User Account

All Pages

Describing the main components and users of the system

Assignment Help Computer Engineering
Reference no: EM131372599

Consider the following case study.

MusicOnDemand is a new subscription-based service for on-demand Internet streaming audio media. There are three types of users for MusicOnDemand:

1. Standard users;

2. Premium users;

3. Maintainers.

Standard and Premium users are able to log in, renew their subscriptions, search and have access to the standard audio library. In addition, Premierusers have access to the latest release library. Maintainers are able to log in, add songs, modify user's subscriptions, search for any type of songs, and read the audit log involving users' activities.

An unregistered individual can obtain access to the system via an automatic procedure involving the payment of the subscription through the DBTI bank: such a procedure can be audited by maintainers.

The external dependencies are presented in Table 1.

ID

ID Description

1

The MusicOnDemand Web application runs on a Linux server running Apache

2

The database server is MySQL and it runs on a Linux server

3

The connection between the Web Server and the Database Server is over a TCP/IP network

4

The Web Server is behind a firewall

5

The Web Server access the back-end of the DBTI bank via a web service interface over HTTPs

Table 1: List of external dependencies

You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process as presented in the course:

1. Decompose the application using data flow diagrams, system architecture diagrams, and a table describing the main components and users of the system;

2. Determine 6 serious threats to the system using the STRIDE model and threat trees: they must refer to distinct classes of the STRIDE model;

3. Rank the threats by decreasing risk using the DREAD model and tables of threats description for each threat identified;

4. Choose how to respond to each threat;

5. Choose techniques to mitigate the threats;

6. Choose the appropriate technologies for the identified techniques.

Any assumption not grounded on information presented in the given case study must be clearly marked in the report.

Attachment:- Assignment.zip

Reference no: EM131372599

Questions Cloud

What determines the capacity for both bricks and clicks : The Internet has drastically changed the way in which customers interact with businesses. Although the customer interface has changed, operations management remains a crucial element in the success of Internet retailing. What determines the capacity ..
Confidence interval for the proportion of executives : If the survey consisted of a random sample of 40 executives, give a 95% confidence interval for the proportion of executives less willing to sacrifice their family lifestyle.
Confidence interval for the average increase : The study found the average increase to be 60%. If this was based on a random sample of 22 international flights and the standard deviation of increase was 25%, give a 90% confidence interval for the average increase.
Identify the central concern in various regional security : Identify the central concern or challenge in the various regional security organizations encountered thus far in the course, with regard to the likelihood of success or failure. Explain your reasons using examples from your readings.
Describing the main components and users of the system : Decompose the application using data flow diagrams, system architecture diagrams, and a table describing the main components and users of the system
Confidence interval for the percentage of all traders : If the test run of trading rooms using the new system revealed that 80% of the traders preferred the decimal system and the sample size was 200, give a 95% confidence interval for the percentage of all traders who will prefer the new system.
Building your own high performance subculture : One of the most misunderstood and yet exciting research findings regarding culture concerns subcultures. Specifically, research has found that the cultural variance within companies is often as great or greater than that between companies. What are t..
Create the animal superclass in your version of the project : You should be able to check this by having the old and new versions of the project open side by side, for instance, and making identical calls on Simulator objects in both, expecting identical outcomes.
Confidence interval for proportion of all business travelers : Give a 95% confidence interval for the proportion of all business travelers who consider legroom the most important feature.

Reviews

len1372599

1/27/2017 1:43:33 AM

Determine the threats to the system. For each of the 6 threats that have to be identified: for the threat tree; for the DREAD classification and final risk level computation; for each of the remaining elements of the table—i.e. Thread Description, Threat Target, Threat Category, Response, Mitigation Techniques, Mitigation Technologies—excluding Comments, which is optional. For ordering the threats in decreasing order of importance. In the case two threats belong to non-distinct classes w.r.t. the STRIDE model (e.g. two threats belonging to “Spoofing”; or one threat belonging to “Spoofing” and one belonging to “Spoofing” and “Tampering”), only the analysis of the first threat encountered in the text will be evaluated. The analysis of the threat will not marked if such a threat is erroneously classified and in fact it belongs to a class already considered in a previous analysis of another threat.

len1372599

1/27/2017 1:43:25 AM

The coursework is in the form of a report: Word and Latex template for the report are available on learning central. Adherence to the template is mandatory, as well as to minimise the written text. If comments are needed, please use footnotes. The report needs to be submitted in PDF format only, electronically via Learning Central. The following criteria will guide the marking of this coursework: Decompose the application: Usage of data flow diagrams representing several levels; Complete representation of the system with its main components and users in the form of system architecture diagram suitable for representation of a physical model; Providing information about the main components and user of the system in appropriate tables;

Write a Review

Computer Engineering Questions & Answers

  Design an application that it will prompt a user

You will need to design an application that it will prompt a user for their hourly pay rate, their hours worked, and whether they are single, married, divorced, or widowed.

  Write down a simple near procedure

Write down a simple near procedure (such as a return) and call it using register addressing.

  What are techniques for addressing security requirements

What are techniques for addressing security requirements? Which have a business relationship with the company?

  Questionproduce a book class that stores book information

questionproduce a book class that stores book information. your book class will store following-book titleauthors first

  Create an accessor and mutator function for field age

What is static property? What is the difference between static property and non-static property? You are given a class below, create an accessor and mutator function for field age.

  How has the system installed by dtis helped integrate

how did the dtis crm team change the business process for dealing with abandoned vehicles in san francisco? how did

  Create object called abc by assigning the number three

Create object called "abc" by assigning the number 3. Create different vectors ("a" is numeric, "b" is character and "c" is logical). List all the objects in the current session. Create vector "x" with the values {4, 4, 5, 6, 7, 2, 9}.

  Draw a message sequence diagram

Considering all the packets in the file, draw a message sequence diagram that illustrates the packets. A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the line goes down..

  Design of an operating system performance evaluation

The Design of an Operating System Performance Evaluation and Analysis - What is the significance of the topic as related to the field of computer science and industry?

  Write down a not so bad cardiac simulator

The user has to be prompted to type in a 3 digit number, and then the program should print to the screen whatever the CARDIAC Instruction Decoder box would show had that been the instruction.

  Find the speed of a personal computer

Treat each of the questions individually and in the order given below. The focus of your answers should be on answering the 'why' questions posed below and your explanations for your recommendations. This is not a formal paper and APA guidelines d..

  Multicast routing paradigm

The data-driven multicast routing paradigm works best on the local networks which have low delay and excess capacity, however the demand driven paradigm works best in the wide are environment which has limited capacity and higher delay.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd