Professional Documents
Culture Documents
Page No
Page No
Page No
1.
Page no.
5-6
INTRODUCTION
1.1 PURPOSE OF
SYSTEM ANALYSIS
2.1 EXISTING SYSTEM 2.2 PROPOSED SYSTEM 2.3 FEASIBILITY STUDY
7-8
43-48 49-55
9. SCREENS
9.1 OUTUT SCREENS 9.2 SQL DATABASE TABLES
56-65
LIST OF FIGURES
FIGURE NO 6.2.1 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.3 FIGURE NAME Usecase Diagram of Admin Usecase Diagram of User Class Diagram of Admin&User Sequence Diagram of Admin Sequence Diagram of User Collaboration Diagram of Admin Collaboration Diagram of User Dataflow Diagrams PAGE NO 38 39 40 42 43 44 45 46
LIST OF SCREENS
SCREEN NO 9.1.1 9.1.2 9.1.3 9.1.4 9.1.5 9.1.6 9.1.7 9.1.8 9.1.9 9.1.10 9.1.11 SCREEN NAME Login page Login into admin Setup the Users View/Update the users Setup the Encryption type View/Update encryption type Start and Stop SMS Service Login into User Setup the Users View/Update the Users View the encryption type PAGE NO 57 58 58 59 59 60 60 61 61 62 62
LIST OF TABLES
TABLE NO 8.1.1 8.1.2 8.1.3 8.1.4 9.2.1 9.2.2 9.2.3 9.2.4 9.2.5 TABLE NAME Test case table for login Test case table for Admin (users) Test case table for Admin (encryptiontype) Test case table for User (userccount) Master user Response encryption type SMS Request SMS Response User Accounts PAGE NO 52 53 54 55 63 64 64 65 65
1. INTRODUCTION
1. INTRODUCTION
1.1 Purpose of the project The main purpose of the project is to develop an application called SMS Based Online Encrypted Password Manager Application is a web based application which is not only allows the passwords to be saved in the centralized database in an encrypted format but can also return the password when requested in a simple encryption format as well, so that it cannot be misused by others even if they happen to see the SMS query result 1.2 Solution The development of the new system contains the following activities, which try to automate the entire process keeping in view of the database integration approach. o o o o o o o o Access Management process for User registration User Account and Password details setup and maintenance Process Password encryption process during setup and retrieval SMS request parsing and information querying process SMS delivery process Transaction logging and reporting process SMS Based Password Update Process Data Archive and cleanup process
1.3 Advantages The project is identified by the merits of the system offered to the user. The merits of this project are as follows It is used by users to register to the web application. Allows the users to setup their various account details and respective passwords in an encrypted format. o Reads the incoming SMS and prepares the search string by parsing the SMS message. o Searches the database for the account details matching the search criteria and formats the result set for SMS delivery. o Allows registered users to update the Account password through SMS from their registered mobile number only. o Allows Admin users to Archive/Cleanup old data on the system
o o
1.4 Limitations The size of database increases,increasing the load on database back up and data maintenance activity. Training for simple computer operations is necessary for the users working on the system
6
2. SYSTEM ANALYSIS
2. SYSTEM ANALYSIS
2.1 EXISTING SYSTEM: It is difficult to remember all the passwords so,people write it on paper which are very risky and may lead to misuse of accounts, data loss or even financial loss. There is no proper way for a common person to save all these passwords securely and retrieve them when required. 2.2 PROPOSED SYSTEM: There is a need for a centralized web based application to allow users to save all their passwords in a secured and encrypted format on the Internet so that they can be retrieved. The way it works is: Users register along with their mobile number They save all their passwords in an encrypted format If required even the password sent out could be encrypted
2.3 FEASIBILITY STUDY: Preliminary investigation examine project feasibility, the likelihood the system will be useful to the organization. The main objective of the feasibility study is to test the Technical, Operational and Economical feasibility for adding new modules and debugging old running system. All system is feasible if they are unlimited resources and infinite time. There are aspects in the feasibility study portion of the preliminary investigation: Technical Feasibility Operation Feasibility Economic Feasibility
3.SYSTEM REQUIREMENTS
3.SYSTEM REQUIREMENTS
3.1 Hardware requirements: HDD RAM Operating System : : : 20GB Min, 40GB Recommended 1GB Min Windows XP with SP2 or Windows Vista
Operating System
: : : : :
Windows XP with SP2 or Windows Vista MS-SQL server 2005 ASP.NET with C#.NET MS-Visual Studio .Net 2008 Mozilla Firefox ,IE 6
Windows Operating System Front-end : JSP, JAVA Script, HTML. Model Layer : Struts, Servlets Back-end : My SQL Database Tools : My Eclipse, Dream weaver
10
4. SOFTWARE DESCRIPTION
11
4. SOFTWARE DESCRIPTION
INTRODUCTION TO JAVA FEATURES OF JAVA The inventors of java wanted to design a language which could offer solution to some of the problems encountered in modern programming. They wanted the language to be not only reliable, portable and distributed but also simple, compact and interactive. Sun Microsystems officially describes Java with the following ATTRIBUTES: Compiled and Interpreted Platform _ Independent and Portable Object Oriented Robust and Secure Distributed Familiar, Simple and Small Multithreaded and Interactive High Performance Dynamic and Extensible
Although the above appears to be a list of buzzwords, they aptly describe the full potential of the language. These features have made Java the first application language of the World Wide Web. Java will also become the premier language for general purpose stand_ alone applications. Compiled and Interpreted Usually a computer language is either compiled or interpreted. Java combines both these approaches thus making Java a two _ stage system. First, Java compiler translates source code into what is known as byte code instructions. Byte code are not machine instructions and therefore, in the second stage, Java interpreter generates machine code that can be directly executed by the machine that is running the Java program. We can thus say that Java is both compiled and interpreted language.
12
Platform Independent and Portable The most significant contribution of Java over other language is its portability. Java programs can be easily moved from one computer system to another, anywhere and anytime. Changes and upgrades in operating systems, processors and system resources will not force any changes in Java programs. This is the reason why Java has become a popular language for programming on Internet which interconnects different kinds of systems worldwide. Object Oriented Java is a true object _ oriented language. Almost everything in Java is an object. All program code and data reside within objects and classes. Java comes with an extensive set of classes, arranged in packages, which we can use in our programs by inheritance. The object model in Java is simple and easy to extend. Robust and Secure Java is a robust language. It provides many safeguards to ensure reliable code. It has strict compile time and run time checking for data types. It is designed as a garbage collected language relieving the programmers virtually memory management problems. Java also incorporates the concept of exception handling which captures series errors and eliminates any risk of crashing the system. Distributed Java is designed as a distributed language for creating applications on networks. It has the ability to share both data and programs. Java applications can open and access remote objects on Internet as easily as they can do in a local system. This enables multiple programmers at remote locations to collaborate and work together on single project. multiple
13
Simple, Small and Familiar Java is a small and simple language. Many features of C and C++ that are either redundant and source of unreliable code are not part of Java. For example, Java does not use pointers preprocessor header files; go to statement and many others. It also eliminates operator overloading and multiple inheritance. Familiarity is another striking feature of Java. To make the language look familiar to the existing programmers, it was modeled on C and C++ languages. Multithread and Interactive Multithreaded means handling multiple tasks simultaneously. Java supports multithreaded programs. This means that we need not to wait for the application to finish one task before beginning another. The Java runtime comes with tools that support multiprocess synchronization and construct smoothly running interactive systems. High Performance Java performance is impressive for an interpreted language, Mainly due to the use of intermediate byte code. According to Sun, Java speed is comparable to the native C/C++. Java architecture is also designed to reduce overheads during runtime. Further, the incorporation of multithreading enhances the overall execution speed of Java programs. Dynamic and Extensible Java is dynamic language. Java is capable of dynamically linking in new class libraries, methods, and objects. Java can also determine the type of class through a query, making it possible to either dynamically link or abort the program, depending on the response. Java programs support functions written in other language such as C and C++. These functions are known as native methods. This facility enables the programmers to use the efficient functions available in these languages. Native methods are linked dynamically at runtime.
14
4.3. JavaScript
JavaScript is a script-based programming language that was developed by Netscape Communication Corporation. JavaScript was originally called Live Script and renamed as JavaScript to indicate its relationship with Java. JavaScript supports the development of both client and server components of Web-based applications. On the client side, it can be used to write programs that are executed by a Web browser within the context of a Web page. On the server side, it can be used to write Web server programs that can process information submitted by a Web browser and then updates the browsers display accordingly Even though JavaScript supports both client and server Web programming, we prefer JavaScript at Client side programming since most of the browsers supports it. JavaScript is almost as easy to learn as HTML, and JavaScript statements can be included in HTML documents by enclosing the statements between a pair of scripting tags <SCRIPTS>... </SCRIPT>.
