1
SMS TRANSACTION SECURITY
Chapter – 1
INTRODUCTION
This chapter describes about each and every chapter in the Document.
Description of the Problem
Secure Messenger is an Application, used to encrypt and decrypt the message. This encrypts and decrypt based on Quasigroups Cryptographic Algorithm (QCA). This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is used to transform money between two peoples. This SMS Message is encrypted on your mobile by using Java MIDLET. And Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted.
Transaction on mobile is used to transform money between two peoples. These two peoples must be registered in a Bank and they should have mobile for transaction. This transaction starts with SMS if USER1 wants to pay money to USER2. Both of them should have mobile phone. User1 simply types SMS to particularly bank with his 4 digits PIN, Amount and is transferred to designation account. Confirmation SMS is sends to both Users.
System analysis
This chapter explains about various processes involves in the project right from Input from the user till the Output information given to the user. Here we explain the Data Flow Diagram briefly. Then it also explains what are the flow control involve in the project. Input and Output, how to store the Data and how to maintain the Data values and other details.
System Design
This chapter explain about various datatable structures includes Field names, Data types, Size and Constraints etc.,
It also explains E – R Diagram.
It describes File Structure, Source of Input, Files involved in processing and Output structure.
It explains various processes involve and the manipulation done between the files. It explains the Output to the user and how it is given .
Output Design
It displays System Flow chart i.e. how gets the Input , processes involved, decision making done, where the data comes, what are happens System inside and what Output you finally get and when and where the process ends.
It displays Login Screen for Online as well as Offline.
Testing and Implementation
It discusses the tests involved in the project. And evolves of all operations included according to the Organization requirement.
Conclusion
This chapter discusses the scope of the system and the reference books which had been explored.
Chapter – 2
Description of the Problem
Existing System
In the modern world, cell phones have been used by majority of the people around the world. The normal procedure for cell phone activation profiled takes on with;
- Buying the SMS card from the dealer
- Scratch the card
- Type the 13 Digit number
- After these procedures only, security for system exists in a cell phone.
This is what happens in the existing systems. This is not at all a problem for the customers, but in the fast moving world, every one is working like a machine. So, for making their work to move in a smooth manner without tension and for saving the precious time, we are introducing a systems called SMS secure transaction on Mobile.
Proposed System
Secure Messenger is an Application, used to encrypt and decrypt the message. This encrypts and decrypt based on Quasigroups Cryptographic Algorithm (QCA). This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is used to transform money between two peo. This SMS Message is encrypted on your mobile by using Java MIDLET. And Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted.
Transaction on mobile is used to transform money between two peoples. These two peoples must be registered in a Bank and they should have mobile for transaction. This transaction starts with SMS if USER1 wants to pay money to USER2. Both of them should have mobile phone. User1 simply types SMS to particularly bank with his 4 digits PIN, Amount and is transferred to designation account. Confirmation SMS is sends to both Users.
Chapter – 3
System Analysis
SYSTEM DESCRIPTION
SMS or Short Message Service allows Cellular or Mobile GSM phones to send and receive Text Messages. SMS is a widely used service for brief communication and the data sent using SMS services is confidential in nature and is desired not to be disclosed to a third party. The use of SMS is a convenient and fast means of communication with cellular telephone and pagers.
This can be alphanumeric and more recently graphical. A sent SMS message is stored at an SMS Center (SMSC) until the receiver’s phone receives it. The receiver can identify the sender by his/her telephone number that is included in the message itself. SMS supports several input mechanisms that allow interconnection with different message sources and destinations including voice-mail systems, Web-based messaging and E-mail integration.
SMS CHARACTERISTICS
The cost of sending SMS messages is lower than other data-oriented mobile services such as WAP. Mobile service in-curstwo kinds of cost: the one-time cost of purchasing a mobile device; and the ongoing cost of using the services. Nowadays, almost all mobile phones are SMS enabled but WAP phones are still relatively expensive. The cost of sending a SMS message is low and relatively much cheaper than accessing Internet via WAP.
Convenience of “anytime and anywhere”
SMS messaging has two special characteristics: “anytime” and “anywhere” availability. A switched-on mobile device is able to receive or send a message at “anytime” regard-less of whether a voice or data call is in progress. Messages sent to a switched-off phone are guaranteed to deliver when the handset is on again because SMS messages are users. One application is in the selective advertising business for promotional purpose. For example, restaurant operators can entice customers by sending them advertisements and promotional information messages when they are in the vicinity of restaurants. “Personal” characteristic;
To determine the possible success factors of emerging SMS commerce, we first need to understand the contributing factors to the existing success of SMS messaging. To-ward this end, we performed an extensive content analysis of the extant literature on SMS messaging in several countries. Cost-effective and interoperable wireless infrastructure, support for “location-awareness”.
