Professional Documents
Culture Documents
System
Software Design Description (SDD)
Private Organization’s Employee’s Social
Security Agency
Phase –I
Version: 1.0
Document Id: project id (063-05-05) - PRMS-028
SEPTEMBER 2013G.C
Software Design Description for POESSA-PRMS Project 2
No part of this publication may be reproduced in any form, in an electronic retrieval system or
otherwise, without the prior written permission of the publisher.
Note: Make sure this is the latest version while using this template
TABLE OF CONTENTS
TEMPLATE REVISION HISTORY............................................................................................................................. 2
LIST OF TABLES......................................................................................................................................... 5
LIST OF FIGURES....................................................................................................................................... 6
EXECUTIVE SUMMARY............................................................................................................................. 7
1 INTRODUCTION................................................................................................................................. 8
1.1 PURPOSE.......................................................................................................................................................8
1.2 SCOPE........................................................................................................................................................ 8
1.3 DEFINITIONS AND ACRONYMS.................................................................................................................9
1.4 REFERENCE MATERIAL..............................................................................................................................9
2 SYSTEM OVERVIEW........................................................................................................................ 10
3 SYSTEM ARCHITECTURE............................................................................................................... 12
4 DECOMPOSITION DESCRIPTION.............................................................................................. 15
5 DEPENDENCY DESCRIPTION...................................................................................................... 22
6 INTERFACE DESCRIPTION.......................................................................................................... 25
7 DETAILED DESIGN.......................................................................................................................... 34
8 DESIGN SECURITY.......................................................................................................................... 61
LIST OF TABLES
Table 1: Registration sub-system feature detail description..............................................16
Table 2: Reporting sub system feature description...............................................................18
Table 3: User Management and Authentication subsystem feature description.........19
Table 4: Attribute description of registration sub system...................................................38
Table 5: Method description of registration sub system......................................................44
Table 6: Attribute description of registration sub system...................................................44
Table 7: Method description of reporting sub system...........................................................45
Table 8: Attribute description of user management and authentication subsystem. 46
Table 9: Method description of user management and authentication sub system...47
Table 10: Data dictionary of PRMS...............................................................................................62
Table 11: Threats and Countermeasures development table.............................................66
LIST OF FIGURES
Figure 1: Overall deployment architecture of PRMS..............................................................11
Figure 2: System architecture of PRMS......................................................................................13
Figure 3: Class diagram of registration sub-system..............................................................17
Figure 4: The class diagram of reporting sub-system...........................................................18
Figure 5: The class diagram of user Management and Authentication sub system...20
Figure 6: DFD diagram of PRMS....................................................................................................23
Figure 7: E-R diagram of PRMS.....................................................................................................24
Figure 8: Home page interface diagram....................................................................................25
Figure 9: Handle Employer Registration user interface........................................................26
Figure 10: Handle Employee Registration user interface.....................................................27
Figure 11: Handle Employee Spouse Registration user interface.....................................27
Figure 12: Handle Employee’s Child Registration user interface......................................28
Figure 13: Handle Employee’s Parents Registration user interface.................................29
Figure 14: Handle Employee Service Registration user interface.....................................29
Figure 15: Registration Search Result user interface............................................................30
Figure 16: Handle Reporting user interface..............................................................................31
Figure 17: Login user interface......................................................................................................32
Figure 18: User management user interface............................................................................32
Figure 19: Role and Resource management user interface................................................33
Figure 20: Employer data entity detail description................................................................48
Figure 21: Employee data entity detail description...............................................................49
Figure 22: Employee Spouse data entity detail description................................................50
Figure 23: Employee Child data entity detail description....................................................50
Figure 24: Employee Parent data entity detail description.................................................51
Figure 25: Employee Service data entity detail description................................................51
Figure 26: Address data entity detail description..................................................................52
Figure 27: Architecture overview of security............................................................................64
Figure 28: Detail design security Deployment diagram.......................................................68
Executive Summary
1 Introduction
1.1 Purpose
The purpose of Pension Registration Management System (PRMS from now onwards) is to
automate pension registration business processes of POESSA. This purpose is attained
through a detailed study of the existing system and a proposed solution as specified in the
SRS. To meet the proposed system in the SRS this Software Design Description (SDD) will
provide a detailed design perspective from the software structure, software components,
interface, and data point of view. The SDD will give insight on how the system will provide a
mechanism for storing, retrieving and exchanging basic data and information from different
teams or processes. Moreover, this SDD describes the architecture and system design of
PRMS.
