S.

No CONTENT Page No

SYNOPSIS i

1 INTRODUCTION 1

1.1 Company Profile 1

1.2 About the Project 3
1.3 Organization of the Project 4

2 SYSTEM STUDY AND ANALYSIS 5

2.1 Problem Statement 5

2.2 Existing System 5
2.3 Proposed System 6
2.4 Feasibility Study 6
2.4.1 Technical Feasibility 7
2.4.2 Economical Feasibility 8
2.4.3 Operational Feasibility 8
2.4.4 Cost Estimation and Scheduling 9

3 DEVELOPMENT ENVIRONMENT 10

3.1 Hardware Requirements 10

3.2 Software Requirements 10
3.3 Programming Environment 11
3.3.1 About Front End Technology 11
3.3.2 About Back End Technology 18

4 SYSTEM DESIGN AND DEVELOPMENT 25

4.1 Elements of Design 25

4.1.1 Process Design 25
 4.1.2 Logical Design 29
4.1.3 Input Design 30
4.1.4 Output Design 33
4.1.5 Database Design 40
4.2 Table Structure 41

5 SYSTEM TESTING AND IMPLEMENTATION 43

5.1 System Testing 43

5.1.1 Unit Testing 43
5.1.2 Integration Testing 45
5.1.3 Validation Testing 46
5.1.4 Output Testing 47
5.2 System Security 48
5.3 System Enhancement 49

6 CONCLUSION AND FUTURE ENHANCEMENT 50

6.1 Conclusion 50
6.2 Future Enhancement 51

7 APPENDIX 52

7.1 Sample Coding 52

8 BIBLIOGRAPHY AND REFERENCE 68

1.INTRODUCTION
 1.COMPANY PROFILE

I genuine Solutions

1.1 ABOUT THE PROJECT

Publishers and Subscribers system enable spread of data from publishers to

interested subscribers in a loosely-coupled manner, where the data is transmitted without
establishing direct contacts between publishers and subscribers. Basically publications,
representing the data generated by publishers, are routed to interested subscribers using a
network of dedicated servers, referred to as brokers. These brokers form a network and could
easily be offered as Software as a Service (SaaS) by cloud service providers. Typically, a
publication is composed of content and a set of tags defining keywords that characterize its
content. Subscribers register their interests (subscriptions) in publications through a set of
constraints. To identify whether a subscriber is interested in receiving specific publications,
brokers match the publications’ tags against the registered interests. Then, the broker
identifies the proposed subscribers and forwards the publications to them. The
characteristics of the pub/sub model has been widely used in many applications. For
instance, e-health information systems use the pub/sub model to share health records between
involved parties, i.e., hospitals, doctors, and pharmacies. Another example is that of trading
system that deploy pub/inv systems to communicate available stocks to consumers. Google
offers Cloud Pub/Sub, which is a real-time messaging service for stream analytic and event
driven computing systems. These are few applications for Publisher and Subscribers
functions.

Despite its benefits, pub/sub systems present several security and privacy challenges
as the data is routed through a set of brokers in a multi-party distributed system. Indeed,
publishers (or subscribers) may send (or receive) sensitive publications, such as health
information, religious, and political interests. Thus, the brokers could collect sensitive
information about the publishers and subscribers. With the proliferation of out- sourced
systems, pub/sub services are typically based on third party servers (e.g., cloud servers). In
2016, an attack on the Yahoo platform led to the leakage of 1 billion user accounts who used
yahoo . Since brokers handle sensitive data and could be compromised, it is reasonable to
treat them as untrustworthy entities and ensure the protection of publications and
subscriptions. To protect sensitive information from untrustworthy brokers, several works
propose to encrypt the publications and subscriptions in such a way that the brokers can still
match the subscriptions against the publications’ tags without learning their content. The
subscriptions and publications are protected from brokers.

However, it is possible for malicious brokers to collude with subscribers and publishers.
Subscription from an innocent investor is encrypted, the broker can still access the content by
checking if the subscriptions from both an innocent subscriber and a malicious subscriber
match the same publication tags. Like, a malicious publisher could publish a fake publication
to learn investors’ interests. Specifically, a malicious publisher can combine with a broker to
know the interests matching the fake publication. Therefore, to ensure the privacy of
subscriptions, it is also necessary to resist the attacks between brokers, publishers, and
investors. T h e s c hemes proposed in resist collusion attacks between malicious investors (or
publishers) and brokers. However, all these approaches require publishers and investors to
communicate directly to protect their privacy. As a result, the loosely coupled property of the
pub/sub model is no longer supported by these approaches. The system proposed that
privacy-preserving pub/sub system that protects subscriptions effectively and resists collusion
attacks using a multi-broker setting without compromising the loosely-coupled property of
the pub/inv model. The system lies in the use of multiple types of brokers to match and to
route publications to the investors. The main idea is to divide the match operations (between
encrypted subscriptions and publication tags) into different phases, where each phase is
executed by a different type of broker. Each broker type only processes partial information
from which it cannot infer sensitive information about the subscriptions. Thus, if a broker is
compromised or colludes with a subscriber (or a publisher), the subscriptions are still
protected. We design an advanced collusion attack, in which multiple malicious requestors
closely coordinate with one another to launch their queries on different but related users in
well designed orders

The system uses two different algorithms for implement the privacy of subscribers. First,
using a scheme like Key Policy Attribute-Based Encryption (KP-ABE) algorithm,
publications’ content can be accessed only by the authorized subscribers. Second, applying
Searchable Encryption (SE)to ensure encrypted matching of publications’ keywords against
subscribers’ interests. The proposed solution is secure against collusion attacks between
brokers and subscribers/publishers. Herein, stress that the idea of using multiple types of
brokers to defend against collusion attacks in pub/inv systems. This work extends idea by
giving a detailed architecture, a comprehensive security analysis, and a thorough performance
evaluation. Furthermore, giving a motivating scenario, identify security requirements for
pub/sub systems, and present a driven computing systems. These are few applications for
Publisher and Subscriber functions technical background on the applied cryptographic
techniques, including KP-ABE and SE schemes.

MODULES

That project contains first it shows the login form where it contains the already
existing users. But new user means first should be register then go to login page. Next
comes the home page .that home page contains users upload images and news feeds while
new user upload the image or news that information should not be directly show the home
page .that particular image first goes to the admin part that admin it confirm only that
image shows the home page. In the process to avoiding the mis using images and news.
The project developed by JAVA and MYSQL server.
The modules of this project as mainly classified into,

 User login form.

 Home page
 Profile
 Checkout
 Buying product and adding bank details
 Admin login form.
 Approving the product
 User details
 Publisher details
 Publisher login
 Add product
 Viewing added product

OVERVIEW OF THE MODULES

2 SCOPE OF THE PROJECT

The aim at providing a pub/sub service that could protect publications and Subs’ interests
from curious brokers in the presence of malicious Subs and Pubs. To protect the publications
from unauthorized entities, the Pub encrypts the publication using the Key-Policy Attribute-
Based Encryption (KP-ABE) scheme. In this way, only the authorized Subs can recover the
content of the publications.

1.1. ORGANIZATION OF THE PROJECT REPORT

Chapter - 2 includes the system study and analysis of this project which explains problem
statement, existing system drawbacks and the proposed system advantages and the feasibility
study of the project.

Chapter - 3 defines in computer program and software product development, the

development environment is the set of processes and programming tools used to create the
program or software product. The term may sometimes also imply the physical environment.
An integrated development is one in which the processes and tools are coordinated to provide
developers an orderly interface to and convenient view of the development process.

Chapter - 4 includes the design patterns like ER Diagram, Use-Case Diagram, DFD
Diagram, Input and Output forms design and Data design.

Chapter - 5 describes the testing strategy design, System Security and System
Enhancement details.

Chapter - 6 includes the conclusion for fleet management system.

Chapter - 7 includes the appendix of the sample source code for some modules are
defines.

Chapter - 8 includes the Bibliography and Reference are referred by websites.

1.2.1 CYBER SECURITY

Cyber security is primarily about people, processes, and technologies working

together to encompass the full range of threat reduction, vulnerability reduction, deterrence,
international engagement, incident response, resiliency, and recovery policies and
activities, including computer network operations, information assurance, law enforcement,
etc. Cyber security is the protection of Internet-connected systems, including hardware,
software, and data from cyber attacks. It is made up of two words one is cyber and other is
security. Cyber is related to the technology which contains systems, network and
programs or data. Whereas security related to the protection which includes systems
security, network security and application and information security. A portion of that data
can be sensitive information, whether that be intellectual property, financial data, personal
information, or other types of data for which unauthorized access or exposure could have
negative consequences. Cyber-attack is now an international concern and has given many
concerns that hacks and other security attacks could endanger the global economy.
Organizations transmit sensitive data across networks and to other devices in the course of
doing businesses, and Cyber Security describes to protect that information and the systems
used to process or store it. As the volume of cyber-attacks grows, companies and
organizations, especially those that deal information related to national security, health, or
financial records, need to take steps to protect their sensitive business and personal
information. Nowadays, viruses were deadlier, more invasive, and harder to control. We
have already experienced cyber incidents on a massive scale, and 2018 isn't close to over.
The above is to name a few, but these attacks are enough to prove that cyber security is a
necessity for corporations and small businesses alike.

The objective of Cyber security is to protect information from being stolen, compromised
or attacked. Cyber security can be measured by at least one of three goals

 Protect the confidentiality of data.

 Preserve the integrity of data.

 Promote the availability of data for authorized users.

CONFIDENTIALITY
 Confidentiality is roughly equivalent to privacy and avoids the unauthorized
disclosure of information. It involves the protection of data, providing access for those
who are allowed to see it while disallowing others from learning anything about its content.
It prevents essential information from reaching the wrong people while making sure that
the right people can get it. Data encryption is a good example to ensure confidentiality.

 INTEGRITY

Integrity refers to the methods for ensuring that data is real, accurate and safeguarded
from unauthorized user modification. It is the property that information has not be altered
in an unauthorized way, and that source of the information is genuine.

AVAILABILITY

Availability is the property in which information is accessible and modifiable in a

timely fashion by those authorized to do so. It is the guarantee of reliable and constant
access to our sensitive data by authorized people.

CYBER SECURITY PRINCIPLES

  To develop a series of Guiding Principles for improving the online security of the
ISPs' customers and limit the rise in cyber-attacks. Cyber security for these purposes
encompasses the protection of essential information, processes, and systems, connected or
stored online, with a broad view across the people, technical, and physical domains.

 Economy of mechanism

 Fail-safe defaults

 Least Privilege

 Open Design

 Complete mediation

 Separation of Privilege

 Least Common Mechanism

 Psychological acceptability
 2. SYSTEM STUDY AND ANALYSIS

2.1 EXISTING SYSTEM

Publisher or subscriber systems present several security and privacy challenges as the
data is routed through a set of brokers in a multi-party distributed system. Indeed,
publishers (or subscribers) may send (or receive) sensitive publications, such as health
information, religious, and political interests. Thus, the brokers could collect sensitive
information about the publishers and subscribers. With the proliferation of outsourced
systems, pub/sub services are typically based on third party servers.

DISADVANTAGES:

The following are the disadvantages of current system.

 In systems, publications are done to interested subscribers through a set of

brokers.
 These brokers are able to collect sensitive information by accessing
publications’ tags and subscribers’ interests.
 Although existing solutions enable encrypted matching, they cannot protect
subscriptions of innocent subscribers.

2.2 PROPOSED SYSTEM

The publisher generates publications and the related tags. Before publishing to the
broker, it encrypts both the tags and the payload of the publication. Each subscriber defines
a subscription according to its interests, such that it receives only the publications whose
tags satisfy the subscription. The trusted authority is responsible for managing the keys of
Subs and Pubs. In the proposed system, allow at most two types of brokers to collude and
still be able to protect the content of the interests.

ADVANTAGES

 Using a scheme like Key Policy Attribute-Based Encryption (KP-ABE),

publications’ content can be accessed only by the authorized subscribers.
  We apply Searchable Encryption (SE) to ensure encrypted matching of
publications’ keywords against subscribers’ interests.
 Reduces the collusion attacks between brokers and subscribers/publishers.

2.4 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal is put
forth with a very general plan for the project and some come estimates. This is to ensure
that the proposed system is not a burden to the company. A high speed of internet is not
required. For feasibility analysis, some understanding of the major requirements for the
system is essential.

Three consideration involve in the feasibility analysis are:

 ECONOMICAL FEASIBLITY
 TECHNICAL FEASIBLITY
 OPERATIONAL FEASIBLITY
 COAST ESTIMATION AND SCHEDULING

2.4.1 TECHNICAL FEASIBILITY

Technical feasibility explains about the system works, technically this shopping
system with their own suggestion. The application can be use effective by the user without
any problem. The user can directly contact the admin for help.

2.4.2 ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will have on
the organization. The amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be justified. Thus the
developed system as well within the budget and this was achieved because most of the
technologies used are freely available.
2.4.3 OPERATIONAL FEASIBILITY

Operational feasibility is all about what type of operation system can perform. To
operate this system there is no need for more knowledge it id ore flexible than other
systems user can easily understand the functions of each module to buy the products, sell
the products.

2.4.4 COST ESTIMATION AND SCHEDULING

The software project manager (and others) develops a characterization of the overall
size, process, environment, people, and quality required for the project. A macro-level
estimate of the total effort and schedule is developed using a software cost estimation
model. Cost Estimating. While conceptual project estimating and scheduling can give a
rough picture of budget and execution time, a crucial piece of information in initial decision
making process – with developing of the project design, final cost and schedule can be
determined on a much higher level of detail.

3.DELEVOPMENT ENVIRONMENT

3.1 HARDWARE REQUIREMENTS

The hardware requirement may be serves as the basis for a contract for the
implementation of the system and should therefore be a complete and consistent
specification of the whole system. They are used y software engineers as the starting point
for the system. It shows what the system do and not how it should be implemented.

 Hard Disk : 120 GB.

 Monitor : 15’’ LED
 Ram : 2 GB
 Processor Speed : Minimum 500 MHZ
 Processor : Intel Pentium core i3

3.2 SOFTWARE REQUIREMENTS

 The software requirements are the requirements of the system. It should include both
a definition and a specification of requirements. It is a set of what the system should do
rather than how it should do it. The software requirement provide a basis for creating the
software requirement specification. It is useful in estimating cost, planning team activities,
performing tasks, tracking the team’s progress throughout the development activity.

 Operating system : Windows 8.1

 Front-end coding : HTML5
 Style Sheets : CSS
 Coding Language : JAVA/JSP
 Tool : NetBeans 8.1ssss
 Database: : MySQL

3.3 PROGRAMMING ENVIRONMENT

3.3.1 ABOUT FRONT END TECHNOLOGY

JAVA

Java is an object-oriented programming language with its runtime environment. It is

a combination of features of C and C++ with some essential additional concepts. Java is
well suited for both standalone and web application development and is designed to provide
solutions to most of the problems faced by users of the internet era. Java is an object-
oriented programming language developed by Sun Microsystems, and it was released in
1995. James Gosling initially developed Java in Sun Microsystems (which was later
merged with Oracle Corporation). Java is a set of features of C and C++. It has obtained
its format from C, and OOP features from C++. Java programs are platform independent
which means they can be run on any operating system with any processor as long as
the Java interpreter is available on that system. Java code that runs on one platform does
not need to be recompiled to run on another platform; it's called write once, run anywhere
(WORA). Java Virtual Machine (JVM) executes Java code, but it has been written in
platform-specific languages such as C/C++/ASM, etc. JVM is not written in Java and
hence cannot be platform independent, and Java interpreter is a part of JVM. Earlier Java
was only used to design and program small computing devices, but it was later adopted as
one of the platform-independent programming languages, and now according to Sun, 3
billion devices run Java. Java is one of the most important programming languages in
today's IT industries.

Where is java being used

 JSP - In Java, JSP (Java Server Pages) is used to create dynamic web pages, such as in
PHP and ASP.
 Applets - Applets are another type of Java programs that are implemented on Internet
browsers and are always run as part of a web document.
 J2EE - Java 2 Enterprise Edition is a platform-independent environment that is a set
of different protocols and APIs and is used by various organizations to transfer data
between each other.
 JavaBeans - This is a set of reusable software components that can be easily used to
create new and advanced applications.
 Mobile - In addition to the above technology, Java is widely used in mobile devices
nowadays, many types of games and applications are being made in Java.

