A MINIOR PROJECT REPORT ON KEYPASS PASSWORD PROTECTION MANAGER

Submitted by

HEMANT KUMAR

Uni.Roll No.08ESMIT021

SANJAY TIWARI. Uni.Roll No.08ESMIT049 CHARUL BHUDIRAJA Uni.Roll No.08ESMIT013

in partial fulfillment for the award of the degree of

BACHELOR OF TECHNOLOGY in INFORMATION TECHNOLOGY

St.Margaret Engineering College,Neemrana

RAJASTHAN TECHNICAL UNIVERSITY, KOTA
DEC-2012
1

St.Margaret Engineering College, Neemrana

BONAFIDE CERTIFICATE

Certified that this project report KEYPASS PROTECTION MANAGER is the bonafide work of CHARUL BUDHIRAJA(08ESMIT013),HEMANT KUMAR (08ESMIT021) and SANJAY TIWARI (08ESMIT049), who carried out the project work under our supervision, towards partial fulfillment of the requirements of the Degree of Bachelor of Technology in Information & Technology Engineering from Rajasthan Technical University, Kota.

Internal Supervisor
MR. KASHINATH DHARA Asst. Professor CS/IT Department

External Supervisor
MR. SHAILENDRA SONI Asst. Professor CS/IT Department

Date: 2.1.2012

St. Margaret Engineering College ,Neemrana

CERTIFICATE OF AUTHENTICATION
We solemnly declare that this project report KEYPASS PROTECTION MANAGER is the Bonafide work done purely by us, carried out under the supervision of Mr. Kashinath Dhara, towards partial fulfillment of the requirements of the Degree of Bachelor of Technology in Information Technology from Rajasthan Technical University, Kota during the year 2011 - 2012. It is further certified that this work has not been submitted, either in part of in full, to any Other department of the Rajasthan Technical University, or any other University, institution or Elsewhere, or for publication in any form.

Date: 2-1-2012

Signature of the Student CHARUL HEMANT SANJAY 08ESMIT013 08ESMIT021 08ESMIT049

ACKNOWLEDGEMENT
We are grateful to St. Margaret Engineering College, for permitting us to undergo for a minor project for the development of an expert system. While developing this project, we have learnt a lot. This will be an un-forgetful experience. While developing this project, a lot of difficulties were faced by us. But it was the help of some special people that we have gained much confidence and developed the project quite well. We would like to thanks Mr. KASHINATH DHARA and Mr.SHAILENDRA SONI to co-ordinate with us and provide us the information needed to complete the analysis part of this project.

ABSTRACT

KEY PASS PASSWORD PROTECTION MANAGER

Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your homepage's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone get this password you have a problem. A serious ID problem to the owner of the. The thief would have access to your e-mail account, homepage, etc. Unimaginable. This system is a password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted. A facility to update and change information is provided.

TABLE OF CONTENTS
1. INTRODUCTION.........................................................................................................7
1.1 Purpose .................................................................................................................................. 7 1.2 Intended Audience and Reading Suggestions........................................................................ 7 1.3 Product Scope........................................................................................................................ 8 1.4 Project Scope.......................................................................................................................... 8 1.5 References.............................................................................................................................. 8 2.1Product Perspective................................................................................................................ 9 2.2 Product Functions............................................................................................................... 10 2.3User Classes and Characteristics.......................................................................................... 11 2.4Operating Environment........................................................................................................ 11 2.5Design and Implementation Constraints.............................................................................. 12 2.6User Documentation............................................................................................................ 12

3.External Interface Requirements............................................................................... 12

3.1User Interfaces..................................................................................................................... 12 3.2Hardware Interfaces............................................................................................................. 13 3.3Software Interfaces.............................................................................................................. 13

4. System Features.......................................................................................................... 13 5. OTHER NON FUNCTIONAL REQUIREMENTS................................................ 15

5.1Performance Requirements.................................................................................................. 5.2Safety Requirements ........................................................................................................... 5.3Product Security Requirements............................................................................................ 5.4Software Quality Attributes................................................................................................. 8. TESTING.............................................................................................................................. 15 16 16 16 42

9. Bibiliography

46

LIST OF FIGURES
1. Use-Case diagram 2. Class diagram 3. Sequence diagram 3.1 Sequence diagram login
3.2 Sequence diagram change password 3.3 Sequence diagram protect data 3.4 Sequence diagram unprotect data 4. Activity diagram 5.Screenshots: 6

18 19 20 20
21 22 23 24

Fig1 Fig2 Fig3 Fig4 Fig5 Fig6 Fig7 Fig8 Fig9 Fig10 Fig11 Fig12 Fig13 Fig14 Fig15 Fig16 Fig17 Fig18

25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42

1. INTRODUCTION
1.1 Purpose

To provide security to highly confidential data such as ids and passwords that may span from PC applications to financial information.

1.2

Intended Audience and Reading Suggestions

Intended for Project Managers, Developers, End users and Quality Assurance Engineers. Suggested reading the document would be overall document description, product based information gathering followed by Infrastructure requirement.
7

1.3

Product Scope
Language : Java(J2EE)

1.4

Project Scope

Provides registration to public in order to access the application. The user can change his password. Registered users can store critical and confidential data in a secured form. Unprotect and Retrieve data as and when necessary. The data can be retrieved anytime, from anywhere and any number of times. Protection provided to the stored data using the MD5 algorithm.

1.5

References
1) Java a) Java b) JSP2.0 Dream tech Publication 2) Database a) Databases in Java, Worth b) Database, SQL

2. Overall Description
2.1Product Perspective
In the present scenario every person is associated with some id and password. It may pertain to accessing the PC, the web, emails, financial institutions, access to credit cards, ATMs etc. Most often a person tries to remember them in order to use it. It is always known that a person or individual confuses between passwords of different ids. Some individuals in order to avoid confusion also adapt to use a common password for all ids.

Both of the above can either lead to misplaced password or forgotten password or easily hacked when the single password is known. Some individuals even try to save critical information in books or registers or electronic diaries and carry them along. The possibility of this carrier being lost or damaged is high. In the present scenario certain passwords can be recovered after a procedural delay. In some cases the password can not be reset easily and the user has to forgo or close the account permanently as in the case of mails.

The project is to maintain a centralized server that, stores critical information and be accessible to the user from anywhere, anytime. The server can now remember any amount of ids and passwords irrespective of even their lengths. Highly useful when data such as a credit card, debit card number etc that have larger number of digits or characters cannot be remembered easily. In order to provide higher level security the data is stored in an unreadable format. To provide this scenario the server implements the DES algorithm using the visual studio. Similarly whenever the data needs to be unprotected and used the decryption ensures that the data is recovered without any loss or alterations.

2.2 Product Functions

Register a user. Store information with security. Retrieve information as and when required. Multi-tier architecture enables less maintenance as only the server is of importance. Generate report either on a single user id or list of Ids. Keys are auto generated, associated with password ensures the protection level is higher. Length of the keys altered each time to suite user needs.
10

1 ) .

The user need not remember the keys instead only filenames. Both the key and password within the application is maintained encrypted. The details of the account, key, protected file is stored into the database but not the actual password.

2.3User Classes and Characteristics

The application can be used by general public, organizations etc without having to be specific to any community. The user who has registered only has access to this application.

2.4Operating Environment Software Requirements:

Operating System Language Front End Backend Web server : : : : : Windows 7(Home Basic) Java HTML, JSP SQL Apache Tomcat

Hardware Requirements (Minimum) Processor Ram Hard Disk Monitor : : : : PIV MB 512 40 GB Space VGA Color (256)

11

2.5Design and Implementation Constraints

The application is designed using JSP. Hence all the design or screens are done using web pages. The constraints are that JVM should be available and running for the application to execute. As the database is in SQL, SQLYog should be installed. Tomcat should be installed and running.

2.6User Documentation
The product is provided with built-in manual that would help the end user use the system for functioning.

3.External Interface Requirements

3.1User Interfaces
The application provides with keyboard shortcuts and a facility to use the mouse to trigger the required actions. They act as shortcuts and provide an easy navigation within the software. Output data to the user including errors and exceptions are displayed through message boxes and dialogs using HTML.

12

3.2Hardware Interfaces
The application concentrates on the multi tier scenario and has no dependency on the network or protocols. When executed on a standalone machine no additional peripheral requirements are needed.

3.3Software Interfaces
The incoming data to the product would be raw text data and outgoing data would be binary. SQL, JVM and Tomcat are the needed software interfaces.

4. System Features
1. Login & Security
The module deals with authentication of the users using the application. There are basically two types of users Administrator & the public.

13

Each of the above users are associated with user id and password. The user id is unique to each user. The users login with the specified id and password to access their schema information. Additional facility to change their password is also provided.

2.ID & Password Manager

This module deals with storing as many IDs and correlated passwords into the database. Each user can have more than one id stored. The password is sent to the Blowfish encryption module to have it encrypted or converted to cipher text before it can be stored in the database. Each id acts as the primary key for that password. The id is then used to retrieve the associated password later.

3.MD5 Encryption
The main MD5 algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C and D. These are initialized to certain fixed constants. The main algorithm then operates on each 512-bit message block in turn, each block modifying the state. The processing of a message block consists of four similar stages, termed rounds; each round is composed of 16 similar operations based on a non-linear function f, modular addition, and left rotation.

4.Report Generation
The module allows the users of the application to view the following reports :1.Password for a particular user id. 2.Tabulated listing of all user account and related passwords.

14

5. OTHER NON FUNCTIONAL REQUIREMENTS

5.1Performance Requirements
No external factor influences performance as the application is standalone. Higher memory is recommended for faster execution. However when executed from intranet or internet good bandwidth, less congestion and shortest route to reach the server would enhance the performance.
15

5.2Safety Requirements
No harm is expected from the use of the product either to the OS or any data.

5.3Product Security Requirements

The product is protected from un-authorized users from using it. The system allows only authenticated users to work on the application. The users of the system are registered users.

5.4Software Quality Attributes

The product is user friendly as it is developed using web pages. The application is reliable and ensures its functioning maintaining the users and their confidential data. As it is developed in java it is interoperable on any OS. The system requires minimum maintenance.

6. SOFTWARE DESIGN
UML DIAGRAMS
USE CASE DIAGRAM: A use case is a set of scenarios that describes an interaction between a user and a system. A use case diagram displays the relationship among actors and use cases. The two main components of a use case diagram are use cases and actors.
16

CLASS DIAGRAM:
A class diagram is a type of static structure diagram that describes the structure of a system by showing the systems classes ,their attributes and the relationships between the classes.

17

SEQUENCE DIAGRAM:
A sequence diagram demonstrates the behavior of objects in a use case by describing the objects and the messages they pass. The diagrams are read left to right and descending.

Sequence diagram for login:

18

Sequence diagram for change password:

19

Sequence diagram for protect data:

20

Sequence diagram for unprotect data:

21

ACTIVITY DIAGRAM:
Activity diagrams describe the workflow behavior of a system.The diagrams describe the state of activities by showing the sequence of activities performed.
22

7. SCREENSHOTS
Home page

23

Fig 1 The homepage will be appeared as above

24

Fig.2

When we click on contact us button in the Fig 1 ,the above screen appears displaying the contact details

25

Fig 3

When we click on register button in Fig 2 the above screen Fig 3 appears, where the user has to fill the required fields to register himself.

26

Fig 4

The registration is successful for the user Arvind.

27

Fig 5
After registration of a user is successful, he has to login with the correct user Id and password. In this screen an invalid password is entered.

28

Fig 6

As the invalid password is entered the above screen Fig 6 is displayed.

29

Fig 7

When the correct user Id and password are provided the above screen fig 7 appears.

