &
Bainbridge, 2014). The inclusion of summary statement and report button includes the functional
requirement of the system, which corresponds, to the non-functional requirement of performance
and usability. Therefore, it is essential to consider both the functional and non functional
requirement of the system in order to develop and implement a system for proper use and
access.
4. The cloud Environment Chosen: Hybrid cloud
Headspace is considering a cloud-based solution to implement this system. Therefore, the
cloud environment that is recommended for the project is hybrid cloud. Hybrid cloud
environment is chosen out of all the alternatives present because it is appropriate for
implementing the project, “My Health record System”. The limitation of public cloud is that it is
less secure and very vulnerable to attacks. This solution is therefore not considered in this case as
the primary aim of the system is the storage and protection of the data confidentiality. The public
SYSTEM ANALYSIS AND DESIGN
Data encryption is therefore considered as a primary non-functional requirement in this case that
will prevent the use and access to an unauthorized person.
3. Functional Requirements Vs the Non-functional Requirements of the system
Keeping in mind the sensitivity of the data to be stored and the objective of the project
the functional requirement identified for the project includes authentication, which will help in
limiting the access of the data only to the authorized person. Defining the authorization level of
the system will further help in limiting the access to the system. This is related to the non-
functional requirement of security and encryption. Encryption of data will definitely help in
limiting the data access only to the candidates registered to use this system (Pearce &
Bainbridge, 2014). The inclusion of summary statement and report button includes the functional
requirement of the system, which corresponds, to the non-functional requirement of performance
and usability. Therefore, it is essential to consider both the functional and non functional
requirement of the system in order to develop and implement a system for proper use and
access.
4. The cloud Environment Chosen: Hybrid cloud
Headspace is considering a cloud-based solution to implement this system. Therefore, the
cloud environment that is recommended for the project is hybrid cloud. Hybrid cloud
environment is chosen out of all the alternatives present because it is appropriate for
implementing the project, “My Health record System”. The limitation of public cloud is that it is
less secure and very vulnerable to attacks. This solution is therefore not considered in this case as
the primary aim of the system is the storage and protection of the data confidentiality. The public
6
SYSTEM ANALYSIS AND DESIGN
cloud is however a very cost effective solution but cannot be considered in this case (AlZain et
al., 2012).
The private cloud could have been considered in this case but is not used for this project
due to its limitation of data access only in a particular network. This would therefore act as a
problem if the patient visits some other professional.
Considering all these limitations, it is recommended for the organization to opt for the
hybrid cloud solution for system implementation (Galibus & Vissia, 2015). The strength and
weakness of the hybrid cloud environment are elaborated in the following section.
4.1. Strength of Hybrid cloud environment
The advantages of the organization in employing a hybrid cloud environment for
implementation of this project are listed below-
1. The major advantage of employing the system in a hybrid cloud environment is that it
provides adequate security for safeguarding the confidential data of the system (Li et al., 2015).
2. The cost of implementation of hybrid cloud is less than that of the private cloud as the
public zone of the hybrid cloud can be leveraged from a third party service provider. This
therefore enables a cot effective solution (Li et al., 2013). The leveraging of the public cloud will
however require adequate security measures
4.2. Weakness of the Hybrid cloud
The weaknesses of the hybrid cloud environment are listed below-
SYSTEM ANALYSIS AND DESIGN
cloud is however a very cost effective solution but cannot be considered in this case (AlZain et
al., 2012).
The private cloud could have been considered in this case but is not used for this project
due to its limitation of data access only in a particular network. This would therefore act as a
problem if the patient visits some other professional.
Considering all these limitations, it is recommended for the organization to opt for the
hybrid cloud solution for system implementation (Galibus & Vissia, 2015). The strength and
weakness of the hybrid cloud environment are elaborated in the following section.
