Download 4.3 microsoft mysql server 7.0

A Generic Framework for Three-Factor
Authentication: Preserving Security
and Privacy in Distributed Systems
Abstract :—
In this paper , we proposed the security approach for authenthicating
clients method to determine the identity of a remote client in the distributed
system . we have to implement this remote authentication in the distributed
system. The conversion not only significantly improves the information
assurance at low cost.But also proves security
Here we projected the three factor authenthication ,they are 3
factors password, chryptography, and biometrics. By this we increases
privacy of client in distributed systems
EXISTING SYSTEM :
 In which, we does not have the distributed connection it allows one
to one connection. In which it does not allows two way rounds ,so
that it is easy to break the security.
 There will be have an more cryptographic operation performed on
the both sides. It does not embedded to the application process. It
does not provides flexibility and efficiency.
 A biometric system that can work securely and reliably under such
circumstances can have a multitude of applications varying from
accessing remote servers to e-shopping over the Internet.

By this, passive attacker can obtain messages transmitted between
the client and the server
 It affects other system and produce irrelevant output
 In which it does not integrates to the other process
PROPOSED SYSTEM :
 We overcome this seemingly unavoidable compromise by
designing the classifier in the plain feature space, which allows us
to maintain the performance of the biometric.
 Here we provides the distributed framework mainly for connected
with the multiple clients at a time. With the help of an biometric
identification to the one of the servers.
 We would then like to carry out the computations required for
authentication using this trained classifier, completely in the
encrypted domain by using the DES algorithm
 It able to achieve both strong encryption-based security as well as
accuracy of a powerful classifiers While the proposed approach
has similarities to the blind vision scheme for image retrieval, it is
far more efficient for the verification task.
 Our created framework should be more flexible using swing
 However, such a solution would require an algebraic homomorphic
encryption scheme The only known doubly homomorphic scheme
has recently been proposed by Gentry and would mostly lead to a
computationally intensive theoretical solution.
MODULES
1. Creation of framework
2. sampling the biometric images
3. Implementation of Cryptography process
MODULE DESCRIPTION
Creation of framework:

In this module we have to develop our application for which we
provide
we create the
framework for the users
In which our
framework a reusable set of libraries or classes for a software system
Due to customer-demand driven applications needs, both competing and
complementary frameworks sometimes end up in a product. Further, due
to the complexity of their APIs, the intended reduction in overall
development time may not be achieved due to the need to spend
additional time learning to use the framework, which criticism is clearly
valid when a special or new framework
more useful
By this framework for users registration and authentication process
Here we produce our framework in the Swing In which it is efficient
and flexible to the security process
In which , we provide the facilities for the users to send message and also
provide to send resource to another user When users login ,users must
known to give their username and the respective biometrical images
Retrieval of information showed in this framework
sampling the biometric images :
In this module we introduce the biometric authenthication Biometrics
.biometric authentication
consists of methods for uniquely
recognizing humans based upon one or more intrinsic physical or
behavioral traits
Physiological are related to the shape of the body. Examples include,
but are not limited to fingerprint, face recognition, DNA, Palm print,
hand geometry, iris recognition, which has largely replaced retina, and
odour/scent.
Behavioral are related to the behavior of a person. Examples include,
but are not limited to typing rhythm, gait, and voice. Some researchers
have coined the term behaviometrics for this class of biometrics.
A biometric system can operate in the following two modes In
verification mode the system performs a one-to-one comparison of a
captured biometric with a specific template stored in a biometric
database in order to verify the individual is the person they claim to
be. This process may use a smart card, username or ID number to
indicate which template should be used for comparison.
In Identification mode the system performs a one-to-many comparison
against a biometric database in attempt to establish the identity of an
unknown individual. The system will succeed in identifying the
individual if the comparison of the biometric sample to a template in
the database falls within a previously set threshold.
By this sampling ,we have to compare the biometrical images for the
authentication process In which we checks our repository includes
with the repository information with the respective datas
In this
sampling we have to compare our Biometrical images with pixel by
pixel
Implementation of Cryptography process
Encryption: The process of encoding data to prevent unauthorized
parties from viewing or modifying it.
Prevents unwanted access to documents and messages.
Strongest levels of encryption are very difficult to break.
Recent changes in cryptography export laws should expand
access to software.
developers of Windows-based applications that will enable users to
create and exchange documents and other data in a secure environment,
especially over nonsecure media
A message will be defined as any data that has been encoded.
Messages are data encoded for transmission to another person or
entity or encoded data received from another person or entity. In the
crypto environment, messages are usually signed, encrypted, or both
 In this module , we insert our datas to the database server
But before insert our data to the database server ,we have to
encrypt ed our datas In this we have to maintain the stock
information ,it will be accessed only by our admin
 So when they retrieve the information ,it will be in decrypted
form
REQUIREMENTS
Hardware requirement
Processor Type
: Pentium –IV
Speed
: 2.4 GHZ
Ram
: 128 MB RAM
Software requirement
Operating System
: Windows XP
Programming Package : JDK1.6
Tool
: Eclipse5
Database
: MYSQL
Architecture diagram :
Client
Database
server
Registration
3 factor
authentication
Authentication
IMPLEMENTATION OF THE SYSTEM
4.1 ECLIPSE
Eclipse is an open-source software framework written primarily in Java .The
initial codebase originated from VisualAge. In its default form it is an Integrated
Development Environment (IDE) for Java developers, consisting of the Java
Development Tools (JDT). Users can extend its capabilities by installing plug-ins written
for the Eclipse software framework, such as development toolkits for other programming
languages, and can write and contribute their own plug-in modules. Language packs
provide translations into over a dozen natural languages.
4.1.1 ARCHITECTURE:
The basis for Eclipse is the Rich Client Platform (RCP). The following
components constitute the rich client platform:

OSGi - a standard bundling framework

Core platform - boot Eclipse, run plug-ins

The Standard Widget Toolkit (SWT) - a portable widget toolkit

JFace - viewer classes to bring model view controller programming to
SWT, file buffers, text handling, and text editors

The Eclipse Workbench - views, editors, perspectives, wizards
Eclipse's widgets are implemented by a widget toolkit for Java called
SWT, unlike most Java applications, which use the Java standard Abstract Window
Toolkit(AWT) or Swing. Eclipse's user interface also leverages an intermediate GUI
layer called JFace, which simplifies the construction of applications based on SWT.
Eclipse employs plug-ins in order to provide all of its functionality on top of (and
including) the rich client platform, in contrast to some other applications where
functionality is typically hard coded. This plug-in mechanism is a lightweight software
componentry framework. In addition to allowing Eclipse to be extended using other
programming languages such as C and Python, the plug-in framework allows Eclipse to
work with typesetting languages like LaTeX,[3] networking applications such as telnet,
and database management systems. The plug-in architecture supports writing any desired
extension to the environment, such as for configuration management. Java and CVS
support is provided in the Eclipse SDK.
The key to the seamless integration of tools with Eclipse is the plugin. With the
exception of a small run-time kernel, everything in Eclipse is a plug-in. This means that a
plug-in you develop integrates with Eclipse in exactly the same way as other plug-ins; in
this respect, all features are created equal. Eclipse provides plugins for a wide variety of
features, some of which are through third parties using both free and commercial models.
Examples of plugins include UML plugin for Sequence and other UML diagrams, plugin
for Database explorer, etc.
The Eclipse SDK includes the Eclipse Java Development Tools, offering an IDE with a
built-in incremental Java compiler and a full model of the Java source files. This allows
for advanced refactoring techniques and code analysis. The IDE also makes use of a
workspace, in this case a set of metadata over a flat files pace allowing external file
modifications as long as the corresponding workspace "resource" is refreshed afterwards.
The Visual Editor project allows interfaces to be created interactively, hence allowing
Eclipse to be used as a RAD tool.
4.1.2 HISTORY
Eclipse began as an IBM Canada project. It was developed by OTI (Object Technology
International) as a replacement for VisualAge, which itself had been developed by OTI.
In November 2001, a consortium was formed to further the development of Eclipse as
open source. In 2003, the Eclipse Foundation was created.
Eclipse 3.0 (released on June 21 2004) selected the OSGi Service Platform specifications
as the runtime architecture.
Eclipse was originally released under the Common Public License, but was later relicensed under the Eclipse Public License. The Free Software Foundation has said that
both licenses are free software licenses, but are incompatible with the GNU General
Public License (GPL). Mike Milinkovich, of the Eclipse Foundation has commented that
moving to the GPL will be considered when version 3 of the GPL is released.
4.1.3 MYECLIPSE:
MyEclipse is a commercially available Enterprise Java and AJAX IDE created
and maintained by the company Genuitec, a founding member of the Eclipse Foundation.
MyEclipse is built upon the Eclipse platform, and integrates both proprietary and open
source solutions into the development environment.
MyEclipse has two primary versions a professional and a standard edition. The
standard edition adds database tools, a visual web designer, persistence tools, Spring
tools, Struts and JSF tooling, and a number of other features to the basic Eclipse Java
Developer profile. It competes with the Web Tools Project, which is a part of Eclipse
itself, but MyEclipse is a separate project entirely and offers a different feature set. Most
recently, MyEclipse has been made available via Pulse, a provisioning tool that maintains
Eclipse software profiles, including those that use MyEclipse.
4.2 JAVA:
It is a Platform Independent. Java is an object-oriented programming language
developed initially by James Gosling and colleagues at Sun Microsystems. The language,
initially called Oak (named after the oak trees outside Gosling's office), was intended to
replace C++, although the feature set better resembles that of Objective C.
Software Used
Java began as a client side platform independent programming language that
enabled stand-alone Java applications and applets. The numerous benefits of Java
resulted in an explosion in the. The proliferation of enterprise APIs, often developed by
several different groups, resulted in divergence of APIs and caused concern among the
Java developer community.
Java byte code can execute on the server instead of or in addition to the client,
enabling you to build traditional client/server applications and modern thin client Web
applications. Two key server side Java technologies are servlets and JavaServer Pages.
Servlets are protocol and platform independent server side components which extend the
functionality of a Web server. JavaServer Pages (JSPs) extend the functionality of
servlets by allowing Java servlet code to be embedded in an HTML file.
Features of Java

Platform Independence
o
The Write-Once-Run-Anywhere ideal has not been achieved (tuning for
different platforms usually required), but closer than with other languages.

Object Oriented

Object oriented throughout - no coding outside of class definitions,
including main().


An extensive class library available in the core language packages.
Compiler/Interpreter Combo

Code is compiled to byte codes that are interpreted by a Java virtual
machines (JVM).

This provides portability to any machine for which a virtual machine has
been written.

The two steps of compilation and interpretation allow for extensive code
checking and improved security.

Robust

Exception handling built-in, strong type checking (that is, all data must be
declared an explicit type), local variables must be initialized.

Several dangerous features of C & C++ eliminated:

No memory pointers

No preprocessor

Array index limit checking

Automatic Memory Management


Automatic garbage collection - memory management handled by JVM.
Security

No memory pointers

Programs run inside the virtual machine sandbox.

Array index limit checking

Code pathologies reduced by

byte code verifier - checks classes after loading

Class loader - confines objects to unique namespaces. Prevents loading a
hacked "java.lang.SecurityManager" class, for example.

Security manager - determines what resources a class can access such as
reading and writing to the local disk.

Dynamic Binding

The linking of data and methods to where they are located is done at runtime.

New classes can be loaded while a program is running. Linking is done on
the fly.

Even if libraries are recompiled, there is no need to recompile code that
uses classes in those libraries. This differs from C++, which uses static
binding. This can result in fragile classes for cases where linked code is
changed and memory pointers then point to the wrong addresses.

Good Performance

Interpretation of byte codes slowed performance in early versions, but
advanced virtual machines with adaptive and just-in-time compilation and
other techniques now typically provide performance up to 50% to 100%
the speed of C++ programs.

Threading

Lightweight processes, called threads, can easily be spun off to perform
multiprocessing.


Can take advantage of multiprocessors where available

Great for multimedia displays.
Built-in Networking

Java was designed with networking in mind and comes with many classes
to develop sophisticated Internet communications.
4.2.1 JDK1.5:
INTRODUCTION:
The Java 2 Platform Standard Edition Development Kit (JDK) is a development
environment for building applications, applets, and components using the Java
programming language. The JDK includes tools useful for developing and testing
programs written in the Java programming language and running on the Java platform.
These tools are designed to be used from the command line. Except for the applet viewer,
these tools do not provide a graphical user interface.
4.2.2 JDK DOCUMENTATION:
The on-line Java 2 Platform Standard Edition Documentation contains API
specifications, feature descriptions, developer guides, reference pages for JDK tools and
utilities, demos, and links to related information. This documentation is also available in
a download bundle which you can install on your machine.
4.2.3 CONTENTS OF THE JDK:
This section contains a general summary of the files and directories in the JDK.
a) Development Tools
(In the bin subdirectory.) Tools and utilities that will help you develop, c execute,
debug, and document programs written in the Java programming language. For
further information, see the tool documentation.
b) Runtime Environment
(In the jre subdirectory.) An implementation of the J2SE runtime environment for
use by the JDK. The runtime environment includes a Java virtual machine, class
libraries, and other files that support the execution of programs written in the Java
programming language.
c) Additional Libraries
(In the lib subdirectory.) Additional class libraries and support files required by
the development tools.
d) C header Files
(In the include subdirectory.) Header files that support native-code programming
using the Java Native Interface, the JVMTM Tool Interface, and other functionality
of the Java 2 Platform.
2) Source Code
(In src.zip.) Java programming language source files for all classes that make up
the Java 2 core API (that is, sources files for the java.*, javax.* and some org.* packages,
but not for com.sun.* packages). This source code is provided for informational purposes
only, to help developers learn and use the Java programming language. These files do not
include platform-specific implementation code and cannot be used to rebuild the class
libraries. To extract these file, use any common zip utility. Or, you may use the Jar utility
in the JDK's bin directory: jar xvf src.zip. The Java Programming Language is a generalpurpose, concurrent, strongly typed, class-based object-oriented language. It is normally
compiled to the byte code instruction set and binary format defined in the Java Virtual
Machine Specification.
4.2.4 ENHANCEMENTS IN JDK 5:

Generics - This long-awaited enhancement to the type system allows a type or
method to operate on objects of various types while providing compile-time type
safety. It adds compile-time type safety to the Collections Framework and
eliminates the drudgery of casting.

Enhanced for Loop - This new language construct eliminates the drudgery
and error-proneness of iterators and index variables when iterating over
collections and arrays.

Autoboxing/Unboxing - This facility eliminates the drudgery of manual
conversion between primitive types (such as int) and wrapper types (such as
Integer).

Typesafe Enums - This flexible object-oriented enumerated type facility
allows you to create enumerated types with arbitrary methods and fields. It
provides all the benefits of the Typesafe Enum pattern.

Varargs - This facility eliminates the need for manually boxing up argument
lists into an array when invoking methods that accept variable-length argument
lists.

Static Import - This facility lets you avoid qualifying static members with
class names without the shortcomings of the "Constant Interface antipattern”.
Annotations (Metadata) - This language feature lets you avoid writing boilerplate
code under many circumstances by enabling tools to generate it from annotations in the
source code. This leads to a "declarative" programming style where the programmer says
what should be done and tools emit the code to do it. Also it eliminates the need for
maintaining "side files" that must be kept up to date with changes in source files. Instead
the information can be maintained in the source file. .
.
JAVA SWING:
Swing is a widget toolkit for Java. It is part of Sun Microsystems' Java
Foundation Classes (JFC) — an API for providing a graphical user interface (GUI) for
Java programs. Swing was developed to provide a more sophisticated set of GUI
components than the earlier Abstract Window Toolkit. Swing provides a native look and
feel that emulates the look and feel of several platforms, and also supports a pluggable
look and feel that allows applications to have a look and feel unrelated to the underlying
platform.
1.1.4.1History
The Internet Foundation Classes (IFC) were a graphics library for Java originally
developed by Netscape Communications Corporation and first released on December 16,
1996. On April 2, 1997, Sun Microsystems and Netscape Communications Corporation
announced their intention to incorporate IFC with other technologies to form the Java
Foundation Classes.
Swing introduced a mechanism that allowed the look and feel of every component
in an application to be altered without making substantial changes to the application code.
The introduction of support for a pluggable look and feel allows Swing components to
emulate the appearance of native components while still retaining the benefits of platform
independence. This feature also makes it easy to make an application written in Swing
look very different from native programs if desired.Originally distributed as a separately
downloadable library, Swing has been included as part of the Java Standard Edition since
release 1.2. The Swing classes are contained in the javax.swing package hierarchy.
1.1.4.2 Architecture
Swing is a platform-independent, Model-View-Controller GUI framework for
Java. It follows a single-threaded programming model, and possesses the following traits:

Platform independence: Swing is platform independent both in terms of its
expression (Java) and its implementation (non-native universal rendering of
widgets).

Extensibility: Swing is a highly partitioned architecture, which allows for the
"plugging" of various custom implementations of specified framework interfaces:
Users can provide their own custom implementation(s) of these components to
override the default implementations. In general, Swing users can extend the
framework by extending existing (framework) classes and/or providing alternative
implementations of core components.

Component-Oriented: Swing is a component-based framework. The distinction
between objects and components is a fairly subtle point: concisely, a component
is a well-behaved object with a known/specified characteristic pattern of
behaviour. Swing objects asynchronously fire events, have "bound" properties,
and respond to a well-known set of commands (specific to the component.)
Specifically, Swing components are Java Beans components, compliant with the
Java Beans Component Architecture specifications.

Customizable: Given the programmatic rendering model of the Swing
framework, fine control over the details of rendering of a component is possible in
Swing. As a general pattern, the visual representation of a Swing component is a
composition of a standard set of elements, such as a "border", "inset", decorations,
etc. Typically, users will programmatically customize a standard Swing
component (such as a JTable) by assigning specific Borders, Colors,
Backgrounds, opacities, etc., as the properties of that component. The core
component will then use this property (settings) to determine the appropriate
renderers to use in painting its various aspects. However, it is also completely
possible to create unique GUI controls with highly customized visual
representation.

Configurable: Swing's heavy reliance on runtime mechanisms and indirect
composition patterns allows it to respond at runtime to fundamental changes in its
settings. For example, a Swing-based application can change its look and feel at
runtime. Further, users can provide their own look and feel implementation,
which allows for uniform changes in the look and feel of existing Swing
applications without any programmatic change to the application code.

Lightweight UI: Swing's configurability is a result of a choice not to use the
native host OS's GUI controls for displaying itself. Swing "paints" its controls
programmatically through the use of Java 2D APIs, rather than calling into a
native user interface toolkit. Thus, a Swing component does not have a
corresponding native OS GUI component, and is free to render itself in any way
that is possible with the underlying graphics APIs. However, at its core every
Swing component relies on an AWT container, since (Swing's) JComponent
extends (AWT's) Container. This allows Swing to plug into the host OS's GUI
management framework, including the crucial device/screen mappings and user
interactions, such as key presses or mouse movements. Swing simply "transposes"
its own (OS agnostic) semantics over the underlying (OS specific) components.
So, for example, every Swing component paints its rendition on the graphic
device in response to a call to component.paint(), which is defined in (AWT)
Container. But unlike AWT components, which delegated the painting to their
OS-native "heavyweight" widget, Swing components are responsible for their
own rendering.
This transposition and decoupling is not merely visual, and extends to Swing's
management and application of its own OS-independent semantics for events fired
within its component containment hierarchies. Generally speaking, the Swing
Architecture delegates the task of mapping the various flavors of OS GUI semantics
onto a simple, but generalized, pattern to the AWT container. Building on that
generalized platform, it establishes its own rich and complex GUI semantics in the
form of the JComponent model. A review of the source of Container.java and
JComponent.java classes is recommended for further insights into the nature of the
interface between Swing's lightweight components and AWT's heavyweight widgets.

Loosely-Coupled/MVC: The Swing library makes heavy use of the
Model/View/Controller software design pattern, which conceptually decouples
the data being viewed from the user interface controls through which it is viewed.
Because of this, most Swing components have associated models (which are
specified in terms of Java interfaces), and the programmer can use various default
implementations or provide their own. The framework provides default
implementations of model interfaces for all of its concrete components.
Typically, Swing component model objects are responsible for providing a
concise interface defining events fired, and accessible properties for the (conceptual) data
model for use by the associated JComponent. Given that the overall MVC pattern is a
loosely-coupled collaborative object relationship pattern, the model provides the
programmatic means for attaching event listeners to the data model object. Typically,
these events are model centric (ex: a "row inserted" event in a table model) and are
mapped by the JComponent specialization into a meaningful event for the GUI
component.
For example, the JTable has a model called TableModel that describes an
interface for how a table would access tabular data. A default implementation of this
operates on a two-dimensional array.
The view component of a Swing JComponent is the object used to graphically
"represent" the conceptual GUI control. A distinction of Swing, as a GUI framework, is
in its reliance on programmatically-rendered GUI controls (as opposed to the use of the
native host OS's GUI controls). (This distinction is a source of complications when
mixing AWT controls, which use native controls, with Swing controls in a GUI.)
It must be noted that the typical use of the Swing framework does not require the
creation of custom models, as the framework provides a set of default implementations
that are transparently, by default, associated with the corresponding JComponent child
class in the Swing library. In general, only complex components, such as tables, trees and
sometimes lists, may require the custom model implementations around the applicationspecific data structures.
(However, to get a good sense of the potential that the Swing architecture makes
possible, consider the hypothetical situation where custom models for tables and lists are
wrappers over DAO and/or EJB services.)Finally, in terms of visual composition and
management, Swing favors relative layouts (which specify the positional relationships
between components) as opposed to absolute layouts (which specify the exact location
and size of components). This bias towards "fluid"' visual ordering is due to its origins in
the applet operating environment that framed the design and development of the original
Java GUI toolkit. (Conceptually, this view of the layout management is quite similar to
that which informs the rendering of HTML content in browsers, and addresses the same
set of concerns that motivated the former.
1.1.4.3 Look and feel
Swing allows one to specialize the look and feel of widgets, by modifying the
default (via runtime parameters), deriving from an existing one, by creating one from
scratch, or, beginning with J2SE 5.0, by using the skinnable synth Look and Feel (see
Synth Look and Feel), which is configured with an XML property file. The look and feel
can be changed at runtime, and early demonstrations of Swing frequently provided a way
to do this.
1.1.4.4 Relationship to AWT
Since early versions of Java, a portion of the Abstract Window Toolkit (AWT)
has provided platform-independent APIs for user interface components. In AWT, each
component is rendered and controlled by a native peer component specific to the
underlying windowing system.By contrast, Swing components are often described as
lightweight because they do not require allocation of native resources in the operating
system's windowing toolkit. The AWT components are referred to as heavyweight
components. Much of the Swing API is generally a complementary extension of the
AWT rather than a direct replacement. In fact, every Swing lightweight interface
ultimately exists within an AWT heavyweight component because all of the top-level
components in Swing (JApplet, JDialog, JFrame, and JWindow) extend an AWT toplevel container. However, the use of both lightweight and heavyweight components
within the same window is generally discouraged due to Z-order incompatibilities. The
core rendering functionality used by Swing to draw its lightweight components is
provided by Java 2D another part of JFC.
1.1.4.5 Relationship to SWT
The Standard Widget Toolkit (SWT) is a competing toolkit originally developed
by IBM and now maintained by the Eclipse Foundation. SWT's implementation has more
in common with the heavyweight components of AWT. This confers benefits such as
more accurate fidelity with the underlying native windowing toolkit, at the cost of an
increased exposure to the native platform in the programming model. The advent of SWT
has given rise to a great deal of division among Java desktop developers, with many
strongly favoring either SWT or Swing. Sun's development on Swing continues to focus
on platform look and feel (PLAF) fidelity with each platform's windowing toolkit in the
approaching Java SE 7 release (as of December 2006). In the meantime, there are other
sources of high-fidelity PLAFs, many of which are collected on the javootoo site. There
has been significant debate and speculation about the performance of SWT versus Swing;
SWT's heavy dependence on JNI makes it slower when the GUI component and Java
need to communicate data, but faster at rendering when the data model has been loaded
into the GUI.
SWT serves the Windows platform very well but is considered by some to be less
effective as a technology for cross-platform development. By using the high-level
features of each native windowing toolkit, SWT returns to the issues seen in the mid 90's
(with toolkits like zApp, Zinc, XVT and IBM/Smalltalk) where toolkits attempted to
mask differences in focus behaviour, event triggering and graphical layout. Failure to
match behavior on each platform can cause subtle but difficult-to-resolve bugs that
impact user interaction and the appearance of the GUI.F
Swing Model/view design: The "view part" of the MV design is implemented with a
component object and the UI object. The "model part" of the MV design is implemented
by a model object and a change listener object. Swing is built on top of AWT and is
entirely written in Java, using AWT's lightweight component support. In particular,
unlike AWT, t he architecture of Swing components makes it easy to customize both
their appearance and behavior. Components from AWT and Swing can be mixed,
allowing you to add Swing support to existing AWT-based programs. For example,
swing components such as JSlider, JButton and JCheckbox could be used in the same
program with standard AWT labels, textfields and scrollbars. You could subclass the
existing Swing UI, model, or change listener classes without having to reinvent the entire
implementation. Swing also has the ability to replace these objects on-the-fly.

100% Java implementation of components

Pluggable Look & Feel

Lightweight components

Uses MVC Architecture
Model represents the data. View as a visual representation of the data. Controller
takes input and translates it to changes in data Three parts Component set (subclasses of
Component) Support classes Interfaces.
Java Swing class hierarchy
The class JComponent, descended directly from Container, is the root class for most of
Swing's user interface components.
Swing contains components that you'll use to build a GUI. I am listing you some of the
commonly used Swing components. To learn and understand these swing programs,
AWT Programming knowledge is not required.

JPanel
is Swing's version of the AWT class Panel and uses the same default
layout, FlowLayout. JPanel is descended directly from JComponent.

JFrame is Swing's version of Frame and is descended directly from that class.
The components added to the frame are referred to as its contents; these are
managed by the contentPane. To add a component to a JFrame, we must use its
contentPane instead.

JInternalFrame is confined to a visible area of a container it is placed in. It can
be iconified, maximized and layered.

JWindow is Swing's version of Window and is descended directly from that
class. Like Window, it uses Border Layout by default.

JDialog
is Swing's version of Dialog and is descended directly from that class.
Like Dialog, it uses Border Layout by default. Like JFrame and JWindow,
JDialog contains a rootPane hierarchy including a contentPane, and it allows
layered and glass panes. All dialogs are modal, which means the current
thread is blocked until user interaction with it has been completed. JDialog class
is intended as the basis for creating custom dialogs; however, some
of the most common dialogs are provided through static methods in the class
JOptionPane.

JLabel, descended from JComponent, is used to create text labels.

The abstract class AbstractButton extends class JComponent and provides a
foundation
for
a
family
of
button
classes,
including
JButton.

JTextField allows editing of a single line of text. New features include the ability
to justify the text left, right, or center, and to set the text's font.

JPasswordField (a direct subclass of JTextField) you can suppress the display of
input. Each character entered can be replaced by an echo character.
This allows confidential input for passwords, for example. By default, the echo
character is the asterisk, *.

JTextArea allows editing of multiple lines of text. JTextArea can be used in
conjunction with class JScrollPane to achieve scrolling. The underlying
JScrollPane can be forced to always or never have either the vertical or horizontal
scrollbar;
JButton is a component the user clicks to trigger a specific action.

JRadioButton is similar to JCheckbox, except for the default icon for each class.
A set of radio buttons can be associated as a group in which only
one button at a time can be selected.

JCheckBox is not a member of a checkbox group. A checkbox can be selected
and deselected, and it also displays its current state.

JComboBox is like a drop down box. You can click a drop-down arrow and
select an option from a list. For example, when the component has focus,
pressing a key that corresponds to the first character in some entry's name selects
that entry. A vertical scrollbar is used for longer lists.

JList provides a scrollable set of items from which one or more may be selected.
JList can be populated from an Array or Vector. JList does not
support scrolling directly; instead, the list must be associated with a scrollpane.
The view port used by the scroll pane can also have a user-defined
border. JList actions are handled using ListSelectionListener.

JTabbedPane contains a tab that can have a tool tip and a mnemonic, and it can
display both text and an image.

JToolbar contains a number of components whose type is usually some kind of
button which can also include separators to group related components
within the toolbar.

FlowLayout when used arranges swing components from left to right until there's
no more space available. Then it begins a new row below it and moves
from left to right again. Each component in a FlowLayout gets as much space as it
needs and no more.

BorderLayout places swing components in the North, South, East, West and
center of a container. You can add horizontal and vertical gaps between
the areas.

GridLayout is a layout manager that lays out a container's components in a
rectangular grid. The container is divided into equal-sized rectangles,
and one component is placed in each rectangle.

GridBagLayout is a layout manager that lays out a container's components in a
grid
of
cells
with
each
component
occupying one
or
more
cells,
called its display area. The display area aligns components vertically and
horizontally, without requiring that the components be of the same size.

JMenubar can contain several JMenu's. Each of the JMenu's can contain a series
of
JMenuItem's
that
you
can
select.
Swing
provides
support
for
pull-down and popup menus.

Scrollable JPopupMenu is a scrollable popup menu that can be used whenever
we have so many items in a popup menu that exceeds the screen visible height.
After learning AWT, lets now see what's Swing? Well, Swing is important to develop
Java programs with a graphical user interface (GUI). There are many components which
are used for the building of GUI in Swing. The Swing Toolkit consists of many
components for the building of GUI. These components are also helpful in providing
interactivity to Java applications. Following are components which are included in Swing
toolkit:

list controls

buttons

labels

tree controls

table controls
All AWT flexible components can be handled by the Java Swing. Swing toolkit
contains far more components than the simple component toolkit. It is unique to any
other toolkit in the way that it supports integrated internationalization, a highly
customizable text package, rich undo support etc. Not only this you can also create your
own look and feel using Swing other than the ones that are supported by it. The
customized look and feel can be created using Synth which is specially designed. Not to
forget that Swing also contains the basic user interface such as customizable painting,
event handling, drag and drop etc.
The Java Foundation Classes (JFC) which supports many more features
important to a GUI program comprises of Swing as well. The features which are
supported by Java Foundation Classes (JFC) are the ability to create a program that
can work in different languages, the ability to add rich graphics functionality etc.The
features which are provided by Swing and the Java Foundation Classes are as follows:
Swing GUI Components
There are several components contained in Swing toolkit such as check boxes,
buttons, tables, text etc. Some very simple components also provide sophisticated
functionality. For instance, text fields provide formatted text input or password field
behavior. Furthermore, the file browsers and dialogs can be used according to one's need
and can even be customized.
1 In tro d uc tion
Graphical user interfaces can be developed in different ways. This paper discusses
several specific frameworks utilizing the Java Foundation Classes, or Swing. While most
of the paper is targeted towards UI developers, there are features such as the Session
which have general applications. The goals in using common frameworks and
methodologies include being able to quickly understand code written by others and being
able to reuse code easily; both reduce maintenance burdens.
The first topic covers the ui package which contains general classes that can be used in
every application. Then, Actions are introduced which encapsulate behavior in a single
class that can be bound to multiple UI elements. Other topics which are not necessarily
UI-specific include Sessions (an MVC or Model-View-Controller implementation), and
error handling.
2 The ui Package
The ui package contains general UI classes that can be used in any application. No
application-specific code may be added here. Several of the classes and sub-packages are
covered here. The classes' documentation is an additional source of information. The
Action and Session classes will covered elsewhere.
Classes should not depend on classes in other packages. The reason for this is to allow
the ui package to be used in a wide range of applications. Unnecessary dependencies add
excess baggage and may make the package unusable in certain configurations. A few
exceptions are listed below.

ui.swing

ui.widgets

Miscellaneous UI Classes
2.1 The ui.swing Package
The ui.swing package contains wrappers for many of the Swing classes. The main
purpose of this technique is flexibility and maintainability. For example, if JTextField is
used throughout and we want to later change the font of all of the text fields in all of the
applications, we would have to touch most of the UI code. This is tedious, could be a
source of errors, and some fields might be overlooked. However, if we use a wrapper, we
can simply add the font to the constructor in the wrapper and we are done.
What do you wrap? If you have need for a Swing class that is not already wrapped, you
will need to decide whether that class needs to be wrapped or not: the Swing library is too
large to wrap all classes. All high-level classes that start with a J such as JTextField,
JTree,
and so on are wrapped. Layout managers, events, and lower-level classes usually
are not. Factories are usually wrapped so that additional local classes to be returned by
the factory can be added. A sure sign that a class should be wrapped is if you find that
you are making the same customizations wherever it is used. If you are unsure, discuss
this with your colleagues.
How do you wrap? In general, you start with the company's template, and then copy the
constructors from Sun's source code, including their documentation. Then, change the
name of the constructors to match the wrapper's class name, and then edit the body of
each constructor. Ideally, all but one constructor has a single method call to this and that
lone constructor contains a single method call to super.
2.2 The ui.widgets Package
The ui.widgets package is used to house widgets that can be used in any
application.
2.3 Miscellaneous UI Classes
The ui package proper contains versions of the Action and Session classes, and
these will be discussed later.
The ui package also contains an interface called UIConstants that contains general
constants like COMPONENT_GAP and COMPONENT_GROUP_GAP. These two constants
are set to 5 and 11 respectively and are derived from the Java Look and Feel
Design Guidelines. A suggested convention is for applications to define their own
constants interface. Use the name of the application's package followed by the
string "Constants" in the name of this interface. For example, if the application
Frazzle is in the package frazzle, then name the interface FrazzleConstants
4.3 MICROSOFT MYSQL SERVER 7.0
Microsoft MySQL Server is a relational database management system
(RDBMS) produced by Microsoft. Its primary query language is Transact-SQL, an
implementation of the ANSI/ISO standard Structured Query Language (SQL) used by
both Microsoft and Sybase.
4 .3 .1 ARCHIT ECT URE
The architecture of Microsoft MySQL Server is broadly divided into three
components: SQLOS which implements the basic services required by MySQL Server,
including thread scheduling, memory management and I/O management; the Relational
Engine, which implements the relational database components including support for
databases, tables, queries and stored procedures as well as implementing the type system;
and the Protocol Layer which exposes the MySQL Server functionality
4.3.2 SQLOS
SQLOS is the base component in the MySQL Server architecture. It implements
functions normally associated with the Operating System - thread scheduling, memory
management, I/O management, buffer pool management, resource management,
synchronization primitives and locking, and deadlock detection. Because the requirement
of MySQL Server is highly specialized, MySQL Server implements its own memory and
thread management system, rather than using the generic one already implemented in the
Operating System.
4.3.3 RELATIONAL ENGINE
The Relational engine implements the relational data store using the capabilities
provided by SQLOS, which is exposed to this layer via the private SQLOS API. It
implements the type system, to define the types of the data that can be stored in the
tables, as well as the different types of data items (such as tables, indexes, logs etc) that
can be stored. It includes the Storage Engine, which handles the way data is stored on
persistent storage devices and provides methods for fast access to the data. The storage
engine implements log-based transaction to ensure that any changes to the data are ACID
compliant. It also includes the query processor, which is the component that retrieves
data.
4.3.4 PROTOCOL LAYER
Protocol layer implements the external interface to MySQL Server. All operations
that can be invoked on MySQL Server are communicated to it via a Microsoft-defined
format, called Tabular Data Stream (TDS). TDS packets can be encased in other physical
transport dependent protocols, including TCP/IP, Named pipes, and shared memory.
Consequently, access to MySQL Server is available over these protocols. In addition, the
MySQL Server API is also exposed over web services.
4.3.5 HISTORY
The code base for MS MySQL Server (prior to version 7.0) originated in Sybase
SQL Server, and was Microsoft's entry to the enterprise-level database market, competing
against Oracle, IBM, and, later, Sybase itself. Microsoft, Sybase and Ashton-Tate
originally teamed up to create and market the first version named MySQL Server 1.0 for
OS/2 (about 1989) which was essentially the same as Sybase SQL Server 3.0 on Unix,
VMS, etc. Microsoft SQL Server 4.2 was shipped around 1992 (available bundled with
Microsoft OS/2 version 1.3). Later Microsoft MySQL Server 4.21 for Windows NT was
released at the same time as Windows NT 3.1. Microsoft MySQL Server v6.0 was the
first version designed for NT, and did not include any direction from Sybase.
TESTING STRATEGIES
Periodical test were conduct during the design and implementation phases of
development. Tests were conducted as per test plans, which were scheduled according to
the project development plan. A detailed report on various tests conducted and the phase
in which they were conduct is given below. A bottom-up testing methodology was
adopted to test the system developed. A bottom-up test strategy starts with the
fundamental components and works upwards.
1.7.1 Unit Testing
Unit testing was used to test individual units in the system and ensure that they
operate correctly. Alternate logic analysis and screen validation were tested in this phase
to ensure optimum efficiency in the system. The procedures and functions used and their
association with data were tested.
1.7.2 Module Testing
Module testing was used to ensure that the dependable components in a module
work in coordination with another. Function testing, performance testing and stress test
were conduct on modules independently to ensure robustness in the system developed.
The various forms, their validations, relationships between forms, tables and the data
flows between components in a module were analyzed and tested. The procedures and
functions common to a module were also tested during module testing.
1.7.3 Module Testing
Sub-system testing also known as integration testing was used to ensure that the
modules are available for integration with one another to form the final integrated system.
Interface testing was conducted to ensure that the module could work in harmony with
one another. The relationship between the modules and the data they share were tested.
1.7.4 Types of Testing
Different testing techniques are followed at different points. They are as follows:
a) Unit Testing
b) Integration Testing
c) Function Testing
d) Performance Testing
e) System Testing
a) Unit Testing
Unit testing focuses on testing the modules of the system independently of one
another and identify error. The needed test cases were developed for various modules in
the system. All the modules are tested to display the requested details elegantly,
navigation between pages visited, setting and so on. The home module is tested for
proper Login to access the system. The User details modules is checked for all the
constraints necessary to perform the transaction. The shopping cart module checked to
display the price after product selection. The Display confirmation module is tested to
provides proper confirmation. Thus all the modules are unit tested.
b) Integration Testing
After each module has been tested individually, they were integrated and the
system underwent integration testing for its correctness and was found to be consistent .
The top down integration testing for it’s used to test the modules. The main module is
tested first followed by the sub-modules to detect error that could occur due to added
complexities. They system elements have been properly integrated and it is found that
they perform their tasks as expected.
c) Function Testing
Functional test were performed for each module to test whether the
functional requirements each of the modules is satisfied. The functional test ensures that
the system produces the required result for the given input under typical operating
conditions.
d) Performance Testing
Performance test was conduct to identify the bottlenecks involved in the
system and to evaluate the amount of execution time spent on various parts of the unit.
The response time for each of the activities performed by the system is verified and is
found to be reasonable.
e) System Testing
System testing is a series of different tests whose primary purpose is to fully
exercise whether all the work should verify that all system elements have been properly
integrated and perform allocated functions.
System testing also ensures that the project works well in the environment. It traps the
error and allows convenient processing of error without coming out of the program
abruptly.
Sample code :
Screenshot :
REFERENCES
[1] D.V. Klein, “Foiling the Cracker: A Survey of, and
Improvements
to, Password Security,” Proc. Second USENIX Workshop
Security,
1990.
[2] Biometrics: Personal Identification in Networked Society,
A.K. Jain,
R. Bolle, and S. Pankanti, eds. Kluwer, 1999.
[3] D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar,
Handbook of
Fingerprint Recognition. Springer-Verlag, 2003.
[4] Ed. Dawson, J. Lopez, J.A. Montenegro, and E. Okamoto,
“BAAI:
Biometric Authentication and Authorization Infrastructure,”
Proc.
IEEE Int’l Conf. Information Technology: Research and
Education
(ITRE ’03), pp. 274-278, 2004.
[5] J.K. Lee, S.R. Ryu, and K.Y. Yoo, “Fingerprint-Based
Remote User
Authentication Scheme Using Smart Cards,” Electronics
Letters,
vol. 38, no. 12, pp. 554-555, June 2002.
[6] C.C. Chang and I.C. Lin, “Remarks on Fingerprint-Based
Remote User Authentication Scheme Using Smart Cards,”
ACM SIGOPS Operating Systems Rev., vol. 38, no. 4, pp.
91-96,
Oct. 2004.
[7] C.H. Lin and Y.Y. Lai, “A Flexible Biometrics Remote
User
Authentication Scheme,” Computer Standards Interfaces, vol.
27,
no. 1, pp. 19-23, Nov. 2004.
[8] M.K. Khan and J. Zhang, “Improving the Security of ‘A
Flexible
Biometrics
Remote
User
Authentication
Scheme’,”
Computer
Standards Interfaces, vol. 29, no. 1, pp. 82-85, Jan. 2007.
[9] C.J. Mitchell and Q. Tang, “Security of the Lin-Lai Smart
Card
Based User Authentication Scheme,” Technical Report
RHULMA20051,
http://www.ma.rhul.ac.uk/static/techrep/2005/
RHUL-MA-2005-1.pdf, Jan. 2005.
[10] E.J. Yoon and K.Y. Yoo, “A New Efficient FingerprintBased
Remote User Authentication Scheme for Multimedia
Systems,”
Proc. Ninth Int’l Conf. Knowledge-Based Intelligent
Information and
Eng. Systems (KES), 2005.
[11] Y. Lee and T. Kwon, “An improved Fingerprint-Based
Remote
User Authentication Scheme Using Smart Cards,” Proc. Int’l
Conf.
Computational Science and Its Applications (ICCSA), 2006.
[12] H.S. Kim, J.K. Lee, and K.Y. Yoo, “ID-Based Password
Authentication Scheme Using Smart Cards and Fingerprints,”
ACM SIGOPS Operating Systems Rev., vol. 37, no. 4, pp.
32-41,
Oct. 2003.
[13] M. Scott, “Cryptanalysis of an ID-Based Password
Authentication
Scheme Using Smart Cards and Fingerprints,” ACM
SIGOPS
Operating Systems Rev., vol. 38, no. 2, pp. 73-75, Apr. 2004.
[14] A. Bhargav-Spantzel, A.C. Squicciarini, E. Bertino, S.
Modi, M.
Young, and S.J. Elliott, “Privacy Preserving Multi-Factor
Authentication
with Biometrics,” J. Computer Security, vol. 15, no. 5,
pp. 529-560, 2007.
[15] S. Goldwasser, S. Micali, and C. Rackoff, “The
Knowledge
Complexity
of
Interactive
Proof-Systems,”
SIAM
J.
Computing,
vol. 18, no. 1, pp. 186-208, Feb. 1989.
[16] U. Uludag, S. Pankanti, S. Prabhakar, and A.K. Jain,
“Biometric
Cryptosystems: Issues and Challenges,” Proc. IEEE, Special
Issue
on Multimedia Security for Digital Rights Management, vol.
92,
no. 6, pp. 948-960, June 2004.
[17] C.-I. Fan and Y.-H. Lin, “Provably Secure Remote Truly
ThreeFactor Authentication Scheme with Privacy Protection on
Biometrics,”
IEEE Trans. Information Forensics and Security, vol. 4,
no. 4, pp. 933-945, Dec. 2009.
[18] C.T. Li and M.-S. Hwang, “An Efficient BiometricsBased Remote
User Authentication Scheme Using Smart Cards,” J. Network
and
Computer Applications, vol. 33, no. 1, pp. 1-5, 2010.
[19] P.C. Kocher, J. Jaffe, and B. Jun, “Differential Power
Analysis,”
Proc. Int’l Cryptology Conf. (CRYPTO), pp. 388-397, 1999.
[20] T.S. Messerges, E.A. Dabbish, and R.H. Sloan,
“Examining
Smart-Card Security under the Threat of Power Analysis
Attacks,” IEEE Trans. Computers, vol. 51, no. 5, pp. 541552,
May 2002.
[21] Y. Dodis, L. Reyzin, and A. Smith, “Fuzzy Extractors:
How to
Generate Strong Keys from Biometrics and Other Noisy
Data,”
Proc. Int’l Conf. Theory and Applications of Cryptographic
Techniques
(Eurocrypt), pp. 523-540, 2004.
[22] N.K. Ratha, J.H. Connell, and R.M. Bolle, “Enhancing
Security and
Privacy in Biometrics-Based Authentication Systems,” IBM
Systems
J., vol. 40, no. 3, pp. 614-634, 2001.
[23] M.-H. Lim and A.B.J. Teoh, “Cancelable Biometrics,”
Scholarpedia,
vol. 5, no. 1, p. 9201, 2010.
Future enhancement :
You're planning to give a presentation on Symmetric Key
Infrastructures (SKI) and how it will likely play an even
more important role in IT security than Public Key
Infrastructures (PKI) in the years ahead.
Encryption has become a last line of defense for data
protection because, once data is encrypted, if stolen or even
simply misplaced, it is rendered unreadable without the keys
to decrypt that data.
DNA Cryptography can be used to prevent cyber crimes like
hacking, and providesecure channel for communication
pressure caused by the growing number of passengers is
surely one of the largest reasons for the introduction of
biometric passports, visas and other controls/documents. This
organization recommends very clearly, that “Contracting
States should incorporate biometric data in their machine
readable passports, visas and other official travel documents,
using one or more optional data storage technologies to
supplement the machine readable zone
CONCLUSION
Preserving security and privacy is a challenging issue in
distributed systems. Hence our project makes a step forward
in solving this issue by proposing a generic framework for
three-factor authentication to protect services and resources
from unauthorized use.