You are on page 1of 15

Chapter 2

Project Requirements

Chapter 2


2.1 Software Requirement Specification

2.1.1 Introduction:

A] Purpose:
To implement Protection Of Sensitive Data in Wireless Devices for
securing the sensitive as well as confidential data of the user. In this process the
data is secured by initially establishing the connection between the mobile
phone (server) and Laptop System (client) via a Bluetooth. Then the encryption
and decryption process Is used for securing the accessibility of the respective
data of the user.

B] Business Context:
Providing, the corporate world a scheme to secure the confidential and
secret data by using the available resources in a very efficient, inexpensive and
effective way. Our system will enrich the user’s confidence in believing that our
system secures data in a fruitful way. This system has indispensable applications
in software companies, institutions, Banks, Hospitals etc., wherever the
information is of vital use.

C] Scope of the Project:
The main area of work for our software product is in securing the
sensitive data of the user. Our Software product will reduce burdensome job of
re-authentication repeatedly for the user and will provide the assurance of data is
safe in absence of the user.

Protection of Sensitive Data in Wireless Devices

B) System with a inbuilt Bluetooth device. 3) Verify User’s authentication 4) Check for connection/re-connection and disconnection process.2 Software Requirements: A) Operating system: Win 98/2000/ME/XP B) JAVA Standard Edition tool kit C) A Mobile Phone handset supporting java enabled application. 5) Perform Encryption and decryption operations based on user’s availability in the proximity. C) A Mobile Phone Handset supporting Bluetooth technology.2 System Requirements 2. 128 MB RAM and Hard drive with minimum 2 GB capacity.1 Hardware Requirements: A) Laptop or desktop computer system with Pentium III (600 Mhz or higher) processor. 2.Chapter 2 Project Requirements D] In our Transient Authentication System following steps occur: 1) Establish the Connection between the two devices 2) Achieve initial authentication.2.2. 2. Protection of Sensitive Data in Wireless Devices 10 .

B] Laptop System: Protection of Sensitive Data in Wireless Devices 11 .3.1 User Profiles: A] Owner: Owner is a person who is the responsible user of both the devices. which is license free.4. 2.3. Owner initiates the authentication process.3. is used.Chapter 2 Project Requirements 2.3 Major constraints 2. 2. B) A mobile phone to be used must support java and Bluetooth technology.2 Resource Limits: A) The default range of Bluetooth. He/she is the user for which our product will provide the assurance of securing the sensitive data. The user should authenticate to the laptop system after every 24 hours and only Then user will be allowed to change the E-D key if required.3 Security Consideration: All Security measures are taken into consideration assuming that the mobile phone will be with the user all the time because it is the way to provide unique access to the sensitive data of the user.4 Usage scenarios 2.1 Implementation Languages: A) JAVA Standard Edition B) JAVA Micro Edition 2.

5. he/she does not have to invest on the hardware of the system. Hence.1 Special usage consideration incase of user: The user is the owner of Laptop and Mobile phone. 2.5 Special usage considerations: 2. The mobile phone can be any cell phone model with Bluetooth facility. It is the devices which is always available with the user.5.2 Special usage consideration for devices: The Computer System may be a Laptop with an inbuilt Bluetooth or a desktop computer with external Bluetooth device. 2. It performs the encryption and decryption process for providing the access rights to the authorized user. Protection of Sensitive Data in Wireless Devices 12 . Whenever the user is in the proximity this respective E-D key is sent to Laptop system. C] Mobile phone: Mobile phone is the master device which stores the key responsible for the decrypting the data in decryption process.Chapter 2 Project Requirements Laptop is the system which stores and protects the sensitive data of the user. The user carries the authenticator (mobile phone) wherever he goes and user is not performing burdensome job while using our application.

