A MINIOR PROJECT REPORT ON KEYPASS PASSWORD PROTECTION MANAGER Submitted by HEMANT KUMAR Uni.Roll No.08ESMIT021 SANJAY TIWARI. Uni.Roll No.08ESMIT049 CHARUL BHUDIRAJA Uni.Roll No.08ESMIT013 in partial fulfillment for the award of the degree of BACHELOR OF TECHNOLOGY in INFORMATION TECHNOLOGY 1
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
A
MINIOR PROJECT REPORTON
KEYPASS PASSWORD PROTECTION MANAGER
Submitted by
HEMANT KUMAR Uni.Roll No.08ESMIT021
SANJAY TIWARI. Uni.Roll No.08ESMIT049
CHARUL BHUDIRAJA Uni.Roll No.08ESMIT013
in partial fulfillment for the award of the degree
of
BACHELOR OF TECHNOLOGY
in
INFORMATION TECHNOLOGY
St.Margaret Engineering College,NeemranaRAJASTHAN TECHNICAL UNIVERSITY, KOTA
DEC-2012
1
St.Margaret Engineering College, Neemrana
BONAFIDE CERTIFICATE
Certified that this project report “KEYPASS PROTECTION MANAGER” is the
bonafide work of “CHARUL BUDHIRAJA(08ESMIT013),HEMANT KUMAR
(08ESMIT021) and SANJAY TIWARI (08ESMIT049)”, who carried out the project
work under our supervision, towards partial fulfillment of the requirements of the Degree
of Bachelor of Technology in Information & Technology Engineering from Rajasthan
Technical University, Kota.
Internal Supervisor External Supervisor
MR. KASHINATH DHARA MR. SHAILENDRA SONI
Asst. Professor Asst. Professor
CS/IT Department CS/IT Department
Date: 2.1.2012
2
St. Margaret Engineering College ,Neemrana
CERTIFICATE OF AUTHENTICATION
We solemnly declare that this project report “KEYPASS PROTECTION MANAGER”
is the Bonafide work done purely by us, carried out under the supervision of
Mr. Kashinath Dhara, towards partial fulfillment of the requirements of the Degree of
Bachelor of Technology in Information Technology from Rajasthan Technical
University, Kota during the year 2011 - 2012. It is further certified that this work has not
been submitted, either in part of in full, to any Other department of the Rajasthan
Technical University, or any other University, institution or Elsewhere, or for publication
in any form.
Date: Signature of the Student
2-1-2012 CHARUL 08ESMIT013
HEMANT 08ESMIT021
SANJAY 08ESMIT049
3
ACKNOWLEDGEMENT
We are grateful to St. Margaret Engineering College, for permitting us to undergo for a
minor project for the development of an expert system. While developing this project, we
have learnt a lot. This will be an un-forgetful experience. While developing this project, a
lot of difficulties were faced by us. But it was the help of some special people that we
have gained much confidence and developed the project quite well.
We would like to thanks Mr. KASHINATH DHARA and Mr.SHAILENDRA SONI
to co-ordinate with us and provide us the information needed to complete the analysis
part of this project.
4
ABSTRACT
KEY PASS PASSWORD PROTECTION MANAGER
Today you need to remember many passwords. You need a password for the Windows
network logon, your e-mail account, your homepage's FTP password, online passwords
(like website member account), etc. etc. etc. The list is endless. Also, you should use
different passwords for each account. Because if you use only one password everywhere
and someone get this password you have a problem. A serious ID problem to the owner
of the. The thief would have access to your e-mail account, homepage, etc.
Unimaginable.
This system is a password manager, which helps you to manage your passwords in a
secure way. You can put all your passwords in one database, which is locked with one
master key or a key file. So you only have to remember one single master password or
select the key file to unlock the whole database. The databases are encrypted. A facility
to update and change information is provided.
5
TABLE OF CONTENTS
1. Introduction 9
1.1 Purpose
1.2 Intended Audience and Reading Suggestions
1.3 Product Scope
1.4 Projectt Scope
1.5 References
2. Overall Description 11
2.1 Product Perspective
2.2 Product Functions
2.3 User Classes and Characteristics
2.4 Operating Environment
2.5 Design and Implementation Constraints
2.6 User Documentation
3. External Interface Requirements 14
3.1 User Interfaces
3.2 Hardware Interfaces
3.3 Software Interfaces
3.4 Communications Interfaces
4. System Features 15
4.1 System Feature 1
4.2 System Feature 2
6
5. Other Nonfunctional Requirements 16
5.1 Performance Requirements
5.2 Safety Requirements
5.3 Security Requirements
5.4 Software Quality Attributes
6. Software Design 18
7. Screen shots 25
8. Testing 43
8.1 Purpose
8.2 Quality
8.3 Product Quality
8.4 Testing in the Iterative lifecycle
8.5 Dimensions of Testing
8.6 Stages of Testing
8.7 System Documentation
9. Bibiliography 46
7
LIST OF FIGURES
1. Use-Case diagram 18
2. Class diagram 19
3. Sequence diagram 20
3.1 Sequence diagram login 20
3.2 Sequence diagram change password 21
3.3 Sequence diagram protect data 22
3.4 Sequence diagram unprotect data 23
4. Activity diagram 24
5.Screenshots:
Fig1 25
Fig2 26
Fig3 27
Fig4 28
Fig5 29
Fig6 30
Fig7 31
Fig8 32
Fig9 33
Fig10 34
Fig11 35
Fig12 36
Fig13 37
Fig14 38
Fig15 39
Fig16 40
Fig17 41
Fig18 42
8
1. INTRODUCTION
1.1 Purpose
To provide security to highly confidential data such as id’s and passwords that may span
from PC applications to financial information.
1.2 Intended Audience and Reading Suggestions
Intended for Project Managers, Developers, End users and Quality Assurance Engineers.
Suggested reading the document would be overall document description, product based
information gathering followed by Infrastructure requirement.
1.3 Product Scope
Language : Java(J2EE)
1.4 Project Scope
Provides registration to public in order to access the application.
The user can change his password.
Registered users can store critical and confidential data in a secured form.
Unprotect and Retrieve data as and when necessary.
The data can be retrieved anytime, from anywhere and any number of
times.
Protection provided to the stored data using the MD5 algorithm.
1.5 References
1) Java a) Java
b) JSP2.0 Dream tech Publication
9
2) Database a) Databases in Java, Worth
b) Database, SQL
10
2. Overall Description
2.1Product Perspective
In the present scenario every person is associated with some id and password. It may
pertain to accessing the PC, the web, emails, financial institutions, access to credit cards,
ATM’s etc. Most often a person tries to remember them in order to use it. It is always
known that a person or individual confuses between passwords of different id’s. Some
individuals in order to avoid confusion also adapt to use a common password for all id’s.
Both of the above can either lead to misplaced password or forgotten password or easily
hacked when the single password is known. Some individuals even try to save critical
information in books or registers or electronic diaries and carry them along. The
possibility of this carrier being lost or damaged is high. In the present scenario certain
passwords can be recovered after a procedural delay. In some cases the password can not
be reset easily and the user has to forgo or close the account permanently as in the case of
mails.
The project is to maintain a centralized server that, stores critical information and be
accessible to the user from anywhere, anytime. The server can now remember any
amount of id’s and passwords irrespective of even their lengths. Highly useful when data
such as a credit card, debit card number etc that have larger number of digits or
characters cannot be remembered easily. In order to provide higher level security the data
is stored in an unreadable format. To provide this scenario the server implements the
DES algorithm using the visual studio. Similarly whenever the data needs to be
unprotected and used the decryption ensures that the data is recovered without any loss or
alterations.
11
2.2 Product Functions
• Register a user.
• Store information with security.
• Retrieve information as and when required.
• Multi-tier architecture enables less maintenance as only the server is of
importance.
• Generate report either on a single user id or list of Id’s.
• Keys are auto generated, associated with password ensures the protection level is
higher.
• Length of the keys altered each time to suite user needs.
• The user need not remember the keys instead only filenames.
• Both the key and password within the application is maintained encrypted.
• The details of the account, key, protected file is stored into the database but not
the actual password.
2.3User Classes and Characteristics
The application can be used by general public, organizations etc without having to be
specific to any community. The user who has registered only has access to this
application.
2.4Operating Environment
Software Requirements:
Operating System : Windows 7(Home Basic)
Language : Java
Front End : HTML, JSP
12
Backend : SQL
Web server : Apache Tomcat
Hardware Requirements (Minimum)
Processor : PIV MB
Ram : 512
Hard Disk : 40 GB Space
Monitor : VGA Color (256)
2.5Design and Implementation Constraints
The application is designed using JSP. Hence all the design or screens are done using
web pages. The constraints are that JVM should be available and running for the
application to execute. As the database is in SQL, SQLYog should be installed. Tomcat
should be installed and running.
2.6User Documentation
The product is provided with built-in manual that would help the end user use the system
for functioning.
13
3.External Interface Requirements
3.1User Interfaces
The application provides with keyboard shortcuts and a facility to use the mouse to
trigger the required actions. They act as shortcuts and provide an easy navigation within
the software. Output data to the user including errors and exceptions are displayed
through message boxes and dialogs using HTML.
3.2Hardware Interfaces
The application concentrates on the multi tier scenario and has no dependency on the
network or protocols. When executed on a standalone machine no additional peripheral
requirements are needed.
