secure email transaction system

7/30/2019 Secure Email Transaction System

1/32


2/32

1.2.4 Java mail API 9

1.3 TOOL STUDY 10

1.3.1 Java 10

1.3.2 MS Access 15

2. SYSTEM ANALYSIS 16

3. SYSTEM REQUIREMENT 19

4. SYSTEM SPECIFICATION 20

5. SYSTEM DESIGN 21

5.1 MAJOR SYSTEM DESIGN ACTIVITY 21

5.1.1 Input design 21

5.1.2 Output design 22

5.1.3 Program design 23

5.2 LOGICAL DESIGN 23

6. SYSTEM DEVELOPMENT 24

7. SYSTEM IMPLEMENTATION 25

8. TESTING 26


3/32

9. SCREENSHOTS 28

10. MAINTENANCE 33

11. CONCLUSION 34

RESUME 35

REFERENCES 36

LIST OF TABLES

TablePag

e

1.1 User Information 2

Figure

1.1 Encryption-Decryption

8.1 Desktop Form

8.2 Encrypti on F orm

8.3 Decryption Form

8.4 Key Manager

8.5 Key Generation

8.6 Mailing Form

LIST OF FIGURES

Page 4

28

29

30

31

31

32


4/32

1.1PROJECT OBJECTIVE

Communication is the backbone of any enterprise. Communication, without exchange of data, is unimaginable. In

the context of communication between Enterprise level applications, the amount of data would be huge. So using

traditional approaches in Electronic Data Interchange wouldn't suffice.

SETS is an innovative email system that provides high-level protection for emails on the Internet. SETS users

have safe and secure email correspondence. Only the sender and recipient of SETS can access emails sent through

this service. The design goal was to develop a set of interfaces that would help in setting up an emailing

environment. But the interfaces were such that the data could be sent not only to mail server, but also to any server

capable of understanding mail protocols. That brought almost every J2EE server into the picture. Thus APIs

created for mail exchange provided a means to exchange huge amounts of data.

1.2 PROJECT OVERVIEW

SETS has been developed on the principles of public key cryptography, which uses a pair of asymmetric keys

(public and private) for encryption/decryption. The public key is freely distributed to all interested parties, and can

only be used to encrypt data. The private key is available to a mailbox owner only, and it is used to decrypt

messages.

If anyone from the user's correspondents wants to write a secure letter to that user, he will encrypt the letter using

the user's public key.

The public key will be stored in the database as shown below

Table1.1 User Information
http://www.devarticles.com/%23%23http://www.devarticles.com/%23%23


5/32

CHAPTER 1 INTRODUCTION

uname Uemail uPubKeyRachael Senator Senator [email protected] 4642132158413213132123133Jeff Stevens jeff steve @rediffmail.com 3217891208461131321431479Tracy Witney Tracy005 @yahoo.com 9513973589265624044056463

When the email is received, the user decrypts it using the private key. No one can decrypt the message without the

private key. It is not possible to ascertain the private key from the public key.

The JavaMail Application Programming Interface (API) provides a set of abstract classes defining objects that

comprise a mail system. The API defines classes like Message, Store and Transport. The API can be extended and

can be subclassed to provide new protocols and to add functionality when necessary. In addition, the API provides

concrete subclasses of the abstract classes. These subclasses, including MimeMessage and MimeBodyPart,

implement widely used Internet mail protocols.

The JavaMail API doesn't properly validate authenticated user message number attribute, allowing authenticated

users to view other's messages. This is a loophole in mail API's which is overcome in this project using high end

security measures. It makes use of the complex Rivest Shamir Adleman(RSA) encryption algorithm to provide a

default security level to the client with the use public and private key pair. This involves generation of public and

private key pairs and encrypting the message typed. This level of security would definitely give the hackers a hard

chase to even coming close to knowing the message content.

1.2.1 Crytography

Cryptography is the study of mathematical techniques related to aspects of information security such as

confidentiality, data integrity, entity authentication, and data origin authentication. It is the science of encoding and

decoding secret messages.

Cryptography is the science of translating messages into ciphers or codes. The protection of sensitive

communications has been the purpose of cryptography for most of history. The beginnings of cryptology can be

traced to the hieroglyphics of early Egyptian civilization (1900 B.C.). Ciphering has always been considered vital

for diplomatic and military secrecy. Recent successes in applying certain aspects of computer science and physics

to cryptology seem to be leading to more secure systems in which encryption is implemented with sophisticated

digital electronics.
mailto:[email protected]:[email protected]


6/32

Encryption is the process of taking any form of data (plaintext) message and scrambling it so that it becomes

unreadable to anyone, except the authorized receiver who has a key to decrypt it. Encryption produces a ciphertext

(coded message). The process of turning the ciphertext back into a plaintext is called decryption. Encryption and

decryption require the use of some secret information, called a key. Traditionally, Alice is the sender of the

information, Bob is the authorized receiver, and the eavesdropper is obviously name Eve. The basic problem of

distributing a key between Alice and Bob is to make a safe transfer despite eavesdropping attempts. A plaintext

message is encrypted using the key. Only a person with the same key can decrypt it back to the plaintext(Figure

1.1).

Cryptographic Goals

Of all the information security objectives the following four form a framework upon which the others will be

derived: (1) privacy or confidentiality ;(2) data integrity ; (3) authentication ; and (4) non-repudiation .

1.Confidentiality is a service used to keep the content of information from all but those authorized to have it.

Secrecy is a term synonymous with confidentiality and privacy.There are numerous approaches to providing

confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible.

2. Data integrity is a service which addresses the unauthorized alteration of data. To assure data integrity, one must

have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as

insertion, deletion, and substitution.

3. Authentication is a service related to identification. This function applies to both entities and information itself.

Two parties entering into a communication should identify

each other. Information delivered over a channel should be authenticated as to origin, date of origin, data content,

time sent, etc. For these reasons this aspect of cryptography is usually subdivided into two major classes: entity

authentication and data origin authentication. Data origin authentication implicitly provides data integrity (for if a

message is modified, the source has changed).

Fig 1.1 Encryption-Decryption


7/32


4. Non-repudiation is a service which prevents an entity from denying previous commitments

or actions. When disputes arise due to an entity denying that certain actions were taken, a

means to resolve the situation is necessary. For example, one entity may authorize the purchase

of property by another entity and later deny such authorization was granted. A procedure

involving a trusted third party is needed to resolve the dispute.

A fundamental goal of cryptography is to adequately address these four areas in both theory and practice.

Cryptography is about the prevention and detection of cheating and other malicious activities.

There are a number of basic cryptographic tools (primitives) used to provide information security. Examples of

primitives include encryption schemes , hash functions , and digital signature schemes which provides a schematic

listing of the primitives considered and how they relate.

These primitives should be evaluated with respect to various criteria such as:

1. Level of security. This is usually difficult to quantify. Often it is given in terms of the number of operations

required (using the best methods currently known) to defeat the intended objective. Typically the level of security is

defined by an upper bound on the amount of work necessary to defeat the objective. This is sometimes called the

work factor.

2. Functionality. Primitives will need to be combined to meet various information security objectives. The

primitives that are most effective for a given objective will be determined by the basic properties of the primitives.

3. Methods of operation. Primitives, when applied in various ways and with various inputs, will typically exhibit

different characteristics; thus, one primitive could provide very different functionality depending on its mode of

operation or usage.

4. Performance. This refers to the efficiency of a primitive in a particular mode of operation. (For example, an

encryption algorithm may be rated by the number of bits per second which it can encrypt.)

1.2.2 RSA Algorithm

The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in 1977. The basic

technique was first discovered in 1973 by Clifford Cocks of CESG (part of the British GCHQ) but this was a secret

until 1997.

The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the

difficulty of factoring large integers.

Key Generation Algorithm


8/32

1. Generate two large random primes, p and q, of approximately equal size such that their product n = pq is

of the required bit length, e.g. 1024 bits.

2. Compute n = pq and (9) phi = (p-1)(q-1).

3. Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1.

4. Compute the secret exponent d, 1 < d < phi, such that ed = 1 (mod phi).

5. The public key is (n, e) and the private key is (n, d). The values of p, q, and phi should also be kept secret.

n is known as the modulus.

e is known as the public exponent or encryption exponent.

d is known as the secret exponent or decryption exponent.

Encryption

Sender A does the following:-

1. Obtains the recipient B's public key (n, e).

2. Represents the plaintext message as a positive integer m.

3. Computes the ciphertext c = m e mod n.

4. Sends the ciphertext c to B.

Decryption

Recipient B does the following:-

1. Uses his private key (n, d) to compute m = cd

mod n.

2. Extracts the plaintext from the integer representative m.

Digital signing

Sender A does the following:-

1. Creates a message digest of the information to be sent.

2. Represents this digest as an integer m between 0 and n-1.

3. Uses her private key (n, d) to compute the signature s = md

mod n.4. Sends this signature s to the recipient, B.

