Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

In this case study, an ecommerce website is considered. In this website, when customers choose items of interest to purchase, they go to their shopping

In this case study, an ecommerce website is considered. In this website, when customers choose items of interest to purchase, they go to their shopping cart. When they are ready to proceed with their purchases, they click on Checkout button to pay for the items. At that point, the customer logs into the site to enable the site to retrieve their payment information.

(a) Let us assume that the shopping cart saves the associated items and prices on the server in a file. Specifically, for each customer a file is created. The website identifies the customers by their IP addresses.

Is this design vulnerable to a DoS attack? Explain why or why not. (2.5 marks)

(b) Now let us assume that the website stores a list of shopping cart items on the client side instead of server side. Every time that a user clicks on add-to-cart, the server sends all of the associated details such as item name, price, and quantity, combine them into a hidden HTML form field. Now, when the user clicks on Checkout, all of the past purchased items in the hidden form field are sent to the server through a Javascript magic. The server then joins them together into a list and presents the user with the corresponding total amount for payment.

1. Is this design vulnerable to the DoS attack? Explain why or why not. (3 marks)

2. Do you think this design is meeting the requirements of information security such as integrity? (2 marks)

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database Management An Organizational Perspective

Authors: Richard T. Watson

1st Edition

0471305340, 978-0471305347

More Books

Students also viewed these Databases questions

Question

Question How is life insurance used in a DBO plan?

Answered: 1 week ago