1 / 77

E-Lockbox: A Secure Web Application for Youth Access to Vital Life Documents

The E-Lockbox is a highly secured web application designed to provide youth with easy access to their vital life documents anytime they need. With a focus on improved security and usability, it addresses the shortcomings of existing systems by implementing robust verification and session management strategies. Key features include mass email capabilities for administrators, strong security measures like SSL and session timers, and a user-friendly interface for both youth and case managers. This system promotes a safer and more efficient way for youth to manage their important documents.

wallace-maynard
Download Presentation

E-Lockbox: A Secure Web Application for Youth Access to Vital Life Documents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. E-lockbox • Team08 • Jian Lei: Project Manager/Builder • Mu Bai: Requirements Engineer/Builder • Hanadi Mardah: Life Cycle Planner/ UML Modeler • Xiaochen Wang: Operational Concept Engineer/Builder • Da Lu: Prototyper/Software Architect • Cheng Cheng: Feasibility Analyst/ Tester • Garret Catron: IIV&V / Quality Focal Point

  2. Remote Member Analysis • Team Strengths • Operational • Strong Desire to Succeed • Technical • Experienced in Web Development

  3. Remote Member Analysis • Team Weaknesses • Operational • Organization • Communication • Procrastination • Technical • Lack of Security Experience • Language Barrier

  4. Remote Member Analysis • Weakness Mitigation • Operational • Internal Deadlines and peer review • Conscious Effort to Record all Group Communication • Documentation • Technical • Budget Additional Time for Presentations and Meetings • Research Security Best Practice

  5. S/P Engineer Observations • All Win Conditions Agreed Upon • Moderate Complexity • Low Precedentedness • WeChat and Google Drive used between on-campus and off-campus team members

  6. Operational Concept Description(OCD)

  7. Introduction - System Purpose • The e-Lockbox is a highly secured web application to help foster youth access their vital life documents whenever they need them.

  8. Share Vision – Program Model

  9. Share VisionBenefit Chain Diagram

  10. Shared Vision – Proposed New System • Current Situation: • Implemented on Salesforce.com • It cannot generate their desired reports • Foster youth cannot view their documents through it • The system developed last year was not usable and secure enough

  11. Proposed New System • System Objectives - Capability Goals

  12. Proposed New System • System Objectives – Level of Service Goals

  13. Proposed New System • System Objectives – Organizational Goals • OG-1: Increased time savings • OG-2: Easier access for youth to their documents • OG-3: Improved security and usability • System Objectives – Constraints • CO -1: PHP as a Development Language • OC -2: MySQL as DBMS • OC -3: Amazon S3 as Storage for documents

  14. Proposed New System • System Boundary • and • Environment Diagram

  15. Proposed New System • Element Relationship • Diagram

  16. Proposed New System • Business Workflow

  17. Proposed New System • Business Workflow

  18. Requirements

  19. Prototype Security New Feature: Send Mass Email & Activity Code

  20. Prototyping on Security E-lockbox

  21. Security Strategies Https connections (need SSL) protect the information in secure Verification code prevents login from a machine / robot Personal security questions provide a method for changing password Mobile & Email verification prevent login from other people Errors raised when login failed

  22. Security for Youths Verification code protects against brute force attacks. Every login session has a timer which after a period of inactivity automatically logs the user out. Any access of information and documents should check the session validity and the user-id. • Youths can only access their own documents • Login failed once needs to input verification code • Youths can only view and set their own information • Any user login the system has a session with expiration time

  23. Amazon S3 used as a safe file storage service. Deleting accounts on the system needs admin’s authorization. Security for Case Managers • Deleting Youth accounts needs admin’s authorization • All life documents are stored on Amazon S3

  24. Administrator can access the System Logs to view activities of all users: login, logout, documents upload / update / access. Deleting Case Manager accounts in the system needs confirmation. Security for Administrator • Deleting Case Manager accounts needs confirmation • Logs record all users’ activities of system and document access

  25. Prototyping on New Feature E-lockbox

  26. Description: • When Administrator & Case Manager Log in • The Menu has the Mass Email Feature • When they click the Email Menu, They System will show them step 1 of sending mass email(Specify the recipients to include)

  27. Description: • When Create New Group, Users have to enter the group name, and specify filter criteria.

  28. Group

  29. Description: • Users can choose a default group or his own group • Click Go!

  30. Description: Users choose the recipients

  31. Description: • The step 2: select an email template and preview a template

  32. Description: • Users can preview the template they will use when send a mass email

  33. Description: • Users can also to Create and Edit the Email Template at the Setting menu

  34. Description: • The step 3: Users enter the mass email name and choose a delivery option to review and confirm the email

  35. Description: • The last step, the system will show them the result of sending mass email

  36. MCS-Worksource Centers FU-Follow up CR-Community Resource and Referral AD-Administrative Duties IC-Individual Counseling CM-Case Management WS-Workshop SV-School Visit HV-Home Visit

  37. Activity Code

  38. Activity Code

  39. Activity Code

  40. Description: • Users can export the result into CSV formate and link to the specify case.

  41. Architecture • Jian Lei

  42. System Context Diagram

  43. Artifacts & Information Diagram

  44. Use Case Behavior Diagram

  45. Life Cycle plan • Life cycle is to improve the quality and quantity of the project and support client relationship. Also, it is to track project and minimize the risk exposure. • strategy • weekly meetings, email, wechat, and google drive sharing documents, · • Progress report and Project plan are living documents that we can edit bi-weekly to correct them. • We also should submit our own effort report in the greenbay system. In addition, we use Bugzilla to record our process and bugs. • Foundations phase; • To identify more clearly operational concepts, win agreements, architecture, feasibility evidences and life cycle. • To use appropriate tool and strategies to remove defects, errors, and bugs from code. • To implements the security prototype/ product demo • To start test the security features in the prototype.

More Related