4.1. Strength of Hybrid cloud environment
The advantages of the organization in employing a hybrid cloud environment for
implementation of this project are listed below-
1. The major advantage of employing the system in a hybrid cloud environment is that it
provides adequate security for safeguarding the confidential data of the system (Li et al., 2015).
2. The cost of implementation of hybrid cloud is less than that of the private cloud as the
public zone of the hybrid cloud can be leveraged from a third party service provider. This
therefore enables a cot effective solution (Li et al., 2013). The leveraging of the public cloud will
however require adequate security measures
4.2. Weakness of the Hybrid cloud
The weaknesses of the hybrid cloud environment are listed below-
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7
SYSTEM ANALYSIS AND DESIGN
1. The presence of the public and the private cloud although offers increasing benefits,
the data movement from public to private zone or vice versa can be targeted by an attacker. This
may further lead to data theft and failure of maintenance of data confidentiality.
2. The initial cost of implementation of this system is generally high (Chen & Zhao,
2012).
Therefore, it is recommended for Headspace to use hybrid cloud solution for this project.
This would help in providing a secure platform for data storage and access of data. It provides a
cost effective solution for the organization as well.
5. SDLC Approach, Predictive or Adaptive
Software development lifecycle or SDLC is required to analyze and plan the different
phases and the timeline of the project. A project of software implementation generally consists of
phases such as planning, feasibility study, and system testing and so on. The software
development life cycle helps in estimating the course and requirements of a project. The two
project development life cycle, predictive and adaptive SDLC are discussed in the following
paragraphs.
5.1. Predictive SDLC Approach
Predictive SDLC approach follows the course of waterfall model of the project
management. In this approach, the entire project starting from its initiation to the closure is
determined and the beginning stages of the project. The major advantage of this approach is that
the entire project undergoes a planned approach of project management. This approach is
however, feasible only if the scope and the requirements of the project is clear (Tuteja & Dubey,
SYSTEM ANALYSIS AND DESIGN
1. The presence of the public and the private cloud although offers increasing benefits,
the data movement from public to private zone or vice versa can be targeted by an attacker. This
may further lead to data theft and failure of maintenance of data confidentiality.
2. The initial cost of implementation of this system is generally high (Chen & Zhao,
2012).
Therefore, it is recommended for Headspace to use hybrid cloud solution for this project.
This would help in providing a secure platform for data storage and access of data. It provides a
cost effective solution for the organization as well.
5. SDLC Approach, Predictive or Adaptive
Software development lifecycle or SDLC is required to analyze and plan the different
phases and the timeline of the project. A project of software implementation generally consists of
phases such as planning, feasibility study, and system testing and so on. The software
development life cycle helps in estimating the course and requirements of a project. The two
project development life cycle, predictive and adaptive SDLC are discussed in the following
paragraphs.
5.1. Predictive SDLC Approach
Predictive SDLC approach follows the course of waterfall model of the project
management. In this approach, the entire project starting from its initiation to the closure is
determined and the beginning stages of the project. The major advantage of this approach is that
the entire project undergoes a planned approach of project management. This approach is
however, feasible only if the scope and the requirements of the project is clear (Tuteja & Dubey,
8
SYSTEM ANALYSIS AND DESIGN
2012). This is because, these two criteria are required for project planning. The pros and cons of
using a predictive SDLC approach in development of the system are discussed below-
5.1.1. Pros
The major advantages of using a predictive approach for system implementation are as
follows –
1. The project follows a planned approach and therefore there is very little or negligible
chances of project failure.
2. The chances of budget or schedule revision are very less in this project and therefore
this would be beneficial for the organization to implement this project.
3. The project is completed in the scheduled time.
5.1.2 Cons
The disadvantages of using the predictive SDLC approach in the system implementation
are discussed below-
1. The project modification is impossible in this approach. This is because the entire
project is planned at the project initiation.
