3.9 KiB
digest
source code
Part A – Virtual Private Cloud (10 marks)
- setup
Part B (90 marks)
- user registration and login
- a password policy,
- "request evaluation" page
- (allow upload of photos)
- "request evaluation" listing page.
marking
- 30 marks for completing the application reasonably,
- 50 marks for the security features identified and implemented
- identified
- implemented
- 10 marks for self-reflection and video quality.
tech stack
- PHP
tasks:
-
Task 1 - registration form
-
Develop a secure web form that allows customers to register in the application. They must register an email address, password, name and contact telephone number. The users’ details should be stored in a database.
-
email address,
-
password
-
name
-
contact telephone number.
-
The users’ details should be stored in a database.
-
Code Quality 5 marks
-
Database Design 5 marks
- schema
-
-
Task 2 - login form
-
Develop a secure login feature.
-
login form
-
registration form
-
Code Quality 5 marks
-
-
Task 3 – Extend the password management feature to provide password strength recommendations and password recovery.
- Code Quality 5 marks
-
Task 4 - "Request Evaluation" web page
-
Implement a "Request Evaluation" web page only accessible to logged in users. This web page should have a comment box to type in the details of the object and their request, and a dropdown box for preferred method of contact between phone or email. The evaluation page should allow for file upload of a photo of the object.
-
upload of a photo of the object
-
Code Quality 5 marks
-
-
Task 5 – list of evaluation requests
-
Implement a page that displays a list of evaluation requests. This page should only be visible to an administrator role.
-
Code Quality 5 marks
-
delivery
Computer Security. Source code + Report + Recording. Report template 係 file 入面,但因為佢要交一個 less than 10 mins 既 Recording, 可能要你地 screen record 一條片 show 比我睇 + Script 教我點講。
-
Report -- You must use the report template provided at the end of this coursework description. In your report, you will provide screenshots of all the marking criteria elements and annotate where necessary. In screen shots for the code, please don’t give a big chunk of code, provide only the related lines. Use bullet points to give any explanation, please don’t write big paragraphs.
-
Recording -- You will use Sussex Panopto to record a video to show the working of your application and its security features.
-
Code file location (OneDrive)-- Upload your code to the OneDrive and provide the code link in the report for our inspection.
report outline
Task 0 – Self-reflection
Task 1 – User registration
Registration feature code screenshots
Database Table
Why do you think it is secure?
Use bullet points to provide your reasons and back it up with code snippet from your application. Don’t paste the big junks of code in the report, show us those specific lines, highlight, and annotate if you need to.
Task 2 - Develop a secure login feature.
Login feature code screenshots
Why do you think it is secure? Use bullet points to provide your reasons and back it up code snippet from your application.
Task 3 - Implement password strength and password recovery
List each password policy element that you implemented and back it up with code snippets from your application.
Task 4 - Implement a "Evaluation Request" web page.
Request Evaluation feature screenshot
Why do you think it is secure?
Task 5 – Request Listing Page
Code of the feature
Why do you think it is secure?