Online Assessment Software development principles.
- Flexibility
It is uttermost important that you must make application totally flexible and configurable for both desktop and mobile applications. Any soft configurable values should never be part of the codebase. This should be either in some external file or under version control system. If used in an external file then multiple version of the files must exist for multiple environments. No conditional code should be used to pick up the environment variable. Spring Boot allows active profile concepts which allow the application to pick up the correct profile for running an application. 12 Factor microservices architecture stipulates that profile or environment-specific configuration should be deployed.
2. Secure Configuration
How do you secure passwords and encryption in the configuration files? One simply cannot put plain text passwords inside the configuration. There must be encryption allowing us to encrypt the password and so it's not visible anyone either in the source or in the repository. Before using the encrypted password must be decrypted internally and passed onto the application. In most system, there will interceptor which will consider the encrypted password as placeholders and apply public-key cryptography. Important to ensure no fixed coding or decoding algorithm is used. It must be based on some kind of certificate and able to expire. All cryptographic elements must have expiry constraint and religiously updated as per company or organisation security guidelines.
3. Test
Testing and exhaustive testing is must and there should be no avoidance. Mike Chon pyramid model should be used. A low-level unit testing and ending with UI user acceptance testing. Non-Functional elements for testing must be taken into account as well. There are cases when a number of user increases system stops functioning. Non-functional testing plays a vital role in terms of performance testing and stress testing as well as for security penetration testing. A simple example for Unit testing using Mock objects, Integration Testing, Shakedown Testing, Regression Testing and Automation Testing should not be avoided.
4. Release
Any software which is used outside the team should follow due diligence and controlled process. Every organisation defines its control process and release mechanism which must be adhered strictly. UAT environment or pre-production environment must be treated as same as a production environment and all the tests must go through it before even attempting to release into the production.
5. Software Release Tools
Most organisation have built-in release tools which define a number of stages to go through before releasing software to the production. A segregation of duties concept is used where developers are kept away from the UAT and PROD. Developers have no access to it. A number of applications exist to check for Compliance, Security, Scalability, Resource Usage and Configurability which must be agreed and accepted before the production deployment process takes place.
Please visit Business Integration Software to see various products using production release.
Assessment Management Software
Multiple Choice Question Software
