Question:
Critically assess and evaluate the differences between Data Security and Data Privacy using approximately 700 – 800 words.
Answer:
Part A
Introduction
The Green Bites Foods is a catering service firm in UK, where they are hired for serve foods for any events. They have 8 special menus prepared for their clients as well as drink and extras are selected by their clients. They can work 20 events in the summer. They want an information system will track their order details, client’s information as well as this system can generate such remainder to their client’s event.
This information system also has some confidential information such like payment information, employee’s personal information etc. This system will provide a flexible environment to access all that information from a single window. This information system will eliminate the problem with a hardcopy of all information as well as it can change the order details, employee details, payments issues without having any extra trouble.
System Specification
The system specification of the Green Bite Foods is deriving in two form. The conceptual model contains an EERD model showing all entities, relations, cardinality, indexes and generalisation as well as specialisation. The logical mode includes the mapped EERD model showing the normalised model of the entire diagram.
Conceptual Model: EERD
Figure 1: Conceptual Model: EERD of Green Bite Foods
(Source: Created by author)
Logical Model
The logical model is developed by normalising the conceptual model up to the third normal form. The above figure 1 shows, that the order relation is in the 1st NF form, therefore this relation into decomposing into the second normal form as well as up to the 3dr NF.
The 1st NF:
According to the 1st NF, no duplicate row cannot exist in the database, each of the datasets contains a unique value. In the below diagram, the dataset is in this format, which needs to decompose into the 2nd normal form. In this database, the business logic is a customer can order more than one order, but in this format, it cannot be possible.
The 2nd NF:
This form ensures that there is no partial dependency in the database, that means all columns depend on the one primary key. Therefore, this order relation is needed to decompose into two different table to separate the partial dependency.
Relation 1:
Relation 2:
The 3rd NF:
In this form, all non-prime attributes of a relation must depend on the primary key that means all transitive functional dependencies are removed from the relations. In the above two relations the transitive dependency is identified. Therefore these relations need to decompose into the sub-relations. The decomposed relations are shown in the below diagram figure 1.
Figure 1: Logical Model: EERD of Green Bite Foods
(Source: Created by author)
Data Dictionary
| Table Name | GBF_Employess | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| ID | Varchar | 100 | Yes | No |
| Name | Varchar | 100 | No | No |
| Address | Varchar | 200 | No | No |
| PHnumber | int | 10 | No | No |
| Varchar | 100 | No | No | |
| Salary | int | 10 | No | No |
| Table Name | Staff | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| ID | Varchar | 100 | Yes | No |
| HourlyRate | Double | 10,2 | No | No |
| EmploymentType | Varchar | 200 | No | No |
| EmployeeID | int | 10 | No | Yes |
| Table Name | Customer | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| ID | Varchar | 100 | Yes | No |
| Name | Varchar | 100 | No | No |
| Address | Varchar | 200 | No | No |
| PHnumber | int | 10 | No | No |
| Varchar | 100 | No | No | |
| OrderID | Varchar | 100 | No | Yes |
| Table Name | Supplies | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| OrderID | Varchar | 100 | No | Yes |
| RawIngredients | Varchar | 100 | No | No |
| Drink | Varchar | 200 | No | No |
| NumberOfPlates | int | 10 | No | No |
| NumOfStuffs | int | 100 | No | No |
| Table Name | OrderStatus | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| ID | Varchar | 100 | No | Yes |
| DateOfEvent | Date | No | No | |
| DateOfCancellation | Date | No | No | |
| Status | Varchar | 100 | No | No |
| Issues | Varchar | 100 | No | No |
| Table Name | Payment | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| ID | Varchar | 100 | Yes | No |
| BookingID | Varchar | 100 | No | Yes |
| PaidAmount | int | 10 | No | No |
| DueAmount | int | 10 | No | No |
| Table Name | Order | |||
| Column Name | Data Type | Size | Primary Key | Foreign KEY |
| ID | Varchar | 100 | Yes | No |
| CustomerID | Varchar | 100 | No | Yes |
| Place | Varchar | 100 | No | No |
| FuncationType | Varchar | 100 | No | No |
| StandardMenu | Varchar | 100 | No | No |
| drinks | Varchar | 100 | No | No |
| Extras | Varchar | 100 | No | No |
| TotalPrice | int | 10 | No | No |
Encountered problems and solution
The main challenging encountered during the planning of logical database model are such as handling the business requirements, set up the terms, normalisation decisions, poor naming standards makes it very deficit for normalisation phase. There is some phase includes the analysis of the business requirements that are the primary objective of this system. Therefore if any of this logics missed out from the design phase, it would result in failure in the primary implementation. In this logical implementation plan, another main problem is separate the tables according to their dependency.
The solution to mitigate those problems is identifying the functional dependencies are requiring to decompose or formed any relation, use proper naming for all attributes as well as entities.
Part B
Critically assess and evaluate the differences between Data Security and Data Privacy
The data security referred to the availability, confidentiality and integrity of the data. It can be defining as a process of protecting data from all unauthorised users. The data security ensures that the administrator can only set the accessing rights for some group of users as well as it conveys the safety of that information. The data security includes many aspects, for instance, gathering the required data, protect it, and dump that information is not required anymore (Marwaha and Bedi 2013). It can ensure that the data must be accessed by the administrator persons as well as in the data set is available, reliable as well as accurate. These means it will help any business meet the legitimate commitments of having confidential information.
