Abstract
D.Com. (Informatics)
The
complexity
of modern
computer-based
information systems is such that,
for all but
the
simplest
of
examples,
they cannot be
produced
without
a
considerable
amount
of
prior planning and
preparation.
The actual
difficulties
of trying to design,
develop
and
implement
complex
computer-based
systems
have been recognised
as early as the
seventies.
In a bid to deal with what was then referred to as the
"software crisis",
a
number
of so-
called
"methodologies" were advocated. Those
methodologies
were,
in turn,
based on
a collection of
guidelines
or
methods
thanks
to which
their
designers
could
eventually
make the claim that
computer
systems,
and in particular information
systems,
could be
designed
and
developed
with a
greater
degree
of success. By using a
clear
set of
rules,
or at least
reasonably
detailed
principles,
they
could
ensure
that the
various
design
and
development
tasks be
performed
in a
methodical,
organ
ised
fashion.
Irrespective
of the
methodologies
or
guidelines
that were
adopted
or laid down,
the
developers
principal
aim
was to ensure that all
relevant
detail
about the
proposed
information systems would be taken
into
account
during
the long and often
drawn-out
design
and development
process.
Unfortunately,
many
of
those
methodologies
and
guidelines
date from the early
1970s and,
as a result,
no
longer meet the
security
requirements
and guidelines
of
today's
information
systems.
It was
never
attempted
under
any of those
methodolog
ies,
however,
to unriddle
the
difficulties
they had come up against
in
information
security
in the
domain
of system
development .
Security
concerns should
however,
form an
integral part of
the planning,
development
and maintenance
of a
computer
application.
Each application
system
should
for
example,
take the
necessary
security
measures
in any given
situation.