SlideShare a Scribd company logo

Jiit;project 2013-2014;cse;project presentation

Download as PPTX, PDF
Chakshu Sharma
Chakshu Sharma

Digital Signature

TechnologyEducation
1 of 38
Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
 Digital Signature is Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. As the public key of the signer is known, anybody can verify the message and the digital signature  Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner ] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
 In the electronic environment basic legal functions of a signature are performed by way of a method that identifies the originator of a data message and confirms that the originator approved the content of data message. This method uses the techniques of cryptography and encryption.  Public key cryptography is an asymmetric scheme that uses a pair of pair of keys for encryption. A public key, which encrypts data and a corresponding private and secret key for decryption.
 Digital signatures are based on mathematical algorithm. These require the signature holder to have two keys (one private and the public) for signing and verification. A verifiable trustworthy entity called certification authority creates and distributes signature. A digital signature is a cryptographic means through which many of these may be verified. The digital signature of a document is a piece of information based on both the document and the sign is a private key. It is typically created through the use of a hash function.  If you are sending a sensitive document, you would want the recipient of the document to know that it was from you and you would also want to ensure that the document gets to the recipient in the very same state you sent it in, without any alterations. The process of digitally signing your document would go something like this:
Why Digital Signatures? •To provide Authenticity, Integrity and Non-repudiation to electronic documents •To use the Internet as the safe and secure medium for e- Commerce and e-Governance
 Digitally signed messages may be anything represent able as a bit string: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol. A digital signature scheme typically consists of three algorithms  A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.  A signing algorithm that, given a message and a private key, produces a signature.  A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the messages claim to authenticity.• Two main properties are required. First, a signature generated from a fixed message and fixed private key should verify the authenticity of that message by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.
 The following are the main benefits of using digital signatures:  Speed: Businesses no longer have to wait for paper documents to be sent by courier. Contracts are easily written, completed, and signed by all concerned parties in a little amount of time no matter how far the parties are geographically.  Costs: Using postal or courier services for paper documents is much more expensive compared to using digital signatures on electronic documents.  Security: The use of digital signatures and electronic documents reduces risks of documents being intercepted, read, destroyed, or altered while in transit.
 Key Generation  Random Numbers  RSA Key Pair [Private/Public Key]  Digital Signature  Generate Message Digest [SHA1]  Encrypting Digest using Private Key [Signatures]  Attaching the Signatures to the message.  Verification of Signatures  Run the test for Authentication, Integrity and Non repudiation.  Digital Signature Certificate  ITU X.509 v3
Signed by using CA’s private key User Name & other credentials User’s Public key User Certificate Certificate Database Publish Certificate Request User Name User’s Public Key CA’s Name Validity Digital Signature of CA Certificate Class User’s Email Address Serial No. Key pair Generation Private Public Web site of CA User 1 certificate User 2 certificate . Public License issued by CCA
 The Private key generated is to be protected and kept secret. The responsibility of the secrecy of the key lies with the owner.  The key is secured using  PIN Protected soft token  Smart Cards  Hardware Tokens
Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non-repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
Signed Messages Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated HashMessage Sender Receiver Hash Sent thru’ Internet if OK Signatures verified
 Unit Testing  Unit testing focuses efforts on the smallest unit of software design. This is known as module testing. The modules are tested separately. The test is carried out during programming stage itself. In this step, each module is found to be working satisfactory as regards to the expected output from the module.  Integration Testing  Data can be lost across an interface. One module can have an adverse effect on another, sub functions, when combined, may not be linked in desired manner in major functions. Integration testing is a systematic approach for constructing the program structure, while at the same time conducting test to uncover errors associated within the interface. The objective is to take unit tested modules and builds program structure. All the modules are combined and tested as a whole.
 Validation Testing  At the culmination of the integration testing, Software is completely assembled as a package. Interfacing errors have been uncovered and corrected and a final series of software test begin in validation testing. Validation testing can be defined in many ways, but a simple definition is that the validation succeeds when the software functions in a manner that is expected by the customer. After validation test has been conducted, one of the three possible conditions exists.  The function or performance characteristics confirm to specification and are accepted.  A deviation from specification is uncovered and a deficiency lists is created.  Proposed system under consideration has been tested by using validation test and found to be working
 Output Testing  After performing the validation testing, the next step is output testing of the proposed system, since no system could be useful if it does not produce the required output in a specific format. The output format on the screen is found to be correct. The format was designed in the system design time according to the user needs. For the hard copy also; the output comes as per the specified requirements by the user. Hence output testing did not result in any correction for the system.  User Acceptance Testing  User acceptance of a system is the key factor for the success of any system. The system under consideration is tested for the user acceptance by constantly keeping in touch with the prospective system users at the time of developing and making changes whenever required.  This is done in regard to the following point:  Input Screen Design  Output Screen Design  Format of reports and other outputs.
 Risk Identification: We analyzed that there were several types of risks involved with our project like:  Hardware Constraint Risks like the CPU is over burdened with calculations and the system might hang.  Data Loss Risk due to hardware malfunction or failure to save the changes applied in the existing code.  Development Environment Risks due to 1 members in the group, since the modules are different, at the time of integration, more amount of time is spent than the main module itself.
 Risks Quantification: The impact of the different risks mentioned above was assessed as follows  Environment Risks: Medium probability and High Impact. Thus it can be seen as a medium risk.  Hardware Constraint Risks: Very low probability and High Impact. Thus it can be seen as a low risk.  Deliverability Risks: Very High probability and Medium Impact. Thus it can be seen as a high risk  Data Loss Risks: Medium Probability and Very high impact. High Risk  Development Environment Risks: Low Medium Probability and Medium Impact. Thus it can be seen as a medium risk.
 Risk Response: There are basically four things which can be done about a risk. It can be avoided, transferred, mitigated or accepted.  Hardware Constraint Risks: It has a very low chance of occurring but if encountered, can be avoided by CPU of good processing speed as well as sufficient free disk space at the beginning when the simulation is started.  Deliverability Risks: It has a good chance of happening and can be mitigated  Data Loss Risks : Has an average chance of occurring and can be mitigated by pushing my code on the cloud from time to time  Development Environment Risks: Nothing can be done to mitigate such risks. They just need to be accepted.
 Risk Monitoring and Control  Environment Risks: It can be controlled by properly initializing the light variables carefully.  Hardware Constraint Risks: It can be monitored by making sure of the quality of the hardware and its performance stats.  Development Environment Risks: It can be controlled by continuing with the project and completing it as much as possible.
 Integrating Windows 7, Visual Studio 2010 and the toolkits over the top of building our own class files, we encountered a good number of exceptions which we made sure would never again occur by building an accurate and time improvised property sheet for our project.  We had to resolve several errors while making our own classes and integrating them with the main program like external resolved linker error, unidentified variable identifier, unhandled exception in importing libraries and redefined functions.
 Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a computer program or a piece of electronic hardware, thus making it behave as expected.  Debugging tends to be harder when various subsystems are tightly coupled, as changes in one may cause bugs to emerge in another.  As the project is still in its development stage, debugging done was alongside code writing. Most of the times due to a silly mistake which resulted into a fatal error, the program often crashed when tried to access some attributes of an object that were not initialized.  When the models were being tested, a comparison had to be formulated. This comparison was very difficult to narrow down since the input parameters for each model are different.
 This system is provided with authentication without which no user can pass. So only the legitimate users are allowed to use the application. If the legitimate users share the authentication information then the system is open to outsiders.
 Use Case Diagram  Control Flow Diagram  Activity Diagram
 Login  Generate  Add New User  Converter  Add New User  Signing
 Small encryption exponent  Small encryption exponent and small message  Using the same key for encryption and signing  Using a common modulus for different users  Acting as an oracle
 Minimize the risk of dealing with imposter. Minimize the risk of undetected message tampering and forgery. Retains a higher degree of information security. Don't use the same RSA key for encryption and signing. Always format your input before encrypting or signing. When decrypting, check the format of the decrypted block. If it is not as expected, return an error message, not the decrypted string. Similarly, when verifying a signature, if there is any error whatsoever, just respond with "Invalid Signature".
0 5 10 15 20 25 30 35 RESEARCH IDEA AND CONCEPT STRUCTURE INTERFACE DESIGN BUILD WEBSITE TESTING NO.OF DAYS TO COMPLETE START DATE
Jiit;project 2013-2014;cse;project presentation

