You are building a news aggregation web service

| October 14, 2019


Questions

You are building a news aggregation web service for gathering news from a variety of sources, and presenting them to users in a customized way. For example, if user X mostly clicks on news from Canada, then the service will present news from Canada to that user before presenting news from other countries. Similarly, if user Y frequently reads sports news, the service will show sports news before other types of news to user Y. Specifically, the web service you are building will have the following features: • It should allow reading news using web browsers as well as Android and iPhone apps. • It will track user behavior and preferences using a cookie database. Note: you might want to review the concept of cookies covered in INFO-4101. • It will gather news from web services owned by two external entities, say Bloomberg and Reuters. For the purposes of this assignment, assume that these sources serialize news data using XML format.

Using the Microsoft Threat Modeling Tool, do the following:

1. (25 points) Draw a data flow diagram of the complete system, including components internal to the system as well as all external entities (clients and external services).

2. (25 points) Generate a threat report document. The threat modeling tool creates HTML reports, but you should run a “Print to PDF” before submitting the report as PDF.

3. (25 points) From the threat report, choose any three security vulnerabilities of different types, and give examples of how they can be exploited.

4. (25 points) For the three vulnerabilities identified above, explain in a few sentences how you would address them.

Order your essay today and save 20% with the discount code: ESSAYHELP
Order your essay today and save 20% with the discount code: ESSAYHELPOrder Now