Friday, June 24, 2011

cs507 Assignment NO:4 Solution spring 2011


Question:A famous boutique in Lahore is going to launch a website to introduce online shopping facility for its customers.What kind of preventive measures can be adopted to save the website from the expected threats?
Also explain the technique used to make your electronic documents (such as email, text files) secured? [10 marks]


Due Date:
Your assignment must be uploaded/submitted before or on 
28th June 2011



SOLUTION:



As organizations move more business processes online, protecting the
confidentiality and
privacy of the information used during these processes is essential. Because many
automated processes rely on electronic documents that contain mission-critical,
personal,
and sensitive information, organizations must make significant investments to
properly
protect these documents.
Stop the Hack and Secure Your Website in 10 Best Methods
If you are a business owner, then you must know how important it is for you to
have your
own website. You can use it to be able to reach as many target customers as
possible.
After all, they are located in almost many parts of the world. You can display all your
products and services in yo ur website. But do you know that they can be a great
area for
hackers to play on? So how can you protect your website against hacking?
1.
Protect your files with passwords
. Surely, your website will contain scripts,
database, and files that are not meant to be shared publicly but for perhaps the
search engine bots. To avoid having an yon e getting hold of them, it may be ideal
to protect them with password. However, you hav e to make sure th at these are
ver y hard to decipher. This is because they can simply make use of passworddeciphering
software. You can combine alphanumeric characters and exhaust all
the character limits as much as possible.
2.
Secure your e-mail address
. There may be times when you will be receiving an
e-mail address courtesy of your online business form. There are even others who
will send a message directly into your mailbox. This may mean th at spammers
have got hold of your contact information perhaps in the Web or from someone
else. To prevent this, you can make use of software that will split your e-mail
address. It will then very hard for spamming software to read. You can also just
add an E-mail Us link into your website or an image which can be clicked and
allow your customers to send an
e-mail
right away. There’s no need to reveal the
e-mail address.

3.
Don’t leave e-mail addresses anywhere
. Perhaps you’re thinking of mark eting
your website in forums and other public online networks. This is okay; however,
you have to be very cautious. Hackers and spammers are very much interested of
your e-mail address. You can make use of a bogus one, and simply add a link of
your website in the signature.
4.
Secure your source code
. There are hackers who are interested in getting your
source code to either destroy it or to build a website clone. That’s why it is very
important that you can protect it against such individuals. You can make use of
scripts that will allow your source code to remain hidden to Internet users. Or you
can simply make use of external CSS sheets as well as files for Javascript.
5.
Check for software patches
. If you have been using some software in building or
maintaining your website, make sure that you constantly update all of your files.
This may be because the older ones can no longer protect your website
from
hackers
and
spammers
.
6.
Sign up for updates
. Majority of the product and software updates may only be
announced in their respective websites. This is to encourage their customers to
continuously be up-to-date too of an y new products that they are currently
introducing into the market. To avoid the hassle, sign up using one secure e-mail
address in all of their newsletters. If you receive any updates, make su re you take
time in reading them.
7.
Add a robot.txt.
This is a special instruction you will give to search engines who
may be visiting your webpages. You can instruct them to only index those files
that are meant for users. You can also direct them to not index an y that are only
meant for webmasters. These may include files and images.
8.
Check the permissions you may have set for your uploaded files.
This is to
prevent any hacker from getting access into your important and confidential files.
You can confirm it by selecting CHMOD for your files located in the web hosting
server. Otherwise, if you aren’t sur e, then you can simply verify it from you r
webmaster.
9.
Take away old or unnecessary files.
It’s normal for search engines to keep files

from your website, especially if they are being ind exed. However, if you remove
them from the server, then no one can access them anymore. It will not be
obtainable for hackers and spammers.
10.
Know your server
. Your server is very essential as you basically keep all of you r
files there, and it will cause your website to run smoothly. Intruders, on the other
hand, can add virus or
malware
into your system, thereby causing damage into
your website. If you are running it on your own, you must know your server
properly. This way, you can set the right security and permission level for your
site.
How to provide persistent document security
A significantly more effective solution for protecting an electronic document is to
assign
security parameters that are an integral part of the document itself. The following
criteria
define persistent document security:
Confidentiality—Who should have access to the document?
Authorization—What permissions does the user have for working with the
document?
Accountability—What has the recipient done with the document?
Integrity—How do you know if the document has been altered?
Authenticity—How do you know where the document came f rom?
Non-repudiation—Can the signatory deny signing the document?
Access Controls
These controls establish the interface between the would-be user of the computer
system
and the computer itself. These controls monitor the initial handshaking procedure of
the
user with the operating system. For example when a customer enters the card and
the pin
code in an automatic teller machine (ATM), the access controls are exercised b y
the
system to block unwanted or illegitimate access.
The identity of the user needs to be established before granting access. The user
should
be given access to the nature and kind of resources he is entitled to access. Actions
taken
by users to have access beyond the limits defined should be blocked and recorded.
Cryptography
In literal terms, cryptography means science of coded writing. It is a security
safeguard to
render information unintelligible if unauthorized individuals intercept the
transmission.
When the information is to be used, it can be decoded. “The conversion of data into
a secret


No comments:

Post a Comment

Solution Available for following Subjects

BBA, B.Com & BS Assignments Discussion
BA All Subjects Assignment Discussion
ACC501 - Business Finance
CS001 - Computer Proficiency License
CS101 - Introduction to Computing
CS201 - Introduction to Programming
CS304 - Object Oriented Programming
ECO401 - Economics
ECO402 - Microeconomics
ECO403 - Macroeconomics
ENG101 - English Comprehension
ENG201 - Business and Technical English Writing
ENG301 - Business Communication
ETH201 - Ethics (for Non-Muslims)
ISL201 - Islamic Studies
IT430 - E-Commerce
MCM101 - Introduction to Mass Communication
MCM301 - Communication skills
MCM304 - Mass Media in Pakistan
MCM310 - Journalistic Writing
MGMT611 - Human Relations (alt. code=HRM611)
MGT101 - Financial Accounting
MGT111 - Introduction to Public Administration
MGT211 - Introduction To Business
MGT301 - Principles of Marketing
MGT401 - Financial Accounting II
MGT501 - Human Resource Management
MGT502 - Organizational Behaviour
MGT503 - Principles of Management
MGT603 - Strategic Management
MTH302 - Business Mathematics & Statistics
PAK301 - Pakistan Studies
STA301 - Statistics and Probability
PSY101 - Introduction to Psychology
PSY403 - Social Psychology
PSY502 - History & Systems of Psychology
SOC101 - Introduction to Sociology
B.Com All Subjects Assignment Discussion
ACC311 - Fundamentals of Auditing
ACC501 - Business Finance
CS101 - Introduction to Computing
ECO402 - Microeconomics
ECO403 - Macroeconomics
ENG101 - English Comprehension
ENG201 - Business and Technical English Writing
ETH201 - Ethics (for Non-Muslims)
FIN611 - Advanced Financial Accounting
FIN623 - Taxation Management
ISL201 - Islamic Studies
MCM301 - Communication skills
MGT101 - Financial Accounting
MGT211 - Introduction To Business
MGT401 - Financial Accounting II
MGT402 - Cost & Management Accounting
MGT411 - Money & Banking
MGT503 - Principles of Management
MGT611 - Business & Labor Law
MTH302 - Business Mathematics & Statistics
PAK301 - Pakistan Studies
STA301 - Statistics and Probability
B.Sc (Computer Science)
CS101 - Introduction to Computing
CS201 - Introduction to Programming
CS301 - Data Structures
CS302 - Digital Logic Design
CS304 - Object Oriented Programming
CS401 - Computer Architecture and Assembly Language Programming
CS403 - Database Management Systems
CS504 - Software Engineering - I
CS601 - Data Communication
CS610 - Computer Network)
ECO401 - Economics
ENG101 - English Comprehension
ENG201 - Business and Technical English Writing
ETH201 - Ethics (for Non-Muslims)
ISL201 - Islamic Studies
MGT101 - Financial Accounting
MGT301 - Principles of Marketing
MTH101 - Calculus And Analytical Geometry
MTH202 - Discrete Mathematics
MTH301 - Calculus II
MTH401 - Differential Equations
MTH501 - Linear Algebra
PAK301 - Pakistan Studies
PHY101 - Physics
PHY301 - Circuit Theory
STA301 - Statistics and Probability
BS Other subjects Assignments Discussion
MBA, MCS, MIT Assignment Discussion
MBA Compulsory/Required All Subjects
ACC501 - Business Finance
CS001 - VU-Computer Proficiency License
CS101 - Introduction to Computing
CS507 - Information Systems
ECO401 - Economics
ENG301 - Business Communication
MCM301 - Communication skills
MGT101 - Financial Accounting
MGT201 - Financial Management
MGT211 - Introduction To Business
MGT301 - Principles of Marketing
MGT401 - Financial Accounting II
MGT402 - Cost & Management Accounting
MGT411 - Money & Banking
MGT501 - Human Resource Management
MGT502 - Organizational Behaviour
MGT503 - Principles of Management
MGT510 - Total Quality Management (alt. code=MGMT510)
MGT601 - SME Management
MGT602 - Entrepreneurship
MGT603 - Strategic Management
