Information Systems

for Business
Preface:

The explosion in information and the use of Internet make

high value to information systems. There is an urgent need to
store and process information that generated every day. How
to exploit the available information to improve the life
quality?. Every day there is a huge amount of generated data.
The wide use of the Internet makes the data growth in a
tremendous rate.

This book explains information systems and its usage in

business. It discusses some important issues related to
information systems in an introductory level. It is suitable for
students in college level.
Contents

Part I: What is Information Systems?

Chapter 1: Introduction

Chapter 2: Hardware and Software

Chapter 3: Computer Networks and the Internet

Part II: Information System Developments

Chapter 4: Analysis of Information System

Chapter 5: Design of System

Chapter 6: Implementation and Testing of Information

System

Chapter 7: Databases

Part III: Using Information Systems in Business

Chapter 8: Business Automation

Chapter 9: Information systems in Business - competitive

advantages

Chapter 10: Information System Security.

Chapter 11: Ethics of using information system

Appendix A: HTML
Table of content

Part I: What is Information Systems

Chapter 1: Introduction
1.1 Definition of information system
1.2 Hardware
1.3 Software
1.4 Importance of information system to Business
1.5 Information levels
1.6 Types of information systems
1.7 Development of information systems
1.8 Database
1.9 Security

Chapter 2: Hardware and Software

2.1 Hardware
2.1.1 Input devices
2.1.2 Output devices
2.1.3 Storage devices
2.1.4 Servers
2.2 Software
2.2.1 System software
2.2.2 Operating System
2.2.3 Application software

Chapter 3: Computer Networks and the Internet

3.1 Networks types
3.2 Wireless Networking
3.3 The Growth of Broadband
3.4 Organizational Networking
3.5 A Brief History of the Internet
3.6 An Internet Vocabulary
3.7 Web 2.0
3.8 E-mail Is the “Killer” App for the Internet
3.9 Data centers
3.9.1 Design criteria and trade-offs
3.10 Cloud computing
3.10.1 Infrastructure as a service (IaaS)
3.10.2 Platform as a service (PaaS)
3.10.3 Software as a service (SaaS)

Part II Information system

developments
Chapter 4 : Analysis of Information System
4.1 System development life cycle
4.2 System analysis
4.3 Information gathering
4.4 Requirements definition
4.5 Requirements prioritization

Chapter 5: Information System Design

5.1 The Design process
5.2 Modularization
5.3 Design principles
5.4 Information system design concepts
5.5 Information system design considerations
5.6 Architecture and design patterns
5.6.1 Layered software design pattern
5.6.2 Client-server software design pattern

Chapter 6: Implementation and testing of

Information System
6.1 Types of applications
6.1.1 Desktop application
6.1.2 Web application
6.1.3 Mobile application
6.2 Programming
6.3 Integrated Development Environment (IDE)
6.4 Object oriented programming (OOP)
6.5 Agile developments
6.6 Testing
6.6.1 Unit test
6.6.2 Integration test
6.6.3 Acceptance test

Chapter 7: Databases
7.1 Relational database
7.1.1 One-to-one relation
7.1.2 One-to-many relation
7.1.3 Many-to-many
7.2 Database design
7.3 Database management system (DBMS)
7.4 Creating database in MS Access

Part III: Using Information Systems in

Business
Chapter 8: Business Automation
8.1 Documenting a Process
8.2 Managing Business Process Documentation
8.3 ERP Systems
8.4 Business Process Management
8.5 Business Process Reengineering
8.5.1 Case study: Reengineering the College Bookstore
8.6 ISO Certification

Chapter 9 : Impact of Information Systems on

Business
9.1 Competitive advantage
9.2 Information system decrease cost of production
9.2.1 Increase mobility and efficiency
9.2.2 Keeping track of information
9.2.3 Better client involvement
9.3 Information systems support management
9.4 Information system helps quality control
9.5 Information systems support decision making
9.6 Decision support systems and business intelligence
9.6.1 Model-driven decision support system
9.6.2 Data-driven decision support system
9.8 Organizational impacts of information systems
9.9 Information systems in the economy and society

Chapter 10: Information System Security

10.1 Network security
10.1.1 Types of network attacks
10.2 Threats types
10.3 Security approaches
10.3.1 Authentication
10.3.2 Authorization
10.3.3 Data encryption
10.3.4 Firewalls
10.3.5 Backup
10.4 Security policy

Chapter 11: Ethics of Using Information System

11.1 Business Ethics
11.2Ethics and Information Systems
11.3 Exploring the ethics issues in information systems
11.3.1 Management Information Systems and Ethics
11.4 Code of ethics
11.4.1 Code of ethics drawbacks
11.5 Acceptable Use Policies
11.6 Intellectual Property
11.6.1 Copyright
11.6.2 Software license
11.6.3 Licenses types
11.6.4 Patent
11.7 Ethics of downloading
11.8 Patient privacy
Appendix A: HTML
 Chapter 1

Introduction
1.1 Definition of information system
Information system is a collection of software, hardware,
networks, and people to store and manipulate information in
an organization. The aim of the information system is to
automate processes, reduce production cost and support
decision makers.

Information system means a computer system, works in a

network, that enables users to collect, create, process,
redistribute useful data. There are four main components for
the information system: hardware, software, network, and
people.

If we think in bank information system which automates

accounting processes as an example, you find that the main
components of this information system are:

 Computers, printers, network cables, and switches

 Network that connect all branches of the bank
 Programs that enable bank tellers to calculate the
interests, show customer data, search for a customer,
apply transactions on the account and withdraw from
account.
 Database that store accounts data.
 People who use the information system
We can classify the first two points in the above list as
hardware components. The second two points may be
classified as software components.

1.2 Hardware
Hardware means the tangible components of the computer
such as keyboard, mouse, and screen. A wide range of
hardware components can be used in information systems.
Hardware of an information system should have the capability
to achieve the required tasks.

Hardware devices that used for information systems can be

classified into five categories as shown in figure 1.1. Chapter
2 discusses hardware in more details.

Hardware

Input devices Processing units

Output devices Network devices

Storage devices

Figure 1.1 Hardware components used in information systems

1.3 Software
Software is a computer program which contains a set of
instructions cab be executed on the computer. This program is
written in programming language so the computer can
understand. Unlike hardware, software is intangible
component. Two main categories of software: system software
and application software.

System software is programs that concern with keeping the

system operating in a high performance manner. Example of
system software is operating system. The operating system is
a program responsible for managing hardware and operating
the computer. On the other hand application software is
programs that has specific task to perform such as word
processor, games, and accounting programs.

1.4 Importance of information system to Business

Nowadays, most of organizations are working through
computer systems. Information technology is spread in every
factory and organization. Most organizations adopt process
automation strategy to facilitate providing good services for
the customers. In educational organizations like universities
information technology controls all processes. Distance
learning, student information system, and online exams
system are examples of computer-based systems used in
education. Moreover, financial organization such as banks
also full automated and depends on computer systems.
Information systems play an important role in these
organizations. Not all computer-based systems are
information system. For example some systems that automate
factory production depend on robotics. Artificial intelligence
applications that used in medical field are not information
systems. However, we can say that information system is a
main component in all organizations nowadays.

Study of information system is essential especially for

business major students. There is a strong relationship
between business and information system. Because of the fast
development of new technologies and the coupling between
technology and business, the information system becomes
essential for business. Information systems support business in
different fields such as:

 Organization management
 Reduce production cost
 Speed up production process
 Electronic marketing
 Increase revenues

On the other hand, information systems are used by different

department in the organization. They are used by:

 Seles men
 Information systems become essential for sales
department specially after emerging of e-commerce.
Nowadays, most of organizations depend on e-
commerce to sell their products.
 Financial people
Financial transactions are done using information
systems. Accounting activities depend on information
systems
 Stock advisor
Stock control systems which keep track of existing
items and stock status are a type of information system.
Stock advisors are fully depends on information
systems to control all issues related to stock.
 Managers
Managers use information system to follow up the
progress of the organization activity and getting updated
information about everything in the organization.
Moreover, information systems provide data analysis to
managerial levels to support the process of decision
making.
1.5 Information levels
Data can be classified according to the processing has been
done to the data and its value. As shown in figure 1.2, there
are three main levels of data.

Knowledge

Information

Data
Data

Figure 1.2 a pyramid of data

 Data represents collection of facts or raw information.
Data is not useful in its form. Data is located at the
bottom of the pyramid because it is not useful. The
following list of number is an example to data [69, 93,
84, 89, 75]. We can’t use this data even we don’t
understand it.
 Information is a processed or organized data.
Information is useful and understandable. The
following table shows an example of information.
 Subject math Information Operating accounting Economics
system system
Score 69 93 84 89 75

If we state that “the average score is 82”. This is

considered information because the data is processed
and valuable information is obtained.

 Knowledge is processed information. Sometimes

knowledge is equivalent to experience. It is more
valuable than information.

One main objective of using information systems in business

is to convert data to information and get knowledge from
information.
1.6 Types of information systems
There are many types of information systems according to the
purpose for which the system is created. For example,
decision support system is a type of information system that
developed to help decision makers to take the right decision
based on real data.

Transaction processing system

This type of information system is created to perform

transaction on some data. Example of this type is bank
information system.

Student information system

Student information system is a very useful systems that help

to automate processes related to students. All students data is
stored into a database. Some services are provided online by
the system. All procedures the student needs to do are
automated in the system.

Learning management system

This type of information system is used for education. It is a
kind of information system in which data and materials about
courses in the university or school are stored into database. It
provides a communication channel between students and
teachers. Moreover, it may support online exam.
Hospital information system (HIS)

It is an information system for managing hospitals and

keeping patients’ data. All personal data and medical data of
patients are stored in attached database. Medical reports for
patients can be generated automatically from the system.
Moreover, it helps in resource managements and pharmacy
stock control. Normally, HIS integrates with other systems in
the hospital such as Lab Information system (LIS) which is
responsible of Lab data.

Decision support system

It is a kind of information system that created to facilitate

decision making process. It provides the decision maker with
accurate data. Moreover, this type of information systems may
suggest a decision. Data analysis and data visualization may
be provided by such system to help decision maker.

E-commerce

Electronic commerce means the activities of selling and

buying through online services. The term of e-commerce has
appeared in 1986. E-commerce depends on the Internet.
amazon.com is a famous example of e-commerce. Internet
users can use amazon.com to buy variety of products. Some
other terms are related to e-commerce such as e-shopping, e-
payment and e-marketing. Recently, e-commerce spread very
widely specially after the revolution of using internet and
social media. Moreover, smart phones make spreading of e-
commerce more rapid.
1.7 Development of information systems
Development of software is the process of creating new
software or updating exist software. There are scientific
approaches to create/update software. Many books have been
authored in software engineering. These books discuss
scientific methodologies for developing software.

In order to develop an information system, there are some

activities should be done. Different scientific approaches
adopt different activities. However, there are some common
activities between these different approaches to develop an
information system. These common activities include:

 System analysis
This activity includes understanding the environment of
the system and determining the requirements of the new
system. This activity should answer the question "what
the desired information system should do?"
 System design
This activity groups the required functionalities into
related sets. Each set of requirements belong to a
component of the new system. How these components
interact with each other should be determined in this
phase. The output of this activity is a plan that specifies
what the programmer should do.
 System programming
 In this activity the programmers start writing code in
specific programming language. This code represents
the instructions that the computer should execute to do
the required functions. This activity may include
creating database to store the system data in an
organized way.
 Testing
Testing activity is important to ensure that the
developed system is working in a correct way. The new
information system should work according to users'
requirements. The testing phase is critical because
information systems normally control financial
processes. So the new system should be tested carefully.
Once the system is tested and passes the acceptance test
it is ready to be applied in the real environment.

1.8 Database
Database is the place where the data is stored in an organized
way. An information system should store and process the data
to get valuable information. Databases are located in the core
of information systems.
1.9 Security
In information society, information is the most valuable
resource, so it should be secured. Moreover, Information
systems control very critical activities such as financial
processes or bank transactions so security of the information
system is crucial. An information system should be secured
against any kind of attack. The attack may aim to get valuable
information or changing existing information. Both of these
attacks are very dangerous and may lead to catastrophic
results.

 Passive attack
Passive attach aims to get information only. It does not
change or add data. Such attack is dangerous according
to the value of the information the attacker get. For
example if the attacker steels credit cards credential
information belongs to customers of the company, this
leads to very dangerous situation.
 Active attack
Active attack aims to update information by deleting,
adding or modifying data. For example if the attacker
get access to database of bank clients, the attack can add
money to some accounts or transfer money from
account to another. It is not only financial issues that
represent a danger. Other fields may represent danger if
the attack occurred.
Consequently keeping the information system secure is very
important. There are different tools to protect an information
system. Depending on the structure of the system and
importance of the data stored the security tools are selected.

Multiline defense strategy may be applied to protect the

information system. In this strategy multiple security tools are
selected to make the information system safe. For example,
apply access control strategy to prevent unauthorized people
to access the data. In addition, store the data encrypted. So if
the attacker could break the first line (access control) and get
the data, he/she can't use it because the data is encrypted.
 Chapter 2

Hardware and software

This chapter explains the hardware and software components
of information systems. The hardware represents the machines
and infra-structures of the information system. On the other
hand the software represents the databases and programs that
used to make the use of data.

2.1 Hardware
One of the main components of any information system is
hardware. Hardware is the set of all devices that used in the
information system such as computers, printers, scanners,
storage devices, and tablets. Hardware devices can be
classified into input devices, output devices, storage devices,
and processing units. The following subsections explain each
category of these classes.

2.1.1 Input devices

The main function of input devices is to enter the data into the
storage media of a computer. There are different types of data
such as text, sound, image, and video. For each type of data
there are special input devices. For example, keyboard is used
to enter text data and mic is used to enter sound data. The
following table explains some common input devices.
 Input Description Photo
device
Keyboard Keyboard is the most
common and very
popular input device
which helps to input data
to the computer
Mouse Mouse is the most
popular pointing device.

Microphone an input device to input

sound that is then stored
in a digital form.

Webcam used to input video data

Scanner works more like a

photocopy machine

Light ben a pointing device similar

to a pen.

All the inputted data is transfer to binary representation and

stored in a storage media.
2.1.2 Output devices

The function of output devices is to send the data out from

computers to the user. The stored binary data is transferred to
human understandable format such as text, image, or sound.
The most popular output device is screen. Printers and
speakers are also examples of output devices.

2.1.3 Storage devices

Different storage media are used to store data. Storage unites

can be divided into permanent and non-permanent (or
volatile). The permanent storage unit keeps the data
permanently, while the volatile units keep data as long as the
power is on. When the power is off, all the data in volatile unit
is lost.

On the other hand, hard disks are characteristic by large

storage space.

2.1.4 Servers

Server is a computer machine with high capabilities and

presents services to other computers (clients).

Unlike most desktop computers, physical servers often include

multiple CPU sockets and error correcting memory. Servers
also generally support a far greater quantity of memory than
most desktop computers.
Servers need special operating systems. A server operating
system, such as Windows Server or Linux, acts as the
platform that enables applications to run. The operating
system provides applications access to the hardware resources
that they need and enables network connectivity.

The application is what enables the server to do its job. For

example, a database server would run a database application.
Likewise, an email server would need to run a mail
application.

To function as a server, a device must be configured to listen

to requests from clients on a network connection. This
functionality can exist as part of the operating system as an
installed application, role, or a combination of the two.

For example, Microsoft’s Windows Server operating system

provides the functionality to listen to and respond to client
requests. Additionally installed roles or services increase
which kinds of client requests the server can respond to.
2.2 Software
Software is un-tangible programs of computer system. These
programs represent set of instructions to be executed on the
computer system.

There are two main types of software system software and

application software.

2.2.1 System software

System software is software for managing computer hardware

behavior, as to provide basic functionalities that are required
by users, or for other software to run properly, if at all. System
software is also designed for providing a platform for running
application software, and it includes the following:

 Operating systems (OS)

An operating system is a program that acts as an interface
between the user and the computer hardware and controls
the execution of all kinds of programs.
 Device drivers
Device drivers operate or control a particular type of
device that is attached to a computer. Each device needs at
least one corresponding device driver; because a computer
typically has at minimum at least one input device and at
least one output device, a computer typically needs more
than one device driver.
 Utilities
Utilities are computer programs designed to assist users in
the maintenance and care of their computers.

2.2.2 Operating System

An Operating System (OS) is an interface between a computer

user and computer hardware. An operating system is a
computer program which performs all the basic tasks like file
management, memory management, processor management,
handling input and output, and controlling peripheral devices
such as disk drives and printers.

Some popular Operating Systems include Linux Operating

System, Windows Operating System, and Mac OS. Following
are some of important functions of an operating System.

 Memory Management
 Processor Management
 Device Management
 File Management
 Security
 Control over system performance
 Job accounting
 Error detecting aids
 Coordination between other software and users
Memory Management
Memory management refers to management of primary
memory or main memory. Main memory is a large array of
words or bytes where each word or byte has its own address.

Main memory provides a fast storage that can be accessed

directly by the CPU. For a program to be executed, it must in
the main memory. An Operating System does the following
activities for memory management:

 Keeps tracks of primary memory, i.e., what part of it are in

use by whom, what part is not in use.
 In multiprogramming, the OS decides which process will
get memory when and how much.
 Allocates the memory when a process requests it to do so.
 De-allocates the memory when a process no longer needs it
or has been terminated.

Processor Management
In multiprogramming environment, the OS decides which
process (task) gets the processor when and for how much
time. This function is called process scheduling. An operating
system does the following activities for processor
management:
 Keeps tracks of processor and status of process. The
program responsible for this task is known as traffic
controller.
 Allocates the processor (CPU) to a process.
 De-allocates processor when a process is no longer
required.

Device Management
An Operating System manages device communication via
their respective drivers. It does the following activities for
device management:

 Keeps tracks of all devices. Program responsible for this

task is known as the I/O controller.
 Decides which process gets the device when and for how
much time.
 Allocates the device in the efficient way.
 De-allocates devices.

File Management
A file system is normally organized into directories for easy
navigation and usage. These directories may contain files and
other directions.

An Operating System does the following activities for file

management:
 Keeps track of information, location, uses, status etc. The
collective facilities are often known as file system.
 Decides who gets the resources.
 Allocates the resources.
 De-allocates the resources.

Other Important Activities

Following are some of the important activities that an
operating system performs:

 Security: By means of password and similar other

techniques, it prevents unauthorized access to
programs and data.

 Control over system performance: Recording delays

between request for a service and response from the
system.

 Job accounting: Keeping track of time and resources

used by various jobs and users.

 Error detecting aids: Production of dumps, traces,

error messages, and other debugging and error
detecting aids.
2.2.3 Application software

Application software (app for short) is computing software

designed to carry out a specific task other than one relating to
the operation of the computer itself, typically to be used by
end-users. Examples of an application include a word
processor, a spreadsheet program, an accounting application, a
web browser, an email client, a media player, a console game,
or a photo editor.

There are many types of application software:

 An application suite consists of multiple applications

bundled together. They usually have related functions,
features and user interfaces, and may be able to interact
with each other, e.g. open each other's files. Business
applications often come in suites, e.g. Microsoft Office,
LibreOffice and iWork, which bundle together a word
processor, a spreadsheet, etc.; but suites exist for other
purposes, e.g. graphics or music.
 Enterprise software addresses the needs of an entire
organization's processes and data flows, across several
departments, often in a large distributed environment.
Examples include enterprise resource planning systems,
customer relationship management (CRM) systems and
supply chain management software. Departmental
Software is a sub-type of enterprise software with a focus
 on smaller organizations or groups within a large
organization.
 Enterprise infrastructure software provides common
capabilities needed to support enterprise software systems.
(Examples include databases, email servers, and systems
for managing networks and security.)
 Application platform as a service (aPaaS) is a cloud
computing service that offers development and deployment
environments for application services.
 Information worker software lets users create and
manage information, often for individual projects within a
department, in contrast to enterprise management.
Examples include time management, resource
management, analytical, collaborative and documentation
tools. Word processors, spreadsheets, email and blog
clients, personal information system, and individual media
editors may aid in multiple information worker tasks.
 Content access software is used primarily to access
content without editing, but may include software that
allows for content editing. Such software addresses the
needs of individuals and groups to consume digital
entertainment and published digital content. (Examples
include media players, web browsers, and help browsers.)
 Educational software is related to content access
software, but has the content or features adapted for use in
 by educators or students. For example, it may deliver
evaluations (tests), track progress through material, or
include collaborative capabilities.
 Simulation software simulates physical or abstract
systems for either research, training or entertainment
purposes.
 Media development software generates print and
electronic media for others to consume, most often in a
commercial or educational setting. This includes graphic-
art software, desktop publishing software, multimedia
development software, HTML editors, digital-animation
editors, digital audio and video composition, and many
others.
 Product engineering software is used in developing
hardware and software products. This includes computer-
aided design (CAD), computer-aided engineering (CAE),
computer language editing and compiling tools, integrated
development environments, and application programmer
interfaces.
 Entertainment Software can refer to video games, screen
savers, programs to display motion pictures or play
recorded music, and other forms of entertainment which
can be experienced through use of a computing device.
 Chapter 3

Computer Networks and The

Internet
In the early days of computing, computers were seen as
devices for making calculations, storing data, and automating
business processes. However, as the devices evolved, it
became apparent that many of the functions of
telecommunications could be integrated into the computer.
During the 1980s, many organizations began combining their
once-separate telecommunications and information-systems
departments into an information technology, or IT,
department. This ability for computers to communicate with
one another and, maybe more importantly, to facilitate
communication between individuals and groups, has been an
important factor in the growth of computing over the past
several decades.
Computer networking really began in the 1960s with the birth
of the Internet, as we’ll see below. However, while the
Internet and web were evolving, corporate networking was
also taking shape in the form of local area networks and
client-server computing. In the 1990s, when the Internet came
of age, Internet technologies began to pervade all areas of the
organization. Now, with the Internet a global phenomenon, it
would be unthinkable to have a computer that did not include
communications capabilities. This chapter will review the
different technologies that have been put in place to enable
this communications revolution.
A computer network is a set of computers sharing resources
located on or provided by network nodes. These
interconnections are made up of telecommunication
network technologies, based on physically wired, optical, and
wireless radio-frequency methods that may be arranged in a
variety of network topologies.
The nodes of a computer network may include personal
computers, servers, networking hardware, or other specialised
or general-purpose hosts. They are identified by network
addresses, and may have hostnames. Hostnames serve as
memorable labels for the nodes, rarely changed after initial
assignment. Network addresses serve for locating and
identifying the nodes by communication protocols such as
the Internet Protocol.
Computer networks may be classified by many criteria,
including the transmission medium used to carry
signals, bandwidth, communications protocols to organize
network traffic, the network size, the topology, traffic
control mechanism, and organizational intent.

3.1 Networks types

The very common types of networks are LAN and WAN.
However, there are many types of networks including:

 LAN (Local Area Network)

 WAN (Wide Area Network)
  MAN (metropolitan area network)
 PAN (personal area network)
 SAN (storage area network)
 VPN (virtual private network)

A Local Area Network (LAN) is a network that is confined to

a relatively small area. It is generally limited to a geographic
area such as a writing lab, school, or building.

Wide Area Networks (WANs) connect networks in larger

geographic areas, such as Cairo, Egypt, or the world.
Dedicated transoceanic cabling or satellite uplinks may be
used to connect this type of global network.

MAN (metropolitan area network): MANs are typically larger

than LANs but smaller than WANs. Cities and government
entities typically own and manage MANs.

PAN (personal area network): A PAN serves one person. For

example, if you have an iPhone and a Mac, it’s very likely
you’ve set up a PAN that shares and syncs content—text
messages, emails, photos, and more—across both devices.

SAN (storage area network): A SAN is a specialized network

that provides access to block-level storage—shared network
or cloud storage that, to the user, looks and works like a
storage drive that’s physically attached to a computer.
VPN (virtual private network): A VPN is a secure, point-to-
point connection between two network end. A VPN
establishes an encrypted channel that keeps a user’s identity
and access credentials, as well as any data transferred,
inaccessible to hackers.

The nodes of a computer network may include personal

computers, servers, networking hardware, or other specialized
or general-purpose hosts. They are identified by hostnames
and network addresses. Hostnames serve as memorable labels
for the nodes, rarely changed after initial assignment. Network
addresses serve for locating and identifying the nodes by
communication protocols such as the Internet Protocol.

Computer networks support many applications and services,

such as access to the World Wide Web, digital video, digital
audio, shared use of application and storage servers, printers,
and fax machines, and use of email and instant messaging
applications.

Network nodes

Apart from any physical transmission media, networks are

built from additional basic system building blocks, such as
network interface controllers (NICs), repeaters, hubs, bridges,
switches, routers, modems, and firewalls.
A network interface controller (NIC) is computer hardware
that connects the computer to the network media and has the
ability to process low-level network information. For
example, the NIC may have a connector for accepting a cable,
or an aerial for wireless transmission and reception, and the
associated circuitry.
3.2 Wireless Networking
Today we are used to being able to access the Internet
wherever we go. Our smartphones can access the Internet; big
malls provide wireless “hotspots” for our laptops or iPads.
These wireless technologies have made Internet access more
convenient and have made devices such as tablets and laptops
much more functional. Let’s examine a few of these wireless
technologies.

Wi-Fi
Wi-Fi is a technology that takes an Internet signal and
converts it into radio waves. These radio waves can be picked
up within a radius of approximately 65 feet by devices with a
wireless adapter. Several Wi-Fi specifications have been
developed over the years, starting with 802.11b (1999),
followed by the 802.11g specification in 2003 and 802.11n in
2009. Each new specification improved the speed and range of
Wi-Fi, allowing for more uses. One of the primary places
where Wi-Fi is being used is in the home. Home users are
purchasing Wi-Fi routers, connecting them to their broadband
connections, and then connecting multiple devices via Wi-Fi.

Mobile Network
As the cellphone has evolved into the smartphone, the desire
for Internet access on these devices has led to data networks
being included as part of the mobile phone network. While
Internet connections were technically available earlier, it was
really with the release of the 3G networks in 2001 (2002 in the
US) that smartphones and other cellular devices could access
data from the Internet. This new capability drove the market
for new and more powerful smartphones, such as the iPhone,
introduced in 2007. In 2011, wireless carriers began offering
4G data speeds, giving the cellular networks the same speeds
that customers were used to getting via their home connection.
Why Doesn’t My Cellphone Work When I Travel Abroad?
As mobile phone technologies have evolved, providers in
different countries have chosen different communication
standards for their mobile phone networks. In the US, both of
the two competing standards
exist: GSM (used by AT&T and T-Mobile) and CDMA (used
by the other major carriers). Each standard has its pros and
cons, but the bottom line is that phones using one standard
cannot easily switch to the other. In the US, this is not a big
deal because mobile networks exist to support both standards.
But when you travel to other countries, you will find that most
of them use GSM networks, with the one big exception being
Japan, which has standardized on CDMA. It is possible for a
mobile phone using one type of network to switch to the other
type of network by switching out the SIM card, which
controls your access to the mobile network. However, this will
not work in all cases. If you are traveling abroad, it is always
best to consult with your mobile provider to determine the
best way to access a mobile network.
Bluetooth
While Bluetooth is not generally used to connect a device to
the Internet, it is an important wireless technology that has
enabled many functionalities that are used every day. When
created in 1994 by Ericsson, it was intended to replace wired
connections between devices. Today, it is the standard method
for connecting nearby devices wirelessly. Bluetooth has a
range of approximately 300 feet and consumes very little
power, making it an excellent choice for a variety of purposes.
Some applications of Bluetooth include: connecting a printer
to a personal computer, connecting a mobile phone and
headset, connecting a wireless keyboard and mouse to a
computer, and connecting a remote for a presentation made on
a personal computer.
VoIP
A growing class of data being transferred over the Internet is
voice data. A protocol called voice over IP, or VoIP, enables
sounds to be converted to a digital format for transmission
over the Internet and then recreated at the other end. By using
many existing technologies and software, voice
communication over the Internet is now available to anyone
with a browser (think Skype, Google Hangouts). Beyond this,
many companies are now offering VoIP-based telephone
service for business and home use.
3.3 The Growth of Broadband
In the early days of the Internet, most access was done via a
modem over an analog telephone line. A modem (short for
“modulator-demodulator”) was connected to the incoming
phone line and a computer in order to connect you to a
network. Speeds were measured in bits-per-second (bps), with
speeds growing from 1200 bps to 56,000 bps over the years.
Connection to the Internet via these modems is called dialup
access. Dial-up was very inconvenient because it tied up the
phone line. As the web became more and more interactive,
dial-up also hindered usage, as users wanted to transfer more
and more data. As a point of reference, downloading a typical
3.5 mb song would take 24 minutes at 1200 bps and 2 minutes
at 28,800 bps.
A broadband connection is defined as one that has speeds of
at least 256,000 bps, though most connections today are much
faster, measured in millions of bits per second (megabits or
mbps) or even billions (gigabits). For the home user, a
broadband connection is usually accomplished via the cable
television lines or phone lines (DSL). Both cable and DSL
have similar prices and speeds, though each individual may
find that one is better than the other for their specific area.
Speeds for cable and DSL can vary during different times of
the day or week, depending upon how much data traffic is
being used. In more remote areas, where cable and phone
companies do not provide access, home Internet connections
can be made via satellite. The average home broadband speed
is anywhere between 3 mbps and 30 mbps.
At 10 mbps, downloading a typical 3.5 mb song would take
less than a second. For businesses who require more
bandwidth and reliability, telecommunications companies can
provide other options, such as T1 and T3 lines.
Broadband access is important because it impacts how the
Internet is used. When a community has access
to broadband, it allows them to interact more online and
increases the usage of digital tools overall. Access
to broadband is now considered a basic human right. It is vital
that no one be excluded from the new global knowledge
societies we are building. We believe that communication is
not just a human need – it is a right.
3.4 Organizational Networking
LAN and WAN
While the Internet was evolving and creating a way for
organizations to connect to each other and the world, another
revolution was taking place inside organizations. The
proliferation of personal computers inside organizations led to
the need to share resources such as printers, scanners, and
data. Organizations solved this problem through the creation
of local area networks (LANs), which allowed computers to
connect to each other and to peripherals. These same networks
also allowed personal computers to hook up to legacy
mainframe computers.
An LAN is (by definition) a local network, usually operating
in the same building or on the same campus. When an
organization needed to provide a network over a wider area
(with locations in different cities or states, for example), they
would build a wide area network (WAN).
Client-Server
The personal computer originally was used as a stand-alone
computing device. A program was installed on the computer
and then used to do word processing or number crunching.
However, with the advent of networking and local area
networks, computers could work together to solve problems.
Higher-end computers were installed as servers, and users on
the local network could run applications and share information
among departments and organizations. This is called client-
server computing.
Intranet
Just as organizations set up web sites to provide global access
to information about their business, they also set up internal
web pages to provide information about the organization to
the employees. This internal set of web pages is called an
intranet. Web pages on the intranet are not accessible to those
outside the company; in fact, those pages would come up as
“not found” if an employee tried to access them from
outside the company’s network.
Extranet
Sometimes an organization wants to be able to collaborate
with its customers or suppliers while at the same time
maintaining the security of being inside its own network. In
cases like this a company may want to create an extranet,
which is a part of the company’s network that can be made
available securely to those outside of the company. Extranets
can be used to allow customers to log in and check the status
of their orders, or for suppliers to check their customers’
inventory levels.
Sometimes, an organization will need to allow someone who
is not located physically within its internal network to gain
access. This access can be provided by a virtual private
network (VPN).

3.5 A Brief History of the Internet

In the Beginning: ARPANET
The story of the Internet, and networking in general, can be
traced back to the late 1950s. The US was in the depths of the
Cold War with the USSR, and each nation closely watched the
other to determine which would gain a military or intelligence
advantage. In 1957, the Soviets surprised the US with the
launch of Sputnik, propelling us into the space age. In
response to Sputnik, the US Government created the
Advanced Research Projects Agency (ARPA), whose initial
role was to ensure that the US was not surprised again. It was
from ARPA, now called DARPA (Defense Advanced
Research Projects Agency), that the Internet first sprang.
ARPA was the center of computing research in the 1960s, but
there was just one problem: many of the computers could not
talk to each other. In 1968, ARPA sent out a request for
proposals for a communication technology that would allow
different computers located around the country to be
integrated together into one network. Twelve companies
responded to the request, and a company named Bolt,
Beranek, and Newman (BBN) won the contract. They began
work right away and were able to complete the job just one
year later: in September, 1969, the ARPANET was turned on.
The first four nodes were at UCLA, Stanford,
MIT, and the University of Utah.

3.6 An Internet Vocabulary

Networking communication is full of some very technical
concepts based on some simple principles. Learn the terms
below and you’ll be able to hold your own in a conversation
about the Internet.
• Packet: The fundamental unit of data transmitted over the
Internet. When a device intends to send a message to another
device (for example, your PC sends a request to YouTube to
open a video), it breaks the message down into smaller pieces,
called packets. Each packet has the sender’s address, the
destination address, a sequence number, and a piece of the
overall message to be sent.
• Hub: A simple network device that connects other devices to
the network and sends packets to all the devices connected to
it.
• Bridge: A network device that connects two networks
together and only allows packets through that are needed.
• Switch: A network device that connects multiple devices
together and filters packets based on their destination within
the connected devices.
• Router: A device that receives and analyzes packets and then
routes them towards their destination. In some cases, a router
will send a packet to another router; in other cases, it will send
it directly to its destination.
• IP Address: Every device that communicates on the Internet,
whether it be a personal computer, a tablet, a smartphone, or
anything else, is assigned a unique identifying number called
an IP(Internet Protocol) address. Historically, the IP-address
standard used has been IPv4 (version 4), which has the format
of four numbers between 0 and 255 separated by a period. For
example, the domain Saylor.org has the IP address of
107.23.196.166. The IPv4 standard has a limit of
4,294,967,296 possible addresses. As the use of the Internet
has proliferated, the number of IP addresses needed has grown
to the point where the use of IPv4 addresses will be exhausted.
This has led to the new IPv6 standard, which is currently
being phased in. The IPv6 standard is formatted as eight
groups of four hexadecimal digits, such as
2001:0db8:85a3:0042:1000:8a2e:0370:7334. The IPv6
standard has a limit of 3.4×1038 possible addresses.
• Domain name: If you had to try to remember the IP address
of every web server you wanted to access, the Internet would
not be nearly as easy to use. A domain name is a human-
friendly name for a device on the Internet. These names
generally consist of a descriptive text followed by the top-
level domain (TLD). For example, Wikepedia’s domain name
is wikipedia.org; Wikipedia describes the organization and
.org is the top-level domain. In this case, the .org TLD is
designed for nonprofit organizations. Other well-known TLDs
include .com, .net, and .gov. For a complete list and
description of domain names.

• DNS: DNS stands for “domain name system,” which acts as

the directory on the Internet. When a request to access a
device with a domain name is given, a DNS server is queried.
It returns the IP address of the device requested, allowing for
proper routing.
• Packet-switching: When a packet is sent from one device out
over the Internet, it does not follow a straight path to its
destination. Instead, it is passed from one router to another
across the Internet until it is reaches its destination. In fact,
sometimes two packets from the same message will take
different routes! Sometimes, packets will arrive at their
destination out of order. When this happens, the receiving
device restores them to their proper order. For more details on
packet switching,.
• Protocol: In computer networking, a protocol is the set of
rules that allow two (or more) devices to exchange
information back and forth across the network. As we moved
into the 1980s, computers were added to the Internet at an
increasing rate. These computers were primarily from
government, academic, and research organizations. Much to
the surprise of the engineers, the early popularity of the
Internet was driven by the use of electronic mail. Using the
Internet in these early days was not easy. In order to access
information on another server, you had to know how to type in
the commands necessary to access it, as well as know the
name of that device. That all changed in 1990, when Tim
Berners-Lee introduced his World Wide Web project, which
provided an easy way to navigate the Internet through the use
of linked text (hypertext). The World Wide Web gained even
more steam with the release of the Mosaic browser in 1993,
which allowed graphics and
text to be combined together as a way to present information
and navigate the Internet. The Mosaic browser took off in
popularity and was soon superseded by Netscape Navigator,
the first commercial web browser, in 1994. The Internet and
the World Wide Web were now poised for growth. The chart
below shows the growth in users from the early days until
now.
In the 1980s and early 1990s, the Internet was being managed
by the National Science Foundation (NSF). The NSF had
restricted commercial ventures on the Internet, which meant
that no one could buy or sell
anything online. In 1991, the NSF transferred its role to three
other organizations, thus getting the US government out of
direct control over the Internet and essentially opening up
commerce online.
This new commercialization of the Internet led to what is now
known as the dot-com bubble. A frenzy of investment in new
dot-com companies took place in the late 1990s, running up
the stock market to new highs on a daily basis. This
investment bubble was driven by the fact that investors knew
that online commerce would change everything.
Unfortunately, many of these new companies had poor
business models and ended up with little to show for all of the
funds that were invested in them. In 2000 and 2001, the
bubble burst and many of these new companies went out of
business. Many companies also survived, including the still-
thriving Amazon (started in 1994) and eBay (1995). After the
dot-com bubble burst, a new reality became clear: in order to
succeed online, e-business companies would need to develop
real business models and show that they could survive
financially using this new technology.
3.7 Web 2.0
In the first few years of the World Wide Web, creating and
putting up a website required a specific set of knowledge: you
had to know how to set up a server on the World Wide Web,
how to get a domain name, how to write web pages in HTML,
and how to troubleshoot various technical issues as they came
up. Someone who did these jobs for a website became known
as a webmaster.
As the web gained in popularity, it became more and more
apparent that those who did not have the skills to be a
webmaster still wanted to create online content and have their
own piece of the web. This need was met with new
technologies that provided a website framework for those who
wanted to put content online. Blogger and Wikipedia are
examples of these early Web 2.0 applications, which allowed
anyone with something to say a place to go and say it, without
the need for understanding HTML or web-server technology.
Starting in the early 2000s, Web 2.0 applications began a
second bubble of optimism and investment. It seemed that
everyone wanted their own blog or photo-sharing site. Here
are some of the companies that came of age during this time:
MySpace (2003), Photobucket (2003), Flickr (2004),
Facebook (2004), WordPress (2005), Tumblr (2006), and
Twitter (2006). The ultimate indication that Web 2.0 had
taken hold was when Time magazine named “You” its
“Person of the Year” in 2006.
3.8 E-mail Is the “Killer” App for the Internet
When the personal computer was created, it was a great little
toy for technology hobbyists and armchair programmers. As
soon as the spreadsheet was invented, however, businesses
took notice, and the rest is history. The spreadsheet was the
killer app for the personal computer: people bought PCs just
so they could run spreadsheets.
The Internet was originally designed as a way for scientists
and researchers to share information and computing power
among themselves. However, as soon as electronic mail was
invented, it began driving demand for the Internet. This
wasn’t what the developers had in mind, but it turned out that
people connecting to people was the killer app for the Internet.
We are seeing this again today with social networks,
specifically Facebook. Many who weren’t convinced to have
an online presence now feel left out without a Facebook
account. The connections made between people using Web
2.0 applications like Facebook on their personal computer or
smartphone is driving growth yet again.
The Internet and the World Wide Web
Many times, the terms “Internet” and “World Wide Web,” or
even just “the web,” are used interchangeably. But really, they
are not the same thing at all! The Internet is an interconnected
network of networks. Many services run across the Internet:
electronic mail, voice and video, file transfers, and, yes, the
World Wide Web.
Microsoft’s SharePoint Powers the Intranet
As organizations begin to see the power of collaboration
between their employees, they often look for solutions that
will allow them to leverage their intranet to enable more
collaboration. Since most companies use Microsoft products
for much of their computing, it is only natural that they have
looked to Microsoft to provide a solution. This solution is
Microsoft’s SharePoint.
SharePoint provides a communication and collaboration
platform that integrates seamlessly with Microsoft’s Office
suite of applications. Using SharePoint, employees can share a
document and edit it together – no more e-mailing that Word
document to everyone for review. Projects and documents can
be managed collaboratively across the organization. Corporate
documents are indexed and made available for search. No
more asking around for that procedures document – now you
just search for it in SharePoint. For organizations looking to
add a social networking component to their intranet, Microsoft
offers Yammer, which can be used by itself or integrated into
SharePoint.

The networking revolution has completely changed how the

computer is used. Today, no one would imagine using a
computer that was not connected to one or more networks.
The development of the Internet and World Wide Web,
combined with wireless access, has made information
available at our fingertips. The Web 2.0 revolution has made
us all authors of web content. As networking technology has
matured, the use of Internet technologies has become a
standard for every type of organization. The use of intranets
and extranets has allowed organizations to deploy
functionality to employees and business
3.9 Data centers
Data center is the place where servers, telecommunication
system, and data storage devices of an organization are
located. The place of data center should be prepared carefully.
Many systems should be prepared such as cooling system,
power supply system, alarm system, and fire suppression
system.

Design a data center

The field of data center design has been growing for decades
in various directions, including new construction big and
small along with the creative re-use of existing facilities.

The number of data centers as of 2016 had grown beyond 3

million USA-wide, and more than triple that number
worldwide

Local building codes may govern the minimum ceiling heights

and other parameters. Some of the considerations in the design
of data centers are: space, power, cooling, and costs in the
data center.

3.9.1 Design criteria and trade-offs

 Availability expectations: Cost of avoiding downtime

should not exceed the cost of downtime itself.
  Site selection: Location factors include proximity to
power grids, telecommunications infrastructure,
networking services, transportation lines and
emergency services. Others are flight paths,
neighboring uses, geological risks and climate
(associated with cooling costs).

High availability
Various metrics exist for measuring the data-availability that
results from data-center availability beyond 95% uptime, with
the top of the scale counting how many "nines" can be placed
after "99%".

Modularity and flexibility

Modularity and flexibility are key elements in allowing for a

data center to grow and change over time. Data center
modules are pre-engineered, standardized building blocks that
can be easily configured and moved as needed.

A modular data center may consist of data center equipment

contained within shipping containers or similar portable
containers. Components of the data center can be
prefabricated and standardized which facilitates moving if
needed.

Environmental control
Temperature and humidity are controlled via:

 Air conditioning
 Indirect cooling, such as using outside air, Indirect
Evaporative Cooling (IDEC) units, and also using sea
water.

Electrical power

A bank of batteries in a large data center, used to provide

power until diesel generators can start

Backup power consists of one or more uninterruptible power

supplies, battery banks, and/or diesel / gas turbine generators.

To prevent single points of failure, all elements of the

electrical systems, including backup systems, are typically
fully duplicated, and critical servers are connected to both the
"A-side" and "B-side" power feeds. This arrangement is often
made to achieve N+1 redundancy in the systems.

Low-voltage cable routing

 Data cabling can be routed through overhead cable

trays.
 Raised floor cabling, for security reasons and to avoid
the addition of cooling systems above the racks.
 Smaller/less expensive data centers without raised
flooring may use anti-static tiles for a flooring surface.
Air flow
Air flow management addresses the need to improve data
center computer cooling efficiency by preventing the
recirculation of hot air exhausted from IT equipment and
reducing bypass airflow. There are several methods of
separating hot and cold airstreams, such as hot/cold aisle
containment and in-row cooling units.

Aisle containment

Cold aisle containment is done by exposing the rear of

equipment racks, while the fronts of the servers are enclosed
with doors and covers.

Typical cold aisle configuration with server rack fronts facing

each other and cold air distributed through the raised floor.

Computer cabinets are often organized for containment of

hot/cold aisles. Ducting prevents cool and exhaust air from
mixing. Rows of cabinets are paired to face each other so that
cool air can reach equipment air intakes and warm air can be
returned to the chillers without mixing.
Alternatively, a range of under floor panels can create
efficient cold air pathways directed to the raised floor vented
tiles. Either the cold aisle or the hot aisle can be contained.

Fire protection

Data centers feature fire protection systems, including passive

and Active Design elements, as well as implementation of fire
prevention programs in operations. Smoke detectors are
usually installed to provide early warning of a fire at its
incipient stage.

Security

Physical access is usually restricted. Layered security often

starts with fencing, bollards and mantraps. Video camera
surveillance and permanent security guards are almost always
present if the data center is large or contains sensitive
information. Finger print recognition mantraps is starting to be
common place.

Logging access is required by some data protection

regulations; some organizations tightly link this to access
control systems. Multiple log entries can occur at the main
entrance, entrances to internal rooms, and at equipment
cabinets. Access control at cabinets can be integrated with
intelligent power distribution units, so that locks are
networked through the same appliance.
3.10 Cloud computing
Cloud computing is delivery of computing services on-
demand. There are many organizations that provider paid
computing services such as servers, storage, databases,
software, and hardware. You pay according to what you
actually use. In other words, the costing strategy of cloud
computing services is “pay as you go”. The idea behind cloud
computing is that instead of buying a complete server that you
will not fully utilize you can rent a part of a server that you are
actually need. Moreover, the user does not need to have
expertise in every issue related to IT such as network,
security, and underlying infrastructure.

There are three main types of cloud computing according to

the provided services.

3.10.1 Infrastructure as a service (IaaS)

In this type the cloud provides virtual machines and storage
areas. The user can control his machine and install the desired
operating system. The user can also deploy his own
applications. This type is suitable in a situation where an
organization needs hardware or a server and it has human
capability to manage the hardware remotely.
3.10.2 Platform as a service (PaaS)

It is a kind of cloud computing services in which the cloud

provides storage, servers, middleware, operating systems, and
developing environment such as .Net and Java virtual
machine. The user of this type can develop and applications
on cloud. It is good for application developers because it
facilitate the developing process without loading of
configuring underlying infrastructure. However, sometimes it
is costly.

3.10.3 Software as a service (SaaS)

This type provides specific software programs to the users as a

service. The user can use or control the software. For
example, yahoo mail service is a kind of software as a service
provides by yahoo. You can use this mail service through the
yahoo mail software. Nowadays many software services are
available online.

The user does not control or configure the underlying

infrastructure such as servers, storage, and operating system.
However, the user may be able to control a limited set of
configuration settings of an application. The big advantage of
this type of services is that the user does not need buy costly
software or install the software in his PC. Simply the user can
access the application from anywhere and pay according to his
usage or pay according to predefined subscription fee.
Examples of applications that offered as SaaS are online word,
google doc, and games.
Part II: Information
System Developments
 Chapter 4

Analysis of Information
System
System development has four main phases: System analysis,
system design, system development, and maintenance. This
chapter focuses on explaining the first phase of system
development. The main objective of system analysis is to
understand the system details and what actually the system
should provide.

4.1 System development life cycle

System development is the process of creating software or an
information system. Like other production processes, there is
a scientific methodology you should follow to create an
information system or updating existing one. The aim of this
methodology is to produce a high quality information system.

Analysis

Evolution Design

Implementation

Figure 4.1 System development life

cyclefor creating a software such as
There are different approaches
waterfall and Agile method. However, there are four common
phases in the cycle of developing an information system.
Figure 4.1 show the phases of information system
development life cycle. In waterfall model, each phase is
occurred separately one after another. After completely finish
the first phase, the second phase is started and so on. Each
phase should be finished completely because it will not re-
occur again. The advantage of waterfall model is good system
design and full system documentation. However, it takes long
time to develop the system. Waterfall model is suitable for
large scale systems or systems that develop in different sites.

On the other hand, the agile method adopts incremental

development idea. The system is divided into small
functionalities and each set of functionalities are developed in
a development round. There is a sequence of development
rounds until the system is developed. The main advantage of
agile method is rapid development of the first version of the
system. The first system usually contains a small set of high
priority functions of a system. Other functions are developed
in the coming versions.

The first phase is system analysis in which the current

situation is explored and the requirements of the desired
systems are defined. The design phase concerns with how to
convert the requirements to a system. It includes defining the
components of the system and how these components interact
with each other. The third phase is implementation of the
design in which the design is implemented in a programming
language and converted to an application. The last phase is
testing and maintaining the created application. In this phase
the system is running and testing against user requirements.
4.2 System analysis
The purpose of system analysis is to discover the system
environment and define the requirements of the system.
System analysis is considered a critical phase in development
life cycle because it defines the requirements and
functionalities that the system should provide. The errors in
system analysis lead to refusing the developed system from
the end user. These kinds of errors are very costly to recover
because all implemented phases after system analysis should
be modified. System analyst should collect all requirements of
the system. The final requirements should be complete and
valid. This means the system analyst collect all requirements
of the system. If requirements appeared later after analysis
phase, it will be costly to adapt the developed system. Valid

Data gathering

Requirements definition

Requirements prioritizing

Prototyping

Validation

Documentation

Figure 4.2 Activities of system analysis

requirements mean there is no contradiction between
requirements.

The main activity is interviewing with different stakeholders.

Stakeholders are the people who will use or benefit from the
system directly or indirectly. Moreover, organizations
involved in purchasing or regulating aspects (financial, safety,
or other aspects) of the system are also included in the
stakeholders and should be considered. The purpose of
interviewing is to understand the requirements of the new
system. In other words, the following questions should be
answered in this phase: what the new system should provide to
the users and how to integrate the new system with other
existing systems.

Figure 4.2 shows the main activities in system analysis

process. In data gathering activity, the system analyst collects
data from stakeholders and environment. Different methods
can be applied to collect data. After data collection, the
required functions of the new system are defined. Moreover,
putting the requirements in a priority queue is important for
design and partitioning the requirements in stages. So,
important requirements implemented first. The purpose of
making a prototype is to communicate with the users and
ensure that the collect requirements are what the users really
need. The final activity is writing specification of the new
system in a standard document. The following sections
explain the activities of system analysis process in details.
4.3 Information gathering
The project team should gather information to understand
what the users need from the new system. The new system
should be design and implemented according to the collected
requirements. There are various techniques for information
gathering such as interview, questionnaires, and observation.

Interview is a common technique for gathering information.

The analyst interviews stakeholders to get information and
understand their needs and expectations from the new system.
There are two kinds of interviews: structured and unstructured
interview. In structured interview a predefined set of questions
is prepared carefully and only these questions are discussed.
However, the unstructured interview is similar to open
discussion where more questions can be raised up during the
interview.

The interview is the most technique for gathering qualitative

information. It is suitable when stakeholders have no time for
questionnaire or don't communicate effectively in reading and
writing. Moreover, this technique helps the analyst to solve
the unclear concepts immediately. Key problems can be
discovered fastly during interviews.

Questionnaire technique is used to collect answers of specific

questions from stakeholders. It suitable for collecting answers
from large number of people. This method is reliable and
more confident to get honest responses from users. Moreover,
it is suitable for gathering information from users who located
in far places. Answers for questionnaire can be statistically
analyzed.

Observation is an information gathering method that depends

on visiting the organization and noticing people, procedures,
objects, and environment. This technique produces accurate
and reliable data especially in situations that have unclear
explanation from the users.

Information gathering is an important activity in system

analysis. Sometimes the user does not have a clear
imagination about the new system. Some users don't know
what they really need from the new system. The user may
express his intension to automate the process. However, he
can't mention details of requirements. Consequently, analyst
should have experience to elicit the requirements from the
user and environment.

A recording method is required in data gathering. Audio,

video, and/or notes recording may be combined or used
individually.

System analyst may use different sources to gather

information. These sources may include existing systems,
regulation laws, previously gathered information and articles
explain work environment.

Moreover, system analyst may use one or more information

gathering techniques to collect system requirements.
4.4 Requirements definition
Requirements definition means state the functional and non-
functional requirements of the desired system. After
information gathering analyst has to define what the system
should provide to the users. Moreover, the analyst should
define constrains that the new system should fulfill. This
activity lists all the requirements of the system.

Functional requirements

The requirements that represent services that the system

should provide are called functional requirements. Examples
of functional requirements are:

- The system should enable search by payment id

- The system can list all payments for specific customer
- The user can print report about his payment history

Functional requirements can be classified into three

categories:

Non-functional requirements

This type of requirements is not a service provided by the

system. However, non-functional requirements is the set of
constrains for the new system. Examples of non-functional
requirements are:

- The system should generate the report of students’

grads in 3 seconds.
 - Response time should not exceed 500 milliseconds.
- The new system should be developed using Java

- The system should provide a search for specific

student
- System shows a report about registered course by
specific student
- A student status sheet should be provided and can be
printed
- ....
programming language

There are two different levels of requirements: user

requirements and system requirements.

User requirements are abstract and have no technical details.

This type is useful in communication with users and can be

- ....
- The student can use the system to print a report
about his registered courses. The report appears in
tabular form that contains 6 columns (course code,
course name, credits of the course, course professor,
time of lecture, time for laboratory)
- ....
- ....
used in managerial level. However, system requirements have
more technical details and directed to developers. It is very
helpful to make the developed application provides what users
need.
4.5 Requirements prioritization
Normally, big information systems have hundred or thousand
of requirements. It is difficult to implement all the
requirements due to limited budget, resources, or technology.
Consequently, prioritizing requirements is an important
activity in which the requirements sorted according to its
importance. Moreover, ordering the requirements helps to
divide implementation into iterations.

Furthermore, during prioritizing phase the task dependencies

are determined. Determining dependencies is important to
plane the implementation correctly.

Self-study

 Who is responsible to prioritization

 How to do prioritization
 Prototyping (develop a user interface dialog)
 Requirements Validation
 How to Write a Software Requirements Specification
 Chapter 5

Information System Design

This chapter describes an important phase in developing an
information system. The design phase is an intermediate phase
between analysis and implementation. Design is a process to
transform user requirements into some suitable form, which
helps the programmer in software coding and implementation.

5.1 The Design process

This design process aims to facilitate converting user

requirements into an application. The design phase is
concerned with planning the architecture of the system. The
design process activities are the followings:

1. Architectural design. The sub-systems of system and

their relationships are identified based on the main
functional requirements of software.

2. Abstract specification. For each sub-system, an

abstract specification of its services and the constraints
under which it must operate is defined.

3. Interface design. Interfaces allow the sub-system’

services to be used by other sub-systems. The
representation of interface should be hidden. In this
activity the interface is designed and documented for
each sub-system. The specification of interface must be
unambiguous.
 4. Component design. Services are allocated to
components and the interfaces of these components are
designed.

5. Data structure design. The data structures used in the

system implementation are designed in detail and
specified.

6. Algorithm design. In this activity the algorithms used

to provide services are designed in detail and specified.

This general model of the design process may be adapted in

different ways in the practical uses.

A contrasting approach can be used by structured methods for

design objectives. A structured method includes a design
process model, notations to represent the design, report
formats, rules and design guidelines. Most these methods
represent the system by graphical models and many cases can
automatically generate program code from these models.

Architecture design

Architecture design is abstract design in which the main

components of the system and relations between these
components are determined. Normally, the designer uses
sketch to draw architecture design. The input is a set of
requirements. In order to make the design, requirements are
grouped into coherent sets. Each group of requirements can be
implemented and provided by a subsystem. At this level, the
designers get the idea of proposed solution domain.

High-level Design

The high-level design breaks the ‘single entity-multiple

component’ concept of architectural design into less-
abstracted view of sub-systems and modules and depicts their
interaction with each other. High-level design focuses on how
the system along with all of its components can be
implemented in forms of modules. It recognizes modular
structure of each sub-system and their relation and interaction
among each other.

Detailed Design

Detailed design deals with the implementation part of what is

seen as a system and its sub-systems in the previous two
designs. It is more detailed towards modules and their
implementations. It defines logical structure of each module
and their interfaces to communicate with other modules.
5.2 Modularization

Modularization is a technique to divide a software system into

multiple discrete and independent modules, which are
expected to be capable of carrying out task(s) independently.
These modules may work as basic constructs for the entire
software. Designers tend to design modules such that they can
be executed and/or compiled separately and independently.

Modular design unintentionally follows the rules of ‘divide

and conquer’ problem-solving strategy this is because there
are many other benefits attached with the modular design of a
software.

Advantage of modularization:

 Smaller components are easier to maintain

 Program can be divided based on functional aspects
 Desired level of abstraction can be brought in the
program
 Components with high cohesion can be re-used again
 Concurrent execution can be made possible
 Desired from security aspect
5.3 Design principles

 The design process should not suffer from "tunnel

vision."
A good designer should consider alternative
approaches, judging each based on the requirements of
the problem, the resources available to do the job.
 The design should be traceable to the analysis
model.
Because a single element of the design model can often
be traced back to multiple requirements, it is necessary
to have a means for tracking how requirements have
been satisfied by the design model.
 The design should not reinvent the wheel.
Systems are constructed using a set of design patterns,
many of which have likely been encountered before.
These patterns should always be chosen as an
alternative to reinvention. Time is short and resources
are limited; design time should be invested in
representing (truly new) ideas by integrating patterns
that already exist (when applicable).
 The design should minimize the intellectual distance
between the software and the problem as it exists in
the real world.
The structure of the software design should, whenever
possible, mimic the structure of the problem domain.
 The design should exhibit uniformity and
integration.
A design is uniform if it appears fully coherent. In order
to achieve this outcome, rules of style and format
should be defined for a design team before design work
begins. A design is integrated if care is taken in
defining interfaces between design components.
 The design should be structured to accommodate
change.
The design concepts discussed in the next section
enable a design to achieve this principle.
 The design should be structured to degrade gently,
even when aberrant data, events, or operating
conditions are encountered.
Well-designed software should never "bomb"; it should
be designed to accommodate unusual circumstances,
and if it must terminate processing, it should do so in a
graceful manner.
 Design is not coding, coding is not design.
Even when detailed procedural designs are created for
program components, the level of abstraction of the
design model is higher than the source code. The only
design decisions made at the coding level should
address the small implementation details that enable the
procedural design to be coded.
 The design should be assessed for quality as it is
being created, not after the fact.
A variety of design concepts and design measures are
available to assist the designer in assessing quality
throughout the development process.
 The design should be reviewed to minimize
conceptual (semantic) errors.
There is sometimes a tendency to focus on minutiae
when the design is reviewed, missing the forest for the
trees. A design team should ensure that major
conceptual elements of the design (omissions,
ambiguity, inconsistency) have been addressed before
worrying about the syntax of the design model.
5.4 Information system design concepts

The design concepts provide the software designer with a

foundation from which more sophisticated methods can be
applied. A set of fundamental design concepts has evolved.
They are as follows:

1. Abstraction
Abstraction is the process or result of generalization by
reducing the information content of a concept or an
observable phenomenon, typically in order to retain
only information which is relevant for a particular
purpose. It is an act of Representing essential features
without including the background details or
explanations.

2. Refinement
It is the process of elaboration. A hierarchy is
developed by decomposing a macroscopic statement of
function in a step-wise fashion until programming
language statements are reached. In each step, one or
several instructions of a given program are decomposed
into more detailed instructions. Abstraction and
Refinement are complementary concepts.

3. Modularity
 Software architecture is divided into components called
modules.

4. Software Architecture
It refers to the overall structure of the software and the
ways in which that structure provides conceptual
integrity for a system. Good software architecture will
yield a good return on investment with respect to the
desired outcome of the project, e.g. in terms of
performance, quality, schedule and cost.

5. Structural Partitioning
The program structure can be divided into both
horizontally and vertically. Horizontal partitions define
separate branches of modular hierarchy for each major
program function. Vertical partitioning suggests that
control and work should be distributed top down in the
program structure.

6. Data Structure
It is a representation of the logical relationship among
individual elements of data.

7. Software Procedure
It focuses on the processing of each module
individually.
8. Information Hiding
Modules should be specified and designed so that
information contained within a module is inaccessible
to other modules that have no need for such
information.
5.5 Information system design considerations

There are many aspects to consider in the design of a piece of

software. The importance of each consideration should reflect
the goals and expectations that the software is being created to
meet. Some of these aspects are:

 Compatibility
The software is able to operate with other products that are
designed for interoperability with another product. For
example, a piece of software may be backward-compatible
with an older version of itself.

 Extensibility
New capabilities can be added to the software without
major changes to the underlying architecture.

 Modularity
The resulting software comprises well defined,
independent components which leads to better
maintainability. The components could be then
implemented and tested in isolation before being
integrated to form a desired software system. This allows
division of work in a software development project.
 Fault-tolerance
The software is resistant to and able to recover from
component failure.

 Maintainability
A measure of how easily bug fixes or functional
modifications can be accomplished. High maintainability
can be the product of modularity and extensibility.

 Reliability (Software durability)

The software is able to perform a required function under
stated conditions for a specified period of time.

 Reusability
The ability to use some or all of the aspects of the pre-
existing software in other projects with little to no
modification.

 Robustness
The software is able to operate under stress or tolerate
unpredictable or invalid input. For example, it can be
designed with resilience to low memory conditions.

 Security
The software is able to withstand and resist hostile acts and
influences.
 Usability
The software user interface must be usable for its target
user/audience. Default values for the parameters must be
chosen so that they are a good choice for the majority of
the users.

 Performance
The software performs its tasks within a time-frame that is
acceptable for the user, and does not require too much
memory.

 Portability
The software should be usable across a number of different
conditions and environments.

 Scalability
The software adapts well to increasing data or added
features or number of users.
5.6 Architecture and design patterns

Since design decisions about the architecture define the very

foundation of an IS, the design decisions cannot be easily
undone or altered after they were made. If not taken seriously
enough, improper IS architecture designs can result in the
development of systems that are incapable of adequately
meeting user requirements.
Choosing the right software design pattern is critical during
software development. This is because one the pattern is in
place it is very hard, and expensive, to change. As a result,
developers should take some time upfront to think about what
the right architecture pattern for their particular software
product is.
An appropriate architecture pattern can improve the quality of
a software product as it is based on a highly tested and reused
structure that is suitable for addressing various problems. This
blueprint of a software system is extremely helpful as current
software products are increasing in size and complexity every
day.
There are a variety of architecture patterns available to use
during software development. Each consists of a set of rules,
constraints, and characteristics that are unique to the specific
problem that they are trying to solve.
5.6.1 Layered software design pattern

The layered software architecture pattern is one of the most

widely known patterns. It uses layers to separate the code and
create a unidirectional relationship between them. This pattern
is best suited for general desktop applications, and e-
commerce web applications.
The core concept of this architecture pattern is splitting the
code into different layers. Each layer then has a certain
responsibility and provides service to a higher layer. There is
no predefined number of layers, but the following are ones
that developers see the most often:
 Presentation layer [User Interface (UI) layer] —
contains the graphical design of the application, as well
as any code to handle user interaction. Only logic
specific to the UI should be found within this layer.
 Application layer (service layer) —provides
abstraction, a way of hiding the working areas of the
subsystem, so that the presentation layer does not know
everything about the business layer.
 Business logic layer (domain layer) — where the
models and logic that are specific to the business
problem your startup is trying to solve are located.
 Data access layer (persistence layer) —contains the
code to access and manipulate the database behind the
 software product, as well as the underlying database
technology

Advantages
 Layers make standardization easier as developers can
clearly define different layers
 Each layer can focus solely on its role. This makes it
maintainable, testable, easy to assign separate roles, and
easy to update layers separately
 Changes can be made within a layer without affecting
other layers
 Most developers are familiar with this architecture
pattern
 Provides an easy way of writing a well-organized and
testable application
 Once the tasks and layers have been defined, the layers
can be easily separated and assigned to different
programmers

Disadvantages
 Not universally applicable to all software solutions
 Certain layers may have to be skipped in certain
situations, creating unnecessary code and increasing the
complexity of layer interaction
 Tends to lead to a monolithic application that is hard to
split up afterward
  Developers often find themselves writing a lot of code
to pass through the different layers without adding any
value to the layers. As a result the layering pattern can
be overkill for some software applications
 Can be costly to design and built all the layers

5.6.2 Client-server software design pattern

The client-server pattern is for software products that involve

multiple users connecting to a single or multiple servers in a
distributed system. This pattern is best suited for file-sharing
products and online gaming platforms.
This architecture pattern helps to design distributed systems
that involve a client system, a server system, and a connecting
network. It is also an appropriate architecture pattern in a
situation where there are several distributed clients that wish
to access the same set of resources and services. Instead of
having each client implementing the same logic repeatedly,
clients interact by sending requests for common services to
one central server or multiple distributed servers.

Advantages
 Good for startups who want to model a set of services
where clients can request them
 Having a set of shared resources and services makes it
easier to manage, modify, and reuse software modules
 within a system as they are stored in one common
location

Disadvantages
 Increased overhead since many clients have different
ways they want to view the shared resources and
services
 Shared server is often a performance bottleneck as it
can be serving several clients at the same time, likewise
it can be a single point of failure
 Making the decision as to locate the system’s
functionality in the client or server component can be
costly and hard to change if the system has already been
built
 Chapter 6

Implementation and Testing

of Information Systems
This chapter discusses converting system design into a real
application. After having a complete design for an information
system, the developing team starts implementation. This
chapter explains the ways to create a real application for
information system.

6.1 Types of applications

There are different types of applications such as desktop
application, web application, and mobile application. Each
type has its own characteristics. Normally, different
programming languages are used to implement different
application types. The following subsections explain each type
in details.

6.1.1 Desktop application

A desktop application is a computer application that can be

installed on a single computer. Sometimes desktop application
can be used on a local network. The desktop application is
developed to automate specific task for users. The word
processor or calculator application on your computer is an
example for typical desktop applications. Many programming
languages can be used to develop desktop applications such as
C, C++, Basic, and Java.
6.1.2 Web application

Server

The Internet

Client

Client Client

Figure 6.1 Client-server over internet

Web applications are computer programs that developed to be
used through the Internet. Web applications are designed to
run in client-server architecture, figure 6.1. The program is
installed on the server side. The users use the application in
client side through web browser. Web mail is an example of
web application. You open your browser and open you inbox
to read mails. The application itself is not installed on your
computer. You use it through web browser. Different
programming language can be used to develop web based
application such HTML, Java Script, and PHP.
6.1.3 Mobile application

After the widely use of smart phones, mobile application has

gained focus. Mobile applications are programs that
developed to be installed on mobile device such as smart
phone or tablet. These devices have special characteristics
such as limited computing power and limited power supply.
So mobile applications should be developed in a way to fit
running on these devices. Mobile games and all applications
on your mobile are example for mobile applications. Different
operating systems are used in mobile devices such as Android
and IOS. Different programming language is used for each
operating system. Moreover, developing tools can be used to
develop mobile applications.
6.2 Programming
Programming means writing a computer program that can be
run and executed in an electronic device. Program is a set of
instructions written in a programming language.

Programming language:

A programming language is a way to communicate with

computers. Using programming language you can write
instructions that computers understand and execute.

Actually computers can understand only machine language

which is a binary code can be loaded in memory and executed
by processor. Figure 6.2 shows an example of a program
written in machine code or binary code. Earlier, programmer
has to write machine code. This was very complex and tedious

10100101 00101101

11110101 10001010

01111010 10011101

11000111 00010011

…
Figure 6.2 binary code
job.

A new programming languages have been emerged. The new

programming language is called high level language or
English-like language. Programmers can write a program
easily using high level language. The programs that written in
these new programming language should be translated into
machine language to be understandable by computers. A
compiler is doing this task.

Compiler is a computer program that translates from high

level language into low level language or machine code.
Figure 6.3 shows the compilation process. For each
programming language there is a compiler. Moreover,
compiler generate machine code according to the type of
machine and operating system that will run the generated
program. Furthermore, compilers help programmer to write
error free code. When the programmer writes a program the
compiler check the syntax of written program. If there is any
error according to the language grammar, the compiler stops
translation process and ask the programmer to repair the code.

Program
in high Machine
level Compiler code
language

Figure 6.3 compiler translation

6.3 Integrated Development Environment (IDE)

IDE is a development environment that integrate many tools

to help programmers to develop easily. Normally, IDE
integrates compiler, linker, debugger, and editor. Editor is a
program that used by programmer to write the program.
Additional facilities may be added to the editor like auto-
complete and auto-correct. The debugger is a program that
enable programmer to trace the code and execute it step by
step. Programmers use debugger in case of errors to fix the
errors. Linker combined the translated code generated from
compiler and other libraries used in the code. The output of
the linker is executable file that can be run directly.

An example for IDE is eclipse. It enables multiple tools to

facilitate development process. It is a famous Java IDE.

Figure 6.4 IDE example

6.4 Object oriented programming (OOP)

The idea of this programming paradigm is to divide the

problem domain into objects. These objects are related to each
others in different ways. The object can contain data and code.
The data is contained as field of the objects and the code is
contained as functions or procedure.

 class is a definition of a specific type of objects. You

may find a class called student or university. The class
contains set of fields (property or attributes of the class)
and a set of functions that can be applied on those
fields.
 object is an instance of a class represent a real entity in
the environment. You may find an object such as
Mohamed or Hassan which is an instance of class
student. You may also find objects such as
Assiut_university and cairo_university which belong to
university class.

Student
name
address
GPA
phone
courses
enroll(course)
calculate_GPA()
get_data()

As shown in the above figure the class student contains a set

of fields or attributes (name, address, GPA, phone, courses).
The class student contains also a set of functions (enroll,
calculate_GPA, and get_data)

Std1 Std2
Mohamed Ali Hassan Omer
12 Tahrir st 43 Horria st, Assiut
3.4 3.7
02-36985858 088-7412583
[math accounting OS] [math accounting IS]

The above figure shows example of two objects (Std1, Std2)

belong to Student class. You may notice that the object
contains values for each attribute in the class.

Object oriented programming is a good choice because it has

many advantages. The code will be more organized. Each set
of related functionalities are grouped into an object. This
facilitate changing or updating code because the change will
be in a specific object not in all program. Other objects will
not be affected when a specific object is changed. Moreover,
using of classes help for reusing. If you design a generic class,
you can use it multiple times in different subprograms.
Figure 6.5 shows an example of class hierarchy in university
management software. The represented relation is inheritance.

Person

 name
 phone
 address

Student Employee

 level  department
 GPA  salary


Graduate_Student

 thesis_title
 supervisor

Figure 6.5 class hierarchy sample

This means class Employee inherits from class Person. The

Person class is called super class and the Employee is called
subclass. The inheritance relation means the subclass inherits
all fields and functions from super class. According to the
figure 6.5 the Employee class has two fields(department and
salary). In addition to these attributes it has three others
(name, address, phone). The Employee class gets these
additional attributes by inheritance.
Similarly, the Graduate_Student class has seven attributes.
Two attributes (thesis title and supervisor) is defined in the
class and additional five attributes (name, phone, address,
level, GPA) it inherits from super class.

The first step in object oriented programming is to determined

the class in the system domain. Classes should be determined
carefully. Attributes and functions of each class should be
determined also. Moreover, the relations between those
classed should be stated as a second step. Once a class design
is ready writing code can be started. Object oriented
programming facilitates dividing task between team members.
Each member can have a set of classes to work on. Integrating
the work is easy because the relations between the
implemented classed are predefined in the class design.

Many of widely used programming languages such as C++,

Java, and Python support object oriented programming
paradigm.

6.5 Agile developments

Agile development approach depends on developing a small

version of the software firstly. More requirements are
developed in the next version. Many versions are developed.
Each version adds more implemented requirements. Agile
development approach aims to speed up the development
process. Principles of agile approach include:
 Early and Continuous Delivery of Valuable Software
 Embrace Change
 Users involvement
 Simplicity is essential
 Face-to-face conversation
 Continues attention to good design and technical
excellence
6.6 Testing
Testing is an important phase in system development. Testing
means to ensure that the developed software is working
properly. Different approaches for testing already exist. The
test should be done in a structured way according to a
predefined test plan. Test plan should contain test cases and
expected results. In the test plan, not only normal behavior
should be tested. However, the test should investigate all parts
of the system and check all possible input and all possible
output to ensure that system work properly. Good testing
results does not mean the system is error free.

6.6.1 Unit test

This is a kind of test applied to a single unit of the system.

This unit may be a required function such as calculating
student GPA. The tester should design test cases to find both
programming errors and logical errors. Programming error is
bugs in the developed unit that causes exception and may the
system terminate execution unexpectedly. On the other hand,
in case of logical error the system work well but return
unexpected results. For example, the system calculate the
student GPA and show it to the user. However, the calculated
GPA is not correct.
Let us consider the function of calculating GPA. The
requirements state that points of each course is calculated
according to the following table.

Points Student score

4 >= 95
3.7 90 ~ 95
3.5 85 ~ 90
3.2 80 ~ 85
3 75 ~ 80
2.7 70 ~ 75
3.5 65 ~ 70
2.3 60 ~ 65
2 50 ~ 60
0 < 50

After developing the unit of the system that calculates the

course points, a test should be occur. The input for this unit is
student score and the output is points of the course. The tester
should prepare a list of inputs and the expected output for
each input. A good test should test all score levels. Moreover,
the margins of score ranges should be tested. For example, a
list of inputs may includes [37, 50, 53, 60, 62, 65, 68, 70, …].
This list selects three numbers in each range: a number in the
middle of the range and the two margins of the range.

In case of any error or unexpected behavior the tested unit

should be returned to the developers to fix the problem. After
correcting the errors the unit is tested again.
6.6.2 Integration test

The tested units are integrated together to make the hall

system. The constructed system should be test again. Some
errors come from integration of different parts. This test is
important to ensure that all parts of the system are working
coherently.

6.6.3 Acceptance test

This type of test is done by the end users of the system.

Normally, this test occurs in the organization in which the
system will be applied not in the developing company. The
aim of this test is to check if the system is meeting the users'
requirements or not. The developed system should work
according to users' needs and requirements.

HTML (Hyper Text Markup Language) is used to write code

for web page. It is easy to learn and easy to use. As a self
study topic, download an HTML tutorial and follow the
steps to learn it. You should be able to create personal
website that contains multi-linked pages using hyper links.
You should add photos, sound to you web page.
Chapter 7

Databases
Database is a collection of data in an organized store. This
data is related and can be retrieved easily. Database is
considered a main component in information systems. Most of
information systems contain a database. It is the part of
information system that keeps the data in a way that enables
other parts to use the data and get valuable information.

Data collector Data analyzer

DB

Decision support Service provider

Figure 7.1 Database in the center of an information

system

7.1 Relational database

One of the most popular database types is relational database.

Relational database consists of a set of related tables. The
access to data depends on relations between different data
stored in different tables.
The data is stored in tables. Each table is constructed from a
set of rows. Each row in the tables is a set of related fields.
Consider the following example.

Name address level program GPA

Ahmed Ali Assiut 2 BIS 3.4
Mona Sohag 1 BIS 2.9
Omer
Table 1: example of database table

This table contains 2 rows (records). Each row represents data

of a student. Each row contains five related fields.

Field is a single piece of data such as name of a person or

address. For example, in table 1 "Ahmed Ali" is a field
represent name of a student.

Record is a set of related fields belong to one entity. All fields

of a specific student are considered a record. For example, the
first row in table 1 is considered a record.

Relational database is constructed from a set of related tables.

For example, consider the database for students of commerce
collage. It may contain the following tables:

 Students table: contains students’ personal data.

 Programs table: contains information about different
academic programs in the collage.
 Courses table: contains data about courses of commerce
collage.
  Scores table: contains data about scores of students in
different courses

Students course Courses

register
 Name  Course  Name
 Address  Student  Code
 Phone  Semester  Dept.
 GPA  Date  Credits
 Program

Programs
 Name
 Total
credits
 Head name

Figure 7.2 Database design

These tables should be related so we can retrieve data easily.

We can find which courses are studied by a specific student or
which students are enrolled in BIS program.

Each table n relational database should have a primary key.

Primary key (PK) is a field in the table that distinguish
records of the table. The primary key field is unique. This
means the value of this field can't be repeated for different
records. For example the field phone in the students table can
be selected as a primary key. The phone number is not
repeated for different students. Moreover, the primary key
can't be null (no value).

Three different types of relations between tables:

7.1.1 One-to-one relation

Two tables are related with one-to-one relation if each record
in the first table related to only one record from the second
table. Also each record in the second table related to only one
record in the first table. Consider the following example.
There are two tables: employee table which hold employee
personal information and salary table which have the salary
information of each employee.

Employee_ID Name Phone Birth_date

21 Ali Hassan 025874369 17/5/1987
26 Lotfy Fares 024587364 2/7/2001
37 Kamal Omer 021973540 8/7/1993
22 Basem Omer 088326589 26/12/1996
39 Rady Gamal 027391719 15/8/1978
Table 2

Employee_ID Salary
21 4560
26 3500
37 4100
22 3900
39 5475
Table 3

These two tables are related by one-to-one relation. Each

record in employee table is related to only one record in the
salary table. Note that one-to-one relation is implemented by
using same primary key of the first table in the second table.

7.1.2 One-to-many relation

Two tables A and B are related by one-to-many relations if

each record in A table is related by one or more record from
B. in the same time each record in B can related to only one
record in A. Consider the relation between employee table and
departments table which store information about different
departments in the organization. In reality each employee
belongs to a single department. However, in each department
many employees work. Consequently, the relation is one-to-
many.

Employee_ID Name Phone Birth_date Dept_ID

21 Ali Hassan 025874369 17/5/1987 3
26 Lotfy Fares 024587364 2/7/2001 8
37 Kamal Omer 021973540 8/7/1993 3
22 Basem Omer 088326589 26/12/1996 3
39 Rady Gamal 027391719 15/8/1978 4
Table 4

Dept_ID Dept_name phone

3 Production 4265
8 Quality testing 4736
4 Accounting 4487
Table 5

As shown in table 4 and table 5 each employee related to one

department and each department have many employee work
in. Note that to represent one-to-many relation in relational
database the primary key of the department table is inserted as
extra field (Foreign Key FK) in the employee table.

7.1.3 Many-to-many

Two tables are related with many-to-many relation if each

record in the first table can relate to many records in the
second table. In the same time each record in the second table
can relate to many records in the first table. For example
consider students table and courses table in school database.
Each student can study many courses and each course can be
studied by many students.

Student_ID Name Phone

25 Mohamed Ehab 01004579915
32 Osama Alfy 01115486569
Table 6

Student_ID Course_code Enroll_date

25 CS101 24/3/2021
25 CS204 24/3/2021
32 CS101 23/3/2021
32 CS204 23/3/2021
32 IT201 25/3/2021
Table 7

Course_code Course_name Credits

CS101 Introduction to 2
computers
CS204 Data structure 3
IT201 Networks 3
Table 8
In order to represent many-to-many relation between two
tables in relational database, we create a new bridge table in-
between. As in the above example there is a many-to-many
relation between student table and courses table. A new table
(enrollments) is created to relate the two tables. In other
words, the many-to-many relation is divided into two relations
each of them is one-to-many. There is one-to-many relation
between students table and enrollments. There is also a one-
to-many relation between courses table and enrollments table.
Figure 7.3 show how to apply many-to-many relation between
two tables.

Students Courses
 Name  Name
 Address  Code
 Phone  Credits
 GPA
 Program

Students Enrollments Courses

 Name  Course  Name
 Address  Student  Code
 Phone  Semester  Credits
 GPA  Date
 Program

Figure 7.3 Many-to-many relation design

7.2 Database design

The first step to create a database is to analyze the real

environment and know the data to be stored. Then you should
make database design. In database design you determine
tables and relations between these tables. Moreover, the
design should specify fields of the tables and the data type for
each field. Data type of a field determines the type of data that
can be stored n this field. For example, the field GPA in
student table has data type float. This means we can store only
decimal numbers in this field. According to the data of the
field you determine the data type.

In addition, the primary key for each table should be included

in the design phase. The primary key field should be unique.
Moreover, more than one field can act as primary key. For
example, in enrollment table which contains student_ID,
course_ID, and enroll_Date the primary key may compose
from both student_ID and course_ID because both values will
not repeat together.

Database design contains also the foreign key fields that used
to relate different tables. In database design phase the design
may use entity relationship diagram (ERD). ERD is structured
diagram to visualized design of a database. It contains entities
and relations between these entities. Figure 7.4 shows a part of
ERD for students database.
student_ID

Course_co
name
de
n n
address Students Courses name

phone credits

GPA

Figure 7.4 part of ERD for students database

7.3 Database management system (DBMS)

After making database design you should create the database

using a DBMS which is a software tool enables you to create,
update, and manage databases. Many DBMSs are exist and
support relational database such as MS Access, Oracle, MS
SQL, and MYSQL. Some of these DBMSs are free and others
not. In this chapter we will use MS Access to create students
database as an example.

7.4 Creating database in MS Access

 Open MS Access
 Click file menu and choose new
 Choose blank database

Figure 7.5

 From create tab choose table. You will find a new table is
added in the left side
 Right click on the new table and choose design view. You
will be asked to enter name of the table.
 Figure 7.6

 In the right panel (marked in the above figure), you enter

fields names and data type for each field.

Figure 7.7
 To determine the primary key field, select the first field
(student_ID) right click and select primary key from the
pop up menu. You will find key symbol beside the field
name as shown in figure 7.7

Figure 7.8

When you choose a field in the design view the attribute of

this data type is appeared in the bottom (Figure 7.8). Select
GPA and change the attribute field size and scale as shown in
the above figure

 Click save to save the created table

 Open the table by double click on table name
 Enter some data for test as shown in figure 7.9

Figure 7.9

Now you create a table and enter data in this table. Let us
make a SQL query to retrieve some data.

 From create tab click Query design

 Right click and select SQL view
 Write the following SQL query that retrieve all excellent
students, who has GPA greater than 3.5 (see figure 7.10)

SELECT * FROM Student where GPA > 3.5;

 Figure 7.10

 Click run, the results of the query will appear as shown in

figure 7.11

Figure 7.11 result of the query

Self-study topics:

Creating form in MS Access

Creating database application for students

Centralized database & Distributed database

Data warehouse
 Part III: Using
Information Systems in
Business
 Chapter 8

Business Automation
We have all heard the term process before, but what exactly
does it mean? A process is a series of tasks that are completed
in order to accomplish a goal. A business process, therefore, is
a process that is focused on achieving a goal for a business. If
you have worked in a business setting, you have participated
in a business process. Anything from a simple process for
making a sandwich at Subway to building a space shuttle
utilizes one or more business processes.

Processes are something that businesses go through every day

in order to accomplish their mission. The better their
processes, the more effective the business. Some businesses
see their processes as a strategy for achieving competitive
advantage. A process that achieves its goal in a unique way
can set a company apart. A process that eliminates costs can
allow a company to lower its prices (or retain more profit).

8.1 Documenting a Process

Every day, each of us will conduct many processes without
even thinking about them: getting ready for work, using an
ATM, reading our e-mail, etc. But as processes grow more
complex, they need to be documented. For businesses, it is
essential to do this, because it allows them to ensure control
over how activities are undertaken in their organization. It also
allows for standardization: McDonald’s has the same process
for building a Big Mac in all of its restaurants.
The simplest way to document a process is to simply create a
list. The list shows each step in the process; each step can be
checked off upon completion. For example, a simple process,
such as how to create an account on eBay, might look like
this:

1. Go to ebay.com.
2. Click on “register.”
3. Enter your contact information in the “Tell us about
you” box.
4. Choose your user ID and password.
5. Agree to User Agreement and Privacy Policy by
clicking on “Submit.”
For processes that are not so straightforward, documenting the
process as a checklist may not be sufficient. For example, here
is the process for determining if an article for a term needs to
be added to Wikipedia:

1. Search Wikipedia to determine if the term already

exists.
2. If the term is found, then an article is already written, so
you must think of another term. Go to 1.
3. If the term is not found, then look to see if there is a
related term.
4. If there is a related term, then create a redirect.
5. If there is not a related term, then create a new article.
This procedure is relatively simple – in fact, it has the same
number of steps as the previous example – but because it has
some decision points, it is more difficult to track with as a
simple list. In these cases, it may make more sense to use a
diagram to document the process:

Process diagram for determining if a new term should

be added to Wikipedia

8.2 Managing Business Process Documentation

As organizations begin to document their processes, it
becomes an administrative task to keep track of them. As
processes change and improve, it is important to know which
processes are the most recent. It is also important to manage
the process so that it can be easily updated! The requirement
to manage process documentation has been one of the driving
forces behind the creation of the document management
system.
A document management system stores and tracks documents
and supports the following functions:

• Versions and timestamps. The document management

system will keep multiple versions of documents. The
most recent version of a document is easy to identify
and will be served up by default.
• Approvals and workflows. When a process needs to be
changed, the system will manage both access to the
documents for editing and the routing of the document
for approvals.
• Communication. When a process changes, those who
implement the process need to be made aware of the
changes. A document management system will notify
the appropriate people when a change to a document is
approved.

Of course, document management systems are not only used

for managing business process documentation. Many other
types of documents are managed in these systems, such as
legal documents or design documents.

8.3 ERP Systems

An enterprise resource planning (ERP) system is a software
application with a centralized database that can be used to run
an entire company. Let’s take a closer look at the definition of
each of these components:
• A software application: The system is a software
application, which means that it has been developed
with specific logic and rules behind it. It has to be
installed and configured to work specifically for an
individual organization.
• With a centralized database: All data in an ERP system
is stored in a single, central database. This
centralization is key to the success of an ERP – data
entered in one part of the company can be immediately
available to other parts of the company.
• That can be used to run an entire company: An ERP can
be used to manage an entire organization’s operations.
If they so wish, companies can purchase modules for an
ERP that represent different functions within the
organization, such as finance, manufacturing, and sales.
Some companies choose to purchase many modules,
others choose a subset of the modules.
An ERP system not only centralizes an organization’s data,
but the processes it enforces are the processes the organization
adopts. When an ERP vendor designs a module, it has to
implement the rules for the associated business processes. A
selling point of an ERP system is that it has best practices
built right into it. In other words, when an organization
implements an ERP, it also gets improved best practices as
part of the deal!

For many organizations, the implementation of an ERP

system is an excellent opportunity to improve their business
practices and upgrade their software at the same time. But for
others, an ERP brings them a challenge: Is the process
embedded in the ERP really better than the process they are
currently utilizing?
And if they implement this ERP, and it happens to be the
same one that all of their competitors have, will they simply
become more like them, making it much more difficult to
differentiate themselves?

This has been one of the criticisms of ERP systems: that they
commoditize business processes, driving all businesses to use the
same processes and thereby lose their uniqueness. The good news
is that ERP systems also have the capability to be configured with
custom processes. For organizations that want to continue using
their own processes or even design new ones, ERP systems offer
ways to support this through the use of customizations.

But there is a drawback to customizing an ERP system:

organizations have to maintain the changes themselves. Whenever
an update to the ERP system comes out, any organization that has
created a custom process will be required to add that change to
their ERP. This will require someone to maintain a listing of these

changes and will also require retesting the system every time an
upgrade is made. Organizations will have to wrestle with this
decision: When should they go ahead and accept the best-practice
processes built into the ERP system and when should they spend
the resources to develop their own processes? It makes the most
sense to only customize those processes that are critical to the
competitive advantage of the company. Some of the best-known
ERP vendors are SAP, Microsoft, and Oracle.
8.4 Business Process Management
Organizations that are serious about improving their business
processes will also create structures to manage those
processes. Business process management (BPM) can be
thought of as an intentional effort to plan, document,
implement, and distribute an organization’s business
processes with the support of information technology.

BPM is more than just automating some simple steps. While

automation can make a business more efficient, it cannot be
used to provide a competitive advantage. BPM, on the other
hand, can be an integral part of creating that advantage. Not
all of an organization’s processes should be managed this
way. An organization should look for processes that are
essential to the functioning of the business and those that may
be used to bring a competitive advantage. The best processes
to look at are those that include employees from multiple
departments, those that require decision-making that cannot be
easily automated, and processes that change based on
circumstances.

To make this clear, let’s take a look at an example. Suppose a

large clothing retailer is looking to gain a competitive
advantage through superior customer service. As part of this,
they create a task force to develop a state-of-the-art returns
policy that allows customers to return any article of clothing,
no questions asked. The organization also decides that, in
order to protect the competitive advantage that this returns
policy will bring, they will develop their own customization to
their ERP system to implement this returns policy. As they
prepare to roll out the system, they invest in training for all of
their customer-service employees, showing them how to use
the new system and specifically how to process returns. Once
the updated returns process is implemented, the organization

will be able to measure several key indicators about returns

that will allow them to adjust the policy as needed. For
example, if they find that many women are returning their
high-end dresses after wearing them once, they could
implement a change to the process that limits – to, say,
fourteen days – the time after the original purchase that an
item can be returned. As changes to the returns policy are
made, the changes are rolled out via internal communications,
and updates to the returns processing on the system are made.
In our example, the system would no longer allow a dress to
be returned after fourteen days without an approved reason.

If done properly, business process management will provide

several key benefits to an organization, which can be used to
contribute to competitive advantage. These benefits include:

• Empowering employees. When a business process is

designed correctly and supported with information
 technology, employees will be able to implement it on
their own authority. In our returns-policy example, an
employee would be able to accept returns made before
fourteen days or use the system to make determinations
on what returns would be allowed after fourteen days.
• Built-in reporting. By building measurement into the
programming, the organization can keep up to date on
key metrics regarding their processes. In our example,
these can be used to improve the returns process and
also, ideally, to reduce returns.
• Enforcing best practices. As an organization
implements processes supported by information
systems, it can work to implement the best practices for
that class of business process. In our example, the
organization may want to require that all customers
returning a product without a receipt show a legal ID.
This requirement can be built into the system so that the
return will not be processed unless a valid ID number is
entered.
• Enforcing consistency. By creating a process and
enforcing it with information technology, it is possible
to create a consistency across the entire organization. In
our example, all stores in the retail chain can enforce
the same returns policy. And if the returns policy
 changes, the change can be instantly enforced across the
entire chain.

8.5 Business Process Reengineering

As organizations look to manage their processes to gain a
competitive advantage, they also need to understand that their
existing ways of doing things may not be the most effective or
efficient. A process developed in the 1950s is not going to be
better just because it is now supported by technology.

In 1990, Michael Hammer published an article in the Harvard

Business Review entitled “Reengineering Work: Don’t
Automate, Obliterate.” This article put forward the thought
that simply automating a bad process does not make it better.
Instead, companies should “blow up” their existing processes
and develop new processes that take advantage of the new
technologies and concepts. He states in the introduction to the
article:

Many of our job designs, work flows, control mechanisms,

and organizational structures came of age in a different
competitive environment and before the advent of the
computer. They are geared towards greater efficiency and
control. Yet the watchwords of the new decade are innovation
and speed, service, and quality.
It is time to stop paving the cow paths. Instead of embedding
outdated processes in silicon and software, we should
obliterate them and start over. We should “reengineer” our
businesses: use the power of modern information technology
to radically redesign our business processes in order to
achieve dramatic improvements in their performance.

Business process reengineering is not just taking an existing

process and automating it. BPR is fully understanding the
goals of a process and then dramatically redesigning it from
the ground up to achieve dramatic improvements in
productivity and quality. But this is easier said than done.
Most of us think in terms of how to do small, local
improvements to a process; complete redesign requires
thinking on a larger scale. Hammer provides some guidelines
for how to go about doing business process reengineering:

• Organize around outcomes, not tasks. This simply

means to design the process so that, if possible, one
person performs all the steps. Instead of repeating one
step in the process over and over, the person stays
involved in the process from start to finish.
• Have those who use the outcomes of the process
perform the process. Using information technology,
many simple tasks are now automated, so we can
empower the person who needs the outcome of the
 process to perform it. The example Hammer gives here
is purchasing: instead of having every department in the
company use a purchasing department to
• order supplies, have the supplies ordered directly by
those who need the supplies using an information
system.
• Subsume information-processing work into the real
work that produces the information. When one part of
the company creates information (like sales
information, or payment information), it should be
processed by that same department. There is no need for
one part of the company to process information created
in another part of the company.
• Treat geographically dispersed resources as though they
were centralized. With the communications
technologies in place today, it becomes easier than ever
to not worry about physical location. A multinational
organization does not need separate support
departments (such as IT, purchasing, etc.) for each
location anymore.
• Link parallel activities instead of integrating their
results. Departments that work in parallel should be
sharing data and communicating with each other during
their activities instead of waiting until each group is
done and then comparing notes.
 • Put the decision points where the work is performed,
and build controls into the process. The people who do
the work should have decision-making authority and the
process itself should have built-in controls using
information technology.
• Capture information once, at the source. Requiring
information to be entered more than once causes delays
and errors. With information technology, an
organization can capture it once and then make it
available whenever needed.

These principles may seem like common sense today, but in

1990 they took the business world by storm. Hammer gives
example after example of how organizations improved their
business processes by many orders of magnitude without
adding any new employees, simply by changing how they did
things

Unfortunately, business process reengineering got a bad name

in many organizations. This was because it was used as an
excuse for cost cutting that really had nothing to do with BPR.
For example, many companies simply used it as an excuse for
laying off part of their workforce. Today, however, many of
the principles of BPR have been integrated into businesses
and are considered part of good business-process
management.
8.5.1 Case study: Reengineering the College Bookstore
The process of purchasing the correct textbooks in a timely
manner for college classes has always been problematic. And
now, with online bookstores such as Amazon competing
directly with the college bookstore for students’ purchases, the
college bookstore is under pressure to justify its existence.

But college bookstores have one big advantage over their

competitors: they have access to students’ data. In other
words, once a student has registered for classes, the bookstore
knows exactly what books that student will need for the
upcoming term. To leverage this advantage and take
advantage of new technologies, the bookstore wants to
implement a new process that will make purchasing books
through the bookstore advantageous to students. Though they
may not be able to compete on price, they can provide other
advantages, such as reducing the time it takes to find the
books and the ability to guarantee that the book is the correct
one for the class. In order to do this, the bookstore will need to
undertake a process redesign.

The goal of the process redesign is simple: capture a higher

percentage of students as customers of the bookstore. After
diagramming the existing process and meeting with student
focus groups, the bookstore comes up with a new process. In
the new process, the bookstore utilizes information technology
to reduce the amount of work the students need to do in order
to get their books. In this new process, the bookstore sends the
students an e-mail with a list of all the books required for their
upcoming classes. By clicking a link in this e-mail, the
students can log into the bookstore, confirm their books, and
purchase the books. The bookstore will then deliver the books
to the students.

College bookstore process redesign

8.6 ISO Certification

Many organizations now claim that they are using best
practices when it comes to business processes. In order to set
themselves apart and prove to their customers (and potential
customers) that they are indeed doing this, these organizations
are seeking out an ISO 9000 certification. ISO is an acronym
for International Standards Organization. This body defines
quality standards that organizations can implement to show
that they are, indeed, managing business processes in an
effective way. The ISO 9000 certification is focused on
quality management.

In order to receive ISO certification, an organization must be

audited and found to meet specific criteria. In its most simple
form, the auditors perform the following review:

• Tell me what you do (describe the business process).

• Show me where it says that (reference the process
documentation).
• Prove that this is what happened (exhibit evidence in
documented records).
Over the years, this certification has evolved and many
branches of the certification now exist. ISO certification is one
way to separate an organization from others.

The advent of information technologies has had a huge impact

on how organizations design, implement, and support business
processes. From document management systems to ERP
systems, information systems are tied into organizational
processes. Using business process management, organizations
can empower employees and leverage their processes for
competitive advantage. Using business process reengineering,
organizations can vastly improve their effectiveness and the
quality of their products and services. Integrating information
technology with business processes is one way that
information systems can bring an organization lasting
competitive advantage.

Chapter 9

Impact of Information
Systems on Business
Recently, Information technology has been used widely in
almost all fields. It makes a great success everywhere. For
example applications of information technology are used in
medical field to help in diagnosing different diseases.
Moreover, automation of medical devices is also depends on
information technology. On the other hand, using Artificial
Intelligence (AI) applications and robotics makes revulsion in
different fields. Nowadays, cars are controlled by a computer
system without a driver. Full autonomous cars soon will be in
the streets. Generally information technology improves
quality of life and makes life easier. Using mobile applications
people can control their homes remotely from work.

This chapter discusses the impact of using information

systems on business. An important question that should be
answered clearly is “does information system make a
competitive advantage to business”. This topic has been
discussed previously. Early, people have doubt of information
system effects on business. Some people claimed that using
information systems does not improve business. However,
others said that information systems have positive effects on
business. This topic is investigated in this chapter.
9.1 Competitive advantage

There are two main approaches for business to make a

competitive advantage cost reduction and differentiation.

Cost reduction is an important approach for a business to gain

competitive advantage. This approach tries to produce same
quality product as competitors with lower cost. Offering same
product with a lower price facilitates having a good share in
the market. A company should find ways to reduce cost.
Finding cheaper suppliers and using automated machines are
ways to reduce production cost. Moreover, utilizing the used
resources may be a factor to reduce final product cost.

The second approach to gain a competitive advantage is

differentiation. Using innovation to produce different product
that customers need or adding different attribute to the same
product create a competitive advantage for the company.

Using information system supports both approaches of

gaining competitive advantage. Information systems enable
the company to utilize their resource and easy manage the
production process. Using internet and databases facilitate
finding more suppliers. Moreover, using information system
help to select the right product for customers and predict
customer satisfaction on the new product. So using
information system help the company to gain competitive
advantage.

An organization that adopts an information system and

automates its processes gains many superior points than other
organizations that don't use information systems. Generally,
using information technologies in business makes good
achievements in different fields:

 Support decision makers

 Improve resource managements
 Improve resource utilization
 Reduce production costs
 Reduce raw materials cost
 Improve general revenue.
9.2 Information system decrease cost of production
With the adoption of automation, employees spend less time
on tasks that once required hours to complete. This is
important not just because the automation can do these
sometimes menial tasks in a fraction of the time, but it also
shrinks the chances for human error.

9.2.1 Increase mobility and efficiency

In most industries, employees are confined to one place: the

office. That’s because, in order to complete certain tasks
manually, an employee has to use a specific machine.
Through automation, this changes. Employees are no longer
confined to the walls of the office to accomplish a task that is
now automated. This allows them to work wherever it makes
the most sense, and they can access the information they need
from anywhere on any device. The way in which this is
accomplished is through the following:

 Mobile Apps With so many individuals and companies

using smartphones, getting what you need while on the
go is only a click away through an app. Time keeping
can easily be updated via mobile, which is a great
alternative to the older pen and paper method of years
past.
 Online Software: There are a number of companies
today using software that’s built online, such as
 accounting software, analytic reporting, and more.
Since the program is online, your employees can be
anywhere and will still be able to find the information
they need on a moment’s notice without wasting time.