30

Fig 8

If the original password does not match with the password that is given in Fig 8,the above screen Fig 9 appears saying that password is mismatch, Try again.

31

Fig 9

Now give the identical password.

32

Fig 10

Now the password is reset for account Arvind.

33

Fig 11

The key is generated successfully, if the given key file name doesnt exist.

34

Fig 12

To protect the data click on Protect Data option, then the above screen appears where the account id should be provided giving the description of the account in the account description field and the password to protect is the password which we want to protect, the protection date will be generated automatically and the master key is the key file name that is given during the generating key and the protected file is the location given where we want to store the file.

35

Fig 13
After giving all the details the password is protected successfully.

36

Fig 14

To recover the data click on the unprotect data option and the above screen appears where we need to give our account Id and master Key.

37

Fig 15

As the given master key is invalid the above screen appears.

38

Fig 16

Give the correct Master Key.

39

Fig 17

The password is recovered.

40

Fig 18

To view keys click on view keys option, then it gives the list of accounts that has been created by the user with the description and key. Arvind has created an account [email protected] which is displayed in the above screen.

41

8. TESTING
8.1 PURPOSE:
The purpose of testing is to assess product quality. It helps to strengthen and stabilize the architecture early in the development cycle. We can verify through testing, the various interactions, integration of components and the requirements which were implemented. It provides timely feedback to resolve the quality issues, in a timely and cost effective manner. The test workflow involves the following: Verifying the interactions of components. Verifying the proper integration of components. Verifying that all requirements have been implemented correctly. Identifying and ensuring that all discovered defects are addressed before the software is deployed.

8.2 QUALITY:
The common usage of the term quality refers to a number of things: principally it means the absence of defects, but more importantly, a fitness for a desired purpose. The ultimate goal of testing is to assess the quality of the end product. Quality assessments often consider process quality and organizational factors as well as direct product quality.

8.3 PRODUCT QUALITY:

The role of testing is not to assure quality, but to assess it, and to provide timely feedback so that quality issues can be resolved in a timely and cost-effective manner.

42

8.4 TESTING IN THE ITERATIVE LIFECYCLE:

Testing is not a single activity, nor is it a phase in the project during which we assess quality. If developers are to obtain timely feedback on evolving product quality, testing must occur throughout the lifecycle: we can test the broad functionality of early prototypes: we can test the stability, coverage and performance of the architecture while there is still an opportunity to fix it; and we can test the final product to assess its readiness for delivery to customers.

8.5 DIMENSIONS OF TESTING:

To assess product quality, different kinds of tests, each one with a different focus, are needed. These tests can be categorized by several dimensions: 8.5.1 Quality dimension: The major quality characteristic or attribute that is the focus of test. 8.5.2 Stage of testing: The point in the lifecycle at which the test, usually limited to a single quality dimension. 8.5.3 Type of testing: The specific test objective for an individual test, usually limited to a single quality dimension.

8.5.1 STAGES OF TESTING

Testing is not a single activity, executed all at once. Testing is executed against different types of targets in different stages of the software development. Test stages progress from testing small elements of the system, such as components (unit testing), to testing completed systems (system testing). The four stages have the following purposes:

43

8.5.1.1Unit test: The smallest testable elements of the system are tested individually; typically at the same time those elements are implemented. 8.5.1.2Integration test: The integrated units (or components or subsystems) are tested. 8.5.1.3System test: The complete application and system (one or more applications) are tested. 8.5.1.4Acceptance test: The complete application (or system) is tested by end users (or representatives) for the purpose of determining readiness for deployment.

These stages occur throughout the lifecycle, with varying emphasis. An early conceptual prototype user in the inception phase to assess the viability of the product vision will be subjected to acceptance tests. Architectural prototype developed during the elaboration phase be subjected to integration and system tests to validate architectural integrity and performance of key architectural elements.

44

9. BIBILIOGRAPHY:

Reference: http://java.sun.com/products/jsp http://jspguru.com http://www.w3schools.com

45

46

47

48

49

50

51