digisafe project report
TRANSCRIPT
DIGISAFE
by
Ashwini Kumar (0609013023)
Chetan Anand (0609013028)
Gaurav Gupta (0609013032)
Manpreet Bhatia(0609013040)
Department of : Information Technology
IEC College of Engineering and Technology
Plot No. 4, Institutional Area, Surajpur Kasna Road, Knowledge Park - 1Greater Noida
June,2010
1
DIGISAFE
By:
Ashwini Kumar (0609013023)
Chetan Anand (0609013028)
Gaurav Gupta (0609013032)
Manpreet Bhatia(0609013040)
Submitted to the Department of Information Technology
in partial fulfillment of the requirements
for the degree of
Bachelor of Technology
in
Information Technology
IEC College of Engineering and Technology
U.P. Technical University
June, Year 2010
2
TABLE OF CONTENTS Page
DECLARATION ................................................................................................... 4
CERTIFICATE ..................................................................................................... 5
ACKNOWLEDGEMENTS .................................................................................. 6
ABSTRACT........................................................................................................... 7
LIST OF TABLES.................................................................................................. 8
LIST OF SYMBOLS .............................................................................................. 9
LIST OF ABBREVIATIONS................................................................................ 10
CHAPTER 1.................................................................................................
1.1 INTRODUCTION............................................................................................ 12
1.2 PROJECT OVERVIEW..................................................................................... 13
1.3 PROBLEM DEFINITION………………………………………………..…... 14
CHAPTER 2 ..............................................................................................................
2.1. PROPOSED SYSTEM AND TARGETED USER........................................... 16
2.2. SYSTEM REQUIREMENT SPECIFICATION............................................... 18
2.3 FEASIBILITY STUDY....................................................... .............................. 19
CHAPTER 3......................................................................................................
3.1. DATABASE DESCRIPTION ......................................................................... 27
3.2. DATA DESIGN ................................................................................................ 30
3.2.1. E-R DIAGRAM……………………………………………………..
3.3. SYSTEM DESIGN……………………………………………………………… 31
3.3.1.UML DESIGN…………………………………………………………
3.3.2. DATA FLOW DIAGRAM……………………………....
CHAPTER 4 …………………….........................................................................
4.1. SNAPSHOTS……………………………………………………. 40
APPENDIX A ......................................................................................................... 61
REFERENCES... .................................................................................................... 70
3
DECLARATION
we hereby declare that this submission is our own work and that, to the best of our knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the award of any other degree or diploma of the university or other institute of higher learning, except where due acknowledgment has been made in the text.
Name : Ashwani Kumar
Roll No.: 0609013023
Name : Chetan Anand
Roll No.: 0609013040
Name : Gaurav Gupta
Roll No.: 0609013032
Name : Manpreet Singh Bhatia
Roll No.: 0609013040
Date:
Signature :
4
CERTIFICATE
This is to certify that Project Report entitled “DigiSafe” which is submitted by Ashwani
Kumar, Chetan Anand, Gaurav Gupta and Manpreet Bhatia in partial fulfillment of the
requirement for the award of degree B. Tech. in Department of Information Technology of
U. P. Technical University is a record of the candidate own work carried out by him under
my/our supervision. The matter embodied in this thesis is original and has not been submitted
for the award of any other degree.
Date: Supervisor
Mr. Abhishek Chaudhary
Lecturer
Dept. Of Information Technology
IEC College of Eng. & Tech
Gr. NOIDA
5
ACKNOWLEDGEMENT
It gives us a great sense of pleasure to present the report of the B. Tech Project undertaken during B. Tech. Final Year. We owe special debt of gratitude to Professor Abhishek Chaudhary, Department of Computer Science & Engineering, IEC College of Engineering & Technology, Gr. Noida for his constant support and guidance throughout the course of our work. His sincerity, thoroughness and perseverance have been a constant source of inspiration for us. It is only his cognizant efforts that our endeavors have seen light of the day.
