Highly Confidential Security System

Software Requirements Specification

Version 1.0

Mentor
Prof. Swati. J. N
Team Members
12BIF0047 Hashim Khan
12BCE0033 Abhinav Prasad
Department: Computer Science and Engineering
College
Vellore University of Technology, Katpadi, Vellore 632014.
State: Tamil Nadu

Table of Contents
1.0 Introduction

1.1
1.2
1.3
1.4
1.5
1.6
1.7

Purpose
Scope
Definition, Acronyms and Abbreviations
References
Technologies to be Used
Tools to be used
Overview

2.0 Overall Description

2.1 Product Perspective
2.2 Software Interface
2.3 Hardware Interface
2.4 Product Function
2.5 User Characteristics
2.6 Constraints
2.7 Assumptions and Dependencies
2.8 Use Case Model Description
2.9 Class Design
2.10Database Design
2.10.1 ER Diagram
2.10.2 Schema
3.0 Specific Requirements
3.1 Use Case Reports
3.2 Supplementary Requirements
3.3 Additional Diagrams and Information

1.

INTRODUCTION

Due to busy life style we cant remember certain confidential data

like Email Id and Password, Bank account numbers, Insurance policy
number, PAN card number, Driving License number, Password Port
number, Higher education certificate Numbers, Some highly valued
scan copy, confidential audio, music and video files.
InCrypt is a highly secure web application to store all
confidential data in single credentials. The security system will help
user in logging in to the client system for which it is holding/storing
the password, either by the software interface or directly by hardware
interface.
1.1 Purpose
InCrypt is a web application developed for secure and easy
access of data. InCrypt is a useful and convenient application that
spares you the trouble of remembering the passwords and securing
the files. This application helps people to store their passwords and
various types of files like photos, music and videos in a secure and
efficient manner. The application which we develop here uses state of
the art encryption technology to secure files and access over
anywhere in the world using the internet.
1.2 Scope
There are two basic users Administrator and Public.
All users have their own profile in InCrypt.
Administrator has the ability to manage the registered user
profiles and organize the files stored in the server.
Administrator has the ability to provide push notifications to the
registered users handheld devices like mobile, tab via the
webpage.
Public are the users using this web application to store their
confidential data in single credentials.
Public can access their files through internet from anywhere in
the world.

 Public can view individual profiles and chat amongst themselves,

but sharing of data is prohibited.
1.3 Definitions, Acronyms and Abbreviations
HCSS
Highly Secure Confidential System is a web application which allows
users to store their confidential data in highly secure lockers.
AJAX
Asynchronous JavaScript and XML is about updating parts of a web
page, without reloading the whole page.
Database platform (DB2)
DB2 Database is the database management system that delivers a
flexible and cost effective database platform to build robust on
demand business applications and supports the J2EE and web
services standards.
WASCE
Websphere Application Server Community Edition is an application
server that runs and supports J2EE and web service applications.
UML
Unified Modeling Language is a standard language for writing
software blueprints. The UML may be used to visualize, specify,
construct and document.
XML
Extensible Markup Language is a text based format that let
developers describe, deliver and exchange structured data between a
range of applications to client for display and manipulation.
JSP
Java Server Pages is used to create dynamic web content
J2EE - Java 2 Enterprise Edition is a programming platform which is a
part of java platform for developing and running distributed java

HTTP
Hypertext Transfer Protocol is a transaction oriented client/server
protocol between web browser and a Web Server.
HTTPS
Secure Hypertext Transfer Protocol is a HTTP over SSL (secure socket
layer)
RAD
Rational Application Developer is a development tool that helps to
design web pages and also helps to design the diagrams like ER,
Database schema diagrams and to generate DDL.
WAS (Websphere Application Server)
It is an application server that runs business applications and
supports the J2EE and web services standards.
SOA: Service-Oriented Architecture is a set of principles and
methodologies for designing and developing software in the form of
interoperable services.
1.4 References
Software Engineering Theory and Practice (2nd Edition) - Shari
Lawrence Pfleeger
Java Complete Reference (7th Edition) Herbert Schildt.
Cryptography and Network Security William Stallings
Database Management Systems - Navathe.

1.5 Technologies to be used

J2EE: Programming Platform for developing and running
distributed Java
AJAX: Updating parts of a web page, without reloading the whole
page.
SOA: Set of principles and methodologies for designing and
developing software in the form of interoperable services.
UML: Standard for writing software blueprints, and used to
visualize, specify, construct and document.
XML: XML is a text based format that let developers describe,
deliver and exchange structured data between a range of
applications to client for display and manipulation.
LaTeX: Lamport Text is a document preparation system and
document markup language used for the communication and
publication of scientific documents in many fields.
1.6 Tools to be Used
Rational Rose
Rational Rose is an object-oriented programming (OOP) and unified
modeling language (UML) tool to design enterprise-level software
applications and components. It creates visual software application
models under object-oriented principles. Example application models
include the creation of actors, use cases, relationships, entities, etc. It
uses classical UML concepts to graphically model software
applications. This facilitates documenting the environment,
requirements and overall design.
Eclipse
Eclipse is a multi-language software development environment
comprising an integrated development environment (IDE) and an
extensible plug-in system.
WPS
WPS stands for Wi-Fi Protected Setup and was designed to simplify
the process of configuring security on wireless networks.

Rational Software Architect (RSA)

IBM Rational Software Architect, (RSA) made by IBM's Rational
Software division, is a comprehensive modeling and development
environment that uses the Unified Modeling Language (UML) for
designing architecture for C++ and Java 2 Enterprise Edition (J2EE)
applications and web services.
Web server - WASCE
Websphere Application Server Community Edition (from now on
WASCE) is a free, certified Java EE 5 server for building and managing
Java applications. It is IBM's supported distribution of Apache
Geronimo that uses Tomcat for servlet container and Axis 2 for web
services. Over 15 WASCE developers are committers in the Apache
Geronimo project
MySQL
MySQL is the worlds most popular open source database, enabling
the cost-effective delivery of reliable, high-performance and scalable
Web-based and embedded database applications.
Drupal
Drupal is a free, open-source web development platform for online
content and user communities. Drupal powers some of the busiest
sites on the web, and can be adapted to virtually any visual design.
1.7 Overview
The SRS will include two sections, namely:
Overall Description
This section will describe major components of the system,
interconnections, and external interfaces.
Specific Requirements
This section will describe the functions of actors, their roles in the
system and the constraints faced by the system.

2. OVERALL DESCRIPTIONS
2.1 Product Perspective
InCrypt is available for use by the administrator and the public.
The administrator and public will use the webpage as a front end. The
browser goes through an http server while the application server
manages the connection between the front end and backend. All
types of information and data that are necessary for the users are
stored in MySQL.
2.2 Software Interface
All users (Admin and Public) require internet connection for
communication.
Public : Web browser (any), operating system (any)
Administrator: Web browser (any), operating system (Windows)
Web Server: WASCE, Operating System (Windows)
Data Base Server: MySQL, operating system (Windows)
Development End: RAD (J2EE, java, java bean, Servlet, HTML,
XML, AJAX) operating system (Windows), Web Sphere (Web
Server)
2.3 Hardware Interface
Minimum Requirements
InCrypt (Server)
Processer
RAM
Storage
Intel Pentium
4 GB RAM
Space
IV
AMD Athlon (1.8 1 GB RAM
MySQL 6.2
GHz)
CE
Public (User)
Browser
Internet Explorer 7,
Firefox 13 with
Flash Plug-ins

Processer
Intel Pentium IV
AMD
Athlon (1.8 GHz)

Disk Space
5 TB
1 GB

RAM
1 GB RAM

Recommended Requirements
InCrypt (Server)
Processer
RAM
Storage
Intel Core
8 GB RAM
Space
Family (Any)
AMD Phenom
MySQL 6.2
2 GB RAM
(2.2 GHz)
CE
Public (User)
Browser
Latest Versions of
Browsers (any)

Processer
Intel Core Family
(Any)
AMD Phenom (2.2
GHz)

Disk Space
10 TB
2 GB

RAM
2 GB RAM

2.4 Product Functions

The InCrypt service provides User interface (UI) to Public and
administrator for creating their profiles.
This product has the ability to send a Password Reset link to the
users mail, if the user forgets the password for accessing the
account.
This product is able to detect the users browsers.
This product provides the users to create the locker facilities for
Bank account information, Music, Video and Image files.
This product allows the registered users to store their important
details on a server in an encrypted format and while
downloading, it is automatically decrypted.
This product provides the facility for administrators to generate
the reports on users logs in .PDF and Microsoft Excel formats.
It ask the accounts current password from the user when they
want their personal credentials from our server as a report (PDF
and Excel).
2.5 User Characteristics
Both public and administrator will be using HTTP protocol.

 Public use the FTP protocol for uploading and downloading the
files to or from the server.
Administrator configures the SMTP (Simple Mail Transfer Protocol)
Server for sending the mail to the user.
2.6 Constraints
GUI is only in English.
Login and password is used for the identification of the public
and administrator.
Limited to HTTP, SMTP and FTP protocol.
Centralized server is used.
2.7 Assumptions and Dependencies
InCrypt is a platform independent web application. It is assumed
that the client or user computer has latest browser with JavaScript
enabled. In addition, Firefox and Internet Explorer need the flash plugins to play the media files. For configuring the SMTP Server it needs
the Linux operating system with at least kernel version 2.6.30, if
server is in windows then it may need Windows Server.
Sending the message (SMS) to the users mainly depends on the
network operator.
The file uploading and downloading speed are determined by the
network bandwidth and speed of the client.

2.8 Use Case Model Description

2.8 Use Case Model Description

Public
The Public can upload their files in their own personal locker. The
locker includes various subsets like Music locker, Image locker, Video
locker, Password locker and Bank Account Information locker. Public
can access their personal (uploaded) files through internet. Public are
able to view the notifications sent from the administrator in the
webpage.
Administrator
Administrator has the ability to manage the registered users profile.
Administrator can send the notification to any user about any

changes in the service and also clarify the users doubts and
questions about the service in the FAQ (Frequently asked Questions).
System
While users are trying to create their account, InCrypt validates the
users details and post the message (success or failure) to them.
Server has the ability to send the Password reset link to the users
mail, if the user forgets the password to access their account. It
automatically blocks the abuse users. When users are uploading the
file, the system encrypts it by using a state of the art encryption
algorithm. When the users are downloading their file, the system
decrypts it.

3. SPECIFIC REQUIREMENTS
3.1 Use Case Report
3.1.1 Administrator

USECASE
Register
Login
Logout
Manage FAQ
View Profile
Update Profile
Push Notifications
Manage User Profiles
Manage Lockers
Generate Report

DESCRIPTION
The administrator create their account
for managing the service
The administrator can sign into account
to manage the service
Logging out from the server
The Admin may manage the Frequently
Asked Question page to clarify user
doubts
The admin can view their own profile
The Admin may update their own profile
The admin can send notifications to
registered users informing them of any
changes
The admin can manage the field
registered users profile
The admin may manage and maintain
the various security lockers
The admin may generate reports about
the service

3.1.1 Public

USECASE
Register
Login
Logout
FAQ
View Profile
Update Profile
View Notifications
Download from Lockers
Upload in Lockers
Generate Report

DESCRIPTION
The public can create their account for
using the service
The user can sign in into account and
use the service
Logging out from the server
The user can ask and answer questions
in the Frequently Asked Questions (FAQ)
page.
The user can view their own profile
The user may update their own profile
The user can view a notification from
the administrator
The user may securely download his
files from the various lockers
The user may store his confidential data
in various lockers
The user may generate reports about
the service

3.2 State Transition Diagrams

3.2.1 User Registration
The user is made to fill all the mandatory fields. Each user must pick
a unique user name. If the user has filled a name that is already
present in the database, then the user will be asked to fill in a
different username. After this the user must enter his password twice.
When the user clicks the submit button the database verifies if all the
mandatory fields are filled or not. When all the fields are filled, the
verification mail is automatically send to the users mail. On clicking
the verification link, the user is registered in the database.

3.2.1 User Registration Activity

3.2.2 Login

The user enters the login credentials (User name and

Password). InCrypt System validates the login credentials. System
returns error message if credentials are invalid. After verification, the
system checks if the user is an admin or a member. If user is a
member, then the system redirects to the members home page. If
the user is administrator then the system redirects to the
administrators home page.

3.2.2 Login Activity