The increased mobility of your employees can account for

quicker turnaround times. As more customers and clients look
to quick solutions, being able to efficiently finish a project
means more money in your pocket down the road.

9.2.2 Keeping track of information

Even through automation, mistakes can happen, and
businesses can lose track of goals if not careful. Fortunately,
there are three ways to best avoid any mistakes when going to
full automation at your office.

 Build in Reporting Features: There are many systems in

production that have reporting features built in to the
automated process. At different intervals, you can have
the program create reports that allow you to track
project timelines, accounting, or any number of
necessary pieces of information.
 Create Flags: Most automated systems will have built-
in flags, meaning if you go over time on a project or if
numbers aren’t adding up to what they were previously,
you will get notified of the error. This is beneficial to
 avoiding the problem of the system believing there is an
issue when there’s not. Just as human error is being
avoided, system error is as well.
 Add the Ability to Review: If you’re automating
everything, it can be easy to lose track of where you are
in a project or how you got there. With built-in reviews
at each checkpoint or each billing period, you give your
business a better chance to succeed because you’ll be
better equipped to find where small failures have
occurred and correct them moving forward.

9.2.3 Better client involvement

Automated processes are giving businesses more flexibility

when working directly with clients. Specifically, these
processes have opened the door to more client involvement
and clearer communication. Here’s how:

 Built-In Client Portals: A growing majority of

automated systems have begun to incorporate client
portals that allow your client to directly log in and add
input through discussion boards or add files necessary
to the completion of a project.
 Sending Automated Updates: Sending project updates
at regular intervals to the client directly from your
automation software can help to keep clients involved.
If you prefer to keep client input confined only to
 update meetings, this gives you the chance to provide
insights to the project while giving clients more
information to come into an update meeting with.

By reducing the amount of time spent on unnecessary tasks,

shrinking the chances of human error, and allowing more
people—specifically clients—to be involved in projects, your
company will be better able to operate more efficiently,
reduce costs, and improve communication with clients simply
through automation.

9.3 Information systems support management

A large category of information systems comprises those

designed to support the management of an organization. These
systems rely on the data obtained by transaction processing
systems, as well as on data and information acquired outside
the organization (on the Web, for example) and provided by
business partners, suppliers, and customers.

9.4 Information system helps quality control

A quality management system (QMS) is defined as a

formalized system that documents processes, procedures, and
responsibilities for achieving quality policies and objectives.
A QMS helps coordinate and direct an organization’s
activities to meet customer and regulatory requirements and
improve its effectiveness and efficiency on a continuous basis.
Implementing a quality management system affects every
aspect of an organization's performance. Benefits of a
documented quality management system include:

 Meeting the customer’s requirements, which helps to

instill confidence in the organization, in turn leading to
more customers, more sales, and more repeat business
 Meeting the organization's requirements, which ensures
compliance with regulations and provision of products
and services in the most cost- and resource-efficient
manner, creating room for expansion, growth, and
profit

These benefits offer additional advantages, including:

 Defining, improving, and controlling processes

 Reducing waste
 Preventing mistakes
 Lowering costs
 Facilitating and identifying training opportunities
 Engaging staff
 Setting organization-wide direction
 Communicating a readiness to produce consistent
results
9.5 Information systems support decision making

Information systems support all levels of management, from

those in charge of short-term schedules and budgets for small
work groups to those concerned with long-term plans and
budgets for the entire organization. Management reporting
systems provide routine, detailed, and voluminous information
reports specific to each manager’s areas of responsibility.
These systems are typically used by first-level supervisors.
Generally, such reports focus on past and present activities,
rather than projecting future performance. To prevent
information overload, reports may be automatically sent only
under exceptional circumstances or at the specific request of a
manager.

Moreover, making decision is central to managing

organizations. Organizations today can no longer use a 'cook
book' approach to decision making. In order to succeed in a
business today, companies need information system that
support the diverse information and decision-making needs
for their operations. The rapid development of the internet and
other information technologies has further strengthened the
role of information systems for decision making support.

Decisions occur at three levels in organizations. These levels

are:
 Strategic decisions are long-term in their impact. They
affect and shape the direction of the whole business.
They are generally made by senior managers. The
managers of the bakery need to take a strategic decision
about whether to remain in the café business. Long-
term forecasts of business turnover set against likely
market conditions will help to determine if it should
close the café business.
 Tactical decisions (managerial) help to implement the
strategy. They are usually made by middle
management. For the café, a tactical decision would be
whether to open earlier in the morning or on Saturday
to attract new customers. Managers would want
research data on likely customer numbers to help them
decide if opening hours should be extended.
 Operational decisions relate to the day-to-day running
of the business. They are mainly routine and may be
taken by middle or junior managers. For example, a
simple operational decision for the café would be
whether to order more coffee for next week. Stock and
sales data will show when it needs to order more
supplies.
9.6 Decision support systems and business
intelligence

All information systems support decision making, however

indirectly, but decision support systems are expressly
designed for this purpose. As these systems are increasingly
being developed to analyze massive collections of data
(known as big data), they are becoming known as business
intelligence, or business analytics, applications. The two
principal varieties of decision support systems are model-
driven and data-driven.

9.6.1 Model-driven decision support system

In a model-driven decision support system, a preprogrammed

model is applied to a relatively limited data set, such as a sales
database for the present quarter. During a typical session, an
analyst or sales manager will conduct a dialog with this
decision support system by specifying a number of what-if
scenarios. For example, in order to establish a selling price for
a new product, the sales manager may use a marketing
decision support system. It contains a model relating various
factors—the price of the product, the cost of goods, and the
promotion expense in various media—to the projected sales
volume over the first five years on the market. By supplying
different product prices to the model, the manager can
compare predicted results and select the most profitable
selling price.

9.6.2 Data-driven decision support system

The primary objective of data-driven business intelligence

systems is to analyze large pools of data, accumulated over
long periods of time in data warehouses, in a process known
as data mining. Data mining aims to discover significant
patterns, such as sequences (buying a new house, followed by
a new dinner table), clusters, and correlations (large families
and van sales), with which decisions can be made. Predictive
analytics attempts to forecast future outcomes based on the
discovered trends.

Data-driven decision support systems include a variety of

statistical models and may rely on various artificial
intelligence techniques, such as expert systems, neural
networks, and machine learning. In addition to mining
numeric data, text mining is conducted on large aggregates of
unstructured data, such as the contents of social media that
include social networks, wikis, and blogs. As used in
electronic commerce, for example, text mining helps in
finding buying trends, targeting advertisements, and detecting
fraud.
An important variety of decision support systems enables a
group of decision makers to work together without necessarily
being in the same place at the same time. These group
decision systems include software tools for brainstorming and
reaching consensus.

Another category, geographic information systems, can help

analyze and display data by using digitized maps. Digital
mapping of various regions is a continuing activity of
numerous business firms. Such data visualization supports
rapid decision making. By looking at a geographic distribution
of mortgage loans, for example, one can easily establish a
pattern of discrimination.

9.8 Organizational impacts of information systems

Essential organizational capabilities are enabled or enhanced

by information systems. These systems provide support for
business operations; for individual and group decision
making; for innovation through new product and process
development; for relationships with customers, suppliers, and
partners; for pursuit of competitive advantage; and, in some
cases, for the business model itself. Information systems bring
new options to the way companies interact and compete, the
way organizations are structured, and the way workplaces are
designed. In general, use of Web-based information systems
can significantly lower the costs of communication among
workers and firms and cost-effectively enhance the
coordination of supply chains or webs. This has led many
organizations to concentrate on their core competencies and to
outsource other parts of their value chain to specialized
companies. The capability to communicate information
efficiently within a firm has led to the deployment of flatter
organizational structures with fewer hierarchical layers.

Nevertheless, information systems do not uniformly lead to

higher profits. Success depends both on the skill with which
information systems are deployed and on their use being
combined with other resources of the firm, such as
relationships with business partners or superior knowledge in
the industrial segment.

The use of information systems has enabled new

organizational structures. In particular, so-called virtual
organizations have emerged that do not rely on physical
offices and standard organizational charts. Two notable forms
of virtual organizations are the network organization and the
cluster organization.

In a network organization, long-term corporate partners

supply goods and services through a central hub firm.
Together, a network of relatively small companies can present
the appearance of a large corporation. Indeed, at the core of
such an organization may be nothing more than a single
entrepreneur supported by only a few employees. Thus,
network organization forms a flexible ecosystem of
companies, whose formation and work is organized around
Web-based information systems.

In a cluster organization, the principal work units are

permanent and temporary teams of individuals with
complementary skills. Team members, who are often widely
dispersed around the globe, are greatly assisted in their work
by the use of Web resources, corporate intranets, and
collaboration systems. Global virtual teams are able to work
around the clock, moving knowledge work electronically “to
follow the sun.” Information systems delivered over mobile
platforms have enabled employees to work not just outside the
corporate offices but virtually anywhere. “Work is the thing
you do, not the place you go to” became the slogan of the
emerging new workplace. Virtual workplaces include home
offices, regional work centers, customers’ premises, and
mobile offices of people such as insurance adjusters.
Employees who work in virtual workplaces outside their
company’s premises are known as teleworkers.

The role of consumers has changed, empowered by the Web.

Instead of being just passive recipients of products, they can
actively participate with the producers in the co-creation of
value. By coordinating their collective work using information
systems, individuals created such products as open-source
software and online encyclopedias. The value of virtual
worlds and massively multiplayer online games has been
created largely by the participants. The electronic word-of-
mouth in the form of reviews and opinions expressed on the
Web can make or break products. In sponsored co-creation,
companies attract their customers to generate and evaluate
ideas, co-develop new products, and promote the existing
goods and services. Virtual customer communities are created
online for these purposes.
9.9 Information systems in the economy and society

Along with the global transportation infrastructure, network-

based information systems have been a factor in the growth of
international business and corporations. A relationship
between the deployment of information systems and higher
productivity has been shown in a number of industries when
these systems complement other corporate resources.
Electronic commerce has moved many relationships and
transactions among companies and individuals to the Internet
and the Web, with the resulting expansion of possibilities and
efficiencies. The development of the Internet-based
ecosystem—accompanied by the low cost of hardware and
telecommunications, the availability of open-source software,
and the mass global access to mobile phones—has led to a
flowering of entrepreneurial activity and the emergence to
prominence and significant market value of numerous firms
based on new business models. Among the examples are
electronic auction firms, search engine firms, electronic malls,
social network platforms, and online game companies.
Because of the vast opportunities for moving work with data,
information, and knowledge in electronic form to the most
cost-effective venue, a global redistribution of work has been
taking place.
Individual privacy hinges on the right to control one’s
personal information. While invasion of privacy is generally
perceived as an undesirable loss of autonomy, government
and business organizations do need to collect data in order to
facilitate administration and exploit sales and marketing
opportunities. Electronic commerce presents a particular
challenge to privacy, as personal information is routinely
collected and potentially disseminated in a largely unregulated
manner. The ownership of and control over the personal
profiles, contacts, and communications in social networks are
one example of a privacy issue that awaits resolution through
a combination of market forces, industry self-regulation, and
possibly government regulation. Preventing invasions of
privacy is complicated by the lack of an international legal
standard.

Access to information systems over the Web is necessary for

full participation in modern society. In particular, it is
desirable to avoid the emergence of digital divides between
nations or regions and between social and ethnic groups. Open
access to the Web as a medium for human communication and
as a repository for shared knowledge is treasured. Indeed,
many people consider free speech a universal human right and
the Internet and Web the most widely accessible means to
exercise that right. Yet, legitimate concerns arise about
protecting children without resorting to censorship.
Technological solutions, such as software that filters out
pornography and inappropriate communications, are partially
successful.

Of concern to everyone is the accuracy and security of

information contained in databases and data warehouses—
whether in health and insurance data, credit bureau records, or
government files—as misinformation or privileged
information released inappropriately can adversely affect
personal safety, livelihood, and everyday life. Individuals
must cooperate in reviewing and correcting their files, and
organizations must ensure appropriate security, access to, and
use of such files.

Information systems have affected the quality of personal and

working lives. In the workplace, information systems can be
deployed to eliminate tedious tasks and give workers greater
autonomy, or they can be used to thoughtlessly eliminate jobs
and subject the remaining workforce to pervasive electronic
surveillance. Consumers can use the Web for shopping,
networking, and entertainment—but at the risk of contending
with spam (unsolicited e-mail), interception of credit card
numbers, and attack by computer viruses.

Information systems can expand participation of ordinary

citizens in government through electronic elections,
referendums, and polls and also can provide electronic access
to government services and information—permitting, for
instance, electronic filing of taxes, direct deposit of
government checks, and viewing of current and historical
government documents. More transparent and beneficial
government operations are possible by opening the data
collected by and about governments to public scrutiny in a
searchable and easy-to-use form. With the Web, the public
sphere of deliberation and self-organization can expand and
give voice to individuals. However, information systems have
also conjured Orwellian images of government surveillance
and business intrusion into private lives. It remains for society
to harness the power of information systems by strengthening
legal, social, and technological means.

With the exponentially growing power of computers, driven

by Moore’s law, and the development of ever more-
sophisticated software—in particular, systems deploying the
techniques of artificial intelligence (AI)—job markets and
professions have been affected. Flexible and inexpensive
robotics reduces some opportunities in the labour markets.
Cognitive computing, with systems relying on AI
techniques—such as computer learning, pattern recognition in
multiple media, and massive amounts of stored information—
emerged as a competitor to human professionals.
The emergence of the “on-demand economy,” enabled by
information system platforms, has raised concerns about the
quality of jobs. Providing instant access to services, such as
transportation, the platforms (for example, Uber and Lyft)
connect the service suppliers, usually individuals, with those
seeking the service. Although claimed to erode stable
workplaces, such business models offer flexibility, a larger
measure of independence to the suppliers, and convenience to
the demanders.
 Chapter 10

Information System Security

Security is a crucial issue in information systems. To keep
confidential information confidential is very important.
Information leeks may cause loss of millions of dollars.

Recently the amount of digital information becomes very

large. Moreover, the value of information is increased.
Competition for having information in business becomes very
tough.

One important task in business information system is to keep

the system secure. This means to keep information safe from
illegal access. Only authorized people can access the data.
Moreover, different users should have different levels access.
For example, employee affairs users can access only
employees’ data and can't access accounting data. So, the
information system should protect data from external people
and system users that want to access other sections data.

Furthermore, keeping the system operations works properly is

also important task in system security. Some enemy who can't
get access data they try to make the system works wrongly so
the system itself store wrong data or harm the correct data.

The task of keeping an information system secure includes

network security and information security.
10.1 Network security

Most of information systems depend on the Internet or local

networks. You may find the database of the system is hosted
in a cloud service. In other case the system may deploy in a
local server in the organization. The users access the system
through local network. Consequently, network security should
be considered to protect the information system against any
possible attacks.

10.1.1 Types of network attacks

There are two main types of possible network attacks: passive

attack and active attack. The passive attack listens to the
network traffic to steel important information. This type of
attack is dangerous according to the importance of seen
information. For example if the attacker could see the bank
accounts data or visa information of the customers of the
organization this represents a greet hazard. However, the
active attack aims to corrupt the important information by
adding extra information or changing part of data.

10.2 Threats types

There are different types of threats that may cause security

problem. The following subsections explain these types of
threats.
Man-in-the-middle

In this type of threats, the attacker listens to the network

traffic between two people or systems. Figure 10.1 shows the

Figure 10.1 Man-in-the-middle attack

idea of this thread. The two parties think they are connected
directly. However, the attacker is hidden.

SQL injection is a thread in which the attacker goes through

SQL queries to the database. The attack aims to get or modify
data from database. If the attack successes, it results to
unauthorized access to valuable data.

Trojan horse is a harmful program which looks like a good

program to deceive you. It may come when you click link in
your e-mail or a website. It aims to steel, monitor, or damage
data. Unlike viruses, it can’t copy itself.

Spyware is a computer program which installed on victim

device. This program monitors user online activities.
Moreover, it may log user’s keystrokes. So, the hackers may
get credential information or other valuable information.

Computer viruses are harmful programs that can encrypt

your data or corrupt your files. It may come to your device
when an infected device (such as hard desk) is connected your
computer or through computer networks. It can copy itself and
spread automatically.

Password attack is the process of getting authenticated user’s

password. Many ways the attacker may follow to get the
password such as cracking password, guessing, or steeling.

Denial of service is used when the attacker aims to stop the

provided services. The attacker tries to make a very huge load
on the server, so the server is down. Some programs can be
used to simulate normal clients. These programs send large
number (thousands or millions) of requests to the server in the
same time.
10.3 Security approaches

Keeping an information system safe against different attacks

types is important. Different approaches can be used to keep
the system secure such as authorization, access control,
encryption, firewall, and backup.

10.3.1 Authentication

Authentication means to ensure that the person who wants to

access the system is who they claim they are. For example,
when someone knocks the door and says “I am Ahmed
Farouk”, authentication is the process to identify that the
person who knocked the door is really Ahmed Farouk and not
another person. There are different ways to perform
authentication process such as user name/password, smart
card, and figure print.

In case of using user name/password for authentication, the

password should be difficult to guess. The user should avoid
using dictionary words. This is because hackers will try
dictionary words to guess the password. For example some
conditions should be restricting choosing password to make it
difficult to guess such as:

 At least 8 characters
 Contains at least one symbol
 Contains at least one upper case letter
 Contains numbers
  Not include user name
 Not include birth date of the user

Moreover, it is very important to information system users to

change their passwords regularly. Every 2 months to 3 month
the password should be changed. Changing password
periodically makes guessing it more difficult.

Attackers use different ways to steel or guess passwords. E-

mail phishing is one of attackers’ methods to steel passwords.
Attacker sends an e-mail to the authorized user and this e-
mails contains a link to a fake website that looks like original
website. The user is asked to log in in this fake website. When
the user enters his/her password, it goes to the attackers.
Another way that attackers may apply is to call administration
employee and claim that they have a problem in logging into
the system. They claim that they are authorized users and
provide information about authorized the user. They ask
administration to reset the password and let them to know the
new password.
10.3.2 Authorization

Authorization is the process of granting access control to

system resources. This process occurs on two phases.

Access policy definition phase

In this phase the privileges for different users are determined.

Each user can access which data and what rights he/she has.
For example the following table shows the rights of five users.

User name Employee data Accounting data

read write modify read modify delete
Mohamed X X X
Ali X X X
Mona X X
Hassan X X X
Maha X X

Policy enforcement phase

If a user asks for access to specific resource, this phase checks

his privileges and allow access or prevent it.
10.3.3 Data encryption

When the data is transmitted from one side to another, it

should be encrypted. Data encryption means to encode data in
specific method and send the encoded data. On the other hand
the receiver gets the encoded data and makes decoding to get
the original text. So, if third party obtains this encrypted data,
it is difficult to get original data. Normally data encryption is
used in case of the data wanted to be transmitted or when
storing important data.

As shown in figure?? The encryption process converts the

plain text (original data) into cypher text (encrypted data)
using specific method for encoding which based on the
inputted key. On the other hand, the decryption process
converts the cypher text into plain text using opposite
operation of the used encoding method using the same key.

Key

Plain text Cypher text

Encoding process

Encryption
How does encryption work?

In order to understand the idea of encryption, consider the

following simple encryption method.

1. The plain text is divided into letters

2. Subtract key from each letter

Key

Cypher text Plain text

Decoding process

Decryption
When you want to encrypt the letter d and the key is 1 the
result letter will be e. Adding the key (1) to the letter z will
result the letter a according to the circular list of English letter
(figure ??).

“A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U,
V, W, X, Y, Z”

If we suggest the key = 3 and the text we would like to

encrypt is ”you”:

y–3=v
o–3=l
u–3=r
The resulted cypher text is “vlr”. In the decryption process for
each letter add the key to the letter to obtain original text as
follow:
 u v
s t w
r x
q y
p z
o
n
m a
l b
k c
j d
i h g f e

v+3=y
l+3=o
r+3=u
Example: if you a receiver and you get an encrypted message
“Nzxpmdot dn dhkjmovio” use the above decryption method
with key = 5 to obtain the plain text. You will find that the
original message is “Security is important”.

