Topics in Privacy and Security Module Result – 77%

Last week was a hectic one. I had a coursework deadline for my Adaptive Learning Agent Systems module, and a exam for Static Analysis and Verification. Amongst all the work I received my results for my Topics in Privacy and Security Module.

The module was assessed by a 100% weighted coursework for which the aim was to develop both a security risk management strategy for a telehealth company and develop some software to determine the best reputation metric for a star-rating system for e-commerce websites to reduce the effect of self-promoting and slandering attacks at different scales.

For the security risk management strategy the ISO/IEC 27002 and ISO/IEC 27005 standards were followed. Assets, user roles, system boundaries and businesses processes were identified, possible violations were considered, threat agents and paths were analysed and critical analysis of which risks had to be managed and which controls to use to mitigate their risks took place.

Identifying Assets can be a Long Process

I used the programming portion of the coursework as an opportunity to learn cross-platform GUI development in Java, using JavaFX. As of the time of writing JavaFX still doesn’t support simple dialog boxes without a host of libraries… which made it interesting. However, it was quite impressive to see ‘write once (carefully), run anywhere (conditionally)’ work in action. I also used it as a chance to try out a form of more modular development, in which all of my business logic was in a library which any GUI could tap into, whether that be a Java Servlet, JavaFX or Command Line program. For the coursework I developed both the aforementioned GUI and a simple Terminal Interface, both running on the same shared .jar library.

Command Line Interface to the Reputation Attack Effect Calculator

Thankfully, now that this week is over, so is the taught portion of my masters degree. For the next 4 months I will be working on my research project, which will be discussed in a future blog post.

Danny

Initial and Interim Report Results – 72% and 85%

The Interim Report is quite big, this is just under half of it

As part of the process of completing the final year project you have to submit two, smaller iterative, reports before your final report. These are a great opportunity to get in-depth feedback on your work before submitting your final report — they’re also a good way to evaluate your progress.

Initial Report

The initial report — which is produced early on in the project, in September — outlined the introduction and context of the project, for me this consisted of explaining what PHP is, what an integrated development environment (IDE) is and then discussing what other PHP IDE solutions are on the market today.

Initial ideas of what technologies and methodologies would be used for the project were also briefly discussed based on research I did over the summer, which had to be referenced in Harvard style.

Perhaps most importantly the initial report was the time when my project title, aims and objectives were set in stone for the first time. A time plan and associated gantt chart were produced to outline which work should be taking place at which time in order to deliver a finished product by the due date for the report.

The initial report was marked by Professor Ping Jiang and he awarded me a mark of 72%, which I was pretty happy with for my first mark of the third year. 🙂

Interim Report

Yesterday I got back my mark for my Interim Report. The Interim Report is used to detail your progress since the initial report, and is submitted in January, about half way through your development time.

All the reports are iterative, in other words based off of the previous one. So I added in more detail about which methodologies I have been using to develop my project, updated my time plan to be more realistic and discussed the risks and ethical issues associated with the production of my IDE.

Dr. Martin Walker marked this report and I’m very happy to say that I got 85%. This gives me a good base on which to produce a good final project, especially with the in-depth feedback I received.

I will of course keep the blog updated with future developments on the final year project.

Danny