NETW7008 - Secure Programming - Security Analysis - Software Modification - Computer Science Assignment Help

Assignment Task

Summary
There are two items of coursework for the module, that are collectively worth 50% of your module mark. They are CW1, a security analysis, and CW2, a software development. The remaining 50% comes from your examination mark.
1. The security analysis, which will also require a software modification, is for 20% of your module mark and it will test the following module level outcomes:

• Have a thorough understanding of the main attack vectors commonly used to attack software and be able to design and implement software that reduces the likelihood of those vulnerabilities being exploitable
• Conduct a detailed and critical analysis of existing software and utilise the results to produce secure modifications to treat or mitigate any vulnerabilities found

2. The software development is for 30% of your module mark. You will produce a secure prototype of a student record management system in the programming language C/C++, accessed through a web interface. This will test the following module level outcomes.

• Have a thorough understanding of the principles and issues involved in designing secure software and be able to utilise them in the construction of complex software
• Have a thorough understanding of the main attack vectors commonly used to attack software and be able to design and implement software that reduces the likelihood of those vulnerabilities being exploitable
• Design and implement concurrent and distributed software which operates in hostile environments
• Design and implement secure software that utilises the underlying security model of the OS and hardware.

Security analysis
The purpose of your first coursework is to see whether you can discover and fix security flaws in other people’s code, before you then attempt to build secure software from scratch for your second coursework. The program you have been given has several security flaws and is intended to enable lecturers to view and store marks for students on modules. It reads in a file pwds.txt containing for each lecturer their passwords (encrypted) and the modules (up to five) that they are working on. It authenticates the user by asking them for a name and password and then presents them with a list of their modules. The user can then select a module, see a list of marks for each student and change the marks for a student. You may assume that pwds.txt is vulnerable to unauthorised writes but that the other files are not.

Software Development
The software you are writing is a CGI program written in C/C++. This means that it is running on a web server and it will be accessed through a web interface. The function of the software is a student record management system. Lecturers will use it to view a list of the students for their modules and they will be able to view the marks for those students and change them. A separate person called the administrator will be responsible for deciding which lecturers oversee which modules. They will also add students to modules; for simplicity, the students will not have accounts with which to add themselves to modules. Here are the functional and non-functional requirements for the software development. You will be marked on your understanding of potential attack vectors against secure software and on the principles of designing secure software, and on how well you design and implement software that reduces the likelihood of those vulnerabilities being exploitable.

This NETW7008 - Computer Science Assignment has been solved by our Computer Science experts at My Uni Paper. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing style.
Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turnitin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.