Login | Register

Secure CrsMgr: a course manager system


Secure CrsMgr: a course manager system

zhu, jianhui (2016) Secure CrsMgr: a course manager system. Masters thesis, Concordia University.

[thumbnail of Zhu_MCompSc_F2016.pdf]
Text (application/pdf)
Zhu_MCompSc_F2016.pdf - Accepted Version
Available under License Spectrum Terms of Access.


Internet was developed for computers to be interconnected easily and hence allow them to interchange information. One of the early use of the internet was for email communications and file transfers. The web was developed to make the sharing of information much more convenient. However, the technology for protecting data when interaction is allowed was developed piecemeal and many web applications where user communicate using the web form based interface with a server and databases are exposed to various threats including malicious script. Moreover, companies and malicious users use trackers to observe and record the user actions.
In this project we address these problems in connection with course manager system(CrsMgr) which is used currently to manage typical university courses; it includes features for posting notes, tutorials, assignments, projects, create and maintain student groups, provide facility for group peer evaluation, on-line quizzes, and grading. The technique used to enhance the security based on using filtration layer and prepared-execute layer to make CrsMgr secure. The goal of filtration layer is to catch malicious user input based on suspect key words; The goal of prepared-execute layer is to invalidate malicious input. The implementation of this feature uses mysqli, a PHP extension for secure database access.
We have also developed an experimental browser which prevents user tracking and saves bandwidth by disallowing third party contents. The latter uses two techniques: filtration and user agent faking. Filtration is to check every resource Uniform Resource Identifier(URL) before making a request to load it, and not loading any target URL if it is determined to be a third party. The third party determination policy is configured by the user. The browser also provides user agent faking which is a feature that allows masquerading the browser and platform information with random information. The browser provides a simple user interface that allow user to verify the third party content on a web page and stop using a simple switch metaphor.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Computer Science and Software Engineering
Item Type:Thesis (Masters)
Authors:zhu, jianhui
Institution:Concordia University
Degree Name:M. Comp. Sc.
Program:Computer Science and Software Engineering
Date:August 2016
Thesis Supervisor(s):desai, bipin. c
ID Code:981879
Deposited By: JIANHUI ZHU
Deposited On:08 Nov 2016 19:07
Last Modified:18 Jan 2018 17:54
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top