15
<SCRIPT LANGUAGE = JavaScript> JavaScript statements </SCRIPT> Here are a few things we can do with JavaScript: Validate the contents of a form and make calculations. Add scrolling or changing messages to the Browsers status line. Animate images or rotate images that change when we move the mouse over them. Detect the browser in use and display different content for different browsers. Detect installed plug-ins and notify the user if a plug-in is required. We can do much more with JavaScript, including creating entire application.
4.4. JDBC
Java Database Connectivity or in short JDBC is a technology that enables the java program to manipulate data stored into the database. Here is the complete tutorial on JDBC technology. 1. What is JDBC? JDBC is Java application programming interface that allows the Java programmers to access database management system from Java code. It was developed by Java Soft, a subsidiary of Sun Microsystems. JDBC has four Components: 1. The JDBC API. 2. The JDBC Driver Manager. 3. The JDBC Test Suite. 4. The JDBC-ODBC Bridge. 5. The JDBC API. The JDBC application programming interface provides the facility for accessing the relational database from the Java programming language. The API technology provides the industrial standard for independently connecting Java programming language and a wide range of databases. The user not only execute the SQL statements, retrieve results, and update the data but can also access it anywhere within a network because of it's "Write Once, Run Anywhere" (WORA) capabilities. Due to JDBC API technology, user can also access other tabular data sources like spreadsheets or flat files even in the a heterogeneous environment. JDBC application programming interface is a part of the
16
Java platform that has included Java Standard Edition (Java SE) and the Java Enterprise Edition (Java EE) in itself. The JDBC API has four main interface: The latest version of JDBC 4.0 application programming interface is divided into two packages i ii java.sql javax.sql.
Features of JSP: Portability Components Processing Access Models Steps in the execution of a JSP Application:
The client sends a request to the web server for a JSP file by giving the name of the JSP file within the form tag of a HTML page. This request is transferred to the JavaWebServer. At the server side JavaWebServer receives the request and if it is a request for a jsp file server gives this request to the JSP engine. JSP engine is program which can understand the tags of the jsp and then it converts those tags into a Servlet program and it is stored at the server side. This Servlet is loaded in the memory and then it is executed and the result is given back to the JavaWebServer and then it is transferred back to the
17
result is given back to the JavaWebServer and then it is transferred back to the client.
Java Beans:
We can assemble a computer or fan very easily by choosing different components manufactured by different vendors. We can take a screw from company one and use it to fit the Mother board to cabinet as they are manufactured according to a standard. Observing to this point to simplify the process of developing software, different software companies has proposed different component technologies. Ex: java soft java bean component tech, EJB component tech, Microsoft COM, BONOBO component model. Java Bean and EJB are two different specifications from java soft. EJB can be used to implement business logic on the server side. Most of the developers uses to assume Java Bean components are for developing GUI components and they can be used only on the client side but we can develop any kind of software using Java Bean standard (GUI/ non GUI). Java Bean can be used either on the client side or on the server side. AWT, JFC components are implemented according to Java Bean standard. According to Java Bean standard a Bean component can support a set of properties, set of events, any number of additional methods. A property can be read-write or it can be just read only property. For read write property we need to provide setXXX and getXXX methods (isXXX if the property is Boolean )
4.6. Struts
What is Struts - Struts Architecture
Struts is famous for its robust Architecture and it is being used for developing small and big software projects. Struts is an open source framework used for developing J2EE web applications using Model View Controller (MVC) design pattern. It uses and extends the Java Servlet API to encourage developers to adopt MVC architecture. Struts framework provides three key components: A request handler provided by the application developer
18
that is used to mapped to a particular URI. A response handler which is used to transfer the control to another resource which will be responsible for completing the response. A tag library which helps developers to create the interactive form based applications with server pages Struts provides you the basic infrastructure infrastructure for implementing MVC allowing the developers to concentrate on the business logic.
MVC Architecture
The main aim of the MVC architecture is to separate the business logic and application data from the presentation data to the user. Here are the reasons why we should use the MVC design pattern. 1. 2. They are reusable: When the problems recurs, there is no need to invent a new solution, we just They are expressive: By using the MVC design pattern our application becomes more have to follow the pattern and adapt it as necessary. expressive.
19
1) Model: The model object knows about all the data that need to be displayed. It is model who is aware about all the operations that can be applied to transform that object. It only represents the data of an application. The model represents enterprise data and the business rules that govern access to and updates of this data. Model is not aware about the presentation data and how that data will be displayed to the browser. 2) View: The view represents the presentation of the application. The view object refers to the model. It uses the query methods of the model to obtain the contents and renders it. The view is not dependent on the application logic. It remains same if there is any modification in the business logic. In other words, we can say that it is the responsibility of the of the view's to maintain the consistency in its presentation when the model changes. Controller: Whenever the user sends a request for something then it always go through the controller. The controller is responsible for intercepting the requests from view and passes it to the model for the appropriate action. After the action has been taken on the data, the controller is responsible for directing the appropriate view to the user. In GUIs, the views and the controllers often work very closely together. Overview of the Struts Framework The Struts framework is composed of approximately 300 classes and interfaces which are organized in about 12 top level packages. Along with the utility and helper classes framework also provides the classes and interfaces for working with controller and presentation by the help of the custom tag libraries. It is entirely on to us which model we want to choose. The view of the Struts architecture is given below: The Struts Controller Components: Whenever a user request for something, then the request is handled by the Struts Action Servlet. When the ActionServlet receives the request, it intercepts the URL and based on the Struts Configuration files, it gives the handling of the request to the Action class. Action class is a part of the controller and is responsible for communicating with the model layer.
20
The Struts View Components: The view components are responsible for presenting information to the users and accepting the input from them. They are responsible for displaying the information provided by the model components. Mostly we use the Java Server Pages (JSP) for the view presentation. To extend the capability of the view we can use the Custom tags, java script etc. The Struts model component: The model component provides a model of the business logic behind a Struts program. It provides interfaces to databases or back- ends systems. Model components are generally a java class. There is not any such defined format for a Model component, so it is possible for us to reuse Java code which is written for other projects. We should choose the model according to our client requirement. Validator Framework Struts Framework provides the functionality to validate the form data. It can be use to validate the data on the users browser as well as on the server side. Struts Framework emits the java scripts and it can be used to validate the form data on the client browser. Server side validation of the form can be accomplished by sub classing your From Bean with DynaValidatorForm class. The Validator framework was developed by David Winterfeldt as third-party add-on to Struts. Now the Validator framework is a part of Jakarta Commons project and it can be used with or without Struts. The Validator framework comes integrated with the Struts Framework and can be used without doing any extra settings. Understanding Struts Controller In this section I will describe you the Controller part of the Struts Framework. I will show you how to configure the struts-config.xml file to map the request to some destination servlet or jsp file. The class org.apache.struts.action.ActionServlet is the heart of the Struts Framework. It is the Controller part of the Struts Framework. ActionServlet is configured as Servlet in the web.xml file as shown in the following code snippets. <! -- Standard Action Servlet Configuration (with debugging) --> <servlet> <servlet-name>action</servlet-name
21
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class> <init-param> <param-name>config</param-name> <param-value>/WEB-INF/struts-config.xml</param-value> </init-param> <init-param> <param-name>debug</param-name> <param-value>2</param-value> </init-param> <init-param> <param-name>detail</param-name> <param-value>2</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> This servlet is responsible for handing all the request for the Struts Framework, user can map the specific pattern of request to the ActionServlet. <servlet-mapping> tag in the web.xml file specifies the url pattern to be handled by the servlet. By default it is *.do, but it can be changed to anything. Following code form the web.xml file shows the mapping. <!-- Standard Action Servlet Mapping --> <servlet-mapping> <servlet-name>action</servlet-name> <url-pattern>*.do</url-pattern> </servlet-mapping> The above mapping maps all the requests ending with .do to the ActionServlet. ActionServlet uses the configuration defined in struts-config.xml file to decide the destination of the request. Action Mapping Definitions (described below) is used to map any action. For this lesson we will create Welcome.jsp file and map the "Welcome.do" request to this page.
22
Forwarding the Welcome.do request to Welcome.jsp The "Action Mapping Definitions" is the most important part in the struts-config.xml. This section takes a form defined in the "Form Bean Definitions" section and maps it to an action class. Following code under the <action-mappings> tag is used to forward the request to the Welcome.jsp. <action path="/Welcome" forward="/pages/Welcome.jsp"/> To call this Welcome.jsp file we will use the following code. Once the use clicks on on First Request to the controller link on the index page, request (for Welcome.do) is sent to the Controller and the controller forwards the request to Welcome.jsp. The content of Welcome.jsp is displayed to the user.
