Nymble:Blocking misbehaving users in annoying networks(Link)

Nymble: Blocking Misbehaving Users
in Anonymizing Networks
A Major Project Submitted in Partial Fulfillment of the Requirements for the
degree of Bachelor of Technology in Information Technology
SUBMITTED BY
SANDESH KUMAR
REG.No. 11089E070
S. VIJAY
REG.No. 11089E087
GUIDED BY
N. KUMARAN M.Tech.
Assistant Professor
Department of Information Technology
SCSVMV University
DEPARTMENT OF INFORMATION TECHNOLOGY
SRI CHANDRASEKHARENDRA SARASWATHI
VISHWA MAHAVIDYALAYA
UNIVERSITY
APRIL 2012

Sri Chandrasekharendra Saraswathi Viswa MahaVidyalaya
University
Enathur, Kanchipuram – 631 561
BONAFIDE CERTIFICATE
Certified that this Project Entitled Nymble: Blocking Misbehaving Users in
Anonymizing Networks is the bonafied work carried out by Mr. SANDESH
KUMAR Reg.No 11089E070 and Mr. S.VIJAY Reg.No. 11089E087 during the
academic year 2012. It is certified that all the corrections/suggestion indicated for
internal assessment have been incorporated.
N. KUMARAN M.Tech. R. Manickavasagam M.S
Assistant Professor Head of Department
Department of Information Technology Department of Information Technology
SCSVMV University SCSVMV University
Submitted for the Project examination held on ___March 2012_____________
Place : Kanchipuram.

ACKNOWLEDGEMENT
The successful completion of my project can be attributed to the combined
efforts made by me and the contribution made in one form or other by the individuals.
First and foremost I thank God Almighty for giving me all strength, courage and
blessings to design and complete this project. I wish to extend my sincere gratitude to
our Head of the Information Technology Department, Mr. R.Manickavasagam. I also
thank him for his sincere help and support. Words fail to thank adequately our project
guide Mr.N.Kumaran who gave me all supports and helped me to clear all confusions
regarding the project. And last but not the least; I thank my family members and my
friends for providing me moral support to achieve my goal.

TABLE OF CONTENTS
Chapter No. Title Page No.
ABSTRACT I
LIST OF TABLES III
LIST OF FIGURES IV
LIST OF ABBREVIATION V
1. Introduction 1
1.1 Objective 2
1.2 About the organization 3
2. System Planning and Requirements
2.1 System analysis 5
2.2 Feasibility study 9
2.3 Software and Hardware Requirements 11
2.4 Functional Requirements 12
2.5 Non Functional Requirements 12
2.6 Pseudo Requirements 12
2.7 Literature survey 13
2.8 Modules Description 14
3. System Design
3.1 Data Flow Diagram 17
3.2 Control Flow Diagram 22
3.3 Database Design 25
4. System implementation
4.1 Process Specification 27
4.2 Techniques and Algorithms used 29
4.3 Sample Coding 30
4.4 Technology Description 50
5. Reports
5.1 Sample Screens 67
6. Testing 77
7. Conclusion 82
8. Scope for further Development 84
9. References 86

1.1 OBJECTIVE
Anonymizing networks such as route traffic through independent nodes in
separate administrative domains to hide a client’s IP address. Unfortunately, some
users have misused such networks—under the cover of anonymity, users have
repeatedly defaced popular Web sites such as Wikipedia. Since Web site
administrators cannot blacklist individual malicious users’ IP addresses, they blacklist
the entire anonymizing network.
Such measures eliminate malicious activity through anonymizing networks at the cost
of denying anonymous access to behaving users. In other words, a few “bad apples”
can spoil the fun for all. (This has happened repeatedly with Tor.1) There are several
solutions to this problem, each providing some degree of accountability. In
pseudonymous credential systems users log into Web sites using pseudonyms, which
can be added to a blacklist if a user misbehaves. Unfortunately, this approach results in
pseudonymity for all users, and weakens the anonymity provided by the anonymizing
network.
Anonymous credential systems employ group signatures. Basic group signatures allow
servers to revoke a misbehaving user’s anonymity by complaining to a group manager.
Servers must query the group manager for every authentication, and thus, lacks
scalability. Traceable signatures allow the group manager to release a trapdoor that
allows all signatures generated by a particular user to be traced; such an approach does
not provide the backward unlinkability that we desire, where a user’s accesses before
the complaint remain anonymous. Backward unlinkability allows for what we call
subjective blacklisting, where servers can blacklist users for whatever reason since the
privacy of the blacklisted user is not at risk.
Further, approaches without backward unlinkability need to pay careful attention to
when and why a user must have all their connections linked, and users must worry
about whether their behaviors will be judged fairly. Subjective blacklisting is also
better suited to servers such as Wikipedia, where misbehaviors such as questionable
edits to a Webpage, are hard to define in mathematical terms.

In some systems, misbehavior can indeed be defined precisely. For instance, double
spending of an “e-coin” is considered a misbehavior in anonymous e-cash systems
following which the offending user is deanonymized. Unfortunately, such systems
work for only narrow definitions of misbehavior—it is difficult to map more complex
notions of misbehavior onto “double spending” or related approaches.
Verifier-local revocation (VLR) fixes this shortcoming by requiring the server
(“verifier”)to perform only local updates during revocation. Unfortunately,
VLRrequires heavy computation at the server that is linear in the size of the blacklist.
For example, for a blacklist with 1,000 entries, each authentication would take tens of
seconds,2 a prohibitive cost in practice. In contrast, our scheme takes the server about
one millisecond per authentication, which is several thousand times faster than VLR.
1.2 ABOUT THE ORGANIZATION
Sri Chandrasekharendra Saraswathi Viswa Mahavidyalaya, formed under the
aegis of Sri Kanchi Kamakoti Peetam Charitable Trust in 1993, is located in a
sprawling complex of 50 acres at Enathur, at a distance of about 4 Kilometres from
Kanchipuram. The University has a campus in Poonamalle, Chennai, housing an
ayurveda College, research centre and hospital. The University has a unique focus on
integrating traditional knowledge with modern scientific practices with a global
outlook.

2. SYSTEM PLANNING
AND REQUIREMENTS

2.1 PROBLEM DEFINITION
Dynamic accumulators a revocation operation results in a new accumulator and
public parameters for the group, and all other existing users’ credentials must be
updated, making it impractical. Verifier-local revocation (VLR) fixes this shortcoming
by requiring the server (“verifier”) to perform only local updates during revocation.
Unfortunately,VLRrequires heavy computation at the server that is linear in the size of
the blacklist. For example, for a blacklist with 1,000 entries, each authentication would
take tens of seconds,2 a prohibitive cost in practice.
2.2 EXISTING SYSTEM
Existing users’ credentials must be updated, making it impractical. Verifier-
local revocation (VLR) fixes this shortcoming by requiring the server (“verifier”) to
perform only local updates during revocation. Unfortunately, VLR requires heavy
computation at the server that is linear in the size of the blacklist.
2.3 LIMITATIONS OF EXISTING SYSTEM
Anonymous authentication, backward unlinkability, subjective blacklisting, fast
authentication speeds, rate-limited anonymous connections, revocation auditability
(where users can verify whether they have been blacklisted), and also addresses the
Sybil attack to make its deployment practical.

2.4 PROPOSED SYSTEM
We present a secure system called Nymble, which provides all the following
properties: anonymous authentication, backward unlinkability, subjective blacklisting,
fast authentication speeds, rate-limited anonymous connections, revocation auditability
(where users can verify whether they have been blacklisted), and also addresses the
Sybil attack to make its deployment practical In Nymble, users acquire an ordered
collection of nymbles, a special type of pseudonym, to connect to websites. Without
additional information, these nymbles are computationally hard to link,and hence using
the stream of nymbles simulates anonymous access to services.
Websites, however, can blacklist users by obtaining a seed for a particular nymble,
allowing them to link future nymbles from the same user — those used before the
complaint remain unlinkable. Servers can therefore blacklist anonymous users without
knowledge of their IP addresses while allowing behaving users to connect
anonymously. Our system ensures that users are aware of their blacklist status before
they present a nymble, and disconnect immediately if they are blacklisted. Although
our work applies to anonymizing networks in general, we consider Tor for purposes of
exposition. In fact, any number of anonymizing networks can rely on the same Nymble
system, blacklisting anonymous users regardless of their anonymizing network(s) of
choice
Fig 2.2.1 overview of the system

• Blacklisting anonymous users. We provide a means by which servers can blacklist
users of an anonymizing network while maintaining their privacy.
• Practical performance. Our protocol makes use of inexpensive symmetric
cryptographic operations to significantly outperform the alternatives.
• Open-source implementation. With the goal of contributing a workable system, we
have built an open source implementation of Nymble, which is publicly available. We
provide performance statistics to show that our system is indeed practical.
2.5 ADVANTAGES OF PROPOSED SYSTEM
We present a secure system called Nymble, which provides all the following
properties: anonymous authentication, backward unlinkability, subjective blacklisting,
fast authentication speeds, rate-limited anonymous connections, revocation auditabi
lity (where users can verify whether they have been blacklisted), and also addresses the
Sybil attack to make its deployment practical In Nymble, users acquire an ordered
collection of nymbles, a special type of pseudonym, to connect to websites. Without
additional information, these nymbles are computationally hard to link,and hence using
the stream of nymbles simulates anonymous access to services.

PROCESS FLOW DIAGRAMS FOR PROPOSED SYSTEM
Fig 2.2.3 architecture of the system design
Website servers
Tor( the onion router)
User login and signup
Pseudo manager
Nymble manager
4. Linking
window
communication
3. Nimble ticket
generation
2. System
setup
5. Blacklist update ,
server registration and
complaining
User
registra
tion
6.
Server
access

2.2 FEASIBILITY STUDY
The feasibility of the project is analyzed in this phase and business proposal is put
forth with a very general plan for the project and some cost estimates. During system
analysis the feasibility study of the proposed system is to be carried out. This is to
ensure that the proposed system is not a burden to the company. For feasibility
analysis, some understanding of the major requirements for the system is essential.
Three key considerations involved in the feasibility analysis are
♦ ECONOMICAL FEASIBILITY
♦ TECHNICAL FEASIBILITY
♦ SOCIAL FEASIBILITY
2.2.1 ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be justified.
Thus the developed system as well within the budget and this was achieved because
most of the technologies used are freely available. Only the customized products had
to be purchased.
2.2.2 TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or null
changes are required for implementing this system.
2.3.3 SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the user.
This includes the process of training the user to use the system efficiently. The user
must not feel threatened by the system, instead must accept it as a necessity. The level

of acceptance by the users solely depends on the methods that are employed to educate
the user about the system and to make him familiar with it. His level of confidence
must be raised so that he is also able to make some constructive criticism, which is
welcomed, as he is the final user of the system.

2.3 HARDWARE AND SOFTWARE REQUIREMENTS
2.3.1 HARDWARE REQUIREMENTS
• System : Pentium IV 2.4 GHz.
• Hard Disk : 40 GB.
• Floppy Drive : 1.44 Mb.
• Monitor : 15 VGA Colour.
• Mouse : Logitech.
• Ram : 512 Mb.
2.3.2 SOFTWARE REQUIREMENTS
• Operating system : Windows XP.
• Coding Language : JDK 1.6
• Tools : Eclipse 3.3

2.4 FUNCTIONAL REQUIREMENTS
Functional requirements specify which output file should be produced from
the given file they describe the relationship between the input and output of the
system, for each functional requirement a detailed description of all data inputs and
their source and the range of valid inputs must be specified.
2.5 NON FUNCTIONAL REQUIREMENTS
Describe user-visible aspects of the system that are not directly related with
the functional behavior of the system. Non-Functional requirements include
quantitative constraints, such as response time (i.e. how fast the system reacts to user
commands.) or accuracy ((.e. how precise are the systems numerical answers.)
2.6 PSEUDO REQUIREMENTS
The client that restricts the implementation of the system imposes these
requirements. Typical pseudo requirements are the implementation language and the
platform on which the system is to be implemented. These have usually no direct
effect on the users view of the system.

2.7 LITERATURE SURVEY
Literature survey is the most important step in software development process.
Before developing the tool it is necessary to determine the time factor, economy n
company strength. Once these things r satisfied, ten next steps are to determine which
operating system and language can be used for developing the tool. Once the
programmers start building the tool the programmers need lot of external support. This
support can be obtained from senior programmers, from book or from websites. Before
building the system the above consideration r taken into account for developing the
proposed system.
To limit the number of identities a user can obtain (called the Sybil attack [19]),
the Nymble system binds nymbles to resources that are sufficiently difficult to obtain
in great numbers. For example, we have used IP addresses as the resource in our
implementation, but our scheme generalizes to other resources such as email addresses,
identity certificates, and trusted hardware. We address the practical issues related with
resource-based blocking in Section 8, and suggest other alternatives for resources. We
do not claim to solve the Sybil attack. This problem is faced by any credential system
[19], [27], and we suggest some promising approaches based on resource-based
blocking since we aim to create a real-world deployment. The user must first contact
the Pseudonym Manager (PM) and demonstrate control over a resource; for IP-address
blocking, the user must connect to the PM directly (i.e., not through a known
anonymizing network), as shown.
We assume the PM has knowledge about Tor routers, for example, and can
ensure that users are communicating with it directly.6 Pseudonyms are
deterministically chosen based on the controlled resource, ensuring that the same
pseudonym is always issued for the same resource. Note that the user does not disclose
what server he or she intends to connect to, and the PM’s duties are limited to mapping
IP addresses (or other resources) to pseudonyms. As we will explain, the user contacts
the PM only once per linkability window (e.g., once a day).

2.8 MODULES DESCRIPTION
2.9.1. NYMBLE MANAGER
Servers can therefore blacklist anonymous users without knowledge of their IP
addresses while allowing behaving users to connect anonymously. Our system ensures
that users are aware of their blacklist status before they present a nymble, and
disconnect immediately if they are blacklisted. Although our work applies to
anonymizing networks in general, we consider Tor for purposes of exposition. In fact,
any number of anonymizing networks can rely on the same Nymble system,
blacklisting anonymous users regardless of their anonymizing network(s) of choice.
2.9.2. PSEUDONYM MANAGER
The user must first contact the Pseudonym Manager (PM) and demonstrate
control over a resource; for IP-address blocking, the user must connect to the PM
directly (i.e., not through a known anonymizing network), ensuring that the same
pseudonym is always issued for the same resource.
2.9.3. BLACKLISTING A USER
Users who make use of anonymizing networks expect their connections to be
anonymous. If a server obtains a seed for that user, however, it can link that user’s
subsequent connections. It is of utmost importance, then, that users be notified of their
blacklist status before they present a nymble ticket to a server. In our system, the user
can download the server’s blacklist and verify her status. If blacklisted, the user
disconnects immediately.
IP-address blocking employed by Internet services. There are, however, some
inherent limitations to using IP addresses as the scarce resource. If a user can obtain
multiple addresses she can circumvent both nymble-based and regular IP-address
blocking. Subnet-based blocking alleviates this problem, and while it is possible to
modify our system to support subnet-based blocking, new privacy challenges emerge;
a more thorough description is left for future work.

2.9.4. NYMBLE-AUTHENTICATED CONNECTION
Blacklistability assures that any honest server can indeed block misbehaving
users. Specifically, if an honest server complains about a user that misbehaved in the
current linkability window, the complaint will be successful and the user will not be
able to “nymble-connect,” i.e., establish a Nymble-authenticated connection, to the
server successfully in subsequent time periods (following the time of complaint) of
that linkability window.
Rate-limiting assures any honest server that no user can successfully nymble-
connect to it more than once within any single time period. Non-frameability
guarantees that any honest user who is legitimate according to an honest server can
nymble-connect to that server. This prevents an attacker from framing a legitimate
honest user, e.g., by getting the user blacklisted for someone else’s misbehavior. This
property assumes each user has a single unique identity.
When IP addresses are used as the identity, it is possible for a user to “frame” an
honest user who later obtains the same IP address. Non-frameability holds true only
against attackers with different identities (IP addresses).
A user is legitimate according to a server if she has not been blacklisted by the
server, and has not exceeded the rate limit of establishing Nymble-connections. Honest
servers must be able to differentiate between legitimate and illegitimate users.
Anonymity protects the anonymity of honest users, regardless of their
legitimacy according to the (possibly corrupt) server; the server cannot learn any more
information beyond whether the user behind (an attempt to make) a nymble-connection
is legitimate or illegitimate

3.1 Data Flow Diagram
 The DFD is also called as bubble chart. It is a simple graphical formalism that
can be used to represent a system in terms of the input data to the system,
various processing carried out on these data, and the output data is generated by
the system
 The data flow diagram (DFD) is one of the most important modeling tools. It is
used to model the system components. These components are the system
process, the data used by the process, an external entity that interacts with the
system and the information flows in the system.
 DFD shows how the information moves through the system and how it is
modified by a series of transformations. It is a graphical technique that depicts
information flow and the transformations that are applied as data moves from
input to output.
 DFD is also known as bubble chart. A DFD may be used to represent a system
at any level of abstraction. DFD may be partitioned into levels that represent
increasing information flow and functional detail.

NOTATION
SOURCE OR DESTINATION OF DATA
External sources or destinations, which may be people or organizations or other
entities.
DATA SOURCE
Here the data referenced by a process is stored and retrieved.
PROCESS
People, procedures or devices that produce data. The physical component is not
identified.
DATA FLOW
Data moves in a specific direction from an origin to a destination. The data flow is a
“packet” of data.
MODELING RULES
There are several common modeling rules when creating DFDs:
1. All processes must have at least one data flow in and one data flow out.
2. All processes should modify the incoming data, producing new forms of
outgoing data.
3. Each data store must be involved with at least one data flow.
4. Each external entity must be involved with at least one data flow.
A data flow must be attached to at least one process.

DFD LEVEL-0
A level 0 DFD, also called a fundamental system model or a context model,
represents the entire software element as a single bubble with input and output data
indicated by incoming and outgoing arrows, respectively. Additional processes
(bubbles) and information flow paths are represented as the level 0 DFD is partitioned
to reveal more detail.
DFD has the following operations:
 Shows the system’s major processes, data flows, and data stores at a high level of
abstraction
 When the Context Diagram is expanded into DFDlevel-0, all the connections that
flow into and out of process 0 needs to be retained.
The context-level DFD is next "exploded", to produce a Level 0 DFD that shows some
of the detail of the system being modeled. The Level 0 DFD shows how the system is
divided into sub-systems (processes), each of which deals with one or more of the data
flows to or from an external agent, and which together provide all of the functionality
of the system as a whole. It also identifies internal data stores that must be present in
order for the system to do its job, and shows the flow of data between the various parts
of the system.
Fig 3.1.1 dfd level 0
useruser
serverserver
Nimble serverNimble serverPseudo managerPseudo manager

DFD LEVEL-1
A level 1 DFD might contain five or six bubbles with interconnecting arrows.
Each of the processes represented at level 1 is a sub-function of the overall system
depicted in the context model. Each of the bubbles may be refined or layered to depict
more details. The level 1 diagram shows the main functional areas of the system under
investigation. As with the context diagram, any system under investigation should be
represented by only one level 1 diagram. There is no formula that can be applied in
deciding what is, and what is not, a level 1 process. Level 1 process should describe
only the main functional areas of the system, and you should avoid the temptation of
including lower level processes on this diagram. As a general rule no business process
diagram should contain more than 12 process boxes. The level 1 diagram is surrounded
by the outline of a process box that represents the boundaries of the system. Because
the level 1 diagram depicts the whole of the system under investigation, it can be
difficult to know where to start.

Fig 3.1.2 Dfd level 1
Sign
in
Sign
in
SignupSignup
Website Server
database
Website Server
database
AuthenticationAuthentication
File availabilityFile availability
Nymble
server
Nymble
server
Pseudo
manager
Pseudo
manager
File selectionFile selection
Servers
communicatio
n (nymble
ticket and
linking
window)
Home
page
Home
page
Select a file
Enter keyEnter key
Check for file
Blocking ip
address
Blocking ip
address Server
availability
Server
availability
User
view
List of block ip
address
Blacklist
Refreshment
Blacklist
Refreshment
Nymble
ticket
users

3.2 CONTROL FLOW DIAGRAM
A control flow diagram can consist of a subdivision to show sequential steps,
with if-then-else conditions, repetition, and/or case conditions. Suitably annotated
geometrical figures are used to represent operations, data, or equipment, and arrows
are used to indicate the sequential flow from one to another.
There are several types of control flow diagrams, for example:
• Change control flow diagram, used in project management
• Configuration decision control flow diagram, used in configuration
management
• Process control flow diagram, used in process management
• Quality control flow diagram, used in quality control.
In software and systems development control flow diagrams can be used in control
flow analysis, data flow analysis, algorithm analysis, and simulation. Control and data
flow analysis are most applicable for real time and data driven systems. These flow
analyses transform logic and data requirements text into graphic flows which are easier
to analyze than the text. PERT, state transition, and transaction diagrams are examples
of control flow diagrams.
Types of Control Flow Diagrams:-
1. Process Control Flow Diagram
A flow diagram can be developed for the process control system for each
critical activity. Process control is normally a closed cycle in which a sensor provides
information to a process control software application through a communications
system. The application determines if the sensor information is within the
predetermined (or calculated) data parameters and constraints. The results of this
comparison are fed to an actuator, which controls the critical component. This
feedback may control the component electronically or may indicate the need for a
manual action.
This closed-cycle process has many checks and balances to ensure that it stays
safe. The investigation of how the process control can be subverted is likely to be
extensive because all or part of the process control may be oral instructions to an
individual monitoring the process. It may be fully computer controlled and automated,

or it may be a hybrid in which only the sensor is automated and the action requires
manual intervention. Further, some process control systems may use prior generations
of hardware and software, while others are state of the art.
2. Performance seeking control flow diagram
The figure presents an example of a performance seeking control flow diagram
of the algorithm. The control law consists of estimation, modeling, and optimization
processes. In the Kalman filter estimator, the inputs, outputs, and residuals were
recorded. At the compact propulsion system modeling stage, all the estimated inlet and
engine parameters were recorded.[1]
In addition to temperatures, pressures, and control positions, such estimated
parameters as stall margins, thrust, and drag components were recorded. In the
optimization phase, the operating condition constraints, optimal solution, and linear
programming health status condition codes were recorded. Finally, the actual
commands that were sent to the engine through the DEEC were recorded. dfd(data
float diagam)is network manen ment system that is good.

Fig3.2.1 Cfd lavel 1
3.3 DATA BASE DESIGN
3.3.1 address database
Transfer of
block ip
addresses
User
authentication
usersusers
Sign
- in
Sign
- in
Sign-
up
Sign-
up
Website
Server
database
Website
Server
database
AuthenticationAuthentication
File
availability
File
availability
File selectionFile selection
Servers
communication
Home
page
Home
page
Select a
file
Enter keyEnter key
Check for file
User
view
Selection of file
Register a
server to
the nimble
manager
Nymble
server
Nymble
server
Pseudo
manager
Pseudo
manager Blocking ip
address
Blocking ip
address Server
availability
Server
availability
List of block ip
address Blacklist
Refreshment
Blacklist
Refreshment
Nymble
ticket
Refreshing
a blacklist

3.3.2 login database
LOGIN
User pass s_code age gen phone address mobileno
User user user 21 male 453454 chennai 9953452922
3.3.3 resource database
RESOURCES
files fakefiles op allowedip url
bbb.txt bb false 192.168.1.55 bbb.com
nymble.txt ny false 192.168.1.55 www.nymble.com
3.3.4 server database
Server
SerName Key ip
Nimble nymble 192.168.100.77
ADDRESS
IPADDRESS
192.168.100.57
123.87.100.23
192.168.100.78
192.168.1.55

Server
SerName Key ip
Server server 192.168.1.66

4.1 PROCESS SPECIFICATION
4.1.1 INPUT DESIGN
The input design is the link between the information system and the user. It
comprises the developing specification and procedures for data preparation and those
steps are necessary to put transaction data in to a usable form for processing can be
achieved by inspecting the computer to read data from a written or printed document
or it can occur by having people keying the data directly into the system. The design of
input focuses on controlling the amount of input required, controlling the errors,
avoiding delay, avoiding extra steps and keeping the process simple. The input is
designed in such a way so that it provides security and ease of use with retaining the
privacy. Input Design considered the following things:
 What data should be given as input?
 How the data should be arranged or coded?
 The dialog to guide the operating personnel in providing input.
 Methods for preparing input validations and steps to follow when error occur.

4.1.2 OBJECTIVES
1. Input Design is the process of converting a user-oriented description of the input
into a computer-based system. This design is important to avoid errors in the data input
process and show the correct direction to the management for getting correct
information from the computerized system.
2. It is achieved by creating user-friendly screens for the data entry to handle large
volume of data. The goal of designing input is to make data entry easier and to be free
from errors. The data entry screen is designed in such a way that all the data
manipulates can be performed. It also provides record viewing facilities.
3.When the data is entered it will check for its validity. Data can be entered with the
help of screens. Appropriate messages are provided as when needed so that the user

will not be in maize of instant. Thus the objective of input design is to create an input
layout that is easy to follow
4.1.3 OUTPUT DESIGN
A quality output is one, which meets the requirements of the end user and
presents the information clearly. In any system results of processing are communicated
to the users and to other system through outputs. In output design it is determined how
the information is to be displaced for immediate need and also the hard copy output. It
is the most important and direct source information to the user. Efficient and intelligent
output design improves the system’s relationship to help user decision-making.
1. Designing computer output should proceed in an organized, well thought out
manner; the right output must be developed while ensuring that each output element is
designed so that people will find the system can use easily and effectively. When
analysis design computer output, they should Identify the specific output that is needed
to meet the requirements.
2.Select methods for presenting information.
3.Create document, report, or other formats that contain information produced by the
system.
The output form of an information system should accomplish one or more of the
following objectives.
 Convey information about past activities, current status or projections of the
 Future.
 Signal important events, opportunities, problems, or warnings.
 Trigger an action.
 Confirm an action.
4.2 TECHNIQUES AND ALGORITHM USED
Blacklisting anonymous users
We provide a means by which servers can blacklist users of an anonymizing
network while maintaining their privacy.
Practical performance:

Our protocol makes use of inexpensive symmetric cryptographic operations to
significantly outperform the alternatives.
Open-source implementation:
With the goal of contributing a workable system, we have built an open-source
implementation of Nymble, which is publicly available.5 We provide performance
statistics to show that our system is indeed practical.
Algorithm 3. NMCreateCredential
Input: ðpnym; sid;wÞ 2 P _H_NN
Persistent state: nmState 2 SN
Output: cred 2 D
1: Extract macKeyNS; macKeyN; seedKeyN; encKeyN from
keys in nmState
2: seed0 :¼ fðMacðpnymksidkw; seedKeyNÞÞ
3: nymble_ :¼ gðseed0Þ
4: for t from 1 to L do
5: seedt :¼ fðseedt_1Þ
6: nymblet :¼ gðseedtÞ
7: ctxtt :¼ Enc:Encryptðnymble_kseedt; encKeyNÞ
8: ticket0
t :¼ sidktkwknymbletkctxtt
9: macN;t :¼ MA:Macðticket0
t; macKeyNÞ
10: macNS;t :¼ MA:Macðticket0
tkmacN;t; macKeyNSÞ
11: tickets½t_ :¼ ðt; nymblet; ctxtt; macN;t; macNS;tÞ
12: return cred :¼ ðnymble_; ticketsÞ
4.3 Sample coding

NymbleServer
import javax.swing.*;
import java.awt.*;
import java.awt.event.*;
import java.io.*;
import java.net.*;
import java.util.*;
import javax.swing.event.*;
import java.sql.*;
class NymbleServer extends JFrame
{
JLabel jl1;
JLabel jl2;
JButton jb1;
JButton jb2;
JTextField jt1;
JPasswordField jt2;
String msg="";
Container c;
ImageIcon ii;
ImageIcon i2;
JLabel jl4;
JLabel jl6;
String str="";
String pass="";
String path="";
String coreaddr="";
String core="";
String nextcore="";
String dest="";
String dest1="";
File f;
File fgs;
Vector v = new Vector();
NymbleServer()
{

jl1=new JLabel("Nymble Server Name ");
jl2=new JLabel("Server Key ");
jb1=new JButton("Send");
jb2=new JButton("Reset");
jt1=new JTextField(10);
jt2=new JPasswordField(10);
ii=new ImageIcon("nymbleserver.png");
i2=new ImageIcon("nymbleserver1.PNG");
jl4=new JLabel(ii);
jl6=new JLabel(i2);
c = getContentPane();
c.setLayout(null);
c.setBackground(new Color(0,0,120));
c.show();
c.add(jl1);
c.add(jt1);
c.add(jl2);
c.add(jb1);
c.add(jb2);
c.add(jl4);
c.add(jl6);
c.add(jt2);
addWindowListener(new java.awt.event.WindowAdapter() {
public void windowClosing(java.awt.event.WindowEvent evt) {
exitForm(evt);
}
});
jl4.setBounds(30,20,728,68);
jl1.setBounds(20,110,200,25);
jt1.setBounds(150,110,100,25);
jl2.setBounds(50,145,200,25);
jt2.setBounds(150,145,100,25);
jb1.setBounds(70,235,100,25);
jb2.setBounds(180,235,100,25);
jl6.setBounds(300,105,485,309);

setSize(800,500);
setVisible(true);
setTitle("Server");
jb1.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent ae)
{
try {
if(!jt1.getText().equals("") && !jt2.getText().equals("")){
JOptionPane.showMessageDialog (null, "Authorised User",
"Login Seccess", JOptionPane.INFORMATION_MESSAGE);
VerifAdminLogin();
}
else
JOptionPane.showMessageDialog((Component) null,
"Invalid password. Please try again. ", "Login Error",
JOptionPane.INFORMATION_MESSAGE);
}
catch(Exception e) { System.out.println(e);
}
}
});
jb2.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent ae)
{
jt1.setText("");
jt2.setText("");
}
});

}
private void exitForm(java.awt.event.WindowEvent evt) {//GEN-
FIRST:event_exitForm
dispose();
}
public static void main(String a[])
{
new FileOpen();
}
void VerifAdminLogin()
{
Connection con=null;
String url="jdbc:odbc:nymble";
Statement st=null;
try
{
String val1=jt1.getText();
val1 = val1.trim();
String val2 =
(String)jt2.getText();
val2 = val2.trim();
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection(url);
st = con.createStatement();
ResultSet rs=st.executeQuery("Select Key from
Server where SerName='"+val1+"'");
while(rs.next()){
String user = rs.getString(1);
boolean b=user.equals(val2);

if(b)
{
new Server().show();
}
else
{
JOptionPane.showMessageDialog((Component) null, "Invalid
password. Please try again. ", "Login Error",
JOptionPane.INFORMATION_MESSAGE);
jt1.setText("");
jt2.requestFocus();
}
}
}
catch(SQLException ex)
{
System.out.println("Unable to access the database");
}
catch(ClassNotFoundException ex)
{
System.out.println("Class not found");
}
catch(Exception ex)
{
System.out.println("Exception raised is:"+ex);
}
finally {
con=null;
}
}
}
PseudonymManager
import java.awt.*;
import java.io.*;
import java.util.Vector;
public class PseudonymManager extends javax.swing.JFrame {

public PseudonymManager() {
initComponents();
}
private void initComponents() {
jPanel1 = new javax.swing.JPanel();
jLabel1 = new javax.swing.JLabel();
download = new javax.swing.JButton();
save = new javax.swing.JButton();
getContentPane().setLayout(null);
getContentPane().setBackground(new java.awt.Color(104, 174,
254));
setBackground(new java.awt.Color(0, 204, 204));
addWindowListener(new java.awt.event.WindowAdapter() {
public void windowClosing(java.awt.event.WindowEvent evt) {
exitForm(evt);
}
});
jPanel1.setLayout(null);
jPanel1.setBackground(new java.awt.Color(104, 174, 254));
jLabel1.setFont(new java.awt.Font("Arial", 0, 25));
jLabel1.setText("");
//jPanel1.add(jLabel1);
jLabel1.setBounds(200, 10, 480, 40);
download.setBackground(new java.awt.Color(204, 204, 254));
download.setFont(new java.awt.Font("Arial", 0, 18));
download.setText("Start Pseudonym Manager");
download.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(java.awt.event.ActionEvent evt) {
downloadActionPerformed(evt);
}
});
jPanel1.add(download);
download.setBounds(200, 100, 320, 50);
getContentPane().add(jPanel1);

jPanel1.setBounds(0, 70, 740, 200);
save.setBackground(new java.awt.Color(204, 174, 254));
save.setFont(new java.awt.Font("Arial", 0, 18));
save.setText("Stop Pseudonym Manager");
save.addActionListener(new java.awt.event.ActionListener() {
public void actionPerformed(java.awt.event.ActionEvent evt) {
saveActionPerformed(evt);
}
});
getContentPane().add(save);
save.setBounds(200, 290, 320, 50);
jLabel2.setFont(new Font("Arial", 0, 25));
jLabel2.setForeground(new java.awt.Color(222,20, 202));
jLabel2.setBackground(new java.awt.Color(114, 74, 54));
jLabel2.setText("Pseudonym Manager");
getContentPane().add(jLabel2);
pack();
setTitle("Nymble_Pseudonym Manager");
setSize(800,600);
}
private void saveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-
FIRST:event_saveActionPerformed
Runtime r = Runtime.getRuntime();
Process p = null;
String cmd = "../nymble/shutdown.bat";
try {
p = r.exec(cmd);
p.waitFor();
} catch (Exception e) {
System.out.println("error executing " + cmd);
}
System.out.println(cmd + " returned " + p.exitValue());

