$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket?
Book Your Assignment at The Lowest Price
Now!
Students Who Viewed This Also Studied
COMP6014 Secure Programming
Task
Summary
There are two items of coursework for the module, that are collectively worth 100% of your module mark. They are CW1, a security analysis, and CW2, a software development.
1. The security analysis, which will also require a software modification, is for 40% of your module mark and it will test the following module level outcomes:
•Have a thorough understanding of the main attack vectors commonly used to attack software and be able to design and implement software that reduces the likelihood of those vulnerabilities being exploitable
•Conduct a detailed and critical analysis of existing software and utilise the results to produce secure modifications to treat or mitigate any vulnerabilities found
2. The software development is for the remaining 60% of your module mark. You will produce a secure prototype of a student record management system in the programming language C/C++, accessed through a web interface. This will test the following module level outcomes.
•Have a thorough understanding of the principles and issues involved in designing secure software and be able to utilise them in the construction of complex software.
•Have a thorough understanding of the main attack vectors commonly used to attack software and be able to design and implement software that reduces the likelihood of those vulnerabilities being exploitable.
•Design and implement concurrent and distributed software which operates in hostile environments
•Design and implement secure software that utilises the underlying security model of the OS and hardware.
CW1: Security analysis
The purpose of your first coursework is to see whether you can discover and fix security flaws in other people’s code, before you then attempt to build secure software from scratch for your second coursework.
The program you have been given has several security flaws and is intended to enable lecturers to view and store marks for students on modules. It reads in a file pwds.txt containing for each lecturer their passwords (encrypted) and the modules (up to five) that they are working on. It authenticates the user by asking them for a name and password and then presents them with a list of their modules. The user can then select a module, see a list of marks for each student and change the marks for a student. You may assume that pwds.txt is vulnerable to unauthorised writes but that the other files are not.
Examination of the Code
You can compile and run the code, which has been developed on Ubuntu (run from Virtual Box) and tested on Windows (compiled as normal with Visual C++) but you will need to examine the source code itself (which the attacker has access to) and think carefully about how it works.
CW2: Software Development
The software you are writing is a CGI program written in C/C++. This means that it is running on a web server and it will be accessed through a web interface. The function of the software is a student record management system. Lecturers will use it to view a list of the students for their modules and they will be able to view the marks for those students and change them.
A separate person called the administrator will be responsible for deciding which lecturers oversee which modules. They will also add students to modules; for simplicity, the students will not have accounts with which to add themselves to modules.
Here are the functional and non-functional requirements for the software development. You will be marked on your understanding of potential attack vectors against secure software and on the principles of designing secure software, and on how well you design and implement software that reduces the likelihood of those vulnerabilities being exploitable.
Functional Requirements
FR1: There are two kinds of users: lecturers and administrators. Both can register an account and set a password.
FR2: Lecturers can see a list of their modules and a list of the students on each module. They can also enter and change marks.
FR3: Administrators can assign lecturers to modules and students to modules. There is only one administrator account.
FR4: The process of logging in should use two-factor authentication. The user must enter a second password sent by email after the main password has been entered. The email address to be used is the one entered when registering the account. If you are not able to install the relevant mail library, you can simulate the process of emailing by appending to a “mail spool” text file representing all the emails that have been sent.
FR5: The administrator account, in addition to the protections of FR4, must also be authenticated by a “hardware” token, which should be implemented as a piece of challenge-response software.
Non-Functional Requirements
NFR1: You may use your own web server running on your own machine if you wish. However, the department has provided the SOTS server, which you can use instead. Your login details have been emailed to you.
NFR2: The system must be developed in C/C++. You may use CGI to interact with the web pages. You may use the C/C++ CGI libraries, which have been installed on SOTS, if you are using SOTS. Here is one of many tutorials on them:
NFR3: The system must be robust and secure. Specifically, it should be capable of mitigating many kinds of attacks covered in the module, as detailed in the marking scheme. SSL must not be the sole means of preventing these attacks.
NFR4: The system must be designed with maintainability, security and reliability in mind and according to best practice in designing and implementing secure software. Defensive software practices should be used throughout.
