System Design

Database Design/Data Structure Design

System Procedural Design

Input/output and Interface Design

System Architecture Design

SYSTEM DESIGNDATABASE DESIGN/DATA STRUCTURE DESIGN:Tables and Relationships: Database Tables Names and DescriptionTable NameTable Description

LoginLogin Details

CandidateBasic information about Candidates

Candidate_educationEducational details about the candidate

Cadidate_ProfessonalProfessional details about the candidate.

Candidate_addrsAddress about Candidate

CompanyCompany details

Company_Branch_addBranch details of company

PackagePackage decided by admin

Company_packagePackages held by companies

Job_AppliedApplied jobs by candidates

Job_postPosted jobs

PostPost (designation)

CategoryCategories.

AreaAreas

SateStates

CountryCountries

QuestionsSecurity questions

Citycities

ResumeResumes of candidates

Relationships:After logged in as an administrator, one can see the all details of jobseeker & recruiter placed by user and all registered user the administrator can also edit the items and the categories.Logical Description of Data:Whenever any user puts their information, the data provided by him/her goes to the _master table.

SYSTEM PROCEDURAL DESIGNMethods for Pseudo CodePseudo-code

intuitive/informal notational system Good starting point for representing algorithms in any high-level programming language.

Pseudo code is a kind of structured English for describing algorithms. It allows the designer to focus on the logic of the algorithm without being distracted by details of language syntax. At the same time, the pseudo code needs to be complete. It describes the entire logic of the algorithm so that implementation becomes a rote mechanical task of translating line by line into source code.

In general the vocabulary used in the pseudo code should be the vocabulary of the problem domain, not of the implementation domain. The pseudo code is a narrative for someone who knows the requirements (problem domain) and is trying to learn how the solution is organized.

The "structured" part of pseudo code is a notation for representing six specific structured programming constructs: SEQUENCE, WHILE, IF-THEN-ELSE, REPEAT-UNTIL, FOR, and CASE. Each of these constructs can be embedded inside any other construct. These construct represent the logic, or flow of control in an algorithm.

It has been proven that three basic constructs for flow of control are sufficient to implement any "proper" algorithm.

SEQUENCE is a linear progression where one task is performed sequentially after another.

WHILE is a loop (repetition) with a simple conditional test at its beginning.

IF-THEN-ELSE is a decision (selection) in which a choice is made between two alternative courses of action.

Although these constructs are sufficient, it is often useful to include three more constructs:

REPEAT-UNTIL is a loop with a simple conditional test at the bottom.

CASE is a multiway branch (decision) based on the value of an expression. CASE is a generalization of IF-THEN-ELSE.

FOR is a "counting" loop.

Algorithm for OperationsFOR USERSStep1 Start.Step2 First of all users will login.IF username & password = true THENLoginELSEDisplay (Error page, sorry login not valid!!!)ENDIFStep 3 Login successfully done.Step 4 The users will go to home page.Step 5 if the user want to Search JobsCASE Search Jobs to be openCondition: Fill Search Details.ENDCASEStep 6 If Search details submitted then continueProgress of caseCondition 1: view the progress of your case.Condition 2: Case idStep 7 End

Access Control & Security

The ASP.NET security model is designed to support single sign on access to application services. Component developers can specify the security requirements of a component at the method level to ensure that only users with appropriate permissions can access specific data operations. While ASP.NET provide programmatic security control, the basic role-based security Mechanism (where groups of users share specific permissions) is specified entirely at application deployment time. This provides both greater flexibility and better security control.In the project the passwords are given to each user of the Bankers Avenue and to the Admin for their login purpose. This criterion is maintained for the security of the project. For more security purpose we can provide digital signature and any other for more security.State Transition DiagramUse state diagrams to demonstrate the behavior of an object through many use cases of the system. Only use state diagrams for classes where it is necessary to understand the behavior of the object through the entire system. Not all classes will require a state diagram and state diagrams are not useful for describing the collaboration of all objects in a use case.

SYSTEM ARCHITECTURAL DESIGN

Fundamental design Concepts

A set of fundamental design concepts are evolved over the past three decades. Although the degree of interest in each concept has varied over the years, each has stood the test of time. Each provides the software designer with a foundation from which more sophisticated design methods can be applied. Fundamental design concepts provide the necessary framework for getting it right.

AbstractionAbstraction permits one to concentrate on a problem at some level of generalization without regard to irrelevant low level details, use of abstraction also permits one to work with concepts and terms that are familiar in the problem environment without having to transform them to an unfamiliar structure. Two types of abstraction are there, one is procedural abstraction and data abstraction. A procedural abstraction is a named sequence of instructions that has a specific and limited function. A data abstraction is a named collection of data that describes a data object.

ModularityModularity is the single attribute software that allows a program to be intellectually manageable. Software architecture embodies modularity, that is, software is divided into named and addressable components, called modules that are integrated to satisfy problem requirements.

Software ArchitectureSoftware Architecture alludes to the overall structure of the software and the ways in which that structure provides conceptual integrity for a system. Control hierarchy also called program structure, represents the organization of control. The tree structure used to represent the control hierarchy.

Structural Partitioning

The program structure should be partitioned both horizontally and vertically. Horizontal partitioning defines separate branches of the modular hierarchy for each major program function, Vertical partitioning called factoring, suggest that control and work should be distributes top-down in the program architecture. Top level modules should perform control functions and do little actual processing work. Modules reside low in the architecture should be the workers, performing all input, computational, an output tasks.

Data Structure

Data Structure is a representation of logical relationship among individual elements of data. Because the structure of information will invariably affects the final procedural design, data structure is very important as the program structure to the representation of the software architecture. Data structure dictates the organization, methods of access, degree of associatively, and processing alternatives for information. The organization and complexity of a data structure are limited only by the ingenuity of the designer. Scalar item array and linked list are some of the representations of the data structure.

Software ProcedureProgram structure defines control hierarchy without regard to the sequence of processing and decisions. Software procedure focuses on the processing details of each module individually. Procedure must provide a precise specification of processing, including sequence of events, exact, decision points, repetitive operations and even data organization / structure. Information hiding suggests that modules be characterized by design decisions that hide from all others. In other words, modules should be specified and designed so that information contained within module is inaccessible to other module.

Design is defining a model of the new system and continues by converting this model to a new system. The method is used to convert the model of the proposed system into computer specification. Data models are converted to a database and processes and flows to user procedures and computer programs. Design proposes the new system that meets these requirements. This new system may be built by a fresh or by changing the existing system. The detailed design starts with three activities, database design, user design and program design. Database design uses conceptual data model to produce a database design. User procedure design uses those parts of the DFD outside the automation boundary to design user procedures.

Our system design includes mainly the design of the UML diagrams and constructing the code. The code construction and its description are also given as separate topic. System design may also include the data flow diagrams (DFD) which models a system by using external entities from which data flows to a process, which transforms the data and creates output data flows which go to other processes or external entities or data stores. Stored data may also flow to processes as inputs. The main merit of DFD is that it can provide an overview of what data a system would process, what transformation of data are done, what data are stored and which stored data are used, and where the results flow. The graphical representation of the system makes it a good communication tool between user and an analyst on the one hand and the analyst and the system designer on the other hand.

DFD is mainly used for the representation of the dataflow in the system, which uses database for the storing and retrieving the data. But as our system doesnt use any database, we havent provided any data flow diagram here.

Component Diagram

The component diagram contains components and dependencies. Components represent the physical packaging of a module of code. The dependencies between the components show how changes made to one component may affect the other components in the system.

Dependencies in a component diagram are represented by a dashed line between two or more components. Component diagrams can also show the interfaces used by the components to communicate to each other.

Figure of Component DiagramDeployment DiagramDeployment and component diagram combines the features of both diagrams into one diagram.

The deployment diagram contains nodes and connections. A node usually represents a piece of hardware in the system. A connection depicts the communication path used by the hardware to communicate and usually indicates a method such as TCP/IP.

Web Server DBWeb pages UIMS SQL Server 2005

Figure of Deployment Diagram

6. Implementation Planning & Details

Implementation Environment

Program/Modules Specification

Security Features

Coding Standards

Sample Coding

Implementation EnvironmentSince we have developed a web application which will definitely be a multi-user application.Factors ConsideredBefore developing a internet or intranet website, it is a worthwhile to explore the differences between the two, as well as the issues related to developing the internet and intranet websites. The next two sections, Internet website development and Intranet website development discuss internet and intranet web development as they related to the following topics:

Bandwidth availabilityOne major difference between internet and intranet websites is bandwidth available to users browsing the websites. Most internet users are connected to the internet via relatively slow POTS ( Plain Old Telephone Service ) modem links. Information published on an internet websites should deoptimized for transmittal over low bandwidth internet connections.

Server Latency:

Server latency must be addressed when deploying a website on the internet. Web servers are no longer used exclusively to publish static content on the internet. Increasingly, web servers are using server side applications to create dynamic content. Although a 486DX2/66 computer can saturate a T1 connection with static content, the situation changes dramatically when the same computer has to process database

query and execute server side applications to fulfill http requests. Use windows NT Performance monitor top detect bottlenecks and other server latency issues. Although the performance of your server can be enhanced by adding more RAM , if CPU usage is high, you will have to upgrade your server to a multiprocessor server.

SCOPE OF NETWORK:

Taking to account, the scope of your network when setting up your web server. Confidential information that should remain only within your organization should not be published from a server that accessible via internet.

Platform Compatibility:-The internets consist of a wide variety of hardware platforms and operating systems. When publishing information, platform compatibility should be taken into a account to ensure that information published at your web site is accessible to a wide variety of users. When users need to use a special helper application to view a file at your website, provide URLs for downloading helper application that run on several platforms. At minimum, windows and Macintosh users should be able to view information publish at your website as should those who use widely used flavors of UNIX. Security:-

While an internet web site is accessible primarily to select individuals, an internet web site is accessible to millions of users all over the world. Never use clear text passwords to protect sensitive information distributed to and from an internet websites. When distributing sensitive information via the internet, configure your website to encrypt the data. See chapter 20 , Security , of volume 2 of this kit(Windows NT internet and intranet administration) for more information about internet security encryption.

Scope of audience:-

The internet consists of a very diverse group of users. When developing an internet website, consider the scope of your audience. For example, if the targeted audience of your website is not very technically inclined, do not assume your users use the latest version of internet explorer or Netscape navigator, and do not assume that they have helper application installed on their systems.

SECURITY FEATURES

We have used ASP.NET developer platform. We have used inbuilt security of .Net .ASP.NET, in conjunction with Microsoft internet information services (IIS) , can authenticate users credential such as names and passwords using any of following authentication methods. Windows: basic, digest, integrated windows authentication ( NTLM or Kerberos). Forms authentication, in which your login page and manage authentication in your application. Microsoft passport authentication. Client certificate authentication

ASP.NET controls access to site information by comparing authenticated credential, or representations of them, to NTFS file system permissions or an XML file that lists authorized users, authorized roles (group) or authorized http verbs .

ASP.NET membership gives you a built in way to validate and store user credential. ASP.NET membership therefore helps you to manage user authentication in your web sites. You can use ASP.NET membership with ASP.NET forms authentication or with the ASP.NET login controls to create a complete system for authenticating users.

ASP.NET membership supports facilities for : Creating new users and passwords Storing membership information like username, password, supporting data in Microsoft SQL server, Active directory or alternative data sotres. Authenticating users who visit your website. You can authenticate users programmatically, or you can use the ASP.NET T login controls to create a complete authentication system that requires a little or no code. Managing a password, that includes creating, changing, and resetting them. Depending on membership options you choose, the membership system can also provide an automated password-reset system that takes a user supplied questions and response. Exposing a unique identification for authenticated users that you can use in your own applications and that also integrates with the ASP.NET personalization and role management system. Specifying a custom membership provider, which allows you to substitute your own code to manage membership and maintain membership data in a custom data store.

MEMBERSHIP, ROLES AND USER PROFILES

Although the membership is self standing feature in ASP.NET for authentication, it can be integrated with ASP.Net role management to provide authorization services for your site. Membership can also be integrated with user profile to provide application specific customization that can be tailored individual user.How membership works?To use membership, you must first configure it for your site, in outline you follow these steps:

1. Specify membership options as a part of your website configuration. By default , membership is enabled. You can also specify what membership provider you want to use. (In practical terms, this means that you are specifying what type of database you want to keep membership information). The default provider uses a Microsoft SQL server database. You can also choose to use active directory to store membership information or you can specify a custom provider. For information on membership configuration option that can be specified in web config file for your ASP.Net application.

2. Configure your application to use forms authentication ( as distinct from Windows or Passport authentication). You typically specify that some pages or folders in your application are protected and are accessible only to authenticated users.

3. Define user accounts for membership. You can do this in a variety of ways. You can use the Web Site Administration Tool, which provides a wizard-like interface for creating new users ASP.NET web page where you collect a username and password ( and optionally an e-mail address), and then use a membership function named Create User to create a new user in the membership function.