1.2 Scope
The SDD manages the system in to components which all together make up the whole
Pension Registration Management System in POESSA which is currently operating
manually. The system design document will include the following scope functionalities:
Software Architecture It is the set of structures needed to reason about the software
system, which comprise the software elements, the relations
between them, and the properties of both elements and
relations.[
In the development process of this document the following resources are referenced:
2 System Overview
PRMS is developed for the Federal Republic of Ethiopia Private Organization’s Employee’s
Social Security Agency. It manages pension registration service given at the agency. The
main functionalities of this system include employer registration, employee registration,
employee’s spouse registration, employee’s child registration, employee’s parent
registration and employee service registration. The system also provides user authentication
and user managementfacilities.
The PRMS system will be deployed based on a web services model. This will involve
establishing a web presence for the operational system that may be accessed by various
users. PRMS’s deployment diagram is depicted in the figure 1.
All functions are accessed via the government VLAN using a web browser for regional office
user or use direct access to head office users that use POESSA LAN. All functions are
accessed via the web pages. In addition to the core registration functionality the system
also provides:
1. Online Help: Help manual attached to system and available to users to access it
whenever needed.
2. Themes: user can change the Themes of the application according to his/her need.
Generally, User requests will be received by the web server application through IIS and the
request is parsed to determine the next step. The web server application will process
requests for dynamic HTML pages immediately. Hence, requests for IIS server will be
forwarded onto the application web server for dispatch to the appropriate service. Web
server will access the PRMS database residing on a separate machine. The web server
application returns formatted HTML pages to the web browser.
3 System Architecture
3.1 Architectural Design
To show the overall PRMS architecture, the software design is organized in to layered
system Architecture. The following layers are identified in the software architecture. These
are:
Presentation layer: it is a layer responsible for creating and displaying the user interface
and handling user interaction. This layer contains the user interface logic and process to
provide data to the user and provide a friendly working environment. Standard Telerik UI
components will be used to build the UI’s of all application in a uniform manner. Hence, the
layouts and UI components used for all applications will be similar.
Business layer: this layer is the core of every application which incorporates the main
functional units of the applications. Specific business rules are implemented at this layer in
that the extent and size of this layer greatly varies from application to application. These
layers also receive information, validate business rules associated with it and transfer it to
data access layer.
Data Access Layer: - this layer is used to provide a common interface between the
database and the application. It sends actual updates to the database by invoking an
appropriate stored procedure and populating its relevant parameters as well as generates
and returns Result Sets upon retrieval to the LINQ to SQL objects. This is a general pattern
among all applications to be developed. As a general rule we recommend that stored
procedures be used for both retrieval and update purposes. This is advantageous to utilize a
uniform data access layer among all applications as well as hide direct access to database
tables by applications.
Architecture: The rationale behind for selecting of layered system architecture is related
with the following issues:
Design Goals:
Usability: PRMS will provide intuitive web-based interfaces to users with varying
levels of access to PRMS data and system resources.
Localization: The system should have a multilingual support for English and
Amharic, with regard to user interface and database back end.
User friendly: Since users of the system have little knowledge about software
application, it has to be user friendly and easily accessible.
Fault tolerance: The system has to close gracefully in case of fault.
Modifiability: The system has to be easily modifiable and needs to be readable.
Security: The System must ensure complete protection of data from unauthorized
access. All remote accesses are subject to user identification and password control.
Response time: the system should respond in real time.
Extensibility: the system should be modular in order to facilitate future changes.
Design Trade-offs:
4 Decomposition Description
According to the system architecture described in section 3.1, there are three subsystems in
PRMS. These subsystems are decomposed according to their functionality they contribute to
the whole system. Hence, the subsystems include: registration, reporting and security sub
system.
Use Case Name Use Case Description Responsible Class Responsible Method/s
Handle Employer Perform employer EmployerUI saveEmployer
Registration details registration; it EmployerBLogic updateEmployer
also helps editing and Employer searchEmployer
updating changes that displayEmployer
will be made later. selectEmployer
Handle Employee Perform employee EmployeeUI saveEmployee
Registration details registration; it EmployeeBLogic updateEmployee
also helps editing and Employee searchEmployee
updating changes that displayEmployee
will be made later. selectEmployee
Handle Employee Perform employee EmployeeSuposeUI saveEmployeeSupose
Spouse Spouse details EmployeeSuposeBLogic updateEmployeeSupose
Registration registration; it also EmployeeSupose searchEmployeeSupose
helps editing and displayEmployeeSupose
updating changes that selectEmployeeSupose
will be made later.
