代写INFO 2222编程、Python，Java，c++程序语言调试

日期：2021-06-25 09:06

INFO 2222 Computing 2 Usability and

Security (Final Exam)

Semester 1 – Main, 2020

You are asked to design a desktop web application that enables final exams to be administered

remotely for University of Sydney School of Computer Science. It should mimic a

conventional physical closed book exam as closely as possible. The website should allow

lecturers or examiners to upload a copy of the exam paper or set the questions directly into the

application, set the duration of the exam and invigilate the exam.

The exams at the School usually comes in two question formats – programming questions and

essay questions where students write paragraphs of text that includes equations and code

snippets to explain their answer. A major challenge to online examination is academic

misconduct. This includes, but is not limited to plagiarism, contract cheating and

impersonation. Your proposed design should attempt to minimise the possibility of academic

misconduct without detection.

You should submit a single report answering the questions below. As a report, it should not be

titled with the question titles, however you may find that your sections follow the questions

below. You should submit your report as a single PDF document. Your responses to these

questions are expected to be technical, not merely a high-level overview.

The report should not exceed the word limit of 5000 words. This does not include appendices,

figures and tables. You are not required to reach this word count limit, but you should include

as much detail as you feel is appropriate for the question. Your student identification number

(SID) should be written on the left header of the document. The file should be named [SID].pdf.

Question 1 – Privacy, Usability and Security (20 Marks)

i. Discuss the trade-offs between the security of the invigilation and the privacy of the

students.

ii. Present a scheme that ensures as best as possible that students either cannot cheat, or

will be detected if cheating, while also adhering to the University Privacy Policy, and

the NSW Privacy and Personal Information Protection Act 1998.

iii. Perform PACT analysis on the task of setting, sitting and invigilating for examinations.

a) If there are questions that arises during the analysis, create a list of questions and

explain why these questions are important to the success of the project.

b) Discuss factors that must be considered during design in order to cater the applica-

tion to individual users need and the organizational context.

2

Question 2 – Building the Scheme (10 Marks)

From the PACT Analysis and invigilation requirements:

i. Describe the infrastructure required to support the scheme you have proposed.

Diagrams modelling your system may be helpful here.

ii. Identify all relevant stakeholders.

iii. Within the context of the stakeholders and infrastructure, discuss in detail what

security goals this scheme must fulfil, and what the consequences are of failing to

fulfil them.

Question 3 – User Investigation (15 Marks)

Develop a user investigation plan to understand the context of use (if needed) when a student

sits for a programming exam. You do not need to conduct the investigation session. The inves-

tigation plan must be sufficiently detailed that another person reading the document can exe-

cute the plan and achieve the purpose of the investigation. Details that must be included in the

investigation plan:

Aim of the investigation

Choice of research method

Selection strategy

Number of users

Software/hardware needed to conduct the investigation

Analysis approach. Identify the different types of data expected to be collected and de-

scribe your analysis approach to convert the data into usable information.

If you think that a user investigation is not required, justify your decision and describe steps

that you would have taken to understand the context of use in place of the user investigation

plan.

Question 4 – Design and Design Rules (13 Marks)

Illustrate your initial design to explain to the client a typical student’s journey when he uses

the application to sit for a programming exam.

i. Draw a series of wireframes on paper to illustrate each screen that a student sees during

the task. You can use multiple sheets of paper if required. Make sure each sheet of paper

is labelled accordingly to indicate the sequence of viewing. Embed the sketches into

your report by scanning or taking a picture of them. Please note that the design of the

interface is being assessed in the question and not your drawing skills.

Do not use a prototyping software for this question.

ii. Explain design decisions that you made in your sketches in response to the factors that

you have identified in Question 1.3b.

3

iii. Explain Schneiderman’s Eight Golden Rules in your own words and use your

wireframes as an example of adherence or violation to the rule. If the wireframe violates

the rule, explain how you would fix it by re-sketching that wireframe.

Question 5 – User Evaluation (12 Marks)

Develop a usability test plan. The test plan must be sufficiently detailed that another person

reading the document can execute the plan to achieve the purpose of the conducting the session.

You do not have to conduct the test. Your plan must include:

Aim of the test

Preparation checklist that lists out all the resources needed to conduct the session. In-

clude a short explanation of the purpose of each resource during the test.

Procedures before, during and after the test.

Analysis approach. Identify the different types of data expected to be collected and de-

scribe your analysis approach to convert the data into usable information.

Question 6 – Threats (15 Marks)

Assuming that you have developed a paper prototype for your website and have a model of the

structure of the site:

i. Develop a threat model for the scheme you have proposed

ii. For each threat you should discuss what the threat is, its severity and the probability

with which the threat will occur.

iii. For each page in your paper prototype, consider each of the input fields and what attacks

are possible.

Question 7 – Controls (15 Marks)

For your threat model and attacks discussed in the previous question:

i. Suggest controls to mitigate or eliminate each threat.

ii. For each threat that cannot be mitigated or eliminated, propose controls to detect these

threats.

iii. Discuss any threats that cannot be detected or mitigated.