Reference no: EM132359390

This assessment task will assess the following learning outcome/s:

be able to justify security goals and the importance of maintaining the secure computing environment against digital threats.
be able to explain the fundamental concepts of cryptographic algorithms.
be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats.
be able to compare and contrast foundational security policies and models that deal with integrity and confidentiality.

Task

This assessment aims to develop and gauge student understanding of the key topics covered so far by answering the following questions. Answering these questions will help you build some understanding for the next assessment item as well as for the entire subject. It is expected that answers to the assignment questions be succinct (i.e. precise and concise) with all sources of information fully referenced as per APA referencing style. You have to reference the text book and any additional material you have used in your answers.

Note that the guide for APA referencing is provided in the resources section of Interact site of this subject.

Answers MUST be written in your own words. If an answer contains more than 10% direct quote (referenced or unreferenced), 0 marks will be awarded for this question. One or two sentence answers will be too short and only receive low marks. Answers longer than 1.5 pages (12 point font, single line spacing) may incur a penalty if too much non-relevant information is stated. For mathematical questions it is expected that you show intermediate steps of your working. Just stating the correct solution will result in low marks, on the other hand if the working is correct and you only made minor mistakes, you will still be awarded marks, even though the final answer is wrong.

Question 1

Automated Teller Machines (ATM) are designed so that users will provide a personal identification number (PIN) and a card to access their bank accounts. Give examples of confidentiality, integrity and availability requirements associated in such a system and describe the degree of importance for each requirement.

Question 2

A thief broke into an Automated Teller Machine (ATM) using a screwdriver and was able to jam the card reader as well as breaking five keys from the keypad. The thief had to halt the process of break-in and hide, as a customer approached to use the ATM. The customer was able to successfully enter their ATM card, punch in the 4 digit PIN and was able to draw out some cash. Since the card reader was jammed, the customer was however not able to withdraw the ATM card, and drove off to seek some help. In the meantime, the thief came back and decided to try to discover the customer's PIN so that he can steal money from the customer. You are required to calculate the maximum number of PINs that the thief may have to enter before correctly discovering the customer's PIN?

Question 3

Thinking about bio-metric authentication, list three reasons why people may be reluctant to use bio-metrics. Describe various ways of how to counter those objections.

Question 4

In bio-metric authentication, false positive and false negative rates can be tuned according to the requirement, and they are often complementary i.e. raising one lowers the other. Describe two circumstances where false negatives are significantly more serious than false positives.

Question 5

Transposition is one known method of encrypting the text. What can be one way that a piece of cipher text can be determined quickly if it was likely a result of a transposition? Utilising some of the decryption techniques (substitution and others) covered in the subject so far, you are required to decipher (find the plain text) the cipher text that will be proviced to you closer to the assessment due date via the subject site. In order to present your solution, you need to demonstrate and explain the steps taken to decipher this text.

Learning outcomes

Upon successful completion of this subject, students should:
• be able to model complex business rules using Entity Relationship Diagrams (ERDs);
• be able to apply normalisation techniques to optimise a database design;
• be able to use complex SQL commands to query a database;
• be able to research a recent development in the field of database technology.

Assessment: Research and Data Modelling

Part A: Database research (approx. 200-250 words):

Note: you are expected to conduct research about current and future Database technologies by answering the below question:

Research Question: Explore history of database systems and discuss the three most important developments in database development history to date. (1.25 maA thief broke into an Automrks each)

Note: Use proper references in the APA style. Your research report must be well presented using proper content organization.

Part B: Data Modelling

Create a complete ERD in Crow's Foot notation that can be implemented in the relational model using the following description of operations. Hot Water(HW) is a small start-up company that sells spas. HW does not carry any stock. A few spas are set up in a simple warehouse so customers can see some of the models available, but any products sold must be ordered at the time of the sale.
• HW can get spas from several different manufacturers.
• Each manufacturer produces one or more different brands of spas.
• Each and every brand is produced by only one manufacturer.
• Every brand has one or more models.
• Every model is produced as part of a brand. For example, Iguana Bay Spas is a manufacturer that produces Big Blue Iguana spas, a premium-level brand, and Lazy Lizard spas, an entry- level brand. The Big Blue Iguana brand offers several models, including the BBI-6, an 81-jet spa with two 6-hp motors, and the BBI-10, a 102-jet spa with three 6-hp motors.
• Every manufacturer is identified by a manufacturer code. The company name, address, area code, phone number, and account number are kept in the system for every manufacturer.
• For each brand, the brand name and brand level (premium, mid-level, or entry-level) are kept in the system.
• For each model, the model number, number of jets, number of motors, number of horsepower per motor, suggested retail price, HW retail price, dry weight, water capacity, and seating capacity must be kept in the system.

Your task
Create an ERD for each of the above statements that describe the current business rules for

HW. For each new statement being the business rule.

Use Crows Foot notations and include all of the following in each part:
• All entities with Primary key and any foreign key attributes;
• The relationships between entities;
• The cardinality and optionality of each relationship;
• Any M:N relationships are be resolved to 1:M relationships and ERD description is clear
• Include your student ID and full name under the ERD (in Draw.io) then copy the whole ERD as an image to your Word Document.

Assessment item 3

Normalisation

Task

Suppose that you have been given the table structure and data shown in Table below, which was imported from an Excel spreadsheet. The data reflect that a professor can have multiple advisees, can serve on multiple committees, and can edit more than one journal.

Given the information in Table 1:
a. Draw the dependency diagram.

b. Identify the multivalued dependencies.
c. Create the dependency diagrams to yield a set of table structures in 3NF.
e. Draw the Crow's Foot ERD to reflect the dependency diagrams you drew in Part c. (Note: You might have to create additional attributes to define the proper PKs and FKs. Make sure that all of your attributes conform to the naming conventions.)

Assessment item 4

Query databases using SQL

Task

Task: Complex SQL Queries

Write and run SQL statements to complete the following tasks (Each Query : 1.5 (0.75 query+ 0.75 for screenshot) Marks)

1. Show sums of line units for each invoice.

2. Show the details of the products that do not have a value for the attribute v_code.

3. Show the details of the invoices whose subtotal is greater than 24 but less than 76.

4. Show the details of the invoice who has the minimum subtotal.

5. Show the codes and names of the vendors who supplied products.

6. Using EXCEPT show the codes of the vendors who did not supply any products.

7. Using ‘NOT IN' show the codes and names of the vendors who did not supply any products.

8. List the names and codes of vendors and the number of products each vendor has supplied, i.e. vendor XXX has supplied xxx products, and vendor YYY has supplied yyy products etc.

9. Show the details of the employees who are located in area code 615.

10. Using inner join, list the details of the products whose line price is greater than 99.

You are required to submit:

1. The SQL statements for each query, which should be copied from your SQLite3 Command Line and pasted into your submission file. If you type .echo on at the SQLite3 Command Line, SQLite will output your SQL statement with the results of the query making it easy to copy and paste both.

2. The screenshots of the results of the SQL statements which are to be copied from your SQLite3 Command Line and pasted into your submission file immediately after you execute the SQL query. If you used an output file please submit only the output file.