Speeding up Secure Web Transactions using Identity Based Cryptography - INTRODUCTION AND SOURCE CODE
CHAPTER-1
Introduction
With
the increasing popularity of Web 2.0 applications like Google Gmail and Google
Docs, people are moving their private data and communication information from their local storage to the online application
providers. These online applications offer reliable storages and ease to access
services. With the AJAX
techniques these applications only rely on browsers with common features
including HTML, JavaScript and CSS, without the need of installing any browser
plugins or software. These applications make the exchange, management and
access of data much simpler than previous desktop applications. While acquiring
ease of use services, users will have to give the control of their data privacy
to the application providers. Although application providers announce that these private data will not be abused and
will be automatically handled without the involvement of administrators, these
applications did not provide any mechanisms to guarantee this promise. Users have to trust the providers
to be reliable and honest, and will “do no evil”. But some providers have “done
evil”. One famous example is Yahoo providing user information in its email
system to government that helped land a journalist in prison for 10 years . And
the leakage of private information will bring greater harm to enterprise users.
Some providers like Google and Yahoo also provide services such as Google Apps
for enterprise users to take the place of their own email servers and
applications. The misuse of provider’s privilege will bring huge losses for
their customers
1.1 Abstracts
Secure
communication is an intrinsic requirement of today’s world of on-line
transactions. Whether exchanging financial, business or personal information,
people want to know with whom they are communicating (authentication) and they
wish to ensure that the information is neither modified (data integrity) nor
disclosed (confidentiality) in transit. The growing popularity of web
applications in the last few years has led users to give the management of
their data to online application providers, which will endanger the security
and privacy of the users.
In
this project, we present WebIBC, which integrates public key cryptography into
web applications without any browser plugins. The implementation and
performance evaluation demonstrate that WebIBC is secure and efficient both in
theory and practice.
1.2 Scope:
Web
Application (here web-email) enhanced with web Identity Based Cryptography have
the following features:
·
When sending email using IBC there is no need
for an online lookup to obtain the recipient’s certificate.
·
Senders can send email that can only read at
some specified time in the future, since public key contains expiration date.
Public key certificates contain
a preset expiration date. In an IBE system key expiration can be done by having
user1 e-mail sent user2 using the public key:
In doing so user2 can use his
private key during the current year only. Once a year user2 needs to obtain a
new private key from the PKG. also provide services such as Google Apps for
enterprise users to take the place of their own email serves and applications.
The misuse of provider’s privilege will bring huge losses for their customers.
CHAPTER-2
ORGANIZATION PROFILE
In this world of increasing globalization, Stupors moves
forward to meet the challenges of the future through the development of R &
D projects in various domains. R & D project sector attracts the most
prominent thinkers and practitioners in a range of fields that impinge on development.
The global presence and reach attained by Stupors are not only substantiated by
its presence, but also in terms of the training students in R & D project
development.
Over the decade, Stupors,
a Subsidiary of Spiro Technologies & consultant Pvt. Ltd provides a
wide range of R & D project development training. Our uniqueness lies in
the exclusive R & D project development. Accordingly, we created a
setting that is enabling, dynamic and inspiring for the increase of solutions to
global problems by R & D project development. Developing appropriate,
responsible, innovative and practical solutions to students, by assisting in R
& D project development. All our research is stranded in the need to
provide an industry based training for students.
CHAPTER-3
SYSTEM ANALYSIS
3.1 Existing System:
- In existing system, security is achieved through certificate management and certificate authority by using traditional Public Key Cryptography.
- The public key authentication will increase the communication cost and storage capacity.
3.2
Proposed System:
- Enhancing web application with web Identity Based Cryptography and Private Key Generator (Trusted Authority)
- Every user needs to authenticate him to authority by providing some credentials he has owned the identity, and the authority will extract the private key from the master secret according to user’s identity.
- The public and private key pair is generated using Elliptic Curve Cryptography (ECC)
- It should be noticed that all the cryptography operations are all done within the browser, and the server can only receive the cipher text. The security and privacy of end users can be protected from attacks both on network and server side. From another point of view, server is also free from the burden of cryptography operations which means WebIBC is a good model for distributed computation based on web browsers.
3.3 System Requirements:
Hardware:
PROCESSOR
|
:
|
PENTIUM IV 2.6 GHz
|
RAM
|
:
|
512 MB DD RAM
|
MONITOR
|
:
|
15” COLOR
|
HARD DISK
|
:
|
20 GB
|
CDDRIVE
|
:
|
LG 52X
|
KEYBOARD
|
:
|
STANDARD 102 KEYS
|
MOUSE
|
:
|
3 BUTTONS
|
Software:
FRONT END
|
:
|
J2ee (JSP)
|
TOOL USED
|
:
|
Dreamweaver
|
OPERATING
SYSTEM
|
:
|
Window’s Xp
|
BACK END
|
:
|
Sql Server
2000
|
3.4 System Architecture
A system architecture or systems architecture is the
conceptual design that defines the structure and/or behavior of a system.
An architecture
description is a formal description of a system, organized in a way that
supports reasoning about the structural properties of the system. It defines
the system components or building blocks and provides a plan from which
products can be procured, and systems developed, that will work together to
implement the overall system. This may enable one to manage investment in a way
that meets business needs.
CHAPTER-4
TEST PLAN
A test
plan is a systematic approach to testing a system such as a machine
or software.
The plan typically contains a detailed understanding of what the eventual workflow
will be.
A test plan documents the strategy that
will be used to verify and ensure that a hardware product or system meets its
design specifications and other requirements. A test plan is usually prepared
by or with significant input from Test
Engineers.
Depending on the product and the
responsibility of the organization to which the test plan applies, a test plan
may include one or more of the following:
- Design
Verification or Compliance test - to be performed during the development or approval stages of the
product, typically on a small sample of units.
- Manufacturing or
Production test - to be
performed during preparation or assembly of the product in an ongoing
manner for purposes of performance verification and quality control.
- Acceptance or
Commissioning test - to
be performed at the time of delivery or installation of the product.
- Service and Repair
test - to be performed
as required over the service life of the product.
A complex system may have a high level test plan to
address the overall requirements and supporting test plans to address the
design details of subsystems and components.
Test plan document formats can be as varied as the
products and organizations to which they apply, but there are three major
elements of a test strategy that should be described in the test plan: Test
Coverage, Test Methods, and Test Responsibilities.
Test coverage in the test plan states what requirements
will be verified during what stages of the product life. Test Coverage is
derived from design specifications and other requirements, such as safety
standards or regulatory codes, where each requirement or specification of the
design ideally will have one or more corresponding means of verification. Test coverage
for different product life stages may overlap, but will not necessarily be
exactly the same for all stages. For example, some requirements may be verified
during Design Verification test, but not repeated during Acceptance test. Test
coverage also feeds back into the design process, since the product may have to
be designed to allow test access
Test methods in the test plan state how test coverage
will be implemented. Test methods may be determined by standards, regulatory
agencies, or contractual agreement, or may have to be created new. Test methods
also specify test equipment to be used in the performance of the tests and
establish pass/fail criteria. Test methods used to verify hardware design
requirements can range from very simple steps, such as visual inspection, to
elaborate test procedures that are documented separately as Test Cases under
various Test Scenarios.
Test responsibilities include what organizations will
perform the test methods and at each stage of the product life. This allows
test organizations to plan, acquire or develop test equipment and other
resources necessary to implement the test methods for which they are
responsible. Test responsibilities also includes, what data will be collected,
and how that data will be stored and reported (often referred to as
"deliverables"). One outcome of a successful test plan should be a
record or report of the verification of all design specifications and
requirements as agreed upon by all parties.
4.1 Test Coverage of Code:
Code
coverage is a measure used in software
testing. It describes the degree to which the source code
of a program has been tested. It is a form of
testing that inspects the code directly and is therefore a form of white box
testing. Currently, the use of code coverage is extended to the
field of digital hardware, the contemporary design methodology of which relies
on Hardware description languages
(HDLs).
Code coverage techniques were
amongst the first techniques invented for systematic software testing. The
first published reference was by Miller and Maloney in Communications of the ACM in 1963.
To measure how well the program is
exercised by a test suite, one or more coverage criteria are used. There are a number of coverage
criteria, the main ones being:
- Function coverage - Has each function in the program been executed?
- Statement coverage - Has each line of the source code been executed?
- Decision coverage (also known as Branch coverage) - Has each control structure (such as an if statement) evaluated both to true and false?
- Condition coverage - Has each Boolean sub-expression evaluated both to true and false (this does not necessarily imply decision coverage)?
- Path coverage - Has every possible route through a given part of the code been executed?
- Entry/exit coverage - Has every possible call and return of the function been executed?
Safety-critical
applications are often required to demonstrate that testing achieves 100% of
some form of code coverage. Some of the coverage criteria above are connected.
For instance, path coverage implies decision, statement and entry/exit
coverage. Decision coverage implies statement coverage, because every statement
is part of a branch.
Full path coverage, of the type
described above, is usually impractical or impossible. Any module with a
succession of n
decisions in it can have up to 2n paths within it; loop
constructs can result in an infinite number of paths. Many paths may also be
infeasible, in that there is no input to the program under test that can cause
that particular path to be executed. However, a general-purpose algorithm for
identifying infeasible paths has been proven to be impossible [citation needed] (such an algorithm
could be used to solve the halting
problem). Techniques for practical path coverage testing instead
attempt to identify classes of code paths that differ only in the number of
loop executions, and to achieve "basis path" coverage the tester must
cover all the path classes.
The target software is built with special options or
libraries and/or run under a special environment such that every function that
is exercised (executed) in the program(s) is mapped back to the function points
in the source code. This process allows developers and quality assurance
personnel to look for parts of a system that are rarely or never accessed under
normal conditions (error handling and the like) and helps reassure test
engineers that the most important conditions (function points) have been
tested. The resulting output is then analyzed to see what areas of code have
not been exercised and the tests are updated to include these areas as
necessary. Combined with other code coverage methods, the aim is to develop a
rigorous, yet manageable, set of regression tests.
Test engineers can look at code coverage test results to help
them devise test cases and input or configuration sets that will increase the
code coverage over vital functions. Two common forms of code coverage used by
testers are statement (or line) coverage and path (or edge) coverage. Line
coverage reports on the execution footprint of testing in terms of which lines
of code were executed to complete the test. Edge coverage reports which
branches or code decision points were executed to complete the test. They both
report a coverage metric, measured as a percentage. The meaning of this depends
on what form(s) of code coverage have been used, as 67% path coverage is more
comprehensive than 67% statement coverage.
Generally, code coverage tools and libraries exact a performance and/or memory or
other resource cost which is unacceptable to normal operations of the software.
Thus, they are only used in the lab. As one might expect, there are classes of
software that cannot be feasibly subjected to these coverage tests, though a
degree of coverage mapping can be approximated through analysis rather than
direct testing.
There are also some sorts of defects which are affected by
such tools. In particular, some race
conditions or similar real time sensitive operations can be masked
when run under code coverage environments; and conversely, some of these
defects may become easier to find as a result of the additional overhead of the
testing code.
Code coverage may be regarded as a more up-to-date
incarnation of debugging in that the automated tools used to achieve statement
and path coverage are often referred to as “debugging utilities”. These tools
allow the program code under test to be observed on screen whilst the program
is executing; additionally, commands and keyboard function keys are available
to allow the code to be “stepped” through literally line by line.
Alternatively, it is possible to define pinpointed lines of code as
“breakpoints” which will allow a large section of the code to be executed, then
stopping at that point and displaying that part of the program on screen.
Judging where to put breakpoints is based on a reasonable understanding of the
program indicating that a particular defect is thought to exist around that
point. The data values held in program variables can also be examined and, in
some instances, altered (with care) to try out “what if” scenarios. Clearly,
use of a debugging tool is more the domain of the software engineer at a unit
test level and it is more likely that the software tester will ask the software
engineer to perform this [citation needed]. However, it is
useful for the tester to understand the concept of a debugging tool.
4.2 Test Management:
Test management is the
activity of managing some tests. A test management tool is a Software
used by Quality Assurance team to manage the tests
(automatic or not) that have been previously specified. It is often associated
with an Automation
software. Test Management Tools often include Requirements
and/or Specifications management modules that allow to
automatically generate the RTM (Requirement Test Matrix) which is one of the
main metric to know the functional coverage of the SUT (System Under
Test). This consists in checking how many requirements and/or
specifications are covered by the available tests (do not mix with code coverage which is a totally
different concept).
Test definition includes:
test plan,
association with product Requirements and Specifications.
Eventually, some relationship can be set between tests so that precedences can
be established. i.e. if test A is parent of test B and if test A is failing,
then it may be useless to perform test B. Tests should also be associated with
priorities. Every change on a test must be versioned so that the QA team has a
comprehensive view of the history of the test.
4.3 Testing
Tools:
1.
Testing is a process of executing
a program with the intent of finding an error.
2.
A good test case is one that has a
high probability of finding an as yet undiscovered error.
3.
A successful test is one that
uncovers an as yet undiscovered error.
Testing should
systematically uncover different classes of errors in a minimum amount of time
and with a minimum amount of effort. A secondary benefit of testing is that it
demonstrates that the software appears to be working as stated in the
specifications. The data collected through testing can also provide an
indication of the software's reliability and quality. But, testing cannot show
the absence of defect -- it can only show that software defects are present.
Database testing
·
Use
Integration testing
·
MbUnit,
NUnit, XUnit Rollback attributes
·
Transaction
Scope
Web Testing
·
Ivonna
and Typemock
·
Team
System Web Test
·
NUnitASP
·
Watin
·
Watir
·
Selenium
UI Testing
·
NunitForms
·
Project
White
·
Team
System UI Tests
·
Typemock
Isolator
·
Threading
Related Testing
·
Microsoft
Chess
·
Typemock
Racer
·
Osherove.ThreadTester
·
General
Testing
·
Pex
Acceptance Testing
·
Fit
& Fitnesse
·
Watin
and Watir and selenium
CHAPTER-5
ELLIPTIC CURVE CRYPTOGRAPHY
Elliptic Curve Cryptography (ECC) is emerging as an attractive
alternative to traditional public-key cryptosystems (RSA, DSA, DH). ECC offers
equivalent security with smaller key sizes resulting in faster computations,
lower power consumption, as well as memory and bandwidth savings. While these
characteristics make ECC especially appealing for mobile devices, they can also
alleviate the computational burden on secure web servers. This article studies
the performance impact of using ECC with SSL, the dominant Internet security
protocol. We created an ECC-enhanced version of OpenSSL and used it to
benchmark the Apache web server. Our results show that, under realistic
workloads, an Apache web server can handle 13%–31% more HTTPS requests per
second when using ECC-160 rather than RSA-1024 reflecting short-term security
levels. At security levels necessary to protect data beyond 2010, the use of
ECC-224 over RSA-2048 improves server performance by 120%–279%.
5.1 Introduction:
Secure
communication is an intrinsic requirement of today’s world of on-line
transactions. Whether exchanging financial, business or personal information,
people want to know with whom they are communicating (authentication) and they
wish to ensure that the information is neither modified (data integrity) nor
disclosed (confidentiality) in transit.
The
Secure Sockets Layer (SSL) protocol is the most popular choice for achieving
these goals. The SSL protocol is application independent – conceptually, any
application that runs over TCP can also run over SSL. This is an important
reason why its deployment has outpaced that of other security protocols such as
SSH, S/MIME and SET. There are many examples of application protocols like
TELNET, FTP, IMAP and LDAP running transparently over SSL.
However,
the most common usage of SSL is for securing HTTP the main protocol of the
World Wide Web.2 Between its conception at Netscape in the mid-1990s, through
its standardization within the IETF (Internet Engineering Task Force) in the
late-1990s, the protocol and its implementations have been scrutinized by some
of the world’s foremost security experts Today, SSL is trusted to secure
transactions for sensitive applications ranging from web banking, to stock
trading, to e-commerce.
Unfortunately, the use of SSL
imposes a significant performance penalty on web servers. Coarfa et al. have
reported secure web servers running 3.4 to 9 times slower compared to regular
web servers on the same hardware platform. Slow response time is a major cause
of frustration for on-line shoppers and often leads them to abandon their
electronic shopping carts during check out. According to one estimate, the
potential revenue loss from e-commerce transactions aborted due toWeb
performance issues exceeds several billion dollars annually In its most common
usage, SSL utilizes RSA encryption to transmit a randomly chosen secret that is
used to derive keys for data encryption and authentication. The RSA decryption
operation is the most compute intensive part of an SSL transaction for a secure
web server. Several vendors such as Broadcom, nCipher, Rainbow and Sun now
offer specialized hardware to offload RSA computations and improve server
performance.
8.2
Integration Testing
BIBLIOGRAPHY
CHAPTER-8
SYSTEM TESTING
The
purpose of testing is to discover errors. Testing is the process of trying to
discover every conceivable fault or weakness in a work product. It provides a
way to check the functionality of components, sub assemblies, assemblies and/or
a finished product it is the process of exercising software with the intent of
ensuring that the Software system meets its requirements and user expectations
and does not fail in an unacceptable manner. There are various types of test.
Each test type addresses a specific testing requirement.
8.1 Unit Testing
Unit
testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program input produces valid
outputs. All decision branches and internal code flow should be validated. It
is the testing of individual software units of the application .it is done
after the completion of an individual unit before integration. This is a
structural testing, that relies on knowledge of its construction and is
invasive. Unit tests perform basic tests at component level and test a specific
business process, application, and/or system configuration. Unit tests ensure
that each unique path of a business process performs accurately to the
documented specifications and contains clearly defined inputs and expected
results.
8.2
Integration Testing
Integration tests are designed to
test integrated software components to determine if they actually run as one program.
Testing is event driven and is more concerned with the basic outcome of screens
or fields. Integration tests demonstrate that although the components were
individually satisfaction, as shown by successfully unit testing, the
combination of components aimed at exposing the problems that arise from the
combination of components.
8.3 Acceptance Testing
User Acceptance Testing is a
critical phase of any project and requires significant participation by the end
user. It also ensures that the system meets the functional requirements.
CHAPTER-9
IMPLEMENTATION
9.1 Implementation
Implementation is the stage of the
project where the theoretical design is turned in to a working system. At this
stage the main work load, the greatest upheaval and the major impact on the
existing system shifts to the user department if the implementation is not
carefully planned and controlled I can cause chaos and confusion.
Implementation
includes all those activities that takes place to convert from the older system
to new one. The new system may be totally new, replacing an existing manual or
automated system or it may be a major modification to an existing system.
Proper implementation requirements. Successful implementation may not guarantee
improvement in the organization using the new system, but improper installation
will prevent it.
The
process of putting the developed system in actual is called system
implementation. This includes all those activities that takes place to convert
from the older system to the new system; the system can be implemented only
after through resting is done and if it is found to be working according to the
specification.
The implementation stage involve following
task
1.
Careful planning
2.
Investigation of system and constraints.
3.
Design of methods to achieve the change over phase.
4.
Evaluation of change over method.
Implementation Procedures
Implementation of software refers to
the final installation of the packeges in its real environment, to the
satisfaction of the intended users and the operation of the system.
In many organization some on who
will not be sure be operating it, will commission the software development
project. The people who are not sure that the software is meant to make their
job easier. In the initial stage, they doubt about the software but we have to
ensure that the resistance does not build up as one has to make that
1.
The active user be aware of the benefits of using the
system.
2.
Their confidence in the software is built up.
Proper guidance is imparted to the
user so that he is comfortable using the application.
9.2 IBC Modules:
Ø
Authentication module
Ø
Encryption Module
Ø
KEY Server
Ø
Decryption Module
Modules Descriptions:
Module1: Authentication module
This module will perform the
authentication process. Every user must register to the E-Mail server as well
as Key-Server. The E-Mail server will issue the Login Details and the
key-Server will generate the public and private key for each and every user.
Thus it allows only authorized users to access our E-Mail server.
Module 2: Encryption Module
This module is useful in achieving
the security for our whole system by encrypting the E-Mail with DESede
algorithm before sending the mail to the E-Mail server. Thus server will
receive only the cipher text , because the E-mail message is encrypted in the
client browser itself.
Module 3: KEY Server
The Key-Server module will generate
the Private Key for each and every user and it will issue the private key to
the users those who want to read the mail. Before issuing the private key to
the user it will verify the user weather he is an authorized user or not.
Module 4: Decryption Module
The decryption module will decrypt
the Received mail by using the downloaded private key from key-Server. After
decrypting the mail the user can able to read that mail, unless he can’t read
the Mail.
CHAPTER-10
SOURCE CODE
ACTION.jsp
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xml:lang="cs" lang="cs">
<head>
<meta http-equiv="content-type"
content="text/html; charset=utf-8" />
<meta
http-equiv="content-language" content="cs" />
<meta name="robots"
content="all,follow" />
<meta name="author" content="All: ... [Nazev webu - www.url.cz]; e-mail:
info@url.cz" />
<meta name="copyright"
content="Design/Code: Vit Dlouhy [Nuvio - www.nuvio.cz]; e-mail:
vit.dlouhy@nuvio.cz" />
<title>CrystalX</title>
<meta name="description"
content="..." />
<meta name="keywords" content="..."
