Internet security evaluation system documentation nikitha

DC
Internet Security Evaluation System
ISES
Chaitanya
2009

INTERNET SECURITY EVALUATION SYSTEM
Introduction
A Internet Security Evaluation system is any computer system that involves
cryptography. Such systems include for instance, a system for secure electronic
mail which might include methods for digital signatures, Internet Security
Evaluation hash functions, key management techniques, and so on. Internet
Security Evaluation systems are made up of Internet Security Evaluation
primitives, and are usually rather complex. Because of this, breaking an I S E S is
not restricted to breaking the underlying Internet Security Evaluation algorithms
- usually it is far easier to break the system as a whole, eg, through the not
uncommon misconceptions of users in respect to the I S E S. A I S E S refers to a
suite of algorithms needed to implement a particular form of encryption and
decryption. Typically, an I S E S consists of three algorithms: one for key
generation, one for encryption, and one for decryption. The term cipher
(sometimes cypher) is often used to refer to a pair of algorithms, one for
encryption and one for decryption. Therefore, the term "I S E S" is most often
used when the key generation algorithm is important. For this reason, the term
"I S E S" is commonly used to refer to public key techniques; however both
"cipher" and "I S E S" are used for symmetric key techniques.

About Client
Client:Orapps , Hyderabad
ORAPPS
ORAPPS the application software company integrates Enterprise Business system and supply
chains for improved customer services, operational efficiencies and competitive advantage.
Sierra Atlantic Inc., combines integration products and services to connect business partitions
with application networks, people and systems work together with greater productivity, faster
response time and reduced errors.
In addition to application integration solutions, Orapps., products enterprise,
implementation services, custom software development services, s/w maintenance and suppose
and business intelligence solutions. Their Global Development Center (GDC) in India is
averaged to derive their services with superior industry and economies. The combination of
onsite and offshore capabilities allows Sierra Atlantic Inc., to derive timely solutions without
compromising quality.
Scope
The project assigned to the project team is real time project. The project is developed in Stand
alone based screens and. To develop this project the project team has used core java. There are
basically two types of modules are developed by the front end programmers. These are input
modules and out put modules. The modules which helps the user to input the data, modify the
data and delete the data will be called the input modules. The modules which enables the user
to convert the document into unreadable format then the document will be send to client the
client will convert the encrypted format of document into original format by using a key. The
client will view the original format once he uses ISES and retransform the data into original

format this will be called out put modules. The retrieved data will be exhibited through output
screens or reporting screens. These conversions and manipulations have to be generated
automatically. These reports should be generated and cover all the user requirements and
replicate the minute details of the company transactions. The scope of the project lies on the
input data which will be stored in the location in encrypted mode. The same data will be
retrieved from other user by using the public key with description technique. The limitation for
this project is crypto analysis and editing of different lengths of text for encrypting and
decrypting.
The Deliverables of this project
The deliverable of this project can be ascertained as follows:
1. The encryption has to be done along with private key or public key generation.
2. Application should allow the user to encrypt/ encode the given text into one of the
following:
a) Code Caeser
b) Code Substitution
c) Code Vigenere Cipher
d) Code MonoSubstitution
e) Decrypting the Text
3. Application should allow the user to decrypt/ decode the given text into one of the
following:
a) Decode Caeser
b) Decode Substitution
c) Decode Vigenere Cipher
d) Decode MonoSubstitution
e) Crypto Analysis

4. Crypto Systems should display the time taken for encoding and decoding the text and
also displays the file size, to analyze the performance of the Crypto Systems. Editing the
Text
5. The application should provide a facility to the user to perform cut, copy, and paste
operations on the text in the text area, and also to apply different fonts and font
colours.
6. The screens should be user-friendly and with attractive pictures which replicate the
symbolism of the department.
7. The screen developed in this project should help the user to navigate the further
screens and options.
8. The screens have to be developed with required fields.
The External Deliverables
The external deliverables of the projects are as follows:
Screen Details 1. The main screen should consist of encryption, description,
crypto editing facilities.
2. From this screen the particular activity screen has to be
generated.
3. For every module or activity screen access the user
authentication has to be incorporated.
4. The encryption should be done in a particular screen and the
public key or private key generation has to be poped up in a
separate screen.
Reports 5. 5. Every module should have detailed reports on every aspect
of the mechanism of the project.
6. The reports should give detailed description on the database
retrieval.

7. The detailed report on encryption done by the user.
8. The detailed report on the encrypted text how many time it
has been descripted.
9. Reports should be generated weekly, monthly, quarterly, half
yearly and yearly on the enrolled students from different
organisation as well as the students for in house recruitment.
Server 10. The encrypted text can be stored in local system or other
system.
The Internal Deliverables
The Internal deliverables of the project are as follows:
Project Charter 1. The encryption and decryption is the main feature of the
project.
2. The screens of the module should be connected to the
database implicitly.
3. The stored files can be accessed by the user automatically.
4. All the modules should be connected in accordance inter-
module relation.
5. In this project when the encryption is taking place the file
has to be stored in a user defined location. The location
has to be stored in the mechanism of the project. The
same location has to be identified implicitly when the
decryption is taking place.
Data Change 1. The data entered for encryption has to be changed into
encryption mode automatically and stored in user defined
location.
2. The encrypted text has to be identified by the system

automatically and decrypt the text.
Functionality of the project
Cryptography is formally the art of encoding data in a way that only the intended recipient can
decode it, and know that the message is authentic and unchanged. Cryptography means different
things to different people. Small children play with simple ciphers and substitution secret
languages, bigger children play with crypto puzzles.
To achieve this project I am planning to develop the project in four phases.
1. Encrypting the test
2. Decrypting the test
3. Crypto Analysis
4. Editing the Text.
Encrypting the Text
Application should allow the user to encrypt/ encode the given text into one of the following:
Code Caeser
Code Substitution
Code Vigenere Cipher
Code MonoSubstitution
Decrypting the Text
Application should allow the user to decrypt/ decode the given text into one of the following:
Decode Caeser
Decode Substitution

Decode Vigenere Cipher
Decode MonoSubstitution
Crypto Analysis
Crypto Systems should display the time taken for encoding and decoding the text and also
displays the file size, to analyse the performance of the Crypto Systems.
Editing the Text
The application should provide a facility to the user to perform cut, copy, and paste operations
on the text in the text area, and also to apply different fonts and font colours.
I am developing the methodology to achieve the targets of developing the Crypto Systems
and networking security as follows.
Aiming to achieve the Encrypting the code the required algorithms in java technologies have to
be developed to convert the given text into encrypted format. For this I am planning to use
Code Caeser Code Substitution Code Vigenere Cipher Code MonoSubstitution
Aiming to achieve the decrypting the code the code the required algorithms in java
technologies have to be developed to convert the given text into encrypted format. For this I
have to develop the code for Decode Caeser, Decode Substitution, Decode Vigenere Cipher and
Decode MonoSubstitution.

System Analysis
System Analysis
All User requirements.

The system should have all the user requirement as specified below:
1. The user who is using the crypto system will be keeping the original text for encryption.
The text should be placed in a sufficient place for encryption.
2. The text should be in a editable mode to change the font size, type and color.
3. The end user who is decrypting the text should see the text in the format of original
format which was pasted for encryption in the editor.
4. The user interface screens which make the user to input the information should guide
the user to input the relevant information into the database.
5. The user should have a facility in administrator module to modify the data what entered
wrongly.
6. The user should not get any eye stress because of the color of the screens.
7. The user should have user access to the screens by password authentication system.
8. The user should store the text in the encrypted format in accordance with the four types
of encryption modes.
9. The user should enable to know the location of the encrypted text where it is stored.
10. The end user who decrypt the text should be given the key.
11. The end user who decrypt the text should have a navigation to user the key in
appropriate place for decryption.
Categories into modules or actors or classes and give brief description for each module

Technical Design of the Project
I S E S
Encryption
Key
Editing the Text
Description
Encrypt the given text and
stores in a specified location.
Decrypting the encrypted text from
the specified location by using the
public key or private key
A key will be generated while the encryption is
taking place at the same time the key will be
sued to decrypt the text and form in original
format.
3 D E S
3 DES
The application should provide a facility to the
user to perform cut, copy, and paste operations
on the text in the text area, and also to apply
different fonts and font colours.
Encrypted
Text
Encrypted
TextInternet
Transmission

System Architecture
User
I S E S
User will interact the system and enter
the text for encryption
Generates the key and the key
will be stored in a specific
location of database. This key
will be used by end user
Receives the key from the user
and decrypt the text from the
specified location
Keep the text for
editing and send the
text for encryption
Key will be supplied by the
user to the client physically
Key will be supplied
by the user to the
client to decrypt the
text
Client
Client will interact the system and enter the
encrypted matter for decryption

Use Case
The user Module
End user module
Encrypt the text in different
cyphers
Stores the data in the
specified location of the
database
View the details of the
encrypted text with
locations
Decrypt the text with key
from the specific location
View the reports on
decryptions done by the
user.
Keep the text for editing
Receives the key and specific
location of the encrypted text

Interface
The user will paste the text which will be encrypted by the user.
I S E S
End User
Databa
se
Encrypt the
text in a
location
Decrypt the text with the
help of key
User
Sends the key to
the end user with
location

The key will be generated and stores In the specific location.
The end user will be given a key and specific location.
The end user will decrypt the encrypted matter.
Class Diagram:
I S E S
user End user
The user will edit the text and
encrypt the text. The encryption
will generate a key. The encrypted
matter will be stored in a specific
location
The end user will be supplied a key
and the end user will decrypt the
encrypted text with key from the
specific location.
The user will store the original text in encrypted format. The user sends the encrypted text to the client
through internet. The client will receive the encrypted text through internet. The client physicaly or
separately get the key from the user. The Client will decrypt the encrypted text into original format.

 The user will encrypt the text for the crypto editor.
 The user will send the encrypted text through internet to the client.
 The user will generate the key for every encryption.
 The user will send the key to the end user or client.
 The location details will also sent to client .
 The end user will decrypt the text with the help of key at client’ location.
Business Processes
In this project the application is going to serve the different locations as follows:
1. User Local System where the text will be encrypted.
2. Client place where the encryption is taking place.
Business Areas
By implementing this project the following areas will be affected.
1. User location from the encryption is taking place
2. End user (client ) location from the description is happening.
Business Data that will be changed
This is the project with full automation mechanism. The project team has to develop the
internal coding to transmit the data to other location. The data which will stored in encrypted
format will be changed by using the public or private key and decrypted. The decrypted text will

be retrieved from the end user to view the files. To view the files of encrypted format the end
user should use the public key or private key for decryption. To view the encrypted files the
public key is playing vital role.
Technologies Required
To develop the crypto system the core java technologies are used. Through this technologies
the algorithms Code Caeser Code Substitution Code Vigenere Cipher Code MonoSubstitution
are developed.
The existing system
The existing system is developed with RSA algorithms. The encryption and decryption is not
so developed. The cheating prevention is not possible in the existing system.
The proposed System
A Internet Security Evaluation system is any computer system that involves cryptography.
Such systems include for instance, a system for secure electronic mail which might include
methods for digital signatures, Internet Security Evaluation hash functions, key management
techniques, and so on. Internet Security Evaluation systems are made up of Internet Security
Evaluation primitives, and are usually rather complex. Because of this, breaking a I S E S is
not restricted to breaking the underlying Internet Security Evaluation algorithms - usually it is
far easier to break the system as a whole, eg, through the not uncommon misconceptions of
users in respect to the I S E S. A I S E S refers to a suite of algorithms needed to implement a
particular form of encryption and decryption. Typically, a I S E S consists of three algorithms:
one for key generation, one for encryption, and one for decryption. The term cipher (sometimes
cypher) is often used to refer to a pair of algorithms, one for encryption and one for decryption.
Therefore, the term "I S E S" is most often used when the key generation algorithm is
important. For this reason, the term "I S E S" is commonly used to refer to public key
techniques; however both "cipher" and "I S E S" are used for symmetric key techniques.
Strong encryption brings many possible applications into daily life. Different applications that
require privacy, trust and access control should all use strong encryption methods when possible.

Applications include things like electronic money, secure communications, passwords, and many
others. It is in people's own interest that different legal/medical/personal data about their person
stays confidential to the instances that have a permit to collect the databases (finnish
Tietoturvalaki).
3. Crypto Analysis
5.
Encrypting the Text
Code Caeser
Code Substitution
Decrypting the Text
Decode Caeser
Decode Substitution
Crypto Analysis
Editing the Text

I am developing the methodology to achieve the targets of developing the Crypto Systems
and networking security as follows.
Aiming to achieve the Encrypting the code the required algorithms in java technologies have to
be developed to convert the given text into encrypted format. For this I am planning to use
Code Caeser Code Substitution Code Vigenere Cipher Code MonoSubstitution
Aiming to achieve the decrypting the code the code the required algorithms in java
technologies have to be developed to convert the given text into encrypted format. For this I
have to develop the code for Decode Caeser, Decode Substitution, Decode Vigenere Cipher and
Decode MonoSubstitution.
Milestone of the project work
1. Requirements gathering of the client
2. Requirements specifications Document Preparation
3. Functional Specifications of the project.
4. Design Document ( Macro level )
5. Design Documentation ( Micro Level )
6. Database Design ( Macro Level )
7. Database Design ( Micro Level )
8. Coding specifications
9. Coding Metrics Finalization.
10. Coding execution

11. Database Creation – database – Table space – table
12. Data integration design
13. Data manipulation design
14. Procedures and functions design
15. Integration between Screens and database
16. Synchronization of front end and back end.
17. Testing
18. Review – Coding
19. Documentation – Business process Documentation
20. Documentation – Business process Re-engineering
21. People management -
22. Preparation of Training Material
23. Project management and administration
24. Hardware Installation – Servers - Clients
25. Deployment of the Software at clients place
26. Data preparation for transfer
27. System Documentation
28. Process flow documentation
As a front end programmer my Role
• Developed JSP pages, Servlets pages as per requirement
• Understand the Module specifications of the project and developed the

code for inter-module relationship along with the Oracle Developers.
• Module de composition is perfectly followed in this project.
• Developed reports for Management specific requirements.
• Developed the User screens and connectivity to the tables in accordance
with the Oracle programmers.
• Used Java beans extensively to connect, retrieve and insert the data into
the database.
• Java script used to display the date and time and other calculations of
the applications.
• Understand the Module specifications of the project and developed the
code for inter-module relationship along with the Oracle Developers.
• Module de composition is perfectly followed in this project.
• Developed reports for Management specific requirements.
• Developed the User screens connectivity to the tables in accordance with
the Oracle programmers.
• Used extensively HTML and JSP to develop the screens and run with Web
logic server
• Used Java beans extensively to connect, retrieve and insert the data into
the database.
• Java script used to display the date and time and other calculations of
the applications.
• Developed the Inter Module auto updates with the help of Oracle Primary
Key and Foreign Key concepts.

Literature Survey
1. INTRODUCTION
Java is an Object-Oriented, multi-threaded programming language developed by Sun
Microsystems in 1991. It is designed to be small, simple and portable. The popularity
of the Java is due to 3 key elements powerful programming language, applets and rich
set of significant object classes.
Adv of Java
1. Simple
2. Secure
3. Portable
4. Object Oriented
5. Robust
6. Multithreaded
7. Interpreted

8. High Performance
9. Distributed
10. Dynamic
Components of JVM
In Java development environment, there are two parts, a Java compiler and Java
interpreter. Java compiler generates byte code and interpreter executes the Java
program. Eventhough the bytecode is slow, it gives platform independent application.
Java program is typed in and saved in a file with extension .java. This file is compiled
by javac. It creates a file with .class extension. This is executed by Java file without
extension. A simple example for a Java program is
Type casting:
When one type of data is assigned to be another type of variable, an automatic type
conversion will take place. For example
byte a=10; int c = a + 10;
Here, a is converted to int automatically.
To manually convert a type use (type) value
For example float f = (float) a/ float(b) ; if a, b are integers.
Operators
1) Arithmetic - + - * / %
2) Relational - < > <= >= !=
3) Logical - && || !=
4) Assignment - =
5) Comparision - = =
6) Incre/Decrement - ++ --
7) Bitwise operator - ~ & | ^ >> >>> << &= != ^=
8) Conditional - ? :
2. PROGRAM CONSTRUCST
They are divided into

i. Sequence
ii. Selection - if, switch
iii. Iteration - while, do..while, for
Misc - break, exit, continue, and return
e) break, continue and exit
break will transfer the control out of the loop, in continue , the rest of the lines are
ignored and loop continue after the next iteration. The exit function will stop the
program execution.
3. CLASSES AND METHODS
Classes
The most important feature of the OOP is classes. A class defines the shape and
behavior of an object and is a template for multiple object with similar features. It is a
logical construct upon which the entire java language is built because it defines the
shape and nature of the object.
To create a class, a source file with the class keyword in it, followed by a name and
pair of curly braces for the body.
Once class is created, an instance of class is created by new keyword. The instance of
class is used to access the variables and methods that form part of the class. The dot
operator is used to get the value of the class variable (object.variable).
Instance Variable : Data is encapsulated in a class by declaring varables inside the
class declaration. Variables declared in this scope are called as Instance variables.
Class Variable : Class variables are global to class and all the instances of the class.
To declare class variable static keyword is used.
The access of class may be public, private, abstract or final.
Methods
Methods are functions that operate on instances of classes in which they are defined.
Method definition has four parts. They are name of the method, return type , list of
parameters and body of the method.
Access Specifiers:
Public : If any method or variable is declared as public, it is visible to all
classes.

Private : If any method or variable is declared as private , it is visible to
classes in which it is declared.
Protected : It is visible in class and all its subclasses.
Package : It is indicated by the lack of any access modifier in a declaration.
It has an increased protection and narrowed visibility.
Final : It can not overridden by subclass
Abstract : in abstract class without body, must be overridden by subclass.
Static : It is automatically called when creating instance of class.
this:
The this keyword is used inside any instance method to the current object.
Constructor
A constructor method is a special kind of method that determines how an object
is initialized when created. They have the same name as the class but do not
have any return type. Consturctor can also be overloaded.
Garbage collection
When no reference to object exits, the object no longer needed, the memory occupied
by the object is reclaimed. This is called garbage collection. Java periodically does
garbage collection.
Finalizer :
Finalizer method is the exact opposite of constructor method. They are called just
before the object is garbage collected and its memory is reclaimed. All cleanup
operations are performed in this method.
protected void finalize( )
{ }
Methods overloading
Methods overloading is creating different methods with same name but with different
parameters. This is the one type of creating polymorphism in Java
Example for method overloading and constructor overloading
Method Overriding
Method overriding is creating a method in the derived class that has the same name
arguments as in the superclass. This new method hides the superclass method.

Recursion
Recursion is the process of defining something in terms of itself. A method that calls
itself is said to be recursive.
Nested Class
It is possible to nest a class definition within another and treat the nested class like any
other method of that class. An inner class is a nested class whose instance exists
within an instance of its enclosing class and has direct access to the instance
members of its enclosing instance.
4. Inheritance
Inheritance is the method of creating new class based on the already existing class.
The new class derived is called as sub class or derived class which has all features of
the existing class and its own. The existing class is called as super class or base class.
Adv : reusability of code, accessibility of variables and methods of the base class
by the derived class.
If the class is derived from more than one class , then it is called as multiple
inheritance. This is not available in Java. To overcome this problem use interface.
Method Overriding
Whenever there are methods of the same name both in the base class as well as in
the derived class and if that method is called by main, the method in the derived class
is always executed. This is called overriding. See example11.
Super
Super has two forms. First it calls the superclass’s constructor. The second is used to
access a member of the superclass that has been hidden by a member of a subclass.
Final
a. final variables - to create constant
final float pi =3.14f;
final int a = 40
final is used to create constant variable.
b) final modifiers - to prevent overriding
Final modifiers are those to which no further alteration can be made. We can not
override the method using final

Abstract
Sometimes we will want to create a superclass that only defines a generalized form
that will be shared by all of its subclasses, leaving it to each subclass to fill in the
details. To declare abstract class
abstract type name(parameters);
We must override the abstract method. An abstract class cannot be directly
instantiated with the new operator. We cannot declare abstract constructors or abstract
static methods.
5. Exception
An exception is an abnormal condition or error that occurs during the execution of the
program. Exception in java is handled by five keywords – try, catch, finally, throw and
throws.
The object class has a subclass called Throwable to handle exception and errors,
which has two subclasses Exception and Error.The classes of exception are
IOException and RuntimeExveption
The try and catch fixes the error and prevents the program from terminating abruptly.
The finally block will be executed if no catch matches it and always executed. If you
use try block, finnaly block or atleast one catch block should be used.
If you don't want to use try and catch statements then use throws clause. The throws
class is responsible to handle the different types of exceptions generated by the
program. This clause usually contains a list of types of exceptions that are likely to
occur in that program.
The throw clause is used to call exception explicitly. User defined exception can be
called by throw clause. User defined exception is created by extending the class
Exception.
6. Package
Package contains set of classes in order to ensure that class names are unique.
Packages are container of classes used to keep the class name space
compartmentalized.
1. Create a subdirectory, which has the same name as package.
2. Include package command, along with the package name, as first statement in the
program.
3. Write class declaration
4. Save file in this directory as "name of class.java"

5. Compile this file using javac.
6. To use this program set the CLASSPATH or change to previous directory and use java
packname.classname
If Java source file contain package, interface, classes then the order should be
a. A single package statement (optional)
b. Any number of import statements (optional)
c. A single public class declaration (required)
d. Any number of classes private to the package (optional)
6. Interfaces :
An interface is a collection of abstract behavior that individual classes can implement.
An interface consists of set of method collections. Using interface, you can specify
what a class must do but not how it does it. All methods and final variables in interface
must be public.
Multithreading is not available in Java. To overcome this problem, interface is
introduced.
8. Multhithreading in Java
Thread
A process is a program in a execution. A thread is a line of execution. Two or more
processes running concurrently in a computer is called multitasking. The process can
contain multiple threads to execute its different sections. This is called multhreading.
Using this, we can run different parts of the programs at a time.
States of thread
There are four states of thread. They are new, runnable, blocked and dead The fig
shows the states of the thread.
Adv of thread:
• Can be created faster
• Maximum use CPU time
• Requires less overhead

• Interprocess communication is faster
• Context switching is faster
Thread is created by
a) the class Thread which has the interface Runnable.
b) creating the objects of the class Thread
a) Using runnable interface
class c1 implements Runnable
{
}
To create a thread
Thread t = new Thread(this) ;
Thread t = new Thread(this,"Demo thread’);
Where this referes the Applet object.
After thread is created , it will first execute start( ) method then run( )
method is automaticall called.
b) Creating Thread Class Objects
Runnable abstracts a unit of executable code. We can construct a thread on any object
that implements Runnable.
The thread methods are start( ), resume( ), sleep( ), suspend( ) , join( ) and toString( )
.Synchronization
Two or more threads accessing the same data simultaneously may lead to loss of data
integrity. Java uses the concept of monitor. A monitor is an object, used as a mutually
exclusive lock.
Java offers interprocess communication through the use of wait( ), notify( ) and
notifyall( ) methods of Object class and all are synchronized methods.
Thread Priorities
The usage of setPriority( ) and getPriority( ) methods are used to set and get the
priorities of thread respectively. The yield( ) method enables provision of CPU’s time to
threads with equal priority and prevents monopolization of a single thread. The Thread
has final variables declared line – NORM_PRIORITY (5), MINIMUM_PRIORITY (1)
and MAXIMUM_PRIORITY (10).

9. APPLET
Applet
An applet is a dynamic and interactive program that can run inside Web page
displayed by a Java-capable browser or applet viewer.
All applets are subclasses of Applet. You should import java.applet and java.awt since
all applets run in a window. Applet defines three interfaces Appletcontext, AppletStub
and AudioClip.
Applet extends java AWT class Panel, Panel extends Container which extends
Component.
The init( ) Method
This method gets called as soon an applet is started. Initialization of all variables,
creation of objects, setting of parameters, etc. can be done in this method.
The start( ) method
This method is executed after the init mehod. Also used to restart the applet that was
stoped.
The stop( ) method
This method is used to halt the running of an applet. This method is called when a web
browser leaves the HTML document containing the applet.
The destroy( ) method
This method is used to free the memory occupied by the variables and objects
initialized in the applet. Called by the browser just before the applet is terminated.
The paint( ) method
This method helps in drawing, writing and creating a colored background or an image
on to the applet. This method is called each time your applet’s output must be redrawn.
It has one parameter called Graphics.
The repaint( ) method
This method is used in case an applet is to be repainted. The repaint method calls
update( ) method to clear screen and paint( ) method to redraw the contents of the
current frame.
resize (width, height)
Resize the applet window
showStatus (str)
Displays the string in the status window of the applet

When starting the applet init, start, paint methods and when terminating stop and
destroy methods are called.
9.a. The Graphics Class in java.awt package
drawString(message,x,y);
9.b. Font Class in java.awt package
Font f = new Font ("fontname", format, size);
Formats are Font.BOLD, Font.ITALIC, and Font.PLAIN
g.setFont(f)
9.c. Color Class in java.awt package
Color.grey, Color.green, Color.yellow, Color.pink, Color.red, Color.blue,
Color.magenta, Color.cyan
9.d. Images
Clipping
A technique by which the drawing area can be restricted to a small portion of the
screen.
Method is clipRect( )
clipRect(x1,y1,x2,y2);
Animation
Animation is technique by the object is moved on the screen In which the original
image is clreared and placed in another place.
9.e. Events
Mouse Events methods
boolean mouseDown(event , x, y)
boolean mouseDrag(event , x, y)
boolean mouseEnter(event , x, y)
boolean mouseExit(event , x, y)
boolean mouseMove(event , x, y)
boolean mouseUp(event , x, y)

KeyBoard Events
boolean keyDown(event , x, y)
boolean keyUp(event , x, y)
Types of Event handling
a)Low Level event
Low level classes Low level event Listener
ComponentEvent ComponentListener
FocusEvent FocusListener
KeyEvent KeyListener
ContainerEvent ContainerListener
MouseEvent MouseListener
MouseMotionListener
WindowEvent WindowListener
InputEvent
b) Semantic Events
Low level classes Low level event Listener
ActionEvent ActionListener
AdjustmentEvent AdjustmentListener
ItemEvent ItemListener
TextEvent TextListener
Each component class in the AWT has one addXXXListener( ) method for each event
type.
9.f. ABSTRACT WINDOW TOOLKIT (AWT)
Component Contructor Methods
Button
Button( ) setLabel(String)
Button("label") getLabel( )
Label
Label( ) getText( )

