Chapter 2

Related Literature and Studies

2.1 Foreign Literature

2.1.1 Records Management

https://cs.uwaterloo.ca/~aataulla/papers/masters_thesis_ataullah.p

df

Storage of records has always been a fundamental

objective of information systems. However in the past decade

managing sensitive information throughout its lifecycle, from

creation to destruction (or archival), has become of significant

importance. The increasing awareness of the impact of technology

on privacy has added momentum to the need to have better

enforcement of records retention policies. Organizations today not

only have to comply with regulations, but also have to maintain a

balance between operational record keeping requirements,

minimizing liability of storing private information, and customer

privacy preferences. This work will not attempt to define the term

“record” in the broad context. Instead the term will be treated in all

its generality and then applied to the world of relational databases.

Without attempting to differentiate terms such as data, knowledge,

information and record, it is recommended that the reader maintain

a simple but consistent definition of a record throughout this thesis.

2.1.2 Make Your Database More Secure

http://www.darkreading.com/vulnerabilities-and-threats/3-steps-to-

make-your-database-more-secure/d/d-id/1101020

Many companies aren't able to protect mission-critical

data because they simply don't understand how all the moving

parts of their database environments work. For controls to work, IT

must have a clear understanding of where the important data is,

who's using it, and how it's being used.

"You have one data store, but you might have many

applications hooked into it. You might not know who it is that's using

the systems if you've given out a lot of privileges," says Mel Shakir,

CTO of NitroSecurity, a database activity monitoring (DAM) and

security information and event monitoring company recently

purchased by McAfee. "And you might not even know where the

critical data is if it's been copied off the system and moved to, say,

test databases somewhere else." Valuable steps include scanning

for unsanctioned, rogue databases that might have been set up on

the fly by other departments, documenting privilege schemas, and

classifying a company's database assets by risk according to the

type of data they hold. That can help get more out of database

security investments. Once IT teams know where all your

databases are, they can make sure they're securely configured and

patched, and use vulnerability assessment to decide what level of

protection they need. For example, they can decide if they warrant

constant oversight through activity-monitoring software to track

what users are doing in these data stores at all times.

2.1.3 Student Attendance Monitoring

https://www.sheffield.ac.uk/ssd/sam/systems#Reports

The University has a comprehensive Student Attendance

Monitoring policy (the policy and guidance document is available as

a download at www.shef.ac.uk/ssd/sam). Alongside this a central

Student Attendance Monitoring (SAM) system has been designed

to assist departments in the collection, storage and analysis of

attendance monitoring data relating to students. The SAM system

can be accessed in three ways:

1) Go direct via the web page www.shef.ac.uk/attendance

2) Log into MUSE and go to the Staff Applications tab. In the “CIES

Student, CIES Staff and Student Attendance Monitoring” channel,

select “Student Attendance Monitoring”.

3) Alternatively, if you are logged into CIES already, at the Main

Menu, select Option 13 “Attendance Monitoring”.

2.1.4 Data Security

http://www.studymode.com/essays/Data-Security-825479.html

A computer security risk is any event or action that could

cause loss of or damage to computer hardware, software, data,

information, or processing capability. Some breaches to computer

security are accidental, others are planned intrusions. Some

intruders do no damage; they merely access data, information or

programs on the computer before logging off. Other intruders

indicate some evidence of their presence either by leaving a

message or by deliberately altering or damaging data. Computer

systems are vulnerable to many threats which can inflict various

types of damage resulting in significant losses. Damage can range

from minor errors which sap database integrity to fires which

destroy entire computer centers. Losses can stem from the actions

of supposedly trusted employees defrauding the system to outside

hackers roaming freely through the Internet. The exact amount of

computer-related losses is unknowable; many losses are never

discovered and others are covered up to avoid unfavorable

publicity.
Common Threats:

A wide variety of threats face today's computer systems and the

information they process. In order to control the risks of operating

an information system, managers and users must know the

vulnerabilities of the system and the threats which may exploit

them. Knowledge of the threat environment allows the system

manager to implement the most cost-effective security measures. In

some cases, managers may find it most cost-effective to simply

tolerate the expected losses.

2.1.5 Biometric time and attendance system with epidermal

topographical updating capability

http://www.google.com/patents/US5959541

The present invention relates to time and attendance

devices. More particularly, the present invention relates to a

biometric time and attendance device for scanning a portion of a

human epidermis, generating an epidermal topographical pattern

and transmitting the epidermal topographical pattern to a host

computer for determining access privileges and for updating an

epidermal topographical database.

Increasingly, security problems are becoming a more noticeable

part of modern life. Security was once primarily the preserve of

classified government installations, but increasing losses and

calamity have forced the review of security equipment and

procedures for government and industry. Property losses and the

theft of corporate secrets cost industry billions of dollars annually.

Public safety is endangered by the ability of intruders to easily enter

secured places, such as aircraft and airport buildings, without

detection.

Accordingly, access control and personnel identification are

becoming the object of significant expenditures by organizations

seeking to identify employees, vendors and others who are to be

permitted access to secured areas.

Typical access control applications include: computer

centers; radioactive or biological danger areas; controlled

experiments; information storage areas; airport maintenance and

freight areas; drug storage areas; apartment houses and office

buildings; safe deposit boxes and vaults; and computer terminal

entry.
2.2 Local Literature

2.2.1 Class Search and Registration System

By danteliu | May 2012

http://www.studymode.com/essays/Class-Search-And-Registration-

System-1002415.html?topic

The purpose of this report is to explore and research the

issues facing students using the CSUEB online search and

registration systems. We employed various marketing research

methodologies in order to effectively acquire and formulate our

data. These methodologies included constructing a research

problem, research objectives and associated research questions.

Next a focus group was arranged taken from a random sample of

CSUEB business students. Information from the focus group was

used alongside the aforementioned marketing research

methodologies in order to create and compose a survey which was

sent out to the entire college of business in order to gain a much

more in depth understanding of our research problem. The client

therefore wanted to know what specific problems the students while

using the system as well as their recommendations, suggestions

and solutions to these issues.

2.2.2 Thesis Computerized Grading System

http://www.studymode.com/essays/Thesis-Computerized-Grading-
System-644114.html?topic

Grading System is designed to provide incentive reward for

achievement and assist in identifying problems of the student.

Grading System is the most commonly used in computing and

analyzing the performance, talent and skills of students? It is the

important record to keep even for the longest time for the referral

and credentials of the student to enter their next level of attaining

their goals. It is the tract record that recognizes of one student, this

maybe use for analyzing of your attitude and values.

Based on our research the school of Romblon State University

Cajidiocan Campus is using a manual computation of grades of

each student, which is the traditional use when technology is not

yet developed. Manual computation is very prompt to risk for any

circumstances. It is time consuming in terms of recording grades,

computation using of calculator. If some records are lost, they never

retrieve it in case of unexpected calamity. Accuracy and security is

not been so defined.

2.2.3 Daily Time Record System

http://www.papercamp.com/essay/129312/Daily-Time-Record-

System

Modern technology is a part of our daily life. It helps

individuals and industries perform their tasks and daily routines,

including their transactions. Modern technology gives an advantage

in accomplishing our work. This technology includes devices and

information systems that help us attain faster and reliable

transactions. Each system lessens the load on workforce and paper

work of the organization.

Nowadays, companies and other establishment rely on

computers as the basis of their Database Management System.

Computer technology brought fundamental and various effects on

all aspects of human life such as helping people do their job faster,

accurate and efficient. But the fact is, in today’s modern age where

computer has become a way of life, it is evident that a majority of

country institutions still do not adapt the high technology. Some of

them prefer a manual because not all companies are computer

literate in terms of programming software for the Time-In and Time-

Out Records of their employees. What they did not know is that

being manually operated leads to inaccurate information. The

EASTERN Tanay Supermarket in Tanay, Rizal is a company

wherein they do perform manual for keeping the daily time record of
their employees. When it comes to paper works, the establishment

works in manual process like writing the employees information and

the Time-In, Time-Out process in a blue record book and then put it

in file cabinets along with other forms such as planning record,

events, leave benefits and more. The punctuality Employees of

EASTERN Supermarket written in a Daily Time Record that is being

checked at the end of the day. These are the few things that

EASTERN encounters in their everyday work. In addition, relying

on manual procedure is not an easy task for them. Because of

having lot of information, at times it leads to incorrect input of

employee’s record, inaccurate and most especially, not secures

confidential files.

2.2.4 Computerized Id System

By luwismo | October 2011

http://www.studymode.com/essays/Computerized-Id-System-

818080.html

Student IDs are a good way to increase the campus security.

The Project Gate Entry used Barcode Scanner System has

provided benefits to the events have made security a top priority for

educational institutions. From the smallest charter school to the

largest university, all are concerned about running an efficient, low

cost security solution that provides safety for its students, staff and
community. The student identification number is for school’s use

only to access the school facilities such as libraries, internet

laboratories, and even in the other transactions like payment of

tuition fees, and becomes part of a student’s school record. The

number does not change if a student moves from one School

Campus to another. Beyond its use by the department for data

analysis purposes, the student identification number has no other

purpose or significance. The project system is to be implemented in

any entrance gate of Universities or in the libraries aimed to

enhance its security monitoring protocols. Gate Entry Barcode

Scanning System — as we all know that every University has this

kind of system. But in the study, the project is focusing on the

different aspects in the University’s Gate Entry System which

involve the Bar Code ID Scanning to ensure security policies for

every students, employees, faculty members and fair treatment of

the security guards to everyone. Because of this security

implementation, students from other universities, visitors, and

guest/s are also allowed to get in the campus with the following

reason that they are required to submit any Philippine issued Photo

ID (school ID, PRC Card, Passport, Driver’s License, SSS/GSIS) at

the guard’s house. Any person who doesn’t have his/her I.D. must

right their name in the log book. An outsider must have a reason or

purpose why he/she would like to get in the campus.

2.2.5 Computer Security Build

Gail A. Jacob/Strayer University Online/CIS 499/Professor: Dr. Alex

Lazo/April 17, 2012

http://www.papercamp.com/essay/94623/Computer-Security-Build

Computer security, also called information security involves

the tools and tactics to defend against computer attacks.

Organizations depend on computer systems, networks and the

Internet to conduct daily business transactions and access crucial

information. With the increases sophistication and the success

rates in recent cyber-attacks is directly related to the paradigm shift

in cybercrimes, indicating that these criminal activities are well

organized, highly motivated and well trained hackers. The major

challenges for businesses are the complexity of security

requirements due to ever changing hacking strategies, multiple

security vulnerabilities, evolving business practices and new

business technologies.

Computer security covers a wide area of computing and

information processing, and it is vital for protecting the

confidentiality, integrity, and availability of computer systems,

resources, and data in all organizations. Information is an important

commodity for companies, likewise is information security.

2.3 Foreign Studies

2.3.1 AUTOMATED RECORD KEEPING SYSTEMS

http://www.mtrules.org/gateway/ruleno.asp?RN=24.174.817

(1) An automated system may be employed for the record

keeping system, if the following conditions have been met:

(a) The system shall have the capability of producing legible

documents of all original and refilled prescription information.

During the course of an on-site inspection the records must be

accessible for viewing or printing.

(b) The individual pharmacist responsible for completeness and

accuracy of the entries to system must provide documentation of

the fact that prescription information entered into the computer is

correct. In documenting this information, the pharmacy shall have

the option to either:

(i) maintain a bound log book, or separate file, in which each

individual pharmacist involved in such dispensing shall sign a

statement each day, attesting to the fact that the prescription

information entered into the computer that day has been reviewed

and is correct as shown. Such a book or file must be maintained at

the pharmacy employing such a system for a period of at least two

years after the date of last dispensing; or

 (ii) Provide a printout of each day's prescription information.