NFR5: Your code should be commented and have sensible and consistent naming
NFR6: The system should be responsive and easy to use
NFR7: You may use cryptographic libraries if you wish.
NFR8: Your report must explain why you believe you have satisfied NFR3, NFR4, NFR6.
NFR9: Your report must explain why you believe you have satisfied FR1, FR2, FR3, FR4, FR5.
COMP6014 Secure Programming
Answer in Detail
Solved by qualified expert
Get Access to This Answer
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Hac habitasse platea dictumst vestibulum rhoncus est pellentesque. Amet dictum sit amet justo donec enim diam vulputate ut. Neque convallis a cras semper auctor neque vitae. Elit at imperdiet dui accumsan. Nisl condimentum id venenatis a condimentum vitae sapien pellentesque. Imperdiet massa tincidunt nunc pulvinar sapien et ligula. Malesuada fames ac turpis egestas maecenas pharetra convallis posuere. Et ultrices neque ornare aenean euismod. Suscipit tellus mauris a diam maecenas sed enim. Potenti nullam ac tortor vitae purus faucibus ornare. Morbi tristique senectus et netus et malesuada. Morbi tristique senectus et netus et malesuada. Tellus pellentesque eu tincidunt tortor aliquam. Sit amet purus gravida quis blandit. Nec feugiat in fermentum posuere urna. Vel orci porta non pulvinar neque laoreet suspendisse interdum. Ultricies tristique nulla aliquet enim tortor at auctor urna. Orci sagittis eu volutpat odio facilisis mauris sit amet.
Tellus molestie nunc non blandit massa enim nec dui. Tellus molestie nunc non blandit massa enim nec dui. Ac tortor vitae purus faucibus ornare suspendisse sed nisi. Pharetra et ultrices neque ornare aenean euismod. Pretium viverra suspendisse potenti nullam ac tortor vitae. Morbi quis commodo odio aenean sed. At consectetur lorem donec massa sapien faucibus et. Nisi quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus. Duis at tellus at urna condimentum mattis pellentesque. Vivamus at augue eget arcu dictum varius duis at. Justo donec enim diam vulputate ut. Blandit libero volutpat sed cras ornare arcu. Ac felis donec et odio pellentesque diam volutpat commodo. Convallis a cras semper auctor neque. Tempus iaculis urna id volutpat lacus. Tortor consequat id porta nibh.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Hac habitasse platea dictumst vestibulum rhoncus est pellentesque. Amet dictum sit amet justo donec enim diam vulputate ut. Neque convallis a cras semper auctor neque vitae. Elit at imperdiet dui accumsan. Nisl condimentum id venenatis a condimentum vitae sapien pellentesque. Imperdiet massa tincidunt nunc pulvinar sapien et ligula. Malesuada fames ac turpis egestas maecenas pharetra convallis posuere. Et ultrices neque ornare aenean euismod. Suscipit tellus mauris a diam maecenas sed enim. Potenti nullam ac tortor vitae purus faucibus ornare. Morbi tristique senectus et netus et malesuada. Morbi tristique senectus et netus et malesuada. Tellus pellentesque eu tincidunt tortor aliquam. Sit amet purus gravida quis blandit. Nec feugiat in fermentum posuere urna. Vel orci porta non pulvinar neque laoreet suspendisse interdum. Ultricies tristique nulla aliquet enim tortor at auctor urna. Orci sagittis eu volutpat odio facilisis mauris sit amet.
Tellus molestie nunc non blandit massa enim nec dui. Tellus molestie nunc non blandit massa enim nec dui. Ac tortor vitae purus faucibus ornare suspendisse sed nisi. Pharetra et ultrices neque ornare aenean euismod. Pretium viverra suspendisse potenti nullam ac tortor vitae. Morbi quis commodo odio aenean sed. At consectetur lorem donec massa sapien faucibus et. Nisi quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus. Duis at tellus at urna condimentum mattis pellentesque. Vivamus at augue eget arcu dictum varius duis at. Justo donec enim diam vulputate ut. Blandit libero volutpat sed cras ornare arcu. Ac felis donec et odio pellentesque diam volutpat commodo. Convallis a cras semper auctor neque. Tempus iaculis urna id volutpat lacus. Tortor consequat id porta nibh.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Hac habitasse platea dictumst vestibulum rhoncus est pellentesque. Amet dictum sit amet justo donec enim diam vulputate ut. Neque convallis a cras semper auctor neque vitae. Elit at imperdiet dui accumsan. Nisl condimentum id venenatis a condimentum vitae sapien pellentesque. Imperdiet massa tincidunt nunc pulvinar sapien et ligula. Malesuada fames ac turpis egestas maecenas pharetra convallis posuere. Et ultrices neque ornare aenean euismod. Suscipit tellus mauris a diam maecenas sed enim. Potenti nullam ac tortor vitae purus faucibus ornare. Morbi tristique senectus et netus et malesuada. Morbi tristique senectus et netus et malesuada. Tellus pellentesque eu tincidunt tortor aliquam. Sit amet purus gravida quis blandit. Nec feugiat in fermentum posuere urna. Vel orci porta non pulvinar neque laoreet suspendisse interdum. Ultricies tristique nulla aliquet enim tortor at auctor urna. Orci sagittis eu volutpat odio facilisis mauris sit amet.
Tellus molestie nunc non blandit massa enim nec dui. Tellus molestie nunc non blandit massa enim nec dui. Ac tortor vitae purus faucibus ornare suspendisse sed nisi. Pharetra et ultrices neque ornare aenean euismod. Pretium viverra suspendisse potenti nullam ac tortor vitae. Morbi quis commodo odio aenean sed. At consectetur lorem donec massa sapien faucibus et. Nisi quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus. Duis at tellus at urna condimentum mattis pellentesque. Vivamus at augue eget arcu dictum varius duis at. Justo donec enim diam vulputate ut. Blandit libero volutpat sed cras ornare arcu. Ac felis donec et odio pellentesque diam volutpat commodo. Convallis a cras semper auctor neque. Tempus iaculis urna id volutpat lacus. Tortor consequat id porta nibh.
30 More Pages to Come in This Document. Get access to the complete answer.
At MyAssignmenthelp.com, you can buy your assignment in Melbourne at highly competitive rates. We never compromise on quality despite our low prices and offer assignment help in Brisbane too, no matter which university you belong to. We also cover other regions in Australia and provide assignment help in Perth, Sydney and more. You can also avail CDR writing services from us as we have a large pool of experienced in-house CDR writers.
More COMP6014 COMP6014 Secure Programming: Questions & Answers
Cpsc 100 Computer Science
1. Write an Assembly program using Super Simple CPU instruction set that takes input a number from the user and outputs quadruple of the input number in the output box. For example, if user input is 10, (2,,) then the output should be 1000, (8. which is the result of 4 • 2.). 2. Write an Assemb …
View Answer
860G1 Cryptography
Questions:
Mathematics: Cryptography
Answer All The Questions.
1.
(a) Compute 730mod 47 without a calculator, showing the details of all calculations. [3 marks]
(b) Consider a Vigenere` cipher that instead of letters of the English alphabet is applied to hexadecimal numbers, i.e. base-1 …
View Answer
COP3330 Java Programming
Using IntelliJ and Gradle, you will create a GUI-based desktop application to allow a user to manage multiple “todo”-type lists. For [Part 1] of this assignment, you will focus on the design elements: UML Class Diagrams, GUI mock-ups, and pseudocode. You will identify and define classes, interfaces, …
View Answer
CN7026 Cloud Computing
Question:
For this course work, you are required to start with an introduction that gives an overview of the current system in your scenario and identify a problem or issue that cloud computing can be used to address. You must gather functional and non-functional information about the exist …
View Answer
Content Removal Request
If you are the original writer of this content and no longer wish to have your work published on Myassignmenthelp.com then please raise the
content removal request.
Choose Our Best Expert to Help You
Gunner Rocha
Master’s in Statistics from the University of Houston.