Label(String) setText(String)
Label(String, int) getAlignment( )
SetAlignment(int)
where Int is alignment. It may be Label.LEFT, Label.RIGHT, Label.CENTER
Checkbox
Checkbox( ) setLabel(string)
Checkbox(String) getLabel( )
Checkbox(String,grp,boolean) setState(boolean)
getLabel( )
Choice
Choice( ) getItem(int)
addItem(String) getItemcount( )
getSelectedItem( )
getSelectedIndex( )
TextComponent
TextField( ) getText( )
TextField(String, int) setText(String)
TextArea( )
TextArea(String, int, int) int represents rows and columns
List
List( ) getItem(int) int starts from 0
List(int,boolean) getItemCount( )
AddItem(String) select(int)
getSelectedItem( )
Scrollbar
Scrollbar( ) setValue(int)
Scrollbar(orient, value, visible, min, max) getValue( )
Layout Manger
A set of classes used to position the components in a container.

a. FlowLayout
b. BorderLayout
c. GridLayout
First create instantiate a layout manager class and use setLayout( ) method
Flow Layout
Lays components linewise from left to right
FlowLayout( )
FlowLayout(align, hgap, vgap)
Align – FlowLayout.LEFT, FlowLayout.RIGHT, FlowLayout..CENTER
Grid Layout
Position the components in the cellf of the grid.
GridLayout(int rwo, int col)
GridLayout( int rwo, int col, int hgap, int vgap)
Border Layout
Lays components relative to the edges of the container
BorderLayout( )
BorderLayout(int hgap, int vgap)
add("direction",item);
direction may be NORTH, SOUTH,EAST , WEST or CENTER
Insets(int, int, int, int)
Used to give spacing around the container
Panel
A panel class is a non-abstract, recursively nestable container.
Panel( )
9.g. Frames, Menus and Dialogs
Frame
11. Networking in Java
Java.net package
The objectives are
Network Datagram

Protocol DatagramPacket
Socket DatagramSocket
Client/Server TCP/IP
Internet (IP) Address Socket
Domain Name Service ServerSocket
InetAddress URL
Network is a set of computers physically connected together. It enables the sharing of
computer pheriperals and resources by different computers.
The communication between the computers requires certain set of rules called
protocols. Some important protocols are TCP/IP, HTTP, FTP, SMTP and NNTP. Port
no 21 is for FTP, 23 is for Telnet, 25 is for e-mail and 80 is for HTTP.
IP is a low-level routing protocol that breaks data into small packets and sends them to
an address across a network. TCP is a higher level protocol that manages string
together these packets, sorting and retransmitting them to reliably transmit your data.
UDP (user Datagram Protocol) can be used to support fast, connectionless, unreliable
transport of packets.
Socket is the place used to plug in just like electric sockets, from the socket the
communication starts.
Client is the machine, which sends some request to another computer. The computer
that does the request is called the Server.
A proxy server speaks the client side of protocol to another server. A client would
connect to a proxy server, which have no restrictions, and the proxy server would in
turn communicate for the client.
Every computer connected to the network has unique address it contains four numbers
between 0 and 255 separated by period. Ex is 80.0.0.50
It is very difficult to remember the IP of the computer. To overcome this problem
domain name service (DNS) is used. It maps the IP address by string of characters. Ex
is www.microsoft.com
InetAddress is a class, which is used to encapsulate IP address and DNS.
InetAddress getLoaclHost( ) throws unknowHostException
InetAddress getByName (String hostName)
InetAddress getAllByName (String hostName)
URL

Uniform Resource Locater. It contains four parts protocol, separated by : and //, host
name of IP address, port number, file path.
For ex http://www.starwave.com/index.html
Constructors of URL throws MalformedURLException
URL (String urlspecifier)
URL (String protocolName, String hostName, int port,String path)
URL (String protocolName, String hostName, String path)
getPort( ), getHost( ),getFile( ) and toExternalForm( )
To access content information of a URL, use url.openConnection( ) method.
Datagrams
Datagrams are bundles of information passed between machines. It contains two
classes
DatagramPacket for container of data
DatagramSocket for send or receive the DatagramPacket
DatagramPacket constructors are
DatagramPacket (byte data[ ], int size);
DatagramPacket (byte data[ ], int size, ipAddress, int port);
Methods of DatagramPacket are
InetAddress getAddress( ), int getPort( ) , byte( ) , getData( ) and
int getLength( )
DatagramSocket constructors are
DatagramSocket.send (DatagramPacket d);
DatagramSocket.receive (DatagramPacket p);
client.java
import java.net.*;
class client
{
public static DatagramSocket ds;
public static byte buffer[] = new byte[1024];
public static void main(String arg[]) throws Exception

{
ds = new DatagramSocket(6);
while(true)
{
String a;
DatagramPacket p = new DatagramPacket(buffer,buffer.length);
ds.receive(p);
a=new String(p.getData(),p.getLength(),1);
if (a.equals("q"))
{
System.out.println("Server response is shut off now");
return;
}
System.out.println(new String(p.getData(),0,p.getLength()));
}
}
}
server.java
import java.net.*;
class server
{
public static DatagramSocket ds;
public static byte buffer[] = new byte[1024];
public static void main(String a[]) throws Exception
{
InetAddress ia = InetAddress.getByName("rad-tm-04");
System.out.println(ia);
ds = new DatagramSocket(123);
int pos=0;
while(true)

{
int c = System.in.read();
switch(c)
{
case 'q':
System.out.println("Server quits");
return;
case 'r':
break;
case 'n':
ds.send(new DatagramPacket(buffer,pos,ia,456));
pos=0;
break;
default:
buffer[pos++] = (byte) c;
}
}
}
}
TCP/IP
TCP/IP sockets are used to implement reliable, bidirectional, persistent, point to point,
stream based connection between hosts on the Internet.
It contains two classes. They are Socket and ServerSocket. ServerSocket class is
designed to wait for clients to connect and Socket class is used to connect to
ServerSocket.
ServerSocket (int port)
ServerSocket (int port, int maxqu)
ServerSocket (int port, int maxqu, InetAddress localAddress)
ServerSocket has a method accept( ) that waits for client to initiate communication.
Socket (String hostName, int port)
Socket (InetAddress ipAddress, int port)

=============================================================
12. JDBC-ODBC
JDBC is a set of Java API for executing SQL statements.
Two-Tier Model
Client Machine
DBMS propictary protocol
Database server
Three-Tier Model
Client Machine(GUI)
HTTP, RMI, CORBA
Server Machine
DBMS-proprictary protocol
Database Serverk
Two-Tier Model
In Two-Tier Model, a Java applet or application talks directly to the database. This
requires a JDBC driver that can communicate with the particular database
management systems accessed. Users SQL statement is delivered to the database
and the results of those statements are sent to the user. This is referred to as
client/server configuration.
Three-Tier Model
In this a middle tier is introduced for fast performance. It sends the SQL statements to
the databases. The results of the query are send to middle tier, which sends them to
user.

1. getConnection( ) of DriverManager class is used to get connection object.
2. It prepares Statement Object to prepare SQL statement
3. The method executeQuery( ) is used to obtain ResultSet and the method
executeUpdate( ) is used to for deleting, updating or inserting records.
4. rollback( ) and commit( ) are used to undo or permanent save the changes.
Example :
a) Create a data base students in Ms-Access with table student containing the
following fields studid number, sname text, course text and marks number.
a. Create a datasource studentdsn in ODBC for the above database
b. Write the source file , compile and execute it.
import java.sql.*;
class dbappn
{
static connection con;
public static void main(String a[ ]) throws Exception
{
class.forName("sun.jdbc.odbc.JdbcOdbcdriver");
open( );
select( );
insert( );
delete( );
update( );
select( );
close( );
}
static void open( ) throws SQLException
{
/*con = DriverManger.getConnection("dsn","username","pwd"); */
con = DriverManager.getConnection("jdbc:odbc:student","palani","kumar");

con.setAutoCommit(false);
}
static void close( ) throws SQLException
{
con.commit( );
con.close( );
}
static void select( ) throws SQLException
{
Statement stmt = con.createStatement( );
ResultSet rs = stmt.executeQuery("Select * from student");
Boolean more = rs.next( );
If (!more)
{
System.out.println("No rows found");
Return ;
}
while(more)
{
System.out.println("ID " : " + rs.getString("studid"));
System.out.println("Name : " + rs.getString("sname"));
System.out.println("Course : " + rs.getstring("course"));
System.out.println("Marks : " + rs.getString("marks"));
more = rs.next( );
}
rs.close( );
stmt.close( );
}
static void insert( )
{

try{
int rows = stmt.executeUpdate("Insert into
student
values(100, ‘Subash’,’Java’,80)");
con.commit( );
stmt.close( );
System.out.println(rows + " row added");
} catch(SQLException s) { System.out.println("Error"); }
}
static void delete( )
{
try{
int rows = stmt.executeUpdate("Delete from
student
where id = 100;
con.commit( );
stmt.close( );
System.out.println(rows + " row deleted");
}
static void update( )
{
try{
int rows = stmt.executeUpdate("Update
student
set marks = 90 where id =100 ;
con.commit( );
stmt.close( );

System.out.println(rows + " row added");
}
}
13. Remote Method Invocation (RMI)
RMI allows java object that executes on one machine to invoke a method that
executes on another machine. This is the one method of creating distributed
application.
Steps to create client/server application using RMI
1. Write source code for interface, server and client program and compile them.
2. Generate Stubs and Skeletons classes by compiling server program using RMI compiler
3. Install files on client and server machines.
4. start rmiregistry on server machine to map server name to object reference
5. Execute the server program by java server.
6. Execute the client program on client machine by java client localhost args
inter.java
import java.rmi.*;
public interface inter extends Remote
{
public void getdata(int m,int n) throws RemoteException;
int adddata() throws RemoteException;
}
client.java
import java.rmi.*;
public class client
{
public static void main(String arg[])

