Background Information
Contents
1. Clicked menu item Card gt Connect to communicate Smart Card Reader with Smart Card after connection success clicked menu item Card gt Write you will see the screen just write down your information and then click Write button to save your information to Smart Card NOTES The PIN code must be at less 8 characters or numbers We set the reminder that if fail to provide PIN code 3 times the program will disconnect to the Reader and fail to provide PIN code 3 times again the program will disconnect and the card is locked Change PIN code Card KeyStore Newtorking Window System Submit Cancel We provide change PIN function to change your Personal Identification Number PIN NOTES The PIN code must be at less 8 characters or numbers We set the reminder that if fail to provide PIN code 3 times the program will disconnect to the Reader and fail to provide PIN code 3 times again the program will disconnect and the card is locked 19 43 Case Report System Extract KeyStore After you read all information from Smart Card you can export our KeyStore click KeyStore gt GenKS to save your KeyStore the program will prompt you what path you save KeyStore Communication with Server and report the cases CEO Card KeyStore Window System Clicked Networking Com Server this will communicate to Server for Certificate exchange and send user information read from Smart Card and do three way handsh2. aly parent Object ER theDesktop JDesktopPane Hp Imp ra JText amp rea actionPerformed 1 void JD esktopP ane JTextArea closeAlFramest void closeFrame 1 void getrext amp rea JText amp rea javax swing PopActiont1 PopAction setTextA amp rea void JintemalFrame P tileHarizontal void tile ertical void ve wthAra JText amp rea 40 43 Case Report System Constructor Detail PopAction public PopAction String name Object parent To construct popup menu Parameters name The name of popup action parent swing components TextAreaPopup java JP opuph enu TextAreaP opup 3 Imp amp ra JText amp rea getText rea 1 JText amp rea setText amp rea void 3 TestAreaPopup 1 TextAreaPopup M javax swing JTextArea BN Constructor Detail TextAreaPopup public TextAreaPopup JTextArea tmpAra To construct popup menu for JTextArea Parameters tmpAra JTextArea that attached popup menu 41 43 Case Report System DesktopPopup java JP opuph enu jarax awing JD esktopP ane JTextArea a AL theDesktop JDesktopPane zal Constructor Detail DesktopPopup public DesktopPopup JDesktop desktop To construct popup menu for JDesktopPane Parameters desktop JDesktopPane that attached popup menu BuildTableModel java Constru
3. Case Report System SmartCardManager java D efault Package gt CEO crexception String CRException al keystorelnByte bytel javax swing Hy opened boolean JText Area chandgePIM boolean endSession boolean intCardStructure 1 void initllserDataFile void isCardinserted int opent boolean Ny Mm print ATR void System readicardla String readicontactMo String readEmail String readici String E readkkevysStore bytel readOthera bytel readRecord0 bytel readUsernamebI String selectFile 1 boolean smarttardManagert void startSession boolean submitlci boolean submitPIhNi boolean writeCardld void vvritecontactMo void writeEmail 1 void vwritekeyStore 1 void vwrftedthers 1 void writeRecord boolean vwritellsername 1 void Mc changePINO int fe c closet int sf c endsessiont int af c_isCardinserted int af c open int afec print amp TRO void sf c readFecordi bytel gafe c selectFileO int af c_startSession int fe c_submitiC int af c_subritPIN int af cowriteRecord int java Jang age int cardld String a cardType int contacto String vs gender int g id String g kslen int a level int e pin String a port int 4p status int g username String gr wih ra JText amp rea 33 43 Case Repor
4. Detected the card is inserted Parameters set the card is inserted UserDataDefinition java public interface UserFileDefinition To mark down static final parameters WriteCardManager java 37 43 Case Report System Constructor Detail WriteCardManager public WriteCardManager Method Detail writeCardlnfo public void writeGardlnfo String pin String ksPwd Write user information card information and KeyStore to the Smart Card Parameters pin PIN code ksPwd KeyStore password isBlankCard public boolean isBlankCard To recognize the card is blank or not Returns Return true if the card is blank DeploManager java Constructor Detail DeploManager public DeploManager It is a diplomat to negotiate with server and read information from Smart Card Method Detail checkPin public boolean checkPin String pin Check PIN is valid or not if invalid PIN entered three times disconnected to card reader if invalid PIN entered three times again Smart Card is locked Parameters pin the PIN code in the Smart Card Returns It is a correct PIN if returns true connectToServer public boolean connectToServer String serverip 38 43 Case Report System KeyStore ks String alias String ksPwd To establish connection to server Parameters serverip Server IP ks KeyStore alias the alias of the KeyStore ksPwd the password of the KeyStore Returns Return tr
5. String serialno byte sign String complaint To insert case content reported by residents into database follow complaint public ResultSet follow complaint String sal To query specified reported case and return its content and status to the residents view complaint public ResultSet view complaint String sal To query reported cases and return to C C A C officers Then C G A C officers can make further analysis and followings view status public ResultSet view status String sal To query status information of a specified case from the database view analysis public ResultSet view analysis String sal To query analysis information provided by G C A C officers and return to only C C A C officers 23 43 Case Report System Analysis packet java Process Connection L ObjedinpulStream Object uipulStream Constructor Detail Object HI Y analysis ra ResultSet T birth String T case no String T client publickevy Publickey Uu complaint String T contact String T datefrom String T dateto String T email String Pm 7 Uu evidence String Y follow rs Resutset T gender String Uu ls ObjecthputStream message String name String Y os OhjectOutputStream T pleader String ty ra Resulisel T serialno String Y socket Socket sql String T status rs Resultset Uu suspect String analysis byte void analyzis_cert vold analysis packet void analysi
6. Connection Socket clientsocket PublicKey server public key PrivateKey server private key To create input stream and output stream between the server and a individual client 29 43 Case Report System Method Detail public void run To receive and process requests from a client server java main void gt server 1 void Constructor Detail server public server Waiting for a connection request from a client and unitized the SSL Handshaking with the server public certificate to complete the server and the client mutual 30 43 Case Report System authentication Signature verifier java analysis packet signature verlifier T verifies boolean signature vertifier void jo verify sig boolean 1 Printstream i sa Constructor Detail Method Detail verify sig public boolean verify sig byte sig PublicKey puk String complaint To verify the digital signature with the resident s public key in order to ensure the dentify of the case reporter It makes the C C A C officers knew who reported the case 31 43 Case Report System Client Build Tabla MEd el Frani Enad Manager Thread Rach End CRException java CRE xcepton CRException 1 CRException Constructor Detail CRException public CRException String msg Construct an exception of card and reader Parameters msg the detail message 32 43
7. E e aide p AUREUS 24 ENES E 26 ZWEI EE RE N Oe 26 TIR e 00 ANA N A OE OE TT 21 cofvert to byte ALTAN sesse eks Geskok A 27 oof ett NE je 27 STAD ES EE NN 28 Uta ds A io 28 EU dle un OE 28 LANG GE 29 RD GR AA 29 Process NN Ne 29 SE RR O AA 30 TT a A iaa 31 A E RE 31 CHOOT dd OR OE EE 32 COOL AA 22 SmartCardManager JjaVa ii 33 ci AA T E S E TS 35 MENT 35 E AL ATC m RE 35 E Ne en EE 35 A AA POE R 36 E EE 36 oid Balie MM OE E RO OE 36 ii SE E 36 PPT 37 A EEE 37 User atafefmmpon java 37 Wate ENEE JaV AMA asi 37 3 43 Case Report System VE ed E 38 ide EI SA E e PO RP GE E 38 DNM E EE GE 38 Used EE ESOO E 38 connect Ls E 38 TG ACS te EE OE N EE ropas EO 39 Seu el EE 39 vasi ern m TIED 39 KeyStoreManager JjaVa see ees EE eese nennen nennen nnn nnne essetis 39 LEN OSE GE 40 load Ke yStoreFromB Vie dee de ee N Dane laetus 40 PPM 40 TextAreaPODUpD JaV d narr Ee Re Fur une AD RS Gee ie AG ade 41 DK DN 42 Build Table Models li de ee eh sa De Ge DE 42 MM 42 NN eege 43 GOL ge EE 43 MEN 43 UV 43 LIC HONZONIAL EE 43 4 43 Case Report System Abstraction In Macau residents always ask for improvement on any social activities They are complaining the police govern department doesn t provide enough ways for them to report cases and it is a true that we found there are not developed any services of reporting cases to police and also Smart
8. ID Card is commonly use by Macau resident So we will provide residents a secure convenience environment to report cases to police that is the main objective in this project introduction Computers are very common in the all over the world most corporations already transferred or intend to put their services into the Internet e g E commerce apply for license or gambling on the Internet Internet services are quickly been developing because it brings convenience secure easy to use and reliable to user We assemble security and Smart Card technology in order to provide a secure convenience gateway and also provide an reliable and easy to use environment to citizens reported their cases to police That is our objectives in the project i Objectives Citizens can make a valid case reporting without face to face situation via a secured internet service X The police can still authorize the identity of reporter via the digital signature verification X Suggest police develop this service and let the citizens have one more way to report cases on corruption Promoting portable Smart Card as the media in the application X Easy to use reliable convenience and cost effective 5 43 Case Report System t The process of reporting a case SmarlCard M E AA bi T The reporting progress is made through a secured communication media Its characteristics are listed as following Encryption Protects data from unauth
9. M L LEVEL 0 ADMIN 1 USER B BIRTHDAY K KESTORE LENGTH Remark We store the KeyStore into memory because of security reason and convenience i Smart Card Reader Specifications ACS30 Card Reader USB type connection Fixed speed 9600bps Provide C language API to be called because of this we need JNI Java Native Interface as an intermediate to call up C program ACS30 proprietary driver i System Requirements Windows 9x 2000 XP Java 1 4 version Tomcat 5 Web Server ACR30 Proprietary Driver Advanced Card Systems Ltd ACR30 Smart Card Reader ACOSI revision 3 0 Smart Card 13 43 Case Report System installation Guides For the experiment purpose this project assume that you install all component in one computer and you have to use the localhost as the internet address For java JDK and JRE the version must be 1 4 or above Server For tomcat the version must be 5 or above 1 You must install the MySQL Server You can get the latest version from www mysql com We recommend you to download MySQL Server 5 0 Copy all files folders in folder schema into directory C Program Files MySQL MySQL Server 5 0 data It is the directory where MySQL database scheme placed Copy the jar file named mysdl connector java 3 1 12 bin jar into lib ext under your java home directory e g C JBuilderX jdk1 4 jre lib ext Install JBuilder10 or higher version Simply open the file ccac jpx in t
10. if card is inserted 35 43 Case Report System readXXX public String byte readXXX String XXX XXX represents different user informations e g readCardld readUsername readEmail readContactNo readOthers readKeyStore Returns User information and KeyStore in byte array writeXXX public void writeXXX String XXX XXX represents different user informations e g writeCardld String cardld write Username String username writeEmail String email writeContactNo String contactNo writeOthers int gender int age int status int level int ksLen writeKeyStore bytel keystorelnByte CntThread java CEO jacsr H SmartC ardManager ER stritem JMenultem getConnected boolean runt void H setCardBtnStatus void setCarditemStatus void JMenultem JTextArea cltem JMenultem connected boolean 4 dctBtn JButton detitem JMenultem pSubBtn JButton NUN ritem JMenultem sem SmartCardManager JOptionP ane IN wBtn JButton item JMenultem wthAra JText amp rea Constructor Detail Extended Thread Method Detail run public void run This method detects the card is taken out 36 43 Case Report System getConnected public boolean getConnected Detected the card is inserted Returns If the card inserted return true setConnected public setConnected boolean connected
11. 00000000 0G report_date 2006 01 24 00 00 00 0 remark complaint Peter corrupts John story click the view status button to view the status history of a specified case SimpleTableDemo EE serial case no case status sta remar Man WAPP waiting approve 2006 01 24 T m E 0 This case is still waiting for ccac aprovement 3 1 INPG investigate in progress 2006 01 24 00 00 00 0 Investigation ofthis case is in progress with evidence I complaint Peter corrupts John story m a A RN 17 43 Case Report System Client We use the application to do the following tasks if you have access right 1 Extract certificate 2 Read user information 3 Write user information 4 Change PIN code 5 Extract KeyStore 6 Report the cases After our program is run your will see the following screen CEO Select FilelD FO 00 Read card ID Select FilelD FO 00 Read username Select FilelD FO 00 Remote host closed connection during handshake The Watch internal frame will show you system exception and what the program is doing e g to show you connected to Smart Card Reader successfully read the card now Is reading writing card ID contact number and KeyStore and so on 18 43 Case Report System Write User information Card KeyStore Newtorking Window System Jonnyleong h 9830101 65221 45 spro yahoo com hk CAkeysto re ks
12. Case Report System PROJECT NAME Case Report System INSTRUCTORS Jacky Tang STUDENT Jonny leong P 01 0582 6 Cleskey Cheang HAND IN DATE 2006 01 24 1 43 Case Report System ELE EE 5 FN 5 AE 5 The process of reporting a Case 6 Fl NN 7 Explanation of steps on the above diagram sesse ee ee ee RE EE 7 How does the server or client trust the remote authentication credentials 9 Background Information i 9 BETS YD RR ER E mM 9 BLEI RESI CR 9 e EE 10 Symmetric Key Pair Encryption cossirer nr ie Soe ee rasenta 10 SI REE OE EE EE 10 See RS LE OG ee Po o EE N 11 Contactless mart Ge 10 arcoiris 11 Memory cards and microprocessor cards 11 A A E o Un ES 11 Protocol LN EE 11 Fo 12 Smart Card Reader Specifications i 13 TREN 13 gt DIS EE EG EE N e o A 14 VANT 14 OE SE 14 TULL 15 PP EN EE 15 Cillian 18 Ve 19 PN 19 DURI S DUEE ee o A EERE 20 Communication with Server and report the cages 20 OE AP O O PUE O E 21 Class structure and illustration 22 EE 22 NN 22 LE EE RR OE RE EE N 22 EE EVE RR RE 22 2 43 Case Report System 1 I RE 25 ES EE 23 Insert EO AE ER SSE 23 IO COMPARE ziali lineas 23 VIEW COMP AIM v2 ses ES SEK R05 pP 008 SN Roo RU eU tma ed gu NEUE ESOS gru eA RR UE 23 es SE RE 23 VAI 25 NNN 24 analysis SING esse esos Re AR SA Ge ei ee GR oe
13. Use private key to encryption and public key to decryption Usage Identify and verify someone av j n f A p d e ht k The above figure shows an illustration of the usage of Identification and Verification in 9 43 Case Report System asymmetric cryptography Data that is encrypted with the private key can be decrypted with the public key SSL SSL short for Secure Sockets Layer A protocol for transmitting data securely over the World Wide Web Whereas SSL creates a secure connection between a client and a Server over which any amount of data can be sent securely S HTTP is designed to transmit individual messages securely The Secure Sockets Layer protocol is a protocol layer which may be placed between a reliable connection oriented network layer protocol e g TCP IP and the application protocol layer e g HTTP One common use of SSL is to secure Web HTTP communication between a browser and a webserver This case does not preclude the use of non secured HTTP The secure version is mainly plain HTTP over SSL named HTTPS but with one major difference it uses the URL scheme https rather than http and a different server port by default 443 Symmetric Key Pair Encryption Some critical database records are secured by using the symmetric key pair encryption The critical data received from the sender is encrypted by secret key before stor
14. akes in SSL environment Because it refers all information from Smart Card and communicate with Server the program will prompt you enter PIN KeyStore password KeyStore alias and server IP In our example we have the following information PIN 11111111 KeyStore password 123456 20 43 Case Report System KeyStore alias client Server IP localhost Report cases CEO AE Card KeyStore Newtorking Window System Welcome to CRS E Comu Server lient Information Put your cases iew your cases sername Jonny Birthday hi 9830101 mail kiospro yahoo com hk De ontact No 676767676 3 Copy Paste 3 Delete Select All Clear All eyStore Password Server Response Case progress ase No ae First Name Last Name Sport of Years Vegetarian uu Mary Campione Snowboarding L ase Status Alison Rowing Kathy V Knitting Status Date Sharon Speed reading Philip i Previous Next First Last Copyright All rights reserved After connection to server you can see the above screen to show user information case reported by user and case responded by server 21 43 Case Report System Class structure and illustration Server access database java onea Je analysis re Resultset Ty connection Connection Converter converter Ty date Date T df SimpleDateFormat follow r Resutset c IDException Printstream r has record boo
15. aphic data integrity and data tampering detection 8 43 Case Report System How does the server or client trust the remote authentication credentials A trust manager is responsible for determining if the remote authentication credentials should be trusted The following rules are used If a truststore is specified by the javax net ssl trustStore system property then the trust manager will use the file provided to check for credentials If however the system property exists but the file specified doesn t exist then no truststore is utilized and a CertificateException will be thrown If the javax net ssl trustStore system property is not defined then a default trust store is searched for If a trust store named jssecacerts exists in the lib security subdirectory of your java home directory it will be used If jesecacerts doesn t exist but cacerts does which is shipped with the J2SDK with a limited number of trusted root certificates it will be used Background Information Data Encryption Use public key to encrypt and private key to decrypt critical information Usage keep data away from unauthorized user f d f A 4 i 7 i JJ ES bi L ha F The above figure shows an illustration of the usage of Data Encryption in asymmetric cryptography Data that is encrypted with the public key can be decrypted with the private key Digital signature
16. assword charl eystore String eystorepass char dies M FS privatekey Privstekey Y publickev Publickev java lang dat ssl vod 4 EE man REB V get nidder Privately p Er e Y get publciey Pubickey ringBuffer V getserversocket ServerSocket java nel Ai Sesde javax net Serverseckel atoy T costar som oa oo Constructor Detail Method Detail getServerSocket public ServerSocket getServerSocket To create socket side SSL enable socket with its key store get certificate public Certificate get certificate To prepare server s certificate 28 43 Case Report System get privatekey public PrivateKey get privatekey To retrieve server s private key from its key store get publickey public PublicKey get publickey To retrieve server s public key from its key store Process Connection java jaralang me J Process Connection analysis packet a o testouk Publickey Y analysis analysis packet y is Objectinput stream 7 1 os OhjectOutputstream 1 socket Socket Object npulStrean ObjectO ulpulStrean Process Corinection void ee EE e M javalang i is javanet java security iti java secunty cert Process Connection public Process
17. authoritative CA 10 12 Both Server and Client inform each of others their supported cipher specification 14 The SSL Handshaking is finished The case reporting progress can be secured by the Secured Socket Layer mechanism Please note that Encryption protects data from unauthorized use by converting it to an apparently meaningless form before transmission The data is encrypted by one side the client or the server transmitted decrypted by the other side then processed Source authentication is a method of verifying the data sender s identity The first time 7 43 Case Report System a browser or other client attempts to communicate with a Web server over a secure connection the server presents the client with a set of credentials in the form of a certificate Certificates are issued and validated by trusted authorities known as certification authorities CAs A certificate represents the public key identity of a person It is a signed document that says I certify that the public key in this document belongs to the entity named in this document Signed certificate authority Well known CAs include Verisign Entrust and Thawte Note that the certificates used with SSL TLS today are X 509 certificates Data integrity refers to means of ensuring that data has not been modified in transit Authentication and Non Repudiation with Digital Signatures A digital signature provides a mechanism for authentication and non repudiation a
18. ctor Detail BuildTableModel public BuildTableModel Object data String columnNames To build JTable to display cases composed by citizen Parameters data cases information columnNames column names InterfaceManager java Constructor Detail InterfaceManager 42 43 Case Report System public InterfaceManager To create GUI to user Method Detail frameActivate public void frameActivate JInternalFrame frame JMenultem curltem To open JInternalFrame Parameters frame the internal frame curltem the menu item to control that frame closeFrame public void closeFrame To close an activated frame closeAllFrames public void closeAllFrames To close all frames are displayed tileVertical public void tile Vertical To display the frames with tile vertical tileHorizontal public void tileHorizontal To display the frames with tile horizontal 43 43
19. e Report System Z Frame Title File Help Case no E serial no 43401 fd signature IDOL D ev0 O00 00j OD OOOkO OOO000 0 report date 2006 01 24 00 00 00 0 complaint John corrupts Susan story Ced e click button analysis this case to prompt the analysis screen C C A C fill up the analysis information of a specified case and click button save to save it into database Frame Title E 2 File Help pus case no case no 1 pleader serial no 43a810fd suspect signature O00 gt 0eO0NDE VOjWO report date 2006 01 24 00 00 00 0 acts I complaint Peter corrupt Ens mary received HK 1000 evidence param EG Date From 2006 01 23 12 24 View analysis Clear Date To 2006 01 24 12 30 16 43 Case Report System click the view analysis button to view back the analysis info of a case E SimpleTableDemo serial case no po y evidence ate_from ate Peter corrupts received cash HK 1000 2006 01 20 00 0 2006 01 2 2 1 Peter John s brother Peter also corrupts john s brother John s brother recieved HK 500 2006 01 21 00 0 2006 01 27 Loi click the modify status button to prompt the status screen C C A C fill the updated status of that case and save it File Help case no case_no 1 status serial_no 43a810fd status date signature O00 gt 0e0NDE VOWOO 0
20. e for highly secure payment applications as an optional function Encrypted PIN and Issuer Code when transmit or receive from to card accepting device According to the guideline provided by ACOS we follow the below structure to read write our Smart Card Please refer document img InternalFileStructure jpg File Security Attributes Record Organization Memory Internal Manufacturing Personalization User Stage Area File ID Stage Stage MCU D File FF 00 R FREE R FREE R FREE 2 x 8 bytes W NO ACCESS W NO ACCESS W NO ACCESS Manufacturer FF 01 R FREE R FREE R FREE 2 x 8 bytes File W IC W NO ACCESS W NO ACCESS Personalizatio FF 02 R FREE R FREE R FREE 3 x 4 bytes n File W IC W IC W NO ACCESS Security File FF 03 R IC R IC R NO ACCESS 12 x 8 bytes W IC W IC W IC Account File FF 05 R FREE R FREE R IC 8 x 4 bytes W IC W IC W IC Account FF 06 R FREE R FREE R NO ACCESS 4 x 8 bytes Security File W IC W IC W IC User File file IDs Data Area XX VYH User File FF 04 R FREE R FREE R FREE N OF FILE Management W IC W IC W IC X File 6 bytes according to the file definitions xx FF 12 43 Case Report System And the following is our card format according to ACOS USER FILE INTERNAL DATA STRUCTURE 0 B 16 31 FOOO RECO CARD ID reca GIS L BIK 218 FOO1 REC KEYSTORE 2112B REC amp 5 G GENDER 0 M 1 F S STATUS 0 S 1
21. eader dato To notify the server what it has received is the date of case ends that the C C A C has found during the analysis u header analys To notify the server it is a request to insert the analysis information provided by C C A C officers into the database analysis cert public void analysis cert Certificate cert To notify the server it is a request of registering a new user who is the first time using the application analysis byte public void analysis byte bytel sig To notify the server it received the report case with it digital signature The server verifies the signature and stores the report cases into the database 26 43 Case Report System converter java ES es 1 det publickey PubicKey Ty fs InputStream 1 Input St FilelnputStream FileOutputstream ream e se NS E TI V convert to publickey Publickey converter void Constructor Detail Method Detail convert to byte array public InputStream convert to byte array PublicKey puk To convert resident s public key into file input streaming byte array convert to publickey public PublicKey convert to publickey Blob blob To convert the Blob object back to public key object 27 43 Case Report System establish ssl java java security java secunty cert Certificate java Jang ESCH establish se diari cert Certificate HTTPS PORT int L eyp
22. ed into the database Database access password is needed Once the database is really opened by somebody Records show in cipher text Only critical data records will be encrypted instead of encrypting the whole database since encryption decryption increase processor overheads Encrypted by secret 7 m Smart Card What is Smart Card Identical to the size of a credit card a smart card stores and processes information through the electronic circuits embedded in silicon in the plastic substrate of its body There are three types of Smart Card 10 43 Case Report System Contact Smart Card Contact smart cards must be inserted into a smart card reader They have a small gold plate about quarter inch diameter on the front instead of the magnetic strip on the back like a credit card When the card is inserted into a smart card reader It makes contact with electrical connectors that transfer data to and from the chip Contactless Smart Cards Contactless Smart Card is passed near an antenna to carry out information exchanges Memory cards and microprocessor cards Smart cards come in two varieties memory cards and microprocessor cards Memory cards simply store data and can be viewed as a small floppy disk with optional security microprocessor card on the other hand can add delete and manipulate information in its memory on the card Similar to a miniature computer a microprocessor card has an input output por
23. hat it has received is the unique serial number of resident s certificate k header name To notify the server what it has received is the name of the resident who reported the case header gender To notify the server what it has received is the gender of the resident who reported the case m header birth To notify the server what it has received is the birth of the resident who reported the case header contac To notify the server what it has received is the contact number of the resident who reported the case n header email To notify the server what it has received is the email address of the resident who reported the case o header case 25 43 Case Report System To notify the server what it has received is the case number of which case the C C A C has analyzed p header pleade To notify the server what it has received is the pleader name of which case the C C A C has analyzed q header suspec To notify the server what it has received is the suspect name of which case the C C A C has analyzed header acts To notify the server what it has received is the acts information of which case the C C A C has analyzed r header eviden To notify the server what it has received is the evidence of which case the C C A C has found during the analysis s header dfrom To notify the server what it has received is the date of case begins that the C C A C has found during the analysis t h
24. he server install folder and the JBuilder will open it Click the run button green arrow on the JBuilder tool bar and then click server from the pop up list The server will run Client Note if you had installed before you can skip this 1 Open the folder Third party ACS driver from the CD and to be installed Run the setup program During the installation choose the smart card reader model ACR30U Create a folder named you want our example name Project Copy the folder Third party and create a folder our example name Self in Project Create a folder named you want again our example name J in Self folder Copy the CEO jar and img folder to that folder Double click CEO jar and run our program 14 43 Case Report System User Manual Server This is the main control panel of the backend client for C C A C staff Si Frame Title File Help Case NO serial no INN signature N report date story Ear ae seg view analysis this case View status View analysis Clear Modify status click the view button to show the reported cases from residents 5 Frame Title File Help Case ND a serial no 42381 Ofd signature O00 0e0N0E VOMOO 000000000 000 ooo report date 2006 01 24 00 00 00 0 complaint Peter corrupts John story click button previous next first or last to navigate all reported cases 15 43 Cas
25. lean EE password String Ty publickey PublicKev query String rs Resultset 7 statement Statement Ay status rs Resultset Eet EIU Ty URL String username string access databaser void follow complaint ResultSet insert analysiat void insert complaint vold E register void retrieve puk Publickey view analyysisi ResultSet view complaint Resultset view status ResultSet Constructor Detail Method Detail register public void register String serial String name String gender String birth String contact String email PublicKey puk To check whether residents have registered and sign them up if they are first time use the application insert_analysis public void insert_analysis String caseno String pleader String suspect String acts String evidence String datefrom 22 43 Case Report System String dateto The C C A C officers analysis the reported case received from the residents and insert the analysis information into the database retrieve puk public PublicKey retrieve puk String serial no To retrieve residents public keys from the database register public void register String serial String name String gender String birth String contact String email PublicKey puk To check whether residents have registered and sign them up if they are first time use the application insert complaint public void insert complaint
26. orized use by converting it to an apparently meaningless form before transmission Source authentication Verifying the data sender s identity The server presents the client with a set of credentials in the form of a certificate the client does so z Data integrity Data has not been modified in transit Database in Server The data received from the sender is encrypted by secret key before stored into the database Access password is needed Once the database is really opened by somebody Records show in ciphertext 6 43 Case Report System Data Communication 1 E 2 Berterficilo 3 ai vers ER 4 ii te optional 5 Server Key poengene optional 6 Server een T C ertifigate o ptional B Client we elei a Keeler te A optional DO 10 change Siphar Spec Lo 11 Finished 12 Chan her Spec 1 ig inn ed 14 EE in Data Explanation of steps on the above diagram 1 Client runs the client application and send a connection request to the server 2 3 Server responses to the client by send the client its certificate 4 At the same time the server also requires for the client certificate for mutual authorization 5 According to the SSL mechanism there is a key exchanged for the data encryption during the data transition 7 The client sends its certificate to the server for authorization 8 Key exchanged for the data encryption 9 The server versifies the certificate by checking whether its issuer is a
27. s well as strong data integrity Let s look at a couple of scenarios user must share a sensitive document with a given recipient In this case the recipient needs proof the document in fact came from the expected user Before sharing the document the sender signs the document using his private key The sender had previously shared his public key with the recipient who uses it to verify sender s signature user must prove its identity before it is allowed to consume some services on the Internet Typically usernames and passwords have been used for this Because a digital signature contains signed protected information such as distinguished names that uniquely identifies a user digital signatures provide a very strong approach to authentication A transaction monetary or not is initiated by a user from a J2ME application This transaction requires support for non repudiation which means that once the transaction is approved by the user and processed on the other end it cannot be repudiated or rejected on the basis that it never happened or is not valid Non repudiation can be guaranteed by signing the transaction using a digital signature Non repudiation type signatures are special because they are indented to legally bind a user to a transaction When transmitting sensitive information detecting data tampering is important Because a digital signature is based on signed message digests the result is authenticated strong cryptogr
