final cbs work
TRANSCRIPT
-
8/6/2019 Final CBS Work
1/34
1
Component-Based Software
2010/2011
Semester 2
Group Course Work
By
Samia Nisar, KaziwaSaleh, Syed Taha, NilofarPahelvan
ID -1042926, ,
FOR
MR. RAMI BAHSOON
Submitted on 13th May 2011
-
8/6/2019 Final CBS Work
2/34
2
Introduction / Background:Online bargain shop is an online store for buying and selling products. The users
are able to subscribe to this shop with a monthly subscription of 100 per
month. The system holds two types of sellers: i) Wholesalers ii) retailers. Bothsort of sellers are able to post product, advertise the product and update the
promotions on the products.
The buyers on the OBS system are able to access the system without any
subscription however they need to register so that they can browse the products
and buy them based on their needs. OBS allow buyers to rank, review and
discuss the products and their sellers. Buyers are facilitated with a secure buying
method by paying for the products online and once their payment is processed,
they are also able to track the delivery of the product. Buyers are also given a
choice to bid on specific products where possible.
OBS system uses the details of the buyers such as previous search history,purchase history and personal data to advertise the products of seller using
emails, on screens and mobiles as a medium. For the payment processing
purpose a third party consortium will be involved. The main purpose of this
consortium is to take the credit card details from the buyer or the seller and
acknowledge by sending confirmation notification to OBS system, which will
then notify the buyer/seller or both and carry out the rest of the tasks.
Assumptions:
There is no sign up fee for Buyers.
Sellers must pay 100 every month in advance and at the time of
registration.
A third party will handle delivery of the purchased products.
Scope:
The Online Bargain Shop (OBS) is an online market place allowing retailers and
wholesalers to sell their items and buyers to search the products, bid on them
and purchase them. The users will have the liberty to subscribe and unsubscribe
from the OBS services. All the transactions will be stored, managed and updatedin a single database and only OBS system administration will have the access to
that Database. The system will perform following major categories of functions.
Registration:
All users are presented with a standard web page from where they can browse
different products, log in to the system or compare prices.The system will be
designed to handle three types of users.
-
8/6/2019 Final CBS Work
3/34
3
i. General users who can access the system partially.ii. Wholesalers/ Retailers.iii. Buyers.
General users who are unregistered users will only be able to access to view the
products and their prices. To gain full access they should sign up with the
system, for this the system provides a page where the user enters his/her details.The system checks the role of the user and depending on the role of the user the
system provides different services. If the user chooses the role of seller then in
order to ensure that a particular seller is an authentic seller, OBS imposes an
advance fee of 100 per month in order to be registered as seller and be able to
publish items for selling. If user selects buyer, the system checks the birth date of
the user to see if he/she is over the age of 18. If not then the user is not allowed
to use the system.If the registration was successful then the user is redirected to
the homepage where the system is offering a group of services and is
automatically registered for the advertisement subscriptions, which he/she can
change after logging in to the system.
Selling:
All sellers can upload images of their products with related price information,
description, availability, discount etc. They could also set seasonal discount rates
on selected items and provide special offers as well. Sellers are allowed to
include delivery charges in the final price. Sellers can sell selected products by a
bidding mechanism in which they are required to set a base price for the item
being sold. Once the seller is satisfied by the amount of bid, it can accept the bid
and process the order for delivery and if the bidding continues to the end the
highest bidder will automatically be a winner and the item will be sold to him. All
biddings will last for a limited period of time that cannot exceed more than seven
days. After this the highest bid is considered to be the winner and the seller mustsend the item to the last bidder.
Buying:
To buy any product that is displayed by sellers on the system a buyer has to
register to system and prove that he/she is over the age limit. After buyer has
logged in to the system he/she can search the product by either selecting the
product category or by searching the product by name. The system will then
process the search and display the results on the screen sorted by following
constraints:
Highest rated seller
Most popular product
Lowest priced item
Offers on the product
The buyer can then browse through the products and proceed to buy the product
once he/she has selected the item. Buyers are also given the choice to bid on the
item if the specific product is available for bidding. The bid must be higher than
-
8/6/2019 Final CBS Work
4/34
4
the last bid or the base-bidding price. The buyer is required to leave a feedback
for the seller/product that will enable OBS system to configure the most popular
seller/product for recommendations. The review of the buyer will be visible to
all users who are using the system. The buyer can only leave feedback after the
purchase has been made. After the purchase of the product the buyer will be able
to track the delivery of the product through the system. For this purpose system
will make use of another third party for delivery of the products purposes suchas Royal mail.
Payment:
For security and ease of usage purpose all the payments are processed using a
Third party consortium. In this design the third party consortium will be a bank
or PayPal, depending on the payment method that the user will select. There will
be two types of payment methods provided: i) Credit card/Debit card ii) PayPal.
After the user has selected to pay for the specific service, the system will take the
user to the page of a third party consortium where he/she will enter the card
details or bank account details. The third party will verify the details and processthe payment. In case of a successful payment user will be re-directed to the OBS
system where he/she can continue using the services and in case of an
unsuccessful payment, the user will be notified and asked to repeat the process if
possible.
In any payment scenario users will be asked to provide the password to
authenticate them. In case of a wrong password, the third party will provide
three chances to provide the correct password and if the user fail to do so, the
system will automatically decline the payment process and the user will not be
allowed to use the services any further.
Advertisement:
All advertisements will be controlled by OBS system while sellers can only post
advertisement about their products/update promotions on the system. The
advertising to the buyers will be taken care by OBS, as the system will have
access to the interests of the buyers. OBS will be able to access buyers profile
including search history, purchase history, credit card details, and address. This
will be saved in the system for the ease of the buyer while sellers will only have
access to limited amount of buyer/bidder information such as name, email,
birthday and purchase history. The users can unsubscribe from the
advertisements at any point they like by changing their preferences in the OBS
system.
Security:
For the security it has been assumed that all the transactions will done via a
secure SSL channel as the system will be handling sensitive user data. The
system will be monitored by ADMIN, who will have the authority to update and
modify the system.
-
8/6/2019 Final CBS Work
5/34
5
Functional Requirements:
REQ 1. User Access.
1.1The system must provide all users with access to the main page.1.2The system must provide all users with access to registration.1.3The system must allow all users to search products and see their prices.1.4The system must allow users to compare prices of selected products.
REQ 2. Registration.
2.1 The system must allow all users to be registered as Buyers.2.2The system must collect user preferences from the user.2.3The system must allow registered users to log in securely.2.4The system must collect 100 advance payment on registration.2.5The system must allow anyone to be registered as a Seller.
REQ 3. Buying the Products.
3.1 The system must allow all buyers to purchase selected items.3.2The system must allow buyers to make bids on products.3.3The system must allow users to compare prices of selected products.3.4 The system must provide buyers with an e-cart mechanism.
3.5The system must allow buyers to provide feedback after they make apurchase.
3.6The system must allow a buyer to track a delivery.
REQ 4. Selling the Products.
4.1 The system must collect seller description.
4.2 The system must allow sellers to publish their products through theiraccounts.
4.3The system must allow seller to set price for their products.4.4The system must allow seller to upload item details.4.5The system must allow sellers to view all the orders.
4.6The system must allow sellers to accept or reject all orders.4.7The system must allow sellers to put selected items for bidding.
4.8The system must allow sellers to accept bid.
4.9 The system must provide seller with customer details such as postaladdress and contact information.
REQ 5. Account Setting and Advertising.
5.1 The system must allow buyers to change their personal information.
5.2The system must allow buyers to change their payment information.5.3The system must allow buyers to change their preferences.
-
8/6/2019 Final CBS Work
6/34
6
5.4 The system must be able to advertise offers on selected products toBuyers through email, SMS, messages and banners on the OBS.
5.5 The system must provide recommendations to the buyer based on thehighest rated seller or product.
REQ 6. Payment.
6.1 The system must collect the payment details (credit card and PayPal)
from the buyer.
6.2 The system must collect payment information from the Seller.6.3 The system must collect 100 per month from Seller account.
Non-functional requirements:
REQ 7. System requirements.
7.1 (Efficiency -> Performance) The system shall redirect the buyer to thirdparty to verify the payment within 15 seconds.
7.2 (Usability) The system shall allow users to be registered as buyers if theyare above 18 years old.
7.2.1 (Reliability) The system shall be available for 99.9% of the time.7.3 (Reliability) The system must be able to roll back any transactions if some
error occurs.
REQ 8. External requirements.
8.1 (Interoperability) The system shall be compatible to various browsers
(Firefox, Chrome, IE, Safari).
