project report.doc | Enterprise Java Beans | Java Script
Short Description
Introduction. Scope The project is confined to the intranet in an organization. This application makes sure that securit...
Description
Introduction Scope The project is confined to the intranet in an organization. This application makes sure that security services such as secrecy, authentication, integrity and non-repudiation are provided to the communicating parties.
Objective This project has been developed keeping in view the security features that need to be implemented in the networks following the fulfillment of these objectives:
To develop an application that deals with the security threats that arises in the network.
To enable the end-users as well as the organizations come out with a safe messaging communication without any threats from intruders or unauthorized people.
To deal with the four inter-related areas of network security namely Secrecy, Authentication, Non-repudiation and Integrity.
Project Overview This application makes use of Digital Signature Algorithm (DSA) along with a hash function. The hash code is provided as input to a signature function along with a random number generated for this particular signature. The signature function also depends on the sender’s private key and a set of parameters known to a group of At the receiving end, verification is performed. The receiver generates a quantity that is a function of the public-key components, the sender’s public key, and the hash code of the incoming message. If this quantity matches with one of the components of the signature, then the signature is validated. This application makes sure that the security services Authentication, Secrecy, Integrity, and Non-repudiation are provided to the user.
1
This application allows to keep the information out of the hands of unauthorized persons. This is called Secrecy.
It also deals with determining whom a person is communicating with before revealing sensitive information or entering a business deal. This is called Authentication.
Non-repudiation deals with proving that a particular message was sent by a particular person in case he denies it later.
Integrity makes sure whether a particular message has been modified or something has been added to it.
2
Objective The main objective of this project is to facilitate the interaction between educational institutes, students and their parents so that all those lackings can be overcome that maybe hamper the future of the students. It can also helps in bringing the different perspectives by different persons in seeing the students behavior and talent. With this the various activities of the students can also be tracked. Suggestions from parents can also be welcomed. In short, this will always be of great advantage for the educational institutes.
3
Project Description Project Profile ► Product Name
: DigitalSignature (A secure Messaging system)
► Project Objective
: This application makes sure that the security services Authentication, Secrecy, Integrity, and Non-repudiation are provided to the user. Therefore, intruders cannot gain access to classified information.
► SDLC Model
: Water Fall Model
► Development Technologies
: Java/J2EE
► Application Server
:
► Back-End Database
: Oracle Database 10g Enterprise Edition
► Location
: Noida
Oracle Weblogic Application Server Enterprise Edition
4
Problem Definition Message authentication protects two parties who exchange messages from any third party. However, it does not protect the two parties against each other. Several forms of disputes between the two parties are possible. For example, suppose that A sends an authenticated message to B. Consider the following disputes that could arise: 1. B may forge a different message and claim that it came from A. B would simply have to create a message and append an authentication code using the key that A and B share. 2. A may deny sending the message. Because it is possible for B to forge a message, there is no way to prove that A did in fact send the message. The most attractive solution to this problem is the Digital Signature. The Digital Signature is analogous to the handwritten signature. It must have the following properties:
It must be able to verify the author and the date and time of the signature.
It must be able to authenticate the contents at the time of the signature.
The signature must be verified by third parties, to resolve disputes.
Thus, the digital signature function includes the authentication function. Based on the above properties, the following requirements can be formulated for the digital signatures:
The signature must be a bit pattern that depends on the message being signed.
The signature must use some information unique to the sender, to prevent both forgery and denial.
It must be relatively easy to produce the digital signature.
5
It must be relatively easy to recognize and verify the digital signature.
It must be computationally infeasible to forge a digital signature, either by constructing a new message for an existing digital signature or by constructing a fraudulent digital signature for a given message.
It must be practical to retain a copy of the digital signature in storage.
6
Proposed System and Targeted User Existing system These days almost all organizations around the globe use a messaging system to transfer data among their employees through their exclusive intranet. But the security provided is not of high standards. More and more unauthorized people are gaining access to confidential data.