We also take the opportunity to acknowledge the contribution of Professor Rajeev Ranjan, Department of Computer Science & Engineering, IEC College of Engineering & Technology, Gr. Noida for his full support and assistance during the development of the project.
We also do not like to miss the opportunity to acknowledge the contribution of all faculty members of the department for their kind assistance and cooperation during the development of our project. Last but not the least, we acknowledge our friends for their contribution in the completion of the project.
Name : Ashwani Kumar
Roll No.: 0609013023
Name : Chetan Anand
Roll No.: 0609013028
Name : Gaurav Gupta
Roll No.: 0609013032
Name : Manpreet Singh Bhatia
Roll No.: 0609013040:
Date:
Signature:
6
Abstract
The security of information available to an organization was primarily provided through
physical and administrative means. For example, rugged file cabinets with a combination
lock were used for storing sensitive documents and personnel screening procedures were
employed during the hiring process. With the introduction of the computer, the need for
automated tools for protecting files and other information stored on the computer became
evident.
This is especially the case for a shared system and the need is even more acute for a
network. Computer networks were primarily used by university researches for sending e-
mail, and by corporate employees for sharing printers. Under these conditions, security was
not given much attention. Today, since the world is going global, and trillions of data are
transferred daily across networks, security is looming on the horizon as a potentially massive
problem. The generic name for the collection of tools designed to protect data and to thwart
hackers is Computer Security.
In the project titled “Digital Signatures” security is ensured in the Messaging System
of an organization. In this application, if an employee wishes to send confidential information
to another employee connected through the intranet of their organization, he first signs the
message and then sends it to the recipient. He signs the message using Digital Signatures.
The person who receives the message validates the sender and if the message is from an
authorized employee, he reads the message. The above operation is performed using Digital
Signature Algorithm (DSA). This application makes sure that the security services
Authentication, Secrecy, Integrity, and Non-repudiation are provided to the user.
Therefore, intruders cannot gain access to classified information.
7
LIST OF TABLES
Entity: Login_digisafe
Role: To maintain the username and the related password of different users.
Entity: Inbox_digisafe
Role: To maintain the received mails of different users.
Entity: sent_digisafe
Role: To maintain the sent mails of different users.
Entity: certificate_digisafe
Role: To maintain the certificate of different users.
Entity: attachment_digisafe
Role: To maintain the files attached with message of different users.
8
LIST OF SYMBOLS
An activity , a title for the activity should be placed inside rectangle.
Data flow , arrow should be labeled with the name of data moving between the activities.
A file or store . A straight line connects the file to the activity that access the file .the name of the file should be indicated within the rectangle.
A source or recipient . A label should be placed within the oval.
9
LIST OF ABBREVIATIONS
DFD – Data flow diagram
E-R Diagram – Entity relationship diagram
10
CHAPTER 1
1.1. Introduction
1.2. Project Overview
1.3. Problem Definition
11
1.1. INTRODUCTION
Scope
The project is confined to the intranet in an organization. This application makes sure
that security services such as secrecy, authentication, integrity and non-repudiation are
provided to the communicating parties.
Objective
This project has been developed keeping in view the security features that need to be
implemented in the networks following the fulfillment of these objectives:
To develop an application that deals with the security threats that arise in the network.
To enable the end-users as well as the organizations come out with a safe messaging
communication without any threats from intruders or unauthorized people.
To deal with the four inter-related areas of network security namely Secrecy,
Authentication, Non-repudiation and Integrity.
12
1.2. Project Overview
This application makes use of Digital Signature Algorithm (DSA) along with a hash
function. The hash code is provided as input to a signature function along with a random
number generated for this particular signature. The signature function also depends on the
sender’s private key and a set of parameters known to a group of At the receiving end,
verification is performed. The receiver generates a quantity that is a function of the public-
key components, the sender’s public key, and the hash code of the incoming message. If
this quantity matches with one of the components of the signature, then the signature is
validated.