950 – Completed Orders
Hire Me
Doyle Taft
I am pursuing my PhD from University of Oxford.
300 – Completed Orders
Hire Me
Still in Two Minds? The Proof is in Numbers!
38983 Genuine Reviews With a Rating of 4.9/5.
Economics
Assignment: 3.2 Pages, Deadline:
3 days
The assisgnment was properly written with great content and structure. Thank You for the assistance.
User ID: 1***22 Singapore
Management
Home Work: 2 Pages, Deadline:
9 days
I am glad to use assignment help. I get nice assignment help from the different trainers.
User ID: 4***45 Australia
Psychology
Thesis: 1 Page, Deadline:
6 days
I am very satisfied the work your company does. My papers have never looked so good. Thank you very much for this.
User ID: 8***47 Singapore
Management
Essay: 4.4 Pages, Deadline:
18 hours
Thank you for the effort of both the author and the expert. Thank you for the effort. The topic is excellent, and I hope to continue at this high leve …
User ID: 9***3 Kuwait
HRM
Assignment: 3 Pages, Deadline:
4 days
very good paper, all aspects covered by the author, which was not easy given the scope
User ID: 3***61 Budapest, Hungary
Management
Home Work: 2 Pages, Deadline:
15 days
The information provided is very clear and used good examples and references. There are no grammatical mistakes at all and the standard of writing is …
User ID: 7***15 Berlin, Germany
Nursing
Assignment: 1 Page, Deadline:
5 days
Thank you for the quality assignment , I always trust and get good mark from assignment help . Thank you for helping .
User ID: 4***73 Berlin, Australia
Healthcare
Assignment: 8 Pages, Deadline:
3 days
I have passed my assignment. I got my assignment back on time. Thank you very much.
User ID: 6***42 Berlin, Australia
Psychology
Essay: 8 Pages, Deadline:
10 days
Good work. I will do business again. Great customer service. Greta expert…….
User ID: 8***51 Berlin, United Arab Emirates
Assignment
Home Work: 3 Pages, Deadline:
5 days
I love the work your company does. My papers have never looked so good. Thank you very much for this.
User ID: 5***00 Berlin, United States
Healthcare
Assignment: 4 Pages, Deadline:
5 days
I got a good grade on this paper thank you for help and I will order more papers
User ID: 7***29 Garden City, United States
Accounting
Programming: 2.8 Pages, Deadline:
3 days
like the work and the way of writing and the marks was good as i got 79 marks and i like the formate of the writing.
User ID: 6***31 Leichhardt, Australia
Management
Assignment: 7 Pages, Deadline:
5 days
the paper was well written and I passed thank you for your service I would pay again
User ID: 7***29 Garden City, United States
Economics
Assignment: 2 Pages, Deadline:
20 hours
The assignment was received on time and I have to check the assignment and will get back for the feedback thank you
User ID: 8***40 Vancouver, Canada
Accounting
Course Work: 0 Pages, Deadline:
11 hours
Everything was met and done perfectly! It hasn’t been graded but through the explanations, I was able to understand the assignment and how the expe …
User ID: 8***57 Vancouver, Canada
HRM
Assignment: 9 Pages, Deadline:
2 days
Got the great and satisfied result. Thank you the expert team. But the expert team need to write more real and work life example for each assignment i …
User ID: 4***0 Central District, Hong Kong
Management
Home Work: 9 Pages, Deadline:
2 days
Got the great and satisfied result for this assignment. Thank you the expert team, but give little suggest to the team, the assignment need to more re …
User ID: 4***0 Central District, Hong Kong
Management
Assignment: 8 Pages, Deadline:
8 hours
Really impressed by your work. the report really good. all the points are detailly explained and the report format looks great.
User ID: 4***87 Melbourne, Australia
Geography
Essay: 6 Pages, Deadline:
3 days
Thank you so much it was amazing and everything was perfect the MLA format was correct and the easy was well written thank you alotttt for your help …
User ID: 8***43 Melbourne, Kuwait
Nursing
Assignment: 6 Pages, Deadline:
6 days
i was pretty happy with the grades and with next time the reports need to be clear and very easy to understand
User ID: 6***1 Canberra, Australia
Economics
Assignment: 3.2 Pages, Deadline:
3 days
The assisgnment was properly written with great content and structure. Thank You for the assistance.
