Adding a security.md file

tanishaness · Oct 20, 2024 · 19f6b06 · 19f6b06
1 parent 9362b70
commit 19f6b06
Show file tree

Hide file tree

Showing 2 changed files with 175 additions and 0 deletions.
diff --git a/Backend/Dataset/feedback.html b/Backend/Dataset/feedback.html
@@ -0,0 +1,126 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Student Cheating Website Analysis</title>
+    <link rel="stylesheet" href="styles.css">
+</head>
+<body>
+
+    <!-- Other content of the website -->
+
+    <footer>
+        <div class="footer-container">
+            <h2>Feedback Form</h2>
+            <p>Help us improve the analysis by providing your feedback on cheating incidents.</p>
+            <form class="feedback-form" action="#" method="post">
+                <label for="name">Name:</label>
+                <input type="text" id="name" name="name" placeholder="Your Name" required>
+
+                <label for="email">Email:</label>
+                <input type="email" id="email" name="email" placeholder="Your Email" required>
+
+                <label for="feedback">Your Feedback:</label>
+                <textarea id="feedback" name="feedback" rows="4" placeholder="Your feedback about cheating incidents or suggestions..." required></textarea>
+
+                <label for="rating">Rate the seriousness of cheating:</label>
+                <select id="rating" name="rating">
+                    <option value="1">1 - Not Serious</option>
+                    <option value="2">2</option>
+                    <option value="3">3</option>
+                    <option value="4">4</option>
+                    <option value="5">5 - Very Serious</option>
+                </select>
+
+                <button type="submit">Submit Feedback</button>
+            </form>
+        </div>
+    </footer>
+
+</body>
+<style>
+    /* General Styles */
+body {
+  font-family: 'Arial', sans-serif;
+  background-color: #f4f7f6;
+  margin: 0;
+  padding: 0;
+  display: flex;
+  justify-content: center;
+  align-items: center;
+  height: 100vh;
+}
+
+/* Feedback Form Container */
+.feedback-container {
+  background-color: #ffffff;
+  border-radius: 10px;
+  padding: 30px;
+  width: 100%;
+  max-width: 500px;
+  box-shadow: 0px 4px 15px rgba(0, 0, 0, 0.1);
+  text-align: center;
+}
+
+/* Form Elements */
+h1 {
+  color: #333333;
+  margin-bottom: 10px;
+}
+
+p {
+  color: #666666;
+  margin-bottom: 20px;
+  font-size: 14px;
+}
+
+form label {
+  display: block;
+  text-align: left;
+  margin: 10px 0 5px;
+  font-weight: bold;
+  color: #333333;
+}
+
+form input, form select, form textarea {
+  width: 100%;
+  padding: 10px;
+  margin-bottom: 15px;
+  border: 1px solid #ddd;
+  border-radius: 5px;
+  font-size: 14px;
+  background-color: #f9f9f9;
+}
+
+form input:focus, form select:focus, form textarea:focus {
+  outline: none;
+  border: 1px solid #0d6efd;
+}
+
+form button {
+  width: 100%;
+  padding: 12px;
+  background-color: #0d6efd;
+  color: white;
+  border: none;
+  border-radius: 5px;
+  cursor: pointer;
+  font-size: 16px;
+  font-weight: bold;
+  transition: background-color 0.3s ease;
+}
+
+form button:hover {
+  background-color: #084298;
+}
+
+/* Responsive Design */
+@media (max-width: 600px) {
+  .feedback-container {
+    padding: 20px;
+  }
+}
+
+</style>
+</html>
diff --git a/Backend/Dataset/security.md b/Backend/Dataset/security.md
@@ -0,0 +1,49 @@
+Overview
+This document outlines the security policies for the Academic Integrity Monitoring Platform (AIMP), a website designed to track and identify cheating incidents in exams. Our platform takes data security and user privacy seriously, as we deal with sensitive information such as student exam data and behavioral analytics. The platform follows best practices to ensure data protection, system integrity, and compliance with relevant legal standards.
+Reporting a Vulnerability
+We highly appreciate the responsible disclosure of any vulnerabilities that may impact the security of our platform. If you discover a potential security vulnerability, please contact us as soon as possible using the following procedure:
+
+Contact Email: Please send a detailed report to [[email protected]].
+
+Include information such as the vulnerability type, its potential impact, and steps to reproduce it.
+Response Time: We will acknowledge your report within 48 hours and provide an estimated timeline for investigation and resolution.
+
+Confidentiality: Please refrain from publicly disclosing any details of the vulnerability until we have addressed the issue and issued a fix, to ensure that no harm comes to our users or data during the investigation period.
+
+Bounty Program: If applicable, we offer a security bounty for valid, responsibly reported vulnerabilities that lead to significant improvements in our platform's security.
+Scope of Security
+The following areas are in scope for vulnerability reports:
+
+Authentication & Authorization: Ensure that unauthorized individuals cannot access restricted areas or data.
+Data Protection: Vulnerabilities that may lead to the exposure of personal or sensitive data, including student information or exam-related data.
+System Integrity: Issues related to the modification, deletion, or compromise of system files, processes, or logs.
+Third-Party Integrations: Any vulnerabilities related to external services used within the platform (such as databases or cloud storage).
+Application Logic: Issues that may affect the core functionality of the platform, such as bypassing exam monitoring or falsely flagging/ignoring cheating incidents.
+Out-of-scope issues include:
+
+Vulnerabilities related to outdated browsers, plugins, or technologies that are no longer supported by their vendors.
+Social engineering attacks on platform administrators that do not impact system-level vulnerabilities.
+Security Measures
+We employ the following measures to safeguard our platform and user data:
+
+Data Encryption: All sensitive data, including student and exam data, is encrypted both in transit (via HTTPS) and at rest using industry-standard encryption methods.
+Access Controls: We implement strict role-based access controls (RBAC) to ensure that only authorized users can access certain data and functionalities. All access is logged for auditing purposes.
+Regular Audits: Our system undergoes regular internal and third-party security audits to identify and mitigate potential vulnerabilities.
+Incident Response Plan: We have a robust incident response plan in place to deal with security breaches or data leaks. In the event of a breach, affected users will be notified within 72 hours, and appropriate remedial action will be taken.
+Monitoring & Alerts: The platform uses real-time monitoring tools to detect suspicious activity, abnormal usage patterns, and potential breaches.
+Compliance
+The platform is committed to complying with the following data privacy and security regulations:
+
+General Data Protection Regulation (GDPR) for users within the European Union.
+Family Educational Rights and Privacy Act (FERPA) for educational institutions in the United States.
+Other local and international laws governing data privacy and integrity as applicable to the regions where our platform operates.
+Contact
+For any security-related inquiries, please reach out to us at [[email protected]].
+
+This security policy can serve as a guide to ensure that your platform is secure and operates within the bounds of ethical and legal standards. It reflects a focus on protecting sensitive information, such as student data, while maintaining transparency and responsibility in how the platform handles security issues.
+
+
+
+
+
+