Abstract: Cyber security audits of the existing grade management system-OARS has revealed number of attacks on the system that could lead to serious consequences such as revealing the grades and changing them by unauthorized users and attackers.
Thus, to mitigate such incidents in the future in this project a software is being built on open source content-management framework -Drupal. The Grade Management system covers the three major phases of an academic session- Pre-Registration, Grading and Registration accessible to students, instructors and admin officers. The system is being built in a scalable way such that it caters the needs of colleges and universities all over India. The talk will focus on describing the major functionalities implemented for all the three types of users. Security of the software is ensured by providing strict roles to every authenticated user such that they can only view content as per their roles (student, instructor or admin office), through strong password settings, checking drupal vulnerabilities and using various penetration testing tools. Two factor authentications is also implemented for every user(tfa) which gives access to a user only when he enters the password and Time-based One-time Password at the login.
The talk will majorly focus on:
1.The general flow of website from the point of view of all the 3 types of users.
2.Scalabilty and how easily it can be changed as per the requirements of college.
3.How the security of the system is ensured and future works.