Designing Inputs, Outputs, and

Controls

1
 Final Exam
• Chapters 1 to 12 and 14 and 15(5 th Edition)
• 20 multiple choices (40 Marks)
• 2 short questions (20 Marks)
• Modelling (40 Marks)
– DFD
– Use Case
– Class
– Use Case Realization
2
 Overview
• This chapter focuses on system interfaces, system
outputs, and system controls that do not require
much human interaction
• Many system interfaces are electronic
transmissions or paper outputs to external agents
• System developers need to design and implement
integrity and security controls to protect system
and its data
• Outside threats from Internet and e-commerce are
growing concern
3
 Identifying System Interfaces
• System interfaces are broadly defined as
inputs or outputs with minimal or no human
intervention
– Inputs from other systems (messages, EDI)
– Highly automated input devices such as
scanners
– Inputs that are from data in external databases
– Outputs to external databases
– Outputs to other systems

4
Disney’s New ‘MyMagic’ Wristbands to Turn Big
Data Into Big Profits
http://skift.com/2013/10/06/disneys-new-mymagic-
wristbands-to-turn-big-data-into-big-profits/#3

5
Full Range of Inputs and Outputs

6
 eXtensible Markup Language
(XML)
• Extension of HTML that embeds self-
defined data structures in textual messages
• Transaction that contains data fields can be
sent with XML codes to define meaning of
data fields
• XML provides common system-to-system
interface
• XML is simple and readable by people

7
 System-to-System Interface
Based on XML

Before XML This would be something like:

RM010989;william jones;120 Roundabout Road;Los Angeles 8….
 Design of System Inputs
• Identify devices and mechanisms used to enter
input
– High-level review of most up-to-date methods to
enter data
• Identify all system inputs and develop list of data
content for each input
– Provide link between design of application software
and design of user and system interfaces
• Determine controls and security necessary for
each system input

9
 Input Devices and Mechanisms
• Capture data as close to original source as
possible
• Use electronic devices and automatic entry
whenever possible
• Avoid human involvement as much as possible
• Seek information in electronic form to avoid data
re-entry
• Validate and correct information at entry point

10
 Prevalent Input Devices
to Avoid Human Data Entry
• Magnetic card strip readers
• Bar code readers
• Optical character recognition readers and
scanners
• Radio-frequency identification tags
• Touch screens and devices
• Electronic pens and writing surfaces
• Digitizers, such as digital cameras and digital
audio devices
• Sensors !! 11
 Identifying System Interfaces
– Real-time connections (both input and output)
– Sensors !!
• 30 billion RFID tags and 4.6 billion camera phones are used
around the world in 2013. In addition, 200 million smart
meters to be operated in 2014. Moreover, there were 2
billion people on web in 2011
»
» BIG DATA
Amount of new data
stored varies across
geography. New data
stored (in Petabytes – 1M
Gbytes - (PB)) by
geography in 2010. New
data stored is defined as
the amount of available
storage used in a given
year [9].
12
 Defining the Details of System
Inputs
• Ensure all data inputs are identified and
specified correctly
• Can use traditional structured models
– Identify automation boundary
• Use DFD fragments
• Segment by program boundaries
– Examine structure charts
• Analyze each module and data couple
• List individual data fields
13
Automation Boundary on a
System-Level DFD

14
15
List of Inputs for Customer Support
System

16
 Using Object-Oriented Models
• Identifying user and system inputs with OO
approach has same tasks as traditional approach
• OO diagrams are used instead of DFDs and
structure charts
• System sequence diagrams identify each incoming
message
• Design class diagrams and sequence diagrams
identify and describe input parameters and verify
characteristics of inputs

17
System Sequence Diagram for
Create New Order

18
 Input Messages and Data Parameters
from RMO System Sequence Diagram
(Figure 14-10)

19
 Designing System Outputs
• Determine each type of output
• Make list of specific system outputs required
based on application design
• Specify any necessary controls to protect
information provided in output
• Design and prototype output layout
• Ad hoc reports – designed as needed by user
20
 Designing Reports and
Statements
• Printed versus electronic
• Types of output reports
– Detailed
– Summary
– Exception
– Executive
• Internal versus external
• Graphical and multimedia presentation
21
 RMO Summary Report with
Drill Down to the Detailed Report

22
 Formatting Reports
• What is the objective of report?
• Who is the intended audience?
• What is the media for presentation?
• Avoid information overload
• Format considerations include meaningful
headings, date of information, date report
produced, page numbers
23
 Designing Integrity Controls
• Mechanisms and procedures built into a system
to safeguard it and information contained within

• Integrity controls
– Built into application and database system to
safeguard information

• Security controls
– Built into operating system and network

24
 Objectives of Integrity Controls
• Ensure that only appropriate and correct
business transactions occur
• Ensure that transactions are recorded and
processed correctly
• Protect and safeguard assets of the organization
– Software
– Hardware
– Information

25
 Input Integrity Controls
• Used with all input mechanisms
• Additional level of verification to help
reduce input errors
• Common control techniques
– Field combination controls
– Value limit controls
– Completeness controls

26
 Database Integrity Controls
• Access controls

• Data encryption

• Transaction controls

• Update controls

• Backup and recovery protection

27
 Output Integrity Controls
• Ensure output arrives at proper destination and
is correct, accurate, complete, and current

• Destination controls - output is channeled to

correct people

• Completeness, accuracy, and correctness

controls

• Appropriate information present in output

28
 Interface Design Guidelines

• Many interface design guidelines have been

published to help system developers
– Range from general to very specific rules
• System design standards
– General principles and rules that must be followed for
the interface of any system developed by the
organization
– Helps to ensure that all user interfaces are usable and
all systems developed by the organization have a
similar look and feel

29
 Visibility and Affordance

• Two key principles to ensure good human-

computer interaction (Donald Norman)
– Visibility
• A key principle of HCI that states all controls should be visible
(so users know its availability) and provide feedback to
indicate the control is responding to the user’s actions
• E.g. a button that can be clicked should be visible, and when it
is clicked should look like it has been pressed to indicate it is
responding
– Affordance
• A key principle of HCI that states that the appearance of any
control should suggest its functionality
• e.g. a button affords clicking, a scroll bar affords scrolling, an
item in a list affords selecting etc.
• Applies to objects on the desktop
30
 Implications for designers

• If designers make all controls visible and clear

more likely the interface will be usable
• Most users are now familiar with Windows user
interface and common Windows controls
– Not necessarily with Iphone/Android Interfaces
• These principles should also be applied carefully
to design of web pages, where there are new types
of controls and possible designs of interfaces (not
standardized)

31
 Eight Golden Rules

• Ben Shneiderman proposes eight underlying

principles applicable to most interactive systems
(and key to usability)
1. Strive for consistency
2. Enable frequent users to use short cuts
3. Offer informative feedback
4. Design dialogs to yield closure
5. Offer simple error handling
6. Permit easy reversal of actions
7. Support internal locus of control
8. Reduce short-term memory load

32
 1. Strive for Consistency
• Information arranged on forms, the names and
arrangement of menus, the size and shape of icons etc.
should be consistent throughout the system
– This allows for many actions to become automatic
– If a new application comes along with a different way of
functioning have to relearn all the basic operations
– Apple Macintosh was the first to emphasize the benefits of
consistency
• Mac applications were consistent and a standards document was
created for people writing Mac applications (so if you knew one you
could figure out other applications easily since they were consistent)
– E.g. consistency in the menu bar for File, Edit and Format
– However some applications may not fit such guidelines and
inconsistency may be useful for differentiating applications
33
(for running and learning)
 2. Enable Frequent Users to Use Short Cuts

• Users who work with one application all the time are
willing to invest time to learn short cuts
• They begin to lose patience with long menu sequences
when they know exactly what they want to do
• Short-cut keys can reduce the number of interactions for a
given task
• Designers can provide macro facilities for users to create
their own short cuts
• E.g. mail order entry clerks at RMO wouldn’t want long
multiple menus to slow them down, but instead short-cuts
would make them more productive

34
 3. Offer Informative Feedback

• Every action a user takes should result in some

type of feedback from the computer
– Eg. If the user clicks a button it should visually change
and perhaps make a sound to indicate it has responded
– Feedback of information to the user is also important
• E.g. if a mail-order clerk enters a customer ID number in the
screen, the computer should display the name and address for
confirmation by the clerk
• E.g. if the clerk enters a product ID for the order, the system
should display a description of the product

35
 4. Design Dialogs to Yield Closure

• Each dialog with the system should be organized

with a clear sequence (with a beginning and an
end)
– Reading one’s email
• If the system requirements are defined as events to
which the system responds, each event leads to
processing of one specific, well-defined activity
• Traditional approach
– Each activity is defined by data flow diagrams and
structured English
• Object-oriented approach
– Each activity (a use case) might be further defined as
multiple scenarios, each with a flow of events 36
 5. Offer Simple Error Handling
• Errors can be costly so designers must try to
prevent users from making errors
– Better way is by limiting available options and
allowing user to choose from valid options at any point
in the dialog
– Adequate feedback also reduces errors
• When errors occur need ways to handle it
– Error messages should state specifically what is wrong
and explain how to create it
– Avoid message that scare or blame the user:
e.g. “FATAL ERROR 2001”
– Also provide information that makes it easy to correct
the error:
e.g. “The date of birth entered is not valid. Check to be sure only
numeric characters in appropriate ranges are entered in the
date of birth fields…” 37
 6. Permit Easy Reversal of Actions

• Users need to feel that they can explore options

and take actions that can be canceled or reversed
easily
• Allows users to learn about the system by
exploring
• If they make a mistake, they can cancel the action
• Should include cancel buttons on all dialog boxes
• Also if user is going to delete something
substantial (e.g. a file) the system should ask the
user to confirm the action

38
 7. Support Internal Locus of Control

• Experienced users want to feel they are in charge

of the system and the system responds to them
• They should not be forced to do anything or made
to feel the system is controlling them
• Much of this “comfort” and control is provided by
the wording of prompts and messages
• Writing out a dialog can help to lead to such a
design

39
 8. Reduce Short-Term Memory Load

• People have short-term memory limitations

– People remember only about seven chunks of
information at a time
– Interface designer cannot assume the user will
remember anything from form to form, or dialog box to
dialog box
– If user has to stop and ask “Now what was the
filename? The customer ID?” then the design is placing
a burden on the user’s memory

40
 Integrity Controls to Prevent
Fraud
• Three conditions are present in fraud cases

– Personal pressure, such as desire to maintain extravagant

lifestyle

– Rationalizations, including “I will repay this money” or “I

have this coming”

– Opportunity, such as unverified cash receipts

• Control of fraud requires both manual procedures and

computer integrity controls

41
Fraud Risks and Prevention
Techniques

42
 Designing Security Controls
• Security controls protect assets of organization from all
threats
– External threats such as hackers, viruses, worms, and
message overload attacks

• Security control objectives

– Maintain stable, functioning operating environment for users
and application systems (24 x 7)
– Protect information and transactions during transmission
outside organization (public carriers)

43
 Security for Access to Systems
• Used to control access to any resource
managed by operating system or network
• User categories
– Unauthorized user – no authorization to access
– Registered user – authorized to access system
– Privileged user – authorized to administrate system
• Organized so that all resources can be accessed
with same unique ID/password combination

44
Users and Access Roles to
Computer Systems

45
 Managing User Access
• Most common technique is user ID / password
• Authorization – Is the user permitted to access?
• Access control list – users with rights to access
• Authentication – Is the user who they claim to be?
• Smart card – computer-readable plastic card with
embedded security information
• Biometric devices – keystroke patterns,
fingerprinting, retinal scans, voice characteristics

46
 Data Security
• Data and files themselves must be secure
• Encryption – primary security method
– Altering data so unauthorized users cannot view
• Decryption
– Altering encrypted data back to its original state
• Symmetric key – same key encrypts and decrypts
• Asymmetric key – different key decrypts
• Public key – public encrypts; private decrypts

47
Symmetric Key Encryption

48
 Asymmetric Key Encryption

Systems Analysis and Design in 49

a Changing World, 4th Edition
 Digital Signatures and
Certificates
• Encryption of messages enables secure exchange
of information between two entities with
appropriate keys
• Digital signature encrypts document with private
key to verify document author
• Digital certificate is institution’s name and public
key that is encrypted and certified by third party
• Certifying authority
– VeriSign or Equifax

50
Using a Digital Certificate

51
 Final Exam
• Duration: 2 hours
• Chapters 1 to 12 and 14 and 15(5th Edition)
• 20 multiple choices
• 3 short questions
• OO diagram
– Use Case
– Class
– Sequence
52