Highly confidential security system - sole survivors - SRS

• 1.Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012solesurvivors Highly Confidential Security System Software Requirements SpecificationVersion 1.0Mentor Mr.R.Jayaraj (Asst. Professor), Department of CSE Members Arun Prasath.S-090105107008Jojy George-100405107005Prabhu.E-100405107013Vivek Andrew Sha -090105107121College - Hindusthan College of Engineering and Technology, Coimbatore 641032 Department - Computer Science and Engineering State - Tamil NaduSole Survivors | Hindusthan College of Engineering and Technology1

2. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012Revision History DateVersionDescriptionAuthor20-12-20121.0Initial ReleaseSole SurvivorsSole Survivors | Hindusthan College of Engineering and Technology2 3. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012Table of Contents DescriptionPage No1. Introduction4-91.1 Methodology 4 1.2 Purpose .. .. 5 1.3 Scope . .. 5 1.4 Definitions, Acronyms and Abbreviations .. 6 1.5 References .. 7 1.6 Technologies to be used ..71.7 Tools to be used . . 7 1.8 Overview .. 92. Overall Description9 - 182.1 Product Perspective . 9 2.2 Product Functions. 10 2.3 Software Interface . 10 2.4 Hardware Interface . 11 2.5 User Characteristics . 12 2.6 Constraints .. 12 2.7 Assumptions and Dependencies 12 2.8 Architecture Design . 13 2.9 Use Case Model Survey ... 14 2.10 Database Design.. 15 2.11 ER diagram. 163. Specific Requirements17 - 333.1 Use Case Reports . 17 3.2 Activity Diagrams 20 3.3 Sequence Diagrams . 294. Supporting Information344.1 Index. 34Sole Survivors | Hindusthan College of Engineering and Technology3 4. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20121. Introduction In day-to-day life it is quite hard to remember all confidential data like Mail Id, Password, bank account number, Insurance policy number, PAN number, Driving License number, education certificate Numbers, Some highly value scan copy, some confidential photo, music and videos. Crypto Locker is a highly secure web application to store all confidential data in single credential.1.1 Methodology The Rational Unified Process brings together elements from all of the generic process models, supports iteration and illustrates good practice in specification and design. The RUP is normally described from three perspectives: A dynamic perspective that shows the phases of the model over timeA static perspective that shows the process activities that are enactedA practice perspective that suggests good practices to be used during the processSole Survivors | Hindusthan College of Engineering and Technology4 5. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012Inception The goal of the inception phase is to establish a business case for the system. Identifying all external entities that will interact with the system and defining these interactions. This information is used to assess the contribution of system to business.Elaboration The goals of the elaboration phase are to develop an understanding of the problem domain, establish an architectural framework, develop project plan and identify key project risks.Construction This phase is concerned with system design, programming and testing. Parts of the system are developed in parallel and integrated during this phase.Transition This is the final phase of RUP and is concerned with moving the system from the development community to the user community and making it work in real environment.1.2 Purpose Crypto Locker is a web application developed for secure and easy access of data. Crypto Locker is a useful and convenient application that spares you the trouble of remembering the passwords and securing the files. This application helps people to store their passwords and various types of files like photos, music and videos in a secure and efficient manner. The application which we develop here uses state of the art encryption technology to secure files and access over anywhere in the world using the internet.1.3 Scope There are two basic users Administrator, User.All users have their own profile in Crypto Locker.Administrator has an ability to manage the registered user profiles and organize the files stored in the server.Administrator has the ability to provide the notification message to the logged users via webpage.Public peoples are the users used this web application to protect their important details in single credentials.Citizens (users) can access their files through internet from anywhere in the world.Sole Survivors | Hindusthan College of Engineering and Technology5 6. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20121.4 Definitions, Acronyms and Abbreviations AJAX - Asynchronous JavaScript and XML is about updating parts of a web page, without reloading the whole page.Database platform (DB2) - DB2 Database is the database management system that delivers a flexible and cost effective database platform to build robust on demand business applications and supports the J2EE and web services standards.WASCE - Websphere Application Server Community Edition is an application server that runs and supports J2EE and web service applications.UML - Unified Modeling Language is a standard language for writing software blueprints. The UML may be used to visualize, specify, construct and documentXML - eXtensible Markup Language is a text based format that let developers describe, deliver and exchange structured data between a range of applications to client for display and manipulation.JSP - Java Server Pages is used to create dynamic web content. J2EE - Java 2 Enterprise Edition is a programming platform which is a part of java platform for developing and running distributed java.HTTP - Hypertext Transfer Protocol is a transaction oriented client/server protocol between web browser and a Web Server.HTTPS - Secure Hypertext Transfer Protocol is a HTTP over SSL (secure socket layer). RAD - Rational Application Developer is a development tool that helps to design web pages and also helps to design the diagrams like ER, Database schema diagrams and to generate DDL.WAS (Websphere Application Server) - It is an application server that runs business applications and supports the J2EE and web services standards.Sole Survivors | Hindusthan College of Engineering and Technology6 7. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012SOA: Service-Oriented Architecture is a set of principles and methodologies for designing and developing software in the form of interoperable services.1.5 References IBM TGMC Sample Synopsis.Software Engineering Theory and Practice (2nd Edition) - Shari Lawrence PfleegerDatabase Management Systems - Navathe.Object Oriented Modeling and Design with UML (2nd Edition) - Michael Blaha, James Rambaugh.Java Complete Reference (7th Edition) Herbert Schildt.Cryptography and Network Security William Stallings1.6 Technologies to be used J2EE : Programming Platform for developing and running distributed JavaAJAX : Updating parts of a web page, without reloading the whole page.SOA : Set of principles and methodologies for designing and developing software in the form of interoperable services. UML : Standard for writing software blueprints, and used to visualize, specify, construct and document. XML : XML is a text based format that let developers describe, deliver and exchange structured data between a range of applications to client for display and manipulation.Jasper: Jasper Reports is an open source Java reporting tool that can write to a variety of targets, such as: screen, a printer, into PDF, HTML, Microsoft Excel, RTF, ODT, Commaseparated values or XML files.1.7 Tools to be used Rational Rose Rational Rose is an object-oriented programming (OOP) and unified modeling language (UML) tool to design enterprise-level software applications and components. It creates visual software application models under object-oriented principles. Example application models include the creation of actors, use cases, relationships, entities, etc. It uses classical UML concepts to graphically model software applications. This facilitates documenting the environment, requirements and overall design. Sole Survivors | Hindusthan College of Engineering and Technology7 8. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012Eclipse Eclipse is a multi-language software development environment comprising an integrated development environment (IDE) and an extensible plug-in system.WPS WPS stands for Wi-Fi Protected Setup and was designed to simplify the process of configuring security on wireless networks.Rational Software Architect (RSA) IBM Rational Software Architect, (RSA) made by IBM's Rational Software division, is a comprehensive modeling and development environment that uses the Unified Modeling Language (UML) for designing architecture for C++ and Java 2 Enterprise Edition (J2EE) applications and web services.Development tool RAD IBM Rational Application Developer for Web Sphere Software (RAD) is an integrated development environment (IDE), made by IBM's Rational Software division, for visually designing, constructing, testing, and deploying Web services, portals, and Java (J2EE) applications.Websphere Application Server (WAS) IBM Websphere Application Server (WAS), a software application server, is the flagship product within IBM's Websphere brand. WAS is built using open standards such as Java EE, XML, and Web Services.Web server WASCE Websphere Application Server Community Edition (from now on WASCE) is a free, certified Java EE 5 server for building and managing Java applications. It is IBM's supported distribution of Apache Geronimo that uses Tomcat for servlet container and Axis 2 for web services. Over 15 WASCE developers are committers in the Apache Geronimo project.DB2 (Database 2) DB2 is a family of relational database products provides an open database environment that runs on a wide variety of computing platforms. A DB2 database can grow from a small single-user application to a large multi-user system. Sole Survivors | Hindusthan College of Engineering and Technology8 9. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20121.8 Overview The SRS will include two sections, namely: Overall Description This section will describe major components of the system, interconnections, and external interfaces. Specific Requirements This section will describe the functions of actors, their roles in the system and the constraints faced by the system.2. Overall Descriptions 2.1 Product Perspective The Crypto Locker is available for use by the administrator and the user. The administrator and users will use the webpage as a front end. The browser goes through an http server. Application server manages the connection between the front end and backend, all types of information and data, that are necessary for the users are stored in DB2.Sole Survivors | Hindusthan College of Engineering and Technology9 10. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20122.2 Product Functions The Crypto Locker service provides the user interface (UI) to user and administrator for creating their profiles.This product has the ability to send the Account verification link to the users mail, while creating their account.This product has the ability to send Password Reset link to the users mail, if the user forgets the password for accessing the account.This product is able to detect the users browsers.This product provides the users to create the locker facilities for Bank account information, Music, Video and Image files.This product allows the registered users to store their important details on a server in an encrypted format and while downloading, it is automatically decrypted.This product provides the facility for administrators to generate the reports on users logs in .PDF and Microsoft Excel formats.It ask the accounts current password from the user when they want their personal credentials from our server as a report (PDF and Excel).2.3 Software Interface (All users require internet for communication)Public People (users) Web browser (any), operating system (any)Administrator Web browser (any), operating system (Windows)Web Server WASCE, Operating System (Windows)Data Base Server DB2, operating system (Windows)Development End RAD (J2EE, java, java bean, Servlet, HTML, XML, AJAX) operating system (Windows), Web Sphere (Web Server)Sole Survivors | Hindusthan College of Engineering and Technology10 11. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20122.4 Hardware Interface 2.4.1 Minimum RequirementsCrypto Locker (Server)Processor Storage SpaceRAMDisk SpaceIntel Pentium IV 4 GB RAM5 TB1 GB RAM1 GBAMD Athlon (1.8 GHz) DB2 9.72Users (Public People)BrowserProcessorRAMInternet Explorer 7, Firefox 13 withIntel Pentium IV AMD1 GB RAMFlash Plug-insAthlon (1.8 GHz)2.4.2 Recommended RequirementsCrypto Locker (Server)Processor Storage SpaceRAMDisk SpaceIntel Core Family (Any)8 GB RAM10 TB2 GB RAM2 GB AMD Phenom DB2 9.72(2.2 GHz)Users (Public People)BrowserRAMIntel Core Family (Any) Latest Versions of Browsers (any)Processor2 GB RAMAMD Phenom (2.2 GHz)Sole Survivors | Hindusthan College of Engineering and Technology11 12. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20122.5 User Characteristics Both users and administrator on internet will be using HTTP protocol.Users use the FTP protocol for uploading and downloading the files from or to the server.Administrator configures the SMTP Server for sending the mail to the user.2.6 Constraints GUI is only in English.Login and password is used for the identification of the user (public people) and administrator.Limited to HTTP, SMTP and FTP protocol.Centralized server is used.2.7 Assumptions and Dependencies Crypto Locker is a platform independent web application. It is assumed that the client or user computer has latest browser with JavaScript enabled. In addition, Firefox and Internet Explorer need the flash plug-ins to play the media files. For configuring the SMTP Server it needs the Linux operating system with at least kernel version 2.6.30, if server is in windows then it may need Windows Server. Sending the message (SMS) to the users mainly depends on the network operator.Sole Survivors | Hindusthan College of Engineering and Technology12 13. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20122.8 Architecture DesignSole Survivors | Hindusthan College of Engineering and Technology13 14. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20122.9 Use Case Model Survey2.9 Use Case Model SurveyUsers (Public People) Users can upload their files in their own personal locker. The locker includes various subsets like Music locker, Image locker, Video locker, Password locker and Bank Account Information locker. Users can access their personal (uploaded) files through internet. Users can participate in forum discussions to clarify their doubts and also able to view the notifications sent from the administrator.Sole Survivors | Hindusthan College of Engineering and Technology14 15. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-2012Administrator Administrator has the ability to manage the registered users profile. Administrator can send the notification to the logged user about any changes in the service and also clarify the users doubts and questions about the service.System While users are trying to create their account, Crypto System validates the users details and post the message (success or failure) to them. Server has the ability to send the Password reset link to the users mail, if the user forgets the password to access their account. It automatically blocks the abuse users. When users are uploading the file, the system encrypts it by using the algorithm, when the users are downloading their file, the system decrypts it.2.10 Database DesignSole Survivors | Hindusthan College of Engineering and Technology15 16. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20122.11 ER DiagramSole Survivors | Hindusthan College of Engineering and Technology16 17. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123. Specific Requirements 3.1 Use Case Reports 3.1.1 Administrator3.1.1 Use Case Report for AdministratorUSECASE Register Username Verification Sign In Validate Password Profiles Update Profile Manage user Profiles Push Notification Generate Reports Manage FAQ Sign outDESCRIPTION The administrator create their account for managing the service It checks the provided name with already existing name during registration The admin can sign in into account and manage the service The server validates the password and lets the admin use the service The admin can view their own profile The admin can update their own profile in case of any changes The admin can manage the field registered users profile The admin can push/send the notification in case of any changes The admin can able to generate the reports about the service The admin may clarify the doubts from clients Logged out from the serverSole Survivors | Hindusthan College of Engineering and Technology17 18. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.1.2 Public People3.1.2 Use Case Report for Public People (Users)USECASE Register Username Verification Sign In Validate Password Profiles Update Profile FAQ View Notifications Download File Generate Reports Upload File Encryption/Decryption Lockers Sign outDESCRIPTION Citizens can create their account for using the service It checks the provided name with already existing name during registration The user can sign in into account and use the service The server validates the password and lets the user use the service The user can view his profile The user can update his current status about the case The user can able to post and reply their answers in the forum like page The user receive the notification message from the administrator The user can download their personal data using the secret key The user can generate report from remote location. The user can upload their personal data into the server All data can be securely transmitted and received using Encryption algorithm It includes image, video, music, password and bank account details Logged out from the serviceSole Survivors | Hindusthan College of Engineering and Technology18 19. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.1.3 Crypto System3.1.3 Use Case Report for Crypto SystemUSECASE Encryption Decryption Block abuse user Validate Registration Send Mail Send Password TokenDESCRIPTION The system encrypts the files from the users disk when he/she want to upload The system decrypts the files from the server when the user want to download Sever automatically blocks the lazy and abuse users based on the rules Server Validates the user details and registers it into the database Server sends the verification link to the user for the confirmation Server sends the password token in case the user forgets the passwordSole Survivors | Hindusthan College of Engineering and Technology19 20. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2 Activity Diagrams 3.2.1 User Registration The user is made to fill all the mandatory fields, each user must choose a unique user name. If the user has filled a name that is already present in the database, then the user will be prompted to fill in a different username. After this the user must enter the new password twice. When the user clicks the submit button the database verifies all the mandatory fields are filled or not. When all the fields are filled the verification mail is automatically send to users mail, after click the verification link the user is registered, otherwise the user is made to fill the fields again.3.2.1 User Registration Activity Sole Survivors | Hindusthan College of Engineering and Technology20 21. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.2 Validate Registration The user enters the registration details. The system validates the details and if the details are found invalid the system rejects it else the system sends the verification mail to the user. The user needs to follow the verification link to complete his registration.3.2.2 Validate RegistrationSole Survivors | Hindusthan College of Engineering and Technology21 22. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.3 Login Activity The user enters the login credentials. The System validates the login credentials. If the login credentials are valid then the system detects the type of user. If user is a member then the system redirects to the members home page. If the user is administrator then the system redirects to the administrators home page.3.2.3 Login Activity Sole Survivors | Hindusthan College of Engineering and Technology22 23. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.4 Password Reset If the user forgets his password then he should click on the Forget password link. Then the system prompts him to enter his Mail ID. The system validates the Mail ID. If the Mail ID is valid then the system sends the password reset mail to that Mail ID. If the Mail ID is invalid then the system displays the error message.3.2.4 Password Reset Activity Sole Survivors | Hindusthan College of Engineering and Technology23 24. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.5 Public People The public people (user) can login to the website using a supplied username and password. After logging in the user can perform several tasks such as generate reports, access lockers, participate in FAQ center, edit profiles and view the notifications sent from the administrator.3.2.5 Public People (users) on WebSole Survivors | Hindusthan College of Engineering and Technology24 25. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.6 FAQ Page The administrator and the user participate in the FAQ (Discussion forum) for clarifying their doubts. Both admin and citizen can view the posts and may reply to the post, or may be post the questions from the remote location.3.2.6 FAQ Sole Survivors | Hindusthan College of Engineering and Technology25 26. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.7 Access Lockers A crypto Locker service is provided for the users, who need to store their confidential details in a single password. To access the lockers first he/she need to enter their Crypto Locker credential to login. After that he has the ability to open locker and manage that by uploading and downloading the files. He is also able to generate the reports about their activity for a certain period in a .PDF format documented file.3.2.7 User Access the LockersSole Survivors | Hindusthan College of Engineering and Technology26 27. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.8 Administrator The administrator login into their accounts home page and manage the overall activity of the application like user management, own profile management, frequently asked Questions i.e., Discussion forum management, notifications management and finally generate the reports.3.2.8 Administrator on WebSole Survivors | Hindusthan College of Engineering and Technology27 28. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.2.9 Crypto System The web application has the automatic controls itself. While registration the server system validate the user details, if there is any issues then it automatically denies the registration process, and during the upload, download process encryption and decryption process starts with the help of key provided by the user. Also it blocks the abuse user to prevent the server from any misbehavior activities.3.2.9 Server systems ActivitySole Survivors | Hindusthan College of Engineering and Technology28 29. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.3 Sequence Diagrams 3.3.1 User RegistrationSole Survivors | Hindusthan College of Engineering and Technology29 30. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.3.2 Login SequenceSole Survivors | Hindusthan College of Engineering and Technology30 31. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.3.3 Password ResetSole Survivors | Hindusthan College of Engineering and Technology31 32. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.3.4 Upload FilesSole Survivors | Hindusthan College of Engineering and Technology32 33. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20123.3.5 Download FilesSole Survivors | Hindusthan College of Engineering and Technology33 34. Highly Confidential Security System Software Requirements Specification Sole SurvivorsVersion 1.0 20-12-20124. Supporting Information 4.1 Index AISAbbreviations - 6Inception - 5Scope - 5Acronyms 6Interface 10, 11Sequence Diagrams 29Activity Diagrams 20Introduction - 4SOA - 7Administrator 10, 15 AJAX - 6, 7 Architecture Design - 13J J2EE 6, 7Software 10 Specific Requirements -9, 17JSP - 6TMTechnologies - 7Methodology - 4Tools 7Minimum Requirements - 11Transition - 5OUAssumptions - 12C Constraints 12 Construction - 5 Crypto Locker - 9Operating System- 10, 12DOverview 9Database Design 15Overall Descriptions - 9Database platform 6UML 6, 7 Use Case Model - 14 Use Case Reports 17PUser - 14DB2 - 6, 8Product Perspective 9User Characteristics - 12Definitions - 6Product Functions 10WDependencies - 12Public People - 14WASCE 6, 8Development Tool - 8Purpose - 5WAS 6, 8ERWPS 8Eclipse 8RAD - 6Web Server 10Elaboration - 5Rational Rose - 7XER Diagram - 16RSA 8XML 6, 7HRecommended - 11Hardware - 11References - 7Development End - 10HTTP - 6Sole Survivors | Hindusthan College of Engineering and Technology34