Professional Documents
Culture Documents
E-IT-B-44)
banking activities at home,via internet. The automated delivery of new and traditional banking products and services directly to customers through electronic, interactive communication channels.
the bank. Transactions can be done by sitting at home. No need to stand in queue for various transactions.
the 1980's.
The online shopping promoted the use of credit cards
through Internet.
The first online banking service in United States was
THE USER INTERFACE IMPLEMENTED BY DYNAMIC HTML TIER 2: MIDDLE TIER:- THIS TIER PROVIDES ALL THE BUSINESS LOGIC AND WILL BE IMPLEMENTED USING JSP AND SERVLETS. TIER 3: DATA TIER:- THIS TIER IS ACTUALLY DATA ACCESS LAYER IMPLENTED USING MYSQL AND DB CONNECTIVITY.
STEP 1: LOGIN
user needs to login using customer_id and
password.
1. viewing account balances. 2. viewing recent transactions. 3. downloading bank statements, for example
6. Transfer of funds.
7. Change of address .
8. Bill payments.
9.Create or delete account.
products internationally
Increasing the customer
Security Risk
Increasing number of fraudulent bank websites For Eg. A suspicious bank
customers and banks. Proper encryption technology like md5 will be use to store the data in database. There will be two kinds of password 1. Login password 2. Transaction password
The input message is "padded" (extended) so that its length (in bits) equals to 448 mod 512. Padding is always performed, even if the length of the message is already 448 mod 512. Padding is performed as follows: a single "1" bit is appended to the message, and then "0" bits are appended so that the length in bits of the padded message becomes congruent to 448 mod 512. At least one bit and at most 512 bits are appended.
A 64-bit representation of the length of the message is appended to the result of step1. If the length of the message is greater than 2^64, only the low-order 64 bits will be used. The resulting message (after padding with bits and with b) has a length that is an exact multiple of 512 bits. The input message will have a length that is an exact multiple of 16 (32-bit) words.
A four-word buffer (A, B, C, D) is used to compute the message digest. Each of A, B, C, D is a 32-bit register. These registers are initialized to the following values in hexadecimal, low-order bytes first): word A: 01 23 45 67 word B: 89 ab cd ef word C: fe dc ba 98 word D: 76 54 32 10
Four functions will be defined such that each function takes an input of three 32-bit words and produces a 32-bit word output.
F (X, Y, Z) = XY or not (X) Z G (X, Y, Z) = XZ or Y not (Z) H (X, Y, Z) = X xor Y xor Z I (X, Y, Z) = Y xor (X or not (Z))
Round 1. [abcd k s i] denote the operation a = b + ((a + F (b, c, d) + X [k] + T [i]) <<< s). Do the following 16 operations.
[ABCD 0 7 1] [DABC 1 12 2] [CDAB 2 17 3] [BCDA 3 22 4] [ABCD 4 7 5] [DABC 5 12 6] [CDAB 6 17 7] [BCDA 7 22 8] [ABCD 8 7 9] [DABC 9 12 10] [CDAB 10 17 11] [BCDA 11 22 12] [ABCD 12 7 13] [DABC 13 12 14] [CDAB 14 17 15] [BCDA 15 22 16]
SSL Technique:
SSL session
an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections
SSL connection
a transient, peer-to-peer, communications link associated with 1 SSL session
confidentiality using symmetric encryption with a shared secret key defined by Handshake Protocol IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 message is compressed before encryption message integrity using a MAC (Message Authentication Code) created using a shared secret key and a short message
Record protocol a single message causes pending state to become current hence updating the cipher suite in use
severity
warning or fatal
specific alert
unexpected message, bad record mac, decompression failure,
handshake failure, illegal parameter close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown
allows server & client to: authenticate each other to negotiate encryption & MAC algorithms to negotiate cryptographic keys to be used comprises a series of messages in phases Establish Security Capabilities Server Authentication and Key Exchange Client Authentication and Key Exchange Finish
SOFTWARER REQUIREMENTS:
1.
2. 3.
HTML for designing the front end. JAVA/JAVASCRIPT for business logic. MY-SQL for database.
HARDWARE REQUIREMENTS:
Minimum processor-intel P4 or above. 2. RAM greater than 256 mB. 3. Minimum harddisk -80GB.
1.
aspects of MD5 for encryption and decryption over other algorithms, we would be implementing Md5,
To secure the connection between client and bank
server and bank and transaction server we would be implementing SSL protocol due to its superior characteristics.
Thank You