Disadvantages
The validity of sender is not known.
The sender may deny sending a message that he/she has actually sent and similarly the receiver may deny the receipt that he/she has actually received.
Unauthorized people can gain access to classified data.
Intruders can modify the messages or the receiver himself may modify the message and claim that the sender has sent it.
Proposed system The system will provide the following security services:
Confidentiality Confidentiality is the protection of transmitted data from passive attacks. With respect to the release of message contents, several levels of protection can be identified. The broadest service protects all user data transmitted between two users over a period of time. For example, if a virtual circuit is set up between two systems, this broad protection would prevent the release of any user data transmitted over the virtual circuit. Narrower forms of this service can also be defined, including the protection of a single message or even specific fields within a message. These refinements are less useful than the broad approach and may even be more complex and expensive to implement. The other aspect of confidentiality is the protection of traffic flow from analysis. This requires that an 7
attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility.
Authentication The authentication service is concerned with assuring that a communication is authentic. In the case of a single message, such as a warning or alarm signal, the function of the authentication service is to assure the recipient that the message is from the source that it claims to be from. In the case of an ongoing interaction, such as the connection of a terminal to a host, two aspects are involved. First, at the time of connection initiation, the service assures that the two entities are authentic (i.e. that each is the entity that it claims to be). Second, the service must assure that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties for the purposes of unauthorized transmission or reception.
Integrity Integrity basically means ensuring that the data messages are not modified. An integrity service that deals with a stream of messages assures that messages are received as sent, with no duplication, insertion, modification, reordering or replays. The destruction of data is also covered under this service. Thus the integrity service addresses both message modification and denial of service.
Non-repudiation Non-repudiation prevents either sender or receiver from denying a transmitted message. Thus, when a message is sent, the receiver can prove that the message was in fact sent by the alleged sender. Similarly, when a message is received, the sender can prove that the message was in fact received by the alleged receiver.
8
System Requirement Specification Client Configuration Intel Pentium IV or equivalent with : - 512 MB RAM - 80GB Hard Disk - OS: Windows 2000 / XP (includes Internet Explorer version 6) - Word processing software (Open office / MS Office) - 100 MBPS Ethernet Card
Server Configuration 4 Servers each with following configuration : - 1 CPU - OS: Windows 2000 / XP (includes Internet Explorer version 6) - RAM : 16 GB Minimum - 120GB X 3 Hard Disk - Oracle Application Server 10g Enterprise Edition - Oracle Database 10g Enterprise Edition
Database Description Entity: Login_digisafe Role: To maintain the username and the related password of different users. Attributes: NAME Username Password Question Answer Check1
NULL? Not null Not null
TYPE Varchar2 Varchar2 Varchar2 Varchar2 Number
Entity: Inbox_digisafe Role: To maintain the received mails of different users. Attributes:
9
NAME Username_sender Username_receiver Subject Message Message_digest Message_key Message_date Check1
NULL? Not null Not null
TYPE Varchar2 Varchar2 Varchar2 Varchar2 Long raw Varchar2 Date Number
Not null Not null Not null Not null
Entity: sent_digisafe Role: To maintain the sent mails of different users. Attributes: NAME Username_sender Username_receiver Subject Message Message_date
NULL? Not null Not null
TYPE Varchar2 Varchar2 Varchar2 Varchar2 Date
Not null
Entity: certificate_digisafe Role: To maintain the certificate of different users. Attributes: NAME Username Cfile
NULL? Not null
TYPE Varchar2 Varchar2
Entity: attachment_digisafe Role: To maintain the files attached with message of different users.
Attribute: 10
NAME Message_date Attach1 Message_digest1 Attach2 Message_digest2 Attach3 Message_digest3 Attach4 Message_digest4 Attach5 Message_digest5
NULL?
TYPE Varchar2 Varchar2 Varchar2 Varchar2 Varchar2 Varchar2 Varchar2 Varchar2 Varchar2 Varchar2 Varchar2
11
System Development Methodologies Different types of system development methodologies are used in designing information system. Depending upon the actual requirement of the system, different approaches for data processing are adopted. However, some system groups recommend a centralized data processing system while others may go in for a distributed data processing system. In a centralized data processing, one or more centralized computers are used for processing and the retrieval of information is done from them. The distributed processing system involves a number of computers located remotely in the branches/departments of the organization. The client/server technology is also gaining popularity these days. DATA PROCESSING SYSTEM Data processing techniques are very much dependent on the kind of applications and the working environment. The activities involved in data processing are along departmental lines and application based such as Store Management, Production Planning & Control, Sales Accounting, Financial Accounting, Student Information System, etc. The basic input data are the real resource of data processing. Depending upon the application area, working environment and the needs of the management, there are basically two approaches to data processing: l. Centralized data processing 2. Decentralized data processing CENTRALISED DATA PROCESSING SYSTEM With the increasing use of computer based data processing, there has been a growing tendency in the minds of management to centralize the data processing activities. A separate department EDP (Electronic Data Processing) department is established to carry out the data processing work of different departments in the organization. The centralized data processing system provides the following benefits: l. The emergence of data takes place only at one place. 2. The loss of data is minimized. 3. The methods and machines can be standardized. 4. Services of more competent and technical personnel can be taken.
12
5. It is also very cost-effective particularly in the case of large operations. 6. Duplication of work can be avoided. The disadvantages, however, are: l Lack of cooperation from managers, who do not like to be under control of centralized Data Processing department. 2. Resistance from managers for mechanization of the data processing activities relating to their various functions. 3. It is difficult to provide equitable services to various departments. 4. The data security is also questioned. DECENTRALISED DATA PROCESSING SYSTEM In the decentralized data processing system, there is really a divisional breakdown of computing services. Each division, unit or department handles its own computer needs and does not like to interact with any other division, unit or department. It is well suited to a decentralized mangement scheme in which organizational autonomy is important. Arguments in support of decentralized data processing include the following: l Familiarity with local problems 2. Rapid response to local processing needs 3. Profit-and-loss responsibility can be easily fixed The drawbacks of the decentralized data processing system are: l. There is duplication of activities and redundancy in the maintenance of files. 2. It is difficult to maintain uniformity in the procedures throughout the organization. 3.The overall cost of the data processing for the organization is more.
INFORMATION SYSTEM The information system aims at providing detailed information on a timely basis throughout the organization so that the top management can take proper and effective decisions. The information system cuts across departmental lines and help achieving overall optimization for the organization.
13
The organization is viewed as a network of inter-related sub-systems rather than as a hierarchy of manager-subordinate relationship. The information system can be of two types: l. Integrated information system 2. Distributed information system (1) Integrated Information System- The integrated information system is based on the presumption that the data and information are used by more than one system in the organization. Accordingly, data and information are channeled into a reservoir or database. All the data processing and provision of information is derived and taken from this common database. (b) Distributed Information System- There are opinion that development of an integrated information system is embodied with several practical problems and therefore, not feasible. This view has been reinforced by the failure of integrated systems in various large organizations. The concept of a distributed information system has emerged as an alternative to the integrated information system. In the distributed information system, there are information sub-systems that form islands of information systems. CLIENT\SERVER SYSTEM The limitations of the network\file server system have led to the development of the client\server system. It delivers the benefits of the network-computing model along with the stored data access. Any local area network could be considered as client\server system, since work-stations (clients) request services such as data, program file or printing from server. A client\server has three distinct components, each focusing on a specific job: a data-base server, a client application and a network. DATABASE SERVER A server (or “back end”) manages the resources such as database, efficiently and optimally among various clients that simultaneously request the server for the same resources. Database server mainly concertrates on the following tasks. l. Managing a single database of information among many concurrent users. 14
2. Controlling database access and other security requirements. 3. Protecting database of information with backup and recovery features. 4. Centrally enforcing global data integrity rules across all client applications. CLIENT APPLICATION A client application (the “front end”) is the part of the system that users apply to interact with data. The client application in a client/server model focus on the following job: l. Presenting an interface between the user and the resource to complete the job 2. Managing presentation logic. 3. Performing application logic. 4. Validating data entry 5. Managing the request traffic of receiving and sending information from database server. NETWORK The third component of client/server system is network. The communication software are the vehicles that transmit data between the clients and the server in client server system. Both the client and the server run communication software that allows them to talk across the network.
