ASM 2 Cloud Computing 1644 FPT Greenwich (Merit Super Sale)

Điểm của bài asm còn tùy thuộc vào người chấm. Chỉ cần paraphase bài này là có thể pass. 1 trong nhưng tool paraphase mình recommend là quillbot.The submission is in the form of 1 document.● You must use the Times font with 12pt size, turn on page numbering; set line spacing to 1.3 andmargins to be as follows: left = 1.25cm, right = 1cm, top = 1cm, bottom = 1cm. Citation andreferences must follow the Harvard referencing style. ASSIGNMENT FRONT SHEET Qualification BTEC Level HND Diploma in Computing Unit number and title Unit 2: Networking Infrastructure Submission date Date Received 1st submission Resubmission Date Date Received 2nd submission Student Name Student ID Class Assessor name Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism I understand that making a false declaration is a form of malpractice Student’s signature Grading grid P1 P2 P3 P4 M1 M2 D1 ❒ Summative Feedback: Grade: Lecturer Signature: ❒ Resubmission Feedback: Assessor Signature: Date: Table of Contents I Network Network definiton Ξ First of all, network also known as computer networking, which can be understand as a group of computers utilizing a principles of general communication protocols over digital connections for the intention of sharing resources located upon or accommodated by network nodes ... https:www.dnsstuff.comdatabreach 10 1 Dobran, B., 2 019 Information Security Risk Management: Build a Strong Program Online Available at: https:phoenixnap.combloginformation security riskmanagement garg, r., 20 21 Threats... List and give examples with dates 12 Propose a method to assess and treat IT security risks (M1) 18 TASK DESCRIBE AT LEAST ORGANIZATIONAL SECURITY PROCEDURES (P2) .20 Definition... Dan Swinhoe, 20 21 The 15 biggest data breaches of the 21st century, s.l.: s.n Ohri, A., 20 21 What Is DMZ Network Online Available at: https:www.jigsawacademy.comblogscyber security whatisdmz

ASSIGNMENT 2 FRONT SHEET





Internal Verifier’s Comments:

Signature & Date:

Table of Contents

A INTRODUCTION 5

B DESIGN 6

I Overview 6

1 Solution for ATN 6

2 Use-case diagram 6

3 Web Screen Shots 6

II Implement and Deployment 9

1 Tools, Techniques and Frameworks 9

2 Deployment 12

3 Code Implementation 19

4 Source code and website 23

III DISCUSS THE ISSUES AND CONSTRAINTS ONE CAN FACE DURING THE DEVELOPMENT PROCESS AS WELL AS CRITICALLY DISCUSS HOW ONE CAN OVERCOME THESE ISSUES AND CONSTRAINTS 23

1 Issues, Constraints and Solutions to Overcome When Implementing The Code 23

2 Issues, Constraints and Solutions to Overcome in debugging 24

3 Issues, Constraints and Solutions to Overcome in deploying 24

4 Issues, Constraints and Solutions to Overcome in Database 25

C SECURITY 25

I Some Issue Of Cloud Computing Platform 25

a) Public Cloud 25

b) Private Cloud 26

c) Hybrid Cloud 27

II Security Issues In Cloud Environments And Solution to Overcome These Issues When Building A Secure Cloud Platform 27

1 Data Breaches 27

2 Misconfigurations and inadequate change control 28

3 Lack of cloud security architecture and strategy 28

4 Data Loss/ Leakage 29

5 Account hijacking 29

6 Insecure interfaces and APIs 29

III How an Organization Should Protect Their Data 30

1 Understand the Shared Responsibility Model 30

2 Understand Compliance Requirements 30

3 Centralize Monitoring 31

4 Encrypt Data 31

5 Pick the proper data centre migration solution for the job 31

D CONCLUSION 31

References 32

List of Figures Figure 1:Use-case diagram for ATN system 6

Figure 2: Homepage 7

Figure 3: Product Management UI 7

Figure 4: Searching function 8

Figure 5: Creating function 8

Figure 6: Editing function 9

Figure 7: VSCode IDE Screenshot 10

Figure 8: Github 11

Figure 9: Mongo atlas 11

Figure 10: Heroku 12

Figure 11: Install Nodejs 12

Figure 12: Install Express framework 13

Figure 13: config node package manager 13

Figure 14: Mongodb atlas 14

Figure 15: config IP access 14

Figure 16: Database account 14

Figure 17: Connect noSqlbooster to this mongodb Atlas 15

Figure 18: Connect to database server via url encode with account 15

Figure 19: Github repository 16

Figure 20: Source code after being pushed into github 17

Figure 21: Create Heroku cloud 18

Figure 22: Guidance Command Lines 18

Figure 23: ATN warehouse web app 19

Figure 24: UploadProduct (1) 21

Figure 25: UploadProduct (2) 21

A INTRODUCTION

In assignment 1, I learnt and discussed the basic concepts of cloud computing subject as well as analyzed and provided the solution and tech stack for the ATN web project( a Vietnamese company which is selling toys to teenagers in many provinces all over Vietnam) The completion of my task in assignment 1 also is the premise for assignment 2 The implementation will be given based on the ATN scenario and architectural design from the first assignment The implementation only offers a few sample functions of the scenario due to the assignment's time limitations Additionally, in this assignment, I will discuss the security concern

in cloud computing/platforms and their solution How organizations could protect their Data in cloud also will be discussed

B DESIGN

1 Solution for ATN

After overviewing and analyzing the positive statistic that Cloud Computing brings about, I decided to choose Cloud Computing to hosting and develop the ATN warehouse web app, which only be used by staff of ATN

2 Use-case diagram

The primary use-cases as well as functions of ATN web app that are:

Manage Products(Search/ add/ edit/ delete/ view detail)

3 Web Screen Shots

3.1 Main UI

Figure 1:Use-case diagram for ATN system

This is the main UI of ATN web app It always appears when user access to this web app via ATN’s address

such as searching, editing, deleting, creating The design of this site is quite friendly and invisible not only for staff but also even any customer could use this one

The searching function has real-time searching hint

3.3 Creating and Editing product

Figure 4: Searching function

Figure 5: Creating function

Click on create button on the top-left to open this site This site has text fields to enter the attribute

of a product Image of product could be uploaded from staff’s disk storage and staff could upload multiple images one time

Click on create button in the bottom-left of a product to open this site This site has text fields to enter the attribute of a product and the data of product will fill them However, images of product now do not yet be uploaded because it’s in maintainance now

1 Tools, Techniques and Frameworks

a) IDE

For implementing this web application, Visual Studio Code is chosen obviously This is because:

☺ Its adaptability and contemporary features Heroku CLI and Git CLI are supported

☺ JavaScript and TypeScript provide enhanced built-in support for Node.js development

in VS Code, which is supported by the same underlying technologies as Visual Studio

☺ The most effective features of web, native, and language-specific technologies are combined in Visual Studio Code's architecture

Figure 6: Editing function

☺ It is a cross-platform, open source, and free editor that runs on Windows, Linux, and macOS so that work regardless of the platform that the device is built on

b) Framework

For building the web server, Expressjs which

is an open-source backend framework for Node.js is a good choice for developing the backend of this web application It is built on top of the Node.js framework (Web, 2020 )

The majority of codes have already been written Developers will code more easily if they do it in this manner

I use Express.js because of its great scalability, speed, and overall performance, to name a few factors It is built on top of the Node.js framework The majority of codes have already been written Typically, developers will code more easily if they do it in this manner Any app development project must have

Figure 7: VSCode IDE Screenshot

integration Integration of third-party services and middleware is simple with a neutral framework It won't be difficult to find answers to development issues

c) Source Code Manager

I utilise Github as a repository where I can store my codes safely which I may opt to keep private or public

e) Cloud computing service

For hosting ATN server, I use Heroku which is cloud computing server which support us deploy the project in the PAAS model

2 Deployment

a) Install and config nodejs amd express framework

After install this runtime environment, open the terminal in directory of this server and enter the command ‘npm init’(node package manager initialize) to initialize the npm in this directory

Figure 10: Heroku

Figure 11: Install Nodejs

Install express framework via terminal

b) Config the mongodb atlas

Figure 13: config node package manager

Figure 12: Install Express framework

After config the node package manager and install express framework, the next task is config the mongodb atlas Access the address of Mongodb atlas, login and create the cluster For the database of this cluster, I choose the aws to be the provider

Next, I need to config the IP access list entry to confirm the list of IPs which could access this database server

To secure access from strange sources, I need to set up a database user account

Figure 14: Mongodb atlas

Figure 15: config IP access

Figure 16: Database account

Any server which wants to access this database server needs to enter the database’s username and password attached to this url encode to connect to this database server

c) Config Git and upload the code directory to Github

To manage my source code as well as host it on the Heroku cloud service, I need to create a repository and upload my code onto it

Figure 18: Connect to database server via url encode with account

Figure 17: Connect noSqlbooster to this mongodb Atlas

Create a repository for upload the code of ATN server

Type these two commands on the terminal where my source code is located to initialize git and add all files in the source code to git

Add remote to GitHub repository

Figure 19: Github repository

Commit code and push this to the master branch

After complete add – commit – push, source code has been pushed onto Github:

Figure 20: Source code after being pushed into github

d) Deploy on Heroku

To deploy on the Heroku cloud, I need to make the Port of this server could dynamically change itself

The port will be got in process.env

Create new heroku cloud by clicking on the new button in heroku homepage

To complete the deployment process, I just follow these commands to uploads and deploy

my server on Heroku

Figure 21: Create Heroku cloud

Figure 22: Guidance Command Lines

After deploying the ATN server to Heroku by utilizing Heroku CLI with the commands line above, the web now can access from every where on internet:

3 Code Implementation

Because the source code is quite verbose and it’s hard to present, describe and explain all of the code phrases in the source code in only one assignment, this section only shows the code implementation of the primary atc function which is Upload Product function and the main.js code in the ATN back-end server

a) Upload product code implement:

In upload product code, for the good practice of this function, the image is no longer being uploaded via online image URL, it will be uploaded as a file and sent to the server To make this function, I use the “Multer” middleware for handling the upload files task

Install multi by the node package manager

Figure 23: ATN warehouse web app

Firstly, I needed to create a middleware handling the determine of the storage location for image when being uploaded

Multer provides the option to store the file to disk storage Here, the storage is the uploads folder where all the images uploaded will be stored and they will be provide the new format for each image file

Update single image is quite obsolete, this function need to be able to upload multiple files each time

The middleware store(exported from the multer middleware above) has been located between the end point “/add” and the function upload product in productController module The built-in operation “array()” will take the image files, save files in filename(in multer middleware above) with a fieldName and store them to the next middleware via req.files Param ‘images’ is shared name of any image files uploaded the ‘12’ params is the maximum files can be uploaded each time

For store either product data and images data, it need two create two collection in mongoDb One is “products” collection and the other is “images”

Firstly, we need store the product data The product also need to store one of the image files uploaded to quickly and easily retrieve and display the represented image to product site The data of the first image will be handled by SingleImageData(self-defined) method The other product data are sent from “add-product” form

To get the img data in the files array stored by multer middleware, map() function is used to get data from each element of files array these data will be encode to base64

Figure 24: UploadProduct (1)

Figure 25: UploadProduct (2)

Those data will be returned to imgArray and then the imgArray will be called with map() function to use the storeImage(self-defined method to store image data to mongoDb) This function runs through each element of imgArray and return a promise, this promise will be resolved when the image data is stored successfully in mongoDb Promise.all() will only be resolved and response the json when all promises in ‘result’ are resolved

b) Main.js(where the server is set up)

In this source code, the libraries, modules and middlewares are imported and utilized to help the web operate properly The set for the view engine, the views directory, etc also configured here Some handlebar helpers also are set up here

Figure 26: Main.js

4 Source code and website

For a realistic perspective, here is the link directly to the web app and GitHub repository code AlthoughtThe update and delete products functions of the web are maintained and developed,

this also contains some necessary functions such as search, add, and view detailed products

Website link: ATN warehouse

Source code: imsimpla2209/ATN_SToy: Asm for Cloud Computing (github.com)

DEVELOPMENT PROCESS AS WELL AS CRITICALLY DISCUSS HOW ONE CAN OVERCOME THESE ISSUES AND CONSTRAINTS

1 Issues, Constraints and Solutions to Overcome When Implementing The Code

a) Constraints:

Honestly, because I rarely work with javascript or specifically node.js, getting an assignment using node.js to develop a web app lead to some constraints when I developing an ATN warehouse code server First of all, since I have learnt mostly the separate/multi-thread language such as JAVa, C# and even PHP before, the complexity and differences of single-thread language(javascript), the concepts from synchronous, asynchronous to their handling ways such

as call-back, promise and async-await make me got confused Moreover, handling the request or getting the input, output or anything relating to handling data also need to be proficient or at least have a sufficient understanding of sync as well as async approaches (call-back, async-await and promise) So, this one took me time to get dive into these concepts before starting to develop the ATN warehouse web app

Secondly, node.js have a very active developing community which means it has so much way to develop even for a function When I focus to learn JavaScript as well as nodejs runtime environment and its framework, the recommendation system of google gives me a plethora of tutorials and each of them is quite different to the other It partly gives me bad practice when developing the ATN server because it looks like a jumble of different methods, syntax or name conventions I have learnt from various online resources, which leads to the structure of code getting incongruence Additionally, The libraries of node.js also gave me some confusion because of their name when installed For instance, when I installed the MongoDB library but forgot the actual name of this one:

These three libraries also got installed successfully but sometimes I really didn’t know what is the actual MongoDB library to import The use of modular programming in nodes also gave me some constraints

b) Solution on how one can overcome these issues and constraints:

To deal with the concepts of synchronous and asynchronous, I decided to dive into how javascript works I started with the basic concept of how even loop, call stack and the priority of