As specified in the task description, a first-cut class diagram is required for the different use cases in the system. A first-cut class diagram shows attributes, their visibility and behaviour, and initial values. Domain classes and classes for controller and boundary classes need to be shown. The Use Cases identified include: “Enter New Order’, ‘Create Case Manifest’ and “Record Order Fulfilment”. The control class is the order class, the boundary class being OrderFulfilment while the entity class is CaseManifest.
Class diagram with reference to (Muhairat, AL-QUTAISH and ATHAMENA 2011)
The Order class represents a single order from a facility. It is the order made for a single patient and contains the patient’s details, including name, room number and floor, as well as the medication requested. The class has methods to derive the logged in facility name and their address from the database.
The case manifest represents the detailed contents of a case. It contains an ArrayList with order details that are to be dispatched together.
First Cut Sequence Diagram is a detailed sequence diagram that details the internal objects and messages within the system (Satzinger, et al., 2012).
The actor of this use case is the personnel at the healthcare facility who fills out the order for a patient’s prescription.
Creation of a new order results into generation of a case manifest. Some of the activities that are involved in the generation of a complete case manifest include sorting of orders by facility, then sorting the facility orders by floor.
Order fulfillment involves the employees at ChemExec assembling cases, labeling appropriately then signing them out for dispatch.
Submitting an order via the web form triggers the action of order verification, followed by order sorting and finally the generation of a case manifest.
Additional classes that can be included for these use cases include Facility and Employee. The facility class will represent the details of the facility to which ChemExec is supplying medicine, while the Employee class represents the ChemExec employee using the system. Employee has the getCurrentShift() method which identifies the shift. Facility has the attributes of facilityID, facilityAddress and deliveryArea. The method it uses is getdeliveryArea() which selects one of the two delivery areas based on the address provided.
CastManifest class has getOrderDetails() which gets all the details of the orders made. OrderFullfillment class has methods getOrderID which gets the Ids of the orders fulfilled, getShiftSuperVisor() gets the supervisor of the shift when the order was fulfilled, getPharmacist() and getPharmacistAssistant which get both the pharmacist and the pharmacist assistant incharge.
The following are controls and security measures to be incorporated within the social networking subsystem to curb identity theft, phishing attacks, and viruses.
Login credentials
Change login credentials from the factory default to a new username and a complex password made up of letters, numbers and symbols (Munson, 2017). Unique login credentials for each user will help prevent guessing or hacking of passwords and thus unauthorized logins to the system and identity theft.
Encryption
Enable Access Point Encryption such as WPA or WPA2 to protect data sent over the network (Munson, 2017). Encrypted data cannot be deciphered without the appropriate encryption key and therefore will help prevent unauthorized recipients from accessing user information. One way to do this is to only send data over secured networks.
Secure the 802.1X client settings
To prevent a man-in-the-middle attack, utilize server verification on the client side. This prevents the client from passing the Wi-Fi login credentials to the RADIUS server until it verifies it’s communicating with a legit server. (Singla, Singh and Choudhary 2017). In this type of attack, an attacker sets up a faux Wi-Fi that an unsuspecting user will connect to using the correct username and password. The attacker collects sensitive information by recording such logins. Verifying that the client seeking to communicate with the server is authentic will prevent this kind of attack
Use firewalls
Deploy two firewalls which will separate the intranet from the internet. These firewalls will filter incoming and outgoing communication to validate that they are allowed. Firewalls will prevent outgoing communication to malicious websites that may allow viruses into the intranet and therefore the system. They also prevent spoofing and jamming attacks.
Filter Egress Traffic to protect intranet
This involves restricting addresses that local workstations in the intranet can access. It prevents malicious programs from getting onto the host then ex-filtrating data to an attacker. This also prevents erroneous exfiltration and exfiltration due to configuration errors in NetBIOS or DNS to external parties. Detecting exfiltration is achievable through logging of network traffic activity.
Restrict traffic to allowed devices only
Switch on logging of devices and network activity. This allows for monitoring such that only devices with appropriate IP range of company addresses can access the internal network resources. This method prevents phishing attacks since requests such as password changes can be verified by the system administrator before being affected.
Seven tables are needed for this Database, The Facility table will keep track of all facility details, and the order table will record details of all new orders whereas the payment table will record payments made to ChemExec by detailing the order which is being paid for, amount given and the method of payment used. This will help capture which payments are from individuals, healthcare facilities and insurance companies. Employee table will keep track of the ChemExec employees. Case Manifest and Shift tables are weak entities that derive their cells from the other tables. The following is the justification for the selected entities:
Facility: The requirements document specifies that the health facility employees should be able to place orders via a web portal. It is therefore needful to have an entity that keeps track of all facilities registered with ChemExec, which results into normalization. This entity also provides some measure of system security since it can be used to restrict the facilities making orders. The primary key is facilityID and the only other details recorded are the facility name and address, for the purpose of delivery.
Order: The order entity records each unique order placed by assigning it a unique id, recording the facility placing the order and the specifics which include the floor, room and patient to which the order will be delivered.
Employee: This keeps a record of ChemExec employees in order to assist with shift management and therefore efficiency and accountability.
Payment: This important entity keeps track of all the payments made for each order. An allowance has been made to record mode of payment in order to track whether the payment was made by an individual, a facility or an insurance company.
User: The users table is used for verifying logins for all authorized registered users. It records usernames and passwords.
Case Manifest: This is an entity generated from a consolidation of orders every twelve hours. Its multi-valued entity contains order details.
The recommended method for implementing the new system would be the phased implementation strategy. This is where the new system is implemented in stages overtime, until the entire system is in place.
Currently, many procedures within the organization such as order entry, billing, and inventory management are done using both manual and computer-assisted methods. The programs currently in use include Excel spreadsheets, an Access database, and old custom-developed billing software running on personal computers.
Given that there are various different programs in use for different functions, implementing the new system in phases is bound to produce the best results. Each old program can be replaced by a module of the new system on separate dates. This would give the employees time to familiarize well with this new module before moving on to the next implementation.
Other advantages of this method include that it puts less pressure on the development team, it is less risky, since problems with a phased module affect only that section and not the entire system and lastly, the development team can gain knowledge from the user interactions with the implemented modules which they may use during the development of the other upcoming modules.
Technical Risk factors
These arise from technological phenomena such as hardware or software failure or incompatibility. Technical risks can be associated with the introduction of new technology (Van Asselt and Renn 2011) or the acquisition of new hardware and software (Van Asselt and Renn 2011). Complex systems need higher levels of technical skills and technology employed. The greater the project size, the higher the likelihood of a project failure. Furthermore, a project can fail if it is too ambitious, such as needing to address cross-sector requirements, such as finance, management, and distribution, even when given time and firm executive support. One way to solve this is to use a phased approach (Warkentin, 2009). Breaking down the project into doable parts helps address risks in small portions. However, the best method is to attempt to identify risks earlier on and deploy the necessary factors needed to mitigate them.
According to research, organizational risks such as hesitant senior management support to a project and not involving the end-user during development are some of the risks that lead to project failure or cancellation (Christensen, 2013). This risk occurs frequently and is of high severity, because without the approval and support by the senior management, the project is likely to fail completely. Moreover, not dedicating enough time towards the initial stages of system leads to more issues during the testing period since the problem may not have been well defined, leading to a product that the users do not accept, or one that does not meet user needs. To mitigate this risk, development teams look out for known failure factors relating to planning and problem definition and deliberately avoid them as an incentive to prevent these factors of project failure.
Resource Limitations
This is a problem of inadequate resources allocated to the project. The three crucial resources needed during development are time, money and skilled personnel. The personnel need to identify the system requirements and develop a requirement specification document, as well as a budget outline. Once the team receives the necessary funding, they need to proceed to acquire the technology and other resources needed for development.
Another resource required is the technology used. If the system specification details a technical requirement that is not compatible with the technical resources provided, it hampers development of the system.
Olawale and Sun (2010) stresses that organizations must always focus on balancing cost, time and quality of a project design. Hwang and Gay 2013 advise that people, time, and money must be allocated prior to the beginning of the project and then monitored throughout the system development life cycle. Cost overruns are a great cause of a system project failure (Ameh, Soyingbe and Odusami 2010).
This is a factor that relates to sharing information between the project’s stakeholders. Communication between vendors and clients is crucial especially from a management perspective. When the team elements share information in a timely and concise manner, it makes project management more efficient. Also, good management encourages better communication. For this reason, when a problem arises, it can be managed in a timely manner. On the other hand, lack of clearly outlined communication and management procedures has adverse consequences such as poor product quality or termination of project. It is important that the appointed communication persons between the teams have adequate knowledge of the project and a clear understanding of the kind of information needed to bring the project to completion.
References
Ameh, O.J., Soyingbe, A.A. and Odusami, K.T., 2010. Significant factors causing cost overruns in telecommunication projects in Nigeria.[online] Journal of Construction in Developing Countries, 15(2), pp.49-67.Nigeria. Covenant University. Available from: https://eprints.covenantuniversity.edu.ng/3197/#.W7dz2lFR200 [Accessed 05 October 2018]
Christensen, C., 2013. The innovator’s dilemma: when new technologies cause great firms to fail.pp.253. Boston. Harvard Business Review Press.
Hwang, B.G., Zhao, X. and Gay, M.J.S., 2013. Public private partnership projects in Singapore: Factors, critical risks and preferred risk allocation from the perspective of contractors.[online] International Journal of Project Management, 31(3), pp.424-433. Singapore. Elsevier. Available from: https://www.sciencedirect.com/science/article/abs/pii/S0263786312000944 [Accessed 05 October 2018]
Muhairat, M.I., AL-QUTAISH, R.E. and ATHAMENA, B.M., 2011. FROM GRAPHICAL USER INTERFACE TO DOMAIN CLASS DIAGRAM: A REVERSE ENGINEERING APPROACH. Journal of Theoretical & Applied Information Technology, 24(1), pp142. Alabama. EBSCO.
Munson, L., 2017. Why Python Is The Best Scripting Tool For Security. pp.40. Security-faqs. Com.
Olawale, Y.A. and Sun, M., 2010. Cost and time control of construction projects: inhibiting factors and mitigating measures in practice.[online] Construction management and economics, 28(5), pp.509-526. U.K. Informa. Available from: https://www.tandfonline.com/doi/abs/10.1080/01446191003674519 [Accessed 05 October 2018]
Satzinger, J.W., Jackson, R.B. and Burd, S.D., 2012. Systems analysis and design in a changing world. [online]. 6th ed. Boston. Cengage learning. Pp.42. Available from: https://books.google.co.ke/books?id=eRQKAAAAQBAJ&dq=Satzinger,+J.W.,+Jackson,+R.B.+and+Burd,+S.D.,+2012.+Systems+analysis+and+design+in+a+changing+world.+6th+ed.+Boston.+Cengage+learning.&lr=&source=gbs_navlinks_s [Accessed 05 October 2018]
Singla, O., Singh, H. and Choudhary, N., 2017. Performance Enhancement of Channel Estimation Technique in Broadcast and Multicast Mode. International Journal on Recent and Innovation Trends in Computing and Communication. [online]. 5(6), pp.422-425. Auricle Technologies.Rajastan. Available from: https://ijritcc.com/index.php/ijritcc/article/view/789 [Accessed 05 October 2018]
Van Asselt, M.B. and Renn, O., 2011. Risk governance. [online] Journal of Risk Research, 14(4), pp.431-449. UK. Informa. Available from: https://www.tandfonline.com/doi/abs/10.1080/13669877.2011.553730 [Accessed 05 October 2018]
Warkentin, M, 2009. Analysis of Systems Development Project Risks. Analysis of Systems Development Project Risks: An Integrative Framework., [Online]. 40, 6,12,13,14. Available at: https://www.researchgate.net/publication/220627685_Analysis_of_Systems_Development_Project_Risks_An_Integrative_Framework [Accessed 3 October 2018].
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download