Beruflich Dokumente
Kultur Dokumente
BY
Under Guidance Of
TABLE OF CONTENTS
1. Project profile
1.1 Introduction 2
1.2 Objectives 3
1.3 Project Category 4
1.4 Web Team 7
1.5 Web Engineering model used 11
2. Project planning
2.1 Requirement Analysis 16
2.2 System Requirement Specification
Hardware Requirement 22
Software Requirement 23
2.3 Risk Analysis 35
2.4 Cost Analysis 40
2.5 Project Scheduling 43
3. System Designing
3.1 Modules 47
3.2 Database Design 53
3.3 Data Flow Diagram (DFD) 61
3.4 Scope and Limitation 68
3.5 Input Output Specification 69
4. Deployment
4.1 Web Testing 109
4.2 Hosting & Deployment 114
4.3 Security 115
4.4 Maintenance 124
5. Annexure
5.1 About Organization 125
5.2 References 129
PROJECT PROFILE
INTRODUCTION
Many trucks will take freight directly from the shipper to its destination
in what is known as a door to door shipment. Vans and trucks of all sizes
make deliveries to sea ports and air ports where freight is moved in bulk
also. Much shipping is done aboard actual ships. An individual nation’s
fleet and the people that crew it are referred to its merchant navy 0r
merchant marine. Merchant shipping is essential to the world economy,
carrying the bulk of international trade. The ships are also extremely
expensive constructions themselves, being some of the largest man-made
vehicles ever. The term originates with the shipping trade of wind power
ships, and has come to refer to the delivery of cargo and parcels of any
size above the common mail of letters and postcards.
Ground shipping can be cheaper and less restrictive to size, quantity,
weight, and type of freight than by air transport. Air transport is usually
reserved for products which must be sent within a shorter time frame.
Some carriers offer ground shipping that operates on an exact timeline as
air does.
OBJECTIVES
Project Category
Today, software takes on a dual role. It is a product and, at the same time, the
vehicle for delivering a product. As a product, it delivers the computing
potential embodied by computer hardware or, more broadly, a network of
computers that are accessible by local hardware... As the vehicle used to deliver
the product, software acts as the basis for the control of the computer (operating
systems), the communication of information (networks), and the creation and
Software is a logical rather than a physical system element and posses following
characteristics:-
1. Software is developed or engineered; it is not manufactured in the classical
sense.
2. Software doesn't "wear out."
3. Although the industry is moving toward component-based assembly, most
software continues to be custom built.
• Portal. The application channels the user to other Web content or services
outside the domain of the portal application.
• Database access. The user queries a large database and extracts information.
Internet Standards:- Since the application is used by the wide variety of end
user possessing different infrastructural hardware and software. So it becomes
difficult to maintain uniformity. Hence some internet standards are given by
W3C and IEEE. The web application should follow these standards.
Web Team
Project Manager
Information Quality
Architect Assurance
Team
Team
Copy Writer:- Copy writer go to the stake holder and then Asked the
problem and this problem will be note on to the paper and then this
problem send to the editor And then editor works start.
Editor:- Editor collects this information and arrange the better format
of data. And then after requirement analysis on the data. After
requirement analysis editor make the report of the data. If some
information is less copy writer again
go to the stake holder collect all Information sends to the editor. Editor
again
collecting this information. This cycling process is continuing.
Key Strength:-
• Efficiently applies risk driven approach.
• Tries to eliminate errors in early phases.
• Provides efficient mechanism for Quality Assurance.
• Works well for a complex, dynamic and innovative projects.
• Re evaluation after each phase allows changes in user
perspectives, technology advances or financial perspective.
Key Defects:-
Component model
both data and the algorithms used to manipulate the data. If properly
designed and implemented, object-oriented classes are reusable across
different applications and computer-based system architectures.
PROJECT PLANING
Requirement Analysis
Requirements Types:-
Hardware Requirements:-
Performance requirement:- How will user interact with the
system, How many users will be using system at a time, what type of
user will interact
Interface requirement:- how will the GUI work
Specialty engineering requirement:- check for the o/s
requirement or any additional software needed
Environmental requirement:- Infrastructural need like Power
supply, HDD space etc
Software Requirements:-
Functional requirement:- identify the number of function system
would perform
How to proceed:-
• Customer Needs and Expectations:- (Requirements Analysis
Input)
Business requirements:- Managers need access to timely
and accurate data on personnel in order to meet operational
needs.
User requirements:- The user needs the capability to search
on personnel across the entire company by predefined skill
sets.
Product requirements :- Data formats shall be translated
across legacy system boundaries into the format supported by
the local user’s system.
Environmental requirements :- There shall be no
operational impact on any user other than the impact on
information retrieval caused by having a larger
Population of employees from which to select.
Requirement register
Hardware Requirement
Software Requirements
Development Tool:
Cute FTP
Analysis Tool :
COCOMO II 2000
Code Counter
Technologies Used:
ASP.NET
SQL Server-2005
FRONT END: - Any web browser having support for java script , Cascading
Style Sheet, Shock Wave File, HTML like MS-Internet Explorer 6 or above.
DEVELOPMENT TOOL
1. VisualStudio.NET
Visual Studio
2008 Vertical
Solution Explorer
Server Explorer:-
TECHNOLOGIES
C#
In fact, C# combines the power & efficiency of C++, simple & clean OO
design of Java, and code simplification of Visual Basic. Like Java, C#
also does not allow multiple inheritance and use of pointers (in safe and
managed code) while it does provide garbage memory collection at
runtime, type and memory access checking. But, contrary to java, C#
keeps the different useful concepts of C++ like operator overloading,
enumerations, pre-processor directives, pointers (in unmanaged and un-
safe code), function pointers (in the form of delegates), also promises to
have template support (with the name of generics) in next versions. Like
VB it also supports the concepts of properties (context sensitive accessor
to fields).
Microsoft.NET platform
ASP.NET Framework
A framework is commonly thought of as a set of class libraries
that aid in the development of applications. The .NET
Framework is more than just a set of classes. The .NET
Framework is targeted by compilers using a wide variety of
programming languages (over twenty at the time of this
writing).
These languages are used to create a wide range of
applications, including everything from small components that
run on handheld devices to large Microsoft ASP.NET
applications that span Web forms, where multiple Web servers
act together to improve the performance and fault tolerance of
a Web site. The .NET Framework is responsible for providing
a basic platform that these applications can share. This basic
platform includes a runtime set of services that oversee the
Stored procedure
Writing the SQL statements inside our code is usually not a good
idea. In this way you expose your database schema (design) in the
code which may be changed. Hence most of the time programmers
use stored procedures instead of plain SQL statements. A stored
procedure is a precompiled executable object that contains one or
more SQL statements. Hence you can replace your complex SQL
statements with a single stored procedure. Since, stored procedures
are precompiled objects they execute faster at the database server.
@artId as int,
@title as varchar(100),
@topic as varchar(100),
@authorId as int,
@lines as int,
@dateOfPublishing as datetime)
AS
INSERT INTO article (artId, title, topic, authorId, lines,
dateOfPublishing)
VALUES(@artId, @title, @topic, @authorId, @lines,
@dateOfPublishing)
GO
The stored procedure above is named InsertProc and is very similar
to the UpdateProc except that here we are using the INSERT SQL
statement instead of the UPDATE command.
Risk Analysis
Risk register
12 Checking overall budget ofSome hidden cost may Proper & timely cost85
The project Increase project Analysis must be done
Budget
13 Graphical user interface
The user may have Prototype must be 90
might Difficulty in accessing
Validated as per user
Not be user friendly Page contents Requirement
14 Data on static pages Project& appearance isExpert form designer90
dynamic Not good Must be preferred
Form may not be clearly
Visible
Cost Analysis
PROJECT SCHEDULING
GANTT CHART
Testing
Deployment
Documentation Finish
Prototype
Web
Form
Design
Coding
Database
Programmin
g
Testing Finish
Admin Module
Prototype
Web Form
Design
Coding
Database
Programmin
g
Testing Finish
Client Module
Prototype
Web
Form
Design
Coding
Database
Programmin
g
Testing Finish
Prototype
Web Form
Design
Coding
Database
Programmin
g
Testing Finish
Tracker Module
Prototype
Web Form
Design
Coding
Database
Programmin
g
Testing Finish
Home Module
Registration Module
System Designing
MODULES:-
Prototype
Web Form
Design
Coding
Database
Programmin
g
Testing Finish
(6).Tracker Module
MODULE DESCRIPTION
1. Administration Module :
2. Registration Module:
Reasons to Registers
Create a shipment
• Enhanced Tracking
• Signature Tracking
3 Tracking Module:
Critical freight
Features
Air Freight
Ocean Freight
Back office creating new check point & deleting the old check
point, creating new brach, deleting old branch.