ARCHITECTURE OF SMS
In my project “Secure Messenger” is an Application, used to encrypt and decrypt the message. This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is encrypted on your mobile by using Java MIDLET. And Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted message
ARCHITECTURE OF TRANSACTION
Transaction on mobile is used to transform money between two peoples. This two peoples must be registered in a Bank. And they should have mobile for transaction. This transaction starts with SMS. If USER1 wants to pay money to USER2, both of them should have mobile phone. User1 simply types SMS to particularly bank with his 4 digits PIN, Amount and Account No. Bank server processes the request and Amount is transferred to designation account. Confirmation SMS is sends to both USERS.
ALGORITHM FOR ENCRYPTION
Name : Quasigroups Cryptographic Algorithm(QCA):
In this application for sending encrypted SMS messages using cryptographic methods based on theory of Quasigroups is proposed. The encryption algorithm is characterized by a secret key. The application is developed using programming language Java and the J2ME environment. SMS messages are sometimes used for the interchange of confidential data such as social security number, bank account number, password etc. A typing error in selecting a number when sending such a message can have severe consequences if the message is readable to any receiver.
Most mobile operators encrypt all mobile communication data, including SMS messages but sometimes this is not the case, and even when encrypted, the data is readable for the operator. Among others these needs give rise for the need to develop additional encryption for SMS messages, so that only accredited parties are able to engage communication.
Our approach to this problem is to develop an application that can be used in mobile devices to encrypt messages that are about to be sent. Naturally decryption for encrypted messages is also provided. The encryption and decryption are characterized by a secret key that all legal parties have to posses.
In addition to cryptographic strength, things to consider when developing this type of an application for mobile devices are limitations in memory and processing capacity. Quasigroups are well suited for encryption of this type of data. The cryptographic strength of Quasigroups based encryption has been examined.
DEFINITIONS OF QCA
A groupoid is a finite set Q that is closed with respect to an operator *, i.e., a *b Q for all a, b Q. A groupoid is a Quasigroup, if it has unique left and right inverses, i.e., for any u, v Q there exists unique x and y such that x * u = v and u * y = v.
This means that all operations are invertible and have unique solutions, which implies their usability as cryptographic substitution operations. With this in mind we can define inverse operations for *, call them \ (left inverse) and /(right inverse) . The operator \ (resp. /) defines a new Quasigroup (Q, \, * ) (resp. (Q, /)) and for algebra (Q, \ , _ )
x * (x \ y) = y = x \ (x * y) (1)
A Quasigroup can be characterized with a structure called Latin square. A Latin square is an n * n matrix where each row and column is a permutation of elements of a set. In our case | Q | = n.
Several other operations can be derived from the operation * [2], but for our purposes operations * and \ (right inverse) are sufficient.
ENCRYPTION OF QCA
DECRYPTION OF QCA
COMPOSITION OF ENCRYPTION AND DECRYPTION
DATA FLOW DIAGRAMS
Data Flow Diagrams
The data flow diagram (DFD) is one of the most important modeling tools. It is used to model the system components. These components are the system process, the data used by the process, an external entity that interacts with the system and the information flows in the system.
DFD shows how the information moves through the system and how it is modified by a series of transformations. It is a graphical technique that depicts information flow and those transformations that are applied as data moves from input and output.
DFD is also known as bubble chart. A DFD may be used to represent a system at any level of abstraction. DFD s may be partitioned into levels that represent increasing information flow and functional details.
A level 0 DFD, also as the context diagram, represents the entire system as a single module with input and output data indicated by incoming and outgoing arrows respectively. Additional process and information flow paths are represented, as the level 0 DFD is partitioned to reveal more details.
A level1 DFD, also called as top-level DFD, represent the system with major modules and data stores. First level DFD is shown in fig. the other levels will show each module in the top-level DFD in a more detailed fashion. The other level DFD s for our system are shown from fig to fig.
Data Flow Diagram
Chapter – 4
System Design
Database Design
Table Name: Cust
Description: Stores Customer details
Field Name / Data type / Size / ConstraintAccno / Text / 20 / Primary key
Cell no / Number / 20
Pass word / Text / 20
Skey / Text / 20
Balance / Number / 20
Table Name: sms
Description: Stores sms details
Field Name Field Name / Data type / Size / ConstraintPid / Text / 20 / Primary key
Sid / Text / 20
Message / Text / 20
Table Name: Transaction
Description: Stores Customer transaction details
Field Name / Data type / Size / ConstraintAccno / Text / 20 / Primary key
To_accno / Text / 20
Mode / Text / 20
Date / Text / 20
Time / Text / 20
Amount / Number / 20
E – R Diagram
File Structure
File Structure explain overall project. It explains the files, which involve and how it process the fields in the tables. Then it explains what are all the Output Involved.
Source of Input:
We can give Customer Account No, Secrete key, amount in Mobile Screen. To make sms separate text box is available for contents to be typed.
Files involved in Processing:
SMS:
Consists Sender , Receiver , Message Data items when sms were Receive and sent.
Cust:
Contains Customer account No, Password, skey, balance, cell no for maintaining Customer Data perfectly.
Transaction:
Consists Customer account No, Date, Time, amount, mode which was useful as Customer wise Transaction.
Output File Structure:
It explains the Output to the Users and how it is given.
SMS:
Consists Sender , Receiver , Message Data items when sms were Receive and sent.
Cust:
Contains Customer account No, Password, skey, balance, cell no for maintaining Customer Data perfectly.
Transaction:
Consists Customer account No, Date, Time,amount, mode which was useful as Customer wise Transaction.
Chapter – 5
Output Design
System Flow Chart
Chapter – 6
Testing and Implementation
Testing is a process of executing with the intent of finding an error. Testing was done to check for the proper functioning of system. System was tested at various levels to attain the goal and the system to be problem free.
The following testing strategies are performed.
System Testing
Integration Testing
Acceptance Testing
System Testing:
It verity checks whether the software meets its requirements that were laid down during the project tracking specification. It is comprised of Integration Test and Acceptance Testing.
Integration Testing:
Testing modules are combined into Sub – Systems and then Tested. This is done as modules can be Integrated properly, emphasizing on interface between modules.
Integration testing is a systematic technique for constructing the program structure while conducting tests to uncover errors associated with interfacing. The objective is to take unit tested modules and build a program structure that has been dictated by design. There are mainly two types of integration.
- Top-Down integration
- Bottom-Up integration
Top-Down integration is an incremental approach to construction of program structure. Modules are integrated by moving downward through the control hierarchy, beginning with the main control module (main program).
Bottom-Up integration testing, as its name implies, begins construction and testing with automatic modules (i.e. modules at lowest levels in the program structure). Because modules are integrated from the bottom-up, processing required for modules sub-ordinate to a given level is always available and the need for stubs is eliminated. Because of this advantage of Bottom-Up integration, we adopted this method integration testing is a systematic technique for constructing the program structure while conducting tests to uncover error associated with interfacing. The objective is to take unit tested modules and build a program structure that has been dictated by the design.
At this stage of integrating testing best results can be achieved if the incremental integration technique is adopted. In this process the program is constructed and tested in small fragments where errors are easy to be tested completely; and a systematic approach may be applied.
In the present Secure SMS Transaction, we used Black Box testing for finding errors in the following categories.
- Incorrect or missing functions.
- Interface errors.
- Errors in database access.
- Initialization and termination errors.
- Desired out put for given input.
- I/O error.
Acceptance Testing:
This focuses on the external behavior of the system . It is done with live data to see that the software works satisfactory.
Unit testing:
Unit testing focuses verification errors on the smallest unit of software design-the module. Using the procedural design description as a guide, important control paths are tested to uncover errors within the boundary of the module.
Every module interface is tested to ensure the information properly flows into and out of it.
The local data structure is examined to ensure that data stored temporarily maintains its integrity during all steps in algorithm’s execution.
Boundary conditions are tested to ensure that the module operates properly at boundaries established to limit or restrict processing.
All independent paths through the control structure are exercised to ensure that all statements in a module have been executed at least once.
All error-handling paths are tested properly.
Because a module is not a standalone program, stub software must be developed for each unit test. In our case this stub software is nothing more than a “Main Program” that accepts test data, passes such data to the module and prints the relevant results. Unit testing performs verification on the smallest unit of software design in the module. Using the procedural design description as a guide, important control paths are tested to uncover errors with in the boundary of the module scope established for unit testing. The unit testing is normally white box oriented and the step can be conducted in parallel for multiple modules.