Most of encryption techniques have the same idea. The key

should be shared between both sender and receiver and should
be used in encryption and decryption process.

RSA encryption algorithm

RSA is a public key algorithm proposed by Rivest, Shamir
and Adleman in year 1978. It is considered as most secure
encryption technique. Unlike traditional encryption technique
RSA does not need a common key for encryption and
decryption processes. However, there are two different keys
used for encryption and decryption. The sender who encrypts
the data will use public key of the receiver to encrypt the data.
On the other hand, the receiver uses his private key to decrypt
the data. So there is no common key between sender and
receiver.

10.3.4 Firewalls

Firewall is a security system that protects networks. It

monitors network incoming traffic and outgoing traffic and
detects data coming from untrusted network (such as Internet).
It works according to predefined rules.

Firewalls are considered the first line of defense in network

security. Firewall may be software system or hardware. In
other cases it consists from both software and hardware.

Early firewall monitors packets transferring on the network

and filter these packets according to predefined. It works as a
packet filter.

10.3.5 Backup

Taking a copy from the important data and storing the new
copy in a save place is called backup. The backup can be used
in case of damage in the original data. It is an important issue
to have regular backups from the system. Sometimes attackers
damage the original data or lock it and prevent accessing to it.
In such case backup can solve the problem. Moreover, backup
can be used in case of natural disasters or unintended failure.

An organization owns an information system should have a

backup policy. According to the system, the backup policy
should determine the following points:

 The data to be backed up: the backup policy should

determine the critical data to be backed up and where
this data originally stored.
 Backup rate: it is important to decide how often the data
should be backed up (weakly backup, daily backups,
twice a day). It depends on the importance of data and
change rate of data.
 The media: variety of storage media can be used to
keep the backups such as external hard disk, CD, DVD,
and cloud. It is highly recommended to keep the backup
offsite (a different place than the original system).
 Encryption technique: in case of backing up critical
data an encryption technique is used to keep the backup
encrypted. Consequently, the data is safe if the backup
is stolen.
10.4 Security policy

One of the administration tasks of an information system is

preparing a security plan. The aim of the security plan is to
specify how the organization protects its information system.
A collection of different security approach can be used in the
security plan to protect the information system. A security
policy of an organization should consider the governmental
security regulations. For example, the security plan for a
hospital information system should consider health ministry
regulations about security and privacy. Generally there are
some common points should be included in a security plan
such as:

 Backup plan
 Password restrictions
 Employee guidelines
 Protection layers
 Chapter 11

Ethics of Using Information

System
The word ethics comes from the Greek root ethos, meaning
personality. Unlike morals, ethics may differ considerably
from one community to another. The dictionary implies that
ethics deal with "what's good and bad and with moral duty
and obligation". Ethics is the branch of idea that handles the
determination of what's right or wrong, good or bad.

11.1 Business Ethics

Some researchers offered a description of business ethics

stated that: "Business ethics is moral guidelines, standards,
codes, or principles which provide recommendations for right
and truthful habit in specific situations". There are many
business ethics codes available on the internet. However, there
is no universally accepted code for business ethics.

11.2Ethics and Information Systems

Ethics depend on basic societal worth, and assume that our

world works based on trust. We trust that others will
accomplish commitments they make with us. As ethical
behavior generates trust, unethical behavior damages trust.

The introduction of new technology can have a profound

effect on human behavior. New technologies give us
capabilities that we did not have before, which in turn create
environment sand situations that have not been specifically
addressed in ethical terms. Those who master new
technologies gain new power; those who cannot or do not
master them may lose power. In 1913, Henry Ford
implemented the first moving assembly line to create his
Model T cars. While this was a great step forward
technologically (and economically), the assembly line reduced
the value of human beings in the production process. The
development of the atomic bomb concentrated unimaginable
power in the hands of one government, who then had to
wrestle with the decision to use it. Today’s digital
technologies have created new categories of ethical dilemmas.

The concept of information system is unseen and unaffected

by bad activities in the company, is now outdated. When
information systems staff does unethical behavior, the
complete organization suffers.

Digital technologies have given us the ability to aggregate

information from multiple sources to create profiles of people.
What would have taken weeks of work in the past can now be
done in seconds, allowing private organizations and
governments to know more about individuals than at any time
in history. This information has value, but also chips away at
the privacy of consumers and citizens

Ethics is necessary in information systems to overcome the

following honest issues:
 Privacy: Data privacy is challenging since it attempts
to use data while protecting an individual's privacy
preferences and personally identifiable information.
What information about others or organizations can be
shown others, under what conditions. What things can
people maintain and not be forced to show to others.
 Accuracy: Who is responsible for the authenticity,
fidelity and correctness of information?
 Property: Who has right to possess information?
 Accessibility: What information does a person or a
business have a right or a privilege to obtain.
11.3 Exploring the ethics issues in information systems

Information systems face a number of challenges of because

of ethical character.

1) Confidentiality
Confidentiality of information is very important to all
information-using professions.
2) Programmers and ethics
Sometimes programmers are asked to make a program
that is not ethically good. For example, the programs
that crack passwords are illegal and not ethically.
3) Social responsibility of systems analysts: An analyst's
job is to design work flows that are successful. The
analyst should work in an ethical way.

There are many computer professional organizations, have

established ethical standards for his or her members. Three
common elements in these rules are:

 maintain competence
 disclose issue of interest, and
 maintain confidentiality of information even after
occupation ends.
11.3.1 Management Information Systems and Ethics

Management Information Systems (MIS) professionals

struggle with the same types of ethical issues faced by other
business specialists. Honest dilemmas regarding issue of
interest, theft, equal opportunity, and environmental impact
minimize across professions.

The fast growth of information systems forces people to make

ethical agreements to protect from not ethical behavior such as
anti-privacy, plagiarism, and misuse of information.
Moreover, there is an open opportunity to make unethical
behavior. However, one’s ethics should prevent him to do.
11.4 Code of ethics

A code of ethics is a document that outlines a set of acceptable

behaviors for a professional or social group; generally, it is
agreed to by all members of the group. The document details
different actions that are considered appropriate and
inappropriate. It is a way to improve people ethics toward
specific profession. It contains a set of moral points or
guidelines (what you should do and what you should not do).

A good example of a code of ethics is the code of ethics the

Association for Computing Machinery (ACM), an
organization of computing professionals that includes
academics, researchers, and practitioners. A part from ACM
code of ethics includes:

 No one should enter or use another’s computer

system, software, or data files without permission.
 One must always have appropriate approval before
using system resources, including communication ports,
file space, other system peripherals, and computer time.
 Designing or implementing systems that deliberately or
inadvertently demean individuals or groups is ethically
unacceptable.
 Organizational leaders are responsible for ensuring that
computer systems enhance, not degrade, the quality of
working life. When implementing a computer system,
 organizations must consider the personal and
professional development, physical safety, and human
dignity of all workers.
 Appropriate human-computer ergonomic standards
should be considered in system design and in the
workplace.

One of the major advantages of creating a code of ethics is

that it clarifies the acceptable standards of behavior for a
professional group.

11.4.1 Code of ethics drawbacks

Having a code of ethics can also have some drawbacks. First

of all, a code of ethics does not have legal authority; in other
words, breaking a code of ethics is not a crime in itself. So
what happens if someone violates one of the guidelines?
Many codes of ethics include a section that describes how
such situations will be handled. In many cases, repeated
violations of the code result in expulsion from the group.

In the case of ACM: “Adherence of professionals to a code

of ethics is largely a voluntary matter. However, if a member
does not follow this code by engaging in gross misconduct,
membership in ACM may be terminated.”
Another possible disadvantage of a code of ethics is that there
is always a chance that important issues will arise that are not
specifically addressed in the code. Technology is quickly
changing, and a code of ethics might not be updated often
enough to keep up with all of the changes. A good code of
ethics, however, is written in a broad enough fashion that it
can address the ethical issues of potential changes to
technology while the organization behind the code makes
revisions.

Finally, a code of ethics could have also be a disadvantage in

that it may not entirely reflect the ethics or morals of every
member of the group. Organizations with a diverse
membership may have internal conflicts as to what is
acceptable behavior. For example, there may be a difference
of opinion on the consumption of alcoholic beverages at
company events. In such cases, the organization must make a
choice about the importance of addressing a specific behavior
in the code.

11.5 Acceptable Use Policies

Many organizations that provide technology services to a

group of constituents or the public require agreement to an
acceptable use policy (AUP) before those services can be
accessed. Similar to a code of ethics, this policy outlines what
is allowed and what is not allowed while someone is using the
organization's services. An everyday example of this is the
terms of service that must be agreed to before using the public
Wi-Fi at public mall, or even a university. Here is an example
of an acceptable use policy:

• Borrowing” someone else’s login ID and

password is prohibited.
• Using the provided access for commercial purposes,
such as hosting your own business website, is not
allowed.
• Sending out unsolicited email to a large group of
people is prohibited.

Just as with a code of ethics, these acceptable use policies

specify what is allowed and what is not allowed. Again, while
some of the items listed are obvious to most, others are not so
obvious.

Also as with codes of ethics, violations of these policies have

various consequences. In most cases, such as with Wi-Fi,
violating the acceptable use policy will mean that you will
lose your access to the resource.

While losing access to Wi-Fi at a mall may not have a lasting

impact, a university student getting banned from the
university’s Wi-Fi (or possibly all network resources) could
have a large impact.
11.6 Intellectual Property

One of the domains that have been deeply impacted by digital

technologies is the domain of intellectual property. Digital
technologies have driven a rise in new intellectual property
claims and made it much more difficult to defend intellectual
property.

Intellectual property is defined as "property (as an idea,

invention, or process) that derives from the work of the mind
or intellect". This could include creations such as song lyrics,
a computer program, a new type of toaster, or even a
sculpture.

Protection of intellectual property is important because it

gives people an incentive to be creative. Innovators with great
ideas will be more likely to pursue those ideas if they have a
clear understanding of how they will benefit.

In the following subsections review three of the best-known

intellectual property protections: copyright and patent.

11.6.1 Copyright

Copyright is the protection given to songs, computer

programs, books, and other creative works; any work that has
an author can be copyrighted. Under the terms of copyright,
the author of a work controls what can be done with the work,
including:

 Who can make copies of the work.

 Who can make derivative works from the original
work.
 Who can perform the work publicly.
 Who can display the work publicly.
 Who can distribute the work.

Many times, a work is not owned by an individual but is

instead owned by a publisher with whom the original author
has an agreement. In return for the rights to the work, the
publisher will market and distribute the work and then pay the
original author a portion of the proceeds.
11.6.2 Software license

A software license is a legal instrument (usually by way

of contract law, with or without printed material) governing
the use or redistribution of software.

By copyright law in most of countries, all software is

copyright protected, in both source code and object code
forms. Authors of copyrighted software can donate their
software to the public domain, in which case it is also not
covered by copyright and, as a result, cannot be licensed.

A typical software license grants the licensee, typically

an end-user, permission to use one or more copies of software
in ways where such a use would otherwise potentially
constitute copyright infringement of the software
owner's exclusive rights under copyright.

Two common categories for software under copyright law,

and therefore with licenses which grant the licensee specific
rights, are proprietary software and free and open-source
software (FOSS). The distinct conceptual difference between
the two is the granting of rights to modify and re-use
a software product obtained by a customer: FOSS software
licenses both rights to the customer and therefore bundles the
modifiable source code with the software ("open-source"),
while proprietary software typically does not license these
rights and therefore keeps the source code hidden ("closed
source").

In addition to granting rights and imposing restrictions on the

use of copyrighted software, software licenses typically
contain provisions which allocate liability and responsibility
between the parties entering into the license agreement. In
enterprise and commercial software transactions, these terms
often include limitations of liability, warranties and warranty
disclaimers, and indemnity if the software infringes
intellectual property rights of anyone.

Unlicensed software outside the scope of copyright protection

is either public domain software (PD) or software which is
non-distributed, non-licensed and handled as internal business
trade secret. Contrary to popular belief, distributed unlicensed
software (not in the public domain) is fully copyright
protected, and therefore legally unusable (as no usage rights at
all are granted by a license) until it passes into public domain
after the copyright term has expired. Examples of this are
unauthorized software leaks or software projects which are
placed on public software repositories like GitHub without a
specified license.
11.6.3 Licenses types

When a user buys a program, he is not gain full rights to the

software. By buying software the ownership has not been
transferred to the buyer. There are different types of program
license. According to the license the user can use the program.
The license includes how to use and distribution rights,
modification, and reselling the software.

License Description

Public domain Grants all rights

Permissive license
Copyleft
Proprietary license
Noncommercial license
Grants use rights, including
right to relicense
Grants use rights,
forbids proprietization
Traditional use of copyright;
no rights need be granted
Grants rights for
noncommercial use only. May
be combined with copyleft.
Public domain license

Public-domain software is software that has been placed in

the public domain: in other words, there is absolutely no
ownership such as copyright, trademark, or patent. Software
in the public domain can be modified, distributed, or sold even
without any attribution by anyone. Under this license the user
can use, modify, sell, or redistribute freely without
restrictions. This license is the most permissive one.

Permissive software license (Freeware)

A permissive software license, sometimes also called BSD-

like or BSD-style license, is a free-software license with only
minimal restrictions on how the software can be used,
modified, and redistributed, usually including a warranty
disclaimer. Examples include the GNU All-permissive
License, MIT License, BSD licenses, Apple Public Source
License and Apache license. The most popular free-software
license is the permissive MIT license

Under this license the owner may put his own restrictions for
redistribution or selling. If software is under freeware license
you can get and use for free. Other things like modification
and selling depend on the owner.
Copyleft license

Copyleft software licenses are considered protective or

reciprocal in contrast with permissive free software licenses,
and require that information necessary for reproducing and
modifying the work must be made available to recipients of
the software program, or binaries. This information is most
commonly in the form of source code files, which usually
contain a copy of the license terms and acknowledge the
authors of the code.

Proprietary license

Proprietary software, also known as non-free software, is

computer software for which the software's publisher or
another person reserves some rights from licensees to use,
modify, share modifications, or share the software. It
sometimes includes patent rights.

Noncommercial license

This type is most similar to copyleft. However, it does not

allow selling the software.
11.6.4 Patent

Another important form of intellectual property protection is

the patent. A patent creates protection for someone who
invents a new product or process. The definition of invention
is quite broad and covers many different fields. Here are some
examples of items receiving patents:

• circuit designs in semiconductors;

• prescription drug formulas;
• firearms;
• locks;
• plumbing;
• engines;
• coating processes; and
• business processes.

Once a patent is granted, it provides the inventor with

protection from others infringing on his or her patent. A patent
holder has the right to "exclude others from making, using,
offering for sale, or selling the invention."

Unlike copyright, a patent is not automatically granted when

someone has an interesting idea and writes it down. In most
countries, a patent application must be submitted to a
government patent office. A patent will only be granted if the
invention or process being submitted meets certain conditions:

• It must be original. The invention being submitted

must not have been submitted before.
• It must be non-obvious. You cannot patent something
that anyone could think of. For example, you could
not put a pencil on a chair and try to get a patent for a
pencil-holding chair.
• It must be useful. The invention being submitted
must serve some purpose or have some use that
would be desired.

The advent of digital technologies has led to a large increase

in patent filings and therefore a large number of patents being
granted. Once a patent is granted, it is up to the owner of the
patent to enforce it; if someone is found to be using the
invention without permission, the patent holder has the right
to sue to force that person to stop and to collect damages.

11.7 Ethics of downloading

Illegal downloading is also caused some ethical concerns and

raised the question whether digital piracy is equivalent
to stealing or not. When asked the question "Is it ethical to
download copyrighted music or video for free?"
For example, the ability to anonymously make perfect copies
of digital music has tempted many music fans to download
copyrighted music for their own use without making payment
to the music’s owner. Many of those who would never have
walked into a music store and stolen a CD find themselves
with dozens of illegally downloaded albums

11.8 Patient privacy

A recent trend of medical records is to digitize them. The

sensitive information secured within medical records makes
security measures vitally important. The ethical concern of
medical record security is great within the context of
emergency wards, where any patient records can be accessed
at all times. Within an emergency ward, patient medical
records need to be available for quick access; however, this
means that all medical records can be accessed at any moment
within emergency wards with or without the patient present.
Appendix A

HTML
HTML stands for Hypertext Markup Language, and it is the
most widely used language to write Web Pages.

 Hypertext refers to the way in which Web pages

(HTML documents) are linked together. Thus, the link
available on a webpage is called Hypertext.

 As its name suggests, HTML is a Markup

Language which means you use HTML to simply
"mark-up" a text document with tags that tell a Web
browser how to structure it to display.

Originally, HTML was developed with the intent of defining

the structure of documents like headings, paragraphs, lists,
and so forth to facilitate the sharing of scientific information
between researchers.

Html is a language that used to write web pages. If you want

to create a web page for yourself or your work, you should use
html. Although there are different languages to write dynamic
web pages, all of these should be converted finally to html.

In the following section we explain the concept of html and

how to use it to write attractive web page.

To create a web page you should write the code of the page
using html language. When you open the created web page,
the web browser read the code and show the correspondence
html page
Now, HTML is being widely used to format web pages with
the help of different tags available in HTML language.

Basic HTML Document

In its simplest form, the following is an example of an
HTML document
Live Demo
<!DOCTYPE html>
<html>
<head>
<title>This is document title</title>
</head>
<body>
<h1>Business Information System</h1>
<p>Document content goes here.....</p>
</body>
</html>

HTML Tags
As told earlier, HTML is a markup language and makes use
of various tags to format the content. These tags are enclosed
within angle braces <Tag Name>. Except few tags, most of
the tags have their corresponding closing tags. For
example, <html> has its closing tag </html> and <body> tag
has its closing tag </body> tag etc.
Above example of HTML document uses the following tags −

No Tag & Description

1 <!DOCTYPE...>
This tag defines the document type and HTML version.

2 <html>
This tag encloses the complete HTML document and mainly
 comprises of document header which is represented by
<head>...</head> and document body which is represented by
<body>...</body> tags.

3 <head>
This tag represents the document's header which can keep other
HTML tags like <title>, <link> etc.

4 <title>
The <title> tag is used inside the <head> tag to mention the
document title.

5 <body>
This tag represents the document's body which keeps other
HTML tags like <h1>, <div>, <p> etc.

6 <h1>
This tag represents the heading.

7 <p>
This tag represents a paragraph.

To learn HTML, you will need to study various tags and

understand how they behave, while formatting a textual
document. Learning HTML is simple as users have to learn
the usage of different tags in order to format the text or
images to make a beautiful webpage.

The following figure shows the html page after opening it in

the browser.
HTML Document Structure
A typical HTML document will have the following structure −

<html>

<head>
Document header related tags
</head>

<body>
Document body related tags
</body>

</html>
We will study all the header and body tags in subsequent
sections, but for now let's see what is document declaration
tag.

The <!DOCTYPE> Declaration

The <!DOCTYPE> declaration tag is used by the web
browser to understand the version of the HTML used in the
document. Current version of HTML is 5 and it makes use of
the following declaration −

<!DOCTYPE html>

There are many other declaration types which can be used in

HTML document depending on what version of HTML is
being used.

HTML - Basic Tags

Heading Tags
Any document starts with a heading. You can use different
sizes for your headings. HTML also has six levels of
headings, which use the elements <h1>, <h2>, <h3>, <h4>,
<h5>, and <h6>. While displaying any heading, browser adds
one line before and one line after that heading.

