Deploying IT Infrastructure Solutions 2013

From ICO wiki
Jump to navigationJump to search




This is the student results wiki page for the IP program "Deploying IT Infrastructure Solutions" taking place from 24th of March until 6th of April 2013.


All the information regarding program will be presented in the program web page.

Assignments

Security testing of web application

Description

Learn about the security of web applications. Find vulnerabilities from known vulnerable web applications. Find not known vulnerabilities of development version of web application Study Information Portal (Used by eleven universities of applied science in Estonia) File report that describes methods, tests and findings.

Expected outcome

Description of testing methods and findings (all vulnerabilities that students found in development environment) as testing report.

Expectations from students

Understanding web applications (What is difference of GET and POST, how sessions work, what is header etc). Knowledge of at least one web programming language (php, java, ruby, C#, python is preferred)

Lectures support

Several security related topics will covered during lectures and practical classes before starting actual testing. Lecture covers several attack types and vulnerabilities like SQL injection, cmd injection, XSS, CSRF etc. Practical classes based on DVWA (Damn Vulnerable Web Application) After lectures and practical classes students will get access to web application development environment for practical work.

Lecturer: Margus Ernits (Estonian IT College)


Driving lessons’ registration information system

Description

It is a client-server solution which keeps records of student's driving lessons. Each driving study car has a device / computer where client application runs.

Expected outcome

Client application registers the student’s driving lesson time and the GPS coordinates and sends them to the server over the mobile Internet. Client application must register driving lessons also without Internet connection and synchronize with the server when connection is established. Later a student can check ones driving lesson and travel route on the Internet.

Limitations

GPS accuracy at least one point per second.


Improving toolset for race sailing performance analysis

Description

Implementation of logger that could be used for performance analysis of race sailing teams, based on data specification for communication between marine electronic devices NMEA 0183. Learning about the performance analysis needs and specifics of race sailing teams, also learning about the marine instruments specifics and communication standard NMEA 0183. Based on core architecture of the NMEA 0183 data logger implementation including software, hardware and testing.

Expected outcome

Fully functioning and tested race sailing performance analysis data logger.

Expectations from students

Aspiration to develop in rapid prototyping and testing environment together with professional and Olympic Team race sailors and marine technology specialists fully functional performance analysis logger. Both software and hardware development skills. If you can understand and are interested in what is described at http://www.boatdesign.net/forums/attachments/onboard-electronics- controls/19260d1204757550-laptop-interface-tacktick-nmea-architecture.png then you are expected to join team.

Lectures support

Lectures and seminars will cover first the needs specification of the performance analysis logger, NMEA0183 standard description, marine instruments Received Sentences description: DBT, DPT, GLL, HDG, HDM, MTW, MWV, RMB, RMC, VHW, VLW, VWR. Team will implement the logger and install the marine wireless range instrument for testing on actual performance sailing boat. Life saving equipment and wetsuits not needed :)


Lecturer: Linnar Viik (Estonian IT College)

Teams and their assignments

Demo team 1

Assignment: Security testing of web application

Documentation: Demo team

Members

  • Member 1, school
  • Member 2, school
  • Member 3, school


Demo team 2

Assignment: Security testing of web application

Documentation: Demo team

Members

  • Member 1, school
  • Member 2, school
  • Member 3, school