{
try
{
int a = Integer.parseInt(arg[1]);
int b = Integer.parseInt(arg[2]);
int result;
inter i = (inter) Naming.lookup("rmi://" + arg[0] + "/Addserver");
System.out.println("client");
i.getdata(a,b);
result = i.adddata();
System.out.println(result);
}catch(Exception e)
{
System.out.println("error " + e);
}
}
}
server.java
vbnm,import java.rmi.*;
import java.rmi.server.*;
public class server extends UnicastRemoteObject implements inter
{
int x,y;
public server() throws RemoteException
{
}
public int adddata() throws RemoteException
{
return x+y;

}
public void getdata(int m, int n) throws RemoteException
{
x=m; y=n;
}
public static void main(String arg[])
{
try
{
server s = new server();
Naming.rebind("Addserver",s);
}
catch(Exception e)
{
System.out.println("Exception e");
}
}
}
Comp Constructor Methods
label
JLabel(Icon I)
JLabel(String s)
JLable(String s, Icon I, int align)
Icon getIcon( )
String getText( )
void setIcon(Icon I)
void setText(String
s)
Text Field JTextField( )
JTextField(int cols)
JTextField(String s)

JTextField(String s, int cols)
Buttons
JButton(Icon i)
JButton(String s)
JButton(String s, Icon I)
CheckBox
JCheckBox(Icon I)
JCheckBox(String s)
JCheckBox(Icon I, boolean)
JChcekBox(String s, boolean)
JCheckBox(String s, Icon I, boolean)
Radio
Buttons
JRadioButton(Icon I)
JRadioButton(String s)
JRadioButton(String s, boolean)
JRadioButton(s, I, boolean)
Combo
Box
JComboBox( )
JComboBox(Vector v)
Tabbed
Panes
JTabbedPane( ) addTab(title, comp)
Scroll
Panes
JScrollPane(comp)
JScrollPane(int vsb, int hsb)
JScrollPane(comp, vsb, hsb)
Trees
JTree(HashTable h)
JTree(Object ob[])
JTree(TreeNode t)
JTree(Vector v)

Tables
JTable(Obect data[][], Object
colheads[])
Icons
Method
Int getIconHeight( )
int getIconWidth( )
void paintIcon(comp, Graphics, x, y)
void setDisabledIcon(icon)
void setPressedIcon(icon)
void setSelectedIcon(icon)
void setRolloverIcon(icon)
Scroll Panes
JScrollPane(comp, vsb, hsb)
The vsb, hsb constants are
ScrollPaneConstants.HORIZONTAL_SCROLLBAR_ALWAYS
ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED
ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS
ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED
Example :
import javax.swsing.*;
import java.awt.*;
public class Jlabel extends JApplet
{

public void init( )
{
Container cp = getContentPane( );
ImageIcon ii = new ImageIcon("Birds");
JLabel jl = new JLabel("Birds",ii,JLabel.Center);
Cp.add(jl);
}
}
Example :
import javax.swing.*;
import java.awt.*;
public class jscroll extends JApplet
{
public void init( )
{
Container CP = getContentPane( );
Jpanel jp = new Jpanel( );
jp.setLayout(new GridLayout(20,20));
int b = 0;
for(int ii = 0; I<20; I++)
{
for(k=0;k<20;k++)
{
jp.add(new JButton("Button " + b));
b++;
}
}

int v = ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED
int h=ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED;
JScrollPane jsp = new JscrolPane(jp, v, h) ;
CP.add(jsp, BorderLayout.CENTER);
}
}
Example :
Servlets
Servlets are small programs that execute on the server side of a Web connection,
used to extend the functionality of a Web Server.
JSDK
Java Servlet Development Kit (JSDK) contains class libraries to create servlets. It
contains the utility servletrunner to test the servlets. The basic life cycles of servlets
are init( ), service( ) and destroy( ). The steps to create a servlets are
1. Create and compile the servlet source code.
2. Start the servletrunner utility.
3. Start a Web browser and reuest the servlet.
Adv of servlets over CGI :
o Performance is better. Creating a separate process to handle each client reuest
isn't necessry.
o Servlets are platform-independent, because they are written in Java.
o The Java Security Manager on the server enforces a set of restrictions to protect
the resources on a server machine.
o The full functionality of Java class is available to the servlet. It can communicate
with applets, databases or other software via sockets and RMI.
The javax.servlet package
Interfaces Class Methods
Servlet GenericServlet Init(ServletConfig sc )

ServletRequest ServletInputStream
Service(ServeltRequest req,
ServletResponse res
ServletResponse ServletOutputStream void destroy( )
ServletConfig ServletException
ServletConfig
getServletConfig( )
ServletContext UnavailableException
SingleThreadModel
The first two methods throws SerlvelException
The javax.servlet.http Package
Interface Class
HttpServletRequest Cookie
HttpServletResponse HttpServlet
HttpSession HttpSessionBindingEvent
HttpSessionBindingListener HttpUtils
HttpSessionContext
Example :

Step 1 : colorGet.html
<html>
<body>
<center>
<form name ="form1" method ="get"
action=<http://localhost:8080/servlet/colorGetServlet">
<B> color : </B>
<Select name="color" size="1">
<option value = "Red"> Red </option>
<option value="Blue"> Blue </option>
</select>
<br> <br>
<input type = submit value="submit">
</form>
</body>
</html>
Step 2 : colorGetSelvlet.java
import java.io.* ;
import javax.servlet.*;
import javax.servlet.http.*;
public class colorGetServlet extends HttpServlet
{
public void doGet (HttpServlet request, HttpServletResponse response)
throws ServletException, IOException
{
String color = request.getParameter("color");
response.setContentType("text/html");
PrintWriter pw = response.getWriter( );
pw.println("<B> The selected color is : " );

pw.println(color);
pw.close( );
}
}
Step 3: compile the above program colorGetServlet.java
Step 4 : start servlet runner by c:javawebbrowser2.0jserv
Step 5: Display the web page in the browser. Select a color and submit.
System design

Design phase
List of the Modules
1. Encryption
2. Decryption

3. Crypto Analysis
Description of Modules
Encrypting the Text
Code Caeser
Code Substitution
Decrypting the Text
Decode Caeser
Decode Substitution
Crypto Analysis
Editing the Text
Functionality of the Modules
Internet Security Evaluation System is formally the art of encoding data in a way that only the
intended recipient can decode it, and know that the message is authentic and unchanged. Internet
Security Evaluation System means different things to different people. This ISES is basically

designed to send the documents to the client in a safe and secure mode operation. The aim of the
system is to protect the documents from tampering and hacking mechanism prevail in the
internet transmission. This project will protect the documents from hacking and tampering by
converting the document into unreadable format and un hack able format. This format can be
converted by the receiver or client once he receives the documents. For this the receiver has to
receive the key specified by the sender through phone or any mode of transmission separately.
This code will enable the receiver to convert the document into the original format.
7. Crypto Analysis
Functionality of the project
Internet Security Evaluation System ISES is an application which enables the
user to store the data in the computer and when he is sending the data to others through
the internet the data has to be protected against the hacking techniques of the hackers.
Using this ISES the client who receives the data has to be read.
ISES is basically designed for data protection. This data protection will be applicable for
Internet transmission. The data has to be protected in the internet transmission
environment which is filled with hacking techniques.

Hacking Techniques are used by the hackers. The hackers usually known persons who
knows our operations. The hackers will hack our system and steal the data. The hacker
should know what data he want to steal. The hacker should know what type of environment
will be used by the user. The hacker may be nothing but our associate. The hacker will be
keeping an eye on which sharing techniques the user is transmitting the data to the client.
The hacking technique is nothing but capturing the password of the system or software
application from which we transfer the data. The hacker will write a code on java, .net, c++
or C languages to unveil the password of the internet sharing software. The code will be
executed to crack the password of the internet sharing software. The hacker should have a
powerful internet connection. The hacker will download all the internet sharing software
and open the software applications which will be used by the user. Once the user come on
line the application will ask the password, immediately the hacker will apply the code to
crack the application. Then automatically the transmitted data will be captured by the
hacker. While any hacker is capturing the data from the user it will not be known to the
user.
It is obvious that the data is transferred from one place to another place through the
sharing software applications like team viewer etc can easily hacked by the hackers.
Because the hacking techniques are very powerful to crack the passwords of any
applications.
Team Viewer Application for internet sharing of Data: This application is a internet sharing
application which is widely used by the world. This software has latest features to share the
desk top and the required drives in the system. Using this software the user can share his
desktop or system or file transfer to the client. The client will be given the password of user.
The client will open team viewer and enter the user name and password of the user. Hence
the client will view the desk top or transfer of file into his system. The user name will be
standard but the password will be changing in accordance with the user wish.
The hacker should know the user about the team viewer and user name. Then he will type
the user name and use the cracking system to crack the password. The hacker will view the

data what is transferred by the user to the client. But the data which is transmitted by the
user is un readable format.
Hence the project team has evaluated the internet security transmission data technique
which will protect the data from the hackers and their hacking techniques. The project team
has named the system as internet security evaluation system ISES.
ISES basically a data transmission system developed in java technologies. This system is
developed in four ciphers and with the combination of two algorithms. This ISES will be
used by the user to transmit the data into unreadable format. in the process of transmission
of data into unreadable format a key will be generated by the ISES. This key will be
preserved by the user.
The user will transmit the data through the internet sharing software applications. The
hacker tries to capture the data. But the data will be hacked will be in unreadable and un
editable format. The hacker can not understand or re transmit the data into readable
format by using any crypto systems.
The data will be transmitted by the user with a specific combinations and permit ions of the
algorithms specified by the user. The ISES will be provided to the client of the user. Except
the client no body can re transform the data in to original text. Here another factor to
retransmit the data ie Key. Once the user transmit the data in to unreadable format ISES will
generate the key which reveals the combination of ciphers and algorithms for conversion of
data. The user will transmit the unreadable data through the sharing software applications
or mails to the client and also he will inform the key to the client.
The Client will use the ISES along with the key supplied by the user to re transform into the
original text. The retransformation system will be done by the client of the user with help of
key. With out key no one can re transform the data.