Example
Live Demo
<!DOCTYPE html>
<html>
 <head>
<title>Heading Example</title>
</head>

<body>
<h1>This is heading 1</h1>
<h2>This is heading 2</h2>
<h3>This is heading 3</h3>
<h4>This is heading 4</h4>
<h5>This is heading 5</h5>
<h6>This is heading 6</h6>
</body>

</html>

This will produce the following result –

Paragraph Tag
The <p> tag offers a way to structure your text into different
paragraphs. Each paragraph of text should go in between an
opening <p> and a closing </p> tag as shown below in the
example −

Example
Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Paragraph Example</title>
</head>

<body>
<p>Here is a first paragraph of text.</p>
<p>Here is a second paragraph of text.</p>
<p>Here is a third paragraph of text.</p>
</body>

</html>

This will produce the following result –

Line Break Tag
Whenever you use the <br /> element, anything following it
starts from the next line. This tag is an example of
an empty element, where you do not need opening and
closing tags, as there is nothing to go in between them.

The <br /> tag has a space between the characters br and the
forward slash. If you omit this space, older browsers will
have trouble rendering the line break, while if you miss the
forward slash character and just use <br> it is not valid in
XHTML.

Example
 Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Line Break Example</title>
</head>

<body>
<p>Hello<br />
You delivered your assignment ontime.<br />
Thanks<br />
Mahnaz</p>
</body>

</html>

Centering Content
You can use <center> tag to put any content in the center of
the page or any table cell.

Example
Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Centring Content Example</title>
</head>

<body>
<p>This text is not in the center.</p>

<center>
<p>This text is in the center.</p>
</center>
</body>
</html>
This will produce following result –

Horizontal Lines
Horizontal lines are used to visually break-up sections of a
document. The <hr> tag creates a line from the current
position in the document to the right margin and breaks the
line accordingly.

For example, you may want to give a line between two

paragraphs as in the given example below −

Example
Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Horizontal Line Example</title>
</head>

<body>
<p>This is paragraph one and should be on top</p>
 <hr />
<p>This is paragraph two and should be at bottom</p>
</body>

</html>

Again <hr /> tag is an example of the empty element, where

you do not need opening and closing tags, as there is nothing
to go in between them.

The <hr /> element has a space between the characters hr and
the forward slash. If you omit this space, older browsers will
have trouble rendering the horizontal line, while if you miss
the forward slash character and just use <hr> it is not valid in
XHTML

Nonbreaking Spaces
Suppose you want to use the phrase "12 Angry Men." Here,
you would not want a browser to split the "12, Angry" and
"Men" across two lines −

An example of this technique appears in the movie "12

Angry Men."

In cases, where you do not want the client browser to break

text, you should use a nonbreaking space
entity &nbsp; instead of a normal space. For example, when
coding the "12 Angry Men" in a paragraph, you should use
something similar to the following code −
Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Nonbreaking Spaces Example</title>
</head>

<body>
<p>An example of this technique appears in the movie
"12&nbsp;Angry&nbsp;Men."</p>
</body>

</html>
 HTML - Elements
An HTML element is defined by a starting tag. If the element
contains other content, it ends with a closing tag, where the
element name is preceded by a forward slash as shown below
with few tags −

Start Tag Content End Tag

<p> This is paragraph content. </p>

<h1> This is heading content. </h1>

<div> This is division content. </div>

<br />

So here <p>....</p> is an HTML element, <h1>...</h1> is

another HTML element. There are some HTML elements
which don't need to be closed, such as <img.../>, <hr
/> and <br /> elements. These are known as void elements.
HTML documents consists of a tree of these elements and
they specify how HTML documents should be built, and
what kind of content should be placed in what part of an
HTML document.
HTML Tag vs. Element

An HTML element is defined by a starting tag. If the

element contains other content, it ends with a closing tag.

For example, <p> is starting tag of a paragraph and </p> is

closing tag of the same paragraph but <p>This is
paragraph</p> is a paragraph element.

Nested HTML Elements

It is very much allowed to keep one HTML element inside
another HTML element −

Example
Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Nested Elements Example</title>
</head>

<body>
<h1>This is <i>italic</i> heading</h1>
<p>This is <u>underlined</u> paragraph</p>
</body>

</html>
This will display the following result −
 HTML - Attributes
We have seen few HTML tags and their usage like heading
tags <h1>, <h2>, paragraph tag <p> and other tags. We used
them so far in their simplest form, but most of the HTML
tags can also have attributes, which are extra bits of
information.

An attribute is used to define the characteristics of an HTML

element and is placed inside the element's opening tag. All
attributes are made up of two parts − a name and a value

 The name is the property you want to set. For example,

the paragraph <p> element in the example carries an
attribute whose name is align, which you can use to
indicate the alignment of paragraph on the page.

 The value is what you want the value of the property to

be set and always put within quotations. The below
example shows three possible values of align
attribute: left, center and right.
Attribute names and attribute values are case-insensitive.
However, the World Wide Web Consortium (W3C)
recommends lowercase attributes/attribute values in their
HTML 4 recommendation.

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Align Attribute Example</title>
</head>

<body>
<p align = "left">This is left aligned</p>
<p align = "center">This is center aligned</p>
<p align = "right">This is right aligned</p>
</body>

</html>
This will display the following result −
Core Attributes
The four core attributes that can be used on the majority of
HTML elements (although not all) are −

 Id
 Title
 Class
 Style

The Id Attribute

The id attribute of an HTML tag can be used to uniquely

identify any element within an HTML page. There are two
primary reasons that you might want to use an id attribute on
an element −

 If an element carries an id attribute as a unique

identifier, it is possible to identify just that element and
its content.
 If you have two elements of the same name within a
Web page (or style sheet), you can use the id attribute
to distinguish between elements that have the same
name.
For now, let's use the id attribute to distinguish between two
paragraph elements as shown below.
Example
<p id = "html">This para explains what is HTML</p>
<p id = "css">This para explains what is Cascading Style
Sheet</p>
The title Attribute
The title attribute gives a suggested title for the element.
They syntax for the title attribute is similar as explained
for id attribute −

The behavior of this attribute will depend upon the element

that carries it, although it is often displayed as a tooltip when
cursor comes over the element or while the element is
loading.

Example
Live Demo
<!DOCTYPE html>
<html>

<head>
<title>The title Attribute Example</title>
</head>

<body>
<h3 title = "Hello HTML!">Titled Heading Tag Example</h3>
</body>

</html>

After showing this page in the browser, try to bring your

cursor over "Titled Heading Tag Example" and you will see
that whatever title you used in your code is coming out as a
tooltip of the cursor.
The class Attribute
The class attribute is used to associate an element with a style
sheet, and specifies the class of element.

The value of the attribute may also be a space-separated list

of class names. For example −
class = "className1 className2 className3"

The style Attribute

The style attribute allows you to specify Cascading Style
Sheet (CSS) rules within the element.
Live Demo
<!DOCTYPE html>
<html>

<head>
<title>The style Attribute</title>
</head>

<body>
<p style = "font-family:arial; color:#FF0000;">Some text...</p>
</body>

</html>

At this point of time, we are not learning CSS, so just let's

proceed without bothering much about CSS. Here, you need
to understand what are HTML attributes and how they can be
used while formatting content.
Internationalization Attributes
There are three internationalization attributes, which are
available for most (although not all) XHTML elements.

 dir
 lang
 xml:lang

The dir Attribute

The dir attribute allows you to indicate to the browser about

the direction in which the text should flow. The dir attribute
can take one of two values, as you can see in the table that
follows −

Value Meaning

ltr Left to right (the default value)

rtl Right to left (for languages such as Hebrew or Arabic that

are read right to left)

Example
Live Demo
<!DOCTYPE html>
<html dir = "rtl">

<head>
<title>Display Directions</title>
</head>

<body>
This is how IE 5 renders right-to-left directed text.
</body>
</html>

This will produce the following result –

When dir attribute is used within the <html> tag, it

determines how text will be presented within the entire
document. When used within another tag, it controls the text's
direction for just the content of that tag.

The lang Attribute

The lang attribute allows you to indicate the main language
used in a document, but this attribute was kept in HTML only
for backwards compatibility with earlier versions of HTML.
This attribute has been replaced by the xml:lang attribute in
new XHTML documents.

The values of the lang attribute are ISO-639 standard two-

character language codes. Check HTML Language Codes:
ISO 639 for a complete list of language codes.
Example
Live Demo
<!DOCTYPE html>
<html lang = "en">

<head>
<title>English Language Page</title>
</head>

<body>
This page is using English Language
</body>

</html>

The xml:lang Attribute

The xml:lang attribute is the XHTML replacement for
the lang attribute. The value of the xml:lang attribute should
be an ISO-639 country code as mentioned in previous
section.

Generic Attributes
Here's a table of some other attributes that are readily usable
with many of the HTML tags.

Attribute Options Function

align right, left, center Horizontally aligns tags

valign top, middle, bottom Vertically aligns tags within an

HTML element.

bgcolor numeric, Places a background color

hexidecimal, RGB behind an element
values

background URL Places a background image

 behind an element

id User Defined Names an element for use with

Cascading Style Sheets.

class User Defined Classifies an element for use

with Cascading Style Sheets.

width Numeric Value Specifies the width of tables,

images, or table cells.

height Numeric Value Specifies the height of tables,

images, or table cells.

title User Defined "Pop-up" title of the elements.

 HTML - Formatting
If you use a word processor, you must be familiar with the
ability to make text bold, italicized, or underlined; these are
just three of the ten options available to indicate how text can
appear in HTML and XHTML.

Bold Text
Anything that appears within <b>...</b> element, is
displayed in bold as shown below −

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Bold Text Example</title>
</head>

<body>
<p>The following word uses a <b>bold</b> typeface.</p>
</body>

</html>

Italic Text
Anything that appears within <i>...</i> element is displayed in
italicized
Underlined Text
Anything that appears within <u>...</u> element, is displayed
with underline

Strike Text
Anything that appears within <strike>...</strike> element is
displayed with strikethrough, which is a thin line through the
text as shown below

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Strike Text Example</title>
</head>

<body>
<p>The following word uses a <strike>strikethrough</strike>
typeface.</p>
</body>

</html>
This will produce the following result −
Superscript Text
The content of a ^... element is written in
superscript; the font size used is the same size as the
characters surrounding it but is displayed half a character's
height above the other characters.

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Superscript Text Example</title>
</head>

<body>
<p>The following word uses a ^superscript typeface.</p>
</body>

</html>
Subscript Text
The content of a _... element is written in
subscript; the font size used is the same as the characters
surrounding it, but is displayed half a character's height
beneath the other characters.

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Subscript Text Example</title>
</head>

<body>
<p>The following word uses a _subscript typeface.</p>
</body>

</html>

Inserted Text
Anything that appears within <ins>...</ins> element is
displayed as inserted text.

Deleted Text
Anything that appears within <del>...</del> element, is
displayed as deleted text.
Larger Text
The content of the <big>...</big> element is displayed one
font size larger than the rest of the text surrounding it as
shown below −

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Larger Text Example</title>
</head>

<body>
<p>The following word uses a <big>big</big> typeface.</p>
</body>

</html>

Smaller Text
The content of the <small>...</small> element is displayed
one font size smaller than the rest of the text surrounding it as
shown below −
Insert Image
Images are very important to beautify as well as to depict
many complex concepts in simple way on your web page.
This tutorial will take you through simple steps to use images
in your web pages.

You can insert any image in your web page by

using <img> tag. Following is the simple syntax to use this
tag.

<img src = "Image URL" ... attributes-list/>

The <img> tag is an empty tag, which means that, it can

contain only list of attributes and it has no closing tag.

Example

To try following example, let's keep our HTML file test.htm

and image file test.png in the same directory −

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Using Image in Webpage</title>
</head>

<body>
<p>Simple Image Insert</p>
<img src = "/html/images/test.png" alt =
"Test Image" />
</body>
</html>
This will produce the following result –

You can use PNG, JPEG or GIF image file based on your
comfort but make sure you specify correct image file name
in src attribute. Image name is always case sensitive.

The alt attribute is a mandatory attribute which specifies an

alternate text for an image, if the image cannot be displayed.

Set Image Location

Usually we keep all the images in a separate directory. So
let's keep HTML file test.htm in our home directory and
create a subdirectory images inside the home directory where
we will keep our image test.png.

Example

Assuming our image location is "image/test.png", try the

following example −

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Using Image in Webpage</title>
</head>

<body>
<p>Simple Image Insert</p>
<img src = "/html/images/test.png" alt =
"Test Image" />
</body>

</html>

Set Image Width/Height

You can set image width and height based on your requirement
using width and height attributes. You can specify width and
height of the image in terms of either pixels or percentage of its
actual size.

Example

Live Demo
<!DOCTYPE html>
<html>
 <head>
<title>Set Image Width and Height</title>
</head>

<body>
<p>Setting image width and height</p>
<img src = "/html/images/test.png" alt =
"Test Image" width = "150" height = "100"/>
</body>

</html>

Set Image Border

By default, image will have a border around it, you can
specify border thickness in terms of pixels using border
attribute. A thickness of 0 means, no border around the
picture.

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Set Image Border</title>
</head>

<body>
<p>Setting image Border</p>
<img src = "/html/images/test.png" alt =
"Test Image" border = "3"/>
</body>

</html>
Set Image Alignment
By default, image will align at the left side of the page, but
you can use align attribute to set it in the center or right.

Example

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Set Image Alignment</title>
</head>

<body>
<p>Setting image Alignment</p>
<img src = "/html/images/test.png" alt =
"Test Image" border = "3" align = "right"/>
</body>

</html>
Linking Documents
A webpage can contain various links that take you directly to
other pages and even specific parts of a given page. These
links are known as hyperlinks.

Hyperlinks allow visitors to navigate between Web sites by

clicking on words, phrases, and images. Thus you can create
hyperlinks using text or images available on a webpage.

Note − I recommend you to go through a short tutorial

on Understanding URL

A link is specified using HTML tag <a>. This tag is

called anchor tag and anything between the opening <a> tag
and the closing </a> tag becomes part of the link and a user
can click that part to reach to the linked document. Following
is the simple syntax to use <a> tag.

<a href = "Document URL" ... attributes-list>Link

Text</a>

Example

Let's try following example which links

http://www.tutorialspoint.com at your page −

Live Demo
<!DOCTYPE html>
<html>

<head>
 <title>Hyperlink Example</title>
</head>

<body>
<p>Click following link</p>
<a href = "https://www.google.com" target =
"_self">Search in Google</a>
</body>

</html>
This will produce the following result

The target Attribute

We have used target attribute in our previous example. This
attribute is used to specify the location where linked
document is opened. Following are the possible options −

No Option & Description

1 _blank
Opens the linked document in a new window or tab.

2 _self
Opens the linked document in the same frame.

3 _parent
Opens the linked document in the parent frame.

4 _top
Opens the linked document in the full body of the
 window.

5 targetframe
Opens the linked document in a named targetframe.

Example

Try following example to understand basic difference in few

options given for target attribute.

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Hyperlink Example</title>
<base href = "https://www.google.com/">
</head>

<body>
<p>Click any of the following links</p>
<a href = "/html/index.htm" target =
"_blank">Opens in New</a> |
<a href = "/html/index.htm" target =
"_self">Opens in Self</a> |
<a href = "/html/index.htm" target =
"_parent">Opens in Parent</a> |
<a href = "/html/index.htm" target =
"_top">Opens in Body</a>
</body>

</html>

This will produce the following result, where you can click
on different links to understand the difference between
various options given for target attribute.
Use of Base Path

When you link HTML documents related to the same

website, it is not required to give a complete URL for every
link. You can get rid of it if you use <base> tag in your
HTML document header. This tag is used to give a base path
for all the links. So your browser will concatenate given
relative path to this base path and will make a complete URL.

Example

Following example makes use of <base> tag to specify base

URL and later we can use relative path to all the links instead
of giving complete URL for every link.

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Hyperlink Example</title>
<base href = "https://www.mysite.com/">
</head>

<body>
<p>Click following link</p>
<a href = "/html/index.htm" target =
"_blank">HTML Tutorial</a>
</body>

</html>

This will produce the following result, where you can click
on the link generated HTML Tutorial to reach to the HTML
tutorial.
Now given URL <a href = "/html/index.htm" is being
considered as:

<ahref = "http://www.mysite.com/html/index.htm"

Linking to a Page Section

You can create a link to a particular section of a given
webpage by using name attribute. This is a two-step process.

Note − The name attribute deprecated in HTML5. Do not use

this attribute. Use id and title attribute instead.

First create a link to the place where you want to reach with-
in a webpage and name it using <a...> tag as follows −

<h1>HTML Text Links <a name = "top"></a></h1>

Second step is to create a hyperlink to link the document and

place where you want to reach −

<a href = "/html/html_text_links.htm#top">Go to the

Top</a>

This will produce following link, where you can click on the
link generated Go to the Top to reach to the top of the HTML
Text.

Go to the Top
Setting Link Colors
You can set colors of your links, active links and visited links
using link, alink and vlink attributes of <body> tag.

Example

Save the following in test.htm and open it in any web

browser to see how link, alink and vlink attributes work.

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Hyperlink Example</title>
<base href = "https://www.mysite.com/">
</head>

<body alink = "#54A250" link = "#040404" vlink

= "#F40633">
<p>Click following link</p>
<a href = "/html/index.htm" target =
"_blank" >HTML samples</a>
</body>

</html>

This will produce the following result. Just check color of the
link before clicking on it, next check its color when you
activate it and when the link has been visited.
Download Links
You can create text link to make your PDF, or DOC or ZIP
files downloadable. This is very simple; you just need to give
complete URL of the downloadable file as follows −

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>Hyperlink Example</title>
</head>

<body>
<a href =
"https://www.mysite.com/page.pdf">Download PDF
File</a>
</body>
</html>

HTML news bar

An HTML marquee is a scrolling piece of text displayed

either horizontally across or vertically down your webpage
depending on the settings. This is created by using HTML
<marquees> tag.

Note − The <marquee> tag deprecated in HTML5. Do not

use this element, instead you can use JavaScript and CSS to
create such effects.
Syntax
A simple syntax to use HTML <marquee> tag is as follows −
<marquee attribute_name = "attribute_value"....more
attributes>
One or more lines or text message or image
</marquee>

The <marquee> Tag Attributes

Following is the list of important attributes which can be

used with <marquee> tag.

No Attribute & Description

1 width
This specifies the width of the marquee. This can be a
value like 10 or 20% etc.

2 height
This specifies the height of the marquee. This can be a
value like 10 or 20% etc.

3 direction
This specifies the direction in which marquee should
scroll. This can be a value like up, down, left or right.

4 behavior
This specifies the type of scrolling of the marquee.
This can have a value like scroll, slide and alternate.

5 scrolldelay
This specifies how long to delay between each jump.
 This will have a value like 10 etc.

6 scrollamount
This specifies the speed of marquee text. This can
have a value like 10 etc.

7 loop
This specifies how many times to loop. The default
value is INFINITE, which means that the marquee
loops endlessly.

8 bgcolor
This specifies background color in terms of color name
or color hex value.

9 hspace
This specifies horizontal space around the marquee.
This can be a value like 10 or 20% etc.

10 vspace
This specifies vertical space around the marquee. This
can be a value like 10 or 20% etc.

Below are few examples to demonstrate the usage of

marquee tag.

Examples - 1

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>HTML marquee Tag</title>
</head>
 <body>
<marquee>This is basic example of
marquee</marquee>
</body>

</html>

Examples - 2

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>HTML marquee Tag</title>
</head>

<body>
<marquee width = "50%">This example will
take only 50% width</marquee>
</body>

</html>

Examples - 3

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>HTML marquee Tag</title>
</head>

<body>
<marquee direction = "right">This text will
scroll from left to right</marquee>
</body>

</html>
Examples - 4

Live Demo
<!DOCTYPE html>
<html>

<head>
<title>HTML marquee Tag</title>
</head>

<body>
<marquee direction = "up">This text will
scroll from bottom to up</marquee>
</body>

</html>