Learning Outcome 4

Learners will be able to:

model Web-based systems
use a generalised notation to present their models (UML)
discuss the need for secure communication on the Internet, explain the Infrastructure that enables it, and advise on appropriate strategy for securing the infrastructure for digital enterprise.

What event will trigger the application of the learning?	What degree of success will learner accomplish?
When the learner needs to gather user requirements and to produce software specification for Web-based electronic business applications. When the learners needs to advice on potential threats that may compromise the system, appropriateness of strategy for going online and design the architecture of the infrastructure for secure communication.	Learner will be able to explain the characteristics of client server architectures, to use UML diligently to model Web-based systems. Learners will be able to explain the potential threats to online business, the protocols, the schemes, and the infrastructure for secure communicating.

Learning Objectives in the 'Mandatory Objectives' column refer to the bare minimum you need to learn to pass. It is essential that this learning is undertaken.

Successful completion of the 'Honours' column, together with the 'Mandatory Objectives' column, will prepare you more thoroughly.

If you complete all of the learning in each column, then you will be in the best position to obtain a high mark during the assessments.

For each category, click on individual Learning Objectives to access the relevant learning material.

Mandatory Objectives:	Honours:	First Class:
What is a use case? What is system boundary?	How do I construct a use case diagram? How do I write a use case? How can use case relationships make my model more realistic?	When should I use a collaboration diagram to supplement my model? How would a robustness diagram assist the modeling of a Web application?
How can I use sequence diagrams to analyse user interactions?	What is a component? How can I model my Web application as a number of components?	What is the difference between the RUP and ICONIX?
What are the threats?	Why is Web attractive to intruders and attackers?	What are the consequences to online economy?
What is encryption?	What are symmetric encryption and asymmetric encryption?	How does Public Key Infrastructure work?
What do we need to protect against (What do we need to ensure)?	What are the advantages and disadvantages of various security strategies? What are the communication protocols that ensure secure communication?	Where do we use these strategies? What are the overheads of secure communication?
How does online payment processing work?	How does SET ensure privacy of both order and payment details?	How does online payment processing compare with traditional credit card payment processing?

Are there any tools that learners can use in pursuit of this outcome?

PC with Internet access, books, periodicals, pen, paper

Are there any special words or terms which can be used in the glossary?

security treat, symmetric (private key) and asymmetric (public key) encryption, cryptography, digital certificate, certificate authority, public key infrastructure, digital envelope, public key infrastructure, SSL, SET, message digest, object oriented analysis and design, use cases, sequence diagram, class diagram

What references (books/articles/URLs) can the learner draw on?

Internet cryptography, R.E. Smith, Addison-Wessley. Web security, Amrit Tiwana, Digital Press. http://hotwired.lycos.com/webmonkey, http://www.baltimore.com/unicert/xkms/index.asp?pR=w3HP

What event will trigger the application of the learning?

What degree of success will learner accomplish?