23
5. PROJECT DESCRIPTION
24
ENCRYPTION: Suppose Alice wants to send a message M to Bob. Alice creates the cipher text C by exponentiation: C = ME mod N, Where E and N are Bobs public key. Alice sends C to Bob. DECRYPTION: To decrypt the cipher text C, Bob also exponentiates:
25
M = CD mod N The relationship between E and D ensures that Bob correctly recovers M. Since only Bob knows D, only Bob can decrypt the message. ALGORITHMS: The algorithms used to encrypt and decrypt the data which the admin sends upon the users request. The user has to register in the database and with the help of that the admin will send the requested data asked by the user. Here the user will select the algorithm and upon that the data will be encrypted and thus later gets decrypted when user gets it. Here we use three types of algorithms in our project. They are: PBEWithSHAandDESde PBEWithMD5andDES PBEWithSHAandRC2-40 These are the three different types of algorithms and accordingly to this the user selects the algorithm and get the data to the user in a well secured form. ADVANTAGES: The project is identified by the merits of the system offered to the user. The merits of this project are as follows
It is used by users to register to the web application. Allows the users to setup their various account details and respective passwords in an encrypted format. Reads the incoming SMS and prepares the search string by parsing the SMS message. Searches the database for the account details matching the search criteria and formats the result set for SMS delivery. Allows registered users to update the Account password through SMS from their registered mobile number only. Allows Admin users to Archive/Cleanup old data on the system
26
6. SYSTEM DESIGN
27
28
UML DAIGRAMS
login
users
NewUseCase
Figure 6.2.1
29
login
user
view accounts
view request
view respone
Figure 6.2.2
30
S y s tem adm in adm in id adm in ty pe firs tna m e las tna m e phone no em ailid loginid ps w d req p s w d s tatu s add() vie w () update()
M as te r us er us erid us erty pe firs t nam e las t nam e phone em ailid login id pw d req p s w d s tatu s add() vie w () update()
U s er ac c ount A c c ountid us e rid ac c ou ntnam e ac c ou ntps w d res pE n c ry pt ty pes id s tatus add () view () upd ate()
S M S R eques t req ues tid req datetim e s m s m obile n o Q uery S tring R eques t pw d s ta tus add() view () update()
S M S R es pons e res pons eid reqid res pdatetim e S M S m es s age m obile no s tatus a dd () view () u pd ate()
Figure 6.2.3
31
A dm in
LoginA c tion
Helper
Us erA c tion
Databas e
login()
validate login() ac k ()
s aveus er()
edit us er()
login page()
Figure 6.2.4
32
A dm in
LoginA c tion
Helper
E nc ry ptA c tion
Databas e
login()
validate login() ac k ()
s aveus er()
login page()
Figure 6.2.5
33
login()
validate login() ac k ()
s aveus erac c ()
edit us erac c ()
login page()
Figure 6.2.6
34
Figure 6.2.7
35
Helper
Encrypt Action
Figure 6.2.8
36
12:
7: 11: D atabas e
U seracc Action
Figure 6.2.9
37
DATAFLOW DIAGRAMS
DATA FLOW DIAGRAMS:
Data flow diagram is used to describe analysis, the movement of data through a system stores of data and delays in the system. Data flow diagrams are the central tool basing on which components are developed. Processes: Processes show what the system does. Each process has one or more data inputs and produces one or more data outputs. Circle in a DFD represents processes. Each process has unique name and number. This name and number appear inside the circle, the circle that represents the process in a DFD.
process
process
Data stores: Processes can enter data or retrieve the data from data store. Each data store is represented by thin line in the DFD and each data store has a unique name.
Figure 6.3.1
38
External entities: External entities are outside the system but they either supply input data into the system use the system output. They are entities over which the designer has no control.
Figure 6.3.2
Figure 6.3.3
39
Figure6.3
.4
First Level Diagram: 1-LEVEL Admin:
Login
Data Store
Data store
Users
Users
Log out
Data store
Admin
Encrypt
Respons e
Data store
40
User:
Login
Users
Request
Figure 6.3.5
41
Encrypt Users
Data store
Admin
Users
Admin
Data store
7. SOURCE CODE
43
7. SOURCE CODE
Index.jsp: <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort() +path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'index.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-<link rel="stylesheet" type="text/css" href="styles.css"> --> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>EBMMS</title> <meta name="keywords" content="" /> <meta name="description" content="" /> <link href="default.css" rel="stylesheet" type="text/css" /> <script> function valid() { var loginid=document.loginform.loginid.value; var password=document.loginform.password.value; if((loginid=="") ||(password=="")) { window.alert("plz fill the details"); return false; } return true; } </script> </head> <body> <center> <div id="header"> <h1>Encryption Based Multi-Password Management System </h1>
44
<%-- <h2><a href="http://www.freecsstemplates.org/">by Free Css Templates </a></h2>--%> </div> <form action="<%=path %>/login.do" method="post" name=loginform onsubmit="return valid()"> <div id="content"> <div id="colTwo"> <div class="boxed"> </div> <div id="colSeven" class="boxed"> <h2 class="title">Login Page</h2> <div class="content"> <table> <tr> <img src="images/img5.JPG" alt="" width="150" height="113" class="image" /> </tr><tr>LOGINID:<input type="loginid" name="loginid"> PASSWORD:<input type="password" name="password"></tr> <tr> <input type="submit" value="submit"></tr> </table> </div> <div id="footer"> <p>Copyright@ <a><strong>Malathi</strong></a> <a><strong>Manusha</strong> <a><strong>Niveditha</strong> </p></div> </center> </body> </html> AdminMenu.jsp: <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort() +path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'Menu.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <link href="default.css" rel="stylesheet" type="text/css" media="screen" /> <script type="text/javascript" src="menu.js"></script> <link rel="stylesheet" type="text/css" href="css/menustyles.css">
45
<script type="text/javascript" src="css/menuscript.js"></script> <link rel="stylesheet" type="text/css" href="css/menustyles.css"> <script type="text/javascript" src="css/menuscript.js"></script> </head> <style type="text/css"> * { margin:0; padding:0; }div#menu { margin:30px 0 0 95px; position:absolute; }div#copyright { font:11px 'Trebuchet MS'; color:#fff; text-align:center; clear:left; position:absolute; top:546px; width:560px; }div#copyright a { color:#126f8d; } div#copyright a:hover { color:#fff; } </style> <body > <center> <div id="header"> <h1>Encryption Based Multi-Password Management System </h1> </div> <table align="center"> <tr><td><img src="images/admin.JPG" class="image" /></td> <td> <ul id="qm0" class="qmmc" > <li><a class="qmparent" href="AdminMenu.jsp" ><h4>HOME</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><H4>USERS TYPE</H4></a> <ul> <li><a href="<%=path%>/Users.jsp"> <H5>SETUP USERS</H5></a></li> <li><a href="<%=path%>/user.do?method=viewuser"><H5> VIEW/UPDATE USERS</H5></a></li> </ul></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><H4> ENCRYPTION TYPE</H4></a><ul> <li><a href="<%=path%>/ResponseEncryptionType.jsp"> <H5>SETUP ENCRYPTION TYPE</H5></a></li> <li><a href="<%=path %>/encrypt.do?method=viewEncrypt"><H5> VIEW/UPDATE ENCRYPT</H5></a></li> </ul></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><H4>SMS SERVICES</H4> </a> <ul> <li><a href="Start_Stopsms.jsp"> <H5>START & STOP SMS</H5></a></li></ul>
46
</li>
</ul> <!-- Create Menu Settings: (Menu ID, Is Vertical, Show Timer, Hide Timer, On Click (options: 'all' * 'all-always-open' * 'main' * 'lev2'), Right to Left, Horizontal Subs, Flush Left, Flush Top) --> <script type="text/javascript">qm_create(0,false,0,500,false,false,false,false,false);</script><!--[ENDQM0]--> </td> </table> <div id="footer"> <p>Copyright@ <a><strong>Malathi</strong></a> <a><strong>Manusha</strong> <a><strong>Niveditha</strong> </p> </div> </body> </html> UserMenu.jsp: <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort() +path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'UserMenu.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <link href="default.css" rel="stylesheet" type="text/css" media="screen" /> <script type="text/javascript" src="menu.js"></script> <link rel="stylesheet" type="text/css" href="css/menustyles.css"> <script type="text/javascript" src="css/menuscript.js"></script> </head> <style type="text/css"> * { margin:0; padding:0; }div#menu {
47
margin:30px 0 0 95px; position:absolute; }div#copyright { font:11px 'Trebuchet MS'; color:#fff; text-align:center; clear:left; position:absolute; top:546px; width:560px; }div#copyright a { color:#126f8d; } div#copyright a:hover { color:#fff; } </style> <body> <center> <div id="header"> <h1>Encryption Based Multi-Password Management System </h1> </div><table align="center"> <tr><td><img src="images/user.jpg" class="image" /></td> <td><ul id="qm0" class="qmmc" > <li><a class="qmparent" href="UserMenu.jsp" ><h4>HOME</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"><h4>USER ACCOUNTS</h4></a> <ul> <li><a href="<%=path%>/UserAcc.jsp"> <h5>SETUP USER ACCOUNTS</h5></a></li> <li><a href="<%=path%>/useraccount.do?method=viewUseracc"><h5> VIEW/UPDATE USER ACCOUNTS</h5></a></li> </ul> </li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="javascript:void(0)"> <h4>ENCRYPTION TYPE</h4></a> <ul> <li><a href="<%=path %>/encrypt.do?method=viewEncryptacc"> <h5>VIEW ENCRYPT</h5></a></li></ul></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="<%=path %>/Responseview.do?method=viewResponse"><h4> VIEW RESPONSE</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a class="qmparent" href="<%=path %>/viewaccount.do?method=viewRequest"> <h4> VIEW REQUEST</h4></a></li> <li><span class="qmdivider qmdividery" ></span></li> <li><a href="index.jsp"><h4>LOGOUT</h4></a></li> <li class="qmclear"> </li> </ul> <script type="text/javascript">qm_create(0,false,0,500,false,false,false,false,false);</script> </td></table> <div id="footer"><p>Copyright@ <a><strong>Malathi</strong></a> <a><strong>Manusha</strong> <a><strong>Niveditha</strong> </p></div> </center> </body></html>
48
8. SYSTEM TESTING
49
8. SYSTEM TESTING
SYSTEM TESTING AND IMPLEMENTATION Testing is done to ensure reliability of the software, to recover form errors and from errors and unknown bugs that are present. During testing, the program to be tested is executed with a set of test cases and the output of the program for the test cases is evaluated to determine if the program delivers the performance as expected. There are chances for various errors to occur during any phase of the software development cycle. Verifications are done at the output of each phase. Each modules and sub modules are checked for errors at the output of each phase. TESTING STRATEGIES Test cases are devised with the purpose of finding errors. For this system, the test data is devised to check if the adjustments are done correctly. The other test cases devised is to check the situation in which no data is available for adjustment for a specific condition. System testing is designated to uncover weakness that was not detected in the earlier tests. The total system is tested for recovery and fallback after various major failures to ensure that no data are lost.. There are many test cases designed with this mind .the flow of testing is as fallows:
Unit testing
System testing
Specification testing is done to check if the program does what it should do and how it should behave under various condition or combination and submitted for processing in the system and it is checked if any overlaps occur during the processing. This strategy examines the logic of the program . Here only syntax of the code is tested . In the testing syntax errors are corrected .To ensure that the code is perfect we performed unit testing and system testing.
50
UNIT TESTING : The first level of testing is called unit testing Unit testing was done to test the working of the individual modules with test oracles. Unit testing comprises the set of tests preformed by an individual programmer prior to integration of the units into a large system . Unit testing focuses first on the modules to locate errors. SYSTEM TESTING The next level of testing was system testing and acceptance testing. This testing was done to check if the system has met its requirements and to find the external behavior of the system.System testing involves two kinds of activities :Integration testing and Acceptance testing INTEGRATION TESTING : The next level of testing is called the integration testing. In this many tested modules are combined into subsystems which were then tested. This testing strategy dictates the order in which modules must be available ,and exerts strong influence on the order in which the modules must be written ,debugged and unit tested. ACCEPTENCE TESTING : This testing is performed finally by user to demonstrate that the implemented system satisfies its requirements . The users gives various inputs to get required outputs. SPECIFICATION TESTING Specification testing is done to check if the program does what it should do and how it should behave under various condition or combination and submitted for processing in the system and it is checked if any overlaps occur during the processing. PERFORMANCE TIME TESTING Performance time testing is done to determine how long it takes to accept and respond, the total time for processing when it has to handle quite a large number of records.
