digisafe project report

DIGISAFE

by

Ashwini Kumar (0609013023)

Chetan Anand (0609013028)

Gaurav Gupta (0609013032)

Manpreet Bhatia(0609013040)

Department of : Information Technology

IEC College of Engineering and Technology

Plot No. 4, Institutional Area, Surajpur Kasna Road, Knowledge Park - 1Greater Noida

June,2010

1

DIGISAFE

By:

Ashwini Kumar (0609013023)

Chetan Anand (0609013028)

Gaurav Gupta (0609013032)

Manpreet Bhatia(0609013040)

Submitted to the Department of Information Technology

in partial fulfillment of the requirements

for the degree of

Bachelor of Technology

in

Information Technology

IEC College of Engineering and Technology

U.P. Technical University

June, Year 2010

2

TABLE OF CONTENTS Page

DECLARATION ................................................................................................... 4

CERTIFICATE ..................................................................................................... 5

ACKNOWLEDGEMENTS .................................................................................. 6

ABSTRACT........................................................................................................... 7

LIST OF TABLES.................................................................................................. 8

LIST OF SYMBOLS .............................................................................................. 9

LIST OF ABBREVIATIONS................................................................................ 10

CHAPTER 1.................................................................................................

1.1 INTRODUCTION............................................................................................ 12

1.2 PROJECT OVERVIEW..................................................................................... 13

1.3 PROBLEM DEFINITION………………………………………………..…... 14

CHAPTER 2 ..............................................................................................................

2.1. PROPOSED SYSTEM AND TARGETED USER........................................... 16

2.2. SYSTEM REQUIREMENT SPECIFICATION............................................... 18

2.3 FEASIBILITY STUDY....................................................... .............................. 19

CHAPTER 3......................................................................................................

3.1. DATABASE DESCRIPTION ......................................................................... 27

3.2. DATA DESIGN ................................................................................................ 30

3.2.1. E-R DIAGRAM……………………………………………………..

3.3. SYSTEM DESIGN……………………………………………………………… 31

3.3.1.UML DESIGN…………………………………………………………

3.3.2. DATA FLOW DIAGRAM……………………………....

CHAPTER 4 …………………….........................................................................

4.1. SNAPSHOTS……………………………………………………. 40

APPENDIX A ......................................................................................................... 61

REFERENCES... .................................................................................................... 70

3

DECLARATION

we hereby declare that this submission is our own work and that, to the best of our knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the award of any other degree or diploma of the university or other institute of higher learning, except where due acknowledgment has been made in the text.

Name : Ashwani Kumar

Roll No.: 0609013023

Name : Chetan Anand

Roll No.: 0609013040

Name : Gaurav Gupta

Roll No.: 0609013032

Name : Manpreet Singh Bhatia

Roll No.: 0609013040

Date:

Signature :

4

CERTIFICATE

This is to certify that Project Report entitled “DigiSafe” which is submitted by Ashwani

Kumar, Chetan Anand, Gaurav Gupta and Manpreet Bhatia in partial fulfillment of the

requirement for the award of degree B. Tech. in Department of Information Technology of

U. P. Technical University is a record of the candidate own work carried out by him under

my/our supervision. The matter embodied in this thesis is original and has not been submitted

for the award of any other degree.

Date: Supervisor

Mr. Abhishek Chaudhary

Lecturer

Dept. Of Information Technology

IEC College of Eng. & Tech

Gr. NOIDA

5

ACKNOWLEDGEMENT

It gives us a great sense of pleasure to present the report of the B. Tech Project undertaken during B. Tech. Final Year. We owe special debt of gratitude to Professor Abhishek Chaudhary, Department of Computer Science & Engineering, IEC College of Engineering & Technology, Gr. Noida for his constant support and guidance throughout the course of our work. His sincerity, thoroughness and perseverance have been a constant source of inspiration for us. It is only his cognizant efforts that our endeavors have seen light of the day.

We also take the opportunity to acknowledge the contribution of Professor Rajeev Ranjan, Department of Computer Science & Engineering, IEC College of Engineering & Technology, Gr. Noida for his full support and assistance during the development of the project.

We also do not like to miss the opportunity to acknowledge the contribution of all faculty members of the department for their kind assistance and cooperation during the development of our project. Last but not the least, we acknowledge our friends for their contribution in the completion of the project.

Name : Ashwani Kumar

Roll No.: 0609013023

Name : Chetan Anand

Roll No.: 0609013028

Name : Gaurav Gupta

Roll No.: 0609013032

Name : Manpreet Singh Bhatia

Roll No.: 0609013040:

Date:

Signature:

6

Abstract

The security of information available to an organization was primarily provided through

physical and administrative means. For example, rugged file cabinets with a combination

lock were used for storing sensitive documents and personnel screening procedures were

employed during the hiring process. With the introduction of the computer, the need for

automated tools for protecting files and other information stored on the computer became

evident.

This is especially the case for a shared system and the need is even more acute for a

network. Computer networks were primarily used by university researches for sending e-

mail, and by corporate employees for sharing printers. Under these conditions, security was

not given much attention. Today, since the world is going global, and trillions of data are

transferred daily across networks, security is looming on the horizon as a potentially massive

problem. The generic name for the collection of tools designed to protect data and to thwart

hackers is Computer Security.

In the project titled “Digital Signatures” security is ensured in the Messaging System

of an organization. In this application, if an employee wishes to send confidential information

to another employee connected through the intranet of their organization, he first signs the

message and then sends it to the recipient. He signs the message using Digital Signatures.

The person who receives the message validates the sender and if the message is from an

authorized employee, he reads the message. The above operation is performed using Digital

Signature Algorithm (DSA). This application makes sure that the security services

Authentication, Secrecy, Integrity, and Non-repudiation are provided to the user.

Therefore, intruders cannot gain access to classified information.

7

LIST OF TABLES

Entity: Login_digisafe

Role: To maintain the username and the related password of different users.

Entity: Inbox_digisafe

Role: To maintain the received mails of different users.

Entity: sent_digisafe

Role: To maintain the sent mails of different users.

Entity: certificate_digisafe

Role: To maintain the certificate of different users.

Entity: attachment_digisafe

Role: To maintain the files attached with message of different users.

8

LIST OF SYMBOLS

An activity , a title for the activity should be placed inside rectangle.

Data flow , arrow should be labeled with the name of data moving between the activities.

A file or store . A straight line connects the file to the activity that access the file .the name of the file should be indicated within the rectangle.

A source or recipient . A label should be placed within the oval.

9

LIST OF ABBREVIATIONS

DFD – Data flow diagram

E-R Diagram – Entity relationship diagram

10

CHAPTER 1

1.1. Introduction

1.2. Project Overview

1.3. Problem Definition

11

1.1. INTRODUCTION

Scope

The project is confined to the intranet in an organization. This application makes sure

that security services such as secrecy, authentication, integrity and non-repudiation are

provided to the communicating parties.

Objective

This project has been developed keeping in view the security features that need to be

implemented in the networks following the fulfillment of these objectives:

To develop an application that deals with the security threats that arise in the network.

To enable the end-users as well as the organizations come out with a safe messaging

communication without any threats from intruders or unauthorized people.

To deal with the four inter-related areas of network security namely Secrecy,

Authentication, Non-repudiation and Integrity.

12

1.2. Project Overview

This application makes use of Digital Signature Algorithm (DSA) along with a hash

function. The hash code is provided as input to a signature function along with a random

number generated for this particular signature. The signature function also depends on the

sender’s private key and a set of parameters known to a group of At the receiving end,

verification is performed. The receiver generates a quantity that is a function of the public-

key components, the sender’s public key, and the hash code of the incoming message. If

this quantity matches with one of the components of the signature, then the signature is

validated.

This application makes sure that the security services Authentication, Secrecy,

Integrity, and Non-repudiation are provided to the user.

This application allows to keep the information out of the hands of unauthorized

persons. This is called Secrecy.

It also deals with determining whom a person is communicating with before revealing

sensitive information or entering a business deal. This is called Authentication.

Non-repudiation deals with proving that a particular message was sent by a

particular person in case he denies it later.

Integrity makes sure whether a particular message has been modified or something

has been added to it.

13

1.3. Problem Definition

Message authentication protects two parties who exchange messages from any third

party. However, it does not protect the two parties against each other. Several forms of

disputes between the two parties are possible.

For example, suppose that A sends an authenticated message to B. Consider the

following disputes that could arise:

1. B may forge a different message and claim that it came from A. B would simply have

to create a message and append an authentication code using the key that A and B share.

2. A may deny sending the message. Because it is possible for B to forge a message,

there is no way to prove that A did in fact send the message.

The most attractive solution to this problem is the Digital Signature. The Digital Signature is

analogous to the handwritten signature. It must have the following properties:

It must be able to verify the author and the date and time of the signature.

It must be able to authenticate the contents at the time of the signature.

The signature must be verified by third parties, to resolve disputes.

Thus, the digital signature function includes the authentication function.

Based on the above properties, the following requirements can be formulated for the

digital signatures:

The signature must be a bit pattern that depends on the message being signed.

The signature must use some information unique to the

sender, to prevent both forgery and denial.

It must be relatively easy to produce the digital signature.

It must be relatively easy to recognize and verify the digital signature.

It must be computationally infeasible to forge a digital signature, either by constructing a

new message for an existing digital signature or by constructing a fraudulent digital

signature for a given message.

It must be practical to retain a copy of the digital signature in storage.14

CHAPTER 2

2.1. Proposed System & Targeted User

2.2. System Requirement Specification

2.3. Feasibility Study

15

2.1. Proposed System & Targeted User

Existing system

These days almost all organizations around the globe use a messaging system to

transfer data among their employees through their exclusive intranet. But the security

provided is not of high standards. More and more unauthorized people are gaining access to

confidential data.

Disadvantages:

The validity of sender is not known.

The sender may deny sending a message that he/she has actually sent and similarly

the receiver may deny the receipt that he/she has actually received.

Unauthorized people can gain access to classified data.

Intruders can modify the messages or the receiver himself may modify the message

and claim that the sender has sent it.

Proposed system

The system will provide the following security services:

Confidentiality:

Confidentiality is the protection of transmitted data from passive attacks. With respect

to the release of message contents, several levels of protection can be identified. The broadest

service protects all user data transmitted between two users over a period of time. For

example, if a virtual circuit is set up between two systems, this broad protection would

prevent the release of any user data transmitted over the virtual circuit. Narrower forms of

this service can also be defined, including the protection of a single message or even specific

fields within a message. These refinements are less useful than the broad approach and may

even be more complex and expensive to implement. The other aspect of confidentiality is the

protection of traffic flow from analysis. This requires that an attacker not be able to observe

16

the source and destination, frequency, length, or other characteristics of the traffic on a

communications facility.

Authentication:

The authentication service is concerned with assuring that a communication is

authentic. In the case of a single message, such as a warning or alarm signal, the function of

the authentication service is to assure the recipient that the message is from the source that it

claims to be from. In the case of an ongoing interaction, such as the connection of a terminal

to a host, two aspects are involved. First, at the time of connection initiation, the service

assures that the two entities are authentic (i.e. that each is the entity that it claims to be).

Second, the service must assure that the connection is not interfered with in such a way that a

third party can masquerade as one of the two legitimate parties for the purposes of

unauthorized transmission or reception.

Integrity:

Integrity basically means ensuring that the data messages are not modified. An

integrity service that deals with a stream of messages assures that messages are received as

sent, with no duplication, insertion, modification, reordering or replays. The destruction of

data is also covered under this service. Thus the integrity service addresses both message

modification and denial of service.

Non-repudiation:

Non-repudiation prevents either sender or receiver from denying a transmitted

message. Thus, when a message is sent, the receiver can prove that the message was in fact

sent by the alleged sender. Similarly, when a message is received, the sender can prove that

the message was in fact received by the alleged receiver.

17

2.2. System Requirement Specification

Client Configuration

Intel Pentium IV or equivalent with :

- 512 MB RAM

- 80GB Hard Disk

- OS: Windows 2000 / XP (includes Internet Explorer version 6)

- Word processing software (Open office / MS Office)

- 100 MBPS Ethernet Card

Server Configuration

4 Servers each with following configuration :

- 1 CPU

- OS: Windows 2000 / XP (includes Internet Explorer version 6)

- RAM : 16 GB Minimum

- 120GB X 3 Hard Disk

- Oracle Application Server 10g Enterprise Edition

- Oracle Database 10g Enterprise Edition

18

2.3. FEASIBILITY STUDY

An important outcome of the preliminary investigation is to determine that whether the

system requested is feasible. Depending on the results of the preliminary investigation the

survey is expended to a more detailed feasibility study.

Feasibility study is a test of a system proposal according to its workability,

impact on the organization, ability to meet user needs, and effective use of resources.

The objective of feasibility study is not to solve the problem but to acquire a sense of its

scope. During the study, the problem definition is crystallized and aspects of the problem to

be included in the system are determined. Consequently, costs and benefits are estimated with

greater accuracy at this stage.

The result of the Feasibility study is a formal proposal.This is simply a report-a formal

document detailing the nature and scope of the Proposed solution. Finally, Feasibility Study

is carried out to select the best system that meets the performance requirements.

A feasibility study is carried out to select the best system that meets the

performance requirements.Feasibility is the determination of whether or not project is worth

doing. The process followed in making this determination is called a Feasibility study.

19

Objectives of Feasibility Study

The main objectives of feasibility study are:

To identify the deficiencies in the current system. To determine objectives of the proposed system. To acquire a sense of scope of the system. To identify the responsible users. To determine whether it is feasible to develop the new system.

Steps in Feasibility Study

Feasibility study is carried out in the following steps:

Form a project team and appoint a project leader (Systems Analyst). Start preliminary investigation through different fact finding techniques. Prepare the systems flowcharts of the current system. Identify and describe the deficiencies in the current system. Determine objectives of the proposed system. Prepare the systems flowchart of the proposed system. Identify and enumerate the existing computer systems along with their technical

specifications. Determine the cost and benefits of the proposed system. Identify the responsible users and determine the operational feasibility. Prepare the feasibility study report. Give the oral presentation of the feasibility study.

TYPES OF FEASIBILITY

The study is conducted to evaluate the possibility of HRM systems to produce the desired

20

outputs .Most successful system projects are not necessarily the biggest or most visible in a business but rather those that truly meet user expectations. Three key considerations

involved are :

1. ECONOMIC FEASIBILITY

Economic analysis is the most frequently used method for evaluating the Effectiveness

of a HRM Systems .Most commonly known as cost/benefit analysis, the procedure is to

determine the benefits and savings that are expected from a system and compare them with

costs involved.

Benefits from The System are:

System will be user friendly.

No information gap.

Accurate and latest information will help managers for quick decision

21

Types of Feasibility

Technical

Economic

Operational

making.

Saving of precious time and resources.

The cost are negligible as the needed infrastructure already exists .As the benefits greatly

overweighs cost, the proposed system is economically feasible.

Economic analysis is the most frequently used technique for evaluating the effectiveness

of a proposed system. Commonly known as cost / benefit analysis. The procedure is to

determine the benefit and savings that expected from a proposed system and compare

them with costs. In case of profit, decision is taken to design and implement the system.

The proposed system is financially feasible because of the following reason:

1. The cost of the system development is not much because of module /

department wise automation.

2. Then organization wants to implement wise so this system cannot take

a heavy amount to implement the system into the form of hardware

investment.

3. The proposed system is economic, as it will reduce the time investment

in running the daily transaction.

2. TECHNICAL FEASIBILITY

Technical feasibility centers on the existing computer system (Hardware and software

etc.) and to what extent it can support the proposed system .In case of this system, the

required infrastructure i.e. hardware, software application and technical know-how already

exists .Thus the project is then technically feasible. This is concerned with specifying

equipment and software that will successfully satisfy the user requirements. The are a number

of technical issue, which are raised during the feasibility stage investigation. The are as

follow:

Technical feasibility centers on the existing computer system (hardware, software, etc.)

and to what extent it can support the proposed addition. Time duration is also a part of

technical feasibility. Time is one of the major factors to decide the success of the project. If

project is not complete within the time duration, the budget will be increase definitely. If the

22

budget is a serious constraint, then the project is judged not feasible .So if it is very serious

matter, each project team should keeps in mind this, to complete the project with in specified

time.

The facility to produce output in a given time.

Response time under certain condition.

Ability to process ascertains volume of package at a particular speed.

Facility to communicate data to distinct location.

The proposed system is technically feasibility because of following reason:

The organization want to build the computer based system for data.

Maintained into the digital form so that maintaining of information will gone to

Be easy and retrieval of the information is fast.

After converting data into the digital form cost of stationary is saved.

This system also able to produce the required the report in least time.

This system has also the facility to communication among the terminals to

distant locations.

3. OPERATIONAL FEASIBILITY

It is mainly related to human organizational and political aspect. the points to be

considered are:

What changes will be brought with the system?

What organizational structures are distributed?

What new skills will be required?

The proposed system is feasibility because of following reasons:

The system reduce the workload of the staff because on a mouse click he / she the

desired result, work can be done with the help of keyboard and mouse watching the

computer screen not on the paper.

The system will be build on the technology of GUI so that interaction to the system not

23

be boring as like writing / preparing / maintaining data into the form of the manual

paper. Users that work into the GUI environment works more interestingly than the

paper based.

This result work more efficiently.

The proposed system is better in use and user friendly as it generates proper message

at run time.

The input from the user is much as the fields like supplier code. Customer code and

current data are included itself by the system.

4. BEHAVIOURAL FEASIBILITY

Behavioural feasibility is procedure to determine an estimate of how strong reaction the user

staff is likely to have towards the development of a computerized system. It is common

knowledge .Those computer installations have something to do with turnover, transfers,

retraining and changes in employee job status. Therefore, it is understandable that the

introduction of a candidate system requires special effort to educate and train the staffon new

ways of handling the system. All along the above studies and discussion the users were

actively involved and were keen to get a new system, which would eliminate all the problems

in the existing system. The total project costs, priority, completion time and personnel’s

required were estimated. Initial plans were drawn up to how the project would proceed to its

final Implementation,while running the existing system so that company’s information needs

were not affected. Feasibility Study helps to determine performance

and cost Effectiveness of the system, against the system performance requirements set

prior to the feasibility study.

24

5. SOCIAL FEASIBILITY

People are inherently resistant to change, and computers have been known to facilitate

change . An adverse reaction and resistance is always expected from the user staff. Our case

is different .The users get the graphical displays of information which is quickly

understandable than capturing the information from reports.

6. TIME FEASIBILITY

Time feasibility is the determination of whether a proposed project can be implemented

fully within stipulated time frame.

STEPS IN FEASIBILITY ANALYSIS

FEASIBILITY ANALYSIS INVOLVES EIGHT STEPS:-

Form a project team and appoint a project leader.

Prepare system flowcharts and Enumerate potential candidate systems

Describe and identify characteristics of candidate systems.

Determine and evaluate performance and cost effectiveness of each candidate system.

Weight system performance and cost data then select the best candidate system.