Hence the ISES plays a vital role to protect the data which will be transmitted through
internet hacking pone area.
Interface Relationship among the modules
The encryption module will encrypt the text and store the encrypted text in a location.
The encrypted text will be decrypted with the help of key generated by the encryption module.
The editor enables the text to do the editing of the text and this is the interface module to
convert the text and send the same to a specified location.
The editor enables the user to view the original text format after decryption.
The editor is the interface to convert the encrypted text into original format for this the
features to keep the key and specify the location of the encrypted text. The button decrypt will
also available to decrypt the text.

Dependencies:
1. The decryption will be possible if the key and the location of the file is given.
2. The key will be generated only at the time of encrypting the text.
3. The key has to be stored properly along with the name of the file encrypted other wise
the decryption is not possible.
Error Messages:
1. If the key is wrongly typed by the user the error message should be populated.
PROCESS FLOW
Step 1: The application displays menu.
Step 2: Click on <Metal>, <CDE/ Motif>, or <Windows> to select and feel of the screens.
Step 3: Go to ‘File Menu’, select ‘New’ to open a new file.
Step 4: Enter the text in text area or select and open a file with text which is to be encoded.
Step 5: Go to ‘File Menu’, select ‘Save Coded’ and then select < Code Caeser>,
<Code Substitution>, <Code Vigenere Cipher>, or <Code MonoSubstitution>
and enter the respective key, to convert the text.
Step 6: Go to ‘File Menu’, select ‘Open Decoded’ and then select < Decode Caeser>,
< Decode Substitution>, < Decode Vigenere Cipher>, or <Decode MonoSubstitution> and enter
the respective key, to decode the already encoded file and to open the same.
Step 7: Click on <Crypto Analysis>, to view the file size and time taken for encoding and
decoding the file.
PROGRAMMING ENVIRONMENT
This application is developed in Java using java.awt and java.swings packages as a
stand-alone application.

Solutions Considered
•When developing the application, we have considered the features of applet and
•On the close examination of the system scope and its purpose we favoured the
•Though the above functionality can also be accomplished with applet.

TESTING
In the test phase various test cases intended to find the bugs and loop holes exist in the
software will be designed. During testing, the program to be tested is executed with a set of test
cases and the output of the program is performing as it is expected to.
Often when we test our program, the test cases are treated as “ throw away” cases.
After testing is complete, test cases and their outcomes are thrown away. The main objective of
testing is to find errors if any, especially the error uncovered till the moment. Testing cannot
show the absence of defects it can only show the defects that are a set of interesting test cases
along with their expected output for future use.
Software testing is crucial element and it represents at the ultimate review of
specification design and coding. There are black box testing and glass box testing. When the
complete software testing is considered Back box attitudes to the tests. That is concluded
predicted on a close examination of procedural detail.
The software is tested using control structures testing method under white box testing
techniques. The two tests done under this approach. One condition testing to check the Boolean
operator errors, Boolean variable errors, Boolean parenthesis errors etc. Loop testing to check
simple loops and tested loops.
Faults can be occurred during any phase in the software development cycle.
Verification is performed on the output in each phase but still some fault. We likely to remain
undetected by these methods. These faults will be eventually reflected in the code. Testing is
usually relied upon to detect these defaults in addition to the fault introduced during the code
phase .For this, different levels of testing are which perform different tasks and aim to test
different aspects of the system.

UNIT TESTING
Unit testing focuses verification effort on the smallest unit of software
design module. Using the detail design description as an important control path is tested to
uncover errors with in the boundary of the modules unit. Testing has many important results for
the next generation is to be easy. The unit testing considers the following condition of a program
module while testing.
Interface
Logical data structure
Boundary data structures
Independent path
Error handling path
In the project Budget Analysis System we have done the unit testing. The table applied out the modules
or interface test to answer that information properly flows into and out of the program unit under test.
The local data structure is examine to ensure that data stores temporary monitors its integrity during all
steps in algorithm execution. Boundary conditions are tested to ensure that the module operates
properly at boundaries, establish to limit on restrict proclaim.
Testing

Test Cases
1 Crypto Systems
1.1 Verify that the application is properly invoked.
1.2 Verify that ‘File’, ‘Edit’ and ‘Crypto Analysis’ menu items should be displayed, after invoking
the application.
2 File
2.1 Verify that in ‘File’ menu, ‘New’, ‘Open’, ‘Save’, ‘Save coded’, ‘Open coded’ and ‘Exit’ menu
items should be displayed.
2.2 Verify that the functionality of ‘New’ Menu item in “File” menu, to open a new file.
2.3 Verify that the functionality of ‘Open’ Menu item in “File” menu, to open an existing file.
2.4 Verify that in ‘Save coded’ menu item in “File” menu, ‘code Caeser’, ‘code Substitution’,
‘code
Vigenere Cipher’ and ‘code MonoSubstitution’ sub options should be displayed.
2.5 Verify that by selecting ‘code Caeser’ sub option in ‘Save coded’ menu item after entering
the
text in text area, “Enter one alphabet key please” message should be displayed.
2.6 Verify that after entering one alphabet key, ‘Save’ dialog box should be displayed.
2.7 Verify that after entering file name in ‘Save’ dialog box, the file should be saved in respected
folder in encrypt mode.
2.8 Verify that by selecting ‘code Substitution’ sub option in ‘Save coded’ menu item after
entering
the text in text area, “Enter 26 alphabets key please. The alphabets must not be repeated”
message should be displayed.
2.9 Verify that after entering 26 alphabets, ‘Save’ dialog box should be displayed.
2.10 Verify that after entering file name in ‘Save’ dialog box, the file should be saved in
respected

2.11 Verify that by selecting ‘code Vigenere Cipher’ sub option in ‘Save coded’ menu item after
entering the text in text area, “Enter alphabetic key please” message should be displayed.
2.12 Verify that after entering invalid key, “The key must be less than the text to be coded”
2.13 Verify that after entering valid key, ‘Save’ dialog box should be displayed.
respected
2.15 Verify that by selecting ‘code MonoSubstitution’ sub option in ‘Save coded’ menu item
after
entering the text in text area, “Enter character key please” message should be displayed.
2.16 Verify that after entering character key, ‘Save’ dialog box should be displayed.
respected
2.18 Verify that in ‘Open decoded’ menu item in “File” menu, ‘decode Caeser’, ‘decode
Substitution’, ‘decode Vigenere Cipher’ and ‘decode MonoSubstitution’ sub options should be
displayed.
2.19 Verify that by selecting ‘decode Caeser’ sub option in ‘Open decoded’ menu item, “Enter
one
alphabet key please” message should be displayed.
3
TEST CASE REPORT
CRYPTO SYSTEMS VERSION: 1.0
2.20 Verify that after entering correct alphabet key, ‘Open’ dialog box should be displayed.
2.21 Verify that after entering file name in ‘Open’ dialog box, the file should be opened in text
area
in decode mode.

2.22 Verify that by selecting ‘decode Substitution’ sub option in ‘Open decoded’ menu item,
“Enter
26 alphabets key please. The alphabets must not be repeated” message should be displayed.
2.23 Verify that after entering correct 26 alphabets, ‘Open’ dialog box should be displayed.
area
in decode mode.
2.25 Verify that by selecting ‘decode Vigenere Cipher’ sub option in ‘Open decoded’ menu item,
“Enter alphabetic key please” message should be displayed.
2.26 Verify that after entering invalid key, “The key must be less than the text to be coded”
2.27 Verify that after entering valid key, ‘Open’ dialog box should be displayed.
area
in decode mode.
2.29 Verify that by selecting ‘decode MonoSubstitution’ sub option in ‘Open decoded’ menu
item,
“Enter character key please” message should be displayed.
2.30 Verify that after entering correct character key, ‘Open’ dialog box should be displayed.
area
in decode mode.
2.32 Verify that the functionality of ‘Exit’ Menu item in “File” menu, to close the application.
3 Edit
3.1 Verify that in ‘Edit’ menu, ‘Cut’, ‘Copy’, ‘Paste’ and ‘Font’ menu items should be displayed.
3.2 Verify that the functionality of ‘Cut’ Menu item in “Edit” menu, the selected text should be
cut.
3.3 Verify that the functionality of ‘Copy’ Menu item in “Edit” menu, the selected text should be
copied.