8.2 (Legislative) The system shall keep record of every transaction.8.2.1 (Legislative -> Privacy) The system must protect all private data including
-
8/6/2019 Final CBS Work
7/34
7
Use Case Diagram:
This is the use case diagram for the OBS system. The actors are denoted outside
the system boundary and will be interacting with the system. The major use
cases involved are shown in the diagram below and the interaction of these use
cases with the Actors.
Figure 1 Use-case Diagram
Online Bargain Shop
system
Registration
Buyer
*
*
Bid products
*
*
Seller
Loginto thesystem
Search products
review products
buy products
Track delivery
Provide carddetails
provide biddingprice
Provide productprice
adverise products
update delivery
statusUpdate prmotionaldeals
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
**
*
-*
*
*
delivery
payment
*
***
check forsubscription
uses
verify age
uses
checkcard details
**
not verified
extends
verified
*
*
*
*
uses
sell to higgestbidder
uses
*
*
-
8/6/2019 Final CBS Work
8/34
8
Documented Use-cases:
From the use cases shown above in the diagram two use cases have been
selected for further documentation. These use cases are mentioned below:
Use case: Provide Card Details
Actors Buyer, Seller, Payment, OBS.
Pre-Conditions 1. User is registered.2. User is above age of 18.3. User is paying for subscription/product.
Flow of events 1. User is doing this process after registration.
2. Directed to 3rd party page within 15 seconds.
3. After the user has reached the page he/she willperform any one of the following function
a. Pay by card.b. Pay by PayPal.
4. Once the user has selected the method, he/she will betaken to payment page.
5. If user has selected option a then he/she is asked toupload card details.
6. In case of selection of process b, user is asked toupload bank details.
7. After the uploading, user is asked to insert thepassword of the bank that will be accessed for the
verification purposes of users identity.8. If the third party successfully verifies the details, user
is redirected to the OBS system to complete
registration process.
9. If the details are not verified, the registration processterminates.
10.Reason for decline is mentioned.11.The webpage of third party closes automatically.
12.User is redirected to OBS homepage as general user.
Post-conditions If payment is Successful:
1. User is registered.
2. The amount is deducted from users account.3. User is able to use full services of OBS system.
If payment is Unsuccessful:
1. User is not allowed to buy/sell products.2. User is redirected to OBS system where he/she can
only browse the products.
3. User can retry the payment process.
-
8/6/2019 Final CBS Work
9/34
9
Use case: Buy products
Actors Buyer, Seller, Payment, Delivery.
Pre-Conditions 1. User is registered.
2. User is above age of 18.3. User is buying a product.
Flow of events 1. User is browsing the product.
2. User has selected the product to buy.3. After the user has selected the product, he will be
given tow choices.
a. Add to basket.b. Proceed to payment/ Buy now.
4. Once the user has selected choice the system will be
directed to the page based on the selection.5. If user has selected option a then he/she will be
taken to the initial page to browse the products
further.
6. He/She can add as many products in the basket asthey require.
7. If the user chooses the second method, then he/ shewill be asked to login using the username and
password they registered with.
8. After successful login he/she will be taken to
payment page and asked to enter the delivery
address and other details.
9. The user can either choose from the details that arealready stored in the system that were provided at
the time of registration or he/she can add new
details.
10.Once the payment is done the user can track the
ordered package using the tracking number that is
uploaded by the third party for delivery such as royal
mail.
Post-conditions If payment is Successful:
1. User has bought item successfully.
2. User is able to leave feedback.3. OBS has updated tracking information.
4. User receives the delivery successfully.
-
8/6/2019 Final CBS Work
10/34
10
Activity Diagram:
The use case Buy Products was used for further analysis and developing an
activity diagram.
This diagram involves three actors: Buyer, OBS system, Bank (the third party).
The user starts with logging into the system. Once the login is successful he/se
can start browsing the products. If the login was unsuccessful he will be given
three attempts to retry and if he/she still is unable to login, the user will be
redirected to home page and will not be able to buy and products.
The successful user can proceed to browse and buy the products and bid on
them. He can add the products to basket while he is browsing more products and
once he is finished he can proceed to the payment where he will be required to
enter his details.
The payment page will ask the user of the payment option from t he two available
options a) PayPal b) Credit card. After the successful selection of the paymentoption he will be redirected to the third party website based on the option that
was chose earlier.
The third party will take over the payment process from there it can be either
bank or Pay Pal. The website will ask for the payment details of the user and
verify the details with the bank mentioned by the user. After the successful
payment process the user will be redirected to OBS website to further browse
the products or to logout of the system.
