Thank you for submitting your Programming assignment for the Launching into Cyber Security Module
In this assignment, you were asked to produce a Python code of an implementation of a security solution to mitigate an identified threat, which was discussed as part of your report to management of Queens Medical Centre on a web-based appointment and scheduling management information system (ASMIS).
The learning outcome was to be able to evaluate critically the solutions developed to solve/mitigate security issues and the deliverables for this assignment were:
Python code with comments explaining the code
Readme file containing description of the solution implemented and instructions on how to execute the code
Test data used to test the code
Overall, excellent done. To improve your grades further, do take note of the developmental areas highlighted above.
Structured feedback
Knowledge and understanding of the topic/ issues under consideration: 40%
The code has an implementation of a solution to ensure user accounts are secured and linked to a valid user. The solution is implemented using Python and technologies including OTP, Hashing Algorithm and SQLite technologies. The application of these technologies to authenticate a user are well justified.
Application of knowledge and understanding: 30%
Even though documentation was clear to follow and the implementation logic was sound, the implementation did not ensure good password and username policies. For example minimum length and the format of acceptable passwords. These would have strengthened the security further. Also, you could integrated the “create_database.py” with “login.py” to simplify the process by avoiding the two stage process of running each script separately. Also, linking your rationale for the implementation to a particular threat type with supporting references would have been excellent. For example, was it addressing spoofing as the STRIDE modelling technique identifies?
Structure and Presentation (as detailed in the assessment guidance): 30%
There is excellent good documentation of functionality and lines of code. The README file is informative with information on tests carried out and the outputs from tests to demonstrate the functionality. It is a good practice to provide a reference to support the use of an algorithm as part of your documentation.