Security Issues

Identify any security issues raised by your software.

Identify sensitive information kept by your software.

The sensitive information that our software will store is the username, password, email, and location of each user. Firebase Authentication handles the secure storing of the account data like username/password/email, but we are using each username as the ID for each collection of a user's wishlist and visited list. We will need to make sure to not store the user's information locally when passing this username in the Online Firestore queries. The user's GPS data is used to fetch nearby markers, so we will similarly not store that data, only get it when querying.

Identify possible attack vectors, that is, ways malicious users could try to use your software to escalate their privileges.

Online Firestore is a non-SQL database which will help to prevent insertion attacks on the database. We can use Firebase Authentication's security rules to prevent a user from accessing other user's associated collections, and to only allow reading from the main Markers collection.

Security Issues

Identify any security issues raised by your software.

Identify sensitive information kept by your software.

Identify possible attack vectors, that is, ways malicious users could try to use your software to escalate their privileges.

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Home

Logs

Ethical, Legal, and Security considerations

Design, Requirements, and Architecture

Source Control

Personas

User Stories

UI Page Design + Navigation Notes

Clone this wiki locally