1

1. INTRODUCTION
Anonymizing networks such as TOR, routes traffic through independent nodes in separate administrative domains to hide a clients IP address !nfortunately, some users have misused such networks"under the cover of anonymity, users have repeatedly defaced popular #e$ sites such as #ikipedia %ince #e$ site administrators cannot $lacklist individual malicious users IP addresses, they $lacklist the entire anonymizing network %uch measures eliminate malicious activity through anonymizing networks at the cost of denying anonymous access to $ehaving users In other words, a few &$ad apples' can spoil the fun for all (This has happened repeatedly with Tor )* There are several solutions to this pro$lem, each providing some degree of accounta$ility In pseudonymous credential systems, users log into #e$ sites using pseudonyms, which can $e added to a $lacklist if a user mis$ehaves !nfortunately, this approach results in pseudonymity for all users, and weakens the anonymity provided $y the anonymizing network Anonymous credential systems employ group signatures +asic group signatures allow servers to revoke a mis$ehaving users anonymity $y complaining to a group manager %ervers must ,uery the group manager for every authentication, and thus, lacks scala$ility Tracea$le signatures allow the group manager to release a trapdoor that allows all signatures generated $y a particular user to $e traced- such an approach does not provide the $ackward unlinka$ility that we desire, where a users accesses $efore the complaint remain anonymous +ackward unlinka$ility allows for what we call su$.ective $lacklisting, where servers can $lacklist users for whatever reason since the privacy of the $lacklisted user is not at risk /urther, approaches without $ackward unlinka$ility need to pay careful attention to when and why a user must have all their connections linked, and users must worry a$out whether their $ehaviors will $e .udged fairly %u$.ective $lacklisting is also $etter suited to servers such as #ikipedia, where mis$ehaviors such as ,uestiona$le edits to a #e$page, are hard to define in mathematical terms In some systems, mis$ehavior can indeed $e defined precisely /or instance, dou$le spending of an &e0coin' is considered mis$ehavior in anonymous e0cash systems following which the offending user is deanonymized !nfortunately, such systems work for only narrow definitions of mis$ehavior"it is difficult to map more comple1 notions of mis$ehavior onto &dou$le spending' or related approaches 2erifier0local revocation (23R* fi1es this shortcoming $y re,uiring the server (&verifier'* to perform only local updates during revocation !nfortunately, 23R re,uires heavy computation at the server that is linear in the size of the $lacklist /or e1ample, for a $lacklist with ),444 entries, each authentication would take tens of seconds, a prohi$itive

cost in practice In contrast, our scheme takes the server a$out one millisecond per authentication, which is several thousand times faster than 23R

1.1 Problem Definition

5ynamic accumulators a revocation operation results in a new accumulator and pu$lic parameters for the group and all other e1isting users credentials must $e updated, making it impractical 2erifier0local revocation (23R* fi1es this shortcoming $y re,uiring the server (&verifier'* to perform only local updates during revocation !nfortunately, 23R re,uires heavy computation at the server that is linear in the size of the $lacklist /or e1ample, for a $lacklist with ),444 entries, each authentication would take tens of seconds, a prohi$itive cost in practice

1.2 Existing System and its limitations

61isting users credentials must $e updated, making it impractical 2erifier0local revocation (23R* fi1es this shortcoming $y re,uiring the server (&verifier'* to perform only local updates during revocation !nfortunately, 23R re,uires heavy computation at the server that is linear in the size of the $lacklist Anonymous authentication, $ackward unlinka$ility, su$.ective $lacklisting, fast authentication speeds, rate0limited anonymous connections, revocation audita$ility (where users can verify whether they have $een $lacklisted*, and also addresses the %y$il attack to make its deployment practical

1. Pro!osed System
#e present a secure system called 7ym$le, which provides all the following properties8 anonymous authentication, $ackward unlinka$ility, su$.ective $lacklisting, fast authentication speeds, rate0limited anonymous connections, revocation audita$ility (where users can verify whether they have $een $lacklisted*, and also addresses the %y$il attack to make its deployment practical In 7ym$le, users ac,uire an ordered collection of nym$les, a special type of pseudonym, to connect to we$sites #ithout additional information, these nym$les are computationally hard to link, and hence using the stream of nym$les simulates anonymous access to services #e$sites, however, can $lacklist users $y o$taining a seed for a particular nym$le, allowing them to link future nym$les from the same user " those used $efore the complaint remains unlinka$le %ervers can therefore $lacklist anonymous users without knowledge of their IP addresses while allowing $ehaving users to connect anonymously Our system ensures that users are aware of their $lacklist status $efore they present a nym$le, and disconnect immediately if they are $lacklisted Although our work applies to anonymizing networks in general, we consider Tor for purposes of e1position In fact, any

num$er of anonymizing networks can rely on the same 7ym$le system, $lacklisting anonymous users regardless of their anonymizing network(s* of choice 9 +lacklisting anonymous users #e provide a means $y which servers can $lacklist users of an anonymizing network while maintaining their privacy 9 Practical performance Our protocol makes use of ine1pensive symmetric cryptographic operations to significantly outperform the alternatives 9 Open0source implementation #ith the goal of contri$uting a worka$le system, we have $uilt an open source implementation of 7ym$le, which is pu$licly availa$le #e provide performance statistics to show that our system is indeed practical

1." #d$antages of Pro!osed System

#e present a secure system called 7ym$le, which provides all the following properties8 anonymous authentication, $ackward unlinka$ility, su$.ective $lacklisting, fast authentication speeds, rate0limited anonymous connections, revocation audita$ility (where users can verify whether they have $een $lacklisted*, and also addresses the %y$il attack to make its deployment practical In 7ym$le, users ac,uire an ordered collection of nym$les, a special type of pseudonym, to connect to we$sites #ithout additional information, these nym$les are computationally hard to link, and hence using the stream of nym$les simulates anonymous access to services

/igure ) Pro.ect Architecture

1.% &easibility St'dy

The feasi$ility of the pro.ect is analyzed in this phase and $usiness proposal is put forth with a very general plan for the pro.ect and some cost estimates 5uring system analysis the feasi$ility study of the proposed system is to $e carried out This is to ensure that the proposed system is not a $urden to the company /or feasi$ility analysis, some understanding of the ma.or re,uirements for the system is essential Three key considerations involved in the feasi$ility analysis are 6:O7O;I:A3 /6A%I+I3IT< T6:=7I:A3 /6A%I+I3IT< %O:IA3 /6A%I+I3IT<

ECONO(IC#) &E#SI*I)IT+ This study is carried out to check the economic impact that the system will have on the organization The amount of fund that the company can pour into the research and development of the system is limited The e1penditures must $e .ustified Thus the developed system as well within the $udget and this was achieved $ecause most of the technologies used are freely availa$le Only the customized products had to $e purchased TEC,NIC#) &E#SI*I)IT+ This study is carried out to check the technical feasi$ility, that is, the technical re,uirements of the system Any system developed must not have a high demand on the availa$le technical resources This will lead to high demands on the availa$le technical resources This will lead to high demands $eing placed on the client The developed system must have a modest re,uirement, as only minimal or null changes are re,uired for implementing this system SOCI#) &E#SI*I)IT+ The aspect of study is to check the level of acceptance of the system $y the user This includes the process of training the user to use the system efficiently The user must not feel threatened $y the system, instead must accept it as a necessity The level of acceptance $y the users solely depends on the methods that are employed to educate the user a$out the system and to make him familiar with it =is level of confidence must $e raised so that he is also a$le to make some constructive criticism, which is welcomed, as he is the final user of the system

1.- ,ard.are and Soft.are Re/'irements

,#RD0#RE RE1UIRE(ENTS2 9 9 9 9 9 9 %ystem =ard 5isk 8 8 Pentium I2 > ? @=z ?4 @+ ) ?? ;$ )A 2@A :olour 3ogitech A)> ;$

/loppy 5rive 8 ;onitor ;ouse Ram 8 8 8

SO&T0#RE RE1UIRE(ENTS2 9 9 9 Operating system :oding 3anguage Tools 8 #indows B 8 C5D ) E 8 Tomcat E

1.3 &'n4tional Re/'irements

/unctional re,uirements specify which output file should $e produced from the given file they descri$e the relationship $etween the input and output of the system, for each functional re,uirement a detailed description of all data inputs and their source and the range of valid inputs must $e specified

1.5 Non6&'n4tional Re/'irements

5escri$e user0visi$le aspects of the system that are not directly related with the functional $ehavior of the system 7on0/unctional re,uirements include ,uantitative constraints, such as response time (i e how fast the system reacts to user commands * or accuracy (i e how precise are the systems numerical answers *

1.7 Pse'do Re/'irements

The client that restricts the implementation of the system imposes these re,uirements Typical pseudo re,uirements are the implementation language and the platform on which the system is to $e implemented These have usually no direct effect on the users view of the system.

