Why Teams call analytics are critical to your entire business
Step4 managementsendsorderw
1. SENIOR PROJECT 2007-2008
(Step#4 of the ekoSign project)
8. Management Sends Order to the
Warehouse
Developing Application that Uses XML
Signatures
Project team members
Hüseyin Çakır, Mehmet Mesut Özışık, Yılmaz Kaya
Abstract: Fourth step of the application which is management sends order to the warehouse. This phase
includes XML document signatures, encryption of informations at XML, verifying XML signatures and
decrypting encrypted XML data.
Keywords: Management sends order to the warehouse, XML Signature and Encryption.
http://groups.google.com/group/digitalsignature
digitalsignature@googlegroups.com
PRINT DATE: 05/06/08
1
2. 8.1 Introduction
This documentation is related with the construction phase of the project. Management sends order
to the warehouse is one of the parts of construction phases and the series of iterations of the system
are implemented and an executable release of the step is developed. The implementation of this step
is built according to the use case diagrams and use case by text. Figure 8.1 shows the steps of the
unified process and which step the project plan paper belongs to.
Inception
1.Introduction
2.Project Plan
3.Basic Concepts
Elaboration
4.Scenario
Construction
Transition
5.CSorder
6.SDSorderW
7.SDSorderM
8.MSorderW
Figure 8.1 Steps of Unified Process.
8.2 Management Sends Order to the Warehouse
Management receives an order from SD indicating that 1500 units of product worth of 100000$ are
needed on 21.02.2008 at 10:00. Since the cost of order is higher than 50000$, management is
authorized to sign order and send to the Warehouse (Figure 8.2).
Figure 8.2 Scenario.
2
3. SIGNATURES: CUSTOMER, SALES DEPARTMENT, MANAGEMENT
1500 units of product worth of 100000$ are needed on 21.02.2008 at 10:00.
XML DOCUMENT THAT CUSTOMER SENDS TO THE SALES DEPARTMENT: A sample XML includes
customer's signature, sales department signature, management signature and
encrypted order information.
<order>
<!-ENCRYPTED ORDER INFORMATION-->
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"
Encrypted Customer Order
Type="http://www.w3.org/2001/04/xmlenc#Element">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>rsaKey</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>NpXleAAvjsx/afFGVFM3jKDk/Dj2prknl1eXcf7+gveP7+2pa26ILGlAPV0NTFLkQxTwHSfhk
V4y0PMr7xPNQ9a8qNcsN7MPSl45OoTE0l7yJD5jD0462rlXmCwEVdgZi3Oi0LA2dto/SxCSKicxbiBIeZl1iWctRo
WfkrzgKkw=</CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>gn4aaCOi/5P2+k5HHJ2vzMltSXt6O2+SMiNXFCn8mq/fHvRxwqqSBeejPiEpI4iXg/u0AhKz2jlN
EPqbnMB17EfT81DiW5VYAPssA8NM
+cmdccTotWtj32EnOqIJNVsanPl4i/RsXFwL6a7K2YIHe6l0Tewwyj3ZWSSzHbq1c2GsGi0qBAXe1vsRrDr1cmW/C
rbJDW70YzMuoVS8IysYgm9n96Wo/dTyaGPl+fG
+Cs5KAZyDZRRSP9CXDJ38WZGGRfdQCnvhf8ztG8CuB9mruK56mtjz9rV3HkqM2etLDzcbXmkeyAErSJrS4W5n
zw7NkbZOMht2JdTN+XhcTrS2GA==</CipherValue>
</CipherData>
</EncryptedData>
<!-SALES DEPARTMENT MESSAGE-->
<salesDept Id="s">Cost is higher than 50000$, the confirmation
management.</salesDept>
<!-MANAGEMENT MESSAGE-->
<management Id="m">1500 units of product is required.</management>
<!-SIGNATURE OF CUSTOMER-->
needed
from
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> Signature #1: Customer
<Reference URI="#c">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>VSh4kpOimvsxdy2hpfnozUZrL+Q=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>ScVHcqcvXt3/mfB6CVKOGG5DcFvt/30Cc9LwabCpebDCHiXtA
+bsx6AUnd1c9g6VPxrgClynopWqd9fQYBNy7e1DzOnLSn/Ya8Bzfe3SaMsTS7Xw8jmJRjTMJEsWGrEX1d/zdpa4s
5H4A0i5FNXDlrXkhO3NpS5bffD1C9CJIjw=</SignatureValue>
</Signature>
3
5. 8.3 Use Case Diagram of Management Sends Order to Warehouse
Figure 8.3 represents Management sending the document to the warehouse and Use case text of the
diagram is shown in Figure 8.4.
Use Case Title
Figure 8.3 Use Case Diagram of Management sending order.
:Management sending order to the warehouse
Primary Actor
:Management
Precondition
:Management must validate the previous signatures
Success Guarantee :Company Policy applied and order sent to the authorized
department
Trigger
:Management receives order from sales department
Main Success Scenario:
1. Page loaded to the management staff computer.
2. Management verifies the company policy.
3. After validation the order will be sent to the warehouse.
Figure 8.4 Use Case by Text for Management Sends Order.
5
6. 8.4 Class Diagram of Sales Department Applies Policy and Sends Order
This step uses six classes which are “signature”, “verifySignature”, “encryption”, “decryption”,
“customer” and “order”.
“signature” class includes a method “SignXml” that sign XML document and attach the signature
to the document in a <Signature> element. The method creates an cryptographic signing key, adds
the key to a secure key container, and then uses the key to digitally sign an XML document. The
key can then be retrieved to verify the XML digital signature, or be used to sign another XML
document.
“encryption” class has a method “Encrypt” that encrypts an XML element using two keys. It
generates a cryptographic public/private key pair and saves the key pair to a secure key container.
The method then creates a separate session key using a cryptographic algorithm. The method uses
the session key to encrypt the XML document and then uses the public key to encrypt the session
key. Finally, the method saves the encrypted session key and the encrypted XML data to the XML
document within a new <EncryptedData> element.
“customer” class stores two different attributes and “order” class that stores four different attributes
that is used to get data from the user interface. This class's attributes encrypted by “Encryption”
class that uses “encrypt” method to safely send data to the Company Sales Department.
Figure 8.5 Class Diagram of Sales Department Receives Order and Applies Policy .
6
7. 8.5 Sequence & Collaboration Diagrams of Management Sends Order to the
Warehouse
Sequence Diagram shows the interactions between objects to perform critical pieces of use case
behavior in time-ordered manner. Sequence Diagram for Step#1 of the project developed in Figure
8.6 is developed from the class diagram in Figure 8.5.
Figure 8.6 Sequence Diagram of Management Sends Order to the Warehouse.
7
8. Collaboration Diagram that shows the interactions between objects to perform critical pieces of the
use case behavior is developed in Figure 8.7.
Figure 8.7 Collaboration Diagram of Management Sends Order to the Warehouse.
8
9. 8.6 User Interfaces
Figure 8.8 represents an interface that is used by management staff to view and send orders to the
warehouse.
Figure 8.8 Management Interface for Displaying Orders Received.
9