26-02-2010, 04:08 PM
[attachment=2442]
ONLINE BANKING
By:Mithun
1. INTRODUCTION
This 'Online Banking' Project is a model Internet Banking Site.This site enables the customers to perform the basic banking transactions by sitting at their office or at homes through PC or laptop. The customers can access the banks website for viewing their Account details and perform the transactions on account as per their requirements. With Internet Banking, the brick and mortar structure of the traditional banking gets converted into a click and portal model, thereby giving a concept of virtual banking a real shape. Thus today's banking is no longer confined to branches. E-banking facilitates banking transactions by customers round the clock globally.
The primary aim of this software is to provide an improved design methodology, which envisages the future expansion, and modification, which is necessary for a core sector like banking. This necessitates the design to be expandable and modifiable and so a modular approach is used in developing the software. Anybody who is an Account holder in this bank can become a member of online banking. He has to fill a form with his personal details and Account Number.
All transactions are carried out online by transferring from accounts in the same Bank. The software is meant to overcome the drawbacks of the manual system. The software has been developed using the most powerful and secure backend MS SQL Server 2003 and the most widely accepted web oriented as well as application oriented .Net Platform 2003 which is being deployed using MS Windows Server 2003.
2. PROBLEM DEFINITION
This system carries out account creation and transaction processing through internet that provides an entire range of banking services online. It contains mainly four modules namely account creation, transaction, interest calculation and reports.
The first module is account creation for a new user. The account can be Savings account, Term (Fixed) account. The details of the customer and his account are being fed to the database through a registration form which is validated by the bank prior to addition to the database. Once the request is approved the user can remit the amount and open the account.
The second module consists of the various transactions that the customer can carry out.
The main transactions include deposit, withdrawal and money transfer. In this module bank
administrator gives the user ID and password in order to perform online transactions. The user is
also given the privilege to change his password which will be automatically updated to the
database. Each account holder can deposit and withdraw money into the bank through this
module. The withdrawal will be controlled by the rules of the account. The module also helps the
account holders in transferring a particular sum of money from one particular account to another
one through online facility. Here also, the amount transferred will be controlled by the rules of the
account, i- ¦
The third module helps in calculating the interest due in the Term (Fixed) account, Savings account and NRI account of the account-holder. This interest amount can be either retrieved every month or will be added to his current balance.
The'fourth module provides administrator to view all the details till to-date. It also contains money transaction details.
The fifth module deals with all the alerts that the bank is providing and also the subscription and customization of the alerts as well
The sixth module is the Bill pay, where all customers can pay their bill such as electricity, LIC, BSNL etc and customers can add the required billers to pay to.
. The seventh module is all about encryption and decryption, with the most powerful RSA algorithm, because password encryption has very important role in banking transactions.
3. SYSTEM ANALYSIS
3.1 Introduction
During the analysis phase the existing system was studied. The data flow in the existing system was studied .As part of the analysis; various documents for account opening, money transferred issuing, Cash withdrawing, customer information reports, and transaction reports were all collected. These were used in later stages to design the computerized forms used the existing system was determined. The deliverable for this stage was documentation on the existing system.
The system study is the first phase in the system life cycle. It involves studying the ways an organization currently retrieves and process data to produce information with the goal of determining how to make it better. For this, system analyst should develop alternative system and evaluate each terms of cost, benefit and feasibility. The term analysis, design and development are used in sequence, because in practice this sequence of steps used to construct computer based information system. System analysis includes the investigation and possible changes to the existing system. Analysis is used to gain an understanding of the existing system description and set of requirements for a new system. If there is no existing system, then analysis only defines the requirements. Development begins by defining a model of the new system and continues this model to a working system. The module of the system shows what the system must do to satisfy these' requirements. Finally, the data models are to a database and processed to user procedures and computer programs.
¦
3.2 EXISTING SYSTEM
The existing system involves the following activities:
> The present system consists of networking environment wherein regular activities are automated.
> However activities like Demand Draft issues, Pay Order issues are done manually and corresponding registers updated manually.
> Further the status of a pay order whether the same has been honored or not cannot be accessed, in case, if required.
> Above all in manual system, only the man responsible for DD/Pay issue is aware of the various records to be updated on each transaction.
> Readability of the records, which are maintained manually, is also constrained in the present system.
> Since record are kept on a paper registers, again is also a problem.
> Further retrieving information from such records for a period is tedious, as the storage place restricts, old records will be kept off the disk.
> Also report generation of the various areas is done manually using great amount of manpower and time.
> Erroneous records may lead to misleading information, which is more likely in manual system.
> The great limitation to the existing system is that the service to the customers is limited to the bank hours only. The online banking facility provides 24 hours service to the customer.
Limitations of the existing system
> Leads to tedious manual work.
> Enormous amount of time consumption for recording all transactions
> Error can occur during the manipulation of several records.
>' Economic justification is not obvious.
> The technique adopted in this system is more complicated.
> Lack of technical background towards the system
3.3 PROPOSED SYSTEM
In order to overcome the drawbacks in the existing system database is created which is:
> Integrated
> Accessibility
> Reliable
> Consistent
> Flexible
> Secure
The present database
> Helps in speedy information retrieval
> Extract information from tables using menus
> Offers options of the online updation and in main ting up to date information. The proposed system is
> Menu driven and user friendly
> It assists in quick deletion of errors by issuing appropriate error message.
> Validity of input data is automatically checked and error will be immediately signaled
> Efficient utilization of resources.
3.4 NEED FOR THE PROPOSED SYSTEM
The proposed systems have:
> Greater efficient and better data security
> Better information retrieval
> Consumption of time while generating report is less
> Reports can be viewed as and when needed
3.5 SYSTEM CONFIGURATION
3.5.1 Hardware Requirements
Processor AMD Sempron 2200+
Motherboard ASRock K7VM3
Monitor 15" SVGA Color Monitor
Cache Memory 256K
Floppy Disk Drive 1.44MB
CD ROM 52X
RAM 128MB
Key Board Standard 101/102 key
' Mouse PS/2 compatible
Hard Disk 100 MB of Free space
.3.5.1 Software Requirements
Operating System : Windows 2000 or Higher
' Platform ': .Net (ASP.Net and VB.Net)
Back End : MS SQL Server 2003
Server : Windows Server 2003
3.6 DOT Net OVERVIEW Visual Studio .NET
Visual Studio .Net is the rapid application development tool for BASIC. Visual Studio .Net offers complete integration with ASP.NET and enables to drag and drop server controls and design Web Forms as they should appear when user views them. Some of the other advantages of creating BASIC applications in Visual Studio .Net are
> Visual Studio .Net is a Rapid Application (RAD) tool. Instead of adding each control to the Web Form programmatically, it helps to add these controls by using toolbox, saving programming efforts.
> Visual Studio .Net supports custom and composite controls. Can create custom controls that encapsulate a common functionality that might need to use in a number of applications.
Visual Studio .Net does a wonderful job of simplifying the creation and consumption of Web Services. Mush of the programmer-friendly stuff (creating all the XML-based documents) happens automatically, without much effort on the programmer's side. Attribute-based programming is a powerful concept that enables Visual Studio .Net to automate a lot of programmer-unfriendly tasks.
.NET programming languages
The .NET Framework provides a set of tools that help to build code that works with the .NET Framework, Microsoft provides a set of languages that are already .NET compatible. BASIC is one of those languages.
ASP.NET environment
Active Server Pages were released by Microsoft to enable the creation of dynamic pages based on user input and interaction with a Web site. ASP.NET improves upon the original ASP by providing code-behind. With ASP.NET and code-behind, the code and HTML can be separated.
ASP.NET Web services are XML-based services that are exposed on the Internet that can be accessed by other Web services and Web service clients.
ASP.NET'
ASP.NET is more than the next version of Active Server Pages (ASP); it is a unified Web development platform that provides the services necessary for developers to build enterprise-class Web applications. While ASP.NET is largely syntax compatible with ASP, it also provides a new programming model and infrastructure for more secure, scalable, and stable applications.
ASP.NET is a compiled, .NET-based environment; you can author applications in any .NET compatible language, including VisualBasic.NET, BASIC, and JScript.NET. Additionally, the entire .NET Framework is available to any ASP.NET application. Developers can easily access the benefits of these technologies, which include the managed common language runtime ¦-environment, type safety, inheritance, and so on.
ASP.NET has been designed to work seamlessly with WYSIWYG HTML editors and other programming tools, including Microsoft Visual Studio .NET. Not only does this make Web development easier, but it also provides all the benefits that these tools have to offer, including a GUI that developers can use to drop server controls onto a Web page and fully integrated debugging support. Developers can choose from the following two features when creating an ' ASP.NET application, Web Forms and Web services, or combine these in any way they see fit.
> Web Forms allows you to build powerful forms-based Web pages. When building these pages, you can use ASP.NET server controls to create common Ul elements, and program them for common tasks. These controls allow you to rapidly build a Web Form out of reusable built-in or custom components, simplifying the code of a page.
> An XML Web service provides the means to access server functionality remotely.
ASP.NET ARCHITECTURE
w«b clients
ASP.NET applications
k I
I US ^
A
.MET
rramework
i
¢vVin clows NT/2 COO Operating System
As the illustration shows, all Web Administrators communicate with ASP.NET applications through IIS. IIS deciphers and optionally authenticates the request. If Anonymous is turned on, no authentication occurs. IIS also finds the requested resource (such as an ASP.NET application), and, if the client is authorized returns the appropriate resource.
In addition to the built-in ASP.NET security features, an ASP.NET application can use the low-level security features of the .NET Framework.
Features
Intuitive C++ based Language
Use a language modeled on C++ syntax, immediately familiar to C++ and Java developers, as well as intuitive new language constructs that greatly simplify development tasks
Reliable Interoperability
Employ code to call native Windows APIs, use pre-built COM components, and leverage existing ActiveX controls to seamlessly integrate existing applications and components.
Modern, Component-Oriented Language
Take advantage of inherent support for properties, indexers, delegates, single and multidimensional arrays, advanced inheritance, attributes, versioning, and XML comments. Powerful Debugging and Testing Tools
ASP .NET includes a powerful remote and multi-language debugger, enabling developers to test applications and build reliable multi-tier solutions that span process boundaries and are written in multiple programming languages. NET Framework Class Library
Gain mature and powerful, built-in functionality, including a rich set of collection classes, networking support, multithreading support, string and regular expression classes, and broad support for XML, XML schemas, XML namespaces, XSLT, XPath, and SOAP. Robust Web Development Environment
Create Web-based solutions in C# using the shared Web Forms Designer and XML Designer. Developers can also use IntelliSense features and tag completion or choose the WYSIWYG editor for drag-and-drop authoring to build interactive Web applications.
. NET Framework
Microsoft designed VB from the ground up to take advantage of its new .NET Framework. The .NET Framework is made up of four parts, the Common Language Runtime, a set of class libraries, a set of programming languages, and the ASP.NET environment. The .NET Framework was designed with three goals in mind. First, it was intended to make Windows applications much more reliable, while also providing an application with greater degree of security.
Second, it was intended to simplify the development of Web applications and services that not only work in the traditional sense, but on mobile devices as well. Lastly, the framework was designed to provide a single set of libraries that would work with multiple languages. The .NET Framework is the infrastructure for the new Microsoft .NET Platform. And it is a common environment for building, deploying, and running Web applications and Web Services. The .NET Framework contains a common language runtime and common class libraries - like ADO .NET, ASP .'NET and Windows Forms - to provide advanced standard services that can be integrated into a variety of computer systems. The .NET Framework provides a feature-rich application environment, simplified development and easy integration between a number of different development languages. The .NET Framework is language neutral. Currently it supports C++, C#, Visual Basic, and Jscript. Microsoft's Visual Studio.NET is a common development environment for the new .NET Framework.
Integrating with IIS
IIS is the web server is used here. IIS 5.0 or above is essential for the ASP.NET for the environment. This release of ASP.NET uses IIS 5.0 as the priKim host environment.
IIS always assumes that a set of credentials maps to a Windows NT account and uses them to authenticate a user. There are three different kinds of authentication available in IIS 5.0: BASIC, DIGEST, and INTEGRATED WINDOWS Authentication (NTLM or Kerberos). You can select the type of authentication to use in the IIS administrative services..
If you request a URL containing an ASP.NET application, the request and authentication information are handed off to the application. ASP.NET provides the two additional types of authentication described in the following table.
Web Service
Web service is arguably the most exciting and innovate features of Microsoft's. NET initiative and they are likely to profoundly affect the way business interact using computer application. List of possible Web services is as varies as the list of possible business opportunities. Web service would typically perform a core business service such as user authentication, credit card validation, pricing a derivates security, placing a purchase order for a stock or pricing a same-day shipment.
A web service is a component that performs a function or service. A component is a piece of software that has a well-defined interface, hidden internals, and the capability of being discovered. By "discovered" means that you can determine what the component' does without needing to see the code within it. A component is similar to a method since we can call it with arguments that fit a set of parameters, and it has the capability of returning results.
A web service may also return information to the caller. This service resides somewhere on the Web and can be accessed from other locations on the Web. For this service to be called, there are a number of elements that must be in place. First, the caller must' know how to call the service. Second, the call must be made across the Web. Finally, the ' web service must know how to respond.
3.7 Back end
3.7.1. SQL Server 7.0
Relational database systems are the most important database systems used in the software industry today. One of the most outstanding systems is Microsoft SQL Server. SQL Server is a database management system developed and marketed by Microsoft. It runs exclusively under Windows NT and Windows 95/98.
The most important aspects of SQL Server 7 are:
¢ SQL Server is easy to use.
¢ SQL Server scales from a mobile laptop to symmetric multiprocessor systems.
¢ SQL Server provides data warehousing features that until now have only been available in Oracle and other more expensive DBMSs.
A database system is an overall collection of different database software components and databases containing the parts viz. Database application programs, Front-End components, Database management systems, and Databases.
A database system must provide the following features:
¦ A variety of user interfaces
¦ Physical data independence
l-
¦ Logical data independence
¦ Query optimization 1
¦ Data integrity
¦ Concurrency control
¦ Backup and recovery
¦ Security and authorization
SQL Server is a Relational Database Management System. The SQL Server relational language is called Transact-SQL.SQL is asset-oriented language. This means that SQL can query many rows from one or more tables using just one statement. This feature allows the use of this language at a logically higher level than procedural languages. Another important property of SQL is its non- procedurally. SQL contains two sub languages DDL and DML.
SQL Server works as a natural extension of Windows NT and windows 95/98.SQL Server is relatively easy to manage through the use of a graphical computing environment for almost every task of system and database administration. SQL Server uses services of Windows NT to offer new or extended database capabilities, such as sending and receiving messages and managing login security.
The SQL Server administrator's primary tool for interacting with the system is Enterprise Manager. The Enterprise Manager has two main purposes: Administration of the database server and Management of database objects.
SQL Server Query Analyzer provides a graphical presentation of the execution plan of a query and an automatic component that suggests which index should be used for a selected query. This interactive component of SQL Server performs the tasks like:
¦ Generating and executing Transact-SQL statements
¦ . Storing the generated Transact-SQL statements in a file
¦ Analyzing execution plans for generated queries
¦ Graphically illustrating the execution plan for a selected query.
A stored procedure is a special kind of batch written in Transact-SQL using the SQL language and SQL extensions. It is saved on the database server to improve the performance and consistency of repetitive tasks. SQL Server supports stored procedures and system procedures. Stored procedures can be used for the following purposes: to control access authorization, to create an audit trial of activities in database tables, to separate data definition & data manipulation statements concerning a database & all corresponding applications. The database object view can be used for:
¦ Restricting the use of particular columns and rows of tables -that is to control access to a particular part of one or more tables,
¦ To hide the details of complicated queries, to restrict inserted & updated values to . certain ranges.
The Query Optimizer is the part of SQL Server that decides how to best perform a query. It generates several query execution plans for the given query & selects the plan with the lowest cost.
SQL Server can operate in one of two security modes:
¦ Windows NT
¦ Mixed
Windows NT security mode exclusively uses Windows NT user accounts to log into the SQL Server system. Mixed mode allows users to connect to SQL Server using the Windows NT security system or the SQL Server system. Additionally it provides three security facilities for controlling access to database objects:
¦ Transact-SQL statements GRANT, DENY, and REVOKE.
¦ Views.
¦ Stored procedures
A Windows NT user account or a SQL server login name allows a user to log into the SQL server system. A user who subsequently wants to access a database of the system needs a database user account to work in the DB. Therefore users must have a DB user account for each DB they want to use. If there is no such account the user may be allowed to work in the DB under the guest account."
Stored procedures can also be used to restrict data access. The restriction of data access using stored procedures is based upon the property that the permission to execute a stored' procedure is independent of any permission for DB objects that are referenced by the stored procedure.
SQL server provides a mechanism called a trigger for enforcing procedural integrity constraints.
A DBMS handles 2 types of integrity constraints:
¦ ¦ Declarative Integrity constraints defined using CREATE & ALTER TABLE statements.
¦ Procedural integrity constraints handled by triggers.
A trigger is a mechanism that is invoked when a particular action occurs on a particular table. Each trigger has 3 general parts:
¦ A name
¦ The action
¦ The execution
SQL server keeps record of each change it makes to the db during a transaction. This is necessary in case an error occurs during the execution of the transaction. In this case all previously executed statements within the transaction have to be rolled back.
¦ SQL server keeps all these records, in particular the before and after values, in one or more files called the transaction log. Each DB of the SQL server system has its own transaction log.
Concurrency in multi-user systems such as SQL Server has decided effect of performance. When access to the data is handled such that only one program at a time can use the data, processing slows dramatically. SQL Server like all other DBMSs, solves this problem using transactions. All statements inside a transaction build an atomic unit. This means that either all statements are executed or In the case of failure, all statements are cancelled.
3.7.2. Features of SQL Server
¦¦ Microsoft SQL Server supports a full set of features that result in the following
- benefits. "Ease of use
SQL includes a set of administrative and development tools that improve our ability to install, deploy, manage and use SQL Server across several sites.
Scalability
The same database engine can be used across platforms ranging from laptop computers running Microsoft Windows95 to very large; multiprocessor servers running Microsoft ¦Windows NT, Enterprise Edition.
Ease in building data warehouses
SQL Server includes tools for extracting and analyzing summary data for online analytical processing (OLAP). SQL Server also includes tools for visually designing databases and analyzing data using English based questions.
SQL API (SQL Application Programming Interface)
Embedded SQL applications use the DB-library DLL to access SQL server. The SQL Server ODBC driver users do not access Microsoft SQL Server directly. They use an application written to access the data in SQL Server. SQL Server can also be accessed through COM, Microsoft ActiveX, or Windows DNA (Windows Distributed Internet Applications Architecture) components. Applications are written to access SQL Server through a database Application Programming Interface (API).
Web Clients
A Web client consists of two parts:
(1) Dynamic Web pages containing various types of markup language which are generated by Web components running in the Web tier.
(2) a Web browser, which renders the pages received from the server.
A Web client is sometimes called a thin client. Thin clients usually do not query databases, execute complex business rules, or connect to legacy applications.
3.8 HTML
HTML stands for Hyper Text Markup Language. It is a simple text formatting language used to create hypertext documents. It is a platform independent language unlike most other programming language. HTML is neutral and can be used on many platform or desktop. It is this feature of HTML that makes it popular as standard on the WWW.
This versatile language allows the creation of hypertext links, also known as hyperlinks. These hyperlinks can be used to connect documents on different machine, on the same network or on a different network, or can even point to point of text in the same document.
HTML is used for creating documents where the emphasis is on the appearance of the document. It is also used for DTP. The documents created using HTML can have text with different sizes, weights and colors. It can also contain graphics to make the document more effective.
4. SYSTEM DESIGN
4.1 GENERAL DESIGN
The design of the system is essentially a blueprint, or a plan for a solution of the system to be developed. A part of a system or a subsystem of a whole of a system can itself be considered a system, with its own complements.
Levels of Design
The design process for a software system has two levels.
1. System Design
2. Logical Design
System Design
Here the focus is on detecting that which are the modules needed for the system, the specifications of the modules, and how the modules should be interconnected. System Design is only, way by which we can accurately translate the need users requirement into a finished software product or system. Without design the risk of development an unstable system exists (one that fails when small changes are made and one that may be difficult to test) The System Design includes the following three types of design.
1. Database Design
2. Architectural Design
3. Procedural Design
Logical Design
Here the internal design of the module is considered and how the specification of the module can be satisfied is decided in this design process. This is also known as detailed design.
p
4.2 DATABASE DESIGN
Database Design For The System
The details about the relevant data that came into the lay in the system are identified. According to their relationship the tables are designed by following the standard database design methods. The data type for each data in the table is defined. For optimum design of database, to have better response time, to have data integrity, to avoid redundancy and for security of the database the tables are created as normalized and also applied some sort of denormalization to reduce the joins that contain more than 3 or 4 table.
> Table structures of some table are given in the Appendix.
The database design is done according to the following procedure.
The database design transforms the information domain model created during the analysis into the data structures (tables) that will be required to implement the system or software. The -database design is made up of two levels
1. Conceptual Level
2. Normalization
Conceptual Level
¦ This level represents major data objects and relationships between them. Conceptual level, describes the features of the system data. Just like a DFD for a system, the conceptual level uses symbols from a modeling method called Entity- Relationship Analysis.
Entity -Relationship Analysis uses three major abstractions to describe data.
' > Entities, which are distinct in the system.
> Relationships, which have meaningful interaction between objects.
> Attributes, which are properties of entities, have relationships.
'¦ :
An entity is a conceptual representation of an object. Relationships between them make up data base structure. Three types of relationships exist among the entities. They are One-to-One, One-to-many, Many-to-Many relationships.
A One-to-One (1:1) relationship is an association between two entities.
A One-to-Many (1 :M) relationship describes an entity that may have two or more entities related to it.
¦
A Many-to-Many (M: M) relationship describes entities that may have relationships in both directions.
After the conceptual level, the next level of process of database design to organize the database structure into a good shape is called Normalization. The normalization simplifies the entities, removing redundancies from the system data and finally builds a data structure, which is both flexible and adaptable to the system. Normalization offers a systematic step-by-step approach towards this goal.
The different normal forms applied during the database design are given below:
¢ First Normal Form (1NF)
¢ Second Normal Form (2NF)
¢ Third Normal Form (3NF)
:
First Normal Form
A relation is said to be in 1NF if and only if it satisfies the constraints that it contains primary key only
Second Normal Form
A relation is said to be 2NF is and only if it satisfies all 1 NF conditions for the primary key and every non-primary key attribute of the relation is full dependent on its primary key alone. If a non-key attribute is not dependent on the key, it should be removed from the relation and placed as a separate relation i.e., the fields of a table in 2NF are all related to the primary key.
Third Normal Form
A relation is said to be in 3NF if and only if it is in 2NF and moreover non-key attributes of the relation should not depend on other non-key attributes.
De-normalization
Full normalization of 3NF sometimes creates a problem called proliferation. This makes large databases unmanageable and we have to maintain joins of 3 or 4 tables to execute a query, as the number of tables is increased and related attributes in different tables.
1 Therefore De-normalization denotes recombining tables to a state that is less then full moralization. This reduces the number of potential joins.
> Sample table structures are given in appendix
4.3 ARCHITECTURAL DESIGN
The primary objective of the architectural design is to develop a modular program structure of the system. This is performed after the database design of the system is over. In addition, it melds program structure and the database structure, defining interfaces that enable data to flow through the system.
The online banking system is mainly divided into two modules. Each module performs its own operations that would help the user to get an efficient output. The modules are broadly divided into two.
1. Online system module
2. Administration module
4.4 Data Flow Diagram
CONTEXTUAL DIAGRAM
Customer
Account.
account
*> Bank
Personal details, account details
Customer
Account
account number
Account number
Customer
Admin
Term Account Creation
Account number
Customer
Admin
Deposit
Customer
4.5 TABLE DESIGN
ADMIN TABLE
Field name Primary key Data type
admin Jd Yes Varchar
admin _name Varchar
admin .password Varchar
OFFICER DETAILS
Field-name . Primary key Data type
officerjd- Yes Varchar
officer_name Varchar
officer_password Varchar
ADMIN SAVINGS UPDATE
Field Name Primary Key Data type References
ac_no Yes Varchar personal details
amount Double Precision
interest Double Precision
ADMIN TERM UPDATE
Field Name Primary Key Data type References
ac_no Yes Varchar personal details
amount Double Precision
interest . Double Precision
ADMIN NRI UPDATE
Field Name ¦Primary Key Data type References
ac_no Yes Varchar personal details
amount Double Precision
interest Double Precision
MIN BALANCE
Field Name Primary Key Data type
acjype YES Varchar
interest Double Precision
min_balance Double Precision
validity
online_min_balance Double Precision
PERSONAL DETAILS
Field name Primary key Data type Auto Increment
sl_no Int Yes-
ac_no Yes Varchar
name_of_applicant Varchar
name2 Varchar
name3 Varchar
address Varchar
phone_no Varchar
dob_app1 Date
ACCOUNT DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
valid_upto Numeric
mode Varchar
creation_date Date
amount Double Precision
interest Double Precision
NOMINEE DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
nomineejiame Varchar
address Varchar
relation Varchar
date_of_birth Date
TERM ACCOUNT DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
pan_no Varchar
valid_upto Numeric
mode Varchar
creation_date Date
amount Double Precision
interest Double Precision
TERM NOMINEE DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
nominee_name Varchar
address Varchar
relation Varchar
date_of_birth Date
OVERSEAS ADDRESS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
overseas_address Varchar
emailjd Varchar
TRANSACTION DETAILS
Field Name Primary Key Data type References
tranjd Yes Int ¦
ac_no Varchar personal_details
tran_date Date
deposit Double Precision
withdraw Double Precision
balance Double Precision
type_of_ac Varchar
ONLINE USERS DETAILS
Field Name Primary Key Data type References
userjd Yes Varchar
ac_no Varchar personaLdetails
password Varchar
emailjd Varchar
creation_date Date Alert Status
Field Name Primary Key Data type References
Account No Yes Varchar personaLdetails
Alert id Varchar
Estatus Varchar
Mstatus Varchar
Biller Details
Field Name Primary Key Data type References
BillerlD Yes Varchar
BillerName Varchar
Location Varchar
Trans passwd
Field Name Primary Key Data type References
UserlD Yes Varchar personal_details
TransPasswd Varchar
Location Varchar
5. SYSTEM DEVELOPMENT
MODULE DESCRIPTION
¦
In this system, the customers can register with the bank, and thereafter, perform various money transactions on their account The system contains mainly of four modules, namely:
1. Account Creation
2. Money Transaction
3. Interest Calculation
4. Reports
5. Alerts
6. Bill Pay
7. RSA Encryption and Decryption
5.1. ACCOUNT CREATION MODULE
The first module handles account creation for a new customer. The account can be Savings account, Term (Fixed) account. The details of the customer and his account are being fed to the database through a registration form which is validated by the bank prior to addition to the database. Once the request is approved the user can remit the amount and open the account.
In order to register with the bank, the customer is required to fill a registration form where he specifies the type of account he wants to create. He also provides his personal details. These details will all be then entered into the bank database. The administrator then verifies these data's and will register him with the bank, and thereafter provide him with the account number. The customer can then perform the transactions using this account number.
. If the customer wishes to create a savings account, he has to provide in the registration
form, his personal details, the details of the type of account he wishes to create, as well as the c
details of his nominees. All this information is then stored into corresponding tables in the database, one each for personal details, account details, and nominee details. The information is then passed to the administrator, who, after validating the details, provides the customer with an account number.
Similar method is followed for the creation of term account also.
5.2. MONEY TRANSACTION MODULE
The second module consists of the various transactions that the customer can carry out. The main transactions include deposit, withdrawal and money transfer. In this module bank administrator gives the user ID and password in order to perform online transactions. The user is also given the privilege to change his password which will be automatically updated to the database. Each account holder can deposit and withdraw money into the bank through this module.
Each type of account has a minimum amount of money, which has to be there in the account for its existence. In the case of withdrawal, it is always checked whether the withdrawal of money will affect the minimum balance or not. If yes, the transaction will not be permitted. In the other case, the customer is allowed to withdraw the specified amount from his account. The change in balance amount is updated in the database. In the case of deposition the customer can deposit any amount of money in his account and the increase in balance is updated in the database.
In the case of online transactions, the account holders can transfer a particular sum of money from one account to another by specifying the corresponding account numbers. The transaction in the source account is considered as a withdrawal and that in the destination account is considered as a deposition. Here also, the amount transferred will be controlled by the rules of minimum balance.
Funds transfer:
Funds transfer allows you to transfer funds online. It's like writing a cheque online, that's why we also call it "eCheque".
You have three different options for transferring funds. These are
1. Transfer funds to your own Bank accounts
If you have multiple accounts with ICICI bank and these are linked to your Internet Banking User ID, you can make immediate transfers between them.
2. Transfer funds to any Bank account across India
This option enable you to instantaneously transfer funds to any ICICI Bank account across India.
3. Transfer funds to any other Bank account across India
now you can transfer funds to any account with any bank across India.
5.3. INTEREST CALCULATION MODULE
The third module helps in calculating the interest due in the Term (Fixed) account and Savings account of the account-holder. This interest amount can be either retrieved every month or will be added to his current balance. This is done by the administrator.
5.4. REPORTS
The fourth module provides administrator to view all the details till to-date. It also contains money transaction details
5.5. ALERTS
Alerts mainly fall into two categories, mobile alerts and email alerts, Both of these alerts can be subscribed for credit card and account. For each one, alert should be registered separately. And whenever the transactions are made, corresponding values are taken from the alert status and alert category tables. For credit card the details of minimum balance, balance in between a range etc are alerted. For accounts also, the minimum balance, balance exceeds a particular value etc are alerted.
Mobile alerts:
Whenever a transaction is done with a mobile alert enabled or subscribed account, the customer is get alerted through mobile phones, the mobile number is already stored in the account details at the time of mobile alert subscription. The alerts are in the form of SMS- short message service, which shows the essence of transaction details briefly. The customer can unsubscribe the mobile alert unless needed and can change the mobile number as well. Email alerts:
Whenever a transaction is done with a email alert enabled or subscribed account, the customer is get alerted through email ID, the email ID is already stored in the account details at the time of email alert subscription. The alerts are in the form of email news letter, which shows the transaction details briefly^The customer can unsubscribe the email alert unless needed and can change the email ID as well. Email alert contain more information about the transaction than that of the SMS can have.
5.6. BILL PAY
.,. . .
Bill Pay is the easiest way to manage bills. You can pay all monthly bills, like credit card, telephone, mobile phones, electricity, insurance premium, etc., from your computer. We have tie-ups with more than 40 billers across the country. You can view the billers by clicking on the link provided. It also shows the bills can pay using Bank credit card and the bills that can be viewed online. The bill pay landing page also shows the bills waiting for acceptance for presentment mode billers. You can pay these by clicking on detail.
Below this you will see the following four buttons:
a. Register for a new Biller
b. Make a Payment
c. List of registered billers
d. Show payments made
Register for a new Biller
To pay a bill, you need to register the biller first. The registration process is a one-time effort. Clicking on register for new biller gives a list of billers we have tied up with. If you don't find your biller on a particular page, click on "next list". You can choose your biller from the list of the billers and click on "Add to list
Make a Payment
Clicking on "Make a Payment" displays a list of billers you have registered for. You can select the biller you want to make a payment to.
You are taken to the payment screen. Select the account from which you want to pay and
the amount to be paid. You have the option of making instantaneous payment or scheduling it for a later date.
After clicking on "Pay" button you are asked to enter your User ID and transaction password. After successful payment, a payment confirmation number is displayed here. If you choose to specify a later payment date, then the bill is shown as pending.
List of registered billers displays billers you have registered for. Show payments made
To view all your past bill payments made on Bank's site click on "Show payments made". You can choose one biller or all the billers. The display gives you the payment date and payment amount along with the transaction status.
5.7. RSA Encryption and Decryption
Digital signatures are used to achieve Authentication, Non repudiation and Authorization.
Authentication is technique by which a process verifies that its communication partner is who it supposed to be not an intruder, deals with question of whether or not you are actually communicating with a specific process.
Non repudiation a mechanism which provides a way to prevent the author from falsely claming that he or she isn't the author.
Authorization is concerned with what that process is permitted to do. Implementing Digital Signatures (RSA):
Since RSA (Rivest, Shamir, Adleman) algorithm is one of famous public key block cipher algorithm that have remarkable property of achieving digital signatures. It is consider one of the most secure cryptographic systems in that it has withstood many attempts by experts in the field to break it. The RSA algorithm is a block cipher based on the fact that finding a
Random prime number of a large size is computationally easy, but factoring the product of two such numbers is currently considered computationally infeasible. As RSA is one of effective cipher for providing digital signatures but it suffers from the fact that it is very slow as it requires much recourses. Larger the size (Length) of key (bits) the more secure the algorithm is and it is
¦
CSE or SNGCE, Kadayiruppu
impossible to break that cipher. However also the computation required in this case will be enough which slows down the overall performance of the slower the system.
To get around this, people combine hashes with public key cryptography what is called Digital signatures. The figure shown above depicts this concept.
What is Hash (Fingerprints)
Hashes are known as one way functions that is their mathematical property of non reversibility. Further more they are also Known as Message digest functions because message is reduced or digest to a fixed-length number that is smaller than the Message. Hashes are the actually sum of ASCII values of all letters of message and no matter how long the input data is, the Hash is always the same number of bits.
6. System Implementation and Testing
¦
Implementation is the stage of the project when the theoretical design is turned into a working system. The implementation stage is a system project in its own right. It includes careful planning, investigation of current system and its constraints on implementation, design of methods to achieve the changeover, training of the staff in the change over procedure and evaluation of changeover method.
The first task in implementation is planning, deciding on the methods and time scale to be adopted. Once the planning has been completed the major effort is to ensure that the programs in the system are working properly when the staff has been trained, the complete system involving both computer and user can be executed effectively. Thus the clear plan are prepared for the activities
6.1 System Testing and Maintenance
System testing is defined as the process by which one detects the defects in the software. Any
oftware development organization or team has to perform several processes. Software testing is
CSE.
2£ S N G C E, Kadayiruppu
A lUJ^Vl 1 I
Winnie DaiiKing
one among them. It is the final opportunity of any programmer to detect and rectify any defects that may have appeared during the software development stage. Testing is a process of testing a program with the explicit intention of finding errors that make the program fail. In short system testing and quality assurance, is a review in software products and related documentation for completion, correctness, reliability and maintainability.
System testing is the first stage of implementation, which is aimed at ensuring that the system works accurately and efficiently before live operation commences. Testing is vital to the success of the system. System testing makes a logical assumption that if all the parts of the system are correct the goal will be successfully achieved. A series of testing are performed for the proposed system before the system is ready for user acceptance testing. ¦ The testing steps are
S Unit testing
s Integration testing
S Validation
s Output testing
s User acceptance testing
Unit Testing
This is the first level of testing. In this different modules are tested against the specification produces during the design of the modules. Unit testing is done during the coding phase and to test the internal logic of the modules. It refers to the modules. It refers to the verification of single program module in an isolated environment. Unit testing first focuses on the modules independently of one another to locate errors.
After coding each dialogue is tested and run individually. All necessary coding where removed and it was ensured that all the modules are worked, as the programmer would expect. Logical errors found where corrected,
I 1 1\CJAM I
unnne oanKing
So, by working all the modules independently and verifying the outputs of each module in the presence of staff we conducted that the programs was functioning as expected. Integration Testing
Data can be lost across an interface: one module can be adverse effort on another; sub functions when combined may not produce the desired major functions. Integration testing is a systematic testing for constructing the program structure. Conducting the tests is to uncover errors associated within the interface. The objective is to take unit tested to modules and build a program structure. All the modules are combined and tested as a whole, Here correction is difficult because the vast expenses of the entire program complicate the isolation of causes. Thus in the integration testing step, all the errors uncovered are corrected for the next testing steps.
Validation Testing
This provides the final assurance that the software meets the all the functional, behavioral and performance requirements. The software is completely assembled as a package. Validation succeeds when the software functions in a manner in which user wishes. Validation refers to the process of using software in live environment in order to find errors. During the course of validation the system failure may occur and sometime the coding has to be hanged according to the requirement. Thus the feedback from the validation phase generally produces changes in the software.
Once the application was made of all logical and interface errors, inputting dummy data ensured that the software developed satisfied all the requirements of the user. This dummy data is known as test case:
Output Testing
After performing the validation testing, the next step is output testing of the proposed system since no system could be useful if it does not produce the required output in the specific format. Asking the users about the format the required by them, tests the output generated or considered into 2 ways. One is on screen and another is printed format.
The output format on the screen found to be correct as the format was designed in the system design phase according to the user needs. For the hard copy also, the output comes out as the specified requirement by the user. Hence output testing does not result in any correction in the system.
¦
User Acceptance Testing
Acceptance test refers to the acceptance of data into the system for processing. The acceptance test contributes to the consistency and smooth working of the system. The system under consideration is tested for users at a time of developing and making changes whenever required. This is done with regard to the following points:
> Input screen design
> Output screen design
> On-line message to guide the user
> Format of ad-hoc report and other outputs.
Taking the various kinds of test data does the above testing. Preparation of test data plays a vital role in the system testing. After preparing the test data the system under study is tested using that test data. While testing the system by using test data errors are again uncovered and corrected by using above testing steps and correction are also noted for future use.
1 IVV^jJV^l t
uniine oanKing
7. TEST SCREEN
fay- ii.niet Explorer
FJe Edit yew Favorites Ioob Hdp
H " ¢"¦ S '/ Search Favorites %f Media ‚¬">
Address h^://locahost/Onlnebanking/hdex.aspx
'J fij Go Links
¦onlinebanking.com offers you a |power packed Savings Account ith a host of convenient eatures and banking channels itransact through. So now [you can bank at your cnvenience, without the *eu of waiting in queues.
T
Want to surprise your wife with a Jewellery set
Internet Banking Login [
Home page
Subscribe to banking Request
Subscribe to Banking Alert
Credit
Subscribe to Credit Card Req u est
Subscribe to Credit Card Alert
wmm..
a Done
di
¦ Local Intranet
Mobile Banking Home
¦
Mobile Recharge Form
CSE
46
S N G C E, Kadayiruppu
1 ¦'+' r >,) *¦ ."«'; / ¦'¦ : , search Favorites Media -\'!
e My Accounts: About lit Cont«t U«
¢SB
IHIHflHHIHHi ESBI Mi!
A..-C.IJ.U. I Si.iiii.iur-/
Swart Mony Order
CirtJ -I- r«nt hw*i TrwwJw
T
*M« To JtrUMXt UKU«t
For DeMt Cwd
Write To Account manager
From j
To I
Account ¦ Number
Sub)
\ Send | [ Reset | | Back |
(¢SJDone
¦jLocal Intranet
Write to Account manager
rttp.y'/localhost - showPaynwitt*!
| 06 Edit yiew Favorites look bdp ¦ >|Sack " * « ', Search Favorites * Media ‚¬::
Retieve
Cancel
Query on payment
;*>y Local intranet
He £dit View Fworj-ef, lools Hdp
> ¦ ; *. , search "Favorites * Media j'
Links
Aseouttfrt fitting Credited Ahem!
f~ >itav Crftflit^d into &y ftocaunt AInmic
f„¢ Cheque O^psjtfid in My 3;.c.oyr:r j;mi.v;ffid
5«>U tend
| Suormt j | Bac* I
Mobile Alert Subscription Form
y Local Intranet
54
S N G C E, Kadayiruppu
1 I UJtVI l\U|H)I I
Online Banking
_|g|xl
Fie £dt View Favorites Tools Help "jr"
O Back » ¦ -' . Search Favorites I> " ¦. i. *.;
intranet
zJ
Change Password From
... .y*
Search ^-Favorites'*}* Media £*
I Address \1Q http :.//localhosVOrilinebanking/Forgotpassword.aspx
I Go Links
Forgot password
User LD jpopy
|abc@gd com
Date of Birth fTo7l2/2T98f Email LD
Hint. Answer iood
Done !
lbone
¦j Local intranet
Forgot password
8. Conclusion
The main aim of developing software is to provide all information that is required by the users. User friendliness is a must that is the user must get the details without complicated searching procedures. Other important requirements of software are data security, extensibility and maintainability. All these features are included in this web application.
The project greatly helped in understanding the various phases in website development and exposure to a new developer platform MS Visual Studio .Net and database MS SQL Server.
