User Account

All Pages

Describing the main components and users of the system

Assignment Help Computer Engineering
Reference no: EM131372599

Consider the following case study.

MusicOnDemand is a new subscription-based service for on-demand Internet streaming audio media. There are three types of users for MusicOnDemand:

1. Standard users;

2. Premium users;

3. Maintainers.

Standard and Premium users are able to log in, renew their subscriptions, search and have access to the standard audio library. In addition, Premierusers have access to the latest release library. Maintainers are able to log in, add songs, modify user's subscriptions, search for any type of songs, and read the audit log involving users' activities.

An unregistered individual can obtain access to the system via an automatic procedure involving the payment of the subscription through the DBTI bank: such a procedure can be audited by maintainers.

The external dependencies are presented in Table 1.

ID

ID Description

1

The MusicOnDemand Web application runs on a Linux server running Apache

2

The database server is MySQL and it runs on a Linux server

3

The connection between the Web Server and the Database Server is over a TCP/IP network

4

The Web Server is behind a firewall

5

The Web Server access the back-end of the DBTI bank via a web service interface over HTTPs

Table 1: List of external dependencies

You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process as presented in the course:

1. Decompose the application using data flow diagrams, system architecture diagrams, and a table describing the main components and users of the system;

2. Determine 6 serious threats to the system using the STRIDE model and threat trees: they must refer to distinct classes of the STRIDE model;

3. Rank the threats by decreasing risk using the DREAD model and tables of threats description for each threat identified;

4. Choose how to respond to each threat;

5. Choose techniques to mitigate the threats;

6. Choose the appropriate technologies for the identified techniques.

Any assumption not grounded on information presented in the given case study must be clearly marked in the report.

Attachment:- Assignment.zip

Reference no: EM131372599

Questions Cloud

What determines the capacity for both bricks and clicks : The Internet has drastically changed the way in which customers interact with businesses. Although the customer interface has changed, operations management remains a crucial element in the success of Internet retailing. What determines the capacity ..
Confidence interval for the proportion of executives : If the survey consisted of a random sample of 40 executives, give a 95% confidence interval for the proportion of executives less willing to sacrifice their family lifestyle.
Confidence interval for the average increase : The study found the average increase to be 60%. If this was based on a random sample of 22 international flights and the standard deviation of increase was 25%, give a 90% confidence interval for the average increase.
Identify the central concern in various regional security : Identify the central concern or challenge in the various regional security organizations encountered thus far in the course, with regard to the likelihood of success or failure. Explain your reasons using examples from your readings.
Describing the main components and users of the system : Decompose the application using data flow diagrams, system architecture diagrams, and a table describing the main components and users of the system
Confidence interval for the percentage of all traders : If the test run of trading rooms using the new system revealed that 80% of the traders preferred the decimal system and the sample size was 200, give a 95% confidence interval for the percentage of all traders who will prefer the new system.
Building your own high performance subculture : One of the most misunderstood and yet exciting research findings regarding culture concerns subcultures. Specifically, research has found that the cultural variance within companies is often as great or greater than that between companies. What are t..
Create the animal superclass in your version of the project : You should be able to check this by having the old and new versions of the project open side by side, for instance, and making identical calls on Simulator objects in both, expecting identical outcomes.
Confidence interval for proportion of all business travelers : Give a 95% confidence interval for the proportion of all business travelers who consider legroom the most important feature.

Reviews

len1372599

1/27/2017 1:43:33 AM

Determine the threats to the system. For each of the 6 threats that have to be identified: for the threat tree; for the DREAD classification and final risk level computation; for each of the remaining elements of the table—i.e. Thread Description, Threat Target, Threat Category, Response, Mitigation Techniques, Mitigation Technologies—excluding Comments, which is optional. For ordering the threats in decreasing order of importance. In the case two threats belong to non-distinct classes w.r.t. the STRIDE model (e.g. two threats belonging to “Spoofing”; or one threat belonging to “Spoofing” and one belonging to “Spoofing” and “Tampering”), only the analysis of the first threat encountered in the text will be evaluated. The analysis of the threat will not marked if such a threat is erroneously classified and in fact it belongs to a class already considered in a previous analysis of another threat.

len1372599

1/27/2017 1:43:25 AM

The coursework is in the form of a report: Word and Latex template for the report are available on learning central. Adherence to the template is mandatory, as well as to minimise the written text. If comments are needed, please use footnotes. The report needs to be submitted in PDF format only, electronically via Learning Central. The following criteria will guide the marking of this coursework: Decompose the application: Usage of data flow diagrams representing several levels; Complete representation of the system with its main components and users in the form of system architecture diagram suitable for representation of a physical model; Providing information about the main components and user of the system in appropriate tables;

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd