Archive | Flowcharts and Data Flow Diagrams (DFDs) RSS feed for this section

Data Flow Diagrams: Not Always Effective..

10 Mar

Data Flow Diagramming Mistakes

DFDs look easy on the surface – after all, what’s hard about writing down a few
bubbles and arrows? In practice the techniques proves to be somewhat more
difficult than one might first think.

This final blog post considers some of the common mistakes that occur when one first
tries to build DFDs. There are several common types of mistakes. One that is
easy to check for and correct involves using so-called illegal data flows.

Illegal Data Flows

One of the patterns of data flow analysis is that all flows must begin with or
end at a processing step. This makes sense, since presumably data cannot simply
metastasize on its own without being processed. This simple rule means that the following mistakes can be fairly easily identified and corrected in a DFD.

Black Holes, Grey Holes and Miracles

A second class of DFD mistakes arise when the outputs from one processing step do not match its inputs. It is not hard to list situations in which this might occur:

  • A processing step may have input flows but no output flows. This situation is sometimes called a black hole.
  • A processing step may have output flows but now input flows. This situation is sometimes called a miracle.
  • A processing step may have outputs that are greater than the sum of its inputs – e.g., its inputs could not produce the output shown. This situation is sometimes referred to as a grey hole.

I hope my blog posts have helped you understand the difference between Flow charts and DFD’s, the advantages of choosing each one, and also the disadvantages that come with them!

Thanks for reading!

Creating Flowcharts

10 Mar

So, in the blogs so far, I have tried to help to make it easier to understand what Flowcharts and DFD’s are, their properties and their uses. I have also gone through some rules to help with the drawing of them for the exam. However, I find that the best it is a lot easier to understand something while being shown it rather than reading it in a textbook or a blog. So, in this blog I will share a tutorial video which I found very helpful when trying to learn more about flowcharts. The video is a guide on how to create Flowcharts using Microsoft Visio. I hope you also find it useful.

 

My Final post on Flowcharts

10 Mar

Well this is my sixth and final post. My group and I have covered many topics. Some of these include the uses of Flowcharts, how flowcharts are applied in a business environment, how to construct a Flowchart, the differences between DFD’s and Flowcharts and even there purpose and use. Starting this blog I had no idea how important Flowcharts are in business. They provide a visual aid in presentations. They often help explain what words cannot. This is vital in business especially when using power – point.

This is one of the most simple Flowcharts I found that explain it.

Simple FlowBreeze flow chart example

http://www.breezetree.com/articles/what-is-a-flow-chart.htm

Other things to note. An “as is Flowchart” is an overview of your business processes. A DFD is linked to the flow of info in a computer program. This differs from Flowcharts. Always give the Flowchart a title.

That about sums it up. The purpose of this blog was to learn about Flowcharts and DFD’s while also learning how to blog properly. I learned both over the last few weeks. I’d like to thank my group members for working so well and providing so much feedback. Thank you 🙂

Common mistakes in Flowcharts

9 Mar

well this is my second last post and i am going to cover the most common mistakes people and businesses make when constructing a Flowchart .This is a subject i haven’t addressed yet but my group members have mentioned briefly. I am going to add to their points and also make my own unique ones.

There are several common Flowchart mistakes. These can range from design to content and even the wrong colours. Here are the common mistakes I found :

  • Scale = Many Flowcharts are re-sized to try and fit them into presentations on a single page. As a result these charts are unreadable. This is especially true in power point presentations. So the remedy is to fit the Flowcharts over multiple pages to rid the confusion.
  • Excessive Colours = People often overdo colour and it takes away the real message of the Flowchart. Use colour but don’t let it distract the reader too much.
  • Wrong Flow Symbols = use the correct shape of the symbols for their given action. I’ve spoken about this in previous posts. All shapes must be the same size to attain consistency. Otherwise the Flowchart will look uneven.
  • Spacing Problems = Try to keep the spacing equal between every shape. This will make the chart look even the whole way through.
  • Direction issues = Flowcharts should generally go in one of two directions. These are from left to right or more commonly top to bottom. Try not to mix the two and choose one. Connectors should be used when liking the shapes

This website was helpful.

http://www.breezetree.com/articles/common-flowchart-mistakes.htm

Well I hope I’ve highlighted some of the major mistakes with Flowcharts. This should help you all to make better charts that can be read easily 🙂

Differences Between Flowcharts and DFD’s

9 Mar

There are many differences between flowcharts and DFD’s.

