Due: Monday Apr 6 , by the start of class (via turnin and/or hardcopy as described below)
For your IQP in Africa, your team has been asked to design a system for conducting banking transactions via SMS text messaging. Mobile phones and text messages are ubiquitous in Africa. The bank sponsoring your project wants to let its customers perform a variety of basic transactions using text messaging, such as checking balances, reviewing recent transactions, viewing foreign exchange rates, transferring funds between accounts, and buying airtime for their mobile phone accounts. The bank also wants to be able to send alerts and informational messages (such as ads for low rates) to its customers through this system.
You are the computing and security expert on the team. Your job is to produce two documents for the bank:
Your answer to part (2) can include whatever security technology you deem appropriate (password schemes, encryption algorithms, e-commerce protocols, firewalls), as well as recommendations on where various pieces of information reside (on the phone, at the bank, etc). Since we haven't yet covered the details of some parts of this (such as encryption algorithms), you don't have to indicate specific algorithms or implementation details for all aspects of (2); you should, however, indicate requirements you want those aspects to have.
Some guidelines on your answers:
You are welcome to search the web for ideas on this project, but please provide a bibliography of any materials you consulted in preparing your documents.
Submit your answers in any portable format (text, PDF, hardcopy). If you want to submit part of your work (like the threat model diagram) on paper, just turn it in to Kathi at the start of class on the due date.