COIT 20259

Enterprise Computing Architecture

Term-1, 2017

Assignment 2
EBusiness System

LECTURER: Ayub Bokani

TUTOR: Ayub Bokani

PREPARED BY

Bivek Tripathi (S0275343)

Table of Contents
System Architecture ................................................................................................................... 1
Test Plan.................................................................................................................................... 2
User Instructions ........................................................................................................................ 5
SPMS System as Cloud based System ....................................................................................10
References ...............................................................................................................................11
System Architecture

Figure 1 represents the system architecture of Study Progress Monitor System. The users send
the request to server by the client application. The requests send to the server are to see the list
of students, subjects, assessment of subjects and grades for graded assessments. Threads are
used by server to response to the client request. Database Utility is used as a gateway to
access the client requests.

Client Server Database

Student Subject Grade Assessment GradedAssessment Student

Subject

DatabaseUtility
Client Grade

Users

Assessment
Threads

GradedAsse
ssment

Figure 1 System Architecture for SPMS system

Figure 2 represents the file structure for the SPMS system.

Figure 2 File structure for SPMS system

1
Test Plan
Test plans for the SPMS system are as follows:
Test Name Test Plan 1
Test View Student list
Objective
Test Data Nil.
Test Result

Status Success

Test Name Test Plan 2

Test View Subject List
Objective
Test Data Nil.

2
Test Result

Status Success

Test Test Plan 3

Name
Test Display assessment list
Objective
Test Data Maths B
Test
Result

Status Success

Test Test Plan 4

Name
Test Set Grade
Objective
Test Data Lily li,maths b,11.1,very high

3
Test
Result

Status Success

Test Test Plan 5

Name
Test Display grades
Objective
Test Data Lily li
Test
Result

Status Success

Test Test Plan 6

Name
Test Exit the client
Objective
Test Data Nil

4
 Test
Result

Status Success

Test Test Plan 7

Name
Test Output of Server side
Objective
Test Data Client selection of 1 to 6 in the menu
Test
Result

Status Success

User Instructions
User instructions to use the SMPS System are as follows:
Start Server
Start the server by following given steps:
Find server.java file in SPMS project. SPMS Directory Source Packages
spmsServer.java
On right click Server.java displays run option which is used to run the server.

5
 1. The server starts with the following output.

Start Client
To start the client follow the following steps:
1. Find client.java file in SPMS project. SPMS Directory Source Packages
spmsClient.java
2. On right click Client.java displays run option which is used to run the client.

1. The client starts with the following output.

6
Display Student
By entering 1 in the client output interface list of students is displayed.

Display Subjects
By entering 2 in the client output interface list of subjects is displayed as shown in figure:

7
Display assessments for a subject
By entering 3 in the client output interface list of assessments is displayed as shown in figure:

Set grade for a student and assessment

By entering 4 in the client output interface, we have to provide student name,
subjectname,assessmentid and grade with comma which makes it able to set grade for the
student as shown in figure:

8
Display grades
By entering 5 in the client output interface and provide the student name which displays the
grades for the student.

Exit the client

By entering 6 in the client output interface the application exits.

9
SPMS System as Cloud based System
SMPS system can be extended to cloud based system which enables students. Parents and
Officials to access the system whenever and wherever needed by the use of various devices.
There are many security issues while deploying systems to cloud. There can be privacy and
security issues with SMPS System moving to cloud. The security threats can be categorized
into four categories.
Interruption: It arises due to denial of service to block the availability of System.
Modification: It arises due to unauthorized access which tampers the information.
Fabrication: It arises due to weak authentication, access control and authorization capabilities of
network.
Thus, there arises the need for additional security requirements for SMPS which should assure
Privacy, Integrity and availability of the system. Security threats can be prevented by applying
following techniques:
Authentication and Verification: It is the protection model for Interuptions.
Authorization validation: It is the protection model for Interception.
Fault tolerance mechanism: It is the protection model for Modification.
Data encryption: It is the protection model for Fabrication. It prevents the information
exposure and maintains the privacy of the data.
Auditing: It is a passive form of protection. Active log auditing is an example of Auditing.
It is also protection model for fabrication.
We can also use digital certificates with problem concerning authentication which allows
information to be send securely from clients to servers. Secure Socket Layer and Transport
Layer Security can be implemented for security concerns for transferring data across the
network.
There are Java language constructs which can be used for cyber security requirements are:
Java Cryptography Architecture(JCA):It is a security framework for core java api. It offers
set of APIs which can be used for digital signature, hash algorithms ,validations
encryptions and key generations. JCA engines can be found in java.security package.
Java Cryptography Extension: It is a security framework for strong encryption.
Cryptographic operations are classified into JCE engines. It provides encryption and
decryptions. It also produces secret keys used by encryptions and decryptions. It also
operates on Secret key objects. It has message authentication code functionality. It is
located in javax.crypto package.

Java Authentication and Authorization Service (JAAS) : It is used to have subject based
authentication and authorizations. It is used for users to reliably and securely determine
who is executing the program. It is also used to authorize the users to ensure that they
have the permissions to perform the particular task. SMPS System can use JAAS to
perform secure Authentication and authorization. SPMS System can use it by importing
javax.security.auth package.

10
 Java Secure Socket Extension (JSSE): It is a API which provides secure SSL(Secure
Socket Layer) and TLS(Transport layer Security) support to java platform. With the use of
JSSE there is secure passage of information between client and server. JSSE can be
used in SPMS System by importing javax.net and javax.net.ssl packages.

References
JSSE Reference Guide for Java SE, 2017, viewed 16 May 2017,
http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html
Java Authentication and Authorization Service (JAAS) Reference Guide, 2017, viewed 16 May
2017, http://docs.oracle.com/javase/7/docs/technotes/guides/security/jaas/JAASRefGuide.html
Java Cryptography Architecture (JCA) Reference Guide, 2017, viewed 16 May 2017,
http://docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html
R. K. Abercrombie, F. T. Sheldon and A. Mili, "Validating Cyber Security Requirements: A Case
Study," 2011 44th Hawaii International Conference on System Sciences, Kauai, HI, 2011, pp. 1-
10.doi: 10.1109/HICSS.2011.480

11