To produce periodic reports to management on the performance of the safe deposit

department.

25

CHAPTER 3

3.1. Database description

3.2. Database design

3.3. system design

3.1. Database Description

Entity: Login_digisafe

Role: To maintain the username and the related password of different users.26

Attributes:

NAME NULL? TYPE

Username Not null Varchar2

Password Not null Varchar2

Question Varchar2

Answer Varchar2

Check1 Number

Entity: Inbox_digisafe

Role: To maintain the received mails of different users.

Attributes:

NAME NULL? TYPE

Username_sender Not null Varchar2

Username_receiver Not null Varchar2

Subject Varchar2

Message Varchar2

Message_digest Not null Long raw

Message_key Not null Varchar2

Message_date Not null Date

Check1 Not null Number

Entity: sent_digisafe

Role: To maintain the sent mails of different users.

Attributes:

27

NAME NULL? TYPE

Username_sender Not null Varchar2

Username_receiver Not null Varchar2

Subject Varchar2

Message Varchar2

Message_date Not null Date

Entity: certificate_digisafe

Role: To maintain the certificate of different users.

Attributes:

NAME NULL? TYPE

Username Not null Varchar2

Cfile Varchar2

Entity: attachment_digisafe

Role: To maintain the files attached with message of different users.

28

Attribute:

NAME NULL? TYPE

Message_date Varchar2

Attach1 Varchar2

Message_digest1 Varchar2

Attach2 Varchar2


Attach3 Varchar2


Attach4 Varchar2


Attach5 Varchar2


29

3.2. Data Design

3.2.1 E-R Diagram

30

3.3. System Design

3.3.1. UML Diagram

3.3.2. Data flow diagrams

31

2ND Level DFD’S

34

Compose Mail

36

Validate Mail

37

Create Certificate

38

Sent Mail

39

SCREEN SHOTS

Screen ShotsScreen 1 - Login Screen

40

Screen 2 – Home Screen

This is home page of Administrator

41

This is home page of User

42

Screen 2 – Create Certificate

43

Screen 3 – Compose

Writing

45

Attaching files

46

Encryption

48

Signing

49

Screen 4 – Registration

51

Screen 5 – Edit Profile

53

Screen 6 – Change Password

54

Screen 7 – Forgot Password

55

Screen 7 – Sent Mail

58

Appendix

60

J2EE

Sun Microsystems provides specifications for a comprehensive suite of technologies to solve large

scale distributed system problems. This suite is the Java 2 Enterprise Edition, commonly known as

J2EE. The J2EE Platform provides a component-based approach to the design, development,

assembly, and deployment of enterprise applications.

The J2EE platform is designed to provide server-side and client-side support for developing

enterprise, multi-tier applications. Such applications are typically configured as a client tier to provide

the user interface, one or more middle-tier modules that provide client services and business logic for

an application, and backend enterprise information systems providing data management.

J2EE APIs

JDBC – Java Database Connectivity

RMI – IIOP - Remote Method Invocation over Internet Inter-Orb Protocol

EJB – Enterprise Java Beans

Java Servlet

JSP – Java Server Pages

JMS – Java Message Service

JNDI – Java Naming and Directory Interface

J2EE Technologies

61

Figure: J2EE Contrainer

J2EE applications are made up of components. A J2EE component is a self-contained

functional software unit that is assembled into a J2EE application with its related classes and

files and that communicates with other components. The J2EE specification defines the

following J2EE components:

The Component technologies – to hold the business logic. (JSP, Servlets and EJB)

The Service technologies – to provide supported services to application components

(JDBC, JTA, JNDI)

The Communication technologies – transparent to appln programmer, provide the

mechanism for communication among different parts of the application JavaMail,

RMI-IIOP)

J2EE does not specify the nature and structure of the runtime.

J2EE Container – capability of the runtime to manage application components.

J2EE APIs specifies the contract between the applications and the container.

Different Containers – Web, EJB, Applet, application client.

The J2EE platform uses a multi-tiered distributed application model. Application logic is

divided into components according to function, and the various application components that

make up a J2EE application are installed on different machines depending on the tier in the

multi-tiered J2EE environment to which the application component belongs

Client-tier components run on Client machine.

Web-tier components run on the J2EE server.

Business-tier components run on the J2EE server.

Enterprise information system (EIS)-tier software runs on the EIS server.

62

Enterprise Java Beans (EJB)

Enterprise JavaBeans (EJB) technology is a J2EE technology for developing business

components in a component-based, enterprise Java application. Business components

developed with EJB technology are often called Enterprise JavaBeans components or simply

"enterprise beans."

They are re-usable software units containing business logic.

An EJB is just a collection of Java classes and an XML Request, bundled into a single

unit.

Java classes must follow certain rules and provide certain callback methods.

There are three types of enterprise beans:

Session beans

o Stateful

o Stateless

Entity beans

o Bean-managed Persistence (BMP)

o Container-managed Persistence (CMP)

o Enterprise Javabeans Query Language

Message-driven beans

Session beans

A session bean represents a single unique session between a client and an instance of the

bean. A session bean can't be shared. One instance of the bean is tied to a specific client in a

specific session. The session bean exposes methods that a client can call to execute business

tasks on the server. When Client's session ends, the session bean is no longer associated with

that client.

63

There are two types of session beans: stateful and stateless.

o Stateful

A stateful session bean maintains data about the unique client-bean session in its instance

variables. The data represents the state (often called the "conversational state") of that

specific session. The conversational state is maintained for the life of Client-bean association.

Significantly, this means that the data is maintained across operations.

o Stateless

A stateless session bean does not maintain conversational state for its client. Because a

stateless session bean cannot maintain conversational state across methods, it's typically used

for one-step tasks, such as sending an email that confirms an online order.

Entity beans

An entity bean represents data in a storage medium, such as a relational database. Each entity

bean may correspond to a table in a relational database, and each instance of the bean

corresponds to a row in that table. Entity beans are not limited to representing relational

databases. They can represent data in other types of data stores, but the majority of enterprise

applications that use EJB technology access data in relational databases.

An entity bean can manage its own persistence (this is called bean-managed persistence) or

let the EJB container manage it (container-managed persistence). With bean-managed

persistence, the entity bean code includes SQL statements that access the database. With

container-managed persistence, the EJB container automatically generates the necessary

database access calls.

Message Driven Beans

64

A message-driven bean processes asynchronous messages typically sent through the Java

Message Service (JMS) API. Asynchronous messaging frees the message sender from

waiting for a response from the message receiver.

A message-driven bean can process messages sent by any J2EE component (such as an

application client, another enterprise bean, or a web component) or by a JMS application or

system that does not use J2EE technology. Often message-driven beans are used to route

messages. This makes them useful in many business-to-business communication scenarios.

65

Oracle 10g Database & Application Server

Oracle Wwblogic Application Server Enterprise Edition

Includes: Oracle Forms Services, Oracle Reports Services, TopLink, Portal, Discoverer

Viewer, Discoverer Plus (Web Functionality), Identity Management (LDAP), Application

Interconnect Toolkit, Workflow, Wireless Option, Personalization, and 5 JDeveloper Named

User Plus licenses per Processor.

Oracle Database 10g Enterprise Edition

Includes: JServer Enterprise Edition, interMedia, Objects Option, Networking Kit, Objects

for OLE, Advanced Replication Option, Distributed Option, Parallel Query Option,

(including bitmap indexes and parallel bitmap-star query), SQL*Plus, Visual Information

Retrieval and Workflow. Also included are: Advanced Backup & Recovery, Queuing,

Advanced, Connection Manager & Pooling, 64-bit option, MPI, OCI, ODBC Driver,

Enterprise Manager and Enterprise backup utility.

