Download Implementation of a Secure ATM System using TCP/IP Sockets and more Assignments Network security in PDF only on Docsity!
ASSIGNMENT- 4
DCCN LAB
Name: Utkarsh Goyal
Reg.No: 19BIT
Q1.Implement a TCP/IP socket-based ATM
System. Make the server to maintain the
customer details (name, card no, pin and
balance). When a client wants to withdraw
amount, validate his login with card no & pin,
display a welcome message and perform the
withdraw operation if he is having enough
balance or display a warning message. Maintain
customer details as in Database Creating TCP
sockets for server and client Validate of user
with database and verification with the balance
for transfer of IP packets across multiple
networks.
Client Server:
Q2. The finance office of VIT wishes to make the
transactions more secured. If you are a programmer how
you will implement a system to validate the login
credentials obtained from the user thereby denying them
access to unauthorized users.
1. Understating of HTTPS for transactions.
2. Encryption and decryption of each transaction of
message data with security algorithms.
3. Code for generation of a key for encryption and
decryption using TCP/IP client server sockets for
validation and verification of authorized users.
Implement a TCP/IP socket based ATM System.
Make the server to maintain the customer details
(name, card no, pin and balance). When a client
wants to withdraw amount, validate his login with
card no & pin, display a welcome message and
perform the withdraw operation if he is having
sufficient balance or display a warning message.
Ans.
- Https is a convention used to move records from a Web worker onto a program so as to see a Web page that is on the Internet. FTP(File Transfer Protocol) is an organization convention used to move records starting with one PC then onto the next over a TCP network. In https there is zero ability to see of ones IP address it is covered up under the site name for instance: on the off chance that we take VIT site we don't have the foggiest idea about the IP address as it is covered up under the name and we can know all the total subtleties of the site in whois.net or to know the IP we can likewise utilize ping order. So in the event that we type ping we get the IP address as this https is utilized to conceal this IP if the IP is known there can be a heaps of things that should be possible and there will be no security to these associations as we can get the total URL data in whois.net or by utilizing ping order.
- a. Symmetric encryption calculations: Symmetric calculations utilize a similar key for encryption and unscrambling. These calculations, can either work in block mode (which deals with fixed-size squares of information) or stream mode (which chips away at pieces or bytes of information). They are regularly utilized for applications like information encryption, record encryption and scrambling sent information in correspondence organizations (like TLS, messages, texts, and so forth). b. Asymmetric (or public key) encryption calculations: Unlike symmetric calculations, which utilize similar key for both encryption and decoding tasks, asymmetric calculations utilize two separate keys for these two activities. These calculations are utilized for registering computerized marks and key foundation conventions.
} catch (java.security.InvalidKeyException e) { } } public String encrypt(String str) { try { byte[] utf8 = str.getBytes("UTF8"); byte[] enc = ecipher.doFinal(utf8); return new sun.misc.BASE64Encoder().encode(enc); } catch (javax.crypto.BadPaddingException e) { } catch (IllegalBlockSizeException e) { } catch (UnsupportedEncodingException e) { } catch (java.io.IOException e) { } return null; } public String decrypt(String str) { try { byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
byte[] utf8 = dcipher.doFinal(dec); return new String(utf8, "UTF8"); } catch (javax.crypto.BadPaddingException e) { } catch (IllegalBlockSizeException e) { } catch (UnsupportedEncodingException e) { } catch (java.io.IOException e) { } return null; } }
Server Side:
Client Side: