1 Project 1-Final

Project title
E-Mail Security Tools Based On Java technology

A
Project Report Submitted
IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE
AWARD OF DEGREE OF
Computer Science and Engineering
E-mail security tools Page 1

Undertaking
We declare that the work presented in this project titled “E-

MAIL SECURITY TOOLS” submitted to computer science department,
United College of Engineering & Research, Naini Allahabad, for the award of
Bachelor of Technology in Computer Science & Engineering, is my original
work. I have not plagiarized or submitted the same work for the award of any
other degree. In case this undertaking is found incorrect, I accept that my degree
may be unconditionally withdrawn.
Anand Kumar Singh

June 2009 Anuj Kumar
Allahabad Ardhendu Kumar Singh
Deepika Singh

CERTIFICATE
This is to certify that the project entitled “E-Mail Security tools based on Java
Technology” submitted by Anand Kumar Singh, Anuj Kumar, Ardhendu Kumar Singh,
Deepika Singh in partial fulfillment of requirements for the award of degree of Bachelor of
Technology in Computer Science & Engineering discipline from United College of
Engineering and Research, Allahabad, is a record of bonafide work carried out by them
under my guidance.
Project Guide: Mr. Nishant Raj

June 2009 Sr. Lecturer
Department of Computer Science
United College of Engineering
and Research, Allahabad

ACKNOWLEDGEMENT
We express our sincere gratitude to Mr. Nishant Raj, Senior Lecturer, Computer Science
and Engineering Department for his guidance, constructive suggestions and all kinds of
possible help extended throughout the project. Such a nice working experience under his
guidance as a teamwork would be very beneficial for us in the future.
Thanks also to all those who directly or indirectly extended their co-operation towards
the project.
Despite of careful scrutiny after completion of this project. It is difficult to

claim perfection. Any comment and suggestion and constructive criticism about the
project will be heartedly welcomed.

Contents
1. Introduction…………………………………………………….…………….7-12
1.1 Project outline………………………………………………………..………7
1.2 Project aim………………………………………………………..…………12
2. Background………………………………………………………………….13-26
2.1 Introduction to Java…………………………………………………………13

2.2 About Net Beans IDE……………………………………………………… 17
2.3 Developing Java Applications………………………………………………19
2.4 Introduction to Microsoft SQL Server 2000………………………………..25
3. Feasibility Study…………………………………………………………….27-28
3.1 Problem Definition………………………………………………….….……27

3.2 Existing System……………………………………………………….……..27
3.3 Bottlenecks of the Existing System……………………………………..…...28
3.4 Proposed System………………………………………………………….....28
4. System Analysis……………………………………………………..….…….29-33
4.1 Expected Features……………………………………………………………29

4.2 System requirements……………………………………………….…………31
4.3 functional requirements………………………………………………………32
5. System Design………………………………………………………….….….34-40
5.1 Block diagram……………………………………………………….……….34

5.2 Data flow Diagram…………………………………………………..……….36
5.3 E-R Diagram for Address Book……………………………………...………38
5.4 Database Design. …………………………………………………………….40
6. System design interface………………………………………….…………41-54

7. Testing ………………………………………………………….…….…….55-71
8. Conclusion……………………………………………………………….….….72
9. Scope of the project…………………………………………………………….73
10. Future Enhancements. ………………………………………………………….74
11. Assumptions & Dependencies. …………………………………………...……75
12. Definitions Acronyms & Abbreviations. ………………………………………75
13. User Manual…………………………………………………………………….76
14. References…………………………………………………………..………….77
Introduction to E-mail Security Tools

Project outline
Our Project is based on the tools which deals with the security issues related
with the message passing over internet.
Before the Internet, computer security was limited to 'closed systems' or network
computers such as offices or banks where only people physically in the office could use the
computer system. It was quite easy for the network supervisor to set up user names and
passwords and since that time people have become used to logging on before they can use
these types of computers or resources.
With the advent of the Internet, computers users can now work in an 'open system' and
security has become much more complicated. Even though you can now connect your home
or office computer to the Internet and perform remote transactions without leaving the
building you still want to be sure that the transaction is secure. The transaction takes place
through the Internet by bouncing the information through various computers before it
reaches, for example, the bank's computer. You want to be sure that no one observes the
transaction along the way and collects or modifies your transaction information.
This is where computer security comes in. There are many different types of security systems
though most use a process called encryption. When you connect to your bank or other
service to make a transaction you are often required to send your account number or user
name as well as a Personal Identification Number (PIN) or password for verification. This
information should only be sent after establishing a secure connection. If you are using an
Internet browser you will see a small closed lock appear in the window of the browser. Once
you are connected to a secure server any information you send or receive is scrambled or
encrypted using a mathematical formula and then reassembled or decrypted at the other
end. The computer user usually will not notice this happening as they perform their secure
transaction. Anyone with criminal intent who intercepts your transaction will be treated to a
stream of garbled nonsense - (e.g.. qANQR1DBwU4D560EJv6XqrMQB)!
E-mail security issues and technologies are extremely complicated; however, here we
intend to make the salient issues and solutions.
E-mail is not a perfectly secure communication medium; however, it might surprise you to
learn just how inherently insecure email can be. Messages thought deleted can still exist in
backup folders on remote servers’ years after being sent. Hackers can read and modify
messages in transit, use your usernames and passwords to login to your online services, and
steal your identity and critical information!
As the amount of crucial business conducted via email increases, so does the amount of
Spam, viruses, hacking, fraud, and other malicious activity. Unless precautions are taken,
email can leave you and your business open to escalating security and privacy risks.
Our project contains four modules with the help of these modules we have tried to remove all
the above mentioned risk involved in message transfer through mail.
These four modules are –
Encryption/ Decryption Process
In this part of project we encrypt & decrypt the data in the form of text, image, audio
or video files. We have done encryption & decryption using various algorithms of
Cryptography & Computer Network Security.
While in encryption process we will read the data (text, an image, an audio file, or a
video file) in the form of bits then we perform operation on bits to encrypt & decrypt the
data. Then that encrypted data will be viewed & matched with the original data to compare as
the encryption done is suitable for the data in particular data or not. If the encryption process
leads to a good impression then the data is then further directed towards the decryption
process so as to get the original data.
After the encryption process the encrypted data get ready for the decryption process
which is the second part of this whole process. The encrypted data is then proposed to some
decryption technique for the decryption process. The decryption technique composed of the
algorithm used in cryptography & network security.
Same as in encryption process in decryption process also the data is read as in

the form of bits then the reverse of the encryption algo is used to reach the original data from
encrypted data. Then the output of the decryption is then matched with initial original data on
which the encryption algo was implied on, if the output data is equal to the original data then
the decryption process is said to be complete.
Compression & Decompression Process
The simplest type of redundancy in a file is the repetition of characters. For example,
consider the following string:
BBBBHHDDXXXXKKKKWWZZZZ
This string can be encoded more compactly by replacing each repeated string of characters by
a single instance of the repeated character and a number that represents the number of times it
is repeated. The earlier string can be encoded as follows:
4B2H2D4X4K2W4Z
Here "4B" means four B's, and 2H means two H's, and so on. Compressing a string in this
way is called run-length encoding.
As another example, consider the storage of a rectangular image. As a single color bitmapped
image, it can be stored as shown in Figure 1.
Figure 1: A bitmap with information for run-length encoding
Another approach might be to store the image as a graphics metafile:

Rectangle 11, 3, 20, 5
This says, the rectangle starts at coordinate (11, 3) of width 20 and length 5 pixels.
The rectangular image can be compressed with run-length encoding by counting identical bits
as follows:
0, 40
0, 40
0,10 1,20 0,10
0,10 1,1 0,18 1,1 0,10
0,10 1,1 0,18 1,1 0,10
0,10 1,1 0,18 1,1 0,10
0,10 1,20 0,10
0,40
The first line above says that the first line of the bitmap consists of 40 0's. The third line says
that the third line of the bitmap consists of 10 0's followed by 20 1's followed by 10 more 0's,
and so on for the other lines.
Note that run-length encoding requires separate representations for the file and its encoded
version. Therefore, this method cannot work for all files. Other compression techniques
include variable-length encoding (also known as Huffman Coding), and many others. For
more information, there are many books available on data and image compression techniques.
There are many benefits to data compression. The main advantage of it, however, is to reduce
storage requirements. Also, for data communications, the transfer of compressed data over
medium results in an increase in the rate of information transfer. Note that data compression
can be implemented on existing hardware by software or through the use of special hardware
devices that incorporate compression techniques. Figure 2 shows a basic data-compression
block diagram.

Steganography
In Steganography a digital picture (which contain large amounts of data) are used to
hide messages on the Internet and on other communication media. It is not clear how
commonly this is actually done. For example: a 24-bit bitmap will have 8 bits representing
each of the three color values (red, green, and blue) at each pixel. If we consider just the blue
there will be 28 different values of blue. The difference between 11111111 and 11111110 in
the value for blue intensity is likely to be undetectable by the human eye. Therefore, the least
significant bit can be used (more or less undetectably) for something else other than color
information. If we do it with the green and the red as well we can get one letter of ASCII text
for every three pixels. Stated somewhat more formally, the objective for making
steganographic encoding difficult to detect is to ensure that the changes to the carrier (the
original signal) due to the injection of the payload (the signal to covertly embed) are visually
(and ideally, statistically) negligible; that is to say, the changes are indistinguishable from the
noise floor of the carrier.
Address Book
This part of the project contains the usage of the database. This part is implemented
for the purpose of understanding of the database applications. Address book stored the
information of the persons which is entered by the user. Information contains attributes such
as name,address,sex,age,e-mail_id,phone no.,mobile no.,photo of the person.
Project aim
Every good software must have a goal or aim behind which it is developed. Our
project also has an aim for which we have developed our project. The objective behind
developing the project ‘e-mail security tools’ is that, we want to develop software that would
ensure the security of the message that has to delivered. This security is to provided by the
client or user itself.

We also wanted to provide reliable, accurate, flexible and user-friendly software. The
main objectives of our project are as follows: -
Reliability:-The project is reliable in working. If there may be any error in any tool of the
project, then it is easily handled and also it is easy to use for the user of it. The errors that
would be made by the user are easily handled.
Accuracy: - The project also provides accuracy to the user. The data that is entered by the
user is stored as it is entered, in an accurate form. It can be viewed any time as needed and it
will be displayed in their accurate form.
Flexibility:-The project is flexible in working. It can be run on each system and can be
moved to any other system. It can accept any small changes. If needed a slight change
can be made in future to it. Thus, it is flexible.
User-friendly:- The interface of the software is very user-friendly. Thus the user of it will
feel very easy to work on it. This is a need for the software because the software is also for a
general person and also for the professionals.
Easy to use: - The software is easy to use for the user. The project has a user-friendly
interface and easy tools to handle all the options. Thus, it is easy to use software.
Introduction to programming Language
Introduction to Java

Java is an object-oriented programming language with a built-in application programming
interface (API) that can handle graphics and user interfaces and that can be used to create
applications or applets. Because of its rich set of API's, similar to Macintosh and Windows,
and its platform independence, Java can also be thought of as a platform in itself. Java also
has standard libraries for doing mathematics.
Much of the syntax of Java is the same as C and C++. One major difference is that Java does
not have pointers. However, the biggest difference is that you must write object oriented code
in Java. Procedural pieces of code can only be embedded in objects. In the following we
assume that the reader has some familiarity with a programming language. In particular,
some familiarity with the syntax of C/C++ is useful.
In Java we distinguish between applications, which are programs that perform the same
functions as those written in other programming languages, and applets, which are programs
that can be embedded in a Web page and accessed over the Internet. Our initial focus will be
on writing applications. When a program is compiled, a byte code is produced that can be
read and executed by any platform that can run Java.
Features of Java
• Platform Independence
o The Write-Once-Run-Anywhere ideal has not been achieved (tuning for
different platforms usually required), but closer than with other languages.
• Object Oriented
o Object oriented throughout - no coding outside of class definitions, including
main ().
o An extensive class library available in the core language packages.
• Compiler/Interpreter Combo
o Code is compiled to byte codes that are interpreted by a Java virtual machines
(JVM).
o This provides portability to any machine for which a virtual machine has been
written.

o The two steps of compilation and interpretation allow for extensive code
checking and improved security.
• Robust
o Exception handling built-in, strong type checking (that is, all data must be
declared an explicit type), local variables must be initialized.
• Several dangerous features of C & C++ eliminated:

o No memory pointers
o No preprocessor
o Array index limit checking
• Automatic Memory Management
o Automatic garbage collection - memory management handled by JVM.
• Security
o No memory pointers
o A program runs inside the virtual machine sandbox.
o Array index limit checking
o Code pathologies reduced by
 byte code verifier - checks classes after loading
 Class loader - confines objects to unique namespaces. Prevents loading
a hacked "java.lang.SecurityManager" class, for example.
 Security manager - determines what resources a class can access such
as reading and writing to the local disk.
• Dynamic Binding
o The linking of data and methods to where they are located, is done at run-time.
o New classes can be loaded while a program is running. Linking is done on the
fly.
o Even if libraries are recompiled, there is no need to recompile code that uses
classes in those libraries.

This differs from C++, which uses static binding. This can result in fragile
classes for cases where linked code is changed and memory pointers then
point to the wrong addresses.
• Good Performance
o Interpretation of byte codes slowed performance in early versions, but
advanced virtual machines with adaptive and just-in-time compilation and
other techniques now typically provide performance up to 50% to 100% the
speed of C++ programs.
• Threading
o Lightweight processes, called threads, can easily be spun off to perform
multiprocessing.
o Can take advantage of multiprocessors where available
o Great for multimedia displays.
• Built-in Networking
o Java was designed with networking in mind and comes with many classes to
develop sophisticated Internet communications.
Features such as eliminating memory pointers and by checking array limits greatly help to
remove program bugs. The garbage collector relieves programmers of the big job of memory
management. These and the other features can lead to a big speedup in program development
compared to C/C++ programming.
Advantages of Java
The advantages of Java are as follows:
• Java is easy to learn.
Java was designed to be easy to use and is therefore easy to write, compile, debug,
and learn than other programming languages.

• Java is object-oriented.
This allows you to create modular programs and reusable code.
• Java is platform-independent.
• By using Java, one program can be run on many different platforms. This means that
you do not need to put your efforts on developing a different version of software for
each platform.
• There are many programmers who can understand and write code in Java, so that
many people can participate in developing open source software.
• In many cases, a Java virtual machine can prevent an incorrectly written application
program from causing problems to the rest of your computing environment.
One of the most significant advantages of Java is its ability to move easily from one computer
system to another. The ability to run the same program on many different systems is crucial
to World Wide Web software, and Java succeeds at this by being platform-independent at
both the source and binary levels.
Because of Java's robustness, ease of use, cross-platform capabilities and security features, it
has become a language of choice for providing worldwide Internet solutions.
About Net Beans IDE
The NetBeans IDE is an open-source integrated development environment written

entirely in Java using the NetBeans Platform. NetBeans IDE supports development of all Java
application types (Java SE, web, EJB and mobile applications) out of the box. Among other
features are an Ant-based project system, version control (supporting CVS, Subversion,
Mercurial and Clear case) and refactoring.

The NetBeans Platform allows applications to be developed from a set of modular software
components called modules. A module is a Java archive file that contains Java classes written
to interact with the NetBeans Open APIs and a manifest file that identifies it as a module.
Applications built on modules can be extended by adding new modules. Since modules can
be developed independently, applications based on the NetBeans platform can be extended by
third party developers.
Modularity: All the functions of the IDE are provided by modules. Each module provides a
well defined function, such as support for the Java language, editing, or support for the CVS
versioning system, and SVN. NetBeans contains all the modules needed for Java
development in a single download, allowing the user to start working immediately. Modules
also allow NetBeans to be extended. New features, such as support for other programming
languages, can be added by installing additional modules. For instance, Sun Studio, Sun Java
Studio Enterprise, and Sun Java Studio Creator from Sun Microsystems are all based on the
NetBeans IDE.
Current Versions: NetBeans IDE 6.5 extended the existing Java EE features (including Java
Persistence support, EJB 3 and JAX-WS). Additionally, the NetBeans Enterprise Pack
supports development of Java EE 5 enterprise applications, including SOA visual design
tools, XML schema tools, web services orchestration (for BPEL), and UML modeling. The
NetBeans IDE Bundle for C/C++ supports C/C++ projects.
NetBeans IDE 6.0 builds upon the previous version 5.5.1, which introduced comprehensive
support for developing IDE modules and rich client applications based on the NetBeans
platform, a new GUI builder (formerly known as "Project Matisse"), new and redesigned
CVS support, Web logic 9 and JBoss 4 support, and many editor enhancements. NetBeans
6.0 is being delivered as part of the Ubuntu 8.04 and the Debian Linux distributions.
The current version is NetBeans IDE 6.5.1, which was released in March 2009.
License: From July 2006 through 2007, NetBeans IDE was licensed under Sun's Common
Development and Distribution License (CDDL), a license based on the Mozilla Public
License (MPL). In October 2007, Sun announced that NetBeans would henceforth be offered
under a dual license of the CDDL and the GPL version 2 licenses, with the GPL linking
exception for GNU Classpath.

Developing Java Applications
Once you install NetBeans IDE 4.1, you should be able to see "NetBeans 4.1" in your
programs list. Try opening your tool by going to start -> programs -> Net Beans 4.1 ->
NetBeans IDE.
Let us create a simple console application using the same IDE. With the NetBeans IDE open,
go through the following steps:
• Go to File -> New project (or you can directly press the "New Project" button) as
highlighted in the following figure.

• You will be presented with a "New Project" window. Select "General" in the
"categories" and "Java Application" in the "Projects" (as shown in the figure below).
• After selecting accordingly click "next." You will be presented with the "New Java
Application" window.
• Give the "Project Name" as "HelloWorld," provide your own location, and switch off
the "Create Main Class" check box. Your window must look something like the one
below.

• Once it looks like the above, click on "Finish." At this moment, you will not see any
code (like you did in the previous section).
• Go to the "Projects" window, open up "DesktopHelloWorld," right click on "Source
Packages," go to new -> JFrame Form as shown below.
• In the "New JFrame" window, provide the class name "SampleJFrame" and provide
package name "SamplePack." Finally click finish.
• Now you will be able to see the "form design" mode (which is very similar to VB6 or
VB.NET). For this demonstration, you simply right click on the form (in design
mode), and go to Set Layout -> Null Layout.
• From the "Pallete" window, click on "JButton" and click on "form design." It will be
automatically added to the form. Make sure that the dragging and dropping of

controls is not permitted yet. You can observe that the "Pallete" window is very
similar to the "ToolBox" in VB6.
• You can drag and resize the button according to your wishes. Try playing with all of
its properties. If you don't see a properties window, right-click on the button and go
for "properties." It is very similar to the properties window that you see in VB6.
• Provide "Show" as a value for the "text" property for the button. You can even
rename the button by directly right clicking and selecting rename from the "inspector"
window (as shown below).
• Similarly add a "JLabel," set its "text" to empty and rename it "lblMsg."
• Next, double click on the button (which opens the code window) and modify your
code as follows:
public class SampleJFrame extends javax.swing.JFrame {
public SampleJFrame() {
initComponents();
setSize(400,400);
}
.
.
.
private void jButton1ActionPerformed

(java.awt.event.ActionEvent evt) {
// TODO add your handling code here:
this.lblMsg.setText("Hello World!");
}
.
.
.
}
• Hit F5 to execute your project (along with debugging). It will present you with the
following figure.
• Just hit "Ok" and get going on.

• You must see the output as in the figure below.

• Once you hit "Show," you must see the figure below.

Introduction to Microsoft SQL Server 2000
Microsoft SQL Server 2000 is a full-featured relational database management system

(RDBMS) that offers a variety of administrative tools to ease the burdens of database
development, maintenance and administration. In this article, we'll cover six of the more
frequently used tools: Enterprise Manager, Query Analyzer, SQL Profiler, Service Manager,
Data Transformation Services and Books Online. Let's take a brief look at each:
Enterprise Manager is the main administrative console for SQL Server installations. It
provides you with a graphical "birds-eye" view of all of the SQL Server installations on your
network. You can perform high-level administrative functions that affect one or more servers,
schedule common maintenance tasks or create and modify the structure of individual
databases.
Query Analyzer offers a quick and dirty method for performing queries against any of your
SQL Server databases. It's a great way to quickly pull information out of a database in
response to a user request, test queries before implementing them in other applications,
create/modify stored procedures and execute administrative tasks.
SQL Profiler provides a window into the inner workings of your database. You can monitor
many different event types and observe database performance in real time. SQL Profiler
allows you to capture and replay system "traces" that log various activities. It's a great tool
for optimizing databases with performance issues or troubleshooting particular problems.
Service Manager is used to control the MSSQLServer (the main SQL Server process),
MSDTC (Microsoft Distributed Transaction Coordinator) and SQLServerAgent processes.
An icon for this service normally resides in the system tray of machines running SQL Server.
You can use Service Manager to start, stop or pause any one of these services.
Data Transformation Services (DTS) provide an extremely flexible method for importing
and exporting data between a Microsoft SQL Server installation and a large variety of other
formats. The most commonly used DTS application is the "Import and Export Data" wizard
found in the SQL Server program group.
Books Online is an often overlooked resource provided with SQL Server that contains
answers to a variety of administrative, development and installation issues. It's a great
resource to consult before turning to the Internet or technical support.

Feasibility Study
Problem Definition
Problem definition is the first step of any project for giving
good solution to the problem. It should be clearly stated. It is a clear understanding of the
problem.
In today’s world dependence of human beings on computer is increasing

rapidly everyone wants to have a bit of knowledge about computers & its applications. In
every department of working field it is going to be fully computerized in the nearest future. In
today’s world everybody is on the run. Every single second is precious. And nobody wants to
stay behind. That’s why we have hell lot of technologies and applications to keep us one step
ahead. One of these was internet that helps people remain connected on the run. There are

various features that internet provides for communication among peoples some of those
features are…chatting, blogging, e-mailing, social networking sites etc.
These facilities are so much useful that even the best organizations are
becoming over dependent on them. Every information that they require is transmitted over
internet. Apart from the facilities provided by internet & its services there is a threat of the
data to be exposed even to the unauthorized person which in turn will not be able to maintain
the security issues related with the message transferred.
Existing System
The security provided now a days by the email servers are not fully visible
to the client or users to ensure their message security. Even the expert eavesdroppers or
hackers can easily retrieve or can misuse our data. In other words to say that the security
provided to us are only server side not by the users sending their data. So to provide the
security belief to the user it is better to be done even also on client side done by user.
Bottlenecks of the Existing System
It is hard to believe that the emails we send is replicated on many

different servers & it becomes a part of the network traffic even if we are not sending or
emailing. The messages or data that we send is in the original form in which we email so it
becomes even easier for the hackers to understand our message that we want it to be secure &
private.
The proposed project
This project intends to design, program and implement the tools that
can be used to ensure the security, integrity, confidentiality of the messages or data at the user
level. In this project we provide the tools to encrypt or decrypt the data, hide the data in
image, audio, video files using the private secret key & then to send the file as email to the

user who knows that secret key will only be able to access the message. Another important
tool in the project provides the facility to send the larger files as email. Using that tool user
can compress or decompress the larger which he is intending to email.
Another module included in the project is Address Book which is can

be used to store personal information about the relatives, friends, employees in an
organizations etc.
System Analysis
Expected features
The goal is to design a system that would be flexible, yet

practical to implement. According to the aforesaid objectives the primary requirement is to
design a system that should:
Be Platform Independent
As the internet more precisely the email facility that we use now a days are platform
independent i.e. it can run on any on any operating system (Linux, Windows Xp/Vista, mac,
etc). So it was a challenge to develop such tools that may be able to run on any platform with
ease without any type of complications. So we developed a toolkit that is implemented using

Java technology as it is well known that it is one of the features of Java that it is platform
independent.
Provide user-friendly interface
The system should be easily available and installable. The

users should not find any problem in using the system. It should incorporate good user-
friendly interface and easy to use services/features. This will attract more and more people to
register to the software and use its services.
Provide ease of usability
The system should be easy to use. It must not require a

technical expert to install any additional hardware or software. This may be done by
providing the understandable interface that can be understood & easily used by even any non
technical user.
Impervious to virus attacks
In the technology era, one of the major threats posed by any

organization or individual when using a computer system is the dreaded attack by virus
(malicious programs). While connecting to the Internet for sending emails or by the use
unauthentic floppy disks and CD-ROMs, there exists higher chances of a virus infection,
hence, the application should be impervious to virus attack, making the system safe.
Be extensible
The code design should always be extensible, so new features can be

added incrementally without requiring redesign and while allowing for backward
compatibility. And additions or enhancements should never require redesign or any changes
in the previous implementation. Otherwise it is considered to be the major flaw in the design.

Any software should be designed keeping in mind that the new features would just be added
to the system without re-engineering or redesigning the whole system.
System Requirements
For developing the System
The following section describes the hardware and the software requirements for
developing this project.
Hardware Requirements
• Pentium III 933 MHz

• 128 MB RAM
• Hard Disk: 10GB.
• Memory: 512MB free.

• Java supported Mobile phone.
• Keyboard, Mouse PS2.
Software Requirements
The technologies used to build the application are as follows.
• Jdk 1.6.0
• NetBeans IDE 6.0
• Jre 1.6.0
• Microsoft SQL Server 2000 data base.
• jCreator v4.50.
Functional Requirements
There are various functional requirements that we need to manage in our projects to
fulfill all those requirements. Those functional requirements are listed below for each
module.
Compression
a. Compression algorithms are used for compressing the files such as text ,image, etc

b. In this module we import text file, image and audio files.
c. Select the file format in which we want to convert the file
d. Following constraints are there that if we select text file that we are able to convert it
only it into text file and similarly if we select audio file we are able to convert it into
the similar format.
e. Select the output folder to save the file.
f. The output file size is smaller than original file.
Encryption & decryption
a. Encryption techniques are used to convert the plain text into cipher text which is not
easily understandable by humans.
b. In this we use the text files.
c. Now we convert this cipher text into plain text using decompression techniques.
Steganography
a. Steganography is used for hiding message from other.

b. Mainly we hide text into images and audio files
c. Input are text , images, audio files
d. Key is used for Steganography which is used for hiding and retrieving data.
e. Key must be same among the sender and receiver.
Address book
a. All data entered should be matched according to data type in the data book.
b. Data entered should be verified.
c. Searching of data should not be case sensitive.
d. Special attributes such as e-mail id, age, phone number should be in proper format
e. Proper connection driver must be used

System Design
Block diagram
• COMPRESSION/DECOMPRESSION
Figure 2: Data-compression block diagram
• ENCRYPTION SIDE :
Cipher Text
Plain Text Encryption
Algorith
ms
• DECRYPTION SIDE :
Cipher Text Plain Text

Decryption
• Algorith
ms
•

• STEGANOGRAPHY
TEXT
Message
Message
Embedding
text in +
image/audi Image/audio
o file
Image
/audio file
Output
Image/audio file
KE
Y
Block diagram of Steganography

Data flow diagram
Data flow diagram
A data-flow diagram (DFD) is a graphical representation of the "flow" of data through an

information system. DFDs can also be used for the visualization of data processing
(structured design).
On a DFD, data items flow from an external data source or an internal data store to an
internal data store or an external data sink, via an internal process.
A DFD provides no information about the timing or ordering of processes, or about whether
processes will operate in sequence or in parallel. It is therefore quite different from a
flowchart, which shows the flow of control through an algorithm, allowing a reader to
determine what operations will be performed, in what order, and under what circumstances,
but not what kinds of data will be input to and output from the system, nor where the data
will come from and go to, nor where the data will be stored (all of which are shown on a
DFD).
Notations

DFD of whole project

E-R diagram for Address book
Entity-relationship model
In software engineering, an Entity-Relationship Model (ERM) is an abstract and conceptual

representation of data. Entity-relationship modeling is a database modeling method, used to
produce a type of conceptual schema or semantic data model of a system, often a relational
database, and its requirements in a top-down fashion.
Diagrams created using this process are called entity-relationship diagrams, or ER diagrams
or ERDs for short.
The definitive reference for entity relationship modelling is generally given as Peter Chen's
1976 paper. However, variants of the idea existed previously and have been devised
subsequently.
Notations
A relationship with an attribute
An entity with an attribute

Two related entities
Primary key
E-R Diagram of the Address Book

Database Design of Address book
Database design in SQL Server 2000

Interface Design Description
The project build is design with the fact keeping in mind, to have a very good interface in
order to have the interaction with the user to have a full utilization of the tools so that the user
may have better knowledge of the objective with which the project was developed.
Some Of the Interfaces are provided in this project report is as follows…
Encryption/Decryption
Encryption/Decryption Front Page
Encryption using CeaserCipher

CaeserCipher
Encryption using Playfair

Playfair
Encryption using Railfence

RailFence
Compression/Decompression

Compression
Decompression
Steganography

Message saved in an image file with the secret key.

Message is retrieved from the image using the same secret key
Address Book

Main menu

New entry form

Update form

Delete menu
Search menu

Search record by Id form

Search record by name form

Testing
Software testing
Software Testing is an empirical investigation conducted to provide stakeholders with

information about the quality of the product or service under test, with respect to the context
in which it is intended to operate. Software Testing also provides an objective, independent
view of the software to allow the business to appreciate and understand the risks at
implementation of the software. Test techniques include, but are not limited to, the process of
executing a program or application with the intent of finding software bugs. It can also be
stated as the process of validating and verifying that a software program/application/product
meets the business and technical requirements that guided its design and development, so that
it works as expected and can be implemented with the same characteristics.
Software Testing, depending on the testing method employed, can be implemented at any
time in the development process, however the most test effort is employed after the
requirements have been defined and coding process has been completed.
Static vs. dynamic testing
There are many approaches to software testing. Reviews, walkthroughs or inspections are
considered as static testing, whereas actually executing programmed code with a given set of
test cases is referred to as dynamic testing. The former can be, (and unfortunately in practice
often is) omitted, whereas the latter takes place when programs begin to be used for the first
time - which is normally considered the beginning of the testing stage. This may actually
begin before the program is 100% complete in order to test particular sections of code
(modules or discrete functions). For example, Spreadsheet programs are, by their very nature,
tested to a large extent "on the fly" during the build process as the result of some calculation
or text manipulation is shown interactively immediately after each formula is entered.

Software verification and validation
Software testing is used in association with verification and validation
• Verification: Have we built the software right (i.e., does it match the specification?)?
It is process based.
• Validation: Have we built the right software (i.e., is this what the customer wants?)? It
is product based.
The terms verification and validation are commonly used interchangeably in the industry; it is
also common to see these two terms incorrectly defined. According to the IEEE Standard
Glossary of Software Engineering Terminology:
Verification is the process of evaluating a system or component to determine whether

the products of a given development phase satisfy the conditions imposed at the start
of that phase.
Validation is the process of evaluating a system or component during or at the end of
the development process to determine whether it satisfies specified requirements.
Testing methods
Software testing methods are traditionally divided into black box testing and white box
testing. These two approaches are used to describe the point of view that a test engineer takes
when designing test cases.
Black box testing
Black box testing treats the software as a "black box," without any knowledge of internal
implementation. Black box testing methods include: equivalence partitioning, boundary value
analysis, all-pairs testing, fuzz testing, model-based testing, traceability matrix, exploratory
testing and specification-based testing.
Specification-based testing
Specification-based testing aims to test the functionality of software according to the

applicable requirements. Thus, the tester inputs data into, and only sees the output

from, the test object. This level of testing usually requires thorough test cases to be
provided to the tester, who then can simply verify that for a given input, the output
value (or behavior), either "is" or "is not" the same as the expected value specified in
the test case.
Specification-based testing is necessary, but it is insufficient to guard against certain

risks.
Advantages and disadvantages
The black box tester has no "bonds" with the code, and a tester's perception is very
simple: a code must have bugs. Using the principle, "Ask and you shall receive,"
black box testers find bugs where programmers don't. But, on the other hand, black
box testing has been said to be "like a walk in a dark labyrinth without a flashlight,"
because the tester doesn't know how the software being tested was actually
constructed. That's why there are situations when (1) a black box tester writes many
test cases to check something that can be tested by only one test case, and/or (2) some
parts of the back end are not tested at all.
Therefore, black box testing has the advantage of "an unaffiliated opinion," on the one hand,
and the disadvantage of "blind exploring," on the other.
White box testing
White box testing, by contrast to black box testing, is when the tester has access to the
internal data structures and algorithms (and the code that implement these)
Types of white box testing
The following types of white box testing exist:
• API testing (application programming interface) - Testing of the

application using Public and Private APIs.
• Code coverage - creating tests to satisfy some criteria of code
coverage. For example, the test designer can create tests to cause all
statements in the program to be executed at least once.
• Fault injection methods.
• Mutation testing methods.
• Static testing - White box testing includes all static testing.
Code completeness evaluation

White box testing methods can also be used to evaluate the completeness of a test
suite that was created with black box testing methods. This allows the software team
to examine parts of a system that are rarely tested and ensures that the most important
function points have been tested.
Two common forms of code coverage are:
• function coverage, which reports on functions executed

• And statement coverage, which reports on the number of lines
executed to complete the test.
They both return coverage metric, measured as a percentage.
Grey Box Testing
Grey box testing involves having access to internal data structures and algorithms for
purposes of designing the test cases, but testing at the user, or black-box level. Manipulating
input data and formatting output do not qualify as "grey box," because the input and output
are clearly outside of the "black-box" that we are calling the system under test. This
distinction is particularly important when conducting integration testing between two
modules of code written by two different developers, where only the interfaces are exposed
for test. Grey box testing may also include reverse engineering to determine, for instance,
boundary values or error messages.
Acceptance testing
Acceptance testing can mean one of two things:
1. A smoke test is used as an acceptance test prior to introducing a build to the main
testing process.
2. Acceptance testing performed by the customer is known as user acceptance testing
(UAT).

Regression Testing
Regression testing is any type of software testing that seeks to uncover software
regressions. Such regression occurs whenever software functionality that was previously
working correctly stops working as intended. Typically regressions occur as an unintended
consequence of program changes. Common methods of regression testing include re-running
previously run tests and checking whether previously fixed faults have re-emerged.
Non Functional Software Testing
Special methods exist to test non-functional aspects of software.
• Performance testing checks to see if the software can handle large quantities of data or
users. This is generally referred to as software scalability. This activity of Non
Functional Software Testing is often times referred to as Load Testing.
• Stability testing checks to see if the software can continuously function well in or
above an acceptable period. This activity of Non Functional Software Testing is often
times referred to as enduration test.
• Usability testing is needed to check if the user interface is easy to use and understand.
• Security testing is essential for software which processes confidential data and to
prevent system intrusion by hackers.
• Internationalization and localization is needed to test these aspects of software, for
which a pseudo localization method can be used.
In contrast to functional testing, which establishes the correct operation of the software
(correct in that it matches the expected behavior defined in the design requirements), non-
functional testing verifies that the software functions properly even when it receives invalid
or unexpected inputs. Software fault injection, in the form of fuzzing, is an example of non-
functional testing. Non-functional testing, especially for software, is designed to establish
whether the device under test can tolerate invalid or unexpected inputs, thereby establishing
the robustness of input validation routines as well as error-handling routines. Various
commercial non-functional testing tools are linked from the Software fault injection page;
there are also numerous open-source and free software tools available that perform non-
functional testing.

CaeserCipher Form
Input: Keyword, original text.
Process: Encrypting the text using CaeserCipher encryption algorithm and also
decrypting it in the textfield.
Output: As per shown in Diagram.
Test Result: Successful.

Playfair Form
Process: Encrypting the text using Playfair encryption algorithm and also decrypting it
in the textfield.

RailFence Form
Process: Encrypting the text using RailFence encryption algorithm and also decrypting
it in the textfield.

Compression Form
Input: Input files.
Process: zipping the files using the classes in java.util.zip package.

Decompression Form
Input: Input files.
Process: Unzipping the files using the classes in java.util.zip package.

Embedding message Form
Input: Input image, audio, video files, Secret key, Message.
Process: Read the file and embed the message in the file.
Extracting message Form

Input: Input image, audio, video files, Secret key.
Process: Read the file and extract the message from the file.

New entry Form
Input: Person related information.
Process: Creating connection with the database and saving the information in the
database and then closing the connection.
Test Result: Successful. Return message of ID number.

Update Form
Input: Altered information.
Process: Creating connection with the database and saving the information in the
database and then closing the connection.

Delete Record Form
Input: Name of person whose record is to be deleted.
Process: Creating connection with the database and deleting the information from the
database table and then closing the connection.

Search Record Form
Input: Input ID number or name.
Process: Creating connection with the database and retrieving the information from the
database table and then closing the connection.

Conclusion
We have learnt many lessons during the development of this project. It taught a practical
lesson on the importance of software engineering. We found ourselves many times that
implementation was halt because there is uncertainty how the final system operates, it required us to
jump back and forth to revisit design stage, and do some more research on a particular topic.
Programming on embedded platform is a completely new to us. It required us to learn JAVA in which
we had never done programming before. Even though JAVA is a sub branch of J2SE which we have
been programming for the past few years in the course, there are many differences between them.
Programming in a completely new language was quite challenging at some time of the development
process, many new problems have been identified along the way, but the pleasure of seeing the
system run on actual e-mail technology was rather rewarding.
Research for this project has deepened our knowledge of current internet technology such as
the advantages and the limitations that E-mail have.
Although part of the system does not function probably, but we are pleased
with the final results. After all, software project is about experimenting and learning new topic, and
absorbing new experience which could be used in the future.

Scope Of The project
Anyone who has ever done a project will have tales of how scope changes caused
grief. Scope is bound to change, and this is to be expected. As the detail becomes clearer,
more complications creep in. These are not foreseeable at the start and hopefully we build in
a contingency for what we cannot see.
The scope changes that usually cause problems are those where the perception of
what was in and out of scope was different between various parties. The Project Manager
assumed there would only be four or five reports, and the business assumed ten to twenty.
Nobody felt it was worth talking about because they assumed the other person thought the
same way they did.
Steganography is used by some modern printers, including HP and Xerox brand

color laser printers. Tiny yellow dots are added to each page. The dots are barely visible and
contain encoded printer serial numbers, as well as date and time stamps. When one considers
that messages could be encrypted steganographically in e-mail messages, particularly e-mail
spam, the notion of junk e-mail takes on a whole new light. Coupled with the "chaffing and
winnowing" technique, a sender could get messages out and cover their tracks all at once.
Encryption has long been used by militaries and governments to facilitate secret
communication. Encryption is now used in protecting information within many kinds of
civilian systems, such as computers, storage devices (e.g. USB flash drives), networks (e.g.
the Internet e-commerce), mobile telephones, wireless microphones, wireless intercom
systems, Bluetooth devices and bank automatic teller machines. Encryption is also used in
digital rights management to prevent unauthorized use or reproduction of copyrighted
material and in software also to protect against reverse engineering (see also copy protection).
Compression is very use for data transfer through Internet. It takes less time and use
small bandwidth to transfer. There are very large size images to send over the network but the
compressed file is economical to send it over the network. It is also beneficial for storing a
large amount of data into a small storage area

Future Enhancements
Since there are one or two known system issues that still have not been solved, it
would be nice to see a full functional working version of the system as defined in the report
in the future.
In future versions we will improve the quality of services provided by the project, we
could increase the reliability by using some more secure cryptography algorithm for the
implementation of encryption decryption tool.
We can use some algorithm such as Huffman coding and adaptive Huffman coding to
improve the compression ratio of the files so that we send more data or information to the
others and increase the efficiency of the tool.
The important tool provided in our project is steganography that provides the user to
send the private messages by hiding it into any image, audio, video files. To increase its
efficiency, reliability, performance we can implement it on the bit level, this will not effect
the entities of the files so as to increase the performance by preserving the entities of the files
up to some extent.
All of the above tools are the best tools to ensure the security related issues at the
client side. It will be better to use if it will be embed within the browser so as it can come
with the interface of the e mail portals used now a days. And it will be even more easy to use
by the users.

Assumptions and Dependencies
Java run time environment is necessary to run this application because
this application is developed on java. Any operating system can be used to run
this application which will support java environment.
Definitions, Acronyms and Abbreviations
Windows An operating system produced by Microsoft

Corporation that is used to operate the
computer using a graphical user interface.
GUI Graphical User Interface
SRS Software Requirements Specification
JRE Java Runtime Environment
JDK Java Development Kit
SQL Structured Query Language

User Manual
The User’s Manual provides the information necessary for the user to effectively use the
automated information system.
This user manual will guide you to the process how to use the tools efficiently &
affectively. There are certain given for the user to explore the tools in the best possible
manner.
Step 1:
Click the start.jar file to initialize all the included components in the project.
After this a email security tools.jar file will be created on the desktop.
Step 2:
Then further click the email security tools.jar file this will enable the frontend
of the project which have buttons provided on the interface for their accessibility.
Step 3:
As per your requirement click on the desired button to step towards the next
interface of the tool.
Step 4:
All the other interfaces provided in the tool kit are simple in the way to
complete your task. After completing your task on the sub interface close it to return
on the main menu.
Step 5:
To exit the whole toolkits just close the main menu.

References
1. www.wikipedia.org
2. Java 2 - The Complete Reference by Herbert Schildt.
3. Java-A beginner's Approach by NITISH UPETI.
4. E-books of JAVA.
5. Java 2 by E.balagurusamy
6. Introduction to SQL 2000.
7. www.google.co.in

1 Project 1-Final

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

1 Project 1-Final

Uploaded by

Copyright:

Available Formats

Project title

E-Mail Security Tools Based On Java technology

Computer Science and Engineering

E-mail security tools Page 1

We declare that the work presented in this project titled “E-

Anand Kumar Singh

E-mail security tools Page 2

Project Guide: Mr. Nishant Raj

E-mail security tools Page 3

Despite of careful scrutiny after completion of this project. It is difficult to

E-mail security tools Page 4

2.1 Introduction to Java…………………………………………………………13

3.1 Problem Definition………………………………………………….….……27

4.1 Expected Features……………………………………………………………29

5.1 Block diagram……………………………………………………….……….34

E-mail security tools Page 5

9. Scope of the project…………………………………………………………….73

10. Future Enhancements. ………………………………………………………….74

11. Assumptions & Dependencies. …………………………………………...……75

12. Definitions Acronyms & Abbreviations. ………………………………………75

13. User Manual…………………………………………………………………….76

Introduction to E-mail Security Tools

These four modules are –

Encryption/ Decryption Process

Same as in encryption process in decryption process also the data is read as in

Compression & Decompression Process

Figure 1: A bitmap with information for run-length encoding

Another approach might be to store the image as a graphics metafile:

0,10 1,20 0,10

0,10 1,1 0,18 1,1 0,10

0,10 1,1 0,18 1,1 0,10

0,10 1,1 0,18 1,1 0,10

0,10 1,20 0,10

E-mail security tools Page 10

E-mail security tools Page 11

Introduction to programming Language

E-mail security tools Page 12

E-mail security tools Page 13

• Several dangerous features of C & C++ eliminated:

• Automatic Memory Management

o Automatic garbage collection - memory management handled by JVM.

E-mail security tools Page 14

The advantages of Java are as follows:

• Java is easy to learn.

E-mail security tools Page 15

This allows you to create modular programs and reusable code.

About Net Beans IDE

The NetBeans IDE is an open-source integrated development environment written

E-mail security tools Page 16

E-mail security tools Page 17

E-mail security tools Page 18

E-mail security tools Page 19

E-mail security tools Page 20

public class SampleJFrame extends javax.swing.JFrame {

E-mail security tools Page 21

• Just hit "Ok" and get going on.

E-mail security tools Page 22

E-mail security tools Page 23

Microsoft SQL Server 2000 is a full-featured relational database management system

E-mail security tools Page 25

In today’s world dependence of human beings on computer is increasing

E-mail security tools Page 26

Bottlenecks of the Existing System