List two ways to build visual model of your system.
A data flow diagram DFD maps out the flow of information for
any process or system. Symbols such as rectangles ,circles, and arrows are use.
On top of it short labels are also written to show data inputs, outputs storage
points and the path between every destination. Data flow diagram can be simple
and can be drawn on a piece of paper to explain the process or system or it can
be drawn in depth with multi-level Data flow diagram that gives the picture of the
process in depth and with so much of detail.. it is used to anayze an existing
system or make a new model for the for the organization. Data flow diagram make
it easier to explain the process through diagrams and visual presentation of
the process which makes it easier to understand as some time words can be
difficult to understand.
It is crucial to mention that data flow diagram were
popularized in the late 1970s arising from the book structured design, by
computing pioneer Ed Yourdon and Larry Constantine. There were other
contributors too contributing to the development of data flow diagram, Tom
DeMarco, Chris Gane and Trish sarson hence the name of the symbols and
notations comes from their name Yourdon and Coad, Yourdon and DeMarco, Gane and
Sarson. One main difference in their symbols is that Yourdon-Coad and
Yourdon-DeMarco use circle for processes while Gane and Sarson use rectangles
with rounded corners, sometimes called lozeges. There are other way of symbol
variation in use as well. it is crucial to keep in mind few rules and tip when
crating a data flow diagram, they are as follows:
process should have at least one input and an output.
data store should have at least one data flow in and one data flow out.
stored in a system must go through a process.
processes in a DFD go to another process or a data store.
A Swim lane which is also known as SwimLane diagram is a
type of flowchart in which it also clarifies who does what in the process. It
gives visual representation of connections, communication and handoffs between
different organization level and it also can show inefficiency of the employee
or wastage in the process. Other names given to Swim lane diagram is
Rummler-Brache diagram or cross-functional diagram. They are called functional
bands too. Swim lane diagram was first
published in the year 1990 in Geary Rummler and Alan Brache book, improving
There several benefit of using swimlanes they are as
It makes sure person who look at swim lanes diagram know
whats happening the company and everybody know what every body is doing..
There is less chance of duplication of work. For example,
different departments doing the same work. It even cut down on unnecessary step
in the process.
A second swim diagram can be used to model a better way of
doing things in the organization. Swimlane Diagrams can be formalized as a way
to integrate processes between teams or departments, resulting in cleaner
processes on an ongoing basis. swimlanes
introduce parallel or vertical or horizontal lines grouping the process steps
by actor, such as employee, work group department or even an information
What is the best
definition of a trust boundary?
A trust boundary can be thought of as line drawn through a program.
On one side of the line, data is untrusted. On the other side of the line, data
is assumed to be trustworthy. The purpose of validation logic is to allow data
to safely cross the trust boundary – to move from untrusted to trusted. A trust
boundary violation occurs when a program blurs the line between what is trusted
and what is untrusted. By combining trusted and untrusted data in the same data
structure, it becomes easier for programmers to mistakenly trust unvalidated
data entering from across a trust boundary indicates every
place where the receiving systems need to validate the inbound data. Data
crossing a trust boundary also means that you have identified a place where you
should examine the security of the data. It doesn’t mean you mustencrypt or that you must authenticate,
but as you analyze the connection for vulnerabilities, you may discover that
encryption and/or authentication remediates the issues.