Contents

1.

Page no.
5-6

INTRODUCTION
1.1 PURPOSE OF

THE PROJECT 1.2 SOLUTION 1.3 ADVANTAGES 1.4 LIMITATIONS

2.

SYSTEM ANALYSIS
2.1 EXISTING SYSTEM 2.2 PROPOSED SYSTEM 2.3 FEASIBILITY STUDY

7-8

3. SYSTEM REQUIREMENTS 4. SOFTWARE DESCRIPTION 5. PROJECT DESCRIPTION 6. SYSTEM DESIGN

6.1 INTRODUCTION 6.2 UML DIAGRAMS 6.3 DATAFLOW DAIGRAMS

9-10 11-23 24-26 27-42

7. SOURCE CODE 8. SYSTEM TESTING

8.1 SYSTEM TESTING AND IMPLEMENTATION 8.2 TESTING STRATEGIES

43-48 49-55

9. SCREENS
9.1 OUTUT SCREENS 9.2 SQL DATABASE TABLES

56-65

10. CONCLUSION 11. DATA DICTIONARY 12. BIBILIOGRAPHY

1

66-67 68-69 70-71

LIST OF FIGURES
FIGURE NO 6.2.1 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.3 FIGURE NAME Usecase Diagram of Admin Usecase Diagram of User Class Diagram of Admin&User Sequence Diagram of Admin Sequence Diagram of User Collaboration Diagram of Admin Collaboration Diagram of User Dataflow Diagrams PAGE NO 38 39 40 42 43 44 45 46

LIST OF SCREENS
SCREEN NO 9.1.1 9.1.2 9.1.3 9.1.4 9.1.5 9.1.6 9.1.7 9.1.8 9.1.9 9.1.10 9.1.11 SCREEN NAME Login page Login into admin Setup the Users View/Update the users Setup the Encryption type View/Update encryption type Start and Stop SMS Service Login into User Setup the Users View/Update the Users View the encryption type PAGE NO 57 58 58 59 59 60 60 61 61 62 62

LIST OF TABLES
TABLE NO 8.1.1 8.1.2 8.1.3 8.1.4 9.2.1 9.2.2 9.2.3 9.2.4 9.2.5 TABLE NAME Test case table for login Test case table for Admin (users) Test case table for Admin (encryptiontype) Test case table for User (userccount) Master user Response encryption type SMS Request SMS Response User Accounts PAGE NO 52 53 54 55 63 64 64 65 65

1. INTRODUCTION

1. INTRODUCTION
1.1 Purpose of the project The main purpose of the project is to develop an application called SMS Based Online Encrypted Password Manager Application is a web based application which is not only allows the passwords to be saved in the centralized database in an encrypted format but can also return the password when requested in a simple encryption format as well, so that it cannot be misused by others even if they happen to see the SMS query result 1.2 Solution The development of the new system contains the following activities, which try to automate the entire process keeping in view of the database integration approach. o o o o o o o o Access Management process for User registration User Account and Password details setup and maintenance Process Password encryption process during setup and retrieval SMS request parsing and information querying process SMS delivery process Transaction logging and reporting process SMS Based Password Update Process Data Archive and cleanup process

1.3 Advantages The project is identified by the merits of the system offered to the user. The merits of this project are as follows It is used by users to register to the web application. Allows the users to setup their various account details and respective passwords in an encrypted format. o Reads the incoming SMS and prepares the search string by parsing the SMS message. o Searches the database for the account details matching the search criteria and formats the result set for SMS delivery. o Allows registered users to update the Account password through SMS from their registered mobile number only. o Allows Admin users to Archive/Cleanup old data on the system
o o

1.4 Limitations The size of database increases,increasing the load on database back up and data maintenance activity. Training for simple computer operations is necessary for the users working on the system
6

2. SYSTEM ANALYSIS

2. SYSTEM ANALYSIS
2.1 EXISTING SYSTEM: It is difficult to remember all the passwords so,people write it on paper which are very risky and may lead to misuse of accounts, data loss or even financial loss. There is no proper way for a common person to save all these passwords securely and retrieve them when required. 2.2 PROPOSED SYSTEM: There is a need for a centralized web based application to allow users to save all their passwords in a secured and encrypted format on the Internet so that they can be retrieved. The way it works is: Users register along with their mobile number They save all their passwords in an encrypted format If required even the password sent out could be encrypted

2.3 FEASIBILITY STUDY: Preliminary investigation examine project feasibility, the likelihood the system will be useful to the organization. The main objective of the feasibility study is to test the Technical, Operational and Economical feasibility for adding new modules and debugging old running system. All system is feasible if they are unlimited resources and infinite time. There are aspects in the feasibility study portion of the preliminary investigation: Technical Feasibility Operation Feasibility Economic Feasibility

3.SYSTEM REQUIREMENTS

3.SYSTEM REQUIREMENTS
3.1 Hardware requirements: HDD RAM Operating System : : : 20GB Min, 40GB Recommended 1GB Min Windows XP with SP2 or Windows Vista

3.2 Software requirements:

Operating System

: : : : :

Windows XP with SP2 or Windows Vista MS-SQL server 2005 ASP.NET with C#.NET MS-Visual Studio .Net 2008 Mozilla Firefox ,IE 6

Database Technologies IDE Browser

Windows Operating System Front-end : JSP, JAVA Script, HTML. Model Layer : Struts, Servlets Back-end : My SQL Database Tools : My Eclipse, Dream weaver

