java
helpnededModify an existing Java Web application that violates several Payment Card Industry guidelines and recommendations. Your task is to locate the issues, identify what is wrong and then fix the code. You will discuss each issue in terms of why the issue may cause a security vulnerability, and how you specifically fixed the issue.
The current code, uses Java JSP and Servlets to allow a user to login to their account and view credit card data stored in the database. The functionality is relatively simple but several PCI compliance rules have been violated that will prevent the application from being approved by a PCI software auditor.
You should first load up the application, populate the database and make sure the application is working in your environment as expected. The application uses the Java Derby relational database. The script used to populate the application is attached as well as the Java web project itself. You should be able to open the existing project using NetBeans. However; you may need to load the Derby drivers to the libraries for the project.
Once you have the database loaded, you can try the application. (This assumes you have properly installed the Java EE when you installed NetBeans).
Email:[email protected] Password: mypassword
Review the code and perform analysis as needed. You should experiment with application as well as reviewing the code to identify possible areas of security concerns. You don’t have to be an expert in JSP/Servlets, html or css to be able to find some of the issues that you have read about in the PCI documentation. However; it is recommended you experiment with the code so you have a baseline familiarity with the model and know how the JSP and servlets communicate with each other.
Focus on the PCI compliance issues found in sections 6 through 9 (see attached jpg file) as you look for issues. There are multiple issues and you should work to fix and document as many as possible.
Submission:
Provide all of your modified Java code, your modified database script and a word document describing how you addressed each issue. You should clearly describe the code and what PCI compliance issue were violated and how you fixed it. You should provide screen captures as needed to support your findings and improvements.
10 years ago
7
- who is guy montage?
- Examine a time when you were involved in decision making that went awry as a result of protocols, social norms or persuasive techniques. If you do not want to use an example from your business or personal experience you can base your assignment on a journ
- Book Review
- Statistic
- 3y^2-11y=4
- Demonstration speech-Topics are: Sports, Outdoor activities, Making homemade pizza dough, Cleaning a fish tank For each topic write down the following: General...
- List the best 3 pieces of fiction you've ever read. Fictional pieces include stories, essays, novels or poems, and not...
- Case Study-choose one study and be detailed.
- is it right to judge people from their faceook page?
- Operations Management Course
