Implementation of a Secure ATM System using TCP/IP Sockets, Assignments of Network security

Download Implementation of a Secure ATM System using TCP/IP Sockets and more Assignments Network security in PDF only on Docsity!

ASSIGNMENT- 4

DCCN LAB

Name: Utkarsh Goyal

Reg.No: 19BIT

Q1.Implement a TCP/IP socket-based ATM

System. Make the server to maintain the

customer details (name, card no, pin and

balance). When a client wants to withdraw

amount, validate his login with card no & pin,

display a welcome message and perform the

withdraw operation if he is having enough

balance or display a warning message. Maintain

customer details as in Database Creating TCP

sockets for server and client Validate of user

with database and verification with the balance

for transfer of IP packets across multiple

networks.

Client Server:

Q2. The finance office of VIT wishes to make the

transactions more secured. If you are a programmer how

you will implement a system to validate the login

credentials obtained from the user thereby denying them

access to unauthorized users.

1. Understating of HTTPS for transactions.

2. Encryption and decryption of each transaction of

message data with security algorithms.

3. Code for generation of a key for encryption and

decryption using TCP/IP client server sockets for

validation and verification of authorized users.

Implement a TCP/IP socket based ATM System.

Make the server to maintain the customer details

(name, card no, pin and balance). When a client

wants to withdraw amount, validate his login with

card no & pin, display a welcome message and

perform the withdraw operation if he is having

sufficient balance or display a warning message.

Ans.

1. Https is a convention used to move records from a Web worker onto a program so as to see a Web page that is on the Internet. FTP(File Transfer Protocol) is an organization convention used to move records starting with one PC then onto the next over a TCP network. In https there is zero ability to see of ones IP address it is covered up under the site name for instance: on the off chance that we take VIT site we don't have the foggiest idea about the IP address as it is covered up under the name and we can know all the total subtleties of the site in whois.net or to know the IP we can likewise utilize ping order. So in the event that we type ping we get the IP address as this https is utilized to conceal this IP if the IP is known there can be a heaps of things that should be possible and there will be no security to these associations as we can get the total URL data in whois.net or by utilizing ping order.
2. a. Symmetric encryption calculations: Symmetric calculations utilize a similar key for encryption and unscrambling. These calculations, can either work in block mode (which deals with fixed-size squares of information) or stream mode (which chips away at pieces or bytes of information). They are regularly utilized for applications like information encryption, record encryption and scrambling sent information in correspondence organizations (like TLS, messages, texts, and so forth). b. Asymmetric (or public key) encryption calculations: Unlike symmetric calculations, which utilize similar key for both encryption and decoding tasks, asymmetric calculations utilize two separate keys for these two activities. These calculations are utilized for registering computerized marks and key foundation conventions.

} catch (java.security.InvalidKeyException e) { } } public String encrypt(String str) { try { byte[] utf8 = str.getBytes("UTF8"); byte[] enc = ecipher.doFinal(utf8); return new sun.misc.BASE64Encoder().encode(enc); } catch (javax.crypto.BadPaddingException e) { } catch (IllegalBlockSizeException e) { } catch (UnsupportedEncodingException e) { } catch (java.io.IOException e) { } return null; } public String decrypt(String str) { try { byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);

byte[] utf8 = dcipher.doFinal(dec); return new String(utf8, "UTF8"); } catch (javax.crypto.BadPaddingException e) { } catch (IllegalBlockSizeException e) { } catch (UnsupportedEncodingException e) { } catch (java.io.IOException e) { } return null; } }

Server Side:

Client Side: