SPECIMEN by guzitgs

guzitgs — 2016-10-31 04:11:14 UTC

Health S16C (Girls)

afifah_zaki98 — 2016-11-07 01:29:11 UTC

Criterion B

Step by step

- Blood is taken and glucose levels are measured by the meter
- The computer is connected to a secured wireless connection
- Patient has to log in their profile, username, password and keyword (special keyword in order to help medical staffs do research about their data easier)
- The results are uploaded and stored on the patient’s computer.
- The data is saved in database
- Results are sent to the LivingWithDiabetes website.
- Staffs need to log in into the website using their own username and password
- Staffs should key in the patient's keyword in order to search about patient's data in order to make them able to access the data
- Results can be viewed by medical staff

Relationship

- Security of patients' data will be jeopardized if there is lacked in security system in the website. hacker can hack the data.
hackers hack the database.

Criterion C

1. Reliability and Integrity
Stakeholder : Living With Diabetes Company
Situation : As the website is being used in a wide range, so it is possible for it to get hang and the data might also lost and being changed. too much request.
New dimension : the web crashed

2. Security
Stakeholder : Diabetics
Situation : Less security of the website might lead the hackers to manipulate the data and steal their personal profiles
New dimension : Wrong dose of medicine gives by the doctor because of the wrong information about the data of the patient

3. Privacy and anonymity
Stakeholder : Diabetics
Situation : when data is not secured Hackers who have access the data might spread the information
New dimension : if the hacker sent the to the insurance company diabetics personal data like address, id number got stolen, the possibilities the hacker target the same person to get more info like bank account number that lead to worser issue

4. Authenticity
Stakeholder : Diabetics
Situation : Hackers that able to hijacked the staffs username and password might manipulate and change the data
New dimension :

5. people and machine
Stakeholder : Diabetics
Situation : Diabetics who key in their data by themselves without being monitored by medical staffs might cheat
New dimension : The patients' health might be affected and getting worse

Health SC (Boys Power)

salmanfaris — 2016-11-07 01:35:01 UTC

Describe, step by step, how the IT system works:

Patients take their blood and use a blood glucose meter to measure the levels of blood glucose. The blood glucose meter is equipped with a sensor, and thus after filtering, a result is produced.

The patients upload the result by attaching the meter to the computer via wi-fi. Encryption of the data occurs and it is then instantaneously securely stored into a software in the computer via driver that is given prior to when purchasing the blood glucose meter itself.

Patients connect his or her computer to a computer-network either LAN or an open Wi-Fi given by the hospital which is probably unsecured or even his own personal network that may be protected by WEP, WPA or WPA2, that all, may be compromised and exploited by hackers.

The patients log in to the system of LivingWithDiabetes website using a registered username and password that have a captcha to ensure a human user instead of a bot and access to the uploading screen to upload the result.

The results are then stored in a secured database, protected by a 10 alphanumeric pin code to prevent brute-force attacks by hackers or potentially unethical medical staffs, on the LivingWithDiabetes website where it may be accessible by a certified medical staff, either the nurse or the doctors.

The doctors access to the information online up on the net and evaluate the result, and thus think of the action that should be reflected upon the patient.

Relationship
The unsecured connection might open doors to hackers to intercept data from the user during uploads. This leads to the issue of security....

Le Criterion C:
1. Issue: Privacy and anonymity of the Diabetes patient himself. The information of the diabetes patient is open to access up on the net and it therefore may be compromised by hackers where the data may be used to blackmail the patient or sold up on the Dark Web. New dimension: Patients might find themselves in a position where their Identification number, health records and even live home addresses exposed and may be used for negative purposes.
.
2. Issue: Reliability and integrity of the LivingWithDiabetes company. The company held responsible for the data that it enholds, this includes providing a strong firewall and enough server space to accomodate the data that it serves, might as well the more the better to prevent any possible DoS or DDoS attacks by hackers. New dimension: With a strong firewall, hackers using less exploitable codes and weak softwares would not be able to jeopardize the system and thus with a bigger server space, crashing and freezing of system can be prevented.

Diabetes (Auni & Syakirah - S16B)

husna212 — 2016-11-08 02:28:33 UTC

Criterion B — The IT concepts and processes [6 marks]

Describe, step by step, how the IT system works.

1. Patients diagnosed with diabetes will have an account made for them at a website called LivingWithDiabetes to monitor and record their blood glucose level.

2. Diabetic patients drew out their blood on a daily basis.

3. The blood was put in a blood glucose meter to be measured

4. The level of blood glucose levels will be measured using a software and showed on the meter.

5. Patients will update their blood glucose level in a computer.

6. Patient will log in to their own account at LivingWithDiabetes website

7. Then, the result will be updated to the LivingWithDiabetes website for doctor’s reference

8. Medical staff will receives the information and review it.

9. The staff will report to the doctor if the blood glucose level reach an unhealthy level. If not, the record will be kept as future reference.

10. The doctor can immediately access the information online.

(Alister, Hafizah, Anis)- S16B

alster_dude — 2016-11-08 02:31:29 UTC

Describe, step by step, how the IT system works
- Blood is taken and glucose levels are measured by the meter
-The embedded computer in the meter records the results
-The meter is connected to the patient's computer and the results are uploaded and stored on the patient’s computer
-The patient's computer is connected to the Internet through wireless connection or broadband or LAN connection
-Patient logs in to LivingWithDiabetes website account with a username and a password
- Results are sent to the LivingWithDiabetes website
- Results are saved in website database
- Medical staff who has the hospital account password to LivingWithDiabetes website access the results
- Results are viewed by the medical staff immediately

Criterion C (Anis, Hafizah, Alister)

2016-11-08 04:35:27 UTC

1. Issue: Privacy and anonymity of the Diabetes patient himself. The information of the diabetes patient is shared and open to access up on the net and it therefore may be compromised. New dimension: Patients might find themselves in a position where their Identification number, health records and even live home addresses exposed and may be used for negative purposes.

