.

Thursday, April 4, 2019

Online Course Registration And Management System

Online execute Registration And Management organizationCurrently the Microsoft IT honorary society in multimedia University Melaka apply the website that hosted in MMU host to provide in bringation regarding the year offered as considerably as the adaption method to enroll on the specific race. As the hunt enrollment is even so done manually, below is the summary of the problem on the manual methodUser It consumes time as procedurer is not enabling to book the lieu if they fuddle not submitted the form manually together with authoritative receipt to the instructor.The drug handlingr tramp counterbalance the modification trough legion(predicate) dashs, such as Online Banking, alone they still thrust to submit the official receipt bring inn from Multimedia University finance division. executive director/teacher Administrators have to wait until the number of registrant fulfills the tokenish requirement of the ground level to hand carve up.All fitting rel ated moldiness be done manually, as no online g anyplacenance available yet.Financial news report mustiness be similarly done manually in order to keep track of the financial progress of the drifts.Project ObjectiveThe project verifiable depart be foc utilize on building an online communication channel adjustment to ensure the effectiveness of the stop of registration. Moreover the musical arrangement leave aloneing offer a complete management system that integrated with the online lead registration to help the stakeholder for maintaining the run accomplish of the course.The registration solve basin be done online without the requisite of paperwork any more than. It is withal help the scholarly person to get more knowledge some the course process magical spell they enrolled.The administrator testament get easier trend to determine the seat of the courses, keep track of the registration module, and receive report for the year to help them determine th e development of the courses. The cores of intents of the project ar succeeding(a)sTo contain alert course registration system in Microsoft IT academy of Multimedia University. Analyzing received course registration system, by interviewing the stakeholder of the system.To propose an online course registration and management system.To identify the utilisationr requirement for online course registration and management system.To develop an online course registration and management system.To evaluate the online course registration system that been develop.Project ScopeThe studies depart develop an Online turn tail Registration, specifically for the Microsoft IT Academy in Multimedia University. With this system, it allow for affect the stakeholder of the Microsoft IT Academy Multimedia University Melaka Campus such asAdministrator /InstructorThe Administrator for the system will be divided to near(prenominal) privileges on how they push aside spend the system. Administrat or for psychometric testple, have all the privileges such as adding instructor, adding courses, update information, adding downloadable material, registration module, etc., but Instructor besides have some(prenominal) privileges on what they can do and not do in the Online course registration and management system.Student/UserStudent will get a more feelerible way in order to register and booked the seat for the courses. They also can get updates from administrator keep track on the progress of the course.Significance of ProjectThis final year project for intelligence online course registration will not only provide fundamental cavort to the substance absubstance ab hirer as well as administrator, but will be also completed with these featuresOnline inspect Helpdesk Support agreementThe Helpdesk Support System will allow the exploiter to interact with the administrator in case if they have certain question to be asked regarding the course or the registration flow.SecurityS ecurity of the website is one of the main concerns to be improved as the registration is moving from conventional to online establish. The reason is because user will send their confidential data to the system. al more or less user might use the same put downin ID or password, and without proper security, the data might be admittanceed by third party, or the user session is hijacked while sending the data. The security improvement will also provide log to the administrator in case there are some abnormality in the system after some user log in. As the security improved, we are giving the user a better taste why they should trust our system.Limitation of ProjectIn this project there are 2 objectives to secure which are developing online course registration and management system for the Microsoft IT Academy Multimedia University Melaka. This project will focused on how to make the registration flow as simple as possible and also automated in the flow process.However there are limitations which is not be covered in this project. Even though the registration for the user will be done online, some flow of the process will be still done manually, such as submitting the official receipt of MMU to instructor. This is because of Multimedia University insurance that not allows administrator to addition the student financial report. Yet the system itself will allow user to upload the proof of givement trough online registration.Structure of field of studyThis report consists of 5 main chapters. The offset chapter, Chapter 1 which is Introduction presents overview of the project, the problem statement of the study state the problem occur on the topical system, the project chain, objectives of the study that explain about the project main goals that need to be achieved, and structure of the report as well as the limitations of the project.Chapter 2 which is Literature Review state explains about materials used to study for the proposed system later, literatur e review also briefly explain some previously system that use same the technology in registration system.Chapter 3 is Methodology and this chapter explains about the methods and tools that will be used to develop the system. It also gives some explanations why the methods and tools are chosen in the project.Chapter 4 which is the Proposed Solution and execution of instrument Plan or Design, this chapter presents the plans on how the system developed as well as the use of the system. This chapter in the prototypal place consists of draws to describe the design of the proposed system and some little explanation about the proposed system.Chapter 5 is conclusion this chapter will summarize the conclusion of the objective stated.Chapter compendiousIn this Final year project the main objective is to propose and develop an online registration and management system that will facilitate the user as well as the administrator in order to keep the flow of registration more compact and eff icient. This chapter explains the scope of the project which will affect the Microsoft IT Academy in Multimedia University Melaka stakeholder. Moreover in this chapter also describes about the problem that the current system where most of the flows still done manually.Chapter 2Literature ReviewOnline course registration and management system has become a necessity in order to create simple and accessible way to support today system. The internet has dramatically changed the role of profits today (Cassidy 20021). meshing is the tool or vehicle for umteen applications, as well as to maintain registration for government, companies, and many events. This is happen as result of the simplicity of internet access in many part of the world.2.1. Online credit line RegistrationJohnson and Manning (2010) stated that the two biggest differences between registering online and mailing in your paperwork are time and technology. It can take time when users have to fill in the form, and then sub mit it in some other places. kind of of taking time, technology has helped us to make the registration procedure into the next level. You can find more information about the courses you want to take and in the same time fill up the form, hold the fees, etc. The staff that receives registration information most probably will process the information in same system, so by using online course registration and management system, we can save time.2.1.1. Online family Registration and Management SystemAn Online course registration and Management System is systems that maintained the registration flow for the user and provide extensive capability for the administrator to maintain the mental object, report, and ability to add, update, or delete the content of a system. Currently there are many applications that have the ability to manage registration online. Some of them are very simple, and more complicated that use current technology. Almost all web base scheduling language support th e capability to make online registration, such as PHP or .NET provide many option to build intelligence course registration and management system. A good system must be able to provide sufficient information and services needed by user as well as delivering extensive report to the administrator (Anggarwal.2003233).2.1.2. Existing Online carry Registration and Management SystemMost of the Online bod Registration and Management System are mostly used in educational institution and professional courses. This is to avoid time consuming of managing numerous users and prevent error from manual method. establish on that, people tend to use Online Course Registration and Management System. in that location is some Online Course Registration and management System that researched and improves, such asWylie Course RegistrationThe C-Registration System will flip-flop the existing mainframe course registration system at Wylie College. The new system will user interface with the existing Bil ling System and Course Catalog selective informationbase System as shown in the context diagram below (see attribute 2.1).The C-Registration System will consist of a customer dowry and server divisor as illustrated in embodiment 2.2. The server component resides on the Wylie College UNIX Server. The server component must interface with the Billing and Course Catalog Database Systems on the College DEC VAX Main Frame. This interface is supported by an existing Open SQL Interface.The invitee component resides on a personal computer. The College PCs will be setup with the invitee component installed. Any non-college PCs must download the client software from the UNIX Server via the Internet. Once the client component is installed on the PC, the user may access the C-Registration System from the PC finished the College LAN or Internet. A sensible ID number and password must be entered in order for access to be granted.Figure 2.1 C-registration System Context DiagramFigure 2.2 C-Registration system overviewThe C-Registration system has many capabilities which will be explained the following delayTable 2.1 C-Registration capabilitiesCostumer benefitSupporting featuresUp-to-date course informationThe system accesses the Course Catalog Database for up-to-date information on all courses offered at Wylie College.For each course, the Students and Professors may review the course description, Prerequisites, assigned teachers, class locations, and class times.Up-to-date registration informationAll course registrations are straightaway logged in the Registration Database to provide up-to-date information on full or cancelled courses. calorie-free and timely access to course gradesStudents can view their grades in any course simply by providing their user ID and password. Students may access the registration system from any College PC or from their home PC via the internet.Professors enter all student marks directly into the Registration Database from their PCs.A ccess from any College PCStudents may access the registration system from any College PC or from their home PC via the internet. Installation