Hi please assist with a and b QUESTION 4: Design Patterns and UMLYou have been tasked to improve your organisation's security. Only authorized users are al-lowed to access SensitiveData on the system and access can only be done through theDatastorage class. You know that by applying the Proxy design pattern you can solve thetask.1| class SensitiveData {/* code omitted */}2enum EEmployeeType34 {ADMIN, // Should be allowed to access SensitiveDataCEO, // Should be allowed to access SensitiveDataCLERK // Not allowed to access SensitiveData678 }910 public class DataStorage11 {public SensitiveData getData(EEmployeeType employee);1213 }(a) Provide a UML class diagram for the Proxy design pattern applied to the problem statedabove.(b) Provide Java source code for the proxy class' getData method.

Answered: (a) Provide a UML class diagram for the…

(a) Provide a UML class diagram for the Proxy design pattern applied to the problem stated above. b) Provide Java source code for the proxy class' getData method.

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

Password management schemes are complex in ITsystems. Consider an IT company that does not want users to choosepasswords from a database of easily guessable passwords during accountregistra8on. The challenge is how to implement this mechanism. Oneapproach is to store all these guessable passwords in a database and checkevery password chosen during registra8on against this database. a) What isthe security problem in this implementa8on?ANer listening to you, the company has the following expecta8ons for a newsolu8on. Your solu8on should have the following proper8es – There shouldbe no False Nega8ves (a guessable (bad) password should not be mistakenlyiden8fied as a non-guessable (good) password); Some False Posi8ves aretolerated (a very small number of non-guessable (good) passwords can beiden8fied as guessable (bad) passwords by mistake); The guessablepasswords should not be stored in plain text; The solu8on should be spaceefficient; It should be fast. b) Iden8fy another solu8on to this…
help me please provide by step by step find another vulnerability and exploit within the Metasploit framework against the Metasploitable2 system by using Metasploit's search, show, use, set, check, locate, and exploit/run commands. You should find one not used yet, so don't use any in that we used in the previous steps (vsftpd vulnerability or the tomcat exploit).
The Access to objects in the security design should be depend on more than one condition being satisfied. This principle reflect: Complete mediation Separation of privilege Least common mechanism Isolation
In this assignment, you will develop a user interface for three different functions of an operating system and decide how each of the functions could be secured using various authentication schemes. You must support one single factor, one two-factor, and one multi-factor authentication scheme in your design. You may choose any features in an operating system you want (e.g., login, getting help on a system function, or listing all processes). Your user design will address the following three main security areas: 1. Proposed Security Authentication Scheme 2. Proposed Security Authentication Factor 3. Required Security Policies For each operating system function, provide the following: a. Detailed explanation of your interface design choices and how it addresses the three assignment requirements: authentication scheme, factors, and policies that will be used. b. A table outlining the functional requirements to secure the function in #2a. c. A wireframe mockup user interface that…
Draw a UML class diagram consistent with the following sequence diagram. : DBClass :Connection : Statement PersistencyClient PersistentClass 1. create( ) 1.1. new( ) 1.2. getData( ) 1.3. createStatement() 1.4. executeUpdate(string)
Complete the attached table with the principles below relating to server security The principles are: Economy of mechanism Fail-safe defaults Complete mediation Open design Separation of privilege Least privilege Least common mechanism Psychological acceptability
do this for me find another vulnerability and exploit within the Metasploit framework against the Metasploitable2 system by using Metasploit's search, show, use, set, check, locate, and exploit/run commands. You should find one not used yet, so don't use any in that we used in the previous steps (vsftpd vulnerability or the tomcat exploit). write full command here please.
Bob has designed a secure login system for the student portal of the Xiamen University of Technology (XUT). In Bob's design, a two-factor authentication method is used for verifying the authenticity of the user. A brief description of the design is provided below. For the two-factor authentication, the followings are required: • Factor 1: a user first required to provide a secret password, • Factor 2: the user then needs to provide the correct answer to a security question. To securely store the user password in the system, Bob has used state-of-the-art encryption algorithm, Advanced Encryption Standard (AES), to encrypt the user password and stored the encrypted password in the system database. For securely signing in to the system: the user needs to provide his/her user ID and the corresponding password. This information will be transmitted to the system over a secure communication channel. Upon receiving this information, the system will: o locate/retrieve the corresponding…
Let us consider an application where we need to run a secure Information Management System. We are to receive very confidential information from our customer sand keep them save in our system. These information are sent to us in the softcopy forms. We are to protect ourcustomers’ confidentiality even from ourselves, we are not to see the information they bring to us,or else the confidentiality is compromised. Your job as computer security officer is to verify the authenticity of the important documentreceived in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can storebut cannot retrieve except the user himself. Secondly, you are to protect the passwords and usernames to make impossible for everyone(including the system administrators) except the users themselves to access even if the whole data base is hacked or stolen. i)Based on your knowledge in computer security, which cryptographic mechanisms would you…
What is the difference between a binary semaphore and a counting semaphore? Question 9 options: A binary semaphore is used for mutual exclusion, while a counting semaphore is used for synchronization. A binary semaphore can only take two values, while a counting semaphore can take any positive integer value. There is no difference between a binary semaphore and a counting semaphore. A binary semaphore is used for synchronization, while a counting semaphore is used for mutual exclusion.
Is this design secure from other attacks? (You can assume that the site is safe from web attacks such as CSRF, XSS and SQL injection, and uses HTTPS for the Checkout procedure.) No it is vulnerable to man in the browser attack. Yes, it is safe. No it is vulnerable to integrity problem on the client side. No it is vulnerable to integrity problem on the server side.
Let us consider an application where we need to run a secure Information Management System.We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised.Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself.Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen.2. Which cryptographic mechanisms would you implement in order to protect the usernames and…