10

4. SOFTWARE DESCRIPTION

11

4. SOFTWARE DESCRIPTION
INTRODUCTION TO JAVA FEATURES OF JAVA The inventors of java wanted to design a language which could offer solution to some of the problems encountered in modern programming. They wanted the language to be not only reliable, portable and distributed but also simple, compact and interactive. Sun Microsystems officially describes Java with the following ATTRIBUTES: Compiled and Interpreted Platform _ Independent and Portable Object Oriented Robust and Secure Distributed Familiar, Simple and Small Multithreaded and Interactive High Performance Dynamic and Extensible

Although the above appears to be a list of buzzwords, they aptly describe the full potential of the language. These features have made Java the first application language of the World Wide Web. Java will also become the premier language for general purpose stand_ alone applications. Compiled and Interpreted Usually a computer language is either compiled or interpreted. Java combines both these approaches thus making Java a two _ stage system. First, Java compiler translates source code into what is known as byte code instructions. Byte code are not machine instructions and therefore, in the second stage, Java interpreter generates machine code that can be directly executed by the machine that is running the Java program. We can thus say that Java is both compiled and interpreted language.
12

Platform Independent and Portable The most significant contribution of Java over other language is its portability. Java programs can be easily moved from one computer system to another, anywhere and anytime. Changes and upgrades in operating systems, processors and system resources will not force any changes in Java programs. This is the reason why Java has become a popular language for programming on Internet which interconnects different kinds of systems worldwide. Object Oriented Java is a true object _ oriented language. Almost everything in Java is an object. All program code and data reside within objects and classes. Java comes with an extensive set of classes, arranged in packages, which we can use in our programs by inheritance. The object model in Java is simple and easy to extend. Robust and Secure Java is a robust language. It provides many safeguards to ensure reliable code. It has strict compile time and run time checking for data types. It is designed as a garbage collected language relieving the programmers virtually memory management problems. Java also incorporates the concept of exception handling which captures series errors and eliminates any risk of crashing the system. Distributed Java is designed as a distributed language for creating applications on networks. It has the ability to share both data and programs. Java applications can open and access remote objects on Internet as easily as they can do in a local system. This enables multiple programmers at remote locations to collaborate and work together on single project. multiple

13

Simple, Small and Familiar Java is a small and simple language. Many features of C and C++ that are either redundant and source of unreliable code are not part of Java. For example, Java does not use pointers preprocessor header files; go to statement and many others. It also eliminates operator overloading and multiple inheritance. Familiarity is another striking feature of Java. To make the language look familiar to the existing programmers, it was modeled on C and C++ languages. Multithread and Interactive Multithreaded means handling multiple tasks simultaneously. Java supports multithreaded programs. This means that we need not to wait for the application to finish one task before beginning another. The Java runtime comes with tools that support multiprocess synchronization and construct smoothly running interactive systems. High Performance Java performance is impressive for an interpreted language, Mainly due to the use of intermediate byte code. According to Sun, Java speed is comparable to the native C/C++. Java architecture is also designed to reduce overheads during runtime. Further, the incorporation of multithreading enhances the overall execution speed of Java programs. Dynamic and Extensible Java is dynamic language. Java is capable of dynamically linking in new class libraries, methods, and objects. Java can also determine the type of class through a query, making it possible to either dynamically link or abort the program, depending on the response. Java programs support functions written in other language such as C and C++. These functions are known as native methods. This facility enables the programmers to use the efficient functions available in these languages. Native methods are linked dynamically at runtime.

14

4.2. Hyper Text Markup Language

Hypertext Markup Language (HTML), the languages of the World Wide Web (WWW), allows users to produces Web pages that include text, graphics and pointer to other Web pages (Hyperlinks). HTML is not a programming language but it is an application of ISO Standard 8879, SGML (Standard Generalized Markup Language), but specialized to hypertext and adapted to the Web. The idea behind Hypertext is that instead of reading text in rigid linear structure, we can easily jump from one point to another point. We can navigate through the information based on our interest and preference. A markup language is simply a series of elements, each delimited with special characters that define how text or other items enclosed within the elements should be displayed. Hyperlinks are underlined or emphasized works that load to other documents or some portions of the same document. HTML can be used to display any type of document on the host computer, which can be geographically at a different location. It is a versatile language and can be used on any platform or desktop. HTML provides tags (special codes) to make the document look attractive. HTML tags are not case-sensitive. Using graphics, fonts, different sizes, color, etc., can enhance the presentation of the document. Anything that is not a tag is part of the document itself.

4.3. JavaScript
JavaScript is a script-based programming language that was developed by Netscape Communication Corporation. JavaScript was originally called Live Script and renamed as JavaScript to indicate its relationship with Java. JavaScript supports the development of both client and server components of Web-based applications. On the client side, it can be used to write programs that are executed by a Web browser within the context of a Web page. On the server side, it can be used to write Web server programs that can process information submitted by a Web browser and then updates the browsers display accordingly Even though JavaScript supports both client and server Web programming, we prefer JavaScript at Client side programming since most of the browsers supports it. JavaScript is almost as easy to learn as HTML, and JavaScript statements can be included in HTML documents by enclosing the statements between a pair of scripting tags <SCRIPTS>... </SCRIPT>.
15

<SCRIPT LANGUAGE = JavaScript> JavaScript statements </SCRIPT> Here are a few things we can do with JavaScript: Validate the contents of a form and make calculations. Add scrolling or changing messages to the Browsers status line. Animate images or rotate images that change when we move the mouse over them. Detect the browser in use and display different content for different browsers. Detect installed plug-ins and notify the user if a plug-in is required. We can do much more with JavaScript, including creating entire application.

4.4. JDBC
Java Database Connectivity or in short JDBC is a technology that enables the java program to manipulate data stored into the database. Here is the complete tutorial on JDBC technology. 1. What is JDBC? JDBC is Java application programming interface that allows the Java programmers to access database management system from Java code. It was developed by Java Soft, a subsidiary of Sun Microsystems. JDBC has four Components: 1. The JDBC API. 2. The JDBC Driver Manager. 3. The JDBC Test Suite. 4. The JDBC-ODBC Bridge. 5. The JDBC API. The JDBC application programming interface provides the facility for accessing the relational database from the Java programming language. The API technology provides the industrial standard for independently connecting Java programming language and a wide range of databases. The user not only execute the SQL statements, retrieve results, and update the data but can also access it anywhere within a network because of it's "Write Once, Run Anywhere" (WORA) capabilities. Due to JDBC API technology, user can also access other tabular data sources like spreadsheets or flat files even in the a heterogeneous environment. JDBC application programming interface is a part of the
16

Java platform that has included Java Standard Edition (Java SE) and the Java Enterprise Edition (Java EE) in itself. The JDBC API has four main interface: The latest version of JDBC 4.0 application programming interface is divided into two packages i ii java.sql javax.sql.

Java SE and Java EE platforms are included in both the packages.

4.5. Java Server Pages (JSP)

Java server Pages is a simple, yet powerful technology for creating and maintaining dynamic-content web pages. Based on the Java programming language, Java Server Pages offers proven portability, open standards, and a mature re-usable component model. The Java Server Pages architecture enables the separation of content generation from content presentation. This separation not eases maintenance headaches; it also allows web team members to focus on their areas of expertise. Now, web page designer can concentrate on layout, and web application designers on programming, with minimal concern about impacting each others work.

Features of JSP: Portability Components Processing Access Models Steps in the execution of a JSP Application:
The client sends a request to the web server for a JSP file by giving the name of the JSP file within the form tag of a HTML page. This request is transferred to the JavaWebServer. At the server side JavaWebServer receives the request and if it is a request for a jsp file server gives this request to the JSP engine. JSP engine is program which can understand the tags of the jsp and then it converts those tags into a Servlet program and it is stored at the server side. This Servlet is loaded in the memory and then it is executed and the result is given back to the JavaWebServer and then it is transferred back to the
17

result is given back to the JavaWebServer and then it is transferred back to the client.

Java Beans:
We can assemble a computer or fan very easily by choosing different components manufactured by different vendors. We can take a screw from company one and use it to fit the Mother board to cabinet as they are manufactured according to a standard. Observing to this point to simplify the process of developing software, different software companies has proposed different component technologies. Ex: java soft java bean component tech, EJB component tech, Microsoft COM, BONOBO component model. Java Bean and EJB are two different specifications from java soft. EJB can be used to implement business logic on the server side. Most of the developers uses to assume Java Bean components are for developing GUI components and they can be used only on the client side but we can develop any kind of software using Java Bean standard (GUI/ non GUI). Java Bean can be used either on the client side or on the server side. AWT, JFC components are implemented according to Java Bean standard. According to Java Bean standard a Bean component can support a set of properties, set of events, any number of additional methods. A property can be read-write or it can be just read only property. For read write property we need to provide setXXX and getXXX methods (isXXX if the property is Boolean )

4.6. Struts
What is Struts - Struts Architecture
Struts is famous for its robust Architecture and it is being used for developing small and big software projects. Struts is an open source framework used for developing J2EE web applications using Model View Controller (MVC) design pattern. It uses and extends the Java Servlet API to encourage developers to adopt MVC architecture. Struts framework provides three key components: A request handler provided by the application developer
18

that is used to mapped to a particular URI. A response handler which is used to transfer the control to another resource which will be responsible for completing the response. A tag library which helps developers to create the interactive form based applications with server pages Struts provides you the basic infrastructure infrastructure for implementing MVC allowing the developers to concentrate on the business logic.

MVC Architecture
The main aim of the MVC architecture is to separate the business logic and application data from the presentation data to the user. Here are the reasons why we should use the MVC design pattern. 1. 2. They are reusable: When the problems recurs, there is no need to invent a new solution, we just They are expressive: By using the MVC design pattern our application becomes more have to follow the pattern and adapt it as necessary. expressive.

Struts frame work is based on MVC Architecture

19

1) Model: The model object knows about all the data that need to be displayed. It is model who is aware about all the operations that can be applied to transform that object. It only represents the data of an application. The model represents enterprise data and the business rules that govern access to and updates of this data. Model is not aware about the presentation data and how that data will be displayed to the browser. 2) View: The view represents the presentation of the application. The view object refers to the model. It uses the query methods of the model to obtain the contents and renders it. The view is not dependent on the application logic. It remains same if there is any modification in the business logic. In other words, we can say that it is the responsibility of the of the view's to maintain the consistency in its presentation when the model changes. Controller: Whenever the user sends a request for something then it always go through the controller. The controller is responsible for intercepting the requests from view and passes it to the model for the appropriate action. After the action has been taken on the data, the controller is responsible for directing the appropriate view to the user. In GUIs, the views and the controllers often work very closely together. Overview of the Struts Framework The Struts framework is composed of approximately 300 classes and interfaces which are organized in about 12 top level packages. Along with the utility and helper classes framework also provides the classes and interfaces for working with controller and presentation by the help of the custom tag libraries. It is entirely on to us which model we want to choose. The view of the Struts architecture is given below: The Struts Controller Components: Whenever a user request for something, then the request is handled by the Struts Action Servlet. When the ActionServlet receives the request, it intercepts the URL and based on the Struts Configuration files, it gives the handling of the request to the Action class. Action class is a part of the controller and is responsible for communicating with the model layer.

