Signature verification system MITS

PROJECT REPORT

ON

“SIGNATURE VERIFICATION SYSTEM”

Submitted To

MADHAV INSTITUTE OF TECHNOLOGY AND SCIENCE

(An Autonomous Institute Under RGPV, Bhopal)

GWALIOR (M.P.)

BACHELOR OF ENGINEERING

IN

INFORMATION TECHNOLOGY

(Department of Computer Science & Engineering and Information Technology)

MITS, Gwalior (M.P.)

2012-2016

Submitted By

Shivpratap Singh Tomar (IT-12053)

Pallav Sharma (IT-12036)

Page 1
Signature verification system MITS

MADHAV INSTITUTE OF TECHNOLOGY AND SCIENCE

(An Autonomous Institution Under RGPV, Bhopal)
GWALIOR (M.P.)
Department of Information Technology

CERTIFICATE
This is to certify that Shivpratap singh and Pallav Sharma students of
Bachelor of Engineering In Information Technology of Madhav Institute of
Technology and Science, Gwalior have completed their minor project
entitled “Digital Signature Verification”. They have submitted a satisfactory
project report for the award of Degree of Bachelor Of Engineering in
Information Technology.
To the best of my knowledge, the presented project report has not been
submitted for the award of any other diploma or degree certificate.

Director
Dr. Sanjeev Jain
Under the Supervision of:

(Prof. Puneet Johari) (Dr. R.K. Gupta)

Project Guide HOD

Page 2
Signature verification system MITS

Dept. Of CSE & IT Dept. Of CSE & IT

ACKNOWLEDGEMENT

Preparing any project requires views of many people but we suspect that
technical projects are more different than others. A great many people are
involved in various stages of the project prepration who shared their
knowledge and experience.

Before we get into thick of things we would like to add a few heartfelt words
for the people who are part of this project in numerous ways people who
gave un-ending support right from the stage idea was concieved.

It is our proud privilege to express a deep sense of gratitude and regard to

our Project Guide Prof. Puneet Johari(Dept.Of Information Technology) for
the opportunity, he has given us for carrying out the project. His initiative,
keen interest, expert guidance at every step provided a constant source of
inspiration and encouragement to us for intense studies in the subject. We
are deeply indebted to him.

We shall be failing in our duty , if we do  not express our heart felt gratitude
to Dr. R.K.Gupta (Professor & Head) Department Of Information Technology,
M.I.T.S. Gwalior for his support in the project.

Page 3
Signature verification system MITS

We acknowledge with gratitude the benediction of our institution and

Director, MITS, Gwalior who extended all facilities and co-
operation in the completion of this project.

Table of contents

1. INTRODUCTION 9-11
1.1 Purpose……………………………………………. …………..
1.2 Problem Specification……………………………………………
1.3 Objectives……………………………………………………….
1.4 Definitions, Acronyms and Abbreviations Acronyms Description
1.5 Overview………………………………………….…...
1.6 How does a Signature scanner work? …………………

2. SYSTEM REQUIREMENTS AND ANALYSIS 12-15

OVERALL DESCRIPTION
2.1 Product Perspective………………………………………..
2.2 Information Gathering…………………………………
2.3 Feasibility Study……………………………………………
2.3.1 Economic Feasibility…………………………………….
2.3.2 Technical Feasibility……………………………………
2.3.3 Operational feasibility ……………………………….....
2.4 Hardware Requirement………………………………….... ..
2.5 Software Requirement……………………………………

Page 4
Signature verification system MITS

3. DESIGN 16-25
3.1 Database Design………………………………………………………………….
3.1.1 E-R diagram…………………………………………………………………….
3.1.2 Functional diagram………………………………………………………….
3.1.3 Dataflow diagram…………………………………………………………….

4. IMPLEMENTATION 26-48
4.1 Description of project…………………………………………
4.2 Technical Discussion………………………………………….

5. TESTING 49-53
5.1 Unit Testing……………………………………………………..
5.2 Validation Testing……………………………………………....
5.3 White Box Testing………………………………………………
5.4 Integration Testing …..………………………………………....
5.5 System Testing………………………………………………….
5.5.1 Performance testing…………………………………………..
5.5.2 Stress Testing…………………………………………………

6. TECHNOLOGIES USED 54-60

6.1 JAVA……………………………………………… 49
6.1.1 Java Servlets………………………………………………….
6.1.2 Java Server Pages…………………………………………….
6.2 Java Database connectivity……………………………………..
6.3 HTML …………………………………………………………..
6.4 Data structure….…………………………………………………

Page 5
Signature verification system MITS

7. SOFTWARE ENGINEERING PARADIGM 61-63

7.1 Software Model Used……………………………………………
7.2 Software Model Description……………………………………

8. RESULT AND CHALLENGES 64

9. CONCLUSION 65

10. BIBILIOGRAPHY 66

Page 6
Signature verification system MITS

PREFACE

Signature Verification is an interactive and visualization tool. The tool is designed to

cope with the problems related to automated and manual methods of matching. Interactive
techniques involving automated Signature Verification can be used along with human
intervention. The users of the system can visually monitor the process of recognition.
Additionally, they can specify the parameters involved in the process. Feedback is provided to
the user at every stage of the process. This is currently under development. Progress and
extensions to the tool are discussed.

Digital signatures have evolved as a means of personal identification numbers (PIN). PINs
are used in identifying criminals, providing secure logins and in many other applications.
Extraction and Verification of Biometric signatures are tedious tasks that are prone to errors
and influenced by many factors.

it is an application designed to help matching Signature . The tool provides techniques for
interactive matching, breaks the process into steps allowing users to interfere at each step and
make changes, and allows users to visualize the entire process.

Page 7
Signature verification system MITS

1. Introduction

1.1 Purpose
This document describes the functional, non-functional and hardware requirements and the
importance of a signature verification with briefly presenting its input and output
functionalities. And also this would give an overview to the client and would give detail
specification for the developer.

1.2 Problem Specification

Signature verification is one of the most reliable personal identification methods, which is
widely used today. Signature are popular for personal identification due to the facts that they
are easy to obtain, reliable, extremely unique and amenability to automation. Although those
automated systems are much easier, they can be prone to noise. So Signature readers today
are not ideally suited to handle the large variation of populations that need to be enrolled.
Although extremely reliable methods of biometrics personal identification exist, personal
identification system based on the images of the face is often effective due to its user friendly
nature. But there are many more facts like race, age, gender, facial expression, diseases and
facial coverings that affects when identifying and verifying persons using the existing face
recognition systems. And the output may also change due to the differences of the image
quality and the amount of back ground clutter. During the past few years face recognition
received increased attention and has advanced technically. But significant research efforts

Page 8
Signature verification system MITS

still have been focused on this area. Though many facial recognitions systems have been
proposed and have demonstrated significant promises, robust face recognition is still under
research. In a high volume, high speed environments, Signature and face recognition
systems do not have the accuracy, reliability or ability to handle large, diverse population as
needed for critical applications and up to now it is challengeable.

1.3 Objectives
This project is aimed at,
 Identify the faults of currently using algorithms for signature verification
And make suggestions to improve those.
 Develop a new algorithm for matching the person's signature against a large
Database containing over several millions of data at a high speed.
1.4 Definitions, Acronyms and Abbreviations
Acronyms Description
API Application Programming Interface
GUI Graphical User Interface

1.5 Overview
Section 2 here deals with the overall description about the product while
Describing the product perspective, functional and data requirements, input and output
Data, general constraints and assumptions of the application briefly.

1.6 How does it work?

A signature verification system has two basic jobs -- it needs to get an image of your sign,
and it needs to determine whether the pattern of sign matches the pattern of previous sign.

Only specific characteristics, which are unique to every sign, are filtered and saved as an
encrypted biometric key or mathematical representation. No image of a sign is ever saved,

Page 9
Signature verification system MITS

only a series of numbers (a binary code), which is used for verification. The algorithm cannot
be reconverted to an image, so no one can duplicate your sign

2. SYSTEM REQUIREMENTS AND ANALYSIS

Overall Description
2.1 Product Perspective
This product is aimed to provide a best fitted engine to enroll, verify and identify signature
data at a high speed and very low error rate. As the input devices, web cam, scanner or any
other image acquisition device can be used where user feeds input through this image
acquisition device while processed biometric information is stored in an internal database.
Product will do the comparison between internal database and given inputs by the user at
identification.

2.2 Information Gathering

As the goal of the application is ease of use and to provide an interactive interface, extensive
research has been done to gain an insight into the needs and behaviors of various users. The
working of the application is made convenient and easy to use for the end user. An extensive
research has been done in collecting information and solving various technical glitches of this
project. This is basically done through two major ways:-

 Observing Existing System

 Interview with target clients

Page 10
Signature verification system MITS

We have used both the above methods to gain the basic requirement of the system. We have
talked to many clients about what they think of the existing Social networking sites, how and
what data they manage, what are the expectations with the system and the problems occurring in
the existing system.

We have also taken into account all pre-existing social networking site and have studied in
depth their features.

The project “community tracking in social networking site” is a collaborative site development
effort aimed at creating a robust, commercial grade, feature full and easy to interact social
networking site with additional feature of enhanced community suggestion, creation and sharing
views over any subject matter related to community with other community members.

2.3Feasibility Study

Feasibility studies are in today's market absolutely essential as they represent an objective
assessment of the economic viability of a project to a developer or investor. It serves as an
indispensable tool for dialogue and negotiations with operators on one hand and to secure
financing on the other hand.

Therefore It is necessary to determine whether such system would be feasible or not. That’s
why a feasibility study was conducted in order to assertion whether this project worth doing or
not.

There are several aspects of feasibility study like: -

 Technical Feasibility
 Operational Feasibility
 Economical Feasibility

2.3.1 Technical Feasibility

To deploy the application, the only technical aspects needed are mentioned below:

Page 11
Signature verification system MITS

SN Software Specification
1 Java Technology J2EE
2 Web Server Tomcat 5.5
3 Browser Google Chrome
4 Database Environment Microsoft access 2007

The above requirements of deploying this project can be easily managed and hence project is
technically feasible. It also requires concepts of DHTML, Database connectivity etc. which too
can be dealt.

2.3.2 Economic Feasibility

The project is economically feasible as the only cost involved is having a computer with the
minimum requirements. For the users to access the application the only cost involved will be in
this system .
Java Platform and Tomcat 5.5 too is a free software available for free download. Thus Project
“Signature Verification system” is economically feasible.

2.3.3 Operational Feasibility

Our project requires no special technical guidance and all the views available are self
explanatory. Naming conventions of java technologies, minimum LOC and security features
have been implemented to make this project operationally feasible.

Users are well guided with success and failures message for all the actions taken. To make data
flow clear and class interactivity visible different type of diagrams like Data Flow Diagrams and
E-R Diagrams have been prepared during designing phase of the project. The project is more
over aimed to recognition and develops a new algorithm for matching the person's signature
against a large database containing over several millions of data at a high speed. Develop a

Page 12
Signature verification system MITS

specialized algorithm for signature matching on large databases with references taken on
different time scale and conditions at very low error rates.
Stringent security features and platform independence are other features which make this
project operationally feasible.

2.4Software & Hardware Requirement

2.4.1 Hardware Specifications:-

 CPU: PENTIUM IV
 RAM :256 MB OR ABOVE

2.4.2 Software Specifications:-

 OS :Windows 7, XP And Above

 Language : Java 1.6 OR ABOVE
 JSDK 2.0
 Client side language: HTML,JDBC
 Web Browser (Internet Explorer or Google Chrome)
 Server side language: Servlet
 Database : Microsoft Access

3. Design
3.1 Database Design

Page 13
Signature verification system MITS

Data base designing is a very sensitive aspect in successful implementation of any project.
Data base is generally used to store all pieces of information.

If database is not maintained properly there may arise inefficient system and may cause
several system performance issues, memory problems, unreliability and ambiguous
performance of system, DB2, MY-SQL, SQL server 2000 etc.

Designing the Database:

The development team designed a database called studreg, which will be created by using
Microsoft Access 2000.

4. Implementation

4.1 Description of Project

The development life cycle of a project usually involves three stages.

1) Project initiation
2) Project Execution
3) Project completion

In the project initiation stage, we prepare the project plans and finalize the outcome of each
phase. In this stage we also prepare a comprehensive list of tasks involved in each phase.

In the project execution stage, we develop the product. In the case of the signature
verification system, we will develop the student identification application. This stage consists
of the following phases:

Page 14
Signature verification system MITS

1) Requirement Analysis
2) High level Design
3) Low level design
4) Construction
5) Testing
6) Acceptance

The requirement Analysis Phase:

During Requirement Analysis phase, the development team analysis the requirements to be
fulfilled by the student identification application and identifies the probable approach for
meeting these requirements. To identify the requirements needed of the application, we
decided to study the existing identification systems.