/>
<link rel="index" href="./"
title="Home" />
<link rel="stylesheet"
media="screen,projection" type="text/css"
href="./css/main.css" />
<link rel="stylesheet" media="print"
type="text/css" href="./css/print.css" />
<link rel="stylesheet" media="aural"
type="text/css" href="./css/aural.css" />
<style type="text/css">
<!--
.style1 {font-family: Georgia , "Times New
Roman", Times, serif}
-->
</style>
</head>
<body id=”www-url-cz”>
<!—Main-->
<div id=”main class =”box”>
<!—Header-->
<div id=”header”>
<script type="text/javascript">
function validate()
{
if(document.getElementById("name").value=="")
{
alert("Enter Username");
return false
}
if(document.getElementById("pass").value=="")
{
alert("Enter password");
return false
}
return true
}
</script>
</head>
<body id="www-url-cz">
<!-- Main -->
<div id="main" class="box">
<!-- Header -->
<div id="header">
<!--Logotyp -->
<h1
id="logo"><strong>IBC</strong></h1><br
/><br /><br />
<br />
<font size="1"> For
Clientside Security </font>
<hr class="noscreen" />
<!-- Quick links -->
<div class="noscreen noprint">
<p><em>Quick links: <a
href="#content">content</a>, <a
href="#tabs">navigation</a>, <a
href="#search">search</a>.</em></p>
<hr />
</div>
<!-- Search -->
</div>
<!-- /header -->
<!-- Main menu (tabs) -->
<div id="tabs" class="noprint">
<%
<h3 class="noscreen">Navigation</h3>
<ul class="box">
<li><a href="#">Login<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="register.jsp">Register<span class="tab-l"></span><span
class="tab-r"></span></a></li>
</ul>
<hr class="noscreen" />
</div> <!-- /tabs -->
<!-- Page (2 columns) -->
<div id="page" class="box">
<div id="page-in" class="box">
<!-- Content -->
<div id="content">
<!-- Article -->
<div class="article">
<h2><span>Login</span></h2>
<form method="post" name = "login"
onSubmit="return validate()" action="action.jsp" >
<p>
<table width="316" border="0" >
<tr >
<td><span class="style1"><font
size="3">Username</font></span></td>
<td><input type = "text" name =
"name" id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font
size="3">Password</font></span></td>
<td><input type = "password" name =
"pass" id= "pass" />
</td>
</tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td><td>
<input type="submit" name="Submit"
value="Submit" align = "right" /></td></tr>
</table>
<p class="info noprint"> </p>
</form>
</p>
</div> <!-- /article -->
</div> <!-- /content -->
<!-- Right column -->
<div id="col" class="noprint">
<div id="col-in">
<!-- Category -->
<h3 ><span>WebIBC</span></h3>
<ul id="category">
<br><br>
<FONT SIZE="2" face="Georgia ">"
<i>WebIBC may use your
email address to personalize your experience on their
website.</i>"</FONT> <br><br>
</ul>
<hr class="noscreen" />
<hr class="noscreen" />
<!-- Links -->
<hr class="noscreen" />
</div> <!-- /col-in -->
</div> <!-- /col -->
</div> <!-- /page-in -->
</div> <!-- /page -->
<!-- Footer -->
<div id="footer">
<div id="top"
class="noprint"><p><span class="noscreen">Back
on top</span> <a href="#header" title="Back on top
^">^<span></span></a></p></div>
<hr class="noscreen" />
<p id="createdby">created by <a
href="http://www.nuvio.cz"></a> <!-- DON´T REMOVE,
PLEASE! --></p>
<p id="copyright">© 2009 <a
href="mailto:my@mail.com"></a></p>
</div> <!-- /footer -->
</div> <!-- /main -->
</body>
</html>
Action.jsp
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xml:lang="cs" lang="cs">
<head>
<%@ page import="java.sql.*"%>
<meta http-equiv="content-type"
content="text/html; charset=utf-8" />
<meta
http-equiv="content-language" content="cs" />
<meta name="robots"
content="all,follow" />
<meta name="author" content="All: ... [Nazev webu - www.url.cz]; e-mail:
info@url.cz" />
<meta name="copyright"
content="Design/Code: Vit Dlouhy [Nuvio - www.nuvio.cz]; e-mail:
vit.dlouhy@nuvio.cz" />
<title>CrystalX</title>
<meta name="description"
content="..." />
<meta name="keywords" content="..."
/>
<link rel="index" href="./"
title="Home" />
<link rel="stylesheet"
media="screen,projection" type="text/css"
href="./css/main.css" />
<link rel="stylesheet" media="print"
type="text/css" href="./css/print.css" />
<link rel="stylesheet" media="aural"
type="text/css" href="./css/aural.css" />
<style type="text/css">
<!--
.style1 {font-family: Georgia , "Times New
Roman", Times, serif}
-->
</style>
</head>
<body id="www-url-cz">
<!-- Main -->
<div id="main" class="box">
<!-- Header -->
<div id="header">
<!--Logotyp -->
<h1
id="logo"><strong>IBC</strong></h1><br
/><br /><br />
<br />
<font size="1"> For
Clientside Security </font>
<hr class="noscreen" />
<!-- Quick links -->
<div class="noscreen noprint">
<p><em>Quick links: <a
href="#content">content</a>, <a
href="#tabs">navigation</a>, <a
href="#search">search</a>.</em></p>
<hr />
</div>
<!-- Search -->
</div>
<!-- /header -->
<!-- Main menu (tabs) -->
<div id="tabs" class="noprint">
<%
boolean flag = false;
String n = request.getParameter("name");
String p = request.getParameter("pass");
String add = request.getRemoteAddr();
%>
<h3 class="noscreen">Navigation</h3>
<ul class="box">
<li><a href="#">Home<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="myacc.jsp?name=<%=n%>">My Account<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="compose.jsp?name=<%=n%>">Compose<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a href="#">Contact<span class="tab-l"></span><span
class="tab-r"></span></a></li>
</ul>
<hr class="noscreen" />
</div> <!-- /tabs -->
<!-- Page (2 columns) -->
<div id="page" class="box">
<div id="page-in" class="box">
<!-- Content -->
<div id="content">
<!-- Article -->
<div class="article">
<h2><span>Welcome <%=n%>
!</span><br>
<FONT
SIZE="5" face = "Monotype Corsiva">
<a href
="showmail.jsp?name=<%=n%>">Inbox
</a></FONT></h2>
<h3> About WebIBC </h3><p>
WebIBC
is a pure JavaScript/HTML based Web security system aiming at providing Web 2.0
applications with strong cryptography. With WebIBC a user can protect herself
even against evil Web application service provider. WebIBC also provides a
mechanism for Web application service providers that they can guarantee they
will not do evil. Before using WebIBC the user should authenticate himself to a
trusted third party to retrieve his private key used in the system. The key is
generated by the trusted third party and is binded with user's identity. User
will use this key to cipher a message. </p>
<%
// out.println(n);
//out.println(p);
//session.setAttribute("username",n);
//session.setAttribute("passwr",p);
//session.setAttribute("ipaddr",add);
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con =
DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st = con.createStatement();
//out.println(p);
String query="select * from user where
username='"+n+"' and password= '"+p+"'";
ResultSet rs =st.executeQuery(query);
//String cn = rs.getString("country");
//String ct = rs.getString("city");
if(rs.next())
{
//out.println(uname);
//out.println(pass);
//if(uname.equals(n) && pass.equals(p))
//
{
java.util.Date d = new java.util.Date();
//long intime = d.getTime();
//int intime1 = d.getDate();
int intime2 = d.getHours();
int intime3 = d.getMinutes();
int intime4 = d.getSeconds();
String h = Integer.toString(intime2);
String m = Integer.toString(intime3);
String s = Integer.toString(intime4);
//int intime5 = d.getMonth();
//int intime6 = d.getYear();
String t = h+":"+m+":"+s;
//out.println(t+uname+pass);
}
else
{
response.sendRedirect("index.html");
}
}
catch(Exception ae)
{
out.println(ae);
ae.printStackTrace();
}
%>
</p>
</div> <!-- /article -->
</div> <!-- /content -->
<!-- Right column -->
<div id="col" class="noprint">
<div id="col-in">
<!-- About Me -->
<h3><span><a href="#">About
Me</a></span></h3>
<div id="about-me">
<p><strong><%=n%></strong><br
/>
</p>
</div> <!-- /about-me -->
<hr class="noscreen" />
<!-- Category -->
<h3 ><span>Contacts</span></h3>
<%
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con1 =
DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st1 = con1.createStatement();
//out.println(p);
String query1="select mail from user ";
ResultSet rs1 =st1.executeQuery(query1);
while(rs1.next())
{
out.println(rs1.getString("mail"));
out.println("<br>");
}
}
catch(Exception ae)
{
out.println(ae);
ae.printStackTrace();
}
%>
<hr class="noscreen" />
<hr class="noscreen" />
<!-- Links -->
<hr class="noscreen" />
</div> <!-- /col-in -->
</div> <!-- /col -->
</div> <!-- /page-in -->
</div> <!-- /page -->
<!-- Footer -->
<div id="footer">
<div id="top"
class="noprint"><p><span
class="noscreen">Back on top</span> <a
href="#header" title="Back on top
^">^<span></span></a></p></div>
<hr class="noscreen" />
<p id="createdby">created by <a
href="http://www.nuvio.cz">satesh | Spiro</a> <!-- DON´T
REMOVE, PLEASE! --></p>
<p id="copyright">© 2009 <a
href="mailto:my@mail.com">www.Spiro.com</a></p>
</div> <!-- /footer -->
</div> <!-- /main -->
</body>
</html>
Register.jsp
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xml:lang="cs" lang="cs">
<head>
<meta http-equiv="content-type"
content="text/html; charset=utf-8" />
<meta
http-equiv="content-language" content="cs" />
<meta name="robots"
content="all,follow" />
<meta name="author" content="All: ... [Nazev webu - www.url.cz]; e-mail:
info@url.cz" />
<meta name="copyright"
content="Design/Code: Vit Dlouhy [Nuvio - www.nuvio.cz]; e-mail:
vit.dlouhy@nuvio.cz" />
<title>CrystalX</title>
<meta name="description"
content="..." />
<meta name="keywords" content="..."
/>
<link rel="index" href="./"
title="Home" />
<link rel="stylesheet"
media="screen,projection" type="text/css"
href="./css/main.css" />
<link rel="stylesheet" media="print"
type="text/css" href="./css/print.css" />
<link rel="stylesheet" media="aural"
type="text/css" href="./css/aural.css" />
<style type="text/css">
<!--
.style1 {font-family: Georgia , "Times New
Roman", Times, serif}
-->
</style>
<script type="text/javascript">
function validate()
{
if(document.getElementById("name").value=="")
{
alert("Enter Username");
return false
}
if(document.getElementById("pass").value=="")
{
alert("Enter password");
return false
}
return true
}
</script>
</head>
<body id="www-url-cz">
<!-- Main -->
<div id="main" class="box">
<!-- Header -->
<div id="header">
<!--Logotyp -->
<h1
id="logo"><strong>IBC</strong></h1><br
/><br /><br />
<br />
<font size="1"> For
Clientside Security </font>
<hr class="noscreen" />
<!-- Quick links -->
<div class="noscreen noprint">
<p><em>Quick links: <a
href="#content">content</a>, <a
href="#tabs">navigation</a>, <a
href="#search">search</a>.</em></p>
<hr />
</div>
<!-- Search -->
</div>
<!-- /header -->
<!-- Main menu (tabs) -->
<div id="tabs" class="noprint">
<h3 class="noscreen">Navigation</h3>
<ul class="box">
<li><a href="index.html">Login<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a href="#">Register<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
</ul>
<hr class="noscreen" />
</div> <!-- /tabs -->
<!-- Page (2 columns) -->
<div id="page" class="box">
<div id="page-in" class="box">
<!-- Content -->
<div id="content">
<!-- Article -->
<div class="article">
<h2><span>Register</span></h2>
<form method="post" name = "register"
onSubmit="return validate()" action="regres.jsp" >
<p>
<table width="316" border="0" >
<tr >
<td><span class="style1"><font
size="3">Username</font></span></td>
<td><input type = "text" name =
"uname" id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font
size="3">Password</font></span></td>
<td><input type = "password" name =
"pass" id= "pass" />
</td>
</tr>
<tr >
<td><span class="style1"><font
size="3">Name</font></span></td>
<td><input type = "text" name = "name"
id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font
size="3">Gender</font></span></td>
<td> <select name="sex" >
<option value="MALE">MALE</option>
<option value="FEMALE">FEMALE</option>
</select>
</td>
</tr>
<tr >
<td><span class="style1"><font
size="3">Country</font></span></td>
<td> <select name="country" >
<option value="Select Nationality">Select
Country</option>
<option value='ABW'>ARUBA </option>
<option value='AFG'>AFGANISTAN</option>
<option value='AGO'>ANGOLA </option>
<option value='AND'>PRINCIPALITY OF
ANDORRA</option>
<option value='ANT'>NETHERLANAD
ANTILLES</option>
<option value='ARG'>ARGENTINA </option>
<option value='ARM'>ARMENIA </option>
<option value='ATG'>ANTIQUA AND BARBUDA</option>
<option value='AUS'>AUSTRALIA </option>
<option value='AUT'>AUSTRIA </option>
<option value='AZE'>AZERBEIJAN</option>
<option value='BEL'>BELGIUM </option>
<option value='BEN'>BENIN </option>
<option value='BFA'>BURKINOFASO</option>
<option value='BGR'>BULGARIA </option>
<option value='BHR'>BAHRAIN </option>
<option value='BLR'>BELARUS </option>
<option value='BLZ'>BELIZE </option>
<option value='BOL'>BOLIVIA </option>
<option value='BON'>BONAIRE </option>
<option value='BRA'>BRAZIL </option>
<option value='BRB'>BARBADOS </option>
<option value='BTN'>BHUTAN </option>
<option value='BWA'>BOTSWANA </option>
<option value='CAN'>CANADA </option>
<option value='CHL'>CHILE </option>
<option value='CHN'>CHINA </option>
<option value='COL '>COLOMBIA </option>
<option value='COM'>UNION OF COMOROS</option>
<option value='CPV'>CAPE VERDE </option>
<option value='CRC'>CURACAO </option>
<option value='CRI'>COSTA RICA </option>
<option value='CUB'>CUBA </option>
<option value='CYP'>CYPRUS </option>
<option value='CYP'>REPUBLIC OF CYPRUS </option>
<option value='CYR'>CYRIA</option>
<option value='CZC'>CZECH</option>
<option value='DAK'>DAKAR </option>
<option value='DEU'>GERMANY </option>
<option value='DNK'>DENMARK </option>
<option value='DOM'>DOMINICAN REPUBLIC </option>
<option value='DZA'>ALGERIA </option>
<option value='ECU'>ECUADOR </option>
<option value='EGY'>EGYPT </option>
<option value='ERI'>ERITREA </option>
<option value='ESP'>SPAIN </option>
<option value='EST'>ESTONIA </option>
<option value='ETH'>ETHIOPIA </option>
<option value='FIJ'>FIJI </option>
<option value='FIN'>FINLAND </option>
<option value='FRA'>FRANCE </option>
<option value='GBR'>UK </option>
<option value='GEO'>GEORGIA </option>
<option value='GHA'>GHANA </option>
<option value='GMB'>GAMBIA </option>
<option value='GNB'>GUINEA BISSAU</option>
<option value='GRC'>GREECE </option>
<option value='GRD'>GRENADA </option>
<option value='GTM'>GUATEMALA </option>
<option value='GUY'>GUYANA </option>
<option value='HKG'>HONG KONG SPL ADMN
REGION</option>
<option value='HND'>HONDURAS </option>
<option value='HNG'>HUNGARY </option>
<option value='HRV'>CROATIA </option>
<option value='IDN'>INDONESIA </option>
<option value='IND '>INDIA </option>
<option value='IRA'>IRAN </option>
<option value='IRL'>IRELAND </option>
<option value='IRQ'>IRAQ </option>
<option value='ISR'>ISRAEL </option>
<option value='ITA'>ITALY </option>
<option value='JAM'>JAMAICA </option>
<option value='JOR'>JORDAN </option>
<option value='JPN'>JAPAN </option>
<option value='KAZ'>KAZAKSTAN</option>
<option value='KEN'>KENYA </option>
<option value='KGZ'>KYRGYSTAN</option>
<option value='KHM'>CAMBODIA </option>
<option value='KNA'>ST KITTS AND NEVIS </option>
<option value='KOR'>KOREA (NORTH)</option>
