Sunday , 24 November 2024

CS506 Assignment no 06 Solution fall 2012

Assignment No. 06
SEMESTER Fall 2012
CS506- Web Design and Development

  

Total Marks: 15

 


Due Date: 
Instructions

Please read the following instructions carefully before solving & submitting assignment:

It should be clear that your assignment will not get any credit (zero marks) if:

  • The assignment is submitted after due date.
  • The submitted assignment does not open or file corrupt.
  • The assignment is full or partially copied (from other student or ditto copy from handouts or internet).
  • Student ID is not mentioned in the assignment File or name of file is other than student ID.
  • The assignment is not submitted in .doc or .docx format.

 

Uploading instructions

Your Submission must include:

 

  1. MS Word file.

Objective

The objective of this assignment is

 

  • To make you understand the concept and application of session tracking.
  • To give you understanding of advantages/disadvantage and threats related to different session tracking methods.

 

Important Requirements and Instructions:

  1. You are not allowed to copy paste as it is from that internet. In that case no marks shall be awarded.
  2. Same assignment of two or more students shall be considered cheating case and they will get straight zero marks.
  3. Assignment last date is January 28, 2013. Extra grace day (January 29, 2013) is only if last date has any problem (like server gets down or files not uploading).  Any lame excuses will not be accepted.
  4. We will not accept assignment through email in any case. Be careful.

 

 

 

For any query about the assignment, contact at cs506@vu.edu.pk

GOOD LUCK

  

 

 Question:

 

  • Let’s suppose Virtual E-Mart is the leading online shopping cart company or web application. They maintain the prices for its each sale item (dresses, shoes, handbags and wallets) in shopping cart.
  • They provide special discounts for users based on their past purchases using this online shopping cart. They offer them a special discount ranging from 25%-35%. When a user purchases 8 or more items within six months.
  • They also offer a pair of any shoes as a gift, when a particular user purchases 5 sets of clothing at a time.
  • When a user purchases 20, 30 or 50 items he becomes a “lucky user” and they provide him silver, golden and diamond view.
  • In each view users are shown the latest design of those items which they like the most but not yet advertised in normal view.

 

Understand the scenario given above and answer the following question.

 

  1. 1.      Which technique of session tracking Virtual E-Mart should use to keep track of users? Also give reason for choosing the technique for the above mentioned features? (5)

Solution:

Cookies:

  • Identification of user: For example, items are added into shopping cart after the identification of user. On the basis of items purchased special discounts offer or gift is made.
  • Customizing a site: providing silver, golden and diamond views for “lucky users” of the site.
  • Focused Advertising:  users are shown the latest design of those items which they like the most but not yet advertised. This is done as focused advertisement.

 

  1. 2.      If they maintain their systems fields like “prices of items” without using any form of validation. What will be the threat?(5)

Solution:

  • Attacker’s threat: Without using any form of validation. When an invoice will be prepared and a credit card is charged, user will blindly trust the prices provided by the shopping carts. Thus, any attacker who wanted to give himself a discount could simply go shopping, save the server’s HTML onto his hard drive, edit the prices, and then click on the “Buy” button.
  1. If they use hidden fields to store information of user for session tracking.



For example, instead of using HTTP Basic Authentication, developers sometimes embed the username       and password provided by the user as hidden fields in all the forms in which user fill information to       purchase an item.

Give one advantage and one disadvantage of using hidden fields in this scenario .(5)

Solution:

  • Advantage: It’s quite easy to use hidden fields. Little or no information needs to be stored on the server. And unlike cookies, which are limited to 4096 bytes, hidden fields can be practically any length whatsoever.
  • Disadvantage: If the user presses the “Back” button, items may be removed from the shopping cart. Sometimes this is the desired behavior, but usually it is not.

 

Note: Your explanation must justify enough for 5 marks for each question.

Lectures Covered: This assignment covers Lecture # 31-35

Deadline

Your assignment must be uploaded/submitted at or before 28/01/2013.

Related posts:

  1. CS506 Assignment 2 Solution fall 2012 will upload Soon
  2. CS506 Assignment 2 Solution Fall 2012
  3. CS506 Assignment 3 Solution fall 2012 will upload soon
  4. CS506 Assignment no 6 Fall 2012

Check Also

CS506 Unsolved Paper for Final Term Try to solve

Question No: 1 ( Marks: 1 ) – Please choose one Which of the following …

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*