Finally, we identify that the signature verification system should:

1 Enable a student to register with the application.
2. Enable student to perform activities such as register for all types of category.
3. Enable a registered user to select city which he wants.
4. Enable registered user to provide feedback to the site.
5. Enable administrators to maintain user details and manage all the examination
information.

The High Level Design:

In this phase, we decided how the application should function. The formats for data input
and output are finalized here. The functional specification documentation of the application
is presented in a language that can be understood by all. The finished project design is,
however, executed only on the project approval. We identify three categories of interfaces.
These categories are:
1. Student / Visitors.
2. Administrator.

The visitors Interface will have the following pages

Page 15
Signature verification system MITS

1. Home page
2. Login page
3. Student registration form
4. Display exam date/time
5. Instruction page
6. Change center
7. Contact information
8. About PMT
9. Help Page
10. …etc.

The administrator Interfaces will have the following pages

1. Verify student using Signature Verification module
2. Insert exam date
3. Insert center information
4. Update exam date
5. Update center
6. Update students information
7. Reject students
8. …etc.

The low level design Phase:

In this phase, a detailed design of software module, based on the high level design, is
created. In addition, we also created specification for the various software modules of an
application.

The construction Phase:

In this phase, the software components are built .This phase uses the output of the low
level design to produce software items. During the construction phase, the development
the team divides responsibilities among team members. Some team members are assigned

Page 16
Signature verification system MITS

the test of designing the interface. Various others take the job of writing the code to
develop the application.

The testing Phase

Software modules are tested for their functionality as per the requirements identified
during the requirements analyses phase.

The Acceptance Phase

In this phase based on the predefined acceptance criteria, the marketing conducts
acceptance testing for client projects. In the case of signature verification system, the
acceptance criteria are the fulfillment of all the requirements identifying during the
requirements analyses phase.

How to invoke a project

For invoking this project on your system, you have to insure that the following things
have in your system.

3.1 Fulfill the hardware and software requirement according to project.

3.2 Install Java kit

3.3 Install JDK 2.0.

3.4 Install text pad.

3.5 Install FrontPage and Microsoft Access (for database).

3.6 For server, Apache Tomcat.

3.7 Also have Google Chrome as browser.

3.8 Module………….

Page 17
Signature verification system MITS

Snapshots-

Student Login

Page 18
Signature verification system MITS

Student Home

Page 19
Signature verification system MITS

Result

Page 20
Signature verification system MITS

4.2 Technical Discussion

Page 21
Signature verification system MITS

Three-Tier Architecture is a deployment style that describes the separation of functionality into
layers with each segment being a tier that can be located on a physically separate computer.
They evolved through the component-oriented approach, generally using platform specific
methods for communication instead of a message-based approach.

Structure

Using this architecture the software is divided into 3 different tiers: Presentation tier, Logic
tier, and Data tier. Each tier is developed and maintained as an independent tier.

1-Presentation tier

Page 22
Signature verification system MITS

This is the topmost level of the application. The presentation layer provides the application’s
user interface (UI). Typically, this involves the use of Graphical User Interface for smart client
interaction, and Web based technologies for browser-based interaction. The presentation tier
displays user’s profile page & home page from where it can perform all other activities. It
communicates with other tiers by outputting results to the browses and all other tiers in the
network.JSP technology have been used as front end tool for this project

2-Logic tier 

The logic tier is pulled out from the presentation tier and, as its own layer; it controls an
application’s functionality by performing detailed processing. Logic tier is where mission-
critical business problems are solved. The components that make up this layer can exist on a
server machine, to assist in resource sharing. These components can be used to enforce business
rules, such as business algorithms and legal or governmental regulations, and data rules, which
are designed to keep the data structures consistent within either specific or multiple databases.
Because these middle-tier components are not tied to a specific client, they can be used by all
applications and can be moved to different locations, as response time and other rules require.
Servlets have been used for business logic in this project.

3-Data tier

This tier consists of database servers, is the actual DBMS access layer. It can be accessed
through the business services layer and on occasion by the user services layer. Here information
is stored and retrieved. This tier keeps data neutral and independent from application servers or
business logic. Giving data its own tier also improves scalability and performance.

This layer consists of data access components (rather than raw DBMS connections) to aid in
resource sharing and to allow clients to be configured without installing the DBMS libraries and
ODBC drivers on each client. An example would be a computer hosting a database management

Page 23
Signature verification system MITS

System (DBMS), such as Oracle 10g database.

The main benefits of the 3-tier architectural style are:

 Maintainability. Because each tier is independent of the other tiers, updates or

changes can be carried out without affecting the application as a whole.

 Scalability. Because tiers are based on the deployment of layers, scaling out an
application is reasonably straightforward.

 Flexibility. Because each tier can be managed or scaled independently, flexibility is

increased.

 Availability. Applications can exploit the modular architecture of enabling systems

using easily scalable components, which increases availability.

5. Testing
Software testing is a process of running with intent of finding various errors in software. It
represents final review of other phases of software like specification, design, code generation
etc.

5.1 Unit Testing

In computer programming, unit testing is a method by which individual units of source code,
one or more program modules together with associated control data, usage procedures, and
operating procedures, are tested to determine if they are fit for use. Intuitively, one can view a
unit as the smallest testable part of an application. In procedural programming a unit could be
an entire module but is more commonly an individual program.

Page 24
 Signature verification system MITS

Unit Testing is a dynamic method for verification where program is actually compiled and
executed. In our project unit testing has been performed in parallel with the coding phase. We
have tested each part of module separately. As the modules were built up testing was carried out
simultaneously, tracking out each and every kind of input and checking the corresponding
output until module is working correctly. Functionality of module was also tested as separate
units.

E.g. in user login module when a user enters his login credentials a request is forwarded to
server side and authentication of user is verified. If authentication is valid then he will be
immediately prompted to his profile page otherwise an error message will be displayed.

This login module actually consists of various activities:-

 An interface where user will enter his credentials.
 A java Servlets which will verify authentication.
 If request is successful then redirecting to profile page.
 Else error message has to be generated.
All these activities can be considered a single unit and hence can be tested separately.

The advantage of Unit testing is that-

 Unit tests find problems early in the development cycle.
 Allows the programmer to change code at a later date, and make sure the module still
works correctly.
 Simplifies Integration.

5.2 Validation Testing

It provides final assurance that software meets all functional, behavioral & performance
requirements. Black box testing techniques are used. There are following main components.

 Validation test criteria (type checking)

 Configuration review(to ensure completeness of s/w configuration)

Page 25
Signature verification system MITS

 Alpha & Beta testing: Alpha testing is done at developer’s site i.e. by own and Beta
testing is done after once project has been deployed.
 Test Cases: We have used a number of test cases for testing the product. There were
different cases for which different inputs were used to check whether desired output is
produced or not. e.g. -
1. Login of a new user in the server should make his status 1 so that he
can be shown in online friend list.
2. When a user logout his status is updated to 0 meaning he is offline.
3. Change in existing information of the user has to update the details of
the user.
4. Any changes or operations done by the user have to update the
summary correctly.
5. Because same page is inserting data into more than one table in the
database atomicity of the transaction is carefully tested.
6. On successful registration dynamic generation of required tables have
been made to make system fair and reliable.

Finally a lot of effort has been made that system performs all the functions as described in
section 1.3 “Envisioned system” namely

 A proper notification should be generated.

 Proper Friend and community suggestion.
 Sending message.
 Appropriate system date is printed when user post in community or user add any status.

5.3 White Box Testing

In white box testing knowing the internal working of the project is very important. Test can be
conducted to ensure that internal operations are performed according to specifications and all
internal have been adequately exercised. In white box testing logical path through the software

Page 26
Signature verification system MITS

are tested by providing test cases that exercises specific sets conditions and loops. Using white-
box testing software developer can drive test cases that

 Guarantee that all independent paths within a module have been exercised at least once.
 Exercise all logical decisions on their true and false side.
 Exercise all loops at their boundaries and within their operational bound.
 Exercise internal data structure to ensure their validity.

At every stage of project development we have tested the logics of program by supplying the
invalid inputs and generating the respective error messages. All the loops and conditional
statements are tested to the boundary conditions and validated properly.

5.4 Integration Testing

Integration testing is carried out after all the modules have been unit tested, successful
completion of unit testing, to a large extent, ensures that the unit as a whole works satisfactorily.
In this context objective of integration testing is to detect the errors at module interface.eg. In
our project we have checked that no parameter mismatch occurs when one module invokes the
functionality of another module.
Integration testing can be done through 4 ways:

1. Big Bang approach

2. Bottom-up approach
3. Top-down Approach
4. Mixed approach.

In our project we have used Bottom-up approach of integration testing. Thus here first of all
sublevel modules are tested separately the whole module is integrated and tested. Once lower
level module is ready then its top level module is tested and then integrated & finally both are
tested after integration. This procedure repeats to integrate all modules together.

Page 27
Signature verification system MITS

5.5 System Testing

5.5.1 Performance testing
Performance testing is carried out to check whether the system meets the non-functional
requirements identified in the SRS.
In our project to improve performance of system several efforts have been made eg.Tables are
generated only after successful registration, connection has been committed at every suitable
locations and atomicity of database has been maintained etc.

5.5.2 Stress Testing

Stress testing is done to evaluate system performance under stress condition of excess load on
database, abnormal and illegal input conditions and repeated attempt to beach security.
We have taken care of all these issues in our project. E.g. maximum number of connections has
been fixed 20; session management has been implemented to prevent unauthorized access.

6. Technologies Used
6.1 JAVA
JAVA is a platform Independent Language. It is important to Internet programming. (One
of the points to be noted about Java is that, it has developed concurrently with the WEB
Programming in which the APPLETS, SERVLETS, are the ways to enhance the results of
HTML Pages on the Net.) The NET Pages of the Module “Online Bus Reservation” of portal
Destination Travels.Com are also Designed, Developed with functionality by Servlet in the
background, which not only enhance the NET pages in the foreground but also maintains the
requirements of the Visitors. Various remarkable features of Java that makes this language
getting universal acceptance are:

6.1.1 Portability

It can work on all types of computers and operating systems.

Page 28
Signature verification system MITS

6.1.2 Security:-
It achieves security by confining a Java program to the Java execution environment
and not allowing access to other parts of computer.

6.1.3 Object Oriented:-

Java is totally object oriented. This provides benefits such as reusability; it decreases
complexity and is easy to debug.
What Java Is

The basics: Java is an object-oriented programming language developed by Sun

Microsystems that plays to the strengths of the Internet.

Object-oriented programming (OOP) is an unusual but powerful way to develop software. In

OOP, a computer program is considered to be a group of objects that interact with each other.
The feature that is best known about Java is that it can be used to create programs that
execute from World Wide Web pages. These programs are called applets.

A Java program is created as a text file with the file extension .java. It is compiled into
one or more files of byte codes with the extension .class. Byte codes are sets of instructions
similar to the machine code instructions created when a computer program is compiled. The
difference is that machine code must run on the computer system it was compiled for, and
byte codes can run on any computer system equipped to handle Java programs.

Java Is Object Oriented

Object-oriented programming (OOP) is a powerful way of organizing and developing

software. The short-form description of OOP is that it organizes a program as a set of
components called objects. These objects exist independently of each other, and they have
rules for communicating with other objects and for telling those objects to do things. Java
inherits its object-oriented concepts from C++ and other languages such as Smalltalk. The
fact that a programming language is object oriented may not seem like a benefit to some.
Object-oriented programming can be an intimidating subject to tackle, even if you have some
experience programming with other languages. However, object-oriented programs are more

Page 29
Signature verification system MITS

adaptable for use in other projects, easier to understand, and more bug proof. The language
includes a set of class libraries that provide basic variable types, system input and output
capabilities, and other functions. It also includes classes to support networking, Internet
protocols, and graphical user interface functions.

Java Is Safe

Another thing essential to Java's success is that it be safe. The original reason for Java to
execute reliably was that people expect their waffle irons not to kill them or to exhibit any
other unreliable behavior. This emphasis on security was well-suited for Java's adaptation to
the World Wide Web.

A Java program that executes from a Web page is called an applet. All other Java programs
are called applications. When an applet is encountered on a Web page (if the user's browser
can handle Java), the browser downloads the applet along with the text and images on the
page. The applet then runs on the user's computer. This act should raise a red flag-danger!
Danger!-because a lot of harmful things can occur when programs are executed: viruses,
Trojan horses, the Microsoft Network, and so on.

Java provides security on several different levels. First, the language was designed to make it
extremely difficult to execute damaging code. The elimination of pointers is a big step in this
regard. Pointers are a powerful feature, as the programmers of C-like languages can attest,
but pointers can be used to forge access to parts of a program where access is not allowed,
and to access areas in memory that are supposed to be unalterable. By eliminating all pointers
except for a limited form of references to objects, Java is a much more secure language.
Because of the multiple levels of security, and the continued efforts to improve these
measures, Java is generally regarded as a secure means to execute code over the World Wide
Web.

6.2 Servlet

Page 30
Signature verification system MITS

A Servlet can be thought of as a server-side applet.servlets are loaded and executed by

a web server in the same manner that applets are loaded and execute by web browser.

Fig: Basic Servlet flow

As shown in figure a Servlet accepts requests from a client ((via the Web server), performs some
task, and returns the results.
The following list describes the basic flow when using Servlet.
 The client (most likely a web browser) makes a request via HTTP.
 The web server receives the request and forwards it to the servlet.if the Servlet has
not yet been loaded, the web server will load it into the java virtual machine and
execute it.
 The Servlet will receive the HTTP request and perform some type of process.
 The Servlet will return a response back to the Web server.
 The web server will forward the response to the client
Servlet is executing on the server, the security issues usually associated with applets do not6 apply.
This opens up a tremendous number of opportunities that are not possible, or at least are very
difficult, when working with applets. Communicating with legacy systems via CORBA, RMI,
sockets and native calls are just a few examples. Also keep in mind that the Web Browser does not
communicate directly with a Servlet, the Servlet is loaded and executed by the Web Server; this
means that if Web server is secure behind a firewall, then Servlet is secure as well.

A Servlet is a dynamically loaded module that services requests from a Web

server. It runs entirely inside the Java Virtual Machine. Because the Servlet is running on the

Page 31
Signature verification system MITS

server side, it does not depend on browser compatibility Servlet are modules that extend
request/response- oriented servers, such as Java- enabled web servers. For example, a
Servlet might be responsible for taking data in an HTML order entry form and applying the
business logic used to update a company order database.

Servlet are to servers, what applets are to browser. Unlike applet however Servlet have no
graphical user interface. Servlet can be embedded in many different servers because the
Servlet API, which you use to write Servlet, assumes nothing about server’s environment or
protocol. Servlet have become most widely used within HTTP servers.

6.3 HTML

The Language used to develop web pages is called Hypertext Markup Language .HTML is
the language interpreted by browser. Web pages are also called HTML document. HTML is a
set of special codes that can be embedded in text to add formatting and linking information.
An HTML tag is specified as tags in an HTML document. HTML is used for presentation
of data; it provides the format of data.

6.4 JDBC

The JDBC Interfaces

JDBC defines eight interfaces that must be implemented by a driver in order to be JDBC-
compliant:

 java.sql.Driver
 java.sql.Connection
 java.sql.Statement
 java.sql.PreparedStatement
 java.sql.CallableStatement
 java.sql.ResultSet

Page 32
Signature verification system MITS

 java.sql.ResultSetMetaData
 java.sql.DatabaseMetaData

The central object around which the whole concept revolves is the java.sql.DriverManager
object. It is responsible for keeping track of the various JDBC implementations that may
exist for an application. If, for example, a system were aware of Sybase and Oracle JDBC
implementations, the Driver Manager would be responsible for tracking those
implementations. Any time an application wants to connect to a database, it asks the Driver
Manager to give it a database connection, using a database URL through the Driver Manager
get Connection () method. Based on this URL, the Driver Manager searches for a Driver
implementation that accepts the URL. It then gets a Connection implementation from that
Driver and returns it to the application.

What is a databse url?

To enable an application to specify the database to which it wants to
connect, JDBC uses the Internet standard Uniform Resource Locator
system. A JDBC URL consists of the following pieces:
jdbc:<subprotocol>:<subname>
As with URLs you have seen all over the Internet, the first element is the
resource protocol-in this case, a JDBC data source. The subprotocol is
specific to the JDBC implementation. In many cases, it is the DBMS
name and version; for example, syb10 indicates Sybase System 10. The
subname element is any information specific to the DBMS that tells it
where it needs to connect. For mSQL, the JDBC URL is in this format:
jdbc:msql://hostname:port/database
JDBC itself does not care what a database URL looks like. The important
thing is simply that a desired JDBC implementation can recognize the
URL and get the information it needs to connect to a database from that
URL.

The Driver Manager is the only instantiated class provided by JDBC other than exception
objects and a few specialized subclasses of java.util.Date. Additional calls made by an

Page 33
Signature verification system MITS

application are written against the JDBC interfaces that are implemented for specific
DBMSs.

JAVA Database Connectivity

Understanding JDBC
JDBC is a Java API for executing SQL statements. It consists of a set of classes and
interface written in Java programming language. JDBC provides a standard API for
tool/database developers and makes it possible to write database applications using a pure Java
API.
Using JDBC, it is easy to send SQL statements to virtually any relational database .In
other words, with the JDBC API, it isn’t necessary to write one program to access a MSSQL
database, another program to access an Oracle database, another program to access an
Informix database, and so on. One can write a single program using JDBCAPI, and the
program will be able to send SQL statements to the appropriate database and with an
application written in the Java programming language. The combination of Java and JDBC has
a facility that writes it once and run it anywhere.

Jdbc extends what can be done in java. With java and the JDBC API, it is possible to
publish a web page containing an applet that uses information obtained from a remote
database or an enterprise can use JDBC to connect all its employees to one or more internal
databases via an Intranet. With more or more programmers using the Java programming
language, the need for easy database access from Java in continuing to grow.

7. SOFTWARE ENGINEERING PARADIGM

7.1 Software Paradigm Used

To solve the actual problems in an industry, a software engineer must incorporate a
development strategy that encompasses the process, methods and tools layers and the generic
phases. This strategy is often referred to as a process model or a software engineering
paradigm. It is chosen based on nature of the project and application.

Page 34
Signature verification system MITS

Our project “community tracking in social networking site” has been planned to adhere Spiral
model of project development.

7.2 The model Description

The spiral model combines the idea of iterative development (prototyping) with the systematic,
controlled aspects of the waterfall model. It allows for incremental releases of the product, or
incremental refinement through each time around the spiral. The spiral model also explicitly
includes risk management within software development and determining how to lessen the risk
helps keep the software development process under control.

The spiral model is based on continuous refinement of key products for requirements
and analysis, system and software design, and implementation At each iteration around the
cycle, the products are extensions of an earlier product. This model uses many of the same

Page 35
Signature verification system MITS

phases as the waterfall model, in essentially the same order, separated by planning, risk
assessment, and the building of prototypes and simulations.

The spiral lifecycle model allows for elements of the product to be added in when they become
available or known. This assures that there is no conflict with previous requirements and
design. This method is consistent with approaches that have multiple software builds and
releases and allows for making an orderly transition to a maintenance activity.

Another positive aspect is that the spiral model forces early user involvement in the system
development effort. For projects with heavy user interfacing, such as user application programs
or instrument interface applications, such involvement is helpful.

Starting at the center, each turn around the spiral goes through several task regions:

 Determine the objectives, alternatives, and constraints on the new iteration.

 Evaluate alternatives and identify and resolve risk issues.
 Develop and verify the product for this iteration.
 Plan the next iteration.

Note that the requirements activity takes place in multiple sections and in multiple iterations,
just as planning and risk analysis occur in multiple places.

Final design, implementation, integration, and test occur in iteration 4. The spiral can be
repeated multiple times for multiple builds. Using this method of development, some
functionality can be delivered to the user faster than the waterfall method.

8. Results & Challenges

8.1 Results

Page 36
Signature verification system MITS

The project “Signature Verification system” developed based on Spiral model is found to
satisfactorily perform all functions.
More over a fine imprint of advanced dynamic technologies such as AJAX, JavaScript,
Cascade style sheets have been used along with JSP to provide a really exciting GUI
environment.
The application is easy to use and interactive making experience of identity checking
recreational for user. In Identification mode the system performs a one-to-many comparison
against a biometric database in attempt to establish the identity of an unknown individual. The
system will succeed in identifying the individual
All the modules of the project has been tested and finally system testing and integration testing
has been completed and fixed all possible ambiguities.

8.2 Challenges

 Compatibility with browsers like chrome, internet explorer.

 Synchronization of various resources in multithreading environment.
 Learning new technologies.

9. Conclusions

This product is aimed to provide a best fitted engine to enroll, verify and identify Signature
data. As the input device, scanner is used where user feeds input through this Signature
scanner device while processed biometric information is stored in an internal database.
Product will do the comparison between internal database and given inputs by the user at
identification.

10. Bibliography

Page 37
Signature verification system MITS

 Website
1. www.google.com.in

2. www.howstuffwork.com

3. http:// java.sun.com

4. www.bioelectronix.com

5. www.wikipedia.com

6. docs.oracle.com/javase/tutorial/jdbc/basics/connecting.html

7. www.w3schools.com

Page 38