This application makes sure that the security services Authentication, Secrecy,
Integrity, and Non-repudiation are provided to the user.
This application allows to keep the information out of the hands of unauthorized
persons. This is called Secrecy.
It also deals with determining whom a person is communicating with before revealing
sensitive information or entering a business deal. This is called Authentication.
Non-repudiation deals with proving that a particular message was sent by a
particular person in case he denies it later.
Integrity makes sure whether a particular message has been modified or something
has been added to it.
13
1.3. Problem Definition
Message authentication protects two parties who exchange messages from any third
party. However, it does not protect the two parties against each other. Several forms of
disputes between the two parties are possible.
For example, suppose that A sends an authenticated message to B. Consider the
following disputes that could arise:
1. B may forge a different message and claim that it came from A. B would simply have
to create a message and append an authentication code using the key that A and B share.
2. A may deny sending the message. Because it is possible for B to forge a message,
there is no way to prove that A did in fact send the message.
The most attractive solution to this problem is the Digital Signature. The Digital Signature is
analogous to the handwritten signature. It must have the following properties:
It must be able to verify the author and the date and time of the signature.
It must be able to authenticate the contents at the time of the signature.
The signature must be verified by third parties, to resolve disputes.
Thus, the digital signature function includes the authentication function.
Based on the above properties, the following requirements can be formulated for the
digital signatures:
The signature must be a bit pattern that depends on the message being signed.
The signature must use some information unique to the
sender, to prevent both forgery and denial.
It must be relatively easy to produce the digital signature.
It must be relatively easy to recognize and verify the digital signature.
It must be computationally infeasible to forge a digital signature, either by constructing a
new message for an existing digital signature or by constructing a fraudulent digital
signature for a given message.
It must be practical to retain a copy of the digital signature in storage.14
CHAPTER 2
2.1. Proposed System & Targeted User
2.2. System Requirement Specification
2.3. Feasibility Study
15
2.1. Proposed System & Targeted User
Existing system
These days almost all organizations around the globe use a messaging system to
transfer data among their employees through their exclusive intranet. But the security
provided is not of high standards. More and more unauthorized people are gaining access to
confidential data.
Disadvantages:
The validity of sender is not known.
The sender may deny sending a message that he/she has actually sent and similarly
the receiver may deny the receipt that he/she has actually received.
Unauthorized people can gain access to classified data.
Intruders can modify the messages or the receiver himself may modify the message
and claim that the sender has sent it.
Proposed system
The system will provide the following security services:
Confidentiality:
Confidentiality is the protection of transmitted data from passive attacks. With respect
to the release of message contents, several levels of protection can be identified. The broadest
service protects all user data transmitted between two users over a period of time. For
example, if a virtual circuit is set up between two systems, this broad protection would
prevent the release of any user data transmitted over the virtual circuit. Narrower forms of
this service can also be defined, including the protection of a single message or even specific
fields within a message. These refinements are less useful than the broad approach and may
even be more complex and expensive to implement. The other aspect of confidentiality is the
protection of traffic flow from analysis. This requires that an attacker not be able to observe
16
the source and destination, frequency, length, or other characteristics of the traffic on a
communications facility.
Authentication:
The authentication service is concerned with assuring that a communication is
authentic. In the case of a single message, such as a warning or alarm signal, the function of
the authentication service is to assure the recipient that the message is from the source that it
claims to be from. In the case of an ongoing interaction, such as the connection of a terminal
to a host, two aspects are involved. First, at the time of connection initiation, the service
assures that the two entities are authentic (i.e. that each is the entity that it claims to be).
Second, the service must assure that the connection is not interfered with in such a way that a
third party can masquerade as one of the two legitimate parties for the purposes of
unauthorized transmission or reception.
Integrity:
Integrity basically means ensuring that the data messages are not modified. An
integrity service that deals with a stream of messages assures that messages are received as
sent, with no duplication, insertion, modification, reordering or replays. The destruction of
data is also covered under this service. Thus the integrity service addresses both message
modification and denial of service.