Types of Java Application

 Web Application - Java is used to create server-side web applications. Currently,

Servlet, JSP, Struts, JSF, etc. technologies are used.
 Standalone Application - It is also known as the desktop application or window-
based application. An application that we need to install on every machine or server
such as media player, antivirus, etc. AWT and Swing are used in java for creating
standalone applications.
 Enterprise Application - An application that is distributed in nature, such as banking
applications, etc. It has the advantage of high-level security, load balancing, and
clustering. In Java, EJB is used for creating enterprise applications.
  Mobile Application - Java is used to create application software for mobile devices.
Currently, Java ME is used for building applications for small devices, and also Java
is a programming language for Google Android application development.

FEATURES OF JAVA

 Object-Oriented: - Java supports the features of object-oriented programming. Its

object model is simple and easy to expand.
 Platform independent: - C and C++ are platform dependency languages hence the
application programs written in one Operating system cannot run in any other
Operating system, but in platform independence language like Java application
programs written in one Operating system can able to run on any Operating system.
 Simple: - Java has included many features of C / C ++, which makes it easy to
understand.
 Secure:- Java provides a wide range of protection from viruses and malicious
programs.  It ensures that there will be no damage and no security will be broken.
 Portable - Java provides us with the concept of portability. Running the same
program with Java on different platforms is possible.
 Robust :- During the development of the program, it helps us to find possible
mistakes as soon as possible.
 Multi-threaded - The multithreading programming feature in Java allows you to
write a program that performs several different tasks simultaneously.
 Distributed - Java is designed for distributed Internet environments as it manages the
TCP/IP protocol.

INTRODUCTION TO JSP

JSP technology is used to create web application just like Servlet technology. It can be
thought of as an extension to Servlet because it provides more functionality than servlet
such as expression language, JSTL, etc.
A JSP page consists of HTML tags and JSP tags. The JSP pages are easier to maintain than
Servlet because we can separate designing and development. It provides some additional
features such as Expression Language, Custom Tags.

Advantages of JSP over Servlet

Extension to Servlet

JSP technology is the extension to Servlet technology. We can use all the features of the
Servlet in JSP. In addition to, we can use implicit objects, predefined tags, expression
language and Custom tags in JSP, that makes JSP development easy.

Easy to maintain

JSP can be easily managed because we can easily separate our business logic with
presentation logic. In Servlet technology, we mix our business logic with the presentation
logic.

Fast Development: No need to recompile and redeploy

If JSP page is modified, we don't need to recompile and redeploy the project. The Servlet
code needs to be updated and recompiled if we have to change the look and feel of the
application.

Less code than Servlet

In JSP, we can use many tags such as action tags, JSTL, custom tags, etc. that reduces the
code. Moreover, we can use EL, implicit objects, etc.
OVERVIEW OF HTML

HTML  is a software solution stack that defines the properties and behaviors of web
page content by implementing a markup based pattern to it. HTML5 was the fifth and
current major version of HTML that is a World Wide Web Consortium
(W3C) recommendation. The current specification is known as the HTML Living
Standard and is maintained by a consortium of the major browser vendors
(Apple, Google, Mozilla, and Microsoft), the Web Hypertext Application Technology
Working Group (WHATWG).

HTML5 was first released in public-facing form on 22 January 2008, with a major
update and "W3C Recommendation" status in October 2014. Its goals were to improve the
language with support for the latest multimedia and other new features; to keep the
language both easily readable by humans and consistently understood by computers and
devices such as web browsers, parsers, etc., without XHTML's rigidity; and to
remain backward-compatible with older software. HTML5 is intended to subsume not
only HTML 4, but also XHTML 1 and DOM Level 2 HTML.

Hypertext Markup Language (HTML) is the standard markup language for

documents designed to be displayed in a web browser. It can be assisted by technologies
such as Cascading Style Sheets (CSS) and scripting languages such as JavaScript.

Web browsers receive HTML documents from a web server or from local storage
and render the documents into multimedia web pages. HTML describes the structure of
a web page semantically and originally included cues for the appearance of the document.

HTML elements are the building blocks of HTML pages. With HTML

constructs, images and other objects such as interactive forms may be embedded into the
rendered page. HTML provides a means to create structured documents by denoting
structural semantics for text such as headings, paragraphs, lists, links, quotes and other
items. HTML elements are delineated by tags, written using angle brackets. Tags such

as  <img/>  and  <input />  directly introduce content into the page. Other tags such

as  <p>  surround and provide information about document text and may include other tags
as sub-elements. Browsers do not display the HTML tags, but use them to interpret the
content of the page.

HTML can embed programs written in a scripting language such as JavaScript, which

affects the behaviour and content of web pages. Inclusion of CSS defines the look and
layout of content.

CSS

Cascading Style Sheets, fondly referred to as CSS, is a simple design language

intended to simplify the process of making web pages presentable. CSS handles the look
and feel part of a web page. Using CSS, you can control the color of the text, the style of
fonts, the spacing between paragraphs, how columns are sized and laid out, what
background images or colors are used, layout designs, variations in display for different
devices and screen sizes as well as a variety of other effects. CSS is easy to learn and
understand but it provides powerful control over the presentation of an HTML document.
Most commonly, CSS is combined with the markup languages HTML or XHTML.

FEATURES OF CSS
  CSS saves time − You can write CSS once and then reuse same sheet in multiple
HTML pages. You can define a style for each HTML element and apply it to as
many Web pages as you want.

 Pages load faster − If you are using CSS, you do not need to write HTML tag
attributes every time. Just write one CSS rule of a tag and apply it to all the
occurrences of that tag. So less code means faster download times.

 Easy maintenance − To make a global change, simply change the style, and all
elements in all the web pages will be updated automatically.

 Superior styles to HTML − CSS has a much wider array of attributes than HTML,
so you can give a far better look to your HTML page in comparison to HTML
attributes.

 Multiple Device Compatibility − Style sheets allow content to be optimized for

more than one type of device. By using the same HTML document, different
versions of a website can be presented for handheld devices such as PDAs and cell
phones or for printing.

 Global web standards − Now HTML attributes are being deprecated and it is being
recommended to use CSS. So its a good idea to start using CSS in all the HTML
pages to make them compatible to future browsers.

3.3.2 ABOUT BACK END TECHNOLOGY

Back end Development refers to the server side of development where you are primarily
focused on how the site works. Making updates and changes in addition to monitoring
functionality of the site will be your primary responsibility. This type of web development
usually consists of three parts: a server, an application, and a database. Code written by back
end developers is what communicates the database information to the browser. Anything you
can’t see easily with the eye such as databases and servers is the work of a back end
developer. Back end developer positions are often called programmers or web developers.

MYSQL
MySQL is the most popular Open Source Relational SQL Database Management System.
MySQL is one of the best RDBMS being used for developing various web-based software
applications. MySQL is developed, marketed and supported by MySQL AB, which is a
Swedish company. This tutorial will give you a quick start to MySQL and make you
comfortable with MySQL programming. MySQL is the most popular RDBMS (Relational
Database Management System) used to store data of web applications. This MySQL
tutorial series will help you to get started in MySQL. You will learn the basics of MySQL
and will be able to use the MySQL database easily.

Features of MYSQL

 MySQL server design is multi-layered with independent modules.

 MySQL is fully multithreaded by using kernel threads. It can handle multiple CPUs if
they are available.

 MySQL provides transactional and non-transactional storage engines.

 MySQL has a high-speed thread-based memory allocation system.

 MySQL supports in-memory heap table.

 MySQL handles large databases.

 MySQL Server works in client/server or embedded systems.

 MySQL Works on many different platforms.

Who Uses MYSQL

 Some of the most famous websites like Facebook, Wikipedia, Google (not for search),
YouTube, Flickr.

 Content Management Systems (CMS) like WordPress, Drupal, Joomla, phpBB etc.

 A large number of web developers worldwide are using MySQL to develop web
applications.

Reasons to use MYSQL

Scalability and Flexibility
The MySQL database server provides the ultimate in scalability, sporting the capacity
to handle deeply embedded applications with a footprint of only 1MB to running massive
data warehouses holding terabytes of information.

High Performance

A unique storage-engine architecture allows database professionals to configure the

MySQL database server specifically for particular applications, with the end result being
amazing performance results.

High Availability

Rock-solid reliability and constant availability are hallmarks of MySQL, with customers
relying on MySQL to guarantee around-the-clock uptime.

Robust Transactional Support

MySQL offers one of the most powerful transactional database engines on the market.

Web and Data Warehouse Strengths

MySQL is the de-facto standard for high-traffic web sites because of its high-
performance query engine, tremendously fast data insert capability, and strong support for
specialized web functions like fast full text searches.

Strong Data Protection

Guarding the data assets of corporations is the number one job of database professionals,
MySQL offers exceptional security features that ensure absolute data protection. In terms of
database authentication, MySQL provides powerful mechanisms for ensuring only authorized users
have entry to the database server, with the ability to block users down to the client machine level
being possible.

Comprehensive Application Development

One of the reasons MySQL is the world's most popular open source database is that it
provides comprehensive support for every application development need. Within the database,
support can be found for stored procedures, triggers, functions, views, cursors, ANSI-standard SQL.

Management Ease
 MySQL offers exceptional quick-start capability with the average time from software
download to installation completion being less than fifteen minutes.

4.SYSTEM DESIGN AND DEVELOPMENT

4.1 ELEMENTS OF DESIGN

4.1.1.PROCESS DESIGN

Protecting Investors Privacy in Online trading system that proposed that to ensure the
privacy of the investor is protected. When the investor wants to add products to the
application they will approach brokers, the brokers will collect the information from the
investors, the broker checks whether the product has valid certificates. Then the collected
information can be passed to the Publisher, the publisher is holding the share. When the
investor share their information to the broker there is a chance of misusing the personal
information about the investor, so the information provided by the investor can be encrypted
before shared to the broker.
 Protecting Investors privacy in online trading system

The above Figure illustrate that, the proposed based on protecting investors
information in online trading system. The admin (Publisher) has the rights to approve the
product details that have been submitted by the investors. Then only the customers can
view the products in the shopping website. All the transactions has been stored in the
database whenever the publisher gather all the information. There are two types of
algorithm for enabling the privacy of the investors as well as the publisher who present in
the system.

4.1.2 LOGICAL DESIGN

UML DIAGRAMS

UML is an acronym that stands for Unified Modelling Language. Simply put, UML
is a modern approach to modelling and documenting software. In fact, it’s one of the most
popular business process modelling techniques. It is based on diagrammatic
representations of software components. Mainly, UML has been used as a general-purpose
modelling language in the field of software engineering. However, it has now found its way
into the documentation of several business processes or work flows. For example, activity
diagrams, a type of UML diagram, can be used as a replacement for flowcharts. They
provide both a more standardized way of modelling workflows as well as a wider range of
features to improve readability and efficacy. UML was created by the Object Management
Group (OMG) and UML 1.0 specification draft was proposed to the OMG in January 1997.
It was initially started to capture the behaviour of complex software and non-software
system and now it has become an OMG standard. This tutorial gives a complete
understanding on UML.

Object-oriented concepts were introduced much earlier than UML. At that point of
time, there were no standard methodologies to organize and consolidate the object-oriented
development. It was then that UML came into picture.

There are a number of goals for developing UML but the most important is to define some
general purpose modelling language, which all modellers can use and it also needs to be
made simple to understand and use.

USE CASE DIAGRAM

A use case diagram at its simplest is a representation of a user's interaction with the
system that shows the relationship between the user and the different use cases in which the
user is involved. A use case diagram can identify the different types of users, the Figure 5.2
shows user can directly login to the form. After login the form, the Admin checks the
approval requests from the users.
 Use Case diagram

The above figure illustrates the user and admin interaction through this diagram, the
user should register before proceeding to buy products. Once the user login into the system
now user is allowed to view the products, purchase the products from the shopping
application.

CLASS DIAGRAM

A class diagram in the Unified Modeling Language (UML) is a type of static

structure diagram that describes the structure of a system by showing the system's classes,
their attributes, operations (or methods), and the relationships among objects.
 The class diagram is the main building block of object-oriented modeling. It is used
for general conceptual modeling of the structure of the application, and for detailed
modeling translating the models into programming code. Class diagrams can also be used
for data modeling.[1] The classes in a class diagram represent both the main elements,
interactions in the application, and the classes to be programmed.

Class Diagram

In figure shows that the relationship between the user and the admin. How the
shopping website is working. First the registration will takes place, then the user should
login to the page, after that they proceed to shopping, once the shopping process is done it
will automatically goes to the payment page.

SEQUENCE DIAGRAM

A sequence diagram is an interaction diagram that show how processes operate with
own another and what is their order. It is a construct of a message sequence chart. A
sequence diagram shows object interaction arranged in time sequence. Sequence diagram
are sometimes called event diagram. The below figure 5.2.3 shows user can directly
register to multiple sources. The admin maintains the credential authentication, approving
product details from the investor. Finally the admin will logout the form.

Sequence Diagram

The fig shows that the sequence diagram for protecting investors privacy in online
trading system, the process takes place the interaction between the different actors in the
existing system.

5.2.5 DATAFLOW DIAGRAM

A data-flow diagram (DFD) is a way of representing a flow of a data of a process or

a system (usually an information system). The DFD also provides information about the
outputs and inputs of each entity and the process itself. Figure shows the dataflow diagram
Protecting investors privacy in online trading system.
 Data Flow Diagram

The figure 5.2.5 shows that protecting investors privacy in online trading system
how the system is divided into subsystems , each deals with one or more data flows from an
external agent. It also identifies the internal data stores of products, payment credinals,
user management, viewing the items.

ACTIVITY DIAGRAM

Activity diagram is defined as a UML diagram that focuses on the execution and

flow of the behavior of a system instead of implementation. Activity diagrams consist
of activities that are made up of actions which apply to behavioral modeling technology.
An activity diagram portrays the control flow from a start point to a finish point showing
the various decision paths that exist while the activity is being executed. We can depict
both sequential processing and concurrent processing of activities using an activity
diagram. They are used in business and process modeling where their primary use is to
depict the dynamic aspects of a system.
 Activity Diagram

The above diagram illustrate that the activity contained by the users, publisher and
the application itself each of the activity is interlinked, the process of each of the activity is
different in nature. Such as view items, add to cart, manage user details and payment
details. After completing all of the activity automatically it will turned to terminate the
processes.
4.1. INPUT DESIGN
4.1.4 OUTPUT DESIGN
4.1.5 DATABASE DESIGN

ADMIN:

USER REGISTRATION:
ATM CARD:

PRODUCTS:
 PUBLISHERS:

4.2 TABLE STRUCTURE

ADMIN :

COLUMN NAME DATA TYPE CONSTRAINTS

MAIL VARCHAR PRIMARY KEY
PASSWORD VARCHAR NOT NULL

USER REGISTRATION:

COLUMN NAME DATA TYPE CONSTRAINTS

NAME INT PRIMARY KEY
MAIL VARCHAR NULL
PHONE VARCHAR NULL
PASSWORD VARCHAR NULL
ID INT NOT NULL
 ADDRESS VARCHAR NULL
STATE VARCHAR NULL
CITY VARCHAR NULL
ZIPCODE VARCHAR NULL

ATM CARD:

COLUMN NAME DATA TYPE CONSTRAINTS

ID VARCHAR NULL
NAME OF CARD VARCHAR NULL
CARD NO VARCHAR NULL
EXP MONTH VARCHAR NULL
EXP YEAR VARCHAR NULL
CVV VARCHAR NULL

PRODUCTS:

COLUMN NAME DATA TYPE CONSTRAINTS

FILE LONGBLOB NULL
COMPANY NAME VARCHAR NULL
PNAME VARCHAR NULL
DETAILS VARCHAR NULL
PRICE VARCHAR NULL
ID VARCHAR NULL
STATUS INT NOT NULL

PUBLISHERS:

COLUMN NAME DATA TYPE CONSTRAINTS

ID INT NOT NULL
COMPANY NAME VARCHAR NULL
MAIL VARCHAR NULL
PHONE VARCHAR NULL
ISO CODE VARCHAR NULL
 PASSWORD VARCHAR NULL

5.SYSTEM TESTING AND IMPLEMENTATION

5.1 SYSTEM TESTING

System testing ensures that the entire integrated software system meets requirements.
It tests a configuration to ensure known and predictable results. An example of system
testing is the configuration oriented system integration test. System testing is based on
process descriptions and flows, emphasizing pre-driven process links and integration
points. Field testing will be performed manually and functional tests will be written in
detail. The purpose testing is to discover error. Testing is the process of tr7ing to discover
every conceivable fault or weakness in a product it provides a way to check the
functionality of the components, sub assemblies and/or a finished product is the process of
exercising software with internet of ensuring that the software system meets its requirement
 and user expectation and does not fail in an unacceptable manner. There are various type of
test. Each test type address a specific testing requirement.

 Unit Testing
 Integration Testing
 Validation Testing
 Output Testing

5.1.1 UNIT TESTING

Unit testing involves the design of test cases that validate that the internal program logic
is functioning properly, and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual
software units of the application .it is done after the completion of an individual unit
before integration. This is a structural testing, that relies on knowledge of its construction
and is invasive. Unit tests perform basic tests at component level and test a specific
business process, application, and/or system configuration. Unit tests ensure that each
unique path of a business process performs accurately to the documented specifications
and contains clearly defined inputs and expected results.

5.1.2 INTEGRATION TESTING

Integration tests are designed to test integrated software components to determine if

they actually run as one program. Testing is event driven and is more concerned with the
basic outcome of screens or fields. Integration tests demonstrate that although the
components were individually satisfaction, as shown by successfully unit testing, the
combination of components is correct and consistent. Integration testing is specifically
aimed at exposing the problems that arise from the combination of components

5.1.3 VALIDATION TESTING

Validation refers to the data ,validation of ensuring that data inserted into an application

Satisfies pre-determined formats or complies with stated length and character requirement
and other defined input criteria. It may also ensure that only data that is either true or real
 can be entered into a database. There are two types of validation that can check the
authenticity and reliability of the user input.

5.1.4 OUTPUT TESTING

5.2.SYSTEM SECURITY

The protection of computer based resources that includes hardware software, data,
procedures and people against unauthorized use or natural disaster is known as system
security
System Security can be divided into four related issues:
 Security
 Integrity
 Privacy
 Confidentiality

1. SYSTEM SECURITY refers to the technical innovations and procedures applied to

the hardware and operation systems to protect against deliberate or accidental damage
from a defined threat
2. DATA SECURITY is the protection of data from loss, disclosure, modification and
destruction
3. SYSTEM INTERGITY refers to the power functioning of hardware and programs,
appropriate physical security and safety against external threat such as eavesdropping
and wiretapping
4. PRIVACY defines the rights of the user or organizations to determine what
information they are willing to share with or accept from others and how the
 organization can be protected against unwelcome, unfair or excessive dissemination
of information about it
5. CONFIDENTIALITY is a special status given to sensitive information in a database
to minimize the possible invasion of privacy. It is an attribute of information that
characterizes its need for protection.

5.3 SYSTEM ENHANCEMENT

6.CONCLUSION AND FUTURE ENHANCEMENT

6.1 CONCLUSION

In future Some malware can attack the big data that should be defend by some
implementation technique in my project access control and encryption has some default in
future to overcome the defects of attributes errors.

6.2 FUTURE ENHANCEMENT

some default in future to overcome the defects of attributes errors.

7.APPENDIX

7.1 SAMPLE CODING

ADMIN.JSP
<%@page import="java.sql.*"%>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>JSP Page</title>

</head>

<body>

<%

String mail = request.getParameter("mail");

String password = request.getParameter("password");

Class.forName("com.mysql.jdbc.Driver");

Connection conn =
DriverManager.getConnection("jdbc:mysql://localhost:3306/shopping" ,"root","root");

PreparedStatement pst = conn.prepareStatement("Select mail,password from admin

where mail=? and password=?");

pst.setString(1, mail);

pst.setString(2, password);

ResultSet rs = pst.executeQuery();

if(rs.next())

%>

<script>

alert("Login Successful")
 window.location.replace("ahome.jsp");

</script>

<% }

else{

%>

<script>

alert("invalid user")

window.location.replace("admin.html");

</script>

<% }

%>

</body>

</html>

LOGIN.JSP

<%--

Document : login

Created on : Jan 24, 2020, 2:46:58 PM

Author : Admin

--%>

<%@page import="java.sql.*"%>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>JSP Page</title>

</head>

<body>

<%

String name="",mail1="",phone="",address="",state="",city="",zip="",id="";

String mail = request.getParameter("mail");

String password = request.getParameter("password");

Class.forName("com.mysql.jdbc.Driver");

Connection conn =
DriverManager.getConnection("jdbc:mysql://localhost:3306/shopping" ,"root","root");

PreparedStatement pst = conn.prepareStatement("Select * from registration where

mail=? and password=?");

pst.setString(1, mail);

pst.setString(2, password);

ResultSet rs = pst.executeQuery();

if(rs.next())

name=rs.getString("name");

mail1=rs.getString("mail");
 phone=rs.getString("phone");

address=rs.getString("address");

state=rs.getString("state");

city=rs.getString("city");

zip=rs.getString("zipcode");

String password1=rs.getString("password");

id=rs.getString("id");

HttpSession ses=request.getSession();

HttpSession session1=request.getSession();

ses.setAttribute("uname", name);

ses.setAttribute("mail1", mail1);

ses.setAttribute("phone", phone);

ses.setAttribute("address", address);

ses.setAttribute("state", state);

ses.setAttribute("city", city);

ses.setAttribute("zip", zip);

ses.setAttribute("password", password1);

ses.setAttribute("id", id);

session1.setAttribute("mail1", mail1);

%>

<script>

alert("Login Successful")

window.location.replace("home.jsp");

</script>
 <% }

else{

%>

<script>

alert("invalid user")

window.location.replace("login.html");

</script>

<% }

%>

</body>

</html>

PAYMENT.JSP

<html>

<head>

<meta name="viewport" content="width=device-width, initial-scale=1">

<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-

awesome/4.7.0/css/font-awesome.min.css">

<style>

body {

font-family: Arial;

font-size: 17px;

padding: 8px;

}
*{

box-sizing: border-box;

.row {

display: -ms-flexbox; /* IE10 */

display: flex;

-ms-flex-wrap: wrap; /* IE10 */

flex-wrap: wrap;

margin: 0 -16px;

.col-25 {

-ms-flex: 25%; /* IE10 */

flex: 25%;

.col-50 {

-ms-flex: 50%; /* IE10 */

flex: 50%;

.col-75 {

-ms-flex: 75%; /* IE10 */

flex: 75%;
}

.col-25,

.col-50,

.col-75 {

padding: 0 16px;

.container {

background-color: #f2f2f2;

padding: 5px 20px 15px 20px;

border: 1px solid lightgrey;

border-radius: 3px;

input[type=text] {

width: 100%;

margin-bottom: 20px;

padding: 12px;

border: 1px solid #ccc;

border-radius: 3px;

label {

margin-bottom: 10px;
 display: block;

.icon-container {

margin-bottom: 20px;

padding: 7px 0;

font-size: 24px;

.btn {

background-color: #4CAF50;

color: white;

padding: 12px;

margin: 10px 0;

border: none;

width: 100%;

border-radius: 3px;

cursor: pointer;

font-size: 17px;

.btn:hover {

background-color: #45a049;

}
a{

color: #2196F3;

hr {

border: 1px solid lightgrey;

span.price {

float: right;

color: grey;

/* Responsive layout - when the screen is less than 800px wide, make the two columns
stack on top of each other instead of next to each other (also change the direction - make
the "cart" column go on top) */

@media (max-width: 800px) {

.row {

flex-direction: column-reverse;

.col-25 {

margin-bottom: 20px;

</style>

</head>
<body>

<div class="row">

<div class="col-75">

<div class="container">

<form action="atmcard.jsp">

<%

HttpSession ses=request.getSession();

String name=ses.getAttribute("uname").toString();

String mail=ses.getAttribute("mail1").toString();

String phone=ses.getAttribute("phone").toString();

String address=ses.getAttribute("address").toString();

String state=ses.getAttribute("state").toString();

String city=ses.getAttribute("city").toString();

String zip=ses.getAttribute("zip").toString();

%>

<div class="row">

<div class="col-50">

<h2>Product details</h2>

<h3>Billing Address</h3>

<label for="fname"><i class="fa fa-user"></i> Full Name</label>

<input type="text" id="fname" name="firstname" value="<%=name%>">

<label for="email"><i class="fa fa-envelope"></i> Email</label>

<input type="text" id="email" name="email" value="<%=mail%>">

<label for="adr"><i class="fa fa-address-card-o"> </i> Address</label>

 <input type="text" id="adr" name="address" value="<%=address%>">

<label for="city"><i class="fa fa-institution"></i> City</label>

<input type="text" id="city" name="city" value="<%=city%>">

<div class="row">

<div class="col-50">

<label for="state">State</label>

<input type="text" id="state" name="state" value="<%=state%>">

</div>

<div class="col-50">

<label for="zip">Zip</label>

<input type="text" id="zip" name="zip" value="<%=zip%>">

</div>

</div>

</div>

<div class="col-50">

<h3>Payment</h3>

<label for="fname">Accepted Cards</label>

<div class="icon-container">

<i class="fa fa-cc-visa" style="color:navy;"></i>

<i class="fa fa-cc-amex" style="color:blue;"></i>

<i class="fa fa-cc-mastercard" style="color:red;"></i>

<i class="fa fa-cc-discover" style="color:orange;"></i>

</div>
 <label for="cname">Name on Card</label>

<input type="text" id="cname" name="noc" placeholder="ENTER CARD

HOLDER NAME">

<label for="ccnum">Credit card number</label>

<input type="text" id="ccnum" name="cn" placeholder="1111-2222-3333-4444">

<label for="expmonth">Exp Month</label>

<input type="text" id="expmonth" name="em" placeholder="ENTER EXP

MONTH">

<div class="row">

<div class="col-50">

<label for="expyear">Exp Year</label>

<input type="text" id="expyear" name="ey" placeholder="EXP YEAR">

</div>

<div class="col-50">

<label for="cvv">CVV</label>

<input type="text" id="cvv" name="cvv" placeholder="CVV">

</div>

</div>

</div>

</div>

<label>

<input type="checkbox" checked="checked" name="sameadr"> Shipping address

same as billing

</label>

<input type="submit" value="Continue to checkout" class="btn">

 </form>

</div>

</div>

</div>

</body>

</html>

8.BIBLIOGRAPHY AND REFERENCE

BOOK:

 Java: A Beginner's Guide Paperback –  Herb Schildt

 The Complete Reference MYSQL– Vaswani Vikram

WEB REFERENCE:

 https://www.w3schools.com/java/
 https://www.webyog.com
 https://www.w3schools.com/php/php_mysql_intro.asp
7.1 TEST PROCEDURE

7.2 TESTING LEVELS

 Functional Testing
 System Testing
 Acceptance Testing

7.2.3 Functional Testing

Functional tests provide systematic demonstrations that functions tested are

available as specified by the business and technical requirements, system documentation,
and user manuals.
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.

Systems/Procedures : interfacing systems or procedures must be invoked.

7.2.5 Acceptance Testing

 Acceptance testing is a level of software testing where a system is tested for
acceptability. The purpose of this test is to evaluate the system’s compliance with the
business requirements and assess whether it is acceptable for delivery. User Acceptance
Testing is a critical phase of any project and requires significant participation by the end
user. It also ensures that the system meets the functional requirements.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.