Project Abstract

<p> Several network systems are built to communicate with one another as well as<br>made available through service-oriented architectures. In this project, the client<br>server architecture is used to develop a chat application. Firstly a chat application<br>is created for both Client and Server which is based on Transmission Control<br>Protocol (TCP) where TCP is connection oriented protocol and is a reliable<br>connection protocol. As security is the key factor while communicating over a<br>network, so in this project, MySQL SSL protocol and hash function was used for<br>the Database based on a numbers of benefits. The hash values of the real password<br>and the random generated number (salt) is stored in the database. The original<br>password is not stored on the system, making cracking of password much harder.<br>7 <br></p>

Project Overview

<p> 1.1 INTRODUCTION<br>Several network systems are built to communicate with one another and are made<br>available through service-oriented architectures. In this project, we use the client<br>server architecture to develop a secured Client-Server chat application. A chat<br>application is created based on Transmission Control Protocol (TCP) where TCP is<br>connection oriented protocol and in the end, multithreading is used to develop the<br>application.<br>A client-server chat application consists of a Chat Client and a Chat Server and<br>there exists a two way communication between them. Here, Message Processor is<br>used to interpret message from the user, Message Interpreter is used to extract and<br>pass the received message. Message Maker is used to construct back the message<br>and Client Manager is used to maintain the clients list which the sender and<br>receiver at both sides use to interact with each other.<br>13<br>In general, the server process will start on some computer system; in fact, the<br>server should be executed before the client. Server usually initializes itself, and<br>then goes to wait state or sleep state where it will wait for a client request. After<br>that, a client process can start on either the same machine or on some other<br>machine. Whenever the client wants some service from the server, it will send a<br>request to the server and the server will accept the request and process it. After the<br>server has finished providing its service to the client, the server will again go back<br>to sleep, that is, waiting for the next client request to arrive. This process is<br>repeated as long as the server processes is running. Whenever such request comes,<br>the server can immediately serve the client and again go back to the waiting state<br>for the next request to arrive.<br>1.2 BACKGROUND OF THE STUDY<br>Client server model is the standard model which has been accepted by many for<br>developing network applications. In this model, there is a notion of client and<br>notion of server. As the name implies, a server is a process (or a computer in which<br>the process is running) that is offering some services to other entities which are<br>called clients. A client on the other hand is process (which is running) on the same<br>computer or other computer that is requesting the services provided by the server.<br>A chat application is basically a combination of two applications:<br>14<br>ï‚· Server application<br>ï‚· Client application<br>Server application runs on the server computer and client application runs on the<br>client computer (or the machine with server). In this chat application, a client can<br>send data to anyone who is connected to the server.<br>Java application programming interface (API) provides the classes for creating<br>sockets to facilitate program communications over the network. Sockets are the<br>endpoints of logical connections between two hosts and can be used to send and<br>receive data. Java treats socket communications much as it treat input and output<br>operations; thus programs can read from or write to sockets as easily as they can<br>read from or write to files.<br>To establish a server connection, a server socket needs to be created and attached<br>to a port, which is where the server listens for connections. The port recognizes the<br>Transmission Control Protocol service on the socket. For instance, the email server<br>runs on port 25, and the web server usually runs on port 80.<br>Server Execution: At server the side, a thread is created which receives numerous<br>clients’ requests. It also contains a list in which Client’s name and IP addresses are<br>stored. After that, it broadcast the list to all the users who are currently in chat<br>15<br>room and when a client logs out then server deletes that particular client from the<br>list, update the list and then broadcast the list to all available clients.<br>Client Execution: A client firstly must have to register itself by sending username<br>to the server and should have to start the thread so that system can get the list of all<br>available clients. Then any of two registered clients can communicate with each<br>other.<br>1.3 STATEMENT OF THE PROBLEM<br>The client-server communication model is used in a wide variety of software<br>applications. Where normally the server side is sufficiently protected and sealed<br>from public access, but client applications running on devices like notebooks and<br>desktops are considered insecure and exposed to security threats.<br>The main weakness of client-server chat application is that there is no security<br>provided to data which is transferred between clients. Any unauthorized client can<br>hack the client account and can change the data. This is the main objective of this<br>project (To develop a secured Client-Server Chat Application).<br>1.4 OBJECTIVES OF THE STUDY<br>The aim of this project is to develop a reliable and secure network programming<br>(Client-Server chat model) which can perform a multithreaded server client chat<br>16<br>application based on Java socket programming using Transport Control Protocol<br>(TCP). As security is the key factor while communicating over a network, hash<br>function with salt is used for the Database based on a number of benefits. MySQL<br>became the choice for the implementation of this application based on its<br>scalability and flexibility, high performance, high availability, strong data<br>protection, web and data warehouse strengths, management ease, lowest total cost<br>of ownership and open source freedom.<br>1.5 SIGNIFICANCE OF THE STUDY<br>Apart from just performing the regular client server chat, this client-server chat is<br>robust and significant in the following ways:<br>This project use MySQL for its database to make information in the database<br>secure. The personal details and messages including the private messages in the<br>Database are encrypted using encryptor (one of the security facilities available in<br>the MySQL).<br>This project implements hash function with the password before the encryption and<br>then stored in the Database. It also uses random generated numbers (salt) that is<br>calculated together with the passworded hash values and stored in the Database. As<br>a result, even if the database is compromised, the salt added to hash values makes<br>it harder to compute the original password. This random salt is used with the hash<br>function to significantly increase the strength of encrypting passwords and thus<br>17<br>makes cracking greatly impossible. This makes the chat application server reliable<br>and more secured.<br>Another significance of this application is private chatting. This is where two users<br>can chat in private. The messages between the users are not displayed / seen in the<br>general chat display text field. The messages are displayed only within the private<br>message display text field.<br>1.6 SCOPE OF THE STUDY<br>The project shall consider among other things the following issues:<br>1. To provide a better understanding of how network programming in java<br>works.<br>2. Develop a reliable network communication for a Client-Server chat<br>application.<br>3. Analyses of network programming in java (Multithreaded Client-Server<br>Chat applications) for better understanding of the solutions.<br>4. Conduct an experimental result in order to establish the parameter of the<br>problem. In conclusion, suggest ways the problems can be eliminated and<br>recommends how the problems can be prevented.<br>1.7 LIMITATIONS<br>18<br>The previous Client-Server Chat system implements only hash function with the<br>password before the encryption which is then stored in the Database. Thus, the<br>database can be compromised easily to compute the original password.<br>Some drawbacks of the Client-Server Chat are as follows:<br>ï‚· As the server receives as many requests from clients so there is a chance that<br>server can become congested and overloaded.<br>ï‚· In case of server fails then the users also suffers.<br>ï‚· A lost password is irrecoverable.<br>ï‚· Any unauthorized client can hack the client account and can change the data.<br>1.8 ORGANISATION OF THE WORK<br>In this project, a secure java chat application is considered which relies on the<br>client-server paradigm to exchange the information. It is divided into five chapters.<br>Chapter one is the introduction which consists of the background of study,<br>significance of the study, scope of the study, limitations of the study, organization<br>of the work and the definition of terms.<br>The second chapter focuses on the literature review of relevant scholar’s opinions<br>relevant to this study such as socket programming in java, overview of secure<br>socket layer, hash function e.t.c.<br>19<br>The third chapter gives details of the main methodology and system design to<br>implement the client-server chat application in java. First of all the application is<br>developed by using TCP then and in the end multithreading is used to develop the<br>application. At the end of chapter weaknesses (deadlocks) of multithreading is<br>discussed which can be removed by using synchronizing threads.<br>Chapter four is the implementation of the secured Java Client-Server Chat<br>Application: it test and analysis the implementation of the application.<br>Chapter five ends the project report. Firstly, a short summary highlights the main<br>points of the whole project. Next, a number of conclusions and recommendations<br>are given and lastly Appendix.<br>1.9 DEFINITION OF TERMS<br>Socket: Socket is a standard connection protocol that supports data communication<br>over the network between connected terminals. The standard connection supports<br>the data transmission both by the TCP and UDP protocols between the terminals.<br>TCP: TCP is a transport layer protocol used by applications that require<br>guaranteed delivery of data. Basically, it is a connection-oriented protocol. To<br>communicate over TCP one must first have to establish a connection between pair<br>of sockets, where one socket is client and the other belongs to server. After the<br>20<br>connection is established between them then they can communicate with each<br>other.<br>Client: A client is a system that accesses or desires for a service made accessible<br>by a server.<br>Server: A server is a system (hardware or software) program running to provide<br>the service requests of other system programs.<br>Port: Port is a software mechanism that allows the centralized connected Servers<br>to listen for requests made by clients. Port is actually purposed as a gateway to<br>listen for the requested parameters by the server terminals or other machines. It is a<br>software address on a system that is on the network. Entire request response<br>proceeding among this Application is carries through machine ports.<br>Network: This refers to a system were computers are linked to share software,<br>data, hardware and resources for the benefit of users.<br>Interface: This may be software or hardware that upon an agreed method spells<br>out the manner a system component can exchange information with another system<br>component.<br>Secure socket layer (SSL): This refers to Secure Sockets Layer protocol that is<br>used for encryption of data for secure data transmission.<br>21<br>IP: This refers to Internet Protocol; it is the reasonable network address of device<br>on a network. It is notational called dotted-decimal (for instance: 128.1.0.1).<br>Thread: A thread is a section of code which is executing independently of others<br>threads in a same program. Java has a class Thread which is defined in java.lang<br>package. Thread is the most powerful feature that JAVA supports from other<br>programming languages. <br></p>