Thursday, January 3, 2008

Meeting: 02 Jan 2008 (Group)

Agenda: System Design and Implementation

The following were discussed:
  • Limitation by WAP browser issue.
    It is confirmed by Adrian Choo that we are allowed to choose the mobile application platform to develop the captcha system. Hence the team decided to change the development platform to JAVA as it supports more graphics features.

    Below is the new system implementation diagram.



  • System development task assigning

    Captcha design - in charge by ALAN and LEXIS
    System implementation(Web Page form) - in charge by SEBASTIAN
    System implementation(MIDLET form) - in charge by ADRIAN

  • CAPTCHA Design and Implementation

    - Team will start to develop the captcha according to the required design which will be able display in all the computer web browser and MIDLET.
    - Team will Java3D and M3D technology to develop.
    - Team target to show the prototype at session 1 presentation.

  • System Implementation
    - Team will start development on the system to demo the captcha.
    - Team require to develop a registration form in computer web page and MIDLET to allow the use of captcha design by ALAN and LEXIS.
    - The traffic flow of data must be secured at all the time.

  • Question and problem raised by team

    1. If end users keep requesting the web page and captcha challenge, will it result in DoS?
    Solution :Yes, it will as it needs resource to generate captcha challenge, hence we need to prevent end users from repeating request the web service. Few ideals suggested by team:
    - Use logging features (Apache Server logs?).
    - Use AJAX reduce the web request load.
    - Increase the Captcha challenge generation performance.
    Conclusion : We will do testing at the end of Session 1 prototype to decide which solution is the best to solve this problems.


    2. How do we prevent attackers from Eavesdropping the captcha answer?
    Solution : We will use encryption algorithm to hash the correct answer. Answer provided by end users will be hashed and validate with the correct hash answer.

Attendence:
- SEAH CHOON YEE, SEBASTIAN
- CHEE SUEN SIANG, ALAN
- CHIA U-MENG, ADRIAN
- OW WAI LEONG, LEXIS

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)