User Account

All Pages

Why the issue may cause a security vulnerability

Assignment Help JAVA Programming
Reference no: EM131135970

java

Modify an existing Java Web application that violates several Payment Card Industry guidelines and recommendations. Your task is to locate the issues, identify what is wrong and then fix the code. You will discuss each issue in terms of why the issue may cause a security vulnerability, and how you specifically fixed the issue.

The current code, uses Java JSP and Servlets to allow a user to login to their account and view credit card data stored in the database. The functionality is relatively simple but several PCI compliance rules have been violated that will prevent the application from being approved by a PCI software auditor.

You should first load up the application, populate the database and make sure the application is working in your environment as expected. The application uses the Java Derby relational database. The script used to populate the application is attached as well as the Java web project itself. You should be able to open the existing project using NetBeans. However; you may need to load the Derby drivers to the libraries for the project.

Once you have the database loaded, you can try the application. (This assumes you have properly installed the Java EE when you installed NetBeans).

Email:[email protected] Password: mypassword

Review the code and perform analysis as needed. You should experiment with application as well as reviewing the code to identify possible areas of security concerns. You don't have to be an expert in JSP/Servlets, html or css to be able to find some of the issues that you have read about in the PCI documentation. However; it is recommended you experiment with the code so you have a baseline familiarity with the model and know how the JSP and servlets communicate with each other.

Focus on the PCI compliance issues found in sections 6 through 9 (see attached jpg file) as you look for issues. There are multiple issues and you should work to fix and document as many as possible.

Submission:

Provide all of your modified Java code, your modified database script and a word document describing how you addressed each issue. You should clearly describe the code and what PCI compliance issue were violated and how you fixed it. You should provide screen captures as needed to support your findings and improvements.

https://www.dropbox.com/s/opxxm9opma0hy3j/Netbeans_Package.zip?dl=0

Reference no: EM131135970

Questions Cloud

Unfunded social security system increases the welfare : Show that any unfunded social security system increases the welfare of the current old generation and reduces the welfare of some future generation.
Homegrown single-interest terrorist group : 1. How do you define domestic terrorism? In what ways is it functionally different from international terrorism? Distinguish between domestic terrorism from above and domestic terrorism from below. Give specific examples.
Z-time sleep pods : Manhatten Snooze Pods installs 4 new “Z-time Sleep Pods” to their first city location. Clients can stop by without an appointment on their work breaks for a relaxing snooze or quiet downtown during the work day. Clients who want to use these pods arr..
Provide a brief summary of the allen and naughton : What's In Use? What type of social media is your present organization using for learning, if any? How so? If not, why not and where would be a good place to begin using social media for learning in the organization?
Why the issue may cause a security vulnerability : Your task is to locate the issues, identify what is wrong and then fix the code. You will discuss each issue in terms of why the issue may cause a security vulnerability, and how you specifically fixed the issue.
Displace homeowners in the process : Give your opinion on whether governments should be able to rezone and condemn residential land and displace homeowners in the process, in order to facilitate commercial development. Explain your rationale.
Determine two other costs that bp might have incurred : Determine two (2) other costs that BP might have incurred. Give your opinion as to whether or not BP would have been better off had the company taken the necessary precautions to prevent or minimize an oil spill. Support your answers give at least on..
Identify the technology and the web page you found : Identify the technology and the Web page you found. Briefly summarize the article and then analyze two challenges of the chosen technology
Characterize a dynamic equilibrium of this economy : Provide sufficient conditions on u1(.) and u2(.) such that (1) aggregate dynamics are globally stable, and (2) all individuals asymptotically tend to the same wealth level.

Reviews

Write a Review

JAVA Programming Questions & Answers

  How to link different classes forms

How to link different classes forms. When a person clicks on A, B, or C the program will go to the addEmployee form or Punch In/Out form in Java.

  Prepare a method that will guess the root of a number

Using binary search/interval halving, prepare a method that will guess the root of a number (JAVA)

  Write a program that reads in the file

Write a program that reads in the file and exports it to a standard CSV format. For the records above, the output format would be Freddy Kruger, 1313 Mockingbird Lane, Houston, Texas Billy Thornton, 1010 Slingblade Street, Houston, Texas

  Code layout, use of variable names highlight the java code

Java Code high-lighting, things like code layout, use of variable names, general readability and understandability

  Design and implement a small and simple email server using

design and implement a small and simple email server using the concept of web based information system. your system

  Create an abstract employee class

We are going to create an abstract Employee class and an abstract calculatePay method. The abstract Employee class will prevent a programmer from creating an object based on Employee

  Complete the code to counts the number of lines input

Complete the code to counts the number of lines input by a user until the user enters the string ENDOFDATA (must be uppercase letters, no spaces) on a line by itself.

  Button to increase or decrease the number of the balls

Simulates a bouncing ball. Extend to allow mulitple balls. You can use the +I or -I button to increase or decrease the number of the balls and use teh Suspend and Resume buttoms to freeze the balls or resume bouncing. For each ball, assign a random c..

  Determine various currents and voltages

1. To troubleshoot a complex circuit and determine various currents and voltages using mesh analysis. 2. To simulate the complex circuit in MultiSim and record the required quantities.

  How use of asnychronous javascript and xml impacts

Assignments one and six of this course are closely related. The 6th assignment involves writing a research report (more specifically, a literature review) on a topic related to web data management. To help you start, this first assignment is meant..

  Write a program that takes as input student scores

Write a program that takes as input student scores from a file and outputs the average for each student to a file.

  Create simple java program that determine cost of insurance

Need to create a simple Java program that determines cost of insurance by including any additional person based on age (thus questions regarding age and how many people apply to each category as far as age should be included)

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd