Transcript Project Final Presentation

ECpE Student Database
Team 21
Adviser: Tien Nguyen
ECpE and Tony Moore
Problem Statement
• Faculty and staff in ECpE department need a better way to
recommend students for opportunities
• Problem stems from a lack of data
• Resolve with a new database of student info and opportunity info
• Also includes a web-based front end for ease of use for data
entry/retrieval
Conceptual Sketch
Conecpt breakdown:
Model - communication
module, data interaction
View - display module
Controller - page
abstraction module,
permission enforcement
Functional Requirements
1. Will be maintained by the Engineering Computer Support
Group after completion.
2. All users of the product will have a valid Iowa State NetID.
3. All users of the product shall be associated with the ECpE
Department.
4. The product shall allow advisers to query all available
student information.
5. The product shall run on a Engineering Computer Support
Group managed server.
6. The product shall provide a user friendly method for data
entry and retrieval.
7. The product shall allow multiple users to be on at the same
time.
Non-functional Requirements
1. The cost of this product shall not exceed $500.
2. The product shall prevent a student from viewing another
student’s information.
3. The database shall not exceed the storage size of the
provided server.
4. The product shall be accessible through ISU servers on
the web.
5. Users must Authenticate with ISU before logging in to the
server.
6. The product shall not block user activity during network
actions.
7. The product shall work on IE, as well as the other major
browsers.
Other considerations
• Cost is a factor
o Free frameworks
• Must work with existing technologies used at ISU
o Pubcookie compatibility
o Apache
• M-V-C pattern
o Need a separation between web front end, data back end,
and controlling logic
o Portal Web Framework
Market Survey:
• Why is this system worth building?
• Why is the proposed system the best answer.
o Cost
o Ease of use
• Will Students use the system?
Risk Management
Risks:
Mitigation:
• User changes his/her netID
• User number to netID mapping
• Login security
• Pubcookie
• Falsified user information
• Visual verification of documents,
trusted source authentication
• Bad user entries/code
injection
• Rudimentary entry/error checking,
clean input
• Keeping internal data hidden
(qualifications for
scholarships, recipients, etc)
• AJAX specifications, pubcookie
Resources and Costs:
Primarily a Software Project.
Hardware provided by CSG.
-Price?
-Dedicated Server Rental: $79-$399 monthly
Ten-Day list already purchased by ECpE Department.
Project Milestones
• Get access to server.
• Pubcookie Authentication.
• Display appropriate Homepage for user.
• Manually enter Opportunities and Data.
• Upload Ten-Day list.
• Query for Opportunities.
• Final Load and Performance test.
Schedule
Functional Decomposition
Communication Module
- Abstraction from internet communications
Permissions Enforcement Module
- Base level enforcement to ensure an Authenticated user has
access to the site
View Generation Module
- Separates HTML code from PHP page logic
Page Abstraction Module
- Contains page logic for all visible pages
Data Interaction Module
- Provides interface to the Database
Detailed Design
Technology Platform
• NetID authentication requires Pubcookie
• Apache Web Server
• PHP 5.2 or greater
o PDO and JSON Support
• MySQL Database
• Smarty Template Engine
o no installation required
• No Required Hardware
o could run on a virtual machine
Test Plan
• Database
o Load testing
o Network stress testing
o Security testing
• Browser
o Support for multiple browsers
o Functionality testing across browsers
o Visual testing across browser
• Permission Enforcement
o Unknown user
o Functionality access control
Current Project Status
• Database
o CSG Managed Virtual Machine
• Security
o Research about optimal techniques
o Pubcookie
• Documentation
o Plan Document
o Design Document
• Approval
o CSG security and maintainability
o Client acceptance
Plan For Next Semester
• Database
o Finish implementation
o Test security and network capabilities
• Web Interface
o Multiple browser support
o Student components
o Administrator components
• Security
o Permissions Enforcement
o Data security
• Approval
o Client and Student acceptance
o Receive student feedback
Team Member Responsibilities
Steven Murray:
• Student Pages Design and Implementation
• Database Testing
Nathan Staley
• Framework Design
• Permission Enforcement
Justin Sliekers:
• Database Administrator
• Documentation
Michael Walsh:
• Administrator Pages Design and Implementation
• Security Testing
Questions