MGT610 - Business Ethics
MGT613 - Production / Operations Management
MKT501 - Marketing Management
MTH001 - Elementary Mathematics
MTH302 - Business Mathematics & Statistics
STA301 - Statistics and Probability
STA630 - Research Methods
IT430 - E-Commerce
MBA All Specializations
Marketing Specialization
MKT610 - Customer Relationship Management
MKT621 - Advertising & Promotion
MKT624 - Brand Management
MKT630 - International Marketing
Finance Specialization
FIN621 - Financial Statement Analysis
FIN622 - Corporate Finance
FIN623 - Taxation Management
FIN630 - Investment Analysis & Portfolio Management
HRM Specialization
MGMT611 - Human Relations (alt. code=HRM611)
HRM624 - Conflict Management
HRM627 - Human Resource Development
MGMT628 - Organizational Development (alt. code=HRM628)
Information Technology Specialization
CS201 - Introduction to Programming
CS403 - Database Management Systems
CS610 - Computer Network
CS615 - Software Project Management
Management Specialization
MGMT623 - Leadership & Team Management (alt. code=HRM623)
MGMT625 - Change Management (alt. code=HRM625 )
MGMT629 - Crisis Management
MGMT630 - Knowledge Management
Banking Specialization
BNK601 - Banking Laws & Practices
BNK603 - Consumer Banking
MGT604 - Management of Financial Institutions (alt. code=BNK604)
FIN625 - Credit & Risk Management
MCS all Semesters Assignments Discussion
CS201 - Introduction to Programming
CS301 - Data Structures
CS302 - Digital Logic Design
CS304 - Object Oriented Programming
CS401 - Computer Architecture and Assembly Language Programming
CS402 - Theory of Automata
CS403 - Database Management Systems
CS501 - Advance Computer Architecture
CS502 - Fundamentals of Algorithms
CS504 - Software Engineering - I
CS506 - Web Design and Development
CS601 - Data Communication
CS604 - Operating Systems
CS605 - Software EngineeringII
CS607 - Artificial Intelligence
CS609 - System Programming
CS610 - Computer Network
CS614 - Data Warehousing
ENG201 - Business and Technical English Writing
MTH202 - Discrete Mathematics
MTH603 - Numerical Analysis
STA301 - Statistics and Probability
MIT All Semesters Subjects Assignments Discussion
CS201 - Introduction to Programming
CS301 - Data Structures
CS304 - Object Oriented Programming
CS401 - Computer Architecture and Assembly Language Programming
CS403 - Database Management Systems
CS408 - Human Computer Interaction
CS410 - Visual Programming
CS502 - Fundamentals of Algorithms
CS504 - Software Engineering - I
CS506 - Web Design and Development
CS601 - Data Communication
CS604 - Operating Systems
CS610 - Computer Network
CS614 - Data Warehousing
CS615 - Software Project Management
ENG201 - Business and Technical English Writing
MGT101 - Financial Accounting
MGT301 - Principles of Marketing
MGT501 - Human Resource Management
MGT502 - Organizational Behaviour
MGT503 - Principles of Management
MGT602 - Entrepreneurship
Proposals, Projects,Internship Reports and Past Papers
Sample Projects & Proposals
General Discussion About proposals & Project
InternShip Repots
Sample Internship Reports
Past & Current Papers
MID TERM Current Papers {May.-2011 Spring}
FINAL TERM Past Papers and pattern {Feb.-2011 Fall}
MID TERM Past Papers and pattern {Dec.-2010 Fall}
FINAL TERM Past Papers and pattern {Aug-2010 Spring}
MID TERM Past Papers and pattern {May-2010 Spring}
FINAL TERM Past Papers and pattern {Feb.-2010 Fall}
MID TERM Past Papers and pattern {Dec.-2009 Fall}
FINAL TERM Past Papers and pattern {JULY-2009 Spring}
MID TERM Past Papers and pattern {April-2009 Spring}
FINAL TERM Past Papers and pattern {Feb-2009 Fall}
MID TERM Past Papers and pattern {Dec.-2008 Fall}
Past Papers and Pattern {2004 to 2007}