微信客服:xiaoxionga100
微信客服:ITCS521
CMT310-无代写
时间:2023-04-21
Cardiff School of Computer Science and Informatics
Coursework Assessment Pro-forma
Module Code: CMT310
Module Title: Developing Secure Systems and Applications
Lecturer: Dr Neetesh Saxena
Assessment Title: Technical Report
Assessment Number: 1
Date Set: 21 Sep 2022
Submission Date and Time: by 24th April 2023 at 9:30am
Feedback return date: 22 May 2023
Extenuating Circumstances submission deadline will be 1 weeks after the submission
date above
Extenuating Circumstances marks and feedback return will be 1 weeks after the
feedback return date above
This assignment is worth 100% of the total marks available for this module. If
coursework is submitted late (and where there are no extenuating circumstances):
1 If the assessment is submitted no later than 24 hours after the
deadline, the mark for the assessment will be capped at the minimum
pass mark;
2 If the assessment is submitted more than 24 hours after the deadline, a
mark of 0 will be given for the assessment.
Extensions to the coursework submission date can only be requested using the
Extenuating Circumstances procedure. Only students with approved extenuating
circumstances may use the extenuating circumstances submission deadline. Any
coursework submitted after the initial submission deadline without *approved*
extenuating circumstances will be treated as late.
More information on the extenuating circumstances procedure can be found on the
Intranet: https://intranet.cardiff.ac.uk/students/study/exams-and-
assessment/extenuating-circumstances
By submitting this assignment you are accepting the terms of the following declaration:
I hereby declare that my submission (or my contribution to it in the case of group
submissions) is all my own work, that it has not previously been submitted for
assessment and that I have not knowingly allowed it to be copied by another student. I
understand that deceiving or attempting to deceive examiners by passing off the work of
another writer, as one’s own is plagiarism. I also understand that plagiarising another’s
work or knowingly allowing another student to plagiarise from my work is against the
University regulations and that doing so will result in loss of marks and possible
disciplinary proceedings1.
1 https://intranet.cardiff.ac.uk/students/study/exams-and-assessment/academic-integrity/cheating-and-
academic-misconduct
Assignment
INSTRUCTIONS
You are free to choose ANY ONE of the following topics to explore the current state of
cyber security:
• Authentication Applications: issues and security
• Access Control Applications: issues and security
• Diffie-Hellman Key Exchange Applications: issues and security
• Digital Signatures and Certificates Applications: issues and security
• Trusted Platform Module (TPM) Applications: issues and security
• Software Development Applications (i.e. IDE’s): issues and security
• Industrial Software: issues and security
STRUCTURE OF THE REPORT
This individual assessment consists of SIX TASKS as mentioned below, requires
coursework submission as a single report of 4,000 words (maximum, including all except
references). There should not be any appendix attached or included in this report. The
expected font size is 12 and font type as ‘Arial’ on all pages. There is no need to add a
cover page with your submission but write your student number and name on the top of
the first page of the report. You’re expected to back your answers with citations. Note,
there is no ±10% word count criteria for this coursework. It is expected that your report
(excluding references) must be within the 4,000 words count. Anything written beyond the
first 4,000 words would be ignored during marking.
(1) Technical security issues (indicative length, 800 words): Describe any FOUR most
critical security issues that are available in modern systems. You are expected to mention
the name of the threat and/or vulnerability. Also, explain any FOUR standard ways of
compromising (attacking) such systems.
(2) Associated and unique provisioned challenges (indicative length, 400 words): Identify
any FOUR associated and unique challenges with such systems in order to fix these issues.
You are expected to state how to deal with such challenges to develop a secure, efficient
and scalable system.
(3) Data communication protocols (indicative length, 500 words):
Identify and critically analyse any FOUR protocols used for data communications
associated with your topic. Compare and contrast these protocols to identify which
protocol is most suitable and which one is least preferable to use in practice.
(4) State of the art and best technology to be used (indicative length, 1,600 words):
Describe any FOUR technological solutions for each issue implemented in real-world
scenarios of the topic and are available to use against security issues found in (1). You
also need to critically justify the reasons on how these solutions address the issues
considered in (1). Your arguments must be backed by research articles in that area.
Recommend and critically justify a suitable technology to use (compare and select the
BEST ONE from FOUR solutions for each issue). Your criticism and arguments should be
supported by the literature, including results from implementations, statistics, and data
available. Briefly describe the “security property” that can be achieved by the best solution
for each issue.
(5) Security architecture (indicative length, 200 words): You should contribute with your
own opinion and form a security architecture (by drawing a diagram), including applying
the chosen techniques (one best solution for each issue) for an efficient, secure and
scalable system. All notations and information exchanged should be clear, available and
written within the diagram. This task is equivalent to 200 words, so there is no need to add
any extra text apart from the security architecture diagram. You can make this diagram
better by clearly reflecting information communicated and what issues will be resolved by
applying your identified solutions.
(6) Future aspects of the identified algorithms (indicative length, 500 words): Critically
analyse and state your thoughts on the future aspects of the solutions identified in (4).
You are expected to reflect on as to whether the identified solutions may develop any
security issues in the coming future, and if, what could be these issues, or if the chosen
solutions will still be suitable for use.
References
References are not counted in the word limit. Use the IEEE format references: https://ieee-
dataport.org/sites/default/files/analysis/27/IEEE%20Citation%20Guidelines.pdf.
This point will be further discussed in one of the lectures of the module.
Cardiff University’s citing and referencing support can also be followed here (for IEEE):
https://intranet.cardiff.ac.uk/students/study/study-skills/academic-writing-
communication-and-referencing/citing-and-referencing-support
HELPING NOTES
• Vulnerability: A weakness in any aspect of a system that makes an exploit possible.
• Threat: A potential cause of an unwanted incident that may result in harm to a system.
• Attack: An attempt to destroy, expose, alter, disable, steal or gain unauthorized access
to or make unauthorized use of an asset.
• Risk: An intersection of assets, threats and vulnerabilities.
• Examples: https://www.ques10.com/p/8993/explain-with-examples-vulnerability-
threat-and-att/
• System or system model: Aa system that attackers target for attacks.
• Architecture: This is the abstract design (logical view) of an application or the system.
It does not have any implementation; it just has an idea of where to put each
component.
• A sample example will be provided in one of the lectures for a better understanding of
what is expected to cover and how to complete the given tasks.
Learning Outcomes Assessed
This individual assignment contributes to the assessment of the following Learning
Outcomes (LO) 1, 2, 3, 4, 5 and 6 of the unit:
1. Compare and contrast common technical security controls available to prevent, detect
and recover from security incidents and to mitigate risk.
2. Articulate security architectures relating to business needs and commercial product
development that can be realised using available tools, products, standards and
protocols.
3. Deliver systems assured to have met their security profile using accepted methods
and development processes.
4. Critically analyse the correctness and properties of secure systems.
5. Justify the selection of different cryptosystems.
6. Critically analyse recent cyber security case studies.
Criteria for assessment
Credit will be awarded against the following criteria.
Criteria Fail (<50%) Pass (50-59%) Merit (60-69%) Distinction 70% and
above)
Technical
security
issues
(Available
Marks - 20)
Not narrated
required
number of
security
issues with
potential
risks; not
explained
required
number of
attacking
techniques
briefly; not
sufficient
demonstrati
on of critical
thinking,
depth
analysis,
logical
arguments,
and citations
used
Narrated FOUR
security issues
with potential
risks; explain
FOUR attacking
techniques
briefly;
reasonable
demonstration
of critical
thinking, depth
analysis, logical
arguments, and
citations used
Clearly analysed
FOUR security
issues with
potential risks;
list and define
associated
security
vulnerabilities
and threats in
each scenario;
explain FOUR
attacking
techniques
briefly; good
demonstration of
critical thinking,
depth analysis,
logical
arguments, and
citations used
Critically analysed
FOUR security issues
with potential risks
and their impact; list
and define security
vulnerabilities and
threats in each
scenario; explain
reasons for such
vulnerabilities and
name potential
threats with some
specific technical
details, such as CVE;
explain FOUR
attacking techniques
briefly; excellent
demonstration of
critical thinking,
depth analysis,
logical arguments,
and citations used
Associated
and unique
provisioned
challenges
(Available
Marks - 10)
Not listed
and
explained
the required
number of
unique
challenges;
not sufficient
demonstrati
on of critical
thinking, and
logical
arguments
Listed and
explained FOUR
unique
challenges;
reasonable
demonstration
of critical
thinking, and
logical
arguments
Listed and
explained FOUR
unique
challenges;
clearly analyse at
least one idea for
each challenge
on how to