That printout shall be verified dated and signed by the individual

pharmacist verifying that the information indicated is correct and

then sign this document in the same manner as signing a check or

legal document (e.g., J. H. Smith, or John H. Smith). Such printout

must be maintained at least two years from the date of last

dispensing; or

(iii) Utilize a software system which requires a unique log in for

each function such that it can be easily and accurately determined

who performed every function within the prescription dispensing

process. The records must be readily accessible for viewing or

printing at the request of the board.

(c) An auxiliary recordkeeping system shall be established for

the documentation of refills if the automated system is inoperative

for any reason. The auxiliary system shall insure that all refills are

authorized by the original prescription and that the maximum

number of refills is not exceeded. When this automated system is

restored to operation, the information regarding prescriptions filled

and refilled during the inoperative period shall be entered into the

automated system within 96 hours. However, nothing in this section

shall preclude the pharmacist from using his professional judgment

for the benefit of a patient's health and safety.

 (d) Any pharmacy using an automated system must comply with

all applicable state and federal laws and regulations.

2.3.2 Records Management Good Practice Note 12: Security of

Records

http://www.gre.ac.uk/governance/rmo/introduction/goodpractice/not

e-12-security-of-records

There are many reasons for making sure that records /

documents / information are kept securely. The contents of the

records may contain: Personal or confidential information, Sensitive

or commercial information, for instance financial data

There is also a need to ensure:

• That data / information is not changed (either accidentally or

purposefully)

• That data / information should be protected against loss, and

that if it is lost, that there is some backup or copy

• That data / information should be protected against loss in

transit, and against the danger of falling into the wrong hands

• That the authenticity and integrity of the information should

be maintained, in case it is needed as evidence.

Ways of ensuring this will include:

• Maintaining and preserving the records

• Controlling the accessibility of the records

• Controlling the way that records are transferred or sent to

third parties

• Ensuring that records are kept in the best location for the

purpose, whether electronic or physical

• Being aware of university policies and procedures in relation

to records, as well as the legislation which we have to abide by.

The Data Protection Act 1998 requires us to keep any

records which contain personal data in the most secure manner

possible. But it is also good practice to protect records, even when

they do not contain personal data. They may need protecting

because they are commercially sensitive, and they may also need

protecting because they are business critical or key in some way.

They may also be simply important for you, in order for you to carry

out your role efficiently and easily. Therefore we all need to follow

the university’s codes of practice, procedures and policies, as well

as relevant legislation.

2.3.3 Building an Automated Student Record System

http://www.ecs.org/html/Document.asp?chouseid=3624

New reporting requirements and changes in technology have

increased the need for managing student data efficiently. This step-
by-step guide offers suggestions, checklists and case studies for

designing or upgrading automated student information systems.

The guide suggests that education agencies use data elements that

are: (1) collected on a regular basis, (2) reliable, (3) valid, (4)

quantifiable and (5) consistently defined by a recognized body in

education. (National Center for Education Statistics, 2000)

2.3.4 Fully Automated Attendance Record System using

Template Matching Technique

International Journal of Engineering & Technology IJET-IJENS Vol:

10 No: 03

file:///C:/Users/Richard/Downloads/108003-7474_20IJET-IJENS-

libre.pdf

This research paper “Fully Automated Attendance Record

System using Template Matching Technique” focuses on the need

to design a system that will automatically arrange the record and

calculate the average attendance of each student. Manual

attendance record system is not efficient and requires time to

arrange record and to calculate the average attendance of each

individual student. The Attendance Record System is intended to

replace the manual model of attendance record keeping. The paper

describes an efficient image processing algorithm that reads the

scanned hard copy accurately and further calculates the absence

or presence accordingly. In Image processing, noise is present in

scanned images. This noise must be removed from scanned

images. The Paper also describes a noise removal method that will

remove noise efficiently from scanned images.

2.3.5 Harvard Catalyst Profiles

https://connects.catalyst.harvard.edu/Profiles/display/Concept/Data

bases,%20Factual

"Databases, Factual" is a descriptor in the National Library of

Medicine's controlled vocabulary thesaurus, MeSH (Medical

Subject Headings). Descriptors are arranged in a hierarchical

structure, which enables searching at various levels of specificity.