Non-repudiation:
Non-repudiation prevents either sender or receiver from denying a transmitted
message. Thus, when a message is sent, the receiver can prove that the message was in fact
sent by the alleged sender. Similarly, when a message is received, the sender can prove that
the message was in fact received by the alleged receiver.
17
2.2. System Requirement Specification
Client Configuration
Intel Pentium IV or equivalent with :
- 512 MB RAM
- 80GB Hard Disk
- OS: Windows 2000 / XP (includes Internet Explorer version 6)
- Word processing software (Open office / MS Office)
- 100 MBPS Ethernet Card
Server Configuration
4 Servers each with following configuration :
- 1 CPU
- OS: Windows 2000 / XP (includes Internet Explorer version 6)
- RAM : 16 GB Minimum
- 120GB X 3 Hard Disk
- Oracle Application Server 10g Enterprise Edition
- Oracle Database 10g Enterprise Edition
18
2.3. FEASIBILITY STUDY
An important outcome of the preliminary investigation is to determine that whether the
system requested is feasible. Depending on the results of the preliminary investigation the
survey is expended to a more detailed feasibility study.
Feasibility study is a test of a system proposal according to its workability,
impact on the organization, ability to meet user needs, and effective use of resources.
The objective of feasibility study is not to solve the problem but to acquire a sense of its
scope. During the study, the problem definition is crystallized and aspects of the problem to
be included in the system are determined. Consequently, costs and benefits are estimated with
greater accuracy at this stage.
The result of the Feasibility study is a formal proposal.This is simply a report-a formal
document detailing the nature and scope of the Proposed solution. Finally, Feasibility Study
is carried out to select the best system that meets the performance requirements.
A feasibility study is carried out to select the best system that meets the
performance requirements.Feasibility is the determination of whether or not project is worth
doing. The process followed in making this determination is called a Feasibility study.
19
Objectives of Feasibility Study
The main objectives of feasibility study are:
To identify the deficiencies in the current system. To determine objectives of the proposed system. To acquire a sense of scope of the system. To identify the responsible users. To determine whether it is feasible to develop the new system.
Steps in Feasibility Study
Feasibility study is carried out in the following steps:
Form a project team and appoint a project leader (Systems Analyst). Start preliminary investigation through different fact finding techniques. Prepare the systems flowcharts of the current system. Identify and describe the deficiencies in the current system. Determine objectives of the proposed system. Prepare the systems flowchart of the proposed system. Identify and enumerate the existing computer systems along with their technical
specifications. Determine the cost and benefits of the proposed system. Identify the responsible users and determine the operational feasibility. Prepare the feasibility study report. Give the oral presentation of the feasibility study.
TYPES OF FEASIBILITY
The study is conducted to evaluate the possibility of HRM systems to produce the desired
20
outputs .Most successful system projects are not necessarily the biggest or most visible in a business but rather those that truly meet user expectations. Three key considerations
involved are :
1. ECONOMIC FEASIBILITY
Economic analysis is the most frequently used method for evaluating the Effectiveness
of a HRM Systems .Most commonly known as cost/benefit analysis, the procedure is to
determine the benefits and savings that are expected from a system and compare them with
costs involved.
Benefits from The System are:
System will be user friendly.
No information gap.
Accurate and latest information will help managers for quick decision
21
Types of Feasibility
Technical
Economic
Operational
making.
Saving of precious time and resources.
The cost are negligible as the needed infrastructure already exists .As the benefits greatly
overweighs cost, the proposed system is economically feasible.
Economic analysis is the most frequently used technique for evaluating the effectiveness
of a proposed system. Commonly known as cost / benefit analysis. The procedure is to
determine the benefit and savings that expected from a proposed system and compare
them with costs. In case of profit, decision is taken to design and implement the system.
The proposed system is financially feasible because of the following reason:
1. The cost of the system development is not much because of module /
department wise automation.
2. Then organization wants to implement wise so this system cannot take
a heavy amount to implement the system into the form of hardware
investment.
3. The proposed system is economic, as it will reduce the time investment
in running the daily transaction.
2. TECHNICAL FEASIBILITY
Technical feasibility centers on the existing computer system (Hardware and software
etc.) and to what extent it can support the proposed system .In case of this system, the
required infrastructure i.e. hardware, software application and technical know-how already
exists .Thus the project is then technically feasible. This is concerned with specifying
equipment and software that will successfully satisfy the user requirements. The are a number
of technical issue, which are raised during the feasibility stage investigation. The are as
follow:
Technical feasibility centers on the existing computer system (hardware, software, etc.)
and to what extent it can support the proposed addition. Time duration is also a part of
technical feasibility. Time is one of the major factors to decide the success of the project. If
project is not complete within the time duration, the budget will be increase definitely. If the
22
budget is a serious constraint, then the project is judged not feasible .So if it is very serious
matter, each project team should keeps in mind this, to complete the project with in specified
time.
The facility to produce output in a given time.
Response time under certain condition.
Ability to process ascertains volume of package at a particular speed.
Facility to communicate data to distinct location.
The proposed system is technically feasibility because of following reason:
The organization want to build the computer based system for data.
Maintained into the digital form so that maintaining of information will gone to
Be easy and retrieval of the information is fast.
After converting data into the digital form cost of stationary is saved.
This system also able to produce the required the report in least time.
This system has also the facility to communication among the terminals to
distant locations.
3. OPERATIONAL FEASIBILITY
It is mainly related to human organizational and political aspect. the points to be
considered are:
What changes will be brought with the system?
What organizational structures are distributed?
What new skills will be required?
The proposed system is feasibility because of following reasons:
The system reduce the workload of the staff because on a mouse click he / she the
desired result, work can be done with the help of keyboard and mouse watching the
computer screen not on the paper.
The system will be build on the technology of GUI so that interaction to the system not
23
be boring as like writing / preparing / maintaining data into the form of the manual
paper. Users that work into the GUI environment works more interestingly than the
paper based.
This result work more efficiently.
The proposed system is better in use and user friendly as it generates proper message
at run time.
The input from the user is much as the fields like supplier code. Customer code and
current data are included itself by the system.
4. BEHAVIOURAL FEASIBILITY
Behavioural feasibility is procedure to determine an estimate of how strong reaction the user
staff is likely to have towards the development of a computerized system. It is common
knowledge .Those computer installations have something to do with turnover, transfers,
retraining and changes in employee job status. Therefore, it is understandable that the
introduction of a candidate system requires special effort to educate and train the staffon new
ways of handling the system. All along the above studies and discussion the users were
actively involved and were keen to get a new system, which would eliminate all the problems
in the existing system. The total project costs, priority, completion time and personnel’s
required were estimated. Initial plans were drawn up to how the project would proceed to its
final Implementation,while running the existing system so that company’s information needs
were not affected. Feasibility Study helps to determine performance
and cost Effectiveness of the system, against the system performance requirements set
prior to the feasibility study.
24
5. SOCIAL FEASIBILITY
People are inherently resistant to change, and computers have been known to facilitate
change . An adverse reaction and resistance is always expected from the user staff. Our case
is different .The users get the graphical displays of information which is quickly
understandable than capturing the information from reports.
6. TIME FEASIBILITY
Time feasibility is the determination of whether a proposed project can be implemented
fully within stipulated time frame.
STEPS IN FEASIBILITY ANALYSIS
FEASIBILITY ANALYSIS INVOLVES EIGHT STEPS:-
Form a project team and appoint a project leader.
Prepare system flowcharts and Enumerate potential candidate systems
Describe and identify characteristics of candidate systems.
Determine and evaluate performance and cost effectiveness of each candidate system.
Weight system performance and cost data then select the best candidate system.
To produce periodic reports to management on the performance of the safe deposit
department.
25
CHAPTER 3
3.1. Database description
3.2. Database design
3.3. system design
3.1. Database Description
Entity: Login_digisafe
Role: To maintain the username and the related password of different users.26
Attributes:
NAME NULL? TYPE
Username Not null Varchar2
Password Not null Varchar2
Question Varchar2
Answer Varchar2
Check1 Number
Entity: Inbox_digisafe
Role: To maintain the received mails of different users.
Attributes:
NAME NULL? TYPE
Username_sender Not null Varchar2
Username_receiver Not null Varchar2
Subject Varchar2
Message Varchar2
Message_digest Not null Long raw
Message_key Not null Varchar2
Message_date Not null Date
Check1 Not null Number
Entity: sent_digisafe
Role: To maintain the sent mails of different users.
Attributes:
27
NAME NULL? TYPE
Username_sender Not null Varchar2
Username_receiver Not null Varchar2
Subject Varchar2
Message Varchar2
Message_date Not null Date
Entity: certificate_digisafe
Role: To maintain the certificate of different users.
Attributes:
NAME NULL? TYPE
Username Not null Varchar2
Cfile Varchar2
Entity: attachment_digisafe
Role: To maintain the files attached with message of different users.
28
Attribute:
NAME NULL? TYPE
Message_date Varchar2
Attach1 Varchar2
Message_digest1 Varchar2
Attach2 Varchar2
Message_digest2 Varchar2
Attach3 Varchar2
Message_digest3 Varchar2
Attach4 Varchar2
Message_digest4 Varchar2
Attach5 Varchar2
Message_digest5 Varchar2
29
3.2. Data Design
3.2.1 E-R Diagram
30
3.3. System Design
3.3.1. UML Diagram
3.3.2. Data flow diagrams
31
32
33
2ND Level DFD’S
34
35
Compose Mail
36
Validate Mail
37
Create Certificate
38
Sent Mail
39
SCREEN SHOTS
Screen ShotsScreen 1 - Login Screen
40
Screen 2 – Home Screen
This is home page of Administrator
41
This is home page of User
42
Screen 2 – Create Certificate
43
44
Screen 3 – Compose
Writing
45
Attaching files
46
47
Encryption
48
Signing
49
50
Screen 4 – Registration
51
52
Screen 5 – Edit Profile
53
Screen 6 – Change Password
54
Screen 7 – Forgot Password
55
56
57
Screen 7 – Sent Mail
58
59
Appendix
60
J2EE
Sun Microsystems provides specifications for a comprehensive suite of technologies to solve large
scale distributed system problems. This suite is the Java 2 Enterprise Edition, commonly known as
J2EE. The J2EE Platform provides a component-based approach to the design, development,
assembly, and deployment of enterprise applications.
The J2EE platform is designed to provide server-side and client-side support for developing
enterprise, multi-tier applications. Such applications are typically configured as a client tier to provide
the user interface, one or more middle-tier modules that provide client services and business logic for
an application, and backend enterprise information systems providing data management.
J2EE APIs
JDBC – Java Database Connectivity
RMI – IIOP - Remote Method Invocation over Internet Inter-Orb Protocol
EJB – Enterprise Java Beans
Java Servlet
JSP – Java Server Pages
JMS – Java Message Service
JNDI – Java Naming and Directory Interface
J2EE Technologies
61
Figure: J2EE Contrainer
J2EE applications are made up of components. A J2EE component is a self-contained
functional software unit that is assembled into a J2EE application with its related classes and
files and that communicates with other components. The J2EE specification defines the
following J2EE components:
The Component technologies – to hold the business logic. (JSP, Servlets and EJB)
The Service technologies – to provide supported services to application components
(JDBC, JTA, JNDI)
The Communication technologies – transparent to appln programmer, provide the
mechanism for communication among different parts of the application JavaMail,
RMI-IIOP)
J2EE does not specify the nature and structure of the runtime.
J2EE Container – capability of the runtime to manage application components.
J2EE APIs specifies the contract between the applications and the container.
Different Containers – Web, EJB, Applet, application client.
The J2EE platform uses a multi-tiered distributed application model. Application logic is
divided into components according to function, and the various application components that
make up a J2EE application are installed on different machines depending on the tier in the
multi-tiered J2EE environment to which the application component belongs
Client-tier components run on Client machine.
Web-tier components run on the J2EE server.
Business-tier components run on the J2EE server.
Enterprise information system (EIS)-tier software runs on the EIS server.
62
Enterprise Java Beans (EJB)
Enterprise JavaBeans (EJB) technology is a J2EE technology for developing business
components in a component-based, enterprise Java application. Business components
developed with EJB technology are often called Enterprise JavaBeans components or simply
"enterprise beans."
They are re-usable software units containing business logic.
An EJB is just a collection of Java classes and an XML Request, bundled into a single
unit.
Java classes must follow certain rules and provide certain callback methods.
There are three types of enterprise beans:
Session beans
o Stateful
o Stateless
Entity beans
o Bean-managed Persistence (BMP)
o Container-managed Persistence (CMP)
o Enterprise Javabeans Query Language
Message-driven beans
Session beans
A session bean represents a single unique session between a client and an instance of the
bean. A session bean can't be shared. One instance of the bean is tied to a specific client in a
specific session. The session bean exposes methods that a client can call to execute business
tasks on the server. When Client's session ends, the session bean is no longer associated with
that client.
63
There are two types of session beans: stateful and stateless.
o Stateful
A stateful session bean maintains data about the unique client-bean session in its instance
variables. The data represents the state (often called the "conversational state") of that
specific session. The conversational state is maintained for the life of Client-bean association.
Significantly, this means that the data is maintained across operations.
o Stateless
A stateless session bean does not maintain conversational state for its client. Because a
stateless session bean cannot maintain conversational state across methods, it's typically used
for one-step tasks, such as sending an email that confirms an online order.
Entity beans
An entity bean represents data in a storage medium, such as a relational database. Each entity
bean may correspond to a table in a relational database, and each instance of the bean
corresponds to a row in that table. Entity beans are not limited to representing relational
databases. They can represent data in other types of data stores, but the majority of enterprise
applications that use EJB technology access data in relational databases.
An entity bean can manage its own persistence (this is called bean-managed persistence) or
let the EJB container manage it (container-managed persistence). With bean-managed
persistence, the entity bean code includes SQL statements that access the database. With
container-managed persistence, the EJB container automatically generates the necessary
database access calls.
Message Driven Beans
64
A message-driven bean processes asynchronous messages typically sent through the Java
Message Service (JMS) API. Asynchronous messaging frees the message sender from
waiting for a response from the message receiver.
A message-driven bean can process messages sent by any J2EE component (such as an
application client, another enterprise bean, or a web component) or by a JMS application or
system that does not use J2EE technology. Often message-driven beans are used to route
messages. This makes them useful in many business-to-business communication scenarios.
65
Oracle 10g Database & Application Server
Oracle Wwblogic Application Server Enterprise Edition
Includes: Oracle Forms Services, Oracle Reports Services, TopLink, Portal, Discoverer
Viewer, Discoverer Plus (Web Functionality), Identity Management (LDAP), Application
Interconnect Toolkit, Workflow, Wireless Option, Personalization, and 5 JDeveloper Named
User Plus licenses per Processor.
Oracle Database 10g Enterprise Edition
Includes: JServer Enterprise Edition, interMedia, Objects Option, Networking Kit, Objects
for OLE, Advanced Replication Option, Distributed Option, Parallel Query Option,
(including bitmap indexes and parallel bitmap-star query), SQL*Plus, Visual Information
Retrieval and Workflow. Also included are: Advanced Backup & Recovery, Queuing,
Advanced, Connection Manager & Pooling, 64-bit option, MPI, OCI, ODBC Driver,
Enterprise Manager and Enterprise backup utility.
Other Features of ORACLE
66
67
Client/Server (distributed processing) environments
To take full advantage of a given computer system or network, Oracle allows processing to be split between the database server and Client application programs.
Large databases and spaces management
Oracle supports the largest of databases, potentially 100 terabytes in size. To make efficient use of expensive hardware devices, it allows full control of space usage.
Many concurrent database users
Oracle supports large numbers of concurrent users executing a variety of database applications operating on the same data. It minimizes data contention and guarantees data concurrency.
High transaction processing performance
Oracle maintains the preceding features with a high degree of overall system performance.
High availability Oracle can work 24x7 with no down time for quite a large amount of time.
Controlled availability
Oracle can selectively control the availability of data, at the database level and sub-database level. For example, an administrator can disallow use of a specific application so that the application’s data can be reloaded, without affecting other applications.
Database enforced integrity
Oracle enforces data integrity, “business rules” that dictate the standards for acceptable data. As a result, the costs of coding and managing checks in many database applications are eliminated.
Distributed Systems For networked, distributed environments, Oracle combines the data physically located on different computers into one logical database that can be accessed by all network users. Distributed systems have the same degree of user transparency and data consistency as non-distributed systems, yet receive the advantages of local database management.
Oracle also offers the heterogeneous option that allows users to access data on some non-Oracle databases transparently.
Portability Oracle software is ported to work under different operating systems. Applications developed for Oracle can be ported to any operating system with little or no modification.
Compatibility Oracle software is compatible with industry standards, including most industry standard operating systems. Applications developed for Oracle can be used on virtually any system with little or no modification.
Connection ability Oracle software allows different types of computers and operating systems to share information across network.
JavaScript
JavaScript was originally developed by Brendan Eich of Netscape under the name Mocha,
later LiveScript, and finally renamed to JavaScript. The change of name from LiveScript to
JavaScript roughly coincided with Netscape adding support for Java technology in its
Netscape Navigator web browser. JavaScript was first introduced and deployed in the
Netscape browser version 2.0B3 in December of 1995. When web developers talk about
using JavaScript in Internet Explorer, they are actually using JScript. The choice of name
proved to be a source of much confusion.
As of 2006, the latest version of the language is JavaScript 1.7. The previous version 1.6
corresponded to ECMA-262 Edition 3 like JavaScript 1.5, except for Array extras, and Array
and String generics. ECMAScript, in simple terms, is a standardized version of JavaScript.
The ECMA-357 standard specifies E4X, a language extension dealing with XML.
JavaScript is a prototype-based scripting language with a syntax loosely based on C. Like C,
the language has no input or output constructs of its own. Where C relies on standard I/O
libraries, a JavaScript engine relies on a host environment into which it is embedded. There
are many such host environment applications, of which web technologies are the best-known
examples. These are examined first.
One major use of web-based JavaScript is to write functions that are embedded in or included
from HTML pages and interact with the Document Object Model (DOM) of the page to
perform tasks not possible in HTML alone. Some common examples of this usage follow.
Opening or popping up a new window with programmatic control over the size,
position and 'look' of the new window (i.e. whether or not the menus, toolbars, etc. are
visible).
Validation of web form input values to make sure that they will be accepted before
they are submitted to the server.
Changing images as the mouse cursor moves over them: This effect is often used to
draw the user's attention to important links displayed as graphical elements.
68
REFERNCES
Web resources
www.java.sun.comOfficial Java Website
www.java.sun.com/developer/onlineTraining/J2EE/Intro2/j2ee.html
Training for J2EE
Books
API DOCS –JAVA, J2EE, Java Mail, Java Servlets, JSPsBy: Sun Microsystems
Java2 - The Complete Reference(7TH Edition)By: Herbert Schildt
JSP - The Complete ReferenceBy: Philhanna
Oracle 10g By: Ivan Baross
Software EngineeringBy: Roger Pressman
Head First Servlets & JSP By: Bryan Bashan, Kathy Sierra & Bert Bates
69