Recommended

Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...journalBEEI
 
2007
20072007
2007guest0f35e1
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
Ijcnc050205
Ijcnc050205Ijcnc050205
Ijcnc050205IJCNCJournal
 
dos attacks
dos attacksdos attacks
dos attacksAMAL PERUMPALLIL
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...IGEEKS TECHNOLOGIES
 
Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...eSAT Journals
 
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
 

Recommended

Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...
Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Ne...journalBEEI
 
2007
20072007
2007guest0f35e1
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
Ijcnc050205
Ijcnc050205Ijcnc050205
Ijcnc050205IJCNCJournal
 
dos attacks
dos attacksdos attacks
dos attacksAMAL PERUMPALLIL
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...IGEEKS TECHNOLOGIES
 
Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...eSAT Journals
 
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
 
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...IRJET Journal
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
Implementation of public key cryptography in kerberos with prevention 2
Implementation of public key cryptography in kerberos with prevention 2Implementation of public key cryptography in kerberos with prevention 2
Implementation of public key cryptography in kerberos with prevention 2IAEME Publication
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service laxmi chandolia
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYA REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYijasa
 
Paper1_Final
Paper1_FinalPaper1_Final
Paper1_FinalViral Savani
 
International Journal of Computational Science and Information Technology (I...
International Journal of Computational Science and Information Technology (I... International Journal of Computational Science and Information Technology (I...
International Journal of Computational Science and Information Technology (I...ijcsity
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDIJNSA Journal
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Enhancing the impregnability of linux servers
Enhancing the impregnability of linux serversEnhancing the impregnability of linux servers
Enhancing the impregnability of linux serversIJNSA Journal
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014Raleigh ISSA
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Lecture #1: Access Control : Various Cyber attacks and Latest Statistics
Lecture #1: Access Control : Various Cyber attacks and Latest StatisticsLecture #1: Access Control : Various Cyber attacks and Latest Statistics
Lecture #1: Access Control : Various Cyber attacks and Latest StatisticsDr. Ramchandra Mangrulkar
 
Ppt
PptPpt
PptNidhi Bansal
 
The Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comThe Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comKayra Obrain
 
Comptia security+ (sy0-601) exam dumps 2022
Comptia security+ (sy0-601) exam dumps 2022Comptia security+ (sy0-601) exam dumps 2022
Comptia security+ (sy0-601) exam dumps 2022SkillCertProExams
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communicationmanish kumar
 
Network Security
Network SecurityNetwork Security
Network SecurityBeth Hall
 

More Related Content

What's hot

Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...IRJET Journal
 
Implementation of public key cryptography in kerberos with prevention 2
Implementation of public key cryptography in kerberos with prevention 2Implementation of public key cryptography in kerberos with prevention 2
Implementation of public key cryptography in kerberos with prevention 2IAEME Publication
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service laxmi chandolia
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYA REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYijasa
 
International Journal of Computational Science and Information Technology (I...
International Journal of Computational Science and Information Technology (I... International Journal of Computational Science and Information Technology (I...
International Journal of Computational Science and Information Technology (I...ijcsity
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDIJNSA Journal
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Enhancing the impregnability of linux servers
Enhancing the impregnability of linux serversEnhancing the impregnability of linux servers
Enhancing the impregnability of linux serversIJNSA Journal
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014Raleigh ISSA
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Lecture #1: Access Control : Various Cyber attacks and Latest Statistics
Lecture #1: Access Control : Various Cyber attacks and Latest StatisticsLecture #1: Access Control : Various Cyber attacks and Latest Statistics
Lecture #1: Access Control : Various Cyber attacks and Latest StatisticsDr. Ramchandra Mangrulkar
 

What's hot (17)

Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
Cryptographic Countermeasure Against Prevention Of Dos and Distributed DOS A...
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Implementation of public key cryptography in kerberos with prevention 2
Implementation of public key cryptography in kerberos with prevention 2Implementation of public key cryptography in kerberos with prevention 2
Implementation of public key cryptography in kerberos with prevention 2
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
 
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYA REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
 
Paper1_Final
Paper1_FinalPaper1_Final
Paper1_Final
 
International Journal of Computational Science and Information Technology (I...
International Journal of Computational Science and Information Technology (I... International Journal of Computational Science and Information Technology (I...
International Journal of Computational Science and Information Technology (I...
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbed
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Enhancing the impregnability of linux servers
Enhancing the impregnability of linux serversEnhancing the impregnability of linux servers
Enhancing the impregnability of linux servers
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
Lecture #1: Access Control : Various Cyber attacks and Latest Statistics
Lecture #1: Access Control : Various Cyber attacks and Latest StatisticsLecture #1: Access Control : Various Cyber attacks and Latest Statistics
Lecture #1: Access Control : Various Cyber attacks and Latest Statistics
 

Similar to Jiit;project 2013-2014;cse;project presentation

The Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comThe Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comKayra Obrain
 
Comptia security+ (sy0-601) exam dumps 2022
Comptia security+ (sy0-601) exam dumps 2022Comptia security+ (sy0-601) exam dumps 2022
Comptia security+ (sy0-601) exam dumps 2022SkillCertProExams
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communicationmanish kumar
 
Network Security
Network SecurityNetwork Security
Network SecurityBeth Hall
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptxRushikeshChikane2
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerShivamSharma909
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd Iaetsd
 
Single Sign-On & Strong Authentication
Single Sign-On & Strong AuthenticationSingle Sign-On & Strong Authentication
Single Sign-On & Strong AuthenticationArun S M
 
An Identity-Based Mutual Authentication with Key Agreement
An Identity-Based Mutual Authentication with Key AgreementAn Identity-Based Mutual Authentication with Key Agreement
An Identity-Based Mutual Authentication with Key Agreementijtsrd
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...Erin Moore
 

Similar to Jiit;project 2013-2014;cse;project presentation (20)

Ppt
PptPpt
Ppt
 
The Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comThe Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.com
 
Comptia security+ (sy0-601) exam dumps 2022
Comptia security+ (sy0-601) exam dumps 2022Comptia security+ (sy0-601) exam dumps 2022
Comptia security+ (sy0-601) exam dumps 2022
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communication
 
Network Security
Network SecurityNetwork Security
Network Security
 
kasodhan2019.pdf
kasodhan2019.pdfkasodhan2019.pdf
kasodhan2019.pdf
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Security problems.pptx
Security problems.pptxSecurity problems.pptx
Security problems.pptx
 
presentation_finals
presentation_finalspresentation_finals
presentation_finals
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
 
Computer Introduction-Lecture05
Computer Introduction-Lecture05Computer Introduction-Lecture05
Computer Introduction-Lecture05
 
120 i143
120 i143120 i143
120 i143
 
Single Sign-On & Strong Authentication
Single Sign-On & Strong AuthenticationSingle Sign-On & Strong Authentication
Single Sign-On & Strong Authentication
 
An Identity-Based Mutual Authentication with Key Agreement
An Identity-Based Mutual Authentication with Key AgreementAn Identity-Based Mutual Authentication with Key Agreement
An Identity-Based Mutual Authentication with Key Agreement
 
Digital signature
Digital signatureDigital signature
Digital signature
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
 
A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Jiit;project 2013-2014;cse;project presentation