If the user was unable to pay then the third party website will display the error
and redirect to the OBS system. OBS system will warn the user about
unsuccessful payment and end the transaction there. User can restart the buyingprocess in this case after he is redirected to the home page.
Assumptions
The third party will be the bank of the user that will be selected by user orthe Pay Pal.
The transfer of websites will be monitored by SSL protocols to make itmore secure.
-
8/6/2019 Final CBS Work
11/34
11
Figure 2 Activity Diagram
BankOBS systemBuyer
Login to system
[verified]
issue warning
[try again]
Choose category Display products
Choose products
[not finished]
Add to Basket
[finished]
proceed to checkout ask for payment option
choose payment type Ask details
enter details
verify details
[verified]
deduct send notification
successful notification
Acknowledge
[not verified]show error
notify user
[try again]
[End]
[Terminated]
-
8/6/2019 Final CBS Work
12/34
12
Noun/Verb Analysis:
Noun/Verb analysis was performed on the scope and the system introduction to
identify the possible candidate classes and operations. Nouns mentioned below
are expected to be a class while the verbs are expected to be operations of the
system. The following analysis outlines the Class diagram that will be displayed
further in this report.
Candidate classes noun:
Product Payment Wholesalers
Promotions OBS system Register
Third party consortium Advertisement Buyer
Credit card Delivery Seller
Administration Item Account
User Bidding Profile
Authentic seller Royal Mail Feedback
Fee Bank Password
Logger Category Order
Role Preferences Retailers
Candidate Operations Verb:
buyTheProduct() acceptBid() checkDOB()
bidOnProduct() registerTo System() comparePrices()
trackTheDelivery() acceptBid() searchProducts()
browseProducts() unsubscribe() provideRecommendations()
leaveFeedback() subscribe() deliveryCharges()
activateUser() paySubscriptionFee() verifyUser()
deactivateUser() sortProducts() deductAmount()
advertiseTheProducts() processOrder() sendNotification()
-
8/6/2019 Final CBS Work
13/34
13
Responsibility-DrivenAnalysis:
Product
Responsibilities Collaborators
Maintain the product specifications
such as name, quantity etc.
Seller
Buyer
OBS system
Advertisement
User
Promotions
Responsibilities Collaborators
Maintain the promotions and deals
about various products. The seller can
update the promotions on specificproducts and this class will keep the
system updated.
Seller
Product
OBS systemAdvertisement
User
OBS system
Responsibilities Collaborators
Maintain the system functionalities by
providing search, browsing and
comparison services for a product. It
will also manage the payment byprocessing the order.
Seller
Buyer
Bank
LoggerDelivery
Administration
User
Register
Responsibilities Collaborators
Maintain the data concerning the
details for a user that will be using the
system.
Seller
Buyer
Administrator
OBS systemUser
-
8/6/2019 Final CBS Work
14/34
14
Administration
Responsibilities Collaborators
Maintains the users that are under the
role of admin and enables them to
access the system with the privilege of
maintaining the system.
OBS system
User
Users
Responsibilities Collaborators
Maintain the data concerning the role
of the users.
Seller
Buyer
OBS system
Administration
User
Advertisement
Responsibilities Collaborators
Maintain the data relating to the
advertisement of products and sellers.
Seller
Buyer
OBS system
Product
Promotion
User
Delivery
Responsibilities Collaborators
Maintain the information concerning
the delivery of the bought products
such as their tracking number etc.
Seller
Buyer
OBS system
Administrator
Product
Payment
BankResponsibilities Collaborators
Maintain the details concerning the
payment of the products and verify the
payments after processing.
Seller
Buyer
OBS system
Payment
-
8/6/2019 Final CBS Work
15/34
15
Payment
Responsibilities Collaborators
Maintain the data concerning the bank
details of the users such as their credit
card details, expiry date, bank name
etc.
User
Seller
Buyer
Bank
DeliveryProduct
OBS system
Feedback
Responsibilities Collaborators
Maintain the data involving the ranking
and reviewing of the products and
sellers.
Buyer
OBS system
Product
Payment
Preferences
Responsibilities Collaborators
Maintain the data regarding the
subscription of users to various
advertisement and products.
Product
Advertisement
Promotions
User
Role
Responsibilities Collaborators
Maintain the data relating to specific
functions that a user can access.
Seller
Buyer
OBS system
Administration
Order
Responsibilities CollaboratorsMaintain the details of the products
that a user has ordered or wants to
order.
Seller
Buyer
OBS system
Product
Payment
Delivery
-
8/6/2019 Final CBS Work
16/34
16
Seller
Responsibilities Collaborators
Maintain the details of the user that is
specified under the role of a seller.
OBS system
Role
Buyer
Responsibilities Collaborators
Maintain the details of the user that is
specified under the role of a buyer.
OBS system
Role
-
8/6/2019 Final CBS Work
17/34
17
First-Cut Class Diagram:
Following the noun verb analysis for candidate classes, the diagram below shows
the first cut class diagram that shows the relation of classes with each other. The
more detailed class diagram is displayed further in this report.
Figure 3 First cut class diagram
-
8/6/2019 Final CBS Work
18/34
18
Class Diagram:
Figure 4 Class Diagram
-
8/6/2019 Final CBS Work
19/34
19
Sequence Diagram:
In this section all the sequence diagram of the identity management systems are
displayed. This includes service based, device based and identity based. The
diagrams cover the login function of the system and the analysis for the diagrams
was performed using the ATAM. In the later sections of this report the pros and
cons of these three architectures will be discussed keeping in view the OBS
system.
Service based sequence diagram:
Figure 5 Service based
User OBS system Encrypted Database
Login
Username and Password
redirect to login page
Provide
AuthenticateUser
Decrypt session
Authenticate
successfull
redirect to main page
UserDetails
Provide details
Usuccessfull
RepeatLogin
Enterdetails
Record attempts
UserBlocked if attempts > 3
-
8/6/2019 Final CBS Work
20/34
20
Device based sequence diagram:
Figure 5 - Device based
User Device OBS system
Login attempt
ask for username and code
Enter password
Verify user
generate random code
random code
Enter code and username
security question
Provide
authorize
redirect to Home page
-
8/6/2019 Final CBS Work
21/34
21
Identity based sequence diagram:
Figure 6 Identity based
User Identity Provider OBS system Trusted Entity
Login attempt
Userdetails
Username and Password
Provide
Successfull
Verify Identity provider
Verify
Authorized
verifed
Ask user details
Provide stored details
Redirect to main page
-
8/6/2019 Final CBS Work
22/34
22
Component Diagram:
The following diagrams show the key components involved in the login process
of the three management systems.
Service based Component diagram:
Figure 7 Service based
Sign in panel
Username
Password
Authentication component
Encrypted database
Session ID
Username
User Details
-
8/6/2019 Final CBS Work
23/34
23
Device based component diagram:
Figure 8 Device based
Device applicationOBS application
encrypted code
Session ID
Access to system
Password
Logger
-
8/6/2019 Final CBS Work
24/34
24
Identity based component diagram:
Figure 9 Identity based
Identity Provider system
OBS application
Trusted Entity system
Authorization
Verify
Session IDUsername
Password
website authorization
Username
Password
Interface4
-
8/6/2019 Final CBS Work
25/34
25
Deployment Diagram:
The following diagrams show the mapping of the software components of the
identity management systems into the OBS platform.
Service based Deployment diagram:
Figure 10 Service based
OBS system
Sign in panel
Username
Password
Authentication component
Encrypted database
Session ID
Username
User Details
-
8/6/2019 Final CBS Work
26/34
26
Device based Deployment diagram:
Figure 11 Device based
OBS system
Device application
OBS application
encrypted code
Session ID
Access to system
Device
Device CPU
-
8/6/2019 Final CBS Work
27/34
27
Identity based Deployment diagram:
Figure 12 Identity based
OBS system
Identity Provider system
OBS application
Trusted Entity systemAuthorization Verify
Session ID
Username
Password
Identity Provider Trusted Identity
Identity provider database
Trusted Entity database
-
8/6/2019 Final CBS Work
28/34
-
8/6/2019 Final CBS Work
29/34
29
Device based State chart diagram:
The device-based diagram is divided in two parts. The first diagram is the device
state and the second diagram is the OBS system.
