Please enable JavaScript.
Coggle requires JavaScript to display documents.
IA3 assignment - Coggle Diagram
IA3 assignment
PART 2: Data Exchange Solution
Data
Source
the API is sourced from Open Weather
database
user input
Keys
open weather API key: fb01e3c5d56b0cae9e70769cef1e317c
SECRET KEY:'mysecurekey'
User Interface
it has a navigation bar the users can interact with to login or register
the user can search for the towns postcode to get the forecast
the user needs to login to get the current weather of their town
the user is also able to save their favourite locations
Useability
learnability
effectivness
safety
Algorithms
Evaluation
Prescribed Criteria
digital data exchange solution against prescribed and self-determined criteria
functionality, useability and efficiency of the components of the digital solution.
accuracy of code after testing to identify errors and actions to make improvements.
Self-determined criteria
make sure that the application's code is accurate and identifies errors that may occur without crashing.
make sure to include appropriate encryption, authentication and safeguard against unauthorised access.
PART 1: Research & Investigation
Evaluation
the most suitable process for exporting and importing data between the two digital systems
Privacy Issues
Personal Data Handling
overcollection
lack of transparency
unauthorised sharing
poor data retention practices
Digital Surveillance & Tracking
cookies & Web Beacons
Locations Tracking
Facial recognition & Biometrics
Algorithmic & AI Concerns
Automated Decision-making
profiling
bias & Discrimination
Security Breaches & Misuse
data breaches
identity theft
re-identification risks
references
Australian Privacy Foundation’s Issues List
Office of the Australian Information Commissioner (OAIC)
Fair Work Ombudsman’s Workplace Privacy Guide
Attorney-General’s Department Review of the Privacy Act 1988
The Workplace – Employment Lawyers
Data Security Threats
Social Enginering & Deception
Phishing
through websites or fraudulent emails, tricks users into revealing sensitive information.
Smishing
it's Phishing through SMS messages.
Pharming
Redirects its users to a fake website by corrupting DNS settings.
Baiting
Lures its victims with something appealing that hides malware.
Malware & system Exploits
Virus
it is a self-replicating code that infects files and spreads across computers, causing damage to data and software on the affected computers
Ransomware
it encrypts data and demands payment for it to be released
Spyware
it secretly monitors user activity and collects data
Trojan
it is disguised as legitimate software but opens backdoors for attackers.
Web & Network Vulnerabilities
cross-site Scripting (XSS)
it injects malicious scripts into trusted websites
SQL injection
it manipulates the database quires to access or alter data
DNS spoofing
it redirects traffic to malicious sites by faking DNS responses
man-in-the-middle (MITM)
intercepts communications between two parties to steal or alter data.
Brute Force Attack
it systematically guesses passwords until access is gained
Denial of Service (DoS)
it overloads systems to disrupt access or functionality.
references
DataGuard’s Threat Overview
SentinelOne’s 2025 Risk Forecast
Forbes Tech Council’s Guide
Cybersecurity Resource and Reference Guide
Data Exchange Components
web server
internet
client devices
LAN/WAN
API
data formats
JASON (JavaScript Object Notation)
XML (eXtensible Markup Language)
PART 3: Impacts
Data Security Issues/Risks
financial losses
breaches usually lead to direct loses (system recovery, incident response), indirect costs (lost business, legal fees)
reputational damage
having lost the trust of customers can linger in a business for years, especially if sensitive information is leaked.
operational disruption
attacks like ransomware or DoS can delay operations, temporarily pause services and hinder infrastructure.
legal ®ulatory consequences
any breaches that violate laws like the Privacy Act in 1988, could lead to fines or penalties
psychological & social impacts
the victims that face identity theft or fraud may experience stress, long-term emotional strain and anxiety
references
National IT Solutions’ article on the cost of a data breach
MSN News: Qantas Cyberattack Impact
SentinelOne: Information Security Risks & Impacts
Office of the Australian Information Commissioner (OAIC)
Data Security strategy to manage identified risks
references
IBM’s Data Protection Strategy Guide
Flexential’s Data Security Strategy Overview
BreachSense’s Strategy Breakdown
PurpleSec’s 9 Data Security Strategies
Fortinet’s Cybersecurity Glossary
IBM’s Strategy Guide
Flexential’s Case Studies
IBM’s Disaster Recovery Insights
passwords
is traditional but needs to be strong and well-managed
Multi-factor authentication (MFA)
it adds layers beyond passwords
Biometrics
uses unique access (fingerprints) for a secure access
CAPTCHA
stops automated bots from exploiting forms and systems
Penetration testing
replicates attack to uncover any security gaps
Sanitising user input
prevents injection attacks (SQL, XSS)
Automatic software updates
it repairs vulnerabilities before it is taken advantage of
HTTPS
it encrypts data in transit,
Encryption
secures data from unauthorised viewing
Physical security
protects devices, access points and server rooms
Regular backups
allows the data to be recovered in case of loss of data
Evaluation