Essay Help Services

INTE1070 | Secure Electronic Commerce | IT

Home Recent Questions INTE1070 | Secure Electronic Commerce | IT

1. Overview

Electronic Commerce has become a part of today's Internet-based economy. In line with that, Secure Electronic Commerce embodies a concept for doing reliable business online.  It includes shopping and marketing products or goods through secure business-to-business transactions or events.  This course is an introduction to secure e-commerce, from the principles and concepts to practical examples. The objective of this assignment is for you to gain first-hand experience on how the security theories introduced in lectures are applied in the digital world. 

Assume that you work in a team assigned to develop an online e-commerce (shopping) system using HTML, JavaScript, and PHP programming languages. You are free to choose any product for sale. There are several parts of the application, including the following functions with proper security guarantees (detailed in section 4.1 below):

1. Registration (Signing up) interface of the website, and keep the username and hashed password in the database; 

2. Login to the website using the credentials used for registration;

3. Shopping cart page accessible after successful login with update feature;

4. Post shopping cart information and credit card numbers to database servers after encryption (with RSA and DES).


Note: You must not just “throw in the concepts” to your programs just because they need to be there; it should be clear from the code why a certain concept should be there and you must further explain these through your comments. You will also need to debug your code on your own and document any issues, etc. You are given marks on your ability to fulfill all requirements of this document.

There are implementation requirements (9 marks) and documentation requirements (1 mark) for a total of 10 marks.

Develop this assignment in an iterative fashion (as opposed to completing it in one sitting). You can get started as soon as the concepts are introduced in lessons.

If there are questions, you must ask via the relevant Canvas discussion forums in a general manner (replicate your problem in a different context in isolation before posting).


2. Assessment Criteria

This assessment will determine your ability to:

1. Understand the concepts and techniques addressed in the lectures, tutorials and practical. 

2. Implement the relevant encryption algorithms with HTML, JavaScript and PHP programming languages. 

3. Write and debug the program independently. 

4. Demonstrate the prototype properly.

5. Document the prototype.

6. Ability to provide references if necessary. 

7. Meeting deadlines.

8. Seeking clarification from your “supervisor” (instructor) when needed via discussion forums.

9. Create a program by recalling concepts taught in class, understanding and applying concepts relevant to solution, analysing components of the problem, evaluating different approaches.


3. Learning Outcomes

This assessment is relevant to the following Learning Outcomes:

1. Explain the range of threats to e-commerce security.

2. Explain how cryptography can be, and is, used to achieve security. 

3. Describe the different standards in use for secure electronic commerce, such as certificates, MACs, etc. 

4. Describe and analyse standard security mechanisms, such as filters, proxies and firewalls. 


4. Assessment details

Note: Please ensure that you have read sections 1-3 of this document before going further.

Your prototype must meet the following implementation requirements (section 4.1) and documentation requirement (section 4.2); also refer to corresponding rows in the rubric (section 9).

4.1) Develop an online e-commerce (shopping) system using HTML, JavaScript and PHP. 

• Registration function (1 point)

• Login function (1 point)

• Shopping cart function (2 points)

• The function of posting shopping cart information and credit card number to Server (5 points)

Deploy your system under the directory titan.csit.rmit.edu.au/~sXXXXXXX/assignment/ with the correct permission, with the main folder “assignment” and  three subfolders “server”, “client” and “database” (more detail please see section 6). 

C1. For the registration function, 

• Do not allow register if entered password is less than 6 characters (+0.25 points);

• Enter plain password is hashed before register (+0.25 point);

• Save username in the database and hashed password in the database (+0.5).

C2. For the login function, 

• Verify if the entered username and hashed password is existed in the database (+0.5 point);

• Successful login with correct username and password should access shopping cart page (+0.5 points).

C3. For the shopping cart function, 

• Only successful login user can access to the shopping cart (+1 point);

• and the quantity of each item in the shopping cart can be updated (1 point);

• Contents of the shopping cart is stored separated based on current login user. (0.5 point)

C4. For the function of posting shopping cart information and credit card number to Server,

• If you post plain information and display plain information (1 point);

• If your post encrypted information and display plain information – RSA only (overall 2.5 points):

o Shopping cart information and credit card number are encrypted with RSA encryption algorithm (1 point),

o and the server decrypts the information with RSA decryption algorithm and stores it in the database (1.5 points);

• If you post encrypted information and display plain information - RSA and DES (overall 5 points):

o A successful login user posts an encrypted DES key (chosen by the user) to the server with RSA encryption algorithm (2 points),

o and the server retrieves the DES key with RSA decryption algorithm and keeps the DES key for this user (1 point),

o and the  user  will  encrypt  the  shopping  cart  and  credit  card  number  with DES encryption algorithm and DES key (shared between the user and the  server)  before  POSTing  to  the  sever,  and  the  server  decrypts  the encrypted shopping cart and credit card number with DES decryption algorithm  and  the  shared  DES  key  and  stores  it  in  the  database  (2 points).

In places where this specification may not tell you how exactly you should implement a certain feature, the programmer (you) need to use your judgment to choose and apply the most appropriate concepts from class materials. Follow answers given by your “supervisor” (you instructor) under Canvas→Discussions→’Assignment’ when in doubt.

4.2) Documentation requirement (1 point)

D1. Write a report to describe what you have done and what you have observed with screenshots whenever necessary.

Recommended report format: 

• Title, student name and id.

• Report is recommended to have a scenario of e-commerce with screen-shots containing the explanation.

Similar Posts

Order Now

Latest Reviews

Facebook

Payments And Security