COMP6014 Secure Programming: Several Security Flaws

$20 Bonus + 25% OFF

Securing Higher Grades Costing Your Pocket?
Book Your Assignment at The Lowest Price
Now!

Students Who Viewed This Also Studied

COMP6014 Secure Programming

Task

Summary

There are two items of coursework for the module, that are collectively worth 100% of your module mark. They are CW1, a security analysis, and CW2, a software development.

1. The security analysis, which will also require a software modification, is for 40% of your module mark and it will test the following module level outcomes:

•Have a thorough understanding of the main attack vectors commonly used to attack  software and be able to design and implement software that reduces the likelihood of those vulnerabilities being exploitable

•Conduct a detailed and critical analysis of existing software and utilise the results to produce secure modifications to treat or mitigate any vulnerabilities found

2. The software development is for the remaining 60% of your module mark. You will produce a secure prototype of a student record management system in the programming language C/C++, accessed through a web interface. This will test the following module level outcomes.

•Have a thorough understanding of the principles and issues involved in designing secure software and be able to utilise them in the construction of complex software.

•Have a thorough understanding of the main attack vectors commonly used to attack software and be able to design and implement software that reduces the likelihood of those vulnerabilities being exploitable.

•Design and implement concurrent and distributed software which operates in hostile environments

•Design and implement secure software that utilises the underlying security model of the OS and hardware.

CW1: Security analysis

The purpose of your first coursework is to see whether you can discover and fix security flaws in other people’s code, before you then attempt to build secure software from scratch for your second coursework.

The program you have been given has several security flaws and is intended to enable lecturers to view and store marks for students on modules. It reads in a file pwds.txt containing for each lecturer their passwords (encrypted) and the modules (up to five) that they are working on. It authenticates the user by asking them for a name and password and then presents them with a list of their modules. The user can then select a module, see a list of marks for each student and change the marks for a student. You may assume that pwds.txt is vulnerable to unauthorised writes but that the other files are not.

Examination of the Code

You can compile and run the code, which has been developed on Ubuntu (run from Virtual Box) and tested on Windows (compiled as normal with Visual C++) but you will need to examine the source code itself (which the attacker has access to) and think carefully about how it works.

CW2: Software Development

The software you are writing is a CGI program written in C/C++. This means that it is running on a web server and it will be accessed through a web interface. The function of the software is a student record management system. Lecturers will use it to view a list of the students for their modules and they will be able to view the marks for those students and change them.

A separate person called the administrator will be responsible for deciding which lecturers oversee which modules. They will also add students to modules; for simplicity, the students will not have accounts with which to add themselves to modules. 
Here are the functional and non-functional requirements for the software development. You will be marked on your understanding of potential attack vectors against secure software and on the principles of designing secure software, and on how well you design and implement software that reduces the likelihood of those vulnerabilities being exploitable.

Functional Requirements

FR1: There are two kinds of users: lecturers and administrators. Both can register an account and set a password.

FR2: Lecturers can see a list of their modules and a list of the students on each module. They can also enter and change marks.

FR3: Administrators can assign lecturers to modules and students to modules. There is only one administrator account.

FR4: The process of logging in should use two-factor authentication. The user must enter a second password sent by email after the main password has been entered. The email address to be used is the one entered when registering the account. If you are not able to install the relevant mail library, you can simulate the process of emailing by appending to a “mail spool” text file representing all the emails that have been sent.

FR5: The administrator account, in addition to the protections of FR4, must also be authenticated by a “hardware” token, which should be implemented as a piece of challenge-response software.

Non-Functional Requirements

NFR1: You may use your own web server running on your own machine if you wish. However, the department has provided the SOTS server, which you can use instead. Your login details have been emailed to you.

NFR2: The system must be developed in C/C++. You may use CGI to interact with the web pages. You may use the C/C++ CGI libraries, which have been installed on SOTS, if you are using SOTS. Here is one of many tutorials on them:

NFR3: The system must be robust and secure. Specifically, it should be capable of mitigating many kinds of attacks covered in the module, as detailed in the marking scheme. SSL must not be the sole means of preventing these attacks.

