Welcome to Assignments Writing

Your Trusted Partner in Term Paper Writing

At Assignments Writing, we’re a team of passionate educators and skilled writers committed to supporting students in their academic journey.

CS 305 SNHU Secure Software Development Project

CS 305 SNHU Secure Software Development Project

ANSWER

To address the requirements of the project and ensure the security of Artemis Financial’s web application, you need to follow a structured approach. Here’s a step-by-step guide on how to complete each of the tasks outlined in the project description:

  1. Examine Artemis Financial’s Software:
    • Analyze Artemis Financial’s existing software to identify security vulnerabilities.
    • Refactor the Project Two Code Base to address these vulnerabilities.
    • Focus on areas related to data transfer and communication security.
  2. Algorithm Cipher:
    • Recommend an appropriate encryption algorithm cipher based on the identified security vulnerabilities. The choice of algorithm should align with current best practices.
    • Provide a high-level overview of the chosen encryption algorithm cipher.
    • Discuss the hash functions and the number of bits used in the cipher.
    • Explain the use of random numbers, symmetric versus non-symmetric keys, and other relevant cryptographic details.
    • Describe the historical context and the current state of encryption algorithms, including any notable vulnerabilities or weaknesses.
  3. Certificate Generation:
    • Use the Java Keytool in Eclipse to generate self-signed certificates.
    • Ensure that the certificates are correctly generated.
    • Export the certificates to a CER file.
    • Include a screenshot of the CER file in your report to demonstrate the certificate generation.
  4. Deploy Cipher:
    • Refactor the code to implement the cryptographic hash algorithm recommended earlier.
    • Ensure that the checksum verification functionality is working as expected.
    • Submit a screenshot that shows your name and a unique data string along with the checksum verification.
  5. Secure Communications:
    • Modify the application.properties file to enable HTTPS (secure) communication.
    • Compile and run the refactored code.
    • Open a web browser and access the application using the HTTPS protocol (e.g., https://localhost:8443/hash).
    • Capture a screenshot of the secure webpage in your report.
  6. Secondary Testing (OWASP Dependency-Check Maven):
    • Run a secondary static testing of the refactored code using the OWASP Dependency-Check Maven.
    • Focus on the code you have added as part of the refactoring.
    • Capture a screenshot of the refactored code executed without errors.
    • Include a screenshot of the report from the dependency-check static tester to ensure that you have not introduced additional security vulnerabilities.
  7. Functional Testing:
    • Perform manual code review and functional testing to identify syntactical, logical, and security vulnerabilities in the refactored code.
    • Ensure that the refactored code runs without errors.
    • Include a screenshot of the refactored code executed without errors in your report.
  8. Error Handling and Iteration:
    • If you encounter errors or discover new vulnerabilities during testing, iterate on your design and refactored code to address them.
    • Retest until no new vulnerabilities are found.
  9. Summary:
    • Summarize the changes made during the refactoring process and how they align with security testing protocols.
    • Refer to the Vulnerability Assessment Process Flow Diagram to highlight the areas of security that you addressed.
    • Discuss the process of adding security layers to the software application.
  10. Industry Standard Best Practices:
    • Explain how you applied industry-standard best practices for secure coding to enhance the software’s security.
    • Discuss the value of applying these best practices to the overall wellbeing of the company, emphasizing the importance of security in software development.

Remember to organize your findings, recommendations, and screenshots into a comprehensive “Practices for Secure Software Report” that you will submit as part of your project deliverables.

CS 305 SNHU Secure Software Development Project

QUESTION

Description

 

 

Competencies

In this project, you will demonstrate your mastery of the following competencies:

Write secure communications through the application of current encryption technologies and techniques

Design and implement code that complies with software security testing protocols

  • Scenario
  • You work as a developer for a software engineering company, Global Rain, that specializes in custom software design and development. The software is for entrepreneurs, businesses, and government agencies around the world. Part of the company’s mission is that “Security is everyone’s responsibility.” Global Rain has promoted you to their new agile scrum team.

At Global Rain, you work with a client, Artemis Financial, a consulting company that develops individualized financial plans for their customers. The financial plans include savings, retirement, investments, and insurance.

Artemis Financial logo

Artemis Financial wants to modernize their operations. As a crucial part of the success of their custom software, they also want to use the most current and effective software security. Artemis Financial has a public web interface. They are seeking Global Rain’s expertise about how to protect their client data and financial information.

Specifically, Artemis Financial wants to add a file verification step to their web application to ensure secure communications. When the web application is used to transfer data, they will need a data verification step in the form of a checksum. You must take their current software application and add secure communication mechanisms to meet their software security requirements. You’ll deliver a production quality integrated application that includes secure coding protocols.

Directions

You must examine Artemis Financial’s software to address any security vulnerabilities. This will require you to refactor the Project Two Code Base, linked in the Supporting Materials section, to add functionality to meet software security requirements for Artemis Financial’s application. Specifically, you’ll need to follow the steps outlined below to facilitate your findings, address and remedy all areas, and use the Project Two Template, linked in What to Submit, to document your work for your practices for secure software report. You will also submit zipped files that contain the refactored code.

Algorithm Cipher: Recommend an appropriate encryption algorithm cipher to deploy, given the security vulnerabilities, and justify your reasoning. Review the scenario and the supporting materials to support your recommendation. In your practices for secure software report, be sure to address the following:

Provide a brief, high-level overview of the encryption algorithm cipher.

Discuss the hash functions and bit levels of the cipher.

Explain the use of random numbers, symmetric versus non-symmetric keys, and so on.

  1. Describe the history and current state of encryption algorithms.

Certificate Generation: Generate appropriate self-signed certificates using the Java Keytool in Eclipse.

To demonstrate that the certificate was correctly generated:

  1. Export your certificates (CER file).
  2. Submit a screenshot of the CER file in your practices for secure software report.
  3. Deploy Cipher: Deploy and implement the cryptographic hash algorithm by refactoring code. Demonstrate functionality with a checksum verification.
  4. Submit a screenshot of the checksum verification in your practices for secure software report. The screenshot must show your name and a unique data string that has been created.
  5. Secure Communications: Verify secure communication. In the application. properties file, refactor the code to convert HTTP to the HTTPS protocol. Compile and run the refactored code. Then once the server is running, type https://localhost:8443/hash in a new browser to demonstrate that the secure communication works successfully.

Create a screenshot of the web browser that shows a secure webpage and include it in your practices for secure software report.

Secondary Testing: Run a secondary static testing of the refactored code using the OWASP Dependency-Check Maven (see Supporting Materials) to ensure code complies with software security enhancements. You need to focus on only the code you have added as part of the refactoring. Complete the dependency check and review the output to ensure you did not introduce additional security vulnerabilities. Include the following in your practices for secure software report:

  1. A screenshot of the refactored code executed without errors

A screenshot of the report of the output from the dependency-check static tester

  1. Functional Testing: Identify the software application’s syntactical, logical, and security vulnerabilities by manually reviewing code.
  2. Complete this functional testing and include a screenshot of the refactored code, executed without errors, in your practices for secure software report.
  3. What if I receive errors or new vulnerabilities?
    You will need to iterate on your design and refactored code, address vulnerabilities, and retest until no new vulnerabilities are found.

Summary: Discuss how the code has been refactored and how it complies with security testing protocols. In the summary of your practices for secure software report, be sure to address the following:

Refer to the Vulnerability Assessment Process Flow Diagram. Highlight the areas of security that you addressed by refactoring the code.

  1. Discuss your process for adding layers of security to the software application.
  2. Industry Standard Best Practices: Explain how you applied industry standard best practices for secure coding to mitigate against known security vulnerabilities. Be sure to address the following:

Explain how you used industry standard best practices to maintain the software application’s current security.

Explain the value of applying industry standard best practices for secure coding to the company’s overall wellbeing.

Place Your Order Here

Our Service Charter


1. Professional & Expert Writers: We only hire the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of master’s and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. We are known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: We have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Format & Features

Our Advantages

How It Works

1. Fill Order Form
2. Make payment
3. Writing process
4. Download paper

Fill in the order form and submit all your files, including instructions, rubrics, and other information given to you by your instructor.

Once you complete filling the forms, complete your payment. We will get the order and assign it to a writer.

When your order is completed, it’s assigned to an editor for approval. The editor approves the order.

Once approved, we will upload the order to your account for you to download.  You can rate your writer or give your customer review.

What Clients Said

{

I am very satisfied! thank you for the quick turnaround. I am very satisfied! thank you for the quick turnaround.I am very satisfied! thank you for the quick turnaround.

5
Mercy M
{

I am very satisfied! thank you for the quick turnaround. I am very satisfied! thank you for the quick turnaround.I am very satisfied! thank you for the quick turnaround.

5
Jane L
{

I am very satisfied! thank you for the quick turnaround. I am very satisfied! thank you for the quick turnaround.I am very satisfied! thank you for the quick turnaround.

4.5
Rayan M

LET US DELIVER YOUR ACADEMIC PAPER ON TIME!

We are a freelance academic writing company geared towards provision of high quality academic papers to students worldwide.

Open chat
1
Scan the code
Hello
Can we help you?