Full Transcript

Chapter Five The MIS Program Algorithms 1. Introduction In the previous chapter (Chapter 4), we discussed two main types of programs designed for Management Information Systems (MIS): 1. Ready-made programs or Off-the-shelf programs. 2. Progr...

Chapter Five The MIS Program Algorithms 1. Introduction In the previous chapter (Chapter 4), we discussed two main types of programs designed for Management Information Systems (MIS): 1. Ready-made programs or Off-the-shelf programs. 2. Programs built from scratch using a programming language. This chapter concentrates on the latter type of MIS programs developed from the ground up to fulfill specific requirements. In this context, we emphasize the professional methods for constructing the optimal MIS program. 2. The Importance of Program Algorithms When developing an optimal MIS program, avoiding immediate coding is crucial, a common pitfall known as the "Rush to Code" problem. This approach often results in error-prone and unprofessional programs that require extensive modifications, leading to increased costs and time constraints. Indeed, algorithms serve as a solution to this issue. They are typically presented in structured formats such as pseudocode, flowcharts, or programming languages. By providing a blueprint for writing code, algorithms enable developers to implement solutions in diverse programming languages and environments. Effective program algorithms are clear, concise, and efficient, leading to better code readability, maintainability, and performance. They are essential for software development as they guide developers in designing solutions to complex problems and implementing them systematically and logically. Furthermore, program algorithms help programmers in the following fields: 1. Clarity and Readability: Program algorithms enable programmers to express algorithmic ideas clearly and understandably. 2. Algorithm Design: Before diving into coding, it's crucial to conceptualize and design algorithms effectively. Program algorithms allow programmers to focus on the logic and flow of their algorithms without being distracted by the syntactical nuances of a particular programming language. 3) Portability and Flexibility: Program algorithms can be easily translated into any programming language. This flexibility allows programmers to explore different implementation strategies and choose the most suitable language for their projects. 3. How to create Program Algorithms? Creating program algorithms includes several steps to solve problems or perform tasks effectively. The following is a simplified guide to creating program algorithms: 1) Understand the problem: Begin by thoroughly understanding the issue you need to solve. Clearly define the problem statement, inputs, and desired outputs. 2) Break Down the Problem: Break down the problem into smaller, more manageable sub-problems or steps. This process helps simplify complex problems and makes them easier to solve. 3) Design the Algorithm: Determine the logical steps required to solve each sub-problem. Use techniques like sequential execution, conditionals (if-else statements), loops (for, while), and recursion as needed. 4) Choose an Algorithmic Approach: Select an appropriate algorithmic approach. There are two main types of algorithmic approaches, they are: A) Pseudocode: Pseudocode is a plain language description of the algorithm's steps. B) Flowchart: Flowcharts use graphical symbols to represent the algorithm's flow. 3.1 Writing the Pseudocode Program Algorithms: The Pseudocode algorithm is a simplified, informal language that describes the coding process for solving a problem. Pseudocode uses a simple way that is easy to understand and implement, unlike actual programming languages. It includes the structure and sequential steps for the coding. Simple Example of Pseudocode We need to write a program (code) to calculate a rectangle's area. * Write the pseudocode for this problem before starting coding: 1- Input (Read) the rectangle length. 2- Input (Read) the rectangle width. 3- Area = Length * Width. 4- Print Area. (The Output) 3.2 Designing the Flowchart Program Algorithms: Flowcharts are graphical representations of algorithms or processes, utilizing various symbols and connectors to illustrate the flow of control within a program. They provide a visual roadmap for understanding the logical sequence of operations, making them an invaluable tool for understanding problems and easy to code. The following are some of the main flowchart’s symbols: Simple Example of Flowchart We need to write a program (code) that calculates the summation of two numbers A &B. * Design the flowchart for this problem before starting coding: Figure: The flowchart of the summation of two numbers A&B. [https://www.visualparadigm.com/tutorials/flowchart-tutorial/] Simple Example of Flowchart We need to write a program (code) that determines if the weather is (Above Freezing), or if it is (Below Freezing), based on the temperature: If it is less than 32 (F): The weather is Below Freezing. If it equals or exceeds 32 (F): The weather is Above Freezing. * Design the flowchart for this problem before starting coding: Figure: The flowchart of the previous problem. [https://www.rff.com/flowchart_samples.php] Chapter Six The Cybersecurity of MIS Programs 1. Introduction In contemporary times, cybercrimes such as threats, hacking, and attacks have emerged as significant challenges in the digital landscape. Management Information Systems (MIS) play a pivotal role in various aspects of our digital existence, notably within the realm of business operations. Hence, the implementation of robust security measures within MIS becomes imperative. Without robust security protocols, MIS risks failing to fulfill its intended objectives, thereby exposing organizations to potential financial losses and operational disruptions. Consequently, it is crucial to identify and address key security concerns to mitigate the challenges. Therefore, what specific security considerations must be addressed to safeguard MIS and other information systems against these formidable threats? This chapter answers this question, presenting optimal solutions for the information security challenges. 2. What is Cybersecurity? Cybersecurity is the practice of protecting systems, networks, and programs from digital threats & attacks which are typically aimed at accessing, changing, or destroying sensitive information, extorting money from users, or interrupting normal business processes. Cybersecurity attacks have the following types: 1. Malware: Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. 2. Phishing: Fraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity in electronic communications. 3. Ransomware: A type of malware that locks or encrypts a user's data, demanding a ransom to restore access. 4. Man-in-the-Middle (MitM) Attacks: Where attackers secretly intercept and relay messages between two parties. 5. Denial of Service (DoS) Attacks: Overwhelming a system with traffic to make it unavailable to its intended users. 6. SQL Injection: Inserting malicious SQL code into a query to manipulate or access a database. 7. Zero-Day Exploits: Attacks that occur on the same day a vulnerability is discovered and before a fix is implemented. 3. Cybersecurity Strategies For having MIS with a high level of cybersecurity, the following cybersecurity strategies should be soundly done: 1. Risk Assessment: Identifying and prioritizing potential risks to the organization’s information and systems. 2. Security Policies: Establishing rules and procedures to protect an organization's information assets. 3. Encryption: Using cryptographic techniques to protect data confidentiality and integrity. 4. Regular Updates and Patch Management: Keeping software up to date to protect against vulnerabilities. 5. Monitoring and Detection: Continuously monitoring systems for suspicious activity and potential threats. Now, we will highlight points (2) & (3) for practical clarifications. 3.1 The Security Policies: In the environment of MIS, we should strongly pay attention to the following actions as a part of the security policy: A- Creating strong passwords. B- Using up-to-date antiviruses. C- Using the firewalls. A) Creating strong passwords: Creating strong passwords is a crucial aspect of MIS cybersecurity, the strong passwords should have the following criteria: 1- Length: Password contains at least (8) characters. Longer passwords are generally stronger. 2- Complexity: Password uses a mix of uppercase and lowercase letters, numbers, and special characters. 3- Unpredictability: Avoid easily guessable information such as names, birthdays, or common words. In this approach, the password is difficult to be guessed or hacked. Examples No Password The Strong Level 1 mnM45o Rejected & weak, it has less than (8) elements. 2 9oR5kMt@ Accepted 3 KoR@5r_4 Accepted & Strong 4 12345678 Rejected, it is a common one. 3.1.a Checking the power of passwords online using an open-source tool Nowadays, you can test & check online how secure the password is & what is the expected time to guess or hack it. Many online tools are available as open-source programs. The following is one of them: Tool Name Password Monster Tool URL https://www.passwordmonster.com/ The interface of the tool is as follows: Example (1) 1) Test the password: mnM45o The Result Analytics the Results 1) The password is weak. 2) The estimated time for guessing /tracking: is (10:31) minutes. Example (2) Test the password: KoR@5r_4 The Result Analytics the Results 1) The password is strong. 2) The estimated time for guessing /tracking: (4) months. B) Using up-to-date antiviruses: Antivirus software plays a fundamental role in protecting against a wide range of cyber threats. Antivirus software provides a necessary line of defense to protect personal and organizational data. It helps ensure the security of sensitive information, maintains system performance, and supports overall cybersecurity hygiene. Regular updates and continuous improvements in detection technologies are essential to keeping up with the evolving threat landscape, making antivirus software a cornerstone of effective cybersecurity strategies. Examples of Antivirus Software 1)Norton Antivirus: Developed by Norton LifeLock, Norton Antivirus is known for its comprehensive protection features, including real-time threat protection, and password manager. It uses a combination of signature-based and heuristic-based detection methods. 2) McAfee Total Protection: McAfee offers a suite of security features, including antivirus, and identity theft protection. It employs machine learning and global threat intelligence to detect and prevent malware. 3) Kaspersky Anti-Virus: Kaspersky provides robust protection against a wide range of threats, using advanced detection technologies and real-time scanning. It also offers features such as vulnerability scanning and system cleanup tools. 4) Bitdefender Antivirus Plus: Bitdefender is known for its high detection rates and minimal impact on system performance. It includes features like multi-layer ransomware protection, antiphishing, and secure online banking tools. 5) Windows Defender: Built into Windows operating systems, Windows Defender provides essential antivirus protection with real-time scanning and automatic updates. It integrates seamlessly with the operating system, offering a user-friendly and efficient solution. C) Using the firewalls: The firewalls act as strong antivirus for individual PCs, servers as well as computer networks. But in general, they are designed for servers & network systems. Firewalls play a crucial role in safeguarding networks by monitoring and controlling traffic, enforcing access policies, and preventing potential threats. Their ability to provide robust protection makes them an indispensable part of any comprehensive cybersecurity strategy. Firewalls have two types: 1) Firewall as a software. 2) Firewall as hardware. The firewall software: Is suitable for individual PCs, and servers and maybe for small networks. While the hardware firewalls are designed for computer network systems, particularly for large networks. The Hardware firewalls: These are physical devices that are installed between a network and the gateway. They protect all the devices on the network by filtering traffic entering or leaving the network. Examples of Software Firewalls The Firewall Software The Best Use Windows Defender Firewall 1- Servers. 2- Personal PCs. Zone Alarm 1- Servers. 2- Personal PCs. Norton Personal Firewall Proper for Personal PCs. Examples of Hardware Firewalls The Firewall Software The Best Use 1- Cisco ASA 2- Fortinet FortiGate Computer Network Systems 3- Palo Alto Networks The Firewall Types Software Fire wall Hardware Firewall Suitable for Suitable for 1. Individual PCs Large Computer Network Network Systems 2. Servers 3. May for Small Networks Figure 1: The Firewall Type 3.3 The Encryption Encryption is a specific method within cryptography focused on converting plaintext into ciphertext to ensure confidentiality, secure communication, and data protection. Encryption is also named as (ciphering). The opposite process of encryption is decryption, which is also called (deciphering). Encryption involves two main processes:  Encryption (Ciphering): The process of converting plaintext into ciphertext using an algorithm and an encryption key.  Decryption (Deciphering): The process of converting ciphertext back into plaintext using a decryption key. Figure 2: The Encryption & Decryption Processes. [https://techdifferences.com/differencebetween- encryption-and-decryption.html] There are two primary types of encryptions: A) Symmetric Encryption: Uses the same key for both encryption and decryption. B) Asymmetric Encryption: Uses a pair of keys—one public key for encryption and one private key for decryption. So, Asymmetric encryption is more complex & secure than symmetric. Figure 3: Asymmetric & Symmetric Encryption. Examples of Symmetric Encryption Algorithms The examples of algorithms and methods that are used for symmetric encryptions are: A) Substitution Method. B) Transposition Method. Examples of Asymmetric Encryption Algorithms The examples of algorithms and methods that are used for Asymmetric encryptions are: A) RSA Method. B) Diffie-Hellman Method. The next section presents application examples of symmetric encryption in both methods: substitution and transposition algorithms. 4. Application Examples of Symmetric Encryption This section presents application examples of symmetric encryption in both methods: A) Substitution Algorithm. B) Transposition Algorithm. 4.1 Application Example of Substitution Symmetric Algorithm Substitution encryption is a method of encrypting a message by replacing each element of the plaintext with another element. This technique is used to obfuscate the original message and make it unreadable to unauthorized parties. Example: Caesar Cipher We need to encrypt the message "HELLO", using a Caesar cipher with a shift of 3: H -> K E -> H L -> O L -> O O -> R So, "HELLO" becomes "KHOOR". 4.2 Application Example of Transposition Symmetric Algorithm Transposition encryption is a method of hiding a message by rearranging the order of its letters. This technique also is used to obfuscate the original message and make it unreadable to unauthorized parties. Example We need to encrypt the message "Jerusalem", using a Transposition Symmetric Algorithm with key: ORCAD: 1) Number the key letters according to alphabetical order starting from number (1): 2) Write the message normally from left to right to be ordered as columns under the numbers, as follows: 3) Read the columns one by one starting from number (1), as follows: um re s ja el So, the encrypted message (The Cipher Text) is: umresjael 4) To decrypt, reverse the steps using the same key and method to rearrange the ciphertext back to its original plaintext form.

Use Quizgecko on...
Browser
Browser