You are on page 1of 24

1

SMS TRANSACTION SECURITY Chapter 1 INTRODUCTION


This chapter describes about each and every chapter in the Document.

Description of the Problem


Secure Messenger is an Application, used to encrypt and decrypt the message. This encrypts and decrypt based on Quasigroups Cryptographic Algorithm (QCA). This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is used to transform money between two peoples. This SMS Message is encrypted on your mobile by using Java MIDLET. And Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted.

Transaction on mobile is used to transform money between two peoples. These two peoples must be registered in a Bank and they should have mobile for transaction. This transaction starts with SMS if USER1 wants to pay money to USER2. Both of them should have mobile phone. User1 simply types SMS to particularly bank with his 4 digits PIN, Amount and is transferred to designation account. Confirmation SMS is sends to both Users.

System analysis
This chapter explains about various processes involves in the project right from Input from the user till the Output information given to the user. Here we explain the Data Flow Diagram briefly. Then it also explains what are the flow control involve in the project. Input and Output, how to store the Data and how to maintain the Data values and other details.

System Design
This chapter explain about various datatable structures includes Field names, Data types, Size and Constraints etc., It also explains E R Diagram. It describes File Structure, Source of Input, Files involved in processing and Output structure. It explains various processes involve and the manipulation done between the files. It explains the Output to the user and how it is given .

Output Design
It displays System Flow chart i.e. how gets the Input , processes involved, decision making done, where the data comes, what are happens System inside and what Output you finally get and when and where the process ends. It displays Login Screen for Online as well as Offline.

Testing and Implementation


It discusses the tests involved in the project. And evolves of all operations included according to the Organization requirement.

Conclusion
This chapter discusses the scope of the system and the reference books which had been explored.

Chapter 2

Description of the Problem


Existing System
In the modern world, cell phones have been used by majority of the people around the world. The normal procedure for cell phone activation profiled takes on with; 1. Buying the SMS card from the dealer 2. Scratch the card 3. Type the 13 Digit number 4. After these procedures only, security for system exists in a cell phone.

This is what happens in the existing systems. This is not at all a problem for the customers, but in the fast moving world, every one is working like a machine. So, for making their work to move in a smooth manner without tension and for saving the precious time, we are introducing a systems called SMS secure transaction on Mobile.

Proposed System
Secure Messenger is an Application, used to encrypt and decrypt the message. This encrypts and decrypt based on Quasigroups Cryptographic Algorithm (QCA). This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is used to transform money between two peo. This SMS Message is encrypted on your mobile by using Java MIDLET. And Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted.

Transaction on mobile is used to transform money between two peoples. These two peoples must be registered in a Bank and they should have mobile for transaction. This transaction starts with SMS if USER1 wants to pay money to USER2. Both of them should have mobile phone. User1

4 simply types SMS to particularly bank with his 4 digits PIN, Amount and is transferred to designation account. Confirmation SMS is sends to both Users.

Chapter 3 System Analysis


SYSTEM DESCRIPTION
SMS or Short Message Service allows Cellular or Mobile GSM phones to send and receive Text Messages. SMS is a widely used service for brief communication and the data sent using SMS

5 services is confidential in nature and is desired not to be disclosed to a third party. The use of SMS is a convenient and fast means of communication with cellular telephone and pagers.

This can be alphanumeric and more recently graphical. A sent SMS message is stored at an SMS Center (SMSC) until the receivers phone receives it. The receiver can identify the sender by his/her telephone number that is included in the message itself. SMS supports several input mechanisms that allow interconnection with different message sources and destinations including voice-mail systems, Web-based messaging and E-mail integration.

SMS CHARACTERISTICS
The cost of sending SMS messages is lower than other data-oriented mobile services such as WAP. Mobile service in-curstwo kinds of cost: the one-time cost of purchasing a mobile device; and the ongoing cost of using the services. Nowadays, almost all mobile phones are SMS enabled but WAP phones are still relatively expensive. The cost of sending a SMS message is low and relatively much cheaper than accessing Internet via WAP.

Convenience of anytime and anywhere

SMS messaging has two special characteristics: anytime and anywhere availability. A switched-on mobile device is able to receive or send a message at anytime regard-less of whether a voice or data call is in progress. Messages sent to a switched-off phone are guaranteed to deliver when the handset is on again because SMS messages are users. One application is in the selective advertising business for promotional purpose. For example, restaurant operators can entice customers by sending them advertisements and promotional information messages when they are in the vicinity of restaurants. Personal characteristic;

6 To determine the possible success factors of emerging SMS commerce, we first need to understand the contributing factors to the existing success of SMS messaging. To-ward this end, we performed an extensive content analysis of the extant literature on SMS messaging in several countries. Cost-effective and interoperable wireless infrastructure, support for location-awareness.

ARCHITECTURE OF SMS
In my project Secure Messenger is an Application, used to encrypt and decrypt the message. This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is encrypted on your mobile by using Java MIDLET. And Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted message

USER 1

Mobile SMS Encrypt ed

Network Operator I

USER2

Mobile SMS Decrypt ed

Network Operator II

ARCHITECTURE OF TRANSACTION
Transaction on mobile is used to transform money between two peoples. This two peoples must be registered in a Bank. And they should have mobile for transaction. This transaction starts with SMS. If USER1 wants to pay money to USER2, both of them should have mobile phone. User1 simply types SMS to particularly bank with his 4 digits PIN, Amount and Account No. Bank server processes the request and Amount is transferred to designation account. Confirmation SMS is sends to both USERS.

USER1 Network Operator BANK SERVER Database

USER2

Network Operator

ALGORITHM FOR ENCRYPTION Name : Quasigroups Cryptographic Algorithm(QCA):


In this application for sending encrypted SMS messages using cryptographic methods based on theory of Quasigroups is proposed. The encryption algorithm is characterized by a secret key. The application is developed using programming language Java and the J2ME environment. SMS messages are sometimes used for the interchange of confidential data such as social security number, bank account number, password etc. A typing error in selecting a number when sending such a message can have severe consequences if the message is readable to any receiver. Most mobile operators encrypt all mobile communication data, including SMS messages but sometimes this is not the case, and even when encrypted, the data is readable for the operator. Among others these needs give rise for the need to develop additional encryption for SMS messages, so that only accredited parties are able to engage communication.

Our approach to this problem is to develop an application that can be used in mobile devices to encrypt messages that are about to be sent. Naturally decryption for encrypted messages is also provided. The encryption and decryption are characterized by a secret key that all legal parties have to posses.

In addition to cryptographic strength, things to consider when developing this type of an application for mobile devices are limitations in memory and processing capacity. Quasigroups are well suited for encryption of this type of data. The cryptographic strength of Quasigroups based encryption has been examined.

DEFINITIONS OF QCA

9 A groupoid is a finite set Q that is closed with respect to an operator *, i.e., a * b Q for all a, b Q. A groupoid is a Quasigroup, if it has unique left and right inverses, i.e., for any u, v Q there exists unique x and y such that x * u = v and u * y = v.

This means that all operations are invertible and have unique solutions, which implies their usability as cryptographic substitution operations. With this in mind we can define inverse operations for *, call them \ (left inverse) and /(right inverse) . The operator \ (resp. /) defines a new Quasigroup (Q, \, * ) (resp. (Q, /)) and for algebra (Q, \ , _ )

x * (x \ y) = y = x \ (x * y)

(1)

A Quasigroup can be characterized with a structure called Latin square. A Latin square is an n * n matrix where each row and column is a permutation of elements of a set. In our case | = n. |Q

Several other operations can be derived from the operation * [2], but for our purposes operations * and \ (right inverse) are sufficient.

10

ENCRYPTION OF QCA

DECRYPTION OF QCA

11

COMPOSITION OF ENCRYPTION AND DECRYPTION

DATA FLOW DIAGRAMS


Data Flow Diagrams

12 The data flow diagram (DFD) is one of the most important modeling tools. It is used to model the system components. These components are the system process, the data used by the process, an external entity that interacts with the system and the information flows in the system.

DFD shows how the information moves through the system and how it is modified by a series of transformations. It is a graphical technique that depicts information flow and those transformations that are applied as data moves from input and output.

DFD is also known as bubble chart. A DFD may be used to represent a system at any level of abstraction. DFD s may be partitioned into levels that represent increasing information flow and functional details.

A level 0 DFD, also as the context diagram, represents the entire system as a single module with input and output data indicated by incoming and outgoing arrows respectively. Additional process and information flow paths are represented, as the level 0 DFD is partitioned to reveal more details.

A level1 DFD, also called as top-level DFD, represent the system with major modules and data stores. First level DFD is shown in fig. the other levels will show each module in the top-level DFD in a more detailed fashion. The other level DFD s for our system are shown from fig to fig.

Data Flow Diagram

13 accno skey 1.1 Verify accno, skey accno skey accno Amt 1.2.1 Verify toaccn o, amount toaccno

Mobile user

cust

cust

1.2.2 Verify balanc e

amount

cust

Accno, toaccno,amount

1.3 Update Balanc e Acknowledge

amount accno Date,time,accno

cust

transaction cust

Mobile

Chapter 4 System Design


Database Design
Table Name: Cust Description: Stores Customer details Field Name Accno Data type Text Size 20 Constraint Primary key

14 Cell no Pass word Skey Balance Number Text Text Number 20 20 20 20

Table Name: sms Description: Stores sms details Field Name Field Name Pid Sid Message Data type Text Text Text Size 20 20 20 Constraint Primary key

Table Name: Transaction Description: Stores Customer transaction details Field Name Accno To_accno Mode Date Time Amount Data type Text Text Text Text Text Number Size 20 20 20 20 20 20 Constraint Primary key

15

E R Diagram

AccNo

Skey Cellno toaccn o accno

toaccno Date/time

amount

amount

Mode

Cust Detail

Transaction

Transaction Detail

File Structure
File Structure explain overall project. It explains the files, which involve and how it process the fields in the tables. Then it explains what are all the Output Involved.

Source of Input:
We can give Customer Account No, Secrete key, amount in Mobile Screen. To make sms separate text box is available for contents to be typed.

Files involved in Processing: SMS:


Consists Sender , Receiver , Message Data items when sms were Receive and sent.

16

Cust:
Contains Customer account No, Password, skey, balance, cell no for maintaining Customer Data perfectly.

Transaction:
Consists Customer account No, Date, Time, amount, mode which was useful as Customer wise Transaction.

Output File Structure:


It explains the Output to the Users and how it is given.

SMS:
sent.

Start

Consists Sender , Receiver , Message Data items when sms were Receive and

Cust:

Customers InputPhone No., Account No., PIN No., Amount Contains Customer account No, Password, skey, balance, cell no for
Is No Reg. User Consists Customer account No, Date, Time,amount, mode which was useful as Yes Valid Account No No

maintaining Customer Data perfectly.

Transaction:

Customer wise Transaction.

Chapter 5

Output Design Yes


System Flow Chart
Valid PIN No Yes No No

Valid Min Balance Yes

Transaction done

Stop

17

Chapter 6

Testing and Implementation


Testing is a process of executing with the intent of finding an error. Testing was done to check for the proper functioning of system. System was tested at various levels to attain the goal and the system to be problem free. The following testing strategies are performed. System Testing

18 Integration Testing Acceptance Testing

System Testing:
It verity checks whether the software meets its requirements that were laid down during the project tracking specification. It is comprised of Integration Test and Acceptance Testing.

Integration Testing:
Testing modules are combined into Sub Systems and then Tested. This is done as modules can be Integrated properly, emphasizing on interface between modules. Integration testing is a systematic technique for constructing the program structure while conducting tests to uncover errors associated with interfacing. The objective is to take unit tested modules and build a program structure that has been dictated by design. There are mainly two types of integration. 1. Top-Down integration 2. Bottom-Up integration

Top-Down integration is an incremental approach to construction of program structure. Modules are integrated by moving downward through the control hierarchy, beginning with the main control module (main program). Bottom-Up integration testing, as its name implies, begins construction and testing with automatic modules (i.e. modules at lowest levels in the program structure). Because modules are integrated from the bottom-up, processing required for modules sub-ordinate to a given level is always available and the need for stubs is eliminated. Because of this advantage of Bottom-Up integration, we adopted this method integration testing is a systematic technique for constructing the

19 program structure while conducting tests to uncover error associated with interfacing. The objective is to take unit tested modules and build a program structure that has been dictated by the design.

At this stage of integrating testing best results can be achieved if the incremental integration technique is adopted. In this process the program is constructed and tested in small fragments where errors are easy to be tested completely; and a systematic approach may be applied. In the present Secure SMS Transaction, we used Black Box testing for finding errors in the following categories. Incorrect or missing functions. Interface errors. Errors in database access. Initialization and termination errors. Desired out put for given input. I/O error.

Acceptance Testing:
This focuses on the external behavior of the system . It is done with live data to see that the software works satisfactory.

Unit testing:
Unit testing focuses verification errors on the smallest unit of software design-the module. Using the procedural design description as a guide, important control paths are tested to uncover errors within the boundary of the module.

20 Every module interface is tested to ensure the information properly flows into and out of it. The local data structure is examined to ensure that data stored temporarily maintains its integrity during all steps in algorithms execution. Boundary conditions are tested to ensure that the module operates properly at boundaries established to limit or restrict processing. All independent paths through the control structure are exercised to ensure that all statements in a module have been executed at least once. All error-handling paths are tested properly.

Because a module is not a standalone program, stub software must be developed for each unit test. In our case this stub software is nothing more than a Main Program that accepts test data, passes such data to the module and prints the relevant results. Unit testing performs verification on the smallest unit of software design in the module. Using the procedural design description as a guide, important control paths are tested to uncover errors with in the boundary of the module scope established for unit testing. The unit testing is normally white box oriented and the step can be conducted in parallel for multiple modules.

The module interface is tested to ensure that information properly flows into and out of the programs unit under test. Boundary conditions are tested to ensure that the module operates properly at the boundaries established to limit or restrict processing.

Testing Units:
In this project we will perform two levels of testing: Unit testing and System Testing. Since system is small, it is felt that there is no needed for elaborate integration testing. The basic units to be tested are:

21 Modules for getting valid Account Number, Secrete Key and Amount. Modules for sending SMS. Modules for receiving SMS.

In addition, some other units may be chosen for testing. The testing for these different units will be done independently.

Features To Be Tested:
All functional features specified in the requirements documents will be tested. We checked the designed application for individual and overall performance, which was satisfactory once the mobile gets connected to the system. For each of his requests the server is responding as desired.

Test case specification for system testing:


In this document, we specify all test cases that are used for system testing firstly, different conditions that need to be tested, along with the test cases used for testing. The test cases are specified with respected to these data files. The test cases have been selected using functional approach.

The goal is to test different functional requirements as specified in the requirement document.

System testing:
System testing is actually a series of different tests whose primary purpose is to fully exercise the computer-based system. All the following tests are performed to verify that all system elements have been properly integrated and perform allocated functions.

22

1.Recovery Testing:
Many computer-based system must recover from faults and resume processing within a pre specified time. A system must be fault tolerant, that is, processing faults must not cause system function to cease. This testing is performed by giving fault input like corrupted data, illegal inputs etc, in all the cases the system gets back to its original state after giving a appropriate error message.

2.Security Testing:
Because the system doesnt maintain any vulnerable data this testing is not so important. But we have tested for side effects of this utility of the target system.

3.Stress Testing:
Stress testing executes a system in a manner that denotes in a resource in an abnormal quantity frequency or volume. During this testing we gave very large volume data as inputs to the system. It has very effectively.

4.Performance Testing:
Performance test is design to test run time performance of software with in the context of an integrated system. The conclusion is obtained by writing small pieces of code, which after the termination of process displays some of important like percentage of resources used are displayed.

System Test Report:


The total numbers of errors are detected during system testing. These are all minor and most of them were resolved.

Chapter 7

CONCLUSION
Scope of the System
We conclude that our project will be a step-up stone for the fore coming technology. This is because in this modern world, each and every person is working like a machine. so, to save their

23 precious time and secure our messages, cell phones have been invented and it performs spectacular functions. One of them is SMS (short messaging service). Each and everything comes under the hands of the man. He is able to control his work from where he is now located.

With this, how many operations are performed such as viewing cricket scores, viewing headlines, viewing share market details etc. Like this, through SMS, we have succeeded in secure transaction on mobile. We think that is the start of the new fore coming technology, which will make mans work simpler and effectively for the complete functionality. It is highly compatible on all windows.

Bibliography
REFERENCES

System Analysis and Design Unleashed Java 1.2 Using Java 2

Elias M.Awad. Jamie Jaworski Joseph Weder

24

The Complete Reference Java 2 The complete Reference J2ME

Patrick Naughton, Herbert Schildt James Keogh.

WEBSITES

1. www.java.sun.com 2. www.nokia.com 3. www.seimens.com