NFR4: The system must be designed with maintainability, security and reliability in mind and according to best practice in designing and implementing secure software. Defensive software practices should be used throughout.

NFR5: Your code should be commented and have sensible and consistent naming

NFR6: The system should be responsive and easy to use

NFR7: You may use cryptographic libraries if you wish.

NFR8: Your report must explain why you believe you have satisfied NFR3, NFR4, NFR6.

NFR9: Your report must explain why you believe you have satisfied FR1, FR2, FR3, FR4, FR5.

COMP6014 Secure Programming

Answer in Detail


Solved by qualified expert

Get Access to This Answer

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Hac habitasse platea dictumst vestibulum rhoncus est pellentesque. Amet dictum sit amet justo donec enim diam vulputate ut. Neque convallis a cras semper auctor neque vitae. Elit at imperdiet dui accumsan. Nisl condimentum id venenatis a condimentum vitae sapien pellentesque. Imperdiet massa tincidunt nunc pulvinar sapien et ligula. Malesuada fames ac turpis egestas maecenas pharetra convallis posuere. Et ultrices neque ornare aenean euismod. Suscipit tellus mauris a diam maecenas sed enim. Potenti nullam ac tortor vitae purus faucibus ornare. Morbi tristique senectus et netus et malesuada. Morbi tristique senectus et netus et malesuada. Tellus pellentesque eu tincidunt tortor aliquam. Sit amet purus gravida quis blandit. Nec feugiat in fermentum posuere urna. Vel orci porta non pulvinar neque laoreet suspendisse interdum. Ultricies tristique nulla aliquet enim tortor at auctor urna. Orci sagittis eu volutpat odio facilisis mauris sit amet.

Tellus molestie nunc non blandit massa enim nec dui. Tellus molestie nunc non blandit massa enim nec dui. Ac tortor vitae purus faucibus ornare suspendisse sed nisi. Pharetra et ultrices neque ornare aenean euismod. Pretium viverra suspendisse potenti nullam ac tortor vitae. Morbi quis commodo odio aenean sed. At consectetur lorem donec massa sapien faucibus et. Nisi quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus. Duis at tellus at urna condimentum mattis pellentesque. Vivamus at augue eget arcu dictum varius duis at. Justo donec enim diam vulputate ut. Blandit libero volutpat sed cras ornare arcu. Ac felis donec et odio pellentesque diam volutpat commodo. Convallis a cras semper auctor neque. Tempus iaculis urna id volutpat lacus. Tortor consequat id porta nibh.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Hac habitasse platea dictumst vestibulum rhoncus est pellentesque. Amet dictum sit amet justo donec enim diam vulputate ut. Neque convallis a cras semper auctor neque vitae. Elit at imperdiet dui accumsan. Nisl condimentum id venenatis a condimentum vitae sapien pellentesque. Imperdiet massa tincidunt nunc pulvinar sapien et ligula. Malesuada fames ac turpis egestas maecenas pharetra convallis posuere. Et ultrices neque ornare aenean euismod. Suscipit tellus mauris a diam maecenas sed enim. Potenti nullam ac tortor vitae purus faucibus ornare. Morbi tristique senectus et netus et malesuada. Morbi tristique senectus et netus et malesuada. Tellus pellentesque eu tincidunt tortor aliquam. Sit amet purus gravida quis blandit. Nec feugiat in fermentum posuere urna. Vel orci porta non pulvinar neque laoreet suspendisse interdum. Ultricies tristique nulla aliquet enim tortor at auctor urna. Orci sagittis eu volutpat odio facilisis mauris sit amet.

Tellus molestie nunc non blandit massa enim nec dui. Tellus molestie nunc non blandit massa enim nec dui. Ac tortor vitae purus faucibus ornare suspendisse sed nisi. Pharetra et ultrices neque ornare aenean euismod. Pretium viverra suspendisse potenti nullam ac tortor vitae. Morbi quis commodo odio aenean sed. At consectetur lorem donec massa sapien faucibus et. Nisi quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus. Duis at tellus at urna condimentum mattis pellentesque. Vivamus at augue eget arcu dictum varius duis at. Justo donec enim diam vulputate ut. Blandit libero volutpat sed cras ornare arcu. Ac felis donec et odio pellentesque diam volutpat commodo. Convallis a cras semper auctor neque. Tempus iaculis urna id volutpat lacus. Tortor consequat id porta nibh.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Hac habitasse platea dictumst vestibulum rhoncus est pellentesque. Amet dictum sit amet justo donec enim diam vulputate ut. Neque convallis a cras semper auctor neque vitae. Elit at imperdiet dui accumsan. Nisl condimentum id venenatis a condimentum vitae sapien pellentesque. Imperdiet massa tincidunt nunc pulvinar sapien et ligula. Malesuada fames ac turpis egestas maecenas pharetra convallis posuere. Et ultrices neque ornare aenean euismod. Suscipit tellus mauris a diam maecenas sed enim. Potenti nullam ac tortor vitae purus faucibus ornare. Morbi tristique senectus et netus et malesuada. Morbi tristique senectus et netus et malesuada. Tellus pellentesque eu tincidunt tortor aliquam. Sit amet purus gravida quis blandit. Nec feugiat in fermentum posuere urna. Vel orci porta non pulvinar neque laoreet suspendisse interdum. Ultricies tristique nulla aliquet enim tortor at auctor urna. Orci sagittis eu volutpat odio facilisis mauris sit amet.

Tellus molestie nunc non blandit massa enim nec dui. Tellus molestie nunc non blandit massa enim nec dui. Ac tortor vitae purus faucibus ornare suspendisse sed nisi. Pharetra et ultrices neque ornare aenean euismod. Pretium viverra suspendisse potenti nullam ac tortor vitae. Morbi quis commodo odio aenean sed. At consectetur lorem donec massa sapien faucibus et. Nisi quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus. Duis at tellus at urna condimentum mattis pellentesque. Vivamus at augue eget arcu dictum varius duis at. Justo donec enim diam vulputate ut. Blandit libero volutpat sed cras ornare arcu. Ac felis donec et odio pellentesque diam volutpat commodo. Convallis a cras semper auctor neque. Tempus iaculis urna id volutpat lacus. Tortor consequat id porta nibh.

30 More Pages to Come in This Document. Get access to the complete answer.

At MyAssignmenthelp.com, you can buy your assignment in Melbourne at highly competitive rates. We never compromise on quality despite our low prices and offer assignment help in Brisbane too, no matter which university you belong to. We also cover other regions in Australia and provide assignment help in Perth, Sydney and more. You can also avail CDR writing services from us as we have a large pool of experienced in-house CDR writers.

More COMP6014 COMP6014 Secure Programming: Questions & Answers

Cpsc 100 Computer Science

1. Write an Assembly program using Super Simple CPU instruction set that takes input a number from the user and outputs quadruple of the input number in the output box. For example, if user input is 10, (2,,) then the output should be 1000, (8. which is the result of 4 • 2.). 2. Write an Assemb …

View Answer

860G1 Cryptography

Questions:
Mathematics: Cryptography
Answer All The Questions.
1.
(a) Compute 730mod 47 without a calculator, showing the details of all calculations.  [3 marks]
(b) Consider a Vigenere` cipher that instead of letters of the English alphabet is applied to hexadecimal numbers, i.e. base-1 …

View Answer

COP3330 Java Programming

Using IntelliJ and Gradle, you will create a GUI-based desktop application to allow a user to manage multiple “todo”-type lists. For [Part 1] of this assignment, you will focus on the design elements: UML Class Diagrams, GUI mock-ups, and pseudocode. You will identify and define classes, interfaces, …

View Answer

CN7026 Cloud Computing

Question:
For this course work, you are required to start with an introduction that gives an overview of the current system in your scenario and identify a problem or issue that cloud computing can be used to address.  You must gather functional and non-functional information about the exist …

View Answer

Content Removal Request

If you are the original writer of this content and no longer wish to have your work published on Myassignmenthelp.com then please raise the
content removal request.

Choose Our Best Expert to Help You

Gunner Rocha

Master’s in Statistics from the University of Houston.

950 – Completed Orders

Hire Me

Doyle Taft

I am pursuing my PhD from University of Oxford.

300 – Completed Orders

Hire Me

Still in Two Minds? The Proof is in Numbers!

38983 Genuine Reviews With a Rating of 4.9/5.

Economics

Assignment: 3.2 Pages, Deadline:
3 days

The assisgnment was properly written with great content and structure. Thank You for the assistance.

User ID: 1***22 Singapore

Management

Home Work: 2 Pages, Deadline:
9 days

I am glad to use assignment help. I get nice assignment help from the different trainers.

User ID: 4***45 Australia

Psychology

Thesis: 1 Page, Deadline:
6 days

I am very satisfied the work your company does. My papers have never looked so good. Thank you very much for this.

User ID: 8***47 Singapore

Management

Essay: 4.4 Pages, Deadline:
18 hours

Thank you for the effort of both the author and the expert. Thank you for the effort. The topic is excellent, and I hope to continue at this high leve …

User ID: 9***3 Kuwait

HRM

Assignment: 3 Pages, Deadline:
4 days

very good paper, all aspects covered by the author, which was not easy given the scope

User ID: 3***61 Budapest, Hungary

Management

Home Work: 2 Pages, Deadline:
15 days

The information provided is very clear and used good examples and references. There are no grammatical mistakes at all and the standard of writing is …

User ID: 7***15 Berlin, Germany

Nursing

Assignment: 1 Page, Deadline:
5 days

Thank you for the quality assignment , I always trust and get good mark from assignment help . Thank you for helping .

User ID: 4***73 Berlin, Australia

Healthcare

Assignment: 8 Pages, Deadline:
3 days

I have passed my assignment. I got my assignment back on time. Thank you very much.

User ID: 6***42 Berlin, Australia

Psychology

Essay: 8 Pages, Deadline:
10 days

Good work. I will do business again. Great customer service. Greta expert…….

User ID: 8***51 Berlin, United Arab Emirates

Assignment

Home Work: 3 Pages, Deadline:
5 days

I love the work your company does. My papers have never looked so good. Thank you very much for this.

User ID: 5***00 Berlin, United States

Healthcare

Assignment: 4 Pages, Deadline:
5 days

I got a good grade on this paper thank you for help and I will order more papers

User ID: 7***29 Garden City, United States

Accounting

Programming: 2.8 Pages, Deadline:
3 days

like the work and the way of writing and the marks was good as i got 79 marks and i like the formate of the writing.

User ID: 6***31 Leichhardt, Australia

Management

Assignment: 7 Pages, Deadline:
5 days

the paper was well written and I passed thank you for your service I would pay again

User ID: 7***29 Garden City, United States

Economics

Assignment: 2 Pages, Deadline:
20 hours

The assignment was received on time and I have to check the assignment and will get back for the feedback thank you

User ID: 8***40 Vancouver, Canada

Accounting

Course Work: 0 Pages, Deadline:
11 hours

Everything was met and done perfectly! It hasn’t been graded but through the explanations, I was able to understand the assignment and how the expe …

User ID: 8***57 Vancouver, Canada

HRM

Assignment: 9 Pages, Deadline:
2 days

Got the great and satisfied result. Thank you the expert team. But the expert team need to write more real and work life example for each assignment i …

User ID: 4***0 Central District, Hong Kong

Management

Home Work: 9 Pages, Deadline:
2 days

Got the great and satisfied result for this assignment. Thank you the expert team, but give little suggest to the team, the assignment need to more re …

User ID: 4***0 Central District, Hong Kong

Management

Assignment: 8 Pages, Deadline:
8 hours

Really impressed by your work. the report really good. all the points are detailly explained and the report format looks great.

User ID: 4***87 Melbourne, Australia

Geography

Essay: 6 Pages, Deadline:
3 days

Thank you so much it was amazing and everything was perfect the MLA format was correct and the easy was well written thank you alotttt for your help …

User ID: 8***43 Melbourne, Kuwait

Nursing

Assignment: 6 Pages, Deadline:
6 days

i was pretty happy with the grades and with next time the reports need to be clear and very easy to understand

User ID: 6***1 Canberra, Australia

Economics

Assignment: 3.2 Pages, Deadline:
3 days

The assisgnment was properly written with great content and structure. Thank You for the assistance.

User ID: 1***22 Singapore

Management

Home Work: 2 Pages, Deadline:
9 days

I am glad to use assignment help. I get nice assignment help from the different trainers.

User ID: 4***45 Australia

Psychology

Thesis: 1 Page, Deadline:
6 days

I am very satisfied the work your company does. My papers have never looked so good. Thank you very much for this.

User ID: 8***47 Singapore

Management

Essay: 4.4 Pages, Deadline:
18 hours

Thank you for the effort of both the author and the expert. Thank you for the effort. The topic is excellent, and I hope to continue at this high leve …

User ID: 9***3 Kuwait

HRM

Assignment: 3 Pages, Deadline:
4 days

very good paper, all aspects covered by the author, which was not easy given the scope

User ID: 3***61 Budapest, Hungary

Management

Home Work: 2 Pages, Deadline:
15 days

The information provided is very clear and used good examples and references. There are no grammatical mistakes at all and the standard of writing is …

User ID: 7***15 Berlin, Germany

Nursing

Assignment: 1 Page, Deadline:
5 days

Thank you for the quality assignment , I always trust and get good mark from assignment help . Thank you for helping .

User ID: 4***73 Berlin, Australia

Healthcare

Assignment: 8 Pages, Deadline:
3 days

I have passed my assignment. I got my assignment back on time. Thank you very much.

User ID: 6***42 Berlin, Australia

Psychology

Essay: 8 Pages, Deadline:
10 days

Good work. I will do business again. Great customer service. Greta expert…….

User ID: 8***51 Berlin, United Arab Emirates

Assignment

Home Work: 3 Pages, Deadline:
5 days

I love the work your company does. My papers have never looked so good. Thank you very much for this.

User ID: 5***00 Berlin, United States

Healthcare

Assignment: 4 Pages, Deadline:
5 days

I got a good grade on this paper thank you for help and I will order more papers

User ID: 7***29 Garden City, United States

Accounting

Programming: 2.8 Pages, Deadline:
3 days

like the work and the way of writing and the marks was good as i got 79 marks and i like the formate of the writing.

User ID: 6***31 Leichhardt, Australia

Management

Assignment: 7 Pages, Deadline:
5 days

the paper was well written and I passed thank you for your service I would pay again

User ID: 7***29 Garden City, United States

Economics

Assignment: 2 Pages, Deadline:
20 hours

The assignment was received on time and I have to check the assignment and will get back for the feedback thank you

User ID: 8***40 Vancouver, Canada

Accounting

Course Work: 0 Pages, Deadline:
11 hours

Everything was met and done perfectly! It hasn’t been graded but through the explanations, I was able to understand the assignment and how the expe …

User ID: 8***57 Vancouver, Canada

HRM

Assignment: 9 Pages, Deadline:
2 days

Got the great and satisfied result. Thank you the expert team. But the expert team need to write more real and work life example for each assignment i …

User ID: 4***0 Central District, Hong Kong

Management

Home Work: 9 Pages, Deadline:
2 days

Got the great and satisfied result for this assignment. Thank you the expert team, but give little suggest to the team, the assignment need to more re …

User ID: 4***0 Central District, Hong Kong

Management

Assignment: 8 Pages, Deadline:
8 hours

Really impressed by your work. the report really good. all the points are detailly explained and the report format looks great.

User ID: 4***87 Melbourne, Australia

Geography

Essay: 6 Pages, Deadline:
3 days

Thank you so much it was amazing and everything was perfect the MLA format was correct and the easy was well written thank you alotttt for your help …

User ID: 8***43 Melbourne, Kuwait

Nursing

Assignment: 6 Pages, Deadline:
6 days

i was pretty happy with the grades and with next time the reports need to be clear and very easy to understand

User ID: 6***1 Canberra, Australia

Have any Query?

CLICK HERE TO GET ORIGINAL ANSWERS FROM WRITERS

WhatsApp
Hello! Need help with your assignments?
Loading...