2. Issue: Security
Stakeholder: LivingWithDiabetes company
Situation: The company has to come up with measures to overcome unauthorized access and restricts access to the administration of the database and website to certain employees.
New dimension: With a strong firewall, hackers using less exploitable codes and weak softwares would not be able to jeopardize the system and thus with a bigger server space, crashing and freezing of system can be prevented.

3. Issue: Policies
Stakeholder: Patients(Diabetics)
Situation: Technologically illiterate patients or users enter unnecessary personal information in the process of making a LivingWithDiabetes account without realising that not every personal detail is crucial for website identification and this leads to important details being uploaded unnecessarily.
New dimension : the users unknowingly upload essential info of themselves that can be maliciously used by unknown criminals over many years.

4. Issue : Equality of access
Stakeholder : Patients(diabetics)
Situation : Language and geographical barrier can make it difficult for some patients(diabetics) to use the system.
New dimension : The system can only be apply to one particular and homogeneous group of patients.

5. issue:

Auni and Syakirah (Criterion C - Diabetic)

nurauni1203 — 2016-11-08 07:20:41 UTC

Auni and Syakirah (Criterion D)

nurauni1203 — 2016-11-16 00:15:36 UTC

Solution for security:
- Make an encryption to the database of the patients. Only certain people can access the data.

Step-by-Step :
1. User (Patients, Medical staffs and Doctors) will set up a password with a security word / picture when they register at "LivingWithDiabetes" website.
2. When the users want to log in, they have to make sure that the security word / picture matches with their profile. If not, they have to report to the administrator in case of their account might get hacked.
3. Every edit or search made by the user will be tracked and recorded for further reference.
4. Medical staffs and doctors access towards patient's information will be limited. They are only permitted to access information for certain accounts.
5. If there is a report on an account being hacked, access to the account will be blocked immediately.
6. Any edit or search made by users will be reviewed once a month to detect any suspicious movement.

Evaluation:
Positive:
-The data will be more secure
-Can discourage the hackers to hack the data.
Negative:
-The Hackers might still able to access to the data if they knew someone that know about the detail of the encryption.

Future Development:
- The account can be accessed using the user's fingerprint in the future.

Conclusion and judgement:
-Government and other people that involve should take serious about the security of the database as it keep the personal information of the patients.

dibahmaster98 — 2016-11-16 00:17:35 UTC

dibahmaster98 — 2016-11-16 00:17:52 UTC

Criterion D

izad981004 — 2016-11-16 01:02:51 UTC

Solution for Privacy
- Encryption of Data in the database of LivingWithDiabetes website where data would be encrypted by AES encryption by certified cryptographers.

Pros:
1. Data will not be able to be penetrated by hackers since it is encrypted and need more highly sophisticated software and revolutionary new codes to overcome the encryption.
2. Thus, data would not be able to be intercepted with end-to-end encryption being applied.

Cons:
1. High cost in hiring a cryptographer or purchasing available software in encrypting data.
2. Data of patients may load slowly in order to decrypt it everytime the doctors/patients want to access it.
3. Patients have to pay more since the cost of hiring a cryptographer or purchasing an encryption service is quite high.

AHA CRITERION D :0

dibahmaster98 — 2016-11-16 01:14:12 UTC

Issue: the users unknowingly upload essential info of themselves that can be maliciously used by unknown criminals over many years.

Solution: the company designs a user- friendly website.

Characteristic: 1) the website has opt in and opt out functions

2) data validation is applied to warn users if they enter their data incorrectly

3) website policies and agreements are made visible in user account all the time

4) demo videos are available

Step-by-step:

1. A user- friendly website offer an opt in and opt out function that enable user to sign in only when it is necessary.

2. The website has demo videos to guide users in signing up for LivingWithDiabetes website account.

3. When user keys in their personal information, data validation on the website will warn users if they enter their data incorrectly.

4. Users will be able to view the website’s policies and agreements when they are signed in to their accounts to remind users to be cautious in sharing their personal information.

5. Connection verification is applied to warn users if their network is not private to avoid any third parties that can access patients’ personal information.

6. The company should make a simplified but clear terms and policies so that users are aware of the agreements made and they understand them before making an agreement.

Evaluation:

By creating a website with user- friendly interface, users will be reminded or warned when creating an account to be careful in sharing their personal information for their own safety, ensuring that they will not make any mistake in sharing important data while signing up. however,

CRITERION D ( Girls S16C)

hohohoho — 2016-11-16 02:31:58 UTC

Problem : Security of data that might be corrupted and hacked

Solution : The company should build firewall for their website

Characteristics

1) Block malicious software and corrupt files from entering your computer. Firewalls block malicious items that come from your internet connection along with all other computers connected on a shared network

2) Block unauthorized access while permitting outward communication. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria.

3) Prevent unauthorized Internet users from accessing the data in the website connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

Weakness :

Faulty firewall protection - Caused by the free firewall software downloads instead use a product that is widely acclaimed and has been proven stable and trustworthy.

2016-11-21 02:16:45 UTC