ECpE Student DatabaseTeam 21

Adviser: Tien Nguyen ECpE and Tony Moore

Problem Statement

Faculty and staff in ECpE department need a better way to recommend students for opportunities Problem stems from a lack of data

Resolve with a new database of student info and opportunity infoAlso includes a web-based front end for ease of use for data entry/retrieval

Conceptual Sketch

Conecpt breakdown:

Model - communication module, data interaction

View - display module Controller - page abstraction module, permission enforcement

Functional Requirements1. Will be maintained by the Engineering Computer Support

Group after completion.2. All users of the product will have a valid Iowa State NetID.3. All users of the product shall be associated with the ECpE

Department.4. The product shall allow advisers to query all available

student information.5. The product shall run on a Engineering Computer Support

Group managed server.6. The product shall provide a user friendly method for data

entry and retrieval.7. The product shall allow multiple users to be on at the

same time.

Non-functional Requirements1. The cost of this product shall not exceed $500.2. The product shall prevent a student from viewing another

student’s information. 3. The database shall not exceed the storage size of the

provided server. 4. The product shall be accessible through ISU servers on

the web. 5. Users must Authenticate with ISU before logging in to the

server. 6. The product shall not block user activity during network

actions. 7. The product shall work on IE, as well as the other major

browsers.

Other considerations

Cost is a factorFree frameworks

Must work with existing technologies used at ISU

Pubcookie compatibilityApache

M-V-C pattern

Need a separation between web front end, data back end, and controlling logicPortal Web Framework

Market Survey:

Why is this system worth building?

Why is the proposed system the best answer.CostEase of use

Will Students use the system?

Risk Management

Risks:User changes his/her netID

Login security

Falsified user information

Bad user entries/code injection

Keeping internal data hidden (qualifications for scholarships, recipients, etc)

Mitigation:User number to netID mapping

Pubcookie

Visual verification of documents, trusted source authentication

Rudimentary entry/error checking, clean input

AJAX specifications, pubcookie

Resources and Costs:

Primarily a Software Project.

Hardware provided by CSG. -Price? -Dedicated Server Rental: $79-$399 monthly

Ten-Day list already purchased by ECpE Department.

Project MilestonesGet access to server.

Pubcookie Authentication.

Display appropriate Homepage for user.

Manually enter Opportunities and Data.

Upload Ten-Day list.

Query for Opportunities.

Final Load and Performance test.

Schedule

Functional DecompositionCommunication Module - Abstraction from internet communications

Permissions Enforcement Module - Base level enforcement to ensure an Authenticated user has access to the site

View Generation Module - Separates HTML code from PHP page logic

Page Abstraction Module - Contains page logic for all visible pages

Data Interaction Module - Provides interface to the Database

Detailed Design

Technology PlatformNetID authentication requires Pubcookie

Apache Web Server

PHP 5.2 or greater

PDO and JSON Support

MySQL Database

Smarty Template Engine no installation required

No Required Hardware

could run on a virtual machine

Test PlanDatabase

Load testingNetwork stress testingSecurity testing

Browser

Support for multiple browsersFunctionality testing across browsersVisual testing across browser

Permission Enforcement

Unknown userFunctionality access control

Current Project StatusDatabase

CSG Managed Virtual Machine Security

Research about optimal techniquesPubcookie

DocumentationPlan DocumentDesign Document

ApprovalCSG security and maintainabilityClient acceptance

Plan For Next SemesterDatabase

Finish implementationTest security and network capabilities

Web InterfaceMultiple browser supportStudent componentsAdministrator components

SecurityPermissions EnforcementData security

ApprovalClient and Student acceptanceReceive student feedback

Team Member ResponsibilitiesSteven Murray:

Student Pages Design and ImplementationDatabase Testing

Nathan Staley

Framework DesignPermission Enforcement

Justin Sliekers:

Database Administrator Documentation

Michael Walsh:

Administrator Pages Design and ImplementationSecurity Testing

Questions

?