resolve it; good
demonstration of
critical thinking,
and logical
arguments
Listed and explained
FOUR unique
challenges; critically
analyse at least one
idea for each
challenge on how to
resolve it; critically
justify your idea with
citations where it
worked in the past;
excellent
demonstration of
critical thinking, and
logical arguments
Industrial
data
communica
tion
protocols
(Available
Marks - 15)
Not listed
and
explained
the required
number of
protocols for
data
communicati
ons; not
identify
protocols
with most
and least
preference
to use in
practice;
poor
demonstrati
on of critical
thinking,
depth
analysis,
logical
arguments,
full
justification
of choices
made, and
citations
used
Listed and
explained FOUR
protocols for
data
communication
s; identify
protocols with
most and least
preference to
use in practice;
reasonable
demonstration
of critical
thinking, depth
analysis, logical
arguments, full
justification of
choices made,
and citations
used
Listed and
explained FOUR
protocols for
data
communications;
identify pros and
cons in terms of
security features
and associated
cyber risks,
identify and
analyse protocols
with most and
least preference
to use in
practice; good
demonstration of
critical thinking,
depth analysis,
logical
arguments, full
justification of
choices made,
and citations
used
Listed and explained
FOUR protocols for
data
communications;
identify pros and
cons in terms of
security features and
associated cyber
risks, identify
protocols with most
and least preference
to use in practice and
critically justify their
reason with
arguments; excellent
demonstration of
critical thinking,
depth analysis,
logical arguments,
full justification of
choices made, and
citations used
State of the
art and
best
technology
to be used
(Available
Marks - 35)
Not listed
and
explained
the required
number of
solutions for
each security
issue; not
selected the
best solution
for each
issue; not
described
(what and
how) security
property
maintained;
Poor
reflection of
critical
thinking,
depth
analysis and
logical
arguments,
use of
appropriate
solutions,
full
justification
of choices
made, and
citations
used
Listed and
explained FOUR
solutions for
each security
issue; select
the best one
from FOUR
solutions for
each issue and
justify the
reason why it is
more suitable
compared to
another one;
describe (what
and how)
security
property
maintained
within the
solution for
each issue;
reasonable
reflection of
critical thinking,
depth analysis
and logical
arguments, use
of appropriate
solutions, full
justification of
choices made,
and citations
used
Listed and
explained FOUR
solutions for
each security
issue; clearly
mention which
cryptosystem you
will be using;
select the best
one from FOUR
solutions for
each issue and
justify the reason
why it is more
suitable
compared to
another one;
describe (what
and how)
security property
maintained
within the
solution for each
issue; good
reflection of
critical thinking,
depth analysis
and logical
arguments, use
of appropriate
solutions, full
justification of
choices made,
and citations
used
Listed and explained
FOUR solutions for
each security issue
along with the
security properties
(name) they
maintain; clearly
mention which
cryptosystem you will
be using; select the
best one from FOUR
solutions for each
issue and justify the
reason why it is more
suitable compared to
another one; narrate
what an attacker can
try and how this
solution defeats the
attacker’s attempts;
describe (what and
how) security
property maintained
within the solution for
each issue; excellent
reflection of critical
thinking, depth
analysis and logical
arguments, use of
appropriate
solutions, full
justification of
choices made, and
citations used
Security
architectur
e (Available
Marks - 10)
Not drawing
an
architecture
or not
presenting
the required
number of
Draw an
architecture
with the chosen
FOUR solutions,
each for an
identified
security issue;
Draw an
architecture with
the chosen FOUR
solutions, each
for an identified
security issue;
show what
Draw an architecture
with the chosen
FOUR solutions, each
for an identified
security issue; show
what pieces of
information will be
the chosen
solutions;
not
developed
enough
insights
reasonable
insights
presented
pieces of
information will
be exchanged
between the
entities of the
system; show
how and where
applying these
solutions will
resolve the
issues identified
in (1); good
insights
presented
exchanged between
the entities of the
system; critically
reflect how and
where applying these
solutions will resolve
the issues identified
in (1); excellent
insights presented
Future
aspects of
the
identified
algorithms
(Available
Marks - 10)
Not stating
sufficient
number of
issues and
their
associated
reasons;
poor
justifications
Stating issues
and their
associated
reasons;
reasonable
justifications
Stating issues
and their
associated
reasons and with
arguments; good
justifications
Identify future
requirements and
challenges and state
the issues and their
associated reasons;
provide clear
justification with
some quantitative
information/statistics
; excellent
justifications
Marks Breakdown: Marks will be provided for each task completed based on critical
thinking, depth analysis and logical arguments, use of appropriate solutions, full
justification of choices made, developed insights, and citations used.
70% and above 60-69% 50-59% Fail (< 50%)
Task (1) – 20 marks >= 14 >= 12 >= 10 < 10
Task (2) – 10 marks >= 7 >= 6 >= 5 < 5
Task (3) – 15 marks >= 11 >= 9 >= 7 < 7
Task (4) – 35 marks >= 25 >= 21 >= 17 < 17
Task (5) – 10 marks >= 7 >= 6 >= 5 < 5
Task (6) – 10 marks >= 7 >= 6 >= 5 < 5
A student is considered “Fail” if the total mark obtained in this assessment is less than
50.
Assessment marks award: Distinction (70-100%); Merit (60-69%); Pass (50-59%); Fail (0-
49)
Feedback and suggestion for future learning
Feedback on your coursework will address the above criteria. Feedback and marks will
be returned on 22nd May 2023 via learning central. Feedback from this assignment will
be useful for attempting any security-related master projects.
Submission Instructions
Each submission must have the following submitted files:
Description Type Name
Compulsory One PDF (.pdf) or Word file (.doc or
.docx)
CMT310_[student
number].pdf/doc/docx
Any code submitted (if required) will be run on Windows laptop and must be submitted as
stipulated in the instructions above.
Any deviation from the submission instructions above (including the number and types of
files submitted) may result in a mark of zero for the assessment or question part.
Staff reserve the right to invite students to a meeting to discuss coursework submissions
Support for assessment
Questions about the assessment can be asked on Piazza forum that will be set at the
beginning of the classes.
Support for the programming (if any) and other elements of the assessment will be
available in the labs and drop-in sessions.
Coursework Assessment Pro-forma
Module Code: CMT310
Module Title: Developing Secure Systems and Applications
Lecturer: Dr Neetesh Saxena
Assessment Title: Technical Report
Assessment Number: 1
Date Set: 21 Sep 2022
Submission Date and Time: by 24th April 2023 at 9:30am
Feedback return date: 22 May 2023
Extenuating Circumstances submission deadline will be 1 weeks after the submission
date above
Extenuating Circumstances marks and feedback return will be 1 weeks after the
feedback return date above
This assignment is worth 100% of the total marks available for this module. If
coursework is submitted late (and where there are no extenuating circumstances):
1 If the assessment is submitted no later than 24 hours after the
deadline, the mark for the assessment will be capped at the minimum
pass mark;
2 If the assessment is submitted more than 24 hours after the deadline, a
mark of 0 will be given for the assessment.
Extensions to the coursework submission date can only be requested using the
Extenuating Circumstances procedure. Only students with approved extenuating
circumstances may use the extenuating circumstances submission deadline. Any
coursework submitted after the initial submission deadline without *approved*
extenuating circumstances will be treated as late.
More information on the extenuating circumstances procedure can be found on the
Intranet: https://intranet.cardiff.ac.uk/students/study/exams-and-
assessment/extenuating-circumstances
By submitting this assignment you are accepting the terms of the following declaration:
I hereby declare that my submission (or my contribution to it in the case of group
submissions) is all my own work, that it has not previously been submitted for
assessment and that I have not knowingly allowed it to be copied by another student. I
understand that deceiving or attempting to deceive examiners by passing off the work of
another writer, as one’s own is plagiarism. I also understand that plagiarising another’s
work or knowingly allowing another student to plagiarise from my work is against the
University regulations and that doing so will result in loss of marks and possible
disciplinary proceedings1.
1 https://intranet.cardiff.ac.uk/students/study/exams-and-assessment/academic-integrity/cheating-and-
academic-misconduct
Assignment
INSTRUCTIONS
You are free to choose ANY ONE of the following topics to explore the current state of
cyber security:
• Authentication Applications: issues and security
• Access Control Applications: issues and security
• Diffie-Hellman Key Exchange Applications: issues and security
• Digital Signatures and Certificates Applications: issues and security
• Trusted Platform Module (TPM) Applications: issues and security
• Software Development Applications (i.e. IDE’s): issues and security
• Industrial Software: issues and security
STRUCTURE OF THE REPORT
This individual assessment consists of SIX TASKS as mentioned below, requires
coursework submission as a single report of 4,000 words (maximum, including all except
references). There should not be any appendix attached or included in this report. The
expected font size is 12 and font type as ‘Arial’ on all pages. There is no need to add a
cover page with your submission but write your student number and name on the top of
the first page of the report. You’re expected to back your answers with citations. Note,
there is no ±10% word count criteria for this coursework. It is expected that your report
(excluding references) must be within the 4,000 words count. Anything written beyond the
first 4,000 words would be ignored during marking.
(1) Technical security issues (indicative length, 800 words): Describe any FOUR most
critical security issues that are available in modern systems. You are expected to mention
the name of the threat and/or vulnerability. Also, explain any FOUR standard ways of
compromising (attacking) such systems.
(2) Associated and unique provisioned challenges (indicative length, 400 words): Identify
any FOUR associated and unique challenges with such systems in order to fix these issues.
You are expected to state how to deal with such challenges to develop a secure, efficient
and scalable system.
(3) Data communication protocols (indicative length, 500 words):
Identify and critically analyse any FOUR protocols used for data communications
associated with your topic. Compare and contrast these protocols to identify which
protocol is most suitable and which one is least preferable to use in practice.
(4) State of the art and best technology to be used (indicative length, 1,600 words):
Describe any FOUR technological solutions for each issue implemented in real-world
scenarios of the topic and are available to use against security issues found in (1). You
also need to critically justify the reasons on how these solutions address the issues
considered in (1). Your arguments must be backed by research articles in that area.
Recommend and critically justify a suitable technology to use (compare and select the
BEST ONE from FOUR solutions for each issue). Your criticism and arguments should be
supported by the literature, including results from implementations, statistics, and data
available. Briefly describe the “security property” that can be achieved by the best solution
for each issue.
(5) Security architecture (indicative length, 200 words): You should contribute with your
own opinion and form a security architecture (by drawing a diagram), including applying
the chosen techniques (one best solution for each issue) for an efficient, secure and
scalable system. All notations and information exchanged should be clear, available and
written within the diagram. This task is equivalent to 200 words, so there is no need to add
any extra text apart from the security architecture diagram. You can make this diagram
better by clearly reflecting information communicated and what issues will be resolved by
applying your identified solutions.
(6) Future aspects of the identified algorithms (indicative length, 500 words): Critically
analyse and state your thoughts on the future aspects of the solutions identified in (4).
You are expected to reflect on as to whether the identified solutions may develop any
security issues in the coming future, and if, what could be these issues, or if the chosen
solutions will still be suitable for use.
References
References are not counted in the word limit. Use the IEEE format references: https://ieee-
dataport.org/sites/default/files/analysis/27/IEEE%20Citation%20Guidelines.pdf.
This point will be further discussed in one of the lectures of the module.
Cardiff University’s citing and referencing support can also be followed here (for IEEE):
https://intranet.cardiff.ac.uk/students/study/study-skills/academic-writing-
communication-and-referencing/citing-and-referencing-support
HELPING NOTES
• Vulnerability: A weakness in any aspect of a system that makes an exploit possible.
• Threat: A potential cause of an unwanted incident that may result in harm to a system.
• Attack: An attempt to destroy, expose, alter, disable, steal or gain unauthorized access
to or make unauthorized use of an asset.
• Risk: An intersection of assets, threats and vulnerabilities.
• Examples: https://www.ques10.com/p/8993/explain-with-examples-vulnerability-
threat-and-att/
• System or system model: Aa system that attackers target for attacks.
• Architecture: This is the abstract design (logical view) of an application or the system.
It does not have any implementation; it just has an idea of where to put each
component.
• A sample example will be provided in one of the lectures for a better understanding of
what is expected to cover and how to complete the given tasks.
Learning Outcomes Assessed
This individual assignment contributes to the assessment of the following Learning
Outcomes (LO) 1, 2, 3, 4, 5 and 6 of the unit:
1. Compare and contrast common technical security controls available to prevent, detect
and recover from security incidents and to mitigate risk.
2. Articulate security architectures relating to business needs and commercial product
development that can be realised using available tools, products, standards and
protocols.
3. Deliver systems assured to have met their security profile using accepted methods
and development processes.
4. Critically analyse the correctness and properties of secure systems.
5. Justify the selection of different cryptosystems.
6. Critically analyse recent cyber security case studies.
Criteria for assessment
Credit will be awarded against the following criteria.
Criteria Fail (<50%) Pass (50-59%) Merit (60-69%) Distinction 70% and
above)
Technical
security
issues
(Available
Marks - 20)
Not narrated
required
number of
security
issues with
potential
risks; not
explained
required
number of
attacking
techniques
briefly; not
sufficient
demonstrati
on of critical
thinking,
depth
analysis,
logical
arguments,
and citations
used
Narrated FOUR
security issues
with potential
risks; explain
FOUR attacking
techniques
briefly;
reasonable
demonstration
of critical
thinking, depth
analysis, logical
arguments, and
citations used
Clearly analysed
FOUR security
issues with
potential risks;
list and define
associated
security
vulnerabilities
and threats in
each scenario;
explain FOUR
attacking
techniques
briefly; good
demonstration of
critical thinking,
depth analysis,
logical
arguments, and
citations used
Critically analysed
FOUR security issues
with potential risks
and their impact; list
and define security
vulnerabilities and
threats in each
scenario; explain
reasons for such
vulnerabilities and
name potential
threats with some
specific technical
details, such as CVE;
explain FOUR
attacking techniques
briefly; excellent
demonstration of
critical thinking,
depth analysis,
logical arguments,
and citations used
Associated
and unique
provisioned
challenges
(Available
Marks - 10)
Not listed
and
explained
the required
number of
unique
challenges;
not sufficient
demonstrati
on of critical
thinking, and
logical
arguments
Listed and
explained FOUR
unique
challenges;
reasonable
demonstration
of critical
thinking, and
logical
arguments
Listed and
explained FOUR
unique
challenges;
clearly analyse at
least one idea for
each challenge
on how to
resolve it; good
demonstration of
critical thinking,
and logical
arguments
Listed and explained
FOUR unique
challenges; critically
analyse at least one
idea for each
challenge on how to
resolve it; critically
justify your idea with
citations where it
worked in the past;
excellent
demonstration of
critical thinking, and
logical arguments
Industrial
data
communica
tion
protocols
(Available
Marks - 15)
Not listed
and
explained
the required
number of
protocols for
data
communicati
ons; not
identify
protocols
with most
and least
preference
to use in
practice;
poor
demonstrati
on of critical
thinking,
depth
analysis,
logical
arguments,
full
justification
of choices
made, and
citations
used
Listed and
explained FOUR
protocols for
data
communication
s; identify
protocols with
most and least
preference to
use in practice;
reasonable
demonstration
of critical
thinking, depth
analysis, logical
arguments, full
justification of
choices made,
and citations
used
Listed and
explained FOUR
protocols for
data
communications;
identify pros and
cons in terms of
security features
and associated
cyber risks,
identify and
analyse protocols
with most and
least preference
to use in
practice; good
demonstration of
critical thinking,
depth analysis,
logical
arguments, full
justification of
choices made,
and citations
used
Listed and explained
FOUR protocols for
data
communications;
identify pros and
cons in terms of
security features and
associated cyber
risks, identify
protocols with most
and least preference
to use in practice and
critically justify their
reason with
arguments; excellent
demonstration of
critical thinking,
depth analysis,
logical arguments,
full justification of
choices made, and
citations used
State of the
art and
best
technology
to be used
(Available
Marks - 35)
Not listed
and
explained
the required
number of
solutions for
each security
issue; not
selected the
best solution
for each
issue; not
described
(what and
how) security
property
maintained;
Poor
reflection of
critical
thinking,
depth
analysis and
logical
arguments,
use of
appropriate
solutions,
full
justification
of choices
made, and
citations
used
Listed and
explained FOUR
solutions for
each security
issue; select
the best one
from FOUR
solutions for
each issue and
justify the
reason why it is
more suitable
compared to
another one;
describe (what
and how)
security
property
maintained
within the
solution for
each issue;
reasonable
reflection of
critical thinking,
depth analysis
and logical
arguments, use
of appropriate
solutions, full
justification of
choices made,
and citations
used
Listed and
explained FOUR
solutions for
each security
issue; clearly
mention which
cryptosystem you
will be using;
select the best
one from FOUR
solutions for
each issue and
justify the reason
why it is more
suitable
compared to
another one;
describe (what
and how)
security property
maintained
within the
solution for each
issue; good
reflection of
critical thinking,
depth analysis
and logical
arguments, use
of appropriate
solutions, full
justification of
choices made,
and citations
used
Listed and explained
FOUR solutions for
each security issue
along with the
security properties
(name) they
maintain; clearly
mention which
cryptosystem you will
be using; select the
best one from FOUR
solutions for each
issue and justify the
reason why it is more
suitable compared to
another one; narrate
what an attacker can
try and how this
solution defeats the
attacker’s attempts;
describe (what and
how) security
property maintained
within the solution for
each issue; excellent
reflection of critical
thinking, depth
analysis and logical
arguments, use of
appropriate
solutions, full
justification of
choices made, and
citations used
Security
architectur
e (Available
Marks - 10)
Not drawing
an
architecture
or not
presenting
the required
number of
Draw an
architecture
with the chosen
FOUR solutions,
each for an
identified
security issue;
Draw an
architecture with
the chosen FOUR
solutions, each
for an identified
security issue;
show what
Draw an architecture
with the chosen
FOUR solutions, each
for an identified
security issue; show
what pieces of
information will be
the chosen
solutions;
not
developed
enough
insights
reasonable
insights
presented
pieces of
information will
be exchanged
between the
entities of the
system; show
how and where
applying these
solutions will
resolve the
issues identified
in (1); good
insights
presented
exchanged between
the entities of the
system; critically
reflect how and
where applying these
solutions will resolve
the issues identified
in (1); excellent
insights presented
Future
aspects of
the
identified
algorithms
(Available
Marks - 10)
Not stating
sufficient
number of
issues and
their
associated
reasons;
poor
justifications
Stating issues
and their
associated
reasons;
reasonable
justifications
Stating issues
and their
associated
reasons and with
arguments; good
justifications
Identify future
requirements and
challenges and state
the issues and their
associated reasons;
provide clear
justification with
some quantitative
information/statistics
; excellent
justifications
Marks Breakdown: Marks will be provided for each task completed based on critical
thinking, depth analysis and logical arguments, use of appropriate solutions, full
justification of choices made, developed insights, and citations used.
70% and above 60-69% 50-59% Fail (< 50%)
Task (1) – 20 marks >= 14 >= 12 >= 10 < 10
Task (2) – 10 marks >= 7 >= 6 >= 5 < 5
Task (3) – 15 marks >= 11 >= 9 >= 7 < 7
Task (4) – 35 marks >= 25 >= 21 >= 17 < 17
Task (5) – 10 marks >= 7 >= 6 >= 5 < 5
Task (6) – 10 marks >= 7 >= 6 >= 5 < 5
A student is considered “Fail” if the total mark obtained in this assessment is less than
50.
Assessment marks award: Distinction (70-100%); Merit (60-69%); Pass (50-59%); Fail (0-
49)
Feedback and suggestion for future learning
Feedback on your coursework will address the above criteria. Feedback and marks will
be returned on 22nd May 2023 via learning central. Feedback from this assignment will
be useful for attempting any security-related master projects.
Submission Instructions
Each submission must have the following submitted files:
Description Type Name
Compulsory One PDF (.pdf) or Word file (.doc or
.docx)
CMT310_[student
number].pdf/doc/docx
Any code submitted (if required) will be run on Windows laptop and must be submitted as
stipulated in the instructions above.
Any deviation from the submission instructions above (including the number and types of
files submitted) may result in a mark of zero for the assessment or question part.
Staff reserve the right to invite students to a meeting to discuss coursework submissions
Support for assessment
Questions about the assessment can be asked on Piazza forum that will be set at the
beginning of the classes.
Support for the programming (if any) and other elements of the assessment will be
available in the labs and drop-in sessions.
