Text INTERNAL Project Presentation (Processes Followed) Infinity DTH Services-Module 1 HYD12/HJA54-Group-1 gokul(842007) Aakanksha(835620) Preetham(843274)

Slides:

Advertisements

Similar presentations

Ch-11 Project Execution and Termination. System Testing This involves two different phases with two different outputs First phase is system test planning.

Advertisements

Requirements Specification and Management

Hands-on SQL Injection Attack and Defense HI-TEC July 21, 2013.

Submitted by- Mr. Avinash Sadaphule 20 November 2009 Management Trainee, MKCL.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

1 CS 425 Software Engineering Project Preparation Use Case Modeling [Based on Chapters 3 & 4, Arlow and Neustadt, “UML and the Unified Process,” Addison-Wesley,

“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.

 QUALITY ASSURANCE:  QA is defined as a procedure or set of procedures intended to ensure that a product or service under development (before work is.

BUILDING A SECURE STANDARD LIBRARY Information Assurance Project I MN Tajuddin hj. Tappe Supervisor Mdm. Rasimah Che Mohd Yusoff ASP.NET TECHNOLOGY.

Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.

Project Execution & Termination Life Cycle Execution Presented by: Basker George.

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

OWASP Mobile Top 10 Why They Matter and What We Can Do

Smart Test ServicesSoftware Test Methodology - An Introduction1 Software Test Methodology – An Introduction By: Girish Krishna K STS.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Commercial Database Applications Testing. Test Plan Testing Strategy Testing Planning Testing Design (covered in other modules) Unit Testing (covered.

1 Software Testing (Part-II) Lecture Software Testing Software Testing is the process of finding the bugs in a software. It helps in Verifying and.

Software Testing Life Cycle

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Internet of Things Top Ten. Agenda -Introduction -Misconception -Considerations -The OWASP Internet of Things Top 10 Project -The Top 10 Walkthrough.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

October 3, 2008IMI Security Symposium Application Security through a Hacker’s Eyes James Walden Northern Kentucky University

SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA Marking Scheme for Semantic- aware Web Application Security HPC.

Lesson 6 Homework Review Practical Application of Knowledge PSC POS Exercise Vocabulary - Terminology.

HR for XML WebService -- Week 2 System Design Phase Smartest Fish.

October 2004J. B. Wordsworth J4ISDPAD1 Information Systems Development Processes and documents.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

TCOM Information Assurance Management Software Hacking.

MANUAL TESTING KS SESSION PRESENTED BY 26/11/015 VISHAL KUMAR.

COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.

Search Engine using Web Mining COMS E Web Enhanced Information Mgmt Prof. Gail Kaiser Presented By: Rupal Shah (UNI: rrs2146)

Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.

Branch and Bound Algorithm: Scheduling Problem Input of the problem:  A number of tasks  A number of resources ABC Output of the problem:  A.

Scheduler CSE 403 Project SDS Presentation. What is our project? We are building a web application to manage user’s time online User comes to our webpage.

ASP.NET 2.0 Security Alex Mackman CM Group Ltd

CODERS ADJUNCTION POINT Presented by, Rumana Ahmed Deeba Tazeen CSE final year.

Do not try any of the techniques discussed in this presentation on a system you do not own. It is illegal and you will get caught.

SECURE DEVELOPMENT. SEI CERT TOP 10 SECURE CODING PRACTICES Validate input Use strict compiler settings and resolve warnings Architect and design for.

1 Infinity DTH Services AJA21/AHD05-P1-A TCS INTERNAL Pathfinders: User Management Module Garima Khare Kartik Khurana Saloni Shah

How to Develop Secure Software using Agile Methods? Dr. Imran Ghani

CSCE 548 Student Presentation By Manasa Suthram

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

A Comprehensive Security Assessment of the Westminster College Unix Lab Jacob Shodd.

TESTING TOOLS MANUAL APPROACH BY J.ADI SESHU.

Secure Software Confidentiality Integrity Data Security Authentication

E-commerce Application Security

Marking Scheme for Semantic-aware Web Application Security

Entry-Task-Validation-Exit (ETVX)

HTML Level II (CyberAdvantage)

OWASP Secure Coding Practices Quick Reference Guide

Unit Test: Functions, Procedures, Classes, and Methods as Units

CSE 403 Project SDS Presentation

Engineering Processes

Lecture 09:Software Testing

امنیت نرم‌افزارهای وب تقديم به پيشگاه مقدس امام عصر (عج) عباس نادری

Static Testing Static testing refers to testing that takes place without Execution - examining and reviewing it. Dynamic Testing Dynamic testing is what.

Online Grades Calculation and Reporting Application

Brute force attacks, DDOS, Botnet, Exploit, SQL injection

Operating System Security

Test Case Test case Describes an input Description and an expected output Description. Test case ID Section 1: Before execution Section 2: After execution.

ETVX Process Notation.

Requirements Engineering

Presentation transcript:

Text INTERNAL Project Presentation (Processes Followed) Infinity DTH Services-Module 1 HYD12/HJA54-Group-1 gokul(842007) Aakanksha(835620) Preetham(843274) Arshiya(834442) Shiv(854695)

INTERNAL Phases of the Project Analysis and Design Development/Construction Testing/Defect Fixing

INTERNAL ETVX MODEL Entry CriteriaTasksVerification & validationExit Criteria

Text Analysis & Design

INTERNAL ETVX for Analysis & Design Entry Criteria: – case study of Infinity DTH services was provided. Tasks: - Based on the case study different activities such as identifying actors and their roles were done.Noun and Verb pairs were found to identify relationships. - SRS Document, Use case, sequence and class Diagrams were prepared. Test cases were prepared. Verification/Validation: - The review of SRS document was done in this phase. Exit Criteria: - The uses cases and DMD,SRS Document are prepared which are inputs for the Development phase. Work Items/Deliverables: - SRS, Use case diagram, sequence diagrams, Class Diagram,test cases

Text Development/Construction

INTERNAL ETVX for Development/Construction Entry Criteria: - SRS Document with LLD and HLD of “Infinity Dth” Module 1. Tasks: - Coding of Individual Sub modules is done in this phase. Verification/Validation: - Sub modules are integrated by “Bottom Up Integration” Approach and integration test is done in this phase. - After integration “Black Box Testing” is done on total Module 1. Exit Criteria: - Reviewed code Work Items/Deliverables: - Reviewed code

Text Testing/Defect Fixing

INTERNAL ETVX for Testing/Defect Fixing Entry Criteria: - The Infinity DTH service code is implemented in J2EE. - It consist of mainly two technology struts2 and hibernate. Tasks: - We tested the whole web application from Security point of view as well as SRS point of view. - We tested the Web Application with the help of “Kali Linux”. - The main aim behind this activity was to secure the transmitted information and to secure the code from the various attacker’s point of view. Verification/Validation: -OWASP top 10 Vulnerability. (XSS, Session Hijacking, DOS) -Best practices for keeping password and personal sensitive information.(ISO 27001) -Encrypted Traffic instead of plain text information. -Server Misconfiguration, and revealing server Information. -Customized Error Pages. -Brute Force Attack. -File Inclusion.

INTERNAL ETVX for Testing/Defect Fixing (Contd..) Exit Criteria: -The web application was completely secure from OWASP top 10 vulnerability. - Web application compliance with ISO 27001, PCIDSS. Work Items/Deliverables: - Defect Log -Test Cases -Secure Code.

Text Thank You