Database and Software Development Methods and Security
Analyze Database and Software Development Methods and Security Models
Author:
University:
Course:
Professor:
|
Table of Contents |
| Introduction |
| Database testing and required updated applications |
| ERP software database structure |
| Database testing process |
| Database control checklist |
| Application of updated patches |
| Recommendations |
| Comparison of models |
| Conclusion |
| Reference List |
Introduction
ERP software is well known for handling various business solutions. The most important contribution of ERP software is providing loans, investments, credit cards, mortgages, and financial counseling. In this assignment, arisen security concern of the software has to be analyzed. Chosen security flaws and management of patching of the security spots will be discussed with proper reference.
Database testing and required updated applications
ERP software database structure
ERP has various elements of database which is most essential for formulating the entire software. The most basic elements of the software are tables, Data types, Data forms, Queries, and Reports.
is.muni.cz, (2021), describes the detailed island system of ERP data structure. The most three basic data types in ERR are Warehouse data, Production data, and Customer & sales data.
|
Warehouse data |
Production data |
Sales data |
|---|---|---|
|
Consists of the stock count, the actual location of products, and item numbers. |
Consist of the produced items, and capacity range of production. | Consist of sales orders, information of customers, and confirmed orders. |
Table 1: Data island system in ERP software
Database testing process
geeksforgeeks.org, (2021), states database testing is the most important observational process in a database. By this process, the tables, triggers, schema, reports, and other sectors inside a database can be tested. According to geeksforgeeks.org, (2021), database testing is done mainly for tracking data mapping inside the database, checking data integrity, and ensuring accuracy in the business. In ERP software these attributes are most important by which database testing can be conducted effectively.
|
Database testing proceedure |
|---|
|
(Applicable for ERP software) |
|
|
|
|
|
Table 2: Database testing procedure in ERP software
Database control checklist
According to template.net, (2021), a database control checklist can help to understand the security control measure in the database. The step-by-step process will be discussed below with proper reference.
| Steps | Conducted tests | Description |
|---|---|---|
| Step 1 | Authentication protocol checking | Tests check the user’s background so that organization can confirm the authentication of users. |
| Step 2 | Checking data access | Sensitive usage of the database has to be tracked by which it can be protected. |
| Step 3 | Encryption checking | Encryption can protect the data storage by transforming them into codes. Encryption testing can protect data security effectively. |
Table 3: Database control checklist
Application of updated patches
Many times ERP uses the oracle as a database structure. The essential update installing processes are described below. Hassani, (2020), describes various patches management in oracle database management, widely used in ERP software.
|
Patch application in Oracle database |
|---|
|
(Used in ERP software) |
|
|
|
|
|
Table 4: Types of patches in ERP software
Recommendations
The constant need of checking the software database is essentially required. The identified vulnerability in the database has to be updated according to the database type (mostly oracle). Organizations have to produce a database control checklist regularly. The security expert has to focus on updating the patches by which the website can be safe and secure.
Comparison of models
|
Waterfall model |
Spiral model |
|---|---|
|
This model is the most basic software development model (geeksforgeeks.org, 2021). The detailed process comprises of |
This model is a combination of sequential-model and iterative models (Shylesh, 2017). The four basic components are |
|
1) Feasibility-study |
1) Identification |
|
2) Analysis of requirement |
2) Design |
|
3) Design-management |
3) Construction |
|
4) Unit testing & coding |
4) Risk evaluation |
|
5) System-testing |
|
|
6) System-maintenance |
Table 5: Comparison of Waterfall and spiral model
|
Rapid-application-development |
Reuse model |
Extreme-programming |
|---|---|---|
| According to Rapid application development, the organization provides sample software prototypes and receives feedback from them (Shylesh, 2017). | The organization carries through software development for a specific duration. | Extreme programming focuses on creating higher-quality software. By this programming, an advanced version of the software could be developed (agilealliance.org, 2020). |
Table 6: Rapid-application-develolpment, Reuse-model, extreme-programing comparison
Figure 7: Reuse model
(Source: researchgate.net, 2021)
Conclusion
The proposed models are the most significant for developing the security application in ERP software. For detailed security identification, regular security checklist preparation is required. Based on the checklist, the security analyst can party the needed updates.
Reference List
Website
is.muni.cz, 2021, ERP architechture, Retreved on 23rd December 2021 from: https://is.muni.cz/el/1456/jaro2013/BPH_EPS1/Basic_ERP_architecture_20110215.pdf
geeksforgeeks.org, 2021, software-testing-database-testing, Retreved on 23rd December 2021: from: https://www.geeksforgeeks.org/software-testing-database-testing/
template.net, 2021, database-security-checklist, Retreved on 23rd December 2021 from: https://www.template.net/business/checklist-templates/database-security-checklist/
researchgate.net, 2021, Design-Reuse-Model, Retreved on 23rd December 2021 from: https://www.researchgate.net/figure/Design-Reuse-Model-26_fig2_277150679
agilealliance.org, 2021, softwere development, Retreved on 23rd December 2021 from: https://www.agilealliance.org/glossary/xp/#:~:text=Extreme%20Programming%20(XP)%20is%20an,engineering%20practices%20for%20software%20development
Journals
Hassani, P. (2020). Implementing Patch Management Process. https://www.theseus.fi/bitstream/handle/10024/341620/PasiHassani_Thesis.pdf?sequence=2
Shylesh, S. (2017). A study of software development life cycle process models. In National Conference on Reinventing Opportunities in Management, IT, and Social Sciences (pp. 534-541). https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2988291