<option value='KWT'>KUWAIT </option>
<option value='LAO'>LAOS </option>
<option value='LBN'>LEBANON </option>
<option value='LBR'>LIBERIA </option>
<option value='LBY'>LIBYA </option>
<option value='LCA'>SAINT LUCIA </option>
<option value='LKA'>SRI LANKA </option>
<option value='LSO'>KINGDOM OF LESOTHO </option>
<option value='LTU'>LITHUANIA </option>
<option value='LUX'>LUXEMBOURG </option>
<option value='LVA'>LATVIA </option>
<option value='MDG'>MADAGASCAR </option>
<option value='MDV'>MALDIVES </option>
<option value='MEX'>MEXICO </option>
<option value='MKD'>ARUBA </option>
<option value='MLI'>MALI </option>
<option value='MLT'>MALTA </option>
<option value='MMR'>MYANMAR </option>
<option value='MNG'>MONGOLIA </option>
<option value='MOR'>MOROCCO </option>
<option value='MOZ'>MOZAMBIQUE </option>
<option value='MRT'>MAURITANIA </option>
<option value='MUS'>MAURITIUS </option>
<option value='MWI'>MALAWI </option>
<option value='MYS'>MALAYSIA </option>
<option value='NAM '>NAMIBIA </option>
<option value='NAR'>NIGER </option>
<option value='NGA'>NIGERIA </option>
<option value='NIA'>IVORY COAST </option>
<option value='NIB'>DAR-US-SALAM</option>
<option value='NIG'>PALESTINE </option>
<option value='NLD'>NETHERLANDS </option>
<option value='NOR'>NORWAY </option>
<option value='NPL'>NEPAL </option>
<option value='NZL'>NEW ZEALAND </option>
<option value='OMN'>OMAN </option>
<option value='PAN'>PANAMA </option>
<option value='PER'>PERU </option>
<option value='PHL'>PHILLIPINES</option>
<option value='PNG'>PAPUA NEW GUINEA</option>
<option value='POL'>POLAND </option>
<option value='PRK'>KOREA (SOUTH)</option>
<option value='PRT'>PORTUGAL </option>
<option value='QAT'>QATAR </option>
<option value='REU'>REUNION ISLAND </option>
<option value='ROU'>ROMANIA </option>
<option value='RUS'>RUSSIA </option>
<option value='RWA'>RWANDA </option>
<option value='SAU'>SAUDI ARABIA </option>
<option value='SBN'>REPUBLIC OF SLOVANIA </option>
<option value='SDN'>SUDAN </option>
<option value='SGP'>SINGAPORE </option>
<option value='SNG'>SENEGAL </option>
<option value='SOM'>SOMALIA </option>
<option value='SUR'>SURINAM </option>
<option value='SVK'>SLOVAKIA </option>
<option value='SWE'>SWEDEN </option>
<option value='SWZ'>SWITZERLAND </option>
<option value='SYC'>SEYCHELES</option>
<option value='SYR'>SYRIA </option>
<option value='TCD'>CHAD </option>
<option value='TGO'>TOGO </option>
<option value='THA'>THAILAND </option>
<option value='TJK'>TAJIKISTAN </option>
<option value='TKM'>TURKMENISTAN </option>
<option value='TTO'>TRINIDAD &
TOBAGO</option>
<option value='TUN'>TUNISIA </option>
<option value='TUR'>TURKEY </option>
<option value='TWN'>TAIWAN </option>
<option value='TZA'>TANZANIA </option>
<option value='UAE'>UAE</option>
<option value='UGA'>UGANDA </option>
<option value='UKR'>UKRAINE </option>
<option value='USA '>USA </option>
<option value='UZB'>UZBEKISTAN </option>
<option value='VAT'>HOLY SEE VATICAN</option>
<option value='VCT'>SAINT VINCENT AND
GRENADINES</option>
<option value='VEN'>VENEZUELA </option>
<option value='VEN'>VENEZULA</option>
<option value='VNM'>VIETNAM </option>
<option value='YEM'>YEMEN </option>
<option value='YER'>YEREVAN </option>
<option value='YUG'>SERBIA AND MONTEGRO</option>
<option value='ZAF'>SOUTH AFRICA </option>
<option value='ZAR'>ZAIRE </option>
<option value='ZMB'>ZAMBIA </option>
<option value='ZWE'>ZIMBABWE </option>
</select>
</td>
</tr>
<tr >
<td><span class="style1"><font
size="3">City</font></span></td>
<td><input type = "text" name = "city"
id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font
size="3">E-mail ID</font></span></td>
<td><input type = "text" name =
"mail" id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font
size="3">Mobile
</font></span></td>
<td><input type = "text" name =
"phone" id="name" /></td>
</tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td><td>
<input type="submit" name="Submit"
value="Submit" align = "right" /></td></tr>
</table>
<p class="info noprint"> </p>
</form>
</p>
</div> <!-- /article -->
</div> <!-- /content -->
<!-- Right column -->
<div id="col" class="noprint">
<div id="col-in">
<!-- Category -->
<h3 ><span>WebIBC</span></h3>
<ul id="category">
<br><br>
<FONT SIZE="2" face="Georgia ">"
<i>WebIBC may use your
email address to personalize your experience on their
website.</i>"</FONT> <br><br>
</ul>
<hr class="noscreen" />
<hr class="noscreen" />
<!-- Links -->
<hr class="noscreen" />
</div> <!-- /col-in -->
</div> <!-- /col -->
</div> <!-- /page-in
-->
</div> <!-- /page -->
<!-- Footer -->
<div id="footer">
<div id="top"
class="noprint"><p><span
class="noscreen">Back on top</span> <a
href="#header" title="Back on top
^">^<span></span></a></p></div>
<hr class="noscreen"
/>
<p
id="createdby">created by <a
href="http://www.nuvio.cz"></a> <!-- DON´T REMOVE,
PLEASE! --></p>
<p
id="copyright">© 2009 <a
href="mailto:my@mail.com"></a></p>
</div> <!-- /footer
-->
</div> <!-- /main -->
</body>
</html>
READMAIL.jsp
<%@ page
contentType="text/html; charset=iso-8859-1" language="java"
import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml">
<head>
<%@ page import="java.sql.*
, java.util.*,java.io.File.*" %>
<meta
http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
<title>Untitled
Document</title>
</head>
<body>
<!-- Declaration-->
<%! String
sno,str2,str3,str1,str4,str5,str6,str7,str8; %>
<!-- main coding-->
<%
str1=request.getParameter("uname");
str2=request.getParameter("pass");
str3=request.getParameter("name");
str4=request.getParameter("sex");
str5=request.getParameter("country");
str6=request.getParameter("city");