3.3Software Interfaces
The incoming data to the product would be raw text data and outgoing data would be
binary. SQL, JVM and Tomcat are the needed software interfaces.
14
4. System Features
1. Login & Security
The module deals with authentication of the users using the application. There are
basically two types of users – Administrator & the public.
Each of the above users are associated with user id and password. The user id is unique to
each user. The users login with the specified id and password to access their schema
information. Additional facility to change their password is also provided.
2.ID & Password Manager
This module deals with storing as many IDs and correlated passwords into the database.
Each user can have more than one id stored. The password is sent to the Blowfish
encryption module to have it encrypted or converted to cipher text before it can be stored
in the database. Each id acts as the primary key for that password. The id is then used to
retrieve the associated password later.
3.MD5 Encryption
The main MD5 algorithm operates on a 128-bit state, divided into four 32-bit words,
denoted A, B, C and D. These are initialized to certain fixed constants. The main
algorithm then operates on each 512-bit message block in turn, each block modifying the
state. The processing of a message block consists of four similar stages, termed rounds;
each round is composed of 16 similar operations based on a non-linear function f,
The module allows the users of the application to view the following reports :-
1.Password for a particular user id.
2.Tabulated listing of all user account and related passwords.
16
5. OTHER NON FUNCTIONAL REQUIREMENTS
5.1Performance Requirements
No external factor influences performance as the application is standalone. Higher
memory is recommended for faster execution. However when executed from intranet or
internet good bandwidth, less congestion and shortest route to reach the server would
enhance the performance.
5.2Safety Requirements
No harm is expected from the use of the product either to the OS or any data.
5.3Product Security Requirements
The product is protected from un-authorized users from using it. The system allows only
authenticated users to work on the application. The users of the system are registered
users.
5.4Software Quality Attributes
The product is user friendly as it is developed using web pages. The application is
reliable and ensures its functioning maintaining the users and their confidential data. As it
is developed in java it is interoperable on any OS. The system requires minimum
maintenance.
17
6. SOFTWARE DESIGN
UML DIAGRAMS
USE CASE DIAGRAM:
A use case is a set of scenarios that describes an interaction between a user and a system.
A use case diagram displays the relationship among actors and use cases. The two main
components of a use case diagram are use cases and actors.
18
CLASS DIAGRAM:
A class diagram is a type of static structure diagram that describes the structure of a
system by showing the system’s classes ,their attributes and the relationships between the
classes.
19
SEQUENCE DIAGRAM:
A sequence diagram demonstrates the behavior of objects in a use case by describing the
objects and the messages they pass. The diagrams are read left to right and descending.
Sequence diagram for login:
20
Sequence diagram for change password:
21
Sequence diagram for protect data:
22
Sequence diagram for unprotect data:
23
ACTIVITY DIAGRAM:
Activity diagrams describe the workflow behavior of a system.The diagrams describe the
state of activities by showing the sequence of activities performed.
24
7. SCREENSHOTS
Home page
Fig 1
The homepage will be appeared as above
25
Fig.2
When we click on “contact us” button in the Fig 1 ,the above screen appears
displaying the contact details
26
Fig 3
When we click on register button in Fig 2 the above screen Fig 3 appears, where the user
has to fill the required fields to register himself.
27
Fig 4
The registration is successful for the user Arvind.
28
Fig 5
After registration of a user is successful, he has to login with the correct user Id and password. In this screen an invalid password is entered.
29
Fig 6
As the invalid password is entered the above screen Fig 6 is displayed.
30
Fig 7
When the correct user Id and password are provided the above screen fig 7 appears.
31
Fig 8
32
If the original password does not match with the password that is given in Fig 8,the above
screen Fig 9 appears saying that “password is mismatch, Try again”.
Fig 9
Now give the identical password.
33
Fig 10
Now the password is reset for account Arvind.
34
Fig 11
The key is generated successfully, if the given key file name doesn’t exist.
35
Fig 12
To protect the data click on “Protect Data” option, then the above screen appears where the account id should be provided giving the description of the account in the account description field and the password to protect is the password which we want to protect, the protection date will be generated automatically and the master key is the key file name that is given during the generating key and the protected file is the location given where we want to store the file.
36
Fig 13
After giving all the details the password is protected successfully.
37
Fig 14
To recover the data click on the “unprotect data” option and the above screen appears
where we need to give our account Id and master Key.
38
Fig 15
As the given master key is invalid the above screen appears.
39
Fig 16
Give the correct Master Key.
40
Fig 17
The password is recovered.
41
Fig 18
To view keys click on “view keys” option, then it gives the list of accounts that has been
created by the user with the description and key. Arvind has created an account