Extensive collections, reputedly complete, of facts and data

garnered from material of a specialized subject area and made

available for analysis and application. The collection can be

automated by various contemporary methods for retrieval. The

concept should be differentiated from DATABASES,

BIBLIOGRAPHIC which is restricted to collections of bibliographic

references.
2.4 Local Studies

2.4.1 Online Grading System

By studentcl | September 2011

http://www.studymode.com/essays/Online-Grading-System-

790346.html?topic

Based on the study of Andrienne Gail E. Ramos, etc…

(2011) entitled Systematized Grading System of Canossa School

High School Department. The school is having problems in

transferring grades from one grade sheet to another. Re-checking

and re-encoding grades takes some time. The proponents attempts

to design and develop a grading system which it has the same

process and flow as the old system. However the proposed system

has eliminated manual writing and the school staff can prevent time

and energy consumption by using a system that guarantees

accurate grade recording. It will also eliminate tons of papers used

in computerized grading sheet, grading sheet per quarter, and

summary sheet. The grade will directly encode in the system.

Visual Basic is used as a tool for programming the functionalities of

forms, buttons, menus, and encoding of grades. They also used

Microsoft Access 2007 for the recording of data and grades of the

students and Adobe Photoshop CS4 for editing images and icons
for the interface of the system. On the thesis A Computer-Based

Generic Registration System by Julius Ivan A. Layos (2002), he

stated that computers are known for their speed, accuracy and

efficiency. The proponent conducted this study that arrived to create

a standard computer based registration system for elementary and

high schools. The software is designed to run on Windows 95, 98,

NT, ME and 2000. Visual Basic 6 by Microsoft was the

programming used in implementing the software product. It is the

most popular Rapid Application Development (RAD) tool. One very

important feature of Visual Basic is a reversal of the normal

approach to programming. Adobe Photoshop is also one of the

software used in creating the system.

2.4.2 Automated Records Management System

http://www.cvisiontech.com/document-automation/pdf/automated-

records-management-system.html?lang=eng

The automated records management system is the arms

that will hold the business in its goal to a paperless office

environment. From the acronym itself, the ARMS is that

management process that will protect information and data to

ensure that all the records and the files in the system database of

the business organization is protected and easily accessed by

users in the framework. In the shortest definition of the automated

records management system, it is simply that process that is

employed by the organization in the maintenance of records and

files from the very moment that they arrive to the business or were

created by the enterprise up to the period when they will be

deemed ready for eradication and deletion from the archived or

active databases. The records handled by the automated records

management system may come in tangible forms that will be

translated to digital formats with the use of the latest technologies

in the market.

2.4.3 Fingerprint Biometric Attendance System

By angelafaye29 | March 2012

http://www.studymode.com/essays/Fingerprint-Biometric-
Attendance-System-935575.html?topic

The increasing complexity of administrative operations in

Colegio de St. Monique in Binangonan, Rizal, is the effect of the

growing population of students, faculty and administration and the

physical expansion of the institution. The increase in complexity

means additional manpower and workloads and more complicated

data processing system. To meet the growing needs of education,

the institution, as a result formulated new innovations, techniques,

methods and modernized equipment to aid the complexity of

operations. New facilities such as the computer were developed,

not only for the instructions, but also for research and academic

applications. Technologies such as the Fingerprint Biometrics ID

System make identification and attendance an easy task. The

burden will be lessen for the IT and Human Resource personnel.

What usually is a long process of logging in and out and

identification is eliminated. Further, a Computerized Payroll System

will help a lot in processing salaries and other financial matters for

the employees. It will help reduce if not totally get rid of errors

encountered when handling the payroll manually. Recording and

monitoring the movement of faculties as they arrive at work, have

breaks and leave for the day were traditionally performed by writing

logs. Replacing the manual process with computerized attendance

system with the application of biometrics technology prevents any

abuses of the system and can be incorporated with time

management software to produce management accounting and

personnel reports. Generally speaking, any situation that allows an

interaction between human and machine is capable of incorporating

biometrics. Such situations may fall into a range of application

areas. Biometrics is currently being used in areas such as

computer desktops, networks, and monitoring the time and

attendance of staff.
2.4.4 Student Information System

By inoue29 | August 2012

http://www.studymode.com/essays/Student-Information-System-
1076622.html?topic

Notably, student information system or SIS incurs such

application software designed for educational establishments to

manage student data. Student information systems provide

capabilities for entering student test and other assessment scores,

building student schedules, tracking student attendance as well as

managing many other student-related data needs within the

institution university. Thus, many of these systems applied in the

Philippines can be scaled to different levels of activity and can be

configured by their home institutions to meet local needs.

