Payment Card Industry (PCI), programming homework help

Anonymous
timer Asked: Jul 16th, 2016
account_balance_wallet $40

Question Description

Modify an existing Java Web application that violates several Payment Card Industry guidelines and recommendations. Your task is to locate the issues, identify what is wrong and then fix the code. You will discuss each issue in terms of why the issue may cause a security vulnerability, and how you specifically fixed the issue.

The current code, uses Java JSP and Servlets to allow a user to login to their account and view credit card data stored in the database. The functionality is relatively simple but several PCI compliance rules have been violated that will prevent the application from being approved by a PCI software auditor.

You should first load up the application, populate the database and make sure the application is working in your environment as expected. The application uses the Java Derby relational database. The script used to populate the application is attached as well as the Java web project itself. You should be able to open the existing project using NetBeans. However; you may need to load the Derby drivers to the libraries for the project.

Once you have the database loaded, you can try the application. (This assumes you have properly installed the Java EE when you installed NetBeans).

Email:john.doe@test.edu Password: mypassword

Review the code and perform analysis as needed. You should experiment with  application as well as reviewing the code to identify possible areas of security concerns. You don’t have to be an expert in JSP/Servlets, html or css to be able to find some of the issues that you have read about in the PCI documentation. However; it is recommended you experiment with the code so you have a baseline familiarity with the model and know how the JSP and servlets communicate with each other.

Focus on the PCI compliance issues found in sections 6 through 9 (see attached jpg file) as you look for issues. There are multiple issues and you should work to fix and document as many as possible.

Submission:

Provide all of your modified Java code, your modified database script and a word document describing how you addressed each issue. You should clearly describe the code and what PCI compliance issue were violated and how you fixed it. You should provide screen captures as needed to support your findings and improvements.


Tutor Answer

Robert__F
School: Duke University

Good luck in your study and if
you need an...

flag Report DMCA
Review

Anonymous
Excellent job

Similar Questions
Hot Questions
Related Tags
Study Guides

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors