Kudler Fine Foods ( KFF ) is a forte nutrient shop concatenation in California. Smith Systems Consulting ( SSC ) was contacted by KFF to develop a Frequent Shopper Program ( FSP ) . The FSP will be able to supervise client buying history and roll up the history as redeemable trueness points which clients can utilize for gift points and other merchandises or services available through external spouse companies. The Gross saless and Marketing page subdivision of KFF’s intranet site describes the strategic intent of the FSP. SSC will supply IT services and of class consulting. Some other things would be developmental solutions. beef uping. execution. IT integrating. analysis. and design ( Apollo Group. 2004 ) . Smith Consulting will besides subject a proposal to Kudlers that will detail the development processes of the FSP undertaking. This paper will name the project’s logical and physical theoretical accounts. this includes hardware. package. web. controls. database. and other development related tools. Logical and Physical Models
Logical and physical theoretical accounts are representations of the cardinal elements and procedures of a package development. The logical theoretical account describes the procedures. particularly informations. in every bit much item as possible. without giving respect to how the system will be physically implemented. Logical information theoretical accounts include entities and relationships among them and how informations flows from one procedure or entity to another. Representations of the cardinal elements and procedures of a package development is logical and physical theoretical accounts. A logical theoretical account will depict the procedures without giving respect as to how the system will be physically implemented in every bit much item as possible. A physical theoretical account is merely a modified version of the logical theoretical account. It is intended to work with a specific set of package and hardware constituents ( Hoberman. 2009 ) . Logical Model of the FSP In-Store Operation
The trade name new FSP will add alterations to bing maps within KFF operations. That means when a client initiates a dealing the teller will inquire if the client is a member of KFF FSP and/or if they would wish to be a member if they are presently non. If the client does non desire to be a member so the teller will continue with the check-out procedure but if they do so the client will be asked to make full out the appropriate application and the information will be entered into the system. If the client is already a member so their member’s card will be scanned and so the purchase will go on. Depending on his purchase forms and history. the FSP will publish price reductions and points to the client. The points and wagess information will be printed on the reception and given to the client. Figure 1 shows the low-level informations flow diagram of the proposed new system. which includes the basic procedures described above. The high-ranking informations flow diagram includes extra inside informations such as informations flow to and from databases. and how each database is designed with specific tabular arraies.
Figure 1 Low-level Logical Data Flow Diagram
Figure 2 High-level Logical Data Flow Diagram
Logical Data Flow Diagram for FSP Redemption Process
KFF’s clients can deliver their points in assorted ways. They can login to Kudler’s members’ on-line portal. The clients can login utilizing the rank ID printed on the dorsum of their rank cards. or by the preferable username they used upon subscribing up. When they login. they are required to come in their user ID and watchword. The security system will find if the client input is valid or non by fiting the certificates to the user’s database. From at that place onward. the users can recover their information. and besides use the web portal to deliver their points. The points can be used to publish vouchers and exchange for points and merchandises non merely valid for Kudler shops. but besides for Kudler’s spouse companies. When clients use the points. the system will cipher the entire staying points and update the client tabular array. Figure 3 shows the logical informations flow diagram of the procedures detailed supra. and Figure 4 shows the physical theoretical account of the full FSP undertaking.
Figure 3 Logical Data Flow Diagram for FSP Redemption Process
Figure 4 Physical Model of Frequent Shopper Program
The hardware demands are important to the system development. consisting of physical waiters and other peripherals. These constituents are the legs and limbs of the system. The hardware subdivision of the system will accept input. and treat the input in a manner specified by the design. and returns an end product ( Blundell. 2008 ) . Centralized Data Management System and Database Server Hardware – This will be the cardinal waiter in which informations gathered by the trailing package will be uploaded to and downloaded from. All locations will hold entree to this hardware to portion valuable client information. This waiter will be used for client informations confirmation as good. It will besides be the cardinal sever in which informations such as wagess plan. points. purchases will be stored. The local database waiters will hold an Intel i5 processor. 8GB of RAM. and 2TB of storage to manage all the excess burden and processing. while the cardinal database waiter will hold 4TB of storage. Backup Servers – Each location will hold a local backup storage to guarantee that client information is safe. and can be retrieved in instance of connectivity issues such as broadband connexion jobs.
Backup waiters will merely necessitate little treating power so an Intel Core 2 Duo will do. The backup waiters will besides necessitate at least 4TB of storage infinite to manage informations from all KFF locations. and a upper limit of 4GB of RAM. Web Server – A front terminal web site will enable clients to buy merchandises. see new merchandises. obtain points and wagess information. and alter their client profile. The web site will be the on-line portal for the clients into the Kudler Fine Foods shops. The web waiter can go to a great extent laden if the FSP is a success. For future-proofing. the web waiter will hold an Intel I5 processor. 4GB of RAM. and 500GB of storage. Membership Card – Cards embedded with saloon codifications will be used to rapidly obtain client information at the shops. Bar codifications will be scanned and automatically matched with the information gathered from the local and cardinal databases. Bar Code Scanners – Kudler will utilize and update bing POS systems and saloon codification scanners and put in them to those without. Routers. Switches. Hubs. and Hardware Firewalls – These peripherals are necessary to make a high throughput. and unafraid web.
Hardware must be compatible and capable to interact without struggle with upgraded equipment. The web wired with CAT6 telegraphing and DSL will supply equal velocity for treating informations. The web should allow client orders into the cardinal database where stock lists are adjusted and providers are notified if stock lists drop below set measures. Procuring the web from unauthorised entree is a definite demand. but includes the capableness to interact safely from the web and web shop clients. Firewall and security package are the tools that make this possible. For illustration. Citrix could be used to entree the web remotely. The package design. hardware selected. and web functionality must interact separately and together without struggle and with dependability. Network
KFF uses an Ethernet web as their web connexion type. SSC will replace the WAN Ethernet by a more unafraid practical private web. The point-to-point construction of a VPN will offer the FSP many benefits. particularly in cut downing cost. With a VPN. short dedicated connexions replace long-distance leased lines to the stopping points point of presence ( POP ) of the cyberspace service supplier ( Douligeris & A ; Serpanos. 2007 ) . The VPN will necessitate each employee of KFF to login to the web before geting entree. The usernames and login times and other activities can be logged for tracking and added security. The VPN apparatus is besides extremely scalable. Any new or extra web can be added easy. Furthermore. a lasting or impermanent nexus can be provided to third party or other concern spouses for a secure connectivity. A firewall between the public sphere ( Internet ) and the VPN gateway will offer extra security.
Figure 5 Kudler Fine Foods Proposed VPN Network Diagram
KFF already has a good construction for their database. The database will merely necessitate few extra tabular arraies. standardizations. and optimisation to better its efficiency. The current database does non hold a specific location for the wagess. points. and other informations necessary for the FSP undertaking. Smith Systems Consulting will add three extra columns in the client tabular array. These three new columns will include Customer Points and Customer Rewards. and Card Serial ID under the Customer tabular array. The Card Serial ID is a alone figure printed underneath the barcode of of all time member’s FSP rank card. The database will besides necessitate new events animal trainer that will trip whenever the client purchases a merchandise. or utilize his points as salvation.
The FSP undertaking will utilize two databases: local and centralized. The POS systems will merely link to the local database for a more rapidly response. The local database will synchronise with the cardinal database on a timed interval. By making this. whenever connectivity issues or catastrophes arise between the local and the cardinal database. KFF can still go on with their services. The database engine package is MySQL. one of the most popular unfastened beginning database package available. MySQL is unfastened beginning and free. which will diminish the entire cost of full FSP development. Microsoft Access will be the primary client for the MySQL database by utilizing myODBC driver. a nexus between MySQL and Microsoft Access. User Interface
The user interface ( UI ) of the FSP plan must be efficient and effectual to better productiveness. After scanning the rank cards. the client information needs to look on the POS screen. complete with name. exposure ( when applicable ) . reference. and telephone figure. Other necessary information will include the termination day of the month of the rank card so that it is speedy to see at a glimpse if the client is still a member or non.
The POS GUI must be the same in all locations to advance uniqueness. With a incorporate interface. an employee can be transferred or work from one location to another without any demand of extra preparation. The saloon codification scanner will better productiveness by cut downing the sum of manual typewriting by the employee. and reduces hazard of human mistake.
The on-line portal and e-commerce solution will necessitate to be attractive to all ages. Each client must hold the ability to put their ain profile information. recover their purchase and points history. deliver wagess. and purchase KFF merchandises online. The on-line portal or web site will besides hold a penchant page where users can alter assorted scenes to run into their penchants. This will besides promote even older clients with hapless vision to seek the web site by altering the font size and colourss. A neatly organized layout and an internal hunt engine will advance navigability.
