Add any code needed to ensure that system data is read or
changed only by the server, and that such execution occurs only if instigated by
authenticated and authorized clients.
As before, assume that the adversary is capable of (at least) the attacks
described in connection with phase 3.
Also use this phase as an opportunity to revisit and repair problems identified in
earlier phases.
And use this phase to add the Extra Credit functionality
(see project overview) if you have
the inclination and the time.
Submission Procedure.
All submissions should be made through
CMS.
Submit the following files (at least) as part of a .zip:
-
TEAM.txt which contains the names (and net-ids) for all team members.
Also, for each team member give a 1 or 2 paragraph description of the tasks
this team member performed and the number of hours this required.
-
README.txt which contains
- The names and a description of the contents for the other files in the directory.
- Instructions for installing, compiling, and running your software on our
Windows system.
Expect the grader to spend approximately 10 minutes on this task, so try the process
yourself with a stopwatch to
check whether the grader might be able to fulfill your expectations.
- A tutorial that the grader can follow to run your software and observe
that it does what it should.
-
Source files that contain the source code needed to compile and run your system.
Grading Process.
Sign-up for a system demo and group interview.
The sign-up sheet will be posted outside Upson 4115 at or before
11:25am on Monday April 23.
Interviews will be scheduled for early in the week of April 30
(location to be announced).
Your entire group must be present for the interview.
At the interview, your group should plan to:
-
give a demo of the system in operation,
-
respond to questions about design choices and approaches to security
your group implemented along with alternatives, and
-
discuss your implementation, and review your code for clarity and style.