28. s strina void Method Detail analysis string public void analysis string String string Socket clientsocket ObjectlnputStream in ObjectOutputStream out To analysis the string header in order to determine what kind of request the client is asking for or providing to Details are shown as below a header vi ana To notify the server it is a request for analysis information of a case from the C C A C officers b header follow 24 43 Case Report System To notify the server it is a request for case content and status from the resident who reported that case C header status To notify the server it is a request for current status information of a case and let C C A C officers change its status d header firs To notify the server it is a request for the first record set of the query result e header last To notify the server it is a request for the last record set of the query result f header prev To notify the server it is a request for the previous record set of the query result g header next To notify the server it is a request for the next record set of the query result h header view To notify the server it is a request for case content by the C C A C officers for further analysis and followings i header compla To notify the server what it has received is the content of a case reported by a resident j header serial To notify the server w
29. t System Constructor Detail SmartCardManager public SmartCardManager int port int cardType Construct a class that use JNI to communicate with Card Reader called functions in API in C language Parameters port to set the port type cardType to set card type AC AM104 AG COM1 AC COM2 AG COM3 AG COM4 AG COM AG COM6 AC COM7 AG COMS8 AG KEYB AC PCSC AC USB AG USB1 AC USB2 AC USB3 AC USB4 AC AM221 AC SLE4404 AG GPM896 AG AT101 AG AT102 AG AMaKP AG AM8KS AG AM2KP AG AM2KS AC IC AC XIIC AC AT1604 AC TO N OO fF UN O COON DOO A UN mk mk mk mk CO AR QD HO 34 43 AC T1 15 AC SCModule 16 AC AM256 17 AC AMAKP 18 AC X76F041 19 AC X24645 20 AC ST1335 21 AC ST1333 22 AC X76F128 23 AC X76F640 24 AC X76F100 25 AC AT45D041 26 AC AT45DB041 27 Case Report System Method Detail changePIN public boolean changePIN String oldPin String newPin to change Personal Identification Number PIN in Smart Card Parameters oldPin the original PIN code newPin the new PIN code initCardStructure public void initCardStructure Construct the user file structure of the card initUserDataFile public void initUserDataFile byte rid int length Initializes user data file in the card Parameters rid record ID length the record length isCardinserted public int isCardInserted to detected the card is inserted or not Returns return true
30. t operating system and hard disk with built in security features Protocol T 0 The T 0 protocol is a byte oriented protocol where a character is transmitted across the channel between the reader and the card In addition error handling is performed on each byte by looking at the parity bit If the actual parity bit does not correspond to the parity of the transmitted data then an error must have occurred In the T 0 protocol the receiving side signals that it requires the byte to be retransmitted in the case of detecting a parity error When the transmitting side detects this it resends the byte that was previously received in error Protocol T z 1 The T 1 protocol is a block oriented protocol in which a well defined collection of data or a block is moved as a unit between the reader and the card This block may incorporate an application specific APDU providing an example of the distinct layering between the link and application protocol layers However the error detection and correction is more complex than that used in the T 0 protocol 11 43 Case Report System Smart Card Specifications Contact Smart Card ACOSI revision 3 0 8 Kbytes of EEPROM memory for application data Compliance with ISO 7816 3 T 0 protocol Five secret codes Issuer Code PIN changeable by card holder oession key based on random numbers Linear files with fixed record length record length can be different for different files Account data structur
31. ue if connection successful readCardinfo public boolean readCardlnfo String pin String ksPwd to reads information from Smart Card Parameters pin PIN code ksPwd KeyStore password Returns Return true if reads card successfully sendComplaint public void sendComplaint To send complaint to server viewComplaint public void viewComplaint To view complaint responses by server KeyStoreManager java A o mmm mm mmm mmm mmm MEE mm MEE EE MEE mem mm NET MEE mmm mm mp emm em mm mm MEEN MEE ER mmm mm mm MEE mm EET mmm RE mmm mm mm MEE mm mmm GEARS mm mm mm emm mmm mmm pm mmm pm mmm CANET rm rm MET WEE emm ERE ZE ui Co cht EE mm P mm E mmm D mm 5 mm ol SS SS i L mmm pm mmm mmm mm pm i lana Eu eee EE Constructor Detail 39 43 Case Report System To manage KeyStore Method Detail getKeyStorelnByte public byte getKeyStorelnByte String path String ksPwd To convert KeyStore to byte array Parameters path KeyStore path ksPwd KeyStore password Returns Return byte array of the KeyStore loadKeyStoreFromByte public KeyStore loadKeyStoreFromByte byte keystorelnByte String kspwd To convert KeyStore from byte array to KeyStore type Parameters keystorelnByte the byte array of KeyStore array ksPwd KeyStore password Returns Return KeyStore converted from byte array PopAction java javax sving i Object Te
Download Pdf Manuals
Related Search