Handle Perform employee’s EmployeeChildUI saveEmployeeChild
Employee’s Child child/children details EmployeeChildBLogic updateEmployeeChild
Registration registration which is EmployeeChild searchEmployeeChild
The class diagram of PRMS registration sub system consists of Employer, Employee,
Employee Spouse, Employee Child, Employee Parent, Employee Service and Address classes
elaborated in the figure blow.
This feature helps to generate different reports that are expected from the tasks performed
under the above feature and very useful to the agency; the reports can be viewed on the
screen as softcopy and can also be printed to get their hardcopy.
The class diagram of PRMS reporting sub system consist of only reporting class elaborated
in the figure below.
This feature helps to create user account, set role and permission to user, manage
resources, maintain look up settings and authenticate users . It also allows editing or
modifying user and look up information, and updating it based on the change whenever
there is such a need.
Figure 5: The class diagram of user Management and Authentication sub system
5 Dependency Description
In PRMS there are seven entities these are: employer, employee, employee spouse,
employee child, employee parents, employee service, and employer address. In this system
employer is related with employee and address, and employee is related with its employer,
spouse, child, parent, service and address entities.
When discussing high level architecture of PRMS in section 3.1, the business layer contains
both registration and reporting sub system which depend up on the user management and
authentication sub system, this indicate that both registration and reporting sub system will
be handled after user management and authentication sub system since users
authentication is a must.
6 Interface Description
6.1 Subsystem Interfaces
6.1.1 Overview of User Interface
Home page: This is the page the user sees after logging in. It is designed in a way that
makes it easy to navigate to any of other pages. This page is open to modification as we
move on.
This sub system allows registration and updating of employer, employee, employee spouse,
employee child, employee parent, employee service and employer/employee address
handled.
It is a sub system which allows to display and print registration report handled by
appropriately selecting report type (required report), period (whether it is monthly,
quarterly, semi annually or yearly) and date (report starting date).
Handle reporting:
It is a sub system the login, useraccount creation and updating, role giving and
updating, resourceassignment and deletion, and look up and setting management.
Login:
User management:
7 Detailed Design
7.1 Subsystem Detailed Design
7.1.1 Registration Subsystem Detail Design
Detail ClassAttributes:
Detail ClassMethods:
method
DisplayE Has no parameter void Bind employee
mployee child dataset
Child () information to
grid and
display it.
SelectEm Has no parameter employer Select required
ployee _Id employee’s
Child () child and return
its ID
SaveEmpl parent_Id Boolean Save given
oyeePare name value information of
Parent nt() date_Of_Birth employee
monthly_Income parent
way_Parents_Support
date_Of_Registration
name_Of_Registration_Officer
UpdateEm The same as parameters in save() Boolean update given
ployeePar method value information of
ent() employee
parent
SearchEm employee_Id Table of Search required
ployeePar parameter employee’s
ent() s of save parent
method
DisplayE Has no parameter void Bind
mployeeP employee’s
arent() parent dataset
information to
grid and
display it.
SelectEm Has no parameter employer Select required
ployeePar _Id employee’s
ent() parent and
return its ID
Service SaveEmpl children_Id Boolean Save given
oyeeServi name value information of
ce() date_Of_Birth employee
sex service
mother_Name
date_Of_Registration
name_Of_Registration_Officer
UpdateEm The same as parameters in save() Boolean update given
ployeeSer method value information of
vice() employee
service
SearchEm employee_Id Table of Search required
ployeeSer parameter employee’s
vice() s of save service
method
DisplayE Has no parameter void Bind
mployeeS employee’s
ervice() service dataset
information to
grid and
display it.
SelectEm Has no parameter employer Select required
ployeeSer _Id employee’sserv
vice() iceand return
its ID
Save address_Id Boolean Save given
Address Address region value information of
() sub_City employer/empl
city oyeeaddress
Woreda
Keble
house_Number
telephone_number
Po.Box
fax
email_Address
website
Update The same as parameters in save() Boolean update given
Address method value information of
() employer/
employee
address
Search employee_Id Table of Search required
Address parameter employee
() s of save service
method
Display Has no parameter void Bind employer/
Address employee
() address dataset
information to
grid and
display it.
Select Has no parameter employer Select required
Address _Id employer/
() employee
address and
return its ID
Detail ClassAttributes:
Detail ClassMethods:
Detail ClassAttribute:
Detail ClassMethod:
whenever if organization
announce new information
to POESSA.
created_date - is the date which is used varchar(10) YES NO
by registration officer to
record the documents
bring by organization to
the system.
updated_date -is the date to update varchar(10) NO NO
information of the
organization to the
system.