Signature verification Recipient B does

the following:-

1. Uses sender A's public key (n, e) to compute integer v = s e mod n.

2. Extracts the message digest from this integer.


9/32


3. Independently computes the message digest of the information that has been signed.

If both message digests are identical, the signature is valid.

1.2.3 Basic Encryption Process

The basic process ensures that when the user feeds the message, the message is delivered to the other end using

proper security measures. This is where the RSA algorithm is used as a default security measure for each and every

mail being sent out to the other end. The RSA algorithm itself only encrypts numbers. All computer data is

ultimately just binary numbers, so the message could be broken into segments and RSA can be applied to each

segment.

Generation of keys

The RSA encryption and decryption makes use of key pairs. Two big random prime numbers are generated which

in turn calculates the variables used to produce the keys. The variables are used to generate the public and private

keys. The message typed by the user is encrypted by using the private key. When decrypted with the public key it

reproduces the original message. This process is secure, because the only way to decrypt and reproduce the original

text is by knowing the private key.

Choice of Key Size

The feature to select the key size is provided to the user for increasing the complexity of the message.

Sender's choice for Encryption

When the sender has to send a message to the receiver, he/she must be sure of the encryption levels required before

sending the message. This system provides the user to make the choice of generating digital certificates or digital

signature.

Digital Signatures and Certificates

With RSA, the encryption and decryption techniques are very similar. After typing in the message and selecting the

key size the user makes a choice of how he has to encrypt it. The cipher text produced is a digital signature. When

decrypted with the public key it reproduces the original message. This process is secure, because the only way to

decrypt a particular message (encrypted by the public key) is by applying the private key. After typing in the

message and selecting the key size, then the user makes the choice of how he has to encrypt it.


10/32

1.2.4 JavaMail API

Sending of Emails

The encrypted messages are send to the form where the mails are to be send and from this point JavaMail API takes

over. Whenever a particular mail is being sent, there are various protocols which are being used to deliver the mail.

Protocols are rules that define an exact format for communication between systems. In the case of sender mailing

systems, there are two main protocols:

> SMTP(Simple message transfer protocol)

Any email client, to transfer mail, contacts the SMTP server o f the organization that, in turn,

delivers the message to the recipient's SMTP server.

> MIME(Multiple Internet mail Extension)

MIME is about the attachment and type of content being delivered. Receiving an Email

The message is received by the receiver and is moved on to the decryption phase which shows the actual data to the

image. As the sender the receiver also has the particular protocols used in receiving the Email. The protocols are:

> POP3(Post office protocol-Version 3)

POP3 just ensures that each user has his or her own mailbox.

> IMAP(Internet Message access protocol)

While POP is for offline access of messages, IMAP is for online access.

1.3 TOOL STUDY

The tools that are used in our project are described in detail below 1.3.1 Java

Java was developed at Sun Microsystems. Work on Java initially began with the goal of creating a platform-

independent language and OS for consumer electronics. The original intent was to use C++, but as work progressed

in this direction, developers identified that creating their own language would serve them better.

Today Java is both a programming language and an environment for executing programs written in Java Language.

Unlike traditional compilers, which convert source code into machine level instructions, the Java compiler
http://www.devarticles.com/%23%23http://www.devarticles.com/%23%23


11/32


translates java source code into instructions that are interpreted by the runtime Java Virtual Machine. So unlike

languages like C and C++, on which Java is based, Java is an interpreted language.

Java is the first programming language designed from ground up with network programming in mind. The core API

for Java includes classes and interfaces that provide uniform access to a diverse set of network protocols.

Why Is Java Interesting?

In one of their early papers about the language, Sun described Java as follows: Java: A simple, object-oriented,

distributed, interpreted, robust, secure, architecture neutral, portable, high-performance, multithreaded, and dynamic

language.

Sun acknowledges that this is quite a string of buzzwords, but the fact is that, for the most part, they aptly describe

the language. In order to understand why Java is so interesting, let's take a look at the language features behind the

buzzwords.

Object-Oriented

Java is an object-oriented programming language. As a programmer, this means that you focus on the data in your

application and methods that manipulate that data, rather than thinking strictly in terms of procedures. In an object-

oriented system, a class is a collection of data and methods that operate on that data. Taken together, the data and

methods describe the state and behavior of an object. Classes are arranged in a hierarchy, so that a subclass can

inherit behavior from its superclass. Unlike C++, Java was designed to be object-oriented from the ground up. Most

things in Java are objects; the primitive numeric, character, and boolean types are the only exceptions. Strings are

represented by objects in Java, as are other important language constructs like threads. A class is the basic unit of

compilation and of execution in Java; all Java programs are classes.

Interpreted

Java is an interpreted language: the Java compiler generates byte-codes for the Java Virtual Machine (JVM), rather

than native machine code. To actually run a Java program, you use the Java interpreter to execute the compiled

byte-codes. Because Java byte-codes are platform-independent, Java programs can run on any platform that the

JVM (the interpreter and run-time system) has been ported to.

Architecture Neutral and Portable


12/32


13/32


Java is an interpreted language, so it is never going to be as fast as a compiled language like C. Furthermore, the

speed-critical sections of the Java run-time environment, that do things like string concatenation and comparison,

are implemented with efficient native code. As a further performance boost, many Java interpreters now include

"just in time" compilers that can translate Java byte-codes into machine code for a particular CPU at run-time.. The

performance of Java's interpreted byte-codes is much better than the high-level scripting languages (even Perl), but

it still offers the simplicity and portability of those languages.

Multithreaded

Java is a multithreaded language; it provides support for multiple threads of execution (sometimes called

lightweight processes) that can handle different tasks. An important benefit of multithreading is that it improves the

interactive performance of graphical applications for the user. Java makes programming with threads much easier,

by providing built-in language support for threads

Java Runtime Environment

The runtime environment used to execute the code. It is made up of the java language and java virtual machine. It is

portable and it is platform neutral.

Java tools

It is used by the developers to create java code. They include java compiler, java interpreter, classes, libraries and

applet viewer.

Java Application

Applications are programs written in java to carry out certain tasks on stand alone local computer. Execution of a

stand alone program involves two steps.

Compiling the source code into byte code using javac.

Executing byte code program using j ava interpreter.Java Applets

Java applets are pieces of java code that are embedded in HTML document using the applet tag. When the browser

encounters such code it automatically download it and execute it.


14/32


15/32

CHAPTER

15SYSTEM ANALYSIS

System analysis is the process of identification of the objectives and requirements, evaluation of alternative

solutions and recommendation for a more feasible solution. In other words, system analysis is the step-by-step

process of gathering, recording and interpreting facts. It is the reduction of an entire system by studying the

various operations. It includes studying the problems encountered in the present system and introducing a new

computer system into an organization. The main aim of analysis is to determine problem areas and decide on

solutions to reduce or eliminate them.

System analysis itself breaks into two stages. Preliminary and Detailed. During preliminary analysis the analyst

list the objectives of the proposed system. These findings come together in the preliminary report. Once the

preliminary report is approved, the system analysis phase advances into a second stage. During detailed analysis

required data and information are collected and a detailed study is made.

During analysis, data are collected on the available files, decision points, and transactions of the system using

various tools like data flow diagram.

Feasibility Study

In any project, feasibility analysis is a very important stage. Feasibility study is system proposal according to its

workability, impact on the operation, ability to meet user needs and efficient use of resources. Any project may

face scarcity in resources, time or workforce. An important outcome of the preliminary investigation is the

determination whether the system requested is feasible or not. The key considerations involved in the feasibility

analysis are technical, operational, and economic.


16/32

Technical Feasibility

Technical feasibility is the most important of all types of feasibility analysis. Technical feasibility deals with

hardware as well as software requirements. An idea from the outline design to system requirements in terms of

inputs outputs, files and procedures is drawn and the type of hardware, software, and the methods required for

running the systems are analyzed. Keeping in mind of the above considerations, the resource availability at this

company was observed. It was found that the company has the sufficient resources to develop the current project;

hence the system is technically feasible.

Economic Feasibility

Economic analysis is the most frequently used method for evaluating the effectiveness of the software, more

commonly known as the cost /benefit analysis. The procedure is to determine the benefits and savings that are

expected from a candidate system and compare them with costs. If the benefits outweigh cost, the decision is

made to design and implement the system; otherwise further alternatives have to be made. Here it is seen that no

new hardware or software is needed for the development of the system. Hence the project is economically feasible

for development in this company.

Schedule Feasibility

Schedule feasibility is concerned with the completion of the project development within the fixed time span. It is

an important factor as it can affect other factors like machine availability, tools, cost development and delay in the

development of other systems. Besides these, this project is assigned to the student as an academic exercise to be

completed within a fixed period of time.

Operational Feasibility

The purpose of the operational feasibility study is to determine whether the new system would be used if it is

developed and implemented? Will there be resistance from users that will undermine the possible application

benefits? From the outputs of the meeting that was held with the system users, it was found that all of them

support the development of new system. The positive response from them encouraged in building such a system.


17/32

CHAPTER 17

SYSTEM REQUIREMENT

After analyzing the requirements for our project we had come to the conclusion that our project users require the

following requirements.

Sender's Requirement

> Needs a more user friendly interface.

> More and more security.

> Security feature which are controlled by the user.

> Complexity of the security.

> The account bound with a separate username and password for every user.

> Needs an algorithm which can achieve integrity and authentication.

Receiver's Requirement

> Access to the POP3 server of the mail server from where the mails are going to be extracted.

> Needs a friendlier interface.

> Needs a security feature which could make the cryptanalysis more secure.

The hardware and software requirements for the development phase of our project are: Software Requirements :

Tool Used : NetBeans 5.5

Front end : Java, J2EE.

Back end : MS Access

Hardware Requirements :

Processor RAM Capacity Hard Disk Space

Mouse Keyboard Monitor

Floppy Disk Drive

: Pentium IV : 256 MB

: 40 GB

: MS Compatible :

Standard 104 Keys

: Standard 15"

: 1.44 MB


18/32

CHAPTER

18SYSTEM DESIGN

The most creative and challenging phase of the system life cycle is system design. The term design describes a

final system and the process by which it is developed. It refers to the technical specification that will be applied in

implementing the candidate system. It also include the construction of programs and program testing. The

question involved here is "How the problem is solved".

System design is a transition from the user-oriented document to the document-oriented program or database

personnel. It emphasizes translating performance specification into the design specification and it involves

conceiving and planning and then carrying out the plan for generating the necessary reports and outputs. Design

phase acts as the bridge between the software requirements specifications and implementation phase , which

satisfies the requirements

5.1 MAJOR SYSTEM DESIGN ACTIVITIES 5.1.1 Input

Design:

Input design is a process of converting user-oriented input to computer based format. It also includes determining

the record media ,method of input, speed of capture and entry into the system. Input design consist of developing

specification and procedures for data procedure for data preparations, those necessary steps into put transaction

data into usable form of processing, data entry and activity of putting the data into computer for processing. Five

objectives guiding the design are input focus on controlling the amount of input required, avoiding delay,

controlling error and keeping the steps simple. The following are decided by the system analyst during design

phase:

The data to input

The details of how data should be arranged or coded


19/32


20/32

Logical design describes the format of inputs, outputs, and procedures that meets the user requirements.

The design covers the following: o Reviews the

current physical system. o Prepares the output

specification. o Prepares the Input specifications. o

Prepares control specifications.

System development is a series of operations performed to manipulate data to produce output from a computer

system. This is highly dependent on the programming language used. The principle activities during the

development phase can be divided into two major related sequences :

1. External system development

2. Internal system development

The major external system development activities are :

1. Implementation

2. Planning

3. Equipment acquisition

4. Installation

The major internal system development activities are :

1. Computer program development

2. Performance testing

The implementation stage is the next step towards the problem solution. Here the details like which coding

language is used is decided and the coding is done in the specified language.

The implementation is the practical job of putting a theoretical design in the practice. It may involve the complete

implementation of a computer complex or the introduction of one small subsystem.

The implementation phase of a project covers the period from the acceptance of the test design to its satisfactory

operation support by the appropriate user and operations manual. It is a major operation across the whole

organizational structure and requires a great deal of planning. Planning for implementation must begin from the

initial conception of the project. It requires a thorough knowledge of the new system, its personal needs, hardware

and software requirements, file and procedure conversion activities, etc. Only the analyst is responsible for

creating the new system will possess this knowledge. He can plan, schedule and co- ordinate but has no executive

powers.


21/32

CHAPTER 21

TESTING

System testing is the stage of implementation, which is aimed at ensuring that the system works accurately and

efficiently before live operation commences. Testing is vital to the success of the system. An elaborate testing of

data is prepared and the system is tested using this test data. While testing errors are noted and corrections are

made. The users are trained to operate the developed system. Both hardware and software securities are made to

run the developed system successfully in future. Testing steps:

Unit Testing

Integration Testing

Validation Testing

Output Testing

User Acceptance Testing

Unit Testing

Unit testing focuses verification efforts on the smallest unit of software design, the module. This is also known as

"Module Testing". The modules are tested separately. This testing is carried out during programming stage itself.

In these testing steps each Module is found to be working satisfactorily as regard to the expected output from the

module.

Integration Testing

Integration testing is a systematic technique for constructing tests to uncover errors associated within the

interface. In this project, all the modules combined, and then entire Program is tested as a whole. Thus in the

integration testing step, all the errors uncovered are corrected for the next testing steps.


22/32

Validation Testing

Validation testing is where requirements established as a part of software requirement analysis is validated against

the software that has been constructed. This test provides the final assurance that the software meets all functional,

behavioral and performance requirements .The errors, which are uncovered during integration testing, are

corrected during this phase.

Output Testing

After performing the validation testing, the next step is output testing of the proposed system since no system

could be useful if it does not produce the required output in the specific format. The output generated or displayed

by the system under consideration is tested asking the users about the format required by them. Here, the output is

considered into two ways: one is on the screen and the other is printed format. The output format on the screen is

found to be correct as the format designed according to the user needs .For the hard copy also, the output comes

out as specified by the user. Hence output testing doesn't result in any connection in the system.

User Acceptance Testing

User acceptance of a system is the key factor for the success of any system. The system under consideration is

tested for user acceptance by constantly keeping in touch with the prospective system users at time of

development. The testing of the software began along with coding. Since the design was fully object -oriented, first

the interfaces were developed and tested. Then unit testing was done for every module in the software for various

inputs, such that each line of code is at least once executed After all modules were coded the integration test were

carried out. Some minor errors were found in the output at the earlier stage and each of them was corrected. In the

implementation of user interface part no major errors were found. After the software was completely developed,

the testing was done.

SCREEN SHOTS

The form below will be displayed after a successful login.


23/32

CHAPTER 9

Fig 8.1 Desktop Form

The form below is to encrypt the message. We entered a message in the first text area shown in the form. Next the

keys are generated by clicking the Generate Key button and after that enter the password and click the Encrypt

button. The encrypted message will be displayed on the second text area

Fig 8.2 Encryption Form


24/32


25/32

This form is to decrypt the message. The encrypted message from the Encryption Form is entered into the first

text area and then the private key is entered and Generate button is pressed. After that the password is entered and

Decrypt button is pressed. If all are correct the original message ie the encrypted message is displayed in the

second text area.

Fig 8.3 Decryption Form


26/32

This form is to generate keys. First users key information is generated and click the either the Save button for

saving the details or click the Save & Mail for sending it to another person


27/32


28/32

This form is to mail a message. First , using the File option the user has to login to his gmail account. Then the

receiver's id ,subject,message and other informations are entered. Then check the Encrypt check box and click the

SEND MAIL button to send the mail.

Fig 8.6 Mailing Form


29/32

CHAPTER 10

MAINTENANCE

Development is a single activity. Maintenance is a continuous activity. Maintenance involves activities

like inspections, corrections and enhancement. Once the system is delivered and deployed, it enters the

maintenance phase. The system need to be maintained not because of some of its components wear out and need

to be replaced, but because there are some residual errors remaining in the system that must be removed as they

are discovered. This includes activities related to debugging the software after it goes live, changes required to

address evolving software and enhancement to meet changing customer requirements. So maintenance phase

involves :

Understanding the effects of change.

Testing the new parts.

Retesting the old parts that were not changed

Making changes-to both the code and the documents.

These changes have to be signed by the user before the change can be carried out. Since requirement change

request involves cost, user will be cautious while requesting the software changes. The software will require

continued support. The system maintenance means the maintenance activities after and during the system

development processes. This include activities related to debugging the software after it goes live, changes

acquired to meet change in users requirement.

Three types of maintenance are :

Corrective maintenance.

Adaptive maintenance.

Perfective maintenance.

Maintenance phase identifies if there are any changes required in the current system. If the changes are identified,then an analysis is made to identify if the changes are really required. Cost benefit analysis is a way to find out if

the change is really essential

In the last few years , there has been a sudden growth in the usage of email applications all over the world. New

email applications like Gmail, Yahoo Mail etc. have revolutionized the way we perceive and interact with an

email application. It has forced and challenged other popular email applications to improve its services and

thereby seize a substantial number of users to use their technology.


30/32


31/32

RESUME

We plan to introduce steganography as the second layer in the security feature for the dual layer security model.

The encrypted text is then encoded into the image and is send to the appropriate address location.

We also have plans to include enhancements which would further enhance this email application as a full fledged

complete email application which would include more user defined features.


32/32
http://www.rsasecurity.com/http://www.google.com/

secure email transaction system

Documents