This week’s Sprint retrospective we had some issues. So, there were still the issue of ng2-amrs not working for many of the people in group. However, thanks to Jason Knowles he figured out how to fix the issue of cryptojs not working on the Ampath’s website. So, we were able to try and write something for Ampath to be able to use or try to use. Our goal in the beginning of the sprint was to write all the methods for Ampath so that way they can have something they can use for the summer or give to summer interns or people who would be working on it later on. We decided to split up the work into different parts so that way we would be able to get more methods done for them. We decided to write methods depending on what the client told us in their stories. We then decided to make the method for hashing passwords, encrypting records, generating private keys, generating local salt, clear local salt, delete keys, and writing decrypt records. I started to work on deleting private key method however i wanted to work with Oren since he was generating the private key so this was one of the issues we ran into that because since we were working on a project that we just kind of picked up and we don’t know much about it there wasn’t a lot to work on for the project so when I talked to Oren to see if he could help me with the delete private key method but Oren was actually going to work on that as well. So instead we decided to work on that part together.

So, I started to do a little research about the cryptojs and how to make private keys we decide to write a private key using PBKDF2. PBKDF2 is a password strength algorithm that makes it difficult for computers to check that anyone password is correct Master passwords during a Brute Force attack so the way that PBKDF2 works is that it requires many computations to get from the master password to Turkey anyone that’s trying to brute-force try to automatically guess a master password has to perform the same calculations PBKDF2 with PBKDF2 it prevents password-cracking flows from making optimal use of the graphics card which reduce gas rates from hundreds of thousands of gas per seconds less than a few ten thousand guesses per second.

Finally looking back through throughout this project I’ve learned a lot about encryption services. Maybe not enough to be able to write my own encryption from scratch. But this experience was helpful for me and it will help me throughout my career. Between the two classes I was taking this semester and learning about Sprints and planning’s how to work with a group and team. It was different than all the other years that I have been in school. I didn’t learn a new language or more coding skills but I l was able to get a real-world experience. how time-consuming it was to even talk to the manager, how that we were a class who that was working on the same project but we are split into four groups and none of us really talk to each other about trying to put our code together and make it work with one another. Though maybe it was because no one was really experienced in this type situation or maybe the time constraint of working on this project and also having other class work and other personal stuff to do that’s it was a 10-week project if he really boils down to how much work was done it might have been a lot shorter so that’s why we weren’t able to finish I’m what we were assigned and trying to bring it together. so, the for the final Sprint we’re going to try to just finish up what we started and then start working on our presentation.

From the blog CS@Worcester – The Road of CS by Henry_Tang_blog and used with permission of the author. All other rights reserved by the author.

This week’s Sprint retrospective we had many issues. Most of the group could not open ng2-amrs program. So, for some of the sprint we were trying to get it working. When we first saw the projects, we are all able to download and able to run ng2-amrs program without any issues. However, for some reason four out of the five people’s program were not working. We sent messages to Ampath to see if it was something that they would be able to help us fix. However they were no help. We were also asking other students in the class of they were having similar issues but no one else was having the same issues. Most of us tried uninstalling and reinstalling the program and it did work for a few. While we were trying to work on fixing the ng2 we were also thinking of ideas of how to get this encryption service into the website. First we were thinking that they wanted only an encryption for the password. But from talking to Jonathan this encryption service was meant to encrypt everything from data coming in, going out, passwords, and files. We were looking up research about other encryption services that might have done this before but most of the encryption service are not done offline. This is because we would not be able to save the hash password and the salt on the tablet because if we did they would be saved on the tablet they are using. That is not really safe a encryption especially because it is patient data. At this point we are confused with what we must do. Unlike other projects that give us specifications and an end goal of what they want. The ampath project is different for us because you cannot just message them and expect a response right away because they live on the other side of the world and most of the times when we are brainstorming ideas on what we want to do. We don’t know exactly what they want and when we do ask they gave us a “yeah that seems fine.” kind of answer. Most of times we just want exactly what they want. For me this project has been difference because for other classes and other products that I have been working on such as personal project and project for classes I would be told what the final expectation for this project would be. Since this project for Ampath is such a huge project and many of us are just learning new stuff just for this project. We don’t know much of what they want or what to do. Once we understand that they wanted a websites that would be able to hold all the patient data offline so that they would be able to meet patients where they would have no cellular service. But part of the problem with that is when doing encryption services from the standpoint of view of programmers we want this to be perfect so that way and path would not have any troubles but I’ll find encryption to us feasible or possible we hope that the next Prince able to get a lot more work done we would try and get something so that they can work off of this or maybe the next project for the next class would be able to take the coat that we have now and work off of that

From the blog CS@Worcester – The Road of CS by Henry_Tang_blog and used with permission of the author. All other rights reserved by the author.