20

The Struts View Components: The view components are responsible for presenting information to the users and accepting the input from them. They are responsible for displaying the information provided by the model components. Mostly we use the Java Server Pages (JSP) for the view presentation. To extend the capability of the view we can use the Custom tags, java script etc. The Struts model component: The model component provides a model of the business logic behind a Struts program. It provides interfaces to databases or back- ends systems. Model components are generally a java class. There is not any such defined format for a Model component, so it is possible for us to reuse Java code which is written for other projects. We should choose the model according to our client requirement. Validator Framework Struts Framework provides the functionality to validate the form data. It can be use to validate the data on the users browser as well as on the server side. Struts Framework emits the java scripts and it can be used to validate the form data on the client browser. Server side validation of the form can be accomplished by sub classing your From Bean with DynaValidatorForm class. The Validator framework was developed by David Winterfeldt as third-party add-on to Struts. Now the Validator framework is a part of Jakarta Commons project and it can be used with or without Struts. The Validator framework comes integrated with the Struts Framework and can be used without doing any extra settings. Understanding Struts Controller In this section I will describe you the Controller part of the Struts Framework. I will show you how to configure the struts-config.xml file to map the request to some destination servlet or jsp file. The class org.apache.struts.action.ActionServlet is the heart of the Struts Framework. It is the Controller part of the Struts Framework. ActionServlet is configured as Servlet in the web.xml file as shown in the following code snippets. <! -- Standard Action Servlet Configuration (with debugging) --> <servlet> <servlet-name>action</servlet-name
21

<servlet-class>org.apache.struts.action.ActionServlet</servlet-class> <init-param> <param-name>config</param-name> <param-value>/WEB-INF/struts-config.xml</param-value> </init-param> <init-param> <param-name>debug</param-name> <param-value>2</param-value> </init-param> <init-param> <param-name>detail</param-name> <param-value>2</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> This servlet is responsible for handing all the request for the Struts Framework, user can map the specific pattern of request to the ActionServlet. <servlet-mapping> tag in the web.xml file specifies the url pattern to be handled by the servlet. By default it is *.do, but it can be changed to anything. Following code form the web.xml file shows the mapping. <!-- Standard Action Servlet Mapping --> <servlet-mapping> <servlet-name>action</servlet-name> <url-pattern>*.do</url-pattern> </servlet-mapping> The above mapping maps all the requests ending with .do to the ActionServlet. ActionServlet uses the configuration defined in struts-config.xml file to decide the destination of the request. Action Mapping Definitions (described below) is used to map any action. For this lesson we will create Welcome.jsp file and map the "Welcome.do" request to this page.

22

Forwarding the Welcome.do request to Welcome.jsp The "Action Mapping Definitions" is the most important part in the struts-config.xml. This section takes a form defined in the "Form Bean Definitions" section and maps it to an action class. Following code under the <action-mappings> tag is used to forward the request to the Welcome.jsp. <action path="/Welcome" forward="/pages/Welcome.jsp"/> To call this Welcome.jsp file we will use the following code. Once the use clicks on on First Request to the controller link on the index page, request (for Welcome.do) is sent to the Controller and the controller forwards the request to Welcome.jsp. The content of Welcome.jsp is displayed to the user.

4.7 SQL SERVER

A database management, or DBMS, gives the user access to their data and helps them transform the data into information. Such database management systems include dBase, paradox, IMS, SQL Server and SQL Server. These systems allow users to create, update and extract information from their database. A database is a structured collection of data. Data refers to the characteristics of people, things and events. SQL Server stores each data item in its own fields. In SQL Server, the fields relating to a particular person, thing or event are bundled together to form a single complete unit of data, called a record (it can also be referred to as raw or an occurrence). Each record is made up of a number of fields. No two fields in a record can have the same field name. During an SQL Server Database design project, the analysis of your business needs identifies all the fields or attributes of interest. If your business needs change over time, you define any additional fields or change the definition of existing fields. SQL SERVER TABLES SQL Server stores records relating to each other in a table. Different tables are created for the various groups of information. Related tables are grouped together to form a database.

23

5. PROJECT DESCRIPTION

24

5. PROJECT DESCRIPTION: INTRODUCTION:

Quite a few people, unknowingly, either have the same password for all the accounts or write down all the passwords on a piece of paper and carry with them or have passwords that are very easy to remember that can be guessed easily by others, all of which are very risky and may lead to misuse of accounts, data loss or even financial loss. There is no proper way for a common person to save all these passwords securely and retrieve them when required. There is a need for a centralized web based application to allow users to save all their passwords in a secured and encrypted format on the Internet so that they can be retrieved whenever required by sending an SMS. This application not only allows the passwords to be saved in the centralized database in an encrypted format but can also return the password when requested in a simple encryption format as well, so that it cannot be misused by others even if they happen to see the SMS query result. The way it works is: Users register along with their mobile number They save all their passwords in an encrypted format Whenever they require a password for an account, they send an SMS to a given number from their mobile phone along with the account details. Based on the mobile number validation and account specified the application automatically sends out the password in an SMS to the users mobile number. If required even the password sent out could be encrypted