of the client component of the C- Registration System on a PC is an easy to follow process using the internetEasy and convenient access from your PC at homeStudents may access the registration system from any College PC or from their home PC via the internet.Secure and confidentialA valid user ID and password is required to gain access to the C-Registration System. Student report card information is protect from unauthorized access.Instant feedback on full or cancelled coursesAll course registrations are straight off logged in the Registration Database to provide up-to-date information on full or cancelled courses.Online Course Registration System for the Faculty of Engineering in University of PeradeniyaIn the system developed by the University of Peradeniva, there are some necessity in online registration course that should be included in the system, such asAuthentications and Authorizations of usersAdministrators should be able to decide time accomplishment for the registration ( beforehand the start of the semester) and time period for the add/drop period (at the beginning of the semester)Administrators should be able to enter required data into the system such as courses, students, advisers and examination resultsAdvisers are allowed to view filled registration form of each student and accept/ reject the registrationStudents should be able to view current courses and previous results, to register or add/drop new semester coursesUsers should be able to change their passwords and personal information and In the absence seizure of a relevant adviser, the head of the department should be able to accept the online registration forms.All users have their own user find outs and passwords to access the system and they have the ability to change their passwords. They will be given specialise entry levels to access the sy stem. Figure 2.2 depicts the use-case diagram of the system. Administrators are the staff officer at the Office who is accountable for course registration. They have the authority on deciding time durations, entering required details and finalizing registrations.Figure 2.3 use case of the online Registration in University peradeniyaAdvisors are all the department heads and lecturers who are assigned as advisers for students. They are capable of viewing courses, student details and results and accepting or rejecting registration forms. Student kinsperson contains everyone who has registered for a degree programme in the faculty. They are allowed to view available courses, their details and results, and to complete their registration forms and add/drop forms.The system that being used will be detailed explained in the table belowTable 2.2 system used in Online Course Registration of university peradinyaTechnologyUsage romance WeaverGUI DesignCSSAdditional Features in GUI DesignASP.ne tProgramming DesignAjax client Script DevelopmentSQL Server 2000Database DesignIIS web Server to host the systemCrystal get over 9.0Generate reports.As the system works, it has not only reduced the burden of all parties involved in the course registration process, but also improved the process by reducing errors.Secure Online finishThe real test of a secure entanglement Application occurs when it comes time for users to log in and access your site (Burnett,Mark.2004). Login screen is look simple. User just provide the username and password, the system will authenticate it to access the system. Authentication establishes a users identity. Once this identity is proved valid, the user is authorized (or nor authorized) to access various features of the Web application.2.2.1 User credentials ThreatsThe primary threats with user credential areAccount hijacking This involves taking over the account of a rule-governed user, sometimes denying the rightful user access to his or her acco unt.Man-in-the-middle Intercepting Web commerce in such a way that the assailant is able to read and modify data in transit between two systems.Phishing A type of man-in-the-middle attack in which the attacker lures a legitimate user to enter a password finished a fake e-mail or Web form designed to look like that of a legitimate Web site.Unauthorized access Gaining access to restricted content or data without the consent of the content owner.Information leakage Revealing or failing to protect information that an attacker can use to compromise a system.Privilege escalation Allowing an attacker to gain the access privileges of a higher-level account.Sniffing Using a network-monitoring utility to intercept passwords or other slender information that traverses a network.Because the login form plays such an important role in authenticating users, it is important to protect the form itself from flaws. A poorly written login form is vulnerable to password sniffing, information leakage , and phishing. Furthermore, the form itself may be vulnerable to flaws such as SQL injection and cross-site scripting.2.2.2. Secure AuthenticationIn ASP.NET the IIS provides four standard methods for authentication canonical authentication resist authenticationIntegrated Windows authenticationClient certificate mappingBasic AuthenticationBasic authentication works by prompting a Web site visitant for a username and password. This method is widely used because most browsers and Web servers support it. The benefits areIt works through proxy servers.It is compatible with nearly every Internet browser.It allows users to access resources that are not located on the IIS server.Basic authentication also has some drawbacksInformation is sent over the network as cleartext. The information is encoded with base64 encoding, but it is sent in an unencrypted format. Any password sent using basic authentication can easily be decoded.By default, users must have the Log On Locally right to use basi c authentication.Basic authentication is vulnerable to replay attacks.Because basic authentication does not encrypt user credentials, it is important that traffic perpetually be sent over an encrypted SSL session. A user authenticating with basic authentication must provide a valid username and password. The user account can be a local anesthetic account or a domain of a function account. By default, the IIS server will look locally or in Active Directory for the user account. If the user account is in a domain other than the local domain, the user must specify the domain name during logon. The syntax for this process is domain nameusername, where domain name is the name of the users domain. Basic authentication can also be configured to use user jumper cable names (UPNs) when you use accounts stored in Active Directory.To prevent exposing user credentials to others on the network, it is essential that you always use SSL with basic authentication. Note that basic authentication causes the browser to send user credentials to every page on the same site or within the same realm, not just the login page. If you dont use SSL on every page, user credentials will be visible on the network. One way to prevent these credentials from being sent on unprotected content is to use a erratic realm for protected and unprotected content.Digest AuthenticationDigest authentication has many similarities to basic authentication, but it overcomes some of the problems. Digest authentication does not send usernames or passwords over the network. It is more secure than basic authentication, but it requires more planning to make it work.Some of the similarities with basic authentication areUsers must have the Log On Locally right.Both methods work through firewalls.Like all authentication methods, pore authentication does have some drawbacksUsers can only access resources on the IIS server. Their credentials cant be passed to another computer.The IIS server must be a member of a domain.All user accounts must store passwords using reversible encryption.The method works only with Internet Explorer 5.0 or higher.Digest authentication is vulnerable to replay attacks, to a limited extent.Digest authentication is secure due to the way it passes authentication information over the network. Usernames and passwords are never sent. Instead, IIS uses a message digest (or hash) to verify the users credentials. In order for digest authentication to work, all user accounts must be stored using reversible encryption in Active Directory, which may be a potential risk. After this setting is enabled for a user account, the users password must be changed to create the plaintext copy.Digest authentication does provide more security, but for most Web sites, the limitations of this method outweigh the benefits. One interesting peculiarity with IIS is that when you send authentication headers to a client, it will send the basic authentication header before the digest one. Many I nternet browsers use the first header they encounter and therefore opt for the weaker basic authentication.Integrated Windows AuthenticationIntegrated Windows authentication is also a secure solution because usernames and passwords arent transmitted across the network. This method is convenient because, if a user is already logged on to the domain and if the user has the correct permissions for the site, the user isnt prompted for his or her username and password. Instead, IIS attempts to use the users cached credentials for authentication. The cached credentials are hashed and sent to the IIS server for authentication. If the cached credentials do not have the correct permissions, the user is prompted to enter a different username and password.Depending on the client and server configuration, integrated Windows authentication uses either the Windows NT LAN Manager (NTLM) or Kerberos for authentication. You cannot directly choose which one is used IIS will automatically choose a met hod based on the server and client configuration. The Web browser and the IIS server negotiate which one to use through the negotiate authentication header. Both Kerberos and NTLM have their own advantages and disadvantages. Kerberos is faster and more secure than NTLM. Unlike NTLM, which authenticates only the client, Kerberos authenticates both the client and the server. This helps prevent spoofing. Kerberos also allows users to access remote network resources not located on the IIS server. NTLM restricts users to the information located on the IIS server only.Kerberos is the preferred authentication method for an intranet Web server. However, the following requirements must be met for Kerberos to be used instead of NTLMBoth the client and server must be racetrack Windows 2000 or later.The client must be using Internet Explorer 5 or later.The client and server must be in either the same domain as the IIS server or in a trusted domain.Integrated Windows authentication has a few li mitationsIt works only with Internet Explorer 3.01 or later.It does not work through a firewall. The client will use the firewalls IP address in the Integrated Windows hash, which will cause the authentication request to fail.Client Certificate chromosome mappingClient certificate mapping is the process of mapping a certificate to a user account. Certificates can be mapped by Active Directory or by IIS. Both of these methods require Secure Sockets Layer (SSL). There are three types of certificate mappingsOne-to-one mappingMany-to-one mappingUPN mappingCertificate mapping is the process of linking a certificate to a specific user account. Normally, if we wanted to give a user documented access to the intranet we would either create a user account or allow the user to log in using his domain account. Creating duplicate accounts is time-consuming, yet if users use their domain accounts, there is the concern that their domain passwords could become compromised.To provide better securit y and reduce the administrative workload, we could choose to issue each user a certificate. Certificates can be used to verify a users integrity. It is actually more efficient to use a certificate than a user account because certificates can be examined without having to connect to a database. It is by and large safer to distribute certificates than user accounts. Furthermore, it is much easier to guess or crack someones password than it is to forge a certificate.Chapter SummaryThis chapter discusses the material research as well as basic understanding of the online course registration and management system. The material provided is to help and understand the project, and how the system can improves the registration and management system.Chapter 3Methodology3.1. System MethodologyIt is important to understand that an information system has a life cycle, just as financial backing system or a new product has. System depth psychology and design constitute the tell stage of system de velopment life cycle (ISRD Group, 2007). System Development Life Cycle has several grades which are planning, analysis, design, effectuation, and maintenance.Figure 3.1 System Development Life Cycle3.1.1. PlanningPlanning is the first frame in the System Development Life Cycle, in this cast the necessity of the system has to be set (Hoffer, et al., 2005). The objective, scope and the main reason to develop the system has been explained in previous chapter.3.1.2. AnalysisThe second phase is the analysis phase, which during this phase an analysis on the system requirement is being held (Hoffer, et al., 2005). The output of this phase is a description of the recommended solution by determining the problems and requirements. In this phase information regarding of the project is self-contained, the information gathered then can be studied to help the understanding about the project. In this project analysis phase determine what method used to build the system later on. In this phas e, we interview the stakeholder of Microsoft IT Academy Multimedia University (see appendix for detail)In analysis phase, we determineDetailed evaluation of current systemData CollectionUser fatality3.1.2.1 Current System EvaluationFigure 3.2 System flow of the systemFigure 3.2 show the current system flow of the MSITA. The flow show that some part still done manually, such as filling form and registration (student have to download form from website, pay the course fees to MMU finance, and submit the official receipt to the instructor).The website that being used now is using ASP.NET as programming language, but there is no online registration capabilities. The website is used for content management system only. All the registrant will be input manually by the instructor.3.1.2.2. Data CollectionTo ensure that we understand the flow of the current system, we need to identify the stakeholder of the system, such asTable 3.1 StakeholderNoStakeholder NameStakeholder typeRoles1Instructor Instructor of CoursesProvide Course material, provide place/lab for the course exercises , manage registration for user2MMU Finance divisionRegistration Payment SubmissionReceive Payment from Costumer, Issue formalised Receipt for registration3StudentUser/CostumerRegister for the course, submit receipt for registration, enrol in course as scheduled, take certification examFrom the stakeholder above, we already identify that the most deviate entity are the User and Instructor of the course. We will then identify the problem on the current website. knead of Microsoft IT Academy WebsiteAs main website for student for flout latest/available course offered by MSITA team.Check schedule for the courseCheck registration procedure (Download Registration Form)Download notes/material for the course (only for registered user) good Detail of Microsoft IT Academy WebsiteTechnology Used ASP.NETOther Items consideredCourse material is given trough the classRegistration of the course still done manually (student have to download form from website, pay the course fees to MMU finance, and submit the official receipt to the instructor).The reason why the registration still done manually sometimes there are changes in registration procedure (e.g. minimum requirement for the number of the student to open the courses, some courses is added/removed).Need the proof of payment to confirm student registration.Figure 3.3 MSITA website details3.1.2.3 User RequirementAs the main concern of the development in MSITA website, we need to make the registration process and also maintenance of the website online these are the requirement of the proposed solutionTable 3.2 User requirementUser SideAdministrator SideUser can register in the MSITA website as website member as option before they register to the courseAdministrator panelStudent registered as website member need to fill course to take in future/next trimester in order to keep track the estimated number of course offered.Add/Remove courseStudent can fill the registration form trough MSITA website. reflex(a) Email to all student registeredStudent can upload scanned proof of payment trough registration formRegistration module for administratorStudent can fill option to take exam after course registration in order to get exam voucherFinancial Report of the year3.1.3 DesignDesign Phase required us to determine the logical and physical design of the system. We need to determine the system features and all other necessary requirement for the system. Later on in the next phase of the project we will transform the logical design into fully working system.3.1.4 carrying into actionThe fourth phase is implementation. In this phase the physical design of the system will be programmed into a working system (Hoffer, et al., 2005). In implementation coding, testing, and installation will be included. In coding, the system will be programmed to a working system. After it programmed the system will be tested to find errors a nd bugs in the system. Lastly, during installation the system will be installed and ready to use.In the phase 1 of the project implementation of the system is not going to be built. The implementation phase will be held during the second phase of the p

No comments:

Post a Comment