Security QA

User

System Administrator/Students/Hacker

Problem

Attempt to change the grades, attempt to check the assignments

Environment

Normal Operation

Artifact

System’s database

Response

Grant or withdraw permission to modify the data

Tactic

Authenticate user, Authorize the user, Maintain Data Confidentiality, Maintain Integrity

Rationale

Modification can only be done by authorized users