Figure 14 (a) device based
Idle
Waiting Password
Reading Password
Checking Password
Checking no. of attempts Encrypting password
Device locked
[Turn ON]
[Enter Password]
[Passwrod Entered]
[Verified Status]
[Verified][NotVerified]
[attempts checked]
[attempts >3]
[End] [End]
[Password checked]
Generating random number
Show code
[Obtained]
[attempts
-
8/6/2019 Final CBS Work
30/34
30
Figure 14 (b) device based
Idle
Displaying login page
Waiting for username and code
Checking with Database
Fetching notification page Fetching user details
checking choice
providing session ID
redirecting to homepage without session ID
redirecting to homepage with session ID
[Press Login]
[Login]
[Enter Username and Code]
[Verified][Not Verified]
[Choose option]
[Re-Login]
[Terminate]
[User detail obtained]
[Session ID granted]
[End][End]
-
8/6/2019 Final CBS Work
31/34
31
Identity based State chart diagram:
Figure 15 Identity based
Idle
Displaying login page
Waiting for username and password
Connecting to Identity Provider
Fetching notification page Checking Identity provider with Trusted Entity
checking choice
redirecting to homepage without session ID
[Press Login]
[Login]
[Enter Username and Password]
[Connected]
[Authorized][Not Authorized]
[Choose option]
[Re-Login]
[Terminate]
[End][End]
Authorizing User details
[Check]
[Passed]
Returning User Details
Granting Session
redirecting to homepage with session ID
[Obtained]
[Granted]
redirecting to homepage without session ID
[Not Passed]
[End]
-
8/6/2019 Final CBS Work
32/34
32
Comparison and selection ofIdentity management using ATAM:
The steps mentioned below are used to construct the evaluation of the
management systems. These steps involve various assumptions that were made
for the system trade offs and metrics.
Step 1 Scenario
Following is a possible scenario of a user logging into the system and trying to
access it.
User John browses to OBS website and is provided with a general page
available to all non-registered users. He could log in by using the log in
panel that send the username and password over a secure channel or
uses SSL and based on the identity management system used, the login
request is processed as it was shown in the sequence diagrams showed
earlier in the report for each management architecture.
Step 2 Basic Requirements/Assumptions
- All transactions are to be done via SSL protocol.
- Privacy of customers should be protected.
- The login system should be simple and easy to use.
- The system should be able to handle a considerable amount of concurrent
users.
- The system should be able to scale up or down easily.
Step 3 Possible Stakeholders
There has been three major stakeholders have been identified using the
assumptions made previously. These stakeholders are the Buyer, OBS
organization, Third parties involved for the delivery, payment and possibly the
Identity providers.
Step 4 Attribute Specific Analyses
The team has observed the three different architectures for the OBS system
based on the following constraints:
Security of system.
Privacy of data.
Cost effectiveness of the system.
Performance.
Scalability of the system.
The table below provides the in detailed view of the attributes that were
considered for each of the architecture and based on this analysis the identity
management system was chosen.
-
8/6/2019 Final CBS Work
33/34
33
Device Based Identity Based Service Based
Advantages
For
OBS system
This type of system
stores the password in
encrypted form insidethe device.
User does not
require registration
and hence the user
is saved from
managing multiple
usernames and
passwords.
Everything is within
the system
boundary of OBS
and the database
used is encrypted.
After 3 unsuccessful
attempts to log in the
device will
automatically be locked.
Identity based
systems can manage
multiple services
accounts for a single
user account.
Easier and simpler
to implement.
As all the data is storedin OBS database, the
system can be
considered to have
good privacy
It is easy to use and
update information.Simple interface
Device can be stolen
this is a potential risk.
It is cost effective. Allows simple
access to users.
Fewer resources are
required.
Faster performance
Privacy is protected
E.g. Open id.
It is good because
user have
established trust
with the identity
provider.
Easy to scale
because the user
data is managed by a
reliable third partythat specializes in
that particular area.
Can handle more
concurrent users.
-
8/6/2019 Final CBS Work
34/34
Device Based Identity Based Service Based
Disadvantages
For
OBS system
Although it provides
strong security but
such a system is not
convenient to use for
the users.
The implementation
can be complicated
because of the
integration of OBS
with another
provider.
Very difficult toscale
The requirement to
distribute separate
devices to users makes
the implementation of
this system cost
inefficient.There might be
performance issues
because of the
overhead ofcommunication with
the identity
provider.
Not cost effective,
as it will require
more resources.
(E.g. hardware,
database etc.)
It is not easy to
implement because ofthe requirement to
distribute devices to
every user.It is easier to
launch attack
against such
services.User must remember
the pass code for the
device (he/she cant
change it).
Step 5 Decision
Keeping the view of the above analyses the team came to conclusion to use
Identity provider architecture for the implementation in the OBS system because
of the various advantages of this architecture over the rest of the two.