ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

Cloud Computing Security and SDLC

Verified

Added on  2020/03/16

|13
|2764
|377
AI Summary
This assignment delves into the crucial topic of cloud computing security, examining the vulnerabilities and threats associated with cloud environments. It further analyzes different software development life cycle (SDLC) models, such as Waterfall, V-Model, and Agile, highlighting their strengths and weaknesses in addressing security considerations during development. The analysis will encompass data security, privacy protection, authentication mechanisms, and the role of testing and quality assurance in ensuring secure software applications within cloud platforms.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: SYSTEM ANALYSIS
System Analysis
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
SYSTEM ANALYSIS
Table of Contents
1. Introduction......................................................................................................................3
2. The Non-functional requirement of the system...............................................................3
2.1. Functionality.................................................................................................................3
2.2. Usability........................................................................................................................4
2.3. Reliability.................................................................................................................4
2.4. Performance..............................................................................................................4
2.5. Security.....................................................................................................................4
3. Functional Requirements of the System Vs Non-functional Requirements....................5
4. Cloud based Solution: Hybrid Cloud...............................................................................5
4.1. Hybrid Cloud Environment: Strength.......................................................................6
4.2. Hybrid Cloud Environment: Weakness....................................................................7
5. The chosen SLC Approach..............................................................................................7
5.1. Predictive Approach.................................................................................................8
5.1.1. Pros or Advantages of Predictive SDLC...........................................................8
5.1.2. Pros or Disadvantages of Predictive SDLC.......................................................9
5.2. Adaptive Approach...................................................................................................9
5.2.1. Pros or Advantages of Adaptive SDLC.............................................................9
5.2.2. Pros or Disadvantages of Adaptive SDLC........................................................9
6. Conclusion.....................................................................................................................10
Document Page
2
SYSTEM ANALYSIS
7. References......................................................................................................................11
Document Page
3
SYSTEM ANALYSIS
1. Introduction
Headspace is an organization that is currently working on implementation of an
information system named “My Health Record System”. The organization is considering a
cloud-based solution for this project. The report discusses the necessity of implementing the
system in a hybrid cloud environment along with the advantages and disadvantages of hybrid
cloud. The report further identifies the primary non-functional requirements of the system
keeping in mind the sensitive nature of data that is to be stored in the information system. The
report concludes with the suggested SDLC approach that would be best suited for the project
(Steele, Min & Lo, 2012).
2. The Non-functional requirement of the system
The non-functional requirements of a system deals with particular system attributes that
helps the system perform its optimal function. The non-functional requirements of the system
generally identify the critical system qualities, requirements and system constraints that should
be considered for project implementation. Therefore, it can be said that non-functional
requirements of a system has a large impact on project success. However it is essential to
consider both functional and non functional requirement of a system for ensuring project success.
The different non-functional requirement of the project according to the functionality, usability,
reliability performance and security are elaborated in the following paragraphs (Chung, Nixon &
Mylopoulos, 2012).
2.1. Functionality
The main criteria of identifying the non-functional requirements of the system are
measuring the functionality of the system. “My health Record System” is to be developed for