3.4 Verify that the functionality of ‘Paste’ Menu item in “Edit” menu, the selected text should
be
pasted.
3.5 Verify that the functionality of ‘Font’ Menu item in “Edit” menu, the selected text color
should
be displayed.
4 Crypto Analysis
4.1 Verify that in ‘Crypto Analysis’ menu, ‘Analyse Ceaser’ menu item should be displayed.
4.2 Verify that the functionality of ‘Analyse Ceaser’ Menu item in “Crypto Analysis” menu, “The
time taken for cipher analysis for ‘_’ bytes is ‘_’ milli seconds” message should be displayed
after completion of encode or decode mode.
4

Internet Security Evaluation System Test Case ID Description Pass / Fail
1.1 Verify that the application is properly invoked. Pass 1.2
Verify that ‘File’, ‘Edit’ and ‘Crypto Analysis’ menu items should be displayed, after invoking the
application. Pass
2 File
Test Case ID Description Pass / Fail
2.1
Verify that in ‘File’ menu, ‘New’, ‘Open’, ‘Save’, ‘Save coded’, ‘Open coded’ and ‘Exit’ menu items should
be displayed. Pass
2.2
Verify that the functionality of ‘New’ Menu item in “File” menu, to open a new file. Pass
2.3
Verify that the functionality of ‘Open’ Menu item in “File” menu, to open an existing file. Pass
2.4
Verify that in ‘Save coded’ menu item in “File” menu, ‘code Caeser’, ‘code Substitution’, ‘code Vigenere
Cipher’ and ‘code MonoSubstitution’ sub options should be displayed. Pass
2.5
Verify that by selecting ‘code Caeser’ sub option in ‘Save coded’ menu item after entering the text in text
area, “Enter one alphabet key please” message should be displayed. Pass
2.6
Verify that after entering one alphabet key, ‘Save’ dialog box should be displayed. Pass
2.7
Verify that after entering file name in ‘Save’ dialog box, the file should be saved in respected folder in
encrypt mode. Pass
2.8
Verify that by selecting ‘code Substitution’ sub option in ‘Save coded’ menu item after entering the text in
text area, “Enter 26 alphabets key please. The alphabets must not be repeated” message should be
displayed. Pass
2.9
Verify that after entering 26 alphabets, ‘Save’ dialog box should be displayed. Pass
2.10

encrypt mode. Pass
2.11
Verify that by selecting ‘code Vigenere Cipher’ sub option in ‘Save coded’ menu item after entering the
text in text area, “Enter alphabetic key please” message should be displayed. Pass
2.12
Verify that after entering invalid key, “The key must be less than the text to be coded” message should be
displayed. Pass
2.13
Verify that after entering valid key, ‘Save’ dialog box should be displayed. Pass
2.14 Verify that after entering file name in ‘Save’ dialog box, the file Pass
3
UNIT TEST REPORT
Internet Security Evaluation System VERSION: 1.0
should be saved in respected folder in encrypt mode.
2.15
Verify that by selecting ‘code MonoSubstitution’ sub option in ‘Save coded’ menu item after entering the
text in text area, “Enter character key please” message should be displayed. Pass
2.16
Verify that after entering character key, ‘Save’ dialog box should be displayed. Pass
2.17
encrypt mode. Pass
2.18
Verify that in ‘Open decoded’ menu item in “File” menu, ‘decode Caeser’, ‘decode Substitution’, ‘decode
Vigenere Cipher’ and ‘decode MonoSubstitution’ sub options should be displayed. Pass
2.19
Verify that by selecting ‘decode Caeser’ sub option in ‘Open decoded’ menu item, “Enter one alphabet
key please” message should be displayed. Pass
2.20
Verify that after entering correct alphabet key, ‘Open’ dialog box should be displayed. Pass
2.21
Verify that after entering file name in ‘Open’ dialog box, the file should be opened in text area in decode
mode. Pass
2.22

Verify that by selecting ‘decode Substitution’ sub option in ‘Open decoded’ menu item, “Enter 26
alphabets key please. The
alphabets must not be repeated” message should be displayed.
Pass
2.23
Verify that after entering correct 26 alphabets, ‘Open’ dialog box
should be displayed. Pass
2.24
mode. Pass
2.25
Verify that by selecting ‘decode Vigenere Cipher’ sub option in ‘Open decoded’ menu item, “Enter
alphabetic key please” message should be displayed. Pass
2.26
Verify that after entering invalid key, “The key must be less than the text to be coded” message should be
displayed. Pass
2.27
Verify that after entering valid key, ‘Open’ dialog box should be displayed. Pass
2.28
mode. Pass
2.29
Verify that by selecting ‘decode MonoSubstitution’ sub option in ‘Open decoded’ menu item, “Enter
character key please” message should be displayed. Pass
2.30
Verify that after entering correct character key, ‘Open’ dialog box should be displayed. Pass
2.31
mode. Pass
4
UNIT TEST REPORT
Internet Security Evaluation System
2.32
Verify that the functionality of ‘Exit’ Menu item in “File” menu, to close the application. Pass
3 Edit

3.1
Verify that in ‘Edit’ menu, ‘Cut’, ‘Copy’, ‘Paste’ and ‘Font’ menu items should be displayed. Pass
3.2
Verify that the functionality of ‘Cut’ Menu item in “Edit” menu, the selected text should be cut. Pass
3.3
Verify that the functionality of ‘Copy’ Menu item in “Edit” menu, the selected text should be copied. Pass
3.4
Verify that the functionality of ‘Paste’ Menu item in “Edit” menu, the selected text should be pasted. Pass
3.5
Verify that the functionality of ‘Font’ Menu item in “Edit” menu, the selected text color should be displayed.
Pass
4 Crypto Analysis
4.1
Verify that in ‘Crypto Analysis’ menu, ‘Analyse Ceaser’ menu item should be displayed. Pass
4.2
Verify that the functionality of ‘Analyse Ceaser’ Menu item in “Crypto Analysis” menu, “The time taken for
cipher analysis for ‘_’ bytes is ‘_’ milli seconds” message should be displayed after completion of encode
or decode mode. Pass

A product software implementation method is a systematically structured approach to
effectively integrate a software based service or component into the workflow of an
organizational structure or an individual end-user.
This entry focuses on the process modeling (Process Modeling) side of the implementation
of “large” (explained in complexity differences) product software, using the
implementation of Enterprise Resource Planning systems as the main example to elaborate
on.
Overview
A product software implementation method is a blueprint to get users and/or organizations
running with a specific software product. The method is a set of rules and views to cope
with the most common issues that occur when implementing a software product: business
alignment from the organizational view and acceptance from the human view.
The implementation of product software, as the final link in the deployment chain of
software production, is in a financial perspective of a major issue. It is stated that the
implementation of (product) software consumes up to 1/3 of the budget of a software
purchase
Implementation complexity differences
The complexity of implementing product software differs on several issues. Examples are:
the number of end users that will use the product software, the effects that the
implementation has on changes of tasks and responsibilities for the end user, the culture
and the integrity of the organization where the software is going to be used and the budget
available for acquiring product software.
In general, differences are identified on a scale of size (bigger, smaller, more, less). An
example of the “smaller” product software is the implementation of an office package.
However there could be a lot of end users in an organization, the impact on the tasks and
responsibilities of the end users will not be too intense, as the daily workflow of the end

user is not changing significantly. An example of “larger” product software is the
implementation of an Enterprise Resource Planning system. The implementation requires in-
depth insights on the architecture of the organization as well as of the product itself, before
it can be aligned. Next, the usage of an ERP system involves much more dedication of the
end users as new tasks and responsibilities will never be created or will be shifted.
Software customization and Business Process Redesign
Process modeling, used to align product software and organizational structures, involves a
major issue, when the conclusion is drawn that the product software and the organizational
structure do not align well enough for the software to be implemented. In this case, two
alternatives are possible: the customization of the software or the redesign of the

organizational structure, thus the business processes.
Customizing the software actually transforms the product software in tailor-made software,
as the idea of standardized software no longer applies. This may result in loss of support on
the software and the need to acquire consultancy when issues arise in the usage of the
software. Customizing however results in a situation where the organizational integrity is

not adjusted, which puts less pressure on the end users, as less changes or shifts in
workflows are required. This fact may positively add to the acceptance of any new (product)
software application used and may thus decrease the implementation time and budget on
the soft side of the implementation budget.
Redesigning business processes is more sensible for causing resistance in the usage of
product software, as altered business processes will alter tasks and responsibilities for the
end users of the product software. However, while the product software is not altered,
better support, training and service levels are possible, because the support was created for
the specific integrity of the software.
Implementation Frameworks
The guiding principle versus the profession
Another issue on the implementation process of product software is the choice, or actually
the question, to what extent an implementation method should be used.
Implementation methods can on the one hand be used as a guiding principle, indicating that
the method serves as a global idea about how the implementation phase of any project
should run. This choice leaves more room for situational factors that are not taken into
account in the chosen method, but will result in ambiguity when questions arise in the
execution of the implementation process.
On the other hand methods can be used as a profession, meaning that the method should
be taken strict and the usage of the method should be a profession, instead of a guiding
principle. This view is very useful if the implementation process is very complex and is very
dependent on exact and precise acting. Organizational and quality management will

embrace this view, as a strict usage of any method results in more clarity on organizational
level. Change management however might indicate that more flexibility in an
implementation method leaves more room for the soft side of implementation processes.
Implementation frameworks
Apart from implementation methods serving as the set of rules to implement a specific
product or service, implementation frameworks serve as the project managed structure to
define the implementation phase in time, budget and quality.