This week’s Sprint retrospective we decided to look up different types of encryption services. Everyone had an encryption service that they were to look up and then write a shorts program see how it works. We decided out of all the encryption service out there we wanted to look at crypto-JS, Forge, web crypto, pouchdb, and bcryptjs. The one I researched was forged encryption service. It did do what we wanted however we decided not to use it because it has not been updated in 4 years so since we are working with sensitive data and did not want it to be leaked forge was out of the picture. Pouchdb was another one that we ruled out because this encryption service was made by someone that did it during their free time so it wasn’t updated regularly. The encryption service that we did decide to use was crypto Js because it was the simplest encryption service that we could have used and is not too old and the last update was not that long ago.

Finally, we decide what kind of encryption service we wanted to use. We started to talk about how we encrypt the data that is given to us. Oran gave an idea that we would encrypt the data as it comes our way so it would act like a blanket. Whenever some data such as a string, array, and any other sensitive information would come through the encryption service. It would take that data and encrypt it. However Oren had a colleague that was familiar with encryption services and he told him that data like that should be encrypted already. So that brought up a good point we want to ask Ampath if they have the data already encrypted or is this encryption service itself supposed to encrypt the data that they have. So for now moving forward we decided that we’re going to act like they need the data to be encrypted. We also need to start working with the other teams to know what data that is going to be given us to us and if cryptojs would be able to work with what they are planning.

So for the next week I will be studying up more on crypto Js and then trying to help the team write a basic program that can take inputs and give outputs of strings, letters, and words. I learned a lot about encryption during the week that we were encryption service in the beginning I did not know how the encryption service works such as what was salt and encrypt a string how would it remember what encryption that use to the string and if you were to send it to another device to be encrypted with that device need that same type of program to unencrypted password

From the blog CS@Worcester – The Road of CS by Henry_Tang_blog and used with permission of the author. All other rights reserved by the author.

This week’s sprint retrospective we finally figured out what we are doing.  We started to talk about what we wanted to do for the project. Looking at the Trello board there were quite a few options. However, since Eric had some experience with encryption services we decided to work on the encryption for the website. While we were reading the google doc to see what they wanted us to do for this project. We noticed that they wanted to be able go to download a certain patient information before they were to go out onto the field because whenever they were to work on the field the internet would cut off and it would impact their work dramatically. So, we know that since they are taking sensitive information with them outside they have the risk of it getting stolen.  With this information, we wanted to have an encryption that is not just some username password but also a keygen so that way it would last a few weeks or however long the doctor would want the information on the tablet to be accessible on the tablet but after that it would get locked out where you would not be able to access the information at all. We then started to look up what kind of library’s we could use to make this encryption such as crypto-js, forge, bcryptjs, and webcrypto. We sent a message on the slack asking what kind of encryption that they have already used or would like us to use and they are fine with us choosing. We then set up on our Trello board what each and everyone has to research and write a sample project with the assigned library. Moving forward we just want to be able to work on our communication with each other and how we would be able to share the information that we have with not just each other but also with the rest of the class. Throughout the week all I have done was read though the code and to see what it does. Reading though the code it looks like they have some kind of implication for security however it looks very basic.

From the blog CS@Worcester – The Road of CS by Henry_Tang_blog and used with permission of the author. All other rights reserved by the author.

For this sprint retrospective there isn’t much to talk about because we were just going over the basics of how we are going to work together and setting up the server for our team to work on. During the sprint meeting we talked about the little things that we would like to change. Such as how we can change how our trello board works such as we put up all of the things we need to do and then put our names on the corresponding things we had done and did. Next, we talked about how we are going to push any of the code that we will be doing ourselves onto the git hub and when we should do it. We all decided to push it whenever we meet at least for now since we are still getting to know how each other works as a team. Finally, we went onto the google doc at the end of the meeting and just talked a reviewed the stories for ng-amrs. Just trying to keep ourselves ahead of the curve and started talking about how we can do this project. Throughout the week I just worked on the assignment leading up to setting up the server and getting to know my team more. Some of the things that did help me out throughout the sprints are the slack board and my teammates. For now I don’t see any issues working  with my team they are all great people and we are testing the waters of how we should be coordinating how we work and what we should do.

From the blog CS@Worcester – The Road of CS by Henry_Tang_blog and used with permission of the author. All other rights reserved by the author.