Other Features of ORACLE

66

67

Client/Server (distributed processing) environments

To take full advantage of a given computer system or network, Oracle allows processing to be split between the database server and Client application programs.

Large databases and spaces management

Oracle supports the largest of databases, potentially 100 terabytes in size. To make efficient use of expensive hardware devices, it allows full control of space usage.

Many concurrent database users

Oracle supports large numbers of concurrent users executing a variety of database applications operating on the same data. It minimizes data contention and guarantees data concurrency.

High transaction processing performance

Oracle maintains the preceding features with a high degree of overall system performance.

High availability Oracle can work 24x7 with no down time for quite a large amount of time.

Controlled availability

Oracle can selectively control the availability of data, at the database level and sub-database level. For example, an administrator can disallow use of a specific application so that the application’s data can be reloaded, without affecting other applications.

Database enforced integrity

Oracle enforces data integrity, “business rules” that dictate the standards for acceptable data. As a result, the costs of coding and managing checks in many database applications are eliminated.

Distributed Systems For networked, distributed environments, Oracle combines the data physically located on different computers into one logical database that can be accessed by all network users. Distributed systems have the same degree of user transparency and data consistency as non-distributed systems, yet receive the advantages of local database management.

Oracle also offers the heterogeneous option that allows users to access data on some non-Oracle databases transparently.

Portability Oracle software is ported to work under different operating systems. Applications developed for Oracle can be ported to any operating system with little or no modification.

Compatibility Oracle software is compatible with industry standards, including most industry standard operating systems. Applications developed for Oracle can be used on virtually any system with little or no modification.

Connection ability Oracle software allows different types of computers and operating systems to share information across network.

JavaScript

JavaScript was originally developed by Brendan Eich of Netscape under the name Mocha,

later LiveScript, and finally renamed to JavaScript. The change of name from LiveScript to

JavaScript roughly coincided with Netscape adding support for Java technology in its

Netscape Navigator web browser. JavaScript was first introduced and deployed in the

Netscape browser version 2.0B3 in December of 1995. When web developers talk about

using JavaScript in Internet Explorer, they are actually using JScript. The choice of name

proved to be a source of much confusion.

As of 2006, the latest version of the language is JavaScript 1.7. The previous version 1.6

corresponded to ECMA-262 Edition 3 like JavaScript 1.5, except for Array extras, and Array

and String generics. ECMAScript, in simple terms, is a standardized version of JavaScript.

The ECMA-357 standard specifies E4X, a language extension dealing with XML.

JavaScript is a prototype-based scripting language with a syntax loosely based on C. Like C,

the language has no input or output constructs of its own. Where C relies on standard I/O

libraries, a JavaScript engine relies on a host environment into which it is embedded. There

are many such host environment applications, of which web technologies are the best-known

examples. These are examined first.

One major use of web-based JavaScript is to write functions that are embedded in or included

from HTML pages and interact with the Document Object Model (DOM) of the page to

perform tasks not possible in HTML alone. Some common examples of this usage follow.

Opening or popping up a new window with programmatic control over the size,

position and 'look' of the new window (i.e. whether or not the menus, toolbars, etc. are

visible).

Validation of web form input values to make sure that they will be accepted before

they are submitted to the server.

Changing images as the mouse cursor moves over them: This effect is often used to

draw the user's attention to important links displayed as graphical elements.

68

REFERNCES

Web resources

www.java.sun.comOfficial Java Website

www.java.sun.com/developer/onlineTraining/J2EE/Intro2/j2ee.html

Training for J2EE

Books

API DOCS –JAVA, J2EE, Java Mail, Java Servlets, JSPsBy: Sun Microsystems

Java2 - The Complete Reference(7TH Edition)By: Herbert Schildt

JSP - The Complete ReferenceBy: Philhanna

Oracle 10g By: Ivan Baross

Software EngineeringBy: Roger Pressman

Head First Servlets & JSP By: Bryan Bashan, Kathy Sierra & Bert Bates

69

digisafe project report

Documents