User Account

All Pages

Decompose the application using data flow diagrams

Assignment Help Computer Engineering
Reference no: EM131305388

Consider the following case study.

MusicOnDemand is a new subscription-based service for on-demand Internet streaming audio media. There are three types of users for MusicOnDemand:

1. Standard users;

2. Premium users;

3. Maintainers.

Standard and Premium users are able to log in, renew their subscriptions, search and have access to the standard audio library. In addition, Premier users have access to the latest release library. Maintainers are able to log in, add songs, modify user's subscriptions, search for any type of songs, and read the audit log involving users' activities.

An unregistered individual can obtain access to the system via an automatic procedure involving the payment of the subscription through the DBTI bank: such a procedure can be audited by maintainers.

The external dependencies are presented in Table 1.

ID

ID Description

1

The MusicOnDemand Web application runs on a Linux server running Apache

2

The database server is MySQL and it runs on a Linux server

3

The connection between the Web Server and the Database

Server is over a TCP/IP network

4

The Web Server is behind a firewall

5

The Web Server access the back-end of the DBTI bank via a web

service interface over HTTPs

Table 1: List of external dependencies

You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process as presented in the course:

1. Decompose the application using data flow diagrams, system architecture diagrams, and a table describing the main components and users of the system;

2. Determine 6 serious threats to the system using the STRIDE model and threat trees: they must refer to distinct classes of the STRIDE model;

3. Rank the threats by decreasing risk using the DREAD model and tables of threats description for each threat identified;

4. Choose how to respond to each threat;

5. Choose techniques to mitigate the threats;

6. Choose the appropriate technologies for the identified techniques.

Any assumption not grounded on information presented in the given case study must be clearly marked in the report.

Attachment:- Assignment.zip

Reference no: EM131305388

Questions Cloud

Determine the price that current designs would charge : Determine the price that Current Designs would charge to complete the repairs for the customer.
Write a paper about the anxiety disorder among 6-12 group : Write a paper about the Anxiety Disorder among 6-12 group age.Identify essential questions and/or unit objective(s) addressed by this lesson.. Connect the performance indicators* to the national or state learning standards.*(Performance indicators c..
What do economists call the situation : Long-term bonds are exposed to greater interest-rate risk and have lower liquidity than short-term bonds. Why, then, would any investor buy long-term bonds if their yields are lower than those of short-term bonds?
Examine the subject closely and describe what you see : Examine the subject closely and describe what you see - What does the subject make you think of and What is it similar to different from?
Decompose the application using data flow diagrams : Decompose the application using data flow diagrams, system architecture diagrams, and a table describing the main components and users of the system;
What is a structural fall in the term premium : What is a "structural fall in the ‘term premium'"? How would such a structural fall be relevant to using the yield curve to predict recessions?
What did investors expect the interest rate : What did investors expect the interest rate to be on the one-year Treasury bill two years from that date if the term premium on a two-year Treasury note was 0.02%.
How do you see credibility emotional appeals used : In small groups, discuss tactics this company uses to persuade its audience. How do you see credibility (ethos), emotional appeals (pathos), and logical arguments (logos) used? What is not being said that may ultimately turn out badly for a custom..
What is the expected real interest rate on the treasury bill : If the consumer price index is expected to decline during the year from 250 to 245, what is the expected real interest rate on the Treasury bill?

Reviews

len1305388

12/8/2016 5:09:11 AM

The assignment is in the form of a report: Word and Latex template for the report are available on learning central. Adherence to the template is mandatory, as well as to minimize the written text. If comments are needed, please use footnotes. The report needs to be submitted in PDF format only, electronically via Learning Central. The following criteria will guide the marking of this assignment: Decompose the application, determine the threats to the system, for each of the 6 threats that have to be identified. In the case two threats belong to non-distinct classes w.r.t. the STRIDE model (e.g. two threats belonging to “Spoofing”; or one threat belonging to “Spoofing” and one belonging to “Spoofing” and “Tampering”), only the analysis of the first threat encountered in the text will be evaluated. The analysis of the threat will not marked if such a threat is erroneously classified and in fact it belongs to a class already considered in a previous analysis of another threat.

Write a Review

Computer Engineering Questions & Answers

  Compute the exact number of days between any two dates

Write a program to compute the exact number of days between any two dates in history. Call this program file b.c. A sample run, with user input in boldface.

  Explain how can the article be applied in your day-to-day

write 400-600 words that respond to the following questions with your thoughts ideas and comments. this will be the

  How the applications are being used in your specialization

Examine how these applications are being used in your specialization. Determine how graph theory has advanced the knowledge in your area of specialization.

  Provide the different kinds of access protocols

explain an example of the Public Key Infrastructure that would explain the differing usages of symmetric and asymmetric encryption and how these encryption methods might use either a substitution or a transposition cipher.

  What are the properties of b-tree

What is a b-tree? What are the properties of b-tree?

  Create a map that contains an individuals jnumber

Create a map that contains an individuals Jnumber and their names. use a switch that will allow a user to enter the info into the map.

  How may a project manager be sure

How can a project manager be sure that he or she has selected the correct metrics to assess project performances? Give three examples.

  The ajax extensions tab of the toolbox

Inside the ContentTemplate element of the UpdatePanel server control add the standard RadioButtonList server control, Label server control and Button server control.

  Perform a swot analysis on the viability of upgrading to

you are a junior network administrator for wingtip toys a medium-sized toy manufacturing company with approximately 100

  How the main memory address format look

How the main memory address format look.

  The cost of building and maintaining an organizational

the cost of building and maintaining an organizational computing ecosystem has become a bigger part of most

  Compared and contrasted the mis in place in two distinctly

compared and contrasted the mis in place in two distinctly different organizations. compared each organizations use of

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd