DIGISAFE

by

Ashwini Kumar (0609013023)

Chetan Anand (0609013028)
Gaurav Gupta (0609013032)
Manpreet Bhatia(0609013040)

Department of : Information Technology

IEC College of Engineering and Technology

Plot No. 4, Institutional Area, Surajpur Kasna Road, Knowledge Park - 1
Greater Noida

June,2010

DIGISAFE
1
 By:
Ashwini Kumar (0609013023)
Chetan Anand (0609013028)
Gaurav Gupta (0609013032)
Manpreet Bhatia(0609013040)

Submitted to the Department of Information Technology

in partial fulfillment of the requirements

for the degree of

Bachelor of Technology

in

Information Technology

IEC College of Engineering and Technology

U.P. Technical University

June, Year 2010

TABLE OF CONTENTS Page

2
DECLARATION ................................................................................................... 4
CERTIFICATE ..................................................................................................... 5
ACKNOWLEDGEMENTS .................................................................................. 6
ABSTRACT........................................................................................................... 7
LIST OF TABLES.................................................................................................. 8
LIST OF SYMBOLS .............................................................................................. 9
LIST OF ABBREVIATIONS................................................................................ 10
CHAPTER 1.................................................................................................
1.1 INTRODUCTION............................................................................................ 12
1.2 PROJECT OVERVIEW..................................................................................... 13
1.3 PROBLEM DEFINITION………………………………………………..…... 14
CHAPTER 2 ..............................................................................................................
2.1. PROPOSED SYSTEM AND TARGETED USER........................................... 16
2.2. SYSTEM REQUIREMENT SPECIFICATION............................................... 18
2.3 FEASIBILITY STUDY....................................................... .............................. 19
CHAPTER 3......................................................................................................
3.1. DATABASE DESCRIPTION ......................................................................... 27
3.2. DATA DESIGN ................................................................................................ 30
3.2.1. E-R DIAGRAM……………………………………………………..
3.3. SYSTEM DESIGN……………………………………………………………… 31
3.3.1.UML DESIGN…………………………………………………………
3.3.2. DATA FLOW DIAGRAM……………………………....
CHAPTER 4 …………………….........................................................................
4.1. SNAPSHOTS……………………………………………………. 40
APPENDIX A ......................................................................................................... 61
REFERENCES... .................................................................................................... 70

3
 DECLARATION

we hereby declare that this submission is our own work and that, to the best of our
knowledge and belief, it contains no material previously published or written by another
person nor material which to a substantial extent has been accepted for the award of any
other degree or diploma of the university or other institute of higher learning, except where
due acknowledgment has been made in the text.

Name : Ashwani Kumar

Roll No.: 0609013023

Name : Chetan Anand

Roll No.: 0609013040

Name : Gaurav Gupta

Roll No.: 0609013032

Name : Manpreet Singh Bhatia

Roll No.: 0609013040

Date:

Signature :

CERTIFICATE

4
This is to certify that Project Report entitled “DigiSafe” which is submitted by Ashwani
Kumar, Chetan Anand, Gaurav Gupta and Manpreet Bhatia in partial fulfillment of the
requirement for the award of degree B. Tech. in Department of Information Technology of
U. P. Technical University is a record of the candidate own work carried out by him under
my/our supervision. The matter embodied in this thesis is original and has not been submitted
for the award of any other degree.

Date: Supervisor

Mr. Abhishek Chaudhary

Lecturer

Dept. Of Information Technology

IEC College of Eng. & Tech

Gr. NOIDA

ACKNOWLEDGEMENT

5
It gives us a great sense of pleasure to present the report of the B. Tech Project undertaken
during B. Tech. Final Year. We owe special debt of gratitude to Professor Abhishek
Chaudhary, Department of Computer Science & Engineering, IEC College of Engineering
& Technology, Gr. Noida for his constant support and guidance throughout the course of our
work. His sincerity, thoroughness and perseverance have been a constant source of
inspiration for us. It is only his cognizant efforts that our endeavors have seen light of the
day.

We also take the opportunity to acknowledge the contribution of Professor Rajeev Ranjan,
Department of Computer Science & Engineering, IEC College of Engineering &
Technology, Gr. Noida for his full support and assistance during the development of the
project.

We also do not like to miss the opportunity to acknowledge the contribution of all faculty
members of the department for their kind assistance and cooperation during the development
of our project. Last but not the least, we acknowledge our friends for their contribution in the
completion of the project.

Name : Ashwani Kumar

Roll No.: 0609013023

Name : Chetan Anand

Roll No.: 0609013028

Name : Gaurav Gupta

Roll No.: 0609013032

Name : Manpreet Singh Bhatia

Roll No.: 0609013040:

Date:

Signature:

Abstract

6
 The security of information available to an organization was primarily provided through
physical and administrative means. For example, rugged file cabinets with a combination
lock were used for storing sensitive documents and personnel screening procedures were
employed during the hiring process. With the introduction of the computer, the need for
automated tools for protecting files and other information stored on the computer became
evident.

This is especially the case for a shared system and the need is even more acute for a
network. Computer networks were primarily used by university researches for sending e-
mail, and by corporate employees for sharing printers. Under these conditions, security was
not given much attention. Today, since the world is going global, and trillions of data are
transferred daily across networks, security is looming on the horizon as a potentially massive
problem. The generic name for the collection of tools designed to protect data and to thwart
hackers is Computer Security.

In the project titled “Digital Signatures” security is ensured in the Messaging System
of an organization. In this application, if an employee wishes to send confidential information
to another employee connected through the intranet of their organization, he first signs the
message and then sends it to the recipient. He signs the message using Digital Signatures.
The person who receives the message validates the sender and if the message is from an
authorized employee, he reads the message. The above operation is performed using Digital
Signature Algorithm (DSA). This application makes sure that the security services
Authentication, Secrecy, Integrity, and Non-repudiation are provided to the user.
Therefore, intruders cannot gain access to classified information.

LIST OF TABLES

Entity: Login_digisafe

7
Role: To maintain the username and the related password of different users.

Entity: Inbox_digisafe

Role: To maintain the received mails of different users.

Entity: sent_digisafe

Role: To maintain the sent mails of different users.

Entity: certificate_digisafe

Role: To maintain the certificate of different users.

Entity: attachment_digisafe

Role: To maintain the files attached with message of different users.

LIST OF SYMBOLS

8
An activity , a title for the activity should be placed inside rectangle.

Data flow , arrow should be labeled with the name of data moving
between the activities.

A file or store . A straight line connects the file to the activity that access the
file .the name of the file should be indicated within the rectangle.

A source or recipient . A label should be placed within the oval.

9
 LIST OF ABBREVIATIONS

DFD – Data flow diagram

E-R Diagram – Entity relationship diagram

10
 CHAPTER 1

1.1. Introduction
1.2. Project Overview
1.3. Problem Definition

11
 1.1. INTRODUCTION

Scope

The project is confined to the intranet in an organization. This application makes sure
that security services such as secrecy, authentication, integrity and non-repudiation are
provided to the communicating parties.

Objective

This project has been developed keeping in view the security features that need to be
implemented in the networks following the fulfillment of these objectives:

• To develop an application that deals with the security threats that arise in the network.
• To enable the end-users as well as the organizations come out with a safe messaging
communication without any threats from intruders or unauthorized people.
• To deal with the four inter-related areas of network security namely Secrecy,
Authentication, Non-repudiation and Integrity.

12
 1.2. Project Overview

This application makes use of Digital Signature Algorithm (DSA) along with a hash

function. The hash code is provided as input to a signature function along with a random

number generated for this particular signature. The signature function also depends on the

sender’s private key and a set of parameters known to a group of At the receiving end,

verification is performed. The receiver generates a quantity that is a function of the public-

key components, the sender’s public key, and the hash code of the incoming message. If

this quantity matches with one of the components of the signature, then the signature is

validated.

This application makes sure that the security services Authentication, Secrecy,
Integrity, and Non-repudiation are provided to the user.
• This application allows to keep the information out of the hands of unauthorized
persons. This is called Secrecy.

• It also deals with determining whom a person is communicating with before revealing
sensitive information or entering a business deal. This is called Authentication.

• Non-repudiation deals with proving that a particular message was sent by a

particular person in case he denies it later.

• Integrity makes sure whether a particular message has been modified or something
has been added to it.

13
1.3. Problem Definition

Message authentication protects two parties who exchange messages from any third
party. However, it does not protect the two parties against each other. Several forms of
disputes between the two parties are possible.

For example, suppose that A sends an authenticated message to B. Consider the

following disputes that could arise:
1. B may forge a different message and claim that it came from A. B would simply have
to create a message and append an authentication code using the key that A and B
share.

2. A may deny sending the message. Because it is possible for B to forge a message,
there is no way to prove that A did in fact send the message.

The most attractive solution to this problem is the Digital Signature. The Digital Signature is
analogous to the handwritten signature. It must have the following properties:

• It must be able to verify the author and the date and time of the signature.

• It must be able to authenticate the contents at the time of the signature.

• The signature must be verified by third parties, to resolve disputes.

Thus, the digital signature function includes the authentication function.

Based on the above properties, the following requirements can be formulated for the
digital signatures:
• The signature must be a bit pattern that depends on the message being signed.

• The signature must use some information unique to the

sender, to prevent both forgery and denial.

• It must be relatively easy to produce the digital signature.

• It must be relatively easy to recognize and verify the digital signature.

• It must be computationally infeasible to forge a digital signature, either by

constructing a new message for an existing digital signature or by constructing a
fraudulent digital signature for a given message.

14
• It must be practical to retain a copy of the digital signature in storage.

CHAPTER 2

2.1. Proposed System & Targeted User

2.2. System Requirement Specification

2.3. Feasibility Study

15
 2.1. Proposed System & Targeted User

Existing system

These days almost all organizations around the globe use a messaging system to
transfer data among their employees through their exclusive intranet. But the security
provided is not of high standards. More and more unauthorized people are gaining access to
confidential data.

Disadvantages:

• The validity of sender is not known.

• The sender may deny sending a message that he/she has actually sent and similarly
the receiver may deny the receipt that he/she has actually received.
• Unauthorized people can gain access to classified data.
• Intruders can modify the messages or the receiver himself may modify the message
and claim that the sender has sent it.
Proposed system

The system will provide the following security services:

Confidentiality:

Confidentiality is the protection of transmitted data from passive attacks. With respect
to the release of message contents, several levels of protection can be identified. The broadest
service protects all user data transmitted between two users over a period of time. For
example, if a virtual circuit is set up between two systems, this broad protection would
prevent the release of any user data transmitted over the virtual circuit. Narrower forms of
this service can also be defined, including the protection of a single message or even specific
fields within a message. These refinements are less useful than the broad approach and may
even be more complex and expensive to implement. The other aspect of confidentiality is the

16
protection of traffic flow from analysis. This requires that an attacker not be able to observe
the source and destination, frequency, length, or other characteristics of the traffic on a
communications facility.

Authentication:

The authentication service is concerned with assuring that a communication is

authentic. In the case of a single message, such as a warning or alarm signal, the function of
the authentication service is to assure the recipient that the message is from the source that it
claims to be from. In the case of an ongoing interaction, such as the connection of a terminal
to a host, two aspects are involved. First, at the time of connection initiation, the service
assures that the two entities are authentic (i.e. that each is the entity that it claims to be).
Second, the service must assure that the connection is not interfered with in such a way that a
third party can masquerade as one of the two legitimate parties for the purposes of
unauthorized transmission or reception.

Integrity:

Integrity basically means ensuring that the data messages are not modified. An
integrity service that deals with a stream of messages assures that messages are received as
sent, with no duplication, insertion, modification, reordering or replays. The destruction of
data is also covered under this service. Thus the integrity service addresses both message
modification and denial of service.

Non-repudiation:

Non-repudiation prevents either sender or receiver from denying a transmitted

message. Thus, when a message is sent, the receiver can prove that the message was in fact
sent by the alleged sender. Similarly, when a message is received, the sender can prove that
the message was in fact received by the alleged receiver.

17
2.2. System Requirement Specification

 Client Configuration

Intel Pentium IV or equivalent with :

- 512 MB RAM

- 80GB Hard Disk

- OS: Windows 2000 / XP (includes Internet Explorer version 6)

- Word processing software (Open office / MS Office)

- 100 MBPS Ethernet Card

 Server Configuration

4 Servers each with following configuration :

- 1 CPU

- OS: Windows 2000 / XP (includes Internet Explorer version 6)

- RAM : 16 GB Minimum

- 120GB X 3 Hard Disk

- Oracle Application Server 10g Enterprise Edition

- Oracle Database 10g Enterprise Edition

2.3. FEASIBILITY STUDY

18
An important outcome of the preliminary investigation is to determine that whether the
system requested is feasible. Depending on the results of the preliminary investigation the
survey is expended to a more detailed feasibility study.

Feasibility study is a test of a system proposal according to its workability,

impact on the organization, ability to meet user needs, and effective use of resources.

The objective of feasibility study is not to solve the problem but to acquire a sense of its
scope. During the study, the problem definition is crystallized and aspects of the problem to
be included in the system are determined. Consequently, costs and benefits are estimated with
greater accuracy at this stage.

The result of the Feasibility study is a formal proposal.This is simply a report-a formal
document detailing the nature and scope of the Proposed solution. Finally, Feasibility Study
is carried out to select the best system that meets the performance requirements.

A feasibility study is carried out to select the best system that meets the
performance requirements.Feasibility is the determination of whether or not project is worth
doing. The process followed in making this determination is called a Feasibility study.

Objectives of Feasibility Study

19
The main objectives of feasibility study are:

• To identify the deficiencies in the current system.

• To determine objectives of the proposed system.
• To acquire a sense of scope of the system.
• To identify the responsible users.
• To determine whether it is feasible to develop the new system.

Steps in Feasibility Study

Feasibility study is carried out in the following steps:

• Form a project team and appoint a project leader (Systems Analyst).

• Start preliminary investigation through different fact finding techniques.
• Prepare the systems flowcharts of the current system.
• Identify and describe the deficiencies in the current system.
• Determine objectives of the proposed system.
• Prepare the systems flowchart of the proposed system.
• Identify and enumerate the existing computer systems along with their technical
specifications.
• Determine the cost and benefits of the proposed system.
• Identify the responsible users and determine the operational feasibility.
• Prepare the feasibility study report.
• Give the oral presentation of the feasibility study.

TYPES OF FEASIBILITY
The study is conducted to evaluate the possibility of HRM systems to produce the desired

outputs .Most successful system projects are not necessarily the biggest or most visible in a
business but rather those that truly meet user expectations. Three key considerations
20
involved are :

Types of Feasibility

Technical

Economic

Operational

1. ECONOMIC FEASIBILITY

Economic analysis is the most frequently used method for evaluating the Effectiveness
of a HRM Systems .Most commonly known as cost/benefit analysis, the procedure is to
determine the benefits and savings that are expected from a system and compare them with
costs involved.

Benefits from The System are:

• System will be user friendly.

• No information gap.
• Accurate and latest information will help managers for quick decision
making.

• Saving of precious time and resources.

21
The cost are negligible as the needed infrastructure already exists .As the benefits greatly
overweighs cost, the proposed system is economically feasible.

Economic analysis is the most frequently used technique for evaluating the effectiveness
of a proposed system. Commonly known as cost / benefit analysis. The procedure is to
determine the benefit and savings that expected from a proposed system and compare
them with costs. In case of profit, decision is taken to design and implement the system.
The proposed system is financially feasible because of the following reason:
1. The cost of the system development is not much because of module /
department wise automation.
2. Then organization wants to implement wise so this system cannot take
a heavy amount to implement the system into the form of hardware
investment.
3. The proposed system is economic, as it will reduce the time investment
in running the daily transaction.

2. TECHNICAL FEASIBILITY

Technical feasibility centers on the existing computer system (Hardware and software
etc.) and to what extent it can support the proposed system .In case of this system, the
required infrastructure i.e. hardware, software application and technical know-how already
exists .Thus the project is then technically feasible. This is concerned with specifying
equipment and software that will successfully satisfy the user requirements. The are a number
of technical issue, which are raised during the feasibility stage investigation. The are as
follow:

Technical feasibility centers on the existing computer system (hardware, software, etc.)

and to what extent it can support the proposed addition. Time duration is also a part of
technical feasibility. Time is one of the major factors to decide the success of the project. If
project is not complete within the time duration, the budget will be increase definitely. If the
budget is a serious constraint, then the project is judged not feasible .So if it is very serious
matter, each project team should keeps in mind this, to complete the project with in specified
time.

22
 • The facility to produce output in a given time.
• Response time under certain condition.
• Ability to process ascertains volume of package at a particular speed.
• Facility to communicate data to distinct location.
• The proposed system is technically feasibility because of following reason:
• The organization want to build the computer based system for data.
• Maintained into the digital form so that maintaining of information will gone to
Be easy and retrieval of the information is fast.
After converting data into the digital form cost of stationary is saved.
• This system also able to produce the required the report in least time.
• This system has also the facility to communication among the terminals to
distant locations.

3. OPERATIONAL FEASIBILITY

It is mainly related to human organizational and political aspect. the points to be

considered are:
• What changes will be brought with the system?
• What organizational structures are distributed?
• What new skills will be required?

The proposed system is feasibility because of following reasons:

The system reduce the workload of the staff because on a mouse click he / she the
desired result, work can be done with the help of keyboard and mouse watching the
computer screen not on the paper.
The system will be build on the technology of GUI so that interaction to the system not
be boring as like writing / preparing / maintaining data into the form of the manual
paper. Users that work into the GUI environment works more interestingly than the
paper based.
This result work more efficiently.
23
The proposed system is better in use and user friendly as it generates proper message
at run time.
The input from the user is much as the fields like supplier code. Customer code and
current data are included itself by the system.

4. BEHAVIOURAL FEASIBILITY

Behavioural feasibility is procedure to determine an estimate of how strong reaction the user
staff is likely to have towards the development of a computerized system. It is common
knowledge .Those computer installations have something to do with turnover, transfers,
retraining and changes in employee job status. Therefore, it is understandable that the
introduction of a candidate system requires special effort to educate and train the staffon new
ways of handling the system. All along the above studies and discussion the users were
actively involved and were keen to get a new system, which would eliminate all the problems
in the existing system. The total project costs, priority, completion time and personnel’s
required were estimated. Initial plans were drawn up to how the project would proceed to its
final Implementation,while running the existing system so that company’s information needs
were not affected. Feasibility Study helps to determine performance

and cost Effectiveness of the system, against the system performance requirements set

prior to the feasibility study.

5. SOCIAL FEASIBILITY

24
 People are inherently resistant to change, and computers have been known to facilitate
change . An adverse reaction and resistance is always expected from the user staff. Our case
is different .The users get the graphical displays of information which is quickly
understandable than capturing the information from reports.

6. TIME FEASIBILITY

Time feasibility is the determination of whether a proposed project can be implemented

fully within stipulated time frame.

STEPS IN FEASIBILITY ANALYSIS

FEASIBILITY ANALYSIS INVOLVES EIGHT STEPS:-

• Form a project team and appoint a project leader.

• Prepare system flowcharts and Enumerate potential candidate systems
• Describe and identify characteristics of candidate systems.
• Determine and evaluate performance and cost effectiveness of each candidate system.
• Weight system performance and cost data then select the best candidate system.
• To produce periodic reports to management on the performance of the safe deposit
• department.

25
 CHAPTER 3

3.1. Database description

3.2. Database design

3.3. system design

3.1. Database Description

Entity: Login_digisafe

Role: To maintain the username and the related password of different users.

Attributes:

NAME NULL? TYPE

26
 Username Not null Varchar2

Password Not null Varchar2

Question Varchar2

Answer Varchar2

Check1 Number

Entity: Inbox_digisafe

Role: To maintain the received mails of different users.

Attributes:

NAME NULL? TYPE

Username_sender Not null Varchar2

Username_receiver Not null Varchar2

Subject Varchar2

Message Varchar2

Message_digest Not null Long raw

Message_key Not null Varchar2

Message_date Not null Date

Check1 Not null Number

Entity: sent_digisafe

Role: To maintain the sent mails of different users.

Attributes:

NAME NULL? TYPE

Username_sender Not null Varchar2

Username_receiver Not null Varchar2

Subject Varchar2

27
Message Varchar2

Message_date Not null Date

Entity: certificate_digisafe

Role: To maintain the certificate of different users.

Attributes:

NAME NULL? TYPE

Username Not null Varchar2

Cfile Varchar2

Entity: attachment_digisafe

Role: To maintain the files attached with message of different users.

Attribute:

NAME NULL? TYPE

Message_date Varchar2

Attach1 Varchar2

Message_digest1 Varchar2

Attach2 Varchar2

28
Message_digest2 Varchar2

Attach3 Varchar2

Message_digest3 Varchar2

Attach4 Varchar2

Message_digest4 Varchar2

Attach5 Varchar2

Message_digest5 Varchar2

3.2. Data Design

3.2.1 E-R Diagram

29
3.3. System Design

30
3.3.1. UML Diagram

3.3.2. Data flow diagrams

31
32
2ND Level DFD’S

33
34
35
Compose Mail

36
 Validate Mail

Create Certificate
37
38
Sent Mail

SCREEN SHOTS

39
Screen Shots
Screen 1 - Login Screen

Screen 2 – Home Screen

40
 This is home page of Administrator

 This is home page of User

41
Screen 2 – Create Certificate

42
43
Screen 3 – Compose

Writing

44
 Attaching files

45
46
 Encryption

47
 Signing

48
49
Screen 4 – Registration
50
51
52
Screen 5 – Edit Profile

53
Screen 6 – Change Password

54
Screen 7 – Forgot Password

55
56
57
Screen 7 – Sent Mail

58
59
 Appendix

J2EE
Sun Microsystems provides specifications for a comprehensive suite of technologies to solve large
scale distributed system problems. This suite is the Java 2 Enterprise Edition, commonly known as

60
J2EE. The J2EE Platform provides a component-based approach to the design, development,
assembly, and deployment of enterprise applications.

The J2EE platform is designed to provide server-side and client-side support for developing
enterprise, multi-tier applications. Such applications are typically configured as a client tier to provide
the user interface, one or more middle-tier modules that provide client services and business logic for
an application, and backend enterprise information systems providing data management.

J2EE APIs

 JDBC – Java Database Connectivity

 RMI – IIOP - Remote Method Invocation over Internet Inter-Orb Protocol
 EJB – Enterprise Java Beans
 Java Servlet
 JSP – Java Server Pages
 JMS – Java Message Service
 JNDI – Java Naming and Directory Interface

J2EE Technologies

Figure: J2EE Contrainer

J2EE applications are made up of components. A J2EE component is a self-contained

functional software unit that is assembled into a J2EE application with its related classes and
files and that communicates with other components. The J2EE specification defines the
following J2EE components:
61
  The Component technologies – to hold the business logic. (JSP, Servlets and EJB)
 The Service technologies – to provide supported services to application components
(JDBC, JTA, JNDI)
 The Communication technologies – transparent to appln programmer, provide the
mechanism for communication among different parts of the application JavaMail,
RMI-IIOP)
 J2EE does not specify the nature and structure of the runtime.
 J2EE Container – capability of the runtime to manage application components.
 J2EE APIs specifies the contract between the applications and the container.
 Different Containers – Web, EJB, Applet, application client.

The J2EE platform uses a multi-tiered distributed application model. Application logic is
divided into components according to function, and the various application components that
make up a J2EE application are installed on different machines depending on the tier in the
multi-tiered J2EE environment to which the application component belongs

 Client-tier components run on Client machine.

 Web-tier components run on the J2EE server.
 Business-tier components run on the J2EE server.
 Enterprise information system (EIS)-tier software runs on the EIS server.

Enterprise Java Beans (EJB)

Enterprise JavaBeans (EJB) technology is a J2EE technology for developing business
components in a component-based, enterprise Java application. Business components

62
developed with EJB technology are often called Enterprise JavaBeans components or simply
"enterprise beans."

• They are re-usable software units containing business logic.

• An EJB is just a collection of Java classes and an XML Request, bundled into a single
unit.
• Java classes must follow certain rules and provide certain callback methods.

There are three types of enterprise beans:

• Session beans
o Stateful
o Stateless
• Entity beans
o Bean-managed Persistence (BMP)
o Container-managed Persistence (CMP)
o Enterprise Javabeans Query Language
• Message-driven beans

Session beans
A session bean represents a single unique session between a client and an instance of the
bean. A session bean can't be shared. One instance of the bean is tied to a specific client in a
specific session. The session bean exposes methods that a client can call to execute business
tasks on the server. When Client's session ends, the session bean is no longer associated with
that client.

There are two types of session beans: stateful and stateless.

o Stateful

63
A stateful session bean maintains data about the unique client-bean session in its instance
variables. The data represents the state (often called the "conversational state") of that
specific session. The conversational state is maintained for the life of Client-bean association.
Significantly, this means that the data is maintained across operations.

o Stateless

A stateless session bean does not maintain conversational state for its client. Because a
stateless session bean cannot maintain conversational state across methods, it's typically used
for one-step tasks, such as sending an email that confirms an online order.

Entity beans
An entity bean represents data in a storage medium, such as a relational database. Each entity
bean may correspond to a table in a relational database, and each instance of the bean
corresponds to a row in that table. Entity beans are not limited to representing relational
databases. They can represent data in other types of data stores, but the majority of enterprise
applications that use EJB technology access data in relational databases.

An entity bean can manage its own persistence (this is called bean-managed persistence) or
let the EJB container manage it (container-managed persistence). With bean-managed
persistence, the entity bean code includes SQL statements that access the database. With
container-managed persistence, the EJB container automatically generates the necessary
database access calls.

Message Driven Beans

A message-driven bean processes asynchronous messages typically sent through the Java
Message Service (JMS) API. Asynchronous messaging frees the message sender from
waiting for a response from the message receiver.

A message-driven bean can process messages sent by any J2EE component (such as an
application client, another enterprise bean, or a web component) or by a JMS application or
system that does not use J2EE technology. Often message-driven beans are used to route
messages. This makes them useful in many business-to-business communication scenarios.
64
Oracle 10g Database & Application Server

65
Oracle Wwblogic Application Server Enterprise Edition
Includes: Oracle Forms Services, Oracle Reports Services, TopLink, Portal, Discoverer
Viewer, Discoverer Plus (Web Functionality), Identity Management (LDAP), Application
Interconnect Toolkit, Workflow, Wireless Option, Personalization, and 5 JDeveloper Named
User Plus licenses per Processor.

Oracle Database 10g Enterprise Edition

Includes: JServer Enterprise Edition, interMedia, Objects Option, Networking Kit, Objects
for OLE, Advanced Replication Option, Distributed Option, Parallel Query Option,
(including bitmap indexes and parallel bitmap-star query), SQL*Plus, Visual Information
Retrieval and Workflow. Also included are: Advanced Backup & Recovery, Queuing,
Advanced, Connection Manager & Pooling, 64-bit option, MPI, OCI, ODBC Driver,
Enterprise Manager and Enterprise backup utility.

Other Features of ORACLE

66
Client/Server To take full advantage of a given computer system or
(distributed network, Oracle allows processing to be split between
processing) the database server and Client application programs.
environments

Large databases and Oracle supports the largest of databases, potentially

spaces management 100 terabytes in size. To make efficient use of
expensive hardware devices, it allows full control of
space usage.

Many concurrent Oracle supports large numbers of concurrent users

database users executing a variety of database applications operating
on the same data. It minimizes data contention and
guarantees data concurrency.

High transaction Oracle maintains the preceding features with a high

processing degree of overall system performance.
performance

High availability Oracle can work 24x7 with no down time for quite a
large amount of time.

Controlled Oracle can selectively control the availability of data,

availability at the database level and sub-database level. For
example, an administrator can disallow use of a
specific application so that the application’s data can
be reloaded, without affecting other applications.

Database enforced Oracle enforces data integrity, “business rules” that

integrity dictate the standards for acceptable data. As a result,
the costs of coding and managing checks in many
database applications are eliminated.

Distributed Systems For networked, distributed environments, Oracle

combines the data physically located on different
computers into one logical database that can be
accessed by all network users. Distributed systems
have the same degree of user transparency and data
consistency as non-distributed systems, yet receive the
advantages of local database management.

Oracle also offers the heterogeneous option that allows

users to access data on some non-Oracle databases
transparently.

Portability Oracle software is ported to work under different

operating systems. Applications developed for Oracle
can be ported to any operating system with little or no
modification.

Compatibility Oracle software is compatible with industry standards,

including most industry standard operating systems.
Applications developed for Oracle can be used on
virtually any system
67 with little or no modification.

Connection ability Oracle software allows different types of computers

and operating systems to share information across
network.
JavaScript
68
JavaScript was originally developed by Brendan Eich of Netscape under the name Mocha,
later LiveScript, and finally renamed to JavaScript. The change of name from LiveScript to
JavaScript roughly coincided with Netscape adding support for Java technology in its
Netscape Navigator web browser. JavaScript was first introduced and deployed in the
Netscape browser version 2.0B3 in December of 1995. When web developers talk about
using JavaScript in Internet Explorer, they are actually using JScript. The choice of name
proved to be a source of much confusion.

As of 2006, the latest version of the language is JavaScript 1.7. The previous version 1.6
corresponded to ECMA-262 Edition 3 like JavaScript 1.5, except for Array extras, and Array
and String generics. ECMAScript, in simple terms, is a standardized version of JavaScript.
The ECMA-357 standard specifies E4X, a language extension dealing with XML.

JavaScript is a prototype-based scripting language with a syntax loosely based on C. Like C,

the language has no input or output constructs of its own. Where C relies on standard I/O
libraries, a JavaScript engine relies on a host environment into which it is embedded. There
are many such host environment applications, of which web technologies are the best-known
examples. These are examined first.

One major use of web-based JavaScript is to write functions that are embedded in or included
from HTML pages and interact with the Document Object Model (DOM) of the page to
perform tasks not possible in HTML alone. Some common examples of this usage follow.

• Opening or popping up a new window with programmatic control over the size,
position and 'look' of the new window (i.e. whether or not the menus, toolbars, etc. are
visible).
• Validation of web form input values to make sure that they will be accepted before
they are submitted to the server.
• Changing images as the mouse cursor moves over them: This effect is often used to
draw the user's attention to important links displayed as graphical elements.

REFERNCES

69
Web resources
 www.java.sun.com
Official Java Website
 www.java.sun.com/developer/onlineTraining/J2EE/Intro2/j
2ee.html
Training for J2EE

Books
 API DOCS –JAVA, J2EE, Java Mail, Java Servlets, JSPs
By: Sun Microsystems

 Java2 - The Complete Reference(7TH Edition)

By: Herbert Schildt

• JSP - The Complete Reference

By: Philhanna

• Oracle 10g
By: Ivan Baross

• Software Engineering
By: Roger Pressman

• Head First Servlets & JSP

By: Bryan Bashan, Kathy Sierra & Bert Bates

70