2. Feedback path is absent in predictive SDLC approach.
5.2. Adaptive SDLC Approach
The adaptive SDLC approach is very different from the predictive approach. This is
because in this approach, there is no need of planning the entire project at the beginning, instead
SYSTEM ANALYSIS AND DESIGN
2012). This is because, these two criteria are required for project planning. The pros and cons of
using a predictive SDLC approach in development of the system are discussed below-
5.1.1. Pros
The major advantages of using a predictive approach for system implementation are as
follows –
1. The project follows a planned approach and therefore there is very little or negligible
chances of project failure.
2. The chances of budget or schedule revision are very less in this project and therefore
this would be beneficial for the organization to implement this project.
3. The project is completed in the scheduled time.
5.1.2 Cons
The disadvantages of using the predictive SDLC approach in the system implementation
are discussed below-
1. The project modification is impossible in this approach. This is because the entire
project is planned at the project initiation.
2. Feedback path is absent in predictive SDLC approach.
5.2. Adaptive SDLC Approach
The adaptive SDLC approach is very different from the predictive approach. This is
because in this approach, there is no need of planning the entire project at the beginning, instead
9
SYSTEM ANALYSIS AND DESIGN
the project deliverables of each phase is determined (Balaji & Murugaiyan, 2012). The pro and
cons of using SDLC approach are discussed below-
5.2.1. Pros
1. The presence of thorough testing procedure and feedback path helps in development of
a perfect product.
2. The possibility of project modification according to customer’s feedback is another
advantage of this system.
5.2.2. Cons
1. Maintaining a proper project schedule is impossible.
2. Cost of implementation is high.
Therefore it is recommended for headspace to use the predictive approach of SDLC as
the size of the project is small and the project is urgent (Mahalakshmi & Sundararajan, 2013).
6. Conclusion
Therefore from the above discussion, it can be concluded that the organization headspace
can implement this project in a hybrid cloud environment, keeping in mind the non-functional
requirements identified for the project. The report discusses the different SDLC approaches and
suggests one approach for this project.
SYSTEM ANALYSIS AND DESIGN
the project deliverables of each phase is determined (Balaji & Murugaiyan, 2012). The pro and
cons of using SDLC approach are discussed below-
5.2.1. Pros
1. The presence of thorough testing procedure and feedback path helps in development of
a perfect product.
2. The possibility of project modification according to customer’s feedback is another
advantage of this system.
5.2.2. Cons
1. Maintaining a proper project schedule is impossible.
2. Cost of implementation is high.
Therefore it is recommended for headspace to use the predictive approach of SDLC as
the size of the project is small and the project is urgent (Mahalakshmi & Sundararajan, 2013).
6. Conclusion
Therefore from the above discussion, it can be concluded that the organization headspace
can implement this project in a hybrid cloud environment, keeping in mind the non-functional
requirements identified for the project. The report discusses the different SDLC approaches and
suggests one approach for this project.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
SYSTEM ANALYSIS AND DESIGN
7. References
AlZain, M. A., Pardede, E., Soh, B., & Thom, J. A. (2012, January). Cloud computing security:
from single to multi-clouds. In System Science (HICSS), 2012 45th Hawaii International
Conference on (pp. 5490-5499). IEEE.
Balaji, S., & Murugaiyan, M. S. (2012). Waterfall vs. V-Model vs. Agile: A comparative study
on SDLC. International Journal of Information Technology and Business Management,
2(1), 26-30.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chung, L., Nixon, B. A., Yu, E., & Mylopoulos, J. (2012). Non-functional requirements in
software engineering (Vol. 5). Springer Science & Business Media.
Galibus, T., & Vissia, H. E. R. M. (2015). Cloud storage security. Proc NSCE, 2014, 123-127.
Jain, A. K., & Nandakumar, K. (2012). Biometric Authentication: System Security and User
Privacy. IEEE Computer, 45(11), 87-92.
Kulkarni, G., Gambhir, J., Patil, T., & Dongare, A. (2012, June). A security aspects in cloud
computing. In Software Engineering and Service Science (ICSESS), 2012 IEEE 3rd
International Conference on (pp. 547-550). IEEE.
Li, J., Li, Y. K., Chen, X., Lee, P. P., & Lou, W. (2015). A hybrid cloud approach for secure
authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5),
1206-1216.
SYSTEM ANALYSIS AND DESIGN
7. References
AlZain, M. A., Pardede, E., Soh, B., & Thom, J. A. (2012, January). Cloud computing security:
from single to multi-clouds. In System Science (HICSS), 2012 45th Hawaii International
Conference on (pp. 5490-5499). IEEE.
Balaji, S., & Murugaiyan, M. S. (2012). Waterfall vs. V-Model vs. Agile: A comparative study
on SDLC. International Journal of Information Technology and Business Management,
2(1), 26-30.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chung, L., Nixon, B. A., Yu, E., & Mylopoulos, J. (2012). Non-functional requirements in
software engineering (Vol. 5). Springer Science & Business Media.
Galibus, T., & Vissia, H. E. R. M. (2015). Cloud storage security. Proc NSCE, 2014, 123-127.
Jain, A. K., & Nandakumar, K. (2012). Biometric Authentication: System Security and User
Privacy. IEEE Computer, 45(11), 87-92.
Kulkarni, G., Gambhir, J., Patil, T., & Dongare, A. (2012, June). A security aspects in cloud
computing. In Software Engineering and Service Science (ICSESS), 2012 IEEE 3rd
International Conference on (pp. 547-550). IEEE.
Li, J., Li, Y. K., Chen, X., Lee, P. P., & Lou, W. (2015). A hybrid cloud approach for secure
authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5),
1206-1216.
11
SYSTEM ANALYSIS AND DESIGN
Li, Q., Wang, Z. Y., Li, W. H., Li, J., Wang, C., & Du, R. Y. (2013). Applications integration in
a hybrid cloud computing environment: Modelling and platform. Enterprise Information
Systems, 7(3), 237-271.
Mahalakshmi, M., & Sundararajan, M. (2013). Traditional SDLC Vs Scrum Methodology–A
Comparative Study. International Journal of Emerging Technology and Advanced
Engineering, 3(6), 192-196.
Pearce, C., & Bainbridge, M. (2014). A personally controlled electronic health record for
Australia. Journal of the American Medical Informatics Association, 21(4), 707-713.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Steele, R., Min, K., & Lo, A. (2012). Personal health record architectures: technology
infrastructure implications and dependencies. Journal of the Association for Information
Science and Technology, 63(6), 1079-1091.
Tuteja, M., & Dubey, G. (2012). A research study on importance of testing and quality assurance
in software development life cycle (SDLC) models. International Journal of Soft
Computing and Engineering (IJSCE), 2(3), 251-257
SYSTEM ANALYSIS AND DESIGN
Li, Q., Wang, Z. Y., Li, W. H., Li, J., Wang, C., & Du, R. Y. (2013). Applications integration in
a hybrid cloud computing environment: Modelling and platform. Enterprise Information
Systems, 7(3), 237-271.
Mahalakshmi, M., & Sundararajan, M. (2013). Traditional SDLC Vs Scrum Methodology–A
Comparative Study. International Journal of Emerging Technology and Advanced
Engineering, 3(6), 192-196.
Pearce, C., & Bainbridge, M. (2014). A personally controlled electronic health record for
Australia. Journal of the American Medical Informatics Association, 21(4), 707-713.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Steele, R., Min, K., & Lo, A. (2012). Personal health record architectures: technology
infrastructure implications and dependencies. Journal of the Association for Information
Science and Technology, 63(6), 1079-1091.
Tuteja, M., & Dubey, G. (2012). A research study on importance of testing and quality assurance
in software development life cycle (SDLC) models. International Journal of Soft
Computing and Engineering (IJSCE), 2(3), 251-257
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.