Embed Size (px)
Citation preview
Online Exam Management
System
Mounika Challagundla, Graduate Student
Dr. Natarajan Meghanathan, Associate Professor
Department of Computer Science
Jackson State University, Jackson, MS 39217, USA
Use Case and Misuse Case Diagrams
use case description
• Registration: The register with system use case
describes how a user will use the system to register.
• Log on: The use case describes how a user log on into
the system.
• Start test: The use case describes how a user will take
a test.
• Submit test: The use case describes how a user
submits his test.
• View results: The use case describes how a user can
get test result.
Identification of actors
• System administrator: System administrator is a person who is responsible for user account maintenance. System administrator generally audits on accounts to generate reports.
• Test administrator: Test administrator is a person who is responsible for test administering and making changes to availability, questions and other attributes of the system.
• Test taker: Test taker is any person registered with the online exam system for taking tests.
• Database: External resource used by the system for user identification and profile manipulation operation.
• Billing system: The billing system is an automated program which generates, handles and keep track of test purchases by all users of the system.
Registration
Registration
Log on
Start test
Submit test
View results
Student
Test administrator
Database
use case diagram:
Student identification
Misuse case description
• Misuser hacks the login details and logins as
legitimate user. This can be mitigated by using
cryptographic methods.
• Misuser shows the student identification details and
then can enter as a legitimate user. This can be
mitigated by using specific verification process.
• The misuser tries to keep the login session as long as
possible. So that the misuser can have more time.
This can be mitigated by specific timer algorithms.
Registration:
Student name
Jnumber
Course details
Present degreeStudent Administrator
Login
PasswordStudentExam
Administrator
Login:
Username
password
Student
Login:
Misuser
Threatens
Exam admin
Hacks user nameMitigates
<<includes>>
<<extends>>
Applies cryptographic
methods
Hacks password
Threatens
Mitigates
Misuser activities
• Misuser can hack the user name easily so that
he can access the information.
• To eradicate this a password can be used. But
a password also can be hacked.
• Thus some cryptographic methods can be used
to provide maximum protection.
Valid
verification
Invalid verificationStudentTest
Administrator
Student identification:
Student identification:
Valid identification
Invalid identification
Student
Test
administrator
Threatens
<<includes>
>M
itig
ates
Threate
ns<<in
clud
es>>
Misuser
Shows false
identification
Verification process
Misuse case description
• The misuser enters into the system by
using the false identification. To mitigate
this a verification process must be
adopted.
• This verification process can be performed
by test administrator.
Logout after the test period
Logout before the test periodStudent
Test admin
Logout:
Logout after the test period
Logout before the test periodStudent
Test admin
Logout:
Misuser
Intends to extend
the logout time
Timer algorithm
Threatens
<<includes>>
Mit
igat
es
Misuse case description
• Misuser intends to extend the logout time
to get more time for the exam.
• A perfect timer algorithm must be adopted
in order to provide perfect time period.
Registration
Log in
Start test
Submit test
Student
Test
administr
ator
Database
Student identification
Logout
Threatens
<<includes>>
Miti
gate
s
Threatens<<includes>>
Miti
gates
Threatens<<includes>>
Miti
gates
Hacks login details
Apply cryptographic methods
Shows false
identification
Verification process
Tries for the
longer sessions
Use timer
use case Vs Misuse case diagram:
