Website social, server-side and security concepts
2025-hsc-se-q23 · Multipart · 9 marks
Source: NESA 2025 HSC Software Engineering HSC Q23
Question
A food delivery service offers prepackaged meals tailored to different dietary preferences, for example, vegetarian and gluten-free. It has developed a website for customers to place orders. The website is ready for testing and feedback.
The website includes:
- a menu that dynamically updates based on meal availability
- user accounts where customers can track deliveries and manage subscriptions
- a backend that processes orders and payments, updates stock and communicates with the delivery team.
Part (a) 3 marks
Outline potential social and ethical issues associated with the use of this website.
Part (b) 3 marks
Explain why server-side web programming would be needed to develop this website.
Support your answer with examples from the website.
Part (c) 3 marks
Security features have been included in the design of the website. Choose the fundamental security concept that matches each of the security features.
| Feature | Concept |
|---|---|
| The system verifies that the total price displayed matches the actual total after items are added to the cart. | |
| The backend ensures the website remains accessible during peak order times. | |
| The system logs all user actions, such as changes to subscriptions or delivery addresses. | |
| User payment details, such as credit card numbers, are encrypted during transactions. | |
| A user with a basic account can place orders but cannot access admin features. |
Reveal answer
Part (a)
Potential issues include protecting customer dietary, address and payment data; ensuring the site is accessible to different users; and avoiding misleading availability or delivery information that could disadvantage customers.
Part (b)
Server-side programming is needed because the site must process and store data that changes for all users. For example, the backend updates stock when orders are placed, processes payments, manages account subscriptions and sends order details to the delivery team.
Part (c)
| Cell | Answer |
|---|---|
| Total price concept | Integrity |
| Peak access concept | Availability |
| User action logs concept | Accountability |
| Encrypted payments concept | Confidentiality |
| Basic account concept | Authorisation |
Marking rubric
Part (a)
| Marks | Description |
|---|---|
| 3 | Outlines relevant social and ethical issues in the website context. |
| 2 | Identifies relevant issues with some link to the website. |
| 1 | Provides some relevant information about social or ethical issues. |
Part (b)
| Marks | Description |
|---|---|
| 3 | Explains the need for server-side programming with relevant website examples. |
| 2 | Describes server-side programming or provides relevant examples. |
| 1 | Identifies a feature of server-side programming. |
Part (c)
| Marks | Description |
|---|---|
| 3 | Correctly matches all five security features to concepts. |
| 2 | Correctly matches three or four security features. |
| 1 | Correctly matches one or two security features. |
Explanation
Server-side code manages shared business logic and data. The security matches are based on the usual meanings of confidentiality, integrity, availability, authorisation and accountability.
Metadata
- Submitter
- Seed data
- Created
- 2026-05-02
- Status
- published
- Syllabus
- y12-project-social-ethical-project-work y12-web-back-end-contribution y12-secure-design-security-concepts
- Tags
- web development social issues ethical issues server-side programming security concepts