User ID: 1***22 Singapore
Management
Home Work: 2 Pages, Deadline:
9 days
I am glad to use assignment help. I get nice assignment help from the different trainers.
User ID: 4***45 Australia
Psychology
Thesis: 1 Page, Deadline:
6 days
I am very satisfied the work your company does. My papers have never looked so good. Thank you very much for this.
User ID: 8***47 Singapore
Management
Essay: 4.4 Pages, Deadline:
18 hours
Thank you for the effort of both the author and the expert. Thank you for the effort. The topic is excellent, and I hope to continue at this high leve …
User ID: 9***3 Kuwait
HRM
Assignment: 3 Pages, Deadline:
4 days
very good paper, all aspects covered by the author, which was not easy given the scope
User ID: 3***61 Budapest, Hungary
Management
Home Work: 2 Pages, Deadline:
15 days
The information provided is very clear and used good examples and references. There are no grammatical mistakes at all and the standard of writing is …
User ID: 7***15 Berlin, Germany
Nursing
Assignment: 1 Page, Deadline:
5 days
Thank you for the quality assignment , I always trust and get good mark from assignment help . Thank you for helping .
User ID: 4***73 Berlin, Australia
Healthcare
Assignment: 8 Pages, Deadline:
3 days
I have passed my assignment. I got my assignment back on time. Thank you very much.
User ID: 6***42 Berlin, Australia
Psychology
Essay: 8 Pages, Deadline:
10 days
Good work. I will do business again. Great customer service. Greta expert…….
User ID: 8***51 Berlin, United Arab Emirates
Assignment
Home Work: 3 Pages, Deadline:
5 days
I love the work your company does. My papers have never looked so good. Thank you very much for this.
User ID: 5***00 Berlin, United States
Healthcare
Assignment: 4 Pages, Deadline:
5 days
I got a good grade on this paper thank you for help and I will order more papers
User ID: 7***29 Garden City, United States
Accounting
Programming: 2.8 Pages, Deadline:
3 days
like the work and the way of writing and the marks was good as i got 79 marks and i like the formate of the writing.
User ID: 6***31 Leichhardt, Australia
Management
Assignment: 7 Pages, Deadline:
5 days
the paper was well written and I passed thank you for your service I would pay again
User ID: 7***29 Garden City, United States
Economics
Assignment: 2 Pages, Deadline:
20 hours
The assignment was received on time and I have to check the assignment and will get back for the feedback thank you
User ID: 8***40 Vancouver, Canada
Accounting
Course Work: 0 Pages, Deadline:
11 hours
Everything was met and done perfectly! It hasn’t been graded but through the explanations, I was able to understand the assignment and how the expe …
User ID: 8***57 Vancouver, Canada
HRM
Assignment: 9 Pages, Deadline:
2 days
Got the great and satisfied result. Thank you the expert team. But the expert team need to write more real and work life example for each assignment i …
User ID: 4***0 Central District, Hong Kong
Management
Home Work: 9 Pages, Deadline:
2 days
Got the great and satisfied result for this assignment. Thank you the expert team, but give little suggest to the team, the assignment need to more re …
User ID: 4***0 Central District, Hong Kong
Management
Assignment: 8 Pages, Deadline:
8 hours
Really impressed by your work. the report really good. all the points are detailly explained and the report format looks great.
User ID: 4***87 Melbourne, Australia
Geography
Essay: 6 Pages, Deadline:
3 days
Thank you so much it was amazing and everything was perfect the MLA format was correct and the easy was well written thank you alotttt for your help …
User ID: 8***43 Melbourne, Kuwait
Nursing
Assignment: 6 Pages, Deadline:
6 days
i was pretty happy with the grades and with next time the reports need to be clear and very easy to understand
User ID: 6***1 Canberra, Australia
Have any Query?
The post COMP6014 Secure Programming: Several Security Flaws appeared first on My Blog.
