14-01-2011, 11:10 AM
[attachment=8199]
[attachment=8200]
[attachment=8201]
[attachment=8202]
[attachment=8203]
[attachment=8204]
[attachment=8205]
[attachment=8206]
[attachment=8207]
[attachment=8208]
[attachment=8209]
[attachment=8210]
ABSTRACT
Project Title: Central Authentication Registry (CAR)
Domain: Security
Sub-Domain: Login access
Architecture: N-Tier Architecture
SDLC Methodology: Spiral Model
Objective:
This project should be implemented using Web Services or WCF technology only. The objective is in the biggest organizations the User credentials will be centralized in a registry for the access of different applications the Authentication details will be retrieved from the registry (usually Lotus Notes Domino or Windows Active Directory) and based on Credentials the applications access role will be provided.
For example, in an Organization the Employee will be registered with an application to fulfill the joining formalities. At the time of joining he will get the User ID and Password, the same credentials he/she should able to use the Intranet/Internet applications of the Organization like Mails, Attendance, Leave Plans, Employee Reference for new jobs, using Email of the organization to purchase items with company logo, etc.
Similar to this, would like to develop a centralized authentication mechanism using which we should able to access the collections of applications with different Roles, different Parameters of the Roles, etc.
Admin:
• Should enter Application names.
Should able to enter different Roles of Users under each application.
Should able to enter no. of Parameters for each application.
Should able to Add/Update Employee details.
Should receive a request from Employee to add him for the access of an application with specific Role, Parameters, etc. details.
• Should able to Reset Password of Employee after 45 days expire.
Employee:
• Should able to access the site with his registration details.
Should able to make a request for an application with Role, Parameters, and etc. details to Admin.
Should able to login to the Site successfully after assigning the Role, Parameter details by the Admin.
Should able to reset the password.
• Should able to see the Reset Password request page link if password is expired after 45 days.
(Should demonstrate this using more than one application at least till Home pages access after Login) .
Software Specification:
• Operating System: Windows XP or above
• DATABASE: MS SQL SERVER 2005
Web Server : Internet Information Services 6.0 or above
Web Technologies : HTML, CSS, Java Script, ASP.NET with VC#.NET
Client Application: Internet Explorer 6.0 or above
IDE & Tools : Microsoft Visual Studio .Net-2008, AJAX Tool kit, Web Services
HARDWARE SPECIFICATION:
• PROCESSOR: INTEL PENTIUM OR ABOVE
• RAM: 512 MB RAM
• HARD DISK: 40GB
Introduction
The Central Authentication Registry (CAR) is a single sign-on protocol for the web. Its purpose is to permit a user to log into multiple applications simultaneously and automatically. It also allows web applications to authenticate users without gaining access to a user’s security credentials, such as a password. The name CAR also refers to a software package that implements this protocol.
PROBLEMS IN THE EXISTING SYSTEM
Today’s companies have multiple applications, multiple departments and these are access by the several employees. To provide access of the application to employee is needed. But for every application each employee needs different sign-in parameters. That will be problem to the users of the site to access different applications using different sign-in parameters. Administration facing a difficult to give access of the application for each employee is a difficult task.
• The existing system is a multi sign-in system.
• Here the user’s needs to maintain different login credentials for each application.
• There is no sharing is possible if the data is in the form of paper or Disk drives.
• It’s a limited system and fewer users friendly.
• Searching of particular user accessible applications is very critical it takes lot of time.
• It is very critical to maintain records manually for physical devices of a computer. Because organizations contains computers on different configurations.
• There is no way to access the system from the side of any client.
SOLUTION OF THESE PROBLEMS
• This project should be implemented using Web Services or WCF technology only. The biggest organizations the User credentials will be centralized in a registry for the access of different applications the Authentication details will be retrieved from the registry (usually Lotus Notes Domino or Windows Active Directory) and based on Credentials the applications access role will be provided.
• User Friendliness is provided in the application with various controls provided by system Rich User Interface.
• The system makes the overall employee login access management much easier and flexible.
• It can be accessed over the Intranet.
• The user information can be stored in centralized registry which can be maintained by the system.
• This can give the good security for user information because data presents in server machine.
• Authentication is provided for this application only registered Users can access.
• There is no risk of data management at any level while the project development is under process.
• Categorization of computers in the database make easy to identify the various employee details and application permissions.
STUDY OF THE SYSTEM
In the flexibility of uses the interface has been developed a graphics concepts in mind, associated through a browser interface. The GUI’s at the top level has been categorized as follows
1. Administrative User Interface Design
2. The Operational and Generic User Interface Design
The administrative user interface concentrates on the consistent information that is practically, part of the organizational activities and which needs proper authentication for the data collection. The Interface helps the administration with all the transactional states like data insertion, data deletion, and data updating along with executive data search capabilities.
The operational and generic user interface helps the users upon the system in transactions through the existing data and required services. The operational user interface also helps the ordinary users in managing their own information helps the ordinary users in managing their own information in a customized manner as per the assisted flexibilities.
Module Description
i. Administrator
ii. Employee
iii. Authentication through Web Service
iv. Profile Management Application
v. Communication Application
vi. Reports
Admin:
Admin can manage different applications.
He can add new application. He can update the existing application information.
Admin can decide the different roles for the applications.
Admin enter number of roles for each application.
Admin can manage the employee details like Add/Update
Admin receive a request from Employee to add him for the access of an application with specific Role, Parameters, etc. details.
Admin give the permission to the employee to access the application.
Employee:
Employee can login in to the system using authentication credentials to access the site.
Employee makes a request for an application with Role, Parameters, and etc. details to Admin.
Employee can login to the Site successfully after assigning the Role, Parameter details by the Admin.
Employee can manage their own profile like account information and profile information.
Employee can access the various types of application.
Authentication:
This module provides security to the applications.
Every user should enter correct user name and password to proceed.
This request will goes to database through a web service and check the user availability and authentication permissions.
If you entered wrong user name and password then it prompts you “Incorrect Username or Password…”
Profile Management
By default every employee can access this application.
By using this application employee can send the request for next application permissions.
After login in employee can manage profile (like account or profile) .
Employee request can be processed by the administrator to give the permissions.
Reports
This module is used to print various online reports.
This module will be enabled only to the admin type of users.
Reports contains various information about the Employees.
Report takes the Application Name as i/p and returns the employees in the access information for the application.
INPUTS AND OUTPUTS
The major inputs and outputs and major functions of the system are follows:
Inputs:
• Admin enter his user id and password for login.
• Employees enter his user id and password for login.
• Admin enter new employee details.
• Employees makes request for access of new application.
• Admin accepts the employee requests.
• Admin gives different kind of user information for search the user data.
• Employees can change password after login into the system.
Outputs:
• Admin can have his own home page.
• Employees can have their own home page.
• Employees get the mails details.
• Employees get the profile details
• Employee receives mails.
• The employee data can store in the centralized database.
• Admin will get the all employee information.
• The new user’s data will be stored in the centralized database.
• Admin gets all employee authentication permissions.
SDLC METHDOLOGIES
This document play a vital role in the development of life cycle (SDLC) as it describes the complete requirement of the system. It means for use by developers and will be the basic during testing phase. Any changes made to the requirements in the future will have to go through formal change approval process.
SPIRAL MODEL was defined by Barry Boehm in his 1988 article, “A spiral Model of Software Development and Enhancement. This model was not the first model to discuss iterative development, but it was the first model to explain why the iteration models.
As originally envisioned, the iterations were typically 6 months to 2 years long. Each phase starts with a design goal and ends with a client reviewing the progress thus far. Analysis and engineering efforts are applied at each phase of the project, with an eye toward the end goal of the project.
The steps for Spiral Model can be generalized as follows:
• The new system requirements are defined in as much details as possible. This usually involves interviewing a number of users representing all the external or internal users and other aspects of the existing system.
• A preliminary design is created for the new system.
• A first prototype of the new system is constructed from the preliminary design. This is usually a scaled-down system, and represents an approximation of the characteristics of the final product.
• A second prototype is evolved by a fourfold procedure:
1. Evaluating the first prototype in terms of its strengths, weakness, and risks.
2. Defining the requirements of the second prototype.
3. Planning an designing the second prototype.
4. Constructing and testing the second prototype.
• At the customer option, the entire project can be aborted if the risk is deemed too great. Risk factors might involve development cost overruns, operating-cost miscalculation, or any other factor that could, in the customer’s judgment, result in a less-than-satisfactory final product.
• The existing prototype is evaluated in the same manner as was the previous prototype, and if necessary, another prototype is developed from it according to the fourfold procedure outlined above.
• The preceding steps are iterated until the customer is satisfied that the refined prototype represents the final product desired.
• The final system is constructed, based on the refined prototype.
• The final system is thoroughly evaluated and tested. Routine maintenance is carried on a continuing basis to prevent large scale failures and to minimize down time.
