PROJECT REPORT:

BUILDING AN EASY TO USE APPLICATION FOR PUBLIC KEY

CRYPTOYSTEM USING OP ENSSL LIBRARY

&
DEPLOYMENT OF OX APP SUITE OVER RED HAT SERVER SYSTEM FOR IDRBT
INTRANET AND IDRBT CLOUD SERVICES

Submitted To:
INSTITUTE FOR DEVELOPMENT AND RESEARCH IN BANKING TECHNOLOGY

ROAD NO. 1, CASTLE HILLS, MASAB TANK,

HYDERABAD-500057

Project Guide:By:

Dr.N.P.Dhavale Shivashish Kumar

Deputy General Manager, Part-III,
IDRBT,Hyderabad Mathematics and Computing
IIT(BHU),Varanasi

0|P age
Institute For Development and Research in Banking Technology

Road No. 1, Castle Hills, Masab Tank,

Hyderabad-500057

CERTIFICATE
Mr. Shivashish Kumar, student of Integrated M.Tech course at IIT (BHU), Varanasi in the
Department of Applied Mathematics was assigned the projects 1.”Building an easy to use
application for public key cryptosystem using openSSL Libraries” 2.”Installation of OX AppSuite
over red hat server system for IDRBT intranet and IDRBT Cloud Services” under the guidance of
INFINET department of IDRBT. During the course of the project he has undertaken a study of
Public Key Infrastructure (PKI), Java Libraries and Networking Systems.

This is to certify that he has successfully completed the projects assigned to him as an intern at
Institute for Development and Research in Banking Technology, Hyderabad from May 13, 2013
to July 12, 2013.

Dr. N.P.Dhavale
(Project Guide)
Deputy General Manager
IDRBT, Hyderabad

1|P age
 ACKNOWLEDGEMENT

Summer project is a golden opportunity for learning and self-development. I consider myself
very lucky and honored to have so many wonderful people lead me through in completion of
this project.

I would like to express my sincere gratitude to the Institute for Development and Research in
Banking Technology (IDRBT) and particularly Dr.N.P.Dhavale, whowas my guide during the
course of the project.I would not hesitate to add that this short span of time in IDRBT has
added a different facet to my life as this is a unique organization being a combination of
academics, research, technology, communication services, crucial applications etc. and at the
same time performing roles as an arm of regulation, spread of technology, facilitator for
implementing technology in banking and non-banking system.

I am really grateful to Dr.N.P.Dhavale who in spite of being extraordinarily busy with his duties,
took time out to hear, guide and keep me on the correct path and allowing me to carry out my
industrial project work at the organization and extending during the training. He helped all time
when we needed and he gave right direction toward completion of project.

I am also thankful to Shri V S Mahesh,ShriSrihari and SmtAnuradha with whom I worked

throughout my stint at IDRBT and this project was possible only with their cooperation

I am thankful to the staff of INFINET department at IDRBT for helping me to get familiar with
the applications. They gave me a chance to study the application and its impact from different
perspective. I am also thankful to my college, for giving me this Opportunity to work in a high-
end research institute like IDRBT.

Lastly I will like to thank my family and friends for their support and all others who made this
project successful either directly or indirectly

Shivashish Kumar
Project trainee
IDRBT, Hyderabad

2|P age
 ABSTRACT

Project 1.”Building an easy to use application for public key cryptosystem using
openSSllibrary”.The project is about an application for public key cryptosystem using OpenSSL
library. It consists of various functionality offered by the application, associated features,
platforms used and methodology followed by the application. The report also has class diagram
and sequence diagram to emphasize further about the application have actually been built and
a way forward to summarize the task to be done further for this.

Project 2.”Installation of OX AppSuite over red hat server system for IDRBT intranet and cloud”.
The Project is about deployment of OX App Suite over IDRBT intranet .It discusses about OX App
Suite, Its significance inIDRBT environment, and the stepwise instruction followed during the
course of the project for its deployment. It also highlights about the steps required for moving
to the cloud and the difficulties associated with it.

3|P age
 TABLE OF CONTENT

Project I
1. Introduction................................................................................................................................ 7
2. Project Description....................................................................................................................... 7-10
2.1 Application Software........................................................................................................... 7
2.2 Cryptography..................................................................................................................... 7-8
2.3 Cryptography Terms………………………………………………………………… 9-10
2.4 openSSL ……………………………............................................................................... 10
3. Objective....................................................................................................................................... 10
4 Functionality............................................................................................................................... 11
5. Platform................................................................................................................................... 11
6. Overview……………………………………………………………………………………….. 11-12
7. Requirements................................................................................................................................. 12
8. Significance………………………………………………………………………………… 13
9. Methodology…………………………………………………………………………………… 14-28
9.1 Sequence Diagram……………………………………………………………………….. 14
9.2 Operating Instructions…………………………………………………………………… 15-20
9.3 Class Diagram…………………………………………………………………………… 21-28
10/Features…………………………………………………………………………………………. 29-30
11. Way Forward…………………………………………………………………………………… 30

Summary…………………………………………………………………………………………… 31

References………………………………………………………………………………………….. 32

4|P age
 Project II
1. Introduction................................................................................................................................ 34

2 Objectives.................................................................................................................................. 34
3. Definitions................................................................................................................................ 34-35
4 Platform………………………................................................................................................ 35

5. Requirements………………………………………………………………………………… 35
6. OX App Suite at IDRBT…………………………………………………………………….. 36
7. Installation and deployment………………………………………………………………… 36-39
5.1 OX App Suite over Intranet............................................................................................ 36-38
5.2 OX App Suite over Cloud ………………........................................................................ 39

Summary........................................................................................................................................ 40

References...................................................................................................................................... 41

5|P age
 PROJECT 1

BUILDING AN EASY TO USE APPLICATION FOR PUBLIC KEY

CRYPTOSYSTEM USING OPENSSL LIBRAR Y

6|P age
 1. INTRODUCTION

This project mainly concentrates about developing a Java based application which will let the
user perform different cryptographic instruction in GUI (Graphic user Interface) mode. The
developed application is a desktop application which on receiving various cryptographic
requests from the user will process and execute them accordingly. All the digital features of
Public key Infrastructure like key generation, certificates, message digest, encryption and
signatures have been combined with the application itself to make it a standalone application

2. Project Description

2.1Application software is all the computer software that causes a computer to perform
useful tasks beyond the running of the computer itself. A specific instance of such software is
called a software application or easy to use application

2.2Cryptography
Cryptography or cryptology is the practice and study of techniques for secure communication
in the presence of third parties

In modern era, there are 2 ways of cryptography:

1. Symmetric key cryptography

2. Public key cryptography

Symmetric-key cryptography refers to encryption methods in which both the sender and
receiver share the same key. This method have historically been susceptible to known-plaintext
attacks, chosen plaintext attacks, differential cryptanalysis and linear cryptanalysis.

Public-key cryptography refers to a cryptographic system requiring two separate keys, one of
which is secret and one of which is public. Although different, the two parts of the key pair are
mathematically linked. One key locks or encrypts the plaintext, and the other unlocks or
decrypts the cipher text.

There are two main uses for public-key cryptography:

Public-key encryption, in which a message is encrypted with a recipient's public key. The
message cannot be decrypted by anyone who does not possess the matching secret key,

7|P age
 who is thus presumed to be the owner of that key and the person associated with the
public key. This is used in an attempt to ensure confidentiality.

Digital signatures, in which a message is signed with the sender's secret key and can be
verified by anyone who has access to the sender's public key.This ensures that the message
has not been tampered, as any manipulation of the message will result in changes to the
encoded message digest, which otherwise remains unchanged between the sender and
receiver.

This entire process of using public- key cryptography is public key cryptosystem

Fig 1: Public key cryptography

image sourcegdp.globus.org

A public-key infrastructure (PKI) is a set of hardware, software, people, policies, and

procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
In cryptography, a PKI is an arrangement that binds public keys with respective user identities
by means of a certificate authority (CA). The user identity must be unique within each CA
domain.

Fig 2: PKI System Image source:ei4africa.eu

8|P age
2.3Cryptography Terms:

2.3.1 Symmetric Key: Key that is used with the operations of a symmetric encryption scheme is
the symmetric key

2.3.2 Digital Certificate: In cryptography, a public key certificate or digital certificate is an

electronic document that uses a digital signature to bind a public key with an identity —
information such as the name of a person or an organization, their address, and so forth.

2.3.3 Key Pair: Every digital certificate has a pair of associated cryptographic keys. This pair of
keys consists of a private key and a public key. A public key is part of the owner's digital
certificate and is available for anyone to use. A private key, however, is protected by and
available only to the owner of the key.

2.3.4 Root Certificate: A root certificate is either an unsigned public key certificate or a self-
signed certificate that identifies the Root Certificate Authority (CA).

2.3.5 Certification Authority (CA): It is an entity that issues digital certificates

2.3.6Certification request: a certificate signing request (also CSR or certification request) is a

message sent from an applicant to a certificate authority in order to apply for a digital
certificate

2.3.7 Certificate signing: A CA issues digital certificates that contain a public key and the
identity of the owner. A CA's obligation in such schemes is to verify an applicant's credentials,
so that users and relying parties can trust the information in the CA's certificates.

2.3.8 PKCS#12 Certificate: PKCS #12 defines an archive file format for storing many
cryptography objects as a single file. It is commonly used to bundle a private key with
its X.509 certificate or to bundle all the members of a chain of trust.

2.3.9 Digital Signature: It is a mathematical scheme for demonstrating the authenticity of a

digital message or document.

2.3.10 Message Digest: A cryptographic hash function is algorithm that takes an arbitrary block
of data and returns a fixed-size bit string, the (cryptographic) hash value, the data to be
encoded are often called the "message," and the hash value is sometimes called the message
digest or simply digests.

2.3.11 Encryption is the process of encoding messages (or information) in such a way that
eavesdroppers or hackers cannot read it, but that authorized parties can.

9|P age
2.3.12 Decryption: The process of decoding data that has been encrypted into a secret format.
Decryption requires a secret key (private or symmetric)

2.3.13 Cipher: a cipher (or cypher) is an algorithm for performing encryption or decryption—a
series of well-defined steps that can be followed as a procedure.

2.3.14 Base64 encoding: Base64 is a group of similar binary-to-text encoding schemes that
represent binary data in an ASCII string format by translating it into a radix-64 representation.

2.3.15 Crypto Token: A security token (or sometimes a hardware token, authentication
token, USB token) may be a physical device that an authorized user of computer services is
given to ease authentication

2.4OpenSSL is an open-source implementation of the SSL and TLS protocols. The

core library, written in the C programming language, implements the
basic cryptographic functions and provides various utility functions.

3. Objective

3.1User friendly application for secure transmission.

Basic aimis to develop a user friendly application so that user can securely transmit data or
information with limited knowledge about cryptographic algorithms. Anyindividualor
organization can rely on this application for confidentiality and authenticity of resources

3.2 Easy implementation of cryptographic function

Cryptographic libraries are based on command line tools and are difficult to be used. It
requires sequential instruction to be provided manually through DOS. This application will
make the use of crypto function (openSSL) easy through interface.

3.3 Combination of different functionalities

Application reduces the effort of executing commands one after another enabling user to view,
control, and manipulate multiple things simultaneously. Also application executes multiple
tasks to be performed in one step.

10 | P a g e
 4. Functionality

4.1 Generation of key pair and associated certificates including self-signed root certificate.

4.2Signature and verification of signature

4.3Encryption and decryption

4.4Combination of signature and encryption

5. Platform

5.1Java using swing and awt packages

5.2OpenSSL crypto libraries

5.3Support for FIPS 140 label 2* complying crypto tokens.

6. Overview

The application has been developed in Java using different packages and libraries. Application
has nine buttons in its homepage where each of the button performs a specific task it has been
assigned with. With the click of the user, application executes the request for further
processing. With each of the request, application asks for the input file and processes them
using openSSL instructions to execute the output

Fig 3: screenshot of application’s home page

11 | P a g e
* ->security standards
Buttons

6.1Generate Key: This button generates private, public or key-pair with specific number of bits
and secures it with passphrase (if provided) using RSA algorithm

6.2Generate Certificate: It provides the option to generate certificate request,to create a self-
signed root certificate for the system/Server with the mentioned validity period and name or to
sign a certificate request using root CA account

6.3 Export PKCS#12 Certificate: It exports the certificate in .pfxformat so as to be imported to

the browser or other platforms.

6.4Generate Digest: This button lets user create a digest for a given file, add digital signature
for a message or to verify a signature

6.5Encrypt/Decrypt: Encrypts a particular file using cipher through passphrase and similarly
decrypts a file. It provides user with the option of base 64 encoding.

6.6 Generate Signature: This option lets user generate their digital signature for a message
through signing certificate.

6.7 Sign & Encrypt: This button will create a compressed file containing encrypted form of the
message along with the user’s signature, its certificate as well as the encrypted passphrase.

6.8 Verify Signature: This Command verifies the signature of the sender with the actual
message sent

6.9 Decrypt & Verify: It decrypts the message received as well as verifies the signature to
ensure authenticity of the message by selecting the files sent by the sender.

Default hashing algorithm:SHA1

Default Cipher:aes-192-cbc

7. Requirements

 Java development kit(6.0 and above)

 Microsoft Windows Operating system
 Zip Software version 7
 OpenSSL Libraries (0.9.81 and above)
 FIPS 140 label 2 crypto tokens

12 | P a g e
 8.Significance at IDRBT
8.1 Current Scenario
IDRBT CA uses an application build by TCS for public key infrastructure requirement including
signing certificates. It requires high end servers and huge database from oracle.IDRBT do not
have its own application as of now to provide assistance to banks for PKI on demand

8.2 Drawback
Huge expenditure of money

Not complete utilization of huge resources due to small scale usage

8.3 Proposed System

The application developed during this project requires a minimal cost for its usage and
will work properly in a small level organization such as IDRBT CA. Expenditure of small
amount of money for ensuring security of the application will be the only cost and the
application to serve the same purpose.

Different banks run multiple level of application which requires security like structured
financial messaging system (SFMS), National electronic Fund Transfer (NEFT) which must
be secured. This application will let IDRBT provide banks with public key cryptography
facilities on their request for enabling PKI facilities in their application.

13 | P a g e
 9. Methodology
9.1 Sequence Diagram

Homepage

Actor

Generate key Generate Export PKCS#12 Generate Encrypt/ Generate Verify Sign & Decrypt &
Certificate certificate Digest Decrypt Signature Signature encrypt verify

Signature Unzip Signing Unzip

Generate Signature Verify

private key public key key-pair digest Signature
Compress Verification Encryption Decryption

certificate root CA Sign Certificate Encrypt Decrypt

certificate Compress Verification
request

Figure 4: work flow model

14 | P a g e
9.2 Operating Instruction
9.2.1Generate Key

Fig 5: Screenshot of key generation

frame
Click on generate key button from home page.

Another frame will open up where user will have to select the path where key is to be stored.
This is done using JFileChooser class of javax.swing package.

User will also have to provide specific number of bits and passphrase (optional)

User will finally select the choice to generate public key, private key or key pair. In case of key
pair, application will first generate private key and then will itself write public key in the same
file

9.2.2Generate Certificate

Fig 6: Screenshot of certificate frame

Click on Generate certificate button

An option frame will open up to select for one of the provided option.

15 | P a g e
9.2.2.1 for certificate request, click on first button.

Fig 7: Screenshot of certificate request

Another frame will open up asking user to provide with the instructions like validity and
certificate name.

After the instruction are provided, Certificate will be generated in .pem format

9.2.2.2To generate self-signed root CA account, user will need to click to second button.

Fig 8: screenshot for Root Certificate

Firstly, Root CA account have to be configured in the system by clicking on configure button. It
will create a folder with the entire CA configuration files so that root certificate and keys get
stored there
Root certificate name and validity period have to be provided to generate the certificate.

9.2.2.3 To sign a certificate using root account, third option will be selected were CA admin will
have to input its signing certificate

It will ask for the root password through pop up box and if correct will sign the certificate

Fig 9: screenshot for certificate signing

16 | P a g e
The message box is displayed using JOptionPane class of the javax.swing package

9.2.3 Export PKCS#12 certificate

Fig 10: screenshot for PKCS#12 export

User will have to select the certificate file to be exported using JFileChooser class and the name
of the certificate.

Fig 11: screenshot for file selection

A click on export button will export the certificate in .pfx format in the selected location

9.2.4 Generate Digest

Fig 12: screenshot for generating digest

Click on Generate Digest Button

Another frame will open up asking user to input the message file .Also user will have the option
to select the digest method from the dropdown menu (Optional)

17 | P a g e
 Digest of the method will be created in the same directory as inputfile_out.extension file

9.2.5 Encrypt/Decrypt*

Fig 13: screenshot for decryption*

User will click on the Encrypt/Decrypt button and then encrypt or decrypt option

Another Frame will open up asking user to provide the message file and passphrase (symmetric
key) to be selected in GUI mode using JFileChooser class

User can also select base 64 encoding option and cipher (optional).

In case of encryption, it will then encrypt the file as inputfile_enc.extension in the same
directory and similarly for decryption, it will decrypt the file as inputfile_dec.extension in same
directory

9.2.6Generate Signature

Fig 14: screenshot for signature frame

User will click on the Generate Signature Button

Another Frame will open up where users have to provide the input file for which signature has
to be done and the signing certificate

Application will extract the private key from the certificate in the backend and will then create
the signature for the file using default/selected hashing algorithm as inputfile_sign extension in
same directory

18 | P a g e
* -> based on symmetric key algorithm
 Fig 14: Screenshot for message box

A pop up window will display providing user the option to compress the message file with
signature. If selected, a .zip file will be created with the required document in selected folder

9.2.7Verify Signature:

Fig 15: Screenshot for verification

User will click on the verify Signature Button

In the next frame User will provide the sender’s certificate, signature file and the actual
message file.

Application will extract the public key from the certificate to create digest from signature and
then will check it with the digest of the message file

If both will be equal, message box will displaywith “verified OK” or else “verification failure”.

9.2.8 Sign & Encrypt

Fig 16: Screenshot for signature Fig 17: Screenshot for encryption
19 | P a g e
Click on Sign & Encrypt button.

Another Frame will open up where user will provide the required instruction for signing

Application will generate the signature by executing the provided inputs.

Further inputs will be asked in another frame for encryption like receiver’s certificate and
passphrase.

Actual text file will then be encrypted using selected/default algorithm and the passphrase will
be encrypted using public key of the receiver.

All these required documents will now be zipped in a single file created at the desktop.

Fig 18: Screenshot for message box

92.9Decrypt & Verify

Fig 19: screenshot for decrypt & verify

User Will Click on the Decrypt & verify button

Another frame will open up where user will have to select the compressed .zip file with the
entire required file.

Application will uncompressed the file and extract all the required documents.

It will then decrypt the message file by first decrypting the symmetric key using the private key
of the receiver and then using that symmetric key to decrypt the actual message file.

Further, the digest of the actual message file is compared with the signature file to ensure the
authenticity of the message

20 | P a g e
 9.3Class Diagrams

9.3.1Homepage

Figure 20: Default package

21 | P a g e
9.3.2 Key Generation

Figure 21: test package

22 | P a g e
9.3.3 Certificates

Fig 22: Certificate package

23 | P a g e
9.3.4 Digest

Figure 23: Digest Package

24 | P a g e
9.3.5 Encrypt/Decrypt

Figure 24: encrypt package

25 | P a g e
9.3.6 Signature

Figure 25: sign package

9.3.7 Verify Signature

Figure 26: verify package

26 | P a g e
9.3.8 Sign & Encrypt

Figure 27: signencrypt package

27 | P a g e
9.3.9Decrypt & Verify

Figure 28: userdecrypt package

28 | P a g e
 10. Features
10.1 Enhanced Security

The application will ensures security of the keys by supporting crypto token reducing
considerably the chances of any of its misuse.Compatilibity has been maintained between
application and token so that keys and certificate generated will get stored in the token itself
and the application will prompt the selection of certificate from there only.

Image source:blog.cryptographyengineering.com
Fig 29: crypto tokens
10.2Selection of Algorithm:

Facilitates the user to continue with the default ciphers and hashing algorithms or provide it
themselves to ensure further security. A user based on his knowledge can either select suitable
algorithms or can rely on the application to do it for them.

10.3 Attached Log file

An embedded Log File that is an excel file is associated with the application for complete record
of files with performed operation. Anadministrator or owner of the system/organization
Can always have a look regarding different operations and certificates used with the application

Fig 30: Screenshot for log file

29 | P a g e
10.4 Data Integrity
Access forces user to enter a value for a value in each column. User will not be able to leave
that field blank since a message will pop up to let a user know that they need to enter a value
for those fields

Fig31: Screenshot for message box for input path

10.5 Use of passphrase

Application encourage the use of passphrase while generating keys/certificate which is always
advisable in cryptographic functions

11.Way Forward

11.1Complete reliance of the application with crypto token

Crypto tokens or USB tokens are the essential requirements for an public key cryptography
application to be complete. Application need to be completely relied on all sorts of USB tokens,
So that a user can feel safe and assured.

11.2Attached User Directory

A user directory or help file with step by step instruction should be clipped with the application
for easy usage of application for the end-user.

11.3Deployment over IDRBT Intranet and cloud

Once the application is fully complete and tested, it can be installed in a server system as well
as to cloud to facilitate its usage for all the concerned staff.

30 | P a g e
 Summary

The application which was developed during the course of the project will have a tremendous
impact at the end-user level. The application will let user transfer data and information digitally
in a much simplified way. At an organization like IDRBT, it will enable Public key infrastructure
usage in a concise and easy manner .The application reduces the trouble of relying over
multiple applications for different cryptographic function as it provides entire set of public key
cryptosystem functionality and also enhanced security through its in-built support for crypto
tokens.

This project will also help IDRBT CA to cut off their expenditure as it provides a much easy and
simplified way of signing certificate and will also help associated banks and concerned services
for securely running their application.

Application also has enhanced security features and support for lot many ciphers and hashing
algorithms which will ensure that from a beginner to a professional user, it can be accessed by
anyone. Administrator privileges have been ensured to reduce the chances of any misuse of
application and certificates.

31 | P a g e
 References

Links

 http://www.openssl.org/
 http://www.madboa.com/geek/openssl/
 http://viralpatel.net/blogs/how-to-execute-command-prompt-command-view-output-
java/
 http://www.fortystones.com/event-handlers-java/
 http://stackoverflow.com/questions/17341944/how-to-store-a-file-in-java-which-is-
generated-on-execution-of-a-exe-file
 http://idrbtca.org.in/
 http://www.eclipse.org/
 http://en.wikipedia.org/
 http://www.homeport.org/~adam/crypto/
 http://www.watchdata.com/en/bank/
PDF

 www.cgi.com/cgi/pdf/cgi_whpr_35_pki_e.pdf
 citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.127...pdf
 WatchSAFE ND 3.4 Std-Briefing of the support for CryptAPI2.0.pdf
 WatchSAFE ND 3.4 Std-Briefing of the support for PKCS.pdf
 java_2_complete_reference_(5th_ed)Herbert_Schildt

32 | P a g e
 PROJECT 2

DEPLOYMENT OF OX APP SUITE OVER RED HAT SEVER SYSTEM

FOR IDRBT INTRANET A ND IDRBT CLOUD SERVICES

Fig 32: OX App Suite Model

image source:www.ox.io

33 | P a g e
 1. INTRODUCTION
OX App Suite provides a centralized cloud environment in which users can access email,
contacts, and calendar or address book without flipping back and forth between applications.
OX App Suite let user control all their digital activities from a single platform including managing
appointments, viewing and storing attachments.

To facilitates its usage for the IDRBT employees, it need to be installed over the network
through a server system and afterward over the cloud

2.Objective

Resolving compatilibity issues of OX AppSuite with private cloud

Deployment of OX app suite over Intranet

Configuration of the mail server and testing other functionality of the application

Study of IDRBT cloud and its feature and deployment of OXAppSuite over meghdoot
stack( IDRBT Cloud)

3.Terminology
3.1 OX APP Suite: A centralized cloud environment that lets your users manage their digital
lives.

3.2Red Hat Enterprise Network(RHEL): It is a commercially supported derivative of Fedora

tailored to meet the requirements of enterprise customers. It is a commercial product from Red
Hat which also sponsors Fedora as a community project

3.3 Apache Web Server: The Apache HTTP Server, commonly referred to as Apache is a web
server software program. Apache supports a variety of features, many implemented
as compiled modules which extend the core functionality

3.4 Open Exchange Server: Open-Xchange Server is a partially open source project sponsored
by Open-Xchange, Inc. It is used for developing collaboration software such as email and
calendars.

3.5 MySQL:MySQL is an open source relational database management system (RDBMS) that
runs as a server providing multi-user access to a number of databases.

34 | P a g e
3.6Mail server: A mail server is a computer that serves as an electronic post office for email.
Mail exchanged across networks is passed between mail servers that run specially designed
software.

3.7 Intranet: An intranet is a computer network that uses Internet Protocol technology to share
information, operational systems, or computing services within an organization.

3.8 Cloud Computing: It is a colloquial expression used to describe a variety of

different computing concepts that involve a large number of computers that are connected
through a real-time communication network.

3.9 Image: cloud users install operating-system images and their application software on the
cloud infrastructure. In this model, the cloud user patches and maintains the operating systems
and the application software

3.10 Virtual Machine: A virtual machine (VM) is a software implemented abstraction of the
underlying hardware, which is presented to the application layer of the system. It is a software
implementation of a machine (i.e. a computer) that executes programs like a physical machine.

3.11 Security Group: A security group acts as a firewall that controls the traffic allowed to reach
one or more instances. When cloud administrator launches a VM it is assigned with one or
more security groups.

4.Platform

4.1Red Hat Enterprise Linux(RHEL) OS/CentOS operating system

4.2Apache Webserver

4.3MySql

4.4OXAppSuite

4.5Open Exchange Server

5.Requirements

5.1Windows/linux/mac Operating system

5.2 Idrbt Intranet

5.3 OX user account in the server system

35 | P a g e
 6.OX App Suite at IDRBT

6.1Governing Council Instructions

Directive from the governing council of IDRBT to test the application in our own environment to
look for the functionality it offers.

6.2Advantageous

Application will have tremendous effect on the day to day working of employees helping them
to store attachments, maintain appointment and contacts digitally

6.3 Security

Though this application can run over OX cloud but its deployment over intranet will ensure
security of the data as everything will be within the premises and better management

7. Installation and Deployment

7.1 OX App Suite over IDRBT Intranet

7.1.1Methodology

7.1.1.1RHEL Operating System

OX App Suite is supported only on Linux based Servers, so a Red Hat enterprise Linux operating
system is installed over Windows OS using Virtual box.

7.1.1.2Add Open-Xchange Repository

Open-Xchange maintains public available software repositories for different platforms, such as
RHEL. This repository was added to the RHEL installation to enable simple installation and
updates.

7.1.1.3 Updating repositories and installing packages

RHEL operating system was updated and following packages were downloaded using the
instruction:

36 | P a g e
yum install mysql-server open-xchange open-xchange-authentication-database\

open-xchange-ajp open-xchange-cluster-discovery-static open-xchange-admin open-xchange-

appsuite \

open-xchange-appsuite-backend open-xchange-appsuite-manifest

7.1.1.4Open-Xchange configuration
Open Xchange database is initialized and a connection is established between the local server
and the database

7.1.1.5 Configuration of services

Apache webserver files are configured properly to access the groupware frontend.

 Mod_proxy_ajp module was configured by creating a new Apache configuration file.

 Default website settings were modified to display the Open-Xchange Graphic User
interface(GUI)

Fig 33: Screenshot for OX App Suite login

Screen

7.1.1.6Adding services to run levels

The new services were installed and configured, but to make them start up on a server boot,
some run levels were added

$ chkconfig --level 345 mysqld on

$ chkconfig --level 345 httpd on

$ chkconfig --level 345 open-xchange on

37 | P a g e
7.1.1.7Creating contexts and users
After the whole setup is complete and we got a login screen when accessing the server with a
web browser, a context and default user account is created and various functionality of the
application is tested.

7.1.2 Result:
Open Xchange Application is running over the Intranet and can be accessed at IP
172.16.0.22.End user accounts were created and all the functionality were checked. Mail server
was configured and attachments were uploaded and stored using the account and were also
viewed digitally. Multiple numbers of accounts were created with different set of data and log
out and deletions of account feature were also tested.

Fig 34: Screenshot for App Suite User Home page

38 | P a g e
 7.2 OX app suite over Cloud*

7.2.1Methodology
OXAppSuite is supported only on Linux based operating system, so a centos/red hat
image need to be created in the private cloud
Once the image is created ,application need to be deployed over the virtual machine
with described image
A new security group will be created with all authorized systems(who have the access
right to OXAppSuite) and the defined virtual machine will be made accessible to it

7.2.2Advantages
Better management of accounts with effective performance and maximum coverage.
Scalability and sustainability
Effective performance and coverage
All time support irrespective of server system

7.2.3Technical difficulty
As of now, there is no virtual machine with Linux based image in the cloud. Some image needs
to be created in the cloud. It requires a virtual drive of the OS which is not available in the
organization.

39 | P a g e
*-> IDRBT private cloud
 Summary

OXApp Suite is a cloud based application which manages the digital life of the user through a
single platform. Thedeployment of the application requires execution of some
technical/nontechnical step which was performed and effectively we have OXAppSuite running
over the Intranet. It will have to be maintained by the administrator of the server system and a
user over IDRBT network can utilize its features

Application need to be moved to the private cloud of IDRBT which is very essential for
performance and security purposes and working for this have been started already. There are
some technical difficulties but once it will be solved application can be moved to the easily to
the cloud by performing the prescribed steps.

40 | P a g e
 References

 http://oxpedia.org/wiki/index.php?title=AppSuite:Open-
Xchange_Installation_Guide_for_RHEL6
 https://www.ox.io/
 http://www.redhat.com/products/enterprise-linux/
 http://www.mysql.com/
 https://en.wikipedia.org
 http://httpd.apache.org/
 http://www.rackspace.com/knowledge_center/article/creating-a-new-cloud-server-
cloning-from-a-saved-image
 http://stackoverflow.com/
 http://www.south.cattelecom.com/Technologies/CloudComputing/0071626948_chap0
1.pdf

41 | P a g e