Parent parent_id -is a number that uniquely varchar(50) YES YES
identify parents the
employee.
parent_first_name -is the first name of the varchar(50) YES NO
employee parents.
parent_middle_nam -Is the middle name of the varchar(50) YES NO
e employee parents.
parent_last_name -Is the last name of the varchar(50) YES NO
employee parents
date_of_birth -is the date of birth of the varchar(10) YES NO
employee parents.
monthly_income -is the salary earned by float(10) YES NO
the employee parents.
way_parents_suppor -is the condition parents varchar(50) NO NO
t get income.
created_by -is a person (registration varchar(50) YES NO
officer) who is responsible
to input information of the
organization to the
system.
updated_by -is the registration officer varchar(10) NO NO
who is responsible to
update information of the
organization to the system
whenever if organization
announce new information
to POESSA.
employer.
Table 10: Data dictionary of PRMS
8 Design Security
8.1 Security Description
The computer-related system has both theoretical and real weaknesses. The purpose of
computer security is to devise ways to prevent the weaknesses from being exploited.
Computer security rests on confidentiality, integrity and availability. Confidentiality is the
concealment of information or resources. Integrity refers to the trust worthiness of data or
resources. And, Availability refers to the ability to use the information or resource desired.
Hence in PRMS the main objective of security is ensuring data confidentiality, integrity and
availability.
Database: - we protect our database security from direct user access by using separate
database from the application using layered architecture and by creating username &
password to login in to the database.
Web pages: - we protect our web pages from removing or editing from the system by
giving specific role to one responsible person.
Lookups: we prevent data entry error by providing previously known and static information
by making the userto select from combo box. If there is a need to update such information
the user updates information to the database.
User access role: - we protect the confidentiality of data by controlling the role of the
user.
User account Creation: Any user of the PRMS must have an account to access the
system, therefore the user account is created at this package. First, user’s first name, father
name and address registered; then a unique username and password with a combination of
small letter, capital letter and special characters (such as: @, #, &, etc.) with length of
more than 8 character is given to already registered user.
User Role and Permission Creation: It is impossible to give user name and password for
registered user without setting its role and permission. Thus such activity is handled in this
package.
Resource management: The main resource in our application is web page. Without
managing it we can’t control the overall gear of the PRMS. So the management of such
resource is handled in this package.
Login: It is the door of the PRMS, user who has an account and assigned specific role and
permission is authenticatedat this package.
Lookup and setting: all information predetermine for the user are entered the system
through lookup page that is access by administrator only. And also, setting related to the
PRMS is handled is this package.
In PRMS system there is a boundary between each layer, and data access and PRMS
database. Thus, each layer is communicated to another layer is through object and attribute
parameter passing. However, the data access and PRMS database are communicate through
object called LINQ TO SQL that is link to password protected oracle database. Since the
database is password protected the system handle communications by string connection
with in “web.config” page that validate password and user name of the database.
Threat to the
system/misuse
Asset name Use case case Counter measure
Database security is protecting data at the heart of many secure systems, and many users
(people, programs, or systems) rely on a database management system (DBMS) to manage
the protection.Following is a list of requirements for database security in PRMS system.
•Physical database integrity: The data of a database are immune to physical problems,
such as power failures, and someone can reconstruct the database if it is destroyed through
a catastrophe. It is responsibility of POESSA to mitigate it.
•Logical database integrity: The structure of the database is preserved. With logical
integrity database, a modification to the value of one field does not affect other fields, for
example.
Element integrity: The data contained in each element are accurate.
Auditability: It is possible to track who or what has accessed (or modified) the
elements inthe database.
Access control: A user is allowed to access only authorized data, and different
users can berestricted to different modes of access (such as read or write).
Userauthentication: Every user is positively identified, both for the audit trail and
forpermission to access certain data.
Availability: Users can access the database in general and all the data for which
they areauthorized.
At the registration time detail information of the user are registered and stored in the data
base. As soon as the user logs in to the system, his/her detail information is executed and
stored in the session,and when data uploaded from the database only the data associated
with the user registered information are brought to manipulate. That is, data that is not
related to the user is not visible to user, or user can’t see or manipulate data that are not
under his/her branch.
Database logging information any other related information of the database are kept alive at
the installation directory of the oracle database server. These files open only by using
Oracle 11g database management server. Hence, only user who has the authority or have
user name and password can access; and some files are built-in by oracle and not editable
by any user.
It is detail design of security architecture in section 8.3.Each layer contains user creation,
user role and permission, resource management, and lookup and settings package; and
each package is divided in to layer. As shown in the figure below user creation, user role
and permission, resource management, and lookup and settings depend on login package,
which implies, without login user cannot use other services.