2. )ITER#TURE SUR8E+
3iterature survey is the most important step in software development process +efore developing the tool it is necessary to determine the time factor, economy n company strength Once these things are satisfied, ten ne1t steps are to determine which operating system and language can $e used for developing the tool Once the programmers start $uilding the tool the programmers need lot of e1ternal support This support can $e o$tained from senior programmers, from $ook or from we$sites +efore $uilding the system the a$ove consideration r taken into account for developing the proposed system To limit the num$er of identities a user can o$tain (called the %y$il attack*, the 7ym$le system $inds nym$les to resources that are sufficiently difficult to o$tain in great num$ers /or e1ample, we have used IP addresses as the resource in our implementation, $ut our scheme generalizes to other resources such as email addresses, identity certificates, and trusted hardware #e address the practical issues related with resource0$ased $locking in %ection F, and suggest other alternatives for resources #e do not claim to solve the %y$il attack This pro$lem is faced $y any credential system, and we suggest some promising approaches $ased on resource0$ased $locking since we aim to create a real0world deployment The user must first contact the Pseudonym ;anager (P;* and demonstrate control over a resource- for IP0address $locking, the user must connect to the P; directly (i e , not through a known anonymizing network*, as shown #e assume the P; has knowledge a$out Tor routers, for e1ample, and can ensure that users are communicating with it directly E Pseudonyms are deterministically chosen $ased on the controlled resource, ensuring that the same pseudonym is always issued for the same resource 7ote that the user does not disclose what server he or she intends to connect to and the P;s duties are limited to mapping IP addresses (or other resources* to pseudonyms As we will e1plain, the user contacts the P; only once per linka$ility window (e g , once a day*

2.1 Pre$io's 0or9 Done in *lo49ing of Users in #nonymi:ing Net.or9s

2.1.1 Pse'donymo's Credential Systems Pseudonymity technology is technology that allows individuals to reveal or prove information a$out themselves to others, without revealing their full identity A credential system is a system in which users can o$tain credentials from organizations and demonstrate possession of these credentials The idea of Pseudonymous credential systems G))H was first put forwarded $y &Anna 3ysyanskaya', &R 3 Rivest' and &A %ahai' in )III even $efore anonymous networks were developed

In pseudonymous credential systems, users log into we$sites using pseudonyms Pseudonyms are the false names used to hide users actual identities and maintain anonymity Pseudonyms are generated $y Tor client program itself and they are used to log into we$sites %erver maintains the $lacklist of mischievous users $y using pseudonyms provided $y the users #d$antages2 %imple to implement 3ess computational

Dra.ba49s2 It results in pseudonymity for all users #eakens the anonymity

/igure > Pseudonymous %ystem flow diagram

2.1.2 #nonymo's Credential Systems An anonymous credential system consists of users and organizations Organizations know the users only $y pseudonyms The $asic system comprises protocols for a user to .oin the system, register with an organization, o$tain multi0show credentials, and show such credentials Anonymous credential system G)4H was the innovation of &C :amenisch' and &Anna 3ysyanskaya' in the year >44) They used the concept of &@roup signatures' to make the system more efficient and anonymous Anonymous credential system consists of three parties i e users, an authority, and verifiers These systems employ group signatures which allow servers to revoke a mis$ehaving users anonymity $y complaining to a group manager

/igure J Anonymous :redential %ystems %ervers must ,uery the group manager for every authentication and hence this system lacks scala$ility #d$antages2 5igital signatures ensure the security of system to some e1tent

Dra.ba49s2 3acks scala$ility +ackward unlinka$ility is not possi$le

%ervers can find users IP addresses $y using tracea$le signatures

2.1. 8erifier6lo4al re$o4ation ;8)R< In order to overcome the pro$lem of lack of $ackward unlinka$ility 23R GBH is proposed in >44? $y &5an +oneh' and &=ovav %hacham' An approach of mem$ership revocation in group signatures is verifier0local revocation In this approach, only verifiers are involved in the revocation mechanism, while signers have no involvement Thus, since signers have no load, this approach is suita$le for mo$ile environments This scheme satisfies $ackward unlinka$ility to some e1tent The $ackward unlinka$ility means that even after a mem$er is revoked, signatures produced $y the mem$er $efore the revocation remains anonymous 2erifier0local revocation re,uires the server (&verifier'* to perform only local updates during revocation =ence, there will $e lot of $urden on the server #d$antages2 3ocal updating is possi$le +ackward unlinka$ility

Dra.ba49s2 =eavy computational at server side Time consuming 3ess %ecure

=ence, due to the unsatisfied results of the e1isting systems, we implemented the new 7ym$le system which can give us the fruitful results which we need

2.2 Pro!osed 0or9

Previously developed systems have so many draw$acks which restricted Tor and other anonymizing networks usage in the organizations =ence, 7ym$le systems are proposed in order to overcome all those weaknesses and make the Tor a safe and efficient network In 7ym$le, users need to ac,uire an ordered collection of nym$les which is a special type of pseudonym in order to connect with we$sites There is no restriction on the type of anonymizing network used i e it is not necessary that only Tor should $e used here 7ym$le system has various modes of interaction to different modules

10

/igure ? Overview nym$le design

11

. #N#)+SIS #ND DESI=N

.1 (od'les Des4ri!tion
.1.1 Nymble (anager %ervers can therefore $lacklist anonymous users without knowledge of their IP addresses while allowing $ehaving users to connect anonymously Our system ensures that users are aware of their $lacklist status $efore they present a nym$le, and disconnect immediately if they are $lacklisted Although our work applies to anonymizing networks in general, we consider Tor for purposes of e1position In fact, any num$er of anonymizing networks can rely on the same 7ym$le system, $lacklisting anonymous users regardless of their anonymizing network(s* of choice .1.2 Pse'donym (anager The user must first contact the Pseudonym ;anager (P;* and demonstrate control over a resource- for IP0address $locking, the user must connect to the P; directly (i e , not through a known anonymizing network*, ensuring that the same pseudonym is always issued for the same resource .1. *la49listing a User !sers who make use of anonymizing networks e1pect their connections to $e anonymous If a server o$tains a seed for that user, however, it can link that users su$se,uent connections It is of utmost importance, then, that users $e notified of their $lacklist status $efore they present a nym$le ticket to a server In our system, the user can download the servers $lacklist and verify her status If $lacklisted, the user disconnects immediately IP0address $locking is employed $y Internet services There are, however, some inherent limitations to using IP addresses as the scarce resource If a user can o$tain multiple addresses she can circumvent $oth nym$le0$ased and regular IP0address $locking %u$net0$ased $locking alleviates this pro$lem, and while it is possi$le to modify our system to support su$net0$ased $locking, new privacy challenges emerges- a more thorough description is left for future work .1." Nymble6#'t>enti4ated Conne4tion +lacklista$ility assures that any honest server can indeed $lock mis$ehaving users %pecifically, if an honest server complains a$out a user that mis$ehaved in the current linka$ility window, the complaint will $e successful and the user will not $e a$le to &nym$le0connect,' i e , esta$lish a 7ym$le0authenticated connection, to the server successfully in su$se,uent time periods (following the time of complaint* of that linka$ility window

12

Rate0limiting assures any honest server that no user can successfully nym$le0connect to it more than once within any single time period 7on0framea$ility guarantees that any honest user who is legitimate according to an honest server can nym$le0connect to that server This prevents an attacker from framing a legitimate honest user, e g , $y getting the user $lacklisted for someone elses mis$ehavior This property assumes each user has a single uni,ue identity #hen IP addresses are used as the identity, it is possi$le for a user to &frame' an honest user who later o$tains the same IP address 7on0framea$ility holds true only against attackers with different identities (IP addresses* A user is legitimate according to a server if she has not $een $lacklisted $y the server, and has not e1ceeded the rate limit of esta$lishing 7ym$le0connections =onest servers must $e a$le to differentiate $etween legitimate and illegitimate users Anonymity protects the anonymity of honest users, regardless of their legitimacy according to the (possi$ly corrupt* server- the server cannot learn any more information $eyond whether the user $ehind (an attempt to make* a nym$le0connection is legitimate or illegitimate

.2 Data flo. diagrams

The 5/5 is also called as $u$$le chart It is a simple graphical formalism that can $e used to represent a system in terms of the input data to the system, various processing carried out on these data, and the output data is generated $y the system A data flo. diagram (D&D* is a graphical representation of the KflowK of data through an information system, modeling its process aspects Often they are a preliminary step used to create an overview of the system which can later $e ela$orated 5/5s can also $e used for the visualization of data processing (structured design* A 5/5 shows what kinds of information will $e input to and output from the system, where the data will come from and go to, and where the data will $e stored It does not show information a$out the timing of processes, or information a$out whether processes will operate in se,uence or in parallel (which is shown on a flowchart*

13

/igure A 5/5 for 7ym$le ;odules

/igure E Overview /lowchart of whole pro.ect

14

/igure B 5/5 for %erver

15

/igure F 5/5 for :lient

16

. U() Diagrams
. .1 Use 4ase Diagram

/igure I !se case 5iagram for user login and server login

17

. .2 Class Diagram

/igure )4 :lass 5iagram for user and nym$le manager interaction

18

. . Se/'en4e Diagram

Client

SERVER invoke

Nymble Manager

connection established connected validation user name,password to verify

verified

valid/invalid user valid user file requested checked original/fake file shown

exit

/igure )) %e,uence 5iagram for client, server and 7ym$le ;anager interactions

19

. ." #4ti$ity Diagram

/igure )> Activity 5iagram for user and server

20

. .% Collaboration Diagram

/igure )J :olla$oration 5iagram for 7ym$le %ystem

21

". I(P)E(ENT#TION
".1 Pro4ess S!e4ifi4ation
".1.1 In!'t Design The input design is the link $etween the information system and the user It comprises the developing specification and procedures for data preparation and those steps are necessary to put transaction data in to a usa$le form for processing can $e achieved $y inspecting the computer to read data from a written or printed document or it can occur $y having people keying the data directly into the system The design of input focuses on controlling the amount of input re,uired, controlling the errors, avoiding delay, avoiding e1tra steps and keeping the process simple The input is designed in such a way so that it provides security and ease of use with retaining the privacy Input 5esign considered the following things8 #hat data should $e given as inputL =ow the data should $e arranged or codedL The dialog to guide the operating personnel in providing input ;ethods for preparing input validations and steps to follow when error occur

".1.2 Ob?e4ti$es Input 5esign is the process of converting a user0oriented description of the input into a computer0$ased system This design is important to avoid errors in the data input process and show the correct direction to the management for getting correct information from the computerized system It is achieved $y creating user0friendly screens for the data entry to handle large volume of data The goal of designing input is to make data entry easier and to $e free from errors The data entry screen is designed in such a way that all the data manipulates can $e performed It also provides record viewing facilities #hen the data is entered it will check for its validity 5ata can $e entered with the help of screens Appropriate messages are provided as when needed so that the user will not $e in maize of instant Thus the o$.ective of input design is to create an input layout that is easy to follow

22

".1. O't!'t Design A ,uality output is one, which meets the re,uirements of the end user and presents the information clearly In any system results of processing are communicated to the users and to other system through outputs In output design it is determined how the information is to $e displaced for immediate need and also the hard copy output It is the most important and direct source information to the user 6fficient and intelligent output design improves the systems relationship to help user decision0making 5esigning computer output should proceed in an organized, well thought out manner- the right output must $e developed while ensuring that each output element is designed so that people will find the system can use easily and effectively #hen analysis design computer output, they should Identify the specific output that is needed to meet the re,uirements %elect methods for presenting information :reate document, report, or other formats that contain information produced $y the system

The output form of an information system should accomplish one or more of the following o$.ectives :onvey information a$out past activities, current status or pro.ections of the /uture %ignal important events, opportunities, pro$lems, or warnings Trigger an action :onfirm an action

".2 Te4>ni/'es Used

".2.1 *la49listing anonymo's 'sers #e provide a means $y which servers can $lacklist users of an anonymizing network while maintaining their privacy ".2.2 Pra4ti4al !erforman4e Our protocol makes use of ine1pensive symmetric cryptographic operations to significantly outperform the alternatives

23

".2. O!en6so'r4e im!lementation #ith the goal of contri$uting a worka$le system, we have $uilt an open0source implementation of 7ym$le, which is pu$licly availa$le #e provide performance statistics to show that our system is indeed practical

". #lgorit>ms Used

". .1 #lgorit>m for Pse'donym Creation RE#D uid nym M ;A ;ac(uid, nymDey* mac M ;A ;ac(nym, macDey* pnym M ;ac(nym, mac* 0RITE pnym 61planation8 A pseudonym &pnym' has > components &nym' and &mac' &nym' is a pseudo0 random mapping of the users identity and P;s secret key &nymDey' &mac' is a ;A:(message authentication code* that the 7; uses to verify the integrity of the pseudonym

". .2 #lgorit>m for =ranting Nymble Ti49ets RE#D pnym I& pnym is ;atched nym$le M pnym Deygen(* E)SE nym$le M 0) ENDI& 0RITE nym$le 61planation8

24

A &nym$le' is a pseudorandom num$er, which serves as an identifier for a particular time period =ere, we are using &middle s,uare' pseudo random generation Deygen(* N 5ou$le pnymMpnymOpnymInt lenMpnym length5ou$le nym$leMpnym charAt(lenP>0)*Qpnym charAt(lenP>*Qpnym charAt(lenP>Q)*Q pnym charAt(lenP>Q>*R ". . #lgorit>m for Notifying Users abo't t>eir Stat's RE#D uid, pwd, $l I& ip(uid* S $l status M ) E)SE status M 4 ENDI& 0RITE status 61planation8 $l is the $lacklist which maintains the list of $locked users If at all, user is in $l, then he is prohi$ited from accessing files and he is notified a$out his status If(statusMM)* %ystem out println(&This user is $lacklisted and hence dont have permission for accessing'*else if(statusMM4* %ystem out println(&<ou are not +lacklisted'*

25

"." Te4>nology Des4ri!tion

".".1 @a$a Te4>nology Cava technology is $oth a programming language and a platform ".".2 T>e @a$a Programming )ang'age The Cava programming language is a high0level language that can $e characterized $y all of the following $uzzwords8 %imple Architecture neutral O$.ect oriented Porta$le 5istri$uted =igh performance Interpreted ;ultithreaded Ro$ust 5ynamic %ecure

#ith most programming languages, you either compile or interpret a program so that you can run it on your computer The Cava programming language is unusual in that a program is $oth compiled and interpreted #ith the compiler, first you translate a program into an intermediate language called Java byte codes "the platform0independent codes interpreted $y the interpreter on the Cava platform The interpreter parses and runs each Cava $yte code instruction on the computer :ompilation happens .ust once- interpretation occurs each time the program is e1ecuted

26

The following figure illustrates how this works

/igure )? #orking of Interpreter

<ou can think of Cava $yte codes as the machine code instructions for the Cava 2irtual ;achine (Cava 2;* 6very Cava interpreter, whether its a development tool or a #e$ $rowser that can run applets, is an implementation of the Cava 2; Cava $yte codes help make &write once, run anywhere' possi$le <ou can compile your program into $yte codes on any platform that has a Cava compiler The $yte codes can then $e run on any implementation of the Cava 2; That means that as long as a computer has a Cava 2;, the same program written in the Cava programming language can run on #indows >444, a %olaris workstation, or on an i;ac

/igure )A #orking of Cava Program

27

".". T>e @a$a Platform A platform is the hardware or software environment in which a program runs #eve already mentioned some of the most popular platforms like #indows >444, 3inu1, %olaris, and ;acO% ;ost platforms can $e descri$ed as a com$ination of the operating system and hardware The Cava platform differs from most other platforms in that its a software0 only platform that runs on top of other hardware0$ased platforms The Cava platform has two components8

The Cava 2irtual ;achine (Cava 2;* The Cava Application Programming Interface (Cava API*

<ouve already $een introduced to the Cava 2; Its the $ase for the Cava platform and is ported onto various hardware0$ased platforms The Cava API is a large collection of ready0made software components that provide many useful capa$ilities, such as graphical user interface (@!I* widgets The Cava API is grouped into li$raries of related classes and interfaces- these li$raries are known as packages The ne1t section called #hat :an Cava Technology 5oL =ighlights what functionality some of the packages in the Cava API provide The following figure depicts a program thats running on the Cava platform As the figure shows, the Cava API and the virtual machine insulate the program from the hardware

/igure )E Cava API 7ative code is code that after you compile it, the compiled code runs on a specific hardware platform As a platform0independent environment, the Cava platform can $e a $it slower than native code =owever, smart compilers, well0tuned interpreters, and .ust0in0 time $yte code compilers can $ring performance close to that of native code without threatening porta$ility "."." 0>at Can @a$a Te4>nology DoA

28

The most common types of programs written in the Cava programming language are applets and applications If youve surf the #e$, youre pro$a$ly already familiar with applets An applet is a program that adheres to certain conventions that allow it to run within a Cava0ena$led $rowser =owever, the Cava programming language is not .ust for writing cute, entertaining applets for the #e$ The general0purpose, high0level Cava programming language is also a powerful software platform !sing the generous API, you can write many types of programs An application is a standalone program that runs directly on the Cava platform A special kind of application known as a server serves and supports clients on a network 61amples of servers are #e$ servers, pro1y servers, mail servers, and print servers Another specialized program is a servlet A servlet can almost $e thought of as an applet that runs on the server side Cava %ervlets are a popular choice for $uilding interactive we$ applications, replacing the use of :@I scripts %ervlets are similar to applets in that they are runtime e1tensions of applications Instead of working in $rowsers, though, servlets run within Cava #e$ servers, configuring or tailoring the server =ow does the API support all these kinds of programsL It does so with packages of software components that provides a wide range of functionality 6very full implementation of the Cava platform gives you the following features8

T>e essentials8 O$.ects, strings, threads, num$ers, input and output, data structures, system properties, date and time, and so on #!!lets8 The set of conventions used $y applets Net.or9ing8 !R3s, T:P (Transmission :ontrol Protocol*, !5P (!ser 5ata gram Protocol* sockets, and IP (Internet Protocol* addresses Internationali:ation8 =elp for writing programs that can $e localized for users worldwide Programs can automatically adapt to specific locales and $e displayed in the appropriate language Se4'rity8 +oth low level and high level, including electronic signatures, pu$lic and private key management, access control, and certificates Soft.are 4om!onents8 Dnown as Cava+eansT;, can plug into e1isting component architectures Ob?e4t seriali:ation8 Allows lightweight persistence and communication via Remote ;ethod Invocation (R;I* @a$a Database Conne4ti$ity ;@D*CT(<8 Provides uniform access to a wide range of relational data$ases

29

The Cava platform also has APIs for >5 and J5 graphics, accessi$ility, servers, colla$oration, telephony, speech, animation, and more The following figure depicts what is included in the Cava > %5D

/igure )B Cava I56 ".".% ,o. 0ill @a$a Te4>nology C>ange (y )ifeA #e cant promise you fame, fortune, or even a .o$ if you learn the Cava programming language %till, it is likely to make your programs $etter and re,uires less effort than other languages #e $elieve that Cava technology will help you do the following8

=et started /'i49ly8 Although the Cava programming language is a powerful o$.ect0oriented language, its easy to learn, especially for programmers already familiar with : or :QQ 0rite less 4ode8 :omparisons of program metrics (class counts, method counts, and so on* suggest that a program written in the Cava programming language can $e four times smaller than the same program in :QQ 0rite better 4ode8 The Cava programming language encourages good coding practices, and its gar$age collection helps you avoid memory leaks Its o$.ect orientation, its Cava+eans component architecture, and its wide0ranging, easily e1tendi$le API let you reuse other peoples tested code and introduce fewer $ugs De$elo! !rograms more /'i49ly8 <our development time may $e as much as twice as fast versus writing the same program in :QQ #hyL <ou write fewer lines of code and it is a simpler programming language than :QQ #$oid !latform de!enden4ies .it> 1BBC P're @a$a 8 <ou can keep your program porta$le $y avoiding the use of li$raries written in other languages The

30

)44T Pure CavaT; Product :ertification Program has a repository of historical process manuals, white papers, $rochures, and similar materials online

0rite on4eD r'n any.>ere8 +ecause )44T Pure Cava programs are compiled into machine0independent $yte codes, they run consistently on any Cava platform Distrib'te soft.are more easily8 <ou can upgrade applets easily from a central server Applets take advantage of the feature of allowing new classes to $e loaded &on the fly,' without recompiling the entire program

".".- OD*C ;icrosoft Open 5ata$ase :onnectivity (O5+:* is a standard programming interface for application developers and data$ase systems providers +efore O5+: $ecame a de facto standard for #indows programs to interface with data$ase systems, programmers had to use proprietary languages for each data$ase they wanted to connect to 7ow, O5+: has made the choice of the data$ase system almost irrelevant from a coding perspective, which is as it should $e Application developers have much more important things to worry a$out than the synta1 that is needed to port their program from one data$ase to another when $usiness needs suddenly change Through the O5+: Administrator in :ontrol Panel, you can specify the particular data$ase that is associated with a data source that an O5+: application program is written to use Think of an O5+: data source as a door with a name on it 6ach door will lead you to a particular data$ase /or e1ample, the data source named %ales /igures might $e a %U3 %erver data$ase, whereas the Accounts Paya$le data source could refer to an Access data$ase The physical data$ase referred to $y a data source can reside anywhere on the 3A7 The O5+: system files are not installed on your system $y #indows IA Rather, they are installed when you setup a separate data$ase application, such as %U3 %erver :lient or 2isual +asic ? 4 #hen the O5+: icon is installed in :ontrol Panel, it uses a file called O5+:I7%T 533 It is also possi$le to administer your O5+: data sources through a stand0alone program called O5+:A5; 6V6 There is a )E0$it and a J>0$it version of this program and each maintains a separate list of O5+: data sources /rom a programming perspective, the $eauty of O5+: is that the application can $e written to use the same set of function calls to interface with any data source, regardless of the data$ase vendor The source code of the application doesnt change whether it talks to Oracle or %U3 %erver #e only mention these two as an e1ample There are O5+: drivers availa$le for several dozen popular data$ase systems 6ven 61cel spreadsheets and plain te1t files can $e turned into data sources The operating system uses the Registry information written $y O5+: Administrator to determine which low0level O5+: drivers

31

are needed to talk to the data source (such as the interface to Oracle or %U3 %erver* The loading of the O5+: drivers is transparent to the O5+: application program In a clientPserver environment, the O5+: API even handles many of the network issues for the application programmer The advantages of this scheme are so numerous that you are pro$a$ly thinking there must $e some catch The only disadvantage of O5+: is that it isnt as efficient as talking directly to the native data$ase interface O5+: has had many detractors make the charge that it is too slow ;icrosoft has always claimed that the critical factor in performance is the ,uality of the driver software that is used In our hum$le opinion, this is true The availa$ility of good O5+: drivers has improved a great deal recently And anyway, the criticism a$out performance is somewhat analogous to those who said that compilers would never match the speed of pure assem$ly language ;ay$e not, $ut the compiler (or O5+:* gives you the opportunity to write cleaner programs, which means you finish sooner ;eanwhile, computers get faster every year

".".3 @D*C In an effort to set an independent data$ase standard API for Cava- %un ;icrosystems developed Cava 5ata$ase :onnectivity, or C5+: C5+: offers a generic %U3 data$ase access mechanism that provides a consistent interface to a variety of R5+;%s This consistent interface is achieved through the use of &plug0in' data$ase connectivity modules, or drivers If a data$ase vendor wishes to have C5+: support, he or she must provide the driver for each platform that the data$ase and Cava run on To gain a wider acceptance of C5+:, %un $ased C5+:s framework on O5+: As you discovered earlier in this chapter, O5+: has widespread support on a variety of platforms +asing C5+: on O5+: will allow vendors to $ring C5+: drivers to market much faster than developing a completely new connectivity solution C5+: was announced in ;arch of )IIE It was released for a I4 day pu$lic review that ended Cune F, )IIE +ecause of user input, the final C5+: v) 4 specification was released soon after The remainder of this section will cover enough information a$out C5+: for you to know what it is a$out and how to use it effectively This is $y no means a complete overview of C5+: That would fill an entire $ook

".".5 @D*C =oals /ew software packages are designed without goals in mind C5+: is one that, $ecause of its many goals, drove the development of the API These goals, in con.unction with

32

early reviewer feed$ack, have finalized the C5+: class li$rary into a solid framework for $uilding data$ase applications in Cava The goals that were set for C5+: are important They will give you some insight as to why certain classes and functionalities $ehave the way they do The eight design goals for C5+: are as follows8 I. S1) )e$el #PI

The designers felt that their main goal was to define a %U3 interface for Cava Although not the lowest data$ase interface level possi$le, it is at a low enough level for higher0level tools and APIs to $e created :onversely, it is at a high enough level for application programmers to use it confidently Attaining this goal, allows for future tool vendors to &generate' C5+: code and to hide many of C5+:s comple1ities from the end user II. S1) Conforman4e

%U3 synta1 varies as you move from data$ase vendor to data$ase vendor In an effort to support a wide variety of vendors, C5+: will allow any ,uery statement to $e passed through it to the underlying data$ase driver This allows the connectivity module to handle non0standard functionality in a manner that is suita$le for its users III @D*C m'st be im!lemental on to! of 4ommon database interfa4es

The C5+: %U3 API must &sit' on top of other common %U3 level APIs This goal allows C5+: to use e1isting O5+: level drivers $y the use of a software interface This interface would translate C5+: calls to O5+: and vice versa I8. Pro$ide a @a$a interfa4e t>at is 4onsistent .it> t>e rest of t>e @a$a system

+ecause of Cavas acceptance in the user community thus far, the designers feel that they should not stray from the current design of the core Cava system 8. Eee! it sim!le

This goal pro$a$ly appears in all software design goal listings C5+: is no e1ception %un felt that the design of C5+: should $e very simple, allowing for only one method of completing a task per mechanism Allowing duplicate functionality only serves to confuse the users of the API 8I. Use strongD stati4 ty!ing .>ere$er !ossible

%trong typing allows for more error checking to $e done at compile time- also, less error appear at runtime

33

8II.

Eee! t>e 4ommon 4ases sim!le

+ecause more often than not, the usual %U3 calls used $y the programmer are simple %636:Ts, I7%6RTs, 5636T6s and !P5AT6s, these ,ueries should $e simple to perform with C5+: =owever, more comple1 %U3 statements should also $e possi$le /inally, we decided to precede the implementation using Cava 7etworking and for dynamically updating the cache ta$le we go for ;% Access data$ase @a$a >as t.o t>ings2 a !rogramming lang'age and a !latform. @a$a is a >ig>6le$el !rogramming lang'age t>at is all of t>e follo.ing

Sim!le Ob?e4t6oriented Distrib'ted Inter!reted Rob'st Se4're

#r4>ite4t're6ne'tral Portable ,ig>6!erforman4e m'ltit>readed Dynami4

Cava is also unusual in that each Cava program is $oth compiled and interpreted #ith a compile you translate a Cava program into an intermediate language called Cava $yte codes the platform0independent code instruction is passed and run on the computer

:ompilation happens .ust once- interpretation occurs each time the program is e1ecuted The figure illustrates how this works

34

/igure )F Cava Program going through :ompilers and Interpreter <ou can think of Cava $yte codes as the machine code instructions for the Cava 2irtual ;achine (Cava 2;* 6very Cava interpreter, whether its a Cava development tool or a #e$ $rowser that can run Cava applets, is an implementation of the Cava 2; The Cava 2; can also $e implemented in hardware

Cava $yte codes help make &write once, run anywhere' possi$le <ou can compile your Cava program into $yte codes on my platform that has a Cava compiler The $yte codes can then $e run any implementation of the Cava 2; /or e1ample, the same Cava program can run #indows 7T, %olaris, and ;acintosh

35

".".7 Net.or9ing ;a< TCPFIP sta49 The T:PPIP stack is shorter than the O%I one8

T:P is a connection0oriented protocol- !5P (!ser 5atagram Protocol* is a connectionless protocol ;b< IP datagramGs The IP layer provides a connectionless and unrelia$le delivery system It considers each datagram independently of the others Any association $etween datagram must $e supplied $y the higher layers The IP layer supplies a checksum that includes its own header The header includes the source and destination addresses The IP layer handles routing through an Internet It is also responsi$le for $reaking up large datagram into smaller ones for transmission and reassem$ling them at the other end ;4< UDP !5P is also connectionless and unrelia$le #hat it adds to IP is a checksum for the contents of the datagram and port num$ers These are used to give a clientPserver model 0 see later ;d< TCP T:P supplies logic to give a relia$le connection0oriented protocol a$ove IP It provides a virtual circuit that two processes can use to communicate

36

Internet addresses

In order to use a service, you must $e a$le to find it The Internet uses an address scheme for machines so that they can $e located The address is a J> $it integer which gives the IP address This encodes a network I5 and more addressing The network I5 falls into various classes according to the size of the network address Net.or9 address

:lass A uses F $its for the network address with >? $its left over for other addressing :lass + uses )E $it network addressing :lass : uses >? $it network addressing and class 5 uses all J> S'bnet address

Internally, the !7IV network is divided into su$ networks +uilding )) is currently on one su$ network and uses )40$it addressing, allowing )4>? different hosts ,ost address

F $its are finally used for host addresses within our su$net This places a limit of >AE machines that can $e on the su$net Total address

The J> $it address is usually written as ? integers separated $y dots Port addresses

A service e1ists on a host, and is identified $y its port This is a )E $it num$er To send a message to a server, you send it to the port for that service of the host that it is running on This is not location transparencyW :ertain of these ports are Kwell knownK

37

;e< So49ets A socket is a data structure maintained $y the system to handle network connections A socket is created using the call socket It returns an integer that is like a file descriptor In fact, under #indows, this handle can $e used with Read /ile and #rite /ile functions Xinclude YsysPtypes hZ Xinclude YsysPsocket hZ int socket(int family, int type, int protocol*=ere KfamilyK will $e A/[I76T for IP communications, protocol will $e zero, and type will depend on whether T:P or !5P is used Two processes wishing to communicate over a network create a socket each These are similar to two ends of a pipe 0 $ut the actual pipe does not yet e1ist ;f< @&ree C>art C/ree:hart is a free )44T Cava chart li$rary that makes it easy for developers to display professional ,uality charts in their applications C/ree:hart\s e1tensive feature set includes8 A consistent and well0documented API, supporting a wide range of chart types A fle1i$le design that is easy to e1tend, and targets $oth server0side and client0side applications %upport for many output types, including %wing components, image files (including P7@ and CP6@*, and vector graphics file formats (including P5/, 6P% and %2@* C/ree:hart is Kopen sourceK or, more specifically, free software It is distri$uted under the terms of the @7! 3esser @eneral Pu$lic 3icense (3@P3*, which permits use in proprietary applications (a! 8is'ali:ations :harts showing values that relate to geographical areas %ome e1amples include8 (a* population density in each state of the !nited %tates, ($* income per capita for each country in 6urope, (c* life e1pectancy in each country of the world The tasks in this pro.ect include8 %ourcing freely redistri$uta$le vector outlines for the countries of the world, statesPprovinces in particular countries (!%A in particular, $ut also other areas*- :reating an appropriate dataset interface (plus default implementation*, a rendered, and integrating this with the e1isting V<Plot class in C/ree:hart- Testing, documenting, testing some more, documenting some more

38

Time Series C>art Intera4ti$ity Implement a new (to C/ree:hart* feature for interactive time series charts to display a separate control that shows a small version of A33 the time series data, with a sliding KviewK rectangle that allows you to select the su$set of the time series data to display in the main chart

Das>boards There is currently a lot of interest in dash$oard displays :reate a fle1i$le dash$oard mechanism that supports a su$set of C/ree:hart chart types (dials, pies, thermometers, $ars, and linesPtime series* that can $e delivered easily via $oth Cava #e$ %tart and an applet

Pro!erty Editors The property editor mechanism in C/ree:hart only handles a small su$set of the properties that can $e set for charts 61tend this mechanism to provide greater end0 user control over the appearance of the charts

39

".% Sam!le Coding

".%.1 Sam!le 4ode for Client )ogin Ex!lanation2 6 The $elow code is used for the clients authorization purpose It takes input as username, key and password which is used as authentication method If a user is authorized, then it is allowed to view the resources or if a user is not an authorized user, then login fails Ta$le A A > shows the test cases for the $elow code

import .ava rmi O- PP package which is used by the clie t t! i "!ke #e$!te $eth!ds import .ava rmi server Oimport .ava net O- PP package supporting T:PPIP $ased client0server connections import .ava io Oimport .ava1 swing Oimport .ava awt event Oimport .ava lang Oimport .ava awt Oimport .ava1 swing filechooser /ile%ystem2iewPP /ile%ystem2iew is C/ile:hooser\s PPgateway to the file system this class is designed to intuit as much O%0 specific file system PPinformation as possi$le import .ava util %tringTokenizer- PP allows an application to $reak a string into tokens import .ava net InetAddress- PP represents an Internet Protocol (IP* address import .ava rmi 7amingimport .ava util 5ateimport .ava util 2ector- PP The 2ector class implements a growa$le array of o$.ects import .ava util Random- PP used to generate a stream of pseudorandom num$ers pu$lic class 3ogin e1tends .ava1 swing C/rame N R;I%Intf ref-

40

COptionPane op2ector vM new 2ector(>*%tring sssMnullstatic %tring usernamePOcreates new form 3oginOP pu$lic 3ogin(* N init:omponents(*R private void init:omponents(* N .Pan M new .ava1 swing CPanel(*.3a$el) M new .ava1 swing C3a$el(*user M new .ava1 swing CTe1t/ield(*.3a$el> M new .ava1 swing C3a$el(*su$mit M new .ava1 swing C+utton(*reset M new .ava1 swing C+utton(*e1it M new .ava1 swing C+utton(*pass M new .ava1 swing CPassword/ield(*.3a$elJ M new .ava1 swing C3a$el(*opMnew COptionPane(*get:ontentPane(* set3ayout(null*.Panel) M new .ava1 swing CPanel(*listres M new .ava1 swing C3ist(*.3a$ M new .ava1 swing C3a$el(*download M new .ava1 swing C+utton(*-

41

resArea M new Te1tArea(*save M new .ava1 swing C+utton(*get:ontentPane(* set3ayout(null*get:ontentPane(* set+ackground(new :olor(>44,?4,A4**add#indow3istener(new .ava awt event #indowAdapter(* N pu$lic void window:losing(.ava awt event #indow6vent evt* N e1it/orm(evt*R R .Pan set3ayout(null*.Pan set+ackground(new .ava awt :olor(>44, ))J, )F)**.Pan set+order(new .ava1 swing $order 6tched+order(**.3a$ set/ont(new .ava awt /ont(KArialK, 4, )?**.3a$ setTe1t(K!ser I58K*.Pan add(.3a$*.3a$ set+ounds(?4, ?4, I4, J4*.Pan add(user*user set+ounds()?4, ?4, )44, J4*.3a$el> set/ont(new .ava awt /ont(KArialK, 4, )?**.3a$el> setTe1t(KPassword8K*.Pan add(.3a$el>*.3a$el> set+ounds(?4, I4, I4, J4*su$mit set+ackground(new .ava awt :olor(>4?, >4?, >AA**su$mit set/ont(new .ava awt /ont(KArialK, 4, )?**-

42

su$mit set/oreground(new .ava awt :olor(4, 4, )AJ**su$mit setTe1t(K%u$mitK*su$mit addAction3istener(new .ava awt event Action3istener(* N pu$lic void actionPerformed(.ava awt event Action6vent evt* N su$mitActionPerformed(evt*R R .Pan add(su$mit*su$mit set+ounds(>4, )A4, F4, >B*reset set+ackground(new .ava awt :olor(>4?, >4?, >AA**reset set/ont(new .ava awt /ont(KArialK, 4, )?**reset set/oreground(new .ava awt :olor(4, 4, )AJ**reset set3a$el(KResetK*reset addAction3istener(new .ava awt event Action3istener(* N pu$lic void actionPerformed(.ava awt event Action6vent evt* N resetActionPerformed(evt*R R

43

".%.2 Sam!le 4ode for Ser$er )ogin Ex!lanation2 6 The $elow code is used for the servers authorization purpose It takes input as server name and password which is used as authentication method If a server is authorized, then it is allowed to view the resources, $lock the mis$ehaving users, view the $lacklist and modify the resources If a server is not an authorized server, then login fails Ta$le A A ) shows the test cases for the $elow code

pu$lic %erver(* N opMnew COptionPane(*contentpane M (CPanel* this get:ontentPane(*%tart%er M new C+utton(*%tartview M new C+utton(*%tartmo$ilealertMnew C+utton(*AdduserMnew C+utton(*AddserverMnew C+utton(*RemoveIP M new CPanel(*.3a$el) M new C3a$el(*.3ist) M new C3ist(*AddIP M new C+utton(*removeIP M new C+utton(*addIP M new C+utton(*.Panel> M new CPanel(*.3a$el> M new C3a$el(*headla$lMnew C3a$el(*headla$>Mnew C3a$el(*.3ist> M new C3ist(*-

44

AddRes M new C+utton(*RemoveRes M new C+utton(*addRes M new C+utton(*contentpane set3ayout(null*contentpane set+ackground(new :olor(B4,)A4,)F4**this set%ize(new 5imension(I44, E44**this setTitle(K7ym$le8 +locking ;is$ehaving !sers in Anonymizing 7etworksK*headla$l setTe1t(K7ym$le8 +locking ;is$ehaving !sers in Anonymizing 7etworksK*headla$> setTe1t(K7ym$le ;anagerK*C3a$el image3a$el) M new C3a$el(*ImageIcon v) M new ImageIcon(this get:lass(* getResource(KimagesPnm pngK**image3a$el) setIcon(v)*image3a$el) set+ounds()?4,J4,F44,FE*get:ontentPane(* add(image3a$el)*headla$l set+ackground(new :olor(A), 4, )AJ**headla$l set/oreground(new :olor(>AA, >AA, >AA**headla$l set/ont(new /ont(KArialK, 4, >4**headla$l set+ounds()J4, 4, E44, J4*contentpane add(headla$l,null*set+ackground(new :olor(>A?, >AJ, )F?**headla$> set+ackground(new :olor(4, 4, >>A**headla$l set/oreground(new :olor(>AA, >AA, >AA**headla$> set/ont(new /ont(KArialK, 4, >4**headla$> set+ounds(>44, 4, A44, B4*contentpane add(headla$>,null*%tart%er set+ackground(new :olor(>>A, 4, >>A**-

45

%tart%er set/ont(new /ont(KArialK, 4, )F**%tart%er set/oreground(new :olor(>AA, >AA, >AA**%tart%er setTe1t(K7ym$le ;anager On K*%tart%er set+order(new +evel+order(4**%tart%er addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N %tart%erActionPerformed(actionevent*R R contentpane add(%tart%er,null*%tart%er set+ounds())4, ?J4, )I4, >J*%tartview set+ackground(new :olor(>>A, 4, >>A**%tartview set/ont(new /ont(KArialK, 4, >4**%tartview set/oreground(new :olor(>AA, >AA, >AA**%tartview setTe1t(K;is$ehaviour 5etailsK*%tartview set+order(new +evel+order(4**%tartview addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N %tartviewActionPerformed(actionevent*R R contentpane add(%tartview,null*%tartview set+ounds())4, ?I4, )I4, >J*%tartmo$ilealert set+ackground(new :olor(>>A, 4, >>A**-

46

%tartmo$ilealert set/ont(new /ont(KArialK, 4, )F**%tartmo$ilealert set/oreground(new :olor(>AA, >AA, >AA**%tartmo$ilealert setTe1t(KAndroid ;o$ile %erviceK*%tartmo$ilealert set+order(new +evel+order(4**%tartmo$ilealert addAction3istener(new Action3istener(** N pu$lic void actionPerformed(Action6vent actionevent* N %tartmo$ilealertActionPerformed(actionevent*R R contentpane add(%tartmo$ilealert,null*%tartmo$ilealert set+ounds())4, AE4, )I4, >J*Adduser set+ackground(new :olor(>>A, 4, >>A**Adduser set/ont(new /ont(KArialK, 4, )F**Adduser set/oreground(new :olor(>AA, >AA, >AA**Adduser setTe1t(KAdd 7ew!serK*Adduser set+order(new +evel+order(4**Adduser addAction3istener(new Action3istener(**N pu$lic void actionPerformed(Action6vent actionevent* N AdduserActionPerformed(actionevent*R R contentpane add(Adduser,null*Adduser set+ounds(JJ4, ?J4, )E4, >J*Addserver set+ackground(new :olor(>>A, 4, >>A**-

47

Addserver set/ont(new /ont(KArialK, 4, )F**Addserver set/oreground(new :olor(>AA, >AA, >AA**Addserver setTe1t(K%erver RegistrationK*Addserver set+order(new +evel+order(4**Addserver addAction3istener(new Action3istener(** N pu$lic void actionPerformed(Action6vent actionevent* N AddserverActionPerformed(actionevent*R R contentpane add(Addserver,null*Addserver set+ounds(JJ4, ?I4, )E4, >J*RemoveIP set3ayout(null*RemoveIP set+ackground(new :olor()>), )>J, >A>**RemoveIP set+order(new 6tched+order(**.3a$el) set/ont(new /ont(KArialK, 4, )F**.3a$el) setTe1t(K$locking IP addresses($lacklist*K*RemoveIP add(.3a$el)*.3a$el) set+ounds()4, )4, AF4, ?4*.3ist) set+order(new +evel+order()**RemoveIP add(.3ist)*.3ist) set+ounds(>44, B4, )A4, )A4*AddIP set+ackground(new :olor(4, A), >4?**AddIP set/ont(new /ont(KArialK, 4, )A**AddIP set/oreground(new :olor(>AA, >AA, >AA**AddIP setTe1t(K2iewK*-

48

AddIP set+order(new %oft+evel+order(4**AddIP addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N AddIPActionPerformed(actionevent*R R removeIP add(AddIP*AddIP set+ounds(A4, )A4, ))4, >A*removeIP set+ackground(new :olor(4, A), >4?**removeIP set/ont(new /ont(KArialK, 4, )A**removeIP set/oreground(new :olor(>AA, >AA, >AA**removeIP setTe1t(K5elete IPK*removeIP set+order(new %oft+evel+order(4**removeIP addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N removeIPActionPerformed(actionevent*R R removeIP add(removeIP*removeIP set+ounds(A4, ))4, ))4, >A*POnew addipOP addIP set+ackground(new :olor(4, A), >4?**addIP set/ont(new /ont(KArialK, 4, )A**addIP set/oreground(new :olor(>AA, >AA, >AA**-

49

addIP setTe1t(KAdd 7ew IPK*addIP set+order(new %oft+evel+order(4**addIP addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N addIPActionPerformed(actionevent*R R removeIP add(addIP*addIP set+ounds(A4, B4, ))4, >A*contentpane add(RemoveIP,null*RemoveIP set+ounds()44, >44, ?44, ?44*.Panel> set3ayout(null*.Panel> set+ackground(new :olor()>), )>J, >A>**.Panel> set+order(new 6tched+order(**.3a$el> set/ont(new /ont(KArialK, 4, )F**.3a$el> setTe1t(K !ser /iles8K*.Panel> add(.3a$el>*.3a$el> set+ounds()4, )4, )F4, ?4*.3ist> set+order(new +evel+order()**.Panel> add(.3ist>*.3ist> set+ounds()4, B4, )A4, )A4*AddRes set+ackground(new :olor(4, A), >4?**AddRes set/ont(new /ont(KArialK, 4, )A**AddRes set/oreground(new :olor(>AA, >AA, >AA**AddRes setTe1t(K%how /ileK*-

50

AddRes set+order(new %oft+evel+order(4**AddRes addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N AddResActionPerformed(actionevent*R R .Panel> add(AddRes*AddRes set+ounds(>A4, B4, ))4, >A*RemoveRes set+ackground(new :olor(4, A), >4?**RemoveRes set/ont(new /ont(KArialK, 4, )A**RemoveRes set/oreground(new :olor(>AA, >AA, >AA**RemoveRes setTe1t(KRemove K*RemoveRes set+order(new %oft+evel+order(4**RemoveRes addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent actionevent* N RemoveResActionPerformed(actionevent*R R

51

".%. Sam!le 4ode for Nymble manager Ex!lanation2 6 The $elow code is used for the 7ym$le ;anager It takes input as pseudonym and generates the nym$le ticket This nym$le ticket is a one0time ticket for a particular user Ta$le A A J shows the test cases for the $locking of mis$ehaving users

7ym$le%erver(* N .l)Mnew C3a$el(K7ym$le %erver 7ame K*.l>Mnew C3a$el(K%erver Dey K*.$)Mnew C+utton(K%endK*.$>Mnew C+utton(KResetK*.t)Mnew CTe1t/ield()4*.t>Mnew CPassword/ield()4*iiMnew ImageIcon(Knym$leserver pngK*i>Mnew ImageIcon(Knym$leserver) P7@K*.l?Mnew C3a$el(ii*.lEMnew C3a$el(i>*c M get:ontentPane(*c set3ayout(null*c set+ackground(new :olor(4,4,)>4**c show(*c add(.l)*c add(.t)*c add(.l>*c add(.$)*c add(.$>*c add(.l?*-

52

c add(.lE*c add(.t>*add#indow3istener(new .ava awt event #indowAdapter(** N pu$lic void window:losing(.ava awt event #indow6vent evt* N e1it/orm(evt*R R .l? set+ounds(J4,>4,B>F,EF*.l) set+ounds(>4,))4,>44,>A*.t) set+ounds()A4,))4,)44,>A*.l> set+ounds(A4,)?A,>44,>A*.t> set+ounds()A4,)?A,)44,>A*.$) set+ounds(B4,>JA,)44,>A*.$> set+ounds()F4,>JA,)44,>A*.lE set+ounds(J44,)4A,?FA,J4I*set%ize(F44,A44*set2isi$le(true*setTitle(K%erverK*.$) addAction3istener(new Action3istener(* N pu$lic void actionPerformed(Action6vent ae* N try N if(W.t) getTe1t(* e,uals(KK* ]] W.t> getTe1t(* e,uals(KK**N

53

COptionPane show;essage5ialog (null, KAuthorised COptionPane I7/OR;ATIO7[;6%%A@6*2erifAdmin3ogin(* R else

!serK,

K3ogin

%uccessK,

COptionPane show;essage5ialog((:omponent* null, KInvalid password Please try again K, K3ogin 6rrorK, COptionPane I7/OR;ATIO7[;6%%A@6**R catch(61ception e* N %ystem out println(e*R R R PO 5ata$ase connectionOP void 2erifAdmin3ogin(* N :onnection conMnull%tring urlMK.d$c8od$c8nym$leK%tatement stMnulltry N %tring val)M.t) getTe1t(*val) M val) trim(*%tring val> M (%tring*.t> getTe1t(*val> M val> trim(*:lass for7ame(Ksun .d$c od$c Cd$cOd$c5riverK*conM5river;anager get:onnection(url*st M con create%tatement(*-

54

Result%et rsMst e1ecuteUuery(K%elect Dey from %erver where %er7ameM\KQval)QK\K*while(rs ne1t(**N %tring user M rs get%tring()*$oolean $Muser e,uals(val>*if($* N new %erver(* show(*R else N COptionPane show;essage5ialog((:omponent* null, KInvalid password Please try again K, K3ogin 6rrorK, COptionPane I7/OR;ATIO7[;6%%A@6*.t) setTe1t(KK*.t> re,uest/ocus(*R R R catch(%U361ception e1* N %ystem out println(K!na$le to access the data$aseK*R catch(:lass7ot/ound61ception e1* N %ystem out println(K:lass not foundK*R catch(61ception e1*

55

N %ystem out println(K61ception raised is8KQe1*R finally N conMnullR R R

56

".- S4reens>ots

%% 7O )8 7ym$le %erver

57

%% 7O >8 7ym$le %erver Invalid 3ogin

58

%% 7O J8 7ym$le %erver 2alid 3ogin

59

%% 7O ?8 7ym$le ;anager with Resources and handling $locked IP0addresses

60

%% 7O A8 ;is$ehaving !sers Info

61

%% 7O E8 :lient Registration

62

%% 7O B8 %erver Registration

63

%% 7O F8 !ser 3ogin

64

%% 7O I8 !ser 3ogin key

65

%% 7O )48 Availa$le Resources

66

%% 7O ))8 Accessing file

67

%% 7O )>8 Authenticate nym$le page

68

%% 7O )J8 7ym$le #e$ Page0)

69

%% 7O )?8 7ym$le #e$ Page0>

70

%% 7O )A8 %erver view via Android ;o$ile

71

%% 7O )E8 Pseudonym ;anager0)

72

%% 7O )B8 Pseudonym ;anager0>

73

%% 7O )F8 Invalid P#5 for )st Time

74

%% 7O )I8 Invalid P#5 for >nd Time

75

%% 7O >48 Invalid P#5 for Jrd Time

76

%% 7O >)8 +locking of user on Jrd wrong attempt

%. TESTIN= #ND DE*U==IN=

77

%.1 T+PES O& TESTIN=

%.1.1 *la49 *ox Testing +lack +o1 Testing is testing the software without any knowledge of the inner workings, structure or language of the module $eing tested +lack $o1 tests, as most other kinds of tests, must $e written from a definitive source document, such as specification or re,uirements document, such as specification or re,uirements document It is a testing in which the software under test is treated, as a $lack $o1 you cannot &see' into it The test provides inputs and responds to outputs without considering how the software works

%.1.2 0>ite *ox Testing #hite +o1 Testing is a testing in which the software tester has knowledge of the inner workings, structure and language of the software, or at least its purpose It is purpose It is used to test areas that cannot $e reached from a $lack $o1 level

%.1. Unit Testing !nit testing is usually conducted as part of a com$ined code and unit test phase of the software lifecycle, although it is not uncommon for coding and unit testing to $e conducted as two distinct phases

%.1." Test strategy and a!!roa4> /ield testing will $e performed manually and functional tests will $e written in detail

%.2 Test ob?e4ti$es

All field entries must work properly Pages must $e activated from the identified link The entry screen, messages and responses must not $e delayed

%. &eat'res to be tested

78

2erify that the entries are of the correct format 7o duplicate entries should $e allowed

All links should take the user to the correct page

%. .1 System Testing The purpose of testing is to discover errors Testing is the process of trying to discover every conceiva$le fault or weakness in a work product It provides a way to check the functionality of components, su$0assem$lies, assem$lies andPor a finished product It is the process of e1ercising software with the intent of ensuring that the %oftware system meets its re,uirements and user e1pectations and does not fail in an unaccepta$le manner There are various types of test 6ach test type addresses a specific testing re,uirement

%. .2 Integration Testing %oftware integration testing is the incremental integration testing of two or more integrated software components on a single platform to produce failures caused $y interface defects The task of the integration test is to check that components or software applications, e g components in a software system or ^ one step up ^ software applications at the company level ^ interact without error

%. . &'n4tional Testing /unctional tests provide systematic demonstrations that functions tested are availa$le as specified $y the $usiness and technical re,uirements, system documentation, and user manuals /unctional testing is centered on the following items8 8alid In!'t In$alid In!'t &'n4tions O't!'t 2 identified 4lasses of $alid in!'t m'st be a44e!ted. 2 identified 4lasses of in$alid in!'t m'st be re?e4ted. 2 identified f'n4tions m'st be exer4ised. 2 identified 4lasses of a!!li4ation o't!'ts m'st be exer4ised.

SystemsFPro4ed'res 2 interfa4ing systems or !ro4ed'res m'st be in$o9ed.

79

Organization and preparation of functional tests is focused on re,uirements, key functions, or special test cases In addition, systematic coverage pertaining to identify +usiness process flows- data fields, predefined processes, and successive processes must $e considered for testing +efore functional testing is complete, additional tests are identified and the effective value of current tests is determined

%. ." Test Case Table ;a< Table2 A data$ase is a collection of data a$out a specific topic ;b< 8ie.s of Table2 #e can work with a ta$le in two types, I II 5esign 2iew 5atasheet 2iew

I. Design 8ie. To $uild or modify the structure of a ta$le we work in the ta$le design view #e can specify what kind of data will $e hold II. Datas>eet 8ie. To add, edit or analyses the data itself we work in ta$les datasheet view mode

%. .% 1'ery A ,uery is a ,uestion that has to $e asked the data Access gathers data that answers the ,uestion from one or more ta$le The data that make up the answer is either dynaset (if you edit it* or a snapshot (it cannot $e edited* 6ach time we run ,uery, we get latest information in the dynaset Access either displays the dynaset or snapshot for us to view or perform an action on it, such as deleting or updating

%." Test Plan

80

Testing can $e done in two ways +ottom up approach Top down approach %.".1 *ottom '! a!!roa4> Testing can $e performed starting from smallest and lowest level modules and proceeding one at a time /or each module in $ottom up testing a short program e1ecutes the module and provides the needed data so that the module is asked to perform the way it will when em$edded within the larger system #hen $ottom level modules are tested attention turns to those on the ne1t level that use the lower level ones they are tested individually and then linked with the previously e1amined lower level modules %.".2 To! do.n a!!roa4> This type of testing starts from upper level modules %ince the detailed activities usually performed in the lower level routines are not provided stu$s are written A stu$ is a module shell called $y upper level module and that when reached properly will return a message to the calling module indicating that proper interaction occurred 7o attempt is made to verify the correctness of the lower level module

%.% Test Cases

7ame8 7ym$le %erver 3ogin (%% 7O > ] J* 0 Ta$le ) Test 2alid 3ogin Inputs !id ] pwd Actual Output %uccess O$tained Output %uccess 5escription Test passed Passes the control to the 7ym$le ;enus Test Passed Passes the control to the 6rror Page with appropriate message 7ame8 :lient 3ogin (%% 7O I ] ))* 0 Ta$le >

Invalid 3ogin

!id ] pwd

/ailed

/ailed

81

Test 2alid 3ogin

Inputs !id ] pwd

Actual Output %uccess

O$tained Output %uccess

5escription Test passed Passes the control to the Resources ;enus Test Passed Passes the control to the 6rror Page with appropriate message

Invalid 3ogin

!id ] pwd

/ailed

/ailed

7ame8 +locking (%% 7O )I, >4, >) ]>>* 0 Ta$le J Test 2alid 3ogin Input s !id ] pwd :ondition Actual Output If countY> O$tained 5escription Output Test passed Passes the control to the resources availa$le and other menus

%uccess %uccess

Invalid !id 3ogin ] pwd

If countZ>

/ailed

/ailed

Test Passed Passes the control to the 6rror Page with appropriate message saying +locked !ser

Test Res'lts2 All the test cases mentioned a$ove passed successfully 7o defects encountered

-. CONC)USION
#e have proposed and $uilt a comprehensive credential system called 7ym$le, which can $e used to add a layer of accounta$ility to any pu$licly known anonymizing network

82

%ervers can $lacklist mis$ehaving users while maintaining their privacy, and we show how these properties can $e attained in a way that is practical, efficient, and sensitive to the needs of $oth users and services #e hope that our work will increase the mainstream acceptance of anonymizing networks such as Tor, which has, thus far, $een completely $locked $y several services $ecause of users who a$use their anonymity IP addresses as the resource for limiting the %y$il attack, our current implementation closely mimics IP0address $locking employed $y Internet services =ence, 7ym$le is far $etter than the previous systems and also maintains strict anonymity without violating anonymous networks rules 5ue to the immense growth in the field of computer science, new challenges for privacy of users have emerged and hence possi$le improvements can $e considered as future enhancements

3. RE&ERENCESF*I*)IO=R#P,+
G)H @ Ateniese, C :amenisch, ; Coye, and @ Tsudik, &A Practical and Prova$ly %ecure :oalition0Resistant @roup %ignature, %cheme,' Proc Ann Intl :ryptology :onf (:R<PTO*, %pringer, pp >AA0>B4, >444

83

G>H @ Ateniese, 5 V %ong, and @ Tsudik, &Uuasi06fficient Revocation in @roup %ignatures,' Proc :onf /inancial :ryptography, %pringer, pp )FJ0)IB, >44> GJH ; +ellare, R :anetti, and = Drawczyk, &Deying =ash /unctions for ;essage Authentication,' Proc Ann Intl :ryptology :onf (:R<PTO*, %pringer, pp )0)A, )IIE G?H ; +ellare, A 5esai, 6 Cokipii, and P Rogaway, &A :oncrete %ecurity Treatment of %ymmetric 6ncryption,' Proc Ann %ymp /oundations in :omputer %cience (/O:%*, pp JI?0?4J, )IIB GAH ; +ellare and P Rogaway, &Random Oracles Are Practical8 A Paradigm for 5esigning 6fficient Protocols,' Proc /irst A:; :onf :omputer and :omm %ecurity, pp E>0BJ, )IIJ GEH ; +ellare, = %hi, and : _hang, &/oundations of @roup %ignatures8 The :ase of 5ynamic @roups,' Proc :ryptographers Track at R%A :onf (:T0R%A*, %pringer, pp )JE0)AJ, >44A GBH 5 +oneh and = %hacham, &@roup %ignatures with 2erifier03ocal Revocation,' Proc A:; :onf :omputer and :omm %ecurity, pp )EF0)BB, >44? GFH % +rands, &!ntracea$le Off03ine :ash in #allets with O$servers (61tended A$stract*,' Proc Ann Intl :ryptology :onf (:R<PTO*, %pringer, pp J4>0J)F, )IIJ GIH 6 +resson and C %tern, &6fficient Revocation in @roup %ignatures,' Proc :onf Pu$lic Dey :ryptography, %pringer, pp )I40>4E, >44) G)4H C :amenisch and A 3ysyanskaya, &An 6fficient %ystem for 7on0 Transfera$le Anonymous :redentials with Optional Anonymity Revocation,' Proc Intl :onf Theory and Application of :ryptographic Techni,ues (6!RO:R<PT*, %pringer, pp IJ0))F, >44) G))H Anna 3ysyanskaya, Ronald 3 Rivest, Amit %ahai and %tefan #olf, &Pseudonym %ystems', %elected Areas in :ryptography 3ecture 7otes in :omputer %cience, %pringer, 2olume )BAFP>444, )F?0)II, >444 G)>H :ay % =orstmann, &+ig Cava8 Programming and Practice', Third 6dition, >44B G)JH Coshua +loch, &6ffective Cava', >nd 6dition, >44F

G)?H :raig 3arman, &Applying !;3 and Patterns8 An Introduction to O$.ect0Oriented Analysis and 5esign and Iterative 5evelopment (Jrd 6dition*', Jrd 6dition, >44? G)AH http8PP.ava sun com G)EH http8PPwww sourcefordgde com

84

G)BH http8PPwww networkcomputing comP G)FH http8PPwww roseindia comP G)IH http8PPwww .ava>s comP

85

#PPENDIH