Date post: | 04-Apr-2018 |
Category: |
Documents |
Upload: | gautam-sharma |
View: | 222 times |
Download: | 0 times |
of 32
7/30/2019 Secure Email Transaction System
1/32
7/30/2019 Secure Email Transaction System
2/32
1.2.4 Java mail API 9
1.3 TOOL STUDY 10
1.3.1 Java 10
1.3.2 MS Access 15
2. SYSTEM ANALYSIS 16
3. SYSTEM REQUIREMENT 19
4. SYSTEM SPECIFICATION 20
5. SYSTEM DESIGN 21
5.1 MAJOR SYSTEM DESIGN ACTIVITY 21
5.1.1 Input design 21
5.1.2 Output design 22
5.1.3 Program design 23
5.2 LOGICAL DESIGN 23
6. SYSTEM DEVELOPMENT 24
7. SYSTEM IMPLEMENTATION 25
8. TESTING 26
7/30/2019 Secure Email Transaction System
3/32
9. SCREENSHOTS 28
10. MAINTENANCE 33
11. CONCLUSION 34
RESUME 35
REFERENCES 36
LIST OF TABLES
TablePag
e
1.1 User Information 2
Figure
1.1 Encryption-Decryption
8.1 Desktop Form
8.2 Encrypti on F orm
8.3 Decryption Form
8.4 Key Manager
8.5 Key Generation
8.6 Mailing Form
LIST OF FIGURES
Page 4
28
29
30
31
31
32
7/30/2019 Secure Email Transaction System
4/32
1.1PROJECT OBJECTIVE
Communication is the backbone of any enterprise. Communication, without exchange of data, is unimaginable. In
the context of communication between Enterprise level applications, the amount of data would be huge. So using
traditional approaches in Electronic Data Interchange wouldn't suffice.
SETS is an innovative email system that provides high-level protection for emails on the Internet. SETS users
have safe and secure email correspondence. Only the sender and recipient of SETS can access emails sent through
this service. The design goal was to develop a set of interfaces that would help in setting up an emailing
environment. But the interfaces were such that the data could be sent not only to mail server, but also to any server
capable of understanding mail protocols. That brought almost every J2EE server into the picture. Thus APIs
created for mail exchange provided a means to exchange huge amounts of data.
1.2 PROJECT OVERVIEW
SETS has been developed on the principles of public key cryptography, which uses a pair of asymmetric keys
(public and private) for encryption/decryption. The public key is freely distributed to all interested parties, and can
only be used to encrypt data. The private key is available to a mailbox owner only, and it is used to decrypt
messages.
If anyone from the user's correspondents wants to write a secure letter to that user, he will encrypt the letter using
the user's public key.
The public key will be stored in the database as shown below
Table1.1 User Information
http://www.devarticles.com/%23%23http://www.devarticles.com/%23%237/30/2019 Secure Email Transaction System
5/32
CHAPTER 1 INTRODUCTION
uname Uemail uPubKeyRachael Senator Senator [email protected] 4642132158413213132123133Jeff Stevens jeff steve @rediffmail.com 3217891208461131321431479Tracy Witney Tracy005 @yahoo.com 9513973589265624044056463
When the email is received, the user decrypts it using the private key. No one can decrypt the message without the
private key. It is not possible to ascertain the private key from the public key.
The JavaMail Application Programming Interface (API) provides a set of abstract classes defining objects that
comprise a mail system. The API defines classes like Message, Store and Transport. The API can be extended and
can be subclassed to provide new protocols and to add functionality when necessary. In addition, the API provides
concrete subclasses of the abstract classes. These subclasses, including MimeMessage and MimeBodyPart,
implement widely used Internet mail protocols.
The JavaMail API doesn't properly validate authenticated user message number attribute, allowing authenticated
users to view other's messages. This is a loophole in mail API's which is overcome in this project using high end
security measures. It makes use of the complex Rivest Shamir Adleman(RSA) encryption algorithm to provide a
default security level to the client with the use public and private key pair. This involves generation of public and
private key pairs and encrypting the message typed. This level of security would definitely give the hackers a hard
chase to even coming close to knowing the message content.