Several project management methods can serve as a basis to perform the implementation
method. Since this entry focuses on the implementation of product software, the best
project management methods suitable for supporting the implementation phase are project
management methods that focus on software and information systems itself as well. The
applicability of using a framework for implementation methods is clarified by the examples
of using DSDM and Prince2 as project management method frameworks.rony
DSDM
The power of DSDM is that the method uses the principles of iteration and incremental
value, meaning that projects are carried out in repeating phases where each phase adds
value to the project. In this way implementation phases can be carried out incrementally,
adding value to for example the degree of acceptance, awareness and skills within every
increment [F. Von Meyenfeldt, Basiskennis projectmanagement, Academic Service 1999].
Besides in the management of chance scope, increments are also usable in the process
modeling scope of implementation phases. Using increments can align process models of
business architectures and product software as adding more detail in every increment of the
phase draws both models closer. The DSDM also has room for phased training,
documentation and reviewing.
The image below illustrates how implementation phases are supported by the usage of
DSDM, focusing on management of change, process modeling and support.
Prince2
As DSDM does, the Prince2 method acknowledges implementation as a phase within the
method. Prince2 consists of a set of processes, of which 3 processes are especially meant for
implementation. The processes of controlling a stage, managing product delivery and
managing stage boundaries enable an implementation process to be detailed in with factors
as time and quality. The Prince2 method can be carried out iteratively but is also suitable for
a straight execution of the processes.
The profits for any implementation process being framed in a project management
framework are:

Clarity
An implementation framework offers the process to be detailed in with factors such as time,
quality, budget and feasibility.
Iterative, incremental approach
As explained, the possibility to execute different phases of the implementation process
iteratively enables the process to be executed by incrementally aligning the product to be
implemented with the end-user (organization).
Assessments
Using an embedded method brings the power that the method is designed to implement
the software product that the method comes with. This suggests a less complicated usage
of the method and more support possibilities. The negative aspect of an embedded method
obviously is that it can only be used for specific product software. Engineers and
consultants, operating with several software products, could have more use of a general
method, to have just one way of working.
Using a generic method like ERP modeling has the power that the method can be used for
several ERP systems. Unlike embedded methods, the usage of generic methods enables
engineers and consultants that operate in a company where several ERP systems are
implemented in customer organizations, to adapt to one specific working method, instead
of having to acquire skills for several embedded models. Generic methods have however the
lack that implementation projects could become too situational, resulting in difficulties and
complexity in the execution of the modeling process, as less support will be available.
Managing project delivery is essential to avoid the common problems of the software
solution not working as expected or crashing out due to multiple users accessing the system
at the same time. The keys to project delivery are: successful implementation of the
software, managing the business change and scaling up the business use quickly.

Successful Implementation
Successful implementation of the software must be planned carefully. In short there are two
key options for delivering the software -- big bang or phased release:
A "big bang" deployment or release software to all users at the same time
Phased deployment or release software to users over a period of time for example by
department or by geographical location. The project needs to make a considered decision
on the best way to release a software solution to the business. Business will often choose a
phased deployment, consequently reducing project risk because if there is some problem
the business impact is reduced. In addition, the project deployment of software includes:
Cleanup of the "test" environment following successful completion of testing
Preparation of project deployment to the business such as setting up user accounts to
access the system and ensuring any lists of values have valid values Deploying the software
to the "production" environment ready for normal business use. Plan and mechanism to
back out of production software deployment if the process goes wrong for some
unexpected reason, restoring the business to its pre-deployment state. Some of these ideas
have developed from IT Service Management and its discipline of Release Management - for
more background read: Release Management: Where to Start? Project management should
borrow and evolve good ideas whenever needed.

Managing the Business Change of Project Delivery
Project deployment of the software to the business units such that they are able to use it
from a specified date/time is not enough by itself. Managing the business change is an
essential part of project delivery and that needs to include:
Building awareness within the business of the software solution through communication
Developing business support and momentum to use the solution through stakeholder
engagement Planning and executing the training plan for business users and administrators
Business plan to exploit the use of the solution and to scale up the numbers of users Setting
up and operating a customer board to manage the evolution of the solution

Future Enhancements: Future enhancements of current ISES systems include making I S E S
more secure, increasing the transmission distance of fiber-optic lines,
increasing encryption rates and making the technology wireless. One
might think I S E S systems are unconditionally secure because of the
quantum mechanics theory used, but the theory can only be solid if I S
E S hardware transmits single photons. Current I S E S implementations
do not transmit single protons, but bursts of protons. With photon bursts
instead of single protons, eavesdropping attacks are possible because
Eve could siphon
off individual photons without being detected. One proposal, introduced by Toshiba,
for making I S E S systems more secure is by sending randomly interspersed pulses
within the quantum signal called decoy pulses [Graham07]. These decoy pulses are of
weakened strength than the real quantum signals, which means the decoy pulses
rarely contain more than one photon. So, the sender
and receiver can monitor the ratio of decoy pulses to real quantum singles that made
it through to determine if an eavesdropper was present. With decoy pulses, Eve will
have a harder time siphoning meaningful photons, decreasing the level of
vulnerability of the I S E S system. This approach would also increase the
transmission distance and encryption rate by 100-fold because stronger quantum
pulses can be used. Another advancement for making I S E S systems more secure is
the development of a light emitting diode capable of emitting a single photon more
reliably [Graham07]. Toshiba.s methodology is to create an array of quantum dots,
each about 45 nanometers in diameter, for emitting a single photon. This
advancement would increase the level of security offered by current I S E S systems,
but does not resolve the transmission distance and encryption rate limitations. The
most promising advancement to I S E S systems is the wireless application.

Conclusion
ISES is a stand-alone application that involves cryptography. Its purpose is to hide the meaning
of a message rather than its existence. Cryptography is used in many applications that touch
everyday life including the security of ATM cards, computer passwords, and electronic
commerce. The objective of the Crypto Systems is to provide an abstract view of the operations
such as:
• Encrypting the given text and saving it to the desired location.
• Decrypting the given text and displaying the decrypted text.
Cryptosystem is playing a vital roll in ISES to convert the data into un tampered in hacking
mechanisms. ISES has served the purpose of transmitting the data through internet. This user can
incorporate ISES in sending mail and sending data through remote desk top sharing systems. By
using this system the data which is transmitting will not get hacked or tampered by any hackers.
• The project has been appreciated by all the users.
• It is easy to use, since it uses the GUI provided in the user dialog.
• User friendly screens are provided.
• The usage of software increases the efficiency, decreases the effort.
• It has been efficiently employed as a Site management mechanism.
• It has been thoroughly tested and implemented.

FAQS
What is the most obvious difference between a stand-alone project and Applet?
The most obvious way that stand-alone applications differ from applets is the static main()
method. This method is ignored when a class is run as an applet, but is required to start the
program if the class is run as an application. The difference is based on the environment that
starts the class. This enables the same class to function as either an applet or an application.
Can the same application be implemented in an Applet without changes to
the code?
No. To run stand-alone application a main() method is required whereas, in an Applet we call
the init(), so if an applet is converted to a stand-alone application, these methods must be
explicitly called in main().
Given the scope of the project, in case it is implemented in applet, does that
result in any overheads?
Yes. Applets are meant to be run in an external viewer, such as a Web browser. Therefore,
applets inherit all the overhead of the viewer in which they are running. Applications, on the
other hand, are meant to be run in the Java interpreter on a local machine. Without the
overhead associated with Java applets, Java applications can provide users with better
performance. Better performance translates to improved response times and, possibly,
increased productivity.
It is fine when stand-alone project handles a file. Cannot an applet
accomplish this?
In Java-enabled browsers, entrusted applets cannot read or write files at all. By default,
downloaded applets are considered entrusted.

BIBLIOGRAPHY
http://wareseeker.com/free-what-is-cryptosyste
www.springerlink.com/index/ur4p561860141805
http://southcentral.edu/cc/course/java.html
ece.gmu.edu/courses/ECE746/project/specs_2006/ECC_IN_SW.pdf
http://privacy.cs.cmu.edu/courses/java3/syllabus.html

Internet security evaluation system documentation nikitha

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Similar to Internet security evaluation system documentation nikitha

Similar to Internet security evaluation system documentation nikitha (20)

Internet security evaluation system documentation nikitha