Hello, dear friend, you can consult us at any time if you have any questions, add WeChat: daixieit

Introduction to Computer Security – G6077

Weighting: 50% of marks for the module

Version Information: Version 1, Oct 2023

Submission deadline: Check deadline on Sussex direct. e-submission to Canvas

You must work on this assignment on your own. The standard Informatics rules for collusion, plagiarism and lateness apply. Any cases of potential misconduct discovered will be reported and investigated.

Part A – Virtual Private Cloud (10 marks)

Use the AWS services to implement the infrastructure given below. Once you implement this, you will need to take screen shots of your settings to provide it in the report.

Part B (90 marks)

Lovejoy’s Antique Evaluation Web Application

In this part of the coursework, you will develop a secure web application for a local antique dealer named Lovejoy.  Lovejoy wants a minimum viable product allowing customers to register and then request evaluations of potential antique objects.   Lovejoy has many rivals in the antique business who may sometimes resort to underhand tactics and so is very concerned about the security of the application.

Your secure web application will need to have these features for the minimum viable product (MVP) release: user registration and login, a password policy, “request evaluation” page and then an extension of the “request evaluation” page file upload to allow upload of photos. Finally, Lovejoy needs a request listing page.

You should build Lovejoy’s MVP focusing on the following features in each task.  As well as the code, you should submit a report as described in the appendix below, where you will provide a self-reflection on the security and for each feature.  Mark allocation for each task are as described below and in the security analysis grid.  You should reflect upon your work and provide estimates of how much you’ve achieved by filling out the marking grid, which if completed will be allocated 5 marks. An example of self-reflection is provided in the Canvas. There are thus 35 marks for completing the application reasonably, 50 marks for the security features identified and implemented, and 5 marks for self-reflection.

You have a choice of technologies from which to build the application:

· PHP (host it for free on 000webhost or on the AWS)

· Java

· Python

No other approach is allowed. If you are using Java and Python, you should research it yourself to find out where you want to host it.

Submission guidance

You are only submitting the report to the Canvas. You must follow the report template.

Report -- You must use the report template provided at the end of this coursework description. In your report, you will provide screenshots of all the marking criteria elements and annotate where necessary. In screen shots for the code, please don’t give a big chunk of code, provide only the related lines.

Use bullet points to give any explanation, please don’t write big paragraphs.

Recording -- You will use Sussex Panopto to record the working of your application and to show features that will be difficult for us to test. For example, if you implement 2FA, record it in Panopto to show that it is working, then comment out that feature so that we can test other features. Provide us a test user detail so that we can test the application. Recording should not be more than 10 minutes. You must need to plan your recording and user testing strategy in a way that we are able to see a feature working or should be able to test it. If I cannot see a feature working and cannot test it, I cannot give marks for that feature.

URL – URL of your application -- You must host your application online. The URL will need to be provided in the report.

Code file location -- Upload your code to the OneDrive and provide the code link in the report for our inspection.