SosaYi9

1) Cleanroom method cleanroom software engineering method is a formal method, which can produce high-quality software. Cleanroom method is a strict software engineering method. It is a software process model that emphasizes mathematical verification of correctness and certification of software reliability. Its objectives and results have a very low error rate, which is difficult or impossible to achieve by using non formal methods.

Modeling tools, software development tools, software testing tools and project management tools. 2.1 software development method software development method is a subject whose research object is software development method. From different angles, software methodology can be classified as follows: from the perspective of development style, it can be divided into top-down and bottom-up development methods; From the nature, it can be divided into formal and non formal methods

Software architecture definition, typical architecture, software architecture design method, software architecture analysis and evaluation, software middleware. 4) Object oriented system analysis and Design: basic concept of object-oriented, unified modeling language (UML), visual modeling, object-oriented system analysis, object-oriented system design.

Software requirements analysis and definition, software design, testing and maintenance, software reuse, software quality assurance and quality evaluation, software configuration management, software development environment, and software process management. 2) Technical knowledge of software components: components and their importance in information system projects, common component standards (COM / DCOM / COM +, CORBA and EJB).

G2B (government to business, government to citizen) G2C (government to citizen) 3) e-commerce B2B (business to business, business to enterprise) B2C (businesstocustomer, business to individual) C2C (customertocustomer, individual to individual) Chapter 2 basic knowledge points of system development

Supply chain management (SCM), business intelligence (BI) and enterprise portal (EP) can be divided into three categories: Information Portal (EIP), knowledge portal (EKP) and Application Portal (EAP) 2) e-government G2G (government to government)

2) Strategic data planning method, JamesAccording to James Martin, the first task for an enterprise to implement informatization is to plan its strategic data under the guidance of its strategic objectives. 3) Information engineering method, information, process and technology constitute the three elements of enterprise information system. 1.4 informatization foundation 1) enterprise resources planning (ERP) for enterprise informatization

System planning, system analysis, system design, system implementation, system operation and maintenance. Development law of information system (Nolan model): 1) initial installation; 2) Spread; 3) Control; 4) Integration; 5) Data Management 1.3 information system construction the methods of information system construction mainly include: 1) business system planning (BSP)

Basic functions of information system: data collection and input, data transmission, information storage, information processing, information maintenance and information use. Information system classification: classified by data environment, it can be divided into data files, application databases, subject databases and information retrieval systems. It is classified by application level, including strategic level, tactical level, operational level and thing level.

The unit of the information amount is determined to be bit. 1.2 three dimensional structure of information system Hall: time dimension, logic dimension and knowledge dimension. Information system definition: a system that combines management theory and methods, applies information technology to solve management problems, and provides support for management decisions. In short, the information system is the input data

Financial statement method flow chart method (network or WBS method), on-site observation method, historical data environment analysis method, analogy method, expert consultation 2Risk assessment methods probability distribution (expert prediction) extrapolation (using historical data) qualitative assessment matrix analysis risk development

Risk identification 3. Pre estimate the possible consequences of the identified risks - risk assessment 4. Design the corresponding original Countermeasures - control risks according to the magnitude and priority of risks 5. Carry out input-output assessment on the design countermeasures 6. Transfer from feasible to 7. Return from infeasible 17. Design 8. Implement 25.2 safety risk identification 25.3 risk identification and risk assessment methods

Chapter 25 information system security risk assessment 25.1 information security and information risk how to design and formulate an information security assurance system for a new system that has not yet been established?It is to analyze, identify and evaluate the security risks of the information application system, and formulate preventive measures for it. The relationship between information security and security risk

24.3 information security system support background any successful information security guarantee system is based on the strong support and full contribution of all parties. 24.4 definition of information security assurance system: information security assurance system is a professional information application system that integrates various hardware, software and password equipment on the network to ensure the normal operation of other business application information systems

⊙ general software and hardware ⊙ PKI / Ca security assurance system must have password ⊙ application system must be fundamentally changed (i.e. application information system re compiled according to PKI / Ca standard) 3. S2-mis features: ⊙ special software and hardware ⊙ PKI / Ca security assurance system must have password ⊙ application system must be fundamentally changed (i.e. application information system re compiled according to PKI / Ca standard)

Layer 9: core of security protection system: realize the comprehensive management of enterprise information security resources, i.e. eism six capabilities: early warning, protection, detection, response, recovery and counterattack WPDRRC capability model: form the framework of the macro information network security protection system structure from the three elements of personnel, technology and policy

The fifth layer: application security security test, anti repudiation test, security verification test, identity authentication test, recovery mechanism inspection, confidentiality test, reliability test and availability test 6) the sixth layer: operation security 7) the seventh layer: management of security personnel, training management, application system management

1. Security mechanism 1) the first layer: infrastructure entity security, machine room security, site security, facility security, power system security, disaster prevention and recovery 2) the second layer: platform security operating system, network facilities, applications, security products 3) the third layer: data security media and carrier security, data access control, data integrity, data availabilityData monitoring and audit, data storage and backup

construction: complexity of information system construction, life cycle of information system (each stage and its main work content), principles of information system construction and development methods of information system. 1.1 definition of information Shannon in the mathematical theory of communication

Data integrity service, data source point authentication service, non denial service 3. Security technology encryption technology, data signature technology, access control technology, data integrity technology, authentication technology 24.2 information security system architecture 1. MIS + s: primary information security assurance system features: ⊙ application is basically unchanged ⊙ software and hardware are common ⊙ security equipment does not have a password