ENCRYPTION: Suppose Alice wants to send a message M to Bob. Alice creates the cipher text C by exponentiation: C = ME mod N, Where E and N are Bobs public key. Alice sends C to Bob. DECRYPTION: To decrypt the cipher text C, Bob also exponentiates:
25

M = CD mod N The relationship between E and D ensures that Bob correctly recovers M. Since only Bob knows D, only Bob can decrypt the message. ALGORITHMS: The algorithms used to encrypt and decrypt the data which the admin sends upon the users request. The user has to register in the database and with the help of that the admin will send the requested data asked by the user. Here the user will select the algorithm and upon that the data will be encrypted and thus later gets decrypted when user gets it. Here we use three types of algorithms in our project. They are: PBEWithSHAandDESde PBEWithMD5andDES PBEWithSHAandRC2-40 These are the three different types of algorithms and accordingly to this the user selects the algorithm and get the data to the user in a well secured form. ADVANTAGES: The project is identified by the merits of the system offered to the user. The merits of this project are as follows

It is used by users to register to the web application. Allows the users to setup their various account details and respective passwords in an encrypted format. Reads the incoming SMS and prepares the search string by parsing the SMS message. Searches the database for the account details matching the search criteria and formats the result set for SMS delivery. Allows registered users to update the Account password through SMS from their registered mobile number only. Allows Admin users to Archive/Cleanup old data on the system

26

6. SYSTEM DESIGN

27

6. SYSTEM DESIGN 6.1 Introduction:

Software design sits at the technical kernel of the software engineering process and is applied regardless of the development paradigm and area of application. Design is the first step in the development phase for any engineered product or system. The designers goal is to produce a model or representation of an entity that will later be built. Beginning, once system requirement have been specified and analyzed, system design is the first of the three technical activities -design, code and test that is required to build and verify software. The importance can be stated with a single word Quality. Design is the place where quality is fostered in software development. Design provides us with representations of software that can assess for quality. Design is the only way that we can accurately translate a customers view into a finished software product or system. Software design serves as a foundation for all the software engineering steps that follow. Without a strong design we risk building an unstable system one that will be difficult to test, one whose quality cannot be assessed until the last stage. During design, progressive refinement of data structure, program structure, and procedural details are developed reviewed and documented. System design can be viewed from either technical or project management perspective. From the technical point of view, design is comprised of four activities architectural design, data structure design, interface design and procedural design.

28

UML DAIGRAMS

Usecase diagram on admin:

login

users

encryption type admin

start SMS Service

stop SMS Service

sent data to user will decrypted

NewUseCase

Figure 6.2.1
29

Usecase diagram on user:

login

user

view accounts

view encrypted types

view request

view respone

Figure 6.2.2

30

Class Daigram of admin and user:

S y s tem adm in adm in id adm in ty pe firs tna m e las tna m e phone no em ailid loginid ps w d req p s w d s tatu s add() vie w () update()

M as te r us er us erid us erty pe firs t nam e las t nam e phone em ailid login id pw d req p s w d s tatu s add() vie w () update()

R es ponseE nc ry ptiont y pe E nc ry ptionid E nc c ry ption N am e details s tatu s add() vie w () update()

U s er ac c ount A c c ountid us e rid ac c ou ntnam e ac c ou ntps w d res pE n c ry pt ty pes id s tatus add () view () upd ate()

S M S R eques t req ues tid req datetim e s m s m obile n o Q uery S tring R eques t pw d s ta tus add() view () update()

S M S R es pons e res pons eid reqid res pdatetim e S M S m es s age m obile no s tatus a dd () view () u pd ate()

Figure 6.2.3

31

Sequence Diagram of admin:

A dm in

LoginA c tion

Helper

Us erA c tion

Databas e

login()

validate login() ac k ()

login s tatus us er ins ert()

s aveus er()

s aved data s tored

s aved dat a s ent

edit us er()

update us er() updated data s tored

login page()

Figure 6.2.4

32

Sequence Diagram of Encrypt type:

A dm in

LoginA c tion

Helper

E nc ry ptA c tion

Databas e

login()

validate login() ac k ()

login s tatus enc ry ptins ert()

s aveus er()

s aved data s tored

s aved data s ent

edit enc ry pt()

update enc rypt() updated data s tored

login page()

Figure 6.2.5

33

Sequence Diagram of User:

Us er LoginA c tion Helper Us erac c A c tion Databas e

login()

validate login() ac k ()

login s tatus us erac c insert()

s aveus erac c ()

s aved data s tored

s aved data s ent

edit us erac c ()

update us erac c () updated data s tored

login page()

Figure 6.2.6

34

Collaboration Diagram on admin:

Figure 6.2.7

35

Collaboration diagram on encrypt type:

Helper

1: Admin 4: 12: 5: 6: 9: 10: 8: 3: 2: 7: 11: Databas e Login Action

Encrypt Action

Figure 6.2.8

36

Collaboration Daigram on user:

H elper 1: U ser 4: 5: 6: 9: 10: 8: 3: 2: Login Action

12:

7: 11: D atabas e

U seracc Action

Figure 6.2.9

37

DATAFLOW DIAGRAMS
DATA FLOW DIAGRAMS:

Data flow diagram is used to describe analysis, the movement of data through a system stores of data and delays in the system. Data flow diagrams are the central tool basing on which components are developed. Processes: Processes show what the system does. Each process has one or more data inputs and produces one or more data outputs. Circle in a DFD represents processes. Each process has unique name and number. This name and number appear inside the circle, the circle that represents the process in a DFD.

process

process

Data stores: Processes can enter data or retrieve the data from data store. Each data store is represented by thin line in the DFD and each data store has a unique name.

