Upload
liliha
View
32
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Web Portal- Quality Assurance, Security, RSS Feeds & Site Map. 56 – Prasad Janardhanan 34 – Jyotsna Panicker 33 – Deepak Pandit 17 – Ramraj Gupta. QA for Web Portal. Types of Testing. Adherence to functional requirements Functional testing Adherence to non-functional requirements - PowerPoint PPT Presentation
Citation preview
Web Portal-Quality Assurance, Security, RSS Feeds & Site Map
56 – Prasad Janardhanan34 – Jyotsna Panicker33 – Deepak Pandit17 – Ramraj Gupta
QA for Web Portal
Types of Testing
• Adherence to functional requirements• Functional testing
• Adherence to non-functional requirements• Performance testing• Release of beta version to get feedback on usability
• Security related testing• Vulnerability assessment• Penetration testing
Functional Testing
• Map every requirement to a set of test cases• Create required test data • Valid values• Invalid values• Boundary values
• Approach• Use black box testing• Unit testing and code review is already done• Do not use test automation as GUI may change
based on testing feedback
Compatibility testing
• Covered O/S• Windows (XP, 7)• Redhat Linux 5• Mac O/S Latest version
• Browsers• Internet Explorer 6, 7, 8• Google Chrome 11.0• Mozilla Firefox 3.6
• Use VM-Ware to switch across various environments. This will save hardware and Power requirements
Performance Testing• Criteria• Response time should be around 2 to 4 sec on every click• Check user experience with standard bandwidth and
desktop• Performance should be retained on worst case peak load
for 4 hours• Approach• Use Load-runner to simulate load and concurrency• Use equivalent volume of data that will be populated in the
system in next 3 years• Use actual hardware that will be used on production• If you change the code for performance tuning, re-test for
functionality
Beta Release
• Before Production Launch• Exposed / advertised to closed user community• Trial basis, no commercial use and hence no liability• Study user feedback on usability• Monitor practical issues faced in hosting • Correct the gaps before launch
Vulnerability Assessment Test
• Attempt typical hacks• Denial of service• SQL injection• Port scan
• Enumerate points of weakness• Try to intrude into firewall
Application level Security
Authentication• Login Authentication• Validate user credentials
• Automatic lock out after 3 consecutive failed attempts
• Periodic change of passwords
• Optional Virtual Keyboards
• Mutual Authentication
• Forgot Password• Challenge/response component
Authentication• Fund Transfer• Password for every individual transaction
• Two Factor Authentication• Device-based authentication for Corporate Customers• Token number through Mobile for Retail customers
• Maker & Checker process for Corporate Customers
Authorization
• Application Level• Category of users • Privileges of each user
• Database Level• Limit Access to database to select high level users• Only Middle ware will be having access to the DB• Storing user critical data in hashed/encrypted format
Secure Sockets Layer (SSL) for Data security between the customer browser and our Web server
SSL provides data encryption, server authentication, and message integrity for a Internet connection.
Data encryption at the highest level (128 bit)The World Wide Web interface receives SSL
input and sends requests through a firewall over a dedicated private network to the Internet banking server.
Secure Socket Connection
Monitors login attempts Recognizes failures that could indicate
a possible unauthorized attemptWhen such trends are observed, steps
will be taken automatically to prevent that account from being used.
Security Analyzer
Database Security Protection of Connection string to connect to DB Use least-privileged, local accounts for running
Enterprise Services when connecting to DB
Audit TrailsAuditing of all logons is on by default.All transactions performed by users are logged in the
system and stored in DB filesHistory of Sales executive mapping against clients will
be available
Session based application In-case web-portal is idle for next 10 minutes then
application session will be expired and user need to re-login to the application
ReportsPassword protected reports will be dispatched to userMasking of critical data
RSS Feeds
Stay connected to important updates by subscribing to RSS feeds. The feeds include new releases, case studies and documents from the website.
Download an RSS reader. The RSS reader will help to manage subscriptions and periodically check the Bank website to deliver the latest information to your desktop.
Click on the region or country of your choice. When the page opens you will see the raw XML code.
Drag or cut and paste the URL of the feed into your RSS reader and follow the instructions for your particular reader to subscribe.
Leave the RSS Reader open or minimize it on your toolbar so that you can be alerted whenever new content is added.
Sitemap
• Personal Banking.• Wholesale Banking.• NRI Services.• About Us.
Personal Banking• Accounts & Deposits• Savings Account• Current Account• Salary Account• Fixed Account
• Loans• Personal Loan• Home Loan• Two wheeler Loan• New Car Loan• Used Car Loan• Loan Against Securities• Loan Against Property• Tractor Loan
Cards• Credit Cards.
• Sliver Credit Card.• Gold Credit Card.• Titanium Credit card.• Value Plus Credit Card.• Women’s Gold Credit Card.
• Debit Cards.• International Debit Cards.• Gold Debit Cards.• International Business Debit Cards.• Women’s Advantage Debit Cards.
• Prepaid Cards.• Gift Plus Cards.• Food Plus Cards• Money Plus Cards.
Personal Banking (2)
Investment & Insurance• Mutual Funds• Insurances• Bonds• General & Health Insurance
Payment Services• Net safe• Merchant Service• Pay now• Visa Bill-Pay• Visa Money Transfer
Access Your BankNet bankingCerditCard OnlineATMMobile Banking
Personal Banking (3)
• Corporate• Funded services• Non Funded Services
• Small & Medium Enterprises• Internet Banking
• Financial Institutions & Trust• Financial Institutions• Mutual finds• Stock Brokers
Whole sale Banking
• Accounts & Deposits• Rupee Saving Account• NRE Saving Accounts• Rupee Current Accounts• NRE Current Accounts• NRO Current Accounts• Rupee, NRO, NRE Fixed Deposits
• Investment & Insurances• Mutual Funds• Private Banking• Insurances
• Loans.• Home loans• Gold Credit Card• Loans against Securities
NRI Services
• Payment Services.• Net-safe.• Bill Pay• Direct Pay• Excise & Service Tax Payment.
• Access your Bank.• Net Banking• Instant Alerts• ATM• Phone Banking.• Branch Network.
• Customer Center.• Offers & Deals
NRI Services(2)
About Us• Profile.• Promoter• Business Focus• Management• Loans for every needs
• Shareholdings in Bank.• Shareholding Pattern.• History of share issues.
• Corporate Governance.• Code of Corporate Governance.• Profiles of Directors.• Ownerships Rights.
Thank you