15
Initial Investigation and System Requirements PRELIMINARY INVESTIGATION Things are expected to get even more critical since the company’s growing numbers of clients and related requirements have been projected to demand a massive number of employees in the coming future from the past and the today’s date. Such events and projections have forced a strong need for modification in the current way of handling activities. it is better to implement the latest of it rather than to go through the pain of updating the system over and over again. Also the solution would be developed by inhouse developers.
Their time have to be managed with their other client dependent
schedules.
TECHNOLOGIES USED SOFTWARE REQUIREMENT SPECIFICATION In system engineering and software engineering, requirements analysis encompasses those tasks that go into determining the needs or conditions to meet for a new or altered product, taking account of the possibly conflicting requirements of the various stakeholders, such as beneficiaries or users. Systematic requirements analysis is also known as requirements engineering. It is sometimes referred to loosely by names such as requirements gathering, requirements capture, or requirements specification. The term requirements analysis can also be applied specifically to the analysis proper (as opposed to elicitation or documentation of the requirements, for instance). Requirements analysis is critical to the success of a development project. Requirements must be actionable, measurable, testable, related to identified business needs or opportunities, and defined to a level of detail sufficient for system design. Requirement analysis is done in order to understand the problem the software system is to solve. The problem could be automating an existing manual process, developing a new automated system, or a combination of the two. The emphasis in
16
requirements analysis is on identifying what is needed from the system, not how the system will achieve its goals. There are at least two parties involved in the software development-a client and a developer. The developer has to develop the system to satisfy the client’s needs. The developer does not understand the client’s problem domain, and the client does not understand the issues involved in the software systems. This causes a communication gap, which has to be adequately bridged during requirements analysis. SYSTEM REQUIREMENTS HARDWARE SPECIFICATION OPERATING SYSTEM
: Ubuntu Linux 11.10 or Windows XP,Vista,7
PROCESSOR
: 32/64 bit, I3
RAM
: 2 GB
HARD DISK
: 40 GB
MONITOR
: SVGA Monitor (800 * 600RESOLUTIONS)
CLOCK SPEED
: 266 MHz
SOFTWARE SPECIFICATION DESIGNING LANGUAGE
: HTML, CSS
PROGRAMMING LANGAGE
: Java(JSE 7)
WEB TECHNOLOGIES/ FRAMEWORKS
: JEE6(JSP) & Struts 2.2.3
DATA BASE
: My SQL5/Oracle log
IDE
: ECLIPSE INDIGO
SERVER
: Tomcat 7.0.25/Glassfish 3
17
FEATURES OF SOFTWARE Windows XP/2000 Advantages The computing world was presented with the first release of the totally new and revolutionary operating system. Microsoft windows performance and features that previously has been accessible only on $20,000 annotations became instantly available to anyone with a high-end personal computer. Windows is now Microsoft Corporation’s premier operating system. Designed around a powerful and well thought software architecture, the primary features that allow Windows to use the full power of today’s processors are Scalability The ability to run on a single pc chip with a single user up to a multi-user, microprocessor and network installation. The Windows GUI The familiar graphical user interfaces it presents to the world.
Front End (J2EE) Sun Microsystems provides specifications for a comprehensive suite of technologies to solve large scale distributed system problems. This suite is the Java 2 Enterprise Edition, commonly known as J2EE. The J2EE Platform provides a component-based approach to the design, development, assembly, and deployment of enterprise applications. The J2EE platform is designed to provide server-side and client-side support for developing enterprise, multi-tier applications. Such applications are typically configured as a client tier to provide the user interface, one or more middle-tier modules that provide client services and business logic for an application, and backend enterprise information systems providing data management. J2EE APIs JDBC – Java Database Connectivity RMI – IIOP - Remote Method Invocation over Internet Inter-Orb Protocol
18
EJB – Enterprise Java Beans Java Servlet JSP – Java Server Pages JMS – Java Message Service JNDI – Java Naming and Directory Interface J2EE Technologies
Figure 1: J2EE Container
J2EE applications are made up of components. A J2EE component is a self-contained functional software unit that is assembled into a J2EE application with its related classes and files and that communicates with other components. The J2EE specification defines the following J2EE components: The Component technologies – to hold the business logic. (JSP, Servlets and EJB) The Service technologies – to provide supported services to application components (JDBC, JTA, JNDI) The Communication technologies – transparent to appln programmer, provide the mechanism for communication among different parts of the application JavaMail, RMI-IIOP)
19
J2EE does not specify the nature and structure of the runtime. J2EE Container – capability of the runtime to manage application components. J2EE APIs specifies the contract between the applications and the container. Different Containers – Web, EJB, Applet, application client. The J2EE platform uses a multi-tiered distributed application model. Application logic is divided into components according to function, and the various application components that make up a J2EE application are installed on different machines depending on the tier in the multi-tiered J2EE environment to which the application component belongs Client-tier components run on Client machine. Web-tier components run on the J2EE server. Business-tier components run on the J2EE server. Enterprise information system (EIS)-tier software runs on the EIS server.
Enterprise JavaBeans(EJB) Enterprise JavaBeans (EJB) technology is a J2EE technology for developing business components in a component-based, enterprise Java application. Business components developed with EJB technology are often called Enterprise JavaBeans components or simply "enterprise beans." They are re-usable software units containing business logic. An EJB is just a collection of Java classes and an XML Request, bundled into a single unit. Java classes must follow certain rules and provide certain callback methods. There are three types of enterprise beans:
20
Session beans o Stateful o Stateless Entity beans o Bean-managed Persistence (BMP) o Container-managed Persistence (CMP) o Enterprise Javabeans Query Language Message-driven beans
Session beans A session bean represents a single unique session between a client and an instance of the bean. A session bean can't be shared. One instance of the bean is tied to a specific client in a specific session. The session bean exposes methods that a client can call to execute business tasks on the server. When Client's session ends, the session bean is no longer associated with that client. There are two types of session beans: stateful and stateless. o Stateful A stateful session bean maintains data about the unique client-bean session in its instance variables. The data represents the state (often called the "conversational state") of that specific session. The conversational state is maintained for the life of Client-bean association. Significantly, this means that the data is maintained across operations. o Stateless A stateless session bean does not maintain conversational state for its client. Because a stateless session bean cannot maintain conversational state across methods, it's typically used for one-step tasks, such as sending an email that confirms an online order. Entity beans An entity bean represents data in a storage medium, such as a relational database. Each entity bean may correspond to a table in a relational database, and each instance of the
21
bean corresponds to a row in that table. Entity beans are not limited to representing relational databases. They can represent data in other types of data stores, but the majority of enterprise applications that use EJB technology access data in relational databases. An entity bean can manage its own persistence (this is called bean-managed persistence) or let the EJB container manage it (container-managed persistence). With bean-managed persistence, the entity bean code includes SQL statements that access the database. With container-managed persistence, the EJB container automatically generates the necessary database access calls.
Message Driven Beans A message-driven bean processes asynchronous messages typically sent through the Java Message Service (JMS) API. Asynchronous messaging frees the message sender from waiting for a response from the message receiver. A message-driven bean can process messages sent by any J2EE component (such as an application client, another enterprise bean, or a web component) or by a JMS application or system that does not use J2EE technology. Often message-driven beans are used to route messages. This makes them useful in many business-to-business communication scenarios.
Back End (Oracle 10g Database and Application Server) Oracle Wwblogic Application Server Enterprise Edition Includes: Oracle Forms Services, Oracle Reports Services, TopLink, Portal, Discoverer Viewer, Discoverer Plus (Web Functionality), Identity Management (LDAP), Application Interconnect Toolkit, Workflow, Wireless Option, Personalization, and 5 JDeveloper Named User Plus licenses per Processor. Oracle Database 10g Enterprise Edition Includes: JServer Enterprise Edition, interMedia, Objects Option, Networking Kit, Objects for OLE, Advanced Replication Option, Distributed Option, Parallel Query Option, (including bitmap indexes and parallel bitmap-star query), SQL*Plus, Visual 22
Information Retrieval and Workflow. Also included are: Advanced Backup & Recovery, Queuing, Advanced, Connection Manager & Pooling, 64-bit option, MPI, OCI, ODBC Driver, Enterprise Manager and Enterprise backup utility.
Other Features of ORACLE
23
Client/Server (distributed processing) environments Large databases and spaces management
To take full advantage of a given computer system or network, Oracle allows processing to be split between the database server and Client application programs.
Oracle supports the largest of databases, potentially 100 terabytes in size. To make efficient use of expensive hardware devices, it allows full control of space usage. Many concurrent Oracle supports large numbers of concurrent users database users executing a variety of database applications operating on the same data. It minimizes data contention and guarantees data concurrency. High transaction Oracle maintains the preceding features with a high processing degree of overall system performance. performance High availability Oracle can work 24x7 with no down time for quite a large amount of time. Controlled Oracle can selectively control the availability of data, availability at the database level and sub-database level. For example, an administrator can disallow use of a specific application so that the application’s data can be reloaded, without affecting other applications. Database enforced Oracle enforces data integrity, “business rules” that integrity dictate the standards for acceptable data. As a result, the costs of coding and managing checks in many database applications are eliminated. Distributed Systems For networked, distributed environments, Oracle combines the data physically located on different computers into one logical database that can be accessed by all network users. Distributed systems have the same degree of user transparency and data consistency as non-distributed systems, yet receive the advantages of local database management. Oracle also offers the heterogeneous option that allows users to access data on some non-Oracle databases transparently. Portability Oracle software is ported to work under different operating systems. Applications developed for Oracle can be ported to any operating system with little or no modification. Compatibility Oracle software is compatible with industry standards, including most industry standard operating systems. Applications developed for Oracle can be used on virtually any system with little or no modification. Connection ability Oracle software allows different types of computers and operating systems to share information across network. Replicated Oracle software lets you replicate groups of tables and environment their supporting objects to multiple sites. Oracle supports replication of both data-and schema-level changes to these sites. Oracle’s flexible replication 24 technology supports basic primary site replication as well as advanced dynamic and shared-ownership models.
JAVA Script JavaScript was originally developed by Brendan Eich of Netscape under the name Mocha, later LiveScript, and finally renamed to JavaScript. The change of name from LiveScript to JavaScript roughly coincided with Netscape adding support for Java technology in its Netscape Navigator web browser. JavaScript was first introduced and deployed in the Netscape browser version 2.0B3 in December of 1995. When web developers talk about using JavaScript in Internet Explorer, they are actually using JScript. The choice of name proved to be a source of much confusion. As of 2006, the latest version of the language is JavaScript 1.7. The previous version 1.6 corresponded to ECMA-262 Edition 3 like JavaScript 1.5, except for Array extras, and Array and String generics. ECMAScript, in simple terms, is a standardized version of JavaScript. The ECMA-357 standard specifies E4X, a language extension dealing with XML. JavaScript is a prototype-based scripting language with a syntax loosely based on C. Like C, the language has no input or output constructs of its own. Where C relies on standard I/O libraries, a JavaScript engine relies on a host environment into which it is embedded. There are many such host environment applications, of which web technologies are the best-known examples. These are examined first. One major use of web-based JavaScript is to write functions that are embedded in or included from HTML pages and interact with the Document Object Model (DOM) of the page to perform tasks not possible in HTML alone. Some common examples of this usage follow. Opening or popping up a new window with programmatic control over the size, position and 'look' of the new window (i.e. whether or not the menus, toolbars, etc. are visible). Validation of web form input values to make sure that they will be accepted before they are submitted to the server. Changing images as the mouse cursor moves over them: This effect is often used to draw the user's attention to important links displayed as graphical elements.