1.2.1 Crytography
Cryptography is the study of mathematical techniques related to aspects of information security such as
confidentiality, data integrity, entity authentication, and data origin authentication. It is the science of encoding and
decoding secret messages.
Cryptography is the science of translating messages into ciphers or codes. The protection of sensitive
communications has been the purpose of cryptography for most of history. The beginnings of cryptology can be
traced to the hieroglyphics of early Egyptian civilization (1900 B.C.). Ciphering has always been considered vital
for diplomatic and military secrecy. Recent successes in applying certain aspects of computer science and physics
to cryptology seem to be leading to more secure systems in which encryption is implemented with sophisticated
digital electronics.
mailto:[email protected]:[email protected]7/30/2019 Secure Email Transaction System
6/32
Encryption is the process of taking any form of data (plaintext) message and scrambling it so that it becomes
unreadable to anyone, except the authorized receiver who has a key to decrypt it. Encryption produces a ciphertext
(coded message). The process of turning the ciphertext back into a plaintext is called decryption. Encryption and
decryption require the use of some secret information, called a key. Traditionally, Alice is the sender of the
information, Bob is the authorized receiver, and the eavesdropper is obviously name Eve. The basic problem of
distributing a key between Alice and Bob is to make a safe transfer despite eavesdropping attempts. A plaintext
message is encrypted using the key. Only a person with the same key can decrypt it back to the plaintext(Figure
1.1).
Cryptographic Goals
Of all the information security objectives the following four form a framework upon which the others will be
derived: (1) privacy or confidentiality ;(2) data integrity ; (3) authentication ; and (4) non-repudiation .
1.Confidentiality is a service used to keep the content of information from all but those authorized to have it.
Secrecy is a term synonymous with confidentiality and privacy.There are numerous approaches to providing
confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible.
2. Data integrity is a service which addresses the unauthorized alteration of data. To assure data integrity, one must
have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as
insertion, deletion, and substitution.
3. Authentication is a service related to identification. This function applies to both entities and information itself.
Two parties entering into a communication should identify
each other. Information delivered over a channel should be authenticated as to origin, date of origin, data content,
time sent, etc. For these reasons this aspect of cryptography is usually subdivided into two major classes: entity
authentication and data origin authentication. Data origin authentication implicitly provides data integrity (for if a
message is modified, the source has changed).
Fig 1.1 Encryption-Decryption
7/30/2019 Secure Email Transaction System
7/32
CHAPTER 1 INTRODUCTION
4. Non-repudiation is a service which prevents an entity from denying previous commitments
or actions. When disputes arise due to an entity denying that certain actions were taken, a
means to resolve the situation is necessary. For example, one entity may authorize the purchase
of property by another entity and later deny such authorization was granted. A procedure
involving a trusted third party is needed to resolve the dispute.
A fundamental goal of cryptography is to adequately address these four areas in both theory and practice.
Cryptography is about the prevention and detection of cheating and other malicious activities.
There are a number of basic cryptographic tools (primitives) used to provide information security. Examples of
primitives include encryption schemes , hash functions , and digital signature schemes which provides a schematic
listing of the primitives considered and how they relate.
These primitives should be evaluated with respect to various criteria such as:
1. Level of security. This is usually difficult to quantify. Often it is given in terms of the number of operations
required (using the best methods currently known) to defeat the intended objective. Typically the level of security is
defined by an upper bound on the amount of work necessary to defeat the objective. This is sometimes called the
work factor.
2. Functionality. Primitives will need to be combined to meet various information security objectives. The
primitives that are most effective for a given objective will be determined by the basic properties of the primitives.
3. Methods of operation. Primitives, when applied in various ways and with various inputs, will typically exhibit
different characteristics; thus, one primitive could provide very different functionality depending on its mode of
operation or usage.
4. Performance. This refers to the efficiency of a primitive in a particular mode of operation. (For example, an
encryption algorithm may be rated by the number of bits per second which it can encrypt.)
1.2.2 RSA Algorithm
The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in 1977. The basic
technique was first discovered in 1973 by Clifford Cocks of CESG (part of the British GCHQ) but this was a secret
until 1997.
