Please enable JavaScript.

Coggle requires JavaScript to display documents.

NCollage - Coggle Diagram

- - - - The coded components that make up the front-end: the design of the website that the user directly sees and interacts with (such as through a keyboard or mouse input). The front-end of a website can be created using the HTML, CSS, and Javascript programming languages.
    - - The coded components that make up the back-end: the part of the website that focuses on how the website runs as well as retrieving and inserting data. The back-end of the website can be created using the Python and SQL (Sqlite) programming languages in which SQL is implemented to construct an SQL database.
  - - - JSON supports all browser
      - JSON can be parsed with a standard JavaScript function.
      - The syntax of JSON data is more compact and easier to read and write; the response size is relatively smaller, making for faster data transmissions.
      - The JSON schema is simple and more flexible.
      - JSON parsing is safe unless JSONP is used. JSONP simply runs whatever it gets and could therefore be vulnerable to cross-site request.
    - - XML has potential security risk, requiring the document type definition to be inactive/turned off.
      - XML supports all JSON data types with the addition of Boolean, dates, and namespaces.
      - XML requires a XML parser to parse a request.
      - The syntax of XML substitutes some of its characters for referencing, making it less accessible; XML struggles to read and write larger files.
      - Less accessible
  - - - A Data Consumer uses data that has been stored by other systems or data repositories through asynchronous communication. The data consumer uses its data to request a response from the API.
    - - A Data Provider provides data to other entities to be used free of charge or with paid access. The data provider sends a response to a user’s request
  - - - uses the JSON and XML data exchange formats
      - uses the HTTP GET, POST, PUT< and DELETE methods
      - stands for representational state transfer
- - - - studies at QUT
      - is an oldboy who graduated last year and wants to stay in contact with friends still at your school
    - - he is new at your school and wants to connect to other students with similar interests
      - he likes art, music and performing
      - in grade 7 and a boarder
    - - in grade 10 and a dayboy
      - would like to coordinate his extracurricular activities with his friends
      - involved in many activities at your school
  - - - Simplistic
      - High contrasting colours
- - - - Confidentiality
        
        Theft affects the confidentiality principle of the CIA Triad because it involves unauthorised access to sensitive data. As the solution will store sensitive information (i.e phone numbers), the data may be at risk. Such data attacks, like SQL injection, pose a great threat to user confidentiality, as data could be stolen and even used by unauthorised entities.
        
        Password-related problems affect the confidentiality principle of the CIA Triad and the overall security of the web app. These issues, including weak passwords or unhashed passwords, significantly compromise the trust and functionality of the app.
      - Integrity
        
        Data tampering affects the integrity principle of the CIA Triad as it involves unauthorised entities modifying data with the intent of being malicious (source). This could lead to vulnerabilities within the database system, which would lead to a bad user experience.
      - Availability
        
        When there is a delay in sending data packets over network connections this is known as jitter (source). On the other hand, latency is how long it takes data to travel between the sender and the receiver (source). Due to this, Jitter and Latency affect the availability principle of the CIA Triad.
  - - - Hashing is a one-way cryptographic process that converts data of any size into a fixed-length, unique string of characters. This process is irreversible, meaning that it is practically impossible to reverse-engineer the original data from its hash value. Hashing is commonly used to store passwords securely in databases, ensuring that even if the database is compromised, the actual passwords remain hidden.
    - - Email confirmation is crucial in online applications and services as it serves as a verification mechanism for user identities and helps ensure the validity of email addresses provided during the registration process.
    - - A login system is a fundamental component of secure and user-friendly applications, providing a foundation for protecting user data, ensuring proper access control, and delivering personalised experiences. It plays a crucial role in maintaining trust and confidence among users, making it an essential feature for any modern web or mobile application.
- - - - Self-determined
        
        Inclusion of a two step authentication, in the form of email verification, must be accessible and functional for users.
        
        Users must be able to directly search for registered users via a name keyword search in user information will retrieved and displayed on the website through an API request.
        
        Must hash and encrypt the stored password of registered users.
        
        A solution is to be created that allows users to view profiles of registered accounts with associated posts being retrieved and displayed through an API request.
        
        Registered users must be able to modify their account details as well as choosing activities that they currently participate in.
        
        Users must be able to directly search for registered users via their selected activities with these activities being retrieved and displayed on the website through an API request.
        
        Users must be able to directly search for registered users in alphabetical order with registered users being retrieved and displayed on the website in reverse alphabetical order through an API request.
        
        Users must be able to directly search for registered users who have selected that they are current students at Nudgee College with such users being retrieved and displayed on the website through an API request.
        
        Users must be able to directly search for registered users in reverse alphabetical order with registered users being retrieved and displayed on the website in reverse alphabetical order through an API request.
        
        Users must be able to directly search for registered users who have selected that they are graduates from Nudgee College with such users being retrieved and displayed on the website through an API request.
        
        Registered users must be able to create posts in which all posts details and associated details about post uploaders will be retrieved and displayed on the website through an API request.
        
        Construct a client web-app with a simple and understandable interface suitable for all ages and levels of computer knowledge.
        
        A solution is to be created that retrieves and displays activities through an API request.
      - Prescribed
        
        The digital solution abides by the copyright and privacy laws outlined within the Privacy Act 1988 (Cth) and Australian Privacy Principles.
        
        The prototype utilises the Flask and Bootstrap programming tools, and the SQL, Python 3, HTML, and CSS programming languages.
        
        Create a client app that is functional, dynamic, and responsive.
        
        The client webapp follows usability principles, design principles (adhering to CARP principles), and design elements to comply with web design standards, as well as standards accepted from the Australian Accessibility Standards.
        
        The two flask servers must be able to run directly on a local computer.
        
        The API must be created to access the data from a local SQLite 3 database.
        
        The API must offer replies to a set of requests retrieving and displaying various data.
        
        A solution is to be created that simulates the exchange of personal and nonpersonal data from the API and the client app, so that users can view user information and activities of registered accounts.
        
        The API database must be normalised into a relational database (third-normal-form).