7. then is authentication password ( to be inserted after 24 hours). E-D key.2 Data Object: The passwords. While at client side an interface for authenticating user.6 Data Model and Description: 2. Selecting/Removing sensitive files. Authentication code on Mobile phone.2 Human Interfaces: The human interface is designed at server as well as client side. 2.7. E-D key which will be deleted from the variable after the encryption takes place. selecting E-D key.1 Data Description: The data to be stored in database or in variables is. Protection of Sensitive Data in Wireless Devices 13 . Connecting to the server has been developed for the user. and finally the path of the files which user considers is sensitive in nature.Chapter 2 Project Requirements 2. 2. Status of the application.6.7 Functional Model and Description: 2. path of the files and status of the sensitive files. 2.1 Software Interface Description: The Software Interface for our project is based on the Bluetooth API’s available in JAVA.6. Logging out has been provided. At Server side (Mobile Phone) an interface for Logging in. The Human interface at both the ends is very user friendly.

2 States for the Software Behavior: The Following states are observed at both the ends: A] Server side: • Login • Accept the connection • Connected • Discard the connection • Disconnected • Logout Protection of Sensitive Data in Wireless Devices 14 .8 Behavioral model and its description: 2.8. B] Client side (Laptop): The Laptop will also validate the user for authorizing him/her for using the application by. 2.Chapter 2 Project Requirements 2.1 Description for Software Behavior: A] Server side (Mobile Phone): The Mobile Phone checks the authenticity of the user by validating the user name and the password inserted by him/her at server side. asking for the authentication codes.8. If positive results are obtained then it sends the key to the laptop for further process. After obtaining the correct passwords the laptop will allow the user to select/remove the sensitive files for desired necessity. Laptop performs Encryption/decryption process based on the user’s presence in the proximity.

9 Performance Requirements: 2.9. These events help the software take the required decision for handling the respective condition. Protection of Sensitive Data in Wireless Devices 15 .9. 2.Chapter 2 Project Requirements B] Client side: • Authenticate • Establish connection • Connected • Perform Decryption • Disconnected • Perform Encryption • Waiting for Re-connection 2.2 Efficient Response: The Encryption of sensitive and confidential data should take place as soon as the disconnection between two ends occurs. The Events occur for following cases: A] User enters incorrect Authentication code B] User departs from the proximity range.1 Stable Connection: The connection between the two respective ends should be uninterrupted while exchanging the sensitive keys.8. The system should give efficient and effective response to all the user events.3 Events: The Software uses different events for various conditions that occur. 2. C] User enters the proximity range.

D] The program is application based. 2.10 Quality Requirements: A] The interface developed for the user of the software should be user-friendly. The large chuck of data indicates the size of the files declared as sensitive. 2.11.Chapter 2 Project Requirements 2. C] The E-D keys should well be protected from the unauthorized user.11 Design Constraints and Assumptions: 2.4 Future Extensibility: The application should be flexible for future enhancements for example. C] The interface is minimal.9. 2.3 Effective handling of large Data: The large amount data should not slow down the system operations. D] The software should easily handle all the types of run time errors.9. B] Java Based Application.1 Design Constraints of the system: A] The program can run on WindowsTM platform. Protection of Sensitive Data in Wireless Devices 16 . encryption of the data located everywhere hard drive. B] The user must be satisfied with the functioning of the software.

The effective strategy for handling risks must address three issues: A] Risk Avoidance B] Risk Monitoring C] Risk Management and Contingency Planning Protection of Sensitive Data in Wireless Devices 17 . C] All the drastic bugs will be taken care by the development team. G] The documentation will provide the complete guidance regarding the operations of the software. E] Required resources will necessarily be available when required.11. B] Software will provide the desired quality and satisfaction to the user.2 Assumptions: A] Software will be delivered on time. D] The application will be error free.Chapter 2 Project Requirements 2.12 Risk Analysis: As it is truly observed that for any project being developed it is empirical for the team to monitor and manage risks. F] All the service agreement issues will be fulfilled. Risks are the unexpected delays and hindrances that are faced by the software team and need to be actively managed for rapid development. 2.

12. we analyzed all the risks individually and we came up with the classification of risks on the basis of their impact on project schedule. Some of the risks were ‘Generic Risks’ while others were ‘Product Specific Risks’.1 Risk Identification: Our Development team identifies twelve potential risks in the different phases of the project.Chapter 2 Project Requirements 2. Those risks were analyzed and classified into various categories depending upon the threat they posed to the project. The table below enumerates the various risks. The following are the ratings of the impact of the risk: A] Catastrophic B] Critical C] Marginal D] Negligible After analyzing the risks. A Considerable amount of time was spent in analyzing the product specific risks. Protection of Sensitive Data in Wireless Devices 18 . Hence. the risks were prioritized based on the reviews and consensus among the developers.

No. False estimation of task allocation Project 40% Critical 3 System incompatibility Project 25% Marginal 4 Lack of trained and experienced Project 20% Marginal developers 5 System not scalable Technical 5% Critical 6 Resources unavailability Project 35% Catastrophic 7 Lack of training on tools Technical 5% Marginal 8 Technology to be used is unable to Technical 5% Catastrophic meet the requirements 9 Insufficient response of the system Technical 35% Critical 10 Developers work than expected Personal 35% Critical 11 Lack of Coordination Personal 25% Negligible among team members 12 Requirements keep on changing Project 45% Catastrophic Table 1: List of Risk and its Impact Protection of Sensitive Data in Wireless Devices 19 . Risk Category Probability Impact 1.Chapter 2 Project Requirements Sr. Project completion deadline Business 10% Critical 2.

Chapter 2 Project Requirements 12.2 Risk Monitoring and Mitigation: After the risks had been categorized. action was taken to control these risks. so that the schedule estimate is not treated as very precise and gives sufficient padding for schedule estimates. since the software knowledge can be gained. which involved mitigation and monitoring these risks. prioritized and their probability of occurrence determined. Risk Monitoring and Management: Protection of Sensitive Data in Wireless Devices 20 . The key steps taken for risk control are as follows: A) Project does not complete on time Risk Mitigation: Schedule the project in such a fashion that major modules are completed first so that they get enough time for testing and debugging. B) False Estimation of Task Allocation Risk Mitigation: Quantify the size and schedule using ranges. Risk Monitoring and Management: Keep track of schedule slips. Risk Monitoring and Management: Keep a track of the project by lines of code and complexity. C) Lack of Trained and Experienced Developers: Risk Mitigation: This is not a critical risk.

Risk Monitoring and Management: Guidance from proper programmers with an in depth knowledge of managing and manipulating the required tools can be taken. Risk Monitoring and Management: This has been prevented by careful analysis of the system requirement and feasibility before coding starts. D) Resources Unavailability: Risk Mitigation: Risk is due to mismanagement. F) Technology to be used is unable to meet the Requirements Risk Mitigation: In the event that the technology of connection does not allow all the features expected of it. this risk involves more time to find an alternative solution to the problem. E) Lack of Training of tools Risk Mitigation: This risk is due to the inexperience of the developers who will be developing the software. or the facilities expected of the programming language are not properly supported. Risk Monitoring and Management: This can be eliminated by properly examining the requirements and their configuration in advance so that it can be available on time.Chapter 2 Project Requirements Hard work can overcome this problem. Protection of Sensitive Data in Wireless Devices 21 .

low memory and low processing powers. I) Lack of Coordination among team members Risk Mitigation: Involve all team members in a joint assignment to nature the understanding among team members.Chapter 2 Project Requirements G) Insufficient Response of the System: Risk Mitigation: The response time of the system is poor because of network delays. Perform regular reviews to check if the productivity is being affected. Risk Monitoring and Management: This risk is to be mitigated by building high quality software by optimizing resources usage in order to improve the performance. Risk Monitoring and Management: Consult guide for suggestion on code reuse. H) Developers work than Expected Risk Mitigation: Relate existing task creation code to the proposed design and identify code segments that can be reused. Risk Monitoring and Management: Check for frequent quarrels and misunderstanding. Protection of Sensitive Data in Wireless Devices 22 .

Protection of Sensitive Data in Wireless Devices 23 .Chapter 2 Project Requirements J) Requirements keep on changing Risk Mitigation: Study needs of the company in detail and come up with a comprehensive and detailed list of requirements. Risk Monitoring and Management: Keep a track of the progress and check if something had been forgotten when the requirements were laid down.