25
Feasibility Study Depending on the results of the initial investigation, the survey is expanded to a more detailed feasibility study. Feasibility study is a test of system proposal according to its workability, impact on the organization, ability to meet user needs, and effective use of resources. The objective of the feasibility study is not to solve the problem but to acquire a sense of its scope . During the study, the problem definition is crystallized and aspects of the problem to be included in the system are determined.
26
Consequently, costs and benefits are described with greater accuracy at this stage. It consists of the following: Statement of the problem: A carefully worded statement of the problem that led to analysis. 1. Summary of finding and recommendations: A list of the major findings and recommendations of the study. It is ideal for the user who requires quick access to the results of the analysis
of the
system under study. Conclusion are stated , followed by a list of the recommendation and a justification for them. 2. Details of findings : An outline of the methods and
procedures
under-taken by the existing system, followed by coverage of the objectives and procedures of the candidate system. Included are also discussions of output reports, file structures, and costs and benefits of the candidate system. 3. Recommendations
and
conclusions: Specific
recommendations
regarding the candidate system, including personnel assignments, costs, project schedules, and target dates.
TECHNICAL FEASIBILITY This involves financial considerations to accommodate technical enhancements. If the budget is a serious constraint, then the project is judged not feasible.
ECONOMICAL FEASIBILITY With the help of banking application it will lead to decrease in cost of opening and maintaining offices which will be more than the cost of developing and maintaining the Application.
27
OPERATIONAL FEASIBILITY This Application is very easy to operate as it is made user friendly. Main consideration is user’s easy access to all the functionality of the Application.
28
System Design ER Diagram
Figure 2: ER Diagram
29
UML Diagram
Figure 3: UML Diagram
30
Data Flow Diagrams
0th Level DFD
Figure 4: Data Flow Diagram
31
Figure 5: 1st level DFD
32
2ND Level DFD’S
Figure 6: 2nd level DFD’s
33
CHANGE PASSWORD
Figure 7: Change Password
34
Compose Mail
Figure 8: Compose Mail
35
Validate Mail
Figure 9: Validate Mail
36
Create Certificate
Figure 10: Create Certificate
37
Sent Mail
Figure 11: Sent Mail
38
Screen Shots Screen 1 - Login Screen
Figure 12: Screen Shot 1- Login Screen
39
Screen 2.1 – Home Screen This is home page of Administrator
Figure 13: Screen Shot 2.1- Home Screen
40
This is home page of User
Figure 14: Screen - User Home Screen
41
Screen 2.2 – Create Certificate
Figure 15: Screen Shot 2.2- Create Certificate
42
Create Successfully
Figure 16: Screen - Create Successfully
43
Screen 3 – Compose Writing
Figure 17: Screen Shot 3 - Compose
44
Attaching files
Figure 18: Screen – Attach Files
45
Write your massage
Figure 19: Screen – Write your massage
46
Encryption
Figure 20: Screen – Encryption
47
Signing
Figure 21: Screen – Signing
Insert addresses
48
Figure 22: Screen – Insert addresses
49
Screen 4 – Registration
Figure 23: Screen Shot 4 - Registration
50
Registration Successfully
Figure 24: Screen - Registration Successfully
51
Screen 5 – Edit Profile
Figure 25: Screen Shot 5 – Edit Profile
52
Screen 6 – Change Password
Figure 26: Screen Shot 6 – Change Password
53
Screen 7 – Forgot Password
Figure 27: Screen Shot 7 – Forgot Password
Answer the Security Question
54
Figure 28: Screen – Answer the Security Question
Recovered Password
55
Figure 29: Screen – Recovered Password
56
Screen 8 – Sent Mail
Figure 30: Screen Shot 8 – Sent Mail
57
Open Sent Mail
Figure 31: Screen – Open Sent Mail
58
SYSTEM TESTING AND IMPLEMENTATION 59
The testing and implementation they are important and final phases. All the process that has been done is just a trail or by assumption. All the required hardware & software is prepared for the testing so that some errors or some modifications may be required for further proceeding. SYSTEM TESTING Testing is vital to the success of the system. System testing makes a logical assumption that if all parts of the system are correct. The goal will be successfully achieved. There are four steps with in, they are,