The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the
difficulty of factoring large integers.
Key Generation Algorithm
7/30/2019 Secure Email Transaction System
8/32
1. Generate two large random primes, p and q, of approximately equal size such that their product n = pq is
of the required bit length, e.g. 1024 bits.
2. Compute n = pq and (9) phi = (p-1)(q-1).
3. Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1.
4. Compute the secret exponent d, 1 < d < phi, such that ed = 1 (mod phi).
5. The public key is (n, e) and the private key is (n, d). The values of p, q, and phi should also be kept secret.
n is known as the modulus.
e is known as the public exponent or encryption exponent.
d is known as the secret exponent or decryption exponent.
Encryption
Sender A does the following:-
1. Obtains the recipient B's public key (n, e).
2. Represents the plaintext message as a positive integer m.
3. Computes the ciphertext c = m e mod n.
4. Sends the ciphertext c to B.
Decryption
Recipient B does the following:-
1. Uses his private key (n, d) to compute m = cd
mod n.
2. Extracts the plaintext from the integer representative m.
Digital signing
Sender A does the following:-
1. Creates a message digest of the information to be sent.
2. Represents this digest as an integer m between 0 and n-1.
3. Uses her private key (n, d) to compute the signature s = md
mod n.4. Sends this signature s to the recipient, B.
Signature verification Recipient B does
the following:-
1. Uses sender A's public key (n, e) to compute integer v = s e mod n.
2. Extracts the message digest from this integer.
7/30/2019 Secure Email Transaction System
9/32
CHAPTER 1 INTRODUCTION
3. Independently computes the message digest of the information that has been signed.
If both message digests are identical, the signature is valid.
1.2.3 Basic Encryption Process
The basic process ensures that when the user feeds the message, the message is delivered to the other end using
proper security measures. This is where the RSA algorithm is used as a default security measure for each and every
mail being sent out to the other end. The RSA algorithm itself only encrypts numbers. All computer data is
ultimately just binary numbers, so the message could be broken into segments and RSA can be applied to each
segment.
Generation of keys
The RSA encryption and decryption makes use of key pairs. Two big random prime numbers are generated which
in turn calculates the variables used to produce the keys. The variables are used to generate the public and private
keys. The message typed by the user is encrypted by using the private key. When decrypted with the public key it
reproduces the original message. This process is secure, because the only way to decrypt and reproduce the original
text is by knowing the private key.
Choice of Key Size
The feature to select the key size is provided to the user for increasing the complexity of the message.
Sender's choice for Encryption
When the sender has to send a message to the receiver, he/she must be sure of the encryption levels required before
sending the message. This system provides the user to make the choice of generating digital certificates or digital
signature.
Digital Signatures and Certificates
With RSA, the encryption and decryption techniques are very similar. After typing in the message and selecting the
key size the user makes a choice of how he has to encrypt it. The cipher text produced is a digital signature. When
decrypted with the public key it reproduces the original message. This process is secure, because the only way to
decrypt a particular message (encrypted by the public key) is by applying the private key. After typing in the
message and selecting the key size, then the user makes the choice of how he has to encrypt it.
7/30/2019 Secure Email Transaction System
10/32
1.2.4 JavaMail API
Sending of Emails
The encrypted messages are send to the form where the mails are to be send and from this point JavaMail API takes
over. Whenever a particular mail is being sent, there are various protocols which are being used to deliver the mail.
Protocols are rules that define an exact format for communication between systems. In the case of sender mailing
systems, there are two main protocols:
> SMTP(Simple message transfer protocol)
Any email client, to transfer mail, contacts the SMTP server o f the organization that, in turn,
delivers the message to the recipient's SMTP server.
> MIME(Multiple Internet mail Extension)
MIME is about the attachment and type of content being delivered. Receiving an Email
The message is received by the receiver and is moved on to the decryption phase which shows the actual data to the
image. As the sender the receiver also has the particular protocols used in receiving the Email. The protocols are:
> POP3(Post office protocol-Version 3)
POP3 just ensures that each user has his or her own mailbox.
> IMAP(Internet Message access protocol)
While POP is for offline access of messages, IMAP is for online access.
1.3 TOOL STUDY
The tools that are used in our project are described in detail below 1.3.1 Java
Java was developed at Sun Microsystems. Work on Java initially began with the goal of creating a platform-
independent language and OS for consumer electronics. The original intent was to use C++, but as work progressed
in this direction, developers identified that creating their own language would serve them better.
Today Java is both a programming language and an environment for executing programs written in Java Language.
Unlike traditional compilers, which convert source code into machine level instructions, the Java compiler
http://www.devarticles.com/%23%23http://www.devarticles.com/%23%237/30/2019 Secure Email Transaction System
11/32
CHAPTER 1 INTRODUCTION
translates java source code into instructions that are interpreted by the runtime Java Virtual Machine. So unlike
languages like C and C++, on which Java is based, Java is an interpreted language.
Java is the first programming language designed from ground up with network programming in mind. The core API
for Java includes classes and interfaces that provide uniform access to a diverse set of network protocols.
Why Is Java Interesting?
In one of their early papers about the language, Sun described Java as follows: Java: A simple, object-oriented,
distributed, interpreted, robust, secure, architecture neutral, portable, high-performance, multithreaded, and dynamic
language.
Sun acknowledges that this is quite a string of buzzwords, but the fact is that, for the most part, they aptly describe
the language. In order to understand why Java is so interesting, let's take a look at the language features behind the
buzzwords.
Object-Oriented
Java is an object-oriented programming language. As a programmer, this means that you focus on the data in your
application and methods that manipulate that data, rather than thinking strictly in terms of procedures. In an object-
oriented system, a class is a collection of data and methods that operate on that data. Taken together, the data and
methods describe the state and behavior of an object. Classes are arranged in a hierarchy, so that a subclass can
inherit behavior from its superclass. Unlike C++, Java was designed to be object-oriented from the ground up. Most
things in Java are objects; the primitive numeric, character, and boolean types are the only exceptions. Strings are
represented by objects in Java, as are other important language constructs like threads. A class is the basic unit of
compilation and of execution in Java; all Java programs are classes.
Interpreted
Java is an interpreted language: the Java compiler generates byte-codes for the Java Virtual Machine (JVM), rather
than native machine code. To actually run a Java program, you use the Java interpreter to execute the compiled
byte-codes. Because Java byte-codes are platform-independent, Java programs can run on any platform that the
JVM (the interpreter and run-time system) has been ported to.
Architecture Neutral and Portable
7/30/2019 Secure Email Transaction System
12/32
7/30/2019 Secure Email Transaction System
13/32
CHAPTER 1 INTRODUCTION
Java is an interpreted language, so it is never going to be as fast as a compiled language like C. Furthermore, the
speed-critical sections of the Java run-time environment, that do things like string concatenation and comparison,
are implemented with efficient native code. As a further performance boost, many Java interpreters now include
"just in time" compilers that can translate Java byte-codes into machine code for a particular CPU at run-time.. The
performance of Java's interpreted byte-codes is much better than the high-level scripting languages (even Perl), but
it still offers the simplicity and portability of those languages.
Multithreaded
Java is a multithreaded language; it provides support for multiple threads of execution (sometimes called
lightweight processes) that can handle different tasks. An important benefit of multithreading is that it improves the
interactive performance of graphical applications for the user. Java makes programming with threads much easier,
by providing built-in language support for threads
Java Runtime Environment
The runtime environment used to execute the code. It is made up of the java language and java virtual machine. It is
portable and it is platform neutral.
Java tools
It is used by the developers to create java code. They include java compiler, java interpreter, classes, libraries and
applet viewer.
Java Application
Applications are programs written in java to carry out certain tasks on stand alone local computer. Execution of a
stand alone program involves two steps.
Compiling the source code into byte code using javac.
Executing byte code program using j ava interpreter.Java Applets
Java applets are pieces of java code that are embedded in HTML document using the applet tag. When the browser
encounters such code it automatically download it and execute it.
7/30/2019 Secure Email Transaction System
14/32
7/30/2019 Secure Email Transaction System
15/32
CHAPTER
15SYSTEM ANALYSIS
System analysis is the process of identification of the objectives and requirements, evaluation of alternative
solutions and recommendation for a more feasible solution. In other words, system analysis is the step-by-step
process of gathering, recording and interpreting facts. It is the reduction of an entire system by studying the
various operations. It includes studying the problems encountered in the present system and introducing a new
computer system into an organization. The main aim of analysis is to determine problem areas and decide on
solutions to reduce or eliminate them.
System analysis itself breaks into two stages. Preliminary and Detailed. During preliminary analysis the analyst
list the objectives of the proposed system. These findings come together in the preliminary report. Once the
preliminary report is approved, the system analysis phase advances into a second stage. During detailed analysis
required data and information are collected and a detailed study is made.
During analysis, data are collected on the available files, decision points, and transactions of the system using
various tools like data flow diagram.
Feasibility Study
In any project, feasibility analysis is a very important stage. Feasibility study is system proposal according to its
workability, impact on the operation, ability to meet user needs and efficient use of resources. Any project may
face scarcity in resources, time or workforce. An important outcome of the preliminary investigation is the
determination whether the system requested is feasible or not. The key considerations involved in the feasibility
analysis are technical, operational, and economic.
7/30/2019 Secure Email Transaction System
16/32
Technical Feasibility
Technical feasibility is the most important of all types of feasibility analysis. Technical feasibility deals with
hardware as well as software requirements. An idea from the outline design to system requirements in terms of
inputs outputs, files and procedures is drawn and the type of hardware, software, and the methods required for
running the systems are analyzed. Keeping in mind of the above considerations, the resource availability at this
company was observed. It was found that the company has the sufficient resources to develop the current project;
hence the system is technically feasible.
Economic Feasibility
Economic analysis is the most frequently used method for evaluating the effectiveness of the software, more
commonly known as the cost /benefit analysis. The procedure is to determine the benefits and savings that are
expected from a candidate system and compare them with costs. If the benefits outweigh cost, the decision is
made to design and implement the system; otherwise further alternatives have to be made. Here it is seen that no
new hardware or software is needed for the development of the system. Hence the project is economically feasible
for development in this company.
Schedule Feasibility
Schedule feasibility is concerned with the completion of the project development within the fixed time span. It is
an important factor as it can affect other factors like machine availability, tools, cost development and delay in the
development of other systems. Besides these, this project is assigned to the student as an academic exercise to be
completed within a fixed period of time.
Operational Feasibility
The purpose of the operational feasibility study is to determine whether the new system would be used if it is
developed and implemented? Will there be resistance from users that will undermine the possible application
benefits? From the outputs of the meeting that was held with the system users, it was found that all of them
support the development of new system. The positive response from them encouraged in building such a system.
7/30/2019 Secure Email Transaction System
17/32
CHAPTER 17
SYSTEM REQUIREMENT
After analyzing the requirements for our project we had come to the conclusion that our project users require the
following requirements.
Sender's Requirement
> Needs a more user friendly interface.
> More and more security.
> Security feature which are controlled by the user.
> Complexity of the security.
> The account bound with a separate username and password for every user.
> Needs an algorithm which can achieve integrity and authentication.
Receiver's Requirement
> Access to the POP3 server of the mail server from where the mails are going to be extracted.
> Needs a friendlier interface.
> Needs a security feature which could make the cryptanalysis more secure.
The hardware and software requirements for the development phase of our project are: Software Requirements :
Tool Used : NetBeans 5.5
Front end : Java, J2EE.
Back end : MS Access
Hardware Requirements :
Processor RAM Capacity Hard Disk Space
Mouse Keyboard Monitor
Floppy Disk Drive
: Pentium IV : 256 MB
: 40 GB
: MS Compatible :
Standard 104 Keys
: Standard 15"
: 1.44 MB
7/30/2019 Secure Email Transaction System
18/32
CHAPTER
18SYSTEM DESIGN
The most creative and challenging phase of the system life cycle is system design. The term design describes a
final system and the process by which it is developed. It refers to the technical specification that will be applied in
implementing the candidate system. It also include the construction of programs and program testing. The
question involved here is "How the problem is solved".
System design is a transition from the user-oriented document to the document-oriented program or database
personnel. It emphasizes translating performance specification into the design specification and it involves
conceiving and planning and then carrying out the plan for generating the necessary reports and outputs. Design
phase acts as the bridge between the software requirements specifications and implementation phase , which
satisfies the requirements
5.1 MAJOR SYSTEM DESIGN ACTIVITIES 5.1.1 Input
Design:
Input design is a process of converting user-oriented input to computer based format. It also includes determining
the record media ,method of input, speed of capture and entry into the system. Input design consist of developing
specification and procedures for data procedure for data preparations, those necessary steps into put transaction
data into usable form of processing, data entry and activity of putting the data into computer for processing. Five
objectives guiding the design are input focus on controlling the amount of input required, avoiding delay,
controlling error and keeping the steps simple. The following are decided by the system analyst during design
phase:
The data to input
The details of how data should be arranged or coded
7/30/2019 Secure Email Transaction System
19/32
7/30/2019 Secure Email Transaction System
20/32
Logical design describes the format of inputs, outputs, and procedures that meets the user requirements.
The design covers the following: o Reviews the
current physical system. o Prepares the output
specification. o Prepares the Input specifications. o
Prepares control specifications.
System development is a series of operations performed to manipulate data to produce output from a computer
system. This is highly dependent on the programming language used. The principle activities during the
development phase can be divided into two major related sequences :
1. External system development
2. Internal system development
The major external system development activities are :
1. Implementation
2. Planning
3. Equipment acquisition
4. Installation
The major internal system development activities are :
1. Computer program development
2. Performance testing
The implementation stage is the next step towards the problem solution. Here the details like which coding
language is used is decided and the coding is done in the specified language.
The implementation is the practical job of putting a theoretical design in the practice. It may involve the complete
implementation of a computer complex or the introduction of one small subsystem.
The implementation phase of a project covers the period from the acceptance of the test design to its satisfactory
operation support by the appropriate user and operations manual. It is a major operation across the whole
organizational structure and requires a great deal of planning. Planning for implementation must begin from the
initial conception of the project. It requires a thorough knowledge of the new system, its personal needs, hardware
and software requirements, file and procedure conversion activities, etc. Only the analyst is responsible for
creating the new system will possess this knowledge. He can plan, schedule and co- ordinate but has no executive
powers.
7/30/2019 Secure Email Transaction System
21/32
CHAPTER 21
TESTING
System testing is the stage of implementation, which is aimed at ensuring that the system works accurately and
efficiently before live operation commences. Testing is vital to the success of the system. An elaborate testing of
data is prepared and the system is tested using this test data. While testing errors are noted and corrections are
made. The users are trained to operate the developed system. Both hardware and software securities are made to
run the developed system successfully in future. Testing steps:
Unit Testing
Integration Testing
Validation Testing
Output Testing
User Acceptance Testing
Unit Testing
Unit testing focuses verification efforts on the smallest unit of software design, the module. This is also known as
"Module Testing". The modules are tested separately. This testing is carried out during programming stage itself.
In these testing steps each Module is found to be working satisfactorily as regard to the expected output from the
module.
Integration Testing
Integration testing is a systematic technique for constructing tests to uncover errors associated within the
interface. In this project, all the modules combined, and then entire Program is tested as a whole. Thus in the
integration testing step, all the errors uncovered are corrected for the next testing steps.
7/30/2019 Secure Email Transaction System
22/32
Validation Testing
Validation testing is where requirements established as a part of software requirement analysis is validated against
the software that has been constructed. This test provides the final assurance that the software meets all functional,
behavioral and performance requirements .The errors, which are uncovered during integration testing, are
corrected during this phase.
Output Testing
After performing the validation testing, the next step is output testing of the proposed system since no system
could be useful if it does not produce the required output in the specific format. The output generated or displayed
by the system under consideration is tested asking the users about the format required by them. Here, the output is
considered into two ways: one is on the screen and the other is printed format. The output format on the screen is
found to be correct as the format designed according to the user needs .For the hard copy also, the output comes
out as specified by the user. Hence output testing doesn't result in any connection in the system.