Because MySQL is extremely scalable and flexible. SSC will include a web interface written in PHP linguistic communication for the Finance and Accounting Department to utilize in add-on to the finance and analytics applications. This will enable a simple secure browser to do a secure connexion. Detailed studies and other informations can be accessed out every bit long as the user provides valid login certificates. Controls
When a client joins the FSP via a booth or by signifiers. the client information is printed out for farther verification. The go toing employee will inquire for a valid ID to look into and guarantee that of import information such as reference and birth day of the months are valid. In events such as purchases. the employee will scan the member’s FSP rank card and inquire the client his phone figure. This simple confirmation will vouch a unafraid dealing. Complete user and plan policies will be available through Kudler’s FSP web site and through Kudler’s shops. The policies will include information sing privateness. footings of usage. user understandings. plan restrictions and restraints. and assorted inside informations sing the computation and ratio of purchases and wagess system. Every client needs to hold to the footings prior to going a member.
Protecting the FSP from unauthorised entree. usage. revelation. break. alteration. or devastation is the primary concern of the security controls. The new FSP development will hold four chief aims of security controls. which are information confidentiality. unity. handiness. and non-repudiation ( Byrnes & A ; Proctor. 2002 ) . The undermentioned list shows the hazards that the proposed security controls will assist extinguish: Human Error – common human errors.
Damage by Employees – information intentionally disgruntled Computer Systems Misuse – employees utilizing computing machine systems for personal usage. Information Theft and Fraud – information usage for personal intents. Malwares – viruses. worms. Trojans. and other malicious package. Hackers – single or group seeking to derive entree.
Natural Disasters – natural catastrophes such as storms. inundations. and power outages.
To guarantee the security of the information. SSC will hold the undermentioned security control strategies on different entree degrees. Administrative
A enchiridion consisting of Standard Operating Procedures ( SOP ) every bit good as policies and guidelines is one of the cardinal elements in guaranting the proper usef of the new FSP system. This will besides include policies sing watchwords. usage of computing machine systems. computing machine security policies. and others related to information security. Logical
Computerized security system will be put in topographic point before and after the installing of the chief constituents of the FSP. Identification package such as card-based entree to server computing machines and workstations helps forestall unauthorised usage. Different degrees of Kudler employees will hold different degrees of entree to the system. depending on their company hierarchal position. To forestall unauthorised entree and confusion in which files and information are accessible. SSC will implement a file control system. Network control steps such as hallmark and Access Control Lists ( ACL ) will assist guarantee web and information security. Physical
To minimise physical entree to information-sensitive computing machine systems and hardware. entree to such constituents will be available to upper direction merely. Server suites and IT section edifices are to stay closed whenever empty. Entry to such suites will necessitate a card-based hallmark. Cryptanalysis
The usage of Internet as the chief nexus between webs. there is a greater hazard of informations transmittal interception. The usage of cryptanalysis will guarantee that any intercepted informations will necessitate decoding. In any cryptanalysis attack that uses a cypher. the aim is to hold a system that the interlingual rendition of encrypted text into field text requires a cardinal or watchword that even if the algorithms become at hazard. deciphering will still necessitate the proper key ( Stamp. 2005 ) . Access to e-mail communications and the Internet-based employee and client portal via booths are accessible merely through a Secure Sockets Layer ( SSL ) connexion. Training to Fix Common Problems
Smith Systems Consulting. together with knowing ace users will develop KFF employees of common information security patterns. A security meeting will discourse simple information security errors such as weak watchwords. unpatched. and out-of-date computing machine systems. and abuse of computing machine systems.
This paper lists many of the specifications designed by SSC for KFF’s Frequent Shopper Program. Security controls. database design. web diagrams. informations flow. and development tools help better the overall success of the undertaking. With careful analysis. design. and proving. SSC will go ready for the FPS undertaking execution.
Apollo Group. ( 2004 ) . Smith Systems Consulting. Retrieved February 13. 2012 from hypertext transfer protocol: //ecampus. Phoenix. edu/secure/aapd/cist/vop/Business/Smith/SmithHome003. htm Byrnes. C. . Proctor. P. ( 2002 ) . Information Security Must Balance Business Objectives. Retrieved February 13. 2012 from hypertext transfer protocol: //www. informit. com/articles/article. aspx? p=26952. Douligeris. C. . Serpanos. D. ( 2007 ) . VPN Benefits. Network Security: Current Status and Future Directions. John Wiley and Sons Hoberman. S. ( 2009 ) . Physical Data Model Explained. Data Modelling Made Simple: A Practical Guide for Business and IT Professionals. Technics Publications. Stamp. M. ( 2005 ) . Information Security: Principles and Practice. Wiley-Interscience.