-
Notifications
You must be signed in to change notification settings - Fork 1
Security Issues
Muhammad Tukhtasunov edited this page Nov 1, 2023
·
2 revisions
Identify any security issues raised by your software.
-
We are using all professor's evaluations in a way that could potentially lead to private info being revealed. To mitigate:
- Protecting user login information and privilege level through encryption in database
- Strict logic to limit data access outside of the user’s privilege level
-
Protecting database and the information within it
- Database will only be accessible through the backend
- All routes in the backend that makes queries to the database can only be accessed with requests containing a valid user token provided by the login service
- Our backend will protect, via Flask’s built-in functions, against script injection (XSS attacks)