Scribd
Upload
3 views10 pages

Information Security

Uploaded by

عبد المحسن عبد الرزاق جبر صباحي
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views10 pages

Information Security

Uploaded by

عبد المحسن عبد الرزاق جبر صباحي
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

(Confidential)

Securing Login to Admin Dashboard


• javax.crypto.Cipher: For encryption and decryption
• javax.crypto.KeyGenerator: Helps generate encryption
keys (used to encrypt/decrypt data).

NECCESSARY LIBARIES
• javax.crypto.SecretKey: To store the generated secret key
used for encryption.
• java.util.Base64: Used to encode and decode data in
Base64.
• javax.swing.*: For creating the graphical user
interface (GUI)
• javax.swing.*: For creating the graphical user
interface (GUI)
• class Firewall { The Firewall class is a security feature that
checks if a device’s IP address matches a pre-
private static final String ALLOWED_IP = "192.168.1.1"; set allowed IP address ("192.168.1.1"). If the
provided IP matches the allowed one, the
public static boolean isIPAllowed(String ip) { isIPAllowed() method returns true, granting
access; otherwise, it returns false, blocking
return ALLOWED_IP.equals(ip); access. It acts as a basic check to restrict
}} access based on the device's IP address.
GenerateKey() Static Block
private static SecretKey generateKey() throws Exception { static {
try {
KeyGenerator keyGen = KeyGenerator.getInstance("AES"); secretKey = generateKey();
System.out.println("SecretKey changes everytime a person logs in
keyGen.init(128); // 128-bit AES encryption : " + secretKey);
} catch (Exception e) {
return keyGen.generateKey(); e.printStackTrace();
}
} }
GenerateKey() Static Block
What it does: This method creates a new AES key. • What it does: This block of code runs once when the class is loaded.
It generates a new AES key and stores it in the secretKey variable.
• KeyGenerator.getInstance("AES"): This gets the AES
encryption algorithm's key generator. • Why it’s important: The encryption key is generated dynamically,
which means it’s not fixed and changes each time the program runs,
• keyGen.init(128): This specifies the key size, which is 128 making it more secure.
bits in this case. AES supports key sizes of 128.

• keyGen.generateKey(): This generates a new random key


used for encryption.
1- This creates a tool called Cipher that will help
us encrypt the data. We tell it that we want to
use the AES encryption method.
Encrypt()
2- This prepares the Cipher tool for encryption.
public static String encrypt(String data) throws Exception {
We tell it that we want to encrypt, and we also
provide the secretKey.
Cipher cipher = Cipher.getInstance("AES"); // 1

3- This line takes the data we want to encrypt


cipher.init(Cipher.ENCRYPT_MODE, secretKey); // 2
(e.g., "admin") and turns it into something
unreadable (encrypted form). data.getBytes()
byte[] encryptedBytes = cipher.doFinal(data.getBytes()); // 3
converts the text into a sequence of bytes
(binary data), and cipher.doFinal() does the
return Base64.getEncoder().encodeToString(encryptedBytes); // 4
actual encryption.
}

4- The return statement takes the encrypted


binary data and converts it into a readable string
(Base64 format), which is then returned to
whoever called the encrypt() function
• Firewall Check: If the IP address is allowed the authentication
process continues. try {
if (Firewall.isIPAllowed("192.168.1.1")) { // Simulated IP
• Authentication: The Security.authenticate() method checks if (Security.authenticate(username, password)) {
whether the entered username and password match the statusLabel.setText("Login Successful!");
encrypted ones stored in the Security class. statusLabel.setForeground(Color.GREEN);
} else {
• Based on the result of the authentication, the statusLabel displays statusLabel.setText("Invalid Credentials.");
a success message (Login Successful!) in green or an error statusLabel.setForeground(Color.RED);
message (Invalid Credentials) in red. }
} else {
• If the IP address isn't allowed, an "Access Denied by Firewall" statusLabel.setText("Access Denied by Firewall.");
message is shown. statusLabel.setForeground(Color.RED);
}
• If any exception occurs during this process, it is caught, and an } catch (Exception ex) {
error message is displayed. ex.printStackTrace();
statusLabel.setText("Error: " + ex.getMessage());
statusLabel.setForeground(Color.RED);
}
});
public static boolean authenticate(String username, String password)
throws Exception {
String encryptedUsername = Encryption.encrypt(username);

String encryptedPassword = Encryption.encrypt(password);

return encryptedUsername.equals(encryptedValidUsername) &&


encryptedPassword.equals(encryptedValidPassword);
}

• First, the username and password entered by the user are encrypted
using the Encryption.encrypt() method.

• Then, it compares the encrypted input (encryptedUsername and


encryptedPassword) with the encrypted valid credentials stored in
encryptedValidUsername and encryptedValidPassword.
String validUsername = "admin"; encryptedValidUsername = Encryption.encrypt(validUsername);
String validPassword = "password123"; encryptedValidPassword = Encryption.encrypt(validPassword);

The validUsername and validPassword are encrypted using the


The program defines a valid username
Encryption.encrypt() method from the Encryption class
("admin") and a valid password ("password123").
These are the credentials the user must
provide during login to successfully
authenticate.
WorkForce Managment:
Security

You might also like