Java Reference
In-Depth Information
order number is an inseparable element of data that is tied with order, and all queries are raised
based on the order number generated by the system for each customer order. Any modiication or
destruction of this information would severely impede Panthera's operations, as it would result in
loss of customer faith, which would directly translate into the loss of revenue for Panthera.
6.1.3.3 Gift Card Information
Panthera's management considers gift cards to be an important information asset for their busi-
ness. Panthera's customers have been known to extensively purchase gift cards. hese gift cards
are available across all the Panthera stores and can be purchased online as well as in retail stores.
Subsequently, their recipients use these gift cards to purchase goods in Panthera's stores or on
the Web. hese gift cards contain the gift card serial number and the passcode, which need
to be entered into the system when they are being used. Panthera is known to ofer gift cards
with diferent denominations and a variety of additional beneits. If the conidentiality of gift
card-related information in Panthera's database is breached, then it would result in a great
deal of inancial losses to Panthera, as this gift card-related business activity for Panthera is a
signiicant one.
6.1.3.4 Stock/Inventory Information
he RFP for the envisaged e-commerce application in Chapter 4 has highlighted the diferent
types of user roles that will be looking into the inventory management module of the Web appli-
cation. Stock/inventory information relates to the items and their details, which are sold through
Panthera's e-commerce application. his information consists of stock item name, its price, quan-
tity, and discounts, if any. he integrity of this information is of immense importance to Panthera.
If there is any unauthorized or wrongful modiication of any element of stock/inventory informa-
tion, then the company could sufer inancial losses. For instance, if a disgruntled employee or an
external hacker had access to modify the price of, for example, a 500-GB portable hard drive from
$129 to $12.9, then there would be a lurry of orders for the device based on the price displayed
on the Web site and Panthera would fulill these orders, at a huge loss. Similarly, if the name of a
fast-moving product was modiied without authorization, then Panthera would sufer a major loss,
because the product is unrecognizable to shoppers and a normally fast-moving product would be
left unsold.
Table 6.1 lists Panthera's critical information assets and their data elements.
6.1.4 User Roles and Access to Critical Information Assets
Panthera has already highlighted the type of users and their roles in their RFP. herefore, Jaguar,
based on more discussions with Panthera's management and operational stakeholders, has pre-
pared an
access control matrix
for all the users of Panthera's e-commerce application. his access
control matrix details the critical information assets that the users of Panthera e-commerce appli-
cation need to have. his information will be vital when designing the authentication and autho-
rization system for Panthera's e-commerce application. he access control matrix for Panthera's
critical information assets that will be stored, processed, or transmitted by the e-commerce Web
application is listed in Table 6.2.
Search WWH ::
Custom Search