ECpE Student DatabaseTeam 21
Adviser: Tien Nguyen ECpE and Tony Moore
Problem Statement
Faculty and staff in ECpE department need a better way to recommend students for opportunities Problem stems from a lack of data
Resolve with a new database of student info and opportunity infoAlso includes a web-based front end for ease of use for data entry/retrieval
Conceptual Sketch
Conecpt breakdown:
Model - communication module, data interaction
View - display module Controller - page abstraction module, permission enforcement
Functional Requirements1. Will be maintained by the Engineering Computer Support
Group after completion.2. All users of the product will have a valid Iowa State NetID.3. All users of the product shall be associated with the ECpE
Department.4. The product shall allow advisers to query all available
student information.5. The product shall run on a Engineering Computer Support
Group managed server.6. The product shall provide a user friendly method for data
entry and retrieval.7. The product shall allow multiple users to be on at the
same time.
Non-functional Requirements1. The cost of this product shall not exceed $500.2. The product shall prevent a student from viewing another
student’s information. 3. The database shall not exceed the storage size of the
provided server. 4. The product shall be accessible through ISU servers on
the web. 5. Users must Authenticate with ISU before logging in to the
server. 6. The product shall not block user activity during network
actions. 7. The product shall work on IE, as well as the other major
browsers.
Other considerations
Cost is a factorFree frameworks
Must work with existing technologies used at ISU
Pubcookie compatibilityApache
M-V-C pattern
Need a separation between web front end, data back end, and controlling logicPortal Web Framework
Market Survey:
Why is this system worth building?
Why is the proposed system the best answer.CostEase of use
Will Students use the system?
Risk Management
Risks:User changes his/her netID
Login security
Falsified user information
Bad user entries/code injection
Keeping internal data hidden (qualifications for scholarships, recipients, etc)
Mitigation:User number to netID mapping
Pubcookie
Visual verification of documents, trusted source authentication
Rudimentary entry/error checking, clean input
AJAX specifications, pubcookie
Resources and Costs:
Primarily a Software Project.
Hardware provided by CSG. -Price? -Dedicated Server Rental: $79-$399 monthly
Ten-Day list already purchased by ECpE Department.
Project MilestonesGet access to server.
Pubcookie Authentication.
Display appropriate Homepage for user.
Manually enter Opportunities and Data.
Upload Ten-Day list.
Query for Opportunities.
Final Load and Performance test.
Schedule
Functional DecompositionCommunication Module - Abstraction from internet communications
Permissions Enforcement Module - Base level enforcement to ensure an Authenticated user has access to the site
View Generation Module - Separates HTML code from PHP page logic
Page Abstraction Module - Contains page logic for all visible pages
Data Interaction Module - Provides interface to the Database
Detailed Design
Technology PlatformNetID authentication requires Pubcookie
Apache Web Server
PHP 5.2 or greater
PDO and JSON Support
MySQL Database
Smarty Template Engine no installation required
No Required Hardware
could run on a virtual machine
Test PlanDatabase
Load testingNetwork stress testingSecurity testing
Browser
Support for multiple browsersFunctionality testing across browsersVisual testing across browser
Permission Enforcement
Unknown userFunctionality access control
Current Project StatusDatabase
CSG Managed Virtual Machine Security
Research about optimal techniquesPubcookie
DocumentationPlan DocumentDesign Document
ApprovalCSG security and maintainabilityClient acceptance
Plan For Next SemesterDatabase
Finish implementationTest security and network capabilities
Web InterfaceMultiple browser supportStudent componentsAdministrator components
SecurityPermissions EnforcementData security
ApprovalClient and Student acceptanceReceive student feedback
Team Member ResponsibilitiesSteven Murray:
Student Pages Design and ImplementationDatabase Testing
Nathan Staley
Framework DesignPermission Enforcement
Justin Sliekers:
Database Administrator Documentation
Michael Walsh:
Administrator Pages Design and ImplementationSecurity Testing
Questions
?