If you are login controls, they will automatically use the membership system to validate a user. If you have created a login form by hand, you can prompt the user for a user name and password and then call the validate user method to perform the validation. After the user is validated, information about the user can be persisted ( for example, with an encrypted cookie if the users browser accepts cookies) using forms authentication. The login controls perform this task automatically. If you have created a login form by hand, you can call methods of the Forms authentication class to create the cookie and write it to the users computer. If a user has forgotten his or her password, the login page can call membership functions that help the user remember the password or create a new one.

Each time the user requests another protected page, ASP.NET forms authentication checks, whether the user is authenticated and then either allows the user to view the page or redirects the user to the login page. By default, the authentication cookie remains valid for the users session.After a user has been authenticated, the membership system makes available an object that contains information about the current user. For example, you can get properties of the membership user object to determine the users name and e-mail address, when the user last logged into your application, and so on.

An important aspect of the membership system is that you never need to explicitly perform any low level database functions to get or set user information. For example, you create a new user by calling the membership called Create user method . The membership system handles the details of creating the necessary database records to store the user information. When you call the Validate user method to check the users credentials, the membership system does all the database lookup for you.Secure Membership ConfigurationThe membership feature is enabled by default for ASP.NET applications and can not be disabled. The default configuration settings are set to the most secure values. For information about membership configuration settings and their default values, see membership element (ASP.NET Setting Schema). You should set the requires Questions and Answers attribute to true, especially where enable Password Reset or enable Password Retrieval is likewise true.Secure Membership ConfigurationWhen storing sensitive information in a configuration file for an application, you should encrypt the sensitive values using Protected Configuration. Information that is especially sensitive includes the encryption keys stored in the machine key configuration element and connection strings to a data stored in the connection strings configuration element.

Secure Encryption Keys and HashingIt is highly recommended that you encrypt user passwords in the membership data source using a password Format attribute set to Hashed or Encrypted, where Hashed is the most secured format. The encryption key values for the specified encryption algorithm are stored in the machine key configuration element. For strong encryption, specify an encryption key and specify the IsolateApps option with key.You can set the machine configuration on a host server to deny applications from overriding configuration settings. This includes denying the ability for encryption keys to be redefined in the Web. Config file for applications.

Securing Connections to a membership Data SourceConnection StringsTo keep the connection to your database server secure, you should encrypt connection-string information in the configuration using Protected Configuration.Connecting to SQL server using Integrated SecurityYou should connect to computers running SQL server using integrated security to avoid the possibility of your connection string being compromised and your user id and password being exposed. When you specify a connection that uses Integrated Security to connect to a computer running SQL server, the membership feature reverts to the identity of the process. You should ensure that the identity of the process running ASP.NET ( for example , the application pool) is the default process account or a restricted user account.SQL Server Express Worker Process IdentitySQL Server Express 2005 includes a new mode of operation where it can start a worker process running as the identity of the connecting user. This capability is referred to as run as faster mode. Although this mode of operation is suitable for desktop development while using IIS, starting worker processes is not appropriate on Web servers hosting multiple, untrusted customer code bases. Shared hosting servers that contain applications that do not trust each other should explicitly disable the run as user functionality. This functionality can be turned off by connecting to the SQL Express instance.Secure Web Pages that Use MembershipApplication pages that work with sensitive data, such as logon pages, should be secured using standard Web-Security mechanisms. These include measures such as using Secured Socket Layer (SSL) and requiring that users be logged on to carry out sensitive operations like updating user information or deleting users.Additionally, pages should not expose sensitive feature data such as passwords and in some cases user names, in clear text. Ensure that pages that display such information make use of SSL and are available only to authenticated users. Also, avoid storing sensitive feature data in cookies or sending it across insecure connections.Securing Against Denial of Service AttacksMethods that perform updates or large search operations can reduce the responsiveness of your membership data source if called concurrently by a number of clients. To reduce exposure to a denial of service attack, restrict access to ASP.NET pages that use methods that perform database updates or searches to administrative users, and expose only ASP.NET pages that provide validation and password management for general use.

CODING STANDARDS

Rules for building High Performance Code

We have got the following rules for creating high-performance software.

Know where you are going (understand the objective of the software).

Make a big map (have an overall program design firmly in the mind, so the various parts of the program and the data structures work well together).

Make lots of little maps (design an algorithm for each separate part of the overall design).

Know the territory (understand exactly how the computer carries out each task).

Know when it matters (identify the portions of your programs where performance matters, and dont waste your time optimizing the rest).

Always consider the alternatives (dont get stuck on a single approach; odds are theres a better way, if you are clever and inventive enough).

Know how to turn on the juice (optimize the code as best you know how when it does matter).