  • 1.
  • 2. Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
  • 3.  Digital Signature is Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. As the public key of the signer is known, anybody can verify the message and the digital signature  Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner ] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
  • 4.  In the electronic environment basic legal functions of a signature are performed by way of a method that identifies the originator of a data message and confirms that the originator approved the content of data message. This method uses the techniques of cryptography and encryption.  Public key cryptography is an asymmetric scheme that uses a pair of pair of keys for encryption. A public key, which encrypts data and a corresponding private and secret key for decryption.
  • 5.  Digital signatures are based on mathematical algorithm. These require the signature holder to have two keys (one private and the public) for signing and verification. A verifiable trustworthy entity called certification authority creates and distributes signature. A digital signature is a cryptographic means through which many of these may be verified. The digital signature of a document is a piece of information based on both the document and the sign is a private key. It is typically created through the use of a hash function.  If you are sending a sensitive document, you would want the recipient of the document to know that it was from you and you would also want to ensure that the document gets to the recipient in the very same state you sent it in, without any alterations. The process of digitally signing your document would go something like this:
  • 6. Why Digital Signatures? •To provide Authenticity, Integrity and Non-repudiation to electronic documents •To use the Internet as the safe and secure medium for e- Commerce and e-Governance
  • 7.
  • 8.  Digitally signed messages may be anything represent able as a bit string: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol. A digital signature scheme typically consists of three algorithms  A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.  A signing algorithm that, given a message and a private key, produces a signature.  A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the messages claim to authenticity.• Two main properties are required. First, a signature generated from a fixed message and fixed private key should verify the authenticity of that message by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.
  • 9.  The following are the main benefits of using digital signatures:  Speed: Businesses no longer have to wait for paper documents to be sent by courier. Contracts are easily written, completed, and signed by all concerned parties in a little amount of time no matter how far the parties are geographically.  Costs: Using postal or courier services for paper documents is much more expensive compared to using digital signatures on electronic documents.  Security: The use of digital signatures and electronic documents reduces risks of documents being intercepted, read, destroyed, or altered while in transit.
  • 10.  Key Generation  Random Numbers  RSA Key Pair [Private/Public Key]  Digital Signature  Generate Message Digest [SHA1]  Encrypting Digest using Private Key [Signatures]  Attaching the Signatures to the message.  Verification of Signatures  Run the test for Authentication, Integrity and Non repudiation.  Digital Signature Certificate  ITU X.509 v3
  • 11. Signed by using CA’s private key User Name & other credentials User’s Public key User Certificate Certificate Database Publish Certificate Request User Name User’s Public Key CA’s Name Validity Digital Signature of CA Certificate Class User’s Email Address Serial No. Key pair Generation Private Public Web site of CA User 1 certificate User 2 certificate . Public License issued by CCA
  • 12.  The Private key generated is to be protected and kept secret. The responsibility of the secrecy of the key lies with the owner.  The key is secured using  PIN Protected soft token  Smart Cards  Hardware Tokens
  • 13. Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non-repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
  • 14. Signed Messages Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated HashMessage Sender Receiver Hash Sent thru’ Internet if OK Signatures verified
  • 15.  Unit Testing  Unit testing focuses efforts on the smallest unit of software design. This is known as module testing. The modules are tested separately. The test is carried out during programming stage itself. In this step, each module is found to be working satisfactory as regards to the expected output from the module.  Integration Testing  Data can be lost across an interface. One module can have an adverse effect on another, sub functions, when combined, may not be linked in desired manner in major functions. Integration testing is a systematic approach for constructing the program structure, while at the same time conducting test to uncover errors associated within the interface. The objective is to take unit tested modules and builds program structure. All the modules are combined and tested as a whole.
  • 16.  Validation Testing  At the culmination of the integration testing, Software is completely assembled as a package. Interfacing errors have been uncovered and corrected and a final series of software test begin in validation testing. Validation testing can be defined in many ways, but a simple definition is that the validation succeeds when the software functions in a manner that is expected by the customer. After validation test has been conducted, one of the three possible conditions exists.  The function or performance characteristics confirm to specification and are accepted.  A deviation from specification is uncovered and a deficiency lists is created.  Proposed system under consideration has been tested by using validation test and found to be working
  • 17.  Output Testing  After performing the validation testing, the next step is output testing of the proposed system, since no system could be useful if it does not produce the required output in a specific format. The output format on the screen is found to be correct. The format was designed in the system design time according to the user needs. For the hard copy also; the output comes as per the specified requirements by the user. Hence output testing did not result in any correction for the system.  User Acceptance Testing  User acceptance of a system is the key factor for the success of any system. The system under consideration is tested for the user acceptance by constantly keeping in touch with the prospective system users at the time of developing and making changes whenever required.  This is done in regard to the following point:  Input Screen Design  Output Screen Design  Format of reports and other outputs.
  • 18.  Risk Identification: We analyzed that there were several types of risks involved with our project like:  Hardware Constraint Risks like the CPU is over burdened with calculations and the system might hang.  Data Loss Risk due to hardware malfunction or failure to save the changes applied in the existing code.  Development Environment Risks due to 1 members in the group, since the modules are different, at the time of integration, more amount of time is spent than the main module itself.
  • 19.  Risks Quantification: The impact of the different risks mentioned above was assessed as follows  Environment Risks: Medium probability and High Impact. Thus it can be seen as a medium risk.  Hardware Constraint Risks: Very low probability and High Impact. Thus it can be seen as a low risk.  Deliverability Risks: Very High probability and Medium Impact. Thus it can be seen as a high risk  Data Loss Risks: Medium Probability and Very high impact. High Risk  Development Environment Risks: Low Medium Probability and Medium Impact. Thus it can be seen as a medium risk.
  • 20.  Risk Response: There are basically four things which can be done about a risk. It can be avoided, transferred, mitigated or accepted.  Hardware Constraint Risks: It has a very low chance of occurring but if encountered, can be avoided by CPU of good processing speed as well as sufficient free disk space at the beginning when the simulation is started.  Deliverability Risks: It has a good chance of happening and can be mitigated  Data Loss Risks : Has an average chance of occurring and can be mitigated by pushing my code on the cloud from time to time  Development Environment Risks: Nothing can be done to mitigate such risks. They just need to be accepted.
  • 21.  Risk Monitoring and Control  Environment Risks: It can be controlled by properly initializing the light variables carefully.  Hardware Constraint Risks: It can be monitored by making sure of the quality of the hardware and its performance stats.  Development Environment Risks: It can be controlled by continuing with the project and completing it as much as possible.
  • 22.  Integrating Windows 7, Visual Studio 2010 and the toolkits over the top of building our own class files, we encountered a good number of exceptions which we made sure would never again occur by building an accurate and time improvised property sheet for our project.  We had to resolve several errors while making our own classes and integrating them with the main program like external resolved linker error, unidentified variable identifier, unhandled exception in importing libraries and redefined functions.
  • 23.  Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a computer program or a piece of electronic hardware, thus making it behave as expected.  Debugging tends to be harder when various subsystems are tightly coupled, as changes in one may cause bugs to emerge in another.  As the project is still in its development stage, debugging done was alongside code writing. Most of the times due to a silly mistake which resulted into a fatal error, the program often crashed when tried to access some attributes of an object that were not initialized.  When the models were being tested, a comparison had to be formulated. This comparison was very difficult to narrow down since the input parameters for each model are different.
  • 24.  This system is provided with authentication without which no user can pass. So only the legitimate users are allowed to use the application. If the legitimate users share the authentication information then the system is open to outsiders.
  • 25.  Use Case Diagram  Control Flow Diagram  Activity Diagram
  • 26.
  • 27.
  • 28.
  • 29.  Login  Generate  Add New User  Converter  Add New User  Signing
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.  Small encryption exponent  Small encryption exponent and small message  Using the same key for encryption and signing  Using a common modulus for different users  Acting as an oracle
  • 36.  Minimize the risk of dealing with imposter. Minimize the risk of undetected message tampering and forgery. Retains a higher degree of information security. Don't use the same RSA key for encryption and signing. Always format your input before encrypting or signing. When decrypting, check the format of the decrypted block. If it is not as expected, return an error message, not the decrypted string. Similarly, when verifying a signature, if there is any error whatsoever, just respond with "Invalid Signature".
  • 37. 0 5 10 15 20 25 30 35 RESEARCH IDEA AND CONCEPT STRUCTURE INTERFACE DESIGN BUILD WEBSITE TESTING NO.OF DAYS TO COMPLETE START DATE