51
Step No
Action
Input Required
Expected Result
Actual Result
Comment
1 2
Pass
Fig 8.1.1
52
8.1.2 TEST CASE TABLE FOR ADMIN (Users): Step No 1 Action Click on users Input Required Expected Actual Result Result Setup users, Setup users, View/update users View/update users Test Result Pass
Click on view/update User button Click on edit button Click on update button
First name, last name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status -
First name, last name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status Submitted data will be stored in the data base
First name, last Pass name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status Submitted data will be stored in the data base Pass
First name, last name , mobile, user type, userid, email, phone no, loginid, password, request pwd, status
Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Updated data will be stored in the data base
Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Updated data will be stored in the data base
Pass
Pass
Pass
53
Fig 8.1.2 8.1.3 TEST CASE TABLE FOR ADMIN (Encryption type): Step No 1 Action Click on encryptiontype Input Required Expected Result Setup Encryptiontype, View/update Encryptiontype Encryptionid , Encryptiontype, Details , status. Actual Result Setup Encryptiontype, View/update Encryptiontype Encryptionid , Encryptiontype, Details , status Submitted data will be stored in the data base Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Updated data will be stored in the data base Test Result Pass
Pass
Click on Submit button Click on view/update Encryptiontype button Click on edit button Click on update button
Encryptionid , Submitted data Encryptiontype, will be stored in Details , status the data base Views the stored data from the data base with edit operation. Form will display the data to be updated with update button Encryptionid , Updated data will Encryptiontype, be stored in the Details , status data base -
Pass
Pass
Pass
Pass
Fig 8.1.3
54
8.1.4 TEST CASE TABLE FOR USER (Users account): Step No 1 Action Click on users account Input Required Expected Result Setup Users account, View/update users account. accountid,userid, Accountname, Account password,Response encryptionid , Status. Actual Result Setup Users account, View/update users account Test Result Pass
accountid,userid, Accountname, Account password,Response encryptionid , Status. Click on Views the stored view/update data from the data User account base with edit button operation. Click on edit Form will display button the data to be updated with update button Click on accountid,userid, Updated data will update button Accountname, be stored in the Account data base password,Response encryptionid , Status. Click on view Views the stored Encryptiontype data from the data button base Fig 8.1.4
55
accountid,userid, Accountname, Account password, Response encryptionid , Status. Submitted data will Submitted data be stored in the will be stored in data base the data base
Pass
Pass
Views the stored Pass data from the data base with edit operation. Form will display Pass the data to be updated with update button Updated data will Pass be stored in the data base
9. SCREENS
56
57
58
59
60
61
62
64
66
67
10. CONCLUSION
10. Conclusion
It has been a great pleasure for me to work on this exciting and challenging project. This project proved good for me as it provided practical knowledge of not only programming in ASP.NET and C#.NET Frameworks web based application and no some extent Windows Application but also about all handling procedure related with SMS Based Online Encrypted Password Manager
Application. It also provides knowledge about the latest technology used in developing web enabled
application and client server technology that will be great demand in future. This will provide better opportunities and guidance in future in developing projects independently.
68
FUTURE EXTENSION
The program written could be extended to higher order to achieve a better secure transferring of files between admin and the various users.
69
CIPHER: A procedure that transforms data between plaintext and cipher text, a crypto algorithm.
70
CONFIDENTIALITY: The ability to ensure that information is not disclosed to people who arent explicitly intended to receive it. KEY: Information that causes a cipher to encrypt or decrypt information in a distinct way. Individual keys are usually associated entities, or at most a pair of entities. PRIVATE KEY: One of the two keys used in an asymmetric encryption system. For secure communication, the private key should only be known to its creator. A key used in public key crypto that belongs to an individual entity and must be kept secret. PUBLIC KEY: One of the two keys used in an asymmetric encryption system. The public key is made public, to be conjunction with a corresponding private key.
SESSION KEY: A temporary encryption key used between two principals. SECRET KEY: A crypto key that is used in a secret key algorithm. The secrecy of encrypted data depends solely on the secrecy of the secret key. SYSTEM SECURITY: refers to the technical innovations and procedures applied to the hardware and operation systems to protect against deliberate or accidental damage from a defined threat.
DATA SECURITY: is the protection of data from loss, disclosure, modification and destruction. PRIVACY: defines the rights of the user or organizations to determine what information they are willing to share with or accept from others and how the organization can be protected against unwelcome, unfair or excessive dissemination of information about it.
71
12. BIBILIOGRAPHY
12. Bibliography
The following websites and books were referred during the analysis and execution phase of the project:
1.
2. 3. 4.
6.
NETWORK AND INTERNETWORK SECURITY -William Stallings COMPUTER NETWORK -Andrew S. Tanenbaum PROGRAMMING IN JAVA -Dietel & Dietel
5. http://www.google.com/ http://www.msdn.microsoft.com
7. http://www.securid.com
73