Figure 6.3.1

38

External entities: External entities are outside the system but they either supply input data into the system use the system output. They are entities over which the designer has no control.

Figure 6.3.2

DATA FLOW: Named arrows are used to represent data flow.

Figure 6.3.3

39

Data Flow Diagrams

Context Level Diagram: 0-LEVEL

Figure6.3

.4
First Level Diagram: 1-LEVEL Admin:

Login

Data Store

Data store

Users

Users

Log out

Data store

Admin

Encrypt

Encrypt types Log out

Respons e

Data store

40

User:

Login

ViewAccoun t Encrypttyp e Data Store

Users

Request

Figure 6.3.5

41

Second level diagram: 2-LEVEL Admin:

Encrypt Users

Data store

Admin

View Account User:

Users

Admin

Data store

Log out Encrypt types

Request Login Respons e
42

7. SOURCE CODE

43

7. SOURCE CODE
Index.jsp: <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort() +path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'index.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-<link rel="stylesheet" type="text/css" href="styles.css"> --> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>EBMMS</title> <meta name="keywords" content="" /> <meta name="description" content="" /> <link href="default.css" rel="stylesheet" type="text/css" /> <script> function valid() { var loginid=document.loginform.loginid.value; var password=document.loginform.password.value; if((loginid=="") ||(password=="")) { window.alert("plz fill the details"); return false; } return true; } </script> </head> <body> <center> <div id="header"> <h1>Encryption Based Multi-Password Management System </h1>
44

<%-- <h2><a href="http://www.freecsstemplates.org/">by Free Css Templates </a></h2>--%> </div> <form action="<%=path %>/login.do" method="post" name=loginform onsubmit="return valid()"> <div id="content"> <div id="colTwo"> <div class="boxed"> </div> <div id="colSeven" class="boxed"> <h2 class="title">Login Page</h2> <div class="content"> <table> <tr> <img src="images/img5.JPG" alt="" width="150" height="113" class="image" /> </tr><tr>LOGINID:<input type="loginid" name="loginid"> PASSWORD:<input type="password" name="password"></tr> <tr> <input type="submit" value="submit"></tr> </table> </div> <div id="footer"> <p>Copyright@ <a><strong>Malathi</strong></a> <a><strong>Manusha</strong> <a><strong>Niveditha</strong> </p></div> </center> </body> </html> AdminMenu.jsp: <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort() +path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'Menu.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <link href="default.css" rel="stylesheet" type="text/css" media="screen" /> <script type="text/javascript" src="menu.js"></script> <link rel="stylesheet" type="text/css" href="css/menustyles.css">
45

<script type="text/javascript" src="css/menuscript.js"></script> <link rel="stylesheet" type="text/css" href="css/menustyles.css"> <script type="text/javascript" src="css/menuscript.js"></script> </head> <style type="text/css"> * { margin:0; padding:0; }div#menu { margin:30px 0 0 95px; position:absolute; }div#copyright { font:11px 'Trebuchet MS'; color:#fff; text-align:center; clear:left; position:absolute; top:546px; width:560px; }div#copyright a { color:#126f8d; } div#copyright a:hover { color:#fff; } </style> <body > <center> <div id="header"> <h1>Encryption Based Multi-Password Management System </h1> </div> <table align="center"> <tr><td><img src="images/admin.JPG" class="image" /></td> <td> <ul id="qm0" class="qmmc" > <li><a class="qmparent" href="AdminMenu.jsp" ><h4>HOME</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><H4>USERS TYPE</H4></a> <ul> <li><a href="<%=path%>/Users.jsp"> <H5>SETUP USERS</H5></a></li> <li><a href="<%=path%>/user.do?method=viewuser"><H5> VIEW/UPDATE USERS</H5></a></li> </ul></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><H4> ENCRYPTION TYPE</H4></a><ul> <li><a href="<%=path%>/ResponseEncryptionType.jsp"> <H5>SETUP ENCRYPTION TYPE</H5></a></li> <li><a href="<%=path %>/encrypt.do?method=viewEncrypt"><H5> VIEW/UPDATE ENCRYPT</H5></a></li> </ul></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><H4>SMS SERVICES</H4> </a> <ul> <li><a href="Start_Stopsms.jsp"> <H5>START & STOP SMS</H5></a></li></ul>
46

</li>

<li><span class="qmdivider qmdividery" ></span></li> <li><a href="index.jsp"><H4>LOGOUT</H4></a></li> <li class="qmclear">&nbsp;</li>

</ul> <!-- Create Menu Settings: (Menu ID, Is Vertical, Show Timer, Hide Timer, On Click (options: 'all' * 'all-always-open' * 'main' * 'lev2'), Right to Left, Horizontal Subs, Flush Left, Flush Top) --> <script type="text/javascript">qm_create(0,false,0,500,false,false,false,false,false);</script><!--[ENDQM0]--> </td> </table> <div id="footer"> <p>Copyright@ <a><strong>Malathi</strong></a> <a><strong>Manusha</strong> <a><strong>Niveditha</strong> </p> </div> </body> </html> UserMenu.jsp: <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort() +path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'UserMenu.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <link href="default.css" rel="stylesheet" type="text/css" media="screen" /> <script type="text/javascript" src="menu.js"></script> <link rel="stylesheet" type="text/css" href="css/menustyles.css"> <script type="text/javascript" src="css/menuscript.js"></script> </head> <style type="text/css"> * { margin:0; padding:0; }div#menu {
47

