Post on 04-Jan-2016
transcript
Company Management System(CMS)
Company Management System(CMS)
CustomerLT Igawa, USN25 Company Officer410-293-7525igawa@usna.edu
Technical Advisor
Lori DeloozeAssistant Professor410-293-6820delooze@usna.edu
Overview
1.Team Composition
2.Topical Area/ IT-CS Domains
3.Description
4.Justification
5.Required Resources
6.Subsystems
7.Functional Requirements/Test Cases
8.Risk Analysis
9.Planning
Team PythonTeam CompositionTeam PythonTeam Composition
1/C Hatley1/C Harrison1/C LawsTeam Leader
1/C Rabe
Topical Area
• Database
• Web Programming
• Object Oriented Design
• Scripting
• Information Security
• Human-User Interaction and Design
Topical Area
Harrison Hatley Laws Rabe
NSA Internship (focusing on Internet security and Network administration)SANS FIRE COURSE 408 (Computer Forensics),SANS FIRE COURSE SEC-577 (Virtualization Security Fundamentals)IT486A Wireless NetworkingIT350 Web and Internet ProgrammingIC322 Computer NetworkingIT360 Applied Database systemsIT430 IA and Network SecurityIT432 Advanced Network SecurityIC470 Software Engineering
IT350: Web & Internet ProgrammingIC220: Computer ArchitectureIC211: Object Oriented ProgrammingSI340: Theory of ComputingIC322: Computer NetworksIC312: Data StructuresSI475: Intelligent RoboticsSI335: Computer AlgorithmsIT430: IA and Network SecurityIT360: Applied Database SystemsSI413: Programming LanguagesIT432: Advanced IA and Network SecurityIC470: Software EngineeringSI486: Advanced topics in Cyber SecurityIT486: Network Vulnerability AssessmentIT452: Advanced Web and Internet Systems
NSA Internship which was focused on difficult C programming.IT350 Web and Internet ProgrammingIC322 Computer NetworkingIT360 Applied Database systemsIT430 IA and Network SecurityIT432 Advanced Network SecurityIC470 Software Engineering
NSA Internship which was focused on Network Protocol and C programingIT350 Web and Internet ProgrammingIC322 Computer NetworkingIT362 Advanced Database SystemsIT430 IA and Network SecurityIT432 Advanced Network SecurityIC470 Software Engineering
Description
• This project incorporates more abstracted object oriented programming than traditional web programming entails. Its focus is on the modular capabilities, in order to allow for flexibility and swift maintenance. Utilizing inclusive databases for company management allows for consistency, not seen in today’s record keeping, across the different companies. Additionally, easy to use role-based web interfaces gives the company staff flexibility, granular control, and concise reporting and tracking.
Justification
• Excessive paperwork leads to many man-hours lost on easily automated tasks. The slew of different forms complicates record-keeping, making both vertical and lateral communications difficult if not outright impossible. With this in mind, interested parties are forced to maintain uncoordinated double and triple hard-copies of everything related to MIDN performance, which is not only cumbersome, but environmentally irresponsible.
Required Resources
Web Server
Python Capable
Django Module
MySQL Database
Development Environment
Current Process
• Inspections
• Inspections of rooms and uniforms is tabulated by hand using a form.
Current Process
• Watch
• Watch bills are created by the adjutant, primarily with excel, and email out.
Current Process
• 0800 Reports
• These reports follow a Microsoft Word Template and are filled out by that day’s watch stander (CDO). They are transferred by email.
Subsystems
Subsystem
StructureDatabase
sModeling
Presentation
Primary Laws Hatley Harrison RabeSecondar
yHatley Harrison Rabe Laws
Description
Structuring involves coupling code and
integrating modules, as
well as, writing the
primary scripts and programmi
ng.
Database management and access
roles are vital to the role-based access of
this system.
Modeling is the way
the scripts and
program uses the raw data
by breaking it
into objects.
Vital to the user
interface is the
presentation and
innovation of the data displays,
which is the presentation thereof.
Functional Requirements/Test Cases
Functional Requirement Test Case
LoginAll users must have a role based, unique username/password combination to allow access.
Primary: LawsSecondary: Rabe
1. User uses wrong credentials, returned with error and option to reset.2. User enters correct credentials and is logged in with corresponding access.3. User resets password, temporary is issued via email
Enter InspectionAuthorized users may enter an inspection.
Primary: HarrisonSecondary: Hatley
1. User selects inspection link.2. User enters inspection details, such as name, and selects hits.3. User submits form with missing information and is given feedback.4. User submits with all required fields and is show acknowledgment.
Review InspectionAll users may view inspections, but only authorized users may modify or delete inspections.
Primary: HarrisonSecondary: Rabe
1. User selects review inspection link.2. User selects desired inspection.3. If authorized, may click to delete inspection, confirm deletion and given acknowledgment.4. If authorized, may click to modify inspection, modify, submit, confirm, and receive acknowledgment.
Risk Management PlanPriority Risk Risk Management Technique Status
1
Unauthorized page access due to different
hacking techniques
This will be mitigated through development of the software from the foundation with security at the
forefront of the design.
All code will be written and analyzed with an emphasis on security
Probability
Low
Severity:
High
2
Faulty writing of mySQL queries
Write queries that are syntactically correct and ensure that all queries
are checked for errors
All code will be checked by tests to ensure
correct syntax
Probability
Low
Severity:
High
3
Browser Incompatibilities with
interface code.
Test interface in multiple browsers. Write a catch statement that will
catch and deny acces to unsupported browsers
Appropriate code will be added to
appropriate pages
Probability
Low
Severity:
Low
4Ward Hall updating their
system to something other than LDAP for
authentication
Transfer to ward hall.Appropriate error messages will be
written in to facilitate.
Probability
Low
Severity:
Low
5
User Error when entering data
Accept and write an intuitive interface to mitigate this from
happening
Interface code will be intuitive and ergonomic
Probability
High
Severity:
Low
ScheduleSchedule
Questions?