The Data (Information) privacy is reasonably characterised standard for proper utilisation of information as well as maintain business rules. Whenever organisations and vendors utilise information or data that is given or endowed to them, the information ought to be used by the concurred purposes (Matturdi et al. 2014). Therefore, the data privacy conveys on a particular data policy agreed by two merchants or companies. The “Federal Trade Commission” endorses punishments against “the organisations that have invalidated to guarantee the privacy of a client’s information” (Thuraisingham 2015). On the other hand, organisations have sold, revealed, or leased information of the purchaser data that was donated to them to different gatherings without getting the earlier authorization (Wei et al. 2014). However, companies need to create a data policy to between their customers and their agreed data structure for the system. This data set is an asset to the organisations, therefore, these data policies are crucial to the business. The data security is defining a secure data policy; no data policy will be treated as entrusted to an organisation.
Figure 3: Data security and privacy
(Source: Marwaha and Bedi 2013, pp-369)
The data security and data privacy are two different aspects of the security information to an organisation. However, both are required to protect from the third party or unauthorised users. The difference of term privacy and data protection are found at the position of they used. However, in reality, the difference depends on the market sector or organisation as well as jurisdiction (Matturdi et al. 2014). The privacy is that can be used for indicating the personal information, whereas the data protection is the management of personal information. At whatever point associations and sellers use data or data that is given or invested to them, the data should be utilised for the agreed purposes. Along these lines, the data security passes on a particular data policy concurred by two traders or organisations.
The perspective of storage data protection define data is not corrupted; the authorised person only accesses the data and it only compliance with applicable requirements (Alvarez, Hollick and Gardner-Stephen 2016). Now in the context of security, the data protection is an implementation of preferred administrative, accidental disclosure, destruction of data as well as technical or physical means to guard against the intruders.
Conclusion
In this report, a logical model and conception model of Green Bite Foods is developed according to the given business logic implemented by this company. The conceptual design defines that they can use this information system which will eliminate the problem of storing and sorting the hard copies of all information as well as it can work efficiently with the order details, employee details, payments issues without having any trouble. The data dictionary part of this report ensures that the structure of this database can store maximum possible information to it. Therefore, it can be concluded that the database is working as expected and met all objective of this report.
References
Alvarez, F., Hollick, M. and Gardner-Stephen, P., 2016, October. Maintaining both availability and integrity of communications: Challenges and guidelines for data security and privacy during disasters and crises. In Global Humanitarian Technology Conference (GHTC), 2016 (pp. 62-70). IEEE.
Arasu, A., Babcock, B., Babu, S., Cieslewicz, J., Datar, M., Ito, K., Motwani, R., Srivastava, U. and Widom, J., 2016. Stream: The Stanford data stream management system. In Data Stream Management (pp. 317-336). Springer Berlin Heidelberg.
Bester, K., Chandler, A.T., Shewell, M.A. and Yates, S.J., International Business Machines Corporation, 2016. Data migration in a database management system. U.S. Patent 9,378,254.
Cao, N., Wang, C., Li, M., Ren, K. and Lou, W., 2014. Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Transactions on parallel and distributed systems, 25(1), pp.222-233.
Clifford, P., Robinson, M. and Rogers, T., Face Recording and Measurements Ltd, 2014. Database management system. U.S. Patent Application 14/786,817.
Ganjam, K., Narasayya, V.R., Kaushik, R., Arasu, A. and Chaudhuri, S., Microsoft Corporation, 2016. Integrated fuzzy joins in database management systems. U.S. Patent 9,317,544.
Hababeh, I., Khalil, I. and Khreishah, A., 2015. Designing high performance web-based computing services to promote telemedicine database management system. IEEE Transactions on Services Computing, 8(1), pp.47-64.
Hrle, N., Martin, D., Mohan, C., Spyker, J.D. and Yao, Y., International Business Machines Corporation, 2015. Database management system and method of operation. U.S. Patent Application 14/857,889.
Jahn, M., Schill, E. and Breunig, M., 2013. Towards a 4D database management system for geothermal projects: an example of the hydraulic data of Soultz. In Second European Geothermal Workshop.
Liu, L., 2016, September. Security and Privacy Requirements Engineering Revisited in the Big Data Era. In Requirements Engineering Conference Workshops (REW), IEEE International (pp. 55-55). IEEE.
Marwaha, M. and Bedi, R., 2013. Applying encryption algorithm for data security and privacy in cloud computing. IJCSI International Journal of Computer Science Issues, 10(1), pp.367-370.
Matturdi, B., Xianwei, Z., Shuai, L. and Fuhong, L., 2014. Big Data security and privacy: A review. China Communications, 11(14), pp.135-145.
Nadkarni, U., Harrington Technologies Llc, 2013. Skills database management system and method. U.S. Patent 8,554,754.
Ramnath, S.K.B., Maycock, K., McAndrew, J.M. and Scullion, N., International Business Machines Corporation, 2014. Pre-caching of relational database management system based on data retrieval patterns. U.S. Patent Application 14/535,948.
Reddy, T.B.K., Thomas, A.D., Stamatis, D., Bertsch, J., Isbandi, M., Jansson, J., Mallajosyula, J., Pagani, I., Lobos, E.A. and Kyrpides, N.C., 2014. The Genomes OnLine Database (GOLD) v. 5: a metadata management system based on a four level (meta) genome project classification. Nucleic acids research, p.gku950.
Singer, M., 2016, June. The application of a database management system in an energy management system. In Proceedings of the Ninth Power Systems Computation Conference (p. 359). Elsevier.
Starkey, J.A., Nuodb Inc., 2013. Database management system. U.S. Patent 8,504,523.
Sun, Y., Zhang, J., Xiong, Y. and Zhu, G., 2014. Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks.
Thuraisingham, B., 2015, March. Big data security and privacy. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (pp. 279-280). ACM.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y. and Vasilakos, A.V., 2014. Security and privacy for storage and computation in cloud computing. Information Sciences, 258, pp.371-386.