Moreover, before universities have created their own bespoke

student record systems, but with growing complexity in the

business of educational establishments, organizations now choose

to buy customizable within the shelf software. It can be that,

modern student information systems are usually server-based, with

the application residing on central computer server and are being

accessed by client applications at various places within and even

outside the school. During the year 1990s, student information

systems have been changing and are fast adopted through the

presence of a web medium as a channel for accessing SIS without

any hassle upon viewing student details and information.

Ideally, educational institutions are under constant pressure to

demonstrate both willingness and capacity to incorporate the latest

developments in student information systems along with

communications technology supporting various teaching ways. As

Liao et al., (2007) asserts that SIS process within such

technological sophistication does create precise knowledge edge,

that such SIS application can be appealing to students and to the

academic faculty as well as the parents. Thus, believing that

technology is the repository of the bulk of the information that

underpins society’s major enterprises and concerns and the

medium of communication through which SIS interact with one

another.

2.4.5 Securing Information Systems

By krissybriggs | May 2011

http://www.studymode.com/essays/Securing-Information-Systems-

689812.html?topic

When firms develop more technologically oriented, they

must become more conscious of security and control issues close

to their information systems and safeguard the resources more

strictly than ever before. As our civilization and the domain it comes

to be contingent on computers and information systems more and

more, firms must put out a better determination in making their

systems not vulnerable and more reliable. Software is a relatively

new industry, less than fifty years old, and it has spent much of that

time trying to figure out how to create reliable software applications

with minimum errors.(Stickyminds.com) While much wonderful work

has been done in a relatively short time, software remains the

weakest link in our advanced technological society.

(Stickyminds.com)

Imagine what would happen if you were to link to the

Internet that didn’t have a firewall or antivirus software. What do

you think would be the outcome? To answer that question your

computer would become disabled in a matter of seconds, and can

take as long as a few days to recover (Laudon & Laudon 2010). In

Chapter 8 it discussed why systems today are vulnerable. When

enormous amounts of data are stored in electronic form, they

become more vulnerable to different kinds of pressures than when

they were existed in manual form. Information systems are

vulnerable to technical, organizational, and environmental threats

from internal and external sources. The weakest link in the chain is

deprived system management. If managers at all levels don't make

security and reliability their number one priority, then the threats to

an information system can easily become real.

2.5 Synthesis

The Student Automated Recording System is proposed as a

computerized system to ease the pressure of teachers. The idea of

computerizing this system was introduced with a view to address

the problems associated with the current recording system. For one

thing, the system will work in the active records section. This will

mean that it can give you access and help you manage the most

current documents and data that the operations are handling. The

second sector would be the data protection and vaulting, which is

the area that will ensure all the files are properly filed and archived

for record keeping purposes. In time, the next area and sector

would be the determination of destruction of the documents in a

secured manner that will ensure that all of the data from the files

will still be kept secret and confidential.

The system also has an attendance which maintained in

every meeting, a proper record needs to be maintained by

respective teachers. Manual attendance or record is not efficient

and requires time to arrange record and to calculate the average of

grades and attendance of each individual student. So there is a

need to design a system that will automatically arrange the record

and calculate the grades of each student, an organized system.

This proposed will try to organize the current scenario. Where the

system will automatically update the data on the server of the

respective admin as well as soon as the data is updated. The goal

is to provide teachers with an easy, time saving solution to record

and maintenance the recording grades. The record for each student

is needed for every lecture and must be submitted after checking

the attendance and after checking the grades.