}
private void downloadActionPerformed(java.awt.event.ActionEvent evt)
{//GEN-FIRST:event_downloadActionPerformed
Runtime r = Runtime.getRuntime();
Process p = null;
String cmd = "../nymble/startup.bat";
try {
p = r.exec(cmd);
p.waitFor();
System.out.println("error executing " + cmd);
}
System.out.println(cmd + " returned " + p.exitValue());
}
private void browserActionPerformed(java.awt.event.ActionEvent evt)
{//GEN-FIRST:event_downloadActionPerformed
try {
System.out.println("error executing browser " + evt);
}
}
private void exitForm(java.awt.event.WindowEvent evt) {//GEN-
FIRST:event_exitForm
System.exit(0);
}
public static void main(String args[]) {
new PseudonymManager().show();
}
private javax.swing.JButton download;
private javax.swing.JLabel jLabel1;

private javax.swing.JPanel jPanel1;
private javax.swing.JButton save;
}
PasswordGenerator
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Random;
public class PasswordGenerator {
char numberChars[] = "0123456789".toCharArray();
char lowerChars[] = "abcdefghijklmnopqrstuvwxyz".toCharArray();
char upperChars[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZ".toCharArray();
char otherSpecialChars[] = "`~!@#$%^&*()-_=+
[{]}|;:'",<.>/?".toCharArray();
List <Integer>listForLengthOfPassword = new ArrayList<Integer>();
Random random = new Random();
List <Character>finalpasswordList;
public PasswordGenerator(){
listForLengthOfPassword.add(1);
}

public String getPassword(){
Collections.shuffle(listForLengthOfPassword);
finalpasswordList = new ArrayList<Character>();
for(int t=0;t<listForLengthOfPassword.size();t++){
int numberOfCharPerArray = listForLengthOfPassword.get(t);
for(int z=0;z<numberOfCharPerArray;z++){
if(t == 0){
finalpasswordList.add(numberChars[random.nextInt(10)]);
}else if(t == 1){
finalpasswordList.add(lowerChars[random.nextInt(26)]);
}else if(t == 2){
finalpasswordList.add(upperChars[random.nextInt(26)]);
}
else if(t == 3){
finalpasswordList.add(otherSpecialChars[random.nextInt(32)]);
}
}//end for
}//end for
String password = new String();
Collections.shuffle(finalpasswordList);
for(int s=0;s<finalpasswordList.size();s++){
password += finalpasswordList.get(s);
}
return password;
}
public static void main(String args[]){
PasswordGenerator passwordGenerator = new PasswordGenerator();
//for(int u=0; u<1000; u++)
{

System.out.println(passwordGenerator.getPassword());
}
}
}
Login
import java.rmi.*;
import java.rmi.server.*;
import java.net.*;
import java.io.*;
import javax.swing.*;
import java.awt.event.*;
import java.lang.*;
import java.awt.*;
import javax.swing.filechooser.FileSystemView;
import java.util.StringTokenizer;
import java.net.InetAddress;
import java.rmi.Naming;
import java.util.Date;
import java.util.Vector;
import java.util.Random;
public class Login extends javax.swing.JFrame
{
RMISIntf ref;
JOptionPane op;
Vector v= new Vector(2);
String sss=null;
static String username;
/** Creates new form Login */
public Login()
{
initComponents();
}
private void initComponents()
{
jPan = new javax.swing.JPanel();
user = new javax.swing.JTextField();
submit = new javax.swing.JButton();
reset = new javax.swing.JButton();
exit = new javax.swing.JButton();
pass = new javax.swing.JPasswordField();

op=new JOptionPane();
jPanel1 = new javax.swing.JPanel();
listres = new javax.swing.JList();
jLab = new javax.swing.JLabel();
download = new javax.swing.JButton();
resArea = new TextArea();
save = new javax.swing.JButton();
getContentPane().setBackground(new
Color(200,40,50));
addWindowListener(new java.awt.event.WindowAdapter()
{
public void
windowClosing(java.awt.event.WindowEvent evt)
{
exitForm(evt);
}
});
jPan.setLayout(null);
jPan.setBackground(new java.awt.Color(200, 113, 181));
jPan.setBorder(new javax.swing.border.EtchedBorder());
jLab.setFont(new java.awt.Font("Arial", 0, 14));
jLab.setText("User ID:");
jPan.add(jLab);
jLab.setBounds(40, 40, 90, 30);
jPan.add(user);
user.setBounds(140, 40, 100, 30);
jLabel2.setText("Password:");
jPan.add(jLabel2);
submit.setBackground(new java.awt.Color(204, 204, 255));
submit.setFont(new java.awt.Font("Arial", 0, 14));
submit.setForeground(new java.awt.Color(0, 0, 153));
submit.setText("Submit");

submit.addActionListener(new java.awt.event.ActionListener()
{
public void actionPerformed(java.awt.event.ActionEvent
evt)
{
submitActionPerformed(evt);
}
});
jPan.add(submit);
submit.setBounds(20, 150, 80, 27);
reset.setBackground(new java.awt.Color(204, 204, 255));
reset.setFont(new java.awt.Font("Arial", 0, 14));
reset.setForeground(new java.awt.Color(0, 0, 153));
reset.setLabel("Reset");
reset.addActionListener(new java.awt.event.ActionListener()
{
evt)
{
resetActionPerformed(evt);
}
});
jPan.add(reset);
reset.setBounds(120, 150, 80, 27);
exit.setBackground(new java.awt.Color(204, 204, 255));
exit.setFont(new java.awt.Font("Arial", 0, 14));
exit.setForeground(new java.awt.Color(0, 0, 153));
exit.setLabel("Exit");
exit.addActionListener(new java.awt.event.ActionListener()
{
public void
actionPerformed(java.awt.event.ActionEvent evt)
{
exitActionPerformed(evt);
}
});
jPan.add(exit);
exit.setBounds(220, 150, 70, 27);
jPan.add(pass);
pass.setBounds(140, 91, 100, 30);

getContentPane().add(jPan);
jPan.setBounds(250, 140, 320, 200);
jLabel3.setForeground(new java.awt.Color(255, 255, 255));
jLabel3.setText("Nymble: Blocking Misbehaving Users in
Anonymizing Networks");
getContentPane().add(jLabel3);
pack();
jPanel1.setLayout(null);
jPanel1.setBorder(new javax.swing.border.EtchedBorder());
listres.setBorder(new
javax.swing.border.SoftBevelBorder(javax.swing.border.BevelBorder.LOWER
ED));
jPanel1.add(listres);
listres.setBounds(10, 60, 150, 220);
jLabel1.setText("Resources Available:");
jPanel1.add(jLabel1);
download.setBackground(new java.awt.Color(204, 204, 254));
download.setFont(new java.awt.Font("Arial", 0, 15));
download.setText("Access File..");
download.addActionListener(new java.awt.event.ActionListener()
{
evt)
{
downloadActionPerformed(evt);
}
});
jPanel1.add(download);
download.setBounds(180, 60, 140, 27);
getContentPane().add(jPanel1);
jPanel1.setBounds(20, 70, 340, 300);

getContentPane().add(resArea);
resArea.setBounds(400, 90, 240, 250);
save.setBackground(new java.awt.Color(204, 204, 254));
save.setFont(new java.awt.Font("Arial", 0, 15));
save.setText("Save");
save.addActionListener(new java.awt.event.ActionListener()
{
evt)
{
saveActionPerformed(evt);
}
});
getContentPane().add(save);
save.setBounds(470, 370, 70, 27);
resArea.setVisible(false);
save.setVisible(false);
jPanel1.setVisible(false);
jPanel1.setBackground(new java.awt.Color(0, 204, 204));
}
//GEN-END:initComponents
private void exitActionPerformed(java.awt.event.ActionEvent evt)
{
//GEN-FIRST:event_exitActionPerformed
System.exit(0);
}
private void resetActionPerformed(java.awt.event.ActionEvent evt)
{
//GEN-FIRST:event_resetActionPerformed
user.setText("");
pass.setText("");
}
private void submitActionPerformed(java.awt.event.ActionEvent evt)
{
try
{

ref=
(RMISIntf)Naming.lookup("rmi://"+"192.168.1.55"+"/RMIServer");
//System.out.println(ref.res("sdsd","dsa"));
if(user.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The User
Name","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MES
SAGE);
user.grabFocus();
}
else
{
if(pass.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
PassWord","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_
MESSAGE);
pass.grabFocus();
}
else
{
InetAddress Address =
InetAddress.getLocalHost();
String c =Address.getHostAddress();
ref=
String
ss=ref.CliDet(user.getText(),pass.getText(),c);
if(ss.equals("notok"))
{
op.showConfirmDialog(this,"UnAuthorised
User","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESS
AGE);
user.grabFocus();
}
else
{
username=user.getText();
String key=(String)JOptionPane.showInputDialog(this,"Enter your Key:");
ref=(RMISIntf)Naming.lookup("rmi://"+"192.168.1.55"+"/RMIServer");
String status=ref.CliDet_key(user.getText(),key);
if(status.equals("ok"))

{
username=user.getText();
//getContentPane().remove(jPan);//.visible(false);
jPan.setVisible(false);
jPanel1.setVisible(true);
resArea.setVisible(true);
save.setVisible(true);
StringTokenizer token=new StringTokenizer(ss,";");
while(token.hasMoreTokens())
{
String nextToken = token.nextToken();
v.addElement(nextToken);
System.out.println(nextToken);
}
listres.setListData(v);
}///inner if
else
{
op.showConfirmDialog(this,"UnAuthorised
User","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESS
AGE);
user.grabFocus();
}
}
}
}
}catch(Exception e){System.out.println(e);}
}
private void downloadActionPerformed(java.awt.event.ActionEvent evt)
{
sss=(String)listres.getSelectedValue();
System.out.println(sss);
int ch=0;
try{
InetAddress Address = InetAddress.getLocalHost();
String c =Address.getHostAddress();

/////////////////////////////////////////////////////
String aa[]=new String[4];
ref=
/////////////////////////
String chh=ref.checkipp(c,sss);
StringTokenizer st=new StringTokenizer(chh,";");
String ipp=null;
String opp=null;
//while(st.hasMoreTokens()) {
ipp=st.nextToken();
System.out.println(ipp+"hai");
opp=st.nextToken();
System.out.println(opp);
//}
String optiontest="null";
if(ipp.equals("ok")||opp.equals("true"))
{
optiontest="true";
String
a=(String)JOptionPane.showInputDialog(this,"Enter your password:");
aa[0]=a;
a=(String)JOptionPane.showInputDialog(this,"Enter your correct
password:");
aa[1]=a;
a=(String)JOptionPane.showInputDialog(this,"Enter correct
password:");
aa[2]=a;
System.out.println(aa[0]+aa[1]);
aa[3]=new Date().toString();
ref.store(aa,c,username,sss);
JOptionPane.showMessageDialog (null, "IP Blocked &
you are Misbehaving User &you Can't Access Nymble web Page & Cant
downlod the file", "you Can't Access Nymble web Page",
JOptionPane.ERROR_MESSAGE);
}
/////////change
String ssss=ref.res(sss,c,optiontest);
/********File ss=ref.res(sss,c,);

//File file = new File(ss);
FileInputStream in = new FileInputStream(ss);
int i = in.available();
char st[]=new char[i];
int j =0;
while((ch=in.read())!=-1)
{
st[j] = (char) ch;
j++;
}
String str=new String(st);
resArea.setText(str);
***********/
System.out.println("new "+ssss);
resArea.setText(ssss);
Logged1 l1=new Logged1();
l1.show();
} catch(Exception e)
{
System.out.println(e);
}
}
private void saveActionPerformed(java.awt.event.ActionEvent evt)
{
//GEN-FIRST:event_saveActionPerformed
try {
FileDialog fd=new FileDialog(this,"File Store",
FileDialog.SAVE);
fd.setVisible(true);
String f= fd.getFile();
fd.setFile(f); // Filename filter
fd.setDirectory("."); // Current directory
//fd.show();
FileOutputStream out=new FileOutputStream(f);
String s=resArea.getText();
System.out.println(s);
byte b[]=s.getBytes();
out.write(b);
} catch(Exception e)
{

System.out.println(e);
}
}
/** Exit the Application */
private void exitForm(java.awt.event.WindowEvent evt)
{
//GEN-FIRST:event_exitForm
System.exit(0);
}
/**
* @param args the command line arguments
*/
public static void main(String args[]) {
JFrame jf1=new Login();
jf1.setResizable(false);
jf1.setSize(680,500);
jf1.setTitle("Nymble: User Login");
jf1.show();
}
// Variables declaration - do not modify//GEN-BEGIN:variables
private javax.swing.JButton exit;
private javax.swing.JPanel jPan;
private javax.swing.JPasswordField pass;
private javax.swing.JButton reset;
private javax.swing.JButton submit;
private javax.swing.JTextField user;
private javax.swing.JButton download;
private javax.swing.JLabel jLab;
private javax.swing.JPanel jPanel1;
private javax.swing.JList listres;
private java.awt.TextArea resArea;
private javax.swing.JButton save;
// End of variables declaration//GEN-END:variables
}
4.4 TECHNOLOGY DESCRIPTION

JAVA TECHNOLOGY
Java technology is both a programming language and a platform.
The Java Programming Language
The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:
 Simple
 Architecture neutral
 Object oriented
 Portable
 Distributed
 High performance
 Interpreted
 Multithreaded
 Robust
 Dynamic
 Secure
With most programming languages, you either compile or interpret a program so that
you can run it on your computer. The Java programming language is unusual in that a
program is both compiled and interpreted. With the compiler, first you translate a
program into an intermediate language called Java byte codes —the platform-
independent codes interpreted by the interpreter on the Java platform. The interpreter
parses and runs each Java byte code instruction on the computer. Compilation happens
just once; interpretation occurs each time the program is executed. The following
figure illustrates how this works.

You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool or
a Web browser that can run applets, is an implementation of the Java VM. Java byte
codes help make “write once, run anywhere” possible. You can compile your program
into byte codes on any platform that has a Java compiler. The byte codes can then be
run on any implementation of the Java VM. That means that as long as a computer has
a Java VM, the same program written in the Java programming language can run on
Windows 2000, a Solaris workstation, or on an iMac.
The Java Platform
A platform is the hardware or software environment in which a program runs. We’ve
already mentioned some of the most popular platforms like Windows 2000, Linux,
Solaris, and MacOS. Most platforms can be described as a combination of the
operating system and hardware. The Java platform differs from most other platforms in
that it’s a software-only platform that runs on top of other hardware-based platforms.
The Java platform has two components:
• The Java Virtual Machine (Java VM)
• The Java Application Programming Interface (Java API)

You’ve already been introduced to the Java VM. It’s the base for the Java platform and
is ported onto various hardware-based platforms.
The Java API is a large collection of ready-made software components that provide
many useful capabilities, such as graphical user interface (GUI) widgets. The Java API
is grouped into libraries of related classes and interfaces; these libraries are known as
packages. The next section, What Can Java Technology Do? Highlights what
functionality some of the packages in the Java API provide.
The following figure depicts a program that’s running on the Java platform. As the
figure shows, the Java API and the virtual machine insulate the program from the
hardware.
Native code is code that after you compile it, the compiled code runs on a specific
hardware platform. As a platform-independent environment, the Java platform can be a
bit slower than native code. However, smart compilers, well-tuned interpreters, and
just-in-time byte code compilers can bring performance close to that of native code
without threatening portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming language are
applets and applications. If you’ve surfed the Web, you’re probably already familiar
with applets. An applet is a program that adheres to certain conventions that allow it to
run within a Java-enabled browser.
However, the Java programming language is not just for writing cute, entertaining
applets for the Web. The general-purpose, high-level Java programming language is
also a powerful software platform. Using the generous API, you can write many types
of programs.
An application is a standalone program that runs directly on the Java platform. A
special kind of application known as a server serves and supports clients on a network.
Examples of servers are Web servers, proxy servers, mail servers, and print servers.
Another specialized program is a servlet. A servlet can almost be thought of as an

applet that runs on the server side. Java Servlets are a popular choice for building
interactive web applications, replacing the use of CGI scripts. Servlets are similar to
applets in that they are runtime extensions of applications. Instead of working in
browsers, though, servlets run within Java Web servers, configuring or tailoring the
server.
How does the API support all these kinds of programs? It does so with packages of
software components that provides a wide range of functionality. Every full
implementation of the Java platform gives you the following features:
• The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
• Applets: The set of conventions used by applets.
• Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data
gram Protocol) sockets, and IP (Internet Protocol) addresses.
• Internationalization: Help for writing programs that can be localized for users
worldwide. Programs can automatically adapt to specific locales and be displayed in
the appropriate language.
• Security: Both low level and high level, including electronic signatures, public
and private key management, access control, and certificates.
• Software components: Known as JavaBeansTM
, can plug into existing
component architectures.
• Object serialization: Allows lightweight persistence and communication via
Remote Method Invocation (RMI).
• Java Database Connectivity (JDBCTM
): Provides uniform access to a wide
range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility, servers,
collaboration, telephony, speech, animation, and more. The following figure depicts
what is included in the Java 2 SDK.

How Will Java Technology Change My Life?
We can’t promise you fame, fortune, or even a job if you learn the Java programming
language. Still, it is likely to make your programs better and requires less effort than
other languages. We believe that Java technology will help you do the following:
• Get started quickly: Although the Java programming language is a powerful
object-oriented language, it’s easy to learn, especially for programmers already
familiar with C or C++.
• Write less code: Comparisons of program metrics (class counts, method
counts, and so on) suggest that a program written in the Java programming language
can be four times smaller than the same program in C++.
• Write better code: The Java programming language encourages good coding
practices, and its garbage collection helps you avoid memory leaks. Its object
orientation, its JavaBeans component architecture, and its wide-ranging, easily
extendible API let you reuse other people’s tested code and introduce fewer bugs.
• Develop programs more quickly: Your development time may be as much as
twice as fast versus writing the same program in C++. Why? You write fewer lines of
code and it is a simpler programming language than C++.
• Avoid platform dependencies with 100% Pure Java: You can keep your
program portable by avoiding the use of libraries written in other languages. The 100%
Pure JavaTM
Product Certification Program has a repository of historical process
manuals, white papers, brochures, and similar materials online.

• Write once, run anywhere: Because 100% Pure Java programs are compiled
into machine-independent byte codes, they run consistently on any Java platform.
• Distribute software more easily: You can upgrade applets easily from a
central server. Applets take advantage of the feature of allowing new classes to be
loaded “on the fly,” without recompiling the entire program.
ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming
interface for application developers and database systems providers. Before ODBC
became a de facto standard for Windows programs to interface with database systems,
programmers had to use proprietary languages for each database they wanted to
connect to. Now, ODBC has made the choice of the database system almost irrelevant
from a coding perspective, which is as it should be. Application developers have much
more important things to worry about than the syntax that is needed to port their
program from one database to another when business needs suddenly change.
Through the ODBC Administrator in Control Panel, you can specify the particular
database that is associated with a data source that an ODBC application program is
written to use. Think of an ODBC data source as a door with a name on it. Each door
will lead you to a particular database. For example, the data source named Sales
Figures might be a SQL Server database, whereas the Accounts Payable data source
could refer to an Access database. The physical database referred to by a data source
can reside anywhere on the LAN.
The ODBC system files are not installed on your system by Windows 95. Rather, they
are installed when you setup a separate database application, such as SQL Server
Client or Visual Basic 4.0. When the ODBC icon is installed in Control Panel, it uses a
file called ODBCINST.DLL. It is also possible to administer your ODBC data sources
through a stand-alone program called ODBCADM.EXE. There is a 16-bit and a 32-bit
version of this program and each maintains a separate list of ODBC data sources.
From a programming perspective, the beauty of ODBC is that the application can be
written to use the same set of function calls to interface with any data source,

regardless of the database vendor. The source code of the application doesn’t change
whether it talks to Oracle or SQL Server. We only mention these two as an example.
There are ODBC drivers available for several dozen popular database systems. Even
Excel spreadsheets and plain text files can be turned into data sources. The operating
system uses the Registry information written by ODBC Administrator to determine
which low-level ODBC drivers are needed to talk to the data source (such as the
interface to Oracle or SQL Server). The loading of the ODBC drivers is transparent to
the ODBC application program. In a client/server environment, the ODBC API even
handles many of the network issues for the application programmer.
The advantages of this scheme are so numerous that you are probably thinking there
must be some catch. The only disadvantage of ODBC is that it isn’t as efficient as
talking directly to the native database interface. ODBC has had many detractors make
the charge that it is too slow. Microsoft has always claimed that the critical factor in
performance is the quality of the driver software that is used. In our humble opinion,
this is true. The availability of good ODBC drivers has improved a great deal recently.
And anyway, the criticism about performance is somewhat analogous to those who
said that compilers would never match the speed of pure assembly language. Maybe
not, but the compiler (or ODBC) gives you the opportunity to write cleaner programs,
which means you finish sooner. Meanwhile, computers get faster every year.
JDBC
In an effort to set an independent database standard API for Java; Sun
Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a generic
SQL database access mechanism that provides a consistent interface to a variety of
RDBMSs. This consistent interface is achieved through the use of “plug-in” database
connectivity modules, or drivers. If a database vendor wishes to have JDBC support,
he or she must provide the driver for each platform that the database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on ODBC. As
you discovered earlier in this chapter, ODBC has widespread support on a variety of
platforms. Basing JDBC on ODBC will allow vendors to bring JDBC drivers to market
much faster than developing a completely new connectivity solution.

JDBC was announced in March of 1996. It was released for a 90 day public review
that ended June 8, 1996. Because of user input, the final JDBC v1.0 specification was
released soon after.
The remainder of this section will cover enough information about JDBC for you to
know what it is about and how to use it effectively. This is by no means a complete
overview of JDBC. That would fill an entire book.
JDBC Goals
Few software packages are designed without goals in mind. JDBC is one that,
because of its many goals, drove the development of the API. These goals, in
conjunction with early reviewer feedback, have finalized the JDBC class library into a
solid framework for building database applications in Java.
The goals that were set for JDBC are important. They will give you some insight as to
why certain classes and functionalities behave the way they do. The eight design goals
for JDBC are as follows:
1. SQL Level API
The designers felt that their main goal was to define a SQL interface for Java.
Although not the lowest database interface level possible, it is at a low enough level
for higher-level tools and APIs to be created. Conversely, it is at a high enough level
for application programmers to use it confidently. Attaining this goal allows for future
tool vendors to “generate” JDBC code and to hide many of JDBC’s complexities from
the end user.
2. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In an
effort to support a wide variety of vendors, JDBC will allow any query statement to be
passed through it to the underlying database driver. This allows the connectivity
module to handle non-standard functionality in a manner that is suitable for its users.
3. JDBC must be implemental on top of common database interfaces
The JDBC SQL API must “sit” on top of other common SQL level APIs. This goal
allows JDBC to use existing ODBC level drivers by the use of a software interface.
This interface would translate JDBC calls to ODBC and vice versa.
4. Provide a Java interface that is consistent with the rest of the Java system

Because of Java’s acceptance in the user community thus far, the designers feel that
they should not stray from the current design of the core Java system.
5. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no exception.
Sun felt that the design of JDBC should be very simple, allowing for only one method
of completing a task per mechanism. Allowing duplicate functionality only serves to
confuse the users of the API.
6. Use strong, static typing wherever possible
Strong typing allows for more error checking to be done at compile time; also, less
error appear at runtime.
7. Keep the common cases simple
Because more often than not, the usual SQL calls used by the programmer are
simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries should be simple to
perform with JDBC. However, more complex SQL statements should also be possible.
Finally we decided to proceed the implementation using Java Networking. And
for dynamically updating the cache table we go for MS Access database.
Java has two things: a programming language and a platform.
Java is a high-level programming language that is all of the
following
Simple Architecture-neutral

Object-oriented Portable
Distributed High-performance
Interpreted multithreaded
Robust Dynamic
Secure
Java is also unusual in that each Java program is both compiled and
interpreted. With a compile you translate a Java program into an intermediate
language called Java byte codes the platform-independent code instruction is
passed and run on the computer.
Compilation happens just once; interpretation occurs each time the program is
executed. The figure illustrates how this works.
You can think of Java byte codes as the machine code instructions for
the Java Virtual Machine (Java VM). Every Java interpreter, whether it’s a
Java Program
Compilers
Interpreter
My Program

Java development tool or a Web browser that can run Java applets, is an
implementation of the Java VM. The Java VM can also be implemented in
hardware.
Java byte codes help make “write once, run anywhere” possible. You can
compile your Java program into byte codes on my platform that has a Java
compiler. The byte codes can then be run any implementation of the Java
VM. For example, the same Java program can run Windows NT, Solaris, and
Macintosh.

Networking
TCP/IP stack
The TCP/IP stack is shorter than the OSI one:
TCP is a connection-oriented protocol; UDP (User Datagram Protocol) is a
connectionless protocol.
IP datagram’s
The IP layer provides a connectionless and unreliable delivery system. It
considers each datagram independently of the others. Any association between
datagram must be supplied by the higher layers. The IP layer supplies a checksum that
includes its own header. The header includes the source and destination addresses. The
IP layer handles routing through an Internet. It is also responsible for breaking up large
datagram into smaller ones for transmission and reassembling them at the other end.

UDP
UDP is also connectionless and unreliable. What it adds to IP is a checksum for
the contents of the datagram and port numbers. These are used to give a client/server
model - see later.
TCP
TCP supplies logic to give a reliable connection-oriented protocol above IP. It
provides a virtual circuit that two processes can use to communicate.
Internet addresses
In order to use a service, you must be able to find it. The Internet uses an
address scheme for machines so that they can be located. The address is a 32 bit
integer which gives the IP address. This encodes a network ID and more addressing.
The network ID falls into various classes according to the size of the network address.
Network address
Class A uses 8 bits for the network address with 24 bits left over for other
addressing. Class B uses 16 bit network addressing. Class C uses 24 bit network
addressing and class D uses all 32.
Subnet address
Internally, the UNIX network is divided into sub networks. Building 11 is
currently on one sub network and uses 10-bit addressing, allowing 1024 different
hosts.
Host address
8 bits are finally used for host addresses within our subnet. This places a limit
of 256 machines that can be on the subnet.
Total address

The 32 bit address is usually written as 4 integers separated by dots.
Port addresses
A service exists on a host, and is identified by its port. This is a 16 bit number.
To send a message to a server, you send it to the port for that service of the host that it
is running on. This is not location transparency! Certain of these ports are "well
known".
Sockets
A socket is a data structure maintained by the system to handle network
connections. A socket is created using the call socket. It returns an integer that is like a
file descriptor. In fact, under Windows, this handle can be used with Read File and
Write File functions.
#include <sys/types.h>
#include <sys/socket.h>
int socket(int family, int type, int protocol);
Here "family" will be AF_INET for IP communications, protocol will be zero, and
type will depend on whether TCP or UDP is used. Two processes wishing to
communicate over a network create a socket each. These are similar to two ends of a
pipe - but the actual pipe does not yet exist.

JFree Chart
JFreeChart is a free 100% Java chart library that makes it easy for developers
to display professional quality charts in their applications. JFreeChart's extensive
feature set includes:
A consistent and well-documented API, supporting a wide range of chart types;
A flexible design that is easy to extend, and targets both server-side and client-side
applications;
Support for many output types, including Swing components, image files (including
PNG and JPEG), and vector graphics file formats (including PDF, EPS and SVG);
JFreeChart is "open source" or, more specifically, free software. It is distributed under
the terms of the GNU Lesser General Public Licence (LGPL), which permits use in
proprietary applications.
1. Map Visualizations
Charts showing values that relate to geographical areas. Some examples include: (a)
population density in each state of the United States, (b) income per capita for each
country in Europe, (c) life expectancy in each country of the world. The tasks in this
project include:
Sourcing freely redistributable vector outlines for the countries of the world,
states/provinces in particular countries (USA in particular, but also other areas);
Creating an appropriate dataset interface (plus default implementation), a rendered,
and integrating this with the existing XYPlot class in JFreeChart;
Testing, documenting, testing some more, documenting some more.
2. Time Series Chart Interactivity
Implement a new (to JFreeChart) feature for interactive time series charts --- to display
a separate control that shows a small version of ALL the time series data, with a
sliding "view" rectangle that allows you to select the subset of the time series data to
display in the main chart.
3. Dashboards

There is currently a lot of interest in dashboard displays. Create a flexible dashboard
mechanism that supports a subset of JFreeChart chart types (dials, pies, thermometers,
bars, and lines/time series) that can be delivered easily via both Java Web Start and an
applet.
4. Property Editors
The property editor mechanism in JFreeChart only handles a small subset of the
properties that can be set for charts. Extend (or reimplement) this mechanism to
provide greater end-user control over the appearance of the charts.

SCREEN SHOTS
Fig 5.1 nymble server

Fig 5.2 nymble server authentication

6. TESTING
TESTING
6.1 BLOCK & WHITE BOX TESTING
Black Box Testing
Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as most
other kinds of tests, must be written from a definitive source document, such as
specification or requirements document, such as specification or requirements
document. It is a testing in which the software under test is treated, as a black box .you

cannot “see” into it. The test provides inputs and responds to outputs without
considering how the software works.
White Box Testing
White Box Testing is a testing in which in which the software tester has
knowledge of the inner workings, structure and language of the software, or at least its
purpose. It is purpose. It is used to test areas that cannot be reached from a black box
level.
6.2 UNIT TESTING
Unit testing is usually conducted as part of a combined code and unit test phase of the
software lifecycle, although it is not uncommon for coding and unit testing to be
conducted as two distinct phases.
Test strategy and approach
Field testing will be performed manually and functional tests will be written in
detail.
Test objectives
• All field entries must work properly.
• Pages must be activated from the identified link.
• The entry screen, messages and responses must not be delayed.
Features to be tested
• Verify that the entries are of the correct format
• No duplicate entries should be allowed
All links should take the user to the correct page.
6.3 SYSTEM TESTING
The purpose of testing is to discover errors. Testing is the process of trying to
discover every conceivable fault or weakness in a work product. It provides a way to
check the functionality of components, sub assemblies, assemblies and/or a finished

product It is the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a
specific testing requirement.
6.4 INTEGRATION TESTING
Software integration testing is the incremental integration testing of two or
more integrated software components on a single platform to produce failures caused
by interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or – one step up – software
applications at the company level – interact without error.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
6.5 FUNCTIONAL TESTING
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system
documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures : interfacing systems or procedures must be invoked.
Organization and preparation of functional tests is focused on requirements, key
functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes

must be considered for testing. Before functional testing is complete, additional tests
are identified and the effective value of current tests is determined.
TEST CASE TABLE
TABLE:
A database is a collection of data about a specific topic.
VIEWS OF TABLE
We can work with a table in two types,
1. Design View
2. Datasheet View
Design View
To build or modify the structure of a table we work in the table design view. We
can specify what kind of data will be hold.
Datasheet View
To add, edit or analyses the data itself we work in tables datasheet view mode.
QUERY
A query is a question that has to be asked the data. Access gathers data that
answers the question from one or more table. The data that make up the answer is
either dynaset (if you edit it) or a snapshot (it cannot be edited).Each time we run
query, we get latest information in the dynaset. Access either displays the dynaset or
snapshot for us to view or perform an action on it, such as deleting or updating.

CONCLUSION
We have proposed and built a comprehensive credential system called Nymble,
which can be used to add a layer of accountability to any publicly known anonymizing
network.
Servers can blacklist misbehaving users while maintaining their privacy, and we show
how these properties can be attained in a way that is practical, efficient, and sensitive
to the needs of both users and services. We hope that our work will increase the
mainstream
acceptance of anonymizing networks such as Tor, which has, thus far, been completely
blocked by several services because of users who abuse their anonymity.

8. SCOPE FOR FUTURE
DEVELOPMENT

LIMITATIONS & FUTURE ENHANCEMENTS
IP addresses as the resource for limiting the Sybil attack, our current implementation
closely mimics IP-address blocking employed by Internet services. There are,
however, some inherent limitations to using IP addresses as the scarce resource. If a
user can obtain multiple addresses, she can circumvent both nymble-based and regular
IP-address blocking. Subnetbased blocking alleviates this problem, and while it is
possible to modify our system to support subnet-based blocking, new privacy
challenges emerge; a more thorough description is left for future work.

REFERENCE & BIBLIOGRAPHY
Good Teachers are worth more than thousand books, we have them in Our Department
References Made From:
[1] G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik, “A Practical and Provably
Secure Coalition-Resistant Group Signature, Scheme,” Proc. Ann. Int’l Cryptology
Conf. (CRYPTO), Springer, pp. 255-270, 2000.
[2] G. Ateniese, D.X. Song, and G. Tsudik, “Quasi-Efficient Revocation in Group
Signatures,” Proc. Conf. Financial Cryptography, Springer, pp. 183-197, 2002.
[3] M. Bellare, R. Canetti, and H. Krawczyk, “Keying Hash Functions for Message
Authentication,” Proc. Ann. Int’l Cryptology Conf. (CRYPTO), Springer, pp. 1-15,
1996.
[4] M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, “A Concrete Security Treatment of
Symmetric Encryption,” Proc. Ann. Symp. Foundations in Computer Science (FOCS),
pp. 394-403, 1997.
[5] M. Bellare and P. Rogaway, “Random Oracles Are Practical: A Paradigm for
Designing Efficient Protocols,” Proc. First ACM Conf. Computer and Comm. Security,
pp. 62-73, 1993.
[6] M. Bellare, H. Shi, and C. Zhang, “Foundations of Group Signatures: The Case of
Dynamic Groups,” Proc. Cryptographer’s Track at RSA Conf. (CT-RSA), Springer, pp.
136-153, 2005.
[7] D. Boneh and H. Shacham, “Group Signatures with Verifier-Local Revocation,”
Proc. ACM Conf. Computer and Comm. Security, pp. 168-177, 2004.

[8] S. Brands, “Untraceable Off-Line Cash in Wallets with Observers (Extended
Abstract),” Proc. Ann. Int’l Cryptology Conf. (CRYPTO), Springer, pp. 302-318, 1993.
[9] E. Bresson and J. Stern, “Efficient Revocation in Group Signatures,” Proc. Conf.
Public Key Cryptography, Springer, pp. 190-206, 2001.
[10] J. Camenisch and A. Lysyanskaya, “An Efficient System for Non- Transferable
Anonymous Credentials with Optional Anonymity Revocation,” Proc. Int’l Conf. Theory
and Application of Cryptographic Techniques (EUROCRYPT), Springer, pp. 93-118,
2001.
SITES REFERRED:
http://java.sun.com
http://www.sourcefordgde.com
http://www.networkcomputing.com/
http://www.roseindia.com/
http://www.java2s.com/

Nymble:Blocking misbehaving users in annoying networks(Link)

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Nymble:Blocking misbehaving users in annoying networks(Link)

Similar to Nymble:Blocking misbehaving users in annoying networks(Link) (20)

More from Mysa Vijay

More from Mysa Vijay (7)

Recently uploaded

Recently uploaded (20)

Nymble:Blocking misbehaving users in annoying networks(Link)