margin:30px 0 0 95px; position:absolute; }div#copyright { font:11px 'Trebuchet MS'; color:#fff; text-align:center; clear:left; position:absolute; top:546px; width:560px; }div#copyright a { color:#126f8d; } div#copyright a:hover { color:#fff; } </style> <body> <center> <div id="header"> <h1>Encryption Based Multi-Password Management System </h1> </div><table align="center"> <tr><td><img src="images/user.jpg" class="image" /></td> <td><ul id="qm0" class="qmmc" > <li><a class="qmparent" href="UserMenu.jsp" ><h4>HOME</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><h4>USER ACCOUNTS</h4></a> <ul> <li><a href="<%=path%>/UserAcc.jsp"> <h5>SETUP USER ACCOUNTS</h5></a></li> <li><a href="<%=path%>/useraccount.do?method=viewUseracc"><h5> VIEW/UPDATE USER ACCOUNTS</h5></a></li> </ul> </li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"> <h4>ENCRYPTION TYPE</h4></a> <ul> <li><a href="<%=path %>/encrypt.do?method=viewEncryptacc"> <h5>VIEW ENCRYPT</h5></a></li></ul></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="<%=path %>/Responseview.do?method=viewResponse"><h4> VIEW RESPONSE</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="<%=path %>/viewaccount.do?method=viewRequest"> <h4> VIEW REQUEST</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a href="index.jsp"><h4>LOGOUT</h4></a></li> <li class="qmclear">&nbsp;</li> </ul> <script type="text/javascript">qm_create(0,false,0,500,false,false,false,false,false);</script> </td></table> <div id="footer"><p>Copyright@ <a><strong>Malathi</strong></a> <a><strong>Manusha</strong> <a><strong>Niveditha</strong> </p></div> </center> </body></html>
48

8. SYSTEM TESTING

49

8. SYSTEM TESTING
SYSTEM TESTING AND IMPLEMENTATION Testing is done to ensure reliability of the software, to recover form errors and from errors and unknown bugs that are present. During testing, the program to be tested is executed with a set of test cases and the output of the program for the test cases is evaluated to determine if the program delivers the performance as expected. There are chances for various errors to occur during any phase of the software development cycle. Verifications are done at the output of each phase. Each modules and sub modules are checked for errors at the output of each phase. TESTING STRATEGIES Test cases are devised with the purpose of finding errors. For this system, the test data is devised to check if the adjustments are done correctly. The other test cases devised is to check the situation in which no data is available for adjustment for a specific condition. System testing is designated to uncover weakness that was not detected in the earlier tests. The total system is tested for recovery and fallback after various major failures to ensure that no data are lost.. There are many test cases designed with this mind .the flow of testing is as fallows:

Code testing CODE TESTING :

Unit testing

System testing

Specification testing is done to check if the program does what it should do and how it should behave under various condition or combination and submitted for processing in the system and it is checked if any overlaps occur during the processing. This strategy examines the logic of the program . Here only syntax of the code is tested . In the testing syntax errors are corrected .To ensure that the code is perfect we performed unit testing and system testing.
50

UNIT TESTING : The first level of testing is called unit testing Unit testing was done to test the working of the individual modules with test oracles. Unit testing comprises the set of tests preformed by an individual programmer prior to integration of the units into a large system . Unit testing focuses first on the modules to locate errors. SYSTEM TESTING The next level of testing was system testing and acceptance testing. This testing was done to check if the system has met its requirements and to find the external behavior of the system.System testing involves two kinds of activities :Integration testing and Acceptance testing INTEGRATION TESTING : The next level of testing is called the integration testing. In this many tested modules are combined into subsystems which were then tested. This testing strategy dictates the order in which modules must be available ,and exerts strong influence on the order in which the modules must be written ,debugged and unit tested. ACCEPTENCE TESTING : This testing is performed finally by user to demonstrate that the implemented system satisfies its requirements . The users gives various inputs to get required outputs. SPECIFICATION TESTING Specification testing is done to check if the program does what it should do and how it should behave under various condition or combination and submitted for processing in the system and it is checked if any overlaps occur during the processing. PERFORMANCE TIME TESTING Performance time testing is done to determine how long it takes to accept and respond, the total time for processing when it has to handle quite a large number of records.

51

8.1.1 TEST CASE TABLE FOR LOGIN PAGE:

Step No

Action

Input Required

Expected Result

Actual Result

Test Result (Pass / Fail) Pass Pass

Comment

1 2

Login page Enter loginid and password as admin

Loginid and Password Home,Users, encryption type ,SMS Service, Logout

Loginid and Password Home,Users, encryption type ,SMS Service, Logout

Enter loginid and password as user

Home,UsersA ccount, view Respencryptio n type , SMS request,SMS Response, Logout

Home,UsersA ccount, view Respencryptio n type , SMS request,SMS Response, Logout .

Pass

Fig 8.1.1

52

8.1.2 TEST CASE TABLE FOR ADMIN (Users): Step No 1 Action Click on users Input Required Expected Actual Result Result Setup users, Setup users, View/update users View/update users Test Result Pass

Click on set up Users

Click on Submit button

Click on view/update User button Click on edit button Click on update button

First name, last name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status -

First name, last name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status Submitted data will be stored in the data base

First name, last Pass name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status Submitted data will be stored in the data base Pass

First name, last name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status

Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Updated data will be stored in the data base

Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Updated data will be stored in the data base

Pass

Pass

Pass

53

Fig 8.1.2 8.1.3 TEST CASE TABLE FOR ADMIN (Encryption type): Step No 1 Action Click on encryptiontype Input Required Expected Result Setup Encryptiontype, View/update Encryptiontype Encryptionid , Encryptiontype, Details , status. Actual Result Setup Encryptiontype, View/update Encryptiontype Encryptionid , Encryptiontype, Details , status Submitted data will be stored in the data base Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Updated data will be stored in the data base Test Result Pass

Click on set up Encryptiontype

Pass

Click on Submit button Click on view/update Encryptiontype button Click on edit button Click on update button

Encryptionid , Submitted data Encryptiontype, will be stored in Details , status the data base Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Encryptionid , Updated data will Encryptiontype, be stored in the Details , status data base -

Pass

Pass

Pass

Pass

Fig 8.1.3

54

8.1.4 TEST CASE TABLE FOR USER (Users account): Step No 1 Action Click on users account Input Required Expected Result Setup Users account, View/update users account. accountid,userid, Accountname, Account password,Response encryptionid , Status. Actual Result Setup Users account, View/update users account Test Result Pass

Click on set up Users account

Click on Submit button

accountid,userid, Accountname, Account password,Response encryptionid , Status. Click on Views the stored view/update data from the data User account base with edit button operation. Click on edit Form will display button the data to be updated with update button Click on accountid,userid, Updated data will update button Accountname, be stored in the Account data base password,Response encryptionid , Status. Click on view Views the stored Encryptiontype data from the data button base Fig 8.1.4
55

accountid,userid, Accountname, Account password, Response encryptionid , Status. Submitted data will Submitted data be stored in the will be stored in data base the data base

Pass

Pass

Views the stored Pass data from the data base with edit operation. Form will display Pass the data to be updated with update button Updated data will Pass be stored in the data base

Views the stored Pass data from the data base

9. SCREENS

56

9. SCREENS 9.1. Output screens

SCREEN 9.1.1: LOGIN PAGE

57

SCREEN 9.1.2: LOGIN INTO ADMIN

SCREEN 9.1.3: SETUP THE USERS

58

SCREEN 9.1.4: VIEW/UPDATE THE USERS

SCREEN 9.1.5: SETUP THE ENCRYPTION TYPE

59

SCREEN 9.1.6: VIEW/UPDATE THE ENCRYPTION TYPE

SCREEN 9.1.7: START AND STOP OF SMS SERVICE

60

SCREEN 9.1.8: LOGIN INTO USER

61

SCREEN9.1.9:SETUP THE USERACCOUNT

SCREEN 9.1.10: VIEW/UPDATE THE USERACCOUNT

62

SCREEN 9.1.11: VIEW THE ENCRYPTION TYPE

9.2. SQL Database Tables: Table 9.2.1: Master users

63

Table 9.2.2: Response encryption type

64

Table 9.2.3: User accounts

Table 9.2.4: SMS response

65

66

Table 9.2.5: SMS Request

67

10. CONCLUSION

10. Conclusion
It has been a great pleasure for me to work on this exciting and challenging project. This project proved good for me as it provided practical knowledge of not only programming in ASP.NET and C#.NET Frameworks web based application and no some extent Windows Application but also about all handling procedure related with SMS Based Online Encrypted Password Manager
Application. It also provides knowledge about the latest technology used in developing web enabled

application and client server technology that will be great demand in future. This will provide better opportunities and guidance in future in developing projects independently.
68

FUTURE EXTENSION
The program written could be extended to higher order to achieve a better secure transferring of files between admin and the various users.

69

11. DATA DICTIONARY

11. Data Dictionary

AUTHENCTATION: The process of verifying that a particular name belongs to a particular entity.

CIPHER: A procedure that transforms data between plaintext and cipher text, a crypto algorithm.

70

CONFIDENTIALITY: The ability to ensure that information is not disclosed to people who arent explicitly intended to receive it. KEY: Information that causes a cipher to encrypt or decrypt information in a distinct way. Individual keys are usually associated entities, or at most a pair of entities. PRIVATE KEY: One of the two keys used in an asymmetric encryption system. For secure communication, the private key should only be known to its creator. A key used in public key crypto that belongs to an individual entity and must be kept secret. PUBLIC KEY: One of the two keys used in an asymmetric encryption system. The public key is made public, to be conjunction with a corresponding private key.

SESSION KEY: A temporary encryption key used between two principals. SECRET KEY: A crypto key that is used in a secret key algorithm. The secrecy of encrypted data depends solely on the secrecy of the secret key. SYSTEM SECURITY: refers to the technical innovations and procedures applied to the hardware and operation systems to protect against deliberate or accidental damage from a defined threat.

DATA SECURITY: is the protection of data from loss, disclosure, modification and destruction. PRIVACY: defines the rights of the user or organizations to determine what information they are willing to share with or accept from others and how the organization can be protected against unwelcome, unfair or excessive dissemination of information about it.

71

12. BIBILIOGRAPHY

12. Bibliography
The following websites and books were referred during the analysis and execution phase of the project:

1.

APPLIED CRYPTOGRAPHY -Bruce Schneier

72

2. 3. 4.
6.

NETWORK AND INTERNETWORK SECURITY -William Stallings COMPUTER NETWORK -Andrew S. Tanenbaum PROGRAMMING IN JAVA -Dietel & Dietel

5. http://www.google.com/ http://www.msdn.microsoft.com

7. http://www.securid.com

73