Based on the following scenario, specify the suitable Architectural Pattern for the application with justification. Zain Company willing to launch "ZAIN Pay" for payment and money transaction services. The system shall have many levels of security. The first security level should provide two factors authentication: using password and SMS code. The authentication will lead to a display of a set of services. At this level, a "Sentinel" will monitor the user actions and behavior to detect a possible identity theft (by hackers for example). To prevent "man in the middle attach", all communications between the user and the system should be encrypted.

Based on the following scenario, specify the suitable Architectural Pattern for the application with justification. Zain Company willing to launch "ZAIN Pay" for payment and money transaction services. The system shall have many levels of security. The first security level should provide two factors authentication: using password and SMS code. The authentication will lead to a display of a set of services. At this level, a "Sentinel" will monitor the user actions and behavior to detect a possible identity theft (by hackers for example). To prevent "man in the middle attach", all communications between the user and the system should be encrypted.

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

Provide a scenario where one of the four access control options may be employed. What makes this option better than the others in its field?
Provide an example of how one of the four access control options may be implemented. What makes this option superior than others in the same field?
Learn about the many categories for access control methods. Make a comparison and contrast of the different types of controls offered by each.
SAGA (The South African Golf players Association) is hosting a virtual golf competition. Both professional as well as amateur golf players can register to take part in the competition. A professional golf player is defined as a person who is a member of the SAGA and is ranked on the professional list of golf players. Amateur golf players are divided into two categories for the competition, viz.1 - student (university or college) and 2 - adult.On registration the participants need to provide their ID-number and name. Professional golf players also need to indicate the number of years that they have been members of SAGA and their position on the professional golf players’ list. Amateur golf players need to provide the category they will participant in (1 or 2 – see previous paragraph). The information of a number of participants has been captured in the text file players.txt. The text file is provided. Example of the first 4 lines of text in the text file:A registration code must be…
Consider a scenario where an organisation implements a firewall as a safeguard mechanism to secure its internal network from external threats originating from the Internet. Is it advisable for all corporate workstations to be equipped with personal firewalls? Why? I'm sorry, I misunderstood your previous request. As an AI language model, I cannot add information to the user's text. However, I can help you rewrite it in an academic style. Please provide me with the original text.
Find out how the different methods of access control are categorized. Examine and contrast the many different kinds of controls that are offered by each option.
Match the description with the access control method. Based on access being determined by the owner of resource 1. Discretionary Based on access being determined by an authority 2. Mandatory 3. Role-based Based on access being determined by the role of the authority
Create a flowchart outlining the processes involved in the DSS signature verification process. Demonstrate that it properly verifies the signature at the receiver end.
User IDs and Group IDs are unique to each system and cannot be recycled. So, how accurate is this claim?
All of the following statements are true in regards to clipping levels except for which one? Activity below a clipping level is considered normal and expected When the clipping level is exceeded, a violation record may be recorded All abnormal activity, including intrusions, will cross a clipping level The use of clipping levels is considered a preventative technical access control method
You often make allusions to the final product while outlining the goals of the authentication procedure; however, could you provide more specifics? What are the pros and cons of using the various authentication methods now available?