ONLINE BANKING
By:Mithun
1. INTRODUCTION
This 'Online Banking' Project is a model Internet Banking Site.This site enables the customers to perform the basic banking transactions by sitting at their office or at homes through PC or laptop. The customers can access the banks website for viewing their Account details and perform the transactions on account as per their requirements. With Internet Banking, the brick and mortar structure of the traditional banking gets converted into a click and portal model, thereby giving a concept of virtual banking a real shape. Thus today's banking is no longer confined to branches. E-banking facilitates banking transactions by customers round the clock globally.
The primary aim of this software is to provide an improved design methodology, which envisages the future expansion, and modification, which is necessary for a core sector like banking. This necessitates the design to be expandable and modifiable and so a modular approach is used in developing the software. Anybody who is an Account holder in this bank can become a member of online banking. He has to fill a form with his personal details and Account Number.
All transactions are carried out online by transferring from accounts in the same Bank. The software is meant to overcome the drawbacks of the manual system. The software has been developed using the most powerful and secure backend MS SQL Server 2003 and the most widely accepted web oriented as well as application oriented .Net Platform 2003 which is being deployed using MS Windows Server 2003.
2. PROBLEM DEFINITION
This system carries out account creation and transaction processing through internet that provides an entire range of banking services online. It contains mainly four modules namely account creation, transaction, interest calculation and reports.
The first module is account creation for a new user. The account can be Savings account, Term (Fixed) account. The details of the customer and his account are being fed to the database through a registration form which is validated by the bank prior to addition to the database. Once the request is approved the user can remit the amount and open the account.
The second module consists of the various transactions that the customer can carry out.
The main transactions include deposit, withdrawal and money transfer. In this module bank
administrator gives the user ID and password in order to perform online transactions. The user is
also given the privilege to change his password which will be automatically updated to the
database. Each account holder can deposit and withdraw money into the bank through this
module. The withdrawal will be controlled by the rules of the account. The module also helps the
account holders in transferring a particular sum of money from one particular account to another
one through online facility. Here also, the amount transferred will be controlled by the rules of the
account, i- ¦
The third module helps in calculating the interest due in the Term (Fixed) account, Savings account and NRI account of the account-holder. This interest amount can be either retrieved every month or will be added to his current balance.
The'fourth module provides administrator to view all the details till to-date. It also contains money transaction details.
The fifth module deals with all the alerts that the bank is providing and also the subscription and customization of the alerts as well
The sixth module is the Bill pay, where all customers can pay their bill such as electricity, LIC, BSNL etc and customers can add the required billers to pay to.
. The seventh module is all about encryption and decryption, with the most powerful RSA algorithm, because password encryption has very important role in banking transactions.
3. SYSTEM ANALYSIS
3.1 Introduction
During the analysis phase the existing system was studied. The data flow in the existing system was studied .As part of the analysis; various documents for account opening, money transferred issuing, Cash withdrawing, customer information reports, and transaction reports were all collected. These were used in later stages to design the computerized forms used the existing system was determined. The deliverable for this stage was documentation on the existing system.
The system study is the first phase in the system life cycle. It involves studying the ways an organization currently retrieves and process data to produce information with the goal of determining how to make it better. For this, system analyst should develop alternative system and evaluate each terms of cost, benefit and feasibility. The term analysis, design and development are used in sequence, because in practice this sequence of steps used to construct computer based information system. System analysis includes the investigation and possible changes to the existing system. Analysis is used to gain an understanding of the existing system description and set of requirements for a new system. If there is no existing system, then analysis only defines the requirements. Development begins by defining a model of the new system and continues this model to a working system. The module of the system shows what the system must do to satisfy these' requirements. Finally, the data models are to a database and processed to user procedures and computer programs.
¦
3.2 EXISTING SYSTEM
The existing system involves the following activities:
> The present system consists of networking environment wherein regular activities are automated.
> However activities like Demand Draft issues, Pay Order issues are done manually and corresponding registers updated manually.
> Further the status of a pay order whether the same has been honored or not cannot be accessed, in case, if required.
> Above all in manual system, only the man responsible for DD/Pay issue is aware of the various records to be updated on each transaction.
> Readability of the records, which are maintained manually, is also constrained in the present system.
> Since record are kept on a paper registers, again is also a problem.
> Further retrieving information from such records for a period is tedious, as the storage place restricts, old records will be kept off the disk.
> Also report generation of the various areas is done manually using great amount of manpower and time.
> Erroneous records may lead to misleading information, which is more likely in manual system.
> The great limitation to the existing system is that the service to the customers is limited to the bank hours only. The online banking facility provides 24 hours service to the customer.
Limitations of the existing system
> Leads to tedious manual work.
> Enormous amount of time consumption for recording all transactions
> Error can occur during the manipulation of several records.
>' Economic justification is not obvious.
> The technique adopted in this system is more complicated.
> Lack of technical background towards the system
3.3 PROPOSED SYSTEM
In order to overcome the drawbacks in the existing system database is created which is:
> Integrated
> Accessibility
> Reliable
> Consistent
> Flexible
> Secure
The present database
> Helps in speedy information retrieval
> Extract information from tables using menus
> Offers options of the online updation and in main ting up to date information. The proposed system is
> Menu driven and user friendly
> It assists in quick deletion of errors by issuing appropriate error message.
> Validity of input data is automatically checked and error will be immediately signaled
> Efficient utilization of resources.
3.4 NEED FOR THE PROPOSED SYSTEM
The proposed systems have:
> Greater efficient and better data security
> Better information retrieval
> Consumption of time while generating report is less
> Reports can be viewed as and when needed
3.5 SYSTEM CONFIGURATION
3.5.1 Hardware Requirements
Processor AMD Sempron 2200+
Motherboard ASRock K7VM3
Monitor 15" SVGA Color Monitor
Cache Memory 256K
Floppy Disk Drive 1.44MB
CD ROM 52X
RAM 128MB
Key Board Standard 101/102 key
' Mouse PS/2 compatible
Hard Disk 100 MB of Free space
.3.5.1 Software Requirements
Operating System : Windows 2000 or Higher
' Platform ': .Net (ASP.Net and VB.Net)
Back End : MS SQL Server 2003
Server : Windows Server 2003
3.6 DOT Net OVERVIEW Visual Studio .NET
Visual Studio .Net is the rapid application development tool for BASIC. Visual Studio .Net offers complete integration with ASP.NET and enables to drag and drop server controls and design Web Forms as they should appear when user views them. Some of the other advantages of creating BASIC applications in Visual Studio .Net are
> Visual Studio .Net is a Rapid Application (RAD) tool. Instead of adding each control to the Web Form programmatically, it helps to add these controls by using toolbox, saving programming efforts.
> Visual Studio .Net supports custom and composite controls. Can create custom controls that encapsulate a common functionality that might need to use in a number of applications.
Visual Studio .Net does a wonderful job of simplifying the creation and consumption of Web Services. Mush of the programmer-friendly stuff (creating all the XML-based documents) happens automatically, without much effort on the programmer's side. Attribute-based programming is a powerful concept that enables Visual Studio .Net to automate a lot of programmer-unfriendly tasks.
.NET programming languages
The .NET Framework provides a set of tools that help to build code that works with the .NET Framework, Microsoft provides a set of languages that are already .NET compatible. BASIC is one of those languages.
ASP.NET environment
Active Server Pages were released by Microsoft to enable the creation of dynamic pages based on user input and interaction with a Web site. ASP.NET improves upon the original ASP by providing code-behind. With ASP.NET and code-behind, the code and HTML can be separated.
ASP.NET Web services are XML-based services that are exposed on the Internet that can be accessed by other Web services and Web service clients.
ASP.NET'
ASP.NET is more than the next version of Active Server Pages (ASP); it is a unified Web development platform that provides the services necessary for developers to build enterprise-class Web applications. While ASP.NET is largely syntax compatible with ASP, it also provides a new programming model and infrastructure for more secure, scalable, and stable applications.
ASP.NET is a compiled, .NET-based environment; you can author applications in any .NET compatible language, including VisualBasic.NET, BASIC, and JScript.NET. Additionally, the entire .NET Framework is available to any ASP.NET application. Developers can easily access the benefits of these technologies, which include the managed common language runtime ¦-environment, type safety, inheritance, and so on.
ASP.NET has been designed to work seamlessly with WYSIWYG HTML editors and other programming tools, including Microsoft Visual Studio .NET. Not only does this make Web development easier, but it also provides all the benefits that these tools have to offer, including a GUI that developers can use to drop server controls onto a Web page and fully integrated debugging support. Developers can choose from the following two features when creating an ' ASP.NET application, Web Forms and Web services, or combine these in any way they see fit.
> Web Forms allows you to build powerful forms-based Web pages. When building these pages, you can use ASP.NET server controls to create common Ul elements, and program them for common tasks. These controls allow you to rapidly build a Web Form out of reusable built-in or custom components, simplifying the code of a page.
> An XML Web service provides the means to access server functionality remotely.
ASP.NET ARCHITECTURE
w«b clients
ASP.NET applications
k I
I US ^
A
.MET
rramework
i
¢vVin clows NT/2 COO Operating System
As the illustration shows, all Web Administrators communicate with ASP.NET applications through IIS. IIS deciphers and optionally authenticates the request. If Anonymous is turned on, no authentication occurs. IIS also finds the requested resource (such as an ASP.NET application), and, if the client is authorized returns the appropriate resource.
In addition to the built-in ASP.NET security features, an ASP.NET application can use the low-level security features of the .NET Framework.
Features
Intuitive C++ based Language
Use a language modeled on C++ syntax, immediately familiar to C++ and Java developers, as well as intuitive new language constructs that greatly simplify development tasks
Reliable Interoperability
Employ code to call native Windows APIs, use pre-built COM components, and leverage existing ActiveX controls to seamlessly integrate existing applications and components.
Modern, Component-Oriented Language
Take advantage of inherent support for properties, indexers, delegates, single and multidimensional arrays, advanced inheritance, attributes, versioning, and XML comments. Powerful Debugging and Testing Tools
ASP .NET includes a powerful remote and multi-language debugger, enabling developers to test applications and build reliable multi-tier solutions that span process boundaries and are written in multiple programming languages. NET Framework Class Library
Gain mature and powerful, built-in functionality, including a rich set of collection classes, networking support, multithreading support, string and regular expression classes, and broad support for XML, XML schemas, XML namespaces, XSLT, XPath, and SOAP. Robust Web Development Environment
Create Web-based solutions in C# using the shared Web Forms Designer and XML Designer. Developers can also use IntelliSense features and tag completion or choose the WYSIWYG editor for drag-and-drop authoring to build interactive Web applications.
. NET Framework
Microsoft designed VB from the ground up to take advantage of its new .NET Framework. The .NET Framework is made up of four parts, the Common Language Runtime, a set of class libraries, a set of programming languages, and the ASP.NET environment. The .NET Framework was designed with three goals in mind. First, it was intended to make Windows applications much more reliable, while also providing an application with greater degree of security.
Second, it was intended to simplify the development of Web applications and services that not only work in the traditional sense, but on mobile devices as well. Lastly, the framework was designed to provide a single set of libraries that would work with multiple languages. The .NET Framework is the infrastructure for the new Microsoft .NET Platform. And it is a common environment for building, deploying, and running Web applications and Web Services. The .NET Framework contains a common language runtime and common class libraries - like ADO .NET, ASP .'NET and Windows Forms - to provide advanced standard services that can be integrated into a variety of computer systems. The .NET Framework provides a feature-rich application environment, simplified development and easy integration between a number of different development languages. The .NET Framework is language neutral. Currently it supports C++, C#, Visual Basic, and Jscript. Microsoft's Visual Studio.NET is a common development environment for the new .NET Framework.
Integrating with IIS
IIS is the web server is used here. IIS 5.0 or above is essential for the ASP.NET for the environment. This release of ASP.NET uses IIS 5.0 as the priKim host environment.
IIS always assumes that a set of credentials maps to a Windows NT account and uses them to authenticate a user. There are three different kinds of authentication available in IIS 5.0: BASIC, DIGEST, and INTEGRATED WINDOWS Authentication (NTLM or Kerberos). You can select the type of authentication to use in the IIS administrative services..
If you request a URL containing an ASP.NET application, the request and authentication information are handed off to the application. ASP.NET provides the two additional types of authentication described in the following table.
Web Service
Web service is arguably the most exciting and innovate features of Microsoft's. NET initiative and they are likely to profoundly affect the way business interact using computer application. List of possible Web services is as varies as the list of possible business opportunities. Web service would typically perform a core business service such as user authentication, credit card validation, pricing a derivates security, placing a purchase order for a stock or pricing a same-day shipment.
A web service is a component that performs a function or service. A component is a piece of software that has a well-defined interface, hidden internals, and the capability of being discovered. By "discovered" means that you can determine what the component' does without needing to see the code within it. A component is similar to a method since we can call it with arguments that fit a set of parameters, and it has the capability of returning results.
A web service may also return information to the caller. This service resides somewhere on the Web and can be accessed from other locations on the Web. For this service to be called, there are a number of elements that must be in place. First, the caller must' know how to call the service. Second, the call must be made across the Web. Finally, the ' web service must know how to respond.
3.7 Back end
3.7.1. SQL Server 7.0
Relational database systems are the most important database systems used in the software industry today. One of the most outstanding systems is Microsoft SQL Server. SQL Server is a database management system developed and marketed by Microsoft. It runs exclusively under Windows NT and Windows 95/98.
The most important aspects of SQL Server 7 are:
¢ SQL Server is easy to use.
¢ SQL Server scales from a mobile laptop to symmetric multiprocessor systems.
¢ SQL Server provides data warehousing features that until now have only been available in Oracle and other more expensive DBMSs.
A database system is an overall collection of different database software components and databases containing the parts viz. Database application programs, Front-End components, Database management systems, and Databases.
A database system must provide the following features:
¦ A variety of user interfaces
¦ Physical data independence
l-
¦ Logical data independence
¦ Query optimization 1
¦ Data integrity
¦ Concurrency control
¦ Backup and recovery
¦ Security and authorization
SQL Server is a Relational Database Management System. The SQL Server relational language is called Transact-SQL.SQL is asset-oriented language. This means that SQL can query many rows from one or more tables using just one statement. This feature allows the use of this language at a logically higher level than procedural languages. Another important property of SQL is its non- procedurally. SQL contains two sub languages DDL and DML.
SQL Server works as a natural extension of Windows NT and windows 95/98.SQL Server is relatively easy to manage through the use of a graphical computing environment for almost every task of system and database administration. SQL Server uses services of Windows NT to offer new or extended database capabilities, such as sending and receiving messages and managing login security.
The SQL Server administrator's primary tool for interacting with the system is Enterprise Manager. The Enterprise Manager has two main purposes: Administration of the database server and Management of database objects.
SQL Server Query Analyzer provides a graphical presentation of the execution plan of a query and an automatic component that suggests which index should be used for a selected query. This interactive component of SQL Server performs the tasks like:
¦ Generating and executing Transact-SQL statements
¦ . Storing the generated Transact-SQL statements in a file
¦ Analyzing execution plans for generated queries
¦ Graphically illustrating the execution plan for a selected query.
A stored procedure is a special kind of batch written in Transact-SQL using the SQL language and SQL extensions. It is saved on the database server to improve the performance and consistency of repetitive tasks. SQL Server supports stored procedures and system procedures. Stored procedures can be used for the following purposes: to control access authorization, to create an audit trial of activities in database tables, to separate data definition & data manipulation statements concerning a database & all corresponding applications. The database object view can be used for:
¦ Restricting the use of particular columns and rows of tables -that is to control access to a particular part of one or more tables,
¦ To hide the details of complicated queries, to restrict inserted & updated values to . certain ranges.
The Query Optimizer is the part of SQL Server that decides how to best perform a query. It generates several query execution plans for the given query & selects the plan with the lowest cost.
SQL Server can operate in one of two security modes:
¦ Windows NT
¦ Mixed
Windows NT security mode exclusively uses Windows NT user accounts to log into the SQL Server system. Mixed mode allows users to connect to SQL Server using the Windows NT security system or the SQL Server system. Additionally it provides three security facilities for controlling access to database objects:
¦ Transact-SQL statements GRANT, DENY, and REVOKE.
¦ Views.
¦ Stored procedures
A Windows NT user account or a SQL server login name allows a user to log into the SQL server system. A user who subsequently wants to access a database of the system needs a database user account to work in the DB. Therefore users must have a DB user account for each DB they want to use. If there is no such account the user may be allowed to work in the DB under the guest account."
Stored procedures can also be used to restrict data access. The restriction of data access using stored procedures is based upon the property that the permission to execute a stored' procedure is independent of any permission for DB objects that are referenced by the stored procedure.
SQL server provides a mechanism called a trigger for enforcing procedural integrity constraints.
A DBMS handles 2 types of integrity constraints:
¦ ¦ Declarative Integrity constraints defined using CREATE & ALTER TABLE statements.
¦ Procedural integrity constraints handled by triggers.
A trigger is a mechanism that is invoked when a particular action occurs on a particular table. Each trigger has 3 general parts:
¦ A name
¦ The action
¦ The execution
SQL server keeps record of each change it makes to the db during a transaction. This is necessary in case an error occurs during the execution of the transaction. In this case all previously executed statements within the transaction have to be rolled back.
¦ SQL server keeps all these records, in particular the before and after values, in one or more files called the transaction log. Each DB of the SQL server system has its own transaction log.
Concurrency in multi-user systems such as SQL Server has decided effect of performance. When access to the data is handled such that only one program at a time can use the data, processing slows dramatically. SQL Server like all other DBMSs, solves this problem using transactions. All statements inside a transaction build an atomic unit. This means that either all statements are executed or In the case of failure, all statements are cancelled.
3.7.2. Features of SQL Server
¦¦ Microsoft SQL Server supports a full set of features that result in the following
- benefits. "Ease of use
SQL includes a set of administrative and development tools that improve our ability to install, deploy, manage and use SQL Server across several sites.
Scalability
The same database engine can be used across platforms ranging from laptop computers running Microsoft Windows95 to very large; multiprocessor servers running Microsoft ¦Windows NT, Enterprise Edition.
Ease in building data warehouses
SQL Server includes tools for extracting and analyzing summary data for online analytical processing (OLAP). SQL Server also includes tools for visually designing databases and analyzing data using English based questions.
SQL API (SQL Application Programming Interface)
Embedded SQL applications use the DB-library DLL to access SQL server. The SQL Server ODBC driver users do not access Microsoft SQL Server directly. They use an application written to access the data in SQL Server. SQL Server can also be accessed through COM, Microsoft ActiveX, or Windows DNA (Windows Distributed Internet Applications Architecture) components. Applications are written to access SQL Server through a database Application Programming Interface (API).
Web Clients
A Web client consists of two parts:
(1) Dynamic Web pages containing various types of markup language which are generated by Web components running in the Web tier.
(2) a Web browser, which renders the pages received from the server.
A Web client is sometimes called a thin client. Thin clients usually do not query databases, execute complex business rules, or connect to legacy applications.
3.8 HTML
HTML stands for Hyper Text Markup Language. It is a simple text formatting language used to create hypertext documents. It is a platform independent language unlike most other programming language. HTML is neutral and can be used on many platform or desktop. It is this feature of HTML that makes it popular as standard on the WWW.
This versatile language allows the creation of hypertext links, also known as hyperlinks. These hyperlinks can be used to connect documents on different machine, on the same network or on a different network, or can even point to point of text in the same document.
HTML is used for creating documents where the emphasis is on the appearance of the document. It is also used for DTP. The documents created using HTML can have text with different sizes, weights and colors. It can also contain graphics to make the document more effective.
4. SYSTEM DESIGN
4.1 GENERAL DESIGN
The design of the system is essentially a blueprint, or a plan for a solution of the system to be developed. A part of a system or a subsystem of a whole of a system can itself be considered a system, with its own complements.
Levels of Design
The design process for a software system has two levels.
1. System Design
2. Logical Design
System Design
Here the focus is on detecting that which are the modules needed for the system, the specifications of the modules, and how the modules should be interconnected. System Design is only, way by which we can accurately translate the need users requirement into a finished software product or system. Without design the risk of development an unstable system exists (one that fails when small changes are made and one that may be difficult to test) The System Design includes the following three types of design.
1. Database Design
2. Architectural Design
3. Procedural Design
Logical Design
Here the internal design of the module is considered and how the specification of the module can be satisfied is decided in this design process. This is also known as detailed design.
p
4.2 DATABASE DESIGN
Database Design For The System
The details about the relevant data that came into the lay in the system are identified. According to their relationship the tables are designed by following the standard database design methods. The data type for each data in the table is defined. For optimum design of database, to have better response time, to have data integrity, to avoid redundancy and for security of the database the tables are created as normalized and also applied some sort of denormalization to reduce the joins that contain more than 3 or 4 table.
> Table structures of some table are given in the Appendix.
The database design is done according to the following procedure.
The database design transforms the information domain model created during the analysis into the data structures (tables) that will be required to implement the system or software. The -database design is made up of two levels
1. Conceptual Level
2. Normalization
Conceptual Level
¦ This level represents major data objects and relationships between them. Conceptual level, describes the features of the system data. Just like a DFD for a system, the conceptual level uses symbols from a modeling method called Entity- Relationship Analysis.
Entity -Relationship Analysis uses three major abstractions to describe data.
' > Entities, which are distinct in the system.
> Relationships, which have meaningful interaction between objects.
> Attributes, which are properties of entities, have relationships.
'¦ :
An entity is a conceptual representation of an object. Relationships between them make up data base structure. Three types of relationships exist among the entities. They are One-to-One, One-to-many, Many-to-Many relationships.
A One-to-One (1:1) relationship is an association between two entities.
A One-to-Many (1 :M) relationship describes an entity that may have two or more entities related to it.
¦
A Many-to-Many (M: M) relationship describes entities that may have relationships in both directions.
After the conceptual level, the next level of process of database design to organize the database structure into a good shape is called Normalization. The normalization simplifies the entities, removing redundancies from the system data and finally builds a data structure, which is both flexible and adaptable to the system. Normalization offers a systematic step-by-step approach towards this goal.
The different normal forms applied during the database design are given below:
¢ First Normal Form (1NF)
¢ Second Normal Form (2NF)
¢ Third Normal Form (3NF)
:
First Normal Form
A relation is said to be in 1NF if and only if it satisfies the constraints that it contains primary key only
Second Normal Form
A relation is said to be 2NF is and only if it satisfies all 1 NF conditions for the primary key and every non-primary key attribute of the relation is full dependent on its primary key alone. If a non-key attribute is not dependent on the key, it should be removed from the relation and placed as a separate relation i.e., the fields of a table in 2NF are all related to the primary key.
Third Normal Form
A relation is said to be in 3NF if and only if it is in 2NF and moreover non-key attributes of the relation should not depend on other non-key attributes.
De-normalization
Full normalization of 3NF sometimes creates a problem called proliferation. This makes large databases unmanageable and we have to maintain joins of 3 or 4 tables to execute a query, as the number of tables is increased and related attributes in different tables.
1 Therefore De-normalization denotes recombining tables to a state that is less then full moralization. This reduces the number of potential joins.
> Sample table structures are given in appendix
4.3 ARCHITECTURAL DESIGN
The primary objective of the architectural design is to develop a modular program structure of the system. This is performed after the database design of the system is over. In addition, it melds program structure and the database structure, defining interfaces that enable data to flow through the system.
The online banking system is mainly divided into two modules. Each module performs its own operations that would help the user to get an efficient output. The modules are broadly divided into two.
1. Online system module
2. Administration module
4.4 Data Flow Diagram
CONTEXTUAL DIAGRAM
Customer
Account.
account
*> Bank
Personal details, account details
Customer
Account
account number
Account number
Customer
Admin
Term Account Creation
Account number
Customer
Admin
Deposit
Customer
4.5 TABLE DESIGN
ADMIN TABLE
Field name Primary key Data type
admin Jd Yes Varchar
admin _name Varchar
admin .password Varchar
OFFICER DETAILS
Field-name . Primary key Data type
officerjd- Yes Varchar
officer_name Varchar
officer_password Varchar
ADMIN SAVINGS UPDATE
Field Name Primary Key Data type References
ac_no Yes Varchar personal details
amount Double Precision
interest Double Precision
ADMIN TERM UPDATE
Field Name Primary Key Data type References
ac_no Yes Varchar personal details
amount Double Precision
interest . Double Precision
ADMIN NRI UPDATE
Field Name ¦Primary Key Data type References
ac_no Yes Varchar personal details
amount Double Precision
interest Double Precision
MIN BALANCE
Field Name Primary Key Data type
acjype YES Varchar
interest Double Precision
min_balance Double Precision
validity
online_min_balance Double Precision
PERSONAL DETAILS
Field name Primary key Data type Auto Increment
sl_no Int Yes-
ac_no Yes Varchar
name_of_applicant Varchar
name2 Varchar
name3 Varchar
address Varchar
phone_no Varchar
dob_app1 Date
ACCOUNT DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
valid_upto Numeric
mode Varchar
creation_date Date
amount Double Precision
interest Double Precision
NOMINEE DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
nomineejiame Varchar
address Varchar
relation Varchar
date_of_birth Date
TERM ACCOUNT DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
pan_no Varchar
valid_upto Numeric
mode Varchar
creation_date Date
amount Double Precision
interest Double Precision
TERM NOMINEE DETAILS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
nominee_name Varchar
address Varchar
relation Varchar
date_of_birth Date
OVERSEAS ADDRESS
Field Name Foreign Key Data type References
ac_no Yes Varchar personal_details
overseas_address Varchar
emailjd Varchar
TRANSACTION DETAILS
Field Name Primary Key Data type References
tranjd Yes Int ¦
ac_no Varchar personal_details
tran_date Date
deposit Double Precision
withdraw Double Precision
balance Double Precision
type_of_ac Varchar
ONLINE USERS DETAILS
Field Name Primary Key Data type References
userjd Yes Varchar
ac_no Varchar personaLdetails
password Varchar
emailjd Varchar
creation_date Date Alert Status
Field Name Primary Key Data type References
Account No Yes Varchar personaLdetails
Alert id Varchar
Estatus Varchar
Mstatus Varchar
Biller Details
Field Name Primary Key Data type References
BillerlD Yes Varchar
BillerName Varchar
Location Varchar
Trans passwd
Field Name Primary Key Data type References
UserlD Yes Varchar personal_details
TransPasswd Varchar
Location Varchar
5. SYSTEM DEVELOPMENT
MODULE DESCRIPTION
¦
In this system, the customers can register with the bank, and thereafter, perform various money transactions on their account The system contains mainly of four modules, namely:
1. Account Creation
2. Money Transaction
3. Interest Calculation
4. Reports
5. Alerts
6. Bill Pay
7. RSA Encryption and Decryption
5.1. ACCOUNT CREATION MODULE
The first module handles account creation for a new customer. The account can be Savings account, Term (Fixed) account. The details of the customer and his account are being fed to the database through a registration form which is validated by the bank prior to addition to the database. Once the request is approved the user can remit the amount and open the account.
In order to register with the bank, the customer is required to fill a registration form where he specifies the type of account he wants to create. He also provides his personal details. These details will all be then entered into the bank database. The administrator then verifies these data's and will register him with the bank, and thereafter provide him with the account number. The customer can then perform the transactions using this account number.
. If the customer wishes to create a savings account, he has to provide in the registration
form, his personal details, the details of the type of account he wishes to create, as well as the c
details of his nominees. All this information is then stored into corresponding tables in the database, one each for personal details, account details, and nominee details. The information is then passed to the administrator, who, after validating the details, provides the customer with an account number.
Similar method is followed for the creation of term account also.
5.2. MONEY TRANSACTION MODULE
The second module consists of the various transactions that the customer can carry out. The main transactions include deposit, withdrawal and money transfer. In this module bank administrator gives the user ID and password in order to perform online transactions. The user is also given the privilege to change his password which will be automatically updated to the database. Each account holder can deposit and withdraw money into the bank through this module.
Each type of account has a minimum amount of money, which has to be there in the account for its existence. In the case of withdrawal, it is always checked whether the withdrawal of money will affect the minimum balance or not. If yes, the transaction will not be permitted. In the other case, the customer is allowed to withdraw the specified amount from his account. The change in balance amount is updated in the database. In the case of deposition the customer can deposit any amount of money in his account and the increase in balance is updated in the database.
In the case of online transactions, the account holders can transfer a particular sum of money from one account to another by specifying the corresponding account numbers. The transaction in the source account is considered as a withdrawal and that in the destination account is considered as a deposition. Here also, the amount transferred will be controlled by the rules of minimum balance.
Funds transfer:
Funds transfer allows you to transfer funds online. It's like writing a cheque online, that's why we also call it "eCheque".
You have three different options for transferring funds. These are
1. Transfer funds to your own Bank accounts
If you have multiple accounts with ICICI bank and these are linked to your Internet Banking User ID, you can make immediate transfers between them.
2. Transfer funds to any Bank account across India
This option enable you to instantaneously transfer funds to any ICICI Bank account across India.
3. Transfer funds to any other Bank account across India
now you can transfer funds to any account with any bank across India.
5.3. INTEREST CALCULATION MODULE
The third module helps in calculating the interest due in the Term (Fixed) account and Savings account of the account-holder. This interest amount can be either retrieved every month or will be added to his current balance. This is done by the administrator.
5.4. REPORTS
The fourth module provides administrator to view all the details till to-date. It also contains money transaction details
5.5. ALERTS
Alerts mainly fall into two categories, mobile alerts and email alerts, Both of these alerts can be subscribed for credit card and account. For each one, alert should be registered separately. And whenever the transactions are made, corresponding values are taken from the alert status and alert category tables. For credit card the details of minimum balance, balance in between a range etc are alerted. For accounts also, the minimum balance, balance exceeds a particular value etc are alerted.
Mobile alerts:
Whenever a transaction is done with a mobile alert enabled or subscribed account, the customer is get alerted through mobile phones, the mobile number is already stored in the account details at the time of mobile alert subscription. The alerts are in the form of SMS- short message service, which shows the essence of transaction details briefly. The customer can unsubscribe the mobile alert unless needed and can change the mobile number as well. Email alerts:
Whenever a transaction is done with a email alert enabled or subscribed account, the customer is get alerted through email ID, the email ID is already stored in the account details at the time of email alert subscription. The alerts are in the form of email news letter, which shows the transaction details briefly^The customer can unsubscribe the email alert unless needed and can change the email ID as well. Email alert contain more information about the transaction than that of the SMS can have.
5.6. BILL PAY
.,. . .
Bill Pay is the easiest way to manage bills. You can pay all monthly bills, like credit card, telephone, mobile phones, electricity, insurance premium, etc., from your computer. We have tie-ups with more than 40 billers across the country. You can view the billers by clicking on the link provided. It also shows the bills can pay using Bank credit card and the bills that can be viewed online. The bill pay landing page also shows the bills waiting for acceptance for presentment mode billers. You can pay these by clicking on detail.
Below this you will see the following four buttons:
a. Register for a new Biller
b. Make a Payment
c. List of registered billers
d. Show payments made
Register for a new Biller
To pay a bill, you need to register the biller first. The registration process is a one-time effort. Clicking on register for new biller gives a list of billers we have tied up with. If you don't find your biller on a particular page, click on "next list". You can choose your biller from the list of the billers and click on "Add to list
Make a Payment
Clicking on "Make a Payment" displays a list of billers you have registered for. You can select the biller you want to make a payment to.
You are taken to the payment screen. Select the account from which you want to pay and
the amount to be paid. You have the option of making instantaneous payment or scheduling it for a later date.
After clicking on "Pay" button you are asked to enter your User ID and transaction password. After successful payment, a payment confirmation number is displayed here. If you choose to specify a later payment date, then the bill is shown as pending.
List of registered billers displays billers you have registered for. Show payments made
To view all your past bill payments made on Bank's site click on "Show payments made". You can choose one biller or all the billers. The display gives you the payment date and payment amount along with the transaction status.
5.7. RSA Encryption and Decryption
Digital signatures are used to achieve Authentication, Non repudiation and Authorization.
Authentication is technique by which a process verifies that its communication partner is who it supposed to be not an intruder, deals with question of whether or not you are actually communicating with a specific process.
Non repudiation a mechanism which provides a way to prevent the author from falsely claming that he or she isn't the author.
Authorization is concerned with what that process is permitted to do. Implementing Digital Signatures (RSA):
Since RSA (Rivest, Shamir, Adleman) algorithm is one of famous public key block cipher algorithm that have remarkable property of achieving digital signatures. It is consider one of the most secure cryptographic systems in that it has withstood many attempts by experts in the field to break it. The RSA algorithm is a block cipher based on the fact that finding a
Random prime number of a large size is computationally easy, but factoring the product of two such numbers is currently considered computationally infeasible. As RSA is one of effective cipher for providing digital signatures but it suffers from the fact that it is very slow as it requires much recourses. Larger the size (Length) of key (bits) the more secure the algorithm is and it is
¦
CSE or SNGCE, Kadayiruppu
impossible to break that cipher. However also the computation required in this case will be enough which slows down the overall performance of the slower the system.
To get around this, people combine hashes with public key cryptography what is called Digital signatures. The figure shown above depicts this concept.
What is Hash (Fingerprints)
Hashes are known as one way functions that is their mathematical property of non reversibility. Further more they are also Known as Message digest functions because message is reduced or digest to a fixed-length number that is smaller than the Message. Hashes are the actually sum of ASCII values of all letters of message and no matter how long the input data is, the Hash is always the same number of bits.
6. System Implementation and Testing
¦
Implementation is the stage of the project when the theoretical design is turned into a working system. The implementation stage is a system project in its own right. It includes careful planning, investigation of current system and its constraints on implementation, design of methods to achieve the changeover, training of the staff in the change over procedure and evaluation of changeover method.
The first task in implementation is planning, deciding on the methods and time scale to be adopted. Once the planning has been completed the major effort is to ensure that the programs in the system are working properly when the staff has been trained, the complete system involving both computer and user can be executed effectively. Thus the clear plan are prepared for the activities
6.1 System Testing and Maintenance
System testing is defined as the process by which one detects the defects in the software. Any
oftware development organization or team has to perform several processes. Software testing isCSE.
2£ S N G C E, Kadayiruppu
A lUJ^Vl 1 I
Winnie DaiiKing
one among them. It is the final opportunity of any programmer to detect and rectify any defects that may have appeared during the software development stage. Testing is a process of testing a program with the explicit intention of finding errors that make the program fail. In short system testing and quality assurance, is a review in software products and related documentation for completion, correctness, reliability and maintainability.
System testing is the first stage of implementation, which is aimed at ensuring that the system works accurately and efficiently before live operation commences. Testing is vital to the success of the system. System testing makes a logical assumption that if all the parts of the system are correct the goal will be successfully achieved. A series of testing are performed for the proposed system before the system is ready for user acceptance testing. ¦ The testing steps are
S Unit testing
s Integration testing
S Validation
s Output testing
s User acceptance testing
Unit Testing
This is the first level of testing. In this different modules are tested against the specification produces during the design of the modules. Unit testing is done during the coding phase and to test the internal logic of the modules. It refers to the modules. It refers to the verification of single program module in an isolated environment. Unit testing first focuses on the modules independently of one another to locate errors.
After coding each dialogue is tested and run individually. All necessary coding where removed and it was ensured that all the modules are worked, as the programmer would expect. Logical errors found where corrected,
I 1 1\CJAM I
unnne oanKing
So, by working all the modules independently and verifying the outputs of each module in the presence of staff we conducted that the programs was functioning as expected. Integration Testing
Data can be lost across an interface: one module can be adverse effort on another; sub functions when combined may not produce the desired major functions. Integration testing is a systematic testing for constructing the program structure. Conducting the tests is to uncover errors associated within the interface. The objective is to take unit tested to modules and build a program structure. All the modules are combined and tested as a whole, Here correction is difficult because the vast expenses of the entire program complicate the isolation of causes. Thus in the integration testing step, all the errors uncovered are corrected for the next testing steps.
Validation Testing
This provides the final assurance that the software meets the all the functional, behavioral and performance requirements. The software is completely assembled as a package. Validation succeeds when the software functions in a manner in which user wishes. Validation refers to the process of using software in live environment in order to find errors. During the course of validation the system failure may occur and sometime the coding has to be hanged according to the requirement. Thus the feedback from the validation phase generally produces changes in the software.
Once the application was made of all logical and interface errors, inputting dummy data ensured that the software developed satisfied all the requirements of the user. This dummy data is known as test case:
Output Testing
After performing the validation testing, the next step is output testing of the proposed system since no system could be useful if it does not produce the required output in the specific format. Asking the users about the format the required by them, tests the output generated or considered into 2 ways. One is on screen and another is printed format.
The output format on the screen found to be correct as the format was designed in the system design phase according to the user needs. For the hard copy also, the output comes out as the specified requirement by the user. Hence output testing does not result in any correction in the system.
¦
User Acceptance Testing
Acceptance test refers to the acceptance of data into the system for processing. The acceptance test contributes to the consistency and smooth working of the system. The system under consideration is tested for users at a time of developing and making changes whenever required. This is done with regard to the following points:
> Input screen design
> Output screen design
> On-line message to guide the user
> Format of ad-hoc report and other outputs.
Taking the various kinds of test data does the above testing. Preparation of test data plays a vital role in the system testing. After preparing the test data the system under study is tested using that test data. While testing the system by using test data errors are again uncovered and corrected by using above testing steps and correction are also noted for future use.
1 IVV^jJV^l t
uniine oanKing
7. TEST SCREEN
fay- ii.niet Explorer
FJe Edit yew Favorites Ioob Hdp
H " ¢"¦ S '/ Search Favorites %f Media ‚¬">
Address h^://locahost/Onlnebanking/hdex.aspx
'J fij Go Links
¦onlinebanking.com offers you a |power packed Savings Account ith a host of convenient eatures and banking channels itransact through. So now [you can bank at your cnvenience, without the *eu of waiting in queues.
T
Want to surprise your wife with a Jewellery set
Internet Banking Login [
Home page
Subscribe to banking Request
Subscribe to Banking Alert
Credit
Subscribe to Credit Card Req u est
Subscribe to Credit Card Alert
wmm..
a Done
di
¦ Local Intranet
Mobile Banking Home
¦
Mobile Recharge Form
CSE
46
S N G C E, Kadayiruppu
1 ¦'+' r >,) *¦ ."«'; / ¦'¦ : , search Favorites Media -\'!
e My Accounts: About lit Cont«t U«
¢SB
IHIHflHHIHHi ESBI Mi!
A..-C.IJ.U. I Si.iiii.iur-/
Swart Mony Order
CirtJ -I- r«nt hw*i TrwwJw
T
*M« To JtrUMXt UKU«t
For DeMt Cwd
Write To Account manager
From j
To I
Account ¦ Number
Sub)
\ Send | [ Reset | | Back |
(¢SJDone
¦jLocal Intranet
Write to Account manager
rttp.y'/localhost - showPaynwitt*!
| 06 Edit yiew Favorites look bdp ¦ >|Sack " * « ', Search Favorites * Media ‚¬::
Retieve
Cancel
Query on payment
;*>y Local intranet
He £dit View Fworj-ef, lools Hdp
> ¦ ; *. , search "Favorites * Media j'
Links
Aseouttfrt fitting Credited Ahem!
f~ >itav Crftflit^d into &y ftocaunt AInmic
f„¢ Cheque O^psjtfid in My 3;.c.oyr:r j;mi.v;ffid
5«>U tend
| Suormt j | Bac* I
Mobile Alert Subscription Form
y Local Intranet
54
S N G C E, Kadayiruppu
1 I UJtVI l\U|H)I I
Online Banking
_|g|xl
Fie £dt View Favorites Tools Help "jr"
O Back » ¦ -' . Search Favorites I> " ¦. i. *.;
intranet
zJ
Change Password From
... .y*
Search ^-Favorites'*}* Media £*
I Address \1Q http :.//localhosVOrilinebanking/Forgotpassword.aspx
I Go Links
Forgot password
User LD jpopy
|abc@gd com
Date of Birth fTo7l2/2T98f Email LD
Hint. Answer iood
Done !
lbone
¦j Local intranet
Forgot password
8. Conclusion
The main aim of developing software is to provide all information that is required by the users. User friendliness is a must that is the user must get the details without complicated searching procedures. Other important requirements of software are data security, extensibility and maintainability. All these features are included in this web application.
The project greatly helped in understanding the various phases in website development and exposure to a new developer platform MS Visual Studio .Net and database MS SQL Server.