1. A flow chart details the processes to follow, whereas a Data Flow Diagram details the flow of data through a system

2. On a flow chart processes are shown one at a time, whereas with a Data Flow Diagram the processes operate at the same time.

3. Processes on flowcharts are part of a single program with consistent timing, whereas processes on a Data Flow Diagram can have dramatically different timing, eg. daily, weekly. etc.

4. A flow chart describes the program being used, whereas a data flow diagram determines the flow of data, eg. between subroutines, or between other different programs.

5. There are 2 types of Data Flow Diagram’s, logical and physical, whereas there are 4 different types of flowcharts: systems flowchart, deployment flowchart, top-down flowchart and logic flowchart.

 

Data Flow Diagrams

9 Mar

data.flowIntroduction.DFD show how data through inputs and outputs is processed by a system. Data flow diagrams are made up of 4 vital components (Processes, External entities, data flows and Data stores.

I went through the notes and they said Dfd’s were easy to understand. I totally disagree. This is how I simplify it.
4 components of dfd.
1. Processes convert incoming data flows to outgoing data flows.
2.External entities are objects outside the system with which the system is in contact with. They are the things giving and receiving the systems inputs and outputs.
3.Data flows are lines, tunnels, pipelines (whatever you want to call them) with which information goes. N.B Every data flow must be labelled with what type of data is flowing through.
4.Data Stores save data within the system. They are sometimes referred to as “files”.

Data Flow diagrams and Security Requirements.

9 Mar

So far throughout my blogs I have given; a basic introduction to both flowcharts and data flow diagrams, informed you all of the different types, the advantages, the construction of flowcharts and DFDs, the use of flowcharts in the healthcare system and for my final blog I’m going to concentrate on how DFDs can be used within web security requirements.

When identifying applications, process and data, a data flow diagram is a good place to start. As I said in a previous blog, a data flow diagram is to identify the process in a system and the data that flows in and out of the process. Data flow consists of four symbols; external entity, process, data flow and data store. Data flow documentation consists of the data elements contained in the flow as well as the entity associated with the data elements. An example of a data flow diagram with four symbols can be seen below:

Data flow diagrams can be useful in helping you specify your security requirements and to help when beginning a new web development project.  Although there is a whole literature around the usage of DFDs, you don’t necessarily have to be fancy about it; you can just use simple boxes to illustrate where data will be stored and lines to indicate where data will be flowing.

This is a very simple example of  a high-level DFD where the process and flow are easily understood.

A very important aspect is trust boundaries, where the data comes from or goes someplace where you don’t completely trust,for example the internet. When the diagram is drawn, they begin to look for security related issues. Threat Modelling is often used to pick out certain security related issues which may need to be addressed. Sometimes this can result in some complications and it is very easy to lose sight of where you are and what you are looking to achieve.

If you or your company have previous knowledge of Threat Modelling then you could use it.

Your data is stored in the data store. Ideally data should be stored in as little places as possible. In some cases you may be storing more data than what is necessary. If you are processing data which falls under Data Protection Legislation then you would need to encrypt any data which is stored on portable media, such as USB sticks or laptops. Devices which store sensitive or confidential information should be securely destroyed at the end of their life.

For data flows you should help you specify the security requirements that your application will need to meet. For example, now you should have a better idea of where you need to encrypt your data, perform validation, authenticate the user etc.

But,you need to be careful. There could be areas where there is data stored where you mightn’t have thought about. If it is stored externally, then you may need to think about mechanisms such as encryption.

Situations will arise sometimes, where you need to extract production data to assist in troubleshooting. This could mean enabling application logging, or copying files to other systems where it can be analysed. You should have procedures  in place to make sure that this information is deleted when the troubleshooting has been completed. Also disable any logging which you may have turned on during the troubleshooting.

Data Flow Diagrams are a useful tool in helping you specify the security requirements that your application needs to meet. This is a  is relatively simple and informal approach and is easy to understand. In particular, it does not use Threat Modelling techniques to analyse your risks.

This is my last blog so I hope you all enjoyed reading them and that they will be helpful to ye for revision 🙂 Best of luck to everyone in the exams 🙂
References:

http://www.docstoc.com/docs/document-preview.aspx?doc_id=69490571

http://blog.alexisfitzg.com/2010/10/data-flow-diagrams-and-security.html

%d bloggers like this: