Online Auction System Use Case and Misuse Case Diagrams Mounika Challagundla, Graduate Student Dr. Natarajan Meghanathan, Associate Professor Department of Computer Science Jackson State University, Jackson, MS 39217, USA use case description • Registration: Anyone who want to participate in auction first they have to register to the system. • Login: The user will provide login details in order to access anything. • Post items: Once registered as a seller, the seller can start posting his inventory on the marketplace.
To post an item for auction, the seller should select the category and subcategory of the product to be listed in. use case description • Search products: If the buyer wants to know information regarding any product, then the buyer performs the search operation. • Place bid: Once the buyer confirms to buy a product, then the buyer place the bid onto the auction system. • Settle deal: Once the administrator select the highest bid person, then the administrator informs the seller about highest bid person information . Seller deals with the buyer about the payment.
Identification of actors • Seller: The seller is the person who keeps the items in the auction. • Buyer: The buyer is the person who purchases the items in the auction by placing bid. • Database: It contains all information about the buyer, seller and auction items etc. • Administrator: The person who monitors the online auction system. use case diagram: Registratio n Login Seller Data base Post items Search product Place bid Settle deal Buyer Administrator Paymen t Misuser description • This misuser can hack the login details of the legitimate users and can perform any malfunction. To mitigate this, cryptographic algorithms must be adopted. • The misuser can hack the bank details of the user. To mitigate this, encryption process should be applied on the bank information. Registration: name Identifica tion card Present Address Database Seller/Buyer Administrator Login: Username Database User Password Login: Database Th rea te Username ns ate Mitig s User password Th r ea te ns Hacks user name Applies cryptographic methods Mitigates Hacks password Misuser Misuser description • Misuser can hack the user name easily so that he can access the information. To eradicate this a password can be used. But a password also can be hacked. • Thus some cryptographic methods can be used to provide maximum protection. Post items: Place the item Database User Removes the item Post items: Threatens Place the item s ate Places the dummy item Database g iti M Monitored by administrator > User Removes the item Misuser Misuser description • The misuser can place a dummy item in the auction in order to waste time and trust of the legitimate user on the website. • The administrator will take care of this situation. Search product: Item available Database User
Item unavailable Place bid: Threatens Database M itig ate s de clu in Item available Can bid very high price > Monitored by admin User Item unavailable Misuser Misuse case description • The misuser can bid to a high price in order to increase the bidding value. • The administrator will monitor this situation. Because the administrator contains all his details and background history if any. Settle deal: Pay the bill Database User Receive the bill use case description • The buyer will pay the bill to the seller via administrator. • The seller will receive the bill from the buyer via the administrator.
Payment details: Name Address Card number Data base Expiration date User CVV number Shipping address Administrator Billing address Use case description • The name, address should be given to the administrator. • The card details must include card number, expiration date, CVV number, shipping address, billing address. • All these details will be verified by the administrator and will be stored in the database. • If all the above details are valid then the items will be shipped by the administrator. Payment details: Name Address Threatens s>> ude ncl de clu in