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4
SYSTEM ANALYSIS
storing the data of the mentally ill patients. Therefore, it is essential for the system to include an
option of accessing and updating the data from any device according to the convenience of the
user. Adaptability is one of the major functional requirements of the system.
2.2. Usability
Another major criterion for identifying the non-functional requirement of the system is
the system’s usability. The major non-functional requirement under usability is the ease of
learning the software. An easy interface can increase the usability of the software.
2.3. Reliability
The reliability of the system is another major consideration of system implementation.
Since the system will be implemented in a cloud environment, a backup and recovery option of
the data is an essential non-functional requirement of the system. This would not only make the
system reliable but also help in preserving the confidential data of the patients even on an
account of system failure.
2.4. Performance
The non-functional requirement essential for measuring the performance of the system is
its speed of processing data. The system should be flexible to be accessed from anywhere and
any device. This would enhance the performance level of the system to be developed.
2.5. Security
The data to be stored in the “My Health Record System” is sensitive and confidential and
therefore it is essential to ensure proper security of the software. The data stored should undergo
end to end encryption to ensure adequate protection. This would prevent any unauthorized
Document Page
5
SYSTEM ANALYSIS
person from accessing the health records. Only the users permitted for data access would be able
to view or modify the data stored into the system (Kulkarni et al., 2012).
3. Functional Requirements of the System Vs Non-functional Requirements
The functional requirement of the system estimates the expected function of the system
that is to be implemented. It is typically related with the product or the system features that
reflects the basic functionality of a system. Non-functional requirement however is slightly
different from the functional requirements of the system; as it addresses the qualities, a system
should possess in order to increase the efficiency of a system.
The Non-functional requirement related to the security can be compared with a primary
functional requirement of the system, which is authentication. Authentication is a primary
security approach of the system that limits the use and access of the data only to authorized
persons. Since the data to be stored is very sensitive, it is essential to include the non-functional
requirement of encryption in system implementation (Pearce & Bainbridge, 2014).
Therefore, it is very essential to consider both the functional and the non-functional
requirements of the system before the system implementation.
4. Cloud based Solution: Hybrid Cloud
Hybrid cloud is the best solution to be considered for the implementation of this sthi
system in a cloud environment. This is because the public cloud environment is not secure
enough and is more prone to attack. The data stored in a public cloud environment can be easily
accessed and therefore, it would be difficult to protect the confidentiality of the sensitive data of
the patients in this environment (AlZain et al., 2012). Although the cost of implementation of a
Document Page
6
SYSTEM ANALYSIS
public cloud is very low as compared to a private or a hybrid cloud environment, it cannot be
considered for this case.
Private cloud is very secured than public cloud and it is almost impossible to breach the
data stored in a private cloud. This is because, a separate internal network is used in case of
private cloud and the data access outside this network becomes almost impossible. This is the
primary disadvantage of this solution as well. Implementation of this system on a private cloud
would limit the access of data only to the organization, which conflicts with the primary
objective of this project. The project aims at elimination of the need of retelling the story every
time the patient visits a new professional. Implementations of this system in private cloud would
not allow a wide data access and therefore this cloud environment cannot be considered.
Hybrid cloud eliminates the limitation of both the public and private cloud environment
and therefore this cloud environment can be considered for system implementation. Hybrid cloud
environment is a combination of public and private cloud and allows the data access only to the
authorized person even outside the organization (Galibus & Vissia, 2015). The strength and
weaknesses of hybrid cloud environment are elaborated in the following paragraphs.
4.1. Hybrid Cloud Environment: Strength
The strength of implementing the information system “My Health Record System” are
listed below-
1. The hybrid cloud environment offers the benefits of both public and private cloud. In
this cloud environment, the streamlined benefits of both public and private cloud can be achieved
(Li et al., 2015)

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
7
SYSTEM ANALYSIS
2. It is a cost effective solution as well considering the money it requires to implement a
system in a private cloud environment. This is because the public cloud environment of the
hybrid cloud can be leveraged from a trusted third party source (Li et al., 2013).
4.2. Hybrid Cloud Environment: Weakness
The weaknesses of hybrid cloud and its effect in the system are discussed below-
1. Data moves in an out of the public and the private one of a hybrid cloud solution. An
attacker in fetching the confidential data of the system can target this movement of data.
Therefore, there is a minute security risk in the movement of data in and out of the different
cloud environment. Proper measures are needed to be taken to prevent the data loss.
2. The cost of implementation of the system in a hybrid cloud environment is
considerably more than that of a public cloud environment. However, considering the enhanced
security it offers in the hybrid cloud, it is effective to use a hybrid cloud environment for this
system (Chen & Zhao, 2012).
Therefore, it can be concluded that the use of a hybrid cloud environment can be
beneficial for the organization in this project implementation
5. The chosen SLC Approach
SDLC or software development life cycle divides the entire software development
lifetime into a number of phases, successful completion of which ensures a project’s success.
These phases are named as requirement analysis, feasibility study, project implantation , testing
and so on. The two software development approach, predictive and adaptive are discussed in the
following sections.
Document Page
8
SYSTEM ANALYSIS
5.1. Predictive Approach
The predictive approach of SDLC mainly defines the entire project life cycle during the
project initiation. This is only possible when the scope of the project is clear and the schedule of
the project is determined. The project deliverable is decided at the beginning of project
implementation and therefore a proper project plan is maintained for project execution (Tuteja &
Dubey, 2012). The project implementation follows this project plan during the entire project life
cycle. The pros and cons of the predictive software development life cycle approach are
elaborated below.
5.1.1. Pros or Advantages of Predictive SDLC
The pros of using predictive SDLC approach are listed below-
1. The scope of the project remains clear throughout the project execution and therefore
the process of project execution becomes simple as well. A proper project plan is maintained for
the project execution, which is followed throughout the implementation phase of the project.
2. The project requirements remain transparent throughout the project execution phase
and therefore it becomes easier to estimate the cost and schedule of the project. Another major
advantage of implementing this approach is that, it is possible to complete the project within the
set time following this approach.
3. The project progress and the process of implementation can be thoroughly tracked
throughout the entire project life cycle as it follows a planned approach.
4. Documentation control is one of the essential criteria of this approach as the predictive
SDLC is very similar to the waterfall model of the project methodology.
Document Page
9
SYSTEM ANALYSIS
5.1.2. Pros or Disadvantages of Predictive SDLC
The major disadvantages of predictive SDLC are listed below-
1) Since the entire project is planned at the beginning of the project, it becomes very
difficult to improvise the system during its execution.
2) Absence of feedback path makes it difficult to track the quality of the project and the
system thus implemented.
5.2. Adaptive Approach
The adaptive approach of SDLC is similar to the agile project development methodology.
The entire project is not planned during the project intitiation but the different deliverables of
each phase is ascertained. This type of approach is taken into consideration when the scope of
the project is not clear. The pros and cons of adaptive SDLC are discussed below (Balaji &
Murugaiyan, 2012).
5.2.1. Pros or Advantages of Adaptive SDLC
1. The project can be improvised in its execution phase as well
2. The presence of feedback path increases the perfctness of the sytem to be developed.
5.2.2. Pros or Disadvantages of Adaptive SDLC
1. The time requires to complete this time of project is generally high
2. The cost of implementation of project using adaptive SDLC is high

