Assignment description

Develop a web-based project to maintain security groups and their members in order to apply system security policy. The system user could sign in as an employee, or system administrator.

Phase 1 (GUI)  [30 marks]

 

At phase 1, develop the client-side interface in such a way that could access the system via web browser while the system administrators should access the system via a java application.  [5 marks]

Ensure that the following tasks are properly provided: [25 marks]

 

For employee users

1. After a successful login process the employee should be able to view all his access rights from different groups. The members, groups and associated security rules are, previously saved as JSON file(s) in the server, should be retrieved and displayed.

For system administrators:

1. After a successful login process, system administrator should be able to view all available security groups.
2. System administrator should be able to add, delete or modify groups and their members and access rights.
3. System administrator should be able to search for security rules by resources, access rules, groups, and members.

Hint:Provide the necessary attributes and GUI interfaces and use the necessary communicating protocol.

Phase 2 (Server-side service) [60 marks]

 

At phase 2, develop web-side services using the JAVA programming languages. For each task required in phase one, you should provide a website service using JAVA and provide the required security for your services to grant access only to authorized users.[each 10 marks]

 

Here are some details regarding the functionality of some services:

• View all groups and their members: this service should retrieve groups and their members along with stored rules on the server-side that exists in a file (JSON format).
• Add a group/member: this service should add a group/member to a file; stored as JSON. If the group/member with the same specifications has been previously added, an error message should be displayed and the new group/member should not be stored.
• Delete a group/member: this service should update the various associated file(s).
• Modify a group data: this service should update the corresponding files with the new information received from client side which could be the members of the group or group access rights.
• Search for security rules: this service should enable the system administrator to search for search for security rules by resources, access rules, groups, and members..
• View all security rules: this service should retrieve stored rules on the server-side that exists in a file (JSON format).

 

Hint:Use the appropriate presentation format to save and read the necessary attributes to and from file.

Phase 3 (Using Cloud services) [10 marks]

 

The system is to be deployed over the Cloud for saving organization the cost of servers and other equipment and make use of remote resources. Answer the following with justification

1. Which cloud deployment model should be used
2. Which cloud services should be used

 

Instructions:

 

1. Submit two files
   1. one zip file containing all the project’s folders, assuming that you are using NetBeans to develop your TMA, then you are required to send the whole project folder as a single zip file.

Use the following format to name your zip file:

TM352-TMA-Fall-22_23-Branch-StudentName-ID

 

1. Put in a word file
   1. codes of client side, the operations of the web services as well as screenshots after running each service.
   2. needed xml files.
   3. answers of phase 3.

Use the following format to name your word file:

TM352-TMA- Fall-22_23-Branch-StudentName-ID.docx