5 Client modules:
In this module client can check the consignments detail and also
check the old bill detail .
In this module client can updating the profile in the bases of user id
and password to allot in the registration module.
6 Home Module:
Home module contains the information of tool which tools are used
in the project and some calculators are used to calculate the total
cost.
Database Design
Database is designed in Microsoft SQL server 2005, which provides
facilities to manage the database, create tables and procedures in to
database.
Tables, created for this system into database are given below:-
Tables
Con ID int 4 Not Null This value must be present in Cliord tab
Bill ID int 4 Not Null This value must be present in CliBill Tab
CID int 4 Not Null This value must be present in Client tab
Timeee int 4 Not Null Which time is updation perform
Source nvarchar 25 Not Null Check Point Source
Desti nvarchar 25 Not Null Check Point Destination
Remark nvarchar 200 Not Null Incase of delay Query send to BackOffice
Con Del nvarchar 10 Not Null Confirm delivery
CID int 4 Not Null This value must be present in Client tab
SBody nvarchar 200 Not Null Matter type to the suggestion Body Field
User ID nvarchar 15 Not Null Which UserID is used for the login
User Pwd nvarchar 10 Not Null Which Password is used for the login
User Name nvarchar 25 Not Null Which Username is used for the login
User Type nvarchar 10 Not Null Which types of User:-BackOffice,Admin,
Tracker
User Stat Small int 2 Not Null User Status
User ID Nvarchar 15 Not Null This value must be present in User Tab
TQT ID Int 4 Not Null A system generate a tracker Query tab ID
Q Subject Nvarchar 15 Not Null Tracker send Query to Back office
Q Body Nvarchar 200 Not Null Query Subject is type into Query Body field
Q Solution Nvarchar 200 Not Null Back office send solution to tracker
Q Date Date Time 8 Not Null Query Date
S Date Date Time 8 Not Null Solution Date
Primary Key:-Conid
DATABASE DESIGN
We identify the working area of shipping company. We design the project for
shipping company for transferring of goods.
It means design the effective system for less money. if we designed the global
system for accessing all the world for future aspect.
Cost management
Time management
INPUT/OUTPUT SPECIFICATION:
Default.aspx
Aboutus.aspx
BranchContact.aspx
Careers.aspx
ConsGuideline.aspx
Contact.aspx
ConversionCalculator.aspx
DestinationCalculator.aspx
Faq.aspx
Info.aspx
Mission.aspx
Profile.aspx
ProhibitedItem.aspx
RateCalculator.aspx
Services.aspx
TimeCalculator.aspx
Tools.aspx
TrackRecord.aspx
AdminLogin.aspx
BlockUser.aspx
CreateUser.aspx
` DeleteUser.aspx
Logout.aspx
Welcome.aspx
Addaddress.aspx
Changepassword.aspx
Checkcurrentstatus.aspx
Checkpaststatus.aspx
Claimrequest.aspx
Clogin.aspx
Confirmorder.aspx
Deleteaddress.aspx
FinalOrder.aspx
Generateorder.aspx
Logout.aspx
Paidbill.aspx
Suggestion.aspx
Unpaidbills.aspx
Updateprofile.aspx
Welcome.aspx
DEPLOYMENT
Testing
TESTING OBJECTIVES
EMBED Word.Picture.8
Performance&Scalability:
The scalability in the testing lab features powerful workstations and top-
of-the-line networking equipment and is capable of testing the
performance and scalability of an end-to-end solution, not just individual
components. The lab is capable of generating a realistic load of thousands
of virtual users consisting of a mix of user profiles while simultaneously
exercising different portions of a dynamic Web application, based on
real-world Web usage patterns.
CompatibilityTesting
Testing lab examines a website’s compatibility with multiple operating
system/browser combinations. Testing lab works closely with clients to
develop a compatibility-testing matrix that will include the relevant
combinations to be tested. Available configurations typically include
Intel-based systems with Windows operating systems and associated
browsers as well as Macintosh systems and associated browsers. Testing
lab will test the major features of the website during the compatibility
testing, using various approaches.
Testing lab works with clients to develop a test matrix that reflects the
hardware and software combinations to be tested and uses a variety of
different editions and service packs of operating environments in the
testing. Our Testing lab has identified more than 70 possible
combinations of configurations. During testing, Testing labs evaluates the
ability of the website to work in a satisfactory manner using both high-
and low-speed connections. All major functions of the website will be
exercised by each configuration.
FunctionalityTesting
labs works with clients to determine the appropriate operating system and
browser combinations to be tested. Typically, Testing labs exercises all
site functions including links, search operations and responsiveness.
UsabilityTesting
WebHosting:
Domain Booking:
Domain is the indicator of the business strength and hence domain name
selected care fully so that it fulfills the business need of the client.
Hosting Process:-
» Using ftp client upload all the web forms, images & streaming media
files.
» Test the domain
Current state
• Web applications represent highly vulnerable attack avenues
• Most discussions on web application security, center on attacking it
and secure coding to protect it
• Methods for detecting such attacks are coming into their own
• Existing detection methods are being tested before customers
accept these solutions as standard
Detection Techniques
Detection Techniques
Anomaly-based Signature-based
1. SQL Injection
With a SQL injection attack, the attacker exploits vulnerabilities in your
application's input validation and data access code to run arbitrary
commands in the database using the security context of the Web
application.
Vulnerabilities
Vulnerabilities exploited by SQL injection include:
• Poor input validation in your Web applications
• Unsafe, dynamically constructed SQL commands
• Over-privileged application logins to the database
• Weak permissions that fail to restrict the application's login to the
database
Countermeasures
To counter SQL injection attacks:
• Our application should constrain and sanitize input data before
using it in SQL queries.
• Use type safe SQL parameters for data access. These can be used
with stored procedures or dynamically constructed SQL command
strings. Using SQL parameters ensures that input data is subject to
type and length checks and also that injected code is treated as literal
data, not as executable statements in the database.
• Use a SQL Server login that has restricted permissions in the
database. Ideally, you should grant execute permissions only to
selected stored procedures in the database and provide no direct table
access.
2. Network Eavesdropping
The deployment architecture of most applications includes a physical
separation of the data access code from the database server. As a result,
sensitive data, such as application-specific data or database login
credentials, must be protected from network eavesdroppers.
Vulnerabilities
Vulnerabilities that increase the likelihood of network eavesdropping
include:
• Insecure communication channels
• Passing credentials in clear text to the database; for example:
• Using SQL authentication instead of Windows
authentication
• Using SQL authentication without a server certificate
Countermeasures
To counter network eavesdropping:
• Use Windows authentication to connect to the database server to
avoid sending credentials over the network.
Profiling
Profiling, or host enumeration, is an exploratory process used to gather
information about your Web site. An attacker uses this information to
attack known weak points.
Vulnerabilities
• Common vulnerabilities that make your server susceptible to
profiling include:
• Unnecessary protocols
• Open ports
• Web servers providing configuration information in banners
Attacks
Common attacks used for profiling include:
• Port scans
• Ping sweeps
• NetBIOS and server message block (SMB) enumeration
Countermeasures
Countermeasures include blocking all unnecessary ports, blocking
Internet Control Message Protocol (ICMP) traffic, and disabling
unnecessary protocols such as NetBIOS and SMB.
Denial of Service
Denial of service attacks occur when your server is overwhelmed by
service requests. The threat is that your Web server will be too
overwhelmed to respond to legitimate client requests.
Vulnerabilities
Vulnerabilities that increase the opportunities for denial of service
include:
• Weak TCP/IP stack configuration
• Unpatched servers
Attacks
Common denial of service attacks include:
• Network-level SYN floods
• Buffer overflows
• Flooding the Web server with requests from distributed locations
Countermeasures
Countermeasures include hardening the TCP/IP stack and consistently
applying the latest software patches and updates to system software.
Unauthorized Access
Unauthorized access occurs when a user without correct permissions
gains access to restricted information or performs a restricted operation.
Vulnerabilities
Common vulnerabilities that lead to unauthorized access include:
• Weak IIS Web access controls including Web permissions
• Weak NTFS permissions
Countermeasures
Countermeasures include using secure Web permissions, NTFS
permissions, and .NET Framework access control mechanisms including
URL authorization.
Arbitrary Code Execution
Code execution attacks occur when an attacker runs malicious code on
your server either to compromise server resources or to mount additional
attacks against downstream systems.
Vulnerabilities
Vulnerabilities that can lead to malicious code execution include:
• Weak IIS configuration
• Unpatched servers
Attacks
Common code execution attacks include:
• Path traversal
• Buffer overflow leading to code injection
Countermeasures
Countermeasures include configuring IIS to reject URLs with "../" to
prevent path traversal, locking down system commands and utilities with
restrictive access control lists (ACLs), and installing new patches and
updates.
Elevation of Privileges
Elevation of privilege attacks occur when an attacker runs code by using
a privileged process account.
Vulnerabilities
Common vulnerabilities that make your Web server susceptible to
elevation of privilege attacks include:
• Over-privileged process accounts
• Over-privileged service accounts
Countermeasures
Countermeasures include running processes using least privileged
accounts and using least privileged service and user accounts.
Viruses, Worms, and Trojan Horses
Malicious code comes in several varieties, including:
• Viruses. Programs that are designed to perform malicious acts and
cause disruption to an operating system or applications.
• Worms. Programs that are self-replicating and self-sustaining.
• Trojan horses. Programs that appear to be useful but that actually
do damage.
In many cases, malicious code is unnoticed until it consumes system
resources and slows down or halts the execution of other programs. For
example, the Code Red worm was one of the most notorious to afflict IIS,
and it relied upon a buffer overflow vulnerability in an ISAPI filter.
Vulnerabilities
Common vulnerabilities that make you susceptible to viruses, worms, and
Trojan horses include:
• Unpatched servers
• Running unnecessary services
• Unnecessary ISAPI filters and extensions
Countermeasures
Countermeasures include the prompt application of the latest software
patches, disabling unused functionality such as unused ISAPI filters and
extensions, and running processes with least privileged accounts to
reduce the scope of damage in the event of a compromise.
Note The .NET Framework 2.0 mitigates .NET remoting TCP channel
vulnerability through its support for authentication, authorization, and
encryption when using the TCP channel.
Attacks
The attacker places packet-sniffing tools on the network to capture traffic.
Countermeasures
Countermeasures to prevent packet sniffing include the following:
• Use secure authentication, such as Windows authentication, that
does not send passwords over the network.
• Encrypt SQL Server authentication credentials. If you use SQL
Server authentication, you can encrypt credentials automatically by
installing a server certificate on the database server.
• Secure communication channels. Options include using Secure
Sockets Layer (SSL) or Internet Protocol Security (IPSec).
• Use remote procedure call (RPC) encryption with Enterprise
Services applications.
• Use a segmented network, which can isolate eavesdropping to
compromised segments.
• Use the HttpChannel and SSL with .NET Remoting.
Unauthorized Access
If you fail to block the ports used by applications that run on the
application server at the perimeter firewall, an external attacker can
communicate directly with the application server. If you allow computers
other than the front-end Web servers to connect to the application server,
the attack profile for the application server increases.
Vulnerabilities
Vulnerabilities that can result in unauthorized access include:
• Weak perimeter network and firewall configurations
• Superfluous ports open on the internal firewall
• Lack of IPSec policies to restrict host connectivity
• Unnecessary active services
• Unnecessary protocols
Software maintenance
• Categories of
maintenance
About Organization
SiS Technologies
Why Us ?
A powerful site - but designed without the end user in mind ?
Our services are solutions. whether you are an emerging small to mad
size company , or an association looking to transform the way you
conduct activites, Computer management.com can tailor its services to
built a long term internet solution .our goal is to combine superior design
with leading–edge technology and user -driven functionality .
It all starts with consultation. We shall ask a few question
like "what services will help your organization achieve its mission?
"What can we do to help your business become successful in online
commerce?" you will here from our experts, but these decisions are
ultimately yours as it is your name ,after all, on the web site. our
development team will then plan & implement your unique internet
strategy , whether it is simple web site , a site allowing eCommerce
applications setting up a virtual community , handling your online
marketing needs or developing an extensive database-driven system.
Our Expertise
clients to make there sites meet there purpose &to set achievable the
technical ,practical ,marketing & strategic decision for a site to be
successful.
Skills & experience We have state -of-the-art skills & technologies &
are not influenced by whims or by tradition, only by proof. SiS
Technologies has the latest online tools to built your solution faster as
well as perform reliably & efficiently.
Many of our developers have over a decade of development experience &
have worked with SiS Technologies for years .We beleave in small teams
of professionals as the most effictive way to rapidly develop high quality
solutions. Your project manager will ensure smooth flow of small
communications; everyone's focus & the goal & also overcome blocks &
slow-downs
References
Websites
www.Amway.com
www.Mlmwatch.org
www.goodways.biz
www.rmpinfotech.com
Books