Unit Testing
Integration Testing
Validation testing
Output Testing
UNIT TESTING In this testing, the smaller part of the project is tested first that is modules and the sub functions present in the project. It seems to be working satisfactorily with out the errors and that shows the unit testing is successful. INTEGRATION TESTING The integration testing is a part that the software makes all functions behaviors and process required. The errors which are uncovered are integrated testing, are corrected during this phase. The collection of the functions are tested and found with errors are rectified .So that the result can be easily obtained in a successful manner. VALIDATION TESTING The validation part is very much essential for each every application projects so that each data can be validated in a good manner. In some cases the records are created according to the key of the corresponding table to which it has been referenced for data constraint for good secured database. While testing the system by using test data errors are again uncovered and corrected by using above testing steps and corrections are also noted for future use. If there is any error then it is allowed for testing from the beginning.
60
OUTPUT TESTING The output is major required part of the development of the project. The output is tested for required format, if it does not acquire such format then the testing is done or any screen modification is alone for the further operations. The output testing is mainly for the two things they are,
On screen format
Print format
The screen is found to be correct as the format designed according to the user needs for the hard copy also; the output comes out as specified by the user. Hence output testing doesn’t result in any correction in the system.
SYSTEM IMPLEMENTATION Training the operating staff Installing hardware Installing terminals Installing telecommunication network before system is up and running. In the implementation phase, the project reached its fruition. After the development phase of the SDLC is complete, the system is implemented. The software, which was designed in design and programmed in development phase of the SDLC, was installed on all the PCs that require it. The persona’s using the program was trained during this phase of the SDLC. Moreover, both the hardware and software are tested. Although we found and fixed many problems, almost invariably, the user’s helped us to uncover problems that we were unable to simulate. These were the main activities performed by us in the course of the project, which lead to its proper completion.
POST IMPLEMENTATON REVEIW
61
When computer based systems are built therefore we must develop mechanism for evaluating controlling and making modifications, maintenance issued to improve the case with which the changes can be accommodated and reduce the amount of expended on its maintenance activity occurs because it is unreasonable to assume that software testing will uncover all latest errors in a large software system. The final event in the post implementation flow is review that revalidates all elements of the system configuration and ensures correctness, after the software maintenance, software reviews is being conducted for future maintenance effort and provides feedback, which is important to effectively management of software organization.
62
References and Bibliography Web Reference
www.java.sun.com Official Java Website
www.java.sun.com/developer/onlineTraining/J2EE/Intro2/j2ee.html Training for J2EE
www.java.sun.com/j2se/1.4.2/docs/api/index.html J2SE Online Documentation from Sun
www.w3schools.com JavaScript Tutorials
Books
API DOCS –JAVA, J2EE, Java Mail, Java Servlets, JSPs By: Sun Microsystems
Java2 - The Complete Reference(7TH Edition) By: Herbert Schildt
JSP - The Complete Reference By: Philhanna
Oracle 10g By: Ivan Baross
Software Engineering By: Roger Pressman
Head First Servlets & JSP By: Bryan Bashan, Kathy Sierra & Bert Bates
63
View more...
Comments