User Acceptance Testing
User acceptance of a system is the key factor for the success of any system. The system under consideration is
tested for user acceptance by constantly keeping in touch with the prospective system users at time of
development. The testing of the software began along with coding. Since the design was fully object -oriented, first
the interfaces were developed and tested. Then unit testing was done for every module in the software for various
inputs, such that each line of code is at least once executed After all modules were coded the integration test were
carried out. Some minor errors were found in the output at the earlier stage and each of them was corrected. In the
implementation of user interface part no major errors were found. After the software was completely developed,
the testing was done.
SCREEN SHOTS
The form below will be displayed after a successful login.
7/30/2019 Secure Email Transaction System
23/32
CHAPTER 9
Fig 8.1 Desktop Form
The form below is to encrypt the message. We entered a message in the first text area shown in the form. Next the
keys are generated by clicking the Generate Key button and after that enter the password and click the Encrypt
button. The encrypted message will be displayed on the second text area
Fig 8.2 Encryption Form
7/30/2019 Secure Email Transaction System
24/32
7/30/2019 Secure Email Transaction System
25/32
This form is to decrypt the message. The encrypted message from the Encryption Form is entered into the first
text area and then the private key is entered and Generate button is pressed. After that the password is entered and
Decrypt button is pressed. If all are correct the original message ie the encrypted message is displayed in the
second text area.
Fig 8.3 Decryption Form
7/30/2019 Secure Email Transaction System
26/32
This form is to generate keys. First users key information is generated and click the either the Save button for
saving the details or click the Save & Mail for sending it to another person
7/30/2019 Secure Email Transaction System
27/32
7/30/2019 Secure Email Transaction System
28/32
This form is to mail a message. First , using the File option the user has to login to his gmail account. Then the
receiver's id ,subject,message and other informations are entered. Then check the Encrypt check box and click the
SEND MAIL button to send the mail.
Fig 8.6 Mailing Form
7/30/2019 Secure Email Transaction System
29/32
CHAPTER 10
MAINTENANCE
Development is a single activity. Maintenance is a continuous activity. Maintenance involves activities
like inspections, corrections and enhancement. Once the system is delivered and deployed, it enters the
maintenance phase. The system need to be maintained not because of some of its components wear out and need
to be replaced, but because there are some residual errors remaining in the system that must be removed as they
are discovered. This includes activities related to debugging the software after it goes live, changes required to
address evolving software and enhancement to meet changing customer requirements. So maintenance phase
involves :
Understanding the effects of change.
Testing the new parts.
Retesting the old parts that were not changed
Making changes-to both the code and the documents.
These changes have to be signed by the user before the change can be carried out. Since requirement change
request involves cost, user will be cautious while requesting the software changes. The software will require
continued support. The system maintenance means the maintenance activities after and during the system
development processes. This include activities related to debugging the software after it goes live, changes
acquired to meet change in users requirement.
Three types of maintenance are :
Corrective maintenance.
Adaptive maintenance.
Perfective maintenance.
Maintenance phase identifies if there are any changes required in the current system. If the changes are identified,then an analysis is made to identify if the changes are really required. Cost benefit analysis is a way to find out if
the change is really essential
In the last few years , there has been a sudden growth in the usage of email applications all over the world. New
email applications like Gmail, Yahoo Mail etc. have revolutionized the way we perceive and interact with an
email application. It has forced and challenged other popular email applications to improve its services and
thereby seize a substantial number of users to use their technology.
7/30/2019 Secure Email Transaction System
30/32
7/30/2019 Secure Email Transaction System
31/32
RESUME
We plan to introduce steganography as the second layer in the security feature for the dual layer security model.
The encrypted text is then encoded into the image and is send to the appropriate address location.
We also have plans to include enhancements which would further enhance this email application as a full fledged
complete email application which would include more user defined features.
7/30/2019 Secure Email Transaction System
32/32
http://www.rsasecurity.com/http://www.google.com/