Contentedland is the country that has The Most Popular Party which is a political party. The country is divided into the five (5) administrative regions of Northland, Eastland, Southland, Westland and Central. Each region is divided into ten administrative counties which are number from one (1) to ten (10). Election is held every ten (10) years in each region for the national parliament and the assembly. Elections take place on the same day for all regions except for special circumstances such as if a current post holder dies, when a by-election is held at a suitable time. A candidate is put forward for every seat in every election.
In the national parliament there are fifty (50) members of parliament and each member of parliament is elected by a popular vote in one county using the "first past the post" system. Twenty Assembly members are in each regional assembly and each county elects two (2) assembly members using the "first past the post" system.
Activities for the Most Popular Party is funded from two sources which are the fifty thousand individual members who pay a subscription fee. The subscription fee is the same for all members. Individuals and organisations also give donations once they agree with the party's aims. Donations can be for any amount of money.
The party pays two full time workers in each county that works from one of the five regional offices it rents. There are also ten full-time national officers based in a headquarter that is rented in the Contentedland's capital city. The party has expenses since it pays rent for the buildings used by the workers and also has to pay for election material which includes leaflets and television advertising. Annual accounts also has to be submitted to ensure that election rules are not broken and also for taxation reasons.
Individual members of the party are selected when it is time for election, as candidates to stand for election to the national parliament and regional assemblies. A maximum of six potential candidates for each post are added to a shortlist by a full-time party worker from each region. Meetings are then attended by the party members in each county to select their candidates for the next election. Meetings are held three (3) months prior to the election due date. Each candidate can only stand for the regional election or the national election.
They cannot stand for both.
Distribution of party leaflets and organisation of meetings should be done by party members at election time. The paid staff need the party members at this time and must be able to contact them to enlist their help.
However the party requires a new computerised system to keep records of paid staff, party members, election candidates, MPs and regional assembly members. The system required must also be able to record details of income, payments made and generate fininancial reports based on all the information supplied. In order to do this the system must be analysed and designed using object oriented concepts. A Demo of the system's user interface has to be made and data protection issues are to be examined. The system must also have the required software and hardware to carry out these functions efficiently and effectively.
The required system has to be analysed using object oriented methods such as use case diagrams, use case specifications and activity diagrams to produce a functional model.
Use case analysis focuses mainly on the system from a user's perspective. Software is easier to use when a system is considered like this. In most cases the software developer makes use cases that would explore scenarios of the actual users of the system. In easier terms, according to NCC Education Limited (2007), Programming Methods a use case model defines the boundaries between the system and the real world, that is, where the system ends and the real world begins.
In the following use diagram case labelled Fig 1.1 shows the actors for a Political Party and their use cases. These actors and their functions are further explained.
Secretary- The secretary carries out the function of managing the member list and managing member subscriptions. Manage the membership list allows a member to be added, edited, renewed or deleted from the system. Managing member subscriptions allows the member name to be viewed and updated according to payment details.
Accountant- The accountants are also allowed to perform the same functions as the secretary as well as other functions. Other function include paying full time workers, managing payments made, printing financial reports and managing money received(income).
Full time worker- full time workers perform the functions of adding candidates to shortlist and submitting annual accounts to the accountants.
Use Case Descriptions
Use case descriptions are clear detailed explanations of each activity that will be performed within the system. Below is an explanation of all the use cases from the use case diagram in Fig 1.1.
Processes that are not dependant of objects are modelled using activity diagrams. According to NCC Education Limited(2007), Business Systems Analysis (Second Edition), activity diagrams are thought to be equivalent of data flow diagrams in the structured analysis but in addition can model all activities happening together.
The Activity diagram for this system consists of several behavioural elements such as:
Initial node- shows the start of a process and is represented by a small solid circle.
Activity node- shows the activity that is being performed and is represented by a rectangular box with rounded edges.
Decision node- shows where a decision is made in a process with the suitable options. The path followed is contingent by the result of the decision made.
Final activity node- this shows that it is the end of the activity diagram and is represented by a small solid circle inside a no filled circle and is sometimes call a bull's eye symbol.
Swim Lanes- swim lanes separate the activity diagram in such a way that it is clear to determine the responsibility of each actor, object or functional department for the activities and actions that are being modelled. Swim lanes are represented by a vertical broken line.
This task involves the analysing if the system required using object oriented methods and producing a structural model which includes class diagrams and their attributes and operations.
Class diagrams represent objects and illustrate the relationship between the objects. They are the most important part of UML. Class diagrams do not show change. The different types of objects include physical entities, logical and conceptual entities.
There are several relationships in a class diagram. These include:
Subtype- The subtype relationship is used to illustrate the relationship between similar objects. It is used to show inheritance. Inheritance occurs when an object inherits from its class and a class can inherit another class.
Association- Association shows the relationship between different objects. They are needed for objects to communicate with each other.
Attributes and Operations
All classes and objects defined in the class diagram must be given attributes and operations. Each class icon has a class name, attribute and operations respectively.
Attributes are the things that objects know about and they have a name and a data type. Operations are the processes that objects carry out and they have a name and also has a possibility of having parameters
Class-Responsibility-Collaborations cards (CRC cards)
A CRC card is a document in the form of a card that clearly shows the responsibilities and collaborations of a class. Every class has a CRC card which holds necessary information to build the logical structured model of the system. According to NCC Education Limited(2007), Business Systems Analysis (Second Edition), in its explanation of CRC cards, there are many ways to do a CRC card but all must perform the basic function of outlining the essential elements such as the class name, ID, type, description, associated use cases, responsibilities and collaborators. Below are the CRC cards for each class as shown in the class diagram.
Communication diagrams are object diagrams that show the way how messages pass between objects. It helps to better understand how objects control the messages that pass through a use case. It hold a lot of similarities with the sequence diagram but has its own unique characteristics, the main one being, unlike the sequence diagram it does not deal with time sequence. A communications diagram consists of elements with the main ones being:
Objects and actors
Associations and messages- To illustrate and association between an actor and an object a line with no arrow head is used. Messages are labelled on the association line and include an arrow head, to show which direction the message is travelling. A number is placed in front of the message to show the sequence of the messages. Communication diagrams do not show return messages.
NCC Education Limited (2007), Programming Methods defines a sequence diagram as one that shows the relationship between specific objects and also how those objects interact in time. It also shows how the messages are passed between actor and object. The main elements of a sequence diagram include:
Actors and objects
Lifelines and execution occurrences- a dashed line is placed below each actor and/or object and signifies the life line of the actor or object over a period of time. A lifeline only continues to the bottom of the diagram is the object continues to exist in the system after the use case is finished.
Data Protection Issues and laws
Data protection deals the physical protection of data. It deals with several issues and concerns such as protecting data from unauthorised persons, ensuring data is properly disposed, protection from illicit changes, ensuring that data is properly disposed of and that it maintains integrity and is used for the purpose for which it is authorised.
Data protection laws are still being debated in Trinidad and Tobago. A draft of the bill has been passed but has not yet been approved and implemented and made as a legal legislation. The issue of data protection must be address by the Government of Trinidad and Tobago. Assurance must be given that when personal information is given to an organisation or individual and it held in a system that it remains secure and cannot be distributed to any random person individual here of there. Privacy has always been a huge concern of citizens.
According to Fast Forward Trinidad and Tobago in their article "National Policy on Data Protection(2004)", in modern society the constant emerging of technology and computers raises new threats to privacy. This is because:
They facilitate the collection and maintenance of wide-range record systems and the with-holding of data on those systems.
- They make data easily and readily available from any location.
- Data can be transferred from one system to another quickly.
- Makes it possible for data to be combined in ways that are not practical.
The Policy and Bill have specific provisions relating to the holding and use of personal information by government authorities.
The policy is based on ten (10) principles which include , identifying purposes, accountability, consent, limiting use, limiting collection, disclosure and retention, accuracy, safeguards, openness, individual access and challenging compliance.
A brief outline if each is given:
Accountability- it is stated that an organization is responsible for any personal information under its control and should assign an individual or individuals where applicable for the organization's compliance. In the case where the individual designated for day to day collection of information and is absent another individual may be delegated to act on their behalf. Upon request the individual or individuals designated by the organization shall be revealed. Responsibility for the Protection of data is not limited within the organization but also when personal information has been transferred to third parties for processing. The organization should implement rules and procedures to members of staff regarding the protection of personal information.
Indentifying purposes- when personal information is collected from individuals the purpose should be clearly indentified at/before the time the information is collected. All purposes for which personal information is collected shall be documented in order to comply with the Openness Principle and the Individual Access Principle.
Organizations should only collect information that is necessary for the indentified purpose. If for some reason a change of purpose occurs, then the new purpose should be established and consented by the individual. This complies with the Consent Principle.
Consent Principle- Individuals must give consent and must be knowledgeable about the information disclosed, except for cases where it is inappropriate. However in some cases there are reasons that make it impossible and/or impractical to seek consent. Provisions should be implemented for such cases. Organizations should not require individuals to disclose more information that is required. Information such as name, address, telephone number, etc are considered sensitive and must be taken into account, Consent should not be obtained through deception. Consent can be given orally, written and other means. An individual is allowed to withdraw consent at any time but must do so in a way that abides to legal and contractual restrictions. Implications of such withdrawals must be conveyed to individuals by the organization.
Limiting Collection- Personal information collected must be fair and comply with the law. This is to prevent organizations collecting information in ways that are misleading and deceiving. Respect should be implied when information is being collected. Collection of information should be limited to what is necessary (amount and type) in compliance to the identified purpose as stated by the organization. Information is not to be collected indiscriminately.
Limiting use, Disclosure and Retention- There should be guidelines and procedures in and organization regarding the retention of personal information. Included in these guidelines should be a minimum and maximum retention period. Information that is no longer needed for the identified purpose should be destroyed, erased or made anonymous. Destruction of personal information should be and is advised to be governed by guidelines.
Accuracy- Information taken from individuals must be complete, accurate and up to date. An organization should not update personal information as a routine unless it is necessary to do so.
Safe Guard- This policy serves to protect personal information based upon the sensitivity of the information. This would protect information from unauthorized access, copying, loss, theft and etc. No matter the format of information, organizations has the duty of protecting it. The more sensitive the information is, it should be safeguarded with higher protection. Measures put in place to protect this information should be based on restricted access, limiting access on a need to know basis and by the use of encryption keys and passwords.
Openness- All policies and practices on personal information should be made available to individuals. This should include who is accountable for the information, how the information can be accessed, how information is used and what other organizations information is made available to.
Individual Access- individuals must be informed about the ways that information is used upon request. They should be able to make adjustments and change information as required in compliance to the organization's practices.
Challenging Compliances- all principles can be addressed by an individual. Organizations should have procedures in place to accommodate complains and inquiries about how it goes about handling personal information. All complaints should be investigated and appropriate measures should be taken if necessary and amends to its policies.
Application of Laws to System
These laws and regulations would apply to the system being developed since the system is for a Political Party. It holds a lot of confidential information for members and also a lot of confidential information for the party which includes financial records. It is assumed that members would like their information to be confidential and only for use within the Political Party and not to third parties. To make members and any other individuals that are involved in the party feel safe these laws would help in doing so. The policies and practices would be made clear to the individuals who are designated and hold responsibility for personal information. All policies including, identifying purposes, accountability, consent, limiting use, limiting collection, disclosure and retention, accuracy, safeguards, openness, individual access and challenging compliance help in governing Data Protection Law.
Recommended methods that can be implemented to ensure that data protection is put in practice are:
- Ensuring that actors assigned to task are the only individuals that are allowed to view the necessary information. And are held responsible for the Political party compliance.
- Indentify the reasons that information are being collected.
- Ensuring that individuals give consent for all information that is being disclosed and used.
- Limit information being collected to that which is necessary for the purpose being used for.
- Ensuring that information is only used for the purpose it has been collected for.
- Ensuring that personal information is accurate.
- Ensuring that personal information is safeguarded by some level of security
- Ensuring the policies and procedures of the Party are made available upon request to all involved individuals.
- Ensuring that party members are informed if there are any changes to information of passing on to third parties.
- Ensuring that members of the party are able to address challenges concerning all concerns regarding data protection.
Prototype User Interface
The requirements for this task are to create a prototype user interface for the new system including the following functions of:
- Searching for the party's election candidates for a particular county
- Editing a member's detail
- Adding a new member
- Listing the party's MPs showing where each was elected.
The prototype can be said to be a trial version of the software that demonstrates the essential features for the new system. In order to this, a database was created using the necessary information about the Political Party as given in the scenario. This database was created in Microsoft Access. Both forms and queries were needed in order to carry out the specified functions.
Print screen-shots of the user interface for the functions listed were then captured.
There are several reasons for Normalisation such as:
- Collect associated data with the system to be built.
- Transform un-normalised data into tables in the first normal form.
- Transform the first normal form into second normal form.
- Transform the second normal form into the third normal form.
- Transform the third normal form into BCNF (Boyce Codd Normal Form).
- Transform the third normal form to fourth normal form.
- Transform the fourth normal form to fifth normal form.
The normalisation process is done by converting un-normalised data into a fully normalised database. It is done without losing the basic relationship between data terms. The process is referred to as a non less decomposition.
There are some main elements in normalisation such as:
Primary Key- is an attribute that can uniquely identify and object or entity
Candidate Key- A key/attribute or group of attributes from which a primary key can be selected.
Foreign Key- A key/attribute which is selected from the primary key of another table.
Repeating Group- if there is an entity that has a relationship with another entity in such a way that the data is repeated for that entity a repeating group exists. Therefore in every many to many (m:m) relationship there is a repeating group.
First Normal Form (1NF)
This process is carried out to ensure that there are no repeating groups. In the rare case that there are any, they must be removed. If every non key attribute is functionally dependant on the PK a relation is in the first normal form. This step is said to be insignificant and is just a stepping stone to the third normal form if existent.
Second Normal Form (2NF)
A relation can only appear in the 2nd normal form only if it is in the 1st normal form and every non key attribute is full dependant on the primary key. Therefore if there is a key that is a candidate key and it is used to identify or determine a group of attributes then a single key must be found to identify a subset of those attributes.
Object-Oriented Approach vs. Structured Approach
A brief explanation is given as to how the object-oriented (OOAD) approach to the design of the system in task one(1) to three(3) differs from using the Structured methodology(SSADM). The advantages and disadvantages of both methods were explained using the system design to create an example.
Object Oriented Analysis and Design
Object Oriented Analysis and Design (OOAD) is a methodology based on objects as stated in NCC Education Limited, Programming Methods (2007). Rather than analysing systems using tools like Data Flow Diagrams (DFDs) and Entity Life Histories (ELHs), OOAD defines and analyses the required behaviour of a series of class to provide the required functionality. There are approximately 50 object oriented methods that are in use. The leadings ones are:
Object Modelling Technique (OMT) which takes three viewpoints:
- Object model
- Dynamic model
- Functional model.
Unified modelling Language (UML) which uses various diagrams to describe the system being built such as:
- Use Case Diagrams,
- Static Structure Diagrams
- Sequence Diagrams
- Collaboration Diagrams
- State Diagrams
- Activity Diagrams
- Implementation diagrams.
In the system designed a lot of UML modelling techniques were used which included the use case diagrams, activity diagrams, class diagrams, sequence diagrams, state diagrams, collaborations diagrams and such.
Structured Systems Analysis and Design Methodology
According to NCC Education, Systems Development (2007) a Structured Systems Analysis and Design Methodology (SSADM) is a comprehensive methodology that defines design and analysis life cycles in terms of the stages. SSADM uses various techniques such as Entity life histories data modelling, data flow modelling and normalisation. In SSADM, three viewpoints are used when analysing and developing a system. These viewpoints help to give the developer a better understanding of the requirements and helps in eliminating errors. They are based on:
- Functions- a representation of the users view of the process that takes place in response to the event. It is represented by using data flow modelling
- Event- anything that has an effect on the considered system. It is represented by using entity life histories
- Data- raw material of the system. Represented by the logical data model.
SSADM also consists of four modules which are:
- Requirements analysis module
- Requirements Specification
- Logical Specification Module
- Physical Design Module
Because of its free availability and open documentation, it has been a well proven and highly developed methodology.
Logical and physical aspects are separated
The Structured Systems Analysis and Design Methodology (SSADM) seems to be the better approach when designing a system. This is because it is a widely used and accepted standard. It is easier to understand. For a system for the Political party it much better to use as it will clearly outline all that needs to be done when developing thr system. It is also a well defined and structured approach to developing a system. SSADM allows user involvement and communication between developers and users. The user is required to approve each stage as it is completed by 'signing it off', which helps to ensure that the system meets all their specified requirements.
The system required is for a political party called The Most Popular that is said to be divided into five (5) administrative regions which are divided into ten administrative counties. The system that is to be created is one that is computerized and able to keep records of paid staff, party members, election candidates, members of parliament and regional assembly members. The system required should also be able to record details of income, payments made and generate financial reports based on the information given.
The system was created using mostly object oriented approach and little structured approach. The system was analysed and then a functional model was produced which included Use case diagrams, use case specifications and activity diagrams. A structural model was also produced which included class diagrams along with their attributes and operations and well as CRC cards for each class stated in the diagram. The design process did not stop there and was continued with the demonstration of a behavioral model which included communication diagrams, sequence diagrams and state machines.
Upon implementing the system it was realized that there were laws that govern the protection of data. This system is being created for a Political Party ad would contain a lot of confidential information for both members and party. Laws applied have to comply with the Data Protection laws of my country (Trinidad and Tobago). This would help to prevent unauthorized access, loss, theft and destruction of data. The laws where outlined and applied to the computer system for the Political Party. Methods where recommended to ensure that data protection best practice is implemented in the system.
After reviewing the laws a prototype of the system was created to carry out the functions of searching for the party's election candidates in a particular county, editing the member's detail, adding a new member and listing the party's MP showing where each was elected. In order to do this queries and forms had to be used in the Microsoft Access Application. This prototype was also based on a database that was created based on a database that was done. The database was created from the class diagram using normalization process. Screen shots of the user interface were then produced for each of the four functions required. Two screen shots of each were given showing the different views and layouts.
The relational database design was done which included a set of normalized tables showing the normalization process for each. This included a Un-normalised form (UNF), first normal form (1NF) and second normal form (2NF). Data dictionaries for all the items in the database design was then created. The database needed to be functional before the queries and forms where done for the Prototype user interface. This was because all data and record where stored in tables from the normalization for, so without information no functions could be carried out After the entire system was created and a description was given as to how the object oriented approach differed from using a structured methodology. Advantages and Disadvantages of the two approaches were listed and the system was used as a typical illustration.
The required hardware for the system will be a systems unit, monitor, keyboard, mouse, speakers and a printer. The system unit has a hard disk and should at least consist of a CD Drive. The operating system for this system should be Windows Vista or Windows 7. Its user interface is more friendly and easy for users to understand. It is advised that the entire Microsoft Office Suite be downloaded but the required software for the system is mainly Microsoft Access 2007 version which allows queries to run and forms to be designed and edited. It also allows data to be entered in an orderly format and shows the relationships of data entered. It is the most up to date version of the software.
Review of work
Assumptions made based on the scenario given, the main actors were picked out from the system. It was assumed that there are four actors for the system. These include:
Secretary- the secretary was chosen because it is assumed in every organization there is someone to perform administrative duties. The duty of the secretary in the party is to manage membership list and manage member list. The secretary was assigned this the duty of managing member ship list so that she could be able to add, edit, renew and delete members as required. The secretary was also given permission to manage membership subscriptions but only in the case that the account is absent. However it was still drawn as a responsibility in the use case so that the system could make provisons for the secretary to perform a function on behalf on the accountant. This is in regulation with the data protection principle of accountability where a designated individual controls personal information.
Accountant- Another assumption was also made for accountants. Accountants were not listed in the scenario but it is normal that every organization has some-one who takes care of monetary transactions. The accountant(s) are can perform the duties of managing the member list, managing the membership subscriptions, pay full time workers, manage payments made, print financial reports and managing payments received. These duties are a lot of work so the system that is designed makes the workload easier for these functions to be carried out on a computerized system by the accountant.
Fulltime workers- It is said in the task that full time workers had task to perform. That makes them an actor in the system. Full time worker are only assigned the task of adding candidates to short list and submitting annual accounts. They are not allowed in other parts of the system such as to access member details and subscriptions and other financial and confidential information. If a full time member requires membership information it would be on a "need to know" basis and for a very valid reason. The secretary would need to approve this information as the responsibility of data retention is theirs.
Members- The political party consists of member. The main things that members do that contribute to the system are to pay membership fee. This is recorded on the system via the accountant who has authority to enter such data. Members may have to provide confidential information to the secretary/account so that their payment details can be recorded.
there were other roles listed in the scenario for the system being created but none of them were put as actors because it was assumed that not of them played an active role in the system. There were national officers but their specific duties were not specified and they were generalized among the party's full time workers. It was also said that party members are relied on to distribute flyers and organize meetings at election time. This was not placed in the use case diagram either because it was not a main function for the system to carry out and is done manually.
However the actors chosen were sufficient enough to carry out the necessary duties that are required from them by the Political Party. The system will therefore help to make their duties and functions more easy and simple to perform.
Changes and Alternatives
The approach used to carry to design the system was more so the object oriented approach. This was not a problem but it would have been better it a structured approach was used. It makes it easier to understand the entire designing of the system. For a system for the Political party it would have been much better to use as it will clearly outline all that needs to be done when developing the system. It is also a well defined and structured approach . It allows more user allows user involvement and communication between developers and users. The user is required to approve each stage as it is completed by 'signing it off', which helps to ensure that the system meets all their specified requirements.
The system designed for the Political Party can perform all the functions as required. The Prototype user interface which gave a rest run of part of the system proved to be successful. The system has been created in such a way that if changes need to be made it can be done do easily. The system is governed and protected by the Data Protection laws of the country. There would be consequences for individuals who fail to comply with the laws applied.
- NCC Education Limited (2007), Programming Methods, Version 1.1, The Towers, Towers Business Park.
- NCC Education Limited (2007), Systems Development, Version 2.0, The Towers, Towers Business Park.
- NCC Education Limited (2007), Business Systems Analysis (Second Edition), The Towers, Towers Business Park.
- Chitins, Mandar. Tiwar, Pravin. "Activity Diagram in UML"(August 2003)[online] Available at: http://www.developer.com/design/article.php/2247041/Activity-Diagram-in-UML.htm [Accessed 15th January 2010]
- Fast Forward Trinidad and Tobago. "National Policy on Data Protection" (November 2004) [online] Available at: http://www.fastforward.tt/files/cms/DataProtectionPolicy.pdf [Accessed 15th January 2010]
- TT Parliament. "Data Protection Bill" (2009) [online] Available at: http://www.ttparliament.org/legislations/b2009h04.pdf [Accessed 16th January 2010]