Assignment Information
Module Name: Security
Module Code: 6005CEM
Assignment Title: CW2
Assignment Due: 18:00 UK Time
Assignment Credit: 10
Word Count (or equivalent): 1500 Words
Assignment Type:
Percentage Grade (Applied Core Assessment). You will be provided with an overall grade between 0% and 100%. You have one opportunity to pass the assignment at or above 40%.
Assignment Task
The CW2 component consists of practical work on the development of a secure IT system.
In this coursework you are required produce a report on the design and development a secure web application. Details of the design criteria can be found in the attached specification document.
The report should provide details of the design of the system, discussing and justifying any security related decisions. While you are not expected to provide a complete system, you should provide code examples demonstrating the implementation of secure components.
The report should contain:
Part 1: Security analysis.
In this section you should give an overview of the high level design for the site. You should discuss and evaluate the security considerations for your design.
- An overview of potential security issues that could effect each element of the design requirements
- Discussion of different Authentication and Authorisation strategies for the site.
- Discussion and recommendations of design decisions that deal with potential security / data protection elements.
For example: When discussing User based functionality you may want to discuss:
- Session Management Strategies, how the site keeps track of user state and its impact.
- Password management, and storage
- Details of different user access levels, and requirements.
You are expected to use the literature to support the design decisions, justifying your design choices against current best practice.
Part 2: Design and Implementation
For this section you are expected to provide the design and implementation details of the components identified in part one of the report. This should include the specifics of how you address the issues identified, including justification and supporting your design with the literature.
You should supply the design of the individual components, to support the high level design in part 1 this may include diagrams showing information flow, and / or code examples.
Submission Instructions:
Submit the coursework by the due date using the link on Aula.
Your assignment should be submitted as a single document (i.e. Word, PDF or Markdown).
If you make use of additional materials (such as Github, or supporting videos) you should include a clear link to the supporting material in your report.
Important: In the case of Github repositories, they should be set to private, with the relevant teaching staff added as collaborators. Having a publicly available repository could lead to an academic misconduct case being raised against you, as people have been known to steal work from other students repos.
Marking and Feedback
How will my assignment be marked?
Your assignment will be marked by the module team
How will I receive my grades and feedback?
Provisional marks will be released once internally moderated.
Feedback will be provided by the module team alongside grades release
You can access your feedback via Turnitin on Aula.
What will I be marked against?
Details of the marking criteria for this task can be found at the bottom of this assignment brief.
Assessed Module Learning Outcomes
The Learning Outcomes for this module align to the marking criteria which can be found at the end of this brief. Ensure you understand the marking criteria to ensure successful achievement of the assessment task. The following module learning outcomes are assessed in this task:
1) Critically evaluate a range of encryption and authentication methods for a given set of requirements.
2) Utilise systematic knowledge to create secure environments at the host or network level.
3) Develop and evaluate software that addresses the most common and most severe security concerns.
Assignment Support and Academic Integrity
If you have any questions about this assignment please see the Student Guidance on Coursework for more information.
Spelling, Punctuation, and Grammar:
You are expected to use effective, accurate, and appropriate language within this assessment task.
Academic Integrity:
The work you submit must be your own, or in the case of groupwork, that of your group. All sources of information need to be acknowledged and attributed; therefore, you must provide references for all sources of information and acknowledge any tools used in the production of your work, including Artificial Intelligence (AI). We use detection software and make routine checks for evidence of academic misconduct.
Definitions of academic misconduct, including plagiarism, self-plagiarism, and collusion can be found on the Student Portal. All cases of suspected academic misconduct are referred for investigation, the outcomes of which can have profound consequences to your studies. For more information on academic integrity please visit the Academic and Research Integrity section of the Student Portal.
Support for Students with Disabilities or Additional Needs:
If you have a disability, long-term health condition, specific learning difference, mental health diagnosis or symptoms and have discussed your support needs with health and wellbeing you may be able to access support that will help with your studies.
If you feel you may benefit from additional support, but have not disclosed a disability to the University, or have disclosed but are yet to discuss your support needs it is important to let us know so we can provide the right support for your circumstances. Visit the Student Portal to find out more.
Unable to Submit on Time?
The University wants you to do your best. However, we know that sometimes events happen which mean that you cannot submit your assessment by the deadline or sit a scheduled exam. If you think this might be the case, guidance on understanding what counts as an extenuating circumstance, and how to apply is available on the Student Portal.
Administration of Assessment
Module Leader Name: David Croft
Module Leader Email: ac0745@coventry.ac.uk
Assignment Category: Written
Attempt Type: Standard
Component Code: Cw2
Assessment Marking Criteria
Part One: Overall Design
Aligns to MLO 1,2,4
Weighting: 40% |
Part Two: Implementation
Aligns to MLO 1,2,4
Weighting: 50% |
Report Structure.
Doesn’t align to MLO’s but its important.
Weighting: 10% |
||
80 to 100% | As 70+ with exceptional analysis, and justification of audit methods chosen | As 70+ with exceptional analysis and discussion of issues found. | As 70+ with exceptional presentation and analysis, good use of references to support arguments. | |
70 to 79% | Clear high level design document.
Relevant security issues with brief are identified, along with discussion of impact. Design decisions are well justified, with support from the literature and strong discussion of wider context |
Clear implementation section. Implementation details for all issues identified are given.
Technical justification for design is given, and supported by the literature.
Where appropriate well commented code examples showing details of implementation are given. |
Clear report structure, headings match the marking criteria.
Introduction / Conclusions provide context to the report, giving relevant background to topic, and providing a clear summary of results. Good use of references to support arguments made. |
|
60 to 69% | Clear high level design document.
Relevant security issues with brief are identified. With some discussion of impact. Design decision are have some justification, support from the literature and discussion of wider context |
Very good section. Implementation details for most issues identified are given.
Technical justification for design is given, and supported by the literature.
Where appropriate well commented code examples showing details of implementation are given. |
Clear report structure and presentation.
Appropriate introduction and conclusions, summarising reports contents, wider context of the report discussed. Good analysis of reports contents, with use of references to support arguments. |
|
50 to 59% | Good high level design document.
Most relevant security issues with brief are identified. But some features, elements are missing. There is some justification for the design decisions, ether from literature, or wider security context. |
Good section. Implementation details for most issues identified are given.
Technical justification for design is given.
Some code examples are given. |
Clear report structure and presentation.
Appropriate introduction and conclusions, summarising reports contents. Limited use of references to support arguments. |
|
40 to 49% | Good high level design document.
Some security issues are identified, but there is limited analysis of the impact. Limited justification for the design. |
Implementation details for a limited set of issues are given.
Limited or no technical justification or code examples. |
More than one of:
Poor report structure and presentation Introduction / conclusions limited to re-iterating coursework brief with no context added. Limited use of references to support arguments made |
|
Fail
30, 35% |
Limited or No attempt at this section | Limited or No attempt at this section | Poor report structure and presentation,
Introduction and conclusions limited to re-iterating the coursework brief Limited use of references to support arguments |
|
Fail 0 to 29% |
Limited or No attempt at this section | Limited or No attempt at this section | Poor report structure and presentation, literature not used to support arguments made. |