You have been employed by the National Government to create an inter-departmental bulletin board. The government aims to use this bulletin board to post issues that need to be solved by more than one department in conjunction. The issues that will be posted here are of a highly confidential nature – thus this system must:

• Be developed with very strong security;

• Only allow authorized users to utilize the system.

Question:

1. Create a proposal in which you explain the security features that you will employ for your logon. This proposal must be no more than 2000 words and must include a detailed description of how you would implement the following: 

1. The registration of new users and your login process in terms of:

a. HTTP requests and traffic security;

b. Input validation;

c. Storing and hashing of passwords;

d. Maintaining authentication state;

e. Credential security;

f. The overall flow of your login process.

2. How you plan to protect your application against (state definition and protection for each):

a. User name harvesting;

b. Brute force attacks;

c. Session jacking;

d. Session fixation

NB: Images can be used to explain ideas and systems better.