The System Development Lifecycle Should Be Used For Design A System Or Application That Fits The Requirement

830 Words Nov 20th, 2016 4 Pages
The system development lifecycle should be used to design a system or application that fits the requirement. The Singleton pattern method was used to design the iTrust database. Unfortunately, this design is not optimal because “static state ruins readability, static state ruins testability, static state ruins refactoring, and static state ruins expanding the system” (Davies, 2009). Other database design flaws are two identical ‘foodentry’ tables used, administrator cannot monitor the users, session locks can be updated by using the administrator account, transaction logs table does not track each activity, and the Medical Identification (MID) number is not enforced to be “unique 10-digit number that does not start with 9” (iTrust, n.d.). Some of these concerns could have been addressed earlier, but unit testing only conducted 80% of the requirements testing. As previously discussed, a bug was discovered which is associated with iTrust. The CVE associated to the bug is CVE-2015-5346 and it is associated to the Apache Tomcat 8.0.30 webserver. It has a high severity exposure and will allow “remote attackers to hijack web sessions” (Apache Tomcat, 2016). Sadly, this may not be the only software not patched or unsupported for the iTrust database. A solution to enhance the web server security is by using a secure connection. There are several additional weaknesses that may be associated to iTrust, such as a users’ capability to plug in an external device, therefore causing the…

Related Documents