str7=request.getParameter("mail");
str8=request.getParameter("phone");
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con0 =
DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st0 =
con0.createStatement();
//out.println(p);
String query="select * from
user where username='"+str1+"'";
ResultSet rs
=st0.executeQuery(query);
//String vname = rs.getString(1);
if(rs.next()== true)
{
String str = "Username
already exist ! ";
response.sendRedirect("register.jsp?str="+str+"");
}
else
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection
con=DriverManager.getConnection("jdbc:odbc:ibc");
Statement
st=con.createStatement();
Statement
st1=con.createStatement();
Statement
st2=con.createStatement();
Statement st3=con.createStatement();
String app="INSERT INTO
user(username,password,name,sex,country,city,mail,mobile) values(
'"+str1+"','"+str2+"','"+str3+"','"+str4+"','"+str5+"','"+str6+"','"+str7+"','"+str8+"')";
String app1 = "INSERT INTO
authen(username) values('"+str1+"')";
String app2 = "INSERT INTO
mailserverdb(username) values('"+str1+"')";
String app3 = "INSERT INTO
keyserverdb(username,mail)
values('"+str1+"','"+str7+"')";
int i=st.executeUpdate(app);
int j=st1.executeUpdate(app1);
int k=st2.executeUpdate(app2);
int l=st3.executeUpdate(app3);
File f= new
File("D:/IBC/mailserver/"+str3);
f.mkdir();
//out.println("User
Registered Sucessfully");
con.close();
response.sendRedirect("sucess.jsp");
}
}
catch(Exception e)
{
out.println(e);
}%>
</body>
</html>
Compose.jsp
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs"
lang="cs">
<head>
<%@ page
import="java.sql.*"%>
<meta http-equiv="content-type"
content="text/html; charset=utf-8" />
<meta http-equiv="content-language" content="cs"
/>
<meta
name="robots" content="all,follow" />
<meta name="author"
content="All: ... [Nazev
webu - www.url.cz]; e-mail: info@url.cz" />
<meta
name="copyright" content="Design/Code: Vit Dlouhy [Nuvio -
www.nuvio.cz]; e-mail: vit.dlouhy@nuvio.cz" />
<title>CrystalX</title>
<meta name="description"
content="..." />
<meta name="keywords"
content="..." />
<link rel="index"
href="./" title="Home" />
<link rel="stylesheet"
media="screen,projection" type="text/css"
href="./css/main.css" />
<link rel="stylesheet"
media="print" type="text/css"
href="./css/print.css" />
<link rel="stylesheet"
media="aural" type="text/css" href="./css/aural.css"
/>
<style type="text/css">
<!--
.style1 {font-family: Georgia ,
"Times New Roman", Times, serif}
-->
</style>
</head>
<body
id="www-url-cz">
<!-- Main -->
<div id="main"
class="box">
<!-- Header -->
<div id="header">
<!--Logotyp -->
<h1
id="logo"><strong>IBC</strong></h1><br
/><br /><br />
<br />
<font
size="1"> For Clientside Security </font>
<hr class="noscreen"
/>
<!-- Quick links -->
<div class="noscreen
noprint">
<p><em>Quick links: <a
href="#content">content</a>, <a
href="#tabs">navigation</a>, <a
href="#search">search</a>.</em></p>
<hr />
</div>
<!-- Search -->
</div>
<!-- /header -->
<!-- Main menu (tabs) -->
<div id="tabs"
class="noprint">
<%
boolean flag = false;
String
n = request.getParameter("name");
String p =
request.getParameter("pass");
String
add = request.getRemoteAddr();
String
from = null;
%>
<h3
class="noscreen">Navigation</h3>
<ul class="box">
<li><a
href="showmail.jsp?name=<%=n%>">Inbox<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="myacc.jsp?name=<%=n%>">About Me<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="compose.jsp?name=<%=n%>">Compose<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="#">Contact<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
/ul>
<hr class="noscreen" />
</div> <!-- /tabs -->
<!-- Page (2 columns) -->
<div id="page"
class="box">
<div id="page-in"
class="box">
<!-- Content -->
<div id="content">
<!-- Article -->
<div
class="article">
<h2> Send a Cryptographic Message </h2>
</p>
</div> <!-- /article -->
<FORM METHOD="post"
ACTION="msgsend.jsp" >
<%
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection
con1 = DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement
st1 = con1.createStatement();
//out.println(p);
String
query1="select * from user where username='"+n+"' ";
ResultSet
rs1 =st1.executeQuery(query1);
while(rs1.next())
{
from
= rs1.getString("mail");
}
out.println("<table
cellpadding=20 ><tr><td>From : </td><td><font
size=5 face=times new
roman>"+from+"</font></td></tr>");
}
catch(Exception
ae)
{
out.println(ae);
ae.printStackTrace();
}
%>
<tr><td>TO :</td><td><input
type = "text" name="to" size ="40"
/></td></tr>
<tr><td>Subject
:</td><td><input type = "text"
name="subject" size ="40"/></td></tr>
<tr><td> </td><td><textarea
cols="50" rows="20" name="message"
></textarea></td></tr>
<tr><td> </td><td><input
type="submit" name="submit" value=" Send "
></td></tr>
</table>
<INPUT
TYPE="hidden" NAME="from"
value="<%=from%>">
<INPUT
TYPE="hidden" NAME="name"
value="<%=n%>">
</FORM>
</div> <!-- /content -->
<!-- Right column -->
<div id="col"
class="noprint">
<div id="col-in">
<!-- About Me -->
<h3><span><a
href="#">About Me</a></span></h3>
<div
id="about-me">
<p><strong><%=n%></strong><br />
</p>
</div> <!--
/about-me -->
<hr
class="noscreen" />
<!-- Category -->
<h3
><span>Contacts</span></h3>
<hr
class="noscreen" />
<hr
class="noscreen" />
<!-- Links -->
<hr
class="noscreen" />
</div> <!-- /col-in -->
</div> <!-- /col -->
</div> <!-- /page-in -->
</div> <!-- /page -->
<!-- Footer -->
<div id="footer">
<div id="top"
class="noprint"><p><span
class="noscreen">Back on top</span> <a
href="#header" title="Back on top
^">^<span></span></a></p></div>
<hr class="noscreen" />
<p
id="createdby">created by <a
href="http://www.nuvio.cz"></a> <!-- DONT REMOVE, PLEASE!
--></p>
<p
id="copyright">© 2009 <a
href="mailto:my@mail.com"></a></p>
</div> <!-- /footer -->
</div> <!-- /main -->
</body>
</html>
Sendmail.jsp
<?xml
version="1.0"?>
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs"
lang="cs">
<head>
<%@ page
import="java.sql.*,java.io.*"%>
<meta
http-equiv="content-type" content="text/html;
charset=utf-8" />
<meta http-equiv="content-language" content="cs"
/>
<meta
name="robots" content="all,follow" />
<meta name="author"
content="All: ... [Nazev
webu - www.url.cz]; e-mail: info@url.cz" />
<meta
name="copyright" content="Design/Code: Vit Dlouhy [Nuvio -
www.nuvio.cz]; e-mail: vit.dlouhy@nuvio.cz" />
<title>CrystalX</title>
<meta name="description"
content="..." />
<meta name="keywords"
content="..." />
<link rel="index"
href="./" title="Home" />
<link rel="stylesheet"
media="screen,projection" type="text/css"
href="./css/main.css" />
<link rel="stylesheet"
media="print" type="text/css"
href="./css/print.css" />
<link rel="stylesheet"
media="aural" type="text/css"
href="./css/aural.css" />
<style type="text/css">
<!--
.style1 {font-family: Georgia ,
"Times New Roman", Times, serif}
-->
</style>
</head>
<body
id="www-url-cz">
<!-- Main -->
<div id="main"
class="box">
<!-- Header -->
<div id="header">
<!--Logotyp -->
<h1
id="logo"><strong>IBC</strong></h1><br
/><br /><br />
<br />
<font
size="1"> For Clientside Security </font>
<hr class="noscreen"
/>
<!-- Quick links -->
<div class="noscreen
noprint">
<p><em>Quick links:
<a href="#content">content</a>, <a
href="#tabs">navigation</a>, <a
href="#search">search</a>.</em></p>
<hr />
</div>
<!-- Search -->
</div>
<!-- /header -->
<!-- Main menu (tabs) -->
<div id="tabs"
class="noprint">
<h3
class="noscreen">Navigation</h3>
<ul
class="box">
<li><a
href="#">Home<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="#">About Me<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a href="compose.jsp">Compose<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
<li><a
href="#">Contact<span
class="tab-l"></span><span
class="tab-r"></span></a></li>
</ul>
<hr class="noscreen" />
</div> <!-- /tabs -->
<!-- Page (2 columns) -->
<div id="page"
class="box">
<div id="page-in"
class="box">
<!-- Content -->
<div id="content">
<!-- Article -->
<div
class="article">
<table width="200"
border="1">
<%
boolean flag = false;
String
n = request.getParameter("name");
String p =
request.getParameter("pass");
String
add = request.getRemoteAddr();
String
name=null,sub=null,msgdate=null,msgtime=null,message=null,mailaddr=null;
java.util.Date
d = new java.util.Date();
int
intime5 = d.getDate();
int
intime6 = d.getMonth();
int
intime7 = d.getYear();
String dt =
Integer.toString(intime5);
String
mon = Integer.toString(intime6+1);
String
year = Integer.toString(intime7+1900);
//int
intime5 = d.getMonth();
//int
intime6 = d.getYear();
String
cdate = dt+"-"+mon+"-"+year;
//get date
int
intime2 = d.getHours();
int
intime3 = d.getMinutes();
int
intime4 = d.getSeconds();
String
h = Integer.toString(intime2);
String
m = Integer.toString(intime3);
String
s = Integer.toString(intime4);
//int
intime5 = d.getMonth();
//int
intime6 = d.getYear();
String
t = h+":"+m+":"+s;
%>
<h2> Welcome <%=n%> </h2>
</p>
<FORM METHOD="post"
ACTION="msgsend.jsp" >
<%
out.println("<table
cellpadding=20 ><tr><td width
=100><h4>From</h4></td><td
width=200><h4>Subject</h4></td><td><h4>Date</h4></td><td><h4>Time</h4></td></h2></tr>");
out.println("<tr><td
colspan=4>-------------------------------------------------------------------------------------------</td></tr>");
out.println("<tr><td>Admin</td><td>Welcome
to
IBC</td><td>"+cdate+"</td><td>"+t+"</td></h2></tr>");
out.println("<tr><td
colspan=4>-------------------------------------------------------------------------------------------</td></tr>");
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con1 =
DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st1 =
con1.createStatement();
//out.println(p);
String query1="select mail from
user where username='"+n+"' ";
ResultSet rs1
=st1.executeQuery(query1);
while(rs1.next())
{
mailaddr=rs1.getString("mail");
}
//out.println(mailaddr);
}
catch(Exception ae)
{
out.println(ae+"1");
ae.printStackTrace();
}
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con2 =
DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st2 =
con2.createStatement();
//out.println(p);
String query2="select * from
mailserverdb where toaddr='"+mailaddr+"' ";
ResultSet rs2=
st2.executeQuery(query2);
while(rs2.next())
{
name=rs2.getString("username");
//out.println(from);
sub=rs2.getString("subject");
//out.println(sub);
message=rs2.getString("message");
//out.println(message);
msgdate=rs2.getString("msgdate");
//out.println(msgdate);
msgtime=rs2.getString("msgtime");
out.println("<tr><td>"+name+"</td><td>"+sub+"</td><td>"+msgdate+"</td><td>"+msgtime+"</td></tr>");
out.println("<tr><td
colspan=4>----------------------------------------------------</td></tr>");
}
}
catch(Exception a)
{
out.println(a+"2");
a.printStackTrace();
}
%>
</table>
</FORM>
</div> <!-- /article
-->
</div> <!-- /content
-->
<!-- Right column -->
<div id="col"
class="noprint">
<div id="col-in">
<!-- About Me -->
<h3><span><a
href="#">About Me</a></span></h3>
<div
id="about-me">
<p><strong><%=n%></strong><br
/>
</p>
</div> <!-- /about-me
-->
<hr class="noscreen"
/>
<!-- Category -->
<h3
><span>Contacts</span></h3>
<%/*
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con1 =
DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st1 =
con1.createStatement();
//out.println(p);
String query1="select mail
from user ";
ResultSet rs1
=st1.executeQuery(query1);
while(rs1.next())
{
out.println(rs1.getString("mail"));
out.println("<br>");
}
}
catch(Exception ae)
{
out.println(ae);
ae.printStackTrace();
}
*/%>
<hr class="noscreen"
/>
<hr class="noscreen"
/>
<!-- Links -->
<hr class="noscreen"
/>
</div> <!-- /col-in
-->
</div> <!-- /col -->
</div> <!-- /page-in
-->
</div> <!-- /page -->
<!-- Footer -->
<div id="footer">
<div id="top"
class="noprint"><p><span
class="noscreen">Back on top</span> <a
href="#header" title="Back on top
^">^<span></span></a></p></div>
<hr class="noscreen"
/>
<p id="createdby">created
by <a href="http://www.nuvio.cz"></a> <!-- DONT
REMOVE, PLEASE! --></p>
<p
id="copyright">© 2009 <a
href="mailto:my@in.com"></a></p>
</div> <!-- /footer
-->
</div> <!-- /main -->
</body>
</html>
CHAPTER-12
FUTURE WORK
In this project, Encryption is done
using text .In future data will be encrypted using image or picture.
CHAPTER-13
CONCLUSION
We finally conclude An Identity Base
Encryption (IBE) scheme is a public-key cryptosystem where any string is a
valid public key. In particular, email addresses and dates can be public keys.
For many situations in distributed network environments, Identity Base cryptography
is a must during communications.
BIBLIOGRAPHY
- Zhi Guan, Zhen Cao, Xuan Zhao, Ruichuan Chen, Zhong Chen, Xianghao Nan- “WebIBC: Identity Based Cryptography for Client Side Security in Web Applications”, IEEE, 2008
- Yongjun Ren,Jiandong Wang, Youdong Zhang,Liming Fang – “Identity-Based Key Issuing Protocol for Ad Hoc Networks”, 2007 IEEE International Conference on Computational Intelligence and Security
Comments
Post a Comment