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
10
SYSTEM ANALYSIS
Therefore, it would be beneficial for Headspace to implement this project using predictive SDLC
as the size of the project is small (Mahalakshmi & Sundararajan, 2013).
6. Conclusion
Therefore, from the above discussion it can be concluded that Headspace should use
hybrid cloud environment for product implementation. The report identifies the recommended
SDLC approach and the non-functional requirements that should be considered in the project.
Document Page
11
SYSTEM ANALYSIS
7. References
AlZain, M. A., Pardede, E., Soh, B., & Thom, J. A. (2012, January). Cloud computing security:
from single to multi-clouds. In System Science (HICSS), 2012 45th Hawaii International
Conference on (pp. 5490-5499). IEEE.
Balaji, S., & Murugaiyan, M. S. (2012). Waterfall vs. V-Model vs. Agile: A comparative study
on SDLC. International Journal of Information Technology and Business Management,
2(1), 26-30.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chung, L., Nixon, B. A., Yu, E., & Mylopoulos, J. (2012). Non-functional requirements in
software engineering (Vol. 5). Springer Science & Business Media.
Galibus, T., & Vissia, H. E. R. M. (2015). Cloud storage security. Proc NSCE, 2014, 123-127.
Jain, A. K., & Nandakumar, K. (2012). Biometric Authentication: System Security and User
Privacy. IEEE Computer, 45(11), 87-92.
Kulkarni, G., Gambhir, J., Patil, T., & Dongare, A. (2012, June). A security aspects in cloud
computing. In Software Engineering and Service Science (ICSESS), 2012 IEEE 3rd
International Conference on (pp. 547-550). IEEE.
Li, J., Li, Y. K., Chen, X., Lee, P. P., & Lou, W. (2015). A hybrid cloud approach for secure
authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5),
1206-1216.
Document Page
12
SYSTEM ANALYSIS
Li, Q., Wang, Z. Y., Li, W. H., Li, J., Wang, C., & Du, R. Y. (2013). Applications integration in
a hybrid cloud computing environment: Modelling and platform. Enterprise Information
Systems, 7(3), 237-271.
Mahalakshmi, M., & Sundararajan, M. (2013). Traditional SDLC Vs Scrum Methodology–A
Comparative Study. International Journal of Emerging Technology and Advanced
Engineering, 3(6), 192-196.
Pearce, C., & Bainbridge, M. (2014). A personally controlled electronic health record for
Australia. Journal of the American Medical Informatics Association, 21(4), 707-713.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Steele, R., Min, K., & Lo, A. (2012). Personal health record architectures: technology
infrastructure implications and dependencies. Journal of the Association for Information
Science and Technology, 63(6), 1079-1091.
Tuteja, M., & Dubey, G. (2012). A research study on importance of testing and quality assurance
in software development life cycle (SDLC) models. International Journal of Soft
Computing and Engineering (IJSCE), 2(3), 251-257
1 out of 13
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]